Psst.. new poll here.
[email protected] webmail now available. Want one? Go here.
Cannot use outlook/hotmail/live here to register as they blocking our mail servers. #microsoftdeez
Obey the Epel!
Paste
Pasted as Plain Text by qbala ( 15 years ago )
ComboFix 09-01-21.04 - Kuba 2009-01-26 13:44:55.1 - [color=red][b]FAT32[/b][/color]x86
Microsoft Windows XP Professional 5.1.2600.0.1250.1.1045.18.1279.861 [GMT 1:00]
Uruchomiony z: d:michaˆProgramyAntywirusyComboFix.exe
* Utworzono nowy punkt przywracania
.
((((((((((((((((((((((((( Pliki utworzone od 2008-12-26 do 2009-01-26 )))))))))))))))))))))))))))))))
.
2009-01-26 13:39 . 2009-01-26 13:39 <DIR> d-------- c:program filesTrend Micro
2009-01-26 12:55 . 2009-01-26 12:55 <DIR> d--h----- c:documents and settingsAll UsersDane aplikacji~0
2009-01-06 21:21 . 2009-01-06 21:21 <DIR> d-------- c:program filesPDFCreator Toolbar
2009-01-06 21:21 . 2009-01-06 21:21 <DIR> d-------- c:program filesPDFCreator
2009-01-06 21:21 . 2009-01-06 21:21 264,097 --a------ c:windowsPDFCreator_Toolbar_Uninstaller_7468.exe
2009-01-06 21:21 . 2001-10-28 17:42 116,224 --a------ c:windowssystem32pdfcmnnt.dll
2009-01-06 21:21 . 1998-07-06 01:00 23,552 --a------ c:windowssystem32MSMPIDE.DLL
.
(((((((((((((((((((((((((((((((((((((((( Sekcja Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-12-21 08:42 --------- d-----w c:documents and settingsKubaDane aplikacjiMSN6
2007-11-18 22:11 32 ----a-w c:documents and settingsAll UsersDane aplikacjiezsid.dat
.
((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane
REGEDIT4
[HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRun]
"CTFMON.EXE"="c:windowsSystem32ctfmon.exe" [2001-10-26 13312]
"MSMSGS"="c:program filesMessengermsmsgs.exe" [2001-08-02 1077277]
"Skype"="c:program filesSkypePhoneSkype.exe" [2007-11-12 21760296]
"Gadu-Gadu"="c:program filesGadu-Gadugg.exe" [2008-03-20 2127296]
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun]
"NvCplDaemon"="c:windowsSystem32NvCpl.dll" [2003-07-29 4841472]
"NeroCheck"="c:windowsSystem32\NeroCheck.exe" [2001-07-09 155648]
"QuickTime Task"="d:program filesQuickTimeqttask.exe" [2006-06-14 98304]
"HPWQTOOLBOX"="c:program filesHewlett-PackardHP Deskjet 9800 SeriesToolboxHPWQTBX.exe" [2005-06-01 335872]
"avast!"="d:progra~1AvastashDisp.exe" [2008-11-26 81000]
"RemoteControl"="c:program filesCyberLinkPowerDVDPDVDServ.exe" [2006-11-23 56928]
"LanguageShortcut"="c:program filesCyberLinkPowerDVDLanguageLanguage.exe" [2006-12-05 54832]
"LGODDFU"="c:program fileslg_fwupdatefwupdate.exe" [2008-10-28 548864]
"Adobe Reader Speed Launcher"="c:program filesAdobeReader 8.0ReaderReader_sl.exe" [2008-01-11 39792]
"nwiz"="nwiz.exe" [2003-07-29 c:windowssystem32
wiz.exe]
"nForce Tray Options"="sstray.exe" [2002-12-05 c:windowssystem32sstray.exe]
[HKEY_USERS.DEFAULTSoftwareMicrosoftWindowsCurrentVersionRun]
"CTFMON.EXE"="c:windowsSystem32CTFMON.EXE" [2001-10-26 13312]
c:documents and settingsAll UsersMenu StartProgramyAutostart
Microsoft Office.lnk - c:program filesMicrosoft OfficeOfficeOSA9.EXE [1999-02-17 65588]
DSLMON.lnk - c:program filesSAGEMSAGEM F@st 800-840dslmon.exe [2008-10-18 1205840]
[HKEY_LOCAL_MACHINEsoftwaremicrosoftwindows ntcurrentversiondrivers32]
"vidc.DIV3"= DivXc32.dll
"vidc.DIV4"= DivXc32f.dll
"VIDC.HFYU"= huffyuv.dll
"msacm.divxa32"= DivXa32.acm
"SENTINEL"= snti386.dll
R1 aswSP;avast! Self Protection;c:windowssystem32driversaswSP.sys [2008-04-02 111184]
R1 fwdrv;Firewall Driver;c:windowssystem32driversfwdrv.sys [2007-04-26 302000]
R1 khips;Kerio HIPS Driver;c:windowssystem32driverskhips.sys [2007-04-26 72624]
R3 e4usbaw;USB ADSL2 WAN Adapter;c:windowssystem32driverse4usbaw.sys [2008-10-18 104344]
R3 V0260VID;Live! Cam Vista IM;c:windowssystem32driversV0260Vid.sys [2007-12-15 178913]
R3 vmdmc;SANTIS VComm+ Port Driver;c:windowssystem32driversvmdmc.sys [2006-02-16 326688]
R4 capi;SANTIS-Communicator Driver capi;c:windowssystem32driverscapi.sys [2006-10-30 25488]
R4 capifw;SANTIS-Communicator Driver capifw;c:windowssystem32driverscapifw.sys [2006-10-30 206576]
R4 fwmm;SANTIS-Communicator Driver fwmm;c:windowssystem32driversfwmm.sys [2006-10-30 31376]
S3 l1utah;SANTIS-Communicator Driver l1utah;c:windowssystem32driversl1utah.sys [2006-10-30 58720]
S4 E4LOADER;General Purpose USB Driver (e4ldr.sys);c:windowssystem32driverse4ldr.sys [2008-10-18 69656]
S4 SPF4;Sunbelt Personal Firewall 4;d:program filesFirewall_Sunbeltkpf4ss.exe [2007-04-26 1234480]
.
- - - - USUNIĘTO PUSTE WPISY - - - -
HKLM-Run-WinampAgent - c:program filesWinampwinampa.exe
.
------- Skan uzupełniający -------
.
uStart Page = hxxp://www.onet.pl/
uInternet Connection Wizard,ShellNext = "c:program filesOutlook Expressmsimn.exe"
IE: {{c95fe080-8f5d-11d2-a20b-00aa003c157a} - %SystemRoot%webelated.htm
TCP: {C0B6427E-A501-45F9-9BAD-256E33D3A132} = 194.204.159.1 217.98.63.164
.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-01-26 13:50:11
Windows 5.1.2600 FAT NTAPI
skanowanie ukrytych procesów ...
skanowanie ukrytych wpisów autostartu ...
skanowanie ukrytych plików ...
skanowanie pomyślnie ukończone
ukryte pliki: 0
**************************************************************************
.
--------------------- Pliki DLL Å‚adowane pod uruchomionymi procesami ---------------------
- - - - - - - > 'winlogon.exe'(512)
c:windowssystem32ODBC32.dll
- - - - - - - > 'lsass.exe'(788)
c:windowssystem32mswsock.dll
c:windowsSystem32wshtcpip.dll
c:windowsSystem32dssenh.dll
.
Czas ukończenia: 2009-01-26 13:53:15
ComboFix-quarantined-files.txt 2009-01-26 12:53:12
Przed: 2˙578˙075˙648 bajt˘w wolnych
Po: 3,885,789,184 bajt˘w wolnych
WinXP_PL_PRO_BF.EXE
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)WINDOWS
[operating systems]
c:cmdconsBOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)WINDOWS="Microsoft Windows XP Professional" /fastdetect
106
Revise this Paste