manciu utworzono 29 maja 2009 utworzono 29 maja 2009 Witam, Od kilku dni mój komputer wysyła spam, informuje mnie o tym avast! Proszę o pomoc w rozwiązaniu tego problemu. Log HijackThis: C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\Program Files\Alwil Software\Avast4\aswUpdSv.exeC:\Program Files\Alwil Software\Avast4\ashServ.exeC:\WINDOWS\system32\spoolsv.exeC:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exeC:\Program Files\Lenovo\Bluetooth Software\bin\btwdins.exeC:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exeC:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Softex\OmniPass\Omniserv.exeC:\Program Files\Lenovo\PM Driver\PMSveH.exeC:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exeC:\WINDOWS\system32\svchost.exec:\program files\lenovo\system update\suservice.exeC:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exeC:\Program Files\Lenovo\Rescue and Recovery\rrservice.exeC:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exeC:\Program Files\Common Files\Lenovo\Logger\logmon.exeC:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exeC:\Program Files\Softex\OmniPass\OPXPApp.exeC:\Program Files\Alwil Software\Avast4\ashMaiSv.exeC:\Program Files\Alwil Software\Avast4\ashWebSv.exeC:\WINDOWS\system32\wbem\wmiapsrv.exeC:\Program Files\ThinkPad\ConnectUtilities\SvcGuiHlpr.exeC:\Program Files\Synaptics\SynTP\SynTPEnh.exeC:\Program Files\Lenovo\HOTKEY\TPHKMGR.exeC:\Program Files\Lenovo\HOTKEY\TpWAudAp.exeC:\PROGRA~1\Lenovo\PMDRIV~1\PMHandler.exeC:\WINDOWS\AGRSMMSG.exeC:\WINDOWS\system32\WLTRAY.exeC:\WINDOWS\system32\hkcmd.exeC:\WINDOWS\system32\igfxpers.exeC:\WINDOWS\vsnp2std.exeC:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exeC:\Program Files\Common Files\InstallShield\UpdateService\issch.exeC:\PROGRA~1\Lenovo\LENOVO~2\LPMGR.exeC:\Program Files\Lenovo\Client Security Solution\cssauth.exeC:\Program Files\Java\jre1.6.0_07\bin\jusched.exeC:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exeC:\WINDOWS\system32\ctfmon.exeC:\Program Files\Lenovo\Bluetooth Software\BTTray.exeC:\WINDOWS\explorer.exeC:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exeC:\Program Files\Java\jre1.6.0_07\bin\jucheck.exeC:\Program Files\Trend Micro\HijackThis\HijackThis.exeR0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://runonce.msn.com/?v=msgrv75R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = ŁączaO2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dllO2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dllO2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)O2 - BHO: Pomocnik rejestracji usługi Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllO2 - BHO: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\WidgiToolbarIE.dllO2 - BHO: ThinkVantage Password Manager - {F040E541-A427-4CF7-85D8-75E3E0F476C5} - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dllO3 - Toolbar: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\WidgiToolbarIE.dllO4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exeO4 - HKLM\..\Run: [skrót do strony właściwości High Definition Audio] HDAShCut.exeO4 - HKLM\..\Run: [TPHOTKEY] C:\Program Files\Lenovo\HOTKEY\TPHKMGR.exeO4 - HKLM\..\Run: [TPWAUDAP] C:\Program Files\Lenovo\HOTKEY\TpWAudAp.exeO4 - HKLM\..\Run: [PMHandler] C:\PROGRA~1\Lenovo\PMDRIV~1\PMHandler.exeO4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exeO4 - HKLM\..\Run: [broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY.exeO4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exeO4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exeO4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exeO4 - HKLM\..\Run: [snp2std] C:\WINDOWS\vsnp2std.exeO4 - HKLM\..\Run: [OmniPass] C:\Program Files\Softex\OmniPass\scureapp.exeO4 - HKLM\..\Run: [TVT Scheduler Proxy] C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exeO4 - HKLM\..\Run: [iSUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startupO4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -startO4 - HKLM\..\Run: [LPManager] C:\PROGRA~1\Lenovo\LENOVO~2\LPMGR.exeO4 - HKLM\..\Run: [AMSG] C:\PROGRA~1\THINKV~1\AMSG\amsg.exeO4 - HKLM\..\Run: [DiskeeperSystray] "C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe"O4 - HKLM\..\Run: [cssauth] "C:\Program Files\Lenovo\Client Security Solution\cssauth.exe" silentO4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exeO4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"O4 - HKLM\..\Run: [searchSettings] C:\Program Files\pdfforge Toolbar\SearchSettings.exeO4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exeO4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exeO4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exeO4 - Global Startup: BTTray.lnk = ?O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZUman000O8 - Extra context menu item: &WordWeb... - res://C:\WINDOWS\wweb32.dll/lookup.htmlO8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000O8 - Extra context menu item: Wyślij do urządzenia &Bluetooth... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htmO9 - Extra button: (no name) - {0045D4BC-5189-4b67-969C-83BB1906C421} - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dllO9 - Extra 'Tools' menuitem: ThinkVantage Password Manager... - {0045D4BC-5189-4b67-969C-83BB1906C421} - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dllO9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dllO9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dllO9 - Extra button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLLO9 - Extra button: System Update - {DA320635-F48C-4613-8325-D75A933C549E} - C:\Program Files\Lenovo\System Update\sulauncher.exeO9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO14 - IERESET.INF: START_PAGE_URL=http://www.lenovo.com/welcome/3000notebookO18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLLO20 - Winlogon Notify: ACNotify - ACNotify.dll (file missing)O23 - Service: Ac Profile Manager Service (AcPrfMgrSvc) - Unknown owner - C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exeO23 - Service: Access Connections Main Service (AcSvc) - Lenovo - C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exeO23 - Service: avast! iAVS4 Control Service (aswupdsv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exeO23 - Service: avast! Antivirus (avast! antivirus) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exeO23 - Service: avast! Mail Scanner (avast! mail scanner) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exeO23 - Service: avast! Web Scanner (avast! web scanner) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exeO23 - Service: Usługa inteligentnego transferu w tle (BITS) - Unknown owner - C:\WINDOWS\O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\Lenovo\Bluetooth Software\bin\btwdins.exeO23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exeO23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exeO23 - Service: Harmonogram automatycznej usługi LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exeO23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exeO23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXEO23 - Service: Usługa Auto-Protect programu Norton AntiVirus (navapsvc) - Unknown owner - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe (file missing)O23 - Service: Softex OmniPass Service (omniserv) - Softex Inc. - C:\Program Files\Softex\OmniPass\Omniserv.exeO23 - Service: PMSveH - Lenovo - C:\Program Files\Lenovo\PM Driver\PMSveH.exeO23 - Service: IBM PSA Access Driver Control (PsaSrv) - Unknown owner - C:\WINDOWS\system32\PsaSrv.exeO23 - Service: System Update (SUService) - - c:\program files\lenovo\system update\suservice.exeO23 - Service: ThinkVantage Registry Monitor Service - Unknown owner - C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exeO23 - Service: TVT Backup Service - Lenovo Group Limited - C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exeO23 - Service: TVT Scheduler - Lenovo Group Limited - C:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exeO23 - Service: Aktualizacje automatyczne (wuauserv) - Unknown owner - C:\WINDOWS\O24 - Desktop Component 0: (no name) - http://www.krajobrazy.net.pl/foto/tapety120/w36.jpg Log ComboFix: ComboFix 09-05-26.05 - Manciu 2009-05-28 16:31.1 - NTFSx86Microsoft Windows XP Home Edition 5.1.2600.2.1250.48.1045.18.502.153 [GMT 2:00]Uruchomiony z: c:\documents and settings\Manciu\Pulpit\ComboFix.exe.((((((((((((((((((((((((((((((((((((((( Usunięto ))))))))))))))))))))))))))))))))))))))))))))))))).c:\documents and settings\Manciu\Dane aplikacji\ShoppingReportc:\documents and settings\Manciu\Dane aplikacji\ShoppingReport\cs\Config.xmlc:\documents and settings\Manciu\Dane aplikacji\ShoppingReport\cs\db\Aliases.dbsc:\documents and settings\Manciu\Dane aplikacji\ShoppingReport\cs\db\Sites.dbsc:\documents and settings\Manciu\Dane aplikacji\ShoppingReport\cs\dwld\WhiteList.xipc:\documents and settings\Manciu\Dane aplikacji\ShoppingReport\cs\report\aggr_storage.xmlc:\documents and settings\Manciu\Dane aplikacji\ShoppingReport\cs\report\send_storage.xmlc:\documents and settings\Manciu\Dane aplikacji\ShoppingReport\cs\res1\WhiteList.dbsc:\documents and settings\Manciu\Dane aplikacji\wiaserva.logc:\program files\FunWebProductsc:\program files\FunWebProducts\ScreenSaver\Images\[u]0[/u]1A0215B.urrc:\program files\FunWebProducts\Shared\Cache\CursorManiaBtn.htmlc:\program files\FunWebProducts\Shared\Cache\SmileyCentralBtn.htmlc:\program files\FunWebProducts\Shared\Cache\WebfettiBtn.htmlc:\program files\Internet Explorer\msimg32.dllc:\program files\MyWebSearchc:\program files\MyWebSearch\bar\1.bin\F3BKGERR.JPGc:\program files\MyWebSearch\bar\1.bin\F3CJPEG.DLLc:\program files\MyWebSearch\bar\1.bin\F3DTACTL.DLLc:\program files\MyWebSearch\bar\1.bin\F3HISTSW.DLLc:\program files\MyWebSearch\bar\1.bin\F3HTMLMU.DLLc:\program files\MyWebSearch\bar\1.bin\F3HTTPCT.DLLc:\program files\MyWebSearch\bar\1.bin\F3IMSTUB.DLLc:\program files\MyWebSearch\bar\1.bin\F3POPSWT.DLLc:\program files\MyWebSearch\bar\1.bin\F3PSSAVR.SCRc:\program files\MyWebSearch\bar\1.bin\F3REPROX.DLLc:\program files\MyWebSearch\bar\1.bin\F3RESTUB.DLLc:\program files\MyWebSearch\bar\1.bin\F3SCHMON.EXEc:\program files\MyWebSearch\bar\1.bin\F3SCRCTR.DLLc:\program files\MyWebSearch\bar\1.bin\F3SPACER.WMVc:\program files\MyWebSearch\bar\1.bin\F3WALLPP.DATc:\program files\MyWebSearch\bar\1.bin\F3WPHOOK.DLLc:\program files\MyWebSearch\bar\1.bin\FWPBUDDY.PNGc:\program files\MyWebSearch\bar\1.bin\M3FFXTBR.JARc:\program files\MyWebSearch\bar\1.bin\M3FFXTBR.MANIFESTc:\program files\MyWebSearch\bar\1.bin\M3HIGHIN.EXEc:\program files\MyWebSearch\bar\1.bin\M3HTML.DLLc:\program files\MyWebSearch\bar\1.bin\M3IDLE.DLLc:\program files\MyWebSearch\bar\1.bin\M3IMPIPE.EXEc:\program files\MyWebSearch\bar\1.bin\M3MEDINT.EXEc:\program files\MyWebSearch\bar\1.bin\M3MSG.DLLc:\program files\MyWebSearch\bar\1.bin\M3NTSTBR.JARc:\program files\MyWebSearch\bar\1.bin\M3NTSTBR.MANIFESTc:\program files\MyWebSearch\bar\1.bin\M3OUTLCN.DLLc:\program files\MyWebSearch\bar\1.bin\M3PLUGIN.DLLc:\program files\MyWebSearch\bar\1.bin\M3SKIN.DLLc:\program files\MyWebSearch\bar\1.bin\M3SKPLAY.EXEc:\program files\MyWebSearch\bar\1.bin\M3SLSRCH.EXEc:\program files\MyWebSearch\bar\1.bin\M3SRCHMN.EXEc:\program files\MyWebSearch\bar\1.bin\MWSBAR.DLLc:\program files\MyWebSearch\bar\1.bin\MWSOEMON.EXEc:\program files\MyWebSearch\bar\1.bin\MWSOEPLG.DLLc:\program files\MyWebSearch\bar\1.bin\MWSOESTB.DLLc:\program files\MyWebSearch\bar\1.bin\MWSSVC.EXEc:\program files\MyWebSearch\bar\1.bin\NPMYWEBS.DLLc:\program files\MyWebSearch\bar\Avatar\COMMON.F3Sc:\program files\MyWebSearch\bar\Cache\[u]0[/u]16BC7BFc:\program files\MyWebSearch\bar\Cache\[u]0[/u]181751F.binc:\program files\MyWebSearch\bar\Cache\[u]0[/u]1817BE6.binc:\program files\MyWebSearch\bar\Cache\[u]0[/u]18185B9c:\program files\MyWebSearch\bar\Cache\[u]0[/u]61AA3A5.binc:\program files\MyWebSearch\bar\Cache\[u]0[/u]61AC6BD.binc:\program files\MyWebSearch\bar\Cache\[u]0[/u]61AEF34.binc:\program files\MyWebSearch\bar\Cache\[u]0[/u]61AFE28.binc:\program files\MyWebSearch\bar\Cache\files.inic:\program files\MyWebSearch\bar\Game\CHECKERS.F3Sc:\program files\MyWebSearch\bar\Game\CHESS.F3Sc:\program files\MyWebSearch\bar\Game\REVERSI.F3Sc:\program files\MyWebSearch\bar\History\search3c:\program files\MyWebSearch\bar\icons\CM.ICOc:\program files\MyWebSearch\bar\icons\MFC.ICOc:\program files\MyWebSearch\bar\icons\PSS.ICOc:\program files\MyWebSearch\bar\icons\SMILEY.ICOc:\program files\MyWebSearch\bar\icons\WB.ICOc:\program files\MyWebSearch\bar\icons\ZWINKY.ICOc:\program files\MyWebSearch\bar\Message\COMMON.F3Sc:\program files\MyWebSearch\bar\Notifier\COMMON.F3Sc:\program files\MyWebSearch\bar\Notifier\DOG.F3Sc:\program files\MyWebSearch\bar\Notifier\FISH.F3Sc:\program files\MyWebSearch\bar\Notifier\KUNGFU.F3Sc:\program files\MyWebSearch\bar\Notifier\LIFEGARD.F3Sc:\program files\MyWebSearch\bar\Notifier\MAID.F3Sc:\program files\MyWebSearch\bar\Notifier\MAILBOX.F3Sc:\program files\MyWebSearch\bar\Notifier\OPERA.F3Sc:\program files\MyWebSearch\bar\Notifier\ROBOT.F3Sc:\program files\MyWebSearch\bar\Notifier\SEDUCT.F3Sc:\program files\MyWebSearch\bar\Notifier\SURFER.F3Sc:\program files\MyWebSearch\bar\Settings\prevcfg2.htmc:\program files\MyWebSearch\bar\Settings\s_pid.datc:\program files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLLc:\program files\ShoppingReportc:\program files\ShoppingReport\Uninst.exec:\program files\ThinkPad\ConnectUtilities\ACGina.dllc:\windows\IE4 Error Log.txtc:\windows\system32\drivers\71d21861.sysc:\windows\system32\drivers\str.sysc:\windows\system32\f3PSSavr.scrc:\windows\system32\wbem\grpconv.exec:\windows\system32\wbem\proquota.exec:\windows\system32\grpconv.exe was missing Plik odzyskano z - c:\windows\system32\proquota.exe was missing Plik odzyskano z - .((((((((((((((((((((((((((((((((((((((( Sterowniki/Usługi ))))))))))))))))))))))))))))))))))))))))))))))))).-------\Legacy_MYWEBSEARCHSERVICE-------\Legacy_RASAUTODCOMLAUNCH-------\Service_71d21861-------\Service_MyWebSearchService-------\Service_RasAutoDcomLaunch((((((((((((((((((((((((( Pliki utworzone od 2009-04-28 do 2009-05-28 ))))))))))))))))))))))))))))))).2009-05-28 14:38 . 2004-08-04 20:00 50688 ----a-w c:\windows\system32\proquota.exe2009-05-28 14:38 . 2004-08-04 20:00 50688 ----a-w c:\windows\system32\dllcache\proquota.exe2009-05-28 14:37 . 2004-08-04 20:00 39424 ----a-w c:\windows\system32\grpconv.exe2009-05-28 14:37 . 2004-08-04 20:00 39424 ----a-w c:\windows\system32\dllcache\grpconv.exe2009-05-28 12:48 . 2009-02-05 20:06 23152 ----a-w c:\windows\system32\drivers\aswRdr.sys2009-05-28 12:48 . 2009-02-05 20:06 51376 ----a-w c:\windows\system32\drivers\aswTdi.sys2009-05-28 12:48 . 2009-02-05 20:05 26944 ----a-w c:\windows\system32\drivers\aavmker4.sys2009-05-28 12:48 . 2009-02-05 20:04 97480 ----a-w c:\windows\system32\AvastSS.scr2009-05-28 12:48 . 2009-02-05 20:08 93296 ----a-w c:\windows\system32\drivers\aswmon.sys2009-05-28 12:48 . 2009-02-05 20:08 94032 ----a-w c:\windows\system32\drivers\aswmon2.sys2009-05-28 12:48 . 2009-02-05 20:07 114768 ----a-w c:\windows\system32\drivers\aswSP.sys2009-05-28 12:48 . 2009-02-05 20:07 20560 ----a-w c:\windows\system32\drivers\aswFsBlk.sys2009-05-28 12:48 . 2009-02-05 20:11 1256296 ----a-w c:\windows\system32\aswBoot.exe2009-05-28 12:47 . 2009-05-28 12:47 -------- d-----w c:\program files\Alwil Software2009-05-27 17:39 . 2009-05-27 17:39 -------- d-----w c:\program files\Trend Micro2009-05-27 17:28 . 2009-05-27 17:28 -------- d-----w c:\program files\ClustalX22009-05-27 17:25 . 2009-05-28 14:15 -------- d-----w c:\program files\Symantec2009-05-27 16:57 . 2009-05-27 16:57 96976 ----a-w c:\windows\system32\drivers\klin.dat2009-05-27 16:57 . 2009-05-27 16:57 87855 ----a-w c:\windows\system32\drivers\klick.dat2009-05-27 16:55 . 2009-05-27 17:04 32 --sha-w c:\windows\system32\drivers\fidbox2.dat2009-05-27 16:55 . 2009-05-27 17:04 32 --sha-w c:\windows\system32\drivers\fidbox.dat2009-05-27 16:55 . 2009-05-27 16:55 -------- d-----w c:\program files\Kaspersky Lab2009-05-27 16:55 . 2009-05-27 16:55 -------- d-----w c:\documents and settings\All Users\Dane aplikacji\Kaspersky Lab2009-05-26 12:56 . 2009-05-26 12:56 -------- d-----w c:\documents and settings\Manciu\Dotter2009-05-25 23:50 . 2009-05-26 00:18 108080641 ----a-w c:\documents and settings\Manciu\Dane aplikacji\Opera\Opera\profile\cache4\temporary_download\OOo_3.1.0_Win32Intel_install_pl.exe2009-05-25 06:01 . 2009-05-28 14:44 115008 ----a-w c:\windows\system32\drivers\91ed905f.sys2009-05-21 17:42 . 2009-05-21 17:42 -------- d-----w c:\program files\LGE GSM PC Sync2009-05-21 17:42 . 2009-05-21 17:42 -------- d-----w c:\program files\eMule2009-05-20 09:33 . 2009-05-21 17:45 -------- d-----w c:\documents and settings\Administrator.LENOVO-49028DC7\Dane aplikacji2009-05-20 09:33 . 2006-03-24 15:15 135 ----a-w c:\documents and settings\Administrator.LENOVO-49028DC7\Ustawienia lokalne\Dane aplikacji\fusioncache.dat2009-05-20 09:33 . 2009-05-21 17:45 -------- d-----w c:\documents and settings\Administrator.LENOVO-49028DC7\Ustawienia lokalne\Dane aplikacji\Microsoft2009-05-20 09:33 . 2009-05-21 17:45 -------- d-----w c:\documents and settings\Administrator.LENOVO-49028DC7\Ustawienia lokalne2009-05-20 09:33 . 2009-05-21 17:45 -------- d-----w c:\documents and settings\Administrator.LENOVO-49028DC7\Ulubione2009-05-20 09:33 . 2009-05-21 17:45 -------- d-----w c:\documents and settings\Administrator.LENOVO-49028DC7\Moje dokumenty2009-05-20 09:33 . 2009-05-21 17:45 -------- d-----w c:\documents and settings\Administrator.LENOVO-49028DC7\Szablony2009-05-20 09:33 . 2009-05-21 17:45 -------- d-s---w c:\documents and settings\Administrator.LENOVO-49028DC72009-05-20 08:43 . 2009-05-21 17:47 -------- d-----w c:\documents and settings\All Users\Dane aplikacji\G DATA2009-05-20 08:42 . 2009-05-20 08:42 -------- d-----w c:\windows\l2schemas2009-05-20 08:39 . 2009-05-21 17:48 -------- d-----w c:\program files\Common Files\G DATA2009-05-20 08:39 . 2009-05-20 08:39 -------- d-----w c:\program files\G DATA2009-05-11 18:56 . 2009-05-11 18:56 -------- d-----w c:\documents and settings\Manciu\.gstreamer-0.102009-05-11 18:04 . 2009-05-11 18:04 -------- d-----w c:\documents and settings\Manciu\Dane aplikacji\OpenFM2009-05-10 10:05 . 2009-05-10 17:11 -------- d-----w c:\documents and settings\Manciu\Dane aplikacji\Nowe Gadu-Gadu2009-05-10 10:04 . 2009-05-26 16:09 -------- d-----w c:\program files\Nowe Gadu-Gadu2009-05-05 12:30 . 2009-05-25 06:01 195 --s-a-w c:\windows\system32\2090242729.dat2009-05-02 17:05 . 1996-12-03 11:07 403216 ------w c:\windows\system32\msrepl35.dll2009-05-02 17:05 . 1997-09-30 23:00 377344 ------w c:\windows\system\Mm.dll2009-05-02 17:05 . 1997-09-30 23:00 247808 ------w c:\windows\system\DATABASE.DLL2009-05-02 17:05 . 2009-05-02 17:05 -------- d-----w c:\program files\Bio-Rad Laboratories.(((((((((((((((((((((((((((((((((((((((( Sekcja Find3M )))))))))))))))))))))))))))))))))))))))))))))))))))).2009-05-28 14:15 . 2006-12-21 03:59 -------- d-----w c:\program files\Common Files\Symantec Shared2009-05-28 13:28 . 2008-12-31 10:00 -------- d-----w c:\program files\Perfect Defender 20092009-05-28 12:44 . 2006-12-21 03:59 -------- d---a-w c:\documents and settings\All Users\Dane aplikacji\Symantec2009-05-27 17:13 . 2009-05-27 17:13 3676 ----a-w c:\windows\system32\PerfStringBackup.TMP2009-05-27 17:13 . 2006-12-21 11:25 515016 ----a-w c:\windows\system32\perfh015.dat2009-05-27 17:13 . 2006-12-21 11:25 100430 ----a-w c:\windows\system32\perfc015.dat2009-05-27 17:04 . 2009-05-27 16:55 32 --sha-w c:\windows\system32\drivers\fidbox2.idx2009-05-27 17:04 . 2009-05-27 16:55 32 --sha-w c:\windows\system32\drivers\fidbox.idx2009-05-27 15:59 . 2007-03-04 00:43 -------- d---a-w c:\documents and settings\Manciu\Dane aplikacji\Symantec2009-05-27 15:56 . 2006-12-21 03:58 -------- d-----w c:\program files\PCDR52009-05-24 14:10 . 2006-12-21 04:10 5427 ----a-w c:\windows\system32\EGATHDRV.SYS2009-05-21 13:46 . 2008-02-12 00:03 -------- d-----w c:\documents and settings\Manciu\Dane aplikacji\skypePM2009-05-10 10:03 . 2007-03-09 16:45 -------- d-----w c:\program files\Gadu-Gadu2009-05-09 19:44 . 2008-02-29 18:53 -------- d-----w c:\documents and settings\Manciu\Dane aplikacji\Skype2009-04-29 13:23 . 2007-11-29 09:22 -------- d-----w c:\program files\English Translator 32009-04-26 09:22 . 2007-10-22 19:44 -------- d-----w c:\program files\Leksykonia2009-04-01 19:00 . 2009-04-01 18:59 -------- d-----w c:\documents and settings\Manciu\Dane aplikacji\pdfforge2009-04-01 18:59 . 2009-04-01 18:59 -------- d-----w c:\documents and settings\Manciu\Dane aplikacji\Search Settings2009-03-31 20:55 . 2009-03-31 20:54 -------- d-----w c:\program files\pdfforge Toolbar2009-03-06 14:01 . 2006-12-21 11:26 285696 ----a-w c:\windows\system32\pdh.dll2004-07-22 08:51 . 2004-07-22 08:51 3432656 -c--a-w c:\program files\ManagedDX.CAB2004-07-19 20:58 . 2004-07-19 20:58 1156363 -c--a-w c:\program files\BDANT.cab2004-07-19 20:53 . 2004-07-19 20:53 976020 -c--a-w c:\program files\BDAXP.cab2004-07-09 12:17 . 2004-07-09 12:17 13265040 -c--a-w c:\program files\dxnt.cab2004-07-09 07:13 . 2004-07-09 07:13 15493481 -c--a-w c:\program files\DirectX.cab2004-07-09 07:13 . 2004-07-09 07:13 703080 -c--a-w c:\program files\BDA.cab2004-07-09 02:08 . 2004-07-09 02:08 472576 -c--a-w c:\program files\dxsetup.exe2004-07-09 02:08 . 2004-07-09 02:08 2242560 -c--a-w c:\program files\dsetup32.dll2004-07-09 01:03 . 2004-07-09 01:03 62976 -c--a-w c:\program files\DSETUP.dll2008-01-03 17:19 . 2008-01-13 01:01 581632 ----a-w c:\program files\opera\program\plugins\Control.dll2008-01-03 17:01 . 2008-01-13 01:01 1490944 ----a-w c:\program files\opera\program\plugins\dirapi.dll2008-01-03 17:20 . 2008-01-13 01:01 24576 ----a-w c:\program files\opera\program\plugins\DynaPlayer.dll2008-01-03 17:39 . 2008-01-13 00:59 1113600 ----a-w c:\program files\opera\program\plugins\gi.dll2008-01-03 16:46 . 2008-01-13 00:59 52288 ----a-w c:\program files\opera\program\plugins\gtapi.dll2008-01-03 16:59 . 2008-01-13 01:01 606208 ----a-w c:\program files\opera\program\plugins\iml32.dll2008-01-03 17:18 . 2008-01-13 01:09 339968 ----a-w c:\program files\opera\program\plugins\Plugin.dll2008-01-03 17:19 . 2008-01-13 01:01 475136 ----a-w c:\program files\opera\program\plugins\PluginPing.dll2008-01-03 17:11 . 2008-01-13 01:01 180224 ----a-w c:\program files\opera\program\plugins\Proj.dll2008-01-03 17:18 . 2008-01-13 01:01 86016 ----a-w c:\program files\opera\program\plugins\SwMenu.dll2008-01-03 17:22 . 2008-01-13 01:01 98304 ----a-w c:\program files\opera\program\plugins\SwOnce.dll2008-01-03 16:46 . 2008-01-13 00:59 50808 ----a-w c:\program files\opera\program\plugins\SYMCCHECKER.DLL.((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru ))))))))))))))))))))))))))))))))))))))))))))))))))..*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane REGEDIT4[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{B922D405-6D13-4A2B-AE89-08A030DA4402}]2009-01-30 13:12 650752 ----a-w c:\program files\pdfforge Toolbar\WidgiToolbarIE.dll[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2004-08-04 15360][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-05-19 774233]"TPHOTKEY"="c:\program files\Lenovo\HOTKEY\TPHKMGR.exe" [2006-05-08 94208]"TPWAUDAP"="c:\program files\Lenovo\HOTKEY\TpWAudAp.exe" [2006-04-19 24576]"PMHandler"="c:\progra~1\Lenovo\PMDRIV~1\PMHandler.exe" [2006-08-21 33128]"Broadcom Wireless Manager UI"="c:\windows\system32\WLTRAY.exe" [2006-06-25 1273856]"igfxtray"="c:\windows\system32\igfxtray.exe" [2006-03-23 94208]"igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2006-03-23 77824]"igfxpers"="c:\windows\system32\igfxpers.exe" [2006-03-23 118784]"snp2std"="c:\windows\vsnp2std.exe" [2006-07-10 675840]"OmniPass"="c:\program files\Softex\OmniPass\scureapp.exe" [2006-10-16 2502656]"TVT Scheduler Proxy"="c:\program files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe" [2006-07-14 503808]"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-07-27 221184]"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2004-07-27 81920]"LPManager"="c:\progra~1\Lenovo\LENOVO~2\LPMGR.exe" [2006-07-03 110592]"AMSG"="c:\progra~1\THINKV~1\AMSG\amsg.exe" [2005-11-22 507904]"DiskeeperSystray"="c:\program files\Diskeeper Corporation\Diskeeper\DkIcon.exe" [2006-05-18 196696]"cssauth"="c:\program files\Lenovo\Client Security Solution\cssauth.exe" [2006-07-14 2341632]"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]"SearchSettings"="c:\program files\pdfforge Toolbar\SearchSettings.exe" [2009-01-30 992256]"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-02-05 81000]"Skrót do strony właściwości High Definition Audio"="HDAShCut.exe" - c:\windows\system32\HdAShCut.exe [2005-01-07 61952]"AGRSMMSG"="AGRSMMSG.exe" - c:\windows\AGRSMMSG.exe [2006-08-30 89542][HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-04 15360]c:\documents and settings\All Users\Menu Start\Programy\Autostart\Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-9-24 29696]BTTray.lnk - c:\program files\Lenovo\Bluetooth Software\BTTray.exe [2006-1-17 618557][HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\OPXPGina]2006-10-16 13:30 49152 ------w c:\program files\Softex\OmniPass\OPXPGina.dll[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ACNotify]2006-10-05 18:53 32768 ------w c:\program files\ThinkPad\ConnectUtilities\ACNotify.dll[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\tphotkey]2006-01-11 06:05 13824 ------w c:\windows\system32\tphklock.dll[HKEY_LOCAL_MACHINE\software\microsoft\security center]"AntiVirusDisableNotify"=dword:00000001"UpdatesDisableNotify"=dword:00000001[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]"%windir%\\system32\\sessmgr.exe"="c:\\WINDOWS\\system32\\dpvsetup.exe"="c:\\Program Files\\Messenger\\msmsgs.exe"="c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="c:\\Program Files\\Opera\\Opera.exe"="c:\\Program Files\\CambridgeSoft\\ChemOffice2008\\ChemDraw\\ChemDraw.exe"="c:\\Program Files\\Sports Interactive\\Football Manager 2008\\fm.exe"="c:\\Program Files\\Skype\\Phone\\Skype.exe"="c:\\Program Files\\Nowe Gadu-Gadu\\gg.exe"=R1 aswsp;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2009-05-28 114768]R1 PMHler;PMHler;c:\windows\system32\drivers\PMHler.sys [2006-05-24 10240]R2 aswfsblk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2009-05-28 20560]R2 Harmonogram automatycznej usługi LiveUpdate;Harmonogram automatycznej usługi LiveUpdate;c:\program files\Symantec\LiveUpdate\AluSchedulerSvc.exe [2007-03-09 100032]R2 MSSQL$CSSQL05;SQL Server (CSSQL05);c:\program files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2008-11-24 29263712]R2 smi2;smi2;c:\program files\SMI2\smi2.sys [2006-07-14 3968]S3 st3bus28;st3bus28;c:\windows\system32\DRIVERS\st3bus28.sys --> c:\windows\system32\DRIVERS\st3bus28.sys [?]--- Inne Usługi/Sterowniki w Pamięci ---*NewlyCreated* - aswrdr*NewlyCreated* - avast!_mail_scanner*NewlyCreated* - avast!_web_scanner.- - - - USUNIĘTO PUSTE WPISY - - - -HKCU-Run-BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} - c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exeHKLM-Run-Onet.pl AutoUpdate - c:\program files\Common Files\Onet.pl\NewAutoUpdate.exeHKLM-Run-MyWebSearch Plugin - c:\progra~1\MYWEBS~1\bar\1.bin\M3PLUGIN.DLLHKLM-Run-winssvc - c:\documents and settings\Manciu\Dane aplikacji\Google\pzpsp23511834.exeNotify-WgaLogon - (no file)SafeBoot-procexp90.sys.------- Skan uzupełniający -------.uInternet Connection Wizard,ShellNext = iexploreIE: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZUman000IE: &WordWeb... - c:\windows\wweb32.dll/lookup.htmlIE: E&ksport do programu Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000IE: Wyślij do urządzenia &Bluetooth... - c:\program files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htmDPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab.**************************************************************************catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.netRootkit scan 2009-05-28 16:44Windows 5.1.2600 Dodatek Service Pack 2 NTFSskanowanie ukrytych procesów ... skanowanie ukrytych wpisów autostartu ... skanowanie ukrytych plików ... **************************************************************************Binary file raw_enum.dat matches.--------------------- Pliki DLL ładowane pod uruchomionymi procesami ---------------------- - - - - - - > 'winlogon.exe'(1736)c:\program files\ThinkPad\ConnectUtilities\ACNotify.dllc:\program files\ThinkPad\ConnectUtilities\AcSvcStub.dllc:\program files\ThinkPad\ConnectUtilities\AcLocSettings.dllc:\program files\ThinkPad\ConnectUtilities\ACHelper.dllc:\windows\system32\cscdll.dllc:\program files\Softex\OmniPass\opxpgina.dllc:\windows\system32\tphklock.dllc:\windows\System32\BCMLogon.dll- - - - - - - > 'explorer.exe'(2100)c:\windows\system32\WPDShServiceObj.dllc:\windows\system32\btncopy.dllc:\windows\system32\PortableDeviceTypes.dllc:\windows\system32\PortableDeviceApi.dll.------------------------ Pozostałe uruchomione procesy ------------------------.c:\program files\Alwil Software\Avast4\aswUpdSv.exec:\program files\Alwil Software\Avast4\ashServ.exec:\program files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exec:\program files\Lenovo\Bluetooth Software\bin\btwdins.exec:\program files\Diskeeper Corporation\Diskeeper\DkService.exec:\program files\Softex\OmniPass\OmniServ.exec:\program files\Lenovo\PM Driver\PMSveH.exec:\program files\Microsoft SQL Server\90\Shared\sqlbrowser.exec:\program files\Microsoft SQL Server\90\Shared\sqlwriter.exec:\program files\Lenovo\System Update\SUService.exec:\program files\Common Files\Lenovo\tvt_reg_monitor_svc.exec:\program files\Lenovo\Rescue and Recovery\rrservice.exec:\program files\Common Files\Lenovo\Scheduler\tvtsched.exec:\program files\Common Files\Lenovo\Logger\logmon.exec:\program files\ThinkPad\ConnectUtilities\AcSvc.exec:\program files\Softex\OmniPass\OPXPApp.exec:\program files\Alwil Software\Avast4\ashMaiSv.exec:\program files\Alwil Software\Avast4\ashWebSv.exec:\windows\system32\wbem\wmiapsrv.exec:\program files\ThinkPad\ConnectUtilities\SvcGuiHlpr.exec:\program files\Java\jre1.6.0_07\bin\jucheck.exe.**************************************************************************.Czas ukończenia: 2009-05-28 16:54 - komputer został uruchomiony ponownieComboFix-quarantined-files.txt 2009-05-28 14:52Przed: 8 421 535 744 bajtów wolnychPo: 8 407 629 824 bajtów wolnychWindowsXP-KB310994-SP2-Home-BootDisk-PLK.exe[boot loader]timeout=2default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS[operating systems]c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdconsmulti(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect363 --- E O F --- 2009-05-13 13:04
Gość komentarz 29 maja 2009 komentarz 29 maja 2009 Użyj programu Malwarebytes' Anti-Malware i daj z niego raport. .
manciu komentarz 29 maja 2009 Autor komentarz 29 maja 2009 Malwarebytes' Anti-Malware 1.37Wersja bazy definicji: 2188Windows 5.1.2600 Dodatek Service Pack 22009-05-28 20:51:10mbam-log-2009-05-28 (20-51-10).txtTyp skanowania: Pełne skanowanie (C:\|)Przeskanowane obiekty: 194220Upłynęło: 1 hour(s), 12 minute(s), 47 second(s)Zainfekowane procesy w pamięci: 0Zainfekowane moduły pamięci: 0Zainfekowane klucze rejestru: 98Zainfekowane wartości rejestru: 3Zainfekowane pliki rejestru: 2Zainfekowane foldery: 3Zainfekowane pliki: 63Zainfekowane procesy w pamięci:(Nie wykryto groźnych plików)Zainfekowane moduły pamięci:(Nie wykryto groźnych plików)Zainfekowane klucze rejestru:HKEY_CLASSES_ROOT\funwebproducts.datacontrol.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.HKEY_CLASSES_ROOT\funwebproducts.historykillerscheduler (Adware.MyWebSearch) -> Quarantined and deleted successfully.HKEY_CLASSES_ROOT\funwebproducts.historykillerscheduler.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.HKEY_CLASSES_ROOT\funwebproducts.historyswattercontrolbar (Adware.MyWebSearch) -> Quarantined and deleted successfully.HKEY_CLASSES_ROOT\funwebproducts.historyswattercontrolbar.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.HKEY_CLASSES_ROOT\funwebproducts.htmlmenu (Adware.MyWebSearch) -> Quarantined and deleted successfully.HKEY_CLASSES_ROOT\funwebproducts.htmlmenu.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.HKEY_CLASSES_ROOT\funwebproducts.htmlmenu.2 (Adware.MyWebSearch) -> Quarantined and deleted successfully.HKEY_CLASSES_ROOT\funwebproducts.iecookiesmanager (Adware.MyWebSearch) -> Quarantined and deleted successfully.HKEY_CLASSES_ROOT\funwebproducts.iecookiesmanager.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.HKEY_CLASSES_ROOT\funwebproducts.killerobjmanager (Adware.MyWebSearch) -> Quarantined and deleted successfully.HKEY_CLASSES_ROOT\funwebproducts.killerobjmanager.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.HKEY_CLASSES_ROOT\funwebproducts.popswatterbarbutton (Adware.MyWebSearch) -> Quarantined and deleted successfully.HKEY_CLASSES_ROOT\funwebproducts.popswatterbarbutton.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.HKEY_CLASSES_ROOT\funwebproducts.popswattersettingscontrol (Adware.MyWebSearch) -> Quarantined and deleted successfully.HKEY_CLASSES_ROOT\funwebproducts.popswattersettingscontrol.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.HKEY_CLASSES_ROOT\mywebsearch.chatsessionplugin (Adware.MyWebSearch) -> Quarantined and deleted successfully.HKEY_CLASSES_ROOT\mywebsearch.chatsessionplugin.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.HKEY_CLASSES_ROOT\mywebsearch.htmlpanel (Adware.MyWebSearch) -> Quarantined and deleted successfully.HKEY_CLASSES_ROOT\mywebsearch.htmlpanel.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.HKEY_CLASSES_ROOT\mywebsearch.outlookaddin (Adware.MyWebSearch) -> Quarantined and deleted successfully.HKEY_CLASSES_ROOT\mywebsearch.outlookaddin.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.HKEY_CLASSES_ROOT\mywebsearch.pseudotransparentplugin (Adware.MyWebSearch) -> Quarantined and deleted successfully.HKEY_CLASSES_ROOT\mywebsearch.pseudotransparentplugin.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.HKEY_CLASSES_ROOT\mywebsearchtoolbar.settingsplugin (Adware.MyWebSearch) -> Quarantined and deleted successfully.HKEY_CLASSES_ROOT\mywebsearchtoolbar.settingsplugin.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.HKEY_CLASSES_ROOT\mywebsearchtoolbar.toolbarplugin (Adware.MyWebSearch) -> Quarantined and deleted successfully.HKEY_CLASSES_ROOT\mywebsearchtoolbar.toolbarplugin.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.HKEY_CLASSES_ROOT\screensavercontrol.screensaverinstaller (Adware.MyWebSearch) -> Quarantined and deleted successfully.HKEY_CLASSES_ROOT\screensavercontrol.screensaverinstaller.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.HKEY_CLASSES_ROOT\slidershow.slidershowctrl (Adware.LuckyTender) -> Quarantined and deleted successfully.HKEY_CLASSES_ROOT\slidershow.slidershowctrl.1 (Adware.LuckyTender) -> Quarantined and deleted successfully.HKEY_CLASSES_ROOT\Interface\{07b18eaa-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.HKEY_CLASSES_ROOT\Interface\{07b18eac-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.HKEY_CLASSES_ROOT\Interface\{1093995a-ba37-41d2-836e-091067c4ad17} (Adware.MyWebSearch) -> Quarantined and deleted successfully.HKEY_CLASSES_ROOT\Interface\{120927bf-1700-43bc-810f-fab92549b390} (Adware.MyWebSearch) -> Quarantined and deleted successfully.HKEY_CLASSES_ROOT\Interface\{17de5e5e-bfe3-4e83-8e1f-8755795359ec} (Adware.MyWebSearch) -> Quarantined and deleted successfully.HKEY_CLASSES_ROOT\Interface\{1f52a5fa-a705-4415-b975-88503b291728} (Adware.MyWebSearch) -> Quarantined and deleted successfully.HKEY_CLASSES_ROOT\Interface\{247a115f-06c2-4fb3-967d-2d62d3cf4f0a} (Adware.MyWebSearch) -> Quarantined and deleted successfully.HKEY_CLASSES_ROOT\Interface\{2e3537fc-cf2f-4f56-af54-5a6a3dd375cc} (Adware.MyWebSearch) -> Quarantined and deleted successfully.HKEY_CLASSES_ROOT\Interface\{2e9937fc-cf2f-4f56-af54-5a6a3dd375cc} (Adware.MyWebSearch) -> Quarantined and deleted successfully.HKEY_CLASSES_ROOT\Interface\{3e1656ed-f60e-4597-b6aa-b6a58e171495} (Adware.MyWebSearch) -> Quarantined and deleted successfully.HKEY_CLASSES_ROOT\Interface\{3e53e2cb-86db-4a4a-8bd9-ffeb7a64df82} (Adware.MyWebSearch) -> Quarantined and deleted successfully.HKEY_CLASSES_ROOT\Interface\{3e720451-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> Quarantined and deleted successfully.HKEY_CLASSES_ROOT\Interface\{3e720453-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> Quarantined and deleted successfully.HKEY_CLASSES_ROOT\Interface\{63d0ed2b-b45b-4458-8b3b-60c69bbbd83c} (Adware.MyWebSearch) -> Quarantined and deleted successfully.HKEY_CLASSES_ROOT\Interface\{63d0ed2d-b45b-4458-8b3b-60c69bbbd83c} (Adware.MyWebSearch) -> Quarantined and deleted successfully.HKEY_CLASSES_ROOT\Interface\{6e74766c-4d93-4cc0-96d1-47b8e07ff9ca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.HKEY_CLASSES_ROOT\Interface\{72ee7f04-15bd-4845-a005-d6711144d86a} (Adware.MyWebSearch) -> Quarantined and deleted successfully.HKEY_CLASSES_ROOT\Interface\{741de825-a6f0-4497-9aa6-8023cf9b0fff} (Adware.MyWebSearch) -> Quarantined and deleted successfully.HKEY_CLASSES_ROOT\Interface\{7473d291-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.HKEY_CLASSES_ROOT\Interface\{7473d293-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.HKEY_CLASSES_ROOT\Interface\{7473d295-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.HKEY_CLASSES_ROOT\Interface\{7473d297-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.HKEY_CLASSES_ROOT\Interface\{90449521-d834-4703-bb4e-d3aa44042ff8} (Adware.MyWebSearch) -> Quarantined and deleted successfully.HKEY_CLASSES_ROOT\Interface\{991aac62-b100-47ce-8b75-253965244f69} (Adware.MyWebSearch) -> Quarantined and deleted successfully.HKEY_CLASSES_ROOT\Interface\{a626cdbd-3d13-4f78-b819-440a28d7e8fc} (Adware.MyWebSearch) -> Quarantined and deleted successfully.HKEY_CLASSES_ROOT\Interface\{bbabdc90-f3d5-4801-863a-ee6ae529862d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.HKEY_CLASSES_ROOT\Interface\{cf54be1c-9359-4395-8533-1657cf209cfe} (Adware.MyWebSearch) -> Quarantined and deleted successfully.HKEY_CLASSES_ROOT\Interface\{d6ff3684-ad3b-48eb-bbb4-b9e6c5a355c1} (Adware.MyWebSearch) -> Quarantined and deleted successfully.HKEY_CLASSES_ROOT\Interface\{de38c398-b328-4f4c-a3ad-1b5e4ed93477} (Adware.MyWebSearch) -> Quarantined and deleted successfully.HKEY_CLASSES_ROOT\Interface\{e342af55-b78a-4cd0-a2bb-da7f52d9d25e} (Adware.MyWebSearch) -> Quarantined and deleted successfully.HKEY_CLASSES_ROOT\Interface\{e342af55-b78a-4cd0-a2bb-da7f52d9d25f} (Adware.MyWebSearch) -> Quarantined and deleted successfully.HKEY_CLASSES_ROOT\Interface\{e79dfbc9-5697-4fbd-94e5-5b2a9c7c1612} (Adware.MyWebSearch) -> Quarantined and deleted successfully.HKEY_CLASSES_ROOT\Interface\{e79dfbcb-5697-4fbd-94e5-5b2a9c7c1612} (Adware.MyWebSearch) -> Quarantined and deleted successfully.HKEY_CLASSES_ROOT\Interface\{eb9e5c1c-b1f9-4c2b-be8a-27d6446fdaf8} (Adware.MyWebSearch) -> Quarantined and deleted successfully.HKEY_CLASSES_ROOT\Interface\{f87d7fb5-9dc5-4c8c-b998-d8dfe02e2978} (Adware.MyWebSearch) -> Quarantined and deleted successfully.HKEY_CLASSES_ROOT\CLSID\{e79dfbca-5697-4fbd-94e5-5b2a9c7c1612} (Adware.MyWebSearch) -> Quarantined and deleted successfully.HKEY_CLASSES_ROOT\CLSID\{3794345d-c731-4fbb-8471-73ddc8dffdd2} (Adware.LuckyTender) -> Quarantined and deleted successfully.HKEY_CLASSES_ROOT\Typelib\{d518921a-4a03-425e-9873-b9a71756821e} (Adware.MyWebSearch) -> Quarantined and deleted successfully.HKEY_CLASSES_ROOT\Typelib\{07b18ea0-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.HKEY_CLASSES_ROOT\Typelib\{0d26bc71-a633-4e71-ad31-eadc3a1b6a3a} (Adware.MyWebSearch) -> Quarantined and deleted successfully.HKEY_CLASSES_ROOT\Typelib\{29d67d3c-509a-4544-903f-c8c1b8236554} (Adware.MyWebSearch) -> Quarantined and deleted successfully.HKEY_CLASSES_ROOT\Typelib\{3e720450-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> Quarantined and deleted successfully.HKEY_CLASSES_ROOT\Typelib\{7473d290-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.HKEY_CLASSES_ROOT\Typelib\{8ca01f0e-987c-49c3-b852-2f1ac4a7094c} (Adware.MyWebSearch) -> Quarantined and deleted successfully.HKEY_CLASSES_ROOT\Typelib\{8e6f1830-9607-4440-8530-13be7c4b1d14} (Adware.MyWebSearch) -> Quarantined and deleted successfully.HKEY_CLASSES_ROOT\Typelib\{c8cecde3-1ae1-4c4a-ad82-6d5b00212144} (Adware.MyWebSearch) -> Quarantined and deleted successfully.HKEY_CLASSES_ROOT\Typelib\{e47caee0-deea-464a-9326-3f2801535a4d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.HKEY_CLASSES_ROOT\Typelib\{e79dfbc0-5697-4fbd-94e5-5b2a9c7c1612} (Adware.MyWebSearch) -> Quarantined and deleted successfully.HKEY_CLASSES_ROOT\Typelib\{f42228fb-e84e-479e-b922-fbbd096e792c} (Adware.MyWebSearch) -> Quarantined and deleted successfully.HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{c5428486-50a0-4a02-9d20-520b59a9f9b3} (Adware.Shopping.Report) -> Quarantined and deleted successfully.HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0} (Trojan.Vundo) -> Quarantined and deleted successfully.HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0} (Trojan.Vundo) -> Quarantined and deleted successfully.HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{e79dfbca-5697-4fbd-94e5-5b2a9c7c1612} (Adware.MyWebSearch) -> Quarantined and deleted successfully.HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59c7fc09-1c83-4648-b3e6-003d2bbc7481} (Adware.MyWebSearch) -> Quarantined and deleted successfully.HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68af847f-6e91-45dd-9b68-d6a12c30e5d7} (Adware.MyWebSearch) -> Quarantined and deleted successfully.HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170b96c-28d4-4626-8358-27e6caeef907} (Adware.MyWebSearch) -> Quarantined and deleted successfully.HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{d1a71fa0-ff48-48dd-9b6d-7a13a3e42127} (Adware.MyWebSearch) -> Quarantined and deleted successfully.HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ddb1968e-ead6-40fd-8dae-ff14757f60c7} (Adware.MyWebSearch) -> Quarantined and deleted successfully.HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f138d901-86f0-4383-99b6-9cdd406036da} (Adware.MyWebSearch) -> Quarantined and deleted successfully.HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\luckytender (Adware.LuckyTender) -> Quarantined and deleted successfully.HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll (Adware.MyWay) -> Quarantined and deleted successfully.HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> Quarantined and deleted successfully.HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyWebSearch bar Uninstall (Adware.MyWebSearch) -> Quarantined and deleted successfully.HKEY_LOCAL_MACHINE\SOFTWARE\Fun Web Products (Adware.MyWebSearch) -> Quarantined and deleted successfully.HKEY_CURRENT_USER\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> Quarantined and deleted successfully.HKEY_CURRENT_USER\SOFTWARE\Fun Web Products (Adware.MyWebSearch) -> Quarantined and deleted successfully.Zainfekowane wartości rejestru:HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\CmdMapping\{c5428486-50a0-4a02-9d20-520b59a9f9b3} (Adware.Shopping.Report) -> Quarantined and deleted successfully.HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\&Search\ (Adware.Hotbar) -> Quarantined and deleted successfully.HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Media\WMSDK\Sources\f3PopularScreensavers (Adware.MyWebSearch) -> Quarantined and deleted successfully.Zainfekowane pliki rejestru:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.Zainfekowane foldery:c:\program files\Perfect Defender 2009 (Rogue.PerfectDefender) -> Quarantined and deleted successfully.C:\Program Files\LuckyTender (Adware.LuckyTender) -> Quarantined and deleted successfully.c:\program files\luckytender\1.3.0 (Adware.LuckyTender) -> Quarantined and deleted successfully.Zainfekowane pliki:c:\program files\windows live\messenger\msimg32.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.c:\program files\windows live\messenger\riched20.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.c:\Qoobox\quarantine\C\program files\internet explorer\msimg32.dll.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.c:\Qoobox\quarantine\C\program files\mywebsearch\bar\1.bin\F3CJPEG.DLL.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.c:\Qoobox\quarantine\C\program files\mywebsearch\bar\1.bin\F3HISTSW.DLL.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.c:\Qoobox\quarantine\C\program files\mywebsearch\bar\1.bin\F3HTTPCT.DLL.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.c:\Qoobox\quarantine\C\program files\mywebsearch\bar\1.bin\F3IMSTUB.DLL.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.c:\Qoobox\quarantine\C\program files\mywebsearch\bar\1.bin\F3PSSAVR.SCR.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.c:\Qoobox\quarantine\C\program files\mywebsearch\bar\1.bin\F3RESTUB.DLL.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.c:\Qoobox\quarantine\C\program files\mywebsearch\bar\1.bin\F3SCHMON.EXE.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.c:\Qoobox\quarantine\C\program files\mywebsearch\bar\1.bin\M3HIGHIN.EXE.vir (Adware.MyWeb) -> Quarantined and deleted successfully.c:\Qoobox\quarantine\C\program files\mywebsearch\bar\1.bin\M3HTML.DLL.vir (Adware.MyWeb) -> Quarantined and deleted successfully.c:\Qoobox\quarantine\C\program files\mywebsearch\bar\1.bin\M3IDLE.DLL.vir (Adware.MyWeb) -> Quarantined and deleted successfully.c:\Qoobox\quarantine\C\program files\mywebsearch\bar\1.bin\M3IMPIPE.EXE.vir (Adware.MyWeb) -> Quarantined and deleted successfully.c:\Qoobox\quarantine\C\program files\mywebsearch\bar\1.bin\M3MEDINT.EXE.vir (Adware.MyWeb) -> Quarantined and deleted successfully.c:\Qoobox\quarantine\C\program files\mywebsearch\bar\1.bin\M3MSG.DLL.vir (Adware.MyWeb) -> Quarantined and deleted successfully.c:\Qoobox\quarantine\C\program files\mywebsearch\bar\1.bin\M3OUTLCN.DLL.vir (Adware.MyWeb) -> Quarantined and deleted successfully.c:\Qoobox\quarantine\C\program files\mywebsearch\bar\1.bin\M3PLUGIN.DLL.vir (Adware.MyWeb) -> Quarantined and deleted successfully.c:\Qoobox\quarantine\C\program files\mywebsearch\bar\1.bin\M3SKIN.DLL.vir (Adware.MyWeb) -> Quarantined and deleted successfully.c:\Qoobox\quarantine\C\program files\mywebsearch\bar\1.bin\M3SKPLAY.EXE.vir (Adware.MyWeb) -> Quarantined and deleted successfully.c:\Qoobox\quarantine\C\program files\mywebsearch\bar\1.bin\M3SLSRCH.EXE.vir (Adware.MyWeb) -> Quarantined and deleted successfully.c:\Qoobox\quarantine\C\program files\mywebsearch\bar\1.bin\M3SRCHMN.EXE.vir (Adware.MyWeb) -> Quarantined and deleted successfully.c:\Qoobox\quarantine\C\program files\mywebsearch\bar\1.bin\MWSBAR.DLL.vir (Adware.MyWeb) -> Quarantined and deleted successfully.c:\Qoobox\quarantine\C\program files\mywebsearch\bar\1.bin\MWSOEMON.EXE.vir (Adware.MyWeb) -> Quarantined and deleted successfully.c:\Qoobox\quarantine\C\program files\mywebsearch\bar\1.bin\MWSOEPLG.DLL.vir (Adware.MyWeb) -> Quarantined and deleted successfully.c:\Qoobox\quarantine\C\program files\mywebsearch\bar\1.bin\MWSOESTB.DLL.vir (Adware.MyWeb) -> Quarantined and deleted successfully.c:\Qoobox\quarantine\C\program files\mywebsearch\bar\1.bin\MWSSVC.EXE.vir (Adware.MyWeb) -> Quarantined and deleted successfully.c:\Qoobox\quarantine\C\program files\mywebsearch\bar\1.bin\NPMYWEBS.DLL.vir (Adware.MyWeb) -> Quarantined and deleted successfully.c:\Qoobox\quarantine\C\program files\mywebsearch\SrchAstt\1.bin\MWSSRCAS.DLL.vir (Adware.MyWeb) -> Quarantined and deleted successfully.c:\Qoobox\quarantine\C\WINDOWS\system32\f3PSSavr.scr.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.c:\qoobox\quarantine\c\windows\system32\wbem\grpconv.exe.vir (Trojan.Downloader) -> Quarantined and deleted successfully.c:\qoobox\quarantine\c\windows\system32\wbem\proquota.exe.vir (Trojan.Downloader) -> Quarantined and deleted successfully.c:\system volume information\_restore{356fe635-cb4c-43c1-98a2-35c13cfb0654}\RP333\A0176101.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.c:\system volume information\_restore{356fe635-cb4c-43c1-98a2-35c13cfb0654}\RP333\A0176102.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.c:\system volume information\_restore{356fe635-cb4c-43c1-98a2-35c13cfb0654}\RP333\A0176104.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.c:\system volume information\_restore{356fe635-cb4c-43c1-98a2-35c13cfb0654}\RP333\A0176106.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.c:\system volume information\_restore{356fe635-cb4c-43c1-98a2-35c13cfb0654}\RP333\A0176109.SCR (Adware.MyWebSearch) -> Quarantined and deleted successfully.c:\system volume information\_restore{356fe635-cb4c-43c1-98a2-35c13cfb0654}\RP333\A0176111.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.c:\system volume information\_restore{356fe635-cb4c-43c1-98a2-35c13cfb0654}\RP333\A0176112.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.c:\system volume information\_restore{356fe635-cb4c-43c1-98a2-35c13cfb0654}\RP333\A0176117.EXE (Adware.MyWeb) -> Quarantined and deleted successfully.c:\system volume information\_restore{356fe635-cb4c-43c1-98a2-35c13cfb0654}\RP333\A0176118.DLL (Adware.MyWeb) -> Quarantined and deleted successfully.c:\system volume information\_restore{356fe635-cb4c-43c1-98a2-35c13cfb0654}\RP333\A0176119.DLL (Adware.MyWeb) -> Quarantined and deleted successfully.c:\system volume information\_restore{356fe635-cb4c-43c1-98a2-35c13cfb0654}\RP333\A0176120.EXE (Adware.MyWeb) -> Quarantined and deleted successfully.c:\system volume information\_restore{356fe635-cb4c-43c1-98a2-35c13cfb0654}\RP333\A0176121.EXE (Adware.MyWeb) -> Quarantined and deleted successfully.c:\system volume information\_restore{356fe635-cb4c-43c1-98a2-35c13cfb0654}\RP333\A0176122.DLL (Adware.MyWeb) -> Quarantined and deleted successfully.c:\system volume information\_restore{356fe635-cb4c-43c1-98a2-35c13cfb0654}\RP333\A0176124.DLL (Adware.MyWeb) -> Quarantined and deleted successfully.c:\system volume information\_restore{356fe635-cb4c-43c1-98a2-35c13cfb0654}\RP333\A0176126.DLL (Adware.MyWeb) -> Quarantined and deleted successfully.c:\system volume information\_restore{356fe635-cb4c-43c1-98a2-35c13cfb0654}\RP333\A0176127.EXE (Adware.MyWeb) -> Quarantined and deleted successfully.c:\system volume information\_restore{356fe635-cb4c-43c1-98a2-35c13cfb0654}\RP333\A0176128.EXE (Adware.MyWeb) -> Quarantined and deleted successfully.c:\system volume information\_restore{356fe635-cb4c-43c1-98a2-35c13cfb0654}\RP333\A0176129.EXE (Adware.MyWeb) -> Quarantined and deleted successfully.c:\system volume information\_restore{356fe635-cb4c-43c1-98a2-35c13cfb0654}\RP333\A0176130.DLL (Adware.MyWeb) -> Quarantined and deleted successfully.c:\system volume information\_restore{356fe635-cb4c-43c1-98a2-35c13cfb0654}\RP333\A0176131.EXE (Adware.MyWeb) -> Quarantined and deleted successfully.c:\system volume information\_restore{356fe635-cb4c-43c1-98a2-35c13cfb0654}\RP333\A0176132.DLL (Adware.MyWeb) -> Quarantined and deleted successfully.c:\system volume information\_restore{356fe635-cb4c-43c1-98a2-35c13cfb0654}\RP333\A0176133.DLL (Adware.MyWeb) -> Quarantined and deleted successfully.c:\system volume information\_restore{356fe635-cb4c-43c1-98a2-35c13cfb0654}\RP333\A0176134.EXE (Adware.MyWeb) -> Quarantined and deleted successfully.c:\system volume information\_restore{356fe635-cb4c-43c1-98a2-35c13cfb0654}\RP333\A0176135.DLL (Adware.MyWeb) -> Quarantined and deleted successfully.c:\system volume information\_restore{356fe635-cb4c-43c1-98a2-35c13cfb0654}\RP333\A0176145.scr (Adware.MyWebSearch) -> Quarantined and deleted successfully.c:\system volume information\_restore{356fe635-cb4c-43c1-98a2-35c13cfb0654}\rp333\A0176146.exe (Trojan.Downloader) -> Quarantined and deleted successfully.c:\system volume information\_restore{356fe635-cb4c-43c1-98a2-35c13cfb0654}\rp333\A0176147.exe (Trojan.Downloader) -> Quarantined and deleted successfully.c:\system volume information\_restore{356fe635-cb4c-43c1-98a2-35c13cfb0654}\RP333\A0176107.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.c:\system volume information\_restore{356fe635-cb4c-43c1-98a2-35c13cfb0654}\RP333\A0176125.DLL (Adware.MyWeb) -> Quarantined and deleted successfully.c:\system volume information\_restore{356fe635-cb4c-43c1-98a2-35c13cfb0654}\RP333\A0176143.DLL (Adware.MyWeb) -> Quarantined and deleted successfully.c:\program files\luckytender\uninst.exe (Adware.LuckyTender) -> Quarantined and deleted successfully.
manciu komentarz 29 maja 2009 Autor komentarz 29 maja 2009 Najświeższy log z comboFix: ComboFix 09-05-26.05 - Manciu 2009-05-29 14:08.2 - NTFSx86Microsoft Windows XP Home Edition 5.1.2600.2.1250.48.1045.18.502.182 [GMT 2:00]Uruchomiony z: c:\documents and settings\Manciu\Pulpit\ComboFix.exeAV: avast! antivirus 4.8.1335 [VPS 090528-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}.((((((((((((((((((((((((( Pliki utworzone od 2009-04-28 do 2009-05-29 ))))))))))))))))))))))))))))))).2009-05-28 17:33 . 2009-05-28 17:33 -------- d-----w c:\documents and settings\Manciu\Dane aplikacji\Malwarebytes2009-05-28 17:33 . 2009-05-26 11:20 40160 ----a-w c:\windows\system32\drivers\mbamswissarmy.sys2009-05-28 17:33 . 2009-05-28 17:33 -------- d-----w c:\program files\Malwarebytes' Anti-Malware2009-05-28 17:33 . 2009-05-28 17:33 -------- d-----w c:\documents and settings\All Users\Dane aplikacji\Malwarebytes2009-05-28 17:33 . 2009-05-26 11:19 19096 ----a-w c:\windows\system32\drivers\mbam.sys2009-05-28 14:38 . 2004-08-04 20:00 50688 ----a-w c:\windows\system32\proquota.exe2009-05-28 14:38 . 2004-08-04 20:00 50688 ----a-w c:\windows\system32\dllcache\proquota.exe2009-05-28 14:37 . 2004-08-04 20:00 39424 ----a-w c:\windows\system32\grpconv.exe2009-05-28 14:37 . 2004-08-04 20:00 39424 ----a-w c:\windows\system32\dllcache\grpconv.exe2009-05-28 12:48 . 2009-02-05 20:06 23152 ----a-w c:\windows\system32\drivers\aswRdr.sys2009-05-28 12:48 . 2009-02-05 20:06 51376 ----a-w c:\windows\system32\drivers\aswTdi.sys2009-05-28 12:48 . 2009-02-05 20:05 26944 ----a-w c:\windows\system32\drivers\aavmker4.sys2009-05-28 12:48 . 2009-02-05 20:04 97480 ----a-w c:\windows\system32\AvastSS.scr2009-05-28 12:48 . 2009-02-05 20:08 93296 ----a-w c:\windows\system32\drivers\aswmon.sys2009-05-28 12:48 . 2009-02-05 20:08 94032 ----a-w c:\windows\system32\drivers\aswmon2.sys2009-05-28 12:48 . 2009-02-05 20:07 114768 ----a-w c:\windows\system32\drivers\aswSP.sys2009-05-28 12:48 . 2009-02-05 20:07 20560 ----a-w c:\windows\system32\drivers\aswFsBlk.sys2009-05-28 12:48 . 2009-02-05 20:11 1256296 ----a-w c:\windows\system32\aswBoot.exe2009-05-28 12:47 . 2009-05-28 12:47 -------- d-----w c:\program files\Alwil Software2009-05-27 17:39 . 2009-05-27 17:39 -------- d-----w c:\program files\Trend Micro2009-05-27 17:28 . 2009-05-27 17:28 -------- d-----w c:\program files\ClustalX22009-05-27 17:25 . 2009-05-28 14:15 -------- d-----w c:\program files\Symantec2009-05-27 16:57 . 2009-05-27 16:57 96976 ----a-w c:\windows\system32\drivers\klin.dat2009-05-27 16:57 . 2009-05-27 16:57 87855 ----a-w c:\windows\system32\drivers\klick.dat2009-05-27 16:55 . 2009-05-27 17:04 32 --sha-w c:\windows\system32\drivers\fidbox2.dat2009-05-27 16:55 . 2009-05-27 17:04 32 --sha-w c:\windows\system32\drivers\fidbox.dat2009-05-27 16:55 . 2009-05-27 16:55 -------- d-----w c:\program files\Kaspersky Lab2009-05-27 16:55 . 2009-05-27 16:55 -------- d-----w c:\documents and settings\All Users\Dane aplikacji\Kaspersky Lab2009-05-26 12:56 . 2009-05-26 12:56 -------- d-----w c:\documents and settings\Manciu\Dotter2009-05-25 06:01 . 2009-05-29 12:10 115008 ----a-w c:\windows\system32\drivers\91ed905f.sys2009-05-21 17:42 . 2009-05-21 17:42 -------- d-----w c:\program files\LGE GSM PC Sync2009-05-21 17:42 . 2009-05-21 17:42 -------- d-----w c:\program files\eMule2009-05-20 09:33 . 2009-05-21 17:45 -------- d-----w c:\documents and settings\Administrator.LENOVO-49028DC7\Dane aplikacji2009-05-20 09:33 . 2006-03-24 15:15 135 ----a-w c:\documents and settings\Administrator.LENOVO-49028DC7\Ustawienia lokalne\Dane aplikacji\fusioncache.dat2009-05-20 09:33 . 2009-05-29 12:10 -------- d-----w c:\documents and settings\Administrator.LENOVO-49028DC7\Ustawienia lokalne2009-05-20 09:33 . 2009-05-21 17:45 -------- d-----w c:\documents and settings\Administrator.LENOVO-49028DC7\Ustawienia lokalne\Dane aplikacji\Microsoft2009-05-20 09:33 . 2009-05-21 17:45 -------- d-----w c:\documents and settings\Administrator.LENOVO-49028DC7\Ulubione2009-05-20 09:33 . 2009-05-21 17:45 -------- d-----w c:\documents and settings\Administrator.LENOVO-49028DC7\Moje dokumenty2009-05-20 09:33 . 2009-05-21 17:45 -------- d-----w c:\documents and settings\Administrator.LENOVO-49028DC7\Szablony2009-05-20 09:33 . 2009-05-21 17:45 -------- d-s---w c:\documents and settings\Administrator.LENOVO-49028DC72009-05-20 08:43 . 2009-05-21 17:47 -------- d-----w c:\documents and settings\All Users\Dane aplikacji\G DATA2009-05-20 08:42 . 2009-05-20 08:42 -------- d-----w c:\windows\l2schemas2009-05-20 08:39 . 2009-05-21 17:48 -------- d-----w c:\program files\Common Files\G DATA2009-05-20 08:39 . 2009-05-20 08:39 -------- d-----w c:\program files\G DATA2009-05-11 18:56 . 2009-05-11 18:56 -------- d-----w c:\documents and settings\Manciu\.gstreamer-0.102009-05-11 18:04 . 2009-05-11 18:04 -------- d-----w c:\documents and settings\Manciu\Dane aplikacji\OpenFM2009-05-10 10:05 . 2009-05-10 17:11 -------- d-----w c:\documents and settings\Manciu\Dane aplikacji\Nowe Gadu-Gadu2009-05-10 10:04 . 2009-05-26 16:09 -------- d-----w c:\program files\Nowe Gadu-Gadu2009-05-05 12:30 . 2009-05-25 06:01 195 --s-a-w c:\windows\system32\2090242729.dat2009-05-02 17:05 . 1996-12-03 11:07 403216 ------w c:\windows\system32\msrepl35.dll2009-05-02 17:05 . 1997-09-30 23:00 377344 ------w c:\windows\system\Mm.dll2009-05-02 17:05 . 1997-09-30 23:00 247808 ------w c:\windows\system\DATABASE.DLL2009-05-02 17:05 . 2009-05-02 17:05 -------- d-----w c:\program files\Bio-Rad Laboratories.(((((((((((((((((((((((((((((((((((((((( Sekcja Find3M )))))))))))))))))))))))))))))))))))))))))))))))))))).2009-05-29 11:58 . 2009-03-31 20:54 -------- d-----w c:\program files\pdfforge Toolbar2009-05-28 14:15 . 2006-12-21 03:59 -------- d-----w c:\program files\Common Files\Symantec Shared2009-05-28 12:44 . 2006-12-21 03:59 -------- d---a-w c:\documents and settings\All Users\Dane aplikacji\Symantec2009-05-27 17:13 . 2009-05-27 17:13 3676 ----a-w c:\windows\system32\PerfStringBackup.TMP2009-05-27 17:13 . 2006-12-21 11:25 515016 ----a-w c:\windows\system32\perfh015.dat2009-05-27 17:13 . 2006-12-21 11:25 100430 ----a-w c:\windows\system32\perfc015.dat2009-05-27 17:04 . 2009-05-27 16:55 32 --sha-w c:\windows\system32\drivers\fidbox2.idx2009-05-27 17:04 . 2009-05-27 16:55 32 --sha-w c:\windows\system32\drivers\fidbox.idx2009-05-27 15:59 . 2007-03-04 00:43 -------- d---a-w c:\documents and settings\Manciu\Dane aplikacji\Symantec2009-05-27 15:56 . 2006-12-21 03:58 -------- d-----w c:\program files\PCDR52009-05-24 14:10 . 2006-12-21 04:10 5427 ----a-w c:\windows\system32\EGATHDRV.SYS2009-05-21 13:46 . 2008-02-12 00:03 -------- d-----w c:\documents and settings\Manciu\Dane aplikacji\skypePM2009-05-10 10:03 . 2007-03-09 16:45 -------- d-----w c:\program files\Gadu-Gadu2009-05-09 19:44 . 2008-02-29 18:53 -------- d-----w c:\documents and settings\Manciu\Dane aplikacji\Skype2009-04-29 13:23 . 2007-11-29 09:22 -------- d-----w c:\program files\English Translator 32009-04-26 09:22 . 2007-10-22 19:44 -------- d-----w c:\program files\Leksykonia2009-04-01 19:00 . 2009-04-01 18:59 -------- d-----w c:\documents and settings\Manciu\Dane aplikacji\pdfforge2009-04-01 18:59 . 2009-04-01 18:59 -------- d-----w c:\documents and settings\Manciu\Dane aplikacji\Search Settings2009-03-06 14:01 . 2006-12-21 11:26 285696 ----a-w c:\windows\system32\pdh.dll2004-07-22 08:51 . 2004-07-22 08:51 3432656 -c--a-w c:\program files\ManagedDX.CAB2004-07-19 20:58 . 2004-07-19 20:58 1156363 -c--a-w c:\program files\BDANT.cab2004-07-19 20:53 . 2004-07-19 20:53 976020 -c--a-w c:\program files\BDAXP.cab2004-07-09 12:17 . 2004-07-09 12:17 13265040 -c--a-w c:\program files\dxnt.cab2004-07-09 07:13 . 2004-07-09 07:13 15493481 -c--a-w c:\program files\DirectX.cab2004-07-09 07:13 . 2004-07-09 07:13 703080 -c--a-w c:\program files\BDA.cab2004-07-09 02:08 . 2004-07-09 02:08 472576 -c--a-w c:\program files\dxsetup.exe2004-07-09 02:08 . 2004-07-09 02:08 2242560 -c--a-w c:\program files\dsetup32.dll2004-07-09 01:03 . 2004-07-09 01:03 62976 -c--a-w c:\program files\DSETUP.dll2008-01-03 17:19 . 2008-01-13 01:01 581632 ----a-w c:\program files\opera\program\plugins\Control.dll2008-01-03 17:01 . 2008-01-13 01:01 1490944 ----a-w c:\program files\opera\program\plugins\dirapi.dll2008-01-03 17:20 . 2008-01-13 01:01 24576 ----a-w c:\program files\opera\program\plugins\DynaPlayer.dll2008-01-03 17:39 . 2008-01-13 00:59 1113600 ----a-w c:\program files\opera\program\plugins\gi.dll2008-01-03 16:46 . 2008-01-13 00:59 52288 ----a-w c:\program files\opera\program\plugins\gtapi.dll2008-01-03 16:59 . 2008-01-13 01:01 606208 ----a-w c:\program files\opera\program\plugins\iml32.dll2008-01-03 17:18 . 2008-01-13 01:09 339968 ----a-w c:\program files\opera\program\plugins\Plugin.dll2008-01-03 17:19 . 2008-01-13 01:01 475136 ----a-w c:\program files\opera\program\plugins\PluginPing.dll2008-01-03 17:11 . 2008-01-13 01:01 180224 ----a-w c:\program files\opera\program\plugins\Proj.dll2008-01-03 17:18 . 2008-01-13 01:01 86016 ----a-w c:\program files\opera\program\plugins\SwMenu.dll2008-01-03 17:22 . 2008-01-13 01:01 98304 ----a-w c:\program files\opera\program\plugins\SwOnce.dll2008-01-03 16:46 . 2008-01-13 00:59 50808 ----a-w c:\program files\opera\program\plugins\SYMCCHECKER.DLL.((((((((((((((((((((((((((((( SnapShot@2009-05-28_14.44.45 ))))))))))))))))))))))))))))))))))))))))).+ 2009-05-29 06:23 . 2009-05-29 06:23 16384 c:\windows\Temp\Perflib_Perfdata_3fc.dat+ 2009-05-29 06:23 . 2009-05-29 06:23 16384 c:\windows\Temp\Perflib_Perfdata_1d8.dat+ 2009-05-28 15:32 . 2009-05-29 06:23 32768 c:\windows\system32\config\systemprofile\Ustawienia lokalne\Temporary Internet Files\Content.IE5\index.dat- 2006-12-21 04:07 . 2009-05-28 14:11 32768 c:\windows\system32\config\systemprofile\Ustawienia lokalne\Temporary Internet Files\Content.IE5\index.dat+ 2006-12-21 04:07 . 2009-05-29 06:23 32768 c:\windows\system32\config\systemprofile\Ustawienia lokalne\Historia\History.IE5\index.dat- 2006-12-21 04:07 . 2009-05-28 14:11 32768 c:\windows\system32\config\systemprofile\Ustawienia lokalne\Historia\History.IE5\index.dat+ 2006-12-21 04:07 . 2009-05-29 06:23 16384 c:\windows\system32\config\systemprofile\Cookies\index.dat- 2006-12-21 04:07 . 2009-05-28 14:11 16384 c:\windows\system32\config\systemprofile\Cookies\index.dat.((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru ))))))))))))))))))))))))))))))))))))))))))))))))))..*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane REGEDIT4[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2004-08-04 15360][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-05-19 774233]"TPHOTKEY"="c:\program files\Lenovo\HOTKEY\TPHKMGR.exe" [2006-05-08 94208]"TPWAUDAP"="c:\program files\Lenovo\HOTKEY\TpWAudAp.exe" [2006-04-19 24576]"PMHandler"="c:\progra~1\Lenovo\PMDRIV~1\PMHandler.exe" [2006-08-21 33128]"Broadcom Wireless Manager UI"="c:\windows\system32\WLTRAY.exe" [2006-06-25 1273856]"igfxtray"="c:\windows\system32\igfxtray.exe" [2006-03-23 94208]"igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2006-03-23 77824]"igfxpers"="c:\windows\system32\igfxpers.exe" [2006-03-23 118784]"snp2std"="c:\windows\vsnp2std.exe" [2006-07-10 675840]"OmniPass"="c:\program files\Softex\OmniPass\scureapp.exe" [2006-10-16 2502656]"TVT Scheduler Proxy"="c:\program files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe" [2006-07-14 503808]"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-07-27 221184]"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2004-07-27 81920]"LPManager"="c:\progra~1\Lenovo\LENOVO~2\LPMGR.exe" [2006-07-03 110592]"AMSG"="c:\progra~1\THINKV~1\AMSG\amsg.exe" [2005-11-22 507904]"DiskeeperSystray"="c:\program files\Diskeeper Corporation\Diskeeper\DkIcon.exe" [2006-05-18 196696]"cssauth"="c:\program files\Lenovo\Client Security Solution\cssauth.exe" [2006-07-14 2341632]"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-02-05 81000]"Skrót do strony właściwości High Definition Audio"="HDAShCut.exe" - c:\windows\system32\HdAShCut.exe [2005-01-07 61952]"AGRSMMSG"="AGRSMMSG.exe" - c:\windows\AGRSMMSG.exe [2006-08-30 89542][HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-04 15360]c:\documents and settings\All Users\Menu Start\Programy\Autostart\Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-9-24 29696]BTTray.lnk - c:\program files\Lenovo\Bluetooth Software\BTTray.exe [2006-1-17 618557][HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\OPXPGina]2006-10-16 13:30 49152 ------w c:\program files\Softex\OmniPass\OPXPGina.dll[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ACNotify]2006-10-05 18:53 32768 ------w c:\program files\ThinkPad\ConnectUtilities\ACNotify.dll[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\tphotkey]2006-01-11 06:05 13824 ------w c:\windows\system32\tphklock.dll[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]"%windir%\\system32\\sessmgr.exe"="c:\\WINDOWS\\system32\\dpvsetup.exe"="c:\\Program Files\\Messenger\\msmsgs.exe"="c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="c:\\Program Files\\Opera\\Opera.exe"="c:\\Program Files\\CambridgeSoft\\ChemOffice2008\\ChemDraw\\ChemDraw.exe"="c:\\Program Files\\Sports Interactive\\Football Manager 2008\\fm.exe"="c:\\Program Files\\Skype\\Phone\\Skype.exe"="c:\\Program Files\\Nowe Gadu-Gadu\\gg.exe"=R1 aswsp;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2009-05-28 114768]R1 PMHler;PMHler;c:\windows\system32\drivers\PMHler.sys [2006-05-24 10240]R2 aswfsblk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2009-05-28 20560]R2 Harmonogram automatycznej usługi LiveUpdate;Harmonogram automatycznej usługi LiveUpdate;c:\program files\Symantec\LiveUpdate\AluSchedulerSvc.exe [2007-03-09 100032]R2 MSSQL$CSSQL05;SQL Server (CSSQL05);c:\program files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2008-11-24 29263712]R2 smi2;smi2;c:\program files\SMI2\smi2.sys [2006-07-14 3968]S3 st3bus28;st3bus28;c:\windows\system32\DRIVERS\st3bus28.sys --> c:\windows\system32\DRIVERS\st3bus28.sys [?]..------- Skan uzupełniający -------.uInternet Connection Wizard,ShellNext = iexploreIE: &SearchIE: &WordWeb... - c:\windows\wweb32.dll/lookup.htmlIE: E&ksport do programu Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000IE: Wyślij do urządzenia &Bluetooth... - c:\program files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htmDPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab.**************************************************************************catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.netRootkit scan 2009-05-29 14:10Windows 5.1.2600 Dodatek Service Pack 2 NTFSskanowanie ukrytych procesów ... skanowanie ukrytych wpisów autostartu ... skanowanie ukrytych plików ... skanowanie pomyślnie ukończoneukryte pliki: 0**************************************************************************Binary file raw_enum.dat matches.--------------------- Pliki DLL ładowane pod uruchomionymi procesami ---------------------- - - - - - - > 'winlogon.exe'(1380)c:\program files\ThinkPad\ConnectUtilities\ACNotify.dllc:\program files\ThinkPad\ConnectUtilities\AcSvcStub.dllc:\program files\ThinkPad\ConnectUtilities\AcLocSettings.dllc:\program files\ThinkPad\ConnectUtilities\ACHelper.dllc:\program files\Softex\OmniPass\opxpgina.dllc:\windows\system32\tphklock.dllc:\windows\System32\BCMLogon.dll- - - - - - - > 'explorer.exe'(3460)c:\windows\system32\WPDShServiceObj.dllc:\windows\system32\PortableDeviceTypes.dllc:\windows\system32\PortableDeviceApi.dll.Czas ukończenia: 2009-05-29 14:13ComboFix-quarantined-files.txt 2009-05-29 12:12ComboFix2.txt 2009-05-28 14:54Przed: 8 666 206 208 bajtów wolnychPo: 8 640 557 056 bajtów wolnych216 --- E O F --- 2009-05-13 13:04
Gość komentarz 29 maja 2009 komentarz 29 maja 2009 Wklej do Notatnika: File::c:\windows\system32\drivers\91ed905f.sysc:\windows\system32\2090242729.datFolder::c:\program files\pdfforge ToolbarDriver::PMHlersmi2st3bus28Registry::[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"SynTPEnh"=-"TPHOTKEY"=-"TPWAUDAP"=-"PMHandler"=-"Broadcom Wireless Manager UI"=-"igfxtray"=-"igfxhkcmd"=-"igfxpers"=-"snp2std"=-"OmniPass"=-"TVT Scheduler Proxy"=-"ISUSPM Startup"=-"ISUSScheduler"=-"LPManager"=-"AMSG"=-"DiskeeperSystray"=-"cssauth"=-"NeroFilterCheck"=-"SunJavaUpdateSched"=-"Skrót do strony właściwości High Definition Audio"=-"AGRSMMSG"=- >>Plik>>Zapisz jako... >>> CFScript Przeciągnij i upuść plik CFScript.txt na plik ComboFix.exe --> Ma się rozpocząć usuwanie. (i powstanie log).Daj ten log, który powstanie w trakcie usuwania. Jeśli pójdzie dobrze, to: Po restarcie usuń ręcznie folder C:\Qoobox. .
Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!
Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.