x-kom hosting

Proszę o sprawdzenie

v8power
utworzono
utworzono
ComboFix 08-08-30.01 - Komputer 2008-08-31  1:02:32.1 - NTFSx86Microsoft Windows XP Professional  5.1.2600.2.1250.1.1045.18.583 [GMT 2:00]Running from: C:\Documents and Settings\Komputer\Pulpit\ComboFix.exe * Created a new restore point[b]WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !![/b].(((((((((((((((((((((((((   Files Created from 2008-07-28 to 2008-08-30  ))))))))))))))))))))))))))))))).2008-08-31 00:36 . 2008-08-31 00:37	<DIR>	d--------	C:\Program Files\Euro Truck Simulator2008-08-30 19:39 . 2008-08-30 19:39	<DIR>	d--------	C:\Program Files\Alwil Software2008-08-30 19:22 . 2008-08-30 19:22	<DIR>	d--------	C:\Program Files\ZoneAlarmSB2008-08-30 19:21 . 2008-08-30 19:21	<DIR>	d--------	C:\Program Files\Zone Labs2008-08-30 19:19 . 2008-08-30 19:19	<DIR>	d--------	C:\Documents and Settings\All Users\Dane aplikacji\TEMP2008-08-30 19:18 . 2008-08-30 19:18	<DIR>	d--------	C:\Program Files\Trojan Remover2008-08-30 19:18 . 2008-08-30 19:18	<DIR>	d--------	C:\Documents and Settings\Komputer\Dane aplikacji\Simply Super Software2008-08-30 19:18 . 2008-08-30 19:18	<DIR>	d--------	C:\Documents and Settings\All Users\Dane aplikacji\Simply Super Software2008-08-30 19:18 . 2006-05-25 15:52	162,304	--a------	C:\WINDOWS\system32\ztvunrar36.dll2008-08-30 19:18 . 2003-02-02 20:06	153,088	--a------	C:\WINDOWS\system32\UNRAR3.dll2008-08-30 19:18 . 2005-08-26 01:50	77,312	--a------	C:\WINDOWS\system32\ztvunace26.dll2008-08-30 19:18 . 2002-03-06 01:00	75,264	--a------	C:\WINDOWS\system32\unacev2.dll2008-08-30 19:18 . 2006-06-19 13:01	69,632	--a------	C:\WINDOWS\system32\ztvcabinet.dll2008-08-30 19:14 . 2008-08-30 19:17	<DIR>	d--------	C:\Program Files\Spybot - Search & Destroy2008-08-30 18:32 . 2008-08-30 18:32	<DIR>	d--------	C:\Program Files\MWSnap2008-08-30 17:40 . 2008-08-30 18:13	<DIR>	d--------	C:\Program Files\Odkurzacz2008-08-30 17:30 . 2008-08-30 18:12	<DIR>	d--------	C:\Documents and Settings\All Users\Dane aplikacji\Avg82008-08-30 14:25 . 2008-08-31 01:04	725,024	--ahs----	C:\WINDOWS\system32\drivers\fidbox.dat2008-08-30 14:25 . 2008-08-30 19:40	5,936	--ahs----	C:\WINDOWS\system32\drivers\fidbox.idx2008-08-30 14:18 . 2008-08-30 19:21	<DIR>	d--------	C:\WINDOWS\system32\ZoneLabs2008-08-30 12:37 . 2008-08-30 13:04	<DIR>	d--------	C:\Documents and Settings\All Users\Dane aplikacji\comodo2008-08-30 00:45 . 2008-08-30 00:45	<DIR>	d--------	C:\Documents and Settings\All Users\Dane aplikacji\MailFrontier2008-08-30 00:45 . 2004-04-27 04:40	11,264	--a------	C:\WINDOWS\system32\SpOrder.dll2008-08-30 00:45 . 2008-08-30 19:22	4,212	---h-----	C:\WINDOWS\system32\zllictbl.dat2008-08-30 00:44 . 2008-08-31 00:51	<DIR>	d--------	C:\WINDOWS\Internet Logs2008-08-29 23:32 . 2008-08-29 23:32	249,592	--a------	C:\WINDOWS\system32\cssdll32.dll2008-08-29 23:31 . 2008-08-30 13:07	<DIR>	d--------	C:\Documents and Settings\Komputer\Dane aplikacji\Comodo2008-08-27 00:48 . 2008-08-27 00:48	<DIR>	d--------	C:\Program Files\Gadu-Gadu2008-08-27 00:48 . 2008-08-27 00:51	<DIR>	d--------	C:\Documents and Settings\Komputer\Gadu-Gadu2008-08-27 00:34 . 2008-08-27 00:34	<DIR>	d--------	C:\Documents and Settings\All Users\Dane aplikacji\tlen.pl2008-08-26 00:01 . 2008-08-26 00:03	<DIR>	d--------	C:\Program Files\BMW M3 Challenge2008-08-25 22:33 . 2008-08-25 22:33	<DIR>	d--------	C:\Program Files\Grupa332008-08-25 22:16 . 2008-08-25 22:17	<DIR>	d--------	C:\WINDOWS\system32\embedded2008-08-25 22:16 . 2008-08-25 22:16	<DIR>	d--------	C:\Program Files\Kolekcja Klasyki2008-08-25 21:43 . 2008-08-25 21:43	<DIR>	d--------	C:\Program Files\Rockstar Games2008-08-25 12:54 . 2002-06-06 14:38	139,264	--a------	C:\WINDOWS\system32\eax.dll2008-08-24 21:31 . 2008-08-24 21:31	<DIR>	d--------	C:\Documents and Settings\Komputer\Dane aplikacji\Thunderbird2008-08-24 21:31 . 2008-08-24 21:31	<DIR>	d--------	C:\Documents and Settings\Komputer\Dane aplikacji\Talkback2008-08-23 12:41 . 2008-08-23 12:41	<DIR>	d--------	C:\Documents and Settings\Komputer\Dane aplikacji\Nowe Gadu-Gadu2008-08-19 16:02 . 2008-08-19 16:09	<DIR>	d--------	C:\Documents and Settings\Komputer\Dane aplikacji\Ulead Systems2008-08-19 15:42 . 2008-08-19 15:42	<DIR>	d--------	C:\Program Files\Common Files\InterVideo2008-08-19 15:42 . 2008-08-19 15:42	<DIR>	d--------	C:\Documents and Settings\All Users\Dane aplikacji\InterVideo2008-08-19 15:42 . 2007-03-27 19:56	210,456	--a------	C:\WINDOWS\system32\IVIresizeW7.dll2008-08-19 15:42 . 2007-03-27 19:56	206,360	--a------	C:\WINDOWS\system32\IVIresizeA6.dll2008-08-19 15:42 . 2007-03-27 19:56	198,168	--a------	C:\WINDOWS\system32\IVIresizeP6.dll2008-08-19 15:42 . 2007-03-27 19:56	198,168	--a------	C:\WINDOWS\system32\IVIresizeM6.dll2008-08-19 15:42 . 2007-03-27 19:56	194,072	--a------	C:\WINDOWS\system32\IVIresizePX.dll2008-08-19 15:42 . 2007-03-27 19:56	26,136	--a------	C:\WINDOWS\system32\IVIresize.dll2008-08-19 15:41 . 2008-08-19 15:41	<DIR>	d--------	C:\Program Files\Windows Media Components2008-08-19 15:40 . 2008-08-19 15:40	<DIR>	d--------	C:\Program Files\Ulead Systems2008-08-19 15:40 . 2008-08-19 15:41	<DIR>	d--------	C:\Program Files\Common Files\Ulead Systems2008-08-19 15:40 . 2008-08-19 16:02	<DIR>	d--------	C:\Documents and Settings\All Users\Dane aplikacji\Ulead Systems2008-08-19 00:40 . 2008-08-19 00:40	<DIR>	d--------	C:\Documents and Settings\All Users\Dane aplikacji\FlashFXP2008-08-19 00:24 . 2008-08-19 00:30	<DIR>	d--------	C:\Documents and Settings\Komputer\Dane aplikacji\FileZilla2008-08-18 14:19 . 2006-10-26 19:56	32,592	--a------	C:\WINDOWS\system32\msonpmon.dll2008-08-18 14:17 . 2008-08-18 14:17	<DIR>	d--------	C:\Program Files\Microsoft Works2008-08-18 14:16 . 2008-08-18 14:16	<DIR>	d--------	C:\Program Files\MSBuild2008-08-18 14:11 . 2008-08-18 14:16	<DIR>	d--------	C:\WINDOWS\SHELLNEW2008-08-18 14:10 . 2008-08-18 14:20	<DIR>	d--------	C:\Documents and Settings\All Users\Dane aplikacji\Microsoft Help2008-08-18 14:09 . 2008-08-18 14:09	<DIR>	dr-h-----	C:\MSOCache2008-08-18 14:03 . 2008-08-18 15:19	<DIR>	d--------	C:\Documents and Settings\All Users\Dane aplikacji\Lavasoft2008-08-17 16:52 . 2008-08-17 16:52	<DIR>	d--------	C:\Documents and Settings\All Users\Dane aplikacji\Kaspersky Lab Setup Files2008-08-16 23:28 . 2008-08-16 23:28	<DIR>	d--------	C:\Program Files\VDownloader2008-08-16 22:56 . 2008-08-18 12:49	<DIR>	d--------	C:\Program Files\F1 Challenge 20072008-08-16 11:00 . 2008-08-16 11:00	0	---------	C:\WINDOWS\WB.ini2008-08-16 10:55 . 2005-01-22 19:05	20,480	--a------	C:\WINDOWS\system32\wbload.dll2008-08-16 10:55 . 2008-08-17 17:52	4,531	--a------	C:\WINDOWS\langorig.ini2008-08-15 21:33 . 2008-08-22 16:09	<DIR>	d--------	C:\Documents and Settings\Komputer\Dane aplikacji\gtk-2.02008-08-15 21:33 . 2008-08-15 21:33	<DIR>	d--------	C:\Documents and Settings\Komputer\.thumbnails2008-08-15 20:17 . 2008-08-30 09:05	69	--a------	C:\WINDOWS\NeroDigital.ini2008-08-15 20:07 . 2008-08-15 20:08	<DIR>	d--------	C:\Program Files\EA SPORTS2008-08-15 14:57 . 2004-09-13 08:17	2,146,304	---------	C:\WINDOWS\UNNMP.exe2008-08-15 14:57 . 2004-10-15 12:02	52,536	---------	C:\WINDOWS\UNNMP.cfg2008-08-15 14:54 . 2001-07-09 11:50	155,648	--a------	C:\WINDOWS\system32\NeroCheck.exe2008-08-15 14:53 . 2008-08-15 14:53	<DIR>	d--------	C:\Documents and Settings\All Users\Dane aplikacji\Ahead2008-08-15 14:53 . 2004-10-14 10:19	2,285,568	---------	C:\WINDOWS\UNNeroVision.exe2008-08-15 14:53 . 2004-07-20 17:24	1,568,768	---------	C:\WINDOWS\system32\ImagX7.dll2008-08-15 14:53 . 2004-07-20 17:24	476,320	---------	C:\WINDOWS\system32\ImagXpr7.dll2008-08-15 14:53 . 2004-07-20 17:24	471,040	---------	C:\WINDOWS\system32\ImagXRA7.dll2008-08-15 14:53 . 2004-07-09 09:43	364,544	---------	C:\WINDOWS\system32\TwnLib4.dll2008-08-15 14:53 . 2004-07-20 17:24	262,144	---------	C:\WINDOWS\system32\ImagXR7.dll2008-08-15 14:53 . 2000-06-26 11:45	106,496	--a------	C:\WINDOWS\system32\TwnLib20.dll2008-08-15 14:53 . 2004-10-15 12:02	97,294	---------	C:\WINDOWS\UNNeroVision.cfg2008-08-15 14:53 . 2001-06-26 08:15	38,912	---------	C:\WINDOWS\system32\picn20.dll2008-08-15 14:53 . 2001-03-08 19:30	24,064	---------	C:\WINDOWS\system32\msxml3a.dll2008-08-15 14:51 . 2008-08-15 14:57	<DIR>	d--------	C:\Program Files\Ahead2008-08-15 12:53 . 2008-08-30 17:45	<DIR>	d--------	C:\Documents and Settings\Komputer\Dane aplikacji\DeepBurner2008-08-15 12:10 . 2008-08-15 12:15	<DIR>	d--------	C:\Documents and Settings\Komputer\Dane aplikacji\InfraRecorder2008-08-15 11:36 . 2004-08-04 00:44	159,232	--a------	C:\WINDOWS\system32\ptpusd.dll2008-08-15 11:36 . 2001-10-26 17:29	5,632	--a------	C:\WINDOWS\system32\ptpusb.dll2008-08-15 11:34 . 2008-08-15 11:57	<DIR>	d--------	C:\Documents and Settings\Komputer\Dane aplikacji\Ahead2008-08-15 11:30 . 2008-08-15 14:54	<DIR>	d--------	C:\Program Files\Common Files\Ahead2008-08-15 07:40 . 2008-08-15 07:40	<DIR>	d--------	C:\Program Files\Common Files\DirectX2008-08-15 01:52 . 2008-08-15 20:41	5,760,054	--a------	C:\WINDOWS\ALX_1600x1200.bmp2008-08-15 01:50 . 2008-08-15 23:12	5,760,054	--a------	C:\WINDOWS\AW_1600x1200.bmp2008-08-15 01:49 . 2008-08-15 22:27	3,932,214	--a------	C:\WINDOWS\InvaderDark1280.bmp2008-08-14 11:57 . 2005-02-01 15:20	5,760,056	--a------	C:\WINDOWS\Darkstar.bmp2008-08-13 18:57 . 1996-01-09 10:38	283,648	--a------	C:\WINDOWS\uninst.exe2008-08-13 17:19 . 2008-08-13 17:19	<DIR>	d--------	C:\Documents and Settings\Komputer\WINDOWS2008-08-13 16:35 . 2008-08-13 16:35	<DIR>	d--------	C:\Program Files\Ligos2008-08-13 16:35 . 1998-10-29 19:45	306,688	--a------	C:\WINDOWS\IsUninst.exe2008-08-13 16:35 . 2000-06-23 14:05	136,704	--a------	C:\WINDOWS\system32\iacenc.dll2008-08-13 16:35 . 2000-06-22 13:09	56,320	---------	C:\WINDOWS\system32\iyvu9_32.dll2008-08-13 16:22 . 2008-03-03 14:25	5,702	--ah-----	C:\WINDOWS\nod32restoretemdono.reg2008-08-13 16:22 . 2008-03-03 18:21	568	--ah-----	C:\WINDOWS\nod32fixtemdono.reg2008-08-13 16:21 . 2008-08-13 16:21	<DIR>	d--------	C:\Documents and Settings\Komputer\Dane aplikacji\ESET2008-08-13 14:42 . 2008-08-13 14:42	<DIR>	d--------	C:\Program Files\Trend Micro2008-08-13 14:36 . 2008-08-30 23:16	<DIR>	d--------	C:\Documents and Settings\All Users\Dane aplikacji\Spybot - Search & Destroy2008-08-13 14:33 . 2008-08-25 12:56	<DIR>	d--------	C:\Documents and Settings\Komputer\.gimp-2.42008-08-13 14:32 . 2008-08-13 14:32	<DIR>	d--------	C:\Program Files\GIMP-2.02008-08-13 13:28 . 2008-08-13 13:28	<DIR>	d--------	C:\Program Files\Ares2008-08-13 10:32 . 2008-08-13 10:32	<DIR>	d--------	C:\Program Files\Idoru2008-08-13 00:29 . 2008-08-30 21:59	<DIR>	d--------	C:\Program Files\AIMP22008-08-12 23:58 . 2008-08-13 00:01	<DIR>	d--------	C:\Program Files\PhotoFiltre2008-08-12 23:06 . 2008-07-23 18:50	3,596,288	--a------	C:\WINDOWS\system32\qt-dx331.dll2008-08-12 23:06 . 2008-07-04 08:34	860,160	--a------	C:\WINDOWS\system32\lameACM.acm2008-08-12 23:06 . 2008-01-10 14:15	755,027	--a------	C:\WINDOWS\system32\xvidcore.dll2008-08-12 23:06 . 2004-01-25 18:18	217,088	--a------	C:\WINDOWS\system32\yv12vfw.dll2008-08-12 23:06 . 2007-09-04 18:56	164,352	--a------	C:\WINDOWS\system32\unrar.dll2008-08-12 23:06 . 2008-01-10 14:16	159,839	--a------	C:\WINDOWS\system32\xvidvfw.dll2008-08-12 23:06 . 2007-09-21 02:52	118,784	--a------	C:\WINDOWS\system32\ac3acm.acm2008-08-12 23:06 . 2008-07-25 10:34	81,920	--a------	C:\WINDOWS\system32\dpl100.dll2008-08-12 23:06 . 2007-10-03 17:03	414	--a------	C:\WINDOWS\system32\lame_acm.xml2008-08-12 23:06 . 2008-08-23 08:10	38	--a------	C:\WINDOWS\avisplitter.ini2008-08-12 23:05 . 2008-08-12 23:05	<DIR>	d--------	C:\Program Files\Real Alternative.((((((((((((((((((((((((((((((((((((((((   Find3M Report   )))))))))))))))))))))))))))))))))))))))))))))))))))).2008-08-30 23:02	---------	d-----w	C:\Documents and Settings\Komputer\Dane aplikacji\uTorrent2008-08-30 15:45	---------	d-----w	C:\Program Files\USB Disk Win98 Driver2008-08-25 19:43	---------	d--h--w	C:\Program Files\InstallShield Installation Information2008-08-12 20:59	---------	d-----w	C:\Program Files\CCleaner2008-08-12 20:28	---------	d-----w	C:\Program Files\Common Files\Adobe AIR2008-08-12 20:27	---------	d-----w	C:\Program Files\Common Files\Adobe2008-08-12 20:23	---------	d-----w	C:\Program Files\DAEMON Tools Lite2008-08-12 20:21	717,296	----a-w	C:\WINDOWS\system32\drivers\sptd.sys2008-08-12 20:21	---------	d-----w	C:\Documents and Settings\Komputer\Dane aplikacji\DAEMON Tools2008-08-12 18:57	---------	d-----w	C:\Program Files\uTorrent2008-08-12 18:49	---------	d-----w	C:\Documents and Settings\Komputer\Dane aplikacji\Gadu-Gadu2008-08-12 18:38	---------	d-----w	C:\Program Files\Canon2008-08-12 18:37	---------	d-----w	C:\Program Files\Common Files\ScanSoft Shared2008-08-12 18:37	---------	d-----w	C:\Program Files\Common Files\InstallShield2008-08-12 18:37	---------	d-----w	C:\Documents and Settings\Komputer\Dane aplikacji\ScanSoft2008-08-12 18:37	---------	d-----w	C:\Documents and Settings\All Users\Dane aplikacji\ScanSoft2008-08-12 18:37	---------	d-----w	C:\Documents and Settings\All Users\Dane aplikacji\InstallShield2008-08-12 18:36	---------	d-----w	C:\Program Files\ScanSoft2008-08-12 18:35	---------	d-----w	C:\Program Files\ArcSoft2008-08-12 18:34	---------	d--h--w	C:\Program Files\CanonBJ2008-08-12 18:34	---------	d--h--w	C:\Documents and Settings\All Users\Dane aplikacji\CanonBJ2008-08-12 18:33	---------	d-----w	C:\Program Files\ASUS2008-08-12 18:30	---------	d-----w	C:\Program Files\Analog Devices2008-08-12 18:28	---------	d-----w	C:\Program Files\VIA2008-08-12 18:18	---------	d-----w	C:\Program Files\microsoft frontpage2008-08-12 18:17	---------	d-----w	C:\Program Files\Usługi online2008-07-09 07:05	75,248	----a-w	C:\WINDOWS\zllsputility.exe2008-07-09 07:05	1,086,952	----a-w	C:\WINDOWS\system32\zpeng24.dll.(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))..*Note* empty entries & legit default entries are not shown REGEDIT4[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 00:44 15360]"Odkurzacz-MCD"="C:\Program Files\Odkurzacz\odk_mcd.exe" [2008-08-16 16:01 264704][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-08-11 15:43 7630848]"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2006-08-11 15:43 86016]"SoundMAXPnP"="C:\Program Files\Analog Devices\Core\smax4pnp.exe" [2005-05-20 11:11 925696]"JMB36X Configure"="C:\WINDOWS\system32\JMRaidTool.exe" [2006-07-12 11:47 352256]"Ai Quicker Help"="C:\Program Files\ASUS\ASUS DH Remote\AsRc.exe" [2006-08-15 15:46 3171328]"SSBkgdUpdate"="C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-09-28 13:16 185896]"OpwareSE4"="C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe" [2006-10-11 12:45 75304]"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 02:38 34672]"USB Storage Toolbox"="C:\Program Files\USB Disk Win98 Driver\Res.EXE" [2005-09-14 20:44 65536]"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 11:50 155648]"GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-27 00:47 31016]"UVS11 Preload"="C:\Program Files\Ulead Systems\Ulead VideoStudio 11\uvPL.exe" [2007-09-12 12:17 340136]"TrojanScanner"="C:\Program Files\Trojan Remover\Trjscan.exe" [2008-08-30 13:20 916560]"ZoneAlarm Client"="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" [2008-07-09 09:05 919016]"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2008-07-19 16:38 78008]"nwiz"="nwiz.exe" [2006-08-11 15:43 1519616 C:\WINDOWS\system32\nwiz.exe]"High Definition Audio Property Page Shortcut"="HDAShCut.exe" [2004-10-27 15:21 61952 C:\WINDOWS\system32\HdAShCut.exe][HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-04 00:44 15360][HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]"VIDC.YV12"= yv12vfw.dll"msacm.dvacm"= C:\PROGRA~1\COMMON~1\ULEADS~1\Vio\Dvacm.acm"msacm.MPEGacm"= C:\PROGRA~1\COMMON~1\ULEADS~1\MPEG\MPEGacm.acm"msacm.ulmp3acm"= C:\PROGRA~1\COMMON~1\ULEADS~1\MPEG\ulmp3acm.acm[HKEY_LOCAL_MACHINE\software\microsoft\security center]"UpdatesDisableNotify"=dword:00000001[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]"DisableMonitoring"=dword:00000001[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]"EnableFirewall"= 0 (0x0)[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]"%windir%\\system32\\sessmgr.exe"="C:\\Program Files\\uTorrent\\uTorrent.exe"=R0 videX32;videX32;C:\WINDOWS\system32\DRIVERS\videX32.sys [2006-02-23 05:38]R0 xfilt;VIA SATA IDE Hot-plug Driver;C:\WINDOWS\system32\DRIVERS\xfilt.sys [2006-02-23 05:39]R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-07-19 16:35]R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-07-19 16:37]R3 DFE528TX;D-Link DFE-528TX PCI Adapter;C:\WINDOWS\system32\DRIVERS\DLKRTL.SYS [2002-06-24 06:30]R3 USBSTOR;Sterownik magazynu masowego USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 23:08]S2 NOD32FiXTemDono;Eset Nod32 Boot;C:\WINDOWS\system32\regedt32.exe [2001-10-26 17:30]S3 usbscan;Sterownik skanera USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 22:58]*Newly Created Service* - ASWUPDSV*Newly Created Service* - AVAST!_ANTIVIRUS*Newly Created Service* - AVAST!_MAIL_SCANNER*Newly Created Service* - AVAST!_WEB_SCANNER*Newly Created Service* - CATCHME*Newly Created Service* - PROCEXP90..------- Supplementary Scan -------.FireFox -: Profile - C:\Documents and Settings\Komputer\Dane aplikacji\Mozilla\Firefox\Profiles\ckh8jl63.default\FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp://google.plFF -: plugin - C:\Program Files\Mozilla Firefox\plugins\NPZoneSB.dll.**************************************************************************catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.netRootkit scan 2008-08-31 01:04:39Windows 5.1.2600 Dodatek Service Pack 2 NTFSscanning hidden processes ... scanning hidden autostart entries ...scanning hidden files ... scan completed successfullyhidden files: 0**************************************************************************[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\ASFWHide]"ImagePath"="\??\C:\DOCUME~1\Komputer\USTAWI~1\Temp\ASFWHide".Completion time: 2008-08-31  1:05:45ComboFix-quarantined-files.txt  2008-08-30 23:05:40Pre-Run: 62,838,636,544 bajtów wolnychPost-Run: 62,819,176,448 bajtów wolnych246Logfile of Trend Micro HijackThis v2.0.2Scan saved at 01:07:30, on 2008-08-31Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\ZoneLabs\vsmon.exeC:\Program Files\Alwil Software\Avast4\aswUpdSv.exeC:\Program Files\Alwil Software\Avast4\ashServ.exeC:\WINDOWS\system32\spoolsv.exeC:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exeC:\WINDOWS\system32\nvsvc32.exeC:\WINDOWS\system32\svchost.exeC:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exeC:\WINDOWS\system32\RUNDLL32.EXEC:\Program Files\Analog Devices\Core\smax4pnp.exeC:\Program Files\Analog Devices\SoundMAX\Smax4.exeC:\Program Files\ASUS\ASUS DH Remote\AsRc.exeC:\Program Files\Alwil Software\Avast4\ashMaiSv.exeC:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exeC:\Program Files\USB Disk Win98 Driver\Res.EXEC:\Program Files\Microsoft Office\Office12\GrooveMonitor.exeC:\Program Files\Alwil Software\Avast4\ashWebSv.exeC:\Program Files\Zone Labs\ZoneAlarm\zlclient.exeC:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exeC:\WINDOWS\system32\ctfmon.exeC:\Program Files\uTorrent\uTorrent.exeC:\WINDOWS\explorer.exeC:\Program Files\Trend Micro\HijackThis\HijackThis.exeR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = ŁączaO2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dllO2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dllO2 - BHO: Canon Easy Web Print Helper - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dllO2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLLO2 - BHO: ZoneAlarm Spy Blocker BHO - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\ZoneAlarmSB\bar\2.bin\SPYBLOCK.DLLO3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dllO3 - Toolbar: ZoneAlarm Spy Blocker - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\ZoneAlarmSB\bar\2.bin\SPYBLOCK.DLLO4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartupO4 - HKLM\..\Run: [nwiz] nwiz.exe /installO4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInitO4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exeO4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exeO4 - HKLM\..\Run: [JMB36X Configure] C:\WINDOWS\system32\JMRaidTool.exe bootO4 - HKLM\..\Run: [Ai Quicker Help] "C:\Program Files\ASUS\ASUS DH Remote\AsRc.exe"O4 - HKLM\..\Run: [sSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -bootO4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"O4 - HKLM\..\Run: [uSB Storage Toolbox] C:\Program Files\USB Disk Win98 Driver\Res.EXEO4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exeO4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"O4 - HKLM\..\Run: [uVS11 Preload] C:\Program Files\Ulead Systems\Ulead VideoStudio 11\uvPL.exeO4 - HKLM\..\Run: [TrojanScanner] C:\Program Files\Trojan Remover\Trjscan.exe /bootO4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exeO4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exeO4 - HKCU\..\Run: [Odkurzacz-MCD] C:\Program Files\Odkurzacz\odk_mcd.exeO4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA LOKALNA')O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA SIECIOWA')O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000O8 - Extra context menu item: Easy-WebPrint – Dodaj do listy drukowania - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.htmlO8 - Extra context menu item: Easy-WebPrint – Drukuj - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Print.htmlO8 - Extra context menu item: Easy-WebPrint – Drukuj z dużą szybkością - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.htmlO8 - Extra context menu item: Easy-WebPrint – Podgląd - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.htmlO9 - Extra button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dllO9 - Extra 'Tools' menuitem: Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dllO9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLLO9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dllO9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dllO9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLLO23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exeO23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exeO23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exeO23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exeO23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exeO23 - Service: Capture Device Service - InterVideo Inc. - C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exeO23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exeO23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exeO23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe--End of file - 7667 bytes

Mateusz J.
komentarz
komentarz
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)

Fix w HijackThis.

Ogólnie logi czyste.

Jaki powód sprawdzania logów?

v8power
komentarz
komentarz

coś mi się pomieszało w w "dodaj lub usuń programy" nie ma wszystkich programów i kilkanaście razy powtarza się "Microsoft office...", i jeszcze Outpost Firewall wykrył mi coś takiego :

Name: BZub

Type: Trojan

Registry key: HKEY_LOCAL_MACHINE\software\Microsoft\windows\currentversion\Control Panel\load - narazie dałem do kwarantanny.

Mateusz J.
komentarz
komentarz
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\control panel\load

Klucz służy do konfiguracji panelu sterowania. Outpost wykrywa go po użyciu ComboFix-a, nie przejmuj się tym :)

v8power
komentarz
komentarz

aha ok :) dzięki.

Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!

Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.

×
×
  • Dodaj nową pozycję...

Powiadomienie o plikach cookie

Strona wykorzystuje pliki cookies w celu prawidłowego świadczenia usług i wygody użytkowników. Warunki przechowywania i dostępu do plików cookies możesz zmienić w ustawieniach przeglądarki.