pioter4583 / 9 lat, 1 miesiąc temu | Download | Plaintext | Odpowiedz |

  1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
ComboFix 08-09-27.05 - pioter 2008-09-28 19.15.36.2 - NTFSx86
Microsoft Windows XP Home Edition  5.1.2600.3.1252.1.1040.18.173 [GMT 2:00]
Eseguito da: C:\Documents and Settings\pioter\Desktop\ComboFix.exe
Command switches used :: C:\Documents and Settings\pioter\Desktop\CFScript.txt
 * Creato nuovo punto di ripristino

[color=red][b]ATENÇÃO - ESTA MAQUINA NAO TEM A CONSOLE DE RECUPERAÇÃO INSTALADA !![/b][/color]

FILE ::
C:\sqmdata04.sqm
C:\sqmdata05.sqm
C:\sqmdata06.sqm
C:\sqmdata07.sqm
C:\sqmnoopt04.sqm
C:\sqmnoopt05.sqm
C:\sqmnoopt06.sqm
C:\sqmnoopt07.sqm
.

(((((((((((((((((((((((((((((((((((((   Altre eliminazioni   )))))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\monika\Cookies\monika@clickpoint[2].txt
C:\Documents and Settings\pioter\Menu Avvio\Programmi\Videos.url
C:\Documents and Settings\pioter\Preferiti\Videos.url
C:\sqmdata04.sqm
C:\sqmdata05.sqm
C:\sqmdata06.sqm
C:\sqmdata07.sqm
C:\sqmnoopt04.sqm
C:\sqmnoopt05.sqm
C:\sqmnoopt06.sqm
C:\sqmnoopt07.sqm

.
(((((((((((((((((((((((((   Files Creati Da 2008-08-28 al 2008-09-28  )))))))))))))))))))))))))))))))))))
.

2008-09-18 08:54 . 2007-02-28 18:02	2,139,648	--a------	C:\WINDOWS\system32\dllcache\ntkrnlmp.exe
2008-09-13 21:54 . 2008-09-13 21:54	<DIR>	d--------	C:\Programmi\File comuni\Skype
2008-09-13 13:41 . 2008-09-13 13:41	25,601	--a------	C:\WINDOWS\CSTBox.INI
2008-09-08 20:18 . 2008-09-18 09:03	<DIR>	d--------	C:\WINDOWS\system32\it
2008-09-08 20:18 . 2008-09-18 12:00	<DIR>	d--------	C:\WINDOWS\l2schemas
2008-09-08 20:13 . 2007-08-10 08:20	33,656	--a------	C:\WINDOWS\system32\sprecovr.exe
2008-09-02 23:24 . 2004-05-14 16:53	462,848	--a------	C:\WINDOWS\system32\ltkrn13n.dll
2008-09-02 23:24 . 2004-05-14 16:53	450,560	--a------	C:\WINDOWS\system32\ltimg13n.dll
2008-09-02 23:24 . 2004-05-14 16:53	401,408	--a------	C:\WINDOWS\system32\lfcmp13n.dll
2008-09-02 23:24 . 2004-05-14 16:53	299,008	--a------	C:\WINDOWS\system32\ltdis13n.dll
2008-09-02 23:24 . 2004-01-12 02:09	206,336	--a------	C:\WINDOWS\system32\ltefx13n.dll
2008-09-02 23:24 . 2004-05-14 16:53	163,840	--a------	C:\WINDOWS\system32\ltfil13n.dll
2008-09-02 23:24 . 2003-11-04 15:10	69,632	--a------	C:\WINDOWS\system32\lfgif13n.dll
2008-09-02 23:24 . 2004-05-14 16:53	57,344	--a------	C:\WINDOWS\system32\lfbmp13n.dll
2008-09-01 17:43 . 2008-09-01 17:43	<DIR>	d--------	C:\Programmi\InsideSend
2008-09-01 17:42 . 2008-09-01 17:42	<DIR>	d--------	C:\Programmi\Circle Developement

.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-09-28 16:20	---------	d---a-w	C:\Documents and Settings\All Users\Dati applicazioni\TEMP
2008-09-28 11:47	---------	d-----w	C:\Documents and Settings\monika\Dati applicazioni\LimeWire
2008-09-27 18:47	---------	d-----w	C:\Documents and Settings\All Users\Dati applicazioni\Google Updater
2008-09-13 11:41	---------	d-----w	C:\Documents and Settings\monika\Dati applicazioni\Canon
2008-09-05 13:08	---------	d-----w	C:\Programmi\File comuni\Symantec Shared
2008-09-03 18:03	---------	d-----w	C:\Documents and Settings\monika\Dati applicazioni\InsideSend
2008-09-01 15:45	---------	d-----w	C:\Documents and Settings\All Users\Dati applicazioni\Ball mapi owns ping
2008-09-01 15:42	---------	d-----w	C:\Programmi\Messenger Plus! Live
2008-08-15 11:34	---------	d-----w	C:\Documents and Settings\monika\Dati applicazioni\Ahead
2008-08-15 11:29	---------	d-----w	C:\Programmi\Nero
2008-08-15 11:29	---------	d-----w	C:\Programmi\File comuni\Ahead
.

(((((((((((((((((((((((((((((   snapshot@2008-09-28_18.10.51.98   )))))))))))))))))))))))))))))))))))))))))
.
+ 2005-10-20 18:02:28	163,328	----a-w	C:\WINDOWS\erdnt\subs\ERDNT.EXE
+ 2008-09-28 17:19:21	16,384	----atw	C:\WINDOWS\Temp\Perflib_Perfdata_524.dat
.
(((((((((((((((((((((((((((((((((((((   Punti Reg Caricati   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-19 15360]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Programmi\File comuni\Ahead\lib\NMBgMonitor.exe" [2005-09-03 94208]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LgWDskTp"="C:\Programmi\Wireless Desktop\LgWDskTp.exe" [2003-10-29 65536]
"HKSERV.EXE"="C:\Programmi\Sony\HotKey Utility\HKserv.exe" [2003-08-14 90112]
"ezShieldProtector for Px"="C:\WINDOWS\System32\ezSP_Px.exe" [2002-08-20 40960]
"QuickTime Task"="C:\Programmi\QuickTime\qttask.exe" [2008-03-01 77824]
"Drag'n Drop CD+DVD"="C:\Programmi\drag'n drop cd+dvd\BinFiles\DragDrop.exe" [2003-08-08 1175552]
"EPSON Stylus C62 Series"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE" [2002-07-01 74752]
"Omnipage"="C:\Programmi\ScanSoft\OmniPageSE\opware32.exe" [2002-06-03 49152]
"WinampAgent"="C:\Programmi\Winamp\winampa.exe" [2008-01-16 37376]
"SunJavaUpdateSched"="C:\Programmi\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
"snpstd"="C:\WINDOWS\vsnpstd.exe" [2003-12-31 40960]
"Google Desktop Search"="C:\Programmi\Google\Google Desktop Search\GoogleDesktop.exe" [2008-07-21 29744]
"Adobe Reader Speed Launcher"="C:\Programmi\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 155648]
"Owns Ping Ante Admin"="C:\Documents and Settings\All Users\Dati applicazioni\Ball mapi owns ping\[u]0[/u]1 grid.exe" [2008-09-28 19:25 5953024]
"Logitech Utility"="Logi_MwX.Exe" [2003-07-22 C:\WINDOWS\Logi_MwX.Exe]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2004-08-19 C:\WINDOWS\system32\bthprops.cpl]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-19 15360]

C:\Documents and Settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\
Acrobat Assistant.lnk - C:\Programmi\Adobe\Acrobat 6.0\Distillr\acrotray.exe [2003-07-30 217195]
Adobe Gamma Loader.lnk - C:\Programmi\File comuni\Adobe\Calibration\Adobe Gamma Loader.exe [2008-03-01 113664]
Remocon Driver.lnk - C:\Programmi\sony\usbsircs\usbsircs.exe [2003-11-07 229376]
Timer Recording Manager.lnk - C:\Programmi\Sony\giga pocket\ReserveModule.exe [2008-03-01 262144]
VAIO Action Setup (Server).lnk - C:\Programmi\Sony\VAIO Action Setup\VAServ.exe [2003-11-07 53248]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.dvsd"= C:\PROGRA~1\FILECO~1\SONYSH~1\videolib\sonydv.dll

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Programmi\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Programmi\\Windows Live\\Messenger\\livecall.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Programmi\\Sony\\giga pocket\\gps.exe"=
"C:\\Programmi\\LimeWire\\LimeWire.exe"=
"C:\\Programmi\\Skype\\Phone\\Skype.exe"=

R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-07-19 78416]
R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-07-19 20560]
R3 HSFHWSIS;HSFHWSIS;C:\WINDOWS\system32\DRIVERS\HSFHWSIS.sys [2003-06-15 175744]
R3 LCcfltr;Logitech USB Filter Driver;C:\WINDOWS\system32\Drivers\LCcFltr.Sys [2003-07-22 15126]
R3 SMSCMS;SMSC LPC Memory Stick Host Controller;C:\WINDOWS\system32\DRIVERS\SMSCMS.sys [2004-01-29 58624]
S3 GoogleDesktopManager-022208-143751;Google Desktop Manager 5.7.802.22438;C:\Programmi\Google\Google Desktop Search\GoogleDesktop.exe [2008-07-21 29744]
S3 usbscan;Driver scanner USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 USBSTOR;Driver archiviazione di massa USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-04 26496]
.
Contenuto della cartella 'Scheduled Tasks'
.

**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-28 19:21:52
Windows 5.1.2600 Service Pack 3 NTFS

scansione processi nascosti ...

scansione entrate autostart nascoste ...

Scansione files nascosti ...

Scansione completata con successo
Files nascosti: 0

**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\Programmi\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe
C:\Programmi\Alwil Software\Avast4\ashServ.exe
C:\Programmi\File comuni\EPSON\EBAPI\SAgent2.exe
C:\Programmi\Sony\giga pocket\shwserv.exe
C:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe
C:\Programmi\Alwil Software\Avast4\ashWebSv.exe
C:\Programmi\Sony\giga pocket\RM_SV.exe
C:\WINDOWS\system32\rundll32.exe
C:\Programmi\Sony\HotKey Utility\HKWnd.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\Programmi\Sony\giga pocket\gps.exe
C:\ComboFix\pv.cfexe
.
**************************************************************************
.
Ora fine scansione: 2008-09-28 19:26:28 - machine was rebooted
ComboFix-quarantined-files.txt  2008-09-28 17:26:23
ComboFix2.txt  2008-09-28 16:11:53
ComboFix3.txt  2008-04-19 09:56:53
ComboFix4.txt  2008-04-19 09:38:11

Pre-Run: 13.380.108.288 byte disponibili
Post-Run: 13,304,795,136 byte disponibili

159	--- E O F ---	2008-09-17 20:13:24