Duban utworzono 4 maja 2009 utworzono 4 maja 2009 ComboFix 09-05-03.3 - asbkckabv 2009-05-04 14:32.5 - NTFSx86Microsoft Windows XP Home Edition 5.1.2600.2.1250.48.1045.18.958.328 [GMT 2:00]Uruchomiony z: c:\documents and settings\asbkckabv\Pulpit\ComboFix.exeAV: AVG Anti-Virus Free *On-access scanning enabled* (Updated).((((((((((((((((((((((((((((((((((((((( Usunięto ))))))))))))))))))))))))))))))))))))))))))))))))).c:\program files\Mozilla Firefox\plugins\npclntax_ZangoSA.dllc:\windows\system32\New Text Document.txt.((((((((((((((((((((((((( Pliki utworzone od 2009-04-04 do 2009-05-04 ))))))))))))))))))))))))))))))).2009-05-04 12:06 . 2009-05-04 12:06 -------- d-----w c:\program files\Dzielenie i laczenie plikow.(((((((((((((((((((((((((((((((((((((((( Sekcja Find3M )))))))))))))))))))))))))))))))))))))))))))))))))))).2009-05-04 12:31 . 2008-05-02 10:03 6 ---ha-w c:\windows\Tasks\SA.DAT2009-05-03 20:40 . 2008-11-27 21:11 -------- d-----w c:\program files\ipla2009-04-16 20:31 . 2009-03-13 15:23 -------- d-----w c:\program files\Nowe Gadu-Gadu2009-04-14 13:19 . 2009-02-10 19:14 -------- d-----w c:\program files\Last.fm2009-04-09 13:02 . 2004-08-04 12:00 80862 ----a-w c:\windows\system32\perfc015.dat2009-04-09 13:02 . 2004-08-04 12:00 461608 ----a-w c:\windows\system32\perfh015.dat2009-04-07 15:49 . 2008-11-29 09:55 7518 --sha-w c:\windows\system32\KGyGaAvL.sys2009-03-15 18:23 . 2008-11-13 11:38 -------- d-----w c:\program files\Google2009-02-09 12:19 . 2008-12-01 18:37 168 --sh--r c:\windows\system32\A3F249DEB7.sys2009-02-05 17:29 . 2008-07-02 15:26 10520 ----a-w c:\windows\system32\avgrsstx.dll2009-02-05 17:29 . 2008-07-02 15:26 325128 ----a-w c:\windows\system32\drivers\avgldx86.sys2009-02-05 17:29 . 2008-07-02 15:26 107272 ----a-w c:\windows\system32\drivers\avgtdix.sys1998-04-30 12:56 . 2008-08-10 18:05 129024 ----a-w c:\program files\UNWISE.EXE2008-12-19 10:43 . 2008-02-10 13:28 67688 ----a-w c:\program files\mozilla firefox\components\jar50.dll2008-12-19 10:43 . 2008-02-10 13:28 54368 ----a-w c:\program files\mozilla firefox\components\jsd3250.dll2008-12-19 10:43 . 2008-02-10 13:28 34944 ----a-w c:\program files\mozilla firefox\components\myspell.dll2008-12-19 10:43 . 2008-02-10 13:28 46712 ----a-w c:\program files\mozilla firefox\components\spellchk.dll2008-12-19 10:43 . 2008-02-10 13:28 172136 ----a-w c:\program files\mozilla firefox\components\xpinstal.dll.((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru ))))))))))))))))))))))))))))))))))))))))))))))))))..*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane REGEDIT4[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"Gadu-Gadu"="c:\program files\Gadu-Gadu\gg.exe" [2008-03-20 2127296]"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-04 15360]"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-12-27 68856]"Nowe Gadu-Gadu"="c:\program files\Nowe Gadu-Gadu\gg.exe" [2009-04-20 9818728][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-02-05 1601304][HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-04 15360]c:\documents and settings\All Users.WINDOWS\Menu Start\Programy\Autostart\GlobeTrotter Mobility Manager.lnk - c:\program files\Option\GlobeTrotter Mobility Manager\GlobeTrotter Mobility Manager.exe [2006-3-1 3612672][HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]2009-02-05 17:29 10520 ----a-w c:\windows\system32\avgrsstx.dll[HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Menu Start^Programy^Autostart^BTTray.lnk]path=c:\documents and settings\All Users.WINDOWS\Menu Start\Programy\Autostart\BTTray.lnkbackup=c:\windows\pss\BTTray.lnkCommon Startup[HKLM\~\startupfolder\C:^Documents and Settings^asbkckabv^Menu Start^Programy^Autostart^Tworzenie wycinków ekranu i uruchamianie programu OneNote 2007.lnk]path=c:\documents and settings\asbkckabv\Menu Start\Programy\Autostart\Tworzenie wycinków ekranu i uruchamianie programu OneNote 2007.lnkbackup=c:\windows\pss\Tworzenie wycinków ekranu i uruchamianie programu OneNote 2007.lnkStartup[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]"ose"=3 (0x3)"odserv"=3 (0x3)"Microsoft Office Groove Audit Service"=3 (0x3)"gusvc"=3 (0x3)"btwdins"=2 (0x2)[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]"%windir%\\system32\\sessmgr.exe"="c:\\Program Files\\AVG\\AVG8\\avgupd.exe"="c:\\Program Files\\AVG\\AVG8\\avgemc.exe"="c:\\Program Files\\Sony Ericsson\\Update Service\\Update Service.exe"="c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"="c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"="c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"="c:\\Program Files\\Gadu-Gadu\\gg.exe"="c:\\Program Files\\DC++\\DCPlusPlus.exe"="c:\\Program Files\\Mozilla Firefox\\firefox.exe"="c:\\Program Files\\Nowe Gadu-Gadu\\gg.exe"=R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys [2008-07-18 13352]R3 GT43xx;GT43xx Service;c:\windows\system32\DRIVERS\gtwl5.sys [2006-03-01 371712]R3 GTEDGWModem;Option NV GTEDGWModem;c:\windows\system32\DRIVERS\GTEDG.sys [2006-03-01 107904]R3 GTEDGWWNIC;Option NV GTEDGWWNIC;c:\windows\system32\DRIVERS\GTEDGNet.sys [2006-03-01 52864]R3 OptionWWSC;GT EDGE SIM Card Reader;c:\windows\system32\DRIVERS\GTEDGSC.sys [2006-03-01 21888]R3 s115bus;Sony Ericsson Device 115 driver (WDM);c:\windows\system32\DRIVERS\s115bus.sys [2007-04-23 83208]R3 s115mdfl;Sony Ericsson Device 115 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s115mdfl.sys [2007-04-23 15112]R3 s115mdm;Sony Ericsson Device 115 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s115mdm.sys [2007-04-23 108680]R3 s115mgmt;Sony Ericsson Device 115 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s115mgmt.sys [2007-04-23 100488]R3 s115obex;Sony Ericsson Device 115 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s115obex.sys [2007-04-23 98568]R3 s916bus;Sony Ericsson Device 916 driver (WDM);c:\windows\system32\DRIVERS\s916bus.sys [2007-11-02 83496]R3 s916mdfl;Sony Ericsson Device 916 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s916mdfl.sys [2007-11-02 15016]R3 s916mdm;Sony Ericsson Device 916 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s916mdm.sys [2007-11-02 109992]R3 s916mgmt;Sony Ericsson Device 916 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s916mgmt.sys [2007-11-02 103976]R3 s916obex;Sony Ericsson Device 916 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s916obex.sys [2007-11-02 100008]S1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\System32\Drivers\avgldx86.sys [2009-02-05 325128]S1 AvgTdiX;AVG8 Network Redirector;c:\windows\System32\Drivers\avgtdix.sys [2009-02-05 107272]S2 avg8emc;AVG8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [2009-02-05 903960]S2 avg8wd;AVG8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [2009-02-05 298264]S3 EKBfltr;ENE Keyboard Controller;c:\windows\system32\DRIVERS\EKBfltr.sys [2005-01-14 5504][HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{974af824-fe66-11dd-8427-0014a5cbab78}]\Shell\AutoRun\command - E:\LaunchU3.exe -a..------- Skan uzupełniający -------.uStart Page = about:blankuSearch Page = hxxp://www.google.comuSearch Bar = hxxp://www.google.com/ieuSearchURL,(Default) = hxxp://www.google.com/search?q=%sIE: c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htmIE: E&ksportuj do programu Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000IE: {{C5428486-50A0-4a02-9D20-520B59A9F9B3} - {A16AD1E9-F69A-45af-9462-B1C286708842} -FF - ProfilePath - c:\documents and settings\asbkckabv\Dane aplikacji\Mozilla\Firefox\Profiles\6q6ax8df.default\FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=FF - prefs.js: browser.startup.homepage - hxxp://en-us.start.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:en-US:officialFF - component: c:\program files\Mozilla Firefox\components\xpinstal.dllFF - component: c:\program files\Mozilla Firefox\extensions\talkback@mozilla.org\components\qfaservices.dll.**************************************************************************catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.netRootkit scan 2009-05-04 14:34Windows 5.1.2600 Dodatek Service Pack 2 NTFSskanowanie ukrytych procesów ... skanowanie ukrytych wpisów autostartu ... skanowanie ukrytych plików ... skanowanie pomyślnie ukończoneukryte pliki: 0**************************************************************************.--------------------- Pliki DLL ładowane pod uruchomionymi procesami ---------------------- - - - - - - > 'winlogon.exe'(1060)c:\program files\Option\Odyssey\odLogin.dllc:\windows\System32\BCMLogon.dll.Czas ukończenia: 2009-05-04 14:35ComboFix-quarantined-files.txt 2009-05-04 12:35ComboFix2.txt 2008-10-30 21:41Przed: 5 809 897 472 bajtów wolnychPo: 8 426 176 512 bajtów wolnych137 --- E O F --- 2008-08-13 01:01 Dzięki z góry
Gość komentarz 4 maja 2009 komentarz 4 maja 2009 Czysto. Posprzątaj po ComboFixie i różnych narzędziach >>> OTCleanIt. .
Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!
Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.