KilazzPL
Member
Dołączył: 18 Mar 2008
Posty: 29 Przeczytał: 0 tematów
Ostrzeżeń: 0/5
Skąd: Lwówek
|
Wysłany:
Sob 15:59, 05 Lip 2008 |
|
wiem juz czemu ale nie wiem co z tym mam zrobic uzylem ComboFix zeby logi wyciagnac o to one:
ComboFix 08-07-04.6 - Kondzio 2008-07-05 14:34:44.1 - FAT32x86
Microsoft Windows XP Professional 5.1.2600.3.1250.1.1045.18.461 [GMT 2:00]
Running from: C:\Documents and Settings\Kondzio\Pulpit\ComboFix.exe
* Created a new restore point
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
((((((((((((((((((((((((( Files Created from 2008-06-05 to 2008-07-05 )))))))))))))))))))))))))))))))
.
2008-07-03 20:48 . 2008-07-03 20:48 <DIR> d-------- C:\Program Files\Google
2008-07-03 19:22 . 2008-07-03 19:22 4,012 --a------ C:\WINDOWS\system32\d3d9caps.dat
2008-07-03 19:00 . 2008-07-03 19:00 <DIR> d-------- C:\Program Files\Common Files\Merge Modules
2008-07-03 17:27 . 2008-07-03 17:27 <DIR> d-------- C:\Documents and Settings\All Users\Dane aplikacji\SimCity Societies
2008-07-03 16:28 . 2008-07-03 16:28 <DIR> dr-h----- C:\Documents and Settings\Kondzio\Dane aplikacji\SecuROM
2008-07-03 16:28 . 2008-07-03 16:28 107,888 --a------ C:\WINDOWS\system32\CmdLineExt.dll
2008-07-03 16:22 . 2008-07-03 16:22 <DIR> d-------- C:\Program Files\DAEMON Tools Lite
2008-07-03 16:18 . 2008-07-03 16:18 <DIR> d-------- C:\Documents and Settings\Kondzio\Dane aplikacji\DAEMON Tools
2008-07-03 16:18 . 2008-07-03 16:18 717,296 --a------ C:\WINDOWS\system32\drivers\sptd.sys
2008-07-02 21:59 . 2008-07-02 21:59 <DIR> d-------- C:\Documents and Settings\Kondzio\Dane aplikacji\Nero
2008-07-02 14:36 . 2008-07-02 14:36 69 --a------ C:\WINDOWS\NeroDigital.ini
2008-07-02 11:01 . 2008-07-02 11:01 <DIR> d-------- C:\Program Files\MSECache
2008-07-02 10:42 . 2006-10-26 19:56 32,592 --a------ C:\WINDOWS\system32\msonpmon.dll
2008-07-02 10:40 . 2008-07-02 10:40 <DIR> d-------- C:\Program Files\Microsoft Works
2008-07-02 10:31 . 2008-07-02 10:31 <DIR> d-------- C:\Program Files\Microsoft.NET
2008-07-02 10:22 . 2008-07-02 10:22 <DIR> d-------- C:\Program Files\Microsoft Visual Studio 8
2008-07-02 10:18 . 2008-07-02 10:18 <DIR> d-------- C:\WINDOWS\SHELLNEW
2008-07-02 10:18 . 2008-07-02 10:18 <DIR> d-------- C:\Documents and Settings\Ula\Dane aplikacji\Talkback
2008-07-02 10:15 . 2008-07-02 10:15 <DIR> d-------- C:\Documents and Settings\All Users\Dane aplikacji\Microsoft Help
2008-07-02 10:14 . 2008-07-02 10:14 <DIR> dr-h----- C:\MSOCache
2008-07-02 10:11 . 2008-07-02 10:11 <DIR> d-------- C:\Documents and Settings\Ula\Dane aplikacji\Winamp
2008-07-02 09:58 . 2008-07-01 15:16 <DIR> d--h----- C:\Documents and Settings\Ula\Ustawienia lokalne
2008-07-02 09:58 . 2008-07-02 10:00 <DIR> dr------- C:\Documents and Settings\Ula\Ulubione
2008-07-02 09:58 . 2008-07-01 15:16 <DIR> d--h----- C:\Documents and Settings\Ula\Szablony
2008-07-02 09:58 . 2008-07-01 15:16 <DIR> d-------- C:\Documents and Settings\Ula\Pulpit
2008-07-02 09:58 . 2008-07-01 15:58 <DIR> d-------- C:\Documents and Settings\Ula\nro.log
2008-07-02 09:58 . 2008-07-02 10:00 <DIR> dr------- C:\Documents and Settings\Ula\Moje dokumenty
2008-07-02 09:58 . 2008-07-01 15:16 <DIR> d-------- C:\Documents and Settings\Ula\Menu Start
2008-07-02 09:58 . 2008-07-01 15:34 <DIR> d-------- C:\Documents and Settings\Ula\Dane aplikacji\Xentient
2008-07-02 09:58 . 2008-07-01 15:33 <DIR> d-------- C:\Documents and Settings\Ula\Dane aplikacji\uTorrent
2008-07-02 09:58 . 2008-07-01 16:10 <DIR> d-------- C:\Documents and Settings\Ula\Dane aplikacji\URSoft
2008-07-02 09:58 . 2008-07-01 15:16 <DIR> d--h----- C:\Documents and Settings\Ula\Dane aplikacji
2008-07-02 09:58 . 2008-07-01 16:02 <DIR> d-------- C:\Documents and Settings\Ula\{7C151F72-81CA-4871-9052-AF4DE217E755}
2008-07-02 09:58 . 2008-07-02 09:58 <DIR> d-------- C:\Documents and Settings\Ula
2008-07-01 23:10 . 2008-07-01 23:10 <DIR> d-------- C:\Program Files\Common Files\INCA Shared
2008-07-01 23:10 . 2003-07-21 05:17 5,174 --a------ C:\WINDOWS\system32\nppt9x.vxd
2008-07-01 23:10 . 2005-01-04 20:43 4,682 --a------ C:\WINDOWS\system32\npptNT2.sys
2008-07-01 21:16 . 2008-07-01 21:16 <DIR> d-------- C:\Documents and Settings\Kondzio\Dane aplikacji\Winamp
2008-07-01 19:02 . 2008-07-01 19:02 <DIR> d-------- C:\Documents and Settings\Kondzio\Dane aplikacji\GanymedeNet
2008-07-01 18:59 . 2008-07-01 18:59 <DIR> d-------- C:\Documents and Settings\All Users\Dane aplikacji\GRETECH
2008-07-01 18:58 . 2008-07-01 18:58 <DIR> d-------- C:\Documents and Settings\Kondzio\Dane aplikacji\GRETECH
2008-07-01 18:57 . 2008-07-01 18:57 <DIR> d-------- C:\Program Files\Ganymede
2008-07-01 17:34 . 2008-07-01 17:34 <DIR> d--h----- C:\$AVG8.VAULT$
2008-07-01 16:49 . 2008-07-01 16:49 <DIR> d-------- C:\WINDOWS\system32\drivers\Avg
2008-07-01 16:49 . 2008-07-04 23:15 96,520 --a------ C:\WINDOWS\system32\drivers\avgldx86.sys
2008-07-01 16:49 . 2008-07-04 23:16 76,040 --a------ C:\WINDOWS\system32\drivers\avgtdix.sys
2008-07-01 16:49 . 2008-07-04 23:15 10,520 --a------ C:\WINDOWS\system32\avgrsstx.dll
2008-07-01 16:48 . 2008-07-01 16:49 <DIR> d-------- C:\Program Files\AVG
2008-07-01 16:48 . 2008-07-01 16:48 <DIR> d-------- C:\Documents and Settings\All Users\Dane aplikacji\avg8
2008-07-01 16:42 . 2008-07-01 16:42 <DIR> d-------- C:\Documents and Settings\Kondzio\Dane aplikacji\Gadu-Gadu
2008-07-01 16:41 . 2008-07-01 16:41 <DIR> d-------- C:\Documents and Settings\Kondzio\Gadu-Gadu
2008-07-01 16:38 . 2008-07-01 16:38 <DIR> d-------- C:\Documents and Settings\Kondzio\.VirtualBox
2008-07-01 16:36 . 2008-07-01 16:36 <DIR> d-------- C:\Documents and Settings\Kondzio\Dane aplikacji\DivX
2008-07-01 16:34 . 2008-07-01 16:34 <DIR> d-------- C:\Documents and Settings\All Users\Dane aplikacji\nView_Profiles
2008-07-01 16:33 . 2008-07-01 16:33 <DIR> d-------- C:\Documents and Settings\Kondzio\Dane aplikacji\Talkback
2008-07-01 16:32 . 2008-07-01 16:32 0 --a------ C:\WINDOWS\nsreg.dat
2008-07-01 16:27 . 2008-07-01 16:27 <DIR> d--hs---- C:\Recycled
2008-07-01 16:23 . 2008-04-14 22:51 221,184 --a------ C:\WINDOWS\system32\wmpns.dll
2008-07-01 16:22 . 2008-07-01 15:16 <DIR> d--h----- C:\Documents and Settings\Kondzio\Ustawienia lokalne
2008-07-01 16:22 . 2008-07-01 16:23 <DIR> dr------- C:\Documents and Settings\Kondzio\Ulubione
2008-07-01 16:22 . 2008-07-01 15:16 <DIR> d--h----- C:\Documents and Settings\Kondzio\Szablony
2008-07-01 16:22 . 2008-07-01 15:16 <DIR> d-------- C:\Documents and Settings\Kondzio\Pulpit
2008-07-01 16:22 . 2008-07-01 15:58 <DIR> d-------- C:\Documents and Settings\Kondzio\nro.log
2008-07-01 16:22 . 2008-07-01 16:23 <DIR> dr------- C:\Documents and Settings\Kondzio\Moje dokumenty
2008-07-01 16:22 . 2008-07-01 15:16 <DIR> d-------- C:\Documents and Settings\Kondzio\Menu Start
2008-07-01 16:22 . 2008-07-01 15:34 <DIR> d-------- C:\Documents and Settings\Kondzio\Dane aplikacji\Xentient
2008-07-01 16:22 . 2008-07-01 15:33 <DIR> d-------- C:\Documents and Settings\Kondzio\Dane aplikacji\uTorrent
2008-07-01 16:22 . 2008-07-01 16:10 <DIR> d-------- C:\Documents and Settings\Kondzio\Dane aplikacji\URSoft
2008-07-01 16:22 . 2008-07-01 15:16 <DIR> d--h----- C:\Documents and Settings\Kondzio\Dane aplikacji
2008-07-01 16:22 . 2008-07-01 16:02 <DIR> d-------- C:\Documents and Settings\Kondzio\{7C151F72-81CA-4871-9052-AF4DE217E755}
2008-07-01 16:21 . 2008-07-01 16:21 <DIR> d-------- C:\WINDOWS\system32\LogFiles
2008-07-01 16:15 . 2008-07-01 16:15 <DIR> d-------- C:\WINDOWS\LastGood
2008-07-01 16:13 . 2008-07-01 16:13 <DIR> d---s---- C:\WINDOWS\system32\Microsoft
2008-07-01 16:13 . 2008-07-01 16:13 <DIR> d-------- C:\Documents and Settings\NetworkService\Ustawienia lokalne
2008-07-01 16:13 . 2008-07-01 16:13 <DIR> d-------- C:\Documents and Settings\NetworkService\Menu Start
2008-07-01 16:13 . 2008-07-01 16:13 <DIR> d-------- C:\Documents and Settings\NetworkService\Dane aplikacji
2008-07-01 16:13 . 2008-07-01 16:13 <DIR> d--hs---- C:\Documents and Settings\NetworkService
2008-07-01 16:13 . 2008-07-01 16:13 8,192 --a------ C:\WINDOWS\REGLOCS.OLD
2008-07-01 16:12 . 2008-07-05 14:11 16,594 --a------ C:\WINDOWS\system32\oodbs.lor
2008-07-01 16:11 . 2008-07-01 15:16 <DIR> dr-h----- C:\WINDOWS\system32\config\systemprofile\Ustawienia lokalne
2008-07-01 16:11 . 2008-07-01 15:16 <DIR> d-------- C:\WINDOWS\system32\config\systemprofile\Ulubione
2008-07-01 16:11 . 2008-07-01 15:16 <DIR> d--h----- C:\WINDOWS\system32\config\systemprofile\Szablony
2008-07-01 16:11 . 2008-07-01 15:16 <DIR> d-------- C:\WINDOWS\system32\config\systemprofile\Pulpit
2008-07-01 16:11 . 2008-07-01 15:40 <DIR> d-------- C:\WINDOWS\system32\config\systemprofile\nsqE96.tmp
2008-07-01 16:11 . 2008-07-01 15:41 <DIR> d-------- C:\WINDOWS\system32\config\systemprofile\nsfE98.tmp
2008-07-01 16:11 . 2008-07-01 15:58 <DIR> d-------- C:\WINDOWS\system32\config\systemprofile\nro.log
2008-07-01 16:11 . 2008-07-01 15:16 <DIR> d-------- C:\WINDOWS\system32\config\systemprofile\Moje dokumenty
2008-07-01 16:11 . 2008-07-01 15:16 <DIR> dr------- C:\WINDOWS\system32\config\systemprofile\Menu Start
2008-07-01 16:11 . 2008-07-01 15:16 <DIR> dr-h----- C:\WINDOWS\system32\config\systemprofile\Dane aplikacji
2008-07-01 16:11 . 2008-07-01 16:02 <DIR> d-------- C:\WINDOWS\system32\config\systemprofile\{7C151F72-81CA-4871-9052-AF4DE217E755}
2008-07-01 16:10 . 2008-07-01 16:10 <DIR> d-------- C:\Program Files\Your Uninstaller 2008
2008-07-01 16:10 . 2008-07-01 16:10 <DIR> d-------- C:\Program Files\UltraISO
2008-07-01 16:10 . 2008-07-01 16:10 <DIR> d-------- C:\Program Files\Common Files\EZB Systems
2008-07-01 16:10 . 2008-07-01 16:10 <DIR> d-------- C:\Documents and Settings\All Users\Dane aplikacji\TEMP
2008-07-01 16:09 . 2008-07-01 16:09 <DIR> d-------- C:\Program Files\Tlen.pl
2008-07-01 16:09 . 2008-07-01 16:09 <DIR> d-------- C:\Program Files\SubEdit-Player
2008-07-01 16:09 . 2008-07-01 16:09 <DIR> d-------- C:\Program Files\OO Software
2008-07-01 16:09 . 2008-07-01 16:09 <DIR> d-------- C:\Program Files\Mozilla Thunderbird
2008-07-01 16:08 . 2008-07-01 16:08 <DIR> d-------- C:\Program Files\Skype
2008-07-01 16:08 . 2008-07-01 16:08 <DIR> d-------- C:\Program Files\QT Lite
2008-07-01 16:08 . 2008-07-01 16:08 <DIR> d-------- C:\Documents and Settings\All Users\Dane aplikacji\Skype
2008-07-01 16:08 . 2008-07-01 16:08 <DIR> d-------- C:\Documents and Settings\All Users\Dane aplikacji\Apple Computer
2008-07-01 16:08 . 2008-03-28 21:07 90,112 --a------ C:\WINDOWS\system32\QuickTimeVR.qtx
2008-07-01 16:08 . 2008-03-28 21:07 57,344 --a------ C:\WINDOWS\system32\QuickTime.qts
2008-07-01 16:07 . 2008-07-01 16:07 <DIR> d-------- C:\WINDOWS\system32\DRVSTORE
2008-07-01 16:07 . 2008-07-01 16:07 <DIR> d-------- C:\Program Files\Sun xVM VirtualBox
2008-07-01 16:07 . 2008-04-30 22:12 55,424 --a------ C:\WINDOWS\system32\drivers\VBoxDrv.sys
2008-07-01 16:07 . 2008-04-30 22:12 42,048 --a------ C:\WINDOWS\system32\drivers\VBoxUSBMon.sys
2008-07-01 16:06 . 2008-07-01 16:06 <DIR> d-------- C:\Program Files\MozBackup
2008-07-01 16:06 . 2008-07-01 16:06 <DIR> d-------- C:\Program Files\K-Lite Codec Pack
2008-07-01 16:05 . 2008-03-25 02:37 69,632 --a------ C:\WINDOWS\system32\javacpl.cpl
2008-07-01 16:04 . 2008-07-01 16:04 <DIR> d-------- C:\Program Files\Java
2008-07-01 16:04 . 2008-07-01 16:04 <DIR> d-------- C:\Program Files\FastStone Image Viewer
2008-07-01 16:04 . 2008-07-01 16:04 <DIR> d-------- C:\Program Files\Driver Magician
2008-07-01 16:04 . 2008-07-01 16:04 <DIR> d-------- C:\Program Files\Common Files\Java
2008-07-01 16:04 . 2004-09-28 11:13 526,184 --a------ C:\WINDOWS\system32\XceedCry.dll
2008-07-01 16:04 . 2005-01-12 11:19 456,536 --a------ C:\WINDOWS\system32\XCEEDZIP.DLL
2008-07-01 16:04 . 2004-08-11 15:55 110,602 --a------ C:\WINDOWS\system32\xcdsfx32.bin
2008-07-01 16:03 . 2008-07-01 16:04 <DIR> d-------- C:\Program Files\InstallShield Installation Information
2008-07-01 16:03 . 2008-07-01 16:03 <DIR> d-------- C:\Documents and Settings\All Users\Dane aplikacji\CyberLink
2008-07-01 16:02 . 2008-07-01 16:02 <DIR> d-------- C:\Program Files\CyberLink
2008-07-01 16:02 . 2008-07-01 16:02 <DIR> d-------- C:\Documents and Settings\Default User\{7C151F72-81CA-4871-9052-AF4DE217E755}
2008-07-01 16:00 . 2008-07-01 16:00 <DIR> d-------- C:\Program Files\Opera
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-07-01 13:59 --------- d-----w C:\Program Files\Odkurzacz
2008-07-01 13:57 --------- d-----w C:\Program Files\Nero
2008-07-01 13:57 --------- d-----w C:\Program Files\Common Files\Nero
2008-07-01 13:57 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\Nero
2008-07-01 13:56 --------- d-----w C:\Program Files\GRETECH
2008-07-01 13:56 --------- d-----w C:\Program Files\Gadu-Gadu
2008-07-01 13:56 --------- d-----w C:\Program Files\Foxit Reader
2008-07-01 13:49 --------- d-----w C:\Program Files\Reference Assemblies
2008-07-01 13:49 --------- d-----w C:\Program Files\MSBuild
2008-07-01 13:41 --------- d-----w C:\Program Files\Winamp
2008-07-01 13:41 --------- d-----w C:\Program Files\Microsoft Silverlight
2008-07-01 13:35 --------- d-----w C:\Program Files\uTorrent
2008-07-01 13:32 --------- d-----w C:\Program Files\Windows Sidebar
2008-07-01 13:32 --------- d-----w C:\Program Files\nLite
2008-07-01 13:32 --------- d-----w C:\Program Files\Lavalys
2008-07-01 13:32 --------- d-----w C:\Program Files\AddOnInstaller
2008-07-01 13:31 --------- d-----w C:\Program Files\Windows Media Connect 2
2008-07-01 13:31 --------- d-----w C:\Program Files\Utilities
2008-07-01 13:31 --------- d-----w C:\Program Files\Unlocker
2008-07-01 13:31 --------- d-----w C:\Program Files\TaskSwitchXP
2008-07-01 13:31 --------- d-----w C:\Program Files\System
2008-07-01 13:31 --------- d-----w C:\Program Files\Drive Space Indicator
2008-07-01 13:31 --------- d-----w C:\Program Files\Attribute Changer
2008-05-17 12:46 299,008 ----a-w C:\WINDOWS\system32\wuauclt1.exe
2008-05-17 12:46 184,320 ----a-w C:\WINDOWS\system32\wuaueng1.dll
2008-05-17 12:43 78,336 ----a-w C:\WINDOWS\system32\srclient.dll
2008-05-17 12:43 58,880 ----a-w C:\WINDOWS\system32\sol.exe
2008-05-17 12:43 541,696 ----a-w C:\WINDOWS\system32\spider.exe
2008-05-17 12:43 307,712 ----a-w C:\WINDOWS\system32\srrstr.dll
2008-05-17 12:43 122,368 ----a-w C:\WINDOWS\system32\sndvol32.exe
2008-05-17 12:42 111,104 ----a-w C:\WINDOWS\system32\servdeps.dll
2008-05-17 12:41 62,976 ----a-w C:\WINDOWS\system32\remotepg.dll
2008-05-17 12:39 401,408 ----a-w C:\WINDOWS\system32\mspaint.exe
2008-05-17 12:39 381,952 ----a-w C:\WINDOWS\system32\mstask.dll
2008-05-17 12:39 30,720 ----a-w C:\WINDOWS\system32\msdtc.exe
2008-05-17 12:39 130,048 ----a-w C:\WINDOWS\system32\mshearts.exe
2008-05-17 12:36 68,608 ----a-w C:\WINDOWS\system32\freecell.exe
2008-05-17 12:33 452,096 ----a-w C:\WINDOWS\system32\accwiz.exe
2008-05-17 12:33 113,152 ----a-w C:\WINDOWS\system32\acctres.dll
2008-05-17 10:50 3,127 ----a-w C:\WINDOWS\system32\presetup.cmd
2008-05-17 10:50 28,672 ----a-w C:\WINDOWS\system32\setupold.exe
2008-05-17 10:49 9,216 ----a-w C:\WINDOWS\system32\drivers\VIDEX32.sys
2008-05-17 10:46 955,392 ----a-w C:\WINDOWS\system32\wsecedit.dll
2008-05-17 10:46 9,753,600 ----a-w C:\WINDOWS\system32\wmploc.dll
2008-05-17 10:46 34,304 ----a-w C:\WINDOWS\system32\wpabaln.exe
2008-05-17 10:46 32,256 ----a-w C:\WINDOWS\system32\wupdmgr.exe
2008-05-17 10:46 208,896 ----a-w C:\WINDOWS\system32\wscript.exe
2008-05-17 10:46 2,600,448 ----a-w C:\WINDOWS\system32\wpdshext.dll
2008-05-17 10:45 358,912 ----a-w C:\WINDOWS\winhlp32.exe
2008-05-17 10:45 3,647,488 ----a-w C:\WINDOWS\system32\wiadefui.dll
2008-05-17 10:45 2,444,800 ----a-w C:\WINDOWS\system32\winbrand.dll
2008-05-17 10:45 1,539,072 ----a-w C:\WINDOWS\system32\wextract.exe
2008-05-17 10:45 1,538,560 ----a-w C:\WINDOWS\system32\wiaacmgr.exe
2008-05-17 10:45 1,409,536 ----a-w C:\WINDOWS\system32\wiashext.dll
2008-05-17 10:44 630,784 ----a-w C:\WINDOWS\system32\sysocmgr.exe
2008-05-17 10:44 51,712 ----a-w C:\WINDOWS\system32\utilman.exe
2008-05-17 10:44 487,424 ----a-w C:\WINDOWS\system32\user32.dll
2008-05-17 10:44 450,560 ----a-w C:\WINDOWS\system32\themeui.dll
2008-05-17 10:44 261,120 ----a-w C:\WINDOWS\system32\upnpui.dll
2008-05-17 10:44 256,512 ----a-w C:\WINDOWS\system32\tapiui.dll
2008-05-17 10:44 202,240 ----a-w C:\WINDOWS\system32\tcpmonui.dll
2008-05-17 10:44 187,392 ----a-w C:\WINDOWS\system32\taskmgr.exe
2008-05-17 10:44 126,976 ----a-w C:\WINDOWS\system32\verifier.exe
2008-05-17 10:43 77,824 ----a-w C:\WINDOWS\system32\stobject.dll
2008-05-17 10:43 744,960 ----a-w C:\WINDOWS\system32\sxs.dll
2008-05-17 10:43 541,696 ----a-w C:\WINDOWS\system32\sti_ci.dll
2008-05-17 10:43 52,224 ----a-w C:\WINDOWS\system32\shscrap.dll
2008-05-17 10:43 407,040 ----a-w C:\WINDOWS\system32\smlogcfg.dll
2008-05-17 10:43 30,208 ----a-w C:\WINDOWS\system32\stimon.exe
2008-05-17 10:43 3,435,008 ----a-w C:\WINDOWS\system32\shimgvw.dll
2008-05-17 10:43 267,776 ----a-w C:\WINDOWS\system32\shrpubw.exe
2008-05-17 10:43 134,656 ----a-w C:\WINDOWS\system32\sigverif.exe
2008-05-17 10:42 997,888 ----a-w C:\WINDOWS\system32\shdoclc.dll
2008-05-17 10:42 2,589,184 ----a-w C:\WINDOWS\system32\setupapi.dll
2008-05-17 10:42 171,008 ----a-w C:\WINDOWS\system32\sfc_os.dll
2008-05-17 10:40 70,144 ----a-w C:\WINDOWS\system32\notepad.exe
2008-05-17 10:40 70,144 ----a-w C:\WINDOWS\NOTEPAD.EXE
2008-05-17 10:40 45,056 ----a-w C:\WINDOWS\system32\odbcad32.exe
2008-05-17 10:40 2,356,736 ----a-w C:\WINDOWS\system32\netshell.dll
2008-05-17 10:40 2,190,208 ----a-w C:\WINDOWS\system32\ntoskrnl.exe
2008-05-17 10:40 2,072,576 ----a-w C:\WINDOWS\system32\netplwiz.dll
2008-05-17 10:40 151,552 ----a-w C:\WINDOWS\system32\ntshrui.dll
2008-05-17 10:40 138,752 ----a-w C:\WINDOWS\system32\netid.dll
2008-05-17 10:40 113,664 ----a-w C:\WINDOWS\system32\ntlanui2.dll
2008-05-17 10:40 103,936 ----a-w C:\WINDOWS\system32\nslookup.exe
2008-05-17 10:40 1,966,592 ----a-w C:\WINDOWS\system32\ntbackup.exe
2008-05-17 10:40 1,295,360 ----a-w C:\WINDOWS\system32\newdev.dll
2008-05-17 10:39 96,768 ----a-w C:\WINDOWS\system32\msiexec.exe
2008-05-17 10:39 94,720 ----a-w C:\WINDOWS\system32\mshta.exe
2008-05-17 10:39 81,408 ----a-w C:\WINDOWS\system32\mydocs.dll
2008-05-17 10:39 76,288 ----a-w C:\WINDOWS\system32\msident.dll
2008-05-17 10:39 57,344 ----a-w C:\WINDOWS\system32\narrator.exe
2008-05-17 10:39 4,696,064 ----a-w C:\WINDOWS\system32\msieftp.dll
2008-05-17 10:39 153,600 ----a-w C:\WINDOWS\system32\mycomput.dll
2008-05-17 10:39 1,736,192 ----a-w C:\WINDOWS\system32\msgina.dll
2008-05-17 10:39 1,146,368 ----a-w C:\WINDOWS\system32\msxml3.dll
2008-05-17 10:38 855,552 ----a-w C:\WINDOWS\system32\mobsync.exe
2008-05-17 10:38 85,504 ----a-w C:\WINDOWS\system32\mmcshext.dll
2008-05-17 10:38 75,264 ----a-w C:\WINDOWS\system32\magnify.exe
2008-05-17 10:38 393,728 ----a-w C:\WINDOWS\system32\keymgr.dll
.
------- Sigcheck -------
2008-05-17 12:44 487424 5f1ccdf37f28a88d0473b0c9ea1e0d58 C:\WINDOWS\system32\user32.dll
2008-05-16 14:43 361344 accf5a9a1ffaa490f33dba1c632b95e1 C:\WINDOWS\system32\drivers\tcpip.sys
2008-05-17 12:40 2190208 5fb59f2506787a7e036b7c2eff1cce24 C:\WINDOWS\system32\ntoskrnl.exe
2008-05-17 12:36 1503232 67eacb65fbb0997dd3be8e4f1a5fe069 C:\WINDOWS\explorer.exe
2008-05-17 12:35 40448 0277e1a3e8b337555a45943808451981 C:\WINDOWS\system32\ctfmon.exe
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Gadu-Gadu"="C:\Program Files\Gadu-Gadu\gg.exe" [2008-05-16 18:32 2127296]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2008-05-17 12:35 40448]
"DAEMON Tools Lite"="C:\Program Files\DAEMON Tools Lite\daemon.exe" [2008-04-01 11:39 486856]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AVG8_TRAY"="C:\PROGRA~1\AVG\AVG8\avgtray.exe" [2008-07-04 23:16 1232152]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-09-24 17:53 7626752]
"GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-27 00:47 31016]
"nwiz"="nwiz.exe" [2006-09-24 17:54 1519616 C:\WINDOWS\system32\nwiz.exe]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"TaskSwitchXP"="C:\Program Files\TaskSwitchXP\TaskSwitchXP.exe" [2006-08-04 14:59 62976]
"VisualTaskTips"="C:\Program Files\Utilities\VisualTaskTips\VisualTaskTips.exe" [2007-09-05 11:20 36352]
"Skype"="C:\Program Files\Skype\Phone\Skype.exe" [2008-04-23 17:51 22059816]
"Komunikator"="C:\Program Files\Tlen.pl\tlen.exe" [2008-03-19 17:28 5893120]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"nltide_2"="shell32" [X]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"SynchronousMachineGroupPolicy"= 0 (0x0)
"SynchronousUserGroupPolicy"= 0 (0x0)
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoInstrumentation"= 1 (0x1)
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoSMHelp"= 1 (0x1)
"NoSMConfigurePrograms"= 1 (0x1)
"NoInstrumentation"= 1 (0x1)
"NoStartMenuMFUprogramsList"= 1 (0x1)
"NoResolveTrack"= 1 (0x1)
"NoResolveSearch"= 1 (0x1)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=avgrsstx.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.divxa32"= msaud32_divx.acm
"VIDC.YV12"= yv12vfw.dll
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
"DisableUnicastResponsesToMulticastBroadcast"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Skype\\Phone\\Skype.exe"=
"C:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
"C:\\Program Files\\AVG\\AVG8\\avgemc.exe"=
"C:\\Program Files\\uTorrent\\uTorrent.exe"=
"C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"C:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"C:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
R0 VIDEX32;VIDEX32;C:\WINDOWS\system32\drivers\VIDEX32.sys [2008-05-17 12:49]
R1 AvgLdx86;AVG AVI Loader Driver x86;C:\WINDOWS\system32\Drivers\avgldx86.sys [2008-07-04 23:15]
R1 VBoxDrv;VirtualBox Service;C:\WINDOWS\system32\DRIVERS\VBoxDrv.sys [2008-04-30 22:12]
R1 VBoxUSBMon;VirtualBox USB Monitor Driver;C:\WINDOWS\system32\DRIVERS\VBoxUSBMon.sys [2008-04-30 22:12]
R2 {95808DC4-FA4A-4C74-92FE-5B863F82066B};{95808DC4-FA4A-4C74-92FE-5B863F82066B};C:\Program Files\CyberLink\PowerDVD\000.fcl [2007-11-03 00:12]
R2 avg8emc;AVG8 E-mail Scanner;C:\PROGRA~1\AVG\AVG8\avgemc.exe [2008-07-04 23:15]
R2 avg8wd;AVG8 WatchDog;C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2008-07-04 23:15]
R2 AvgTdiX;AVG8 Network Redirector;C:\WINDOWS\system32\Drivers\avgtdix.sys [2008-07-04 23:16]
S3 dump_wmimmc;dump_wmimmc;E:\CABAL Online (Europe)\GameGuard\dump_wmimmc.sys []
*Newly Created Service* - CATCHME
*Newly Created Service* - SRSERVICE
.
- - - - ORPHANS REMOVED - - - -
HKLM-Run-WinampAgent - C:\Program Files\Winamp\winampa.exe
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [link widoczny dla zalogowanych]
Rootkit scan 2008-07-05 14:37:14
Windows 5.1.2600 Dodatek Service Pack 3 FAT NTAPI
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\{95808DC4-FA4A-4C74-92FE-5B863F82066B}]
"ImagePath"="\??\C:\Program Files\CyberLink\PowerDVD\000.fcl"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
PROCESS: C:\WINDOWS\explorer.exe
-> C:\WINDOWS\system32\nview.dll
.
Completion time: 2008-07-05 14:37:56
ComboFix-quarantined-files.txt 2008-07-05 12:37:52
Pre-Run: 3,626,016,768 bajtów wolnych
Post-Run: 3,641,499,648 bajtów wolnych
328
wyslawilem juz prosbe o pomoc na jednym z for internetowych i czekam na odpowiedz mam nadzieje ze bedzie ona szybka i pomoze
no chyba ze ktos z was wie co z tym fantem zrobic :/ |
Post został pochwalony 0 razy
|
|