czy to trojan
Aktualizacje na programosy.pl:
Google Chrome • Audacity Portable • Audacity • Advanced Renamer Portable • Advanced Renamer • 1Password • Kopia zapasowa i synchronizacja (Google Drive) • PhpStorm • YT Downloader
-
- Ogłoszenie:
shoppingreport.dll
11 posty(ów) • Strona 1 z 1
ShoppingReport.dll
przez Xfire 09 Gru 2007, 14:43
czy to trojan [b]MSI B75A-G43 || Intel Xeon E3 1240 v2 @3.4GHz||WD Blue 1000GB + WD Blue 500GB|| 24 GB Goodram 1333Mhz ||Chieftec 450W || Creative Soundblaster audigy || GeForce GTX1660 OC || Creative G500 ||
-
Xfire - ~user
- Posty: 1290
- Dołączenie: 09 Wrz 2007, 12:09
- Pochwały: 57
przez Dzi@dek 09 Gru 2007, 15:08
Google nie zna tego pliku. więc zapewne jest to śmieć
możesz usunąć ( zapewne masz taki wpis:)
Ale dla pewności daj loga z HJ + combofix.
możesz usunąć ( zapewne masz taki wpis:)
O9 - Extra button: ShopperReports - Compare travel rates - {C5428486-50A0-4a02-9D20-520B59A9F9B3} - C:\Program Files\ShoppingReport\Bin\2.0.26\ShoppingReport.dll
Ale dla pewności daj loga z HJ + combofix.
- Dzi@dek
- ^zasłużony
- Posty: 3854
- Dołączenie: 11 Gru 2006, 20:18
- Miejscowość: Warszawa
- Pochwały: 210
-
przez Xfire 09 Gru 2007, 18:43
właśnie kacper wykrył mi to jako wirusa ale usunął, później ja odinstalowałem ten program, odpaliłem Registry First Aid, zrobiłem skanowanie combofixem i HJ, ale nie znalazło nic z tym związanego, więc chyba jest ok
[b]MSI B75A-G43 || Intel Xeon E3 1240 v2 @3.4GHz||WD Blue 1000GB + WD Blue 500GB|| 24 GB Goodram 1333Mhz ||Chieftec 450W || Creative Soundblaster audigy || GeForce GTX1660 OC || Creative G500 ||
-
Xfire - ~user
- Posty: 1290
- Dołączenie: 09 Wrz 2007, 12:09
- Pochwały: 57
-
przez Dzi@dek 09 Gru 2007, 18:55
Xfire napisał(a):więc chyba jest ok
Jak dasz loga z HJ+combo to potwierdzimy.
- Dzi@dek
- ^zasłużony
- Posty: 3854
- Dołączenie: 11 Gru 2006, 20:18
- Miejscowość: Warszawa
- Pochwały: 210
-
przez Xfire 09 Gru 2007, 19:13
hijack
combofix
- Kod: Zaznacz wszystko
Logfile of HijackThis v1.99.1
Scan saved at 18:02:36, on 2007-12-09
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Unlocker\UnlockerAssistant.exe
C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe
C:\WINDOWS\System32\Rundll32.exe
C:\Program Files\Creative\Shared Files\CTSched.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\eMule\emule.exe
C:\Program Files\Labtec Wireless Desktop\MagicKey.exe
C:\Program Files\Labtec Wireless Desktop\MulMouse.exe
C:\Program Files\Program sieciowy dla SAGEM Wi-Fi 11g USB adapter\WLANUTL.exe
C:\Program Files\Yahoo!\Widgets\YahooWidgetEngine.exe
C:\Program Files\Labtec Wireless Desktop\OSD.EXE
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Documents and Settings\******\Moje dokumenty\Mozilla Firefox\firefox.exe
C:\Program Files\Common Files\BinarySense\hldasvc.exe
C:\Program Files\Common Files\BinarySense\hldasvc.exe
C:\Program Files\BinarySense\HDDlife 3\HDDlifePro.exe
C:\Program Files\BinarySense\HDDlife 3\HDDlifePro.exe
C:\Program Files\Real Desktop\Real Desktop.exe
C:\Program Files\Yahoo!\Widgets\YahooWidgetEngine.exe
C:\Program Files\Yahoo!\Widgets\YahooWidgetEngine.exe
C:\Program Files\Yahoo!\Widgets\YahooWidgetEngine.exe
C:\Documents and Settings\******\Pulpit\Diagnostyka i usprawnienia\hijackthis_199\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\PCHEALTH\HELPCTR\System\panels\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\PCHEALTH\HELPCTR\System\panels\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.6.14.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: TrendProtect - {E3578B37-6346-4EC1-A82B-38273A100DCF} - C:\Program Files\Trend Micro\TrendProtect\MSIE\wrs.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: TrendProtect - {F83BE649-1CC3-48EE-B2E2-0826CEF3822A} - C:\Program Files\Trend Micro\TrendProtect\MSIE\wrs.dll
O3 - Toolbar: Steganos Internet Anonym - {00000000-5736-4205-0008-f7ed0776fb27} - c:\program files\steganos internet anonym 2006\sia2006iep.dll
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe" -H
O4 - HKLM\..\Run: [StormCodec_Helper] "C:\Program Files\Ringz Studio\Storm Codec\StormSet.exe" /S /opti
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [P17Helper] Rundll32 P17.dll,P17Helper
O4 - HKLM\..\Run: [CreativeTaskScheduler] "C:\Program Files\Creative\Shared Files\CTSched.exe" /logon
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe"
O4 - HKCU\..\Run: [AQQ] C:\PROGRA~1\WapSter\AQQ\AQQ.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Real Desktop] "C:\Program Files\Real Desktop\Real Desktop.exe"
O4 - HKCU\..\Run: [eMuleAutoStart] C:\Program Files\eMule\emule.exe -AutoStart
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: HDDlife.lnk = C:\Program Files\BinarySense\HDDlife 3\HDDlifePro.exe
O4 - Startup: Yahoo! Widget Engine.lnk = C:\Program Files\Yahoo!\Widgets\YahooWidgetEngine.exe
O4 - Global Startup: Enable Labtec Wireless Desktop.lnk = C:\Program Files\Labtec Wireless Desktop\MagicKey.exe
O4 - Global Startup: Program sieciowy dla SAGEM Wi-Fi 11g USB adapter.lnk = ?
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: Dodaj do blokowanych banerów - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\ie_banner_deny.htm
O9 - Extra button: iOpus iMacros - {0483894E-2422-45E0-8384-021AFF1AF3CD} - C:\Program Files\iMacros\imacros.dll
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Statystyki dla ochrony WWW - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\SCIEPlgn.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\ua_lsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\ua_lsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\ua_lsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\ua_lsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\ua_lsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\ua_lsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\ua_lsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\ua_lsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\ua_lsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\ua_lsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\ua_lsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\ua_lsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\ua_lsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\ua_lsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\ua_lsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\ua_lsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\ua_lsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\ua_lsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\ua_lsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\ua_lsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\ua_lsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\ua_lsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\ua_lsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\ua_lsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\ua_lsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\ua_lsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\ua_lsp.dll
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://downloads.ewido.net/ewidoOnlineScan.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {5A09E43F-A0A7-4ABF-AF80-11367CF1DC8F} (MainControl Class) - http://mks.com.pl/skaner/SkanerOnline.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1168084540624
O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} (MainControl Class) - http://www.mks.com.pl/skaner/SkanerOnline.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1168084488202
O18 - Protocol: hddlife - {BD758015-47D9-477A-8873-4B688A2BC0E2} - "C:\Program Files\BinarySense\HDDlife 3\hlAPP.dll" (file missing)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: trendprotect - {BC3A5F6F-12A0-4B14-A184-32939F413823} - C:\Program Files\Trend Micro\TrendProtect\MSIE\wrs.dll
O20 - Winlogon Notify: klogon - C:\WINDOWS\System32\klogon.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Kaspersky Internet Security 7.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
O23 - Service: HDDlife HDD Access service - BinarySense, Inc. - C:\Program Files\Common Files\BinarySense\hldasvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: lxcc_device - Lexmark International, Inc. - C:\WINDOWS\System32\lxcccoms.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
combofix
- Kod: Zaznacz wszystko
"********" - 2007-12-09 14:42:08 - ComboFix 07-07-14.6 NTFS
((((((((((((((((((((((((( Files Created from 2007-11-09 to 2007-12-09 )))))))))))))))))))))))))))))))
2007-12-04 20:28 <DIR> d-------- C:\DOCUME~1\*******\DANEAP~1\STOPzilla!
2007-12-04 20:27 <DIR> d-------- C:\Program Files\STOPzilla!
2007-12-04 17:36 <DIR> d-------- C:\DOCUME~1\******\DANEAP~1\WinRAR
2007-12-04 17:35 <DIR> d-------- C:\DOCUME~1\*******\DANEAP~1\GibbHill Properties Ltd
2007-12-04 17:33 961,536 --a------ C:\Program Files\WinRAR.exe
2007-12-01 00:11 <DIR> d-------- C:\LiveBox_ReConnect_2.0
2007-11-30 19:16 <DIR> d-------- C:\USDownloader134
2007-11-30 13:03 <DIR> d-------- C:\do wys
2007-11-28 13:25 90,112 --------- C:\WINDOWS\Updreg.EXE
2007-11-28 13:23 8,704 -ra------ C:\WINDOWS\system32\drivers\Pfmodnt.sys
2007-11-28 13:23 65,536 -ra------ C:\WINDOWS\system32\A3d.dll
2007-11-28 13:23 64,512 -ra------ C:\WINDOWS\system32\P17.dll
2007-11-28 13:23 57,344 --a------ C:\WINDOWS\system32\drivers\drmk.sys
2007-11-28 13:23 53,248 -ra------ C:\WINDOWS\system32\P17CPI.dll
2007-11-28 13:23 20,992 -ra------ C:\WINDOWS\system32\sfman32.dll
2007-11-28 13:23 138,752 -ra------ C:\WINDOWS\system32\drivers\ctsfm2k.sys
2007-11-28 13:23 137,728 -ra------ C:\WINDOWS\system32\P17res.dll
2007-11-28 13:23 135,040 --a------ C:\WINDOWS\system32\drivers\portcls.sys
2007-11-28 13:23 133,632 -ra------ C:\WINDOWS\system32\CtDvInst.dll
2007-11-28 13:23 115,200 -ra------ C:\WINDOWS\system32\sfms32.dll
2007-11-28 13:23 106,496 -ra------ C:\WINDOWS\system32\drivers\ctoss2k.sys
2007-11-28 13:23 1,389,056 -ra------ C:\WINDOWS\system32\drivers\P17.sys
2007-11-28 13:18 <DIR> d-------- C:\Program Files\Creative
2007-11-27 13:50 <DIR> d--h----- C:\Program Files\Creative Installation Information
2007-11-26 23:57 <DIR> d-------- C:\Program Files\Driver Cleaner
2007-11-23 17:10 <DIR> d-------- C:\WINDOWS\system32\se
2007-11-23 17:00 <DIR> d-------- C:\Program Files\Fiat
2007-11-21 19:23 81,920 --a------ C:\WINDOWS\system32\frapsvid.dll
2007-11-16 13:55 80,272 --a------ C:\WINDOWS\system32\drivers\sscdbus.sys
2007-11-16 13:55 137,884 --a------ C:\WINDOWS\system32\drivers\sscdmdm.sys
2007-11-16 13:55 11,877 --a------ C:\WINDOWS\system32\drivers\sscdcmnt.sys
2007-11-16 13:55 11,877 --a------ C:\WINDOWS\system32\drivers\sscdcm.sys
2007-11-16 13:55 11,188 --a------ C:\WINDOWS\system32\drivers\sscdwhnt.sys
2007-11-16 13:55 11,188 --a------ C:\WINDOWS\system32\drivers\sscdwh.sys
2007-11-16 13:55 10,864 --a------ C:\WINDOWS\system32\drivers\sscdmdfl.sys
2007-11-16 13:54 <DIR> d-------- C:\Program Files\Samsung
2007-11-15 22:48 <DIR> d-------- C:\Nowy folder
2007-11-14 17:49 <DIR> d-------- C:\Program Files\Ringz Studio
2007-11-13 10:50 <DIR> d-------- C:\DOCUME~1\*******\DANEAP~1\SpamBayes
2007-11-10 20:37 <DIR> d--h----- C:\WINDOWS\PIF
2007-11-10 15:19 <DIR> d-------- C:\Program Files\Mv2Player
2007-11-09 13:41 <DIR> d-------- C:\Program Files\Real Alternative
2007-11-09 13:41 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\DANEAP~1\Real
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
2007-12-09 13:47:00 16,249,888 --sha-w C:\WINDOWS\system32\drivers\fidbox.dat
2007-12-09 13:41:59 586,528 --sha-w C:\WINDOWS\system32\drivers\fidbox2.dat
2007-12-09 12:03:38 -------- d-----w C:\Program Files\eMule
2007-12-09 00:13:23 56,792 --sha-w C:\WINDOWS\system32\drivers\fidbox2.idx
2007-12-09 00:13:22 212,996 --sha-w C:\WINDOWS\system32\drivers\fidbox.idx
2007-12-08 13:10:26 -------- d-----w C:\Program Files\Lx_cats
2007-12-07 12:09:17 -------- d-s---w C:\Program Files\Xfire
2007-12-06 15:07:01 -------- d-----w C:\DOCUME~1\*****\DANEAP~1\Xfire
2007-11-24 19:44:50 -------- d-----w C:\Program Files\Fraps
2007-11-16 13:00:58 -------- d-----w C:\DOCUME~1\********\DANEAP~1\Samsung
2007-11-16 12:55:53 -------- d--h--w C:\Program Files\InstallShield Installation Information
2007-11-14 16:49:48 -------- d-----w C:\Program Files\Common Files\Real
2007-11-09 12:37:37 -------- d-----w C:\DOCUME~1\*******\DANEAP~1\Real
2007-11-07 00:04:55 -------- d-----w C:\Program Files\SpamBayes
2007-11-06 19:57:56 -------- d-----w C:\Program Files\3ivx
2007-11-04 14:08:50 -------- d-----w C:\Program Files\RootKit Hook Analyzer
2007-11-04 14:01:25 106 ----a-w C:\delete.bat
2007-11-02 18:07:01 -------- d-----w C:\Program Files\VID_0E8F&PID_0012
2007-10-30 16:14:59 -------- d-----w C:\Program Files\Real
2007-10-30 16:14:45 -------- d-----w C:\Program Files\BitComet
2007-10-30 16:14:33 -------- d-----w C:\Program Files\After
2007-10-30 16:14:20 -------- d-----w C:\Program Files\OpenOffice.org 2.1
2007-10-30 16:14:19 348,160 ----a-w C:\WINDOWS\system32\msvcr71.dll
2007-10-30 16:14:18 499,712 ----a-w C:\WINDOWS\system32\msvcp71.dll
2007-10-29 22:29:35 -------- d-----w C:\Program Files\1stbenison
2007-10-28 14:05:20 49,712 ----a-w C:\WINDOWS\system32\perfc015.dat
2007-10-28 14:05:20 355,830 ----a-w C:\WINDOWS\system32\perfh015.dat
2007-10-26 11:00:58 -------- d-----w C:\Program Files\Secure Surfing Engine
2007-10-26 11:00:57 -------- d-----w C:\Program Files\Steganos Internet Anonym 2006
2007-10-25 15:58:10 -------- d-----w C:\Program Files\RFA Platinum
2007-10-25 14:19:36 -------- d-----w C:\Program Files\RegCleaner
2007-10-24 18:28:25 -------- d-----w C:\Program Files\ToniArts
2007-10-22 21:58:27 -------- d-----w C:\DOCUME~1\*********\DANEAP~1\MSN6
2007-10-20 23:08:25 -------- d-----w C:\Program Files\Trend Micro
2007-10-20 09:55:30 -------- d-----w C:\Program Files\Frets on Fire
2007-10-19 12:50:49 -------- d-----w C:\Program Files\THQ
2007-10-18 17:01:11 -------- d-----w C:\Program Files\AviSynth 2.5
2007-10-18 17:00:38 -------- d-----w C:\Program Files\eRightSoft
2007-10-18 15:57:03 -------- d-----w C:\Program Files\Xilisoft
2007-10-18 15:28:10 87 ----a-w C:\WINDOWS\system32\buyurl0502.dat
2007-10-18 14:47:03 -------- d-----w C:\Program Files\Mobile Video Converter
2007-10-15 15:38:25 -------- d-----w C:\Program Files\Prime95
2007-10-11 21:27:00 -------- d-----w C:\Program Files\Ashampoo
2007-10-11 21:26:30 -------- d-----w C:\Program Files\Arjaloc
2007-10-11 21:23:18 -------- d-----w C:\Program Files\Ahead
2007-10-04 12:53:54 94,208 ----a-w C:\DOCUME~1\****\DANEAP~1\ezplay.sys
2007-10-04 12:53:54 87,608 ----a-w C:\DOCUME~1\********\DANEAP~1\inst.exe
2007-10-04 12:53:50 47,360 ----a-w C:\DOCUME~1\*********\DANEAP~1\pcouffin.sys
2006-05-03 09:06:54 163,328 --sh--r C:\WINDOWS\system32\flvDX.dll
2006-12-21 19:46:04 952 --sha-w C:\WINDOWS\system32\KGyGaAvL.sys
2007-02-21 10:47:16 31,232 --sh--r C:\WINDOWS\system32\msfDX.dll
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
2001-03-02 11:02 37808 --------- C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60}]
2007-06-14 14:07 443968 --a------ C:\Program Files\BitComet\tools\BitCometBHO_1.1.6.14.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
2007-03-14 02:43 501400 --a------ C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{E3578B37-6346-4EC1-A82B-38273A100DCF}]
2007-09-07 14:29 566536 --a------ C:\Program Files\Trend Micro\TrendProtect\MSIE\wrs.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"UnlockerAssistant"="C:\Program Files\Unlocker\UnlockerAssistant.exe" [2006-09-07 18:19]
"StormCodec_Helper"="C:\Program Files\Ringz Studio\Storm Codec\StormSet.exe" [2006-11-26 19:30]
"CTSysVol"="C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe" [2005-10-31 10:51]
"P17Helper"="P17.dll" [2005-05-03 12:38 C:\WINDOWS\system32\P17.dll]
"CreativeTaskScheduler"="C:\Program Files\Creative\Shared Files\CTSched.exe" [2006-01-09 03:43]
"STOPzilla"="C:\Program Files\STOPzilla!\Stopzilla.exe" []
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AQQ"="C:\PROGRA~1\WapSter\AQQ\AQQ.exe" [2007-02-28 13:18]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2001-08-02 07:14]
"Real Desktop"="C:\Program Files\Real Desktop\Real Desktop.exe" [2007-08-05 14:19]
"eMuleAutoStart"="C:\Program Files\eMule\emule.exe" [2006-09-14 15:15]
[HKEY_USERS\.default\software\microsoft\windows\currentversion\runonce]
"SIA2006"="C:\Program Files\Steganos Internet Anonym 2006\SIA2006.exe" -firstboot
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer\Run]
" "=C:\WINDOWS\System32\svchost.exe
[color=red]SafeBoot registry key needs repairs. This machine cannot enter Safe Mode.[/color]
~~\SafeBoot\Minimal\Base
~~\SafeBoot\Minimal\Boot Bus Extender
~~\SafeBoot\Minimal\Boot file system
~~\SafeBoot\Minimal\dmboot.sys
~~\SafeBoot\Minimal\dmio.sys
~~\SafeBoot\Minimal\dmload.sys
~~\SafeBoot\Minimal\dmserver
~~\SafeBoot\Minimal\File system
~~\SafeBoot\Minimal\Filter
~~\SafeBoot\Minimal\PCI Configuration
~~\SafeBoot\Minimal\Primary disk
~~\SafeBoot\Minimal\RpcSs
~~\SafeBoot\Minimal\SCSI Class
~~\SafeBoot\Minimal\sermouse.sys
~~\SafeBoot\Minimal\System Bus Extender
~~\SafeBoot\Minimal\vga.sys
~~\SafeBoot\Minimal\vgasave.sys
~~\SafeBoot\Minimal\{4D36E967-E325-11CE-BFC1-08002BE10318}
~~\SafeBoot\Minimal\{4D36E96A-E325-11CE-BFC1-08002BE10318}
~~\SafeBoot\Minimal\{4D36E96B-E325-11CE-BFC1-08002BE10318}
~~\SafeBoot\Minimal\{4D36E96F-E325-11CE-BFC1-08002BE10318}
~~\SafeBoot\Minimal\{4D36E97D-E325-11CE-BFC1-08002BE10318}
~~\SafeBoot\Minimal\{71A27CDD-812A-11D0-BEC7-08002BE2092F}
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^Adobe Gamma Loader.exe.lnk]
backup=C:\WINDOWS\pss\Adobe Gamma Loader.exe.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^Last.fm Helper.lnk]
backup=C:\WINDOWS\pss\Last.fm Helper.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^Microsoft Office.lnk]
backup=C:\WINDOWS\pss\Microsoft Office.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^*******^Menu Start^Programy^Autostart^Xfire.lnk]
path=C:\Documents and Settings\All Users\Menu Start\Programy\Xfire\Xfire.lnk
backup=C:\WINDOWS\pss\Xfire.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AVP]
"C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BearShare]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\C:]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\C:\Documents and Settings]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\C:\Documents and Settings\*****]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\C:\Documents and Settings\*******\Pulpit]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\C:\Documents and Settings\*******\Pulpit\hideippla.exe]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cFosDNT]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CookiePatrol]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
C:\WINDOWS\System32\ctfmon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FaxCenterServer]
"C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Free Download Manager]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Gadu-Gadu]
"C:\Program Files\Gadu-Gadu\gg.exe" /tray
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Glass2k]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HEXelon MAX]
"C:\Program Files\HEXelon MAX 6\hexelon.exe" /auto
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iDesk]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Komunikator]
C:\Program Files\Tlen.pl\tlen.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LClock]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\lxccmon.exe]
"C:\Program Files\Lexmark 3300 Series\lxccmon.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
"C:\Program Files\Messenger\msmsgs.exe" /background
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nod32kui]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
nwiz.exe /install
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OCAudioIni]
C:\Program Files\One-click Audio Converter\OCAudioIni.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Pando]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PestPatrol Control Center]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PPMemCheck]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
"C:\Program Files\QuickTime\qttask.exe" -atboottime
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\rfagent]
"C:\Program Files\RFA Platinum\rfagent.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SIA2006]
"C:\Program Files\Steganos Internet Anonym 2006\SIA2006.exe" -boot
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
"C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan]
SOUNDMAN.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
"C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Super X Desktop Version 3.4.0730]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TranspWndManagerPro]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UVS10 Preload]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
C:\Program Files\Winamp\winampa.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Yodm3D]
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{ACC563BC-4266-43f0-B6ED-9D38C4202C7E}
rundll32 iesetup.dll,IEAccessUserInst
**************************************************************************
catchme 0.3.915 W2K/XP/Vista - rootkit detector by Gmer, http://www.gmer.net
Rootkit scan 2007-12-09 14:46:28
Windows 5.1.2600 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
Completion time: 2007-12-09 14:48:42
C:\ComboFix-quarantined-files.txt ... 2007-12-09 14:48
--- E O F ---
[b]MSI B75A-G43 || Intel Xeon E3 1240 v2 @3.4GHz||WD Blue 1000GB + WD Blue 500GB|| 24 GB Goodram 1333Mhz ||Chieftec 450W || Creative Soundblaster audigy || GeForce GTX1660 OC || Creative G500 ||
-
Xfire - ~user
- Posty: 1290
- Dołączenie: 09 Wrz 2007, 12:09
- Pochwały: 57
-
przez wojtas 09 Gru 2007, 22:08
skasuj;
zastosuj SafeBootKeyRepair.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\PCHEALTH\HELPCTR\System\panels\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\PCHEALTH\HELPCTR\System\panels\blank.htm
zastosuj SafeBootKeyRepair.exe
-
wojtas - *mod
- Posty: 18165
- Dołączenie: 13 Sty 2006, 16:00
- Miejscowość: Krzeszyce
- Pochwały: 1656
-
przez Xfire 09 Gru 2007, 22:38
wojtas19162 napisał(a):skasuj;
skasowane
zastosuj SafeBootKeyRepair.exe
wyskoczyło mi takie coś:
- Kod: Zaznacz wszystko
Reg export of SafeBoot key after repair:
========================
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot]
"AlternateShell"="cmd.exe"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\AppMgmt]
@="Service"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\Base]
@="Driver Group"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\Boot Bus Extender]
@="Driver Group"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\Boot file system]
@="Driver Group"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\CryptSvc]
@="Service"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\DcomLaunch]
@="Service"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\dmadmin]
@="Service"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\dmboot.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\dmio.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\dmload.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\dmserver]
@="Service"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\EventLog]
@="Service"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\File system]
@="Driver Group"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\Filter]
@="Driver Group"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\HelpSvc]
@="Service"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\Netlogon]
@="Service"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\PCI Configuration]
@="Driver Group"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\PlugPlay]
@="Service"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\PNP Filter]
@="Driver Group"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\Primary disk]
@="Driver Group"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\RpcSs]
@="Service"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\SCSI Class]
@="Driver Group"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\sermouse.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\sr.sys]
@="FSFilter System Recovery"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\SRService]
@="Service"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\System Bus Extender]
@="Driver Group"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\vga.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\vgasave.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\WinMgmt]
@="Service"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\{36FC9E60-C465-11CF-8056-444553540000}]
@="Universal Serial Bus controllers"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\{4D36E965-E325-11CE-BFC1-08002BE10318}]
@="CD-ROM Drive"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\{4D36E967-E325-11CE-BFC1-08002BE10318}]
@="DiskDrive"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\{4D36E969-E325-11CE-BFC1-08002BE10318}]
@="Standard floppy disk controller"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\{4D36E96A-E325-11CE-BFC1-08002BE10318}]
@="Hdc"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\{4D36E96B-E325-11CE-BFC1-08002BE10318}]
@="Keyboard"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\{4D36E96F-E325-11CE-BFC1-08002BE10318}]
@="Mouse"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\{4D36E977-E325-11CE-BFC1-08002BE10318}]
@="PCMCIA Adapters"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\{4D36E97B-E325-11CE-BFC1-08002BE10318}]
@="SCSIAdapter"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\{4D36E97D-E325-11CE-BFC1-08002BE10318}]
@="System"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\{4D36E980-E325-11CE-BFC1-08002BE10318}]
@="Floppy disk drive"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\{71A27CDD-812A-11D0-BEC7-08002BE2092F}]
@="Volume"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}]
@="Human Interface Devices"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\AFD]
@="Service"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\AppMgmt]
@="Service"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\Base]
@="Driver Group"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\Boot Bus Extender]
@="Driver Group"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\Boot file system]
@="Driver Group"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\Browser]
@="Service"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\CryptSvc]
@="Service"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\DcomLaunch]
@="Service"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\Dhcp]
@="Service"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\dmadmin]
@="Service"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\dmboot.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\dmio.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\dmload.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\dmserver]
@="Service"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\DnsCache]
@="Service"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\EventLog]
@="Service"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\File system]
@="Driver Group"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\Filter]
@="Driver Group"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\HelpSvc]
@="Service"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\ip6fw.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\ipnat.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\LanmanServer]
@="Service"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\LanmanWorkstation]
@="Service"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\LmHosts]
@="Service"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\Messenger]
@="Service"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\NDIS]
@="Driver Group"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\NDIS Wrapper]
@="Driver Group"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\Ndisuio]
@="Service"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\NetBIOS]
@="Service"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\NetBIOSGroup]
@="Driver Group"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\NetBT]
@="Service"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\NetDDEGroup]
@="Driver Group"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\Netlogon]
@="Service"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\NetMan]
@="Service"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\Network]
@="Driver Group"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\NetworkProvider]
@="Driver Group"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\nm]
@="Service"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\nm.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\NtLmSsp]
@="Service"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\PCI Configuration]
@="Driver Group"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\PlugPlay]
@="Service"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\PNP Filter]
@="Driver Group"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\PNP_TDI]
@="Driver Group"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\Primary disk]
@="Driver Group"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\rdpcdd.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\rdpdd.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\rdpwd.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\rdsessmgr]
@="Service"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\RpcSs]
@="Service"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\SCSI Class]
@="Driver Group"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\sermouse.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\SharedAccess]
@="Service"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\sr.sys]
@="FSFilter System Recovery"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\SRService]
@="Service"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\Streams Drivers]
@="Driver Group"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\System Bus Extender]
@="Driver Group"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\Tcpip]
@="Service"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\TDI]
@="Driver Group"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\tdpipe.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\tdtcp.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\termservice]
@="Service"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\UploadMgr]
@="Service"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\vga.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\vgasave.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\WinMgmt]
@="Service"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\{36FC9E60-C465-11CF-8056-444553540000}]
@="Universal Serial Bus controllers"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\{4D36E965-E325-11CE-BFC1-08002BE10318}]
@="CD-ROM Drive"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\{4D36E967-E325-11CE-BFC1-08002BE10318}]
@="DiskDrive"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\{4D36E969-E325-11CE-BFC1-08002BE10318}]
@="Standard floppy disk controller"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\{4D36E96A-E325-11CE-BFC1-08002BE10318}]
@="Hdc"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\{4D36E96B-E325-11CE-BFC1-08002BE10318}]
@="Keyboard"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\{4D36E96F-E325-11CE-BFC1-08002BE10318}]
@="Mouse"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}]
@="Net"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\{4D36E973-E325-11CE-BFC1-08002BE10318}]
@="NetClient"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\{4D36E974-E325-11CE-BFC1-08002BE10318}]
@="NetService"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\{4D36E975-E325-11CE-BFC1-08002BE10318}]
@="NetTrans"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\{4D36E977-E325-11CE-BFC1-08002BE10318}]
@="PCMCIA Adapters"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\{4D36E97B-E325-11CE-BFC1-08002BE10318}]
@="SCSIAdapter"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\{4D36E97D-E325-11CE-BFC1-08002BE10318}]
@="System"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\{4D36E980-E325-11CE-BFC1-08002BE10318}]
@="Floppy disk drive"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\{71A27CDD-812A-11D0-BEC7-08002BE2092F}]
@="Volume"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}]
@="Human Interface Devices"
========================
[b]MSI B75A-G43 || Intel Xeon E3 1240 v2 @3.4GHz||WD Blue 1000GB + WD Blue 500GB|| 24 GB Goodram 1333Mhz ||Chieftec 450W || Creative Soundblaster audigy || GeForce GTX1660 OC || Creative G500 ||
-
Xfire - ~user
- Posty: 1290
- Dołączenie: 09 Wrz 2007, 12:09
- Pochwały: 57
-
przez Xfire 11 Gru 2007, 19:21
- Kod: Zaznacz wszystko
"******" - 2007-12-11 17:53:26 - ComboFix 07-07-14.6 NTFS
((((((((((((((((((((((((( Files Created from 2007-11-11 to 2007-12-11 )))))))))))))))))))))))))))))))
2007-12-10 19:32 <DIR> d-------- C:\Program Files\WhatPulse
2007-12-10 00:20 <DIR> d-------- C:\Program Files\ADSTechnology
2007-12-09 19:31 151,552 --a------ C:\WINDOWS\system32\MSOSS.DLL
2007-12-09 17:44 <DIR> d-------- C:\Program Files\Common Files\BinarySense
2007-12-09 17:44 <DIR> d-------- C:\Program Files\BinarySense
2007-12-09 17:44 <DIR> d-------- C:\DOCUME~1\*******\DANEAP~1\BinarySense
2007-12-04 20:28 <DIR> d-------- C:\DOCUME~1\********\DANEAP~1\STOPzilla!
2007-12-04 20:27 <DIR> d-------- C:\Program Files\STOPzilla!
2007-12-04 17:36 <DIR> d-------- C:\DOCUME~1\********\DANEAP~1\WinRAR
2007-12-04 17:35 <DIR> d-------- C:\DOCUME~1\*******\DANEAP~1\GibbHill Properties Ltd
2007-12-04 17:33 961,536 --a------ C:\Program Files\WinRAR.exe
2007-12-01 00:11 <DIR> d-------- C:\LiveBox_ReConnect_2.0
2007-11-30 19:16 <DIR> d-------- C:\USDownloader134
2007-11-30 13:03 <DIR> d-------- C:\do wys
2007-11-28 13:25 90,112 --------- C:\WINDOWS\Updreg.EXE
2007-11-28 13:23 8,704 -ra------ C:\WINDOWS\system32\drivers\Pfmodnt.sys
2007-11-28 13:23 65,536 -ra------ C:\WINDOWS\system32\A3d.dll
2007-11-28 13:23 64,512 -ra------ C:\WINDOWS\system32\P17.dll
2007-11-28 13:23 57,344 --a------ C:\WINDOWS\system32\drivers\drmk.sys
2007-11-28 13:23 53,248 -ra------ C:\WINDOWS\system32\P17CPI.dll
2007-11-28 13:23 20,992 -ra------ C:\WINDOWS\system32\sfman32.dll
2007-11-28 13:23 138,752 -ra------ C:\WINDOWS\system32\drivers\ctsfm2k.sys
2007-11-28 13:23 137,728 -ra------ C:\WINDOWS\system32\P17res.dll
2007-11-28 13:23 135,040 --a------ C:\WINDOWS\system32\drivers\portcls.sys
2007-11-28 13:23 133,632 -ra------ C:\WINDOWS\system32\CtDvInst.dll
2007-11-28 13:23 115,200 -ra------ C:\WINDOWS\system32\sfms32.dll
2007-11-28 13:23 106,496 -ra------ C:\WINDOWS\system32\drivers\ctoss2k.sys
2007-11-28 13:23 1,389,056 -ra------ C:\WINDOWS\system32\drivers\P17.sys
2007-11-28 13:18 <DIR> d-------- C:\Program Files\Creative
2007-11-27 13:50 <DIR> d--h----- C:\Program Files\Creative Installation Information
2007-11-26 23:57 <DIR> d-------- C:\Program Files\Driver Cleaner
2007-11-23 17:10 <DIR> d-------- C:\WINDOWS\system32\se
2007-11-23 17:00 <DIR> d-------- C:\Program Files\Fiat
2007-11-21 19:23 81,920 --a------ C:\WINDOWS\system32\frapsvid.dll
2007-11-16 13:55 80,272 --a------ C:\WINDOWS\system32\drivers\sscdbus.sys
2007-11-16 13:55 137,884 --a------ C:\WINDOWS\system32\drivers\sscdmdm.sys
2007-11-16 13:55 11,877 --a------ C:\WINDOWS\system32\drivers\sscdcmnt.sys
2007-11-16 13:55 11,877 --a------ C:\WINDOWS\system32\drivers\sscdcm.sys
2007-11-16 13:55 11,188 --a------ C:\WINDOWS\system32\drivers\sscdwhnt.sys
2007-11-16 13:55 11,188 --a------ C:\WINDOWS\system32\drivers\sscdwh.sys
2007-11-16 13:55 10,864 --a------ C:\WINDOWS\system32\drivers\sscdmdfl.sys
2007-11-16 13:54 <DIR> d-------- C:\Program Files\Samsung
2007-11-15 22:48 <DIR> d-------- C:\Nowy folder
2007-11-14 17:49 <DIR> d-------- C:\Program Files\Ringz Studio
2007-11-13 10:50 <DIR> d-------- C:\DOCUME~1\********\DANEAP~1\SpamBayes
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
2007-12-11 16:58:06 610,336 --sha-w C:\WINDOWS\system32\drivers\fidbox2.dat
2007-12-11 16:01:45 -------- d-----w C:\Program Files\eMule
2007-12-11 00:46:37 59,144 --sha-w C:\WINDOWS\system32\drivers\fidbox2.idx
2007-12-11 00:46:36 221,516 --sha-w C:\WINDOWS\system32\drivers\fidbox.idx
2007-12-11 00:46:36 16,375,328 --sha-w C:\WINDOWS\system32\drivers\fidbox.dat
2007-12-10 14:03:31 21,840 ----atw C:\WINDOWS\system32\SIntfNT.dll
2007-12-10 14:03:31 17,212 ----atw C:\WINDOWS\system32\SIntf32.dll
2007-12-10 14:03:31 12,067 ----atw C:\WINDOWS\system32\SIntf16.dll
2007-12-09 18:31:44 -------- d--h--w C:\Program Files\InstallShield Installation Information
2007-12-09 16:16:26 -------- d-----w C:\Program Files\Virtual Piano
2007-12-08 13:10:26 -------- d-----w C:\Program Files\Lx_cats
2007-12-07 12:09:17 -------- d-s---w C:\Program Files\Xfire
2007-12-06 15:07:01 -------- d-----w C:\DOCUME~1\*******\DANEAP~1\Xfire
2007-11-24 19:44:50 -------- d-----w C:\Program Files\Fraps
2007-11-16 13:00:58 -------- d-----w C:\DOCUME~1\******\DANEAP~1\Samsung
2007-11-14 16:49:48 -------- d-----w C:\Program Files\Common Files\Real
2007-11-10 14:26:40 -------- d-----w C:\Program Files\Mv2Player
2007-11-09 12:41:34 -------- d-----w C:\Program Files\Real Alternative
2007-11-09 12:37:37 -------- d-----w C:\DOCUME~1\*******\DANEAP~1\Real
2007-11-07 00:04:55 -------- d-----w C:\Program Files\SpamBayes
2007-11-04 14:08:50 -------- d-----w C:\Program Files\RootKit Hook Analyzer
2007-11-04 14:01:25 106 ----a-w C:\delete.bat
2007-11-02 18:07:01 -------- d-----w C:\Program Files\VID_0E8F&PID_0012
2007-10-30 16:14:59 -------- d-----w C:\Program Files\Real
2007-10-30 16:14:45 -------- d-----w C:\Program Files\BitComet
2007-10-30 16:14:33 -------- d-----w C:\Program Files\After
2007-10-30 16:14:20 -------- d-----w C:\Program Files\OpenOffice.org 2.1
2007-10-30 16:14:19 348,160 ----a-w C:\WINDOWS\system32\msvcr71.dll
2007-10-30 16:14:18 499,712 ----a-w C:\WINDOWS\system32\msvcp71.dll
2007-10-29 22:29:35 -------- d-----w C:\Program Files\1stbenison
2007-10-28 14:05:20 49,712 ----a-w C:\WINDOWS\system32\perfc015.dat
2007-10-28 14:05:20 355,830 ----a-w C:\WINDOWS\system32\perfh015.dat
2007-10-26 11:00:58 -------- d-----w C:\Program Files\Secure Surfing Engine
2007-10-26 11:00:57 -------- d-----w C:\Program Files\Steganos Internet Anonym 2006
2007-10-25 15:58:10 -------- d-----w C:\Program Files\RFA Platinum
2007-10-25 14:19:36 -------- d-----w C:\Program Files\RegCleaner
2007-10-24 18:28:25 -------- d-----w C:\Program Files\ToniArts
2007-10-22 21:58:27 -------- d-----w C:\DOCUME~1\********\DANEAP~1\MSN6
2007-10-20 23:08:25 -------- d-----w C:\Program Files\Trend Micro
2007-10-20 09:55:30 -------- d-----w C:\Program Files\Frets on Fire
2007-10-19 12:50:49 -------- d-----w C:\Program Files\THQ
2007-10-18 17:01:11 -------- d-----w C:\Program Files\AviSynth 2.5
2007-10-18 17:00:38 -------- d-----w C:\Program Files\eRightSoft
2007-10-18 15:57:03 -------- d-----w C:\Program Files\Xilisoft
2007-10-18 15:28:10 87 ----a-w C:\WINDOWS\system32\buyurl0502.dat
2007-10-18 14:47:03 -------- d-----w C:\Program Files\Mobile Video Converter
2007-10-15 15:38:25 -------- d-----w C:\Program Files\Prime95
2007-10-11 21:27:00 -------- d-----w C:\Program Files\Ashampoo
2007-10-11 21:26:30 -------- d-----w C:\Program Files\Arjaloc
2007-10-11 21:23:18 -------- d-----w C:\Program Files\Ahead
2007-10-04 12:53:54 94,208 ----a-w C:\DOCUME~1\*********\DANEAP~1\ezplay.sys
2007-10-04 12:53:54 87,608 ----a-w C:\DOCUME~1\*********\DANEAP~1\inst.exe
2007-10-04 12:53:50 47,360 ----a-w C:\DOCUME~1\*********\DANEAP~1\pcouffin.sys
2006-05-03 09:06:54 163,328 --sh--r C:\WINDOWS\system32\flvDX.dll
2006-12-21 19:46:04 952 --sha-w C:\WINDOWS\system32\KGyGaAvL.sys
2007-02-21 10:47:16 31,232 --sh--r C:\WINDOWS\system32\msfDX.dll
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
2001-03-02 11:02 37808 --------- C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60}]
2007-06-14 14:07 443968 --a------ C:\Program Files\BitComet\tools\BitCometBHO_1.1.6.14.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
2007-03-14 02:43 501400 --a------ C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{E3578B37-6346-4EC1-A82B-38273A100DCF}]
2007-09-07 14:29 566536 --a------ C:\Program Files\Trend Micro\TrendProtect\MSIE\wrs.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"UnlockerAssistant"="C:\Program Files\Unlocker\UnlockerAssistant.exe" [2006-09-07 18:19]
"StormCodec_Helper"="C:\Program Files\Ringz Studio\Storm Codec\StormSet.exe" [2006-11-26 19:30]
"CTSysVol"="C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe" [2005-10-31 10:51]
"P17Helper"="P17.dll" [2005-05-03 12:38 C:\WINDOWS\system32\P17.dll]
"CreativeTaskScheduler"="C:\Program Files\Creative\Shared Files\CTSched.exe" [2006-01-09 03:43]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AQQ"="C:\PROGRA~1\WapSter\AQQ\AQQ.exe" [2007-02-28 13:18]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2001-08-02 07:14]
"Real Desktop"="C:\Program Files\Real Desktop\Real Desktop.exe" [2007-08-05 14:19]
"WhatPulse"="C:\Program Files\WhatPulse\WhatPulse.exe" [2006-08-21 18:48]
"eMuleAutoStart"="C:\Program Files\eMule\emule.exe" [2006-09-14 15:15]
[HKEY_USERS\.default\software\microsoft\windows\currentversion\runonce]
"SIA2006"="C:\Program Files\Steganos Internet Anonym 2006\SIA2006.exe" -firstboot
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer\Run]
" "=C:\WINDOWS\System32\svchost.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^Adobe Gamma Loader.exe.lnk]
backup=C:\WINDOWS\pss\Adobe Gamma Loader.exe.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^Last.fm Helper.lnk]
backup=C:\WINDOWS\pss\Last.fm Helper.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^Microsoft Office.lnk]
backup=C:\WINDOWS\pss\Microsoft Office.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^********^Menu Start^Programy^Autostart^Xfire.lnk]
path=C:\Documents and Settings\All Users\Menu Start\Programy\Xfire\Xfire.lnk
backup=C:\WINDOWS\pss\Xfire.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AVP]
"C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BearShare]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\C:]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\C:\Documents and Settings]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\C:\Documents and Settings\********]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\C:\Documents and Settings\*******\Pulpit]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\C:\Documents and Settings\*******\Pulpit\hideippla.exe]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cFosDNT]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CookiePatrol]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
C:\WINDOWS\System32\ctfmon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FaxCenterServer]
"C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Free Download Manager]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Gadu-Gadu]
"C:\Program Files\Gadu-Gadu\gg.exe" /tray
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Glass2k]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HEXelon MAX]
"C:\Program Files\HEXelon MAX 6\hexelon.exe" /auto
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iDesk]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Komunikator]
C:\Program Files\Tlen.pl\tlen.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LClock]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\lxccmon.exe]
"C:\Program Files\Lexmark 3300 Series\lxccmon.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
"C:\Program Files\Messenger\msmsgs.exe" /background
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nod32kui]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
nwiz.exe /install
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OCAudioIni]
C:\Program Files\One-click Audio Converter\OCAudioIni.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Pando]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PestPatrol Control Center]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PPMemCheck]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
"C:\Program Files\QuickTime\qttask.exe" -atboottime
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\rfagent]
"C:\Program Files\RFA Platinum\rfagent.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SIA2006]
"C:\Program Files\Steganos Internet Anonym 2006\SIA2006.exe" -boot
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
"C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan]
SOUNDMAN.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
"C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Super X Desktop Version 3.4.0730]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TranspWndManagerPro]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UVS10 Preload]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
C:\Program Files\Winamp\winampa.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Yodm3D]
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{ACC563BC-4266-43f0-B6ED-9D38C4202C7E}
rundll32 iesetup.dll,IEAccessUserInst
**************************************************************************
catchme 0.3.915 W2K/XP/Vista - rootkit detector by Gmer, http://www.gmer.net
Rootkit scan 2007-12-11 17:58:20
Windows 5.1.2600 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
Completion time: 2007-12-11 17:59:49
C:\ComboFix-quarantined-files.txt ... 2007-12-11 17:59
C:\ComboFix2.txt ... 2007-12-09 22:11
C:\ComboFix3.txt ... 2007-12-09 14:48
--- E O F ---
sorki że dopiero teraz ale zapomniałem o nim zupełnie
[b]MSI B75A-G43 || Intel Xeon E3 1240 v2 @3.4GHz||WD Blue 1000GB + WD Blue 500GB|| 24 GB Goodram 1333Mhz ||Chieftec 450W || Creative Soundblaster audigy || GeForce GTX1660 OC || Creative G500 ||
-
Xfire - ~user
- Posty: 1290
- Dołączenie: 09 Wrz 2007, 12:09
- Pochwały: 57
-
przez Xfire 11 Gru 2007, 20:03
powinnno byc ok
dzięki
[b]MSI B75A-G43 || Intel Xeon E3 1240 v2 @3.4GHz||WD Blue 1000GB + WD Blue 500GB|| 24 GB Goodram 1333Mhz ||Chieftec 450W || Creative Soundblaster audigy || GeForce GTX1660 OC || Creative G500 ||
-
Xfire - ~user
- Posty: 1290
- Dołączenie: 09 Wrz 2007, 12:09
- Pochwały: 57
-
11 posty(ów) • Strona 1 z 1
Kto jest na forum
Użytkownicy przeglądający to forum: Brak zarejestrowanych użytkowników oraz 7 gości