adames72 utworzono 4 sierpnia 2008 utworzono 4 sierpnia 2008 Logfile of Trend Micro HijackThis v2.0.2Scan saved at 12:05:22, on 2008-08-04Platform: Windows XP Dodatek SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.16640)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\Program Files\Lavasoft\Ad-Aware\aawservice.exeC:\WINDOWS\system32\spoolsv.exeC:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exeC:\Program Files\NCH Software\BroadCam\broadCam.exeC:\Program Files\Eset\nod32krn.exeC:\WINDOWS\system32\oodag.exeC:\WINDOWS\system32\svchost.exeC:\Program Files\Webroot\Spy Sweeper\SpySweeper.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\SOUNDMAN.EXEC:\WINDOWS\system32\rundll32.exeC:\WINDOWS\PixArt\PAC207\Monitor.exeC:\Program Files\Eset\nod32kui.exeC:\WINDOWS\system32\ctfmon.exeC:\Program Files\Wireless LAN USB Dongle\ZDWlan.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Gadu-Gadu\gg.exeC:\Program Files\Winamp\winamp.exeC:\Program Files\Skype\Phone\Skype.exeC:\Program Files\Mozilla Firefox\firefox.exeC:\Program Files\Trend Micro\HijackThis\HijackThis.exeR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=74005R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = ŁączaO4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXEO4 - HKLM\..\Run: [bluetoothAuthenticationAgent] "rundll32.exe" bthprops.cpl,,BluetoothAuthenticationAgentO4 - HKLM\..\Run: [Monitor] C:\WINDOWS\PixArt\PAC207\Monitor.exeO4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe"O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICEO4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exeO4 - HKUS\S-1-5-20\..\Run: [TaskSwitchXP] C:\Program Files\TaskSwitchXP\TaskSwitchXP.exe (User 'USŁUGA SIECIOWA')O4 - HKUS\S-1-5-20\..\Run: [VisualTaskTips] C:\Program Files\Utilities\VisualTaskTips\VisualTaskTips.exe (User 'USŁUGA SIECIOWA')O4 - HKUS\S-1-5-20\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized (User 'USŁUGA SIECIOWA')O4 - HKUS\S-1-5-20\..\Run: [Komunikator] C:\Program Files\Tlen.pl\tlen.exe (User 'USŁUGA SIECIOWA')O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'USŁUGA SIECIOWA')O4 - HKUS\S-1-5-18\..\Run: [TaskSwitchXP] C:\Program Files\TaskSwitchXP\TaskSwitchXP.exe (User 'SYSTEM')O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM')O4 - HKUS\.DEFAULT\..\Run: [TaskSwitchXP] C:\Program Files\TaskSwitchXP\TaskSwitchXP.exe (User 'Default user')O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')O4 - Global Startup: Wireless LAN USB Dongle.lnk = C:\Program Files\Wireless LAN USB Dongle\ZDWlan.exeO9 - Extra button: Statystyki dla ochrony WWW - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\SCIEPlgn.dll (file missing)O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dllO9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exeO9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exeO20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dllO23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exeO23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exeO23 - Service: BroadCam Service (BroadCamService) - Unknown owner - C:\Program Files\NCH Software\BroadCam\broadCam.exeO23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exeO23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exeO23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exeO23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exeO23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe--End of file - 4810 bytes //logi wstawiamy w tagi code //vocativus
Mateusz J. komentarz 4 sierpnia 2008 komentarz 4 sierpnia 2008 Jaki powód sprawdzania logów? Masz 2 antywirusa na komputerze, odinstaluj jednego.
adames72 komentarz 4 sierpnia 2008 Autor komentarz 4 sierpnia 2008 zebym jeszcze wiedzial jakie dwa i jak je odinstalowac...powod loga ......sciągnąłem trojana 2 dni mialem co 3 minuty taki syf alert w kompie ...nie znam sie ale jakoś wywalilem to
Mateusz J. komentarz 5 sierpnia 2008 komentarz 5 sierpnia 2008 Pokaż log z CobmoFix. Masz NOD32 i Kaspersky, ale wygląda jakbyś już próbował wywalić ręcznie z dysku Kasperskiego.
adames72 komentarz 5 sierpnia 2008 Autor komentarz 5 sierpnia 2008 dla mnie to czarna magia ale prosze combofix log: ComboFix 08-08-04.07 - adas 2008-08-05 18:44:19.1 - NTFSx86Microsoft Windows XP Professional 5.1.2600.3.1250.1.1045.18.114 [GMT 1:00]Running from: C:\Documents and Settings\adas\Pulpit\ComboFix.exe * Created a new restore point * Resident AV is active[b]WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !![/b].((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))).C:\Documents and Settings\All Users\Dane aplikacji\Secure SolutionsC:\Documents and Settings\All Users\Dane aplikacji\Secure Solutions\Antispyware 2008 XP\as2008xp.exeC:\Documents and Settings\All Users\Dane aplikacji\Secure Solutions\Antispyware 2008 XP\LOG\20080801132512312.logC:\Documents and Settings\All Users\Dane aplikacji\Secure Solutions\Antispyware 2008 XP\LOG\20080801172833671.logC:\Documents and Settings\All Users\Dane aplikacji\Secure Solutions\Antispyware 2008 XP\LOG\20080801173602984.logC:\Documents and Settings\All Users\Dane aplikacji\Secure Solutions\Antispyware 2008 XP\LOG\20080801230605328.logC:\Documents and Settings\All Users\Dane aplikacji\Secure Solutions\Antispyware 2008 XP\LOG\20080801232333062.logC:\Documents and Settings\All Users\Dane aplikacji\Secure Solutions\Antispyware 2008 XP\LOG\20080802005338796.logC:\Documents and Settings\All Users\Dane aplikacji\Secure Solutions\Antispyware 2008 XP\LOG\20080802005754921.logC:\Documents and Settings\All Users\Dane aplikacji\Secure Solutions\Antispyware 2008 XP\LOG\20080802075435953.logC:\Documents and Settings\All Users\Dane aplikacji\Secure Solutions\Antispyware 2008 XP\LOG\20080802084415500.logC:\Documents and Settings\All Users\Dane aplikacji\Secure Solutions\Antispyware 2008 XP\LOG\20080802104325734.logC:\Documents and Settings\All Users\Dane aplikacji\Secure Solutions\Antispyware 2008 XP\LOG\20080802104746312.logC:\Documents and Settings\All Users\Dane aplikacji\Secure Solutions\Antispyware 2008 XP\LOG\20080802105305437.logC:\Documents and Settings\All Users\Dane aplikacji\Secure Solutions\Antispyware 2008 XP\LOG\20080802113717078.logC:\Documents and Settings\All Users\Dane aplikacji\Secure Solutions\Antispyware 2008 XP\LOG\20080802155921203.logC:\Documents and Settings\All Users\Dane aplikacji\Secure Solutions\Antispyware 2008 XP\LOG\20080803150648609.logC:\Documents and Settings\All Users\Dane aplikacji\Secure Solutions\Antispyware 2008 XP\LOG\20080803222924890.logC:\Documents and Settings\All Users\Dane aplikacji\Secure Solutions\Antispyware 2008 XP\LOG\20080803224546781.logC:\Documents and Settings\All Users\Dane aplikacji\Secure Solutions\Antispyware 2008 XP\LOG\20080803230331250.logC:\WINDOWS\system32\btfunc.dllC:\WINDOWS\system32\winivstr.exe.((((((((((((((((((((((((( Files Created from 2008-07-05 to 2008-08-05 ))))))))))))))))))))))))))))))).2008-08-05 18:47 . 2008-08-05 18:47 <DIR> d-------- C:\WINDOWS\system32\xircom2008-08-05 18:47 . 2008-08-05 18:47 <DIR> d-------- C:\WINDOWS\srchasst2008-08-05 18:47 . 2008-08-05 18:47 <DIR> d-------- C:\WINDOWS\msagent2008-08-05 18:47 . 2008-08-05 18:47 <DIR> d-------- C:\Program Files\microsoft frontpage2008-08-04 16:23 . 2008-08-04 16:23 <DIR> d-------- C:\Program Files\Luminositi2008-08-04 11:17 . 2008-08-04 11:17 <DIR> d-------- C:\Program Files\Trend Micro2008-08-03 22:18 . 2008-08-03 22:18 164 --a------ C:\install.dat2008-08-03 22:15 . 2008-08-03 22:15 <DIR> d-------- C:\!KillBox2008-08-02 20:31 . 2008-08-02 20:31 <DIR> d-------- C:\Program Files\Lavasoft2008-08-02 20:31 . 2008-08-02 20:41 <DIR> d-------- C:\Documents and Settings\All Users\Dane aplikacji\Lavasoft2008-08-02 20:30 . 2008-08-02 20:30 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard2008-08-02 15:25 . 2008-08-02 15:25 861 --a------ C:\WINDOWS\wininit.ini2008-08-02 15:04 . 2008-08-04 19:23 <DIR> d-------- C:\Program Files\Spybot - Search & Destroy2008-08-02 15:04 . 2008-08-04 19:23 <DIR> d-------- C:\Documents and Settings\All Users\Dane aplikacji\Spybot - Search & Destroy2008-08-02 11:42 . 2008-08-02 11:42 <DIR> d-------- C:\WINDOWS\XDRV2008-08-02 11:42 . 2008-08-02 11:42 <DIR> d-------- C:\Program Files\Wireless LAN USB Dongle2008-08-02 11:42 . 2008-08-02 11:42 32,768 --------- C:\WINDOWS\system32\MWLPS.dll2008-08-02 10:45 . 2008-08-02 10:44 512,096 --a------ C:\WINDOWS\system32\drivers\amon.sys2008-08-02 10:45 . 2008-08-02 10:44 298,104 --a------ C:\WINDOWS\system32\imon.dll2008-08-02 10:45 . 2008-08-02 10:44 15,424 --a------ C:\WINDOWS\system32\drivers\nod32drv.sys2008-08-01 23:00 . 2008-08-01 23:00 <DIR> d-------- C:\Documents and Settings\All Users\Dane aplikacji\Kaspersky Lab Setup Files2008-08-01 21:00 . 2008-07-27 22:29 172,295 --a------ C:\WINDOWS\system32\_scui.cpl2008-08-01 16:46 . 2008-08-05 18:30 <DIR> d-------- C:\Program Files\Panda Security2008-08-01 13:25 . 2008-08-01 13:25 <DIR> d-------- C:\Documents and Settings\All Users\Dane aplikacji\services2008-08-01 12:36 . 2008-08-01 12:36 <DIR> d-------- C:\WINDOWS\PixArt2008-08-01 12:36 . 2008-04-14 20:51 91,648 --a------ C:\WINDOWS\system32\kswdmcap.ax2008-08-01 12:36 . 2008-04-14 20:51 61,952 --a------ C:\WINDOWS\system32\kstvtune.ax2008-08-01 12:36 . 2008-04-14 20:50 54,784 --a------ C:\WINDOWS\system32\vfwwdm32.dll2008-08-01 12:36 . 2008-04-14 20:51 43,008 --a------ C:\WINDOWS\system32\ksxbar.ax2008-08-01 12:36 . 2008-04-14 20:51 28,672 --a------ C:\WINDOWS\system32\vidcap.ax2008-08-01 12:35 . 2008-08-01 12:35 <DIR> d-------- C:\WINDOWS\PAC2072008-08-01 12:35 . 2008-08-01 12:35 <DIR> d-------- C:\WINDOWS\Downloaded Installations2008-08-01 12:35 . 2008-08-01 12:35 <DIR> d-------- C:\Program Files\PC Camera2008-08-01 12:35 . 2008-08-01 12:35 <DIR> d-------- C:\Program Files\Common Files\PXIINST642072008-08-01 12:35 . 2008-08-01 12:35 <DIR> d-------- C:\Program Files\Common Files\PXIINST2072008-08-01 12:35 . 2008-08-01 12:35 <DIR> d-------- C:\Program Files\Common Files\PAC2072008-07-31 20:17 . 2008-07-31 20:17 <DIR> d-------- C:\vcs5core2008-07-31 20:17 . 2008-07-31 20:17 <DIR> d-------- C:\vcs5BGEffects2008-07-31 20:17 . 2008-07-31 20:17 <DIR> d-------- C:\AV_LOGS2008-07-31 17:32 . 2008-08-01 08:52 <DIR> d-------- C:\Documents and Settings\adas\Dane aplikacji\Nokia Multimedia Player2008-07-31 16:21 . 2008-07-31 16:21 <DIR> d-------- C:\bb5_unlocker2008-07-31 14:28 . 2008-07-31 14:28 <DIR> d-------- C:\Documents and Settings\adas\Dane aplikacji\CamTrack2008-07-31 14:27 . 2007-02-28 13:00 108,752 --a------ C:\WINDOWS\system32\drivers\dptrackerd.sys2008-07-31 10:04 . 2008-07-31 10:04 <DIR> d-------- C:\Program Files\XLView2008-07-31 08:38 . 2008-07-31 08:38 <DIR> d-------- C:\Program Files\NSS2008-07-31 08:38 . 2006-08-29 15:56 32,377 --a------ C:\WINDOWS\system32\drivers\prodigy.sys2008-07-30 22:26 . 2008-07-30 22:26 <DIR> dr------- C:\Documents and Settings\LocalService\Moje dokumenty2008-07-30 22:26 . 2008-07-30 22:26 <DIR> d-------- C:\Bluetooth2008-07-30 22:24 . 2008-04-13 22:15 26,112 --a------ C:\WINDOWS\system32\drivers\usbser.sys2008-07-30 22:23 . 2008-07-30 22:23 0 --ah----- C:\WINDOWS\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf2008-07-30 22:23 . 2008-07-30 22:23 0 --ah----- C:\WINDOWS\system32\drivers\Msft_Kernel_ccdcmb_01005.Wdf2008-07-30 21:53 . 2008-07-30 21:53 <DIR> d-------- C:\Program Files\Common Files\PCSuite2008-07-30 21:53 . 2008-07-30 21:53 <DIR> d-------- C:\Program Files\Common Files\Nokia2008-07-30 20:33 . 2008-07-30 20:33 <DIR> d-------- C:\Documents and Settings\All Users\Dane aplikacji\Nokia2008-07-30 20:32 . 2008-07-30 20:32 <DIR> d-------- C:\Program Files\MSXML 6.02008-07-30 20:32 . 2008-02-01 16:17 138,112 --a------ C:\WINDOWS\system32\drivers\nmwcdnsu.sys2008-07-30 20:32 . 2008-02-01 16:17 8,320 --a------ C:\WINDOWS\system32\drivers\nmwcdnsuc.sys2008-07-30 19:14 . 2008-07-30 19:14 <DIR> d-------- C:\Program Files\PC Connectivity Solution2008-07-30 19:14 . 2008-05-20 10:32 831,048 --a------ C:\WINDOWS\system32\WudfUpdate_01005.dll2008-07-30 19:14 . 2007-09-17 15:53 21,632 --a------ C:\WINDOWS\system32\drivers\pccsmcfd.sys2008-07-30 19:13 . 2008-05-07 07:39 1,419,232 --a------ C:\WINDOWS\system32\wdfcoinstaller01005.dll2008-07-30 19:13 . 2008-05-07 07:38 659,968 --a------ C:\WINDOWS\system32\nmwcdcocls.dll2008-07-30 19:13 . 2008-05-07 07:38 20,864 --a------ C:\WINDOWS\system32\drivers\ccdcmbo.sys2008-07-30 19:13 . 2008-05-07 07:38 17,536 --a------ C:\WINDOWS\system32\drivers\ccdcmb.sys2008-07-30 19:13 . 2008-05-07 07:38 8,064 --a------ C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys2008-07-30 19:13 . 2008-06-06 09:24 8,064 --a------ C:\WINDOWS\system32\drivers\usbser_lowerflt.sys2008-07-30 17:48 . 2008-07-31 09:25 <DIR> d--hs---- C:\Documents and Settings\adas\Phone Browser2008-07-30 17:44 . 2008-07-30 17:46 <DIR> d-------- C:\Documents and Settings\All Users\Dane aplikacji\PC Suite2008-07-30 17:44 . 2008-07-30 20:37 <DIR> d-------- C:\Documents and Settings\adas\Dane aplikacji\Nokia2008-07-30 17:43 . 2008-07-30 17:44 <DIR> d-------- C:\Program Files\DIFX2008-07-30 17:43 . 2008-07-31 09:25 <DIR> d-------- C:\Documents and Settings\adas\Dane aplikacji\PC Suite2008-07-30 17:42 . 2008-07-30 22:24 <DIR> d-------- C:\Program Files\Nokia2008-07-30 17:42 . 2008-05-07 07:38 90,624 --a------ C:\WINDOWS\system32\nmwcdcls.dll2008-07-30 17:41 . 2008-07-30 22:25 <DIR> d-------- C:\Documents and Settings\All Users\Dane aplikacji\Installations2008-07-29 20:10 . 2008-07-29 20:11 <DIR> d-------- C:\Documents and Settings\All Users\Dane aplikacji\Bluetooth2008-07-29 20:07 . 2008-07-29 20:07 <DIR> d-------- C:\Program Files\IVT Corporation2008-07-28 16:39 . 2008-07-28 16:39 <DIR> d-------- C:\WINDOWS\Sun2008-07-24 12:00 . 2008-07-24 12:00 <DIR> d-------- C:\Program Files\vso2008-07-24 07:16 . 2008-07-24 07:16 <DIR> d-------- C:\Documents and Settings\adas\Dane aplikacji\Nero2008-07-23 22:08 . 2008-07-23 22:08 <DIR> d-------- C:\Program Files\WinAVI MP4 Converter2008-07-22 22:49 . 2008-07-22 22:49 <DIR> d-------- C:\Nokia2008-07-22 22:49 . 2008-07-22 22:49 <DIR> d-------- C:\Documents and Settings\adas\.Nokia2008-07-22 20:39 . 2008-07-31 20:08 <DIR> d-------- C:\Documents and Settings\All Users\Dane aplikacji\NCH Swift Sound2008-07-22 20:38 . 2008-08-01 23:10 <DIR> d-------- C:\Program Files\NCH Swift Sound2008-07-22 20:38 . 2008-08-01 23:10 <DIR> d-------- C:\Documents and Settings\adas\Dane aplikacji\NCH Swift Sound2008-07-22 20:37 . 2008-07-22 20:39 <DIR> d-------- C:\Documents and Settings\All Users\Dane aplikacji\NCH Software2008-07-22 20:37 . 2008-07-22 20:37 <DIR> d-------- C:\Documents and Settings\adas\Dane aplikacji\NCH Software2008-07-22 20:36 . 2008-07-22 20:59 <DIR> d-------- C:\Program Files\NCH Software2008-07-22 20:09 . 2008-07-22 22:49 <DIR> d--h----- C:\Program Files\Zero G Registry2008-07-22 20:09 . 2008-07-22 20:09 <DIR> d--h----- C:\Documents and Settings\adas\InstallAnywhere2008-07-19 22:11 . 2008-07-19 22:11 <DIR> d--h----- C:\WINDOWS\system32\GroupPolicy2008-07-14 20:00 . 2008-04-13 22:09 5,504 --a------ C:\WINDOWS\system32\drivers\MSTEE.sys2008-07-11 22:20 . 2008-07-26 07:32 <DIR> d-------- C:\WINDOWS\system32\oodag2008-07-10 18:00 . 2008-07-30 19:15 <DIR> d-------- C:\WINDOWS\system32\LogFiles2008-07-07 19:57 . 2008-07-07 19:57 <DIR> d-------- C:\Documents and Settings\All Users\Dane aplikacji\GRETECH2008-07-07 19:57 . 2008-07-07 19:57 <DIR> d-------- C:\Documents and Settings\adas\Dane aplikacji\GRETECH2008-07-07 19:56 . 2008-07-07 19:56 <DIR> d-------- C:\Documents and Settings\adas\Dane aplikacji\Media Player Classic2008-07-07 19:56 . 2008-08-04 17:02 69 --a------ C:\WINDOWS\NeroDigital.ini2008-07-06 23:26 . 2008-07-06 23:26 <DIR> d-------- C:\Documents and Settings\adas\Dane aplikacji\Gadu-Gadu2008-07-06 20:09 . 2008-08-04 23:07 <DIR> d-------- C:\Documents and Settings\adas\Dane aplikacji\CyberLink2008-07-06 20:05 . 2008-07-06 20:05 <DIR> d-------- C:\Documents and Settings\adas\Dane aplikacji\FastStone2008-07-06 20:05 . 2008-07-06 20:05 169 --a------ C:\WINDOWS\RtlRack.ini2008-07-06 19:15 . 2008-07-06 19:15 <DIR> d-------- C:\Documents and Settings\adas\Dane aplikacji\Thunderbird2008-07-06 19:06 . 2008-07-28 20:40 <DIR> d-------- C:\Documents and Settings\adas\Dane aplikacji\Winamp2008-07-06 18:54 . 2008-07-28 16:31 <DIR> d-------- C:\My Downloads2008-07-06 18:53 . 2008-08-02 15:25 <DIR> d-------- C:\Program Files\BearShare2008-07-06 18:47 . 2008-07-06 18:48 <DIR> d-------- C:\Documents and Settings\adas\Gadu-Gadu2008-07-06 18:30 . 2008-08-02 15:04 <DIR> d-------- C:\Program Files\ESET2008-07-06 15:24 . 2008-07-06 15:24 <DIR> d-------- C:\Documents and Settings\adas\Dane aplikacji\Talkback2008-07-06 15:24 . 2008-07-06 15:24 0 --a------ C:\WINDOWS\nsreg.dat2008-07-06 13:08 . 2008-07-06 13:08 <DIR> d-------- C:\WINDOWS\Options2008-07-06 13:08 . 2005-08-01 07:55 64,512 --------- C:\WINDOWS\system32\agrsmdel.exe2008-07-06 13:00 . 2008-07-06 13:00 <DIR> d-------- C:\Program Files\Realtek Sound Manager2008-07-06 13:00 . 2008-08-01 12:35 <DIR> d-------- C:\Program Files\Common Files\InstallShield2008-07-06 13:00 . 2008-07-06 13:00 <DIR> d-------- C:\Program Files\AvRack2008-07-06 13:00 . 2005-08-01 07:54 16,166,912 --a------ C:\WINDOWS\system32\ALSNDMGR.CPL2008-07-06 13:00 . 2005-08-01 07:55 9,324,032 --a------ C:\WINDOWS\system32\RTLCPL.EXE2008-07-06 13:00 . 2005-08-01 07:54 2,300,928 --a------ C:\WINDOWS\system32\drivers\ALCXWDM.SYS2008-07-06 13:00 . 2005-08-01 07:54 208,896 --------- C:\WINDOWS\alcupd.exe2008-07-06 13:00 . 2005-08-01 07:54 156,672 --a------ C:\WINDOWS\system32\RTLCPAPI.dll2008-07-06 13:00 . 2005-08-01 07:54 141,016 --a------ C:\WINDOWS\system32\ALSNDMGR.WAV2008-07-06 13:00 . 2005-08-01 07:54 139,264 --------- C:\WINDOWS\alcrmv.exe2008-07-06 13:00 . 2005-08-01 07:55 77,824 --a------ C:\WINDOWS\SOUNDMAN.EXE2008-07-06 13:00 . 2005-08-01 07:54 40,960 --------- C:\WINDOWS\system32\ChCfg.exe2008-07-06 13:00 . 2005-08-01 07:55 744 --------- C:\WINDOWS\system32\drivers\alcxinit.dat.(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))).2008-08-05 17:24 --------- d-----w C:\Program Files\Mozilla Thunderbird2008-08-05 16:51 --------- d-----w C:\Documents and Settings\adas\Dane aplikacji\Skype2008-08-04 22:06 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\CyberLink2008-08-04 22:05 --------- d--h--w C:\Program Files\InstallShield Installation Information2008-08-04 22:05 --------- d-----w C:\Program Files\CyberLink2008-08-02 06:48 --------- d-----w C:\Program Files\MozBackup2008-08-02 06:48 --------- d-----w C:\Program Files\Foxit Reader2008-08-02 06:48 --------- d-----w C:\Program Files\Drive Space Indicator2008-08-02 06:48 --------- d-----w C:\Documents and Settings\adas\Dane aplikacji\uTorrent2008-08-01 17:30 --------- d-----w C:\Program Files\Odkurzacz2008-07-26 20:46 --------- d-----w C:\Program Files\Tlen.pl2008-07-26 20:46 --------- d-----w C:\Documents and Settings\adas\Dane aplikacji\Tlen.pl2008-07-06 11:44 --------- d-----w C:\Program Files\UltraISO2008-07-06 11:44 --------- d-----w C:\Program Files\Common Files\EZB Systems2008-07-06 11:44 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\TEMP2008-07-06 11:44 --------- d-----w C:\Documents and Settings\adas\Dane aplikacji\URSoft2008-07-06 11:43 --------- d-----w C:\Program Files\SubEdit-Player2008-07-06 11:43 --------- d-----w C:\Program Files\OO Software2008-07-06 11:42 --------- d-----w C:\Program Files\Sun xVM VirtualBox2008-07-06 11:42 --------- d-----w C:\Program Files\Skype2008-07-06 11:42 --------- d-----w C:\Program Files\QT Lite2008-07-06 11:42 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\Skype2008-07-06 11:42 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\Apple Computer2008-07-06 11:41 --------- d-----w C:\Program Files\K-Lite Codec Pack2008-07-06 11:41 --------- d-----w C:\Program Files\Java2008-07-06 11:40 --------- d-----w C:\Program Files\Driver Magician2008-07-06 11:40 --------- d-----w C:\Program Files\Common Files\Java2008-07-06 11:37 --------- d-----w C:\Program Files\Opera2008-07-06 11:34 --------- d-----w C:\Program Files\Nero2008-07-06 11:34 --------- d-----w C:\Program Files\Common Files\Nero2008-07-06 11:34 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\Nero2008-07-06 11:33 --------- d-----w C:\Program Files\GRETECH2008-07-06 11:33 --------- d-----w C:\Program Files\Gadu-Gadu2008-07-06 11:28 --------- d-----w C:\Program Files\Reference Assemblies2008-07-06 11:28 --------- d-----w C:\Program Files\MSBuild2008-07-06 11:23 --------- d-----w C:\Program Files\Winamp2008-07-06 11:22 --------- d-----w C:\Program Files\Microsoft Silverlight2008-07-06 11:18 --------- d-----w C:\Program Files\uTorrent2008-07-06 11:17 --------- d-----w C:\Program Files\Windows Sidebar2008-07-06 11:17 --------- d-----w C:\Program Files\nLite2008-07-06 11:17 --------- d-----w C:\Documents and Settings\adas\Dane aplikacji\Xentient2008-07-06 11:15 --------- d-----w C:\Program Files\Utilities2008-07-06 11:15 --------- d-----w C:\Program Files\Lavalys2008-07-06 11:14 --------- d-----w C:\Program Files\Unlocker2008-07-06 11:14 --------- d-----w C:\Program Files\TaskSwitchXP2008-07-06 11:14 --------- d-----w C:\Program Files\Attribute Changer2008-07-06 11:14 --------- d-----w C:\Program Files\AddOnInstaller2008-07-06 11:13 --------- d-----w C:\Program Files\Windows Media Connect 22008-05-17 12:50 3,127 ----a-w C:\WINDOWS\system32\presetup.cmd2008-05-17 12:50 28,672 ----a-w C:\WINDOWS\system32\setupold.exe2008-05-17 12:46 955,392 ----a-w C:\WINDOWS\system32\wsecedit.dll2008-05-17 12:46 9,753,600 ----a-w C:\WINDOWS\system32\wmploc.dll2008-05-17 12:46 34,304 ----a-w C:\WINDOWS\system32\wpabaln.exe2008-05-17 12:46 32,256 ----a-w C:\WINDOWS\system32\wupdmgr.exe2008-05-17 12:46 299,008 ----a-w C:\WINDOWS\system32\wuauclt1.exe2008-05-17 12:46 208,896 ----a-w C:\WINDOWS\system32\wscript.exe2008-05-17 12:46 2,600,448 ----a-w C:\WINDOWS\system32\wpdshext.dll2008-05-17 12:46 184,320 ----a-w C:\WINDOWS\system32\wuaueng1.dll2008-05-17 12:45 358,912 ----a-w C:\WINDOWS\winhlp32.exe2008-05-17 12:45 3,647,488 ----a-w C:\WINDOWS\system32\wiadefui.dll2008-05-17 12:45 2,444,800 ----a-w C:\WINDOWS\system32\winbrand.dll2008-05-17 12:45 1,539,072 ----a-w C:\WINDOWS\system32\wextract.exe2008-05-17 12:45 1,538,560 ----a-w C:\WINDOWS\system32\wiaacmgr.exe2008-05-17 12:45 1,409,536 ----a-w C:\WINDOWS\system32\wiashext.dll2008-05-17 12:44 630,784 ----a-w C:\WINDOWS\system32\sysocmgr.exe2008-05-17 12:44 51,712 ----a-w C:\WINDOWS\system32\utilman.exe2008-05-17 12:44 487,424 ----a-w C:\WINDOWS\system32\user32.dll2008-05-17 12:44 450,560 ----a-w C:\WINDOWS\system32\themeui.dll2008-05-17 12:44 261,120 ----a-w C:\WINDOWS\system32\upnpui.dll2008-05-17 12:44 256,512 ----a-w C:\WINDOWS\system32\tapiui.dll2008-05-17 12:44 202,240 ----a-w C:\WINDOWS\system32\tcpmonui.dll2008-05-17 12:44 187,392 ----a-w C:\WINDOWS\system32\taskmgr.exe2008-05-17 12:44 126,976 ----a-w C:\WINDOWS\system32\verifier.exe2008-05-17 12:42 997,888 ----a-w C:\WINDOWS\system32\shdoclc.dll2008-05-17 12:42 2,589,184 ----a-w C:\WINDOWS\system32\setupapi.dll2008-05-17 12:42 171,008 ----a-w C:\WINDOWS\system32\sfc_os.dll2008-05-17 12:42 111,104 ----a-w C:\WINDOWS\system32\servdeps.dll2008-05-17 12:40 70,144 ----a-w C:\WINDOWS\system32\notepad.exe2008-05-17 12:40 70,144 ----a-w C:\WINDOWS\NOTEPAD.EXE2008-05-17 12:40 45,056 ----a-w C:\WINDOWS\system32\odbcad32.exe2008-05-17 12:40 217,088 ----a-w C:\WINDOWS\system32\odbcint.dll2008-05-17 12:40 2,356,736 ----a-w C:\WINDOWS\system32\netshell.dll2008-05-17 12:40 2,190,208 ----a-w C:\WINDOWS\system32\ntoskrnl.exe2008-05-17 12:40 2,072,576 ----a-w C:\WINDOWS\system32\netplwiz.dll2008-05-17 12:40 151,552 ----a-w C:\WINDOWS\system32\ntshrui.dll2008-05-17 12:40 138,752 ----a-w C:\WINDOWS\system32\netid.dll2008-05-17 12:40 113,664 ----a-w C:\WINDOWS\system32\ntlanui2.dll2008-05-17 12:40 103,936 ----a-w C:\WINDOWS\system32\nslookup.exe2008-05-17 12:40 1,966,592 ----a-w C:\WINDOWS\system32\ntbackup.exe2008-05-17 12:40 1,295,360 ----a-w C:\WINDOWS\system32\newdev.dll2008-05-17 12:38 855,552 ----a-w C:\WINDOWS\system32\mobsync.exe2008-05-17 12:38 85,504 ----a-w C:\WINDOWS\system32\mmcshext.dll2008-05-17 12:38 75,264 ----a-w C:\WINDOWS\system32\magnify.exe2008-05-17 12:38 393,728 ----a-w C:\WINDOWS\system32\keymgr.dll2008-05-17 12:38 220,672 ----a-w C:\WINDOWS\system32\moricons.dll2008-05-17 12:38 203,264 ----a-w C:\WINDOWS\system32\mdminst.dll2008-05-17 12:38 201,728 ----a-w C:\WINDOWS\system32\msconfig.exe2008-05-17 12:38 2,628,608 ----a-w C:\WINDOWS\system32\logonui.exe2008-05-17 12:38 2,060,800 ----a-w C:\WINDOWS\system32\mmcndmgr.dll2008-05-17 12:38 156,672 ----a-w C:\WINDOWS\system32\modemui.dll.------- Sigcheck -------2008-05-17 13:44 487424 5f1ccdf37f28a88d0473b0c9ea1e0d58 C:\WINDOWS\system32\user32.dll2008-05-16 15:43 361344 accf5a9a1ffaa490f33dba1c632b95e1 C:\WINDOWS\system32\drivers\tcpip.sys2008-05-17 13:40 2190208 5fb59f2506787a7e036b7c2eff1cce24 C:\WINDOWS\system32\ntoskrnl.exe2008-05-17 13:36 1503232 67eacb65fbb0997dd3be8e4f1a5fe069 C:\WINDOWS\explorer.exe2008-05-17 13:35 40448 0277e1a3e8b337555a45943808451981 C:\WINDOWS\system32\ctfmon.exe.((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))..*Note* empty entries & legit default entries are not shown REGEDIT4[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2008-05-17 13:35 40448]"Komunikator"="C:\Program Files\Tlen.pl\tlen.exe" [2008-01-15 16:09 6290944][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"Monitor"="C:\WINDOWS\PixArt\PAC207\Monitor.exe" [2006-11-03 11:01 319488]"nod32kui"="C:\Program Files\Eset\nod32kui.exe" [2008-08-02 10:44 949376]"UCam_Menu"="C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" [2007-12-24 15:55 222504]"SoundMan"="SOUNDMAN.EXE" [2005-08-01 07:55 77824 C:\WINDOWS\SOUNDMAN.EXE]"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 21:51 110592 C:\WINDOWS\system32\bthprops.cpl][HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]"TaskSwitchXP"="C:\Program Files\TaskSwitchXP\TaskSwitchXP.exe" [2006-08-04 14:59 62976]"VisualTaskTips"="C:\Program Files\Utilities\VisualTaskTips\VisualTaskTips.exe" [2007-09-05 11:20 36352]"Skype"="C:\Program Files\Skype\Phone\Skype.exe" [2008-04-23 17:51 22059816]"Komunikator"="C:\Program Files\Tlen.pl\tlen.exe" [2008-01-15 16:09 6290944]"Nokia.PCSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-03-27 15:58 1744896][HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]"nltide_2"="shell32" [X]C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Wireless LAN USB Dongle.lnk - C:\Program Files\Wireless LAN USB Dongle\ZDWlan.exe [2005-11-01 17:36:44 483328][HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]"SynchronousMachineGroupPolicy"= 0 (0x0)"SynchronousUserGroupPolicy"= 0 (0x0)[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]"NoSMHelp"= 1 (0x1)"NoSMConfigurePrograms"= 1 (0x1)"NoInstrumentation"= 1 (0x1)"NoStartMenuMFUprogramsList"= 1 (0x1)"NoResolveTrack"= 1 (0x1)"NoResolveSearch"= 1 (0x1)"ForceClassicControlPanel"= 1 (0x1)[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]"NoSMHelp"= 1 (0x1)"NoSMConfigurePrograms"= 1 (0x1)"NoInstrumentation"= 1 (0x1)"NoStartMenuMFUprogramsList"= 1 (0x1)"NoResolveTrack"= 1 (0x1)"NoResolveSearch"= 1 (0x1)[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]"msacm.divxa32"= msaud32_divx.acm"VIDC.YV12"= yv12vfw.dll[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Komunikator]--a------ 2008-01-15 16:09 6290944 C:\Program Files\Tlen.pl\tlen.exe[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCSuiteTrayApplication]--a------ 2007-03-23 13:20 227328 C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]-ra------ 2008-04-23 17:51 22059816 C:\Program Files\Skype\Phone\Skype.exe[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TaskSwitchXP]--a------ 2006-08-04 14:59 62976 C:\Program Files\TaskSwitchXP\TaskSwitchXP.exe[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VisualTaskTips]--a------ 2007-09-05 11:20 36352 C:\Program Files\Utilities\VisualTaskTips\VisualTaskTips.exe[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AGRSMMSG]--a------ 2005-08-01 07:55 88363 C:\WINDOWS\AGRSMMSG.exe[HKEY_LOCAL_MACHINE\software\microsoft\security center]"AntiVirusDisableNotify"=dword:00000001"UpdatesDisableNotify"=dword:00000001[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]"EnableFirewall"= 0 (0x0)"DisableUnicastResponsesToMulticastBroadcast"= 0 (0x0)[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\system32\\sessmgr.exe"="C:\\Program Files\\uTorrent\\uTorrent.exe"="C:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe"=R1 VBoxDrv;VirtualBox Service;C:\WINDOWS\system32\DRIVERS\VBoxDrv.sys [2008-04-30 22:12]R1 VBoxUSBMon;VirtualBox USB Monitor Driver;C:\WINDOWS\system32\DRIVERS\VBoxUSBMon.sys [2008-04-30 22:12]R2 {95808DC4-FA4A-4C74-92FE-5B863F82066B};{95808DC4-FA4A-4C74-92FE-5B863F82066B};C:\Program Files\CyberLink\PowerDVD\[u]0[/u]00.fcl [2007-11-03 00:12]R2 BroadCamService;BroadCam Service;C:\Program Files\NCH Software\BroadCam\broadCam.exe [2008-07-22 20:37]R3 ZD1211BU(ZyDAS);ZyDAS ZD1211B IEEE 802.11 b+g Wireless LAN Driver (USB)(ZyDAS);C:\WINDOWS\system32\DRIVERS\zd1211Bu.sys [2005-08-17 14:43]S3 EverestDriver;Lavalys EVEREST Kernel Driver;C:\Program Files\Lavalys\EVEREST Ultimate Edition\kerneld.wnt [2008-03-17 00:00]S3 klim5;Kaspersky Anti-Virus NDIS Filter;C:\WINDOWS\system32\DRIVERS\klim5.sys []S3 nmwcdnsu;Nokia USB Flashing Phone Parent;C:\WINDOWS\system32\drivers\nmwcdnsu.sys [2008-02-01 16:17]S3 nmwcdnsuc;Nokia USB Flashing Generic;C:\WINDOWS\system32\drivers\nmwcdnsuc.sys [2008-02-01 16:17]S3 PAC207;PC Camer@;C:\WINDOWS\system32\DRIVERS\PFC027.SYS [2006-11-20 08:48]S3 PRODIGY;PRODIGY;C:\WINDOWS\system32\Drivers\PRODIGY.SYS [2006-08-29 15:56]S3 SISNICXP;SiS PCI Fast Ethernet Adapter Driver for NDIS51;C:\WINDOWS\system32\DRIVERS\sisnicxp.sys [2006-02-14 15:02]*Newly Created Service* - HELPSVC.- - - - ORPHANS REMOVED - - - -MSConfigStartUp-s9201 - C:\Documents and Settings\All Users\Dane aplikacji\Secure Solutions\Antispyware 2008 XP\as2008xp.exeMSConfigStartUp-SpySweeper - C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exeMSConfigStartUp-WinampAgent - C:\Program Files\Winamp\winampa.exe.------- Supplementary Scan -------.FireFox -: Profile - C:\Documents and Settings\adas\Dane aplikacji\Mozilla\Firefox\Profiles\auriekw1.default\FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp://www.wp.pl/**************************************************************************catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.netRootkit scan 2008-08-05 18:48:00Windows 5.1.2600 Dodatek Service Pack 3 NTFSscanning hidden processes ... scanning hidden autostart entries ...scanning hidden files ... scan completed successfullyhidden files: 0**************************************************************************[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\EverestDriver]"ImagePath"="\??\C:\Program Files\Lavalys\EVEREST Ultimate Edition\kerneld.wnt"[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\{95808DC4-FA4A-4C74-92FE-5B863F82066B}]"ImagePath"="\??\C:\Program Files\CyberLink\PowerDVD\[u]0[/u]00.fcl".------------------------ Other Running Processes ------------------------.C:\Program Files\Lavasoft\Ad-Aware\aawservice.exeC:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exeC:\Program Files\ESET\nod32krn.exeC:\WINDOWS\system32\oodag.exeC:\WINDOWS\system32\rundll32.exe.**************************************************************************.Completion time: 2008-08-05 18:51:04 - machine was rebooted [adas]ComboFix-quarantined-files.txt 2008-08-05 17:50:45Pre-Run: 22,032,150,528 bajtów wolnychPost-Run: 21,980,422,144 bajt˘w wolnych391 log.txt log.txt
Mateusz J. komentarz 5 sierpnia 2008 komentarz 5 sierpnia 2008 C:\!KillBox Kwarantanna usuniętych plików przez program KillBox, usuń folder ręcznie. Ogólnie czysto.
adames72 komentarz 6 sierpnia 2008 Autor komentarz 6 sierpnia 2008 usunelem to recznie...dzieki ..ale wiessz co potych wszystkoch zabiegach ..czyszczenia tego swinstwa...nie moge nic sciagac...zaczyna sciagac i zachwile sie wiesza i nic nie idzi,,a bylo ok.mam router d-linka.....tam porty czyste..ale nie wiem jak w kompie...nie umiem sprawdzic
Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!
Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.