x-kom hosting

log

adames72
utworzono
utworzono
Logfile of Trend Micro HijackThis v2.0.2Scan saved at 12:05:22, on 2008-08-04Platform: Windows XP Dodatek SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.16640)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\Program Files\Lavasoft\Ad-Aware\aawservice.exeC:\WINDOWS\system32\spoolsv.exeC:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exeC:\Program Files\NCH Software\BroadCam\broadCam.exeC:\Program Files\Eset\nod32krn.exeC:\WINDOWS\system32\oodag.exeC:\WINDOWS\system32\svchost.exeC:\Program Files\Webroot\Spy Sweeper\SpySweeper.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\SOUNDMAN.EXEC:\WINDOWS\system32\rundll32.exeC:\WINDOWS\PixArt\PAC207\Monitor.exeC:\Program Files\Eset\nod32kui.exeC:\WINDOWS\system32\ctfmon.exeC:\Program Files\Wireless LAN USB Dongle\ZDWlan.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Gadu-Gadu\gg.exeC:\Program Files\Winamp\winamp.exeC:\Program Files\Skype\Phone\Skype.exeC:\Program Files\Mozilla Firefox\firefox.exeC:\Program Files\Trend Micro\HijackThis\HijackThis.exeR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=74005R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = ŁączaO4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXEO4 - HKLM\..\Run: [bluetoothAuthenticationAgent] "rundll32.exe" bthprops.cpl,,BluetoothAuthenticationAgentO4 - HKLM\..\Run: [Monitor] C:\WINDOWS\PixArt\PAC207\Monitor.exeO4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe"O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICEO4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exeO4 - HKUS\S-1-5-20\..\Run: [TaskSwitchXP] C:\Program Files\TaskSwitchXP\TaskSwitchXP.exe (User 'USŁUGA SIECIOWA')O4 - HKUS\S-1-5-20\..\Run: [VisualTaskTips] C:\Program Files\Utilities\VisualTaskTips\VisualTaskTips.exe (User 'USŁUGA SIECIOWA')O4 - HKUS\S-1-5-20\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized (User 'USŁUGA SIECIOWA')O4 - HKUS\S-1-5-20\..\Run: [Komunikator] C:\Program Files\Tlen.pl\tlen.exe (User 'USŁUGA SIECIOWA')O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'USŁUGA SIECIOWA')O4 - HKUS\S-1-5-18\..\Run: [TaskSwitchXP] C:\Program Files\TaskSwitchXP\TaskSwitchXP.exe (User 'SYSTEM')O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM')O4 - HKUS\.DEFAULT\..\Run: [TaskSwitchXP] C:\Program Files\TaskSwitchXP\TaskSwitchXP.exe (User 'Default user')O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')O4 - Global Startup: Wireless LAN USB Dongle.lnk = C:\Program Files\Wireless LAN USB Dongle\ZDWlan.exeO9 - Extra button: Statystyki dla ochrony WWW - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\SCIEPlgn.dll (file missing)O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dllO9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exeO9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exeO20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dllO23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exeO23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exeO23 - Service: BroadCam Service (BroadCamService) - Unknown owner - C:\Program Files\NCH Software\BroadCam\broadCam.exeO23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exeO23 - Service: NOD32 Kernel Service (NOD32krn) - Eset  - C:\Program Files\Eset\nod32krn.exeO23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exeO23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exeO23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe--End of file - 4810 bytes

//logi wstawiamy w tagi code

//vocativus

Mateusz J.
komentarz
komentarz

Jaki powód sprawdzania logów?

Masz 2 antywirusa na komputerze, odinstaluj jednego.

adames72
komentarz
komentarz

zebym jeszcze wiedzial jakie dwa i jak je odinstalowac...powod loga ......sciągnąłem trojana 2 dni mialem co 3 minuty taki syf alert w kompie ...nie znam sie ale jakoś wywalilem to

Mateusz J.
komentarz
komentarz

Pokaż log z CobmoFix.

Masz NOD32 i Kaspersky, ale wygląda jakbyś już próbował wywalić ręcznie z dysku Kasperskiego.

adames72
komentarz
komentarz

dla mnie to czarna magia ale prosze combofix log:

ComboFix 08-08-04.07 - adas 2008-08-05 18:44:19.1 - NTFSx86Microsoft Windows XP Professional  5.1.2600.3.1250.1.1045.18.114 [GMT 1:00]Running from: C:\Documents and Settings\adas\Pulpit\ComboFix.exe * Created a new restore point * Resident AV is active[b]WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !![/b].(((((((((((((((((((((((((((((((((((((((   Other Deletions   ))))))))))))))))))))))))))))))))))))))))))))))))).C:\Documents and Settings\All Users\Dane aplikacji\Secure SolutionsC:\Documents and Settings\All Users\Dane aplikacji\Secure Solutions\Antispyware 2008 XP\as2008xp.exeC:\Documents and Settings\All Users\Dane aplikacji\Secure Solutions\Antispyware 2008 XP\LOG\20080801132512312.logC:\Documents and Settings\All Users\Dane aplikacji\Secure Solutions\Antispyware 2008 XP\LOG\20080801172833671.logC:\Documents and Settings\All Users\Dane aplikacji\Secure Solutions\Antispyware 2008 XP\LOG\20080801173602984.logC:\Documents and Settings\All Users\Dane aplikacji\Secure Solutions\Antispyware 2008 XP\LOG\20080801230605328.logC:\Documents and Settings\All Users\Dane aplikacji\Secure Solutions\Antispyware 2008 XP\LOG\20080801232333062.logC:\Documents and Settings\All Users\Dane aplikacji\Secure Solutions\Antispyware 2008 XP\LOG\20080802005338796.logC:\Documents and Settings\All Users\Dane aplikacji\Secure Solutions\Antispyware 2008 XP\LOG\20080802005754921.logC:\Documents and Settings\All Users\Dane aplikacji\Secure Solutions\Antispyware 2008 XP\LOG\20080802075435953.logC:\Documents and Settings\All Users\Dane aplikacji\Secure Solutions\Antispyware 2008 XP\LOG\20080802084415500.logC:\Documents and Settings\All Users\Dane aplikacji\Secure Solutions\Antispyware 2008 XP\LOG\20080802104325734.logC:\Documents and Settings\All Users\Dane aplikacji\Secure Solutions\Antispyware 2008 XP\LOG\20080802104746312.logC:\Documents and Settings\All Users\Dane aplikacji\Secure Solutions\Antispyware 2008 XP\LOG\20080802105305437.logC:\Documents and Settings\All Users\Dane aplikacji\Secure Solutions\Antispyware 2008 XP\LOG\20080802113717078.logC:\Documents and Settings\All Users\Dane aplikacji\Secure Solutions\Antispyware 2008 XP\LOG\20080802155921203.logC:\Documents and Settings\All Users\Dane aplikacji\Secure Solutions\Antispyware 2008 XP\LOG\20080803150648609.logC:\Documents and Settings\All Users\Dane aplikacji\Secure Solutions\Antispyware 2008 XP\LOG\20080803222924890.logC:\Documents and Settings\All Users\Dane aplikacji\Secure Solutions\Antispyware 2008 XP\LOG\20080803224546781.logC:\Documents and Settings\All Users\Dane aplikacji\Secure Solutions\Antispyware 2008 XP\LOG\20080803230331250.logC:\WINDOWS\system32\btfunc.dllC:\WINDOWS\system32\winivstr.exe.(((((((((((((((((((((((((   Files Created from 2008-07-05 to 2008-08-05  ))))))))))))))))))))))))))))))).2008-08-05 18:47 . 2008-08-05 18:47	<DIR>	d--------	C:\WINDOWS\system32\xircom2008-08-05 18:47 . 2008-08-05 18:47	<DIR>	d--------	C:\WINDOWS\srchasst2008-08-05 18:47 . 2008-08-05 18:47	<DIR>	d--------	C:\WINDOWS\msagent2008-08-05 18:47 . 2008-08-05 18:47	<DIR>	d--------	C:\Program Files\microsoft frontpage2008-08-04 16:23 . 2008-08-04 16:23	<DIR>	d--------	C:\Program Files\Luminositi2008-08-04 11:17 . 2008-08-04 11:17	<DIR>	d--------	C:\Program Files\Trend Micro2008-08-03 22:18 . 2008-08-03 22:18	164	--a------	C:\install.dat2008-08-03 22:15 . 2008-08-03 22:15	<DIR>	d--------	C:\!KillBox2008-08-02 20:31 . 2008-08-02 20:31	<DIR>	d--------	C:\Program Files\Lavasoft2008-08-02 20:31 . 2008-08-02 20:41	<DIR>	d--------	C:\Documents and Settings\All Users\Dane aplikacji\Lavasoft2008-08-02 20:30 . 2008-08-02 20:30	<DIR>	d--------	C:\Program Files\Common Files\Wise Installation Wizard2008-08-02 15:25 . 2008-08-02 15:25	861	--a------	C:\WINDOWS\wininit.ini2008-08-02 15:04 . 2008-08-04 19:23	<DIR>	d--------	C:\Program Files\Spybot - Search & Destroy2008-08-02 15:04 . 2008-08-04 19:23	<DIR>	d--------	C:\Documents and Settings\All Users\Dane aplikacji\Spybot - Search & Destroy2008-08-02 11:42 . 2008-08-02 11:42	<DIR>	d--------	C:\WINDOWS\XDRV2008-08-02 11:42 . 2008-08-02 11:42	<DIR>	d--------	C:\Program Files\Wireless LAN USB Dongle2008-08-02 11:42 . 2008-08-02 11:42	32,768	---------	C:\WINDOWS\system32\MWLPS.dll2008-08-02 10:45 . 2008-08-02 10:44	512,096	--a------	C:\WINDOWS\system32\drivers\amon.sys2008-08-02 10:45 . 2008-08-02 10:44	298,104	--a------	C:\WINDOWS\system32\imon.dll2008-08-02 10:45 . 2008-08-02 10:44	15,424	--a------	C:\WINDOWS\system32\drivers\nod32drv.sys2008-08-01 23:00 . 2008-08-01 23:00	<DIR>	d--------	C:\Documents and Settings\All Users\Dane aplikacji\Kaspersky Lab Setup Files2008-08-01 21:00 . 2008-07-27 22:29	172,295	--a------	C:\WINDOWS\system32\_scui.cpl2008-08-01 16:46 . 2008-08-05 18:30	<DIR>	d--------	C:\Program Files\Panda Security2008-08-01 13:25 . 2008-08-01 13:25	<DIR>	d--------	C:\Documents and Settings\All Users\Dane aplikacji\services2008-08-01 12:36 . 2008-08-01 12:36	<DIR>	d--------	C:\WINDOWS\PixArt2008-08-01 12:36 . 2008-04-14 20:51	91,648	--a------	C:\WINDOWS\system32\kswdmcap.ax2008-08-01 12:36 . 2008-04-14 20:51	61,952	--a------	C:\WINDOWS\system32\kstvtune.ax2008-08-01 12:36 . 2008-04-14 20:50	54,784	--a------	C:\WINDOWS\system32\vfwwdm32.dll2008-08-01 12:36 . 2008-04-14 20:51	43,008	--a------	C:\WINDOWS\system32\ksxbar.ax2008-08-01 12:36 . 2008-04-14 20:51	28,672	--a------	C:\WINDOWS\system32\vidcap.ax2008-08-01 12:35 . 2008-08-01 12:35	<DIR>	d--------	C:\WINDOWS\PAC2072008-08-01 12:35 . 2008-08-01 12:35	<DIR>	d--------	C:\WINDOWS\Downloaded Installations2008-08-01 12:35 . 2008-08-01 12:35	<DIR>	d--------	C:\Program Files\PC Camera2008-08-01 12:35 . 2008-08-01 12:35	<DIR>	d--------	C:\Program Files\Common Files\PXIINST642072008-08-01 12:35 . 2008-08-01 12:35	<DIR>	d--------	C:\Program Files\Common Files\PXIINST2072008-08-01 12:35 . 2008-08-01 12:35	<DIR>	d--------	C:\Program Files\Common Files\PAC2072008-07-31 20:17 . 2008-07-31 20:17	<DIR>	d--------	C:\vcs5core2008-07-31 20:17 . 2008-07-31 20:17	<DIR>	d--------	C:\vcs5BGEffects2008-07-31 20:17 . 2008-07-31 20:17	<DIR>	d--------	C:\AV_LOGS2008-07-31 17:32 . 2008-08-01 08:52	<DIR>	d--------	C:\Documents and Settings\adas\Dane aplikacji\Nokia Multimedia Player2008-07-31 16:21 . 2008-07-31 16:21	<DIR>	d--------	C:\bb5_unlocker2008-07-31 14:28 . 2008-07-31 14:28	<DIR>	d--------	C:\Documents and Settings\adas\Dane aplikacji\CamTrack2008-07-31 14:27 . 2007-02-28 13:00	108,752	--a------	C:\WINDOWS\system32\drivers\dptrackerd.sys2008-07-31 10:04 . 2008-07-31 10:04	<DIR>	d--------	C:\Program Files\XLView2008-07-31 08:38 . 2008-07-31 08:38	<DIR>	d--------	C:\Program Files\NSS2008-07-31 08:38 . 2006-08-29 15:56	32,377	--a------	C:\WINDOWS\system32\drivers\prodigy.sys2008-07-30 22:26 . 2008-07-30 22:26	<DIR>	dr-------	C:\Documents and Settings\LocalService\Moje dokumenty2008-07-30 22:26 . 2008-07-30 22:26	<DIR>	d--------	C:\Bluetooth2008-07-30 22:24 . 2008-04-13 22:15	26,112	--a------	C:\WINDOWS\system32\drivers\usbser.sys2008-07-30 22:23 . 2008-07-30 22:23	0	--ah-----	C:\WINDOWS\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf2008-07-30 22:23 . 2008-07-30 22:23	0	--ah-----	C:\WINDOWS\system32\drivers\Msft_Kernel_ccdcmb_01005.Wdf2008-07-30 21:53 . 2008-07-30 21:53	<DIR>	d--------	C:\Program Files\Common Files\PCSuite2008-07-30 21:53 . 2008-07-30 21:53	<DIR>	d--------	C:\Program Files\Common Files\Nokia2008-07-30 20:33 . 2008-07-30 20:33	<DIR>	d--------	C:\Documents and Settings\All Users\Dane aplikacji\Nokia2008-07-30 20:32 . 2008-07-30 20:32	<DIR>	d--------	C:\Program Files\MSXML 6.02008-07-30 20:32 . 2008-02-01 16:17	138,112	--a------	C:\WINDOWS\system32\drivers\nmwcdnsu.sys2008-07-30 20:32 . 2008-02-01 16:17	8,320	--a------	C:\WINDOWS\system32\drivers\nmwcdnsuc.sys2008-07-30 19:14 . 2008-07-30 19:14	<DIR>	d--------	C:\Program Files\PC Connectivity Solution2008-07-30 19:14 . 2008-05-20 10:32	831,048	--a------	C:\WINDOWS\system32\WudfUpdate_01005.dll2008-07-30 19:14 . 2007-09-17 15:53	21,632	--a------	C:\WINDOWS\system32\drivers\pccsmcfd.sys2008-07-30 19:13 . 2008-05-07 07:39	1,419,232	--a------	C:\WINDOWS\system32\wdfcoinstaller01005.dll2008-07-30 19:13 . 2008-05-07 07:38	659,968	--a------	C:\WINDOWS\system32\nmwcdcocls.dll2008-07-30 19:13 . 2008-05-07 07:38	20,864	--a------	C:\WINDOWS\system32\drivers\ccdcmbo.sys2008-07-30 19:13 . 2008-05-07 07:38	17,536	--a------	C:\WINDOWS\system32\drivers\ccdcmb.sys2008-07-30 19:13 . 2008-05-07 07:38	8,064	--a------	C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys2008-07-30 19:13 . 2008-06-06 09:24	8,064	--a------	C:\WINDOWS\system32\drivers\usbser_lowerflt.sys2008-07-30 17:48 . 2008-07-31 09:25	<DIR>	d--hs----	C:\Documents and Settings\adas\Phone Browser2008-07-30 17:44 . 2008-07-30 17:46	<DIR>	d--------	C:\Documents and Settings\All Users\Dane aplikacji\PC Suite2008-07-30 17:44 . 2008-07-30 20:37	<DIR>	d--------	C:\Documents and Settings\adas\Dane aplikacji\Nokia2008-07-30 17:43 . 2008-07-30 17:44	<DIR>	d--------	C:\Program Files\DIFX2008-07-30 17:43 . 2008-07-31 09:25	<DIR>	d--------	C:\Documents and Settings\adas\Dane aplikacji\PC Suite2008-07-30 17:42 . 2008-07-30 22:24	<DIR>	d--------	C:\Program Files\Nokia2008-07-30 17:42 . 2008-05-07 07:38	90,624	--a------	C:\WINDOWS\system32\nmwcdcls.dll2008-07-30 17:41 . 2008-07-30 22:25	<DIR>	d--------	C:\Documents and Settings\All Users\Dane aplikacji\Installations2008-07-29 20:10 . 2008-07-29 20:11	<DIR>	d--------	C:\Documents and Settings\All Users\Dane aplikacji\Bluetooth2008-07-29 20:07 . 2008-07-29 20:07	<DIR>	d--------	C:\Program Files\IVT Corporation2008-07-28 16:39 . 2008-07-28 16:39	<DIR>	d--------	C:\WINDOWS\Sun2008-07-24 12:00 . 2008-07-24 12:00	<DIR>	d--------	C:\Program Files\vso2008-07-24 07:16 . 2008-07-24 07:16	<DIR>	d--------	C:\Documents and Settings\adas\Dane aplikacji\Nero2008-07-23 22:08 . 2008-07-23 22:08	<DIR>	d--------	C:\Program Files\WinAVI MP4 Converter2008-07-22 22:49 . 2008-07-22 22:49	<DIR>	d--------	C:\Nokia2008-07-22 22:49 . 2008-07-22 22:49	<DIR>	d--------	C:\Documents and Settings\adas\.Nokia2008-07-22 20:39 . 2008-07-31 20:08	<DIR>	d--------	C:\Documents and Settings\All Users\Dane aplikacji\NCH Swift Sound2008-07-22 20:38 . 2008-08-01 23:10	<DIR>	d--------	C:\Program Files\NCH Swift Sound2008-07-22 20:38 . 2008-08-01 23:10	<DIR>	d--------	C:\Documents and Settings\adas\Dane aplikacji\NCH Swift Sound2008-07-22 20:37 . 2008-07-22 20:39	<DIR>	d--------	C:\Documents and Settings\All Users\Dane aplikacji\NCH Software2008-07-22 20:37 . 2008-07-22 20:37	<DIR>	d--------	C:\Documents and Settings\adas\Dane aplikacji\NCH Software2008-07-22 20:36 . 2008-07-22 20:59	<DIR>	d--------	C:\Program Files\NCH Software2008-07-22 20:09 . 2008-07-22 22:49	<DIR>	d--h-----	C:\Program Files\Zero G Registry2008-07-22 20:09 . 2008-07-22 20:09	<DIR>	d--h-----	C:\Documents and Settings\adas\InstallAnywhere2008-07-19 22:11 . 2008-07-19 22:11	<DIR>	d--h-----	C:\WINDOWS\system32\GroupPolicy2008-07-14 20:00 . 2008-04-13 22:09	5,504	--a------	C:\WINDOWS\system32\drivers\MSTEE.sys2008-07-11 22:20 . 2008-07-26 07:32	<DIR>	d--------	C:\WINDOWS\system32\oodag2008-07-10 18:00 . 2008-07-30 19:15	<DIR>	d--------	C:\WINDOWS\system32\LogFiles2008-07-07 19:57 . 2008-07-07 19:57	<DIR>	d--------	C:\Documents and Settings\All Users\Dane aplikacji\GRETECH2008-07-07 19:57 . 2008-07-07 19:57	<DIR>	d--------	C:\Documents and Settings\adas\Dane aplikacji\GRETECH2008-07-07 19:56 . 2008-07-07 19:56	<DIR>	d--------	C:\Documents and Settings\adas\Dane aplikacji\Media Player Classic2008-07-07 19:56 . 2008-08-04 17:02	69	--a------	C:\WINDOWS\NeroDigital.ini2008-07-06 23:26 . 2008-07-06 23:26	<DIR>	d--------	C:\Documents and Settings\adas\Dane aplikacji\Gadu-Gadu2008-07-06 20:09 . 2008-08-04 23:07	<DIR>	d--------	C:\Documents and Settings\adas\Dane aplikacji\CyberLink2008-07-06 20:05 . 2008-07-06 20:05	<DIR>	d--------	C:\Documents and Settings\adas\Dane aplikacji\FastStone2008-07-06 20:05 . 2008-07-06 20:05	169	--a------	C:\WINDOWS\RtlRack.ini2008-07-06 19:15 . 2008-07-06 19:15	<DIR>	d--------	C:\Documents and Settings\adas\Dane aplikacji\Thunderbird2008-07-06 19:06 . 2008-07-28 20:40	<DIR>	d--------	C:\Documents and Settings\adas\Dane aplikacji\Winamp2008-07-06 18:54 . 2008-07-28 16:31	<DIR>	d--------	C:\My Downloads2008-07-06 18:53 . 2008-08-02 15:25	<DIR>	d--------	C:\Program Files\BearShare2008-07-06 18:47 . 2008-07-06 18:48	<DIR>	d--------	C:\Documents and Settings\adas\Gadu-Gadu2008-07-06 18:30 . 2008-08-02 15:04	<DIR>	d--------	C:\Program Files\ESET2008-07-06 15:24 . 2008-07-06 15:24	<DIR>	d--------	C:\Documents and Settings\adas\Dane aplikacji\Talkback2008-07-06 15:24 . 2008-07-06 15:24	0	--a------	C:\WINDOWS\nsreg.dat2008-07-06 13:08 . 2008-07-06 13:08	<DIR>	d--------	C:\WINDOWS\Options2008-07-06 13:08 . 2005-08-01 07:55	64,512	---------	C:\WINDOWS\system32\agrsmdel.exe2008-07-06 13:00 . 2008-07-06 13:00	<DIR>	d--------	C:\Program Files\Realtek Sound Manager2008-07-06 13:00 . 2008-08-01 12:35	<DIR>	d--------	C:\Program Files\Common Files\InstallShield2008-07-06 13:00 . 2008-07-06 13:00	<DIR>	d--------	C:\Program Files\AvRack2008-07-06 13:00 . 2005-08-01 07:54	16,166,912	--a------	C:\WINDOWS\system32\ALSNDMGR.CPL2008-07-06 13:00 . 2005-08-01 07:55	9,324,032	--a------	C:\WINDOWS\system32\RTLCPL.EXE2008-07-06 13:00 . 2005-08-01 07:54	2,300,928	--a------	C:\WINDOWS\system32\drivers\ALCXWDM.SYS2008-07-06 13:00 . 2005-08-01 07:54	208,896	---------	C:\WINDOWS\alcupd.exe2008-07-06 13:00 . 2005-08-01 07:54	156,672	--a------	C:\WINDOWS\system32\RTLCPAPI.dll2008-07-06 13:00 . 2005-08-01 07:54	141,016	--a------	C:\WINDOWS\system32\ALSNDMGR.WAV2008-07-06 13:00 . 2005-08-01 07:54	139,264	---------	C:\WINDOWS\alcrmv.exe2008-07-06 13:00 . 2005-08-01 07:55	77,824	--a------	C:\WINDOWS\SOUNDMAN.EXE2008-07-06 13:00 . 2005-08-01 07:54	40,960	---------	C:\WINDOWS\system32\ChCfg.exe2008-07-06 13:00 . 2005-08-01 07:55	744	---------	C:\WINDOWS\system32\drivers\alcxinit.dat.((((((((((((((((((((((((((((((((((((((((   Find3M Report   )))))))))))))))))))))))))))))))))))))))))))))))))))).2008-08-05 17:24	---------	d-----w	C:\Program Files\Mozilla Thunderbird2008-08-05 16:51	---------	d-----w	C:\Documents and Settings\adas\Dane aplikacji\Skype2008-08-04 22:06	---------	d-----w	C:\Documents and Settings\All Users\Dane aplikacji\CyberLink2008-08-04 22:05	---------	d--h--w	C:\Program Files\InstallShield Installation Information2008-08-04 22:05	---------	d-----w	C:\Program Files\CyberLink2008-08-02 06:48	---------	d-----w	C:\Program Files\MozBackup2008-08-02 06:48	---------	d-----w	C:\Program Files\Foxit Reader2008-08-02 06:48	---------	d-----w	C:\Program Files\Drive Space Indicator2008-08-02 06:48	---------	d-----w	C:\Documents and Settings\adas\Dane aplikacji\uTorrent2008-08-01 17:30	---------	d-----w	C:\Program Files\Odkurzacz2008-07-26 20:46	---------	d-----w	C:\Program Files\Tlen.pl2008-07-26 20:46	---------	d-----w	C:\Documents and Settings\adas\Dane aplikacji\Tlen.pl2008-07-06 11:44	---------	d-----w	C:\Program Files\UltraISO2008-07-06 11:44	---------	d-----w	C:\Program Files\Common Files\EZB Systems2008-07-06 11:44	---------	d-----w	C:\Documents and Settings\All Users\Dane aplikacji\TEMP2008-07-06 11:44	---------	d-----w	C:\Documents and Settings\adas\Dane aplikacji\URSoft2008-07-06 11:43	---------	d-----w	C:\Program Files\SubEdit-Player2008-07-06 11:43	---------	d-----w	C:\Program Files\OO Software2008-07-06 11:42	---------	d-----w	C:\Program Files\Sun xVM VirtualBox2008-07-06 11:42	---------	d-----w	C:\Program Files\Skype2008-07-06 11:42	---------	d-----w	C:\Program Files\QT Lite2008-07-06 11:42	---------	d-----w	C:\Documents and Settings\All Users\Dane aplikacji\Skype2008-07-06 11:42	---------	d-----w	C:\Documents and Settings\All Users\Dane aplikacji\Apple Computer2008-07-06 11:41	---------	d-----w	C:\Program Files\K-Lite Codec Pack2008-07-06 11:41	---------	d-----w	C:\Program Files\Java2008-07-06 11:40	---------	d-----w	C:\Program Files\Driver Magician2008-07-06 11:40	---------	d-----w	C:\Program Files\Common Files\Java2008-07-06 11:37	---------	d-----w	C:\Program Files\Opera2008-07-06 11:34	---------	d-----w	C:\Program Files\Nero2008-07-06 11:34	---------	d-----w	C:\Program Files\Common Files\Nero2008-07-06 11:34	---------	d-----w	C:\Documents and Settings\All Users\Dane aplikacji\Nero2008-07-06 11:33	---------	d-----w	C:\Program Files\GRETECH2008-07-06 11:33	---------	d-----w	C:\Program Files\Gadu-Gadu2008-07-06 11:28	---------	d-----w	C:\Program Files\Reference Assemblies2008-07-06 11:28	---------	d-----w	C:\Program Files\MSBuild2008-07-06 11:23	---------	d-----w	C:\Program Files\Winamp2008-07-06 11:22	---------	d-----w	C:\Program Files\Microsoft Silverlight2008-07-06 11:18	---------	d-----w	C:\Program Files\uTorrent2008-07-06 11:17	---------	d-----w	C:\Program Files\Windows Sidebar2008-07-06 11:17	---------	d-----w	C:\Program Files\nLite2008-07-06 11:17	---------	d-----w	C:\Documents and Settings\adas\Dane aplikacji\Xentient2008-07-06 11:15	---------	d-----w	C:\Program Files\Utilities2008-07-06 11:15	---------	d-----w	C:\Program Files\Lavalys2008-07-06 11:14	---------	d-----w	C:\Program Files\Unlocker2008-07-06 11:14	---------	d-----w	C:\Program Files\TaskSwitchXP2008-07-06 11:14	---------	d-----w	C:\Program Files\Attribute Changer2008-07-06 11:14	---------	d-----w	C:\Program Files\AddOnInstaller2008-07-06 11:13	---------	d-----w	C:\Program Files\Windows Media Connect 22008-05-17 12:50	3,127	----a-w	C:\WINDOWS\system32\presetup.cmd2008-05-17 12:50	28,672	----a-w	C:\WINDOWS\system32\setupold.exe2008-05-17 12:46	955,392	----a-w	C:\WINDOWS\system32\wsecedit.dll2008-05-17 12:46	9,753,600	----a-w	C:\WINDOWS\system32\wmploc.dll2008-05-17 12:46	34,304	----a-w	C:\WINDOWS\system32\wpabaln.exe2008-05-17 12:46	32,256	----a-w	C:\WINDOWS\system32\wupdmgr.exe2008-05-17 12:46	299,008	----a-w	C:\WINDOWS\system32\wuauclt1.exe2008-05-17 12:46	208,896	----a-w	C:\WINDOWS\system32\wscript.exe2008-05-17 12:46	2,600,448	----a-w	C:\WINDOWS\system32\wpdshext.dll2008-05-17 12:46	184,320	----a-w	C:\WINDOWS\system32\wuaueng1.dll2008-05-17 12:45	358,912	----a-w	C:\WINDOWS\winhlp32.exe2008-05-17 12:45	3,647,488	----a-w	C:\WINDOWS\system32\wiadefui.dll2008-05-17 12:45	2,444,800	----a-w	C:\WINDOWS\system32\winbrand.dll2008-05-17 12:45	1,539,072	----a-w	C:\WINDOWS\system32\wextract.exe2008-05-17 12:45	1,538,560	----a-w	C:\WINDOWS\system32\wiaacmgr.exe2008-05-17 12:45	1,409,536	----a-w	C:\WINDOWS\system32\wiashext.dll2008-05-17 12:44	630,784	----a-w	C:\WINDOWS\system32\sysocmgr.exe2008-05-17 12:44	51,712	----a-w	C:\WINDOWS\system32\utilman.exe2008-05-17 12:44	487,424	----a-w	C:\WINDOWS\system32\user32.dll2008-05-17 12:44	450,560	----a-w	C:\WINDOWS\system32\themeui.dll2008-05-17 12:44	261,120	----a-w	C:\WINDOWS\system32\upnpui.dll2008-05-17 12:44	256,512	----a-w	C:\WINDOWS\system32\tapiui.dll2008-05-17 12:44	202,240	----a-w	C:\WINDOWS\system32\tcpmonui.dll2008-05-17 12:44	187,392	----a-w	C:\WINDOWS\system32\taskmgr.exe2008-05-17 12:44	126,976	----a-w	C:\WINDOWS\system32\verifier.exe2008-05-17 12:42	997,888	----a-w	C:\WINDOWS\system32\shdoclc.dll2008-05-17 12:42	2,589,184	----a-w	C:\WINDOWS\system32\setupapi.dll2008-05-17 12:42	171,008	----a-w	C:\WINDOWS\system32\sfc_os.dll2008-05-17 12:42	111,104	----a-w	C:\WINDOWS\system32\servdeps.dll2008-05-17 12:40	70,144	----a-w	C:\WINDOWS\system32\notepad.exe2008-05-17 12:40	70,144	----a-w	C:\WINDOWS\NOTEPAD.EXE2008-05-17 12:40	45,056	----a-w	C:\WINDOWS\system32\odbcad32.exe2008-05-17 12:40	217,088	----a-w	C:\WINDOWS\system32\odbcint.dll2008-05-17 12:40	2,356,736	----a-w	C:\WINDOWS\system32\netshell.dll2008-05-17 12:40	2,190,208	----a-w	C:\WINDOWS\system32\ntoskrnl.exe2008-05-17 12:40	2,072,576	----a-w	C:\WINDOWS\system32\netplwiz.dll2008-05-17 12:40	151,552	----a-w	C:\WINDOWS\system32\ntshrui.dll2008-05-17 12:40	138,752	----a-w	C:\WINDOWS\system32\netid.dll2008-05-17 12:40	113,664	----a-w	C:\WINDOWS\system32\ntlanui2.dll2008-05-17 12:40	103,936	----a-w	C:\WINDOWS\system32\nslookup.exe2008-05-17 12:40	1,966,592	----a-w	C:\WINDOWS\system32\ntbackup.exe2008-05-17 12:40	1,295,360	----a-w	C:\WINDOWS\system32\newdev.dll2008-05-17 12:38	855,552	----a-w	C:\WINDOWS\system32\mobsync.exe2008-05-17 12:38	85,504	----a-w	C:\WINDOWS\system32\mmcshext.dll2008-05-17 12:38	75,264	----a-w	C:\WINDOWS\system32\magnify.exe2008-05-17 12:38	393,728	----a-w	C:\WINDOWS\system32\keymgr.dll2008-05-17 12:38	220,672	----a-w	C:\WINDOWS\system32\moricons.dll2008-05-17 12:38	203,264	----a-w	C:\WINDOWS\system32\mdminst.dll2008-05-17 12:38	201,728	----a-w	C:\WINDOWS\system32\msconfig.exe2008-05-17 12:38	2,628,608	----a-w	C:\WINDOWS\system32\logonui.exe2008-05-17 12:38	2,060,800	----a-w	C:\WINDOWS\system32\mmcndmgr.dll2008-05-17 12:38	156,672	----a-w	C:\WINDOWS\system32\modemui.dll.------- Sigcheck -------2008-05-17 13:44  487424  5f1ccdf37f28a88d0473b0c9ea1e0d58	C:\WINDOWS\system32\user32.dll2008-05-16 15:43  361344  accf5a9a1ffaa490f33dba1c632b95e1	C:\WINDOWS\system32\drivers\tcpip.sys2008-05-17 13:40  2190208  5fb59f2506787a7e036b7c2eff1cce24	C:\WINDOWS\system32\ntoskrnl.exe2008-05-17 13:36  1503232  67eacb65fbb0997dd3be8e4f1a5fe069	C:\WINDOWS\explorer.exe2008-05-17 13:35  40448  0277e1a3e8b337555a45943808451981	C:\WINDOWS\system32\ctfmon.exe.(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))..*Note* empty entries & legit default entries are not shown REGEDIT4[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2008-05-17 13:35 40448]"Komunikator"="C:\Program Files\Tlen.pl\tlen.exe" [2008-01-15 16:09 6290944][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"Monitor"="C:\WINDOWS\PixArt\PAC207\Monitor.exe" [2006-11-03 11:01 319488]"nod32kui"="C:\Program Files\Eset\nod32kui.exe" [2008-08-02 10:44 949376]"UCam_Menu"="C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" [2007-12-24 15:55 222504]"SoundMan"="SOUNDMAN.EXE" [2005-08-01 07:55 77824 C:\WINDOWS\SOUNDMAN.EXE]"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 21:51 110592 C:\WINDOWS\system32\bthprops.cpl][HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]"TaskSwitchXP"="C:\Program Files\TaskSwitchXP\TaskSwitchXP.exe" [2006-08-04 14:59 62976]"VisualTaskTips"="C:\Program Files\Utilities\VisualTaskTips\VisualTaskTips.exe" [2007-09-05 11:20 36352]"Skype"="C:\Program Files\Skype\Phone\Skype.exe" [2008-04-23 17:51 22059816]"Komunikator"="C:\Program Files\Tlen.pl\tlen.exe" [2008-01-15 16:09 6290944]"Nokia.PCSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-03-27 15:58 1744896][HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]"nltide_2"="shell32" [X]C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Wireless LAN USB Dongle.lnk - C:\Program Files\Wireless LAN USB Dongle\ZDWlan.exe [2005-11-01 17:36:44 483328][HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]"SynchronousMachineGroupPolicy"= 0 (0x0)"SynchronousUserGroupPolicy"= 0 (0x0)[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]"NoSMHelp"= 1 (0x1)"NoSMConfigurePrograms"= 1 (0x1)"NoInstrumentation"= 1 (0x1)"NoStartMenuMFUprogramsList"= 1 (0x1)"NoResolveTrack"= 1 (0x1)"NoResolveSearch"= 1 (0x1)"ForceClassicControlPanel"= 1 (0x1)[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]"NoSMHelp"= 1 (0x1)"NoSMConfigurePrograms"= 1 (0x1)"NoInstrumentation"= 1 (0x1)"NoStartMenuMFUprogramsList"= 1 (0x1)"NoResolveTrack"= 1 (0x1)"NoResolveSearch"= 1 (0x1)[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]"msacm.divxa32"= msaud32_divx.acm"VIDC.YV12"= yv12vfw.dll[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Komunikator]--a------ 2008-01-15 16:09 6290944 C:\Program Files\Tlen.pl\tlen.exe[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCSuiteTrayApplication]--a------ 2007-03-23 13:20 227328 C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]-ra------ 2008-04-23 17:51 22059816 C:\Program Files\Skype\Phone\Skype.exe[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TaskSwitchXP]--a------ 2006-08-04 14:59 62976 C:\Program Files\TaskSwitchXP\TaskSwitchXP.exe[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VisualTaskTips]--a------ 2007-09-05 11:20 36352 C:\Program Files\Utilities\VisualTaskTips\VisualTaskTips.exe[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AGRSMMSG]--a------ 2005-08-01 07:55 88363 C:\WINDOWS\AGRSMMSG.exe[HKEY_LOCAL_MACHINE\software\microsoft\security center]"AntiVirusDisableNotify"=dword:00000001"UpdatesDisableNotify"=dword:00000001[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]"EnableFirewall"= 0 (0x0)"DisableUnicastResponsesToMulticastBroadcast"= 0 (0x0)[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\system32\\sessmgr.exe"="C:\\Program Files\\uTorrent\\uTorrent.exe"="C:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe"=R1 VBoxDrv;VirtualBox Service;C:\WINDOWS\system32\DRIVERS\VBoxDrv.sys [2008-04-30 22:12]R1 VBoxUSBMon;VirtualBox USB Monitor Driver;C:\WINDOWS\system32\DRIVERS\VBoxUSBMon.sys [2008-04-30 22:12]R2 {95808DC4-FA4A-4C74-92FE-5B863F82066B};{95808DC4-FA4A-4C74-92FE-5B863F82066B};C:\Program Files\CyberLink\PowerDVD\[u]0[/u]00.fcl [2007-11-03 00:12]R2 BroadCamService;BroadCam Service;C:\Program Files\NCH Software\BroadCam\broadCam.exe [2008-07-22 20:37]R3 ZD1211BU(ZyDAS);ZyDAS ZD1211B IEEE 802.11 b+g Wireless LAN Driver (USB)(ZyDAS);C:\WINDOWS\system32\DRIVERS\zd1211Bu.sys [2005-08-17 14:43]S3 EverestDriver;Lavalys EVEREST Kernel Driver;C:\Program Files\Lavalys\EVEREST Ultimate Edition\kerneld.wnt [2008-03-17 00:00]S3 klim5;Kaspersky Anti-Virus NDIS Filter;C:\WINDOWS\system32\DRIVERS\klim5.sys []S3 nmwcdnsu;Nokia USB Flashing Phone Parent;C:\WINDOWS\system32\drivers\nmwcdnsu.sys [2008-02-01 16:17]S3 nmwcdnsuc;Nokia USB Flashing Generic;C:\WINDOWS\system32\drivers\nmwcdnsuc.sys [2008-02-01 16:17]S3 PAC207;PC Camer@;C:\WINDOWS\system32\DRIVERS\PFC027.SYS [2006-11-20 08:48]S3 PRODIGY;PRODIGY;C:\WINDOWS\system32\Drivers\PRODIGY.SYS [2006-08-29 15:56]S3 SISNICXP;SiS PCI Fast Ethernet Adapter Driver for NDIS51;C:\WINDOWS\system32\DRIVERS\sisnicxp.sys [2006-02-14 15:02]*Newly Created Service* - HELPSVC.- - - - ORPHANS REMOVED - - - -MSConfigStartUp-s9201 - C:\Documents and Settings\All Users\Dane aplikacji\Secure Solutions\Antispyware 2008 XP\as2008xp.exeMSConfigStartUp-SpySweeper - C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exeMSConfigStartUp-WinampAgent - C:\Program Files\Winamp\winampa.exe.------- Supplementary Scan -------.FireFox -: Profile - C:\Documents and Settings\adas\Dane aplikacji\Mozilla\Firefox\Profiles\auriekw1.default\FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp://www.wp.pl/**************************************************************************catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.netRootkit scan 2008-08-05 18:48:00Windows 5.1.2600 Dodatek Service Pack 3 NTFSscanning hidden processes ... scanning hidden autostart entries ...scanning hidden files ... scan completed successfullyhidden files: 0**************************************************************************[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\EverestDriver]"ImagePath"="\??\C:\Program Files\Lavalys\EVEREST Ultimate Edition\kerneld.wnt"[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\{95808DC4-FA4A-4C74-92FE-5B863F82066B}]"ImagePath"="\??\C:\Program Files\CyberLink\PowerDVD\[u]0[/u]00.fcl".------------------------ Other Running Processes ------------------------.C:\Program Files\Lavasoft\Ad-Aware\aawservice.exeC:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exeC:\Program Files\ESET\nod32krn.exeC:\WINDOWS\system32\oodag.exeC:\WINDOWS\system32\rundll32.exe.**************************************************************************.Completion time: 2008-08-05 18:51:04 - machine was rebooted [adas]ComboFix-quarantined-files.txt  2008-08-05 17:50:45Pre-Run: 22,032,150,528 bajtów wolnychPost-Run: 21,980,422,144 bajt˘w wolnych391

log.txt

log.txt

Mateusz J.
komentarz
komentarz
C:\!KillBox

Kwarantanna usuniętych plików przez program KillBox, usuń folder ręcznie.

Ogólnie czysto.

adames72
komentarz
komentarz

usunelem to recznie...dzieki ..ale wiessz co potych wszystkoch zabiegach ..czyszczenia tego swinstwa...nie moge nic sciagac...zaczyna sciagac i zachwile sie wiesza i nic nie idzi,,a bylo ok.mam router d-linka.....tam porty czyste..ale nie wiem jak w kompie...nie umiem sprawdzic

Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!

Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.

×
×
  • Dodaj nową pozycję...

Powiadomienie o plikach cookie

Strona wykorzystuje pliki cookies w celu prawidłowego świadczenia usług i wygody użytkowników. Warunki przechowywania i dostępu do plików cookies możesz zmienić w ustawieniach przeglądarki.