Skocz do zawartości
Mateuszn

Prosze O Sprawdzenie Loga

Przez Mateuszn, w Centrum Bezpieczeństwa

Rekomendowane odpowiedzi

Mateuszn Newbie

Mateuszn

Opublikowano
Opublikowano (edytowane)
» Naciśnij aby pokazać/ukryć tekst oznaczony jako spoiler « - "Log z combofix."
ComboFix 08-09-05.02 - Mateusz 2008-11-30 15:40:39.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.1.1045.18.1523 [GMT 1:00]
Running from: E:\Programy\ComboFix.exe
* Created a new restore point
* Resident AV is active


WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
- REDUCED FUNCTIONALITY MODE -
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\WINDOWS\system32\actskn43.ocx

.
((((((((((((((((((((((((( Files Created from 2008-10-28 to 2008-11-30 )))))))))))))))))))))))))))))))
.

2008-11-26 16:51 . 2008-11-26 16:51 <DIR> d-------- C:\Program Files\WinPcap
2008-11-26 16:49 . 2008-11-26 17:16 <DIR> d-------- C:\Program Files\Cain
2008-11-25 20:41 . 2008-11-25 20:41 <DIR> d-------- C:\Documents and Settings\All Users\Dane aplikacji\HHD Software
2008-11-25 20:40 . 2008-11-25 20:40 <DIR> d-------- C:\Program Files\HHD Software
2008-11-25 20:40 . 2008-11-25 20:40 <DIR> d-------- C:\Program Files\Common Files\HHD Software
2008-11-25 19:31 . 2008-11-25 19:52 <DIR> d-------- C:\Program Files\SpyNet
2008-11-25 19:31 . 1999-06-10 00:17 65,024 --a------ C:\WINDOWS\system32\W32N50.dll
2008-11-25 19:31 . 1999-10-30 10:16 33,792 --a------ C:\WINDOWS\system32\Flatbtn.ocx
2008-11-25 19:31 . 1999-06-10 00:17 23,040 --a------ C:\WINDOWS\system32\Pcandis5.sys
2008-11-25 19:31 . 1999-06-10 00:17 15,408 --a------ C:\WINDOWS\system32\Pcandis4.sys
2008-11-25 19:31 . 1999-06-10 00:17 13,561 --a------ C:\WINDOWS\system32\Pcandis3.vxd
2008-11-24 14:48 . 2008-11-24 14:48 73,728 --a------ C:\WINDOWS\ALCFDRTM.EXE
2008-11-24 14:32 . 2005-05-03 11:43 69,632 -r------- C:\WINDOWS\Alcmtr.exe
2008-11-22 15:47 . 2008-11-26 20:44 342,084 ---h----- C:\treeinfo.wc
2008-11-22 15:45 . 2008-11-22 15:45 <DIR> d-------- C:\totalcmd
2008-11-22 15:45 . 2008-11-28 17:24 826 --a------ C:\WINDOWS\wincmd.ini
2008-11-22 15:45 . 2008-07-29 07:04 545 --a------ C:\WINDOWS\UC.PIF
2008-11-22 15:45 . 2008-07-29 07:04 545 --a------ C:\WINDOWS\RAR.PIF
2008-11-22 15:45 . 2008-07-29 07:04 545 --a------ C:\WINDOWS\PKZIP.PIF
2008-11-22 15:45 . 2008-07-29 07:04 545 --a------ C:\WINDOWS\PKUNZIP.PIF
2008-11-22 15:45 . 2008-07-29 07:04 545 --a------ C:\WINDOWS\NOCLOSE.PIF
2008-11-22 15:45 . 2008-07-29 07:04 545 --a------ C:\WINDOWS\LHA.PIF
2008-11-22 15:45 . 2008-07-29 07:04 545 --a------ C:\WINDOWS\ARJ.PIF
2008-11-22 15:14 . 2008-11-22 15:14 <DIR> d-------- C:\ProgramData
2008-11-22 15:14 . 2008-11-22 15:14 <DIR> d-------- C:\Program Files\Electronic Arts
2008-11-22 15:14 . 2008-11-22 15:14 <DIR> d-------- C:\Documents and Settings\Mateusz\Dane aplikacji\Leadertech
2008-11-22 15:14 . 2008-11-22 15:14 4,672 --a------ C:\WINDOWS\system32\ealregsnapshot1.reg
2008-11-22 12:54 . 2008-11-22 12:54 4,096 --a------ C:\WINDOWS\d3dx.dat
2008-11-22 09:50 . 2008-11-22 09:50 <DIR> d-------- C:\Program Files\ESET
2008-11-18 21:31 . 2008-11-18 21:31 <DIR> d-------- C:\php
2008-11-18 15:22 . 2008-11-18 15:22 <DIR> d-------- C:\MySQL Datafiles
2008-11-18 15:02 . 2008-11-18 15:09 42,015 --a------ C:\WINDOWS\system\php.ini
2008-11-18 14:47 . 2008-11-18 14:47 <DIR> d-------- C:\Program Files\Apache Group
2008-11-18 14:21 . 2008-11-18 15:19 <DIR> d-------- C:\Program Files\MySQL
2008-11-18 14:21 . 2008-11-18 14:21 <DIR> d-------- C:\Documents and Settings\All Users\Dane aplikacji\MySQL
2008-11-18 09:26 . 2008-11-18 14:45 112 --a------ C:\WINDOWS\LOGO.INI
2008-11-18 09:25 . 2008-11-18 09:25 <DIR> d-------- C:\Program Files\Softronics
2008-11-17 20:25 . 2008-11-22 13:38 <DIR> d-------- C:\ConvertedMedia
2008-11-17 20:23 . 2008-11-17 20:23 <DIR> d-------- C:\Program Files\MP3 Converter
2008-11-17 20:23 . 2003-05-12 20:25 503,808 --a------ C:\WINDOWS\system32\mpeg2dmx.ax
2008-11-17 20:23 . 2005-11-25 22:46 421,888 --a------ C:\WINDOWS\system32\RealMediaSplitter.ax
2008-11-17 20:23 . 2001-08-18 20:00 262,144 --a------ C:\WINDOWS\system32\mpg4ds32.axu
2008-11-17 20:23 . 2003-05-21 01:10 210,432 --a------ C:\WINDOWS\system32\mpgdec.ax
2008-11-17 20:23 . 2004-04-30 21:46 28,672 --a------ C:\WINDOWS\system32\t3odm.dll
2008-11-13 21:23 . 2008-11-14 13:37 481 --a------ C:\WINDOWS\my.ini
2008-11-12 22:10 . 2008-10-24 12:21 455,296 -----c--- C:\WINDOWS\system32\dllcache\mrxsmb.sys
2008-11-12 22:09 . 2008-09-04 18:17 1,106,944 -----c--- C:\WINDOWS\system32\dllcache\msxml3.dll
2008-11-12 20:18 . 2008-11-12 20:18 <DIR> d-------- C:\Documents and Settings\Mateusz\Dane aplikacji\Datalayer
2008-11-10 17:57 . 2008-11-12 20:18 <DIR> d-------- C:\Documents and Settings\Mateusz\Phone Browser
2008-11-10 17:56 . 2008-11-10 17:56 <DIR> d-------- C:\Documents and Settings\Mateusz\Dane aplikacji\AdobeUM
2008-11-10 17:56 . 2008-11-10 17:56 <DIR> d-------- C:\Documents and Settings\Mateusz\Dane aplikacji\AdobeAUM
2008-11-10 17:40 . 2008-11-29 23:15 <DIR> d-------- C:\Documents and Settings\Mateusz\Dane aplikacji\Nokia Multimedia Player
2008-11-10 17:30 . 2008-11-10 17:30 <DIR> d-------- C:\Documents and Settings\Mateusz\Dane aplikacji\Nokia
2008-11-10 17:18 . 2008-11-10 17:18 <DIR> d-------- C:\WINDOWS\Downloaded Installations
2008-11-10 17:17 . 2008-11-10 17:19 <DIR> d-------- C:\Program Files\Nokia
2008-11-10 17:17 . 2008-11-10 17:17 <DIR> d-------- C:\Program Files\DIFX
2008-11-10 17:17 . 2008-11-10 17:17 <DIR> d-------- C:\Program Files\Common Files\PCSuite
2008-11-10 17:17 . 2008-11-10 17:17 <DIR> d-------- C:\Program Files\Common Files\Nokia
2008-11-10 17:17 . 2008-11-10 17:17 <DIR> d-------- C:\Documents and Settings\Mateusz\Dane aplikacji\PC Suite
2008-11-10 17:17 . 2008-11-10 17:17 <DIR> d-------- C:\Documents and Settings\All Users\Dane aplikacji\PC Suite
2008-11-10 17:17 . 2006-05-29 08:26 127,488 --a------ C:\WINDOWS\system32\drivers\nmwcd.sys
2008-11-10 17:17 . 2006-05-29 08:26 50,688 --a------ C:\WINDOWS\system32\nmwcdcls.dll
2008-11-10 17:17 . 2006-05-29 08:26 30,720 --a------ C:\WINDOWS\system32\nmwcdcocls.dll
2008-11-10 17:17 . 2006-05-29 08:26 13,312 --a------ C:\WINDOWS\system32\drivers\nmwcdcm.sys
2008-11-10 17:17 . 2006-05-29 08:26 13,312 --a------ C:\WINDOWS\system32\drivers\nmwcdcj.sys
2008-11-10 17:17 . 2006-05-29 08:26 8,704 --a------ C:\WINDOWS\system32\drivers\nmwcdc.sys
2008-11-10 17:17 . 2006-05-29 08:26 4,608 --a------ C:\WINDOWS\system32\nmwcdlog.dll
2008-11-10 17:16 . 2008-11-10 17:16 <DIR> d-------- C:\Documents and Settings\All Users\Dane aplikacji\Downloaded Installations
2008-11-06 15:01 . 2008-11-06 15:01 285 --a------ C:\WINDOWS\flax.ini
2008-11-06 15:00 . 2008-11-06 15:01 10,468 --a------ C:\x.$$$
2008-11-04 18:12 . 2008-11-04 18:13 <DIR> d-------- C:\Program Files\Liceum klasa 3 - Matematyka
2008-11-04 18:12 . 1998-10-07 12:54 327,168 --a------ C:\WINDOWS\IsUn0415.exe
2008-10-31 19:14 . 2008-10-31 19:14 <DIR> d-------- C:\Documents and Settings\Mateusz\WINDOWS
2008-10-30 16:43 . 2008-10-30 16:43 <DIR> dr-h----- C:\Documents and Settings\Mateusz\Dane aplikacji\SecuROM
2008-10-30 16:13 . 2008-10-30 19:20 <DIR> d--h-c--- C:\Documents and Settings\All Users\Dane aplikacji\{0691F710-1ECA-4B5A-9727-25554F1BFDC6}
2008-10-30 14:13 . 2008-10-30 14:13 <DIR> d-------- C:\WINDOWS\Logs
2008-10-30 14:12 . 2008-11-22 16:20 682,280 --a------ C:\WINDOWS\system32\pbsvc.exe
2008-10-29 19:53 . 2008-11-10 17:17 <DIR> d----c--- C:\WINDOWS\system32\DRVSTORE
2008-10-29 19:53 . 2008-10-29 19:53 <DIR> d-------- C:\WINDOWS\system32\AGEIA
2008-10-29 19:52 . 2008-10-29 19:52 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-10-29 19:52 . 2008-10-29 19:53 <DIR> d-------- C:\Program Files\AGEIA Technologies
2008-10-24 12:54 . 2008-10-15 17:36 337,408 -----c--- C:\WINDOWS\system32\dllcache\netapi32.dll
2008-10-18 21:45 . 2008-10-18 21:45 <DIR> d-------- C:\Program Files\MagicISO
2008-10-18 21:41 . 2008-10-18 21:41 <DIR> d-------- C:\Documents and Settings\All Users\Dane aplikacji\DVD Shrink
2008-10-16 17:54 . 2008-10-16 17:54 <DIR> d-------- C:\Program Files\OpenOffice.org 2.2
2008-10-16 17:54 . 2008-11-26 21:07 <DIR> d-------- C:\Documents and Settings\Mateusz\Dane aplikacji\OpenOffice.org2
2008-10-15 15:31 . 2008-08-14 14:26 2,190,464 -----c--- C:\WINDOWS\system32\dllcache\ntoskrnl.exe
2008-10-15 15:31 . 2008-08-14 14:26 2,146,816 -----c--- C:\WINDOWS\system32\dllcache\ntkrnlmp.exe
2008-10-15 15:31 . 2008-08-14 14:26 2,067,328 -----c--- C:\WINDOWS\system32\dllcache\ntkrnlpa.exe
2008-10-15 15:31 . 2008-08-14 14:26 2,025,472 -----c--- C:\WINDOWS\system32\dllcache\ntkrpamp.exe
2008-10-15 15:19 . 2008-09-08 11:41 333,824 -----c--- C:\WINDOWS\system32\dllcache\srv.sys
2008-10-15 15:18 . 2008-09-15 16:27 1,846,656 -----c--- C:\WINDOWS\system32\dllcache\win32k.sys
2008-10-12 13:03 . 2008-10-12 13:03 <DIR> d-------- C:\Documents and Settings\Mateusz\Dane aplikacji\Apple Computer
2008-10-10 18:22 . 2008-10-10 18:48 <DIR> d-------- C:\Program Files\kED
2008-10-04 17:08 . 2008-10-04 17:09 <DIR> d-------- C:\Program Files\SubEdit-Player
2008-10-03 17:30 . 2008-10-03 17:31 <DIR> d-------- C:\Documents and Settings\Mateusz\Dane aplikacji\Dev-Cpp
2008-10-02 06:30 . 2008-04-14 18:20 221,184 --a------ C:\WINDOWS\system32\wmpns.dll
2008-10-01 15:06 . 2008-10-01 15:06 <DIR> d-------- C:\WINDOWS\system32\pl-pl
2008-10-01 15:06 . 2008-10-01 15:06 <DIR> d-------- C:\WINDOWS\system32\pl
2008-10-01 15:06 . 2008-10-01 15:06 <DIR> d-------- C:\WINDOWS\system32\bits
2008-10-01 15:06 . 2008-10-01 15:06 <DIR> d-------- C:\WINDOWS\l2schemas
2008-10-01 15:04 . 2008-10-01 15:06 <DIR> d-------- C:\WINDOWS\ServicePackFiles
2008-10-01 15:00 . 2008-10-01 15:00 <DIR> d-------- C:\WINDOWS\EHome

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-11-30 14:39 --------- d-----w C:\Documents and Settings\Mateusz\Dane aplikacji\uTorrent
2008-11-30 09:54 183,112 ----a-w C:\WINDOWS\system32\PnkBstrB.exe
2008-11-30 09:54 138,184 ----a-w C:\WINDOWS\system32\drivers\PnkBstrK.sys
2008-11-29 17:56 --------- d-----w C:\Documents and Settings\Mateusz\Dane aplikacji\Image Zone Express
2008-11-25 19:50 --------- d-----w C:\Documents and Settings\Mateusz\Dane aplikacji\Skype
2008-11-25 19:44 --------- d-----w C:\Documents and Settings\Mateusz\Dane aplikacji\skypePM
2008-11-24 13:32 --------- d-----w C:\Program Files\Realtek
2008-11-22 15:21 22,328 ----a-w C:\Documents and Settings\Mateusz\Dane aplikacji\PnkBstrK.sys
2008-11-22 15:20 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-11-12 22:04 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\Microsoft Help
2008-11-12 21:10 --------- d-----w C:\Program Files\Common Files\Adobe
2008-11-10 10:33 --------- d-----w C:\Program Files\NAPI-PROJEKT
2008-10-30 13:17 107,888 ----a-w C:\WINDOWS\system32\CmdLineExt.dll
2008-10-30 13:12 66,872 ----a-w C:\WINDOWS\system32\PnkBstrA.exe
2008-10-27 09:04 70,992 ----a-w C:\WINDOWS\system32\XAPOFX1_2.dll
2008-10-27 09:04 514,384 ----a-w C:\WINDOWS\system32\XAudio2_3.dll
2008-10-27 09:04 235,856 ----a-w C:\WINDOWS\system32\xactengine3_3.dll
2008-10-27 09:04 23,376 ----a-w C:\WINDOWS\system32\X3DAudio1_5.dll
2008-10-25 14:17 --------- d-----w C:\Program Files\Gadu-Gadu
2008-10-24 11:21 455,296 ----a-w C:\WINDOWS\system32\drivers\mrxsmb.sys
2008-10-16 16:53 --------- d-----w C:\Program Files\Java
2008-10-11 08:48 --------- d-----w C:\Program Files\NifTools
2008-10-10 03:52 452,440 ----a-w C:\WINDOWS\system32\d3dx10_40.dll
2008-10-10 03:52 4,379,984 ----a-w C:\WINDOWS\system32\D3DX9_40.dll
2008-10-10 03:52 2,036,576 ----a-w C:\WINDOWS\system32\D3DCompiler_40.dll
2008-10-02 17:27 --------- d-----w C:\Documents and Settings\Mateusz\Dane aplikacji\GanymedeNet
2008-10-02 17:00 --------- d-----w C:\Program Files\Ganymede
2008-09-30 15:43 1,286,152 ----a-w C:\WINDOWS\system32\msxml4.dll
2008-09-29 14:09 --------- d-----w C:\Program Files\Common Files\Java
2008-09-28 09:38 --------- d-----w C:\Program Files\Alcohol Soft
2008-09-15 15:27 1,846,656 ----a-w C:\WINDOWS\system32\win32k.sys
2008-09-10 01:15 1,307,648 ----a-w C:\WINDOWS\system32\msxml6.dll
2008-09-04 17:17 1,106,944 ----a-w C:\WINDOWS\system32\msxml3.dll
2008-08-20 05:11 668,672 ----a-w C:\WINDOWS\system32\wininet.dll
2008-08-14 13:26 2,146,816 ----a-w C:\WINDOWS\system32\ntoskrnl.exe
2008-08-14 13:26 2,025,472 ----a-w C:\WINDOWS\system32\ntkrnlpa.exe
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ABIT uGuruIII"="C:\Program Files\ABIT\uGuru\uGuru.exe" [2006-10-24 417792]
"uTorrent"="C:\Program Files\uTorrent\uTorrent.exe" [2008-10-08 270128]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-14 15360]
"Google Update"="C:\Documents and Settings\Mateusz\Ustawienia lokalne\Dane aplikacji\Google\Update\GoogleUpdate.exe" [2008-09-05 133104]
"AlcoholAutomount"="C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" [2008-02-22 217544]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"JMB36X IDE Setup"="C:\WINDOWS\JM\JMInsIDE.exe" [2006-10-30 36864]
"36X Raid Configurer"="C:\WINDOWS\system32\JMRaidSetup.exe" [2006-11-16 1953792]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
"WinampAgent"="C:\Program Files\Winamp\winampa.exe" [2008-01-15 37376]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2008-05-16 13529088]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2008-05-16 86016]
"GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" [2007-08-24 33648]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 155648]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
"PCSuiteTrayApplication"="C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE" [2006-06-15 229376]
"Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" [2005-06-06 57344]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792]
"egui"="C:\Program Files\ESET\ESET Smart Security\egui.exe" [2008-08-18 1447168]
"SkyTel"="SkyTel.EXE" [2006-05-16 C:\WINDOWS\SkyTel.exe]
"nwiz"="nwiz.exe" [2008-05-16 C:\WINDOWS\system32\nwiz.exe]
"RTHDCPL"="RTHDCPL.EXE" [2006-11-14 C:\WINDOWS\RTHDCPL.exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2008-04-14 15360]

C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2006-02-19 288472]
RaConfig.lnk - C:\WINDOWS\system32\RaConfig.exe [2008-08-15 380928]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.YV12"= yv12vfw.dll

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=
"C:\\Program Files\\uTorrent\\uTorrent.exe"=
"C:\\WINDOWS\\system32\\PnkBstrA.exe"=
"C:\\WINDOWS\\system32\\PnkBstrB.exe"=
"D:\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"=
"C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"C:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"C:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"C:\\Program Files\\Gadu-Gadu\\gg.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"D:\\MOH-Airborne\\UnrealEngine3\\Binaries\\MOHA.exe"=
"D:\\Far Cry 2\\bin\\FarCry2.exe"=
"D:\\Far Cry 2\\bin\\FC2Launcher.exe"=
"D:\\Far Cry 2\\bin\\FC2Editor.exe"=
"C:\\xampp\\apache\\bin\\apache.exe"=
"D:\\Call of Duty - World at War\\CoDWaWmp.exe"=
"D:\\Call of Duty - World at War\\CoDWaW.exe"=
"C:\\Program Files\\Skype\\Phone\\Skype.exe"=
"C:\\WINDOWS\\system32\\sessmgr.exe"=
"D:\\Dead Space\\Dead Space.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3306:TCP"= 3306:TCP:mysql

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)

R0 UGURU;UGURU;C:\WINDOWS\system32\drivers\uGuru.sys [2006-05-03 14592]
R1 nltdi;nltdi;C:\WINDOWS\system32\drivers\nltdi.sys [2006-09-13 76160]
R3 RT2400;RT2400 Wireless Driver;C:\WINDOWS\system32\DRIVERS\RT2400.sys [2003-10-08 51712]
S3 NPF;NetGroup Packet Filter Driver;C:\WINDOWS\system32\drivers\npf.sys [2007-11-06 34064]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{36cee5b9-6abd-11dd-b12d-806d6172696f}]
\Shell\AutoRun\command - J:\Autorun.exe root.ini

*Newly Created Service* - CATCHME
.
Contents of the 'Scheduled Tasks' folder
.
.
------- Supplementary Scan -------
.
FireFox -: Profile - C:\Documents and Settings\Mateusz\Dane aplikacji\Mozilla\Firefox\Profiles\a93ed6h4.default\
FireFox -: prefs.js - STARTUP.HOMEPAGE - www.google.pl
FF -: plugin - C:\Documents and Settings\Mateusz\Ustawienia lokalne\Dane aplikacji\Google\Update\1.2.131.27\npGoogleOneClick6.dll
FF -: plugin - C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
FF -: plugin - C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll
FF -: plugin - C:\Program Files\Mozilla Firefox\plugins\npganymedenet.dll
.

**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-11-30 15:41:04
Windows 5.1.2600 Dodatek Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\MySQL]
"ImagePath"="\"C:\Program Files\MySQL\MySQL Server 5.0\bin\mysqld-nt\" --defaults-file=\"C:\Program Files\MySQL\MySQL Server 5.0\my.ini\" MySQL"
.
Completion time: 2008-11-30 15:41:49
ComboFix-quarantined-files.txt 2008-11-30 14:41:47

Pre-Run: 7,763,009,536 bajtów wolnych
Post-Run: 7,985,319,936 bajtów wolnych

266 --- E O F --- 2008-11-12 22:04:28
Edytowane przez Kolobos

Udostępnij tę odpowiedź

Odnośnik do odpowiedzi
Udostępnij na innych stronach

Dołącz do dyskusji

Możesz dodać zawartość już teraz a zarejestrować się później. Jeśli posiadasz już konto, zaloguj się aby dodać zawartość za jego pomocą.

Gość
Dodaj odpowiedź do tematu...

×   Wklejono zawartość z formatowaniem.   Przywróć formatowanie

  Dozwolonych jest tylko 75 emoji.

×   Odnośnik został automatycznie osadzony.   Przywróć wyświetlanie jako odnośnik

×   Przywrócono poprzednią zawartość.   Wyczyść edytor

×   Nie możesz bezpośrednio wkleić grafiki. Dodaj lub załącz grafiki z adresu URL.

Ładowanie
×
Tematy
×
×
  • Dodaj nową pozycję...