ComboFix 07-12-21.4 - przem 2007-12-25 15:27:17.3 -
FAT32x86
Microsoft Windows XP Professional 5.1.2600.2.1250.1.1045.18.76 [GMT 1:00]
Running from: C:\Documents and Settings\przem\Pulpit\ComboFix.exe
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\WINDOWS\system32\Driveinfo.log
.
((((((((((((((((((((((((( Files Created from 2007-11-25 to 2007-12-25 )))))))))))))))))))))))))))))))
.
2007-12-25 14:10 . 2007-12-25 14:10 <DIR> d--hs---- C:\FOUND.006
2007-12-25 11:58 . 2007-11-18 19:56 159,744 --a------ C:\WINDOWS\system32\mmfinfo.dll
2007-12-25 11:58 . 2007-11-18 19:55 23,552 --a------ C:\WINDOWS\system32\mkunicode.dll
2007-12-25 11:49 . 2007-12-25 11:49 <DIR> d-------- C:\Program Files\XP Codec Pack
2007-12-24 22:52 . 2007-12-24 22:52 <DIR> d-------- C:\Program Files\BitComet
2007-12-24 01:17 . 2007-12-25 02:18 1,302 --a------ C:\WINDOWS\VPlayer.INI
2007-12-24 01:17 . 2007-12-25 02:18 173 --a------ C:\WINDOWS\VplayerINI.vpl
2007-12-20 21:15 . 2007-12-20 21:15 <DIR> d-------- C:\Program Files\RegCleaner
2007-12-18 23:28 . 2007-12-18 23:28 <DIR> d-------- C:\Program Files\Total Video Converter
2007-12-18 23:28 . 2000-05-22 22:58 608,448 --a------ C:\WINDOWS\system32\comctl32.ocx
2007-12-18 23:05 . 2007-12-18 23:05 <DIR> d-------- C:\Program Files\YouTube Video Downloader
2007-12-18 17:06 . 2007-12-18 17:06 <DIR> d-------- C:\Program Files\SAGEM
2007-12-18 16:29 . 2007-12-18 16:29 <DIR> d-------- C:\Documents and Settings\przem\Dane aplikacji\InstallShield
2007-12-18 16:25 . 2005-06-17 10:26 114,688 --a------ C:\WINDOWS\system32\WLANUTL.dll
2007-12-16 11:23 . 2007-12-18 23:58 1,744 --a------ C:\WINDOWS\system32\d3d9caps.dat
2007-12-16 11:07 . 1999-11-10 11:05 86,016 --a------ C:\WINDOWS\unvise32qt.exe
2007-12-16 08:26 . 1999-12-13 09:01 44,032 --------- C:\WINDOWS\system32\CTSVCCDA.EXE
2007-12-16 08:26 . 1999-11-18 09:00 25,088 --------- C:\WINDOWS\system32\CTSVCCTL.EXE
2007-12-16 01:21 . 2007-12-16 01:21 <DIR> d-------- C:\Documents and Settings\przem\Dane aplikacji\Creative
2007-12-16 01:04 . 2003-06-12 23:25 7,062 --a------ C:\WINDOWS\system32\audiopid.vxd
2007-12-16 01:02 . 2000-05-22 01:58 647,872 --------- C:\WINDOWS\system32\Mscomct2.ocx
2007-12-16 01:02 . 2006-10-06 07:17 53,248 --------- C:\WINDOWS\Ctregrun.exe
2007-12-16 01:00 . 2007-12-16 01:00 417,792 --a------ C:\WINDOWS\system32\awrdscdc.ax
2007-12-16 00:59 . 2007-12-16 00:59 <DIR> d-------- C:\Program Files\Audible
2007-12-16 00:59 . 2001-08-17 22:43 24,576 --------- C:\WINDOWS\system32\msxml3a.dll
2007-12-16 00:54 . 2007-12-16 00:54 <DIR> d-------- C:\Documents and Settings\All Users\Dane aplikacji\Creative
2007-12-16 00:49 . 2007-12-16 00:49 <DIR> d--h----- C:\Program Files\Creative Installation Information
2007-12-16 00:49 . 2007-12-16 00:49 <DIR> d-------- C:\Program Files\Creative
2007-12-16 00:49 . 2007-12-16 00:49 <DIR> d-------- C:\Program Files\Common Files\Creative
2007-12-16 00:48 . 2006-10-04 15:06 1,197,294 --------- C:\WINDOWS\system32\dllcache\sysmain.sdb
2007-12-16 00:48 . 2006-10-04 15:06 764,868 --------- C:\WINDOWS\system32\dllcache\apph_sp.sdb
2007-12-16 00:48 . 2006-10-04 15:06 217,118 --------- C:\WINDOWS\system32\dllcache\apphelp.sdb
2007-12-16 00:45 . 2007-12-16 00:45 <DIR> d-------- C:\WINDOWS\system32\LogFiles
2007-12-16 00:45 . 2007-12-16 00:45 <DIR> d-------- C:\WINDOWS\system32\drivers\UMDF
2007-12-15 01:16 . 2007-12-15 01:16 <DIR> d-------- C:\Documents and Settings\przem\.jpi_cache
2007-12-15 01:16 . 2007-12-15 01:16 <DIR> d-------- C:\Documents and Settings\przem\.java
2007-12-14 19:21 . 2007-12-14 19:21 <DIR> d-------- C:\Documents and Settings\przem\Dane aplikacji\Reallusion
2007-12-11 10:57 . 2007-12-11 10:57 65,536 --a------ C:\WINDOWS\system32\QuickTimeVR.qtx
2007-12-11 10:57 . 2007-12-11 10:57 49,152 --a------ C:\WINDOWS\system32\QuickTime.qts
2007-11-27 12:15 . 2007-12-09 16:48 1,632 --a------ C:\WINDOWS\system32\d3d8caps.dat
2007-11-25 18:07 . 2007-11-25 18:07 <DIR> d-------- C:\Documents and Settings\przem\Dane aplikacji\Apple Computer
2007-11-25 18:06 . 2007-11-25 18:06 <DIR> d--h----- C:\Program Files\InstallShield Installation Information
2007-11-25 18:05 . 2007-11-25 18:05 <DIR> d-------- C:\Program Files\QuickTime
2007-11-25 18:02 . 2007-11-25 18:02 <DIR> d-------- C:\Documents and Settings\All Users\Dane aplikacji\Apple Computer
2007-11-25 18:01 . 2007-11-25 18:01 <DIR> d-------- C:\WINDOWS\Downloaded Installations
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-10-27 18:24 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\Eset
2007-11-19 11:13 --------- d-----w C:\Documents and Settings\przem\Dane aplikacji\Image Zone Express
2007-11-06 15:06 --------- d-----w C:\Program Files\Microsoft ActiveSync
2007-11-05 13:55 --------- d-----w C:\Program Files\Java
2007-11-05 13:55 --------- d-----w C:\Program Files\Common Files\Java
2007-11-05 13:41 --------- d-----w C:\Program Files\Sunbelt Software
2007-11-02 13:49 --------- d-----w C:\Documents and Settings\przem\Dane aplikacji\HP
2007-11-02 13:48 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\HP
2007-11-02 13:46 --------- d-----w C:\Program Files\Common Files\HP
2007-11-02 13:42 --------- d-----w C:\Program Files\Hewlett-Packard
2007-11-02 13:41 --------- d-----w C:\Program Files\Common Files\Hewlett-Packard
2007-11-02 13:32 --------- d-----w C:\Program Files\HP
2007-10-29 10:21 --------- d-----w C:\Documents and Settings\przem\Dane aplikacji\AdobeUM
2007-10-29 10:17 --------- d-----w C:\Program Files\Common Files\Adobe
2007-10-27 22:14 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\Avg7
2007-10-27 16:04 --------- d-----w C:\Documents and Settings\przem\Dane aplikacji\Ahead
2007-10-27 16:02 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\LightScribe
2007-10-27 15:28 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\Spybot - Search & Destroy
2007-10-27 11:10 --------- d-----w C:\Program Files\Common Files\LightScribe
2007-10-27 10:53 --------- d-----w C:\Program Files\Nero
2007-10-27 10:53 --------- d-----w C:\Program Files\Common Files\Ahead
2007-10-27 10:53 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\Nero
2007-10-26 18:43 --------- d-----w C:\Program Files\AutoConnect
2007-10-26 17:32 --------- d-----w C:\Program Files\Lavasoft
2007-10-26 17:32 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\Lavasoft
2007-10-26 17:30 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
2007-10-26 11:24 499,712 ----a-w C:\WINDOWS\system32\msvcp71.dll
2007-10-26 11:24 348,160 ----a-w C:\WINDOWS\system32\msvcr71.dll
2007-10-25 11:42 --------- d-----w C:\Documents and Settings\przem\Dane aplikacji\Tlen.pl
2007-10-25 11:19 --------- d-----w C:\Program Files\Common Files\InstallShield
2007-10-25 11:12 --------- d-----w C:\Program Files\Tlen.pl
2007-10-25 10:54 --------- d-----w C:\Program Files\microsoft frontpage
2007-10-25 10:52 558,142 ----a-w C:\WINDOWS\java\Packages\BNV779F3.ZIP
2007-10-25 10:52 155,995 ----a-w C:\WINDOWS\java\Packages\39ZBZZV3.ZIP
2007-10-25 10:47 --------- d-----w C:\Program Files\Usługi online
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AutoConnect"="C:\Program Files\AutoConnect\AutoConnect.exe" [2006-12-03 00:14]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2006-12-23 18:05]
"Komunikator"="C:\Program Files\Tlen.pl\tlen.exe" [2007-10-05 15:20]
"CTRegRun"="C:\WINDOWS\CTRegRun.EXE" [2006-10-06 07:17]
"CTSyncU.exe"="C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe" [2007-07-17 11:03]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"egui"="C:\Program Files\Eset\ESET NOD32 Antivirus\egui.exe" [2007-09-21 09:16]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11]
"CTCheck"="C:\Program Files\Creative\Creative ZEN\ZEN Media Explorer\CTCheck.exe" [2007-10-25 12:51]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2007-12-11 10:56]
"AdslTaskBar"="stmctrl.dll" [2006-06-02 12:01 C:\WINDOWS\system32\stmctrl.dll]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-04 00:44]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^Adobe Reader Speed Launch.lnk]
path=C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Adobe Reader Speed Launch.lnk
backup=C:\WINDOWS\pss\Adobe Reader Speed Launch.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^HP Digital Imaging Monitor.lnk]
path=C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\HP Digital Imaging Monitor.lnk
backup=C:\WINDOWS\pss\HP Digital Imaging Monitor.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
2004-08-04 00:44 15360 --a------ C:\WINDOWS\system32\ctfmon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
2006-02-19 02:41 49152 --a------ C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2006-01-12 15:40 155648 --a------ C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
R1 easdrv;easdrv;C:\WINDOWS\system32\DRIVERS\easdrv.sys [2007-09-21 09:15]
R1 epfwtdir;epfwtdir;C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2007-09-21 09:17]
R1 fwdrv;Firewall Driver;C:\WINDOWS\system32\drivers\fwdrv.sys [2007-04-26 10:21]
R1 khips;Kerio HIPS Driver;C:\WINDOWS\system32\drivers\khips.sys [2007-04-26 10:21]
R2 eamon;EAMON;C:\WINDOWS\system32\DRIVERS\eamon.sys [2007-09-21 09:15]
R2 ekrn;Eset Service;"C:\Program Files\Eset\ESET NOD32 Antivirus\ekrn.exe" [2007-09-21 09:16]
R2 SPF4;Sunbelt Personal Firewall 4;"C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe" [2007-04-26 10:21]
R3 Stmatm;ATM/ADSL miniport;C:\WINDOWS\system32\DRIVERS\stmatm.sys [2003-08-12 15:51]
R3 TaurusUsb;ADSL Modem USB Service;C:\WINDOWS\system32\DRIVERS\torususb.sys [2006-05-25 16:28]
S3 EhttpSrv;Eset HTTP Server;"C:\Program Files\Eset\ESET NOD32 Antivirus\EHttpSrv.exe" [2007-09-21 09:17]
S3 ZDCndis5;ZDCndis5 Protocol Driver;C:\WINDOWS\system32\ZDCndis5.SYS []
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b492cce0-83dd-11dc-a7b9-c296b4c2cf59}]
\Shell\Open(&0)\command - Recycled\ctfmon.exe
.
**************************************************************************
catchme 0.3.1333 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-12-25 15:40:41
Windows 5.1.2600 Dodatek Service Pack 2 FAT NTAPI
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2007-12-25 15:44:47
czy jak wyczyściłem kompa ATFCleanerem to nie powinno mnie dziwić spowolnienie odpalania się stron www w przeglądarce?
[ Dodano: Dzisiaj o 16:04 ] - Kod: Zaznacz wszystko
ComboFix 07-12-21.4 - przem 2007-12-25 15:27:17.3 - [color=red][b]FAT32[/b][/color]x86
Microsoft Windows XP Professional 5.1.2600.2.1250.1.1045.18.76 [GMT 1:00]
Running from: C:\Documents and Settings\przem\Pulpit\ComboFix.exe
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\WINDOWS\system32\Driveinfo.log
.
((((((((((((((((((((((((( Files Created from 2007-11-25 to 2007-12-25 )))))))))))))))))))))))))))))))
.
2007-12-25 14:10 . 2007-12-25 14:10 <DIR> d--hs---- C:\FOUND.006
2007-12-25 11:58 . 2007-11-18 19:56 159,744 --a------ C:\WINDOWS\system32\mmfinfo.dll
2007-12-25 11:58 . 2007-11-18 19:55 23,552 --a------ C:\WINDOWS\system32\mkunicode.dll
2007-12-25 11:49 . 2007-12-25 11:49 <DIR> d-------- C:\Program Files\XP Codec Pack
2007-12-24 22:52 . 2007-12-24 22:52 <DIR> d-------- C:\Program Files\BitComet
2007-12-24 01:17 . 2007-12-25 02:18 1,302 --a------ C:\WINDOWS\VPlayer.INI
2007-12-24 01:17 . 2007-12-25 02:18 173 --a------ C:\WINDOWS\VplayerINI.vpl
2007-12-20 21:15 . 2007-12-20 21:15 <DIR> d-------- C:\Program Files\RegCleaner
2007-12-18 23:28 . 2007-12-18 23:28 <DIR> d-------- C:\Program Files\Total Video Converter
2007-12-18 23:28 . 2000-05-22 22:58 608,448 --a------ C:\WINDOWS\system32\comctl32.ocx
2007-12-18 23:05 . 2007-12-18 23:05 <DIR> d-------- C:\Program Files\YouTube Video Downloader
2007-12-18 17:06 . 2007-12-18 17:06 <DIR> d-------- C:\Program Files\SAGEM
2007-12-18 16:29 . 2007-12-18 16:29 <DIR> d-------- C:\Documents and Settings\przem\Dane aplikacji\InstallShield
2007-12-18 16:25 . 2005-06-17 10:26 114,688 --a------ C:\WINDOWS\system32\WLANUTL.dll
2007-12-16 11:23 . 2007-12-18 23:58 1,744 --a------ C:\WINDOWS\system32\d3d9caps.dat
2007-12-16 11:07 . 1999-11-10 11:05 86,016 --a------ C:\WINDOWS\unvise32qt.exe
2007-12-16 08:26 . 1999-12-13 09:01 44,032 --------- C:\WINDOWS\system32\CTSVCCDA.EXE
2007-12-16 08:26 . 1999-11-18 09:00 25,088 --------- C:\WINDOWS\system32\CTSVCCTL.EXE
2007-12-16 01:21 . 2007-12-16 01:21 <DIR> d-------- C:\Documents and Settings\przem\Dane aplikacji\Creative
2007-12-16 01:04 . 2003-06-12 23:25 7,062 --a------ C:\WINDOWS\system32\audiopid.vxd
2007-12-16 01:02 . 2000-05-22 01:58 647,872 --------- C:\WINDOWS\system32\Mscomct2.ocx
2007-12-16 01:02 . 2006-10-06 07:17 53,248 --------- C:\WINDOWS\Ctregrun.exe
2007-12-16 01:00 . 2007-12-16 01:00 417,792 --a------ C:\WINDOWS\system32\awrdscdc.ax
2007-12-16 00:59 . 2007-12-16 00:59 <DIR> d-------- C:\Program Files\Audible
2007-12-16 00:59 . 2001-08-17 22:43 24,576 --------- C:\WINDOWS\system32\msxml3a.dll
2007-12-16 00:54 . 2007-12-16 00:54 <DIR> d-------- C:\Documents and Settings\All Users\Dane aplikacji\Creative
2007-12-16 00:49 . 2007-12-16 00:49 <DIR> d--h----- C:\Program Files\Creative Installation Information
2007-12-16 00:49 . 2007-12-16 00:49 <DIR> d-------- C:\Program Files\Creative
2007-12-16 00:49 . 2007-12-16 00:49 <DIR> d-------- C:\Program Files\Common Files\Creative
2007-12-16 00:48 . 2006-10-04 15:06 1,197,294 --------- C:\WINDOWS\system32\dllcache\sysmain.sdb
2007-12-16 00:48 . 2006-10-04 15:06 764,868 --------- C:\WINDOWS\system32\dllcache\apph_sp.sdb
2007-12-16 00:48 . 2006-10-04 15:06 217,118 --------- C:\WINDOWS\system32\dllcache\apphelp.sdb
2007-12-16 00:45 . 2007-12-16 00:45 <DIR> d-------- C:\WINDOWS\system32\LogFiles
2007-12-16 00:45 . 2007-12-16 00:45 <DIR> d-------- C:\WINDOWS\system32\drivers\UMDF
2007-12-15 01:16 . 2007-12-15 01:16 <DIR> d-------- C:\Documents and Settings\przem\.jpi_cache
2007-12-15 01:16 . 2007-12-15 01:16 <DIR> d-------- C:\Documents and Settings\przem\.java
2007-12-14 19:21 . 2007-12-14 19:21 <DIR> d-------- C:\Documents and Settings\przem\Dane aplikacji\Reallusion
2007-12-11 10:57 . 2007-12-11 10:57 65,536 --a------ C:\WINDOWS\system32\QuickTimeVR.qtx
2007-12-11 10:57 . 2007-12-11 10:57 49,152 --a------ C:\WINDOWS\system32\QuickTime.qts
2007-11-27 12:15 . 2007-12-09 16:48 1,632 --a------ C:\WINDOWS\system32\d3d8caps.dat
2007-11-25 18:07 . 2007-11-25 18:07 <DIR> d-------- C:\Documents and Settings\przem\Dane aplikacji\Apple Computer
2007-11-25 18:06 . 2007-11-25 18:06 <DIR> d--h----- C:\Program Files\InstallShield Installation Information
2007-11-25 18:05 . 2007-11-25 18:05 <DIR> d-------- C:\Program Files\QuickTime
2007-11-25 18:02 . 2007-11-25 18:02 <DIR> d-------- C:\Documents and Settings\All Users\Dane aplikacji\Apple Computer
2007-11-25 18:01 . 2007-11-25 18:01 <DIR> d-------- C:\WINDOWS\Downloaded Installations
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-10-27 18:24 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\Eset
2007-11-19 11:13 --------- d-----w C:\Documents and Settings\przem\Dane aplikacji\Image Zone Express
2007-11-06 15:06 --------- d-----w C:\Program Files\Microsoft ActiveSync
2007-11-05 13:55 --------- d-----w C:\Program Files\Java
2007-11-05 13:55 --------- d-----w C:\Program Files\Common Files\Java
2007-11-05 13:41 --------- d-----w C:\Program Files\Sunbelt Software
2007-11-02 13:49 --------- d-----w C:\Documents and Settings\przem\Dane aplikacji\HP
2007-11-02 13:48 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\HP
2007-11-02 13:46 --------- d-----w C:\Program Files\Common Files\HP
2007-11-02 13:42 --------- d-----w C:\Program Files\Hewlett-Packard
2007-11-02 13:41 --------- d-----w C:\Program Files\Common Files\Hewlett-Packard
2007-11-02 13:32 --------- d-----w C:\Program Files\HP
2007-10-29 10:21 --------- d-----w C:\Documents and Settings\przem\Dane aplikacji\AdobeUM
2007-10-29 10:17 --------- d-----w C:\Program Files\Common Files\Adobe
2007-10-27 22:14 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\Avg7
2007-10-27 16:04 --------- d-----w C:\Documents and Settings\przem\Dane aplikacji\Ahead
2007-10-27 16:02 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\LightScribe
2007-10-27 15:28 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\Spybot - Search & Destroy
2007-10-27 11:10 --------- d-----w C:\Program Files\Common Files\LightScribe
2007-10-27 10:53 --------- d-----w C:\Program Files\Nero
2007-10-27 10:53 --------- d-----w C:\Program Files\Common Files\Ahead
2007-10-27 10:53 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\Nero
2007-10-26 18:43 --------- d-----w C:\Program Files\AutoConnect
2007-10-26 17:32 --------- d-----w C:\Program Files\Lavasoft
2007-10-26 17:32 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\Lavasoft
2007-10-26 17:30 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
2007-10-26 11:24 499,712 ----a-w C:\WINDOWS\system32\msvcp71.dll
2007-10-26 11:24 348,160 ----a-w C:\WINDOWS\system32\msvcr71.dll
2007-10-25 11:42 --------- d-----w C:\Documents and Settings\przem\Dane aplikacji\Tlen.pl
2007-10-25 11:19 --------- d-----w C:\Program Files\Common Files\InstallShield
2007-10-25 11:12 --------- d-----w C:\Program Files\Tlen.pl
2007-10-25 10:54 --------- d-----w C:\Program Files\microsoft frontpage
2007-10-25 10:52 558,142 ----a-w C:\WINDOWS\java\Packages\BNV779F3.ZIP
2007-10-25 10:52 155,995 ----a-w C:\WINDOWS\java\Packages\39ZBZZV3.ZIP
2007-10-25 10:47 --------- d-----w C:\Program Files\Usługi online
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AutoConnect"="C:\Program Files\AutoConnect\AutoConnect.exe" [2006-12-03 00:14]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2006-12-23 18:05]
"Komunikator"="C:\Program Files\Tlen.pl\tlen.exe" [2007-10-05 15:20]
"CTRegRun"="C:\WINDOWS\CTRegRun.EXE" [2006-10-06 07:17]
"CTSyncU.exe"="C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe" [2007-07-17 11:03]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"egui"="C:\Program Files\Eset\ESET NOD32 Antivirus\egui.exe" [2007-09-21 09:16]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11]
"CTCheck"="C:\Program Files\Creative\Creative ZEN\ZEN Media Explorer\CTCheck.exe" [2007-10-25 12:51]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2007-12-11 10:56]
"AdslTaskBar"="stmctrl.dll" [2006-06-02 12:01 C:\WINDOWS\system32\stmctrl.dll]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-04 00:44]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^Adobe Reader Speed Launch.lnk]
path=C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Adobe Reader Speed Launch.lnk
backup=C:\WINDOWS\pss\Adobe Reader Speed Launch.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^HP Digital Imaging Monitor.lnk]
path=C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\HP Digital Imaging Monitor.lnk
backup=C:\WINDOWS\pss\HP Digital Imaging Monitor.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
2004-08-04 00:44 15360 --a------ C:\WINDOWS\system32\ctfmon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
2006-02-19 02:41 49152 --a------ C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2006-01-12 15:40 155648 --a------ C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
R1 easdrv;easdrv;C:\WINDOWS\system32\DRIVERS\easdrv.sys [2007-09-21 09:15]
R1 epfwtdir;epfwtdir;C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2007-09-21 09:17]
R1 fwdrv;Firewall Driver;C:\WINDOWS\system32\drivers\fwdrv.sys [2007-04-26 10:21]
R1 khips;Kerio HIPS Driver;C:\WINDOWS\system32\drivers\khips.sys [2007-04-26 10:21]
R2 eamon;EAMON;C:\WINDOWS\system32\DRIVERS\eamon.sys [2007-09-21 09:15]
R2 ekrn;Eset Service;"C:\Program Files\Eset\ESET NOD32 Antivirus\ekrn.exe" [2007-09-21 09:16]
R2 SPF4;Sunbelt Personal Firewall 4;"C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe" [2007-04-26 10:21]
R3 Stmatm;ATM/ADSL miniport;C:\WINDOWS\system32\DRIVERS\stmatm.sys [2003-08-12 15:51]
R3 TaurusUsb;ADSL Modem USB Service;C:\WINDOWS\system32\DRIVERS\torususb.sys [2006-05-25 16:28]
S3 EhttpSrv;Eset HTTP Server;"C:\Program Files\Eset\ESET NOD32 Antivirus\EHttpSrv.exe" [2007-09-21 09:17]
S3 ZDCndis5;ZDCndis5 Protocol Driver;C:\WINDOWS\system32\ZDCndis5.SYS []
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b492cce0-83dd-11dc-a7b9-c296b4c2cf59}]
\Shell\Open(&0)\command - Recycled\ctfmon.exe
.
**************************************************************************
catchme 0.3.1333 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-12-25 15:40:41
Windows 5.1.2600 Dodatek Service Pack 2 FAT NTAPI
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2007-12-25 15:44:47
czy jak wyczyściłem kompa ATFCleanerem to nie powinno mnie dziwić spowolnienie odpalania się stron www w przeglądarce?
[ Dodano: Dzisiaj o 16:15 ] sorry za dwa razy to samo ale cos mi komp zlamil i tak jakos dziwnie wyszlo a nie moge juz tego poprawic