Pirzyk utworzono 18 grudnia 2008 utworzono 18 grudnia 2008 w zasadzie chodzi mi o to tutaj HijackThis: Logfile of Trend Micro HijackThis v2.0.2Scan saved at 16:05:59, on 2008-12-18Platform: Windows XP Dodatek SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.16762)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exeC:\WINDOWS\system32\Ati2evxx.exeC:\Program Files\Alwil Software\Avast4\aswUpdSv.exeC:\Program Files\Alwil Software\Avast4\ashServ.exeC:\WINDOWS\system32\spoolsv.exeC:\Program Files\Google\Update\GoogleUpdate.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\system32\agrsmsvc.exeC:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exeC:\WINDOWS\system32\PnkBstrA.exeC:\Program Files\Photodex\ProShowProducer\ScsiAccess.exeC:\Program Files\Synaptics\SynTP\SynTPEnh.exeC:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exeC:\Program Files\D-Tools\daemon.exeC:\WINDOWS\system32\ctfmon.exeC:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exeC:\Program Files\Microsoft Office\Office10\msoffice.exeC:\Documents and Settings\Łukasz\Pulpit\Najnowszy_USDownloader_03.07.2008__up_by_AMH\Najnowszy USDownloader 03.07.2008__up by AMH\USDownloader.exeC:\Program Files\Alwil Software\Avast4\ashMaiSv.exeC:\Program Files\Alwil Software\Avast4\ashWebSv.exeC:\WINDOWS\system32\svchost.exeC:\Program Files\ivo\Expressivo\expressivo.exeC:\Program Files\Mozilla Firefox\firefox.exeC:\Program Files\Gadu-Gadu\gg.exeC:\Program Files\Winamp\winamp.exeD:\programy\anty virusy\HiJackThis.exeR0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.spolszczenia.pl.prv.pl/R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 10.0.10.2:8080R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.localR0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = ŁączaO2 - BHO: Google Gears Helper - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.4.2\gears.dllO4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exeO4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exeO4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exeO4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')O4 - Startup: USDownloader.exe.lnk = ?O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXEO4 - Global Startup: BTTray.lnk = ?O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000O8 - Extra context menu item: Wyślij do urządzenia &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htmO9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dllO9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dllO9 - Extra button: (no name) - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.4.2\gears.dllO9 - Extra 'Tools' menuitem: Ustawienia wtyczki &Gears - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.4.2\gears.dllO9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htmO9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htmO9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exeO9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exeO9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} (MksSkanerOnline Class) - http://www.mks.com.pl/skaner/SkanerOnline.cabO16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1221069933409O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\WINDOWS\system32\agrsmsvc.exeO23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exeO23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exeO23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exeO23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exeO23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exeO23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Unknown owner - C:\Program Files\Bonjour\mDNSResponder.exe (file missing)O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exeO23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exeO23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exeO23 - Service: Google Update Service (gupdate1c916a7e527e4da) (gupdate1c916a7e527e4da) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exeO23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exeO23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exeO23 - Service: ScsiAccess - Unknown owner - C:\Program Files\Photodex\ProShowProducer\ScsiAccess.exeO23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe--End of file - 7258 bytes ComboFix: ComboFix 08-12-17.01 - Łukasz 2008-12-18 16:10:23.2 - [b]FAT32[/b]x86Microsoft Windows XP Professional 5.1.2600.3.1250.1.1045.18.2047.1437 [GMT 1:00]Uruchomiony z: d:\programy\anty virusy\ComboFix.exe * Utworzono nowy punkt przywracania.((((((((((((((((((((((((((((((((((((((( Usunięto ))))))))))))))))))))))))))))))))))))))))))))))))).c:\windows\system32\wVpmlLeF.dll.((((((((((((((((((((((((( Pliki utworzone od 2008-11-18 do 2008-12-18 ))))))))))))))))))))))))))))))).2008-12-09 21:31 . 2008-12-09 21:31 <DIR> d-------- c:\program files\NokiaFREE Unlock Codes Calculator2008-12-07 13:55 . 2008-12-07 13:55 <DIR> d-------- c:\program files\SiSoftware2008-12-03 14:45 . 2008-12-03 14:45 <DIR> d-------- c:\documents and settings\Ela\Dane aplikacji\EstSoft2008-12-02 14:59 . 2008-12-02 14:59 <DIR> d--hs---- C:\FOUND.0042008-12-01 22:56 . 2008-12-01 22:56 <DIR> d-------- C:\Downloads2008-12-01 14:16 . 2008-12-01 14:16 <DIR> d-------- c:\documents and settings\Łukasz\Dane aplikacji\EssentialPIM2008-11-30 21:49 . 2008-11-30 21:49 <DIR> d-------- c:\program files\EssentialPIM2008-11-30 21:49 . 2008-11-30 21:49 <DIR> d-------- c:\documents and settings\Ela\Dane aplikacji\EssentialPIM2008-11-30 21:46 . 2008-11-30 21:46 <DIR> d-------- c:\program files\GNUTU2008-11-29 04:15 . 2008-11-29 04:15 <DIR> d-------- c:\program files\MSECache2008-11-29 02:31 . 2008-11-29 02:31 0 --a------ c:\windows\C11F06.dmp2008-11-29 02:28 . 2008-11-29 02:28 <DIR> d-------- c:\program files\HHD Software2008-11-29 00:25 . 2008-11-29 00:25 <DIR> d-------- c:\documents and settings\Łukasz\Bluetooth Software2008-11-29 00:25 . 2008-11-29 00:25 <DIR> d-------- c:\documents and settings\Łukasz\Bluetooth Software2008-11-28 22:38 . 2008-11-28 22:39 24,576 --a------ c:\windows\system32\VundoFixSVC.exe2008-11-28 22:16 . 2008-11-28 22:16 <DIR> d-------- C:\VundoFix Backups2008-11-26 15:07 . 2008-11-26 15:07 <DIR> d-------- c:\documents and settings\All Users\Dane aplikacji\122BF2008-11-26 15:06 . 2008-11-26 15:06 <DIR> d-------- C:\My Downloads2008-11-26 15:03 . 2008-11-26 15:03 <DIR> d-------- c:\program files\BearShare Applications2008-11-26 15:02 . 2008-11-26 15:02 58 --a------ c:\windows\wininit.ini2008-11-22 19:16 . 2008-11-24 09:27 13,030 --a------ C:\PDOXUSRS.NET2008-11-22 19:14 . 2008-11-22 19:14 <DIR> d-------- c:\program files\Common Files\Borland Shared2008-11-22 19:13 . 2008-11-22 19:13 <DIR> d-------- c:\program files\GlobalServices.(((((((((((((((((((((((((((((((((((((((( Sekcja Find3M )))))))))))))))))))))))))))))))))))))))))))))))))))).2008-11-27 05:58 22,328 ----a-w c:\windows\system32\drivers\PnkBstrK.sys2008-11-27 05:57 103,736 ----a-w c:\windows\system32\PnkBstrB.exe2008-11-12 22:17 --------- d-----w c:\program files\Budzik2008-11-12 17:45 --------- d-----w c:\program files\Euro Truck Simulator2008-11-10 19:12 66,872 ----a-w c:\windows\system32\PnkBstrA.exe2008-11-07 14:21 --------- d-----w c:\program files\Zemsta Kujona2008-11-06 14:47 --------- d-----w c:\program files\directx2008-11-06 14:45 --------- d-----w c:\program files\Rockstar Games2008-11-06 14:29 --------- d-----w c:\program files\Prawo Jazdy 20062008-11-05 09:02 --------- d-----w c:\program files\Astro Gemini Software2008-10-24 11:21 455,296 ----a-w c:\windows\system32\drivers\mrxsmb.sys2008-10-24 11:21 455,296 ------w c:\windows\system32\dllcache\mrxsmb.sys2008-10-23 12:42 286,720 ----a-w c:\windows\system32\gdi32.dll2008-10-23 12:42 286,720 ------w c:\windows\system32\dllcache\gdi32.dll2008-10-17 01:03 3,593,216 ------w c:\windows\system32\dllcache\mshtml.dll2008-10-16 13:15 70,656 ------w c:\windows\system32\dllcache\ie4uinit.exe2008-10-16 13:13 202,776 ----a-w c:\windows\system32\wuweb.dll2008-10-16 13:13 202,776 ----a-w c:\windows\system32\dllcache\wuweb.dll2008-10-16 13:13 1,809,944 ----a-w c:\windows\system32\wuaueng.dll2008-10-16 13:13 1,809,944 ----a-w c:\windows\system32\dllcache\wuaueng.dll2008-10-16 13:12 561,688 ----a-w c:\windows\system32\wuapi.dll2008-10-16 13:12 561,688 ----a-w c:\windows\system32\dllcache\wuapi.dll2008-10-16 13:12 323,608 ----a-w c:\windows\system32\wucltui.dll2008-10-16 13:12 323,608 ----a-w c:\windows\system32\dllcache\wucltui.dll2008-10-16 13:11 13,824 ------w c:\windows\system32\dllcache\ieudinit.exe2008-10-16 13:09 92,696 ----a-w c:\windows\system32\dllcache\cdm.dll2008-10-16 13:09 92,696 ----a-w c:\windows\system32\cdm.dll2008-10-16 13:09 51,224 ----a-w c:\windows\system32\wuauclt.exe2008-10-16 13:09 51,224 ----a-w c:\windows\system32\dllcache\wuauclt.exe2008-10-16 13:09 43,544 ----a-w c:\windows\system32\wups2.dll2008-10-16 13:08 34,328 ----a-w c:\windows\system32\wups.dll2008-10-16 13:08 34,328 ----a-w c:\windows\system32\dllcache\wups.dll2008-10-15 17:36 337,408 ------w c:\windows\system32\dllcache\netapi32.dll2008-10-15 07:06 633,632 ------w c:\windows\system32\dllcache\iexplore.exe2008-10-15 07:04 161,792 ----a-w c:\windows\system32\dllcache\ieakui.dll2008-10-12 22:00 361,728 ----a-w c:\windows\system32\TuneUpDefragService.exe2008-10-10 10:47 22,008 ----a-w c:\documents and settings\Łukasz\Dane aplikacji\GDIPFONTCACHEV1.DAT2008-10-08 20:10 4,608 ----a-w c:\windows\system32\w95inf32.dll2008-10-08 20:10 2,272 ----a-w c:\windows\system32\w95inf16.dll2008-10-04 22:06 107,888 ----a-w c:\windows\system32\CmdLineExt.dll2008-10-03 10:04 247,326 ----a-w c:\windows\system32\strmdll.dll2008-10-03 10:04 247,326 ----a-w c:\windows\system32\dllcache\strmdll.dll2008-09-30 15:43 1,286,152 ----a-w c:\windows\system32\msxml4.dll2008-09-19 18:20 73,063,401 ----a-w c:\windows\Kocham Cię.scr2008-09-14 00:26 2,971 ----a-w c:\program files\Common Files\unins000.dat2008-09-14 00:25 730,121 ----a-w c:\program files\Common Files\unins000.exe2008-08-17 23:13 81,920 ----a-w c:\documents and settings\Łukasz\Dane aplikacji\ezpinst.exe2008-08-17 23:13 47,360 ----a-w c:\documents and settings\Łukasz\Dane aplikacji\pcouffin.sys2008-03-09 06:25 236 ---ha-w c:\program files\Common Files\dx.reg.((((((((((((((((((((((((((((( snapshot@2008-11-28_23.02.52.79 ))))))))))))))))))))))))))))))))))))))))).+ 2008-08-26 09:26:56 124,928 ------w c:\windows\ie7updates\KB958215-IE7\advpack.dll+ 2008-08-26 09:26:56 347,136 ------w c:\windows\ie7updates\KB958215-IE7\dxtmsft.dll+ 2008-08-26 09:26:56 214,528 ------w c:\windows\ie7updates\KB958215-IE7\dxtrans.dll+ 2008-08-26 09:26:56 133,120 ------w c:\windows\ie7updates\KB958215-IE7\extmgr.dll+ 2008-08-26 09:26:56 63,488 ------w c:\windows\ie7updates\KB958215-IE7\icardie.dll+ 2008-08-25 09:42:18 70,656 ------w c:\windows\ie7updates\KB958215-IE7\ie4uinit.exe+ 2008-08-26 09:26:56 153,088 ------w c:\windows\ie7updates\KB958215-IE7\ieakeng.dll+ 2008-08-26 09:26:56 230,400 ------w c:\windows\ie7updates\KB958215-IE7\ieaksie.dll+ 2008-08-23 06:54:52 161,792 ------w c:\windows\ie7updates\KB958215-IE7\ieakui.dll+ 2008-08-26 09:26:56 383,488 ------w c:\windows\ie7updates\KB958215-IE7\ieapfltr.dll+ 2008-08-26 09:26:56 384,512 ------w c:\windows\ie7updates\KB958215-IE7\iedkcs32.dll+ 2008-10-03 18:26:30 6,066,176 ------w c:\windows\ie7updates\KB958215-IE7\ieframe.dll+ 2008-08-26 09:26:58 44,544 ------w c:\windows\ie7updates\KB958215-IE7\iernonce.dll+ 2008-08-26 09:26:58 267,776 ------w c:\windows\ie7updates\KB958215-IE7\iertutil.dll+ 2008-08-25 09:38:00 13,824 ------w c:\windows\ie7updates\KB958215-IE7\ieudinit.exe+ 2008-08-23 06:56:16 635,848 ------w c:\windows\ie7updates\KB958215-IE7\iexplore.exe+ 2008-08-26 09:26:58 27,648 ------w c:\windows\ie7updates\KB958215-IE7\jsproxy.dll+ 2008-08-26 09:27:00 459,264 ------w c:\windows\ie7updates\KB958215-IE7\msfeeds.dll+ 2008-08-26 09:27:00 52,224 ------w c:\windows\ie7updates\KB958215-IE7\msfeedsbs.dll+ 2008-08-27 10:27:02 3,593,216 ------w c:\windows\ie7updates\KB958215-IE7\mshtml.dll+ 2008-08-26 09:27:00 477,696 ------w c:\windows\ie7updates\KB958215-IE7\mshtmled.dll+ 2008-08-26 09:27:00 193,024 ------w c:\windows\ie7updates\KB958215-IE7\msrating.dll+ 2008-08-26 09:27:00 671,232 ------w c:\windows\ie7updates\KB958215-IE7\mstime.dll+ 2008-08-26 09:27:00 102,912 ------w c:\windows\ie7updates\KB958215-IE7\occache.dll+ 2008-08-26 09:27:00 44,544 ------w c:\windows\ie7updates\KB958215-IE7\pngfilt.dll+ 2007-03-06 03:28:40 216,288 ------w c:\windows\ie7updates\KB958215-IE7\spuninst\spuninst.exe+ 2007-03-06 03:29:50 386,784 ------w c:\windows\ie7updates\KB958215-IE7\spuninst\updspapi.dll+ 2008-08-26 09:27:02 105,984 ------w c:\windows\ie7updates\KB958215-IE7\url.dll+ 2008-08-26 09:27:02 1,159,680 ------w c:\windows\ie7updates\KB958215-IE7\urlmon.dll+ 2008-08-26 09:27:02 233,472 ------w c:\windows\ie7updates\KB958215-IE7\webcheck.dll+ 2008-08-26 09:27:02 826,368 ------w c:\windows\ie7updates\KB958215-IE7\wininet.dll+ 2001-07-14 16:32:24 69,632 ----a-w c:\windows\setup.pss\setupupd\temp\wsdueng.dll- 2008-08-26 09:26:56 124,928 ----a-w c:\windows\system32\advpack.dll+ 2008-10-16 20:33:24 124,928 ----a-w c:\windows\system32\advpack.dll- 2008-11-18 17:41:38 1,233,112 ----a-w c:\windows\system32\aswBoot.exe+ 2008-11-26 17:21:30 1,236,208 ----a-w c:\windows\system32\aswBoot.exe- 2008-11-18 17:35:22 97,480 ----a-w c:\windows\system32\AvastSS.scr+ 2008-11-26 17:15:10 97,480 ----a-w c:\windows\system32\AvastSS.scr- 2008-08-26 09:26:56 124,928 ------w c:\windows\system32\dllcache\advpack.dll+ 2008-10-16 20:33:24 124,928 ------w c:\windows\system32\dllcache\advpack.dll- 2008-08-26 09:26:56 347,136 ------w c:\windows\system32\dllcache\dxtmsft.dll+ 2008-10-16 20:33:24 347,136 ------w c:\windows\system32\dllcache\dxtmsft.dll- 2008-08-26 09:26:56 214,528 ------w c:\windows\system32\dllcache\dxtrans.dll+ 2008-10-16 20:33:24 214,528 ------w c:\windows\system32\dllcache\dxtrans.dll- 2008-08-26 09:26:56 133,120 ------w c:\windows\system32\dllcache\extmgr.dll+ 2008-10-16 20:33:24 133,120 ------w c:\windows\system32\dllcache\extmgr.dll- 2008-08-26 09:26:56 63,488 ------w c:\windows\system32\dllcache\icardie.dll+ 2008-10-16 20:33:24 63,488 ------w c:\windows\system32\dllcache\icardie.dll- 2008-08-26 09:26:56 153,088 ------w c:\windows\system32\dllcache\ieakeng.dll+ 2008-10-16 20:33:24 153,088 ------w c:\windows\system32\dllcache\ieakeng.dll- 2008-08-26 09:26:56 230,400 ------w c:\windows\system32\dllcache\ieaksie.dll+ 2008-10-16 20:33:24 230,400 ------w c:\windows\system32\dllcache\ieaksie.dll- 2008-08-26 09:26:56 383,488 ------w c:\windows\system32\dllcache\ieapfltr.dll+ 2008-10-16 20:33:24 383,488 ------w c:\windows\system32\dllcache\ieapfltr.dll- 2008-08-26 09:26:56 384,512 ------w c:\windows\system32\dllcache\iedkcs32.dll+ 2008-10-16 20:33:26 384,512 ------w c:\windows\system32\dllcache\iedkcs32.dll- 2008-10-03 18:26:30 6,066,176 ------w c:\windows\system32\dllcache\ieframe.dll+ 2008-10-16 20:33:28 6,066,176 ------w c:\windows\system32\dllcache\ieframe.dll- 2008-08-26 09:26:58 44,544 ------w c:\windows\system32\dllcache\iernonce.dll+ 2008-10-16 20:33:28 44,544 ------w c:\windows\system32\dllcache\iernonce.dll- 2008-08-26 09:26:58 267,776 ------w c:\windows\system32\dllcache\iertutil.dll+ 2008-10-16 20:33:28 267,776 ------w c:\windows\system32\dllcache\iertutil.dll- 2008-08-26 09:26:58 27,648 ------w c:\windows\system32\dllcache\jsproxy.dll+ 2008-10-16 20:33:30 27,648 ------w c:\windows\system32\dllcache\jsproxy.dll- 2008-08-26 09:27:00 459,264 ------w c:\windows\system32\dllcache\msfeeds.dll+ 2008-10-16 20:33:30 459,264 ------w c:\windows\system32\dllcache\msfeeds.dll- 2008-08-26 09:27:00 52,224 ------w c:\windows\system32\dllcache\msfeedsbs.dll+ 2008-10-16 20:33:30 52,224 ------w c:\windows\system32\dllcache\msfeedsbs.dll- 2008-08-26 09:27:00 477,696 ------w c:\windows\system32\dllcache\mshtmled.dll+ 2008-10-16 20:33:34 477,696 ------w c:\windows\system32\dllcache\mshtmled.dll- 2008-08-26 09:27:00 193,024 ------w c:\windows\system32\dllcache\msrating.dll+ 2008-10-16 20:33:34 193,024 ------w c:\windows\system32\dllcache\msrating.dll- 2008-08-26 09:27:00 671,232 ------w c:\windows\system32\dllcache\mstime.dll+ 2008-10-16 20:33:34 671,232 ------w c:\windows\system32\dllcache\mstime.dll- 2008-08-26 09:27:00 102,912 ------w c:\windows\system32\dllcache\occache.dll+ 2008-10-16 20:33:34 102,912 ------w c:\windows\system32\dllcache\occache.dll- 2008-08-26 09:27:00 44,544 ------w c:\windows\system32\dllcache\pngfilt.dll+ 2008-10-16 20:33:34 44,544 ------w c:\windows\system32\dllcache\pngfilt.dll- 2008-08-26 09:27:02 105,984 ------w c:\windows\system32\dllcache\url.dll+ 2008-10-16 20:33:34 105,984 ------w c:\windows\system32\dllcache\url.dll- 2008-08-26 09:27:02 1,159,680 ------w c:\windows\system32\dllcache\urlmon.dll+ 2008-10-16 20:33:34 1,160,192 ------w c:\windows\system32\dllcache\urlmon.dll- 2008-08-26 09:27:02 233,472 ------w c:\windows\system32\dllcache\webcheck.dll+ 2008-10-16 20:33:34 233,472 ------w c:\windows\system32\dllcache\webcheck.dll- 2008-08-26 09:27:02 826,368 ------w c:\windows\system32\dllcache\wininet.dll+ 2008-10-16 20:33:34 826,368 ------w c:\windows\system32\dllcache\wininet.dll- 2008-11-18 18:00:12 26,944 ----a-w c:\windows\system32\drivers\aavmker4.sys+ 2008-11-26 17:15:36 26,944 ----a-w c:\windows\system32\drivers\aavmker4.sys- 2008-11-18 18:02:44 20,560 ----a-w c:\windows\system32\drivers\aswFsBlk.sys+ 2008-11-26 17:17:26 20,560 ----a-w c:\windows\system32\drivers\aswFsBlk.sys- 2008-11-18 18:04:36 93,296 ----a-w c:\windows\system32\drivers\aswmon.sys+ 2008-11-26 17:18:26 93,296 ----a-w c:\windows\system32\drivers\aswmon.sys- 2008-11-18 18:04:22 94,032 ----a-w c:\windows\system32\drivers\aswmon2.sys+ 2008-11-26 17:18:18 94,032 ----a-w c:\windows\system32\drivers\aswmon2.sys- 2008-11-18 18:01:10 23,152 ----a-w c:\windows\system32\drivers\aswRdr.sys+ 2008-11-26 17:16:30 23,152 ----a-w c:\windows\system32\drivers\aswRdr.sys- 2008-11-18 18:03:34 110,160 ----a-w c:\windows\system32\drivers\aswSP.sys+ 2008-11-26 17:17:36 111,184 ----a-w c:\windows\system32\drivers\aswSP.sys- 2008-11-18 18:01:24 50,864 ----a-w c:\windows\system32\drivers\aswTdi.sys+ 2008-11-26 17:16:38 50,864 ----a-w c:\windows\system32\drivers\aswTdi.sys+ 2007-02-14 13:20:56 530,861 ----a-w c:\windows\system32\drivers\btaudio.sys+ 2007-02-14 13:20:58 30,459 ----a-w c:\windows\system32\drivers\btport.sys+ 2007-02-14 13:20:58 149,123 ----a-w c:\windows\system32\drivers\btwdndis.sys- 2008-08-26 09:26:56 347,136 ----a-w c:\windows\system32\dxtmsft.dll+ 2008-10-16 20:33:24 347,136 ----a-w c:\windows\system32\dxtmsft.dll- 2008-08-26 09:26:56 214,528 ----a-w c:\windows\system32\dxtrans.dll+ 2008-10-16 20:33:24 214,528 ----a-w c:\windows\system32\dxtrans.dll- 2008-08-26 09:26:56 133,120 ----a-w c:\windows\system32\extmgr.dll+ 2008-10-16 20:33:24 133,120 ----a-w c:\windows\system32\extmgr.dll- 2008-11-26 11:34:58 1,437,248 ----a-w c:\windows\system32\FNTCACHE.DAT+ 2008-12-18 09:55:26 1,437,304 ----a-w c:\windows\system32\FNTCACHE.DAT- 2008-08-26 09:26:56 63,488 ----a-w c:\windows\system32\icardie.dll+ 2008-10-16 20:33:24 63,488 ----a-w c:\windows\system32\icardie.dll- 2008-08-25 09:42:18 70,656 ----a-w c:\windows\system32\ie4uinit.exe+ 2008-10-16 13:15:02 70,656 ----a-w c:\windows\system32\ie4uinit.exe- 2008-08-26 09:26:56 153,088 ----a-w c:\windows\system32\ieakeng.dll+ 2008-10-16 20:33:24 153,088 ----a-w c:\windows\system32\ieakeng.dll- 2008-08-26 09:26:56 230,400 ----a-w c:\windows\system32\ieaksie.dll+ 2008-10-16 20:33:24 230,400 ----a-w c:\windows\system32\ieaksie.dll- 2008-08-23 06:54:52 161,792 ----a-w c:\windows\system32\ieakui.dll+ 2008-10-15 07:04:54 161,792 ----a-w c:\windows\system32\ieakui.dll- 2008-08-26 09:26:56 383,488 ----a-w c:\windows\system32\ieapfltr.dll+ 2008-10-16 20:33:24 383,488 ----a-w c:\windows\system32\ieapfltr.dll- 2008-08-26 09:26:56 384,512 ----a-w c:\windows\system32\iedkcs32.dll+ 2008-10-16 20:33:26 384,512 ----a-w c:\windows\system32\iedkcs32.dll- 2008-10-03 18:26:30 6,066,176 ----a-w c:\windows\system32\ieframe.dll+ 2008-10-16 20:33:28 6,066,176 ----a-w c:\windows\system32\ieframe.dll- 2008-08-26 09:26:58 44,544 ----a-w c:\windows\system32\iernonce.dll+ 2008-10-16 20:33:28 44,544 ----a-w c:\windows\system32\iernonce.dll- 2008-08-26 09:26:58 267,776 ----a-w c:\windows\system32\iertutil.dll+ 2008-10-16 20:33:28 267,776 ----a-w c:\windows\system32\iertutil.dll- 2008-08-25 09:38:00 13,824 ----a-w c:\windows\system32\ieudinit.exe+ 2008-10-16 13:11:10 13,824 ----a-w c:\windows\system32\ieudinit.exe- 2008-08-26 09:26:58 27,648 ----a-w c:\windows\system32\jsproxy.dll+ 2008-10-16 20:33:30 27,648 ----a-w c:\windows\system32\jsproxy.dll- 2008-11-03 15:10:26 17,318,336 ----a-w c:\windows\system32\MRT.exe+ 2008-12-09 23:24:38 17,593,280 ----a-w c:\windows\system32\MRT.exe- 2008-08-26 09:27:00 459,264 ----a-w c:\windows\system32\msfeeds.dll+ 2008-10-16 20:33:30 459,264 ----a-w c:\windows\system32\msfeeds.dll- 2008-08-26 09:27:00 52,224 ----a-w c:\windows\system32\msfeedsbs.dll+ 2008-10-16 20:33:30 52,224 ----a-w c:\windows\system32\msfeedsbs.dll- 2008-08-27 10:27:02 3,593,216 ----a-w c:\windows\system32\mshtml.dll+ 2008-10-17 01:03:34 3,593,216 ----a-w c:\windows\system32\mshtml.dll- 2008-08-26 09:27:00 477,696 ----a-w c:\windows\system32\mshtmled.dll+ 2008-10-16 20:33:34 477,696 ----a-w c:\windows\system32\mshtmled.dll- 2008-08-26 09:27:00 193,024 ----a-w c:\windows\system32\msrating.dll+ 2008-10-16 20:33:34 193,024 ----a-w c:\windows\system32\msrating.dll- 2008-08-26 09:27:00 671,232 ----a-w c:\windows\system32\mstime.dll+ 2008-10-16 20:33:34 671,232 ----a-w c:\windows\system32\mstime.dll- 2008-08-26 09:27:00 102,912 ----a-w c:\windows\system32\occache.dll+ 2008-10-16 20:33:34 102,912 ----a-w c:\windows\system32\occache.dll+ 2000-07-21 10:05:02 149,776 ----a-w c:\windows\system32\phl.dll- 2008-08-26 09:27:00 44,544 ----a-w c:\windows\system32\pngfilt.dll+ 2008-10-16 20:33:34 44,544 ----a-w c:\windows\system32\pngfilt.dll- 2008-07-08 13:20:04 19,320 ------w c:\windows\system32\spmsg.dll+ 2007-07-27 08:41:40 16,760 ------w c:\windows\system32\spmsg.dll- 2008-07-11 13:42:28 62,976 ------w c:\windows\system32\tzchange.exe+ 2008-10-23 10:07:00 62,976 ------w c:\windows\system32\tzchange.exe- 2008-08-26 09:27:02 105,984 ----a-w c:\windows\system32\url.dll+ 2008-10-16 20:33:34 105,984 ----a-w c:\windows\system32\url.dll- 2008-08-26 09:27:02 1,159,680 ----a-w c:\windows\system32\urlmon.dll+ 2008-10-16 20:33:34 1,160,192 ----a-w c:\windows\system32\urlmon.dll- 2008-08-26 09:27:02 233,472 ----a-w c:\windows\system32\webcheck.dll+ 2008-10-16 20:33:34 233,472 ----a-w c:\windows\system32\webcheck.dll- 2008-08-26 09:27:02 826,368 ----a-w c:\windows\system32\wininet.dll+ 2008-10-16 20:33:34 826,368 ----a-w c:\windows\system32\wininet.dll+ 2008-12-18 09:55:22 16,384 ----a-w c:\windows\Temp\Perflib_Perfdata_668.dat.-- Migawka wyzerowana --.((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru ))))))))))))))))))))))))))))))))))))))))))))))))))..*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane REGEDIT4[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-01-18 1028096]"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2008-11-26 81000]"DAEMON Tools-1033"="c:\program files\D-Tools\daemon.exe" [2004-08-22 81920][HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]c:\documents and settings\ťukasz\Menu Start\Programy\Autostart\USDownloader.exe.lnk - c:\documents and settings\ťukasz\Pulpit\Najnowszy_USDownloader_03.07.2008__up_by_AMH\Najnowszy USDownloader 03.07.2008__up by AMH\USDownloader.exe [2008-09-03 529920]c:\documents and settings\All Users\Menu Start\Programy\Autostart\Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-02-13 83360]BTTray.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2007-02-06 561213][HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]"msacm.iac2"= c:\progra~1\ACEMEG~1\SystemS\Intel\iac25_32.ax"msacm.sl_anet"= c:\progra~1\ACEMEG~1\SystemS\sl_anet.acm"vidc.yv12"= c:\progra~1\ACEMEG~1\SystemS\ATI\atiyuv12.DLL"vidc.divx"= c:\progra~1\ACEMEG~1\SystemS\DivX\DivX520.dll"vidc.iyuv"= c:\progra~1\ACEMEG~1\SystemS\Intel\iyuv_32.dll"vidc.yvu9"= c:\progra~1\ACEMEG~1\SystemS\Intel\Iyvu9_32.dll"vidc.uyvy"= c:\progra~1\ACEMEG~1\SystemS\MICROS~1\msyuv.dll"vidc.yuy2"= c:\progra~1\ACEMEG~1\SystemS\MICROS~1\msyuv.dll"vidc.yvyu"= c:\progra~1\ACEMEG~1\SystemS\MICROS~1\msyuv.dll"msacm.msaudio1"= c:\progra~1\ACEMEG~1\SystemS\MICROS~1\msaud32.acm[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]@="Driver"[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]"%windir%\\system32\\sessmgr.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe"="c:\\WINDOWS\\System32\\mmc.exe"="c:\\Program Files\\Vuze\\Azureus.exe"="c:\\Program Files\\eMule\\eMule.exe"="c:\\Program Files\\Gadu-Gadu\\gg.exe"="c:\\Program Files\\Postal2STP\\System\\Postal2MP.exe"="c:\\Documents and Settings\\Łukasz\\temp\\TeamViewer3\\TeamViewer.exe"="c:\\WINDOWS\\System32\\usmt\\migwiz.exe"="c:\\Program Files\\ESTsoft\\ALFTP\\ALFTP.exe"="c:\\Program Files\\BearShare Applications\\BearShare\\BearShare.exe"="c:\\Documents and Settings\\Łukasz\\Pulpit\\Najnowszy_USDownloader_03.07.2008__up_by_AMH\\Najnowszy USDownloader 03.07.2008__up by AMH\\USDownloader.exe"=[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]"AllowInboundEchoRequest"= 1 (0x1)R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2008-08-24 111184]R2 aswFsBlk;aswFsBlk;c:\windows\system32\DRIVERS\aswFsBlk.sys [2008-08-24 20560]S2 gupdate1c916a7e527e4da;Google Update Service (gupdate1c916a7e527e4da);"c:\program files\Google\Update\GoogleUpdate.exe" /svc [2008-09-14 133104]S3 Com4QLBEx;Com4QLBEx;"c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe" [2008-08-18 193840]HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcsUxTuneUp*Newly Created Service* - CATCHME.Zawartość folderu 'Zaplanowane zadania'2008-12-18 c:\windows\Tasks\GoogleUpdateTaskMachine.job- c:\program files\Google\Update\GoogleUpdate.exe [2008-09-14 22:24]..------- Skan uzupełniający -------.uStart Page = hxxp://www.spolszczenia.pl.prv.pl/uInternet Settings,ProxyServer = 10.0.10.2:8080uInternet Settings,ProxyOverride = *.localIE: E&ksport do programu Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000IE: Wyślij do urządzenia &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htmc:\windows\system32\SkanerOnlineUninstall.exe - c:\windows\system32\SkanerOnline.dllO16 -: {68282C51-9459-467B-95BF-3C0E89627E55}hxxp://www.mks.com.pl/skaner/SkanerOnline.cabc:\windows\Downloaded Program Files\SkanerOnline.infFF - ProfilePath - c:\documents and settings\Łukasz\Dane aplikacji\Mozilla\Firefox\Profiles\lnkutby1.default\FF - prefs.js: browser.startup.homepage - hxxp://www.google.pl/igFF - prefs.js: network.proxy.http - 10.0.10.2FF - prefs.js: network.proxy.http_port - 8080FF - prefs.js: network.proxy.type - 1FF - component: c:\program files\Google\Google Gears\Firefox\components\gears.dllFF - plugin: c:\documents and settings\Ĺukasz\Dane aplikacji\Mozilla\plugins\npPxPlay.dllATTENTION: FIREFOX POLICES IS IN FORCE c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.rights.version", 3);c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.rights.3.shown", false);.**************************************************************************catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.netRootkit scan 2008-12-18 16:11:51Windows 5.1.2600 Dodatek Service Pack 3 FAT NTAPIskanowanie ukrytych procesów ... skanowanie ukrytych wpisów autostartu ...skanowanie ukrytych plików ... skanowanie pomyślnie ukończoneukryte pliki: 0**************************************************************************.--------------------- Pliki DLL ładowane pod uruchomionymi procesami ---------------------- - - - - - - > 'winlogon.exe'(716)c:\windows\system32\Ati2evxx.dll.Czas ukończenia: 2008-12-18 16:12:21ComboFix-quarantined-files.txt 2008-12-18 15:12:20ComboFix2.txt 2008-11-28 22:03:16Przed: 10 999 644 160 bajtów wolnychPo: 11,017,322,496 bajtów wolnych360 --- E O F --- 2008-12-18 09:30:17
Gość komentarz 18 grudnia 2008 komentarz 18 grudnia 2008 Wklej do Notatnika: File::c:\windows\C11F06.dmpFolder::C:\FOUND.004C:\VundoFix BackupDriver::gupdate1c916a7e527e4da >>Plik>>Zapisz jako... >>> CFScript Przeciągnij i upuść plik CFScript.txt na plik ComboFix.exe --> Ma się rozpocząć usuwanie. (i powstanie log).Daj ten log, który powstanie w trakcie usuwania. Jeśli pójdzie dobrze, to: Po restarcie usuń ręcznie folder C:\Qoobox. HJT - czysto.
Mateusz J. komentarz 18 grudnia 2008 komentarz 18 grudnia 2008 Logi ogólnie czyste, nie ma niczego groźnego, ale o tym post wyżej. Co do Twojego problemu: Trzymaj cały czas shift, zmień widok na ikony, a następnie na miniatury. W tym momencie powinno być po problemie.
Pirzyk komentarz 18 grudnia 2008 Autor komentarz 18 grudnia 2008 ComboFix 08-12-17.01 - Łukasz 2008-12-18 16:30:04.3 - [b]FAT32[/b]x86Microsoft Windows XP Professional 5.1.2600.3.1250.1.1045.18.2047.1471 [GMT 1:00]Uruchomiony z: d:\programy\anty virusy\ComboFix.exeUżyto następujących komend :: d:\programy\anty virusy\CFScript.txt * Utworzono nowy punkt przywracaniaFILE ::c:\windows\C11F06.dmp.((((((((((((((((((((((((((((((((((((((( Usunięto ))))))))))))))))))))))))))))))))))))))))))))))))).C:\FOUND.004c:\found.004\FILE0000.CHKc:\found.004\FILE0001.CHKc:\found.004\FILE0002.CHKc:\found.004\FILE0003.CHKc:\found.004\FILE0004.CHKc:\found.004\FILE0005.CHKc:\found.004\FILE0006.CHKc:\found.004\FILE0007.CHKc:\found.004\FILE0008.CHKc:\found.004\FILE0009.CHKc:\found.004\FILE0010.CHKc:\found.004\FILE0011.CHKc:\found.004\FILE0012.CHKc:\found.004\FILE0013.CHKc:\found.004\FILE0014.CHKc:\windows\C11F06.dmp.((((((((((((((((((((((((((((((((((((((( Sterowniki/Usługi ))))))))))))))))))))))))))))))))))))))))))))))))).-------\Legacy_GUPDATE1C916A7E527E4DA-------\Service_gupdate1c916a7e527e4da((((((((((((((((((((((((( Pliki utworzone od 2008-11-18 do 2008-12-18 ))))))))))))))))))))))))))))))).2008-12-09 21:31 . 2008-12-09 21:31 <DIR> d-------- c:\program files\NokiaFREE Unlock Codes Calculator2008-12-07 13:55 . 2008-12-07 13:55 <DIR> d-------- c:\program files\SiSoftware2008-12-03 14:45 . 2008-12-03 14:45 <DIR> d-------- c:\documents and settings\Ela\Dane aplikacji\EstSoft2008-12-01 22:56 . 2008-12-01 22:56 <DIR> d-------- C:\Downloads2008-12-01 14:16 . 2008-12-01 14:16 <DIR> d-------- c:\documents and settings\Łukasz\Dane aplikacji\EssentialPIM2008-11-30 21:49 . 2008-11-30 21:49 <DIR> d-------- c:\program files\EssentialPIM2008-11-30 21:49 . 2008-11-30 21:49 <DIR> d-------- c:\documents and settings\Ela\Dane aplikacji\EssentialPIM2008-11-30 21:46 . 2008-11-30 21:46 <DIR> d-------- c:\program files\GNUTU2008-11-29 04:15 . 2008-11-29 04:15 <DIR> d-------- c:\program files\MSECache2008-11-29 02:28 . 2008-11-29 02:28 <DIR> d-------- c:\program files\HHD Software2008-11-29 00:25 . 2008-11-29 00:25 <DIR> d-------- c:\documents and settings\Łukasz\Bluetooth Software2008-11-29 00:25 . 2008-11-29 00:25 <DIR> d-------- c:\documents and settings\Łukasz\Bluetooth Software2008-11-28 22:38 . 2008-11-28 22:39 24,576 --a------ c:\windows\system32\VundoFixSVC.exe2008-11-28 22:16 . 2008-11-28 22:16 <DIR> d-------- C:\VundoFix Backups2008-11-26 15:07 . 2008-11-26 15:07 <DIR> d-------- c:\documents and settings\All Users\Dane aplikacji\122BF2008-11-26 15:06 . 2008-11-26 15:06 <DIR> d-------- C:\My Downloads2008-11-26 15:03 . 2008-11-26 15:03 <DIR> d-------- c:\program files\BearShare Applications2008-11-26 15:02 . 2008-11-26 15:02 58 --a------ c:\windows\wininit.ini2008-11-22 19:16 . 2008-11-24 09:27 13,030 --a------ C:\PDOXUSRS.NET2008-11-22 19:14 . 2008-11-22 19:14 <DIR> d-------- c:\program files\Common Files\Borland Shared2008-11-22 19:13 . 2008-11-22 19:13 <DIR> d-------- c:\program files\GlobalServices.(((((((((((((((((((((((((((((((((((((((( Sekcja Find3M )))))))))))))))))))))))))))))))))))))))))))))))))))).2008-11-27 05:58 22,328 ----a-w c:\windows\system32\drivers\PnkBstrK.sys2008-11-27 05:57 103,736 ----a-w c:\windows\system32\PnkBstrB.exe2008-11-12 22:17 --------- d-----w c:\program files\Budzik2008-11-12 17:45 --------- d-----w c:\program files\Euro Truck Simulator2008-11-10 19:12 66,872 ----a-w c:\windows\system32\PnkBstrA.exe2008-11-07 14:21 --------- d-----w c:\program files\Zemsta Kujona2008-11-06 14:47 --------- d-----w c:\program files\directx2008-11-06 14:45 --------- d-----w c:\program files\Rockstar Games2008-11-06 14:29 --------- d-----w c:\program files\Prawo Jazdy 20062008-11-05 09:02 --------- d-----w c:\program files\Astro Gemini Software2008-10-24 11:21 455,296 ----a-w c:\windows\system32\drivers\mrxsmb.sys2008-10-24 11:21 455,296 ------w c:\windows\system32\dllcache\mrxsmb.sys2008-10-23 12:42 286,720 ----a-w c:\windows\system32\gdi32.dll2008-10-23 12:42 286,720 ------w c:\windows\system32\dllcache\gdi32.dll2008-10-17 01:03 3,593,216 ------w c:\windows\system32\dllcache\mshtml.dll2008-10-16 13:15 70,656 ------w c:\windows\system32\dllcache\ie4uinit.exe2008-10-16 13:13 202,776 ----a-w c:\windows\system32\wuweb.dll2008-10-16 13:13 202,776 ----a-w c:\windows\system32\dllcache\wuweb.dll2008-10-16 13:13 1,809,944 ----a-w c:\windows\system32\wuaueng.dll2008-10-16 13:13 1,809,944 ----a-w c:\windows\system32\dllcache\wuaueng.dll2008-10-16 13:12 561,688 ----a-w c:\windows\system32\wuapi.dll2008-10-16 13:12 561,688 ----a-w c:\windows\system32\dllcache\wuapi.dll2008-10-16 13:12 323,608 ----a-w c:\windows\system32\wucltui.dll2008-10-16 13:12 323,608 ----a-w c:\windows\system32\dllcache\wucltui.dll2008-10-16 13:11 13,824 ------w c:\windows\system32\dllcache\ieudinit.exe2008-10-16 13:09 92,696 ----a-w c:\windows\system32\dllcache\cdm.dll2008-10-16 13:09 92,696 ----a-w c:\windows\system32\cdm.dll2008-10-16 13:09 51,224 ----a-w c:\windows\system32\wuauclt.exe2008-10-16 13:09 51,224 ----a-w c:\windows\system32\dllcache\wuauclt.exe2008-10-16 13:09 43,544 ----a-w c:\windows\system32\wups2.dll2008-10-16 13:08 34,328 ----a-w c:\windows\system32\wups.dll2008-10-16 13:08 34,328 ----a-w c:\windows\system32\dllcache\wups.dll2008-10-15 17:36 337,408 ------w c:\windows\system32\dllcache\netapi32.dll2008-10-15 07:06 633,632 ------w c:\windows\system32\dllcache\iexplore.exe2008-10-15 07:04 161,792 ----a-w c:\windows\system32\dllcache\ieakui.dll2008-10-12 22:00 361,728 ----a-w c:\windows\system32\TuneUpDefragService.exe2008-10-10 10:47 22,008 ----a-w c:\documents and settings\Łukasz\Dane aplikacji\GDIPFONTCACHEV1.DAT2008-10-08 20:10 4,608 ----a-w c:\windows\system32\w95inf32.dll2008-10-08 20:10 2,272 ----a-w c:\windows\system32\w95inf16.dll2008-10-04 22:06 107,888 ----a-w c:\windows\system32\CmdLineExt.dll2008-10-03 10:04 247,326 ----a-w c:\windows\system32\strmdll.dll2008-10-03 10:04 247,326 ----a-w c:\windows\system32\dllcache\strmdll.dll2008-09-30 15:43 1,286,152 ----a-w c:\windows\system32\msxml4.dll2008-09-19 18:20 73,063,401 ----a-w c:\windows\Kocham Cię.scr2008-09-14 00:26 2,971 ----a-w c:\program files\Common Files\unins000.dat2008-09-14 00:25 730,121 ----a-w c:\program files\Common Files\unins000.exe2008-08-17 23:13 81,920 ----a-w c:\documents and settings\Łukasz\Dane aplikacji\ezpinst.exe2008-08-17 23:13 47,360 ----a-w c:\documents and settings\Łukasz\Dane aplikacji\pcouffin.sys2008-03-09 06:25 236 ---ha-w c:\program files\Common Files\dx.reg.((((((((((((((((((((((((((((( snapshot_2008-12-18_16.12.03,51 ))))))))))))))))))))))))))))))))))))))))).+ 2008-12-18 15:35:22 16,384 ----a-w c:\windows\Temp\Perflib_Perfdata_654.dat.((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru ))))))))))))))))))))))))))))))))))))))))))))))))))..*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane REGEDIT4[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-01-18 1028096]"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2008-11-26 81000]"DAEMON Tools-1033"="c:\program files\D-Tools\daemon.exe" [2004-08-22 81920][HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]c:\documents and settings\ťukasz\Menu Start\Programy\Autostart\USDownloader.exe.lnk - c:\documents and settings\ťukasz\Pulpit\Najnowszy_USDownloader_03.07.2008__up_by_AMH\Najnowszy USDownloader 03.07.2008__up by AMH\USDownloader.exe [2008-09-03 529920]c:\documents and settings\All Users\Menu Start\Programy\Autostart\Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-02-13 83360]BTTray.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2007-02-06 561213][HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]"msacm.iac2"= c:\progra~1\ACEMEG~1\SystemS\Intel\iac25_32.ax"msacm.sl_anet"= c:\progra~1\ACEMEG~1\SystemS\sl_anet.acm"vidc.yv12"= c:\progra~1\ACEMEG~1\SystemS\ATI\atiyuv12.DLL"vidc.divx"= c:\progra~1\ACEMEG~1\SystemS\DivX\DivX520.dll"vidc.iyuv"= c:\progra~1\ACEMEG~1\SystemS\Intel\iyuv_32.dll"vidc.yvu9"= c:\progra~1\ACEMEG~1\SystemS\Intel\Iyvu9_32.dll"vidc.uyvy"= c:\progra~1\ACEMEG~1\SystemS\MICROS~1\msyuv.dll"vidc.yuy2"= c:\progra~1\ACEMEG~1\SystemS\MICROS~1\msyuv.dll"vidc.yvyu"= c:\progra~1\ACEMEG~1\SystemS\MICROS~1\msyuv.dll"msacm.msaudio1"= c:\progra~1\ACEMEG~1\SystemS\MICROS~1\msaud32.acm[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]@="Driver"[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]"%windir%\\system32\\sessmgr.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe"="c:\\WINDOWS\\System32\\mmc.exe"="c:\\Program Files\\Vuze\\Azureus.exe"="c:\\Program Files\\eMule\\eMule.exe"="c:\\Program Files\\Gadu-Gadu\\gg.exe"="c:\\Program Files\\Postal2STP\\System\\Postal2MP.exe"="c:\\Documents and Settings\\Łukasz\\temp\\TeamViewer3\\TeamViewer.exe"="c:\\WINDOWS\\System32\\usmt\\migwiz.exe"="c:\\Program Files\\ESTsoft\\ALFTP\\ALFTP.exe"="c:\\Program Files\\BearShare Applications\\BearShare\\BearShare.exe"="c:\\Documents and Settings\\Łukasz\\Pulpit\\Najnowszy_USDownloader_03.07.2008__up_by_AMH\\Najnowszy USDownloader 03.07.2008__up by AMH\\USDownloader.exe"=[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]"AllowInboundEchoRequest"= 1 (0x1)R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2008-08-24 111184]R2 aswFsBlk;aswFsBlk;c:\windows\system32\DRIVERS\aswFsBlk.sys [2008-08-24 20560]S3 Com4QLBEx;Com4QLBEx;"c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe" [2008-08-18 193840]HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcsUxTuneUp.Zawartość folderu 'Zaplanowane zadania'2008-12-18 c:\windows\Tasks\GoogleUpdateTaskMachine.job- c:\program files\Google\Update\GoogleUpdate.exe [2008-09-14 22:24]..------- Skan uzupełniający -------.uStart Page = hxxp://www.spolszczenia.pl.prv.pl/uInternet Settings,ProxyServer = 10.0.10.2:8080uInternet Settings,ProxyOverride = *.localIE: E&ksport do programu Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000IE: Wyślij do urządzenia &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htmc:\windows\system32\SkanerOnlineUninstall.exe - c:\windows\system32\SkanerOnline.dllO16 -: {68282C51-9459-467B-95BF-3C0E89627E55}hxxp://www.mks.com.pl/skaner/SkanerOnline.cabc:\windows\Downloaded Program Files\SkanerOnline.infFF - ProfilePath - c:\documents and settings\Łukasz\Dane aplikacji\Mozilla\Firefox\Profiles\lnkutby1.default\FF - prefs.js: browser.startup.homepage - hxxp://www.google.pl/igFF - prefs.js: network.proxy.http - 10.0.10.2FF - prefs.js: network.proxy.http_port - 8080FF - prefs.js: network.proxy.type - 1FF - component: c:\program files\Google\Google Gears\Firefox\components\gears.dllFF - plugin: c:\documents and settings\Ĺ?ukasz\Dane aplikacji\Mozilla\plugins\npPxPlay.dllATTENTION: FIREFOX POLICES IS IN FORCE c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.rights.version", 3);c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.rights.3.shown", false);.**************************************************************************catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.netRootkit scan 2008-12-18 16:35:55Windows 5.1.2600 Dodatek Service Pack 3 FAT NTAPIskanowanie ukrytych procesów ... skanowanie ukrytych wpisów autostartu ...skanowanie ukrytych plików ... skanowanie pomyślnie ukończoneukryte pliki: 0**************************************************************************.--------------------- Pliki DLL ładowane pod uruchomionymi procesami ---------------------- - - - - - - > 'winlogon.exe'(720)c:\windows\system32\Ati2evxx.dll.------------------------ Pozostałe uruchomione procesy ------------------------.c:\windows\system32\Ati2evxx.exec:\windows\system32\Ati2evxx.exec:\program files\WIDCOMM\Bluetooth Software\bin\btwdins.exec:\program files\Alwil Software\Avast4\aswUpdSv.exec:\program files\Alwil Software\Avast4\ashServ.exec:\windows\system32\agrsmsvc.exec:\program files\Common Files\Microsoft Shared\VS7Debug\mdm.exec:\windows\system32\PnkBstrA.exec:\program files\Photodex\ProShowProducer\ScsiAccess.exec:\windows\system32\wdfmgr.exec:\program files\Alwil Software\Avast4\ashMaiSv.exec:\program files\Alwil Software\Avast4\ashWebSv.exec:\documents and settings\c:\program files\Microsoft Office\Office10\msoffice.exec:\program files\Alwil Software\Avast4\setup\avast.setup.**************************************************************************.Czas ukończenia: 2008-12-18 16:37:36 - komputer został uruchomiony ponownieComboFix-quarantined-files.txt 2008-12-18 15:37:36ComboFix3.txt 2008-11-28 22:03:16ComboFix2.txt 2008-12-18 15:12:24Przed: 11 040 358 400 bajtów wolnychPo: 11,023,220,736 bajtów wolnych231 --- E O F --- 2008-12-18 09:30:17 Trzymaj cały czas shift, zmień widok na ikony, a następnie na miniatury.W tym momencie powinno być po problemie. pomogło dzięki za pomoc
Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!
Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.