Kod: 5062 WKLEJTO.PL Darmowa wklejka, na zawsze!

1. 2. 3. 4. 5. 6. 7. 8. 9. 10. 11. 12. 13. 14. 15. 16. 17. 18. 19. 20. 21. 22. 23. 24. 25. 26. 27. 28. 29. 30. 31. 32. 33. 34. 35. 36. 37. 38. 39. 40. 41. 42. 43. 44. 45. 46. 47. 48. 49. 50. 51. 52. 53. 54. 55. 56. 57. 58. 59. 60. 61. 62. 63. 64. 65. 66. 67. 68. 69. 70. 71. 72. 73. 74. 75. 76. 77. 78. 79. 80. 81. 82. 83. 84. 85. 86. 87. 88. 89. 90. 91. 92. 93. 94. 95. 96. 97. 98. 99. 100. 101. 102. 103. 104. 105. 106. 107. 108. 109. 110. 111. 112. 113. 114. 115. 116. 117. 118. 119. 120. 121. 122. 123. 124. 125. 126. 127. 128. 129. 130. 131. 132. 133. 134. 135. 136. 137. 138. 139. 140. 141. 142. 143. 144. 145. 146. 147. 148. 149. 150. 151. 152. 153. 154. 155. 156. 157. 158. 159. 160. 161. 162. 163. 164. 165. 166. 167. 168. 169. 170. 171. 172. 173. 174. 175. 176. 177. 178. 179. 180. 181. 182. 183. 184. 185. 186. 187. 188. 189. 190. 191. 192. 193. 194. 195. 196. 197. 198. 199. 200. 201. 202. 203. 204. 205. 206. 207. 208. 209. 210. 211. 212. 213. 214. 215. 216. 217. 218. 219. 220. 221. 222. 223. 224. 225. 226. 227. 228. 229. 230. 231. 232. 233. 234. 235. 236. 237. 238. 239. 240. 241. 242. 243. 244. 245. 246. 247. 248. 249. 250. 251. 252. 253. 254. 255. 256.

ComboFix 08-07-05.1 - fredi 2008-07-06 17:31:19.5 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1250.1.1045.18.275 [GMT 2:00] Running from: C:\\Documents and Settings\\fredi\\Pulpit\\ComboFix.exe * Created a new restore point [color=red][b]WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !![/b][/color] . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . C:\\WINDOWS\\system32\\amvo.exe C:\\WINDOWS\\system32\\amvo0.dll C:\\WINDOWS\\system32\\amvo1.dll . ((((((((((((((((((((((((( Files Created from 2008-06-06 to 2008-07-06 ))))))))))))))))))))))))))))))) . 2008-07-06 17:30 . 2008-07-06 17:30 <DIR> d-------- C:\\327882R2FWJFW 2008-07-06 15:45 . 2008-07-06 15:45 114,342 -r-hs---- C:\\[u]0[/u]0hoeav.com 2008-07-06 15:43 . 2008-07-03 17:59 114,611 -r-hs---- C:\\xmnm2.cmd 2008-07-06 14:48 . 2008-07-06 14:48 <DIR> d-------- C:\\WINDOWS\\system32\\Kaspersky Lab 2008-07-06 14:48 . 2008-07-06 14:48 <DIR> d-------- C:\\WINDOWS\\LastGood 2008-07-06 14:48 . 2008-07-06 14:48 <DIR> d-------- C:\\Documents and Settings\\All Users.WINDOWS\\Dane aplikacji\\Kaspersky Lab 2008-07-05 20:39 . 2008-07-05 20:39 <DIR> d-------- C:\\Program Files\\OpenOffice.org 2.0.3 2008-07-05 20:36 . 2008-07-05 20:36 <DIR> d-------- C:\\Program Files\\Google 2008-07-04 16:28 . 2008-07-04 16:28 <DIR> d-------- C:\\Program Files\\Common Files\\Macrovision Shared 2008-07-04 16:24 . 2008-07-04 16:25 <DIR> d-------- C:\\temp 2008-07-04 16:24 . 2008-07-04 16:25 <DIR> d-------- C:\\Program Files\\Atheros 2008-07-04 16:24 . 2006-12-05 17:36 529,344 --a------ C:\\WINDOWS\\system32\\drivers\\ar5211.sys 2008-07-04 16:24 . 2006-12-05 17:36 529,344 --a------ C:\\WINDOWS\\system32\\ar5211.sys 2008-07-04 16:24 . 2006-10-17 01:34 43,566 --a------ C:\\WINDOWS\\system32\\net5211.inf 2008-07-04 16:24 . 2007-01-19 03:58 18,220 --a------ C:\\WINDOWS\\system32\\net5211.cat 2008-07-04 16:24 . 2008-07-04 16:23 621 --a------ C:\\WINDOWS\\system32\\drivers\\AW1012d.ini 2008-07-04 15:01 . 2008-07-04 20:06 <DIR> d-------- C:\\Program Files\\Bonjour 2008-07-04 13:29 . 2007-06-21 07:01 545 --a------ C:\\WINDOWS\\UC.PIF 2008-07-04 13:29 . 2007-06-21 07:01 545 --a------ C:\\WINDOWS\\RAR.PIF 2008-07-04 13:29 . 2007-06-21 07:01 545 --a------ C:\\WINDOWS\\PKZIP.PIF 2008-07-04 13:29 . 2007-06-21 07:01 545 --a------ C:\\WINDOWS\\PKUNZIP.PIF 2008-07-04 13:29 . 2007-06-21 07:01 545 --a------ C:\\WINDOWS\\NOCLOSE.PIF 2008-07-04 13:29 . 2007-06-21 07:01 545 --a------ C:\\WINDOWS\\LHA.PIF 2008-07-04 13:29 . 2007-06-21 07:01 545 --a------ C:\\WINDOWS\\ARJ.PIF 2008-07-04 13:29 . 2008-07-04 13:29 90 --a------ C:\\WINDOWS\\wincmd.ini 2008-07-04 13:16 . 2008-07-04 13:19 <DIR> d-------- C:\\Program Files\\Winamp 2008-07-04 11:31 . 2008-07-05 23:41 <DIR> d-------- C:\\Program Files\\Mozilla Thunderbird 2008-07-04 11:31 . 2008-07-04 11:31 <DIR> d-------- C:\\Documents and Settings\\fredi\\Dane aplikacji\\Thunderbird 2008-07-04 10:16 . 2008-07-04 10:16 <DIR> d-------- C:\\Documents and Settings\\fredi\\Dane aplikacji\\Gadu-Gadu 2008-07-04 10:15 . 2008-07-04 10:16 <DIR> d-------- C:\\Documents and Settings\\fredi\\Gadu-Gadu 2008-07-04 03:21 . 2008-07-04 03:21 <DIR> d-------- C:\\Documents and Settings\\fredi\\Dane aplikacji\\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 2008-07-04 03:19 . 2008-07-04 03:19 <DIR> d-------- C:\\Program Files\\Common Files\\Adobe AIR 2008-07-04 03:18 . 2008-07-04 20:06 <DIR> d-------- C:\\Program Files\\Common Files\\Adobe 2008-07-04 03:11 . 2008-07-04 03:16 <DIR> d-------- C:\\Documents and Settings\\fredi\\Dane aplikacji\\Cream Software 2008-07-04 01:27 . 2008-07-04 01:27 <DIR> d-------- C:\\Program Files\\Synaptics 2008-07-04 01:27 . 2008-07-04 01:26 193,088 --a------ C:\\WINDOWS\\system32\\drivers\\SynTP.sys 2008-07-04 01:27 . 2008-07-04 01:26 114,688 --a------ C:\\WINDOWS\\system32\\SynCtrl.dll 2008-07-04 01:27 . 2008-07-04 01:26 94,297 --a------ C:\\WINDOWS\\system32\\SynTPAPI.dll 2008-07-04 01:27 . 2008-07-04 01:26 82,012 --a------ C:\\WINDOWS\\system32\\SynCOM.dll 2008-07-04 01:27 . 2008-07-04 01:26 81,920 --a------ C:\\WINDOWS\\system32\\SynTPCo2.dll 2008-07-04 01:27 . 2008-07-04 01:26 69,721 --a------ C:\\WINDOWS\\system32\\SynTPFcs.dll 2008-07-04 01:13 . 2008-07-04 01:13 <DIR> d-------- C:\\Program Files\\Toshiba 2008-07-04 00:45 . 2008-07-04 00:45 <DIR> d-------- C:\\Program Files\\Wireless Console 2 2008-07-04 00:23 . 2008-07-04 00:23 <DIR> d-------- C:\\WINDOWS\\ATK0100 2008-07-03 23:52 . 2008-07-03 23:52 <DIR> d-------- C:\\Documents and Settings\\fredi\\Dane aplikacji\\ATI 2008-07-03 23:52 . 2008-07-03 23:52 <DIR> d-------- C:\\Documents and Settings\\All Users.WINDOWS\\Dane aplikacji\\ATI 2008-07-03 23:40 . 2008-07-03 23:48 <DIR> d-------- C:\\Program Files\\ATI Technologies 2008-07-03 23:25 . 2008-07-03 23:25 0 --a------ C:\\WINDOWS\\system32\\drivers\\1043_ASUSTeK_X51R.alu 2008-07-03 23:15 . 2008-07-03 23:15 <DIR> d-------- C:\\Program Files\\ASUS 2008-07-03 22:51 . 2008-07-03 22:51 <DIR> d-------- C:\\Documents and Settings\\fredi\\Dane aplikacji\\InstallShield 2008-07-03 22:51 . 2008-07-03 22:51 85,120 --a------ C:\\WINDOWS\\system32\\drivers\\Rtnicxp.sys 2008-07-03 22:41 . 2008-07-03 22:42 <DIR> d-------- C:\\Documents and Settings\\fredi\\Dane aplikacji\\GetRightToGo 2008-07-03 22:33 . 2008-07-03 22:33 <DIR> d-------- C:\\Program Files\\Motorola 2008-07-03 22:30 . 2008-07-03 22:30 <DIR> d-------- C:\\WINDOWS\\system32\\Lang 2008-07-03 22:30 . 2008-07-03 22:30 940,794 --a------ C:\\WINDOWS\\system32\\LoopyMusic.wav 2008-07-03 22:30 . 2008-07-03 22:30 146,650 --a------ C:\\WINDOWS\\system32\\BuzzingBee.wav 2008-07-03 22:26 . 2008-07-03 22:27 <DIR> d-------- C:\\WINDOWS\\system32\\RTCOM 2008-07-03 22:26 . 2008-07-03 22:51 <DIR> d-------- C:\\Program Files\\Realtek 2008-07-03 22:12 . 2008-07-03 22:12 <DIR> d-------- C:\\Documents and Settings\\fredi\\Dane aplikacji\\Media Player Classic 2008-07-03 22:11 . 2008-07-03 22:11 0 --a------ C:\\WINDOWS\\qfe1D9.tmp 2008-07-03 22:09 . 2008-07-03 22:09 0 --a------ C:\\WINDOWS\\qfe1D8.tmp 2008-07-03 22:09 . 2008-07-03 22:09 0 --a------ C:\\WINDOWS\\qfe1D7.tmp 2008-07-03 22:09 . 2008-07-03 22:09 0 --a------ C:\\WINDOWS\\qfe1D6.tmp 2008-07-03 22:09 . 2008-07-03 22:09 0 --a------ C:\\WINDOWS\\qfe1D5.tmp 2008-07-03 21:52 . 2008-07-06 16:03 <DIR> d-------- C:\\Documents and Settings\\fredi\\Dane aplikacji\\skypePM 2008-07-03 21:52 . 2008-07-03 21:52 32 --a------ C:\\Documents and Settings\\All Users.WINDOWS\\Dane aplikacji\\ezsid.dat 2008-07-03 21:50 . 2008-07-03 21:50 <DIR> d-------- C:\\Program Files\\Skype 2008-07-03 21:50 . 2008-07-03 21:50 <DIR> d-------- C:\\Program Files\\Common Files\\Skype 2008-07-03 21:50 . 2008-07-06 17:34 <DIR> d-------- C:\\Documents and Settings\\fredi\\Dane aplikacji\\Skype 2008-07-03 21:50 . 2008-07-03 21:50 <DIR> d-------- C:\\Documents and Settings\\All Users.WINDOWS\\Dane aplikacji\\Skype 2008-07-03 19:38 . 2004-11-18 10:42 22,752 --a------ C:\\WINDOWS\\system32\\spupdsvc.exe 2008-07-03 19:22 . 2008-07-03 19:22 <DIR> d-------- C:\\Program Files\\DirectShow Pack 2008-07-03 18:06 . 2008-07-03 18:06 <DIR> d-------- C:\\WINDOWS\\OPTIONS 2008-07-03 18:06 . 2008-07-04 16:24 <DIR> d--h----- C:\\Program Files\\InstallShield Installation Information 2008-07-03 18:06 . 2008-07-03 22:26 <DIR> d-------- C:\\Program Files\\Common Files\\InstallShield 2008-07-03 13:22 . 2004-08-03 23:08 26,496 --a--c--- C:\\WINDOWS\\system32\\dllcache\\usbstor.sys 2008-07-03 13:11 . 2008-07-03 13:11 0 --a------ C:\\WINDOWS\\nsreg.dat 2008-07-03 13:06 . 2008-07-03 19:26 906 --a------ C:\\WINDOWS\\VPlayer.INI 2008-07-03 13:06 . 2008-07-03 19:26 45 --a------ C:\\WINDOWS\\VplayerINI.vpl 2008-07-03 12:41 . 2008-07-06 17:34 6,785,056 --ahs---- C:\\WINDOWS\\system32\\drivers\\fidbox.dat 2008-07-03 12:41 . 2008-07-06 14:31 75,824 --ahs---- C:\\WINDOWS\\system32\\drivers\\fidbox.idx 2008-07-03 12:39 . 2008-07-03 12:39 <DIR> d-------- C:\\Program Files\\ZoneAlarmSB 2008-07-03 12:38 . 2008-07-03 12:38 <DIR> d-------- C:\\Documents and Settings\\All Users.WINDOWS\\Dane aplikacji\\MailFrontier 2008-07-03 12:37 . 2008-07-06 17:32 <DIR> d-------- C:\\WINDOWS\\Internet Logs 2008-07-03 12:36 . 2008-07-03 12:36 <DIR> d-------- C:\\Documents and Settings\\fredi\\Dane aplikacji\\Bitdefender 2008-07-03 12:33 . 2008-07-03 12:33 <DIR> d-------- C:\\Program Files\\Softwin 2008-07-03 12:33 . 2008-07-03 12:33 <DIR> d-------- C:\\Documents and Settings\\All Users.WINDOWS\\Dane aplikacji\\BitDefender 2008-07-03 12:32 . 2008-07-03 12:33 <DIR> d-------- C:\\Program Files\\Common Files\\Softwin 2008-07-03 00:39 . 2008-07-04 15:30 <DIR> d--h----- C:\\Documents and Settings\\fredi\\Ustawienia lokalne 2008-07-03 00:39 . 2008-07-03 00:39 <DIR> dr------- C:\\Documents and Settings\\fredi\\Ulubione 2008-07-03 00:39 . 2008-07-04 20:08 <DIR> d--h----- C:\\Documents and Settings\\fredi\\Szablony 2008-07-03 00:39 . 2008-07-06 17:30 <DIR> d-------- C:\\Documents and Settings\\fredi\\Pulpit 2008-07-03 00:39 . 2008-07-05 20:37 <DIR> dr------- C:\\Documents and Settings\\fredi\\Moje dokumenty 2008-07-03 00:39 . 2008-07-04 10:15 <DIR> dr------- C:\\Documents and Settings\\fredi\\Menu Start 2008-07-03 00:39 . 2008-07-04 11:31 <DIR> dr-h----- C:\\Documents and Settings\\fredi\\Dane aplikacji 2008-07-03 00:39 . 2008-07-05 01:29 <DIR> d-------- C:\\Documents and Settings\\fredi 2008-07-03 00:23 . 2008-07-03 00:23 <DIR> d---s---- C:\\WINDOWS\\system32\\Microsoft 2008-07-03 00:23 . 2008-07-06 17:33 <DIR> d--h----- C:\\Documents and Settings\\LocalService\\Ustawienia lokalne 2008-07-03 00:23 . 2008-07-03 00:23 <DIR> d-------- C:\\Documents and Settings\\LocalService\\Dane aplikacji 2008-07-03 00:23 . 2008-07-03 00:23 <DIR> d--hs---- C:\\Documents and Settings\\LocalService 2008-07-03 00:07 . 2008-07-06 17:33 <DIR> d--h----- C:\\Documents and Settings\\NetworkService\\Ustawienia lokalne 2008-07-03 00:07 . 2008-07-03 00:07 <DIR> d-------- C:\\Documents and Settings\\NetworkService\\Dane aplikacji 2008-07-03 00:07 . 2008-07-03 00:07 <DIR> d--hs---- C:\\Documents and Settings\\NetworkService 2008-07-03 00:07 . 2008-07-03 00:07 8,192 --a------ C:\\WINDOWS\\REGLOCS.OLD 2008-07-03 00:05 . 2001-07-22 00:23 1,875,968 --a--c--- C:\\WINDOWS\\system32\\dllcache\\msir3jp.lex 2008-07-03 00:04 . 2001-10-26 19:28 13,463,552 --a--c--- C:\\WINDOWS\\system32\\dllcache\\hwxjpn.dll 2008-07-03 00:03 . 2004-08-04 01:44 2,134,528 --a--c--- C:\\WINDOWS\\system32\\dllcache\\smtpsnap.dll 2008-07-03 00:02 . 2008-07-04 13:19 316,640 --a------ C:\\WINDOWS\\WMSysPr9.prx 2008-07-03 00:02 . 2008-07-03 00:02 23,392 --a------ C:\\WINDOWS\\system32\\nscompat.tlb 2008-07-03 00:02 . 2008-07-03 00:02 16,832 --a------ C:\\WINDOWS\\system32\\amcompat.tlb 2008-07-03 00:02 . 2008-07-03 00:02 2,596 --a------ C:\\WINDOWS\\system32\\CONFIG.NT 2008-07-03 00:02 . 2008-07-03 00:02 0 --a------ C:\\WINDOWS\\control.ini 2008-07-03 00:01 . 2008-07-04 13:18 <DIR> d--hs---- C:\\Documents and Settings\\All Users.WINDOWS\\DRM 2008-07-03 00:01 . 2001-07-22 04:53 4,399,505 --a--c--- C:\\WINDOWS\\system32\\dllcache\\nls302en.lex 2008-07-03 00:01 . 2008-07-03 00:01 749 -rah----- C:\\WINDOWS\\WindowsShell.Manifest 2008-07-03 00:01 . 2008-07-03 00:01 749 -rah----- C:\\WINDOWS\\system32\\wuaucpl.cpl.manifest 2008-07-03 00:01 . 2008-07-03 00:01 749 -rah----- C:\\WINDOWS\\system32\\sapi.cpl.manifest 2008-07-03 00:01 . 2008-07-03 00:01 749 -rah----- C:\\WINDOWS\\system32\\nwc.cpl.manifest 2008-07-03 00:01 . 2008-07-03 00:01 749 -rah----- C:\\WINDOWS\\system32\\ncpa.cpl.manifest 2008-07-03 00:01 . 2008-07-03 00:01 749 -rah----- C:\\WINDOWS\\system32\\cdplayer.exe.manifest 2008-07-03 00:01 . 2008-07-03 00:01 488 -rah----- C:\\WINDOWS\\system32\\WindowsLogon.manifest 2008-07-03 00:01 . 2008-07-03 00:01 488 -rah----- C:\\WINDOWS\\system32\\logonui.exe.manifest . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-07-03 22:22 5,632 ----a-w C:\\WINDOWS\\system32\\drivers\\ATKACPI.sys 2008-07-03 20:33 980,608 ----a-w C:\\WINDOWS\\system32\\drivers\\smserial.sys 2008-07-03 20:26 9,709,568 ----a-w C:\\WINDOWS\\RTLCPL.exe 2008-07-03 20:26 86,016 ----a-w C:\\WINDOWS\\SoundMan.exe 2008-07-03 20:26 69,632 ----a-w C:\\WINDOWS\\Alcmtr.exe 2008-07-03 20:26 499,712 ----a-w C:\\WINDOWS\\RtlExUpd.dll 2008-07-03 20:26 4,394,496 ----a-w C:\\WINDOWS\\system32\\drivers\\RtkHDAud.Sys 2008-07-03 20:26 2,879,488 ----a-w C:\\WINDOWS\\SkyTel.exe 2008-07-03 20:26 2,808,832 ----a-w C:\\WINDOWS\\alcwzrd.exe 2008-07-03 20:26 2,157,568 ----a-w C:\\WINDOWS\\MicCal.exe 2008-07-03 20:26 16,269,312 ----a-w C:\\WINDOWS\\RTHDCPL.exe 2008-07-03 20:26 1,183,744 ----a-w C:\\WINDOWS\\RtlUpd.exe 2008-07-02 21:34 --------- d-----w C:\\Program Files\\microsoft frontpage 2008-07-02 21:32 --------- d-----w C:\\Program Files\\Usługi online . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_LOCAL_MACHINE\\~\\Browser Helper Objects\\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] 2008-06-11 22:33 75128 --a------ C:\\Program Files\\Common Files\\Adobe\\Acrobat\\ActiveX\\AcroIEHelperShim.dll [HKEY_CURRENT_USER\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run] \"CTFMON.EXE\"=\"C:\\WINDOWS\\system32\\ctfmon.exe\" [2004-08-04 01:44 15360] \"Skype\"=\"C:\\Program Files\\Skype\\Phone\\Skype.exe\" [2007-11-16 12:39 21760296] \"Gadu-Gadu\"=\"D:\\Gadu-Gadu\\gg.exe\" [2008-03-20 12:04 2127296] [HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run] \"BDMCon\"=\"C:\\Program Files\\Softwin\\BitDefender10\\bdmcon.exe\" [2007-04-02 16:48 290816] \"BDAgent\"=\"C:\\Program Files\\Softwin\\BitDefender10\\bdagent.exe\" [2007-03-26 15:49 69632] \"ZoneAlarm Client\"=\"D:\\Program Files\\Zone Labs\\ZoneAlarm\\zlclient.exe\" [2007-11-14 16:05 919016] \"SMSERIAL\"=\"C:\\Program Files\\Motorola\\SMSERIAL\\sm56hlpr.exe\" [2008-07-03 22:33 573440] \"ASUS Live Update\"=\"C:\\Program Files\\ASUS\\ASUS Live Update\\ALU.exe\" [2007-02-09 10:38 49520] \"StartCCC\"=\"C:\\Program Files\\ATI Technologies\\ATI.ACE\\Core-Static\\CLIStart.exe\" [2006-11-10 12:35 90112] \"HControl\"=\"C:\\WINDOWS\\ATK0100\\HControl.exe\" [2008-07-04 00:22 110592] \"Wireless Console 2\"=\"C:\\Program Files\\Wireless Console 2\\wcourier.exe\" [2006-11-29 11:00 1011712] \"SynTPEnh\"=\"C:\\Program Files\\Synaptics\\SynTP\\SynTPEnh.exe\" [2008-07-04 01:26 786521] \"Adobe Reader Speed Launcher\"=\"D:\\Program Files\\Reader\\Reader_sl.exe\" [2008-06-12 02:38 34672] \"WinampAgent\"=\"D:\\Winamp\\winampa.exe\" [2006-10-25 07:37 35328] \"ACU\"=\"C:\\Program Files\\Atheros\\ACU.exe\" [2006-11-17 11:00 348249] \"Google Desktop Search\"=\"C:\\Program Files\\Google\\Google Desktop Search\\GoogleDesktop.exe\" [2008-07-05 20:36 29744] \"RTHDCPL\"=\"RTHDCPL.EXE\" [2008-07-03 22:26 16269312 C:\\WINDOWS\\RTHDCPL.exe] \"SkyTel\"=\"SkyTel.EXE\" [2008-07-03 22:26 2879488 C:\\WINDOWS\\SkyTel.exe] [HKEY_USERS\\.DEFAULT\\Software\\Microsoft\\Windows\\CurrentVersion\\Run] \"CTFMON.EXE\"=\"C:\\WINDOWS\\system32\\CTFMON.EXE\" [2004-08-04 01:44 15360] [HKEY_LOCAL_MACHINE\\software\\microsoft\\windows nt\\currentversion\\windows] \"AppInit_DLLs\"=sockspy.dll [HKEY_LOCAL_MACHINE\\software\\microsoft\\windows nt\\currentversion\\drivers32] \"VIDC.YV12\"= yv12vfw.dll [HKEY_LOCAL_MACHINE\\software\\microsoft\\security center] \"AntiVirusDisableNotify\"=dword:00000001 \"UpdatesDisableNotify\"=dword:00000001 [HKEY_LOCAL_MACHINE\\software\\microsoft\\security center\\Monitoring\\ZoneLabsFirewall] \"DisableMonitoring\"=dword:00000001 [HKLM\\~\\services\\sharedaccess\\parameters\\firewallpolicy\\standardprofile] \"EnableFirewall\"= 0 (0x0) [HKLM\\~\\services\\sharedaccess\\parameters\\firewallpolicy\\standardprofile\\AuthorizedApplications\\List] \"%windir%\\\\system32\\\\sessmgr.exe\"= \"C:\\\\Program Files\\\\Bonjour\\\\mDNSResponder.exe\"= \"C:\\\\Program Files\\\\Skype\\\\Phone\\\\Skype.exe\"= R3 ASNDIS5;ASNDIS5 Protocol Driver;C:\\WINDOWS\\ATK0100\\ASNDIS5.SYS [2008-07-04 00:22] R3 WSIMD;wsimd Service;C:\\WINDOWS\\system32\\DRIVERS\\wsimd.sys [2006-07-20 07:00] S3 EverestDriver;Lavalys EVEREST Kernel Driver;D:\\EVEREST Home Edition\\kerneld.wnt [2005-08-18 00:00] S3 GoogleDesktopManager-022208-143751;Menedżer Google Desktop 5.7.802.22438;C:\\Program Files\\Google\\Google Desktop Search\\GoogleDesktop.exe [2008-07-05 20:36] [HKEY_CURRENT_USER\\software\\microsoft\\windows\\currentversion\\explorer\\mountpoints2\\{74dac87d-4b55-11dd-b051-0015af3502f8}] \\Shell\\AutoRun\\command - H:\\xmnm2.cmd \\Shell\\explore\\Command - H:\\xmnm2.cmd \\Shell\\open\\Command - H:\\xmnm2.cmd *Newly Created Service* - CATCHME . ************************************************************************** catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-07-06 17:34:11 Windows 5.1.2600 Dodatek Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** [HKEY_LOCAL_MACHINE\\system\\ControlSet001\\Services\\EverestDriver] \"ImagePath\"=\"\\??\\D:\\EVEREST Home Edition\\kerneld.wnt\" . Completion time: 2008-07-06 17:36:27 ComboFix-quarantined-files.txt 2008-07-06 15:36:09 Pre-Run: 15,831,015,424 bajtów wolnych Post-Run: 15,834,845,184 bajtów wolnych 225

Nowy Komentarz:

Komentarze: