x-kom hosting

logi z combofix i hijackthis do sprawdzenia

wojtekquns
utworzono
utworzono
ComboFix 09-05-09.05 - Administrator 2006-02-24  0:08.1 - NTFSx86Microsoft Windows XP Professional  5.1.2600.2.1250.48.1045.18.503.198 [GMT 1:00]Uruchomiony z: c:\documents and settings\Administrator\Pulpit\ComboFix.exeAV: PC Tools AntiVirus 5.0.1.1 *On-access scanning enabled* (Updated).(((((((((((((((((((((((((((((((((((((((   Usunięto   ))))))))))))))))))))))))))))))))))))))))))))))))).c:\windows\IE4 Error Log.txt.(((((((((((((((((((((((((   Pliki utworzone od 2006-01-23 do 2006-02-23  ))))))))))))))))))))))))))))))).2009-01-07 17:20 . 2009-01-07 17:20	134144	-c----w	c:\windows\system32\dllcache\sqmapi.dll2009-01-07 17:20 . 2009-01-07 17:20	265720	----a-w	c:\windows\system32\msdbg2.dll2008-09-30 07:26 . 2008-09-30 07:26	--------	d-----w	c:\windows\system32\CatRoot_bak2008-09-11 08:41 . 2008-09-11 08:41	--------	d-----w	c:\documents and settings\Administrator\Dane aplikacji\Symantec2008-09-11 08:40 . 2008-09-11 08:40	--------	d-----w	c:\documents and settings\Administrator\Ustawienia lokalne\Dane aplikacji\Symantec_Corporation2008-09-11 07:48 . 2007-03-28 18:12	15664	----a-w	c:\windows\system32\drivers\GEARAspiWDM.sys2008-09-11 07:48 . 2007-03-28 18:12	109360	----a-w	c:\windows\system32\GEARAspi.dll2008-09-11 07:48 . 2007-03-28 18:49	128104	----a-w	c:\windows\system32\drivers\WimFltr.sys2008-09-11 07:48 . 2007-03-28 18:23	14072	----a-w	c:\windows\system32\drivers\vproeventmonitor.sys2008-09-11 07:48 . 2007-03-28 18:29	37864	----a-w	c:\windows\system32\drivers\v2imount.sys2008-09-11 07:48 . 2007-03-28 18:29	131944	----a-w	c:\windows\system32\drivers\symsnap.sys2008-09-11 07:48 . 2008-09-11 07:48	--------	dc----w	c:\windows\system32\DRVSTORE2008-09-11 07:46 . 2008-09-11 07:47	--------	d-----w	c:\program files\Norton Ghost2008-09-11 07:45 . 2008-09-11 07:50	--------	d-----w	c:\documents and settings\All Users\Dane aplikacji\Symantec2008-09-11 07:45 . 2008-09-11 07:47	--------	d-----w	c:\program files\Common Files\Symantec Shared2008-09-11 07:45 . 2008-09-11 07:45	--------	d-----w	c:\program files\Symantec2008-09-11 07:31 . 2008-09-11 07:31	--------	d-----w	c:\documents and settings\Administrator\Ustawienia lokalne\Dane aplikacji\Opera2008-09-11 07:31 . 2008-09-11 07:31	--------	d-----w	c:\program files\Opera2008-06-13 11:02 . 2008-06-13 11:02	--------	d-----w	c:\windows\system32\Adobe2008-06-13 05:38 . 2008-06-14 18:01	273024	-c----w	c:\windows\system32\dllcache\bthport.sys2008-06-13 05:38 . 2008-06-14 18:01	273024	------w	c:\windows\system32\drivers\bthport.sys2008-06-09 07:08 . 2009-03-08 03:31	55296	-c--a-w	c:\windows\system32\dllcache\msfeedsbs.dll2008-06-09 07:08 . 2009-03-08 03:32	594432	-c--a-w	c:\windows\system32\dllcache\msfeeds.dll2008-06-09 07:08 . 2008-08-25 08:38	13824	-c----w	c:\windows\system32\dllcache\ieudinit.exe2008-06-09 07:08 . 2009-03-08 03:32	1985024	-c--a-w	c:\windows\system32\dllcache\iertutil.dll2008-06-09 07:08 . 2009-03-08 03:39	11063808	-c--a-w	c:\windows\system32\dllcache\ieframe.dll2008-06-09 07:08 . 2009-03-08 03:11	445952	-c--a-w	c:\windows\system32\dllcache\ieapfltr.dll2008-06-09 07:08 . 2009-02-06 20:07	3698584	-c--a-w	c:\windows\system32\dllcache\ieapfltr.dat2008-06-09 07:08 . 2009-03-08 03:31	59904	-c--a-w	c:\windows\system32\dllcache\icardie.dll2008-06-09 07:08 . 2006-02-21 00:59	--------	d-----w	c:\windows\system32\pl-pl2008-06-06 10:30 . 2008-06-06 10:30	--------	d-----w	c:\program files\QuickTime2008-05-27 07:54 . 2006-02-20 23:10	52	----a-w	c:\windows\system\ACD.CMD2008-05-27 07:54 . 2006-02-20 23:10	52	----a-w	c:\windows\system\ACD2.CMD2008-05-27 07:54 . 2001-11-22 13:00	24626	----a-w	c:\windows\system32\scrrntr.dll2008-05-27 07:54 . 2002-11-20 19:16	180224	----a-w	c:\windows\system32\Ijl11.dll2008-04-18 12:34 . 2008-04-18 12:34	--------	d-----w	c:\program files\Common Files\Lingea Shared2008-04-18 12:33 . 2008-04-18 12:33	--------	d-----w	c:\program files\Oxford2008-04-08 07:46 . 2008-04-08 07:46	--------	d-----w	c:\documents and settings\Administrator\Ustawienia lokalne\Dane aplikacji\Help2008-04-08 06:02 . 2008-04-08 06:02	--------	d-----w	c:\program files\Educat2008-01-12 18:17 . 2006-07-30 17:00	86016	----a-r	c:\windows\system32\ZSPOOL.DLL2008-01-12 18:17 . 2006-07-30 17:00	24576	----a-r	c:\windows\system32\ZTAG32.DLL2008-01-12 18:17 . 2006-07-30 17:00	28672	----a-r	c:\windows\system32\IMF32.DLL2008-01-12 18:17 . 2006-07-30 17:00	102400	----a-r	c:\windows\system32\zlhp1018.dll2008-01-12 18:17 . 2006-07-30 17:00	28672	----a-r	c:\windows\system32\zlm.dll2008-01-12 18:17 . 2006-07-30 17:00	106496	----a-r	c:\windows\system32\vshp1018.dll2008-01-12 18:17 . 2006-07-30 17:00	442368	----a-r	c:\windows\system32\zshp1018.exe2008-01-12 18:17 . 2008-01-12 18:17	--------	d-----w	c:\program files\Hewlett-Packard2008-01-12 18:17 . 2008-01-12 18:17	--------	d--h--w	c:\program files\Zenographics2008-01-07 06:42 . 2008-01-07 06:42	--------	d-----w	c:\program files\DITel2007-12-14 13:16 . 2007-03-21 18:39	1060864	----a-w	c:\windows\system32\MFC71.DLL2007-12-14 13:16 . 2007-03-21 18:33	503808	----a-w	c:\windows\system32\MSVCP71.DLL2007-12-14 13:16 . 2007-03-21 18:33	348160	----a-w	c:\windows\system32\MSVCR71.DLL2007-12-14 13:16 . 2007-12-14 13:16	--------	d-----w	c:\program files\Alwil Software2007-12-14 10:04 . 2007-12-14 10:10	--------	d-----w	c:\documents and settings\Administrator\Ustawienia lokalne\Dane aplikacji\Adobe2007-12-14 10:04 . 2007-12-14 10:04	--------	d-----w	c:\program files\Common Files\Adobe2007-12-07 10:19 . 2007-12-07 10:19	--------	d-----w	C:\SaveFolder2007-12-07 10:18 . 2007-12-07 10:18	--------	d-----w	c:\program files\RemoteAgent2007-12-07 10:18 . 2006-09-27 13:56	110592	----a-w	c:\windows\system32\vcmimm4.dll2007-11-14 08:26 . 2007-11-14 08:26	--------	d-----w	C:\spoolerlogs2007-11-13 13:11 . 2008-05-28 06:31	--------	d-----w	C:\Jan Michonski2007-09-19 11:30 . 2007-09-19 11:30	--------	d-----w	c:\windows\system32\LogFiles2007-05-08 14:03 . 2007-05-08 14:03	1275392	----a-w	c:\windows\system32\msxml4.dll2007-04-16 07:16 . 2007-04-16 07:16	--------	d-----w	c:\documents and settings\Administrator\Dane aplikacji\VULCAN2007-04-16 07:15 . 2007-04-16 07:15	--------	d-----w	c:\program files\VULCAN2007-04-16 07:15 . 2007-04-16 07:15	--------	d-----w	c:\program files\Common Files\VULCAN2007-04-16 07:15 . 2007-04-16 07:15	--------	d-----w	c:\documents and settings\All Users\Dane aplikacji\VULCAN2007-02-28 16:04 . 2008-08-14 13:46	2181632	-c----w	c:\windows\system32\dllcache\ntoskrnl.exe2007-02-28 16:04 . 2008-08-14 13:46	2059008	-c----w	c:\windows\system32\dllcache\ntkrnlpa.exe2007-02-28 16:04 . 2008-08-14 13:46	2017280	-c----w	c:\windows\system32\dllcache\ntkrpamp.exe2007-02-28 16:04 . 2008-08-14 13:46	2137600	-c----w	c:\windows\system32\dllcache\ntkrnlmp.exe2006-11-21 07:20 . 2006-11-21 07:20	--------	d-----w	c:\documents and settings\All Users\Dane aplikacji\.Beniamin2006-11-20 06:39 . 2006-11-20 06:39	--------	d-----w	c:\program files\MSXML 4.02006-11-20 06:39 . 2006-11-20 06:39	--------	d-----w	C:\464e63ee97b13cf492bc59ef8d0fa22006-10-10 11:26 . 2006-10-10 11:28	--------	d-----w	c:\program files\Sky 32006-09-20 15:35 . 2006-09-20 15:35	441136	-c----w	c:\windows\system32\dllcache\WgaLogon.dll2006-09-20 15:35 . 2006-09-20 15:35	280368	-c----w	c:\windows\system32\dllcache\WgaTray.exe2006-09-07 11:41 . 2006-09-07 11:41	--------	d-----w	c:\documents and settings\Administrator\Dane aplikacji\Ahead2006-08-02 22:15 . 2004-08-05 13:58	65536	----a-w	c:\windows\system32\NeroCo.dll2006-07-11 13:09 . 2006-07-11 13:12	--------	d-----w	C:\windist2006-07-11 12:22 . 2006-07-11 10:03	--------	d-----w	c:\windows\system32\config\systemprofile\Dane aplikacji\PWNEncy20052006-07-11 12:22 . 2006-07-11 08:53	--------	d-----w	c:\windows\system32\config\systemprofile\Dane aplikacji\SmarThru42006-07-11 12:16 . 2006-07-11 12:16	262144	----a-w	c:\windows\system32\default_user_class.dat2006-07-11 11:27 . 2006-07-11 11:27	--------	d--h--w	c:\windows\system32\GroupPolicy2006-07-11 11:15 . 2004-08-04 12:00	17632	----a-w	c:\windows\system32\drivers\mscsrv.sys2006-07-11 11:15 . 2006-07-11 11:15	35840	----a-w	c:\windows\system32\cenzorupg.exe2006-07-11 11:15 . 2002-07-15 17:18	8704	----a-w	c:\windows\system32\sporder.dll2006-07-11 11:15 . 2004-08-04 12:00	194560	----a-w	c:\windows\system32\ws2icp.dll2006-07-11 10:03 . 2006-07-11 10:03	--------	d-----w	c:\documents and settings\Administrator\Dane aplikacji\PWNEncy20052006-07-11 09:12 . 2001-04-04 12:00	245760	----a-w	c:\windows\system32\DECO_32.DLL2006-07-11 09:12 . 2006-07-11 10:22	--------	d-----w	c:\program files\PWN2006-07-11 08:52 . 2006-07-11 09:00	--------	d-----w	c:\program files\Readiris2006-07-11 08:52 . 2006-07-11 09:00	--------	d-----w	c:\program files\SmarThru 42006-07-11 08:49 . 2006-07-11 08:49	--------	d-----w	c:\windows\system32\drivers\Samsung2006-07-11 08:49 . 2005-07-06 12:00	41984	----a-w	c:\windows\system32\drivers\DgivEcp.sys2006-07-11 08:49 . 2006-07-11 08:49	--------	d-----w	c:\program files\Samsung2006-07-11 08:49 . 2005-03-03 04:32	151552	----a-w	c:\windows\system32\scx420ci.exe2006-07-11 08:49 . 2004-10-12 05:25	57344	----a-w	c:\windows\system32\scx420ci.dll2006-07-11 08:49 . 2004-11-09 03:14	10077	----a-w	c:\windows\system32\scx420lm.DLL2006-07-11 08:47 . 2004-08-03 21:01	25856	-c--a-w	c:\windows\system32\dllcache\usbprint.sys2006-07-11 08:47 . 2004-08-03 21:01	25856	----a-w	c:\windows\system32\drivers\usbprint.sys2006-07-11 08:47 . 2004-11-09 03:14	49152	----a-w	c:\windows\system32\ssusbpn.dll2006-07-11 08:47 . 2005-07-06 12:00	69632	----a-w	c:\windows\system32\ssdevm.dll2006-07-11 08:47 . 2004-05-17 01:45	45056	----a-r	c:\windows\system32\Ssuiext.dll2006-07-11 08:47 . 2005-06-23 13:34	49152	----a-r	c:\windows\system32\WIASTIIO.dll2006-07-11 08:47 . 2004-11-17 09:16	77824	----a-r	c:\windows\system32\WIAIPH.dll2006-07-11 08:47 . 2005-02-02 04:39	81920	----a-r	c:\windows\system32\WIAEH.dll2006-07-11 08:47 . 2005-03-24 11:58	53315	----a-r	c:\windows\system32\Sswiadrv.dll2006-07-11 08:47 . 2004-08-03 20:58	15104	-c--a-w	c:\windows\system32\dllcache\usbscan.sys2006-07-11 08:47 . 2004-08-03 20:58	15104	----a-w	c:\windows\system32\drivers\usbscan.sys2006-07-11 08:46 . 2004-08-03 21:08	31616	-c--a-w	c:\windows\system32\dllcache\usbccgp.sys2006-07-11 08:46 . 2004-08-03 21:08	31616	----a-w	c:\windows\system32\drivers\usbccgp.sys2006-07-11 08:30 . 2006-06-30 17:29	12328	----a-w	c:\documents and settings\bibliotekarz01\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT2006-07-11 08:27 . 2006-06-30 17:29	12328	----a-w	c:\documents and settings\czytelnik04b\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT2006-07-11 08:26 . 2006-06-30 17:29	12328	----a-w	c:\documents and settings\czytelnik03b\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT2006-07-11 08:24 . 2006-06-30 17:29	12328	----a-w	c:\documents and settings\czytelnik01b\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT2006-07-11 07:53 . 2004-03-22 14:17	24816	----a-w	c:\windows\system32\mdimon.dll2006-07-11 07:52 . 2006-07-11 07:52	--------	d-----w	c:\program files\Microsoft.NET2006-07-11 07:50 . 2006-07-11 07:52	--------	d-----w	c:\windows\SHELLNEW2006-07-10 13:03 . 2006-06-30 17:29	12328	----a-w	c:\documents and settings\czytelnik02a\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT2006-07-10 12:55 . 2006-06-30 17:29	12328	----a-w	c:\documents and settings\czytelnik02c\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT2006-07-10 12:54 . 2006-06-30 17:29	12328	----a-w	c:\documents and settings\czytelnik04c\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT2006-07-10 12:53 . 2006-06-30 17:29	12328	----a-w	c:\documents and settings\czytelnik03c\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT2006-07-10 11:18 . 2006-07-10 11:18	--------	d-----w	c:\program files\Microsoft Shared Computer Toolkit2006-07-10 11:09 . 2006-07-10 11:10	--------	d-----w	c:\program files\UPHClean2006-07-10 10:44 . 2005-09-01 09:03	127488	----a-w	c:\windows\system32\drivers\imagesrv.sys.((((((((((((((((((((((((((((((((((((((((   Sekcja Find3M   )))))))))))))))))))))))))))))))))))))))))))))))))))).2009-03-08 03:34 . 2004-08-04 12:00	914944	----a-w	c:\windows\system32\wininet.dll2009-03-08 03:34 . 2004-08-04 12:00	43008	----a-w	c:\windows\system32\licmgr10.dll2009-03-08 03:33 . 2004-08-04 12:00	18944	----a-w	c:\windows\system32\corpol.dll2009-03-08 03:33 . 2004-08-04 12:00	420352	----a-w	c:\windows\system32\vbscript.dll2009-03-08 03:32 . 2004-08-04 12:00	72704	----a-w	c:\windows\system32\admparse.dll2009-03-08 03:32 . 2004-08-04 12:00	71680	----a-w	c:\windows\system32\iesetup.dll2009-03-08 03:31 . 2004-08-04 12:00	34816	----a-w	c:\windows\system32\imgutil.dll2009-03-08 03:31 . 2004-08-04 12:00	48128	----a-w	c:\windows\system32\mshtmler.dll2009-03-08 03:31 . 2004-08-04 12:00	45568	----a-w	c:\windows\system32\mshta.exe2009-03-08 03:22 . 2004-08-04 12:00	156160	----a-w	c:\windows\system32\msls31.dll2009-01-07 17:21 . 2006-06-30 17:33	26144	----a-w	c:\windows\system32\spupdsvc.exe2009-01-07 17:20 . 2006-06-28 15:59	24576	----a-w	c:\windows\system32\nlsdl.dll2009-01-07 17:20 . 2006-06-29 06:05	26112	----a-w	c:\windows\system32\idndl.dll2009-01-07 17:20 . 2006-06-29 06:05	23552	----a-w	c:\windows\system32\normaliz.dll2008-10-23 16:09 . 2008-10-23 16:08	--------	d-----w	c:\program files\Winamp2008-10-16 13:13 . 2006-06-30 17:23	202776	----a-w	c:\windows\system32\wuweb.dll2008-10-16 13:13 . 2006-06-30 17:23	1809944	----a-w	c:\windows\system32\wuaueng.dll2008-10-16 13:12 . 2006-06-30 17:23	323608	----a-w	c:\windows\system32\wucltui.dll2008-10-16 13:12 . 2006-06-30 17:23	561688	----a-w	c:\windows\system32\wuapi.dll2008-10-16 13:09 . 2006-06-30 17:23	51224	----a-w	c:\windows\system32\wuauclt.exe2008-10-16 13:09 . 2005-05-26 02:16	43544	----a-w	c:\windows\system32\wups2.dll2008-10-16 13:09 . 2004-08-04 12:00	92696	----a-w	c:\windows\system32\cdm.dll2008-10-16 13:08 . 2006-06-30 17:23	34328	----a-w	c:\windows\system32\wups.dll2008-09-15 15:40 . 2004-08-04 12:00	1846272	----a-w	c:\windows\system32\win32k.sys2008-09-11 07:39 . 2006-06-30 17:33	--------	d-----w	c:\program files\Common Files\InstallShield2008-08-28 10:04 . 2004-08-04 12:00	333056	----a-w	c:\windows\system32\drivers\srv.sys2008-08-14 13:46 . 2004-08-04 00:38	2059008	----a-w	c:\windows\system32\ntkrnlpa.exe2008-08-14 13:46 . 2004-08-04 12:00	2181632	----a-w	c:\windows\system32\ntoskrnl.exe2008-08-14 09:51 . 2004-08-04 12:00	138368	----a-w	c:\windows\system32\drivers\afd.sys2008-07-07 20:33 . 2004-08-04 12:00	253952	----a-w	c:\windows\system32\es.dll2008-06-24 16:24 . 2004-08-04 12:00	74240	----a-w	c:\windows\system32\mscms.dll2008-06-20 17:42 . 2004-08-04 12:00	246784	----a-w	c:\windows\system32\mswsock.dll2008-06-20 10:45 . 2004-08-04 12:00	360320	----a-w	c:\windows\system32\drivers\tcpip.sys2008-06-20 09:52 . 2004-08-04 12:00	225920	----a-w	c:\windows\system32\drivers\tcpip6.sys2008-05-08 12:28 . 2004-08-04 12:00	202752	----a-w	c:\windows\system32\drivers\rmcast.sys2008-05-07 05:16 . 2004-08-04 12:00	1291264	----a-w	c:\windows\system32\quartz.dll2008-04-11 18:51 . 2006-06-30 17:23	683520	----a-w	c:\windows\system32\inetcomm.dll2008-03-25 04:52 . 2004-08-04 12:00	621344	----a-w	c:\windows\system32\mswstr10.dll2008-03-25 04:52 . 2004-08-04 12:00	178976	----a-w	c:\windows\system32\msjint40.dll2008-02-26 12:01 . 2004-08-04 12:00	294912	----a-w	c:\windows\system32\msctf.dll2008-02-20 06:51 . 2004-08-04 12:00	282624	----a-w	c:\windows\system32\gdi32.dll2008-02-20 05:38 . 2004-08-04 12:00	45568	----a-w	c:\windows\system32\dnsrslvr.dll2008-02-12 10:44 . 2006-02-20 23:16	21904	----a-w	c:\windows\system32\drivers\AVFilter.sys2007-12-18 09:51 . 2004-08-04 12:00	179584	----a-w	c:\windows\system32\drivers\mrxdav.sys2007-12-06 15:51 . 2006-02-20 23:16	28568	----a-w	c:\windows\system32\drivers\AVHook.sys2007-12-06 15:51 . 2006-02-20 23:16	21912	----a-w	c:\windows\system32\drivers\AVRec.sys2007-12-04 18:42 . 2004-08-04 12:00	550912	----a-w	c:\windows\system32\oleaut32.dll2007-11-13 13:31 . 2006-06-30 17:34	--------	d--h--w	c:\program files\InstallShield Installation Information2007-11-13 10:25 . 2004-08-04 12:00	20480	----a-w	c:\windows\system32\drivers\secdrv.sys2007-11-07 09:29 . 2004-08-04 12:00	723968	----a-w	c:\windows\system32\lsasrv.dll2007-10-25 09:00 . 2004-08-04 12:00	230912	----a-w	c:\windows\system32\wmasf.dll2007-07-09 13:11 . 2004-08-04 12:00	584192	----a-w	c:\windows\system32\rpcrt4.dll2007-07-06 12:51 . 2004-08-04 12:00	95744	----a-w	c:\windows\system32\mqsec.dll2007-07-06 12:51 . 2004-08-04 12:00	660992	----a-w	c:\windows\system32\mqqm.dll2007-07-06 12:51 . 2004-08-04 12:00	512000	----a-w	c:\windows\system32\mqutil.dll2007-07-06 12:51 . 2004-08-04 12:00	48640	----a-w	c:\windows\system32\mqupgrd.dll2007-07-06 12:51 . 2004-08-04 12:00	47104	----a-w	c:\windows\system32\mqdscli.dll2007-07-06 12:51 . 2004-08-04 12:00	177152	----a-w	c:\windows\system32\mqrt.dll2007-07-06 12:51 . 2004-08-04 12:00	16896	----a-w	c:\windows\system32\mqise.dll2007-07-06 12:51 . 2004-08-04 12:00	138240	----a-w	c:\windows\system32\mqad.dll2007-07-06 10:05 . 2004-08-04 12:00	72960	----a-w	c:\windows\system32\drivers\mqac.sys2007-06-26 06:10 . 2004-08-04 12:00	1104896	----a-w	c:\windows\system32\msxml3.dll2007-06-13 13:23 . 2004-08-04 12:00	1034752	------w	c:\windows\explorer.exe2007-04-25 14:23 . 2004-08-04 12:00	144896	----a-w	c:\windows\system32\schannel.dll2007-04-23 10:32 . 2004-08-04 12:00	364160	----a-w	c:\windows\system32\drivers\update.sys2007-04-18 16:14 . 2004-08-04 12:00	2854400	----a-w	c:\windows\system32\msi.dll2007-03-17 13:45 . 2004-08-04 12:00	293376	----a-w	c:\windows\system32\winsrv.dll2007-03-08 15:38 . 2004-08-04 12:00	579072	----a-w	c:\windows\system32\user32.dll2007-03-08 15:38 . 2004-08-04 12:00	40960	----a-w	c:\windows\system32\mf3216.dll2007-03-07 23:51 . 2008-10-23 16:08	9464	------w	c:\windows\system32\drivers\cdralw2k.sys2007-03-07 23:51 . 2008-10-23 16:08	9336	------w	c:\windows\system32\drivers\cdr4_xp.sys2007-03-07 23:51 . 2008-10-23 16:08	43528	------w	c:\windows\system32\drivers\PxHelp20.sys2007-03-07 23:51 . 2008-10-23 16:08	129784	------w	c:\windows\system32\pxafs.dll2007-02-09 11:10 . 2004-08-04 12:00	574464	----a-w	c:\windows\system32\drivers\ntfs.sys2007-02-05 20:19 . 2004-08-04 12:00	185856	----a-w	c:\windows\system32\upnphost.dll2006-11-17 07:22 . 2006-06-30 17:29	42944	----a-w	c:\documents and settings\Administrator\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT2006-11-01 19:19 . 2004-08-04 12:00	927504	----a-w	c:\windows\system32\mfc40u.dll2006-10-20 01:39 . 2004-08-04 12:00	714240	----a-w	c:\windows\system32\sxs.dll2006-10-16 16:16 . 2004-08-04 12:00	123392	----a-w	c:\windows\system32\oledlg.dll2006-10-14 08:13 . 2004-08-04 12:00	981760	----a-w	c:\windows\system32\mfc42u.dll2006-10-13 12:41 . 2004-08-04 12:00	65536	----a-w	c:\windows\system32\nwwks.dll2006-10-13 12:41 . 2004-08-04 12:00	64000	----a-w	c:\windows\system32\nwapi32.dll2006-10-13 12:41 . 2004-08-04 12:00	143872	----a-w	c:\windows\system32\nwprovau.dll2006-10-13 10:23 . 2004-08-04 12:00	163584	----a-w	c:\windows\system32\drivers\nwrdr.sys2006-08-25 15:51 . 2004-08-04 12:00	617472	----a-w	c:\windows\system32\comctl32.dll2006-08-24 12:19 . 2004-08-04 12:00	246814	----a-w	c:\windows\system32\strmdll.dll2006-08-24 12:18 . 2004-08-04 12:00	499766	----a-w	c:\windows\system32\dxmasf.dll2006-08-21 12:28 . 2006-06-30 17:23	16896	----a-w	c:\windows\system32\fltlib.dll2006-08-21 09:14 . 2006-06-30 17:23	23040	----a-w	c:\windows\system32\fltmc.exe2006-08-21 09:14 . 2006-06-30 17:23	128896	----a-w	c:\windows\system32\drivers\fltmgr.sys2006-08-17 12:30 . 2004-08-04 12:00	132096	----a-w	c:\windows\system32\wkssvc.dll2006-08-16 11:59 . 2004-08-04 12:00	100352	----a-w	c:\windows\system32\6to4svc.dll2006-08-02 22:15 . 2006-06-30 11:43	--------	d-----w	c:\program files\Ahead2006-07-21 08:29 . 2004-08-04 12:00	72704	----a-w	c:\windows\system32\hlink.dll2006-06-30 17:34 . 2006-06-30 17:34	--------	d-----w	c:\program files\GIGABYTE2006-06-30 17:34 . 2006-06-30 17:34	--------	d-----w	c:\program files\Realtek2006-06-30 17:31 . 2006-06-30 17:31	--------	d-----w	c:\program files\Intel2006-06-30 17:31 . 2006-06-30 17:31	--------	d-----w	c:\program files\Yahoo!2006-06-30 17:29 . 2006-07-11 08:31	12328	----a-w	c:\documents and settings\bibliotekarz04\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT2006-06-30 17:29 . 2006-07-11 08:31	12328	----a-w	c:\documents and settings\bibliotekarz03\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT.(((((((((((((((((((((((((((((((((((((   Wpisy startowe rejestru   ))))))))))))))))))))))))))))))))))))))))))))))))))..*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane  REGEDIT4[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2004-08-04 15360]"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2004-10-13 1694208]"NBJ"="c:\program files\Ahead\Nero BackItUp\NBJ.exe" [2005-10-11 1961984][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"igfxtray"="c:\windows\system32\igfxtray.exe" [2005-11-28 98304]"igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2005-11-28 77824]"igfxpers"="c:\windows\system32\igfxpers.exe" [2005-11-28 118784]"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]"R2Plus_S2P"="c:\program files\Samsung\Samsung SCX-4x20 Series\PSU\Scan2pc.exe" [2005-07-01 69632]"NSCSysTrayUI"="c:\program files\Samsung\Samsung SCX-4x20 Series\NetworkScan\NSCSysTrayUI.exe" [2005-06-22 266240]"DemonStarter"="c:\program files\PWN\Definicje\Bin\Starter.exe" [2004-09-17 49152]"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-10-10 39792]"OrderReminder"="c:\program files\Hewlett-Packard\OrderReminder\OrderReminder.exe" [2006-07-30 98304]"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-06-06 413696]"Norton Ghost 12.0"="c:\program files\Norton Ghost\Agent\VProTray.exe" [2007-03-28 2037352]"WinampAgent"="c:\program files\Winamp\winampa.exe" [2008-09-12 36352]"PCTAVApp"="c:\program files\PC Tools AntiVirus\PCTAV.exe" [2008-12-04 1370000]"RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.exe [2006-05-18 16207872]"SkyTel"="SkyTel.EXE" - c:\windows\SkyTel.exe [2006-02-20 2879488][HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-04 15360]c:\windows\system32\config\systemprofile\Menu Start\Programy\Autostart\Check Windows Disk Protection.lnk - c:\program files\Microsoft Shared Computer Toolkit\CheckWDP.hta [2006-2-23 6181]c:\documents and settings\Administrator\Menu Start\Programy\Autostart\Check Windows Disk Protection.lnk - c:\program files\Microsoft Shared Computer Toolkit\CheckWDP.hta [2006-2-23 6181][HKEY_LOCAL_MACHINE\software\microsoft\security center]"AntiVirusOverride"=dword:00000001[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]"%windir%\\system32\\sessmgr.exe"="c:\\Program Files\\Samsung\\Samsung SCX-4x20 Series\\NetworkScan\\NSCSysTrayUI.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe"=R0 ewf;ewf;c:\windows\system32\drivers\ewf.sys [2006-02-23 46976]R2 Harmonogram automatycznej usługi LiveUpdate;Harmonogram automatycznej usługi LiveUpdate;c:\program files\Symantec\LiveUpdate\AluSchedulerSvc.exe [2008-09-11 554352]R2 mscsrv;mscsrv;c:\windows\system32\drivers\mscsrv.sys [2006-07-11 17632]R2 SCTThresholdMon;SCTThresholdMonitor;c:\program files\Microsoft Shared Computer Toolkit\bin\SRVANY.EXE [2006-02-23 8192]S2 CenzorUpgrade;Cenzor Upgrade;c:\windows\system32\cenzorupg.exe [2006-07-11 35840]S2 WDPOperations;WDPOperations;c:\program files\Microsoft Shared Computer Toolkit\bin\SRVANY.EXE [2006-02-23 8192]--- Inne Usługi/Sterowniki w Pamięci ---*Deregistered* - mchInjDrv*Deregistered* - uphcleanhlp[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0b2ff18b-a266-11da-8623-0016e6590df0}]\Shell\Auto\command - E:\activexdebugger32.exe f\Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL activexdebugger32.exe f\Shell\explore\Command - E:\activexdebugger32.exe f\Shell\open\Command - E:\activexdebugger32.exe f[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0c50a1b1-a11c-11dd-be6b-0016e6590df0}]\Shell\Auto\command - E:\activexdebugger32.exe f\Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL activexdebugger32.exe f\Shell\explore\Command - E:\activexdebugger32.exe f\Shell\open\Command - E:\activexdebugger32.exe f[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3572a823-10d7-11db-bfba-806d6172696f}]\Shell\AutoRun\command - D:\setup.exe[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4985e656-37a6-11dd-a180-0016e6590df0}]\Shell\Auto\command - E:\activexdebugger32.exe f\Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL activexdebugger32.exe f\Shell\explore\Command - E:\activexdebugger32.exe f\Shell\open\Command - E:\activexdebugger32.exe f[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5f5946aa-3c3b-11dd-a192-0016e6590df0}]\Shell\Auto\command - E:\activexdebugger32.exe f\Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL activexdebugger32.exe f\Shell\explore\Command - E:\activexdebugger32.exe f\Shell\open\Command - E:\activexdebugger32.exe f[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{6bc6b2cd-c13b-11dc-a12a-0016e6590df0}]\Shell\Auto\command - E:\activexdebugger32.exe f\Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL activexdebugger32.exe f\Shell\explore\Command - E:\activexdebugger32.exe f\Shell\open\Command - E:\activexdebugger32.exe f[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{6e86d3dc-3942-11dd-a18a-0016e6590df0}]\Shell\Auto\command - E:\activexdebugger32.exe f\Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL activexdebugger32.exe f\Shell\explore\Command - E:\activexdebugger32.exe f\Shell\open\Command - E:\activexdebugger32.exe f[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c3241a57-8ee4-11dd-9737-0016e6590df0}]\Shell\AutoRun\command - E:\\Shell\open\Command - rundll32.exe .\desktop.dll,InstallM[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e9280449-10dc-11db-9292-806d6172696f}]\Shell\AutoRun\command - D:\setup.exe[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]"c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP.Zawartość folderu 'Zaplanowane zadania'2006-02-23 c:\windows\Tasks\User_Feed_Synchronization-{1375DBBF-1456-453D-8457-D9EF20CCA570}.job- c:\windows\system32\msfeedssync.exe [2007-08-13 03:31].- - - - USUNIĘTO PUSTE WPISY - - - -HKLM-Run-tguard - c:\program files\Beniamin\tguard.exeSSODL-UpdateCheck-{7DC44C9F-A56D-4309-B21B-FC2044366677} - c:\windows\system32\mstmdm.dll.------- Skan uzupełniający -------.uStart Page = hxxp://www.google.pl/uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7uInternet Connection Wizard,ShellNext = iexploreIE: E&ksport do programu Microsoft Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000LSP: c:\program files\Common Files\PC Tools\Lsp\PCTLsp.dllLSP: ws2icp.dll.**************************************************************************catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.netRootkit scan 2006-02-24 00:11Windows 5.1.2600 Dodatek Service Pack 2 NTFSskanowanie ukrytych procesów ...  skanowanie ukrytych wpisów autostartu ... skanowanie ukrytych plików ...  skanowanie pomyślnie ukończoneukryte pliki: 0**************************************************************************.--------------------- ZABLOKOWANE KLUCZE REJESTRU ---------------------[HKEY_USERS\S-1-5-21-731500479-826713397-767345452-500\Software\Microsoft\Internet Explorer\User Preferences]@Denied: (2) (Administrator)"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,   d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,80,30,3a,3d,10,1e,ba,40,a5,91,cc,\"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,   d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,80,30,3a,3d,10,1e,ba,40,a5,91,cc,\.--------------------- Pliki DLL ładowane pod uruchomionymi procesami ---------------------- - - - - - - > 'winlogon.exe'(668)c:\program files\PC Tools AntiVirus\PCTAVHook.dllc:\windows\system32\igfxdev.dll- - - - - - - > 'lsass.exe'(724)c:\program files\Common Files\PC Tools\Lsp\PCTLsp.dllc:\windows\system32\ws2icp.dllc:\program files\PC Tools AntiVirus\PCTAVHook.dll- - - - - - - > 'csrss.exe'(644)c:\program files\PC Tools AntiVirus\PCTAVHook.dll.Czas ukończenia: 2006-02-23  0:13ComboFix-quarantined-files.txt  2006-02-23 23:13Przed: 146 954 604 544 bajtów wolnychPo: 147 550 552 064 bajtów wolnychWindowsXP-KB310994-SP2-Pro-BootDisk-PLK.exe[boot loader]timeout=2default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS[operating systems]c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdconsmulti(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect384	--- E O F ---	2005-12-31 22:17

Gość
komentarz
komentarz

Do Notatnika wklej:

Windows Registry Editor Version 5.00[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2][-HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]

Z menu Notatnika >>> Plik >>> Zapisz jako >>> Ustaw rozszerzenie na: "Wszystkie pliki" >>> Zapisz jako FIX.REG>>>

plik uruchom (dwuklik i OK- zgódź się na dodanie do Rejestru).

Zrestartuj komputer.

1. Posprzątaj po ComboFixie i różnych narzędziach >>> OTCleanIt.

2. Z folderu "System Volume Information" usuniesz poprzez chwilowe wyłączenie "Przywracania Systemu":

>Panel Sterowania>System>Przywracanie Systemu>>zaznacz w okienku przy "Wyłącz przywracanie na wszystkich dyskach">Zastosuj>OK.

Potem możesz powrócić do poprzedniego ustawienia (czyli usunąć zaznaczenie z okienka).

3. Wykonaj optymalizację systemu

4.Przeskanuj obszar mojego komputera http://www.kaspersky.pl/virusscanner.html (uruchom przez IE) Daj raport z niego na forum.

.

Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!

Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.

×
×
  • Dodaj nową pozycję...

Powiadomienie o plikach cookie

Strona wykorzystuje pliki cookies w celu prawidłowego świadczenia usług i wygody użytkowników. Warunki przechowywania i dostępu do plików cookies możesz zmienić w ustawieniach przeglądarki.