x-kom hosting

http://prx.freecj.com/dcc2/stats.html problem

jo

jo

utworzono
utworzono

przesylam logi...

nie moge za cholere tego usumnac...

samo sie otwiera przy starcie compa

logi w zalaczniku

Logfile of HijackThis v1.99.1

Scan saved at 11:27:02, on 2007-06-29

Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:

C:WINDOWSSystem32smss.exe

C:WINDOWSsystem32csrss.exe

C:WINDOWSsystem32winlogon.exe

C:WINDOWSsystem32services.exe

C:WINDOWSsystem32lsass.exe

C:WINDOWSsystem32svchost.exe

C:WINDOWSsystem32svchost.exe

C:WINDOWSSystem32svchost.exe

C:Program FilesSygateSPFsmc.exe

C:WINDOWSsystem32svchost.exe

C:WINDOWSsystem32svchost.exe

C:Program FilesAlwil SoftwareAvast4aswUpdSv.exe

C:Program FilesAlwil SoftwareAvast4ashServ.exe

C:PROGRA~1ALWILS~1Avast4ashDisp.exe

C:Program FilesJavajre1.6.0_01binjusched.exe

C:Program FilesQuickTimeqttask.exe

C:WINDOWSiemon.exe

C:WINDOWSsystem32spoolsv.exe

C:Program FilesAnalog DevicesSoundMAXSmtray.exe

C:Program FilesSpyware DoctorSDTrayApp.exe

C:WINDOWSsystem32ctfmon.exe

C:Gadu-Gadugg.exe

C:SkypePhoneSkype.exe

C:Program FilesInternet Exploreriexplore.exe

C:Program FilesAdobeAcrobat 5.0DistillrAcroTray.exe

C:Program FilesprogramsMFIndexer.exe

C:Program FilesLavasoftAd-Aware 2007aawservice.exe

C:Program FilesSpyware Doctorsvcntaux.exe

C:Program FilesSpyware Doctorswdsvc.exe

C:Program FilesAnalog DevicesSoundMAXSMAgent.exe

C:Program FilesAlwil SoftwareAvast4ashMaiSv.exe

C:Program FilesAlwil SoftwareAvast4ashWebSv.exe

C:WINDOWSsystem32wbemwmiprvse.exe

C:WINDOWSSystem32alg.exe

C:WINDOWSsystem32wuauclt.exe

C:Program FilesInternet ExplorerIEXPLORE.EXE

C:WINDOWSexplorer.exe

C:Documents and SettingsmichalPulpitHijackThis.exe

R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.poczta.wp.pl/

R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Łącza

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:Program FilesAdobeAcrobat 5.0AcrobatActiveXAcroIEHelper.ocx

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:Program FilesJavajre1.6.0_01binssv.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:program filesgooglegoogletoolbar2.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:program filesgooglegoogletoolbar2.dll

O4 - HKLM..Run: [smcService] C:PROGRA~1SygateSPFsmc.exe -startgui

O4 - HKLM..Run: [avast!] C:PROGRA~1ALWILS~1Avast4ashDisp.exe

O4 - HKLM..Run: [sunJavaUpdateSched] "C:Program FilesJavajre1.6.0_01binjusched.exe"

O4 - HKLM..Run: [QuickTime Task] "C:Program FilesQuickTimeqttask.exe" -atboottime

O4 - HKLM..Run: [smapp] C:Program FilesAnalog DevicesSoundMAXSmtray.exe

O4 - HKLM..Run: [sDTray] "C:Program FilesSpyware DoctorSDTrayApp.exe"

O4 - HKCU..Run: [CTFMON.EXE] C:WINDOWSsystem32ctfmon.exe

O4 - HKCU..Run: [Gadu-Gadu] "C:Gadu-Gadugg.exe" /tray

O4 - HKCU..Run: [skype] "C:SkypePhoneSkype.exe" /nosplash /minimized

O4 - Global Startup: Acrobat Assistant.lnk = C:Program FilesAdobeAcrobat 5.0DistillrAcroTray.exe

O4 - Global Startup: Adobe Gamma Loader.lnk = C:Program FilesCommon FilesAdobeCalibrationAdobe Gamma Loader.exe

O4 - Global Startup: Corel MEDIA FOLDERS INDEXER 8.LNK = C:Program FilesprogramsMFIndexer.exe

O4 - Global Startup: Microsoft Office.lnk = C:Program FilesMicrosoft OfficeOfficeOSA9.EXE

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program FilesJavajre1.6.0_01binssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program FilesJavajre1.6.0_01binssv.dll

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe

O12 - Plugin for .spop: C:Program FilesInternet ExplorerPluginsNPDocBox.dll

O15 - Trusted Zone: http://fotki.photocenter.home.pl

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1181038972984

O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} (MksSkanerOnline Class) - http://www.mks.com.pl/skaner/SkanerOnline.cab

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1181045271609

O20 - Winlogon Notify: WgaLogon - C:WINDOWSSYSTEM32WgaLogon.dll

O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:Program FilesLavasoftAd-Aware 2007aawservice.exe

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:Program FilesAlwil SoftwareAvast4aswUpdSv.exe

O23 - Service: avast! Antivirus - ALWIL Software - C:Program FilesAlwil SoftwareAvast4ashServ.exe

O23 - Service: avast! Mail Scanner - Unknown owner - C:Program FilesAlwil SoftwareAvast4ashMaiSv.exe" /service (file missing)

O23 - Service: avast! Web Scanner - Unknown owner - C:Program FilesAlwil SoftwareAvast4ashWebSv.exe" /service (file missing)

O23 - Service: Google Updater Service (gusvc) - Google - C:Program FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe

O23 - Service: Spyware Doctor Auxiliary Service (sdAuxService) - PC Tools - C:Program FilesSpyware Doctorsvcntaux.exe

O23 - Service: Spyware Doctor Service (sdCoreService) - PC Tools - C:Program FilesSpyware Doctorswdsvc.exe

O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:Program FilesSygateSPFsmc.exe

O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:Program FilesAnalog DevicesSoundMAXSMAgent.exe

"michal" - 2007-06-29 11:22:19 - ComboFix 07-06-27.7 - Dodatek Service Pack 2 NTFS

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

C:WINDOWSsystem32rsvp322.dll

C:WINDOWSsystem32rsvp322.dllyrt

((((((((((((((((((((((((( Files Created from 2007-05-28 to 2007-06-29 )))))))))))))))))))))))))))))))

2007-06-29 11:21 49,152 --a------ C:WINDOWSnircmd.exe

2007-06-28 07:54 83,536 --a------ C:WINDOWSsystem32driversiksyssec.sys

2007-06-28 07:54 626,688 --a------ C:WINDOWSsystem32msvcr80.dll

2007-06-28 07:54 59,984 --a------ C:WINDOWSsystem32driversiksysflt.sys

2007-06-28 07:54 52,304 --a------ C:WINDOWSsystem32driversikfilesec.sys

2007-06-28 07:54 39,248 --a------ C:WINDOWSsystem32driversikfileflt.sys

2007-06-28 07:54 26,064 --a------ C:WINDOWSsystem32driverskcom.sys

2007-06-28 07:54 <DIR> d-------- C:Program FilesSpyware Doctor

2007-06-28 07:54 <DIR> d-------- C:DOCUME~1michalDANEAP~1PC Tools

2007-06-25 11:28 <DIR> d-------- C:WINDOWSPrefetch

2007-06-25 11:15 24,661 --a------ C:WINDOWSsystem32spxcoins.dll

2007-06-25 11:15 13,312 --a------ C:WINDOWSsystem32irclass.dll

2007-06-25 11:03 <DIR> d-------- C:WINDOWSsetup.pss

2007-06-24 16:04 <DIR> d-------- C:Program FilesSmartFTP Client

2007-06-24 16:04 <DIR> d-------- C:DOCUME~1michalDANEAP~1SmartFTP

2007-06-24 16:04 <DIR> d-------- C:DOCUME~1ALLUSE~1Pulpit

2007-06-23 19:17 <DIR> d-------- C:DOCUME~1michalDANEAP~1FlashFXP

2007-06-23 12:11 545 --a------ C:WINDOWSUC.PIF

2007-06-23 12:11 545 --a------ C:WINDOWSRAR.PIF

2007-06-23 12:11 545 --a------ C:WINDOWSPKZIP.PIF

2007-06-23 12:11 545 --a------ C:WINDOWSPKUNZIP.PIF

2007-06-23 12:11 545 --a------ C:WINDOWSNOCLOSE.PIF

2007-06-23 12:11 545 --a------ C:WINDOWSLHA.PIF

2007-06-23 12:11 545 --a------ C:WINDOWSARJ.PIF

2007-06-22 10:03 <DIR> d-------- C:DOCUME~1ALLUSE~1DANEAP~1Windows Genuine Advantage

2007-06-22 10:02 221,184 --a------ C:WINDOWSsystem32wmpns.dll

2007-06-22 10:00 <DIR> d-------- C:Program FilesMSXML 4.0

2007-06-22 09:17 271,224 --a------ C:WINDOWSsystem32mucltui.dll

2007-06-22 08:05 134,656 --a------ C:WINDOWSqozrvetq.exe

2007-06-20 10:14 991,232 --a------ C:WINDOWSsystem32virtear.dll

2007-06-20 10:14 974,848 --a------ C:WINDOWSSynthCoreA.Dll

2007-06-20 10:14 765,952 --a------ C:WINDOWSsystemcrlds3d.dll

2007-06-20 10:14 720,896 --a------ C:WINDOWSsystem32Audio3d.dll

2007-06-20 10:14 720,896 --a------ C:WINDOWSsystem32a3d.dll

2007-06-20 10:14 549,368 --a------ C:WINDOWSsystem32driverssmwdm.sys

2007-06-20 10:14 49,152 --a------ C:WINDOWSsystem32S11thk32.dll

2007-06-20 10:14 45,056 --a------ C:WINDOWSsystem32SynthCore11Resources.dll

2007-06-20 10:14 45,056 --a------ C:WINDOWSsystem32DSndUp.exe

2007-06-20 10:14 45,056 --a------ C:WINDOWSsystem32CleanUp.exe

2007-06-20 10:14 44 --a------ C:WINDOWSsystem32msssc.dll

2007-06-20 10:14 40,820 --a------ C:WINDOWSsystem32Syncor11.dll

2007-06-20 10:14 4,816 --a------ C:WINDOWSsystem32driversaeaudio.sys

2007-06-20 10:14 380,928 --a------ C:WINDOWSSynCor.exe

2007-06-20 10:14 30,208 --a------ C:WINDOWSsystem32wdmioctl.dll

2007-06-20 10:14 3,744 --a------ C:WINDOWSsystem32driverssmsens.sys

2007-06-20 10:14 1,285,632 --a------ C:WINDOWSsystem32SMMedia.dll

2007-06-20 10:14 <DIR> d-------- C:WINDOWSVirtualEar

2007-06-20 10:14 <DIR> d-------- C:Program FilesAnalog Devices

2007-06-20 10:13 5,824 --a------ C:WINDOWSsystem32driversASUSHWIO.SYS

2007-06-15 14:02 <DIR> d-------- C:WINDOWS0E6AB9FC76C2431B9C066C1CFFFEA8EB.TMP

2007-06-15 11:51 <DIR> d-------- C:Program FilesLavasoft

2007-06-15 11:51 <DIR> d-------- C:DOCUME~1ALLUSE~1DANEAP~1Lavasoft

2007-06-14 07:43 <DIR> d-------- C:Program FilesHewlett-Packard

2007-06-14 07:43 <DIR> d-------- C:Program FilesCommon FilesHewlett-Packard

2007-06-13 12:21 3,407,872 --a------ C:DOCUME~1michalntuser.dat

2007-06-13 10:58 7,680 --a------ C:WINDOWSsystem32driversmotccgpfl.sys

2007-06-13 10:58 6,400 --a------ C:WINDOWSsystem32driversmotswch.sys

2007-06-13 10:58 42,112 --a------ C:WINDOWSsystem32driversmotodrv.sys

2007-06-13 10:58 22,528 --a------ C:WINDOWSsystem32driversmotmodem.sys

2007-06-13 10:58 17,920 --a------ C:WINDOWSsystem32driversmotccgp.sys

2007-06-13 10:58 1,419,232 --a------ C:WINDOWSsystem32wdfcoinstaller01005.dll

2007-06-13 10:58 <DIR> d----c--- C:WINDOWSsystem32DRVSTORE

2007-06-13 10:57 <DIR> d-------- C:Program FilesMotorola

2007-06-13 10:57 <DIR> d-------- C:Program FilesCommon FilesMotorola Shared

2007-06-12 09:56 <DIR> d-------- C:Program FilesWinXP

2007-06-11 08:45 8,704 --a------ C:WINDOWSsystem32sporder.dll

2007-06-11 08:45 65,536 --a------ C:WINDOWSiemon.exe

2007-06-11 08:45 14,462 --a------ C:WINDOWSwm180global.exe

2007-06-11 08:45 134,656 --a------ C:WINDOWSwjvufnwc.exe

2007-06-09 17:48 <DIR> d-------- C:DOCUME~1michalDANEAP~1Apple Computer

2007-06-09 12:15 <DIR> d-------- C:DOCUME~1michalDANEAP~1Corel

2007-06-08 15:59 <DIR> d-------- C:Program FilesSkanerOnline

2007-06-08 13:13 464 --a------ C:WINDOWSsystem32vorbisenc.dll

2007-06-08 13:13 464 --a------ C:WINDOWSsystem32vorbis.dll

2007-06-08 13:13 464 --a------ C:WINDOWSsystem32OggDS.dll

2007-06-08 13:13 464 --a------ C:WINDOWSsystem32ogg.dll

2007-06-06 14:19 <DIR> d-------- C:FILMY EMULA

2007-06-06 14:15 <DIR> d-------- C:Program FileseMule

2007-06-06 13:00 <DIR> d-------- C:Program FilesQuickTime

2007-06-06 13:00 <DIR> d-------- C:Program FilesApple Software Update

2007-06-06 13:00 <DIR> d-------- C:DOCUME~1ALLUSE~1DANEAP~1Apple Computer

2007-06-06 08:30 765,952 --a------ C:WINDOWSsystem32xvidcore.dll

2007-06-06 08:30 180,224 --a------ C:WINDOWSsystem32xvidvfw.dll

2007-06-06 08:30 <DIR> d-------- C:Program FilesXvid

2007-06-06 08:03 577,536 --a------ C:WINDOWSSOUNDMAN.EXE

2007-06-06 08:03 4,030,144 --a------ C:WINDOWSsystem32driversALCXWDM.SYS

2007-06-06 08:03 315,392 --a------ C:WINDOWSalcupd.exe

2007-06-06 08:03 217,088 --a------ C:WINDOWSAlcrmv.exe

2007-06-06 08:03 147,456 --a------ C:WINDOWSsystem32RTLCPAPI.dll

2007-06-06 08:03 10,528,768 --a------ C:WINDOWSsystem32RTLCPL.EXE

2007-06-06 07:37 <DIR> d-------- C:Program Filesahead

2007-06-05 14:58 2,944 --a------ C:WINDOWSsystem32driversmsmpu401.sys

2007-06-05 14:17 <DIR> d-------- C:DOCUME~1michalDANEAP~1Google

2007-06-05 14:14 <DIR> d-------- C:Program FilesGoogle

2007-06-05 14:14 <DIR> d-------- C:DOCUME~1ALLUSE~1DANEAP~1Google

2007-06-05 14:11 23,856 --a------ C:WINDOWSsystem32spupdsvc.exe

2007-06-05 14:11 <DIR> d-------- C:WINDOWSsystem32PreInstall

2007-06-05 13:36 <DIR> d--h----- C:WINDOWSPIF

2007-06-05 13:32 275 --a------ C:WINDOWSvgfj.exe

2007-06-05 13:27 65,536 --a------ C:WINDOWSsystem32adistres.dll

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

2007-06-25 09:30:32 49,712 ----a-w C:WINDOWSsystem32perfc015.dat

2007-06-25 09:30:32 355,830 ----a-w C:WINDOWSsystem32perfh015.dat

2007-06-05 09:25:59 -------- d-----w C:Program Filesac97ich4_and_more

2007-06-04 09:26:40 -------- d-----w C:Program FilesUsługi online

2007-04-16 20:45:28 92,504 ----a-w C:WINDOWSsystem32cdm.dll

2007-04-16 20:45:20 43,352 ----a-w C:WINDOWSsystem32wups2.dll

2007-04-16 20:44:18 208,248 ----a-w C:WINDOWSsystem32muweb.dll

2007-04-13 13:19:52 7,680 ----a-w C:WINDOWSsystem32lsdelete.exe

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects]

{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}=C:Program FilesAdobeAcrobat 5.0AcrobatActiveXAcroIEHelper.ocx [2001-03-02 12:02]

{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}=C:Program FilesJavajre1.6.0_01binssv.dll [2007-03-14 03:43]

{AA58ED58-01DD-4d91-8333-CF10577473F7}=c:program filesgooglegoogletoolbar2.dll [2007-06-05 14:17]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun]

"SmcService"="C:PROGRA~1SygateSPFsmc.exe" [2004-10-15 19:40]

"avast!"="C:PROGRA~1ALWILS~1Avast4ashDisp.exe" [2007-04-30 17:42]

"SunJavaUpdateSched"="C:Program FilesJavajre1.6.0_01binjusched.exe" [2007-03-14 03:43]

"QuickTime Task"="C:Program FilesQuickTimeqttask.exe" [2007-04-27 09:41]

"Smapp"="C:Program FilesAnalog DevicesSoundMAXSmtray.exe" [2002-06-26 17:36]

"SDTray"="C:Program FilesSpyware DoctorSDTrayApp.exe" [2007-06-28 07:56]

[HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRun]

"CTFMON.EXE"="C:WINDOWSsystem32ctfmon.exe" [2006-03-02 14:00]

"Gadu-Gadu"="C:Gadu-Gadugg.exe" [2006-02-17 15:03]

"Skype"="C:SkypePhoneSkype.exe" [2007-03-30 13:34]

[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetcontrolsafebootminimalaawservice]

[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetcontrolsafebootminimalsdauxservice]

[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetcontrolsafebootminimalsdcoreservice]

**************************************************************************

catchme 0.3.721 W2K/XP/Vista - userland rootkit detector by Gmer, http://www.gmer.net

Rootkit scan 2007-06-29 11:24:24

Windows 5.1.2600 Dodatek Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully

hidden files: 0

**************************************************************************

Completion time: 2007-06-29 11:25:14

C:ComboFix-quarantined-files.txt ... 2007-06-29 11:25

--- E O F ---

CatchMe

CatchMe

komentarz
komentarz

Ściągnij OTMoveIt: http://download.bleepingcomputer.com/oldtimer/OTMoveIt.exe

* Do pola Paste List of Files/Folders to be Moved wklej poniższe ścieżki:

C:WINDOWSsetup.pss

C:WINDOWSqozrvetq.exe

C:WINDOWS0E6AB9FC76C2431B9C066C1CFFFEA8EB.TMP

C:WINDOWSsystem32sporder.dll

C:WINDOWSiemon.exe

C:WINDOWSwm180global.exe

C:WINDOWSwjvufnwc.exe

C:WINDOWSvgfj.exe

* Następnie wciśnij przycisk MoveIt!

* Wyskoczy komunikat, że jest potrzebny restart do usunięcia podanych plików/folderów - wciśnij Yes.

* Po restarcie usuń ręcznie folder C:_OTMoveIt (Prawoklik >>> Usuń >>> Opróżnij Kosz).

- Następnie wklej nowe logi. :)

Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!

Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.

Zadaj pytanie bez logowania
Przejdź do listy tematów
×
×
  • Dodaj nową pozycję...

Powiadomienie o plikach cookie

Strona wykorzystuje pliki cookies w celu prawidłowego świadczenia usług i wygody użytkowników. Warunki przechowywania i dostępu do plików cookies możesz zmienić w ustawieniach przeglądarki.

  Akceptuję