Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:14:21, on 2009-02-26
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Panda Security\Panda Antivirus + Firewall 2008\AVENGINE.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Panda Security\Panda Antivirus + Firewall 2008\TPSrv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Panda Security\Panda Antivirus + Firewall 2008\APVXDWIN.EXE
C:\WINDOWS\system32\agrsmsvc.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Panda Security\Panda Antivirus + Firewall 2008\PsCtrls.exe
C:\Program Files\Panda Security\Panda Antivirus + Firewall 2008\PavFnSvr.exe
C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe
c:\program files\panda security\panda antivirus + firewall 2008\firewall\PSHOST.EXE
C:\Program Files\Panda Security\Panda Antivirus + Firewall 2008\PsImSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Panda Security\Panda Antivirus + Firewall 2008\WebProxy.exe
c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Documents and Settings\bb\Pulpit\HiJackThis.exe
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files\Panda Security\Panda Antivirus + Firewall 2008\APVXDWIN.EXE" /s
O4 - HKLM\..\Run: [StartCCC] "c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [eMuleAutoStart] D:\Program Files\eMule\emule.exe -AutoStart
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Wyślij do interfejsu Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: Wyślij do urządzenia &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windows ... 4956503218
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\WINDOWS\system32\agrsmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Panda Software Controller - Panda Software International - C:\Program Files\Panda Security\Panda Antivirus + Firewall 2008\PsCtrls.exe
O23 - Service: Panda Function Service (PAVFNSVR) - Panda Software International - C:\Program Files\Panda Security\Panda Antivirus + Firewall 2008\PavFnSvr.exe
O23 - Service: Panda Process Protection Service (PavPrSrv) - Panda Software - C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe
O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software International - C:\Program Files\Panda Security\Panda Antivirus + Firewall 2008\pavsrv51.exe
O23 - Service: Panda Host Service (PSHost) - Panda Software International - c:\program files\panda security\panda antivirus + firewall 2008\firewall\PSHOST.EXE
O23 - Service: Panda IManager Service (PSIMSVC) - Panda Software International - C:\Program Files\Panda Security\Panda Antivirus + Firewall 2008\PsImSvc.exe
O23 - Service: Panda TPSrv (TPSrv) - Panda Software International - C:\Program Files\Panda Security\Panda Antivirus + Firewall 2008\TPSrv.exe
--
End of file - 5761 bytes
ComboFix 09-02-26.01 - bb 2009-02-26 21:34:57.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1250.1.1045.18.765.383 [GMT 1:00]
Uruchomiony z: c:\documents and settings\bb\Pulpit\ComboFix.exe
AV: Panda Antivirus + Firewall 2008 *On-access scanning disabled* (Updated)
FW: Panda Antivirus 2008 Personal Firewall *disabled*
.
((((((((((((((((((((((((( Pliki utworzone od 2009-01-26 do 2009-02-26 )))))))))))))))))))))))))))))))
.
2009-02-20 17:35 . 2009-02-20 17:35 <DIR> d-------- c:\documents and settings\bb\Dane aplikacji\DAEMON Tools Pro
2009-02-20 17:35 . 2009-02-20 17:35 <DIR> d-------- c:\documents and settings\bb\Dane aplikacji\DAEMON Tools
2009-02-20 17:34 . 2009-02-20 17:34 <DIR> d-------- c:\program files\DAEMON Tools Lite
2009-02-20 17:34 . 2009-02-20 17:34 <DIR> d-------- c:\documents and settings\All Users\Dane aplikacji\DAEMON Tools Lite
2009-02-20 17:31 . 2009-02-20 17:37 <DIR> d-------- c:\documents and settings\bb\Dane aplikacji\DAEMON Tools Lite
2009-02-20 17:31 . 2009-02-20 17:31 717,296 --a------ c:\windows\system32\drivers\sptd.sys
2009-02-20 17:20 . 2009-02-20 17:20 <DIR> d-------- c:\documents and settings\All Users\Dane aplikacji\ATI
2009-02-19 17:29 . 2009-02-19 17:29 <DIR> d-------- c:\program files\Electronic Arts
2009-02-19 17:29 . 2005-06-24 16:24 438,272 -ra------ c:\windows\system32\vp6vfw.dll
2009-02-19 17:29 . 2004-12-10 09:06 327,680 --a------ c:\windows\system32\vp6dec.ax
2009-02-15 09:40 . 2009-02-15 09:40 <DIR> d-------- c:\program files\Skype
2009-02-11 18:08 . 2009-02-11 18:08 <DIR> d-------- c:\documents and settings\All Users\Dane aplikacji\Office Genuine Advantage
2009-02-10 22:01 . 2009-02-10 22:01 <DIR> d-------- c:\program files\MarBit
2009-02-10 17:46 . 2009-02-10 17:56 <DIR> d-------- c:\program files\Mozilla Sunbird
2009-02-10 17:46 . 2009-02-10 17:46 <DIR> d-------- c:\documents and settings\bb\Dane aplikacji\Talkback
2009-02-08 16:57 . 2009-02-16 17:47 <DIR> d-------- c:\program files\sXe Injected
2009-02-06 14:58 . 2009-02-23 19:49 <DIR> d-------- c:\program files\Counter-Strike
2009-02-05 20:45 . 2009-02-05 20:45 <DIR> d-------- c:\documents and settings\bb\Dane aplikacji\Unity
2009-02-05 20:18 . 2009-02-05 20:18 <DIR> d-------- c:\program files\Unity
2009-02-05 20:14 . 2009-02-05 21:12 <DIR> d-------- c:\windows\system32\Adobe
2009-02-05 18:22 . 2009-02-05 18:22 <DIR> d-------- c:\program files\Rockstar Games
2009-02-05 18:22 . 2009-02-05 18:22 <DIR> d-------- c:\program files\directx
2009-02-04 21:58 . 2009-02-26 21:26 250,304 --a------ c:\windows\system32\drivers\APPFCONT.DAT.bck
2009-02-04 21:58 . 2009-02-26 18:37 13,880 --a------ c:\windows\system32\drivers\COMFiltr.sys
2009-02-04 21:58 . 2009-02-26 21:34 1,204 --a------ c:\windows\system32\drivers\APPFLTR.CFG.bck
2009-02-04 21:45 . 2007-07-12 13:49 178,872 --a------ c:\windows\system32\drivers\PavProc.sys
2009-02-04 21:45 . 2007-05-23 15:40 38,968 --a------ c:\windows\system32\drivers\ShlDrv51.sys
2009-02-04 21:23 . 2009-02-04 21:23 0 --a------ c:\windows\system32\drivers\wnmsav.dat
2009-02-04 13:10 . 2009-02-04 13:10 <DIR> d-------- c:\documents and settings\All Users\Dane aplikacji\SRS Labs
2009-02-04 13:10 . 2007-07-26 09:25 47,360 -ra------ c:\windows\system32\drivers\Surroundhp_kern_i386.sys
2009-02-04 13:10 . 2007-07-26 09:25 47,104 -ra------ c:\windows\system32\drivers\tshd4_kern_i386.sys
2009-02-04 13:10 . 2007-07-26 09:25 42,112 -ra------ c:\windows\system32\drivers\csiidecoder_kern_i386.sys
2009-02-04 13:10 . 2007-07-26 09:25 39,808 -ra------ c:\windows\system32\drivers\SRS_SSCFilter_i386.sys
2009-02-04 13:10 . 2007-07-26 09:25 32,000 -ra------ c:\windows\system32\drivers\wowhd_kern_i386.sys
2009-02-04 13:03 . 2009-02-04 13:03 <DIR> d-------- c:\program files\Common Files\DFX
2009-02-04 13:03 . 2009-02-04 13:03 <DIR> d-------- c:\documents and settings\All Users\Dane aplikacji\DFX
2009-02-04 12:27 . 2009-02-04 12:45 <DIR> d-------- c:\program files\Total Video Converter
2009-02-03 20:20 . 2009-02-03 20:20 <DIR> d-------- c:\program files\ivo
2009-02-03 13:30 . 2009-02-03 13:30 <DIR> d-------- c:\documents and settings\bb\.thumbnails
2009-02-03 13:27 . 2009-02-03 20:16 <DIR> d-------- c:\documents and settings\bb\.gimp-2.2
2009-02-03 13:25 . 2009-02-03 13:27 <DIR> d-------- c:\program files\GIMP-2.0
2009-02-03 13:24 . 2009-02-03 13:24 <DIR> d-------- c:\program files\Common Files\GTK
2009-02-03 13:14 . 2009-02-03 13:14 <DIR> d-------- c:\program files\Java
2009-02-03 13:14 . 2009-02-03 13:14 73,728 --a------ c:\windows\system32\javacpl.cpl
2009-02-02 22:59 . 2009-02-10 22:01 <DIR> d-------- c:\program files\ALLPlayer
.
(((((((((((((((((((((((((((((((((((((((( Sekcja Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-02-26 20:34 1,204 ----a-w c:\windows\system32\drivers\APPFLTR.CFG
2009-02-26 20:26 250,304 ----a-w c:\windows\system32\drivers\APPFCONT.DAT
2009-02-26 19:45 --------- d--h--w c:\program files\InstallShield Installation Information
2009-02-23 18:40 --------- d-----w c:\documents and settings\bb\Dane aplikacji\Skype
2009-02-23 15:27 --------- d-----w c:\documents and settings\bb\Dane aplikacji\skypePM
2009-02-22 10:22 --------- d-----w c:\documents and settings\bb\Dane aplikacji\TeraCopy
2009-02-20 16:16 --------- d-----w c:\program files\ATI Technologies
2009-02-13 16:46 --------- d-----w c:\documents and settings\All Users\Dane aplikacji\Microsoft Help
2009-02-04 20:45 --------- d-----w c:\program files\Common Files\Panda Software
2009-02-03 12:14 410,984 ----a-w c:\windows\system32\deploytk.dll
2009-02-02 21:58 921,600 ----a-w c:\windows\system32\vorbisenc.dll
2009-02-02 21:58 9,216 ----a-w c:\windows\system32\cpuinf32.dll
2009-02-02 21:58 795,648 ----a-w c:\windows\system32\xvidcore.dll
2009-02-02 21:58 45,056 ----a-w c:\windows\system32\ogg.dll
2009-02-02 21:58 245,760 ----a-w c:\windows\system32\mplvpx.dll
2009-02-02 21:58 237,568 ----a-w c:\windows\system32\OggDS.dll
2009-02-02 21:58 188,416 ----a-w c:\windows\system32\vorbis.dll
2009-02-02 21:58 130,048 ----a-w c:\windows\system32\xvidvfw.dll
2009-02-02 21:58 1,415,680 ----a-w c:\windows\system32\WMV9VCM.dll
2009-01-22 22:47 --------- d-----w c:\program files\WIDCOMM
2009-01-22 22:38 --------- d-----w c:\program files\Hewlett-Packard
2009-01-22 22:37 1,287,552 ----a-w c:\windows\system32\drivers\BCMWL5.SYS
2009-01-22 22:37 --------- d-----w c:\program files\Broadcom
2009-01-20 21:25 --------- d-----w c:\documents and settings\All Users\Dane aplikacji\sentinel
2009-01-20 21:22 --------- d-----w c:\program files\Panda Security
2009-01-20 19:48 --------- d-----w c:\documents and settings\bb\Dane aplikacji\PC Suite
2009-01-20 19:48 --------- d-----w c:\documents and settings\All Users\Dane aplikacji\Downloaded Installations
2009-01-20 18:00 --------- d-----w c:\program files\Kaspersky Lab
2009-01-20 17:48 --------- d-----w c:\program files\Common Files\G DATA
2009-01-20 06:35 45,768 ----a-w c:\windows\system32\drivers\MiniIcpt.sys
2009-01-20 06:13 --------- d-----w c:\documents and settings\All Users\Dane aplikacji\Kaspersky Lab Setup Files
2009-01-19 18:18 --------- d---a-w c:\documents and settings\All Users\Dane aplikacji\TEMP
2009-01-19 18:18 --------- d-----w c:\documents and settings\All Users\Dane aplikacji\PC Tools
2009-01-19 18:02 603,904 ----a-w c:\windows\system32\TUProgSt.exe
2009-01-19 18:01 --------- d-sh--w c:\documents and settings\All Users\Dane aplikacji\{55A29068-F2CE-456C-9148-C869879E2357}
2009-01-19 18:01 --------- d-----w c:\documents and settings\All Users\Dane aplikacji\TuneUp Software
2009-01-19 08:30 68,296 ----a-w c:\windows\system32\drivers\GRD.sys
2009-01-17 17:46 --------- d-----w c:\program files\Windows Media Connect 2
2009-01-16 07:11 --------- d-----w c:\program files\CCleaner
2009-01-15 16:51 --------- d-----w c:\documents and settings\bb\Dane aplikacji\Nokia
2009-01-15 09:13 --------- d-----w c:\program files\Opera
2009-01-13 12:44 --------- d-----w c:\documents and settings\All Users\Dane aplikacji\PC Suite
2009-01-13 12:33 0 ---ha-w c:\windows\system32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf
2009-01-13 12:33 0 ---ha-w c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01007.Wdf
2009-01-13 12:33 --------- d-----w c:\documents and settings\All Users\Dane aplikacji\Installations
2009-01-11 14:05 --------- d-----w c:\documents and settings\All Users\Dane aplikacji\Nokia
2008-12-27 13:05 --------- d-----w c:\program files\Common Files\Skype
2008-12-27 13:05 --------- d-----w c:\documents and settings\All Users\Dane aplikacji\Skype
2008-12-26 14:40 --------- d-----w c:\documents and settings\bb\Dane aplikacji\Media Player Classic
2008-12-26 14:32 --------- d-----w c:\program files\XP Codec Pack
2008-12-26 09:36 --------- d-----w c:\documents and settings\Administrator\Dane aplikacji\TuneUp Software
.
((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-04 15360]
"eMuleAutoStart"="d:\program files\eMule\emule.exe" [2008-08-01 5480448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2008-04-04 1044480]
"APVXDWIN"="c:\program files\Panda Security\Panda Antivirus + Firewall 2008\APVXDWIN.EXE" [2007-07-19 455984]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-01-21 61440]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-04 15360]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoRecentDocsNetHood"= 1 (0x1)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avldr]
2007-02-15 20:02 50736 c:\windows\system32\avldr.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"vidc.ffds"= ffdshow.ax
"msacm.ac3filter"= ac3filter.acm
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^BTTray.lnk]
path=c:\documents and settings\All Users\Menu Start\Programy\Autostart\BTTray.lnk
backup=c:\windows\pss\BTTray.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
c:\windows\system32\dumprep 0 -k [X]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ALLUpdate]
--a------ 2008-11-24 20:44 869888 c:\program files\ALLPlayer\ALLUpdate.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
--a------ 2008-12-29 11:40 687560 c:\program files\DAEMON Tools Lite\daemon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Gadu-Gadu]
--a------ 2008-03-20 11:04 2127296 c:\program files\Gadu-Gadu\gg.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpWirelessAssistant]
--a------ 2008-04-15 14:51 488752 c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
--a------ 2009-02-03 13:14 136600 c:\program files\Java\jre6\bin\jusched.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"Gadu-Gadu"="c:\program files\Gadu-Gadu\gg.exe" /tray
"CTFMON.EXE"=c:\windows\system32\ctfmon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"KernelFaultCheck"=%systemroot%\system32\dumprep 0 -k
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"d:\\Program Files\\eMule\\emule.exe"=
"c:\\Documents and Settings\\All Users\\Dane aplikacji\\Kaspersky Lab Setup Files\\Kaspersky Internet Security 7.0.1.325\\Polish\\setup.exe"=
"c:\\Documents and Settings\\All Users\\Dane aplikacji\\Kaspersky Lab Setup Files\\Kaspersky Anti-Virus 2009\\Polish\\setup.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
R0 SFAUDIO;Sonic Focus DSP Driver;c:\windows\system32\drivers\sfaudio.sys [2008-03-28 24064]
R1 APPFLT;App Filter Plugin;c:\windows\system32\drivers\APPFLT.SYS [2009-02-04 71736]
R1 DSAFLT;DSA Filter Plugin;c:\windows\system32\drivers\dsaflt.sys [2009-02-04 51256]
R1 FNETMON;NetMon Filter Plugin;c:\windows\system32\drivers\fnetmon.sys [2009-02-04 22072]
R1 IDSFLT;Ids Filter Plugin;c:\windows\system32\drivers\idsflt.sys [2009-02-04 191672]
R1 NETFLTDI;Panda Net Driver [TDI Layer];c:\windows\system32\drivers\NETFLTDI.SYS [2009-02-04 21:47:37 132920]
R1 ShldDrv;Panda File Shield Driver;c:\windows\system32\drivers\ShlDrv51.sys [2009-02-04 38968]
R1 SMSFLT;SMS Filter Plugin;c:\windows\system32\drivers\smsflt.sys [2009-02-04 37304]
R1 WNMFLT;Wifi Monitor Filter Plugin;c:\windows\system32\drivers\wnmflt.sys [2009-02-04 30648]
R2 cpoint;Panda CPoint Driver;c:\windows\system32\drivers\cpoint.sys [2009-02-04 24760]
R2 NwSapAgent;Agent SAP;c:\windows\system32\svchost.exe -k netsvcs [2004-08-04 14336]
R2 PavProc;Panda Process Protection Driver;c:\windows\system32\drivers\PavProc.sys [2009-02-04 178872]
R3 AvFlt;Antivirus Filter Driver;c:\windows\system32\drivers\av5flt.sys --> c:\windows\system32\drivers\av5flt.sys [?]
R3 NETIMFLT;PANDA NDIS IM Filter Miniport;c:\windows\system32\drivers\netimflt.sys [2009-02-04 142128]
R3 PavSRK.sys;PavSRK.sys;\??\c:\windows\system32\PavSRK.sys --> c:\windows\system32\PavSRK.sys [?]
R3 PavTPK.sys;PavTPK.sys;\??\c:\windows\system32\PavTPK.sys --> c:\windows\system32\PavTPK.sys [?]
S3 SCR3XX2K;SCR3xx USB SmartCardReader;c:\windows\system32\drivers\SCR3XX2K.sys [2007-06-21 56448]
--- Inne Usługi/Sterowniki w Pamięci ---
*Deregistered* - ComFiltr
.
- - - - USUNIĘTO PUSTE WPISY - - - -
MSConfigStartUp-Broadcom Wireless Manager UI - c:\windows\system32\WLTRAY.exe
.
------- Skan uzupełniający -------
.
IE: E&ksportuj do programu Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Wyślij do interfejsu Bluetooth - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: Wyślij do urządzenia &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
LSP: c:\program files\Panda Security\Panda Antivirus + Firewall 2008\pavlsp.dll
FF - ProfilePath - c:\documents and settings\bb\Dane aplikacji\Mozilla\Firefox\Profiles\qmyeo8by.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.interia.pl/
FF - plugin: c:\program files\Unity\WebPlayer\loader\npUnity3D32.dll
---- FIREFOX - SPOSÓB POSTĘPOWANIA ----
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: content.max.tokenizing.time - 200000
FF - user.js: content.notify.interval - 100000
FF - user.js: content.switch.threshold - 650000
FF - user.js: nglayout.initialpaint.delay - 300
.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-02-26 21:36:08
Windows 5.1.2600 Dodatek Service Pack 2 NTFS
skanowanie ukrytych procesów ...
skanowanie ukrytych wpisów autostartu ...
skanowanie ukrytych plików ...
skanowanie pomyślnie ukończone
ukryte pliki: 0
**************************************************************************
.
--------------------- ZABLOKOWANE KLUCZE REJESTRU ---------------------
[HKEY_USERS\S-1-5-21-776561741-1844823847-839522115-1004\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
--------------------- Pliki DLL ładowane pod uruchomionymi procesami ---------------------
- - - - - - - > 'winlogon.exe'(1124)
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\avldr.dll
.
Czas ukończenia: 2009-02-26 21:37:09
ComboFix-quarantined-files.txt 2009-02-26 20:37:07
ComboFix2.txt 2008-11-25 10:58:16
Przed: 65,914,028,032 bajtów wolnych
Po: 65,907,765,248 bajtów wolnych
224 --- E O F --- 2009-01-19 10:04:41