Packed.Win32.Morphine.a

slodka · 16 Wrzesień 2007 19:13

amd - 07-09-14 16:37:58,28 Dodatek Service Pack 2

ComboFix 06.10.16 - Running from: "C:\Documents and Settings\amd\Pulpit"


((((((((((((((((((((((((((((((( Files Created from 2007-08-14 to 2007-09-14 ))))))))))))))))))))))))))))))))))



No new files created in this timespan



(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))



2007-09-11 21:21 -------- d-------- C:\Program Files\Mozilla Firefox

2007-09-11 17:37 -------- d-------- C:\Program Files\mIRC

2007-09-10 19:15 -------- d-------- C:\Program Files\Szkola podstawowa klasa 6 - Przyroda

2007-09-05 18:46 -------- d-------- C:\Documents and Settings\amd\Dane aplikacji\Google

2007-09-05 18:45 -------- d-------- C:\Program Files\Google

2007-09-05 16:43 -------- d-------- C:\Program Files\Lx_cats

2007-08-15 20:01 -------- d-------- C:\Program Files\Internet Explorer

2007-08-10 19:02 108144 --a------ C:\WINDOWS\system32\CmdLineExt.dll

2007-08-10 19:02 -------- dr-h----- C:\Documents and Settings\amd\Dane aplikacji\SecuROM

2007-08-10 18:53 -------- d-------- C:\Program Files\Electronic Arts

2007-08-06 19:21 -------- d--h----- C:\Program Files\InstallShield Installation Information

2007-07-30 19:19 92504 --a------ C:\WINDOWS\system32\cdm.dll

2007-07-30 19:19 549720 --a------ C:\WINDOWS\system32\wuapi.dll

2007-07-30 19:19 53080 --a------ C:\WINDOWS\system32\wuauclt.exe

2007-07-30 19:19 43352 --a------ C:\WINDOWS\system32\wups2.dll

2007-07-30 19:19 325976 --a------ C:\WINDOWS\system32\wucltui.dll

2007-07-30 19:19 203096 --a------ C:\WINDOWS\system32\wuweb.dll

2007-07-30 19:19 1712984 --a------ C:\WINDOWS\system32\wuaueng.dll

2007-07-30 19:18 33624 --a------ C:\WINDOWS\system32\wups.dll

2007-07-29 22:30 -------- d-------- C:\Program Files\TuneUp Utilities 2006

2007-07-29 12:09 -------- d-------- C:\Documents and Settings\amd\Dane aplikacji\Skype

2007-07-18 17:29 -------- d-------- C:\Program Files\Skype

2007-07-18 17:29 -------- d-------- C:\Program Files\Common Files\Skype

2007-07-18 17:29 -------- d-------- C:\Program Files\Common Files

2007-07-18 14:42 60416 --------- C:\WINDOWS\system32\tzchange.exe

2007-06-27 16:09 6058496 --a------ C:\WINDOWS\system32\ieframe.dll

2007-06-27 16:09 52224 --a------ C:\WINDOWS\system32\msfeedsbs.dll

2007-06-27 16:09 459264 --a------ C:\WINDOWS\system32\msfeeds.dll

2007-06-27 16:09 44544 --a------ C:\WINDOWS\system32\iernonce.dll

2007-06-27 16:09 267776 --a------ C:\WINDOWS\system32\iertutil.dll

2007-06-27 16:09 232960 --a------ C:\WINDOWS\system32\webcheck.dll

2007-06-27 16:09 105984 --a------ C:\WINDOWS\system32\url.dll

2007-06-27 16:09 102400 --a------ C:\WINDOWS\system32\occache.dll

2007-06-27 16:08 384512 --a------ C:\WINDOWS\system32\iedkcs32.dll

2007-06-27 16:08 383488 --a------ C:\WINDOWS\system32\ieapfltr.dll

2007-06-27 16:08 230400 --a------ C:\WINDOWS\system32\ieaksie.dll

2007-06-27 16:08 153088 --a------ C:\WINDOWS\system32\ieakeng.dll

2007-06-27 16:08 124928 --a------ C:\WINDOWS\system32\advpack.dll

2007-06-27 10:27 63488 --a------ C:\WINDOWS\system32\ie4uinit.exe

2007-06-27 10:27 13824 --a------ C:\WINDOWS\system32\ieudinit.exe

2007-06-27 09:00 161792 --a------ C:\WINDOWS\system32\ieakui.dll

2007-06-26 08:10 1104896 --a------ C:\WINDOWS\system32\msxml3.dll

2007-06-19 15:32 282112 --a------ C:\WINDOWS\system32\gdi32.dll



(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))


*Note* empty entries are not shown


[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]

"ctfmon.exe"="C:\\WINDOWS\\system32\\ctfmon.exe"

"swg"="C:\\Program Files\\Google\\GoogleToolbarNotifier\\GoogleToolbarNotifier.exe"

@=""

"MSMSGS"="\"C:\\Program Files\\Messenger\\msmsgs.exe\" /background"

"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="\"C:\\Program Files\\Common Files\\Ahead\\lib\\NMBgMonitor.exe\""


[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]

"SoundMan"="SOUNDMAN.EXE"

"NvCplDaemon"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvCpl.dll,NvStartup"

"nwiz"="nwiz.exe /install"

"NvMediaCenter"="RunDLL32.exe NvMCTray.dll,NvTaskbarInit"

"LXCCCATS"="rundll32 C:\\WINDOWS\\System32\\spool\\DRIVERS\\W32X86\\3\\LXCCtime.dll,_RunDLLEntry@16"

"lxccmon.exe"="\"C:\\Program Files\\Lexmark 3300 Series\\lxccmon.exe\""

"SunJavaUpdateSched"="\"C:\\Program Files\\Java\\jre1.6.0_01\\bin\\jusched.exe\""

"FaxCenterServer"="\"C:\\Program Files\\Lexmark Fax Solutions\\fm3032.exe\" /s"

"NeroFilterCheck"="C:\\WINDOWS\\system32\\NeroCheck.exe"

"AVP"="\"C:\\Program Files\\Kaspersky Lab\\Kaspersky Anti-Virus 6.0\\avp.exe\""

"RemoteControl"="\"C:\\Program Files\\CyberLink\\PowerDVD\\PDVDServ.exe\""

"Adobe Reader Speed Launcher"="\"C:\\Program Files\\Adobe\\Reader 8.0\\Reader\\Reader_sl.exe\""


[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents]

@=""


[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL]

"Installed"="1"

@=""


[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI]

"NoChange"="1"

"Installed"="1"

@=""


[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS]

"Installed"="1"

@=""


[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components]

"DeskHtmlVersion"=dword:00000110

"DeskHtmlMinorVersion"=dword:00000005

"Settings"=dword:00000001

"GeneralFlags"=dword:00000001


[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\0]

"Source"="About:Home"

"SubscribedURL"="About:Home"

"FriendlyName"="Moja bieżšca strona główna"

"Flags"=dword:00000002

"Position"=hex:2c,00,00,00,cc,00,00,00,00,00,00,00,34,03,00,00,e2,02,00,00,00,\

00,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00

"CurrentState"=hex:04,00,00,40

"OriginalStateInfo"=hex:18,00,00,00,ff,ff,00,00,ff,ff,00,00,ff,ff,ff,ff,ff,ff,\

ff,ff,04,00,00,00

"RestoredStateInfo"=hex:18,00,00,00,6a,02,00,00,23,00,00,00,a4,00,00,00,9a,00,\

00,00,01,00,00,00


[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler]

"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Moduł wstępnego ładowania interfejsu Browseui"

"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Demon buforu kategorii składników"


[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]

"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=""


[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]

"NoDriveTypeAutoRun"=dword:00000091


[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\Run]


[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"dontdisplaylastusername"=dword:00000000

"legalnoticecaption"=""

"legalnoticetext"=""

"shutdownwithoutlogon"=dword:00000001

"undockwithoutlogon"=dword:00000001


[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]

"NoDriveTypeAutoRun"=dword:00000091


[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\policies\explorer]

"NoDriveTypeAutoRun"=dword:00000091


[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload]

"PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}"

"CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}"

"WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"

"SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}"

"WPDShServiceObj"="{AAA288BA-9A4C-45B0-95D7-94D524869DB5}"


[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]

"Gadu-Gadu"="\"C:\\Program Files\\Gadu-Gadu\\gg.exe\" /tray"


[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg]


[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ccApp]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="ccApp"

"hkey"="HKLM"

"command"="\"c:\\Program Files\\Common Files\\Symantec Shared\\ccApp.exe\""

"inimapping"="0"


[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Gadu-Gadu]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="gg"

"hkey"="HKCU"

"command"="\"C:\\Program Files\\Gadu-Gadu\\gg.exe\" /tray"

"inimapping"="0"


[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="msmsgs"

"hkey"="HKCU"

"command"="\"C:\\Program Files\\Messenger\\msmsgs.exe\" /background"

"inimapping"="0"


[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="NeroCheck"

"hkey"="HKLM"

"command"="C:\\WINDOWS\\system32\\NeroCheck.exe"

"inimapping"="0"


[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="Skype"

"hkey"="HKCU"

"command"="\"C:\\Program Files\\Skype\\Phone\\Skype.exe\" /nosplash /minimized"

"inimapping"="0"


[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="GoogleToolbarNotifier"

"hkey"="HKCU"

"command"="C:\\Program Files\\Google\\GoogleToolbarNotifier\\1.2.1128.5462\\GoogleToolbarNotifier.exe"

"inimapping"="0"


[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]

"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"


Completion time: 07-09-14 16:39:02.56

C:\ComboFix.txt ... 07-09-14 16:39

C:\ComboFix2.txt ... 07-09-12 16:48

C:\ComboFix3.txt ... 07-09-12 16:44

czy wszytko gra???

jessica · 17 Wrzesień 2007 06:13

Ja nie widzę nic podejrzanego.

jessi

slodka · 17 Wrzesień 2007 09:24

aha czyli juz wszystko jest ok

dziekuje za sprawdzenie logow:)