wklejto.pl

Dodane przez: ~manfred (2008-07-01 14:17) -> text
1.
2.
3.
4.
5.
6.
7.
8.
9.
10.
11.
12.
13.
14.
15.
16.
17.
18.
19.
20.
21.
22.
23.
24.
25.
26.
27.
28.
29.
30.
31.
32.
33.
34.
35.
36.
37.
38.
39.
40.
41.
42.
43.
44.
45.
46.
47.
48.
49.
50.
51.
52.
53.
54.
55.
56.
57.
58.
59.
60.
61.
62.
63.
64.
65.
66.
67.
68.
69.
70.
71.
72.
73.
74.
75.
76.
77.
78.
79.
80.
81.
82.
83.
84.
85.
86.
87.
88.
89.
90.
91.
92.
93.
94.
95.
96.
97.
98.
99.
100.
101.
102.
103.
104.
105.
106.
107.
108.
109.
110.
111.
112.
113.
114.
115.
116.
117.
118.
119.
120.
121.
122.
123.
124.
125.
126.
127.
128.
129.
130.
131.
132.
133.
134.
135.
136.
137.
138.
139.
140.
141.
142.
143.
144.
145.
146.
147.
148.
149.
150.
151.
152.
153.
154.
155.
156.
157.
158.
ComboFix 08-06-20.4 - Komputer 2008-07-01 14:16:35.6 - NTFSx86
Microsoft Windows XP Professional  5.1.2600.3.1250.1.1045.18.290 [GMT 2:00]
Running from: C:\\Documents and Settings\\Komputer\\Pulpit\\ComboFix.exe
 * Resident AV is active
 
 
[color=red][b]WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !![/b][/color]
.
 
(((((((((((((((((((((((((   Files Created from 2008-06-01 to 2008-07-01  )))))))))))))))))))))))))))))))
.
 
2008-07-01 11:17 . 2008-07-01 11:24     <DIR>   d--------       C:\\ComboFix(2)
2008-06-16 14:02 . 2008-06-16 14:02     0       --a------       C:\\Debug.QC6
2008-06-11 17:40 . 2008-06-14 19:36     273,024 -----c---       C:\\WINDOWS\\system32\\dllcache\\bthport.sys
2008-06-11 17:40 . 2008-05-08 16:02     203,136 -----c---       C:\\WINDOWS\\system32\\dllcache\\rmcast.sys
 
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-07-01 10:22        ---------       d-----w C:\\Program Files\\AutoConnect
2008-07-01 09:29        ---------       d-----w C:\\Program Files\\Photodex Presenter
2008-07-01 09:29        ---------       d-----w C:\\Documents and Settings\\All Users\\Dane aplikacji\\PicturesToExe
2008-06-30 10:23        ---------       d-----w C:\\Program Files\\eMule
2008-06-14 17:36        273,024 ------w C:\\WINDOWS\\system32\\drivers\\bthport.sys
2008-06-13 14:39        ---------       d-----w C:\\Program Files\\Opera
2008-06-02 05:29        ---------       d-----w C:\\Documents and Settings\\Komputer\\Dane aplikacji\\uTorrent
2008-05-31 17:34        ---------       d-----w C:\\Program Files\\Photodex
2008-05-25 06:42        ---------       d-----w C:\\Program Files\\IEPro
2008-05-24 05:25        ---------       d-----w C:\\Documents and Settings\\Komputer\\Dane aplikacji\\Netscape
2008-05-24 05:23        ---------       d-----w C:\\Documents and Settings\\Komputer\\Dane aplikacji\\Photodex
2008-05-08 14:02        203,136 ----a-w C:\\WINDOWS\\system32\\drivers\\rmcast.sys
2008-05-07 05:12        1,291,776       ----a-w C:\\WINDOWS\\system32\\quartz.dll
2008-04-23 07:20        826,368 ----a-w C:\\WINDOWS\\system32\\wininet.dll
2008-04-16 08:14        20,480  ----a-w C:\\WINDOWS\\system32\\ptevideo.dll
2008-04-14 20:51        11,264  ----a-w C:\\WINDOWS\\system32\\spnpinst.exe
2008-04-14 20:50        997,888 ----a-w C:\\WINDOWS\\system32\\setupapi.dll
2008-04-14 20:50        424,960 ----a-w C:\\WINDOWS\\system32\\licdll.dll
2008-04-14 17:46        1,804   ----a-w C:\\WINDOWS\\system32\\dcache.bin
2008-04-14 17:26        332,288 ----a-w C:\\WINDOWS\\system32\\netsetup.exe
2008-04-14 17:22        92,424  ----a-w C:\\WINDOWS\\system32\\rdpdd.dll
2008-04-14 17:22        87,176  ----a-w C:\\WINDOWS\\system32\\rdpwsx.dll
2008-04-14 17:22        12,168  ----a-w C:\\WINDOWS\\system32\\tsddd.dll
2008-04-14 17:20        999,936 ----a-w C:\\WINDOWS\\system32\\syssetup.dll
2008-04-14 17:19        98,304  ----a-w C:\\WINDOWS\\system32\\actxprxy.dll
2008-04-14 17:18        5,632   ----a-w C:\\WINDOWS\\system32\\wmi.dll
2008-04-14 17:18        24,064  ----a-w C:\\WINDOWS\\system32\\pidgen.dll
2008-04-14 17:18        1,449,472       ----a-w C:\\WINDOWS\\system32\\winntbbu.dll
2008-04-14 17:17        57,375  ----a-w C:\\WINDOWS\\system32\\odbcji32.dll
2008-04-14 17:13        4,126   ----a-w C:\\WINDOWS\\system32\\msdxmlc.dll
2008-04-14 17:12        3,584   ----a-w C:\\WINDOWS\\system32\\msafd.dll
2008-04-14 17:06        3,584   ----a-w C:\\WINDOWS\\system32\\icmp.dll
2008-04-14 17:05        9,344   ----a-w C:\\WINDOWS\\system32\\framebuf.dll
2008-04-14 17:05        569,856 ----a-w C:\\WINDOWS\\system32\\gpedit.dll
2008-04-14 17:03        3,072   ----a-w C:\\WINDOWS\\system32\\dpnlobby.dll
2008-04-14 17:03        3,072   ----a-w C:\\WINDOWS\\system32\\dpnaddr.dll
2008-04-14 17:01        16,896  ----a-w C:\\WINDOWS\\system32\\cfgmgr32.dll
2008-04-14 17:00        285,696 ----a-w C:\\WINDOWS\\system32\\atmfd.dll
2008-04-14 16:30        2,190,336       ----a-w C:\\WINDOWS\\system32\\ntoskrnl.exe
2008-04-14 16:29        2,067,200       ----a-w C:\\WINDOWS\\system32\\ntkrnlpa.exe
2008-04-14 16:25        4,096   ----a-w C:\\WINDOWS\\system32\\dsprpres.dll
2008-04-14 16:22        89,600  ------w C:\\WINDOWS\\system32\\msxml6r.dll
2008-04-14 16:20        80,896  ------w C:\\WINDOWS\\system32\\msshavmsg.dll
2008-04-14 16:15        49,664  ----a-w C:\\WINDOWS\\system32\\inetres.dll
2008-04-14 16:15        2,977,792       ----a-w C:\\WINDOWS\\system32\\wmploc.dll
2008-04-14 16:13        563,200 ----a-w C:\\WINDOWS\\system32\\shdoclc.dll
2008-04-14 16:09        190,976 ----a-w C:\\WINDOWS\\system32\\wmerror.dll
2008-04-14 16:07        10,240  ----a-w C:\\WINDOWS\\system32\\gpkrsrc.dll
2008-04-14 16:05        67,584  ----a-w C:\\WINDOWS\\system32\\browselc.dll
2008-04-14 16:05        1,845,888       ----a-w C:\\WINDOWS\\system32\\win32k.sys
2008-04-14 15:59        8,192   ----a-w C:\\WINDOWS\\system32\\asferror.dll
2008-04-13 18:44        17,664  ----a-w C:\\WINDOWS\\system32\\watchdog.sys
2008-04-13 18:43        9,728   ------w C:\\WINDOWS\\system32\\comsdupd.exe
2008-04-13 18:43        12,800  ----a-w C:\\WINDOWS\\system32\\spiisupd.exe
2008-04-13 18:40        427,008 ----a-w C:\\WINDOWS\\system32\\xpob2res.dll
2008-04-13 18:37        2,953,216       ----a-w C:\\WINDOWS\\system32\\xpsp2res.dll
2008-04-13 18:35        194,560 ----a-w C:\\WINDOWS\\system32\\xpsp1res.dll
2008-04-13 18:31        7,424   ----a-w C:\\WINDOWS\\system32\\kd1394.dll
2008-04-13 18:30        61,440  ----a-w C:\\WINDOWS\\system32\\msvcrt40.dll
2008-04-13 17:37        208,384 ----a-w C:\\WINDOWS\\system32\\rsaenh.dll
2008-04-13 17:37        138,752 ----a-w C:\\WINDOWS\\system32\\dssenh.dll
2008-04-13 17:26        12,288  ----a-w C:\\WINDOWS\\system32\\odbcp32r.dll
2008-04-13 17:26        12,288  ----a-w C:\\WINDOWS\\system32\\mscpx32r.dll
2008-04-13 17:21        733,696 ----a-w C:\\WINDOWS\\system32\\qedwipes.dll
2008-04-13 16:48        1,647,616       ----a-w C:\\WINDOWS\\system32\\winbrand.dll
2008-04-13 16:45        216,064 ----a-w C:\\WINDOWS\\system32\\moricons.dll
2008-04-13 16:23        48,128  ----a-w C:\\WINDOWS\\system32\\msprivs.dll
2008-04-13 15:39        884,736 ----a-w C:\\WINDOWS\\system32\\msimsg.dll
.
 
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4
 
[HKEY_CURRENT_USER\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run]
\"CTFMON.EXE\"=\"C:\\WINDOWS\\system32\\ctfmon.exe\" [2008-04-14 19:21 15360]
\"Gadu-Gadu\"=\"C:\\Program Files\\Gadu-Gadu\\gg.exe\" [2007-11-14 12:54 2131392]
\"AutoConnect\"=\"C:\\Program Files\\AutoConnect\\AutoConnect.exe\" [2006-12-03 01:14 310784]
\"SpybotSD TeaTimer\"=\"C:\\Program Files\\Spybot - Search & Destroy\\TeaTimer.exe\" [2008-01-28 12:43 2097488]
 
[HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run]
\"SoundMan\"=\"SOUNDMAN.EXE\" [2002-09-11 04:57 46592 C:\\WINDOWS\\SOUNDMAN.EXE]
\"egui\"=\"C:\\Program Files\\ESET\\ESET NOD32 Antivirus\\egui.exe\" [2007-11-23 22:51 1410304]
\"SunJavaUpdateSched\"=\"C:\\Program Files\\Java\\jre1.6.0_03\\bin\\jusched.exe\" [2007-09-25 02:11 132496]
\"GrooveMonitor\"=\"C:\\Program Files\\Microsoft Office\\Office12\\GrooveMonitor.exe\" [2006-10-27 01:47 31016]
\"SpeedTouch USB Diagnostics\"=\"C:\\Program Files\\Thomson\\SpeedTouch USB\\Dragdiag.exe\" [2004-01-26 12:38 866816]
\"WinampAgent\"=\"C:\\Program Files\\Winamp\\winampa.exe\" [2008-01-16 00:54 37376]
\"NeroFilterCheck\"=\"C:\\WINDOWS\\system32\\NeroCheck.exe\" [2001-07-09 12:50 155648]
 
[HKEY_USERS\\.DEFAULT\\Software\\Microsoft\\Windows\\CurrentVersion\\Run]
\"CTFMON.EXE\"=\"C:\\WINDOWS\\system32\\CTFMON.EXE\" [2008-04-14 19:21 15360]
 
[HKEY_LOCAL_MACHINE\\software\\microsoft\\windows nt\\currentversion\\drivers32]
\"msacm.l3fhg\"= mp3fhg.acm
\"msacm.divxa32\"= divxa32.acm
\"VIDC.YV12\"= yv12vfw.dll
\"vidc.ptev\"= ptevideo.dll
 
[HKLM\\~\\startupfolder\\C:^Documents and Settings^Komputer^Menu Start^Programy^Autostart^Tworzenie wycinków ekranu i uruchamianie programu OneNote 2007.lnk]
path=C:\\Documents and Settings\\Komputer\\Menu Start\\Programy\\Autostart\\Tworzenie wycinków ekranu i uruchamianie programu OneNote 2007.lnk
backup=C:\\WINDOWS\\pss\\Tworzenie wycinków ekranu i uruchamianie programu OneNote 2007.lnkStartup
 
[HKEY_LOCAL_MACHINE\\software\\microsoft\\security center]
\"AntiVirusDisableNotify\"=dword:00000001
\"UpdatesDisableNotify\"=dword:00000001
 
[HKLM\\~\\services\\sharedaccess\\parameters\\firewallpolicy\\standardprofile\\AuthorizedApplications\\List]
\"%windir%\\\\system32\\\\sessmgr.exe\"=
\"C:\\\\Program Files\\\\eMule\\\\emule.exe\"=
\"C:\\\\Program Files\\\\Gadu-Gadu\\\\gg.exe\"=
\"C:\\\\Program Files\\\\Microsoft Office\\\\Office12\\\\OUTLOOK.EXE\"=
\"C:\\\\Program Files\\\\Microsoft Office\\\\Office12\\\\GROOVE.EXE\"=
\"C:\\\\Program Files\\\\Microsoft Office\\\\Office12\\\\ONENOTE.EXE\"=
\"C:\\\\Program Files\\\\Bonjour\\\\mDNSResponder.exe\"=
\"C:\\\\Program Files\\\\uTorrent\\\\uTorrent.exe\"=
\"C:\\\\Program Files\\\\IEPro\\\\MiniDM.exe\"=
\"%windir%\\\\Network Diagnostic\\\\xpnetdiag.exe\"=
\"C:\\\\Program Files\\\\Opera\\\\Opera.exe\"=
 
R1 epfwtdir;epfwtdir;C:\\WINDOWS\\system32\\DRIVERS\\epfwtdir.sys [2007-11-23 22:52]
S2 P1C1394;Phase One 1394 Camera Driver;C:\\WINDOWS\\system32\\Drivers\\p1c1394.sys []
S3 s115bus;Sony Ericsson Device 115 driver (WDM);C:\\WINDOWS\\system32\\DRIVERS\\s115bus.sys [2007-04-23 15:54]
S3 s115mdfl;Sony Ericsson Device 115 USB WMC Modem Filter;C:\\WINDOWS\\system32\\DRIVERS\\s115mdfl.sys [2007-04-23 15:54]
S3 s115mdm;Sony Ericsson Device 115 USB WMC Modem Driver;C:\\WINDOWS\\system32\\DRIVERS\\s115mdm.sys [2007-04-23 15:54]
S3 s115mgmt;Sony Ericsson Device 115 USB WMC Device Management Drivers (WDM);C:\\WINDOWS\\system32\\DRIVERS\\s115mgmt.sys [2007-04-23 15:54]
S3 s115obex;Sony Ericsson Device 115 USB WMC OBEX Interface;C:\\WINDOWS\\system32\\DRIVERS\\s115obex.sys [2007-04-23 15:54]
S3 USBSTOR;Sterownik magazynu masowego USB;C:\\WINDOWS\\system32\\DRIVERS\\USBSTOR.SYS [2008-04-13 20:45]
 
[HKEY_CURRENT_USER\\software\\microsoft\\windows\\currentversion\\explorer\\mountpoints2\\{5a81e6a3-d3f2-11dc-bf6a-806d6172696f}]
\\Shell\\AutoRun\\command - E:\\setup.exe
 
[HKEY_CURRENT_USER\\software\\microsoft\\windows\\currentversion\\explorer\\mountpoints2\\{6385443e-3553-11dd-8b69-000e5024aeb7}]
\\Shell\\AutoRun\\command - G:\\LaunchU3.exe -a
 
.
 
Wygenerowano w 0.068s, przy pomocy GeSHi 1.0.8
'
Podziel się na Facebook Podziel się na BLIP Podziel się na Twitter Podziel się na Buzz Podziel się na Flaker Dodaj zakładkę Google Podziel się na Delicious Wykop to!

Nowy Komentarz:

Komentarze:

Brak Komentarzy!