wklejto.pl

Dodane przez: ~arti (2008-07-10 10:13) -> text
1.
2.
3.
4.
5.
6.
7.
8.
9.
10.
11.
12.
13.
14.
15.
16.
17.
18.
19.
20.
21.
22.
23.
24.
25.
26.
27.
28.
29.
30.
31.
32.
33.
34.
35.
36.
37.
38.
39.
40.
41.
42.
43.
44.
45.
46.
47.
48.
49.
50.
51.
52.
53.
54.
55.
56.
57.
58.
59.
60.
61.
62.
63.
64.
65.
66.
67.
68.
69.
70.
71.
72.
73.
74.
75.
76.
77.
78.
79.
80.
81.
82.
83.
84.
85.
86.
87.
88.
89.
90.
91.
92.
93.
94.
95.
96.
97.
98.
99.
100.
101.
102.
103.
104.
105.
106.
107.
108.
109.
110.
111.
112.
113.
114.
115.
116.
117.
118.
119.
120.
121.
122.
123.
124.
125.
126.
127.
128.
129.
130.
131.
132.
133.
134.
135.
136.
137.
138.
139.
140.
141.
142.
143.
144.
145.
146.
147.
148.
149.
150.
151.
152.
153.
154.
155.
156.
157.
158.
159.
160.
161.
162.
163.
164.
165.
166.
167.
168.
169.
170.
171.
172.
173.
174.
175.
176.
177.
178.
179.
180.
181.
182.
183.
184.
185.
186.
187.
188.
189.
190.
191.
192.
193.
194.
195.
196.
197.
198.
199.
200.
201.
202.
203.
204.
205.
206.
207.
208.
209.
210.
211.
212.
213.
214.
215.
216.
217.
218.
219.
220.
221.
222.
223.
224.
225.
226.
227.
228.
229.
230.
231.
232.
233.
234.
235.
236.
237.
238.
239.
240.
241.
242.
243.
244.
245.
246.
247.
248.
249.
250.
251.
252.
253.
254.
255.
256.
257.
258.
259.
260.
261.
262.
263.
264.
265.
266.
267.
268.
269.
270.
271.
272.
273.
274.
275.
276.
277.
278.
279.
280.
281.
282.
283.
284.
285.
286.
287.
288.
289.
290.
291.
292.
293.
294.
295.
296.
297.
298.
299.
300.
301.
302.
303.
304.
305.
306.
307.
308.
309.
310.
311.
312.
313.
314.
315.
316.
317.
318.
319.
320.
321.
322.
323.
324.
325.
326.
327.
328.
329.
330.
331.
332.
333.
334.
335.
336.
337.
338.
339.
340.
341.
342.
343.
344.
345.
ComboFix 08-07-09.5 - Bartek 2008-07-10 10:10:18.5 - NTFSx86
Microsoft Windows XP Professional  5.1.2600.2.1250.1.1045.18.623 [GMT 2:00]
Running from: C:\\Documents and Settings\\Bartek\\Pulpit\\ComboFix.exe
Command switches used :: C:\\Documents and Settings\\Bartek\\Pulpit\\CFScript.txt
 * Created a new restore point
 
[color=red][b]WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !![/b][/color]
 
FILE ::
C:\\sqmdata00.sqm
C:\\sqmdata01.sqm
C:\\sqmdata02.sqm
C:\\sqmdata03.sqm
C:\\sqmdata04.sqm
C:\\sqmnoopt00.sqm
C:\\sqmnoopt01.sqm
C:\\sqmnoopt02.sqm
C:\\sqmnoopt03.sqm
C:\\sqmnoopt04.sqm
.
 
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
 
C:\\sqmdata00.sqm
C:\\sqmdata01.sqm
C:\\sqmdata02.sqm
C:\\sqmdata03.sqm
C:\\sqmdata04.sqm
C:\\sqmnoopt00.sqm
C:\\sqmnoopt01.sqm
C:\\sqmnoopt02.sqm
C:\\sqmnoopt03.sqm
C:\\sqmnoopt04.sqm
 
.
(((((((((((((((((((((((((   Files Created from 2008-06-10 to 2008-07-10  )))))))))))))))))))))))))))))))
.
 
2008-07-10 09:58 . 2008-07-10 09:58     <DIR>   d--------       C:\\Documents and Settings\\GoťŠ
2008-07-10 09:55 . 2008-07-10 09:55     268     --ah-----       C:\\sqmdata05.sqm
2008-07-10 09:55 . 2008-07-10 09:55     244     --ah-----       C:\\sqmnoopt05.sqm
2008-07-09 23:36 . 2008-07-09 23:36     36,864  --a------       C:\\WINDOWS\\system32\\smart.dll
2008-07-09 23:33 . 2007-06-15 10:14     617,984 --a------       C:\\WINDOWS\\system32\\disk.dll
2008-07-09 22:36 . 2008-07-09 22:36     <DIR>   d--------       C:\\Program Files\\Intel
2008-07-09 22:36 . 2008-07-09 22:36     <DIR>   d--------       C:\\Intel
2008-07-09 22:36 . 2007-12-12 15:56     53,248  --a------       C:\\WINDOWS\\system32\\CSVer.dll
2008-07-09 21:23 . 2008-07-09 21:25     139,264 --a------       C:\\WINDOWS\\War3Unin.exe
2008-07-09 21:23 . 2008-07-09 21:26     75,878  --a------       C:\\WINDOWS\\War3Unin.dat
2008-07-09 21:23 . 2008-07-09 21:25     2,829   --a------       C:\\WINDOWS\\War3Unin.pif
2008-07-09 14:43 . 2008-07-09 14:43     <DIR>   d--------       C:\\My Games
2008-07-09 00:43 . 2008-07-09 00:43     <DIR>   d--------       C:\\Program Files\\Sun
2008-07-09 00:29 . 2007-06-13 15:23     1,034,752       -----c---       C:\\WINDOWS\\system32\\dllcache\\explorer.exe
2008-07-09 00:26 . 2008-07-09 00:26     <DIR>   d--------       C:\\Program Files\\PowerMenu
2008-07-09 00:24 . 2008-07-09 00:24     <DIR>   d--------       C:\\Program Files\\MSN Messenger
2008-07-09 00:23 . 2006-10-04 15:34     216,064 -----c---       C:\\WINDOWS\\system32\\dllcache\\osk.exe
2008-07-09 00:23 . 2006-10-04 15:34     73,216  -----c---       C:\\WINDOWS\\system32\\dllcache\\magnify.exe
2008-07-09 00:23 . 2006-10-04 15:34     55,296  -----c---       C:\\WINDOWS\\system32\\dllcache\\narrator.exe
2008-07-09 00:23 . 2006-10-04 15:34     50,176  -----c---       C:\\WINDOWS\\system32\\dllcache\\utilman.exe
2008-07-09 00:23 . 2006-10-04 15:39     36,352  -----c---       C:\\WINDOWS\\system32\\dllcache\\umandlg.dll
2008-07-09 00:20 . 2006-03-17 02:38     28,672  ---------       C:\\WINDOWS\\system32\\verclsid.exe
2008-07-09 00:15 . 2004-09-30 12:17     135,168 --a------       C:\\WINDOWS\\system32\\directx.cpl
2008-07-09 00:13 . 2008-07-09 00:13     <DIR>   d--------       C:\\Program Files\\Microsoft CopyProfile
2008-07-09 00:12 . 2008-07-09 00:12     <DIR>   d--------       C:\\Program Files\\AutoPatcher Tools
2008-07-09 00:12 . 2002-07-17 21:03     45,056  --a------       C:\\WINDOWS\\system32\\WNASPI32.DLL
2008-07-09 00:12 . 2002-07-17 20:05     16,512  --a------       C:\\WINDOWS\\system32\\drivers\\ASPI32.SYS
2008-07-08 19:30 . 2008-07-09 15:12     54,156  --ah-----       C:\\WINDOWS\\QTFont.qfn
2008-07-08 19:30 . 2008-07-08 19:30     1,409   --a------       C:\\WINDOWS\\QTFont.for
2008-07-08 16:19 . 2008-07-08 16:24     <DIR>   d--------       C:\\Program Files\\Common Files\\Autodesk Shared
2008-07-07 07:10 . 2008-07-07 07:10     183,777 ---h-----       C:\\treeinfo.wc
2008-07-07 07:07 . 2008-07-07 07:07     8,506   --a------       C:\\vraylog.mpq
2008-07-06 22:30 . 2008-07-06 22:30     <DIR>   d--------       C:\\Program Files\\RADVideo
2008-07-04 20:22 . 2008-07-04 20:22     <DIR>   d--------       C:\\Program Files\\Veoh Networks
2008-06-30 16:55 . 2008-06-30 16:55     <DIR>   d--------       C:\\Program Files\\Hero Editor
2008-06-30 16:55 . 2008-06-30 16:55     249,856 ---------       C:\\WINDOWS\\Setup1.exe
2008-06-30 16:55 . 2008-06-30 16:55     73,216  --a------       C:\\WINDOWS\\ST6UNST.EXE
2008-06-30 16:22 . 2008-06-30 16:22     206     --a------       C:\\WINDOWS\\system32\\cfffa7_z.ocx
2008-06-26 11:32 . 2008-06-26 11:36     <DIR>   d--------       C:\\Program Files\\SkanerOnline
2008-06-23 22:58 . 2008-06-24 15:45     <DIR>   d--------       C:\\Documents and Settings\\Bartek\\Dane aplikacji\\SPORE Creature Creator
2008-06-23 22:54 . 2008-06-23 22:56     <DIR>   d--------       C:\\Program Files\\Electronic Arts
2008-06-18 19:52 . 2008-06-18 19:52     161,096 --a------       C:\\WINDOWS\\system32\\DivXCodecVersionChecker.exe
2008-06-16 23:34 . 2008-06-16 23:34     5       --a------       C:\\WINDOWS\\system32\\system.dat
2008-06-16 23:31 . 2008-06-16 23:31     <DIR>   d--------       C:\\Program Files\\TotalAudioConverter
2008-06-16 23:31 . 2008-06-16 23:31     <DIR>   d--------       C:\\Documents and Settings\\Bartek\\Dane aplikacji\\Softplicity
2008-06-16 15:10 . 2008-06-21 14:29     <DIR>   d--------       C:\\Documents and Settings\\Bartek\\Dane aplikacji\\My Games
2008-06-11 02:07 . 2008-06-11 02:07     3,596,288       --a------       C:\\WINDOWS\\system32\\qt-dx331.dll
2008-06-11 02:07 . 2008-06-11 02:07     524,288 --a------       C:\\WINDOWS\\system32\\DivXsm.exe
2008-06-11 02:07 . 2008-06-11 02:07     4,816   --a------       C:\\WINDOWS\\system32\\divxsm.tlb
2008-06-11 02:04 . 2008-06-11 02:04     1,044,480       --a------       C:\\WINDOWS\\system32\\libdivx.dll
2008-06-11 02:04 . 2008-06-11 02:04     200,704 --a------       C:\\WINDOWS\\system32\\ssldivx.dll
 
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-07-10 07:29        ---------       d-----w C:\\Documents and Settings\\Bartek\\Dane aplikacji\\uTorrent
2008-07-09 12:43        ---------       d--h--w C:\\Program Files\\InstallShield Installation Information
2008-07-09 12:43        ---------       d-----w C:\\Program Files\\Real
2008-07-08 22:42        ---------       d-----w C:\\Program Files\\Java
2008-07-08 14:24        ---------       d-----w C:\\Program Files\\Autodesk
2008-07-08 14:21        ---------       d-----w C:\\Documents and Settings\\All Users\\Dane aplikacji\\Autodesk
2008-07-06 20:45        ---------       d-----w C:\\Program Files\\DivX
2008-07-03 12:03        ---------       d-----w C:\\Program Files\\Diablo II
2008-07-01 15:59        ---------       d-----w C:\\Program Files\\Common Files\\Adobe
2008-07-01 15:55        ---------       d-----w C:\\Program Files\\MSBuild
2008-07-01 15:55        ---------       d-----w C:\\Documents and Settings\\All Users\\Dane aplikacji\\Microsoft Help
2008-06-29 05:05        43,520  ----a-w C:\\WINDOWS\\system32\\CmdLineExt03.dll
2008-06-27 05:38        ---------       d-----w C:\\Program Files\\DAEMON Tools Lite
2008-06-25 10:08        ---------       d-----w C:\\Program Files\\Opera
2008-06-24 07:51        ---------       d-----w C:\\Documents and Settings\\Bartek\\Dane aplikacji\\MegauploadToolbar
2008-06-21 12:26        ---------       d-----w C:\\Program Files\\Eurobarre
2008-06-21 12:26        ---------       d-----w C:\\Program Files\\Celestia
2008-06-18 18:16        ---------       d-----w C:\\Program Files\\QuickTime
2008-06-18 18:16        ---------       d-----w C:\\Program Files\\Gadu-Gadu
2008-06-18 18:16        ---------       d-----w C:\\Program Files\\DCPFLICS
2008-06-18 18:15        ---------       d-----w C:\\Program Files\\WinPcap
2008-06-18 18:14        ---------       d-----w C:\\Program Files\\SpeedBit Video Accelerator
2008-06-18 18:14        ---------       d-----w C:\\Program Files\\Bonjour
2008-06-16 21:39        114,688 ----a-w C:\\WINDOWS\\system32\\wmatimer.dll
2008-06-14 09:59        ---------       d-----w C:\\Program Files\\Bethesda Softworks
2008-06-13 16:58        ---------       d-----w C:\\Program Files\\KnightsAndMerchants
2008-06-08 06:02        ---------       d-----w C:\\Program Files\\Last.fm
2008-06-06 16:26        584,194 ----a-w C:\\WINDOWS\\C.O.R.E. Uninstaller.exe
2008-06-01 15:54        ---------       d--h--w C:\\Program Files\\Oxin\'s Style!
2008-05-24 20:17        ---------       d-----w C:\\Program Files\\ElastoManiaRegistered
2008-05-23 13:58        ---------       d-----w C:\\Documents and Settings\\Bartek\\Dane aplikacji\\AdobeUM
2008-05-23 09:32        ---------       d-----w C:\\Program Files\\Free Japanese Anime Screensaver
2008-05-22 22:18        12,288  ----a-w C:\\WINDOWS\\system32\\DivXWMPExtType.dll
2008-05-18 11:56        ---------       d-----w C:\\Program Files\\Free Waterfall Screensaver
2008-05-18 11:56        ---------       d-----w C:\\Program Files\\Free Naruto Screensaver
2008-05-18 11:56        ---------       d-----w C:\\Program Files\\Free Fantasy Screensaver
2008-05-18 11:56        ---------       d-----w C:\\Program Files\\Astro Gemini Software
2008-05-18 06:58        8,464   ----a-w C:\\WINDOWS\\system32\\sporder.dll
2008-05-17 15:05        ---------       d-----w C:\\Program Files\\KotOR2-PL
2008-05-17 12:31        ---------       d-----w C:\\Program Files\\FileSubmit
2008-05-17 11:51        ---------       d-----w C:\\Program Files\\TGTSoft
2008-04-18 20:05        107,888 ----a-w C:\\WINDOWS\\system32\\CmdLineExt.dll
2008-04-18 10:46        2,829   ----a-w C:\\WINDOWS\\DIIUnin.pif
2008-04-18 10:46        106,496 ----a-w C:\\WINDOWS\\DIIUnin.exe
2008-04-16 16:40        85,536  ----a-w C:\\WINDOWS\\~GLC0000.TMP
2008-04-15 12:59        25,088  ----a-w C:\\WINDOWS\\system32\\Partizan.exe
.
 
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4
 
[HKEY_CURRENT_USER\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run]
\"ctfmon.exe\"=\"C:\\WINDOWS\\system32\\ctfmon.exe\" [2004-08-04 00:44 15360]
\"MsnMsgr\"=\"C:\\Program Files\\MSN Messenger\\MsnMsgr.Exe\" [2007-01-19 12:54 5674352]
 
[HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run]
\"CoolSwitch\"=\"C:\\WINDOWS\\system32\\taskswitch.exe\" [2002-03-19 17:30 45632]
\"SunJavaUpdateSched\"=\"C:\\Program Files\\Java\\jre1.6.0_07\\bin\\jusched.exe\" [2008-06-10 04:27 144784]
\"NvCplDaemon\"=\"C:\\WINDOWS\\system32\\NvCpl.dll\" [2007-05-11 00:03 8429568]
\"QuickTime Task\"=\"C:\\Program Files\\QuickTime\\qttask.exe\" [2007-10-13 16:31 155648]
 
[HKEY_CURRENT_USER\\software\\microsoft\\windows\\currentversion\\policies\\explorer]
\"ForceClassicControlPanel\"= 1 (0x1)
\"NoChangeKeyboardNavigationIndicators\"= 0 (0x0)
\"NoSMConfigurePrograms\"= 1 (0x1)
 
[HKEY_LOCAL_MACHINE\\software\\microsoft\\windows nt\\currentversion\\winlogon]
\"UIHost\"=\"C:\\\\Program Files\\\\TGTSoft\\\\StyleXP\\\\Logon\\\\CurrentLogon.EXE\"
 
[HKEY_LOCAL_MACHINE\\software\\microsoft\\windows nt\\currentversion\\winlogon\\notify\\Fly]
2008-07-09 23:36 36864 C:\\WINDOWS\\system32\\smart.dll
 
[HKEY_LOCAL_MACHINE\\software\\microsoft\\windows nt\\currentversion\\drivers32]
\"MSACM.SPEEXACM\"= SPEEXW.ACM
 
[HKLM\\~\\startupfolder\\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^Adobe Reader Speed Launch.lnk]
path=C:\\Documents and Settings\\All Users\\Menu Start\\Programy\\Autostart\\Adobe Reader Speed Launch.lnk
backup=C:\\WINDOWS\\pss\\Adobe Reader Speed Launch.lnkCommon Startup
 
[HKLM\\~\\startupfolder\\C:^Documents and Settings^Bartek^Menu Start^Programy^Autostart^Empty.pif]
path=C:\\Documents and Settings\\Bartek\\Menu Start\\Programy\\Autostart\\Empty.pif
backup=C:\\WINDOWS\\pss\\Empty.pifStartup
 
[HKLM\\~\\startupfolder\\C:^Documents and Settings^Bartek^Menu Start^Programy^Autostart^GIGABYTE VGA Utility.lnk]
path=C:\\Documents and Settings\\Bartek\\Menu Start\\Programy\\Autostart\\GIGABYTE VGA Utility.lnk
backup=C:\\WINDOWS\\pss\\GIGABYTE VGA Utility.lnkStartup
 
[HKLM\\~\\startupfolder\\C:^Documents and Settings^Bartek^Menu Start^Programy^Autostart^Last.fm Helper.lnk]
path=C:\\Documents and Settings\\Bartek\\Menu Start\\Programy\\Autostart\\Last.fm Helper.lnk
backup=C:\\WINDOWS\\pss\\Last.fm Helper.lnkStartup
 
[HKEY_LOCAL_MACHINE\\software\\microsoft\\shared tools\\msconfig\\startupreg\\KernelFaultCheck]
C:\\WINDOWS\\system32\\dumprep 0 -k [X]
 
[HKEY_LOCAL_MACHINE\\software\\microsoft\\shared tools\\msconfig\\startupreg\\Adobe Photo Downloader]
--a------ 2005-06-06 23:46 57344 C:\\Program Files\\Adobe\\Photoshop Album Starter Edition\\3.0\\Apps\\apdproxy.exe
 
[HKEY_LOCAL_MACHINE\\software\\microsoft\\shared tools\\msconfig\\startupreg\\AQQ]
--a------ 2007-02-28 14:18 2351864 C:\\PROGRA~1\\WapSter\\AQQ\\AQQ.exe
 
[HKEY_LOCAL_MACHINE\\software\\microsoft\\shared tools\\msconfig\\startupreg\\CTFMON.EXE]
--a------ 2004-08-04 00:44 15360 C:\\WINDOWS\\system32\\ctfmon.exe
 
[HKEY_LOCAL_MACHINE\\software\\microsoft\\shared tools\\msconfig\\startupreg\\DAEMON Tools Pro Agent]
--a------ 2007-09-06 15:08 136136 X:\\Program Files\\DAEMON Tools Pro\\DTProAgent.exe
 
[HKEY_LOCAL_MACHINE\\software\\microsoft\\shared tools\\msconfig\\startupreg\\Gadu-Gadu]
--a------ 2008-03-20 12:04 2127296 C:\\Program Files\\Gadu-Gadu\\gg.exe
 
[HKEY_LOCAL_MACHINE\\software\\microsoft\\shared tools\\msconfig\\startupreg\\IMJPMIG8.1]
--a------ 2004-08-03 22:32 208952 C:\\WINDOWS\\ime\\imjp8_1\\imjpmig.exe
 
[HKEY_LOCAL_MACHINE\\software\\microsoft\\shared tools\\msconfig\\startupreg\\ISUSPM Startup]
--a------ 2005-08-11 10:30 249856 C:\\Program Files\\Common Files\\InstallShield\\UpdateService\\ISUSPM.exe
 
[HKEY_LOCAL_MACHINE\\software\\microsoft\\shared tools\\msconfig\\startupreg\\ISUSScheduler]
--a------ 2005-08-11 10:30 81920 C:\\Program Files\\Common Files\\InstallShield\\UpdateService\\issch.exe
 
[HKEY_LOCAL_MACHINE\\software\\microsoft\\shared tools\\msconfig\\startupreg\\LanguageShortcut]
--a------ 2007-01-08 23:17 52256 C:\\Program Files\\CyberLink\\PowerDVD\\Language\\Language.exe
 
[HKEY_LOCAL_MACHINE\\software\\microsoft\\shared tools\\msconfig\\startupreg\\MSMSGS]
--a------ 2007-04-12 01:44 1661304 C:\\Program Files\\Messenger\\Msmsgs.exe
 
[HKEY_LOCAL_MACHINE\\software\\microsoft\\shared tools\\msconfig\\startupreg\\MSPY2002]
--a------ 2004-08-03 22:31 59392 C:\\WINDOWS\\system32\\IME\\PINTLGNT\\IMSCINST.EXE
 
[HKEY_LOCAL_MACHINE\\software\\microsoft\\shared tools\\msconfig\\startupreg\\NvCplDaemon]
--a------ 2007-05-11 00:03 8429568 C:\\WINDOWS\\system32\\nvcpl.dll
 
[HKEY_LOCAL_MACHINE\\software\\microsoft\\shared tools\\msconfig\\startupreg\\PHIME2002A]
--a------ 2004-08-03 22:32 455168 C:\\WINDOWS\\system32\\IME\\TINTLGNT\\TINTSETP.EXE
 
[HKEY_LOCAL_MACHINE\\software\\microsoft\\shared tools\\msconfig\\startupreg\\PHIME2002ASync]
--a------ 2004-08-03 22:32 455168 C:\\WINDOWS\\system32\\IME\\TINTLGNT\\TINTSETP.EXE
 
[HKEY_LOCAL_MACHINE\\software\\microsoft\\shared tools\\msconfig\\startupreg\\QuickTime Task]
--a------ 2007-10-13 16:31 155648 C:\\Program Files\\QuickTime\\qttask.exe
 
[HKEY_LOCAL_MACHINE\\software\\microsoft\\shared tools\\msconfig\\startupreg\\RemoteControl]
--------- 2007-01-08 23:26 68640 C:\\Program Files\\CyberLink\\PowerDVD\\PDVDServ.exe
 
[HKEY_LOCAL_MACHINE\\software\\microsoft\\shared tools\\msconfig\\startupreg\\SearchSettings]
--a------ 2008-02-06 17:47 1036640 C:\\Program Files\\Search Settings\\SearchSettings.exe
 
[HKEY_LOCAL_MACHINE\\software\\microsoft\\shared tools\\msconfig\\startupreg\\SpybotSD TeaTimer]
-rahs---- 2008-01-28 11:43 2097488 C:\\Program Files\\Spybot - Search & Destroy\\TeaTimer.exe
 
[HKEY_LOCAL_MACHINE\\software\\microsoft\\shared tools\\msconfig\\startupreg\\STYLEXP]
--a------ 2006-05-24 20:31 1372160 C:\\Program Files\\TGTSoft\\StyleXP\\StyleXP.exe
 
[HKEY_LOCAL_MACHINE\\software\\microsoft\\shared tools\\msconfig\\startupreg\\SunJavaUpdateSched]
--a------ 2007-09-25 01:11 132496 C:\\Program Files\\Java\\jre1.6.0_03\\bin\\jusched.exe
 
[HKEY_LOCAL_MACHINE\\software\\microsoft\\shared tools\\msconfig\\startupreg\\TkBellExe]
--a------ 2007-11-18 21:12 185896 C:\\Program Files\\Common Files\\Real\\Update_OB\\realsched.exe
 
[HKEY_LOCAL_MACHINE\\software\\microsoft\\shared tools\\msconfig\\startupreg\\updateMgr]
-ra------ 2006-03-30 17:45 313472 C:\\Program Files\\Adobe\\Acrobat 7.0\\Reader\\AdobeUpdateManager.exe
 
[HKEY_LOCAL_MACHINE\\software\\microsoft\\shared tools\\msconfig\\startupreg\\Veoh]
--a------ 2008-06-19 15:15 3664944 C:\\Program Files\\Veoh Networks\\Veoh\\VeohClient.exe
 
[HKEY_LOCAL_MACHINE\\software\\microsoft\\shared tools\\msconfig\\startupreg\\Alcmtr]
-r------- 2005-05-03 12:43 69632 C:\\WINDOWS\\Alcmtr.exe
 
[HKEY_LOCAL_MACHINE\\software\\microsoft\\shared tools\\msconfig\\startupreg\\nwiz]
--a------ 2007-05-11 00:03 1626112 C:\\WINDOWS\\system32\\nwiz.exe
 
[HKEY_LOCAL_MACHINE\\software\\microsoft\\shared tools\\msconfig\\startupreg\\RTHDCPL]
-r------- 2007-04-12 11:33 16132608 C:\\WINDOWS\\RTHDCPL.exe
 
[HKEY_LOCAL_MACHINE\\software\\microsoft\\shared tools\\msconfig\\services]
\"SENS\"=2 (0x2)
 
[HKEY_CURRENT_USER\\software\\microsoft\\windows\\currentversion\\run-]
\"ctfmon.exe\"=C:\\WINDOWS\\system32\\ctfmon.exe
 
[HKLM\\~\\services\\sharedaccess\\parameters\\firewallpolicy\\standardprofile]
\"EnableFirewall\"= 0 (0x0)
 
[HKLM\\~\\services\\sharedaccess\\parameters\\firewallpolicy\\standardprofile\\AuthorizedApplications\\List]
\"%windir%\\\\system32\\\\sessmgr.exe\"=
\"C:\\\\Program Files\\\\uTorrent\\\\uTorrent.exe\"=
\"%windir%\\\\Network Diagnostic\\\\xpnetdiag.exe\"=
\"C:\\\\Program Files\\\\Bonjour\\\\mDNSResponder.exe\"=
\"C:\\\\Program Files\\\\WapSter\\\\AQQ\\\\AQQ.exe\"=
\"C:\\\\PROGRA~1\\\\WapSter\\\\AQQ\\\\AQQ.exe\"=
\"C:\\\\Program Files\\\\SpeedBit Video Accelerator\\\\VideoAcceleratorEngine.exe\"=
\"C:\\\\Program Files\\\\SpeedBit Video Accelerator\\\\VideoAccelerator.exe\"=
\"X:\\\\Program Files\\\\Atari\\\\Neverwinter Nights 2\\\\nwn2main.exe\"=
\"X:\\\\Program Files\\\\Atari\\\\Neverwinter Nights 2\\\\nwn2main_amdxp.exe\"=
\"X:\\\\Program Files\\\\Atari\\\\Neverwinter Nights 2\\\\nwupdate.exe\"=
\"X:\\\\Program Files\\\\Atari\\\\Neverwinter Nights 2\\\\nwn2server.exe\"=
\"C:\\\\Program Files\\\\T\\\\t.exe\"=
\"C:\\\\usr\\\\apache\\\\Apache.exe\"=
\"C:\\\\usr\\\\SMTP Server\\\\localsrv.exe\"=
\"C:\\\\Program Files\\\\Gadu-Gadu\\\\gg.exe\"=
\"X:\\\\Program Files\\\\LucasArts\\\\Star Wars Jedi Knight Jedi Academy\\\\GameData\\\\jamp.exe\"=
\"E:\\\\Program Files\\\\Sierra\\\\FEAR\\\\FEAR.exe\"=
\"E:\\\\Program Files\\\\Autodesk\\\\3ds Max 9\\\\3dsmax.exe\"=
\"C:\\\\Program Files\\\\Autodesk\\\\Backburner\\\\monitor.exe\"=
\"C:\\\\Program Files\\\\Autodesk\\\\Backburner\\\\manager.exe\"=
\"C:\\\\Program Files\\\\Autodesk\\\\Backburner\\\\server.exe\"=
\"C:\\\\Program Files\\\\MSN Messenger\\\\msnmsgr.exe\"=
\"C:\\\\Program Files\\\\MSN Messenger\\\\livecall.exe\"=
 
[HKLM\\~\\services\\sharedaccess\\parameters\\firewallpolicy\\standardprofile\\GloballyOpenPorts\\List]
\"3724:TCP\"= 3724:TCP:Blizzard Downloader: 3724
 
R1 aswSP;avast! Self Protection;C:\\WINDOWS\\system32\\drivers\\aswSP.sys [2008-05-12 18:36]
R2 aswFsBlk;aswFsBlk;C:\\WINDOWS\\system32\\DRIVERS\\aswFsBlk.sys [2008-05-12 18:38]
R2 sbbotdi;sbbotdi;C:\\PROGRA~1\\SPEEDB~1\\sbbotdi.sys [2008-02-17 22:28]
R2 VideoAcceleratorService;VideoAcceleratorService;C:\\PROGRA~1\\SPEEDB~1\\VideoAcceleratorService.exe [2008-02-17 22:28]
S2 RPCM;Remote Procedure Manager(TPM);C:\\Program Files\\Common Files\\Microsoft Shared\\Speech\\csvde.exe [2005-06-19 21:22]
S3 ggflt;SEMC USB Flash Driver Filter;C:\\WINDOWS\\system32\\DRIVERS\\ggflt.sys [2007-11-27 23:15]
S3 USBSTOR;Sterownik magazynu masowego USB;C:\\WINDOWS\\system32\\DRIVERS\\USBSTOR.SYS [2004-08-03 23:08]
 
.
**************************************************************************
 
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-07-10 10:11:00
Windows 5.1.2600 Dodatek Service Pack 2 NTFS
 
scanning hidden processes ... 
 
scanning hidden autostart entries ...
 
scanning hidden files ... 
 
scan completed successfully
hidden files: 0
 
**************************************************************************
 
[HKEY_LOCAL_MACHINE\\system\\ControlSet003\\Services\\MySql]
\"ImagePath\"=\"c:\\usr/MYSQL/bin/mysqld.exe\"
.
Completion time: 2008-07-10 10:11:22
ComboFix-quarantined-files.txt  2008-07-10 08:11:17
ComboFix2.txt  2008-07-10 07:58:51
 
Pre-Run: 19,206,905,856 bajtów wolnych
Post-Run: 19,190,968,320 bajtów wolnych
 
282
 
Wygenerowano w 0.127s, przy pomocy GeSHi 1.0.8
'
Podziel się na Facebook Podziel się na BLIP Podziel się na Twitter Podziel się na Buzz Podziel się na Flaker Dodaj zakładkę Google Podziel się na Delicious Wykop to!

Nowy Komentarz:

Komentarze:

Brak Komentarzy!