wklejto.pl

Dodane przez: ~Anonim (2009-02-25 17:05) -> text
1.
2.
3.
4.
5.
6.
7.
8.
9.
10.
11.
12.
13.
14.
15.
16.
17.
18.
19.
20.
21.
22.
23.
24.
25.
26.
27.
28.
29.
30.
31.
32.
33.
34.
35.
36.
37.
38.
39.
40.
41.
42.
43.
44.
45.
46.
47.
48.
49.
50.
51.
52.
53.
54.
55.
56.
57.
58.
59.
60.
61.
62.
63.
64.
65.
66.
67.
68.
69.
70.
71.
72.
73.
74.
75.
76.
77.
78.
79.
80.
81.
82.
83.
84.
85.
86.
87.
88.
89.
90.
91.
92.
93.
94.
95.
96.
97.
98.
99.
100.
101.
102.
103.
104.
105.
106.
107.
108.
109.
110.
111.
112.
113.
114.
115.
116.
117.
118.
119.
120.
121.
122.
123.
124.
125.
126.
127.
128.
129.
130.
131.
132.
133.
134.
135.
136.
137.
138.
139.
140.
141.
142.
143.
144.
145.
146.
147.
148.
149.
150.
151.
152.
153.
154.
155.
156.
157.
158.
159.
160.
161.
162.
163.
164.
165.
166.
167.
168.
169.
170.
171.
172.
173.
174.
175.
176.
177.
178.
179.
180.
181.
182.
183.
184.
185.
186.
187.
188.
189.
190.
191.
192.
193.
194.
195.
196.
197.
198.
199.
200.
201.
202.
203.
204.
205.
206.
207.
208.
209.
210.
211.
212.
213.
214.
215.
216.
217.
218.
219.
220.
221.
222.
223.
224.
225.
226.
227.
228.
229.
230.
231.
232.
233.
234.
235.
236.
237.
238.
239.
240.
241.
242.
243.
244.
245.
246.
247.
248.
249.
250.
251.
252.
253.
254.
255.
256.
257.
258.
259.
260.
261.
262.
263.
264.
265.
266.
267.
268.
269.
270.
271.
272.
273.
274.
275.
276.
277.
278.
279.
280.
281.
282.
283.
284.
285.
286.
287.
288.
ComboFix 09-02-24.02 - MEET SAJLENT 2009-02-25 17:13:00.4 - NTFSx86
Microsoft Windows XP Professional  5.1.2600.3.1250.1.1045.18.2047.1404 [GMT 1:00]
Uruchomiony z: e:\\documents and settings\\MEET SAJLENT\\Pulpit\\ComboFix.exe
Użyto następujących komend :: e:\\documents and settings\\MEET SAJLENT\\Pulpit\\CFScript.txt
AV: Avira AntiVir PersonalEdition *On-access scanning enabled* (Updated)
AV: ESET Smart Security 3.0 *On-access scanning enabled* (Updated)
FW: Zapora osobista *enabled*
 * Utworzono nowy punkt przywracania
 * Resident AV is active
 
 
FILE ::
e:\\windows\\system32\\drivers\\db856c32.sys
.
 
(((((((((((((((((((((((((((((((((((((((   Usunięto   )))))))))))))))))))))))))))))))))))))))))))))))))
.
 
e:\\program files\\Common Files\\Symantec Shared
e:\\program files\\Common Files\\Symantec Shared\\NSSSetup\\{3FADAA19-E595-44CA-A072-58B6B0851768}_2_0_0\\ccL70U.dll
e:\\program files\\Common Files\\Symantec Shared\\NSSSetup\\{3FADAA19-E595-44CA-A072-58B6B0851768}_2_0_0\\instopts.dat
e:\\program files\\Common Files\\Symantec Shared\\NSSSetup\\{3FADAA19-E595-44CA-A072-58B6B0851768}_2_0_0\\NSSSetup.exe
e:\\program files\\Common Files\\Symantec Shared\\NSSSetup\\{3FADAA19-E595-44CA-A072-58B6B0851768}_2_0_0\\Setup.msi
e:\\program files\\Common Files\\Symantec Shared\\NSSSetup\\{3FADAA19-E595-44CA-A072-58B6B0851768}_2_0_0\\SymHTML.dll
e:\\program files\\Common Files\\Symantec Shared\\NSSSetup\\{3FADAA19-E595-44CA-A072-58B6B0851768}_2_0_0\\SymTheme.dll
 
.
(((((((((((((((((((((((((   Pliki utworzone od 2009-01-25 do 2009-02-25  )))))))))))))))))))))))))))))))
.
 
2009-02-25 09:25 . 2009-02-25 09:25     <DIR>   d--------       e:\\program files\\Norton Security Scan
2009-02-24 23:29 . 2009-02-24 23:29     <DIR>   d--------       e:\\program files\\CCleaner
2009-02-21 12:46 . 2009-02-21 12:46     24      --a------       e:\\windows\\ES_2_D1.prf
2009-02-21 12:46 . 2009-02-21 12:46     24      --a------       e:\\windows\\ES_1_D1.prf
2009-02-21 12:46 . 2009-02-21 12:46     24      --a------       e:\\windows\\AM_D0.PRF
2009-02-21 11:29 . 2009-02-21 11:29     24      --a------       e:\\windows\\AM_D8.PRF
2009-02-19 18:48 . 2009-02-19 18:48     4       --a------       e:\\windows\\system32\\proc-1037709799.bin
2009-02-11 05:06 . 2009-02-11 05:06     <DIR>   d--------       e:\\program files\\x264
2009-02-11 05:06 . 2009-02-11 05:06     550,418 --a------       e:\\windows\\system32\\x264vfw.dll
2009-02-06 01:23 . 2009-02-06 01:23     <DIR>   d--------       e:\\program files\\CSE Demoplayer
 
.
((((((((((((((((((((((((((((((((((((((((   Sekcja Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-02-25 16:14        ---------       d-----w e:\\program files\\cFosSpeed
2009-02-25 16:08        ---------       d-----w e:\\documents and settings\\MEET SAJLENT\\Dane aplikacji\\HLSW
2009-02-24 18:54        ---------       d-----w e:\\documents and settings\\MEET SAJLENT\\Dane aplikacji\\mIRC
2009-02-22 17:55        ---------       d-----w e:\\documents and settings\\MEET SAJLENT\\Dane aplikacji\\GanymedeNet
2009-02-14 22:53        ---------       d-----w e:\\program files\\Ganymede
2009-02-04 19:12        ---------       d-----w e:\\program files\\Valve
2009-01-27 16:43        ---------       d-----w e:\\documents and settings\\MEET SAJLENT\\Dane aplikacji\\PC Suite
2009-01-27 16:42        ---------       d-----w e:\\documents and settings\\All Users\\Dane aplikacji\\PC Suite
2009-01-10 16:49        410,984 ----a-w e:\\windows\\system32\\deploytk.dll
2009-01-10 16:49        ---------       d-----w e:\\program files\\Java
2008-12-27 19:51        ---------       d-----w e:\\program files\\Microsoft Games for Windows - LIVE
2008-12-27 19:29        ---------       d--h--r e:\\documents and settings\\MEET SAJLENT\\Dane aplikacji\\SecuROM
2008-12-27 19:02        ---------       d--h--w e:\\program files\\InstallShield Installation Information
2008-12-27 19:02        ---------       d-----w e:\\program files\\Rockstar Games
2008-12-27 17:45        ---------       d-----w e:\\program files\\MSBuild
2008-12-27 17:43        ---------       d-----w e:\\program files\\Reference Assemblies
2008-12-26 21:37        ---------       d-----w e:\\program files\\iTunes
2008-12-26 21:37        ---------       d-----w e:\\documents and settings\\MEET SAJLENT\\Dane aplikacji\\Apple Computer
2008-12-26 21:37        ---------       d-----w e:\\documents and settings\\All Users\\Dane aplikacji\\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2008-12-26 21:36        ---------       d-----w e:\\program files\\iPod
2008-12-26 21:36        ---------       d-----w e:\\program files\\Common Files\\Apple
2008-12-26 21:36        ---------       d-----w e:\\program files\\Bonjour
2008-12-26 21:36        ---------       d-----w e:\\program files\\Apple Software Update
2008-12-26 21:36        ---------       d-----w e:\\documents and settings\\All Users\\Dane aplikacji\\Apple Computer
2008-12-26 21:35        ---------       d-----w e:\\documents and settings\\All Users\\Dane aplikacji\\Apple
2008-12-25 00:06        ---------       d-----w e:\\program files\\Skoki Narciarskie 2005
2008-11-28 18:23        1,700,352       ----a-w e:\\windows\\system32\\gdiplus.dll
2008-08-10 17:15        22,328  ----a-w e:\\documents and settings\\MEET SAJLENT\\Dane aplikacji\\PnkBstrK.sys
2008-09-04 10:07        90,175  ----a-w e:\\program files\\mozilla firefox\\components\\flashgetXpi.dll
.
 
(((((((((((((((((((((((((((((((((((((   Wpisy startowe rejestru   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane  
REGEDIT4
 
[HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\URLSearchHooks]
\"{57BCA5FA-5DBB-45a2-B558-1755C3F6253B}\"= \"e:\\program files\\Winamp Toolbar\\winamptb.dll\" [2008-07-16 1266992]
 
[HKEY_CLASSES_ROOT\\clsid\\{57bca5fa-5dbb-45a2-b558-1755c3f6253b}]
[HKEY_CLASSES_ROOT\\WINAMPTB.AOLTBSearch.1]
[HKEY_CLASSES_ROOT\\TypeLib\\{538CD77C-BFDD-49b0-9562-77419CAB89D1}]
[HKEY_CLASSES_ROOT\\WINAMPTB.AOLTBSearch]
 
[HKEY_CURRENT_USER\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run]
\"Stefan\"=\"c:\\program files\\INTERIAPL\\Stefan\\Stefan.exe\" [2008-07-17 685568]
\"Steam\"=\"c:\\program files\\steam\\steam.exe\" [2008-12-23 1410296]
\"Octoshape Streaming Services\"=\"e:\\documents and settings\\MEET SAJLENT\\Ustawienia lokalne\\Dane aplikacji\\Octoshape\\Octoshape Streaming Services\\OctoshapeClient.exe\" [2008-05-22 156944]
\"ares\"=\"e:\\program files\\Ares\\Ares.exe\" [2008-02-20 963072]
 
[HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run]
\"StartCCC\"=\"e:\\program files\\ATI Technologies\\ATI.ACE\\Core-Static\\CLIStart.exe\" [2008-01-21 61440]
\"IntelliPoint\"=\"e:\\program files\\Microsoft IntelliPoint\\ipoint.exe\" [2006-06-16 568096]
\"!AVG Anti-Spyware\"=\"e:\\program files\\Grisoft\\AVG Anti-Spyware 7.5\\avgas.exe\" [2007-06-11 6731312]
\"MSConfig\"=\"e:\\windows\\pchealth\\helpctr\\Binaries\\MSCONFIG.EXE\" [2008-04-14 171520]
\"egui\"=\"e:\\program files\\ESET\\ESET Smart Security\\egui.exe\" [2007-11-23 1410304]
 
[HKEY_USERS\\.DEFAULT\\Software\\Microsoft\\Windows\\CurrentVersion\\Run]
\"CTFMON.EXE\"=\"e:\\windows\\system32\\CTFMON.EXE\" [2008-04-14 15360]
 
[HKEY_LOCAL_MACHINE\\software\\microsoft\\windows nt\\currentversion\\drivers32]
\"aux\"= ctwdm32.dll
\"VIDC.XFR1\"= xfcodec.dll
\"VIDC.ACDV\"= ACDV.dll
\"vidc.X264\"= x264vfw.dll
 
[HKLM\\~\\startupfolder\\e:^documents and settings^meet sajlent^menu start^programy^autostart^fifa 09 registration.lnk]
path=e:\\documents and settings\\MEET SAJLENT\\Menu Start\\Programy\\Autostart\\FIFA 09 Registration.lnk
backup=e:\\windows\\pss\\FIFA 09 Registration.lnkStartup
 
[HKEY_LOCAL_MACHINE\\software\\microsoft\\shared tools\\msconfig\\startupreg\\Adobe Reader Speed Launcher]
--a------ 2008-06-12 01:38 34672 e:\\program files\\Adobe\\Reader 9.0\\Reader\\reader_sl.exe
 
[HKEY_LOCAL_MACHINE\\software\\microsoft\\shared tools\\msconfig\\startupreg\\Ai Nap]
--a------ 2008-05-21 12:30 1423360 e:\\program files\\ASUS\\AI Suite\\AiNap\\AiNap.exe
 
[HKEY_LOCAL_MACHINE\\software\\microsoft\\shared tools\\msconfig\\startupreg\\ares]
--a------ 2008-02-20 15:33 963072 e:\\program files\\Ares\\Ares.exe
 
[HKEY_LOCAL_MACHINE\\software\\microsoft\\shared tools\\msconfig\\startupreg\\avgnt]
--a------ 2008-06-12 14:28 266497 e:\\program files\\Avira\\AntiVir PersonalEdition Classic\\avgnt.exe
 
[HKEY_LOCAL_MACHINE\\software\\microsoft\\shared tools\\msconfig\\startupreg\\cFosSpeed]
-ra------ 2008-07-03 17:04 867544 e:\\program files\\cFosSpeed\\cfosspeed.exe
 
[HKEY_LOCAL_MACHINE\\software\\microsoft\\shared tools\\msconfig\\startupreg\\Comrade.exe]
--a------ 2007-06-29 14:03 36864 e:\\program files\\GameSpy\\Comrade\\Comrade.exe
 
[HKEY_LOCAL_MACHINE\\software\\microsoft\\shared tools\\msconfig\\startupreg\\Cpu Level Up help]
--a------ 2007-11-30 19:03 881152 e:\\program files\\ASUS\\AI Suite\\CpuLevelUpHelp.exe
 
[HKEY_LOCAL_MACHINE\\software\\microsoft\\shared tools\\msconfig\\startupreg\\CTFMON.EXE]
--a------ 2008-04-14 22:51 15360 e:\\windows\\system32\\ctfmon.exe
 
[HKEY_LOCAL_MACHINE\\software\\microsoft\\shared tools\\msconfig\\startupreg\\DeviceDiscovery]
--a------ 2003-05-21 17:37 229437 e:\\program files\\Hewlett-Packard\\Digital Imaging\\bin\\hpotdd01.exe
 
[HKEY_LOCAL_MACHINE\\software\\microsoft\\shared tools\\msconfig\\startupreg\\egui]
--a------ 2007-11-23 21:51 1410304 e:\\program files\\ESET\\ESET Smart Security\\egui.exe
 
[HKEY_LOCAL_MACHINE\\software\\microsoft\\shared tools\\msconfig\\startupreg\\HP Component Manager]
--a------ 2003-10-23 18:51 233472 e:\\program files\\HP\\hpcoretech\\hpcmpmgr.exe
 
[HKEY_LOCAL_MACHINE\\software\\microsoft\\shared tools\\msconfig\\startupreg\\HP Software Update]
--a------ 2003-06-25 10:24 49152 e:\\program files\\Hewlett-Packard\\HP Software Update\\hpwuSchd.exe
 
[HKEY_LOCAL_MACHINE\\software\\microsoft\\shared tools\\msconfig\\startupreg\\HPDJ Taskbar Utility]
--a------ 2003-09-01 12:42 176128 e:\\windows\\system32\\spool\\drivers\\w32x86\\3\\hpztsb09.exe
 
[HKEY_LOCAL_MACHINE\\software\\microsoft\\shared tools\\msconfig\\startupreg\\IPLA!]
--a------ 2008-11-27 13:40 2680568 e:\\program files\\ipla\\ipla.exe
 
[HKEY_LOCAL_MACHINE\\software\\microsoft\\shared tools\\msconfig\\startupreg\\iTunesHelper]
--a------ 2008-11-20 13:20 290088 e:\\program files\\iTunes\\iTunesHelper.exe
 
[HKEY_LOCAL_MACHINE\\software\\microsoft\\shared tools\\msconfig\\startupreg\\MSMSGS]
--a------ 2008-04-14 22:51 1695232 e:\\program files\\Messenger\\msmsgs.exe
 
[HKEY_LOCAL_MACHINE\\software\\microsoft\\shared tools\\msconfig\\startupreg\\NeroCheck]
--a------ 2001-07-09 10:50 155648 e:\\windows\\system32\\NeroCheck.exe
 
[HKEY_LOCAL_MACHINE\\software\\microsoft\\shared tools\\msconfig\\startupreg\\Nokia.PCSync]
--a------ 2008-06-17 15:00 1249280 e:\\program files\\Nokia\\Nokia PC Suite 7\\PcSync2.exe
 
[HKEY_LOCAL_MACHINE\\software\\microsoft\\shared tools\\msconfig\\startupreg\\Orb]
--a------ 2008-04-01 02:54 507904 e:\\program files\\Winamp Remote\\bin\\OrbTray.exe
 
[HKEY_LOCAL_MACHINE\\software\\microsoft\\shared tools\\msconfig\\startupreg\\PC Suite Tray]
--a------ 2008-08-11 07:31 1124352 e:\\program files\\Nokia\\Nokia PC Suite 7\\PCSuite.exe
 
[HKEY_LOCAL_MACHINE\\software\\microsoft\\shared tools\\msconfig\\startupreg\\QFan Help]
--a------ 2008-05-06 01:01 594432 e:\\program files\\ASUS\\AI Suite\\QFan3\\QFanHelp.exe
 
[HKEY_LOCAL_MACHINE\\software\\microsoft\\shared tools\\msconfig\\startupreg\\RGSC]
--a------ 2008-12-27 18:48 306088 c:\\program files\\Rockstar Games\\Rockstar Games Social Club\\RGSCLauncher.exe
 
[HKEY_LOCAL_MACHINE\\software\\microsoft\\shared tools\\msconfig\\startupreg\\SunJavaUpdateSched]
--a------ 2009-01-10 17:49 136600 e:\\program files\\Java\\jre6\\bin\\jusched.exe
 
[HKEY_LOCAL_MACHINE\\software\\microsoft\\shared tools\\msconfig\\startupreg\\WinampAgent]
--a------ 2008-07-09 22:33 36352 c:\\program files\\Winamp\\winampa.exe
 
[HKLM\\~\\services\\sharedaccess\\parameters\\firewallpolicy\\standardprofile]
\"EnableFirewall\"= 0 (0x0)
 
[HKLM\\~\\services\\sharedaccess\\parameters\\firewallpolicy\\standardprofile\\AuthorizedApplications\\List]
\"%windir%\\\\system32\\\\sessmgr.exe\"=
\"e:\\\\Program Files\\\\Winamp Remote\\\\bin\\\\Orb.exe\"=
\"e:\\\\Program Files\\\\Winamp Remote\\\\bin\\\\OrbTray.exe\"=
\"e:\\\\Program Files\\\\Winamp Remote\\\\bin\\\\OrbStreamerClient.exe\"=
\"c:\\\\Program Files\\\\Xfire\\\\xfire.exe\"=
\"c:\\\\Program Files\\\\Steam\\\\steamapps\\\\sensitive1\\\\counter-strike\\\\hl.exe\"=
\"c:\\\\Program Files\\\\mIRC\\\\mirc.exe\"=
\"e:\\\\Program Files\\\\Mozilla Firefox\\\\firefox.exe\"=
\"e:\\\\Program Files\\\\Activision\\\\Call of Duty 4 - Modern Warfare\\\\iw3mp.exe\"=
\"e:\\\\WINDOWS\\\\system32\\\\PnkBstrA.exe\"=
\"e:\\\\WINDOWS\\\\system32\\\\PnkBstrB.exe\"=
\"e:\\\\Program Files\\\\uTorrent\\\\uTorrent.exe\"=
\"e:\\\\Program Files\\\\Ares\\\\Ares.exe\"=
\"e:\\\\Documents and Settings\\\\MEET SAJLENT\\\\Ustawienia lokalne\\\\Dane aplikacji\\\\Dyyno Receiver\\\\DPPM.exe\"=
\"e:\\\\Documents and Settings\\\\MEET SAJLENT\\\\Pulpit\\\\Nowy folder\\\\azereus.exe\"=
\"e:\\\\Program Files\\\\HLSW\\\\hlsw.exe\"=
\"c:\\\\Program Files\\\\Steam\\\\steam.exe\"=
\"nkp2.exe\"= nkp2.exe:BVDMSS
\"e:\\\\Program Files\\\\PPLive\\\\PPLive.exe\"=
\"e:\\\\Program Files\\\\iTunes\\\\iTunes.exe\"=
\"c:\\\\Program Files\\\\Rockstar Games\\\\Rockstar Games Social Club\\\\RGSCLauncher.exe\"=
\"%windir%\\\\Network Diagnostic\\\\xpnetdiag.exe\"=
\"e:\\\\Program Files\\\\Rockstar Games\\\\Grand Theft Auto IV\\\\LaunchGTAIV.exe\"=
\"c:\\\\Program Files\\\\Steam\\\\steamapps\\\\sajlent1337\\\\counter-strike\\\\hl.exe\"=
\"e:\\\\Program Files\\\\Bonjour\\\\mDNSResponder.exe\"=
 
R2 ekrn;Eset Service;e:\\program files\\ESET\\ESET Smart Security\\ekrn.exe [2007-11-23 455936]
.
Zawartość folderu \'Zaplanowane zadania\'
 
2009-02-13 e:\\windows\\Tasks\\AppleSoftwareUpdate.job
- e:\\program files\\Apple Software Update\\SoftwareUpdate.exe [2008-07-30 12:34]
 
2009-02-25 e:\\windows\\Tasks\\Norton Security Scan for MEET SAJLENT.job
- e:\\program files\\Norton Security Scan\\Nss.exe [2008-09-19 04:18]
.
.
------- Skan uzupełniający -------
.
uStart Page = hxxp://google.pl/
uInternet Settings,ProxyOverride = *.local
IE: &Winamp Search - e:\\documents and settings\\All Users\\Dane aplikacji\\Winamp Toolbar\\ieToolbar\\resources\\en-US\\local\\search.html
IE: E&ksport do programu Microsoft Excel - c:\\progra~1\\MICROS~1\\OFFICE11\\EXCEL.EXE/3000
IE: ĘąÓĂżěłµ(Flas&hGet)ĎÂÔŘ - e:\\program files\\FlashGet Network\\Flashget\\GetUrl.htm
IE: ĘąÓĂżěłµ(Flash&Get)ĎÂÔŘČ«˛żÁ´˝Ó - e:\\program files\\FlashGet Network\\Flashget\\GetAllUrl.htm
IE: ĘąÓĂżěłµ(FlashGet)ĎÂÔظĂÍřŇłFLV - e:\\program files\\FlashGet Network\\Flashget\\FlvDetector.htm
DPF: {68282C51-9459-467B-95BF-3C0E89627E55} - hxxp://www.mks.com.pl/skaner/SkanerOnline.cab
DPF: {EF0D1A14-1033-41A2-A589-240C01EDC078} - hxxp://dl.pplive.com/PluginSetup.cab
FF - ProfilePath - e:\\documents and settings\\MEET SAJLENT\\Dane aplikacji\\Mozilla\\Firefox\\Profiles\\t9gpoekg.default\\
FF - component: e:\\program files\\Mozilla Firefox\\components\\flashgetXpi.dll
FF - plugin: e:\\documents and settings\\MEET SAJLENT\\Dane aplikacji\\Mozilla\\plugins\\npoctoshape.dll
FF - plugin: e:\\documents and settings\\MEET SAJLENT\\Ustawienia lokalne\\Dane aplikacji\\Octoshape\\Octoshape Streaming Services\\octoprogram-L03-NMS0810164_SUA_900\\npoctoshape.dll
FF - plugin: e:\\program files\\Dyyno\\Dyyno Player\\npvlc.dll
FF - plugin: e:\\program files\\Mozilla Firefox\\plugins\\np-mswmp.dll
FF - plugin: e:\\program files\\Mozilla Firefox\\plugins\\NPCARDS.dll
FF - plugin: e:\\program files\\Mozilla Firefox\\plugins\\npganymedenet.dll
FF - plugin: e:\\program files\\Mozilla Firefox\\plugins\\NPMAKAOV2.dll
FF - plugin: e:\\program files\\Mozilla Firefox\\plugins\\NPSNOOKER.dll
.
 
**************************************************************************
 
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-02-25 17:14:12
Windows 5.1.2600 Dodatek Service Pack 3 NTFS
 
skanowanie ukrytych procesów ...  
 
skanowanie ukrytych wpisów autostartu ... 
 
skanowanie ukrytych plików ...  
 
skanowanie pomyślnie ukończone
ukryte pliki: 0
 
**************************************************************************
.
--------------------- ZABLOKOWANE KLUCZE REJESTRU ---------------------
 
[HKEY_USERS\\S-1-5-21-789336058-1580436667-725345543-1003\\Software\\SecuROM\\License information*]
\"datasecu\"=hex:8c,8f,2d,63,3a,06,49,16,e1,fa,54,f0,cd,0d,e3,f9,4f,b2,0e,7c,af,
   35,6b,0f,27,92,8c,5f,cb,78,59,3b,1d,4e,f9,a5,58,f7,bd,44,f4,b9,60,fe,ef,f4,\\
\"rkeysecu\"=hex:2f,0f,d5,3e,02,2b,06,63,b1,0b,dd,b6,71,e2,54,98
.
--------------------- Pliki DLL ładowane pod uruchomionymi procesami ---------------------
 
- - - - - - - > \'winlogon.exe\'(1120)
e:\\windows\\system32\\Ati2evxx.dll
.
Czas ukończenia: 2009-02-25 17:14:55
ComboFix-quarantined-files.txt  2009-02-25 16:14:53
ComboFix2.txt  2009-02-24 22:47:29
 
Przed: 99 915 427 840 bajtów wolnych
Po: 99,907,825,664 bajtów wolnych
 
232
Wygenerowano w 0.113s, przy pomocy GeSHi 1.0.8
'
Podziel się na Facebook Podziel się na BLIP Podziel się na Twitter Podziel się na Buzz Podziel się na Flaker Dodaj zakładkę Google Podziel się na Delicious Wykop to!

Nowy Komentarz:

Komentarze:

Brak Komentarzy!