Anonim / 8 lat, 12 miesięcy temu | Download | Plaintext | Odpowiedz |

  1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
daje log z tego sd fixa 

[b]SDFix: Version 1.240 [/b]
Run by Administrator on 2009-04-28 at 19:51

Microsoft Windows XP [Wersja 5.1.2600]
Running From: C:\SDFix

[b]Checking Services [/b]:


Restoring Default Security Values
Restoring Default Hosts File

Rebooting


[b]Checking Files [/b]: 

No Trojan Files Found






Removing Temp Files

[b]ADS Check [/b]:
 


                                 [b]Final Check [/b]:

catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-04-28 19:54:37
Windows 5.1.2600 Dodatek Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden services & system hive ...

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg]
"s1"=dword:2df9c43f
"s2"=dword:110480d0
"h0"=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"p0"="C:\Program Files\DAEMON Tools Lite\"
"h0"=dword:00000000
"khjeh"=hex:54,36,c5,09,69,4d,83,7f,3b,58,ba,18,cd,52,bb,14,8c,7b,d2,1d,36,..

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
"a0"=hex:20,01,00,00,d2,e9,e2,d9,2a,f8,07,c4,2e,ac,7f,e4,12,49,59,46,64,..
"khjeh"=hex:6e,22,80,24,a2,00,7b,fc,fe,e5,c1,e5,3b,15,89,9a,7a,60,bd,57,d3,..

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
"khjeh"=hex:2d,68,b8,c5,77,85,84,3c,ca,70,c8,53,02,17,d2,71,b4,ce,d2,c5,4b,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"p0"="C:\Program Files\DAEMON Tools Lite\"
"h0"=dword:00000000
"khjeh"=hex:54,36,c5,09,69,4d,83,7f,3b,58,ba,18,cd,52,bb,14,8c,7b,d2,1d,36,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
"a0"=hex:20,01,00,00,d2,e9,e2,d9,2a,f8,07,c4,2e,ac,7f,e4,12,49,59,46,64,..
"khjeh"=hex:6e,22,80,24,a2,00,7b,fc,fe,e5,c1,e5,3b,15,89,9a,7a,60,bd,57,d3,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
"khjeh"=hex:a1,bf,8e,80,ef,fe,6e,d4,cf,a8,e3,4f,58,33,c4,3b,ec,23,e9,d0,90,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"p0"="C:\Program Files\DAEMON Tools Lite\"
"h0"=dword:00000000
"khjeh"=hex:54,36,c5,09,69,4d,83,7f,3b,58,ba,18,cd,52,bb,14,8c,7b,d2,1d,36,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
"a0"=hex:20,01,00,00,d2,e9,e2,d9,2a,f8,07,c4,2e,ac,7f,e4,12,49,59,46,64,..
"khjeh"=hex:6e,22,80,24,a2,00,7b,fc,fe,e5,c1,e5,3b,15,89,9a,7a,60,bd,57,d3,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
"khjeh"=hex:2d,68,b8,c5,77,85,84,3c,ca,70,c8,53,02,17,d2,71,b4,ce,d2,c5,4b,..

scanning hidden registry entries ...

scanning hidden files ...

scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0


[b]Remaining Services [/b]:




Authorized Application Key Export:

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"="C:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe:*:Enabled:BlueSoleil"
"C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"="C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"="C:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"="C:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\\Program Files\\Ares\\Ares.exe"="C:\\Program Files\\Ares\\Ares.exe:*:Enabled:Ares p2p for windows"
"C:\\Program Files\\Electronic Arts\\EADM\\Core.exe"="C:\\Program Files\\Electronic Arts\\EADM\\Core.exe:*:Disabled:EA Download Manager"
"C:\\Program Files\\BitComet\\BitComet.exe"="C:\\Program Files\\BitComet\\BitComet.exe:*:Enabled:BitComet - a BitTorrent Client"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe:*:Enabled:hpofxm08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe:*:Enabled:hposfx08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe:*:Enabled:hposid01.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe:*:Enabled:hpqcopy.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe:*:Enabled:hpqnrs08.exe"
"C:\\Program Files\\Nowe Gadu-Gadu\\gg.exe"="C:\\Program Files\\Nowe Gadu-Gadu\\gg.exe:*:Enabled:Nowe Gadu-Gadu beta"
"D:\\Programy\\I\\Install\\Internet\\utorrent.exe"="D:\\Programy\\I\\Install\\Internet\\utorrent.exe:*:Enabled:µTorrent"
"F:\\gta4\\Rockstar Games Social Club\\RGSCLauncher.exe"="F:\\gta4\\Rockstar Games Social Club\\RGSCLauncher.exe:*:Enabled:Rockstar Games Social Club"
"F:\\gta4\\GTAIV_RIP_BY_JAAP32_AND_EDDOW\\Grand Theft Auto IV\\GTAIV.exe"="F:\\gta4\\GTAIV_RIP_BY_JAAP32_AND_EDDOW\\Grand Theft Auto IV\\GTAIV.exe:*:Enabled:Grand Theft Auto IV"
"C:\\Program Files\\Mozilla Firefox\\firefox.exe"="C:\\Program Files\\Mozilla Firefox\\firefox.exe:*:Enabled:Firefox"
"C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[b]Remaining Files [/b]:



[b]Files with Hidden Attributes [/b]:

Mon 26 Jan 2009     1,740,632 A.SHR --- "C:\Program Files\Spybot - Search & Destroy\SDUpdate.exe"
Mon 26 Jan 2009     5,365,592 A.SHR --- "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe"
Mon 26 Jan 2009     2,144,088 A.SHR --- "C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe"
Thu 26 Mar 2009     9,934,392 A..H. --- "C:\Program Files\Google\Picasa3\setup.exe"
Fri 14 Nov 2008        16,644 A..H. --- "C:\Documents and Settings\Administrator\Moje dokumenty\Miˆosz M\gitara\~WRL0003.tmp"
Fri 14 Nov 2008        16,647 A..H. --- "C:\Documents and Settings\Administrator\Moje dokumenty\Miˆosz M\gitara\~WRL0092.tmp"
Thu 11 Dec 2008        13,410 A..H. --- "C:\Documents and Settings\Administrator\Moje dokumenty\Miˆosz M\LEKCJE\III Klasa\BIOLOGIA\~WRL2476.tmp"
Thu 13 Nov 2008        14,309 A..H. --- "C:\Documents and Settings\Administrator\Moje dokumenty\Miˆosz M\LEKCJE\III Klasa\Fizyka\~WRL0238.tmp"
Thu 13 Nov 2008        14,813 A..H. --- "C:\Documents and Settings\Administrator\Moje dokumenty\Miˆosz M\LEKCJE\III Klasa\Fizyka\~WRL0375.tmp"
Mon 17 Nov 2008       970,684 A..H. --- "C:\Documents and Settings\Administrator\Moje dokumenty\Miˆosz M\LEKCJE\III Klasa\Geografia\~WRL0003.tmp"
Mon 17 Nov 2008       968,806 A..H. --- "C:\Documents and Settings\Administrator\Moje dokumenty\Miˆosz M\LEKCJE\III Klasa\Geografia\~WRL0188.tmp"
Mon 17 Nov 2008       970,399 A..H. --- "C:\Documents and Settings\Administrator\Moje dokumenty\Miˆosz M\LEKCJE\III Klasa\Geografia\~WRL0424.tmp"
Mon 17 Nov 2008       968,218 A..H. --- "C:\Documents and Settings\Administrator\Moje dokumenty\Miˆosz M\LEKCJE\III Klasa\Geografia\~WRL1097.tmp"
Mon 17 Nov 2008       968,946 A..H. --- "C:\Documents and Settings\Administrator\Moje dokumenty\Miˆosz M\LEKCJE\III Klasa\Geografia\~WRL1304.tmp"
Mon 17 Nov 2008       968,696 A..H. --- "C:\Documents and Settings\Administrator\Moje dokumenty\Miˆosz M\LEKCJE\III Klasa\Geografia\~WRL2129.tmp"
Mon 17 Nov 2008       968,851 A..H. --- "C:\Documents and Settings\Administrator\Moje dokumenty\Miˆosz M\LEKCJE\III Klasa\Geografia\~WRL3259.tmp"
Mon 17 Nov 2008       968,416 A..H. --- "C:\Documents and Settings\Administrator\Moje dokumenty\Miˆosz M\LEKCJE\III Klasa\Geografia\~WRL3615.tmp"
Sun 16 Nov 2008        16,664 A..H. --- "C:\Documents and Settings\Administrator\Moje dokumenty\Miˆosz M\LEKCJE\III Klasa\Historia\~WRL0239.tmp"
Sun 16 Nov 2008        14,142 A..H. --- "C:\Documents and Settings\Administrator\Moje dokumenty\Miˆosz M\LEKCJE\III Klasa\Historia\~WRL0895.tmp"
Sun 16 Nov 2008        16,149 A..H. --- "C:\Documents and Settings\Administrator\Moje dokumenty\Miˆosz M\LEKCJE\III Klasa\Historia\~WRL2247.tmp"
Sun 16 Nov 2008        16,718 A..H. --- "C:\Documents and Settings\Administrator\Moje dokumenty\Miˆosz M\LEKCJE\III Klasa\Historia\~WRL2262.tmp"
Sun 16 Nov 2008        16,733 A..H. --- "C:\Documents and Settings\Administrator\Moje dokumenty\Miˆosz M\LEKCJE\III Klasa\Historia\~WRL2303.tmp"
Sun 16 Nov 2008        16,630 A..H. --- "C:\Documents and Settings\Administrator\Moje dokumenty\Miˆosz M\LEKCJE\III Klasa\Historia\~WRL2454.tmp"
Sun 16 Nov 2008        14,690 A..H. --- "C:\Documents and Settings\Administrator\Moje dokumenty\Miˆosz M\LEKCJE\III Klasa\Historia\~WRL3243.tmp"
Tue 11 Nov 2008        12,019 A..H. --- "C:\Documents and Settings\Administrator\Moje dokumenty\Miˆosz M\LEKCJE\III Klasa\Niemiecki\~WRL0600.tmp"
Tue 11 Nov 2008        12,832 A..H. --- "C:\Documents and Settings\Administrator\Moje dokumenty\Miˆosz M\LEKCJE\III Klasa\Niemiecki\~WRL0723.tmp"
Tue 11 Nov 2008        11,431 A..H. --- "C:\Documents and Settings\Administrator\Moje dokumenty\Miˆosz M\LEKCJE\III Klasa\Niemiecki\~WRL3124.tmp"
Tue 11 Nov 2008        15,729 A..H. --- "C:\Documents and Settings\Administrator\Moje dokumenty\Miˆosz M\LEKCJE\III Klasa\Niemiecki\~WRL3511.tmp"
Mon 17 Dec 2007        79,360 A..H. --- "C:\Documents and Settings\Administrator\Moje dokumenty\Miˆosz M\LEKCJE\II klasa\BIOLOGIA\kARTKŕWKI\2 ro«dziaˆ\~WRL0002.tmp"

[b]Finished![/b]