wklejto.pl

Dodane przez: ~Aravras (2008-07-02 15:55) -> text
1.
2.
3.
4.
5.
6.
7.
8.
9.
10.
11.
12.
13.
14.
15.
16.
17.
18.
19.
20.
21.
22.
23.
24.
25.
26.
27.
28.
29.
30.
31.
32.
33.
34.
35.
36.
37.
38.
39.
40.
41.
42.
43.
44.
45.
46.
47.
48.
49.
50.
51.
52.
53.
54.
55.
56.
57.
58.
59.
60.
61.
62.
63.
64.
65.
66.
67.
68.
69.
70.
71.
72.
73.
74.
75.
76.
77.
78.
79.
80.
81.
82.
83.
84.
85.
86.
87.
88.
89.
90.
91.
92.
93.
94.
95.
96.
97.
98.
99.
100.
101.
102.
103.
104.
105.
106.
107.
108.
109.
110.
111.
112.
113.
114.
115.
116.
117.
118.
119.
120.
121.
122.
123.
124.
125.
126.
127.
128.
129.
130.
131.
132.
133.
134.
135.
136.
137.
138.
139.
140.
141.
142.
143.
144.
145.
146.
147.
148.
149.
150.
151.
152.
153.
154.
155.
156.
157.
158.
159.
160.
161.
162.
163.
164.
165.
166.
167.
168.
169.
170.
171.
172.
173.
174.
175.
176.
177.
178.
179.
180.
181.
182.
183.
184.
185.
186.
187.
188.
189.
190.
191.
192.
193.
194.
195.
196.
197.
198.
199.
200.
201.
202.
203.
204.
205.
206.
207.
208.
209.
210.
211.
212.
213.
214.
215.
216.
217.
218.
219.
220.
221.
222.
223.
224.
225.
226.
227.
228.
229.
230.
231.
232.
233.
234.
235.
236.
237.
238.
239.
240.
241.
242.
243.
244.
245.
246.
247.
248.
249.
250.
251.
252.
253.
254.
255.
256.
257.
258.
259.
260.
261.
262.
263.
264.
265.
266.
267.
268.
269.
270.
271.
272.
273.
274.
275.
276.
277.
278.
279.
280.
281.
282.
283.
284.
285.
286.
287.
288.
289.
290.
291.
292.
293.
ComboFix 08-07-01.3 - User 2008-07-02 15:56:05.2 - NTFSx86
Microsoft Windows XP Professional  5.1.2600.3.1250.1.1045.18.105 [GMT 2:00]
Running from: C:\\Documents and Settings\\User\\Pulpit\\Combo-Fix.exe
Command switches used :: C:\\Documents and Settings\\User\\Pulpit\\CFScript.txt
 * Created a new restore point
 
FILE ::
E:\\start.exe
F:\\Setup.exe
G:\\Setup.exe
.
 
(((((((((((((((((((((((((   Files Created from 2008-06-02 to 2008-07-02  )))))))))))))))))))))))))))))))
.
 
2008-07-02 13:31 . 2008-07-02 13:50     1,021   --a------       C:\\WINDOWS\\w9xabc.INI
2008-07-02 13:23 . 2008-07-02 13:50     1,168   --a------       C:\\WINDOWS\\savename.INI
2008-07-02 13:23 . 2008-07-02 13:23     142     --a------       C:\\WINDOWS\\savegame.INI
2008-07-02 12:22 . 2008-07-02 12:22     <DIR>   d--------       C:\\Program Files\\Trend Micro
2008-07-01 21:22 . 2008-07-01 21:22     <DIR>   d--------       C:\\Program Files\\Games-Masters.com
2008-06-30 15:08 . 2008-07-02 12:00     <DIR>   d--------       C:\\SoulFu
2008-06-29 21:25 . 2008-06-29 21:25     <DIR>   d--------       C:\\Program Files\\Emapa
2008-06-25 16:22 . 2008-06-25 16:22     <DIR>   d--------       C:\\Documents and Settings\\User\\Dane aplikacji\\Wildfire
2008-06-25 16:22 . 2008-06-25 16:22     4,096   --a------       C:\\WINDOWS\\d3dx.dat
2008-06-24 21:34 . 2008-06-24 21:34     <DIR>   d--------       C:\\WINDOWS\\Installing Adobe Acrobat Reader
2008-06-24 21:34 . 2008-06-29 20:36     <DIR>   d--------       C:\\Program Files\\Microsoft Games
2008-06-24 21:18 . 2008-06-24 21:18     <DIR>   d--------       C:\\Program Files\\Odkurzacz
2008-06-24 21:17 . 2008-06-25 15:06     <DIR>   d--------       C:\\Documents and Settings\\User\\Dane aplikacji\\Auslogics
2008-06-24 21:05 . 2008-06-24 21:05     <DIR>   d--------       C:\\Documents and Settings\\User\\Dane aplikacji\\CDBurnerXP_Soft
2008-06-24 20:40 . 2008-06-24 20:40     <DIR>   d--------       C:\\Program Files\\DAEMON Tools Lite
2008-06-24 20:21 . 2008-06-24 20:21     <DIR>   d--------       C:\\Program Files\\Auslogics
2008-06-24 19:58 . 2007-06-20 19:48     122,880 --a------       C:\\WINDOWS\\system32\\kftp.ocx
2008-06-24 19:58 . 2001-04-05 19:43     94,208  --a------       C:\\WINDOWS\\system32\\Msstkprp.dll
2008-06-24 19:46 . 2008-06-24 19:46     <DIR>   d--------       C:\\Program Files\\VS Revo Group
2008-06-24 19:44 . 2008-06-24 19:59     <DIR>   d--------       C:\\Program Files\\KC Softwares
2008-06-24 19:43 . 2008-06-24 19:43     <DIR>   d--------       C:\\Program Files\\CDBurnerXP
2008-06-24 19:41 . 2008-06-24 19:41     <DIR>   d--------       C:\\Program Files\\Foxit Software
2008-06-24 19:33 . 2008-06-24 19:33     <DIR>   d--------       C:\\Program Files\\K-Lite Codec Pack
2008-06-24 19:33 . 2007-09-04 18:56     164,352 --a------       C:\\WINDOWS\\system32\\unrar.dll
2008-06-24 19:09 . 2008-06-24 19:09     <DIR>   d--------       C:\\Program Files\\Jungo
2008-06-24 19:08 . 2008-06-29 20:58     <DIR>   d--------       C:\\Program Files\\Pointstone
2008-06-24 19:03 . 2008-06-24 19:03     <DIR>   d--------       C:\\Program Files\\Edgard
2008-06-23 09:35 . 2008-06-23 09:35     <DIR>   d--------       C:\\WINDOWS\\system32\\xircom
2008-06-23 09:35 . 2008-06-23 09:35     <DIR>   d--------       C:\\WINDOWS\\srchasst
2008-06-23 09:35 . 2008-06-23 09:35     <DIR>   d--------       C:\\WINDOWS\\msagent
2008-06-23 09:35 . 2008-06-23 09:35     <DIR>   d--------       C:\\Program Files\\microsoft frontpage
2008-06-23 09:10 . 2008-06-23 09:10     2,985   --a------       C:\\WINDOWS\\system32\\spupdsvc.inf
2008-06-23 09:07 . 2008-04-14 22:50     1,306,624       ---------       C:\\WINDOWS\\system32\\dllcache\\msxml6.dll
2008-06-23 09:07 . 2008-04-14 22:47     103,424 ---------       C:\\WINDOWS\\system32\\dllcache\\dpcdll.dll
2008-06-23 09:07 . 2008-04-14 21:52     89,600  ---------       C:\\WINDOWS\\system32\\dllcache\\msxml6r.dll
2008-06-23 09:07 . 2008-04-14 00:15     46,592  ---------       C:\\WINDOWS\\system32\\drivers\\irbus.sys
2008-06-23 09:07 . 2008-04-14 22:50     10,752  ---------       C:\\WINDOWS\\system32\\smtpapi.dll
2008-06-23 09:07 . 2008-04-14 22:50     9,728   ---------       C:\\WINDOWS\\system32\\rwnh.dll
2008-06-23 09:07 . 2008-04-14 00:13     9,728   ---------       C:\\WINDOWS\\system32\\comsdupd.exe
2008-06-23 09:01 . 2008-06-23 09:07     <DIR>   d--------       C:\\WINDOWS\\ServicePackFiles
2008-06-23 08:48 . 2008-06-23 09:07     <DIR>   d--------       C:\\WINDOWS\\EHome
2008-06-22 20:19 . 2008-04-14 00:15     10,368  --a------       C:\\WINDOWS\\system32\\drivers\\hidusb.sys
2008-06-22 20:17 . 2008-06-22 20:17     <DIR>   d--------       C:\\Program Files\\Logitech
2008-06-22 20:17 . 2005-04-12 19:09     159,744 --a------       C:\\WINDOWS\\system32\\WmJoyFrc.dll
2008-06-22 20:17 . 2005-04-12 19:21     45,504  --a------       C:\\WINDOWS\\system32\\drivers\\WmXlCore.sys
2008-06-22 20:17 . 2005-04-12 19:21     10,144  --a------       C:\\WINDOWS\\system32\\drivers\\WmBEnum.sys
2008-06-22 20:16 . 2008-06-22 20:17     <DIR>   d--------       C:\\Program Files\\Common Files\\Logitech
2008-06-22 20:05 . 1998-10-27 16:06     12,350  --a------       C:\\WINDOWS\\system32\\MEGAJOY.vxd
2008-06-22 19:33 . 2008-06-22 19:33     <DIR>   d--------       C:\\Documents and Settings\\All Users\\Dane aplikacji\\PC Drivers HeadQuarters
2008-06-21 14:56 . 2008-06-29 20:33     <DIR>   d--------       C:\\Documents and Settings\\User\\Dane aplikacji\\InstallShield
2008-06-21 14:56 . 2008-06-21 14:56     <DIR>   d--------       C:\\Documents and Settings\\All Users\\Dane aplikacji\\InstallShield
2008-06-21 14:56 . 2007-04-27 11:12     78,784  --a------       C:\\WINDOWS\\system32\\ISUSPM.cpl
2008-06-21 08:48 . 2008-06-21 08:48     <DIR>   d--------       C:\\Documents and Settings\\All Users\\Dane aplikacji\\NVIDIA
2008-06-21 08:36 . 2008-06-21 08:41     <DIR>   d--------       C:\\WINDOWS\\NV224240.TMP
2008-06-16 14:45 . 2008-06-16 14:45     <DIR>   d--------       C:\\Program Files\\KONAMI
2008-06-15 12:50 . 2008-06-15 12:56     <DIR>   d--------       C:\\Program Files\\Ascaron Entertainment
2008-06-14 20:52 . 2008-06-29 20:47     <DIR>   d--------       C:\\Program Files\\Croteam
2008-06-12 21:34 . 2004-12-05 19:38     102,400 --a------       C:\\WINDOWS\\system\\OpenAL32.dll
2008-06-12 12:43 . 2008-06-12 12:43     <DIR>   d--------       C:\\Program Files\\BitTorrent
2008-06-12 12:43 . 2008-07-01 21:56     <DIR>   d--------       C:\\Documents and Settings\\User\\Dane aplikacji\\BitTorrent
2008-06-07 11:17 . 2008-06-07 11:17     <DIR>   d--------       C:\\Program Files\\MetalKid
2008-06-04 15:54 . 2005-08-25 18:18     118,784 --a------       C:\\WINDOWS\\system32\\MSSTDFMT.DLL
2008-06-04 15:54 . 2005-08-25 18:19     115,920 --a------       C:\\WINDOWS\\system32\\MSINET.OCX
2008-06-04 15:34 . 2008-06-04 15:34     <DIR>   d--------       C:\\Program Files\\Spybot - Search & Destroy
2008-06-04 15:34 . 2008-06-04 21:04     <DIR>   d--------       C:\\Documents and Settings\\All Users\\Dane aplikacji\\Spybot - Search & Destroy
2008-06-03 17:57 . 2008-06-15 12:40     43,520  --a------       C:\\WINDOWS\\system32\\CmdLineExt03.dll
 
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-07-01 19:02        ---------       d-----w C:\\Program Files\\FlashGet
2008-06-29 19:19        ---------       d-----w C:\\Program Files\\foobar2000
2008-06-29 18:33        ---------       d--h--w C:\\Program Files\\InstallShield Installation Information
2008-06-28 20:03        ---------       d---a-w C:\\Documents and Settings\\All Users\\Dane aplikacji\\TEMP
2008-06-25 13:03        ---------       d-----w C:\\Program Files\\IrfanView
2008-06-25 13:03        ---------       d-----w C:\\Program Files\\eMule
2008-06-25 12:31        ---------       d-----w C:\\Program Files\\HP
2008-06-24 20:19        ---------       d-----w C:\\Documents and Settings\\User\\Dane aplikacji\\OpenOfficeT72
2008-06-24 19:16        ---------       d-----w C:\\Program Files\\AusLogics Disk Defrag
2008-06-24 19:09        ---------       d-----w C:\\Program Files\\Java
2008-06-24 18:56        ---------       d-----w C:\\Program Files\\Creative
2008-06-24 18:22        717,296 ----a-w C:\\WINDOWS\\system32\\drivers\\sptd.sys
2008-06-22 08:07        ---------       d-----w C:\\Program Files\\Dofus
2008-06-21 12:55        ---------       d-----w C:\\Program Files\\Common Files\\InstallShield
2008-06-04 13:11        ---------       d-----w C:\\Program Files\\Last.fm
2008-06-03 16:55        ---------       d-----w C:\\Documents and Settings\\User\\Dane aplikacji\\GetRightToGo
2008-05-31 10:43        ---------       d-----w C:\\Documents and Settings\\All Users\\Dane aplikacji\\Last.fm
2008-05-25 07:34        ---------       d-----w C:\\Documents and Settings\\User\\Dane aplikacji\\Tibia
2008-05-24 06:47        ---------       d-----w C:\\Program Files\\Common Files\\INCA Shared
2008-05-18 14:01        ---------       d-----w C:\\Documents and Settings\\User\\Dane aplikacji\\Nvu
2008-05-07 16:13        ---------       d-----w C:\\Program Files\\LucasArts
2008-05-07 16:09        ---------       d-----w C:\\Documents and Settings\\User\\Dane aplikacji\\DAEMON Tools
2008-04-14 21:16        1,804   ----a-w C:\\WINDOWS\\system32\\dcache.bin
2008-04-14 20:56        332,288 ----a-w C:\\WINDOWS\\system32\\netsetup.exe
2008-04-14 20:52        92,424  ----a-w C:\\WINDOWS\\system32\\rdpdd.dll
2008-04-14 20:52        87,176  ----a-w C:\\WINDOWS\\system32\\rdpwsx.dll
2008-04-14 20:52        299,520 ----a-w C:\\WINDOWS\\system32\\drmclien.dll
2008-04-14 20:52        12,168  ----a-w C:\\WINDOWS\\system32\\tsddd.dll
2008-04-14 20:50        999,936 ----a-w C:\\WINDOWS\\system32\\syssetup.dll
2008-04-14 20:49        98,304  ----a-w C:\\WINDOWS\\system32\\actxprxy.dll
2008-04-14 20:48        5,632   ----a-w C:\\WINDOWS\\system32\\wmi.dll
2008-04-14 20:48        1,449,472       ----a-w C:\\WINDOWS\\system32\\winntbbu.dll
2008-04-14 20:47        57,375  ----a-w C:\\WINDOWS\\system32\\odbcji32.dll
2008-04-14 20:47        103,424 ----a-w C:\\WINDOWS\\system32\\dpcdll.dll
2008-04-14 20:43        4,126   ----a-w C:\\WINDOWS\\system32\\msdxmlc.dll
2008-04-14 20:42        3,584   ----a-w C:\\WINDOWS\\system32\\msafd.dll
2008-04-14 20:36        3,584   ----a-w C:\\WINDOWS\\system32\\icmp.dll
2008-04-14 20:35        9,344   ----a-w C:\\WINDOWS\\system32\\framebuf.dll
2008-04-14 20:35        569,856 ----a-w C:\\WINDOWS\\system32\\gpedit.dll
2008-04-14 20:33        3,072   ----a-w C:\\WINDOWS\\system32\\dpnlobby.dll
2008-04-14 20:33        3,072   ----a-w C:\\WINDOWS\\system32\\dpnaddr.dll
2008-04-14 20:33        24,064  ----a-w C:\\WINDOWS\\system32\\pidgen.dll
2008-04-14 20:33        24,064  ------w C:\\WINDOWS\\system32\\dllcache\\pidgen.dll
2008-04-14 20:31        16,896  ----a-w C:\\WINDOWS\\system32\\cfgmgr32.dll
2008-04-14 20:30        285,696 ----a-w C:\\WINDOWS\\system32\\atmfd.dll
2008-04-14 20:00        2,190,336       ----a-w C:\\WINDOWS\\system32\\ntoskrnl.exe
2008-04-14 19:59        2,067,200       ----a-w C:\\WINDOWS\\system32\\ntkrnlpa.exe
2008-04-14 19:55        4,096   ----a-w C:\\WINDOWS\\system32\\dsprpres.dll
2008-04-14 19:52        89,600  ----a-w C:\\WINDOWS\\system32\\msxml6r.dll
2008-04-14 19:50        80,896  ------w C:\\WINDOWS\\system32\\msshavmsg.dll
2008-04-14 19:45        49,664  ----a-w C:\\WINDOWS\\system32\\inetres.dll
2008-04-14 19:43        563,200 ----a-w C:\\WINDOWS\\system32\\shdoclc.dll
2008-04-14 19:37        10,240  ----a-w C:\\WINDOWS\\system32\\gpkrsrc.dll
2008-04-14 19:35        67,584  ----a-w C:\\WINDOWS\\system32\\browselc.dll
2008-04-14 19:35        1,845,888       ----a-w C:\\WINDOWS\\system32\\win32k.sys
2008-04-13 22:15        17,664  ----a-w C:\\WINDOWS\\system32\\watchdog.sys
2008-04-13 22:13        12,800  ----a-w C:\\WINDOWS\\system32\\spiisupd.exe
2008-04-13 22:10        427,008 ----a-w C:\\WINDOWS\\system32\\xpob2res.dll
2008-04-13 22:08        2,953,216       ----a-w C:\\WINDOWS\\system32\\xpsp2res.dll
2008-04-13 22:05        194,560 ----a-w C:\\WINDOWS\\system32\\xpsp1res.dll
2008-04-13 22:01        7,424   ----a-w C:\\WINDOWS\\system32\\kd1394.dll
2008-04-13 22:00        61,440  ----a-w C:\\WINDOWS\\system32\\msvcrt40.dll
2008-04-13 21:07        208,384 ----a-w C:\\WINDOWS\\system32\\rsaenh.dll
2008-04-13 21:07        138,752 ----a-w C:\\WINDOWS\\system32\\dssenh.dll
2008-04-13 20:56        12,288  ----a-w C:\\WINDOWS\\system32\\odbcp32r.dll
2008-04-13 20:56        12,288  ----a-w C:\\WINDOWS\\system32\\mscpx32r.dll
2008-04-13 20:51        733,696 ----a-w C:\\WINDOWS\\system32\\qedwipes.dll
2008-04-13 20:18        1,647,616       ----a-w C:\\WINDOWS\\system32\\winbrand.dll
2008-04-13 20:15        216,064 ----a-w C:\\WINDOWS\\system32\\moricons.dll
2008-04-13 19:53        48,128  ----a-w C:\\WINDOWS\\system32\\msprivs.dll
2008-04-13 19:09        884,736 ----a-w C:\\WINDOWS\\system32\\msimsg.dll
2008-02-14 10:50        81,920  ----a-w C:\\Documents and Settings\\User\\Dane aplikacji\\ezpinst.exe
2008-02-14 10:50        47,360  ----a-w C:\\Documents and Settings\\User\\Dane aplikacji\\pcouffin.sys
.
 
------- Sigcheck -------
 
2007-06-27 16:14  824320  1a995365f0d222e436207f2ff0b844ba      C:\\WINDOWS\\$hf_mig$\\KB937143-IE7\\SP2QFE\\wininet.dll
2008-04-14 22:50  668672  0457f0afd6ee10445d8cf721fb5fa4eb      C:\\WINDOWS\\ServicePackFiles\\i386\\wininet.dll
2007-06-27 16:09  823808  6d866edd24ff7d48e6f1d72f9e5fea52      C:\\WINDOWS\\system32\\wininet.dll
2007-06-27 16:09  823808  6d866edd24ff7d48e6f1d72f9e5fea52      C:\\WINDOWS\\system32\\dllcache\\wininet.dll
.
(((((((((((((((((((((((((((((   snapshot@2008-07-02_15.21.59,99   )))))))))))))))))))))))))))))))))))))))))
.
- 2008-07-02 09:05:44   2,048   --s-a-w C:\\WINDOWS\\bootstat.dat
+ 2008-07-02 13:25:51   2,048   --s-a-w C:\\WINDOWS\\bootstat.dat
- 2008-07-02 09:10:17   70,038  ----a-w C:\\WINDOWS\\system32\\perfc009.dat
+ 2008-07-02 13:30:33   70,038  ----a-w C:\\WINDOWS\\system32\\perfc009.dat
- 2008-07-02 09:10:17   87,352  ----a-w C:\\WINDOWS\\system32\\perfc015.dat
+ 2008-07-02 13:30:33   87,352  ----a-w C:\\WINDOWS\\system32\\perfc015.dat
- 2008-07-02 09:10:17   439,114 ----a-w C:\\WINDOWS\\system32\\perfh009.dat
+ 2008-07-02 13:30:33   439,114 ----a-w C:\\WINDOWS\\system32\\perfh009.dat
- 2008-07-02 09:10:17   497,766 ----a-w C:\\WINDOWS\\system32\\perfh015.dat
+ 2008-07-02 13:30:33   497,766 ----a-w C:\\WINDOWS\\system32\\perfh015.dat
+ 2008-07-02 13:26:04   16,384  ----atw C:\\WINDOWS\\Temp\\Perflib_Perfdata_3a8.dat
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4
 
[HKEY_CURRENT_USER\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run]
\"CTFMON.EXE\"=\"C:\\WINDOWS\\system32\\ctfmon.exe\" [2008-04-14 22:51 15360]
 
[HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run]
\"avast!\"=\"C:\\PROGRA~1\\ALWILS~1\\Avast4\\ashDisp.exe\" [2008-05-16 01:19 79224]
\"NvMediaCenter\"=\"C:\\WINDOWS\\system32\\NvMcTray.dll\" [2006-10-22 12:22 86016]
\"NvCplDaemon\"=\"C:\\WINDOWS\\system32\\NvCpl.dll\" [2006-10-22 12:22 7700480]
\"nwiz\"=\"nwiz.exe\" [2006-10-22 12:22 1622016 C:\\WINDOWS\\system32\\nwiz.exe]
 
[HKEY_USERS\\.DEFAULT\\Software\\Microsoft\\Windows\\CurrentVersion\\Run]
\"CTFMON.EXE\"=\"C:\\WINDOWS\\system32\\CTFMON.EXE\" [2008-04-14 22:51 15360]
 
[HKEY_USERS\\.DEFAULT\\Software\\Microsoft\\Windows\\CurrentVersion\\RunOnce]
\"nltide_2\"=\"shell32\" [X]
 
[HKEY_LOCAL_MACHINE\\software\\microsoft\\windows\\currentversion\\policies\\system]
\"DisableCAD\"= 1 (0x1)
\"DisableStatusMessages\"= 1 (0x1)
 
[HKEY_LOCAL_MACHINE\\software\\microsoft\\windows\\currentversion\\policies\\explorer]
\"NoResolveSearch\"= 1 (0x1)
 
[HKEY_CURRENT_USER\\software\\microsoft\\windows\\currentversion\\policies\\explorer]
\"NoSMHelp\"= 1 (0x1)
\"NoSMMyPictures\"= 1 (0x1)
\"NoSMConfigurePrograms\"= 1 (0x1)
\"NoInstrumentation\"= 0 (0x0)
\"NoStartMenuMFUprogramsList\"= 1 (0x1)
\"NoResolveTrack\"= 1 (0x1)
\"NoResolveSearch\"= 1 (0x1)
\"HideRunAsVerb\"= 1 (0x1)
 
[HKEY_USERS\\.default\\software\\microsoft\\windows\\currentversion\\policies\\explorer]
\"NoSMHelp\"= 1 (0x1)
\"NoSMMyPictures\"= 1 (0x1)
\"NoSMConfigurePrograms\"= 1 (0x1)
\"NoInstrumentation\"= 1 (0x1)
\"NoStartMenuMFUprogramsList\"= 1 (0x1)
\"NoResolveTrack\"= 1 (0x1)
\"NoResolveSearch\"= 1 (0x1)
\"HideRunAsVerb\"= 1 (0x1)
 
[HKEY_LOCAL_MACHINE\\software\\microsoft\\security center]
\"AntiVirusDisableNotify\"=dword:00000001
 
[HKLM\\~\\services\\sharedaccess\\parameters\\firewallpolicy\\standardprofile]
\"EnableFirewall\"= 0 (0x0)
 
[HKLM\\~\\services\\sharedaccess\\parameters\\firewallpolicy\\standardprofile\\AuthorizedApplications\\List]
\"%windir%\\\\Network Diagnostic\\\\xpnetdiag.exe\"=
\"%windir%\\\\system32\\\\sessmgr.exe\"=
\"C:\\\\Program Files\\\\FlashGet\\\\flashget.exe\"=
\"C:\\\\Program Files\\\\WapSter\\\\AQQ\\\\AQQ.exe\"=
\"C:\\\\PROGRA~1\\\\WapSter\\\\AQQ\\\\AQQ.exe\"=
\"C:\\\\Program Files\\\\HP\\\\Digital Imaging\\\\bin\\\\hpqtra08.exe\"=
\"C:\\\\Program Files\\\\HP\\\\Digital Imaging\\\\bin\\\\hpqste08.exe\"=
\"C:\\\\Program Files\\\\HP\\\\Digital Imaging\\\\bin\\\\hpofxm08.exe\"=
\"C:\\\\Program Files\\\\HP\\\\Digital Imaging\\\\bin\\\\hposfx08.exe\"=
\"C:\\\\Program Files\\\\HP\\\\Digital Imaging\\\\bin\\\\hposid01.exe\"=
\"C:\\\\Program Files\\\\HP\\\\Digital Imaging\\\\bin\\\\hpqscnvw.exe\"=
\"C:\\\\Program Files\\\\HP\\\\Digital Imaging\\\\bin\\\\hpqkygrp.exe\"=
\"C:\\\\Program Files\\\\HP\\\\Digital Imaging\\\\bin\\\\hpqCopy.exe\"=
\"C:\\\\Program Files\\\\HP\\\\Digital Imaging\\\\bin\\\\hpfccopy.exe\"=
\"C:\\\\Program Files\\\\HP\\\\Digital Imaging\\\\bin\\\\hpzwiz01.exe\"=
\"C:\\\\Program Files\\\\HP\\\\Digital Imaging\\\\Unload\\\\HpqPhUnl.exe\"=
\"C:\\\\Program Files\\\\HP\\\\Digital Imaging\\\\Unload\\\\HpqDIA.exe\"=
\"C:\\\\Program Files\\\\HP\\\\Digital Imaging\\\\bin\\\\hpoews01.exe\"=
\"C:\\\\Program Files\\\\HP\\\\Digital Imaging\\\\bin\\\\hpqnrs08.exe\"=
\"C:\\\\Program Files\\\\eMule\\\\emule.exe\"=
\"C:\\\\Program Files\\\\BitTorrent\\\\bittorrent.exe\"=
 
R1 aswSP;avast! Self Protection;C:\\WINDOWS\\system32\\drivers\\aswSP.sys [2008-05-16 01:20]
R2 aswFsBlk;aswFsBlk;C:\\WINDOWS\\system32\\DRIVERS\\aswFsBlk.sys [2008-05-16 01:16]
R2 NMSAccessU;NMSAccessU;C:\\Program Files\\CDBurnerXP\\NMSAccessU.exe [2008-03-09 11:20]
R3 SiS7012;Service for AC\'97 Sample Driver (WDM);C:\\WINDOWS\\system32\\drivers\\sis7012.sys [2004-11-03 14:14]
S3 SER120;OTI Serial port driver;C:\\WINDOWS\\system32\\DRIVERS\\SER120.sys [2005-03-22 11:03]
S3 usbscan;Sterownik skanera USB;C:\\WINDOWS\\system32\\DRIVERS\\usbscan.sys [2008-04-14 00:15]
S3 USBSTOR;Sterownik magazynu masowego USB;C:\\WINDOWS\\system32\\DRIVERS\\USBSTOR.SYS [2008-04-14 00:15]
 
.
**************************************************************************
 
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-07-02 15:59:15
Windows 5.1.2600 Dodatek Service Pack 3 NTFS
 
scanning hidden processes ... 
 
scanning hidden autostart entries ...
 
scanning hidden files ... 
 
scan completed successfully
hidden files: 0
 
**************************************************************************
.
Completion time: 2008-07-02 16:02:27
ComboFix-quarantined-files.txt  2008-07-02 14:02:17
ComboFix2.txt  2008-07-02 13:22:31
 
Pre-Run: 18,176,065,536 bajtów wolnych
Post-Run: 18,162,147,328 bajtów wolnych
 
264
 
Wygenerowano w 0.118s, przy pomocy GeSHi 1.0.8
'
Podziel się na Facebook Podziel się na BLIP Podziel się na Twitter Podziel się na Buzz Podziel się na Flaker Dodaj zakładkę Google Podziel się na Delicious Wykop to!

Nowy Komentarz:

Komentarze:

Brak Komentarzy!