x-kom hosting

prosze o sprawdzenie loga

wiesia

wiesia

utworzono
utworzono

prosze o sprawdzenie logaComboFix 07-08-09.3 - "KAPKA" 2007-08-13 16:53:14.6 - FAT32x86

Microsoft Windows XP Professional 5.1.2600.2.1250.1.1045.18.59 [GMT 2:00]

* Created a new restore point

((((((((((((((((((((((((( Files Created from 2007-07-13 to 2007-08-13 )))))))))))))))))))))))))))))))

2007-08-13 14:55 <DIR> d--hs---- C:FOUND.062

2007-08-13 14:52 <DIR> d--hs---- C:FOUND.061

2007-08-13 14:49 <DIR> d--hs---- C:FOUND.060

2007-08-12 21:23 <DIR> d--hs---- C:FOUND.059

2007-08-12 15:29 <DIR> d--hs---- C:FOUND.058

2007-08-11 18:36 <DIR> d--hs---- C:FOUND.057

2007-08-11 18:33 <DIR> d--hs---- C:FOUND.056

2007-08-11 09:53 <DIR> d--hs---- C:FOUND.055

2007-08-11 09:50 <DIR> d--hs---- C:FOUND.054

2007-08-09 14:29 <DIR> d--hs---- C:FOUND.053

2007-08-08 13:30 <DIR> d--hs---- C:FOUND.052

2007-08-08 13:24 <DIR> d--hs---- C:FOUND.051

2007-08-07 16:45 <DIR> d--hs---- C:FOUND.050

2007-08-07 14:03 <DIR> d--hs---- C:FOUND.049

2007-08-05 21:00 <DIR> d--hs---- C:FOUND.048

2007-08-05 16:38 <DIR> d--hs---- C:FOUND.047

2007-08-05 14:16 <DIR> d--hs---- C:FOUND.046

2007-08-05 12:11 51,200 --a------ C:WINDOWSnircmd.exe

2007-08-05 11:54 <DIR> d--hs---- C:FOUND.045

2007-08-05 10:32 <DIR> d--hs---- C:FOUND.044

2007-08-05 09:50 <DIR> d--hs---- C:FOUND.043

2007-08-05 05:47 <DIR> d--hs---- C:FOUND.042

2007-08-04 19:24 <DIR> d--hs---- C:FOUND.041

2007-08-04 11:32 <DIR> d--hs---- C:FOUND.040

2007-08-04 06:35 <DIR> d--hs---- C:FOUND.039

2007-08-04 05:45 <DIR> d--hs---- C:FOUND.038

2007-08-03 18:58 <DIR> d--hs---- C:FOUND.037

2007-08-03 15:25 <DIR> d--hs---- C:FOUND.036

2007-08-03 14:32 <DIR> d--hs---- C:FOUND.035

2007-08-03 12:25 <DIR> d--hs---- C:FOUND.034

2007-08-03 11:52 <DIR> d--hs---- C:FOUND.033

2007-08-03 08:27 <DIR> d--hs---- C:FOUND.032

2007-08-03 07:20 <DIR> d--hs---- C:FOUND.031

2007-08-03 06:38 <DIR> d--hs---- C:FOUND.030

2007-08-03 06:33 <DIR> d--hs---- C:FOUND.029

2007-08-03 06:23 <DIR> d--hs---- C:FOUND.028

2007-08-03 05:53 <DIR> d--hs---- C:FOUND.027

2007-08-03 05:37 <DIR> d--hs---- C:FOUND.026

2007-08-02 17:18 <DIR> d--hs---- C:FOUND.025

2007-08-02 06:23 <DIR> d--hs---- C:FOUND.024

2007-08-01 20:52 <DIR> d--hs---- C:FOUND.023

2007-08-01 19:10 <DIR> d--hs---- C:FOUND.022

2007-08-01 09:18 <DIR> d--hs---- C:FOUND.021

2007-08-01 09:15 <DIR> d--hs---- C:FOUND.020

2007-08-01 07:35 <DIR> d--hs---- C:FOUND.019

2007-07-31 19:24 <DIR> d--hs---- C:FOUND.018

2007-07-31 14:35 <DIR> d--hs---- C:FOUND.017

2007-07-31 13:51 <DIR> d--hs---- C:FOUND.016

2007-07-30 13:40 <DIR> d--hs---- C:FOUND.015

2007-07-30 13:38 <DIR> d--hs---- C:FOUND.014

2007-07-29 13:54 <DIR> d--hs---- C:FOUND.013

2007-07-29 13:45 <DIR> d--hs---- C:FOUND.012

2007-07-28 20:17 <DIR> d--hs---- C:FOUND.011

2007-07-28 15:44 <DIR> d--hs---- C:FOUND.010

2007-07-28 13:16 <DIR> d--hs---- C:FOUND.009

2007-07-27 15:37 <DIR> d--hs---- C:FOUND.008

2007-07-23 14:57 <DIR> d--hs---- C:FOUND.007

2007-07-22 05:34 <DIR> d--hs---- C:FOUND.006

2007-07-22 05:26 <DIR> d--hs---- C:FOUND.005

2007-07-15 16:08 <DIR> d--hs---- C:FOUND.004

2007-07-15 08:54 <DIR> d--hs---- C:FOUND.003

2007-07-15 05:37 <DIR> d--hs---- C:FOUND.002

2007-07-14 12:48 <DIR> d--hs---- C:FOUND.001

2007-07-13 21:10 <DIR> d--hs---- C:FOUND.000

2007-07-13 16:31 <DIR> d-------- C:DOCUME~1ALLUSE~1DANEAP~1Spybot - Search & Destroy

2007-07-13 16:13 <DIR> d-------- C:WINDOWSsystem32NtmsData

2007-07-13 15:59 11,935 -ra------ C:WINDOWSsystem32driversDUBE100.sys

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

2007-07-11 21:42 --------- d-------- C:Program FilesCommon FilesSkype

2007-05-16 17:19 85504 --------- C:WINDOWSsystem32dllcachewabimp.dll

2007-05-16 17:19 510976 --------- C:WINDOWSsystem32dllcachewab32.dll

2007-05-16 17:19 1314816 --------- C:WINDOWSsystem32dllcachemsoe.dll

2007-05-16 17:18 86528 --------- C:WINDOWSsystem32dllcachedirectdb.dll

2007-05-16 17:18 683520 --a------ C:WINDOWSsystem32inetcomm.dll

2007-05-16 17:18 683520 --------- C:WINDOWSsystem32dllcacheinetcomm.dll

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun]

"SoundMan"="SOUNDMAN.EXE" [2002-11-19 14:01 C:WINDOWSSOUNDMAN.EXE]

"NvCplDaemon"="C:WINDOWSSystem32NvCpl.dll" [2002-10-25 11:18]

"nwiz"="nwiz.exe" [2002-10-25 11:18 C:WINDOWSsystem32nwiz.exe]

"WooCnxMon"="C:PROGRA~1NEOSTR~1CnxMon.exe" [2003-10-16 19:07]

"SpeedTouch USB Diagnostics"="C:Program FilesThomsonSpeedTouch USBDragdiag.exe" [2004-01-26 11:38]

"WOOWATCH"="C:PROGRA~1NEOSTR~1Watch.exe" [2003-10-16 19:07]

"WOOTASKBARICON"="C:PROGRA~1NEOSTR~1taskbaricon.exe" [2003-10-16 19:07]

"NeroCheck"="C:WINDOWSSystem32NeroCheck.exe" [2001-07-09 10:50]

"SunJavaUpdateSched"="C:Program FilesJavajre1.5.0_06binjusched.exe" [2005-11-10 13:03]

"LVCOMSX"="C:WINDOWSsystem32LVCOMSX.EXE" [2005-01-19 11:05]

"Creative WebCam Tray"="C:Program FilesCreativeShared FilesCAMTRAY.EXE" [2004-07-30 11:04]

"APVXDWIN"="C:Program FilesPanda SoftwarePanda Antivirus 2007APVXDWIN.exe" [2006-09-13 08:59]

[HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRun]

"Gadu-Gadu"="C:Program FilesGadu-Gadugg.exe" [2006-01-31 13:26]

"Komunikator"="C:Program FilesTlen.pltlen.exe" []

"Megaphone"="C:Program FilesGiyus.orgmegaphone.exe" [2006-08-01 17:37]

"Skype"="C:Program FilesSkypePhoneSkype.exe" [2007-06-08 15:22]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftwindows ntcurrentversionwinlogonnotifyavldr]

avldr.dll 2005-09-27 12:13 45056 C:WINDOWSsystem32avldr.dll

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupfolderC:^Documents and Settings^All Users^Menu Start^Programy^Autostart^Adobe Gamma Loader.lnk]

path=C:Documents and SettingsAll UsersMenu StartProgramyAutostartAdobe Gamma Loader.lnk

backup=C:WINDOWSpssAdobe Gamma Loader.lnkCommon Startup

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregError Safe]

"C:Program FilesError Safe Freeers.exe" /min

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregMSMSGS]

"C:Program FilesMessengermsmsgs.exe" /background

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregMsnMsgr]

"C:Program FilesMSN MessengerMsnMsgr.Exe" /background

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregQuickTime Task]

"C:Program FilesQuickTimeqttask.exe" -atboottime

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregswg]

C:Program FilesGoogleGoogleToolbarNotifier1.2.1128.5462GoogleToolbarNotifier.exe

R1 VIAPFD;VIAPFD;C:WINDOWSsystem32DriversVIAPFD.SYS

R2 AdobeActiveFileMonitor;Adobe Active File Monitor;C:Program FilesAdobePhotoshop Elements 3.0PhotoshopElementsFileAgent.exe

R2 PAVDRV;pavdrv;C:WINDOWSsystem32DRIVERSpavdrv51.sys

R2 PhotoshopElementsDeviceConnect;Photoshop Elements Device Connect;C:Program FilesAdobePhotoshop Elements 3.0PhotoshopElementsDeviceConnect.exe

R3 alcan5wn;SpeedTouch USB ADSL PPP Networking Driver (NDISWAN);C:WINDOWSsystem32DRIVERSalcan5wn.sys

S2 WNMFLT;Wifi Monitor Filter Plugin;??C:WINDOWSsystem32DriversWNMFLT.SYS

S3 DUBE100;D-Link DUB-E100 USB 2.0 to Fast Ethernet Adapter;C:WINDOWSsystem32DRIVERSDUBE100.sys

S3 rtport;rtport;??C:WINDOWSsystem32driversrtport.sys

S3 V0090VID;Creative WebCam Vista Plus;C:WINDOWSsystem32DRIVERSV0090Vid.sys

Contents of the 'Scheduled Tasks' folder

2007-07-13 14:27:38 C:WINDOWSTasksBackupPłatnika.job

**************************************************************************

catchme 0.3.1061 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2007-08-13 16:55:03

Windows 5.1.2600 Dodatek Service Pack 2 FAT NTAPI

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully

hidden files: 0

**************************************************************************

Completion time: 2007-08-13 16:56:22

C:ComboFix-quarantined-files.txt ... 2007-08-13 16:56

C:ComboFix3.txt ... 2007-08-04 20:34

C:ComboFix2.txt ... 2007-08-05 12:15

--- E O F ---

ComboFix 07-08-09.3 - "KAPKA" 2007-08-13 16:53:14.6 - FAT32x86

Microsoft Windows XP Professional 5.1.2600.2.1250.1.1045.18.59 [GMT 2:00]

* Created a new restore point

((((((((((((((((((((((((( Files Created from 2007-07-13 to 2007-08-13 )))))))))))))))))))))))))))))))

2007-08-13 14:55 <DIR> d--hs---- C:FOUND.062

2007-08-13 14:52 <DIR> d--hs---- C:FOUND.061

2007-08-13 14:49 <DIR> d--hs---- C:FOUND.060

2007-08-12 21:23 <DIR> d--hs---- C:FOUND.059

2007-08-12 15:29 <DIR> d--hs---- C:FOUND.058

2007-08-11 18:36 <DIR> d--hs---- C:FOUND.057

2007-08-11 18:33 <DIR> d--hs---- C:FOUND.056

2007-08-11 09:53 <DIR> d--hs---- C:FOUND.055

2007-08-11 09:50 <DIR> d--hs---- C:FOUND.054

2007-08-09 14:29 <DIR> d--hs---- C:FOUND.053

2007-08-08 13:30 <DIR> d--hs---- C:FOUND.052

2007-08-08 13:24 <DIR> d--hs---- C:FOUND.051

2007-08-07 16:45 <DIR> d--hs---- C:FOUND.050

2007-08-07 14:03 <DIR> d--hs---- C:FOUND.049

2007-08-05 21:00 <DIR> d--hs---- C:FOUND.048

2007-08-05 16:38 <DIR> d--hs---- C:FOUND.047

2007-08-05 14:16 <DIR> d--hs---- C:FOUND.046

2007-08-05 12:11 51,200 --a------ C:WINDOWSnircmd.exe

2007-08-05 11:54 <DIR> d--hs---- C:FOUND.045

2007-08-05 10:32 <DIR> d--hs---- C:FOUND.044

2007-08-05 09:50 <DIR> d--hs---- C:FOUND.043

2007-08-05 05:47 <DIR> d--hs---- C:FOUND.042

2007-08-04 19:24 <DIR> d--hs---- C:FOUND.041

2007-08-04 11:32 <DIR> d--hs---- C:FOUND.040

2007-08-04 06:35 <DIR> d--hs---- C:FOUND.039

2007-08-04 05:45 <DIR> d--hs---- C:FOUND.038

2007-08-03 18:58 <DIR> d--hs---- C:FOUND.037

2007-08-03 15:25 <DIR> d--hs---- C:FOUND.036

2007-08-03 14:32 <DIR> d--hs---- C:FOUND.035

2007-08-03 12:25 <DIR> d--hs---- C:FOUND.034

2007-08-03 11:52 <DIR> d--hs---- C:FOUND.033

2007-08-03 08:27 <DIR> d--hs---- C:FOUND.032

2007-08-03 07:20 <DIR> d--hs---- C:FOUND.031

2007-08-03 06:38 <DIR> d--hs---- C:FOUND.030

2007-08-03 06:33 <DIR> d--hs---- C:FOUND.029

2007-08-03 06:23 <DIR> d--hs---- C:FOUND.028

2007-08-03 05:53 <DIR> d--hs---- C:FOUND.027

2007-08-03 05:37 <DIR> d--hs---- C:FOUND.026

2007-08-02 17:18 <DIR> d--hs---- C:FOUND.025

2007-08-02 06:23 <DIR> d--hs---- C:FOUND.024

2007-08-01 20:52 <DIR> d--hs---- C:FOUND.023

2007-08-01 19:10 <DIR> d--hs---- C:FOUND.022

2007-08-01 09:18 <DIR> d--hs---- C:FOUND.021

2007-08-01 09:15 <DIR> d--hs---- C:FOUND.020

2007-08-01 07:35 <DIR> d--hs---- C:FOUND.019

2007-07-31 19:24 <DIR> d--hs---- C:FOUND.018

2007-07-31 14:35 <DIR> d--hs---- C:FOUND.017

2007-07-31 13:51 <DIR> d--hs---- C:FOUND.016

2007-07-30 13:40 <DIR> d--hs---- C:FOUND.015

2007-07-30 13:38 <DIR> d--hs---- C:FOUND.014

2007-07-29 13:54 <DIR> d--hs---- C:FOUND.013

2007-07-29 13:45 <DIR> d--hs---- C:FOUND.012

2007-07-28 20:17 <DIR> d--hs---- C:FOUND.011

2007-07-28 15:44 <DIR> d--hs---- C:FOUND.010

2007-07-28 13:16 <DIR> d--hs---- C:FOUND.009

2007-07-27 15:37 <DIR> d--hs---- C:FOUND.008

2007-07-23 14:57 <DIR> d--hs---- C:FOUND.007

2007-07-22 05:34 <DIR> d--hs---- C:FOUND.006

2007-07-22 05:26 <DIR> d--hs---- C:FOUND.005

2007-07-15 16:08 <DIR> d--hs---- C:FOUND.004

2007-07-15 08:54 <DIR> d--hs---- C:FOUND.003

2007-07-15 05:37 <DIR> d--hs---- C:FOUND.002

2007-07-14 12:48 <DIR> d--hs---- C:FOUND.001

2007-07-13 21:10 <DIR> d--hs---- C:FOUND.000

2007-07-13 16:31 <DIR> d-------- C:DOCUME~1ALLUSE~1DANEAP~1Spybot - Search & Destroy

2007-07-13 16:13 <DIR> d-------- C:WINDOWSsystem32NtmsData

2007-07-13 15:59 11,935 -ra------ C:WINDOWSsystem32driversDUBE100.sys

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

2007-07-11 21:42 --------- d-------- C:Program FilesCommon FilesSkype

2007-05-16 17:19 85504 --------- C:WINDOWSsystem32dllcachewabimp.dll

2007-05-16 17:19 510976 --------- C:WINDOWSsystem32dllcachewab32.dll

2007-05-16 17:19 1314816 --------- C:WINDOWSsystem32dllcachemsoe.dll

2007-05-16 17:18 86528 --------- C:WINDOWSsystem32dllcachedirectdb.dll

2007-05-16 17:18 683520 --a------ C:WINDOWSsystem32inetcomm.dll

2007-05-16 17:18 683520 --------- C:WINDOWSsystem32dllcacheinetcomm.dll

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun]

"SoundMan"="SOUNDMAN.EXE" [2002-11-19 14:01 C:WINDOWSSOUNDMAN.EXE]

"NvCplDaemon"="C:WINDOWSSystem32NvCpl.dll" [2002-10-25 11:18]

"nwiz"="nwiz.exe" [2002-10-25 11:18 C:WINDOWSsystem32nwiz.exe]

"WooCnxMon"="C:PROGRA~1NEOSTR~1CnxMon.exe" [2003-10-16 19:07]

"SpeedTouch USB Diagnostics"="C:Program FilesThomsonSpeedTouch USBDragdiag.exe" [2004-01-26 11:38]

"WOOWATCH"="C:PROGRA~1NEOSTR~1Watch.exe" [2003-10-16 19:07]

"WOOTASKBARICON"="C:PROGRA~1NEOSTR~1taskbaricon.exe" [2003-10-16 19:07]

"NeroCheck"="C:WINDOWSSystem32NeroCheck.exe" [2001-07-09 10:50]

"SunJavaUpdateSched"="C:Program FilesJavajre1.5.0_06binjusched.exe" [2005-11-10 13:03]

"LVCOMSX"="C:WINDOWSsystem32LVCOMSX.EXE" [2005-01-19 11:05]

"Creative WebCam Tray"="C:Program FilesCreativeShared FilesCAMTRAY.EXE" [2004-07-30 11:04]

"APVXDWIN"="C:Program FilesPanda SoftwarePanda Antivirus 2007APVXDWIN.exe" [2006-09-13 08:59]

[HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRun]

"Gadu-Gadu"="C:Program FilesGadu-Gadugg.exe" [2006-01-31 13:26]

"Komunikator"="C:Program FilesTlen.pltlen.exe" []

"Megaphone"="C:Program FilesGiyus.orgmegaphone.exe" [2006-08-01 17:37]

"Skype"="C:Program FilesSkypePhoneSkype.exe" [2007-06-08 15:22]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftwindows ntcurrentversionwinlogonnotifyavldr]

avldr.dll 2005-09-27 12:13 45056 C:WINDOWSsystem32avldr.dll

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupfolderC:^Documents and Settings^All Users^Menu Start^Programy^Autostart^Adobe Gamma Loader.lnk]

path=C:Documents and SettingsAll UsersMenu StartProgramyAutostartAdobe Gamma Loader.lnk

backup=C:WINDOWSpssAdobe Gamma Loader.lnkCommon Startup

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregError Safe]

"C:Program FilesError Safe Freeers.exe" /min

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregMSMSGS]

"C:Program FilesMessengermsmsgs.exe" /background

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregMsnMsgr]

"C:Program FilesMSN MessengerMsnMsgr.Exe" /background

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregQuickTime Task]

"C:Program FilesQuickTimeqttask.exe" -atboottime

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregswg]

C:Program FilesGoogleGoogleToolbarNotifier1.2.1128.5462GoogleToolbarNotifier.exe

R1 VIAPFD;VIAPFD;C:WINDOWSsystem32DriversVIAPFD.SYS

R2 AdobeActiveFileMonitor;Adobe Active File Monitor;C:Program FilesAdobePhotoshop Elements 3.0PhotoshopElementsFileAgent.exe

R2 PAVDRV;pavdrv;C:WINDOWSsystem32DRIVERSpavdrv51.sys

R2 PhotoshopElementsDeviceConnect;Photoshop Elements Device Connect;C:Program FilesAdobePhotoshop Elements 3.0PhotoshopElementsDeviceConnect.exe

R3 alcan5wn;SpeedTouch USB ADSL PPP Networking Driver (NDISWAN);C:WINDOWSsystem32DRIVERSalcan5wn.sys

S2 WNMFLT;Wifi Monitor Filter Plugin;??C:WINDOWSsystem32DriversWNMFLT.SYS

S3 DUBE100;D-Link DUB-E100 USB 2.0 to Fast Ethernet Adapter;C:WINDOWSsystem32DRIVERSDUBE100.sys

S3 rtport;rtport;??C:WINDOWSsystem32driversrtport.sys

S3 V0090VID;Creative WebCam Vista Plus;C:WINDOWSsystem32DRIVERSV0090Vid.sys

Contents of the 'Scheduled Tasks' folder

2007-07-13 14:27:38 C:WINDOWSTasksBackupPłatnika.job

**************************************************************************

catchme 0.3.1061 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2007-08-13 16:55:03

Windows 5.1.2600 Dodatek Service Pack 2 FAT NTAPI

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully

hidden files: 0

**************************************************************************

Completion time: 2007-08-13 16:56:22

C:ComboFix-quarantined-files.txt ... 2007-08-13 16:56

C:ComboFix3.txt ... 2007-08-04 20:34

C:ComboFix2.txt ... 2007-08-05 12:15

--- E O F ---

ComboFix 07-08-09.3 - "KAPKA" 2007-08-13 16:53:14.6 - FAT32x86

Microsoft Windows XP Professional 5.1.2600.2.1250.1.1045.18.59 [GMT 2:00]

* Created a new restore point

((((((((((((((((((((((((( Files Created from 2007-07-13 to 2007-08-13 )))))))))))))))))))))))))))))))

2007-08-13 14:55 <DIR> d--hs---- C:FOUND.062

2007-08-13 14:52 <DIR> d--hs---- C:FOUND.061

2007-08-13 14:49 <DIR> d--hs---- C:FOUND.060

2007-08-12 21:23 <DIR> d--hs---- C:FOUND.059

2007-08-12 15:29 <DIR> d--hs---- C:FOUND.058

2007-08-11 18:36 <DIR> d--hs---- C:FOUND.057

2007-08-11 18:33 <DIR> d--hs---- C:FOUND.056

2007-08-11 09:53 <DIR> d--hs---- C:FOUND.055

2007-08-11 09:50 <DIR> d--hs---- C:FOUND.054

2007-08-09 14:29 <DIR> d--hs---- C:FOUND.053

2007-08-08 13:30 <DIR> d--hs---- C:FOUND.052

2007-08-08 13:24 <DIR> d--hs---- C:FOUND.051

2007-08-07 16:45 <DIR> d--hs---- C:FOUND.050

2007-08-07 14:03 <DIR> d--hs---- C:FOUND.049

2007-08-05 21:00 <DIR> d--hs---- C:FOUND.048

2007-08-05 16:38 <DIR> d--hs---- C:FOUND.047

2007-08-05 14:16 <DIR> d--hs---- C:FOUND.046

2007-08-05 12:11 51,200 --a------ C:WINDOWSnircmd.exe

2007-08-05 11:54 <DIR> d--hs---- C:FOUND.045

2007-08-05 10:32 <DIR> d--hs---- C:FOUND.044

2007-08-05 09:50 <DIR> d--hs---- C:FOUND.043

2007-08-05 05:47 <DIR> d--hs---- C:FOUND.042

2007-08-04 19:24 <DIR> d--hs---- C:FOUND.041

2007-08-04 11:32 <DIR> d--hs---- C:FOUND.040

2007-08-04 06:35 <DIR> d--hs---- C:FOUND.039

2007-08-04 05:45 <DIR> d--hs---- C:FOUND.038

2007-08-03 18:58 <DIR> d--hs---- C:FOUND.037

2007-08-03 15:25 <DIR> d--hs---- C:FOUND.036

2007-08-03 14:32 <DIR> d--hs---- C:FOUND.035

2007-08-03 12:25 <DIR> d--hs---- C:FOUND.034

2007-08-03 11:52 <DIR> d--hs---- C:FOUND.033

2007-08-03 08:27 <DIR> d--hs---- C:FOUND.032

2007-08-03 07:20 <DIR> d--hs---- C:FOUND.031

2007-08-03 06:38 <DIR> d--hs---- C:FOUND.030

2007-08-03 06:33 <DIR> d--hs---- C:FOUND.029

2007-08-03 06:23 <DIR> d--hs---- C:FOUND.028

2007-08-03 05:53 <DIR> d--hs---- C:FOUND.027

2007-08-03 05:37 <DIR> d--hs---- C:FOUND.026

2007-08-02 17:18 <DIR> d--hs---- C:FOUND.025

2007-08-02 06:23 <DIR> d--hs---- C:FOUND.024

2007-08-01 20:52 <DIR> d--hs---- C:FOUND.023

2007-08-01 19:10 <DIR> d--hs---- C:FOUND.022

2007-08-01 09:18 <DIR> d--hs---- C:FOUND.021

2007-08-01 09:15 <DIR> d--hs---- C:FOUND.020

2007-08-01 07:35 <DIR> d--hs---- C:FOUND.019

2007-07-31 19:24 <DIR> d--hs---- C:FOUND.018

2007-07-31 14:35 <DIR> d--hs---- C:FOUND.017

2007-07-31 13:51 <DIR> d--hs---- C:FOUND.016

2007-07-30 13:40 <DIR> d--hs---- C:FOUND.015

2007-07-30 13:38 <DIR> d--hs---- C:FOUND.014

2007-07-29 13:54 <DIR> d--hs---- C:FOUND.013

2007-07-29 13:45 <DIR> d--hs---- C:FOUND.012

2007-07-28 20:17 <DIR> d--hs---- C:FOUND.011

2007-07-28 15:44 <DIR> d--hs---- C:FOUND.010

2007-07-28 13:16 <DIR> d--hs---- C:FOUND.009

2007-07-27 15:37 <DIR> d--hs---- C:FOUND.008

2007-07-23 14:57 <DIR> d--hs---- C:FOUND.007

2007-07-22 05:34 <DIR> d--hs---- C:FOUND.006

2007-07-22 05:26 <DIR> d--hs---- C:FOUND.005

2007-07-15 16:08 <DIR> d--hs---- C:FOUND.004

2007-07-15 08:54 <DIR> d--hs---- C:FOUND.003

2007-07-15 05:37 <DIR> d--hs---- C:FOUND.002

2007-07-14 12:48 <DIR> d--hs---- C:FOUND.001

2007-07-13 21:10 <DIR> d--hs---- C:FOUND.000

2007-07-13 16:31 <DIR> d-------- C:DOCUME~1ALLUSE~1DANEAP~1Spybot - Search & Destroy

2007-07-13 16:13 <DIR> d-------- C:WINDOWSsystem32NtmsData

2007-07-13 15:59 11,935 -ra------ C:WINDOWSsystem32driversDUBE100.sys

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

2007-07-11 21:42 --------- d-------- C:Program FilesCommon FilesSkype

2007-05-16 17:19 85504 --------- C:WINDOWSsystem32dllcachewabimp.dll

2007-05-16 17:19 510976 --------- C:WINDOWSsystem32dllcachewab32.dll

2007-05-16 17:19 1314816 --------- C:WINDOWSsystem32dllcachemsoe.dll

2007-05-16 17:18 86528 --------- C:WINDOWSsystem32dllcachedirectdb.dll

2007-05-16 17:18 683520 --a------ C:WINDOWSsystem32inetcomm.dll

2007-05-16 17:18 683520 --------- C:WINDOWSsystem32dllcacheinetcomm.dll

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun]

"SoundMan"="SOUNDMAN.EXE" [2002-11-19 14:01 C:WINDOWSSOUNDMAN.EXE]

"NvCplDaemon"="C:WINDOWSSystem32NvCpl.dll" [2002-10-25 11:18]

"nwiz"="nwiz.exe" [2002-10-25 11:18 C:WINDOWSsystem32nwiz.exe]

"WooCnxMon"="C:PROGRA~1NEOSTR~1CnxMon.exe" [2003-10-16 19:07]

"SpeedTouch USB Diagnostics"="C:Program FilesThomsonSpeedTouch USBDragdiag.exe" [2004-01-26 11:38]

"WOOWATCH"="C:PROGRA~1NEOSTR~1Watch.exe" [2003-10-16 19:07]

"WOOTASKBARICON"="C:PROGRA~1NEOSTR~1taskbaricon.exe" [2003-10-16 19:07]

"NeroCheck"="C:WINDOWSSystem32NeroCheck.exe" [2001-07-09 10:50]

"SunJavaUpdateSched"="C:Program FilesJavajre1.5.0_06binjusched.exe" [2005-11-10 13:03]

"LVCOMSX"="C:WINDOWSsystem32LVCOMSX.EXE" [2005-01-19 11:05]

"Creative WebCam Tray"="C:Program FilesCreativeShared FilesCAMTRAY.EXE" [2004-07-30 11:04]

"APVXDWIN"="C:Program FilesPanda SoftwarePanda Antivirus 2007APVXDWIN.exe" [2006-09-13 08:59]

[HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRun]

"Gadu-Gadu"="C:Program FilesGadu-Gadugg.exe" [2006-01-31 13:26]

"Komunikator"="C:Program FilesTlen.pltlen.exe" []

"Megaphone"="C:Program FilesGiyus.orgmegaphone.exe" [2006-08-01 17:37]

"Skype"="C:Program FilesSkypePhoneSkype.exe" [2007-06-08 15:22]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftwindows ntcurrentversionwinlogonnotifyavldr]

avldr.dll 2005-09-27 12:13 45056 C:WINDOWSsystem32avldr.dll

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupfolderC:^Documents and Settings^All Users^Menu Start^Programy^Autostart^Adobe Gamma Loader.lnk]

path=C:Documents and SettingsAll UsersMenu StartProgramyAutostartAdobe Gamma Loader.lnk

backup=C:WINDOWSpssAdobe Gamma Loader.lnkCommon Startup

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregError Safe]

"C:Program FilesError Safe Freeers.exe" /min

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregMSMSGS]

"C:Program FilesMessengermsmsgs.exe" /background

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregMsnMsgr]

"C:Program FilesMSN MessengerMsnMsgr.Exe" /background

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregQuickTime Task]

"C:Program FilesQuickTimeqttask.exe" -atboottime

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregswg]

C:Program FilesGoogleGoogleToolbarNotifier1.2.1128.5462GoogleToolbarNotifier.exe

R1 VIAPFD;VIAPFD;C:WINDOWSsystem32DriversVIAPFD.SYS

R2 AdobeActiveFileMonitor;Adobe Active File Monitor;C:Program FilesAdobePhotoshop Elements 3.0PhotoshopElementsFileAgent.exe

R2 PAVDRV;pavdrv;C:WINDOWSsystem32DRIVERSpavdrv51.sys

R2 PhotoshopElementsDeviceConnect;Photoshop Elements Device Connect;C:Program FilesAdobePhotoshop Elements 3.0PhotoshopElementsDeviceConnect.exe

R3 alcan5wn;SpeedTouch USB ADSL PPP Networking Driver (NDISWAN);C:WINDOWSsystem32DRIVERSalcan5wn.sys

S2 WNMFLT;Wifi Monitor Filter Plugin;??C:WINDOWSsystem32DriversWNMFLT.SYS

S3 DUBE100;D-Link DUB-E100 USB 2.0 to Fast Ethernet Adapter;C:WINDOWSsystem32DRIVERSDUBE100.sys

S3 rtport;rtport;??C:WINDOWSsystem32driversrtport.sys

S3 V0090VID;Creative WebCam Vista Plus;C:WINDOWSsystem32DRIVERSV0090Vid.sys

Contents of the 'Scheduled Tasks' folder

2007-07-13 14:27:38 C:WINDOWSTasksBackupPłatnika.job

**************************************************************************

catchme 0.3.1061 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2007-08-13 16:55:03

Windows 5.1.2600 Dodatek Service Pack 2 FAT NTAPI

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully

hidden files: 0

**************************************************************************

Completion time: 2007-08-13 16:56:22

C:ComboFix-quarantined-files.txt ... 2007-08-13 16:56

C:ComboFix3.txt ... 2007-08-04 20:34

C:ComboFix2.txt ... 2007-08-05 12:15

--- E O F ---

ComboFix 07-08-09.3 - "KAPKA" 2007-08-13 16:53:14.6 - FAT32x86

Microsoft Windows XP Professional 5.1.2600.2.1250.1.1045.18.59 [GMT 2:00]

* Created a new restore point

((((((((((((((((((((((((( Files Created from 2007-07-13 to 2007-08-13 )))))))))))))))))))))))))))))))

2007-08-13 14:55 <DIR> d--hs---- C:FOUND.062

2007-08-13 14:52 <DIR> d--hs---- C:FOUND.061

2007-08-13 14:49 <DIR> d--hs---- C:FOUND.060

2007-08-12 21:23 <DIR> d--hs---- C:FOUND.059

2007-08-12 15:29 <DIR> d--hs---- C:FOUND.058

2007-08-11 18:36 <DIR> d--hs---- C:FOUND.057

2007-08-11 18:33 <DIR> d--hs---- C:FOUND.056

2007-08-11 09:53 <DIR> d--hs---- C:FOUND.055

2007-08-11 09:50 <DIR> d--hs---- C:FOUND.054

2007-08-09 14:29 <DIR> d--hs---- C:FOUND.053

2007-08-08 13:30 <DIR> d--hs---- C:FOUND.052

2007-08-08 13:24 <DIR> d--hs---- C:FOUND.051

2007-08-07 16:45 <DIR> d--hs---- C:FOUND.050

2007-08-07 14:03 <DIR> d--hs---- C:FOUND.049

2007-08-05 21:00 <DIR> d--hs---- C:FOUND.048

2007-08-05 16:38 <DIR> d--hs---- C:FOUND.047

2007-08-05 14:16 <DIR> d--hs---- C:FOUND.046

2007-08-05 12:11 51,200 --a------ C:WINDOWSnircmd.exe

2007-08-05 11:54 <DIR> d--hs---- C:FOUND.045

2007-08-05 10:32 <DIR> d--hs---- C:FOUND.044

2007-08-05 09:50 <DIR> d--hs---- C:FOUND.043

2007-08-05 05:47 <DIR> d--hs---- C:FOUND.042

2007-08-04 19:24 <DIR> d--hs---- C:FOUND.041

2007-08-04 11:32 <DIR> d--hs---- C:FOUND.040

2007-08-04 06:35 <DIR> d--hs---- C:FOUND.039

2007-08-04 05:45 <DIR> d--hs---- C:FOUND.038

2007-08-03 18:58 <DIR> d--hs---- C:FOUND.037

2007-08-03 15:25 <DIR> d--hs---- C:FOUND.036

2007-08-03 14:32 <DIR> d--hs---- C:FOUND.035

2007-08-03 12:25 <DIR> d--hs---- C:FOUND.034

2007-08-03 11:52 <DIR> d--hs---- C:FOUND.033

2007-08-03 08:27 <DIR> d--hs---- C:FOUND.032

2007-08-03 07:20 <DIR> d--hs---- C:FOUND.031

2007-08-03 06:38 <DIR> d--hs---- C:FOUND.030

2007-08-03 06:33 <DIR> d--hs---- C:FOUND.029

2007-08-03 06:23 <DIR> d--hs---- C:FOUND.028

2007-08-03 05:53 <DIR> d--hs---- C:FOUND.027

2007-08-03 05:37 <DIR> d--hs---- C:FOUND.026

2007-08-02 17:18 <DIR> d--hs---- C:FOUND.025

2007-08-02 06:23 <DIR> d--hs---- C:FOUND.024

2007-08-01 20:52 <DIR> d--hs---- C:FOUND.023

2007-08-01 19:10 <DIR> d--hs---- C:FOUND.022

2007-08-01 09:18 <DIR> d--hs---- C:FOUND.021

2007-08-01 09:15 <DIR> d--hs---- C:FOUND.020

2007-08-01 07:35 <DIR> d--hs---- C:FOUND.019

2007-07-31 19:24 <DIR> d--hs---- C:FOUND.018

2007-07-31 14:35 <DIR> d--hs---- C:FOUND.017

2007-07-31 13:51 <DIR> d--hs---- C:FOUND.016

2007-07-30 13:40 <DIR> d--hs---- C:FOUND.015

2007-07-30 13:38 <DIR> d--hs---- C:FOUND.014

2007-07-29 13:54 <DIR> d--hs---- C:FOUND.013

2007-07-29 13:45 <DIR> d--hs---- C:FOUND.012

2007-07-28 20:17 <DIR> d--hs---- C:FOUND.011

2007-07-28 15:44 <DIR> d--hs---- C:FOUND.010

2007-07-28 13:16 <DIR> d--hs---- C:FOUND.009

2007-07-27 15:37 <DIR> d--hs---- C:FOUND.008

2007-07-23 14:57 <DIR> d--hs---- C:FOUND.007

2007-07-22 05:34 <DIR> d--hs---- C:FOUND.006

2007-07-22 05:26 <DIR> d--hs---- C:FOUND.005

2007-07-15 16:08 <DIR> d--hs---- C:FOUND.004

2007-07-15 08:54 <DIR> d--hs---- C:FOUND.003

2007-07-15 05:37 <DIR> d--hs---- C:FOUND.002

2007-07-14 12:48 <DIR> d--hs---- C:FOUND.001

2007-07-13 21:10 <DIR> d--hs---- C:FOUND.000

2007-07-13 16:31 <DIR> d-------- C:DOCUME~1ALLUSE~1DANEAP~1Spybot - Search & Destroy

2007-07-13 16:13 <DIR> d-------- C:WINDOWSsystem32NtmsData

2007-07-13 15:59 11,935 -ra------ C:WINDOWSsystem32driversDUBE100.sys

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

2007-07-11 21:42 --------- d-------- C:Program FilesCommon FilesSkype

2007-05-16 17:19 85504 --------- C:WINDOWSsystem32dllcachewabimp.dll

2007-05-16 17:19 510976 --------- C:WINDOWSsystem32dllcachewab32.dll

2007-05-16 17:19 1314816 --------- C:WINDOWSsystem32dllcachemsoe.dll

2007-05-16 17:18 86528 --------- C:WINDOWSsystem32dllcachedirectdb.dll

2007-05-16 17:18 683520 --a------ C:WINDOWSsystem32inetcomm.dll

2007-05-16 17:18 683520 --------- C:WINDOWSsystem32dllcacheinetcomm.dll

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun]

"SoundMan"="SOUNDMAN.EXE" [2002-11-19 14:01 C:WINDOWSSOUNDMAN.EXE]

"NvCplDaemon"="C:WINDOWSSystem32NvCpl.dll" [2002-10-25 11:18]

"nwiz"="nwiz.exe" [2002-10-25 11:18 C:WINDOWSsystem32nwiz.exe]

"WooCnxMon"="C:PROGRA~1NEOSTR~1CnxMon.exe" [2003-10-16 19:07]

"SpeedTouch USB Diagnostics"="C:Program FilesThomsonSpeedTouch USBDragdiag.exe" [2004-01-26 11:38]

"WOOWATCH"="C:PROGRA~1NEOSTR~1Watch.exe" [2003-10-16 19:07]

"WOOTASKBARICON"="C:PROGRA~1NEOSTR~1taskbaricon.exe" [2003-10-16 19:07]

"NeroCheck"="C:WINDOWSSystem32NeroCheck.exe" [2001-07-09 10:50]

"SunJavaUpdateSched"="C:Program FilesJavajre1.5.0_06binjusched.exe" [2005-11-10 13:03]

"LVCOMSX"="C:WINDOWSsystem32LVCOMSX.EXE" [2005-01-19 11:05]

"Creative WebCam Tray"="C:Program FilesCreativeShared FilesCAMTRAY.EXE" [2004-07-30 11:04]

"APVXDWIN"="C:Program FilesPanda SoftwarePanda Antivirus 2007APVXDWIN.exe" [2006-09-13 08:59]

[HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRun]

"Gadu-Gadu"="C:Program FilesGadu-Gadugg.exe" [2006-01-31 13:26]

"Komunikator"="C:Program FilesTlen.pltlen.exe" []

"Megaphone"="C:Program FilesGiyus.orgmegaphone.exe" [2006-08-01 17:37]

"Skype"="C:Program FilesSkypePhoneSkype.exe" [2007-06-08 15:22]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftwindows ntcurrentversionwinlogonnotifyavldr]

avldr.dll 2005-09-27 12:13 45056 C:WINDOWSsystem32avldr.dll

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupfolderC:^Documents and Settings^All Users^Menu Start^Programy^Autostart^Adobe Gamma Loader.lnk]

path=C:Documents and SettingsAll UsersMenu StartProgramyAutostartAdobe Gamma Loader.lnk

backup=C:WINDOWSpssAdobe Gamma Loader.lnkCommon Startup

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregError Safe]

"C:Program FilesError Safe Freeers.exe" /min

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregMSMSGS]

"C:Program FilesMessengermsmsgs.exe" /background

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregMsnMsgr]

"C:Program FilesMSN MessengerMsnMsgr.Exe" /background

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregQuickTime Task]

"C:Program FilesQuickTimeqttask.exe" -atboottime

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregswg]

C:Program FilesGoogleGoogleToolbarNotifier1.2.1128.5462GoogleToolbarNotifier.exe

R1 VIAPFD;VIAPFD;C:WINDOWSsystem32DriversVIAPFD.SYS

R2 AdobeActiveFileMonitor;Adobe Active File Monitor;C:Program FilesAdobePhotoshop Elements 3.0PhotoshopElementsFileAgent.exe

R2 PAVDRV;pavdrv;C:WINDOWSsystem32DRIVERSpavdrv51.sys

R2 PhotoshopElementsDeviceConnect;Photoshop Elements Device Connect;C:Program FilesAdobePhotoshop Elements 3.0PhotoshopElementsDeviceConnect.exe

R3 alcan5wn;SpeedTouch USB ADSL PPP Networking Driver (NDISWAN);C:WINDOWSsystem32DRIVERSalcan5wn.sys

S2 WNMFLT;Wifi Monitor Filter Plugin;??C:WINDOWSsystem32DriversWNMFLT.SYS

S3 DUBE100;D-Link DUB-E100 USB 2.0 to Fast Ethernet Adapter;C:WINDOWSsystem32DRIVERSDUBE100.sys

S3 rtport;rtport;??C:WINDOWSsystem32driversrtport.sys

S3 V0090VID;Creative WebCam Vista Plus;C:WINDOWSsystem32DRIVERSV0090Vid.sys

Contents of the 'Scheduled Tasks' folder

2007-07-13 14:27:38 C:WINDOWSTasksBackupPłatnika.job

**************************************************************************

catchme 0.3.1061 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2007-08-13 16:55:03

Windows 5.1.2600 Dodatek Service Pack 2 FAT NTAPI

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully

hidden files: 0

**************************************************************************

Completion time: 2007-08-13 16:56:22

C:ComboFix-quarantined-files.txt ... 2007-08-13 16:56

C:ComboFix3.txt ... 2007-08-04 20:34

C:ComboFix2.txt ... 2007-08-05 12:15

--- E O F ---

ComboFix 07-08-09.3 - "KAPKA" 2007-08-13 16:53:14.6 - FAT32x86

Microsoft Windows XP Professional 5.1.2600.2.1250.1.1045.18.59 [GMT 2:00]

* Created a new restore point

((((((((((((((((((((((((( Files Created from 2007-07-13 to 2007-08-13 )))))))))))))))))))))))))))))))

2007-08-13 14:55 <DIR> d--hs---- C:FOUND.062

2007-08-13 14:52 <DIR> d--hs---- C:FOUND.061

2007-08-13 14:49 <DIR> d--hs---- C:FOUND.060

2007-08-12 21:23 <DIR> d--hs---- C:FOUND.059

2007-08-12 15:29 <DIR> d--hs---- C:FOUND.058

2007-08-11 18:36 <DIR> d--hs---- C:FOUND.057

2007-08-11 18:33 <DIR> d--hs---- C:FOUND.056

2007-08-11 09:53 <DIR> d--hs---- C:FOUND.055

2007-08-11 09:50 <DIR> d--hs---- C:FOUND.054

2007-08-09 14:29 <DIR> d--hs---- C:FOUND.053

2007-08-08 13:30 <DIR> d--hs---- C:FOUND.052

2007-08-08 13:24 <DIR> d--hs---- C:FOUND.051

2007-08-07 16:45 <DIR> d--hs---- C:FOUND.050

2007-08-07 14:03 <DIR> d--hs---- C:FOUND.049

2007-08-05 21:00 <DIR> d--hs---- C:FOUND.048

2007-08-05 16:38 <DIR> d--hs---- C:FOUND.047

2007-08-05 14:16 <DIR> d--hs---- C:FOUND.046

2007-08-05 12:11 51,200 --a------ C:WINDOWSnircmd.exe

2007-08-05 11:54 <DIR> d--hs---- C:FOUND.045

2007-08-05 10:32 <DIR> d--hs---- C:FOUND.044

2007-08-05 09:50 <DIR> d--hs---- C:FOUND.043

2007-08-05 05:47 <DIR> d--hs---- C:FOUND.042

2007-08-04 19:24 <DIR> d--hs---- C:FOUND.041

2007-08-04 11:32 <DIR> d--hs---- C:FOUND.040

2007-08-04 06:35 <DIR> d--hs---- C:FOUND.039

2007-08-04 05:45 <DIR> d--hs---- C:FOUND.038

2007-08-03 18:58 <DIR> d--hs---- C:FOUND.037

2007-08-03 15:25 <DIR> d--hs---- C:FOUND.036

2007-08-03 14:32 <DIR> d--hs---- C:FOUND.035

2007-08-03 12:25 <DIR> d--hs---- C:FOUND.034

2007-08-03 11:52 <DIR> d--hs---- C:FOUND.033

2007-08-03 08:27 <DIR> d--hs---- C:FOUND.032

2007-08-03 07:20 <DIR> d--hs---- C:FOUND.031

2007-08-03 06:38 <DIR> d--hs---- C:FOUND.030

2007-08-03 06:33 <DIR> d--hs---- C:FOUND.029

2007-08-03 06:23 <DIR> d--hs---- C:FOUND.028

2007-08-03 05:53 <DIR> d--hs---- C:FOUND.027

2007-08-03 05:37 <DIR> d--hs---- C:FOUND.026

2007-08-02 17:18 <DIR> d--hs---- C:FOUND.025

2007-08-02 06:23 <DIR> d--hs---- C:FOUND.024

2007-08-01 20:52 <DIR> d--hs---- C:FOUND.023

2007-08-01 19:10 <DIR> d--hs---- C:FOUND.022

2007-08-01 09:18 <DIR> d--hs---- C:FOUND.021

2007-08-01 09:15 <DIR> d--hs---- C:FOUND.020

2007-08-01 07:35 <DIR> d--hs---- C:FOUND.019

2007-07-31 19:24 <DIR> d--hs---- C:FOUND.018

2007-07-31 14:35 <DIR> d--hs---- C:FOUND.017

2007-07-31 13:51 <DIR> d--hs---- C:FOUND.016

2007-07-30 13:40 <DIR> d--hs---- C:FOUND.015

2007-07-30 13:38 <DIR> d--hs---- C:FOUND.014

2007-07-29 13:54 <DIR> d--hs---- C:FOUND.013

2007-07-29 13:45 <DIR> d--hs---- C:FOUND.012

2007-07-28 20:17 <DIR> d--hs---- C:FOUND.011

2007-07-28 15:44 <DIR> d--hs---- C:FOUND.010

2007-07-28 13:16 <DIR> d--hs---- C:FOUND.009

2007-07-27 15:37 <DIR> d--hs---- C:FOUND.008

2007-07-23 14:57 <DIR> d--hs---- C:FOUND.007

2007-07-22 05:34 <DIR> d--hs---- C:FOUND.006

2007-07-22 05:26 <DIR> d--hs---- C:FOUND.005

2007-07-15 16:08 <DIR> d--hs---- C:FOUND.004

2007-07-15 08:54 <DIR> d--hs---- C:FOUND.003

2007-07-15 05:37 <DIR> d--hs---- C:FOUND.002

2007-07-14 12:48 <DIR> d--hs---- C:FOUND.001

2007-07-13 21:10 <DIR> d--hs---- C:FOUND.000

2007-07-13 16:31 <DIR> d-------- C:DOCUME~1ALLUSE~1DANEAP~1Spybot - Search & Destroy

2007-07-13 16:13 <DIR> d-------- C:WINDOWSsystem32NtmsData

2007-07-13 15:59 11,935 -ra------ C:WINDOWSsystem32driversDUBE100.sys

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

2007-07-11 21:42 --------- d-------- C:Program FilesCommon FilesSkype

2007-05-16 17:19 85504 --------- C:WINDOWSsystem32dllcachewabimp.dll

2007-05-16 17:19 510976 --------- C:WINDOWSsystem32dllcachewab32.dll

2007-05-16 17:19 1314816 --------- C:WINDOWSsystem32dllcachemsoe.dll

2007-05-16 17:18 86528 --------- C:WINDOWSsystem32dllcachedirectdb.dll

2007-05-16 17:18 683520 --a------ C:WINDOWSsystem32inetcomm.dll

2007-05-16 17:18 683520 --------- C:WINDOWSsystem32dllcacheinetcomm.dll

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun]

"SoundMan"="SOUNDMAN.EXE" [2002-11-19 14:01 C:WINDOWSSOUNDMAN.EXE]

"NvCplDaemon"="C:WINDOWSSystem32NvCpl.dll" [2002-10-25 11:18]

"nwiz"="nwiz.exe" [2002-10-25 11:18 C:WINDOWSsystem32nwiz.exe]

"WooCnxMon"="C:PROGRA~1NEOSTR~1CnxMon.exe" [2003-10-16 19:07]

"SpeedTouch USB Diagnostics"="C:Program FilesThomsonSpeedTouch USBDragdiag.exe" [2004-01-26 11:38]

"WOOWATCH"="C:PROGRA~1NEOSTR~1Watch.exe" [2003-10-16 19:07]

"WOOTASKBARICON"="C:PROGRA~1NEOSTR~1taskbaricon.exe" [2003-10-16 19:07]

"NeroCheck"="C:WINDOWSSystem32NeroCheck.exe" [2001-07-09 10:50]

"SunJavaUpdateSched"="C:Program FilesJavajre1.5.0_06binjusched.exe" [2005-11-10 13:03]

"LVCOMSX"="C:WINDOWSsystem32LVCOMSX.EXE" [2005-01-19 11:05]

"Creative WebCam Tray"="C:Program FilesCreativeShared FilesCAMTRAY.EXE" [2004-07-30 11:04]

"APVXDWIN"="C:Program FilesPanda SoftwarePanda Antivirus 2007APVXDWIN.exe" [2006-09-13 08:59]

[HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRun]

"Gadu-Gadu"="C:Program FilesGadu-Gadugg.exe" [2006-01-31 13:26]

"Komunikator"="C:Program FilesTlen.pltlen.exe" []

"Megaphone"="C:Program FilesGiyus.orgmegaphone.exe" [2006-08-01 17:37]

"Skype"="C:Program FilesSkypePhoneSkype.exe" [2007-06-08 15:22]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftwindows ntcurrentversionwinlogonnotifyavldr]

avldr.dll 2005-09-27 12:13 45056 C:WINDOWSsystem32avldr.dll

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupfolderC:^Documents and Settings^All Users^Menu Start^Programy^Autostart^Adobe Gamma Loader.lnk]

path=C:Documents and SettingsAll UsersMenu StartProgramyAutostartAdobe Gamma Loader.lnk

backup=C:WINDOWSpssAdobe Gamma Loader.lnkCommon Startup

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregError Safe]

"C:Program FilesError Safe Freeers.exe" /min

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregMSMSGS]

"C:Program FilesMessengermsmsgs.exe" /background

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregMsnMsgr]

"C:Program FilesMSN MessengerMsnMsgr.Exe" /background

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregQuickTime Task]

"C:Program FilesQuickTimeqttask.exe" -atboottime

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregswg]

C:Program FilesGoogleGoogleToolbarNotifier1.2.1128.5462GoogleToolbarNotifier.exe

R1 VIAPFD;VIAPFD;C:WINDOWSsystem32DriversVIAPFD.SYS

R2 AdobeActiveFileMonitor;Adobe Active File Monitor;C:Program FilesAdobePhotoshop Elements 3.0PhotoshopElementsFileAgent.exe

R2 PAVDRV;pavdrv;C:WINDOWSsystem32DRIVERSpavdrv51.sys

R2 PhotoshopElementsDeviceConnect;Photoshop Elements Device Connect;C:Program FilesAdobePhotoshop Elements 3.0PhotoshopElementsDeviceConnect.exe

R3 alcan5wn;SpeedTouch USB ADSL PPP Networking Driver (NDISWAN);C:WINDOWSsystem32DRIVERSalcan5wn.sys

S2 WNMFLT;Wifi Monitor Filter Plugin;??C:WINDOWSsystem32DriversWNMFLT.SYS

S3 DUBE100;D-Link DUB-E100 USB 2.0 to Fast Ethernet Adapter;C:WINDOWSsystem32DRIVERSDUBE100.sys

S3 rtport;rtport;??C:WINDOWSsystem32driversrtport.sys

S3 V0090VID;Creative WebCam Vista Plus;C:WINDOWSsystem32DRIVERSV0090Vid.sys

Contents of the 'Scheduled Tasks' folder

2007-07-13 14:27:38 C:WINDOWSTasksBackupPłatnika.job

**************************************************************************

catchme 0.3.1061 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2007-08-13 16:55:03

Windows 5.1.2600 Dodatek Service Pack 2 FAT NTAPI

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully

hidden files: 0

**************************************************************************

Completion time: 2007-08-13 16:56:22

C:ComboFix-quarantined-files.txt ... 2007-08-13 16:56

C:ComboFix3.txt ... 2007-08-04 20:34

C:ComboFix2.txt ... 2007-08-05 12:15

--- E O F ---

CatchMe

CatchMe

komentarz
komentarz

Usuń to wszystko z dysku:

2007-08-13 14:55 <DIR> d--hs---- C:FOUND.062

2007-08-13 14:52 <DIR> d--hs---- C:FOUND.061

2007-08-13 14:49 <DIR> d--hs---- C:FOUND.060

2007-08-12 21:23 <DIR> d--hs---- C:FOUND.059

2007-08-12 15:29 <DIR> d--hs---- C:FOUND.058

2007-08-11 18:36 <DIR> d--hs---- C:FOUND.057

2007-08-11 18:33 <DIR> d--hs---- C:FOUND.056

2007-08-11 09:53 <DIR> d--hs---- C:FOUND.055

2007-08-11 09:50 <DIR> d--hs---- C:FOUND.054

2007-08-09 14:29 <DIR> d--hs---- C:FOUND.053

2007-08-08 13:30 <DIR> d--hs---- C:FOUND.052

2007-08-08 13:24 <DIR> d--hs---- C:FOUND.051

2007-08-07 16:45 <DIR> d--hs---- C:FOUND.050

2007-08-07 14:03 <DIR> d--hs---- C:FOUND.049

2007-08-05 21:00 <DIR> d--hs---- C:FOUND.048

2007-08-05 16:38 <DIR> d--hs---- C:FOUND.047

2007-08-05 14:16 <DIR> d--hs---- C:FOUND.046

2007-08-05 12:11 51,200 --a------ C:WINDOWSnircmd.exe

2007-08-05 11:54 <DIR> d--hs---- C:FOUND.045

2007-08-05 10:32 <DIR> d--hs---- C:FOUND.044

2007-08-05 09:50 <DIR> d--hs---- C:FOUND.043

2007-08-05 05:47 <DIR> d--hs---- C:FOUND.042

2007-08-04 19:24 <DIR> d--hs---- C:FOUND.041

2007-08-04 11:32 <DIR> d--hs---- C:FOUND.040

2007-08-04 06:35 <DIR> d--hs---- C:FOUND.039

2007-08-04 05:45 <DIR> d--hs---- C:FOUND.038

2007-08-03 18:58 <DIR> d--hs---- C:FOUND.037

2007-08-03 15:25 <DIR> d--hs---- C:FOUND.036

2007-08-03 14:32 <DIR> d--hs---- C:FOUND.035

2007-08-03 12:25 <DIR> d--hs---- C:FOUND.034

2007-08-03 11:52 <DIR> d--hs---- C:FOUND.033

2007-08-03 08:27 <DIR> d--hs---- C:FOUND.032

2007-08-03 07:20 <DIR> d--hs---- C:FOUND.031

2007-08-03 06:38 <DIR> d--hs---- C:FOUND.030

2007-08-03 06:33 <DIR> d--hs---- C:FOUND.029

2007-08-03 06:23 <DIR> d--hs---- C:FOUND.028

2007-08-03 05:53 <DIR> d--hs---- C:FOUND.027

2007-08-03 05:37 <DIR> d--hs---- C:FOUND.026

2007-08-02 17:18 <DIR> d--hs---- C:FOUND.025

2007-08-02 06:23 <DIR> d--hs---- C:FOUND.024

2007-08-01 20:52 <DIR> d--hs---- C:FOUND.023

2007-08-01 19:10 <DIR> d--hs---- C:FOUND.022

2007-08-01 09:18 <DIR> d--hs---- C:FOUND.021

2007-08-01 09:15 <DIR> d--hs---- C:FOUND.020

2007-08-01 07:35 <DIR> d--hs---- C:FOUND.019

2007-07-31 19:24 <DIR> d--hs---- C:FOUND.018

2007-07-31 14:35 <DIR> d--hs---- C:FOUND.017

2007-07-31 13:51 <DIR> d--hs---- C:FOUND.016

2007-07-30 13:40 <DIR> d--hs---- C:FOUND.015

2007-07-30 13:38 <DIR> d--hs---- C:FOUND.014

2007-07-29 13:54 <DIR> d--hs---- C:FOUND.013

2007-07-29 13:45 <DIR> d--hs---- C:FOUND.012

2007-07-28 20:17 <DIR> d--hs---- C:FOUND.011

2007-07-28 15:44 <DIR> d--hs---- C:FOUND.010

2007-07-28 13:16 <DIR> d--hs---- C:FOUND.009

2007-07-27 15:37 <DIR> d--hs---- C:FOUND.008

2007-07-23 14:57 <DIR> d--hs---- C:FOUND.007

2007-07-22 05:34 <DIR> d--hs---- C:FOUND.006

2007-07-22 05:26 <DIR> d--hs---- C:FOUND.005

2007-07-15 16:08 <DIR> d--hs---- C:FOUND.004

2007-07-15 08:54 <DIR> d--hs---- C:FOUND.003

2007-07-15 05:37 <DIR> d--hs---- C:FOUND.002

2007-07-14 12:48 <DIR> d--hs---- C:FOUND.001

2007-07-13 21:10 <DIR> d--hs---- C:FOUND.000

wiesia

wiesia

komentarz
  • Autor
komentarz

Jak prawidlowo usunac z dysku?

CatchMe

CatchMe

komentarz
komentarz

nie rozumiem?

GoBi

GoBi

komentarz
komentarz

Możesz użyć narzędzia MoveIt

Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!

Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.

Zadaj pytanie bez logowania
Przejdź do listy tematów
×
×
  • Dodaj nową pozycję...

Powiadomienie o plikach cookie

Strona wykorzystuje pliki cookies w celu prawidłowego świadczenia usług i wygody użytkowników. Warunki przechowywania i dostępu do plików cookies możesz zmienić w ustawieniach przeglądarki.

  Akceptuję