ComboFix 08-08-28.02 - Murarz 2008-08-28 20:42:06.1 - NTFSx86
Microsoft® Windows Vista™ Ultimate 6.0.6000.0.1250.1.1045.18.1348 [GMT 2:00]
Running from: C:\Users\Murarz\Desktop\ComboFix.exe
* Created a new restore point
.
((((((((((((((((((((((((( Files Created from 2008-07-28 to 2008-08-28 )))))))))))))))))))))))))))))))
.
2008-08-28 18:42 . 2008-08-28 18:42 <DIR> d-------- C:\Program Files\Trend Micro
2008-08-28 17:02 . 2008-08-28 17:02 <DIR> d-------- C:\Program Files\ffdshow
2008-08-28 17:02 . 2008-06-08 23:58 60,273 --a------ C:\Windows\System32\pthreadGC2.dll
2008-08-28 17:02 . 2008-06-12 20:36 7,680 --a------ C:\Windows\System32\ff_vfw.dll
2008-08-28 17:02 . 2007-07-10 18:10 547 --a------ C:\Windows\System32\ff_vfw.dll.manifest
2008-08-28 16:33 . 2008-08-28 16:38 <DIR> d-------- C:\Users\Murarz\AppData\Roaming\ipla
2008-08-28 16:33 . 2008-08-28 16:38 <DIR> d-------- C:\Users\All Users\ipla
2008-08-28 16:33 . 2008-08-28 16:38 <DIR> d-------- C:\ProgramData\ipla
2008-08-28 12:06 . 2008-08-28 12:06 <DIR> d-------- C:\Program Files\LittleFighter2
2008-08-28 11:47 . 2008-08-28 11:47 <DIR> d--h----- C:\Windows\PIF
2008-08-28 11:46 . 2008-08-28 11:46 <DIR> d-------- C:\Program Files\Common Files\Blizzard Entertainment
2008-08-28 11:39 . 2008-08-28 19:59 <DIR> d-------- C:\Program Files\7-Zip
2008-08-28 09:54 . 2008-08-28 09:54 <DIR> d-------- C:\Program Files\Runtime Software
2008-08-28 09:39 . 2008-08-28 12:05 <DIR> d-------- C:\Program Files\Ontrack
2008-08-28 09:39 . 2008-08-28 12:05 <DIR> d-------- C:\Program Files\InstallShield Installation Information
2008-08-28 09:39 . 2006-11-02 14:35 543 --a------ C:\Windows\System32\MAPISVC.BAK
2008-08-28 09:38 . 2008-08-28 09:38 <DIR> d-------- C:\Program Files\Common Files\InstallShield
2008-08-28 08:43 . 2008-08-28 08:43 1,811,656 --a------ C:\Windows\System32\wuaueng.dll
2008-08-28 08:43 . 2008-08-28 08:43 1,524,736 --a------ C:\Windows\System32\wucltux.dll
2008-08-28 08:43 . 2008-08-28 08:43 53,448 --a------ C:\Windows\System32\wuauclt.exe
2008-08-28 08:43 . 2008-08-28 08:43 45,768 --a------ C:\Windows\System32\wups2.dll
2008-08-28 08:42 . 2008-08-28 08:42 563,912 --a------ C:\Windows\System32\wuapi.dll
2008-08-28 08:42 . 2008-08-28 08:42 163,904 --a------ C:\Windows\System32\wuwebv.dll
2008-08-28 08:42 . 2008-08-28 08:42 83,456 --a------ C:\Windows\System32\wudriver.dll
2008-08-28 08:42 . 2008-08-28 08:42 36,552 --a------ C:\Windows\System32\wups.dll
2008-08-28 08:42 . 2008-08-28 08:42 31,232 --a------ C:\Windows\System32\wuapp.exe
2008-08-28 08:41 . 2008-08-28 08:41 0 --a------ C:\Windows\ativpsrm.bin
2008-08-28 08:39 . 2008-08-28 08:39 <DIR> d-------- C:\Program Files\ATI Technologies
2008-08-28 08:39 . 2008-08-28 08:39 <DIR> d-------- C:\Program Files\ATI
2008-08-28 08:38 . 2008-08-28 08:38 <DIR> d-------- C:\ATI
2008-08-28 08:26 . 2008-08-28 08:26 2,923,520 --a------ C:\Windows\explorer.exe
2008-08-28 08:25 . 2008-08-28 08:25 376,320 --a------ C:\Windows\System32\winsrv.dll
2008-08-28 08:25 . 2008-08-28 08:25 49,664 --a------ C:\Windows\System32\csrsrv.dll
2008-08-28 08:24 . 2008-08-28 08:24 1,060,920 --a------ C:\Windows\System32\drivers\ntfs.sys
2008-08-28 08:24 . 2008-08-28 08:24 41,984 --a------ C:\Windows\System32\drivers\monitor.sys
2008-08-28 08:23 . 2008-08-28 08:23 2,048 --a------ C:\Windows\System32\tzres.dll
2008-08-28 08:22 . 2008-08-28 08:22 374,456 --a------ C:\Windows\System32\mcupdate_GenuineIntel.dll
2008-08-28 08:03 . 2008-08-28 08:03 414,208 --a------ C:\Windows\System32\msscp.dll
2008-08-27 21:41 . 2008-08-27 21:41 <DIR> d-------- C:\Users\Murarz\AppData\Roaming\Gadu-Gadu
2008-08-27 20:00 . 2005-02-26 07:34 442,368 -ra------ C:\Windows\System32\vp6vfw.dll
2008-08-27 13:58 . 2008-08-27 13:58 3,504,696 --a------ C:\Windows\System32\ntkrnlpa.exe
2008-08-27 13:58 . 2008-08-27 13:58 3,470,392 --a------ C:\Windows\System32\ntoskrnl.exe
2008-08-27 13:58 . 2008-08-27 13:58 211,000 --a------ C:\Windows\System32\drivers\volsnap.sys
2008-08-27 13:58 . 2008-08-27 13:58 154,624 --a------ C:\Windows\System32\drivers\nwifi.sys
2008-08-27 13:58 . 2008-08-27 13:58 109,624 --a------ C:\Windows\System32\drivers\ataport.sys
2008-08-27 13:58 . 2008-08-27 13:58 104,448 --a------ C:\Windows\System32\DWWIN.EXE
2008-08-27 13:58 . 2008-08-27 13:58 45,112 --a------ C:\Windows\System32\drivers\pciidex.sys
2008-08-27 13:58 . 2008-08-27 13:58 21,560 --a------ C:\Windows\System32\drivers\atapi.sys
2008-08-27 13:58 . 2008-08-27 13:58 17,464 --a------ C:\Windows\System32\drivers\intelide.sys
2008-08-27 13:58 . 2008-08-27 13:58 15,928 --a------ C:\Windows\System32\drivers\pciide.sys
2008-08-27 13:57 . 2008-08-27 13:57 1,191,936 --a------ C:\Windows\System32\msxml3.dll
2008-08-27 13:57 . 2008-08-27 13:57 337,408 --a------ C:\Windows\System32\intl.cpl
2008-08-27 13:57 . 2008-08-27 13:57 166,912 --a------ C:\Windows\System32\lpksetup.exe
2008-08-27 13:57 . 2008-08-27 13:57 25,600 --a------ C:\Windows\System32\LangCleanupSysprepAction.dll
2008-08-27 13:57 . 2008-08-27 13:57 23,552 --a------ C:\Windows\System32\lpremove.exe
2008-08-27 13:57 . 2008-08-27 13:57 10,240 --a------ C:\Windows\System32\MUILanguageCleanup.dll
2008-08-27 13:57 . 2008-08-27 13:57 2,048 --a------ C:\Windows\System32\msxml3r.dll
2008-08-27 13:56 . 2008-08-27 13:56 224,768 --a------ C:\Windows\System32\drivers\usbport.sys
2008-08-27 13:56 . 2008-08-27 13:56 192,000 --a------ C:\Windows\System32\drivers\usbhub.sys
2008-08-27 13:56 . 2008-08-27 13:56 38,400 --a------ C:\Windows\System32\drivers\usbehci.sys
2008-08-27 13:56 . 2008-08-27 13:56 23,040 --a------ C:\Windows\System32\drivers\usbuhci.sys
2008-08-27 13:56 . 2008-08-27 13:56 8,704 --a------ C:\Windows\System32\hcrstco.dll
2008-08-27 13:56 . 2008-08-27 13:56 8,704 --a------ C:\Windows\System32\hccoin.dll
2008-08-27 13:56 . 2008-08-27 13:56 5,888 --a------ C:\Windows\System32\drivers\usbd.sys
2008-08-27 13:54 . 2008-08-27 13:54 9,845,248 --a------ C:\Windows\System32\NlsData000a.dll
2008-08-27 13:50 . 2008-08-27 13:50 2,027,008 --a------ C:\Windows\System32\win32k.sys
2008-08-27 13:48 . 2008-08-27 13:48 1,984,512 --a------ C:\Windows\System32\authui.dll
2008-08-27 13:47 . 2008-08-27 13:47 8,138,240 --a------ C:\Windows\System32\ssBranded.scr
2008-08-27 13:47 . 2008-08-27 13:47 558,080 --a------ C:\Windows\System32\oleaut32.dll
2008-08-27 13:47 . 2008-08-27 13:47 113,664 --a------ C:\Windows\System32\drivers\rmcast.sys
2008-08-27 13:47 . 2008-08-27 13:48 88,576 --a------ C:\Windows\System32\avifil32.dll
2008-08-27 13:47 . 2008-08-27 13:47 69,632 --a------ C:\Windows\System32\sendmail.dll
2008-08-27 13:47 . 2008-08-27 13:47 31,232 --a------ C:\Windows\System32\msvidc32.dll
2008-08-27 13:47 . 2008-08-27 13:47 14,848 --a------ C:\Windows\System32\wshrm.dll
2008-08-27 13:47 . 2008-08-27 13:47 12,800 --a------ C:\Windows\System32\msrle32.dll
2008-08-27 13:47 . 2008-08-27 13:47 11,776 --a------ C:\Windows\System32\sbunattend.exe
2008-08-27 13:46 . 2008-08-27 13:46 4,247,552 --a------ C:\Windows\System32\GameUXLegacyGDFs.dll
2008-08-27 13:46 . 2008-08-27 13:46 1,686,528 --a------ C:\Windows\System32\gameux.dll
2008-08-27 13:46 . 2008-08-27 13:46 83,968 --a------ C:\Windows\System32\dnsrslvr.dll
2008-08-27 13:46 . 2008-08-27 13:46 24,576 --a------ C:\Windows\System32\dnscacheugc.exe
2008-08-27 13:45 . 2008-08-27 13:45 788,992 --a------ C:\Windows\System32\rpcrt4.dll
2008-08-27 13:45 . 2008-08-27 13:45 737,792 --a------ C:\Windows\System32\inetcomm.dll
2008-08-27 13:45 . 2008-08-27 13:45 130,048 --a------ C:\Windows\System32\drivers\srv2.sys
2008-08-27 13:45 . 2008-08-27 13:45 101,888 --a------ C:\Windows\System32\drivers\mrxsmb.sys
2008-08-27 13:45 . 2008-08-27 13:45 84,992 --a------ C:\Windows\System32\drivers\srvnet.sys
2008-08-27 13:45 . 2008-08-27 13:45 84,480 --a------ C:\Windows\System32\INETRES.dll
2008-08-27 13:45 . 2008-08-27 13:45 58,368 --a------ C:\Windows\System32\drivers\mrxsmb20.sys
2008-08-27 13:45 . 2008-08-27 13:45 53,760 --a------ C:\Windows\System32\drivers\hdaudbus.sys
2008-08-27 13:41 . 2008-08-27 13:41 750,080 --a------ C:\Windows\System32\qmgr.dll
2008-08-27 13:41 . 2008-08-27 13:41 633,856 --a------ C:\Windows\System32\user32.dll
2008-08-27 13:25 . 2008-08-28 15:11 <DIR> d-------- C:\Users\Murarz\AppData\Roaming\uTorrent
2008-08-27 13:25 . 2008-08-27 13:25 <DIR> d-------- C:\Program Files\uTorrent
2008-08-27 13:14 . 2008-08-27 13:27 96,976 --a------ C:\Windows\System32\drivers\klin.dat
2008-08-27 13:14 . 2008-08-27 13:27 87,855 --a------ C:\Windows\System32\drivers\klick.dat
2008-08-27 13:13 . 2008-08-28 20:32 <DIR> d-------- C:\Users\All Users\Kaspersky Lab
2008-08-27 13:13 . 2008-08-28 20:32 <DIR> d-------- C:\ProgramData\Kaspersky Lab
2008-08-27 13:13 . 2008-08-27 13:13 <DIR> d-------- C:\Program Files\Kaspersky Lab
2008-08-27 13:13 . 2008-08-28 20:28 2,050,080 --ahs---- C:\Windows\System32\drivers\fidbox.dat
2008-08-27 13:13 . 2008-08-28 20:01 344,096 --ahs---- C:\Windows\System32\drivers\fidbox2.dat
2008-08-27 13:13 . 2008-08-28 20:21 19,192 --ahs---- C:\Windows\System32\drivers\fidbox.idx
2008-08-27 13:13 . 2008-08-28 20:00 4,352 --ahs---- C:\Windows\System32\drivers\fidbox2.idx
2008-08-27 13:10 . 2008-08-27 13:10 <DIR> d-------- C:\Users\All Users\Kaspersky Lab Setup Files
2008-08-27 13:10 . 2008-08-27 13:10 <DIR> d-------- C:\ProgramData\Kaspersky Lab Setup Files
2008-08-27 12:35 . 2008-08-28 16:32 <DIR> d--hs---- C:\Windows\Installer
2008-08-27 12:35 . 2008-08-27 12:35 <DIR> d-------- C:\Program Files\Opera
2008-08-27 12:28 . 2008-08-27 13:19 <DIR> d-------- C:\Windows\System32\Macromed
2008-08-27 12:23 . 2008-08-06 15:27 499,712 --a------ C:\Windows\System32\msvcp71.dll
2008-08-27 12:23 . 2008-08-06 15:29 348,160 --a------ C:\Windows\System32\msvcr71.dll
2008-08-27 12:19 . 2008-08-27 12:23 <DIR> d-------- C:\Windows\System32\Adobe
2008-08-27 12:07 . 2008-08-27 12:08 <DIR> d-------- C:\Users\Murarz\Gadu-Gadu
2008-08-27 12:07 . 2008-08-27 12:07 <DIR> d-------- C:\Program Files\Gadu-Gadu
2008-08-27 12:02 . 2008-08-27 12:02 <DIR> dr------- C:\Users\Murarz\Videos
2008-08-27 12:02 . 2008-08-28 08:14 <DIR> dr------- C:\Users\Murarz\Searches
2008-08-27 12:02 . 2008-08-27 12:58 <DIR> dr------- C:\Users\Murarz\Saved Games
2008-08-27 12:02 . 2008-08-27 12:02 <DIR> dr------- C:\Users\Murarz\Pictures
2008-08-27 12:02 . 2008-08-27 12:02 <DIR> dr------- C:\Users\Murarz\Music
2008-08-27 12:02 . 2008-08-28 08:14 <DIR> dr------- C:\Users\Murarz\Links
2008-08-27 12:02 . 2008-08-27 13:31 <DIR> dr------- C:\Users\Murarz\Downloads
2008-08-27 12:02 . 2008-08-27 12:02 <DIR> dr------- C:\Users\Murarz\Documents
2008-08-27 12:02 . 2008-08-27 12:02 <DIR> dr------- C:\Users\Murarz\Contacts
2008-08-27 12:02 . 2006-11-02 14:35 <DIR> d-------- C:\Users\Murarz\AppData\Roaming\Media Center Programs
2008-08-27 12:02 . 2008-08-27 12:02 <DIR> d--h----- C:\Users\Murarz\AppData
2008-08-27 12:02 . 2008-08-28 08:41 <DIR> d-------- C:\Users\Murarz
2008-08-27 11:57 . 2008-08-27 11:57 <DIR> dr------- C:\Windows\System32\config\systemprofile\Contacts
2008-08-27 10:44 . 2008-08-27 11:54 <DIR> d-------- C:\Windows\Panther
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-08-28 06:46 174 --sha-w C:\Program Files\desktop.ini
2008-08-28 06:45 --------- d-----w C:\Program Files\Windows Mail
2008-08-28 06:45 --------- d-----w C:\Program Files\Windows Defender
2008-08-28 06:45 --------- d-----w C:\Program Files\Windows Calendar
2008-08-28 06:26 87,040 ----a-w C:\Windows\System32\msoert2.dll
2008-08-28 06:05 --------- d-----w C:\Program Files\Windows Sidebar
2008-08-27 11:55 9,892,864 ----a-w C:\Windows\System32\NlsLexicons000a.dll
2008-08-27 11:54 797,696 ----a-w C:\Windows\System32\NaturalLanguage6.dll
2008-08-27 11:52 52,736 ----a-w C:\Windows\AppPatch\iebrshim.dll
2008-08-27 11:48 82,944 ----a-w C:\Windows\System32\mciavi32.dll
2008-08-27 11:48 712,192 ----a-w C:\Windows\System32\WindowsCodecs.dll
2008-08-27 11:48 65,024 ----a-w C:\Windows\System32\avicap32.dll
2008-08-27 11:48 61,440 ----a-w C:\Windows\System32\ntprint.exe
2008-08-27 11:48 320,000 ----a-w C:\Windows\system32\drivers\csc.sys
2008-08-27 11:48 269,824 ----a-w C:\Windows\System32\schannel.dll
2008-08-27 11:48 220,160 ----a-w C:\Windows\System32\ntprint.dll
2008-08-27 11:48 2,048 ----a-w C:\Windows\System32\msxml6r.dll
2008-08-27 11:48 123,904 ----a-w C:\Windows\System32\msvfw32.dll
2008-08-27 11:48 120,320 ----a-w C:\Windows\System32\dhcpcsvc6.dll
2008-08-27 11:48 105,984 ----a-w C:\Windows\System32\CscMig.dll
2008-08-27 11:48 10,240 ----a-w C:\Windows\System32\dhcpcmonitor.dll
2008-08-27 11:48 1,335,296 ----a-w C:\Windows\System32\msxml6.dll
2008-08-27 11:46 537,600 ----a-w C:\Windows\AppPatch\AcLayers.dll
2008-08-27 11:46 449,536 ----a-w C:\Windows\AppPatch\AcSpecfc.dll
2008-08-27 11:46 2,560 ----a-w C:\Windows\AppPatch\AcRes.dll
2008-08-27 11:46 2,144,256 ----a-w C:\Windows\AppPatch\AcGenral.dll
2008-08-27 11:46 173,056 ----a-w C:\Windows\AppPatch\AcXtrnal.dll
2008-08-27 11:44 974,336 ----a-w C:\Windows\System32\crypt32.dll
2008-08-27 11:44 5,120 ----a-w C:\Windows\System32\wmi.dll
2008-08-27 11:44 428,032 ----a-w C:\Windows\System32\EncDec.dll
2008-08-27 11:44 292,352 ----a-w C:\Windows\System32\psisdecd.dll
2008-08-27 11:44 152,576 ----a-w C:\Windows\System32\imagehlp.dll
2008-08-27 11:44 12,800 ----a-w C:\Windows\system32\drivers\fs_rec.sys
2008-08-27 11:44 1,327,104 ----a-w C:\Windows\System32\quartz.dll
2008-08-27 11:44 1,244,672 ----a-w C:\Windows\System32\mcmde.dll
2008-08-27 09:58 --------- d-sh--w C:\ProgramData\Ulubione
2008-08-27 09:58 --------- d-sh--w C:\ProgramData\Szablony
2008-08-27 09:58 --------- d-sh--w C:\ProgramData\Pulpit
2008-08-27 09:58 --------- d-sh--w C:\ProgramData\Menu Start
2008-08-27 09:58 --------- d-sh--w C:\ProgramData\Dokumenty
2008-08-27 09:58 --------- d-sh--w C:\ProgramData\Dane aplikacji
2008-08-22 10:08 878,592 ----a-w C:\Windows\System32\wininet.dll
2008-08-22 10:07 43,008 ----a-w C:\Windows\System32\licmgr10.dll
2008-08-22 10:07 18,944 ----a-w C:\Windows\System32\corpol.dll
2008-08-22 10:06 72,704 ----a-w C:\Windows\System32\admparse.dll
2008-08-22 10:06 71,680 ----a-w C:\Windows\System32\iesetup.dll
2008-08-22 10:06 66,560 ----a-w C:\Windows\System32\wextract.exe
2008-08-22 10:06 129,024 ----a-w C:\Windows\System32\ieUnatt.exe
2008-08-22 10:06 110,080 ----a-w C:\Windows\System32\PDMSetup.exe
2008-08-22 10:06 103,424 ----a-w C:\Windows\System32\SetIEInstalledDate.exe
2008-08-22 10:05 35,840 ----a-w C:\Windows\System32\imgutil.dll
2008-08-22 10:05 168,960 ----a-w C:\Windows\System32\iexpress.exe
2008-08-22 10:04 48,640 ----a-w C:\Windows\System32\PrivacIE.dll
2008-08-22 10:04 48,128 ----a-w C:\Windows\System32\mshtmler.dll
2008-08-22 10:04 45,568 ----a-w C:\Windows\System32\mshta.exe
2008-08-22 09:57 156,160 ----a-w C:\Windows\System32\msls31.dll
2008-08-01 04:32 3,823,616 ----a-w C:\Windows\System32\atiumdag.dll
2008-08-01 04:15 4,463,104 ----a-w C:\Windows\System32\atiumdva.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2008-08-27 13:47 1232896]
"ehTray.exe"="C:\Windows\ehome\ehTray.exe" [2006-11-02 14:34 125440]
"Gadu-Gadu"="C:\Program Files\Gadu-Gadu\gg.exe" [2008-03-20 12:04 2127296]
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2006-11-02 14:33 201728]
"WindowsWelcomeCenter"="oobefldr.dll" [2006-11-02 14:32 2159104 C:\Windows\System32\oobefldr.dll]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AVP"="C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe" [2008-04-25 18:21 201992]
"MSConfig"="C:\Windows\system32\msconfig.exe" [2006-11-02 11:45 222208]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll,C:\PROGRA~1\KASPER~1\KASPER~1\adialhk.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Gadu-Gadu]
--a------ 2008-03-20 12:04 2127296 C:\Program Files\Gadu-Gadu\gg.exe
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\DomainProfile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"TCP Query User{3E0127CA-66D5-496B-9982-8D581772D141}C:\\programdata\\kaspersky lab setup files\\kaspersky internet security 2009\\polish\\setup.exe"= UDP:C:\programdata\kaspersky lab setup files\kaspersky internet security 2009\polish\setup.exe:Kaspersky Internet Security 2009 Setup
"UDP Query User{1BE6AC21-6FDA-4C94-B490-20A8ACC49B17}C:\\programdata\\kaspersky lab setup files\\kaspersky internet security 2009\\polish\\setup.exe"= TCP:C:\programdata\kaspersky lab setup files\kaspersky internet security 2009\polish\setup.exe:Kaspersky Internet Security 2009 Setup
"{62EF7446-97F9-4536-8C3C-6FD281151213}"= UDP:C:\Program Files\uTorrent\uTorrent.exe:µTorrent (TCP-In)
"{ED7AE71E-63B9-4A17-99F0-A365C1B8F0B4}"= TCP:C:\Program Files\uTorrent\uTorrent.exe:µTorrent (UDP-In)
"{4E3E37AB-89FB-48C9-9AC4-FCCB663C7F55}"= UDP:C:\Users\Murarz\Desktop\utorrent.exe:µTorrent (TCP-In)
"{AC7B91B0-EF0F-4803-A398-5563F3A1CCF2}"= TCP:C:\Users\Murarz\Desktop\utorrent.exe:µTorrent (UDP-In)
"{0C5D2C0E-AC98-4D3C-BEEF-97BD5E96C028}"= UDP:C:\Program Files\uTorrent\uTorrent.exe:µTorrent (TCP-In)
"{A5C00573-C4AE-48F0-BB42-2D89FC6ADDE7}"= TCP:C:\Program Files\uTorrent\uTorrent.exe:µTorrent (UDP-In)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\RestrictedServices\Static\System]
"DFSR-1"= RPort=5722|UDP:%SystemRoot%\system32\svchost.exe|Svc=DFSR:Allow inbound TCP traffic|
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile]
"EnableFirewall"= 0 (0x0)
R0 klbg;Kaspersky Lab Boot Guard Driver;C:\Windows\system32\drivers\klbg.sys [2008-01-29 18:29]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;C:\Windows\system32\DRIVERS\klim6.sys [2008-03-26 13:10]
R3 atikmdag;atikmdag;C:\Windows\system32\DRIVERS\atikmdag.sys [2008-08-01 08:40]
R3 KLFLTDEV;Kaspersky Lab KLFltDev;C:\Windows\system32\DRIVERS\klfltdev.sys [2008-03-13 19:02]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7e8a79f9-740c-11dd-9b83-806e6f6e6963}]
\shell\AutoRun\command - F:\Autorun.exe
*Newly Created Service* - CATCHME
*Newly Created Service* - PROCEXP90
.
Contents of the 'Scheduled Tasks' folder
2008-08-28 C:\Windows\Tasks\User_Feed_Synchronization-{55194154-E1A0-46E3-AE65-534E5FE28CD7}.job
- C:\Windows\system32\msfeedssync.exe [2008-08-22 12:05]
.
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2008-08-28 20:44:37
Windows 6.0.6000 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2008-08-28 20:45:44
ComboFix-quarantined-files.txt 2008-08-28 18:45:41
Pre-Run: 34,109,460,480 bajtów wolnych
Post-Run: 33,792,602,112 bajtów wolnych
259 --- E O F --- 2008-08-28 06:28:08
Człowiek, który porusza się w tłumie, nie dojdzie dalej niż inni. Ten, który chodzi samotnie, może znaleźć się tam gdzie jeszcze nikogo nie było.
)
