x-kom hosting

proszę o sprawdzenie

Pirzyk
utworzono
utworzono

w zasadzie chodzi mi o to tutaj

HijackThis:

Logfile of Trend Micro HijackThis v2.0.2Scan saved at 16:05:59, on 2008-12-18Platform: Windows XP Dodatek SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.16762)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exeC:\WINDOWS\system32\Ati2evxx.exeC:\Program Files\Alwil Software\Avast4\aswUpdSv.exeC:\Program Files\Alwil Software\Avast4\ashServ.exeC:\WINDOWS\system32\spoolsv.exeC:\Program Files\Google\Update\GoogleUpdate.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\system32\agrsmsvc.exeC:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exeC:\WINDOWS\system32\PnkBstrA.exeC:\Program Files\Photodex\ProShowProducer\ScsiAccess.exeC:\Program Files\Synaptics\SynTP\SynTPEnh.exeC:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exeC:\Program Files\D-Tools\daemon.exeC:\WINDOWS\system32\ctfmon.exeC:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exeC:\Program Files\Microsoft Office\Office10\msoffice.exeC:\Documents and Settings\Łukasz\Pulpit\Najnowszy_USDownloader_03.07.2008__up_by_AMH\Najnowszy USDownloader 03.07.2008__up by AMH\USDownloader.exeC:\Program Files\Alwil Software\Avast4\ashMaiSv.exeC:\Program Files\Alwil Software\Avast4\ashWebSv.exeC:\WINDOWS\system32\svchost.exeC:\Program Files\ivo\Expressivo\expressivo.exeC:\Program Files\Mozilla Firefox\firefox.exeC:\Program Files\Gadu-Gadu\gg.exeC:\Program Files\Winamp\winamp.exeD:\programy\anty virusy\HiJackThis.exeR0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.spolszczenia.pl.prv.pl/R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 10.0.10.2:8080R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.localR0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = ŁączaO2 - BHO: Google Gears Helper - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.4.2\gears.dllO4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exeO4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exeO4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe"  -lang 1033O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exeO4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')O4 - Startup: USDownloader.exe.lnk = ?O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXEO4 - Global Startup: BTTray.lnk = ?O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000O8 - Extra context menu item: Wyślij do urządzenia &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htmO9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dllO9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dllO9 - Extra button: (no name) - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.4.2\gears.dllO9 - Extra 'Tools' menuitem: Ustawienia wtyczki &Gears - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.4.2\gears.dllO9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htmO9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htmO9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exeO9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exeO9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} (MksSkanerOnline Class) - http://www.mks.com.pl/skaner/SkanerOnline.cabO16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1221069933409O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\WINDOWS\system32\agrsmsvc.exeO23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exeO23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exeO23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exeO23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exeO23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exeO23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Unknown owner - C:\Program Files\Bonjour\mDNSResponder.exe (file missing)O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exeO23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exeO23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exeO23 - Service: Google Update Service (gupdate1c916a7e527e4da) (gupdate1c916a7e527e4da) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exeO23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exeO23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exeO23 - Service: ScsiAccess - Unknown owner - C:\Program Files\Photodex\ProShowProducer\ScsiAccess.exeO23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe--End of file - 7258 bytes

ComboFix:

ComboFix 08-12-17.01 - Łukasz 2008-12-18 16:10:23.2 - [b]FAT32[/b]x86Microsoft Windows XP Professional  5.1.2600.3.1250.1.1045.18.2047.1437 [GMT 1:00]Uruchomiony z: d:\programy\anty virusy\ComboFix.exe * Utworzono nowy punkt przywracania.(((((((((((((((((((((((((((((((((((((((   Usunięto   ))))))))))))))))))))))))))))))))))))))))))))))))).c:\windows\system32\wVpmlLeF.dll.(((((((((((((((((((((((((   Pliki utworzone od 2008-11-18 do 2008-12-18  ))))))))))))))))))))))))))))))).2008-12-09 21:31 . 2008-12-09 21:31	<DIR>	d--------	c:\program files\NokiaFREE Unlock Codes Calculator2008-12-07 13:55 . 2008-12-07 13:55	<DIR>	d--------	c:\program files\SiSoftware2008-12-03 14:45 . 2008-12-03 14:45	<DIR>	d--------	c:\documents and settings\Ela\Dane aplikacji\EstSoft2008-12-02 14:59 . 2008-12-02 14:59	<DIR>	d--hs----	C:\FOUND.0042008-12-01 22:56 . 2008-12-01 22:56	<DIR>	d--------	C:\Downloads2008-12-01 14:16 . 2008-12-01 14:16	<DIR>	d--------	c:\documents and settings\Łukasz\Dane aplikacji\EssentialPIM2008-11-30 21:49 . 2008-11-30 21:49	<DIR>	d--------	c:\program files\EssentialPIM2008-11-30 21:49 . 2008-11-30 21:49	<DIR>	d--------	c:\documents and settings\Ela\Dane aplikacji\EssentialPIM2008-11-30 21:46 . 2008-11-30 21:46	<DIR>	d--------	c:\program files\GNUTU2008-11-29 04:15 . 2008-11-29 04:15	<DIR>	d--------	c:\program files\MSECache2008-11-29 02:31 . 2008-11-29 02:31	0	--a------	c:\windows\C11F06.dmp2008-11-29 02:28 . 2008-11-29 02:28	<DIR>	d--------	c:\program files\HHD Software2008-11-29 00:25 . 2008-11-29 00:25	<DIR>	d--------	c:\documents and settings\Łukasz\Bluetooth Software2008-11-29 00:25 . 2008-11-29 00:25	<DIR>	d--------	c:\documents and settings\Łukasz\Bluetooth Software2008-11-28 22:38 . 2008-11-28 22:39	24,576	--a------	c:\windows\system32\VundoFixSVC.exe2008-11-28 22:16 . 2008-11-28 22:16	<DIR>	d--------	C:\VundoFix Backups2008-11-26 15:07 . 2008-11-26 15:07	<DIR>	d--------	c:\documents and settings\All Users\Dane aplikacji\122BF2008-11-26 15:06 . 2008-11-26 15:06	<DIR>	d--------	C:\My Downloads2008-11-26 15:03 . 2008-11-26 15:03	<DIR>	d--------	c:\program files\BearShare Applications2008-11-26 15:02 . 2008-11-26 15:02	58	--a------	c:\windows\wininit.ini2008-11-22 19:16 . 2008-11-24 09:27	13,030	--a------	C:\PDOXUSRS.NET2008-11-22 19:14 . 2008-11-22 19:14	<DIR>	d--------	c:\program files\Common Files\Borland Shared2008-11-22 19:13 . 2008-11-22 19:13	<DIR>	d--------	c:\program files\GlobalServices.((((((((((((((((((((((((((((((((((((((((   Sekcja Find3M   )))))))))))))))))))))))))))))))))))))))))))))))))))).2008-11-27 05:58	22,328	----a-w	c:\windows\system32\drivers\PnkBstrK.sys2008-11-27 05:57	103,736	----a-w	c:\windows\system32\PnkBstrB.exe2008-11-12 22:17	---------	d-----w	c:\program files\Budzik2008-11-12 17:45	---------	d-----w	c:\program files\Euro Truck Simulator2008-11-10 19:12	66,872	----a-w	c:\windows\system32\PnkBstrA.exe2008-11-07 14:21	---------	d-----w	c:\program files\Zemsta Kujona2008-11-06 14:47	---------	d-----w	c:\program files\directx2008-11-06 14:45	---------	d-----w	c:\program files\Rockstar Games2008-11-06 14:29	---------	d-----w	c:\program files\Prawo Jazdy 20062008-11-05 09:02	---------	d-----w	c:\program files\Astro Gemini Software2008-10-24 11:21	455,296	----a-w	c:\windows\system32\drivers\mrxsmb.sys2008-10-24 11:21	455,296	------w	c:\windows\system32\dllcache\mrxsmb.sys2008-10-23 12:42	286,720	----a-w	c:\windows\system32\gdi32.dll2008-10-23 12:42	286,720	------w	c:\windows\system32\dllcache\gdi32.dll2008-10-17 01:03	3,593,216	------w	c:\windows\system32\dllcache\mshtml.dll2008-10-16 13:15	70,656	------w	c:\windows\system32\dllcache\ie4uinit.exe2008-10-16 13:13	202,776	----a-w	c:\windows\system32\wuweb.dll2008-10-16 13:13	202,776	----a-w	c:\windows\system32\dllcache\wuweb.dll2008-10-16 13:13	1,809,944	----a-w	c:\windows\system32\wuaueng.dll2008-10-16 13:13	1,809,944	----a-w	c:\windows\system32\dllcache\wuaueng.dll2008-10-16 13:12	561,688	----a-w	c:\windows\system32\wuapi.dll2008-10-16 13:12	561,688	----a-w	c:\windows\system32\dllcache\wuapi.dll2008-10-16 13:12	323,608	----a-w	c:\windows\system32\wucltui.dll2008-10-16 13:12	323,608	----a-w	c:\windows\system32\dllcache\wucltui.dll2008-10-16 13:11	13,824	------w	c:\windows\system32\dllcache\ieudinit.exe2008-10-16 13:09	92,696	----a-w	c:\windows\system32\dllcache\cdm.dll2008-10-16 13:09	92,696	----a-w	c:\windows\system32\cdm.dll2008-10-16 13:09	51,224	----a-w	c:\windows\system32\wuauclt.exe2008-10-16 13:09	51,224	----a-w	c:\windows\system32\dllcache\wuauclt.exe2008-10-16 13:09	43,544	----a-w	c:\windows\system32\wups2.dll2008-10-16 13:08	34,328	----a-w	c:\windows\system32\wups.dll2008-10-16 13:08	34,328	----a-w	c:\windows\system32\dllcache\wups.dll2008-10-15 17:36	337,408	------w	c:\windows\system32\dllcache\netapi32.dll2008-10-15 07:06	633,632	------w	c:\windows\system32\dllcache\iexplore.exe2008-10-15 07:04	161,792	----a-w	c:\windows\system32\dllcache\ieakui.dll2008-10-12 22:00	361,728	----a-w	c:\windows\system32\TuneUpDefragService.exe2008-10-10 10:47	22,008	----a-w	c:\documents and settings\Łukasz\Dane aplikacji\GDIPFONTCACHEV1.DAT2008-10-08 20:10	4,608	----a-w	c:\windows\system32\w95inf32.dll2008-10-08 20:10	2,272	----a-w	c:\windows\system32\w95inf16.dll2008-10-04 22:06	107,888	----a-w	c:\windows\system32\CmdLineExt.dll2008-10-03 10:04	247,326	----a-w	c:\windows\system32\strmdll.dll2008-10-03 10:04	247,326	----a-w	c:\windows\system32\dllcache\strmdll.dll2008-09-30 15:43	1,286,152	----a-w	c:\windows\system32\msxml4.dll2008-09-19 18:20	73,063,401	----a-w	c:\windows\Kocham Cię.scr2008-09-14 00:26	2,971	----a-w	c:\program files\Common Files\unins000.dat2008-09-14 00:25	730,121	----a-w	c:\program files\Common Files\unins000.exe2008-08-17 23:13	81,920	----a-w	c:\documents and settings\Łukasz\Dane aplikacji\ezpinst.exe2008-08-17 23:13	47,360	----a-w	c:\documents and settings\Łukasz\Dane aplikacji\pcouffin.sys2008-03-09 06:25	236	---ha-w	c:\program files\Common Files\dx.reg.(((((((((((((((((((((((((((((   snapshot@2008-11-28_23.02.52.79   ))))))))))))))))))))))))))))))))))))))))).+ 2008-08-26 09:26:56	124,928	------w	c:\windows\ie7updates\KB958215-IE7\advpack.dll+ 2008-08-26 09:26:56	347,136	------w	c:\windows\ie7updates\KB958215-IE7\dxtmsft.dll+ 2008-08-26 09:26:56	214,528	------w	c:\windows\ie7updates\KB958215-IE7\dxtrans.dll+ 2008-08-26 09:26:56	133,120	------w	c:\windows\ie7updates\KB958215-IE7\extmgr.dll+ 2008-08-26 09:26:56	63,488	------w	c:\windows\ie7updates\KB958215-IE7\icardie.dll+ 2008-08-25 09:42:18	70,656	------w	c:\windows\ie7updates\KB958215-IE7\ie4uinit.exe+ 2008-08-26 09:26:56	153,088	------w	c:\windows\ie7updates\KB958215-IE7\ieakeng.dll+ 2008-08-26 09:26:56	230,400	------w	c:\windows\ie7updates\KB958215-IE7\ieaksie.dll+ 2008-08-23 06:54:52	161,792	------w	c:\windows\ie7updates\KB958215-IE7\ieakui.dll+ 2008-08-26 09:26:56	383,488	------w	c:\windows\ie7updates\KB958215-IE7\ieapfltr.dll+ 2008-08-26 09:26:56	384,512	------w	c:\windows\ie7updates\KB958215-IE7\iedkcs32.dll+ 2008-10-03 18:26:30	6,066,176	------w	c:\windows\ie7updates\KB958215-IE7\ieframe.dll+ 2008-08-26 09:26:58	44,544	------w	c:\windows\ie7updates\KB958215-IE7\iernonce.dll+ 2008-08-26 09:26:58	267,776	------w	c:\windows\ie7updates\KB958215-IE7\iertutil.dll+ 2008-08-25 09:38:00	13,824	------w	c:\windows\ie7updates\KB958215-IE7\ieudinit.exe+ 2008-08-23 06:56:16	635,848	------w	c:\windows\ie7updates\KB958215-IE7\iexplore.exe+ 2008-08-26 09:26:58	27,648	------w	c:\windows\ie7updates\KB958215-IE7\jsproxy.dll+ 2008-08-26 09:27:00	459,264	------w	c:\windows\ie7updates\KB958215-IE7\msfeeds.dll+ 2008-08-26 09:27:00	52,224	------w	c:\windows\ie7updates\KB958215-IE7\msfeedsbs.dll+ 2008-08-27 10:27:02	3,593,216	------w	c:\windows\ie7updates\KB958215-IE7\mshtml.dll+ 2008-08-26 09:27:00	477,696	------w	c:\windows\ie7updates\KB958215-IE7\mshtmled.dll+ 2008-08-26 09:27:00	193,024	------w	c:\windows\ie7updates\KB958215-IE7\msrating.dll+ 2008-08-26 09:27:00	671,232	------w	c:\windows\ie7updates\KB958215-IE7\mstime.dll+ 2008-08-26 09:27:00	102,912	------w	c:\windows\ie7updates\KB958215-IE7\occache.dll+ 2008-08-26 09:27:00	44,544	------w	c:\windows\ie7updates\KB958215-IE7\pngfilt.dll+ 2007-03-06 03:28:40	216,288	------w	c:\windows\ie7updates\KB958215-IE7\spuninst\spuninst.exe+ 2007-03-06 03:29:50	386,784	------w	c:\windows\ie7updates\KB958215-IE7\spuninst\updspapi.dll+ 2008-08-26 09:27:02	105,984	------w	c:\windows\ie7updates\KB958215-IE7\url.dll+ 2008-08-26 09:27:02	1,159,680	------w	c:\windows\ie7updates\KB958215-IE7\urlmon.dll+ 2008-08-26 09:27:02	233,472	------w	c:\windows\ie7updates\KB958215-IE7\webcheck.dll+ 2008-08-26 09:27:02	826,368	------w	c:\windows\ie7updates\KB958215-IE7\wininet.dll+ 2001-07-14 16:32:24	69,632	----a-w	c:\windows\setup.pss\setupupd\temp\wsdueng.dll- 2008-08-26 09:26:56	124,928	----a-w	c:\windows\system32\advpack.dll+ 2008-10-16 20:33:24	124,928	----a-w	c:\windows\system32\advpack.dll- 2008-11-18 17:41:38	1,233,112	----a-w	c:\windows\system32\aswBoot.exe+ 2008-11-26 17:21:30	1,236,208	----a-w	c:\windows\system32\aswBoot.exe- 2008-11-18 17:35:22	97,480	----a-w	c:\windows\system32\AvastSS.scr+ 2008-11-26 17:15:10	97,480	----a-w	c:\windows\system32\AvastSS.scr- 2008-08-26 09:26:56	124,928	------w	c:\windows\system32\dllcache\advpack.dll+ 2008-10-16 20:33:24	124,928	------w	c:\windows\system32\dllcache\advpack.dll- 2008-08-26 09:26:56	347,136	------w	c:\windows\system32\dllcache\dxtmsft.dll+ 2008-10-16 20:33:24	347,136	------w	c:\windows\system32\dllcache\dxtmsft.dll- 2008-08-26 09:26:56	214,528	------w	c:\windows\system32\dllcache\dxtrans.dll+ 2008-10-16 20:33:24	214,528	------w	c:\windows\system32\dllcache\dxtrans.dll- 2008-08-26 09:26:56	133,120	------w	c:\windows\system32\dllcache\extmgr.dll+ 2008-10-16 20:33:24	133,120	------w	c:\windows\system32\dllcache\extmgr.dll- 2008-08-26 09:26:56	63,488	------w	c:\windows\system32\dllcache\icardie.dll+ 2008-10-16 20:33:24	63,488	------w	c:\windows\system32\dllcache\icardie.dll- 2008-08-26 09:26:56	153,088	------w	c:\windows\system32\dllcache\ieakeng.dll+ 2008-10-16 20:33:24	153,088	------w	c:\windows\system32\dllcache\ieakeng.dll- 2008-08-26 09:26:56	230,400	------w	c:\windows\system32\dllcache\ieaksie.dll+ 2008-10-16 20:33:24	230,400	------w	c:\windows\system32\dllcache\ieaksie.dll- 2008-08-26 09:26:56	383,488	------w	c:\windows\system32\dllcache\ieapfltr.dll+ 2008-10-16 20:33:24	383,488	------w	c:\windows\system32\dllcache\ieapfltr.dll- 2008-08-26 09:26:56	384,512	------w	c:\windows\system32\dllcache\iedkcs32.dll+ 2008-10-16 20:33:26	384,512	------w	c:\windows\system32\dllcache\iedkcs32.dll- 2008-10-03 18:26:30	6,066,176	------w	c:\windows\system32\dllcache\ieframe.dll+ 2008-10-16 20:33:28	6,066,176	------w	c:\windows\system32\dllcache\ieframe.dll- 2008-08-26 09:26:58	44,544	------w	c:\windows\system32\dllcache\iernonce.dll+ 2008-10-16 20:33:28	44,544	------w	c:\windows\system32\dllcache\iernonce.dll- 2008-08-26 09:26:58	267,776	------w	c:\windows\system32\dllcache\iertutil.dll+ 2008-10-16 20:33:28	267,776	------w	c:\windows\system32\dllcache\iertutil.dll- 2008-08-26 09:26:58	27,648	------w	c:\windows\system32\dllcache\jsproxy.dll+ 2008-10-16 20:33:30	27,648	------w	c:\windows\system32\dllcache\jsproxy.dll- 2008-08-26 09:27:00	459,264	------w	c:\windows\system32\dllcache\msfeeds.dll+ 2008-10-16 20:33:30	459,264	------w	c:\windows\system32\dllcache\msfeeds.dll- 2008-08-26 09:27:00	52,224	------w	c:\windows\system32\dllcache\msfeedsbs.dll+ 2008-10-16 20:33:30	52,224	------w	c:\windows\system32\dllcache\msfeedsbs.dll- 2008-08-26 09:27:00	477,696	------w	c:\windows\system32\dllcache\mshtmled.dll+ 2008-10-16 20:33:34	477,696	------w	c:\windows\system32\dllcache\mshtmled.dll- 2008-08-26 09:27:00	193,024	------w	c:\windows\system32\dllcache\msrating.dll+ 2008-10-16 20:33:34	193,024	------w	c:\windows\system32\dllcache\msrating.dll- 2008-08-26 09:27:00	671,232	------w	c:\windows\system32\dllcache\mstime.dll+ 2008-10-16 20:33:34	671,232	------w	c:\windows\system32\dllcache\mstime.dll- 2008-08-26 09:27:00	102,912	------w	c:\windows\system32\dllcache\occache.dll+ 2008-10-16 20:33:34	102,912	------w	c:\windows\system32\dllcache\occache.dll- 2008-08-26 09:27:00	44,544	------w	c:\windows\system32\dllcache\pngfilt.dll+ 2008-10-16 20:33:34	44,544	------w	c:\windows\system32\dllcache\pngfilt.dll- 2008-08-26 09:27:02	105,984	------w	c:\windows\system32\dllcache\url.dll+ 2008-10-16 20:33:34	105,984	------w	c:\windows\system32\dllcache\url.dll- 2008-08-26 09:27:02	1,159,680	------w	c:\windows\system32\dllcache\urlmon.dll+ 2008-10-16 20:33:34	1,160,192	------w	c:\windows\system32\dllcache\urlmon.dll- 2008-08-26 09:27:02	233,472	------w	c:\windows\system32\dllcache\webcheck.dll+ 2008-10-16 20:33:34	233,472	------w	c:\windows\system32\dllcache\webcheck.dll- 2008-08-26 09:27:02	826,368	------w	c:\windows\system32\dllcache\wininet.dll+ 2008-10-16 20:33:34	826,368	------w	c:\windows\system32\dllcache\wininet.dll- 2008-11-18 18:00:12	26,944	----a-w	c:\windows\system32\drivers\aavmker4.sys+ 2008-11-26 17:15:36	26,944	----a-w	c:\windows\system32\drivers\aavmker4.sys- 2008-11-18 18:02:44	20,560	----a-w	c:\windows\system32\drivers\aswFsBlk.sys+ 2008-11-26 17:17:26	20,560	----a-w	c:\windows\system32\drivers\aswFsBlk.sys- 2008-11-18 18:04:36	93,296	----a-w	c:\windows\system32\drivers\aswmon.sys+ 2008-11-26 17:18:26	93,296	----a-w	c:\windows\system32\drivers\aswmon.sys- 2008-11-18 18:04:22	94,032	----a-w	c:\windows\system32\drivers\aswmon2.sys+ 2008-11-26 17:18:18	94,032	----a-w	c:\windows\system32\drivers\aswmon2.sys- 2008-11-18 18:01:10	23,152	----a-w	c:\windows\system32\drivers\aswRdr.sys+ 2008-11-26 17:16:30	23,152	----a-w	c:\windows\system32\drivers\aswRdr.sys- 2008-11-18 18:03:34	110,160	----a-w	c:\windows\system32\drivers\aswSP.sys+ 2008-11-26 17:17:36	111,184	----a-w	c:\windows\system32\drivers\aswSP.sys- 2008-11-18 18:01:24	50,864	----a-w	c:\windows\system32\drivers\aswTdi.sys+ 2008-11-26 17:16:38	50,864	----a-w	c:\windows\system32\drivers\aswTdi.sys+ 2007-02-14 13:20:56	530,861	----a-w	c:\windows\system32\drivers\btaudio.sys+ 2007-02-14 13:20:58	30,459	----a-w	c:\windows\system32\drivers\btport.sys+ 2007-02-14 13:20:58	149,123	----a-w	c:\windows\system32\drivers\btwdndis.sys- 2008-08-26 09:26:56	347,136	----a-w	c:\windows\system32\dxtmsft.dll+ 2008-10-16 20:33:24	347,136	----a-w	c:\windows\system32\dxtmsft.dll- 2008-08-26 09:26:56	214,528	----a-w	c:\windows\system32\dxtrans.dll+ 2008-10-16 20:33:24	214,528	----a-w	c:\windows\system32\dxtrans.dll- 2008-08-26 09:26:56	133,120	----a-w	c:\windows\system32\extmgr.dll+ 2008-10-16 20:33:24	133,120	----a-w	c:\windows\system32\extmgr.dll- 2008-11-26 11:34:58	1,437,248	----a-w	c:\windows\system32\FNTCACHE.DAT+ 2008-12-18 09:55:26	1,437,304	----a-w	c:\windows\system32\FNTCACHE.DAT- 2008-08-26 09:26:56	63,488	----a-w	c:\windows\system32\icardie.dll+ 2008-10-16 20:33:24	63,488	----a-w	c:\windows\system32\icardie.dll- 2008-08-25 09:42:18	70,656	----a-w	c:\windows\system32\ie4uinit.exe+ 2008-10-16 13:15:02	70,656	----a-w	c:\windows\system32\ie4uinit.exe- 2008-08-26 09:26:56	153,088	----a-w	c:\windows\system32\ieakeng.dll+ 2008-10-16 20:33:24	153,088	----a-w	c:\windows\system32\ieakeng.dll- 2008-08-26 09:26:56	230,400	----a-w	c:\windows\system32\ieaksie.dll+ 2008-10-16 20:33:24	230,400	----a-w	c:\windows\system32\ieaksie.dll- 2008-08-23 06:54:52	161,792	----a-w	c:\windows\system32\ieakui.dll+ 2008-10-15 07:04:54	161,792	----a-w	c:\windows\system32\ieakui.dll- 2008-08-26 09:26:56	383,488	----a-w	c:\windows\system32\ieapfltr.dll+ 2008-10-16 20:33:24	383,488	----a-w	c:\windows\system32\ieapfltr.dll- 2008-08-26 09:26:56	384,512	----a-w	c:\windows\system32\iedkcs32.dll+ 2008-10-16 20:33:26	384,512	----a-w	c:\windows\system32\iedkcs32.dll- 2008-10-03 18:26:30	6,066,176	----a-w	c:\windows\system32\ieframe.dll+ 2008-10-16 20:33:28	6,066,176	----a-w	c:\windows\system32\ieframe.dll- 2008-08-26 09:26:58	44,544	----a-w	c:\windows\system32\iernonce.dll+ 2008-10-16 20:33:28	44,544	----a-w	c:\windows\system32\iernonce.dll- 2008-08-26 09:26:58	267,776	----a-w	c:\windows\system32\iertutil.dll+ 2008-10-16 20:33:28	267,776	----a-w	c:\windows\system32\iertutil.dll- 2008-08-25 09:38:00	13,824	----a-w	c:\windows\system32\ieudinit.exe+ 2008-10-16 13:11:10	13,824	----a-w	c:\windows\system32\ieudinit.exe- 2008-08-26 09:26:58	27,648	----a-w	c:\windows\system32\jsproxy.dll+ 2008-10-16 20:33:30	27,648	----a-w	c:\windows\system32\jsproxy.dll- 2008-11-03 15:10:26	17,318,336	----a-w	c:\windows\system32\MRT.exe+ 2008-12-09 23:24:38	17,593,280	----a-w	c:\windows\system32\MRT.exe- 2008-08-26 09:27:00	459,264	----a-w	c:\windows\system32\msfeeds.dll+ 2008-10-16 20:33:30	459,264	----a-w	c:\windows\system32\msfeeds.dll- 2008-08-26 09:27:00	52,224	----a-w	c:\windows\system32\msfeedsbs.dll+ 2008-10-16 20:33:30	52,224	----a-w	c:\windows\system32\msfeedsbs.dll- 2008-08-27 10:27:02	3,593,216	----a-w	c:\windows\system32\mshtml.dll+ 2008-10-17 01:03:34	3,593,216	----a-w	c:\windows\system32\mshtml.dll- 2008-08-26 09:27:00	477,696	----a-w	c:\windows\system32\mshtmled.dll+ 2008-10-16 20:33:34	477,696	----a-w	c:\windows\system32\mshtmled.dll- 2008-08-26 09:27:00	193,024	----a-w	c:\windows\system32\msrating.dll+ 2008-10-16 20:33:34	193,024	----a-w	c:\windows\system32\msrating.dll- 2008-08-26 09:27:00	671,232	----a-w	c:\windows\system32\mstime.dll+ 2008-10-16 20:33:34	671,232	----a-w	c:\windows\system32\mstime.dll- 2008-08-26 09:27:00	102,912	----a-w	c:\windows\system32\occache.dll+ 2008-10-16 20:33:34	102,912	----a-w	c:\windows\system32\occache.dll+ 2000-07-21 10:05:02	149,776	----a-w	c:\windows\system32\phl.dll- 2008-08-26 09:27:00	44,544	----a-w	c:\windows\system32\pngfilt.dll+ 2008-10-16 20:33:34	44,544	----a-w	c:\windows\system32\pngfilt.dll- 2008-07-08 13:20:04	19,320	------w	c:\windows\system32\spmsg.dll+ 2007-07-27 08:41:40	16,760	------w	c:\windows\system32\spmsg.dll- 2008-07-11 13:42:28	62,976	------w	c:\windows\system32\tzchange.exe+ 2008-10-23 10:07:00	62,976	------w	c:\windows\system32\tzchange.exe- 2008-08-26 09:27:02	105,984	----a-w	c:\windows\system32\url.dll+ 2008-10-16 20:33:34	105,984	----a-w	c:\windows\system32\url.dll- 2008-08-26 09:27:02	1,159,680	----a-w	c:\windows\system32\urlmon.dll+ 2008-10-16 20:33:34	1,160,192	----a-w	c:\windows\system32\urlmon.dll- 2008-08-26 09:27:02	233,472	----a-w	c:\windows\system32\webcheck.dll+ 2008-10-16 20:33:34	233,472	----a-w	c:\windows\system32\webcheck.dll- 2008-08-26 09:27:02	826,368	----a-w	c:\windows\system32\wininet.dll+ 2008-10-16 20:33:34	826,368	----a-w	c:\windows\system32\wininet.dll+ 2008-12-18 09:55:22	16,384	----a-w	c:\windows\Temp\Perflib_Perfdata_668.dat.-- Migawka wyzerowana --.(((((((((((((((((((((((((((((((((((((   Wpisy startowe rejestru   ))))))))))))))))))))))))))))))))))))))))))))))))))..*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane REGEDIT4[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-01-18 1028096]"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2008-11-26 81000]"DAEMON Tools-1033"="c:\program files\D-Tools\daemon.exe" [2004-08-22 81920][HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]c:\documents and settings\ťukasz\Menu Start\Programy\Autostart\USDownloader.exe.lnk - c:\documents and settings\ťukasz\Pulpit\Najnowszy_USDownloader_03.07.2008__up_by_AMH\Najnowszy USDownloader 03.07.2008__up by AMH\USDownloader.exe [2008-09-03 529920]c:\documents and settings\All Users\Menu Start\Programy\Autostart\Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-02-13 83360]BTTray.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2007-02-06 561213][HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]"msacm.iac2"= c:\progra~1\ACEMEG~1\SystemS\Intel\iac25_32.ax"msacm.sl_anet"= c:\progra~1\ACEMEG~1\SystemS\sl_anet.acm"vidc.yv12"= c:\progra~1\ACEMEG~1\SystemS\ATI\atiyuv12.DLL"vidc.divx"= c:\progra~1\ACEMEG~1\SystemS\DivX\DivX520.dll"vidc.iyuv"= c:\progra~1\ACEMEG~1\SystemS\Intel\iyuv_32.dll"vidc.yvu9"= c:\progra~1\ACEMEG~1\SystemS\Intel\Iyvu9_32.dll"vidc.uyvy"= c:\progra~1\ACEMEG~1\SystemS\MICROS~1\msyuv.dll"vidc.yuy2"= c:\progra~1\ACEMEG~1\SystemS\MICROS~1\msyuv.dll"vidc.yvyu"= c:\progra~1\ACEMEG~1\SystemS\MICROS~1\msyuv.dll"msacm.msaudio1"= c:\progra~1\ACEMEG~1\SystemS\MICROS~1\msaud32.acm[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]@="Driver"[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]"%windir%\\system32\\sessmgr.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe"="c:\\WINDOWS\\System32\\mmc.exe"="c:\\Program Files\\Vuze\\Azureus.exe"="c:\\Program Files\\eMule\\eMule.exe"="c:\\Program Files\\Gadu-Gadu\\gg.exe"="c:\\Program Files\\Postal2STP\\System\\Postal2MP.exe"="c:\\Documents and Settings\\Łukasz\\temp\\TeamViewer3\\TeamViewer.exe"="c:\\WINDOWS\\System32\\usmt\\migwiz.exe"="c:\\Program Files\\ESTsoft\\ALFTP\\ALFTP.exe"="c:\\Program Files\\BearShare Applications\\BearShare\\BearShare.exe"="c:\\Documents and Settings\\Łukasz\\Pulpit\\Najnowszy_USDownloader_03.07.2008__up_by_AMH\\Najnowszy USDownloader 03.07.2008__up by AMH\\USDownloader.exe"=[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]"AllowInboundEchoRequest"= 1 (0x1)R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2008-08-24 111184]R2 aswFsBlk;aswFsBlk;c:\windows\system32\DRIVERS\aswFsBlk.sys [2008-08-24 20560]S2 gupdate1c916a7e527e4da;Google Update Service (gupdate1c916a7e527e4da);"c:\program files\Google\Update\GoogleUpdate.exe" /svc [2008-09-14 133104]S3 Com4QLBEx;Com4QLBEx;"c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe" [2008-08-18 193840]HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - NetSvcsUxTuneUp*Newly Created Service* - CATCHME.Zawartość folderu 'Zaplanowane zadania'2008-12-18 c:\windows\Tasks\GoogleUpdateTaskMachine.job- c:\program files\Google\Update\GoogleUpdate.exe [2008-09-14 22:24]..------- Skan uzupełniający -------.uStart Page = hxxp://www.spolszczenia.pl.prv.pl/uInternet Settings,ProxyServer = 10.0.10.2:8080uInternet Settings,ProxyOverride = *.localIE: E&ksport do programu Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000IE: Wyślij do urządzenia &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htmc:\windows\system32\SkanerOnlineUninstall.exe - c:\windows\system32\SkanerOnline.dllO16 -: {68282C51-9459-467B-95BF-3C0E89627E55}hxxp://www.mks.com.pl/skaner/SkanerOnline.cabc:\windows\Downloaded Program Files\SkanerOnline.infFF - ProfilePath - c:\documents and settings\Łukasz\Dane aplikacji\Mozilla\Firefox\Profiles\lnkutby1.default\FF - prefs.js: browser.startup.homepage - hxxp://www.google.pl/igFF - prefs.js: network.proxy.http - 10.0.10.2FF - prefs.js: network.proxy.http_port - 8080FF - prefs.js: network.proxy.type - 1FF - component: c:\program files\Google\Google Gears\Firefox\components\gears.dllFF - plugin: c:\documents and settings\Ĺukasz\Dane aplikacji\Mozilla\plugins\npPxPlay.dllATTENTION: FIREFOX POLICES IS IN FORCE c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.rights.version", 3);c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.rights.3.shown", false);.**************************************************************************catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.netRootkit scan 2008-12-18 16:11:51Windows 5.1.2600 Dodatek Service Pack 3 FAT NTAPIskanowanie ukrytych procesów ... skanowanie ukrytych wpisów autostartu ...skanowanie ukrytych plików ... skanowanie pomyślnie ukończoneukryte pliki: 0**************************************************************************.--------------------- Pliki DLL ładowane pod uruchomionymi procesami ---------------------- - - - - - - > 'winlogon.exe'(716)c:\windows\system32\Ati2evxx.dll.Czas ukończenia: 2008-12-18 16:12:21ComboFix-quarantined-files.txt  2008-12-18 15:12:20ComboFix2.txt  2008-11-28 22:03:16Przed: 10 999 644 160 bajtów wolnychPo: 11,017,322,496 bajtów wolnych360	--- E O F ---	2008-12-18 09:30:17

Gość
komentarz
komentarz

Wklej do Notatnika:

File::c:\windows\C11F06.dmpFolder::C:\FOUND.004C:\VundoFix BackupDriver::gupdate1c916a7e527e4da

>>Plik>>Zapisz jako... >>> CFScript

Przeciągnij i upuść plik CFScript.txt na plik ComboFix.exe

-->cfscriptb5b4me3.gif

Ma się rozpocząć usuwanie. (i powstanie log).Daj ten log, który powstanie w trakcie usuwania.

Jeśli pójdzie dobrze, to: Po restarcie usuń ręcznie folder C:\Qoobox.

HJT - czysto. ;)

Mateusz J.
komentarz
komentarz

Logi ogólnie czyste, nie ma niczego groźnego, ale o tym post wyżej.

Co do Twojego problemu:

Trzymaj cały czas shift, zmień widok na ikony, a następnie na miniatury.

W tym momencie powinno być po problemie.

Pirzyk
komentarz
komentarz
ComboFix 08-12-17.01 - Łukasz 2008-12-18 16:30:04.3 - [b]FAT32[/b]x86Microsoft Windows XP Professional  5.1.2600.3.1250.1.1045.18.2047.1471 [GMT 1:00]Uruchomiony z: d:\programy\anty virusy\ComboFix.exeUżyto następujących komend :: d:\programy\anty virusy\CFScript.txt * Utworzono nowy punkt przywracaniaFILE ::c:\windows\C11F06.dmp.(((((((((((((((((((((((((((((((((((((((   Usunięto   ))))))))))))))))))))))))))))))))))))))))))))))))).C:\FOUND.004c:\found.004\FILE0000.CHKc:\found.004\FILE0001.CHKc:\found.004\FILE0002.CHKc:\found.004\FILE0003.CHKc:\found.004\FILE0004.CHKc:\found.004\FILE0005.CHKc:\found.004\FILE0006.CHKc:\found.004\FILE0007.CHKc:\found.004\FILE0008.CHKc:\found.004\FILE0009.CHKc:\found.004\FILE0010.CHKc:\found.004\FILE0011.CHKc:\found.004\FILE0012.CHKc:\found.004\FILE0013.CHKc:\found.004\FILE0014.CHKc:\windows\C11F06.dmp.(((((((((((((((((((((((((((((((((((((((   Sterowniki/Usługi   ))))))))))))))))))))))))))))))))))))))))))))))))).-------\Legacy_GUPDATE1C916A7E527E4DA-------\Service_gupdate1c916a7e527e4da(((((((((((((((((((((((((   Pliki utworzone od 2008-11-18 do 2008-12-18  ))))))))))))))))))))))))))))))).2008-12-09 21:31 . 2008-12-09 21:31	<DIR>	d--------	c:\program files\NokiaFREE Unlock Codes Calculator2008-12-07 13:55 . 2008-12-07 13:55	<DIR>	d--------	c:\program files\SiSoftware2008-12-03 14:45 . 2008-12-03 14:45	<DIR>	d--------	c:\documents and settings\Ela\Dane aplikacji\EstSoft2008-12-01 22:56 . 2008-12-01 22:56	<DIR>	d--------	C:\Downloads2008-12-01 14:16 . 2008-12-01 14:16	<DIR>	d--------	c:\documents and settings\Łukasz\Dane aplikacji\EssentialPIM2008-11-30 21:49 . 2008-11-30 21:49	<DIR>	d--------	c:\program files\EssentialPIM2008-11-30 21:49 . 2008-11-30 21:49	<DIR>	d--------	c:\documents and settings\Ela\Dane aplikacji\EssentialPIM2008-11-30 21:46 . 2008-11-30 21:46	<DIR>	d--------	c:\program files\GNUTU2008-11-29 04:15 . 2008-11-29 04:15	<DIR>	d--------	c:\program files\MSECache2008-11-29 02:28 . 2008-11-29 02:28	<DIR>	d--------	c:\program files\HHD Software2008-11-29 00:25 . 2008-11-29 00:25	<DIR>	d--------	c:\documents and settings\Łukasz\Bluetooth Software2008-11-29 00:25 . 2008-11-29 00:25	<DIR>	d--------	c:\documents and settings\Łukasz\Bluetooth Software2008-11-28 22:38 . 2008-11-28 22:39	24,576	--a------	c:\windows\system32\VundoFixSVC.exe2008-11-28 22:16 . 2008-11-28 22:16	<DIR>	d--------	C:\VundoFix Backups2008-11-26 15:07 . 2008-11-26 15:07	<DIR>	d--------	c:\documents and settings\All Users\Dane aplikacji\122BF2008-11-26 15:06 . 2008-11-26 15:06	<DIR>	d--------	C:\My Downloads2008-11-26 15:03 . 2008-11-26 15:03	<DIR>	d--------	c:\program files\BearShare Applications2008-11-26 15:02 . 2008-11-26 15:02	58	--a------	c:\windows\wininit.ini2008-11-22 19:16 . 2008-11-24 09:27	13,030	--a------	C:\PDOXUSRS.NET2008-11-22 19:14 . 2008-11-22 19:14	<DIR>	d--------	c:\program files\Common Files\Borland Shared2008-11-22 19:13 . 2008-11-22 19:13	<DIR>	d--------	c:\program files\GlobalServices.((((((((((((((((((((((((((((((((((((((((   Sekcja Find3M   )))))))))))))))))))))))))))))))))))))))))))))))))))).2008-11-27 05:58	22,328	----a-w	c:\windows\system32\drivers\PnkBstrK.sys2008-11-27 05:57	103,736	----a-w	c:\windows\system32\PnkBstrB.exe2008-11-12 22:17	---------	d-----w	c:\program files\Budzik2008-11-12 17:45	---------	d-----w	c:\program files\Euro Truck Simulator2008-11-10 19:12	66,872	----a-w	c:\windows\system32\PnkBstrA.exe2008-11-07 14:21	---------	d-----w	c:\program files\Zemsta Kujona2008-11-06 14:47	---------	d-----w	c:\program files\directx2008-11-06 14:45	---------	d-----w	c:\program files\Rockstar Games2008-11-06 14:29	---------	d-----w	c:\program files\Prawo Jazdy 20062008-11-05 09:02	---------	d-----w	c:\program files\Astro Gemini Software2008-10-24 11:21	455,296	----a-w	c:\windows\system32\drivers\mrxsmb.sys2008-10-24 11:21	455,296	------w	c:\windows\system32\dllcache\mrxsmb.sys2008-10-23 12:42	286,720	----a-w	c:\windows\system32\gdi32.dll2008-10-23 12:42	286,720	------w	c:\windows\system32\dllcache\gdi32.dll2008-10-17 01:03	3,593,216	------w	c:\windows\system32\dllcache\mshtml.dll2008-10-16 13:15	70,656	------w	c:\windows\system32\dllcache\ie4uinit.exe2008-10-16 13:13	202,776	----a-w	c:\windows\system32\wuweb.dll2008-10-16 13:13	202,776	----a-w	c:\windows\system32\dllcache\wuweb.dll2008-10-16 13:13	1,809,944	----a-w	c:\windows\system32\wuaueng.dll2008-10-16 13:13	1,809,944	----a-w	c:\windows\system32\dllcache\wuaueng.dll2008-10-16 13:12	561,688	----a-w	c:\windows\system32\wuapi.dll2008-10-16 13:12	561,688	----a-w	c:\windows\system32\dllcache\wuapi.dll2008-10-16 13:12	323,608	----a-w	c:\windows\system32\wucltui.dll2008-10-16 13:12	323,608	----a-w	c:\windows\system32\dllcache\wucltui.dll2008-10-16 13:11	13,824	------w	c:\windows\system32\dllcache\ieudinit.exe2008-10-16 13:09	92,696	----a-w	c:\windows\system32\dllcache\cdm.dll2008-10-16 13:09	92,696	----a-w	c:\windows\system32\cdm.dll2008-10-16 13:09	51,224	----a-w	c:\windows\system32\wuauclt.exe2008-10-16 13:09	51,224	----a-w	c:\windows\system32\dllcache\wuauclt.exe2008-10-16 13:09	43,544	----a-w	c:\windows\system32\wups2.dll2008-10-16 13:08	34,328	----a-w	c:\windows\system32\wups.dll2008-10-16 13:08	34,328	----a-w	c:\windows\system32\dllcache\wups.dll2008-10-15 17:36	337,408	------w	c:\windows\system32\dllcache\netapi32.dll2008-10-15 07:06	633,632	------w	c:\windows\system32\dllcache\iexplore.exe2008-10-15 07:04	161,792	----a-w	c:\windows\system32\dllcache\ieakui.dll2008-10-12 22:00	361,728	----a-w	c:\windows\system32\TuneUpDefragService.exe2008-10-10 10:47	22,008	----a-w	c:\documents and settings\Łukasz\Dane aplikacji\GDIPFONTCACHEV1.DAT2008-10-08 20:10	4,608	----a-w	c:\windows\system32\w95inf32.dll2008-10-08 20:10	2,272	----a-w	c:\windows\system32\w95inf16.dll2008-10-04 22:06	107,888	----a-w	c:\windows\system32\CmdLineExt.dll2008-10-03 10:04	247,326	----a-w	c:\windows\system32\strmdll.dll2008-10-03 10:04	247,326	----a-w	c:\windows\system32\dllcache\strmdll.dll2008-09-30 15:43	1,286,152	----a-w	c:\windows\system32\msxml4.dll2008-09-19 18:20	73,063,401	----a-w	c:\windows\Kocham Cię.scr2008-09-14 00:26	2,971	----a-w	c:\program files\Common Files\unins000.dat2008-09-14 00:25	730,121	----a-w	c:\program files\Common Files\unins000.exe2008-08-17 23:13	81,920	----a-w	c:\documents and settings\Łukasz\Dane aplikacji\ezpinst.exe2008-08-17 23:13	47,360	----a-w	c:\documents and settings\Łukasz\Dane aplikacji\pcouffin.sys2008-03-09 06:25	236	---ha-w	c:\program files\Common Files\dx.reg.(((((((((((((((((((((((((((((   snapshot_2008-12-18_16.12.03,51   ))))))))))))))))))))))))))))))))))))))))).+ 2008-12-18 15:35:22	16,384	----a-w	c:\windows\Temp\Perflib_Perfdata_654.dat.(((((((((((((((((((((((((((((((((((((   Wpisy startowe rejestru   ))))))))))))))))))))))))))))))))))))))))))))))))))..*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane REGEDIT4[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-01-18 1028096]"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2008-11-26 81000]"DAEMON Tools-1033"="c:\program files\D-Tools\daemon.exe" [2004-08-22 81920][HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]c:\documents and settings\ťukasz\Menu Start\Programy\Autostart\USDownloader.exe.lnk - c:\documents and settings\ťukasz\Pulpit\Najnowszy_USDownloader_03.07.2008__up_by_AMH\Najnowszy USDownloader 03.07.2008__up by AMH\USDownloader.exe [2008-09-03 529920]c:\documents and settings\All Users\Menu Start\Programy\Autostart\Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-02-13 83360]BTTray.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2007-02-06 561213][HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]"msacm.iac2"= c:\progra~1\ACEMEG~1\SystemS\Intel\iac25_32.ax"msacm.sl_anet"= c:\progra~1\ACEMEG~1\SystemS\sl_anet.acm"vidc.yv12"= c:\progra~1\ACEMEG~1\SystemS\ATI\atiyuv12.DLL"vidc.divx"= c:\progra~1\ACEMEG~1\SystemS\DivX\DivX520.dll"vidc.iyuv"= c:\progra~1\ACEMEG~1\SystemS\Intel\iyuv_32.dll"vidc.yvu9"= c:\progra~1\ACEMEG~1\SystemS\Intel\Iyvu9_32.dll"vidc.uyvy"= c:\progra~1\ACEMEG~1\SystemS\MICROS~1\msyuv.dll"vidc.yuy2"= c:\progra~1\ACEMEG~1\SystemS\MICROS~1\msyuv.dll"vidc.yvyu"= c:\progra~1\ACEMEG~1\SystemS\MICROS~1\msyuv.dll"msacm.msaudio1"= c:\progra~1\ACEMEG~1\SystemS\MICROS~1\msaud32.acm[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]@="Driver"[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]"%windir%\\system32\\sessmgr.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe"="c:\\WINDOWS\\System32\\mmc.exe"="c:\\Program Files\\Vuze\\Azureus.exe"="c:\\Program Files\\eMule\\eMule.exe"="c:\\Program Files\\Gadu-Gadu\\gg.exe"="c:\\Program Files\\Postal2STP\\System\\Postal2MP.exe"="c:\\Documents and Settings\\Łukasz\\temp\\TeamViewer3\\TeamViewer.exe"="c:\\WINDOWS\\System32\\usmt\\migwiz.exe"="c:\\Program Files\\ESTsoft\\ALFTP\\ALFTP.exe"="c:\\Program Files\\BearShare Applications\\BearShare\\BearShare.exe"="c:\\Documents and Settings\\Łukasz\\Pulpit\\Najnowszy_USDownloader_03.07.2008__up_by_AMH\\Najnowszy USDownloader 03.07.2008__up by AMH\\USDownloader.exe"=[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]"AllowInboundEchoRequest"= 1 (0x1)R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2008-08-24 111184]R2 aswFsBlk;aswFsBlk;c:\windows\system32\DRIVERS\aswFsBlk.sys [2008-08-24 20560]S3 Com4QLBEx;Com4QLBEx;"c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe" [2008-08-18 193840]HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - NetSvcsUxTuneUp.Zawartość folderu 'Zaplanowane zadania'2008-12-18 c:\windows\Tasks\GoogleUpdateTaskMachine.job- c:\program files\Google\Update\GoogleUpdate.exe [2008-09-14 22:24]..------- Skan uzupełniający -------.uStart Page = hxxp://www.spolszczenia.pl.prv.pl/uInternet Settings,ProxyServer = 10.0.10.2:8080uInternet Settings,ProxyOverride = *.localIE: E&ksport do programu Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000IE: Wyślij do urządzenia &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htmc:\windows\system32\SkanerOnlineUninstall.exe - c:\windows\system32\SkanerOnline.dllO16 -: {68282C51-9459-467B-95BF-3C0E89627E55}hxxp://www.mks.com.pl/skaner/SkanerOnline.cabc:\windows\Downloaded Program Files\SkanerOnline.infFF - ProfilePath - c:\documents and settings\Łukasz\Dane aplikacji\Mozilla\Firefox\Profiles\lnkutby1.default\FF - prefs.js: browser.startup.homepage - hxxp://www.google.pl/igFF - prefs.js: network.proxy.http - 10.0.10.2FF - prefs.js: network.proxy.http_port - 8080FF - prefs.js: network.proxy.type - 1FF - component: c:\program files\Google\Google Gears\Firefox\components\gears.dllFF - plugin: c:\documents and settings\Ĺ?ukasz\Dane aplikacji\Mozilla\plugins\npPxPlay.dllATTENTION: FIREFOX POLICES IS IN FORCE c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.rights.version", 3);c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.rights.3.shown", false);.**************************************************************************catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.netRootkit scan 2008-12-18 16:35:55Windows 5.1.2600 Dodatek Service Pack 3 FAT NTAPIskanowanie ukrytych procesów ... skanowanie ukrytych wpisów autostartu ...skanowanie ukrytych plików ... skanowanie pomyślnie ukończoneukryte pliki: 0**************************************************************************.--------------------- Pliki DLL ładowane pod uruchomionymi procesami ---------------------- - - - - - - > 'winlogon.exe'(720)c:\windows\system32\Ati2evxx.dll.------------------------ Pozostałe uruchomione procesy ------------------------.c:\windows\system32\Ati2evxx.exec:\windows\system32\Ati2evxx.exec:\program files\WIDCOMM\Bluetooth Software\bin\btwdins.exec:\program files\Alwil Software\Avast4\aswUpdSv.exec:\program files\Alwil Software\Avast4\ashServ.exec:\windows\system32\agrsmsvc.exec:\program files\Common Files\Microsoft Shared\VS7Debug\mdm.exec:\windows\system32\PnkBstrA.exec:\program files\Photodex\ProShowProducer\ScsiAccess.exec:\windows\system32\wdfmgr.exec:\program files\Alwil Software\Avast4\ashMaiSv.exec:\program files\Alwil Software\Avast4\ashWebSv.exec:\documents and settings\c:\program files\Microsoft Office\Office10\msoffice.exec:\program files\Alwil Software\Avast4\setup\avast.setup.**************************************************************************.Czas ukończenia: 2008-12-18 16:37:36 - komputer został uruchomiony ponownieComboFix-quarantined-files.txt  2008-12-18 15:37:36ComboFix3.txt  2008-11-28 22:03:16ComboFix2.txt  2008-12-18 15:12:24Przed: 11 040 358 400 bajtów wolnychPo: 11,023,220,736 bajtów wolnych231	--- E O F ---	2008-12-18 09:30:17
Trzymaj cały czas shift, zmień widok na ikony, a następnie na miniatury.

W tym momencie powinno być po problemie.

pomogło dzięki za pomoc ;)

Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!

Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.

×
×
  • Dodaj nową pozycję...

Powiadomienie o plikach cookie

Strona wykorzystuje pliki cookies w celu prawidłowego świadczenia usług i wygody użytkowników. Warunki przechowywania i dostępu do plików cookies możesz zmienić w ustawieniach przeglądarki.