Dark / 8 lat, 7 miesięcy temu | Download | Plaintext | Odpowiedz |

  1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
ComboFix 09-01-31.01 - Patryk 2009-01-31 21:55:28.2 - NTFSx86
Microsoft® Windows Vista™ Ultimate   6.0.6001.1.1250.1.1045.18.3326.2087 [GMT 1:00]
Uruchomiony z: c:\users\Patryk\Desktop\ComboFix.exe
AV: Kaspersky Internet Security *On-access scanning disabled* (Updated)
FW: Kaspersky Internet Security *disabled*
 * Utworzono nowy punkt przywracania
.

(((((((((((((((((((((((((   Pliki utworzone od 2008-12-28 do 2009-01-31  )))))))))))))))))))))))))))))))
.

2009-01-31 21:12 . 2009-01-31 21:39	382,464	--a------	C:\KillIt.exe
2009-01-31 20:59 . 2009-01-31 20:59	<DIR>	d--------	c:\users\Patryk\AppData\Roaming\KeePass
2009-01-31 20:56 . 2009-01-31 20:56	<DIR>	d--------	c:\program files\KeePass Password Safe
2009-01-29 12:30 . 2009-01-29 12:54	<DIR>	d--------	c:\program files\World of Warcraft
2009-01-28 12:04 . 2009-01-28 12:04	<DIR>	d--------	c:\program files\Common Files\Control Panels
2009-01-23 15:24 . 2009-01-23 15:24	<DIR>	d--------	c:\users\All Users\Blizzard
2009-01-23 15:24 . 2009-01-23 15:24	<DIR>	d--------	c:\programdata\Blizzard
2009-01-23 01:08 . 2009-01-23 01:08	<DIR>	d--------	c:\users\All Users\Real
2009-01-23 01:08 . 2009-01-23 01:08	<DIR>	d--------	c:\program files\Real Alternative
2009-01-23 01:06 . 2009-01-23 01:06	<DIR>	d--------	c:\program files\ALLPlayer
2009-01-22 16:01 . 2009-01-22 16:01	<DIR>	d--------	c:\program files\Common Files\INCA Shared
2009-01-22 16:01 . 2003-07-19 16:17	5,174	--a------	c:\windows\System32\nppt9x.vxd
2009-01-22 16:01 . 2005-01-03 07:43	4,682	--a------	c:\windows\System32\npptNT2.sys
2009-01-22 15:30 . 2009-01-22 19:37	<DIR>	d--------	C:\AeriaGames
2009-01-22 15:29 . 2009-01-22 15:29	<DIR>	d--------	c:\users\Patryk\AppData\Roaming\Xfire
2009-01-22 15:29 . 2009-01-22 15:29	<DIR>	d--------	c:\users\All Users\Xfire
2009-01-22 15:29 . 2009-01-22 15:29	<DIR>	d--------	c:\programdata\Xfire
2009-01-22 15:29 . 2009-01-22 15:29	<DIR>	d--------	c:\program files\Xfire
2009-01-20 21:18 . 2009-01-20 21:21	<DIR>	d--------	c:\program files\ONWIND
2009-01-20 19:27 . 2009-01-30 11:41	<DIR>	d--------	c:\program files\Common Files\Blizzard Entertainment
2009-01-20 17:53 . 2009-01-20 17:53	<DIR>	d--------	c:\windows\Dark and Light
2009-01-20 17:53 . 2009-01-20 17:56	<DIR>	d--------	c:\program files\DarkandLight
2009-01-17 13:14 . 2009-01-17 13:15	<DIR>	d--------	c:\program files\Hamachi
2009-01-17 13:14 . 2009-01-17 13:14	25,280	--a------	c:\windows\System32\drivers\hamachi.sys
2009-01-17 00:02 . 2009-01-17 00:02	<DIR>	d--------	c:\users\Patryk\AppData\Roaming\Red Alert 3
2009-01-15 18:34 . 2009-01-15 18:34	<DIR>	d--------	c:\users\All Users\Xerox
2009-01-15 18:34 . 2009-01-15 18:34	<DIR>	d--------	c:\programdata\Xerox
2009-01-08 22:20 . 2009-01-17 13:14	<DIR>	d--------	C:\Temp
2009-01-08 22:19 . 2009-01-08 22:19	<DIR>	d--------	c:\program files\Winnydows
2009-01-08 21:08 . 2009-01-08 21:09	<DIR>	d--------	c:\program files\Video Converter App
2009-01-02 12:22 . 2009-01-02 12:22	<DIR>	d--------	c:\program files\Ai Space
2008-12-30 12:11 . 2008-12-30 12:11	<DIR>	d--------	c:\program files\Bethesda Softworks
2008-12-29 22:51 . 2008-12-30 18:09	<DIR>	d--------	c:\users\Patryk\AppData\Roaming\Gzegzolka XP
2008-12-29 22:51 . 2008-12-29 22:51	<DIR>	d--------	c:\program files\Gżegżółka XP
2008-12-28 20:55 . 2008-12-28 20:55	<DIR>	d--------	c:\program files\Ogonki 97
2008-12-26 11:39 . 2008-07-12 08:18	3,851,784	--a------	c:\windows\System32\D3DX9_39.dll
2008-12-26 11:39 . 2008-07-12 08:18	1,493,528	--a------	c:\windows\System32\D3DCompiler_39.dll
2008-12-26 11:39 . 2008-07-31 10:40	509,448	--a------	c:\windows\System32\XAudio2_2.dll
2008-12-26 11:39 . 2008-07-12 08:18	467,984	--a------	c:\windows\System32\d3dx10_39.dll
2008-12-26 11:39 . 2008-07-31 10:41	238,088	--a------	c:\windows\System32\xactengine3_2.dll
2008-12-26 11:39 . 2008-07-31 10:41	68,616	--a------	c:\windows\System32\XAPOFX1_1.dll
2008-12-25 17:07 . 2008-12-25 17:07	475	--ah-----	C:\School Rumble OVA 1.mp4.ini
2008-12-25 16:21 . 2009-01-08 21:08	<DIR>	d--------	c:\program files\Red Kawa
2008-12-25 16:21 . 2008-12-25 16:21	<DIR>	d--------	c:\program files\AviSynth 2.5
2008-12-25 16:21 . 2008-12-25 16:21	<DIR>	d--------	C:\OpenCandy
2008-12-24 14:20 . 2008-12-24 14:20	307,694,581	--a------	c:\windows\MEMORY.DMP
2008-12-20 20:33 . 2008-12-20 20:33	<DIR>	d--------	c:\users\Patryk\AppData\Roaming\Micro-Sys
2008-12-20 20:33 . 2008-12-20 20:33	<DIR>	d--------	c:\program files\Micro-Sys Software
2008-12-11 20:43 . 2008-12-11 20:43	38	--a------	c:\windows\avisplitter.INI
2008-12-09 19:11 . 2008-12-09 19:11	<DIR>	d--------	c:\users\Patryk\AppData\Roaming\Z-Systems
2008-12-04 18:35 . 2009-01-31 21:57	<DIR>	d--------	c:\users\Patryk\AppData\Roaming\DNA
2008-12-04 18:35 . 2009-01-31 21:37	<DIR>	d--------	c:\program files\DNA
2008-12-04 12:22 . 2008-12-04 12:22	<DIR>	d--------	c:\program files\Codemasters
2008-12-02 13:06 . 2008-12-02 13:34	<DIR>	d--------	c:\program files\Fishro

.
((((((((((((((((((((((((((((((((((((((((   Sekcja Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-01-31 20:58	---------	d-----w	c:\users\Patryk\AppData\Roaming\Skype
2009-01-31 20:57	1,279,993,376	--sha-w	c:\windows\system32\drivers\fidbox.dat
2009-01-31 20:37	---------	d-----w	c:\users\Patryk\AppData\Roaming\skypePM
2009-01-31 20:37	---------	d-----w	c:\users\Patryk\AppData\Roaming\Hamachi
2009-01-31 20:37	---------	d-----w	c:\programdata\Kaspersky Lab
2009-01-31 20:37	---------	d-----w	c:\program files\Steam
2009-01-31 20:36	17,138,480	--sha-w	c:\windows\system32\drivers\fidbox.idx
2009-01-31 13:55	---------	d-----w	c:\users\Patryk\AppData\Roaming\uTorrent
2009-01-28 11:03	---------	d-----w	c:\program files\Common Files\Adobe
2009-01-24 19:54	---------	d-----w	c:\program files\EA Games
2009-01-24 19:53	---------	d-----w	c:\program files\Common Files\Wise Installation Wizard
2009-01-24 19:53	---------	d-----w	c:\program files\AGEIA Technologies
2009-01-23 00:06	---------	d-----w	c:\program files\NAPI-PROJEKT
2009-01-22 14:34	---------	d--h--w	c:\program files\InstallShield Installation Information
2009-01-21 22:17	---------	d-----w	c:\program files\uTorrent
2009-01-21 11:22	---------	d-----w	c:\program files\Tibia
2009-01-21 11:22	---------	d-----w	c:\program files\Asprate
2009-01-20 17:49	---------	d-----w	c:\users\Patryk\AppData\Roaming\Tibia
2009-01-19 10:50	---------	d-----w	c:\program files\Common Files\Steam
2009-01-16 22:44	---------	d-----w	c:\program files\Electronic Arts
2009-01-12 19:12	---------	d-----w	c:\users\Patryk\AppData\Roaming\Ahead
2008-12-30 10:03	---------	d-----w	c:\program files\Ubisoft
2008-12-29 21:51	---------	d-----w	c:\program files\Gżegżółka XP
2008-12-28 22:29	---------	d-----w	c:\users\Patryk\AppData\Roaming\gtk-2.0
2008-12-25 12:49	---------	d-----w	c:\program files\Wiedźmin
2008-12-20 22:04	---------	d-----w	c:\program files\sXe Injected
2008-12-14 19:09	---------	d-----w	c:\users\Patryk\AppData\Roaming\Winamp
2008-12-02 15:29	183,112	----a-w	c:\windows\System32\PnkBstrB.exe
2008-12-02 15:29	138,184	----a-w	c:\windows\system32\drivers\PnkBstrK.sys
2008-11-29 12:31	66,872	----a-w	c:\windows\System32\PnkBstrA.exe
2008-11-29 11:58	---------	d-----w	c:\programdata\WindowsSearch
2008-11-29 07:10	---------	d-----w	c:\users\Patryk\AppData\Roaming\Leadertech
2008-11-24 21:19	756	---ha-w	C:\os084633.bin
2008-11-23 13:22	22,328	----a-w	c:\users\Patryk\AppData\Roaming\PnkBstrK.sys
2008-11-23 13:22	2,250,024	----a-w	c:\windows\System32\pbsvc.exe
2008-11-07 19:11	304,528	----a-w	c:\windows\System32\appdrvrem01.exe
2008-10-27 09:04	70,992	----a-w	c:\windows\System32\XAPOFX1_2.dll
2008-10-27 09:04	514,384	----a-w	c:\windows\System32\XAudio2_3.dll
2008-10-27 09:04	235,856	----a-w	c:\windows\System32\xactengine3_3.dll
2008-10-27 09:04	23,376	----a-w	c:\windows\System32\X3DAudio1_5.dll
2008-10-17 08:29	70,936	----a-w	c:\windows\System32\PhysXLoader.dll
2008-10-15 08:04	288,024	----a-w	c:\windows\System32\PhysXCplUI.exe
2008-10-15 08:04	288,024	----a-w	c:\windows\System32\PhysXCompatCplUI.exe
2008-10-14 15:07	107,888	----a-w	c:\windows\System32\CmdLineExt.dll
2008-10-10 03:52	452,440	----a-w	c:\windows\System32\d3dx10_40.dll
2008-10-10 03:52	4,379,984	----a-w	c:\windows\System32\D3DX9_40.dll
2008-10-10 03:52	2,036,576	----a-w	c:\windows\System32\D3DCompiler_40.dll
2008-10-07 08:13	58,648	----a-w	c:\windows\System32\AgCPanelTraditionalChinese.dll
2008-10-07 08:13	58,648	----a-w	c:\windows\System32\AgCPanelSwedish.dll
2008-10-07 08:13	58,648	----a-w	c:\windows\System32\AgCPanelSpanish.dll
2008-10-07 08:13	58,648	----a-w	c:\windows\System32\AgCPanelSimplifiedChinese.dll
2008-10-07 08:13	58,648	----a-w	c:\windows\System32\AgCPanelPortugese.dll
2008-10-07 08:13	58,648	----a-w	c:\windows\System32\AgCPanelKorean.dll
2008-10-07 08:13	58,648	----a-w	c:\windows\System32\AgCPanelJapanese.dll
2008-10-07 08:13	58,648	----a-w	c:\windows\System32\AgCPanelGerman.dll
2008-10-07 08:13	58,648	----a-w	c:\windows\System32\AgCPanelFrench.dll
2008-10-07 08:13	23,320	----a-w	c:\windows\System32\PhysXDevice.dll
2008-10-07 08:13	197,912	----a-w	c:\windows\System32\physxcudart_20.dll
2008-06-30 20:33	174	--sha-w	c:\program files\desktop.ini
.

(((((((((((((((((((((((((((((((((((((   Wpisy startowe rejestru   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane  
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-19 1233920]
"Steam"="c:\program files\Steam\Steam.exe" [2008-10-08 1410296]
"DAEMON Tools Pro Agent"="c:\program files\DAEMON Tools Pro\DTProAgent.exe" [2007-09-06 136136]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" [2008-04-01 486856]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2008-06-03 21718312]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
"AlcoholAutomount"="c:\program files\Alcohol Soft\Alcohol 120\axcmd.exe" [2008-11-07 4608]
"BitTorrent DNA"="c:\program files\DNA\btdna.exe" [2008-12-16 342848]
"AdobeUpdater"="c:\program files\Common Files\Adobe\Updater5\AdobeUpdater.exe" [2007-02-28 2321600]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]
"ALLUpdate"="c:\program files\ALLPlayer\ALLUpdate.exe" [2008-11-24 869888]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NVRaidService"="c:\windows\system32\nvraidservice.exe" [2007-08-17 184864]
"Ai Nap"="c:\program files\ASUS\Ai Suite\AiNap\AiNap.exe" [2007-09-06 1426432]
"CPU Power Monitor"="c:\program files\ASUS\Ai Suite\AiGear3\CpuPowerMonitor.exe" [2007-10-16 626176]
"Cpu Level Up help"="c:\program files\ASUS\Ai Suite\CpuLevelUpHelp.exe" [2007-09-11 880640]
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-05-03 13535776]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-05-03 92704]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-01 153136]
"PWRISOVM.EXE"="c:\program files\PowerISO\PWRISOVM.EXE" [2008-11-02 167936]

c:\users\Patryk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
hamachi.lnk - c:\program files\Hamachi\hamachi.exe [2009-01-17 625952]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"vidc.i420"= i420vfw.dll
"VIDC.X264"= x264vfw.dll
"VIDC.XFR1"= xfcodec.dll

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"DAEMON Tools Pro Agent"="c:\program files\DAEMON Tools Pro\DTProAgent.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-2117322305-3802939460-441223678-1000]
"EnableNotificationsRef"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"TCP Query User{A2A65852-CCCC-4F51-8598-ED5B2A9AD655}c:\\programdata\\kaspersky lab setup files\\kaspersky internet security 7.0.1.325\\polish\\setup.exe"= UDP:c:\programdata\kaspersky lab setup files\kaspersky internet security 7.0.1.325\polish\setup.exe:Kaspersky Internet Security 7.0 Setup
"UDP Query User{096462E3-9B95-439A-826B-BFA9B0322206}c:\\programdata\\kaspersky lab setup files\\kaspersky internet security 7.0.1.325\\polish\\setup.exe"= TCP:c:\programdata\kaspersky lab setup files\kaspersky internet security 7.0.1.325\polish\setup.exe:Kaspersky Internet Security 7.0 Setup
"{662332D3-8BDE-4100-B857-04DF97782802}"= UDP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{F71166BC-76AF-43CF-A8FE-DD5A26243FF3}"= TCP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{83215AED-80B1-4414-BC41-C15D2FC9B9E2}"= UDP:c:\program files\Flagship Studios\Hellgate London\Launcher.exe:Hellgate: London
"{A222C4CF-D1DF-4D52-ACDA-94E8F1DEC12B}"= TCP:c:\program files\Flagship Studios\Hellgate London\Launcher.exe:Hellgate: London
"{074A3C36-14CF-448D-B73D-2E71B6C7F710}"= c:\program files\Skype\Phone\Skype.exe:Skype
"TCP Query User{F4DAD5FC-B038-41CE-B32C-355E692F8627}c:\\program files\\mozilla firefox 2\\firefox.exe"= UDP:c:\program files\mozilla firefox 2\firefox.exe:Firefox
"UDP Query User{E2D5D692-0F18-47E2-96F7-4CBFD7FE6A29}c:\\program files\\mozilla firefox 2\\firefox.exe"= TCP:c:\program files\mozilla firefox 2\firefox.exe:Firefox
"TCP Query User{C0B51346-ACFE-46C3-BA7B-328518A1EB9C}d:\\gry\\call of duty 4 - modern warfare\\iw3mp.exe"= UDP:d:\gry\call of duty 4 - modern warfare\iw3mp.exe:iw3mp
"UDP Query User{AE0C9023-ACA6-4635-88CA-B487CE7A9B87}d:\\gry\\call of duty 4 - modern warfare\\iw3mp.exe"= TCP:d:\gry\call of duty 4 - modern warfare\iw3mp.exe:iw3mp
"TCP Query User{60CCF48D-84E2-4EDA-A505-FF8B820FFDAF}c:\\totalcmd\\totalcmd.exe"= UDP:c:\totalcmd\totalcmd.exe:Total Commander 32 bit international version, file manager replacement for Windows
"UDP Query User{B072F758-669F-4D3F-A194-37C31BF011A4}c:\\totalcmd\\totalcmd.exe"= TCP:c:\totalcmd\totalcmd.exe:Total Commander 32 bit international version, file manager replacement for Windows
"TCP Query User{23B279D7-F480-4466-815B-212556FF0891}c:\\program files\\gadu-gadu\\gg.exe"= UDP:c:\program files\gadu-gadu\gg.exe:Gadu-Gadu - program główny
"UDP Query User{BF668206-AE1B-4C86-AA9A-99AF03B6FDF7}c:\\program files\\gadu-gadu\\gg.exe"= TCP:c:\program files\gadu-gadu\gg.exe:Gadu-Gadu - program główny
"TCP Query User{0C07F7CC-1C9A-4992-AAAB-20E04A4BA3F8}c:\\program files\\nowe gadu-gadu\\gg.exe"= UDP:c:\program files\nowe gadu-gadu\gg.exe:Nowe Gadu-Gadu beta
"UDP Query User{2E1F86F2-82C8-4EB3-BA1C-38109A1D2926}c:\\program files\\nowe gadu-gadu\\gg.exe"= TCP:c:\program files\nowe gadu-gadu\gg.exe:Nowe Gadu-Gadu beta
"TCP Query User{D57C418E-10ED-4CA8-B1E2-386C531713E1}c:\\program files\\veoh networks\\veoh\\veohclient.exe"= UDP:c:\program files\veoh networks\veoh\veohclient.exe:Veoh Client
"UDP Query User{B9F4BE1F-9E9B-4523-A3B4-0AED76D7B5FF}c:\\program files\\veoh networks\\veoh\\veohclient.exe"= TCP:c:\program files\veoh networks\veoh\veohclient.exe:Veoh Client
"TCP Query User{DEA3AFAB-30B6-418D-A1DC-901E94170D4B}c:\\program files\\blackd tools\\blackd proxy\\updater.exe"= UDP:c:\program files\blackd tools\blackd proxy\updater.exe:Blackd Proxy Updater
"UDP Query User{8286B21F-D585-4718-A504-4B1F3153BD7F}c:\\program files\\blackd tools\\blackd proxy\\updater.exe"= TCP:c:\program files\blackd tools\blackd proxy\updater.exe:Blackd Proxy Updater
"TCP Query User{C433B9F9-131C-4D93-9A91-800BBA69A62C}c:\\program files\\blackd tools\\blackd proxy\\blackdproxy.exe"= UDP:c:\program files\blackd tools\blackd proxy\blackdproxy.exe:BlackdProxy for Tibia
"UDP Query User{58B9E35A-2699-4716-B80C-55645604AB51}c:\\program files\\blackd tools\\blackd proxy\\blackdproxy.exe"= TCP:c:\program files\blackd tools\blackd proxy\blackdproxy.exe:BlackdProxy for Tibia
"{0AFC948E-7D9C-4E56-AAC1-3ECCE99FE83F}"= UDP:c:\windows\System32\PnkBstrA.exe:PnkBstrA
"{9A58EFD7-9885-4F04-82C4-3AD4A25B1BB3}"= TCP:c:\windows\System32\PnkBstrA.exe:PnkBstrA
"{EABBEF47-1C2B-468F-8FCD-47C173AFDBE2}"= UDP:c:\windows\System32\PnkBstrB.exe:PnkBstrB
"{DF03C0B4-21D6-4D6C-8D4A-CD655C85E9EC}"= TCP:c:\windows\System32\PnkBstrB.exe:PnkBstrB
"{F29C4CF3-2FB0-47A2-97C2-B80CBB30D5A3}"= UDP:c:\program files\uTorrent\utorrent.exe:µTorrent (TCP-In)
"{3D3451F0-F42D-47D3-BE67-FD6786717DBA}"= TCP:c:\program files\uTorrent\utorrent.exe:µTorrent (UDP-In)
"TCP Query User{08EC5E8F-3616-468E-966D-2758FDD999D5}c:\\program files\\thq\\dawn of war - soulstorm\\soulstorm.exe"= UDP:c:\program files\thq\dawn of war - soulstorm\soulstorm.exe:Soulstorm
"UDP Query User{E2F3CDD2-6D4B-4555-9CBF-4A80B6719572}c:\\program files\\thq\\dawn of war - soulstorm\\soulstorm.exe"= TCP:c:\program files\thq\dawn of war - soulstorm\soulstorm.exe:Soulstorm
"TCP Query User{6901611C-A7ED-4DBC-8B8B-B78C3ECBA828}c:\\program files\\metin2_pl\\metin2.bin"= UDP:c:\program files\metin2_pl\metin2.bin:metin2.bin
"UDP Query User{2F595FA2-8038-495F-8209-FDC3920ADDEA}c:\\program files\\metin2_pl\\metin2.bin"= TCP:c:\program files\metin2_pl\metin2.bin:metin2.bin
"TCP Query User{E51FB9E5-F508-4D45-9077-739EEC7F1B3C}d:\\server i klient\\ots\\dragon ball reborn.exe"= UDP:d:\server i klient\ots\dragon ball reborn.exe:Dragon Ball Reborn
"UDP Query User{2B71743D-FE49-450C-9F93-99CD434240DF}d:\\server i klient\\ots\\dragon ball reborn.exe"= TCP:d:\server i klient\ots\dragon ball reborn.exe:Dragon Ball Reborn
"TCP Query User{7E473CC4-60EB-4EC0-85E4-3C47B857AA95}c:\\program files\\counter-strike\\hl.exe"= UDP:c:\program files\counter-strike\hl.exe:Half-Life Launcher
"UDP Query User{A9A9F1C4-4E57-4576-9837-37F0612C40E9}c:\\program files\\counter-strike\\hl.exe"= TCP:c:\program files\counter-strike\hl.exe:Half-Life Launcher
"TCP Query User{D27F42BE-EF08-48E5-8BE3-8D30A0D1876E}c:\\program files\\shoutcast\\sc_serv.exe"= UDP:c:\program files\shoutcast\sc_serv.exe:sc_serv
"UDP Query User{3E9AF627-9F48-4CBA-9A58-D915BDD1880E}c:\\program files\\shoutcast\\sc_serv.exe"= TCP:c:\program files\shoutcast\sc_serv.exe:sc_serv
"{C5C0E0AB-9B2A-41A5-9D9C-A728BD994C88}"= UDP:c:\program files\Atari\AITD\Alone.exe:Alone In The Dark
"{67FE84B2-8A23-494D-8D4B-B6C7EACEC9E1}"= TCP:c:\program files\Atari\AITD\Alone.exe:Alone In The Dark
"{0FAD5F2E-870E-4928-8B3E-953E661C733E}"= UDP:c:\program files\uTorrent\utorrent.exe:µTorrent
"{CACC3310-049C-4B49-8E00-2865E0A5AD2F}"= TCP:c:\program files\uTorrent\utorrent.exe:µTorrent
"{F4636EE7-D6C6-47D1-AA16-00CF97554E0D}"= UDP:c:\program files\Deep Silver\S.T.A.L.K.E.R. - Clear Sky\bin\xrEngine.exe:S.T.A.L.K.E.R. - Clear Sky (CLI)
"{C8E37482-88D8-43B0-98E2-B0C0E331C70F}"= TCP:c:\program files\Deep Silver\S.T.A.L.K.E.R. - Clear Sky\bin\xrEngine.exe:S.T.A.L.K.E.R. - Clear Sky (CLI)
"{1193CF5F-00BE-459A-BFA3-3854E9872B97}"= UDP:c:\program files\Deep Silver\S.T.A.L.K.E.R. - Clear Sky\bin\dedicated\xrEngine.exe:S.T.A.L.K.E.R. - Clear Sky (SRV)
"{C7C3AA11-B75F-4DB4-A8BE-C4C75F74E1E0}"= TCP:c:\program files\Deep Silver\S.T.A.L.K.E.R. - Clear Sky\bin\dedicated\xrEngine.exe:S.T.A.L.K.E.R. - Clear Sky (SRV)
"{1118287C-34E4-40D1-835F-A13B4DE2CAC2}"= UDP:c:\program files\DNA\btdna.exe:DNA
"{8444EC44-C739-472B-ACB7-6A5162788FAD}"= TCP:c:\program files\DNA\btdna.exe:DNA
"{530DBDAE-AE71-4EEC-87FC-7FDB71642503}"= UDP:c:\program files\DNA\btdna.exe:DNA (TCP-In)
"{15D4A554-AA93-4FD5-8855-FC2B65037D56}"= TCP:c:\program files\DNA\btdna.exe:DNA (UDP-In)
"{267971D8-4DF7-4232-87B0-44F9B9D8AD72}"= UDP:c:\program files\EA Games\Mirror's Edge\Binaries\MirrorsEdge.exe:Mirror's Edge™
"{D7C50EF3-1F43-4F4E-AF35-DC545E4F17C7}"= TCP:c:\program files\EA Games\Mirror's Edge\Binaries\MirrorsEdge.exe:Mirror's Edge™

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile]
"EnableFirewall"= 0 (0x0)

R1 appdrv01;Application Driver (01);c:\windows\System32\drivers\appdrv01.sys [2008-11-07 2915944]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\System32\drivers\klim6.sys [2007-10-16 20496]
S4 appdrvrem01;Application Driver Auto Removal Service (01);c:\windows\System32\appdrvrem01.exe svc --> c:\windows\System32\appdrvrem01.exe svc [?]

--- Inne Usługi/Sterowniki w Pamięci ---

*Deregistered* - sptd

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - NetSvcs
UxTuneUp
.
Zawartość folderu 'Zaplanowane zadania'

2009-01-31 c:\windows\Tasks\1-Click Maintenance.job
- c:\program files\TuneUp Utilities 2008\OneClickStarter.exe [2008-04-16 08:59]
.
.
------- Skan uzupełniający -------
.
IE: E&ksportuj do programu Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
FF - ProfilePath - c:\users\Patryk\AppData\Roaming\Mozilla\Firefox\Profiles\2i0gne8u.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.division69.net/
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-01-31 21:58:18
Windows 6.0.6001 Service Pack 1 NTFS

skanowanie ukrytych procesów ...  

skanowanie ukrytych wpisów autostartu ... 

skanowanie ukrytych plików ...  

skanowanie pomyślnie ukończone
ukryte pliki: 0

**************************************************************************
.
Czas ukończenia: 2009-01-31 22:01:22
ComboFix-quarantined-files.txt  2009-01-31 21:01:19

Przed: 59 217 874 944 bajtów wolnych
Po: 60,458,696,704 bajtów wolnych

260