x-kom hosting

logi z combo fix

dastin
utworzono
utworzono (edytowane)
ComboFix 09-02-26.02 - dastin 2009-02-27 13:12:43.6 - NTFSx86Microsoft Windows XP Professional  5.1.2600.2.1250.1.1045.18.1535.1002 [GMT 1:00]Uruchomiony z: d:\documents and settings\dastin\Pulpit\ComboFix.exeAV: Kaspersky Anti-Virus for Windows Workstations *On-access scanning disabled* (Updated) * Utworzono nowy punkt przywracania.(((((((((((((((((((((((((   Pliki utworzone od 2009-01-27 do 2009-02-27  ))))))))))))))))))))))))))))))).2009-02-25 18:09 . 2009-02-25 18:09	<DIR>	d--------	d:\documents and settings\dastin\Dane aplikacji\Reallusion2009-02-25 18:06 . 2009-02-25 18:06	<DIR>	d--------	d:\program files\Reallusion2009-02-25 18:06 . 2009-02-25 18:06	<DIR>	d--------	d:\program files\Common Files\Reallusion2009-02-25 11:37 . 2009-02-25 11:40	<DIR>	d--------	D:\Netgear2009-02-24 14:43 . 2009-02-24 14:43	<DIR>	d--h-----	d:\windows\PIF2009-02-13 12:21 . 2009-02-13 12:21	<DIR>	dr-h-----	d:\documents and settings\dastin\Dane aplikacji\SecuROM2009-02-13 12:21 . 2009-02-13 12:21	108,144	--a------	d:\windows\system32\CmdLineExt.dll2009-02-11 19:02 . 2009-02-11 19:02	<DIR>	d--------	d:\documents and settings\dastin\Dane aplikacji\Desktopicon2009-02-10 20:42 . 2009-02-10 20:42	21,840	--a------	d:\windows\system32\SIntfNT.dll2009-02-10 20:42 . 2009-02-10 20:42	17,212	--a------	d:\windows\system32\SIntf32.dll2009-02-10 20:42 . 2009-02-10 20:42	12,067	--a------	d:\windows\system32\SIntf16.dll2009-02-10 19:43 . 2009-02-10 20:45	35,673	--a------	d:\windows\DIIUnin.dat2009-02-10 19:42 . 2009-02-10 19:42	106,496	--a------	d:\windows\DIIUnin.exe2009-02-10 19:42 . 2009-02-10 19:42	2,829	--a------	d:\windows\DIIUnin.pif2009-02-09 20:11 . 2009-02-09 20:11	<DIR>	d--------	d:\program files\Common Files\Wise Installation Wizard2009-02-09 19:23 . 2009-02-09 19:23	<DIR>	d--------	d:\program files\Lavasoft2009-02-09 19:23 . 2009-02-09 19:36	<DIR>	d--------	d:\documents and settings\All Users\Dane aplikacji\Lavasoft2009-02-07 13:23 . 2009-02-07 13:23	0	--a------	d:\documents and settings\dastin\jagex_runescape_preferences.dat2009-02-01 19:06 . 2009-02-01 19:06	<DIR>	d--------	d:\program files\Common Files\NSV2009-01-27 17:14 . 2009-01-27 17:14	<DIR>	d--------	D:\KAV2009-01-27 17:14 . 2009-01-27 17:14	<DIR>	d--------	d:\documents and settings\All Users\Dane aplikacji\Kaspersky Anti-Virus for Windows Workstations2009-01-27 14:54 . 2009-01-27 14:54	<DIR>	d--------	d:\documents and settings\dastin\Dane aplikacji\Malwarebytes2009-01-27 14:54 . 2009-01-27 14:54	<DIR>	d--------	d:\documents and settings\All Users\Dane aplikacji\Malwarebytes.((((((((((((((((((((((((((((((((((((((((   Sekcja Find3M   )))))))))))))))))))))))))))))))))))))))))))))))))))).2009-02-27 11:09	---------	d-----w	d:\program files\Mozilla Firefox 3.1 Beta 22009-02-25 17:06	---------	d--h--w	d:\program files\InstallShield Installation Information2009-02-17 23:45	---------	d-----w	d:\documents and settings\dastin\Dane aplikacji\BESTplayer2009-02-15 23:05	---------	d-----w	d:\documents and settings\dastin\Dane aplikacji\Skype2009-02-15 23:02	---------	d-----w	d:\documents and settings\dastin\Dane aplikacji\skypePM2009-02-10 13:29	---------	d-----w	d:\documents and settings\dastin\Dane aplikacji\Azureus2009-01-27 16:14	---------	d-----w	d:\program files\Kaspersky Lab2009-01-23 22:53	---------	d-----w	d:\documents and settings\dastin\Dane aplikacji\Nowe Gadu-Gadu2009-01-20 10:07	---------	d-----w	d:\program files\Common Files\InstallShield2009-01-20 10:05	---------	d-----w	d:\documents and settings\All Users\Dane aplikacji\UDL2009-01-20 10:04	---------	d-----w	d:\program files\epson2009-01-20 10:00	---------	d-----w	d:\documents and settings\All Users\Dane aplikacji\EPSON2009-01-19 14:33	---------	d-----w	d:\documents and settings\All Users\Dane aplikacji\Azureus2009-01-14 16:43	---------	d-----w	d:\documents and settings\dastin\Dane aplikacji\AdobeUM2009-01-04 14:04	---------	d-----w	d:\program files\Common Files\Adobe2009-01-04 14:02	---------	d-----w	d:\program files\Bonjour2009-01-04 13:51	---------	d-----w	d:\program files\Common Files\Macrovision Shared2008-12-23 20:55	219,648	----a-w	d:\windows\system32\uxtheme.dll2008-12-16 19:09	118,784	------r	d:\windows\bwUnin-7.2.0.157-8876480SL.exe2008-12-06 11:24	60,416	----a-w	d:\windows\ALCFDRTM.EXE.(((((((((((((((((((((((((((((   snapshot@2009-01-31_22.06.51,07   ))))))))))))))))))))))))))))))))))))))))).+ 2009-02-13 11:21:29	45,854	----a-r	d:\windows\Installer\{18D00C9F-B259-4838-871A-C61FCFF34C59}\rugby.exe- 2000-08-31 07:00:00	286,720	----a-w	d:\windows\SWREG.exe+ 2000-08-31 07:00:00	161,792	----a-w	d:\windows\SWREG.exe+ 2008-04-29 10:19:50	12,960	----a-w	d:\windows\system32\drivers\Awrtpd.sys+ 2008-04-29 10:19:54	15,648	----a-w	d:\windows\system32\drivers\Awrtrd.sys+ 2008-04-29 10:20:00	15,648	----a-w	d:\windows\system32\drivers\NSDriver.sys- 2005-01-14 16:14:07	47,616	----a-w	d:\windows\system32\drivers\sfdrv01.sys+ 2005-08-10 12:44:04	50,688	----a-w	d:\windows\system32\drivers\sfdrv01.sys- 2004-10-28 10:47:59	6,656	----a-w	d:\windows\system32\drivers\sfhlp02.sys+ 2005-05-16 13:20:39	6,656	----a-w	d:\windows\system32\drivers\sfhlp02.sys+ 2005-12-12 19:12:01	49,664	----a-w	d:\windows\system32\drivers\sfsync04.sys+ 2008-05-16 10:58:04	12,632	----a-w	d:\windows\system32\lsdelete.exe+ 2009-02-27 10:18:06	16,384	----atw	d:\windows\Temp\Perflib_Perfdata_204.dat.(((((((((((((((((((((((((((((((((((((   Wpisy startowe rejestru   ))))))))))))))))))))))))))))))))))))))))))))))))))..*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane  REGEDIT4[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"ctfmon.exe"="d:\windows\system32\ctfmon.exe" [2004-08-04 15360]"EPSON Stylus DX4400 Series"="d:\windows\System32\spool\DRIVERS\W32X86\3\E_FATICAE.EXE" [2007-01-25 179200]"Stefan"="f:\program files\INTERIAPL\Stefan\Stefan.exe" [2008-07-17 685568][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"UserFaultCheck"="d:\windows\system32\dumprep 0 -u" [X]"KAVWks50"="d:\program files\Kaspersky Lab\Kaspersky Anti-Virus 5.0 for Windows Workstations\kav.exe" [2006-07-12 98407][HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]"AppInit_DLLs"= [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]--a------ 2006-01-12 15:40 155648 d:\program files\Common Files\Ahead\Lib\NeroCheck.exe[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]--a------ 2008-09-12 17:45 36352 d:\program files\Winamp\winampa.exe[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan]--a------ 2005-07-26 09:16 77824 d:\windows\SOUNDMAN.EXE[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]"kavsvc"=2 (0x2)[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]"DisableMonitoring"=dword:00000001[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]"%windir%\\system32\\sessmgr.exe"="d:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"="d:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"="d:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"="d:\\Program Files\\Java\\jre6\\launch4j-tmp\\JDownloader.exe"="d:\\WINDOWS\\system32\\java.exe"="d:\\Program Files\\BearShare\\BearShare.exe"="d:\\Program Files\\Gadu-Gadu\\gg.exe"="d:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"="d:\\Program Files\\Bonjour\\mDNSResponder.exe"="f:\\Program Files\\Vuze\\Azureus.exe"="d:\\Program Files\\Skype\\Phone\\Skype.exe"="f:\\Program Files\\Ubisoft\\Ghost Recon Advanced Warfighter\\GRAW.exe"=R1 klmc;Sterownik KLMC;d:\windows\system32\drivers\klmc.sys [2006-07-12 14803]R3 CXTuner;Conexant TVTuner;d:\windows\system32\drivers\CXTuner.sys [2006-05-23 23168]R3 CXVideo;Conexant Capture;d:\windows\system32\drivers\CXVCap.sys [2006-05-22 57216]R3 CXXBar;Conexant Crossbar;d:\windows\system32\drivers\CXXBar.sys [2006-04-25 9600]S3 SG762_XP;SAGEM 802.11g XG762 1211B Driver;d:\windows\system32\drivers\WlanBZXP.sys [2008-12-03 450560]S3 ZDCndis5;ZDCndis5 Protocol Driver;\??\d:\windows\system32\ZDCndis5.SYS --> d:\windows\system32\ZDCndis5.SYS [?][HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e3f3e0f7-b0b1-11dd-a3b0-806d6172696f}]\Shell\AutoRun\command - G:\setup.exe[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e3f3e0f9-b0b1-11dd-a3b0-806d6172696f}]\Shell\AutoRun\command - I:\USBNB.exe..------- Skan uzupełniający -------.uStart Page = hxxp://onet.pl/uInternet Settings,ProxyOverride = *.localFF - ProfilePath - d:\documents and settings\dastin\Dane aplikacji\Mozilla\Firefox\Profiles\k8q933k3.default\FF - prefs.js: browser.startup.homepage - www.onet.plFF - plugin: d:\program files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dllFF - plugin: d:\program files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dllFF - plugin: d:\program files\Mozilla Firefox 3.1 Beta 2\plugins\npRLCT4Player.dll.**************************************************************************catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.netRootkit scan 2009-02-27 13:14:04Windows 5.1.2600 Dodatek Service Pack 2 NTFSskanowanie ukrytych procesów ...  skanowanie ukrytych wpisów autostartu ... skanowanie ukrytych plików ...  skanowanie pomyślnie ukończoneukryte pliki: 0**************************************************************************.--------------------- ZABLOKOWANE KLUCZE REJESTRU ---------------------[HKEY_USERS\S-1-5-21-1482476501-1958367476-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{3DDFAB07-700E-32E4-DC00-A05C26A90585}*]@Allowed: (Read) (RestrictedCode)@Allowed: (Read) (RestrictedCode).Czas ukończenia: 2009-02-27 13:15:10ComboFix-quarantined-files.txt  2009-02-27 12:15:08ComboFix2.txt  2009-02-08 17:41:17ComboFix3.txt  2009-01-31 21:07:38ComboFix4.txt  2009-01-27 13:49:59Przed: 57,266,614,272 bajtów wolnychPo: 57,479,782,400 bajtów wolnych154TU SĄ LOGI Z 2 KOMPUTERÓW !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!ComboFix 09-02-26.02 - Kasia 2009-02-27 13:16:30.5 - NTFSx86Microsoft Windows XP Professional  5.1.2600.3.1250.48.1045.18.2039.1607 [GMT 1:00]Uruchomiony z: c:\documents and settings\Kasia\Pulpit\ComboFix.exeAV: Kaspersky Anti-Virus for Windows Workstations *On-access scanning enabled* (Updated) * Utworzono nowy punkt przywracania.(((((((((((((((((((((((((   Pliki utworzone od 2009-01-27 do 2009-02-27  ))))))))))))))))))))))))))))))).2009-01-27 17:26 . 2009-01-27 17:26	<DIR>	d--------	c:\documents and settings\Kasia\Dane aplikacji\Malwarebytes2009-01-27 17:26 . 2009-01-27 17:26	<DIR>	d--------	c:\documents and settings\All Users\Dane aplikacji\Malwarebytes2009-01-27 17:26 . 2009-01-14 16:11	38,496	--a------	c:\windows\system32\drivers\mbamswissarmy.sys2009-01-27 17:26 . 2009-01-14 16:11	15,504	--a------	c:\windows\system32\drivers\mbam.sys.((((((((((((((((((((((((((((((((((((((((   Sekcja Find3M   )))))))))))))))))))))))))))))))))))))))))))))))))))).2009-02-17 01:23	---------	d-----w	c:\documents and settings\Kasia\Dane aplikacji\Skype2009-02-17 01:01	---------	d-----w	c:\documents and settings\Kasia\Dane aplikacji\BESTplayer2009-02-17 00:35	---------	d-----w	c:\documents and settings\Kasia\Dane aplikacji\skypePM2009-01-17 14:20	---------	d-----w	c:\documents and settings\Kasia\Dane aplikacji\Mikrotik2009-01-03 14:54	---------	d-----w	c:\documents and settings\All Users\Dane aplikacji\Microsoft Help2009-01-03 14:51	---------	d-----w	c:\program files\MSBuild2009-01-03 14:51	---------	d-----w	c:\program files\Microsoft Works2009-01-03 14:31	---------	d-----w	c:\program files\Common Files\Ahead2009-01-03 14:30	---------	d-----w	c:\documents and settings\Kasia\Dane aplikacji\Ahead2009-01-03 14:28	---------	d-----w	c:\program files\Nero2009-01-03 14:28	---------	d-----w	c:\documents and settings\All Users\Dane aplikacji\Nero2009-01-03 01:08	---------	d--h--w	c:\program files\InstallShield Installation Information2009-01-02 13:48	---------	d-----w	c:\documents and settings\Kasia\Dane aplikacji\Ubisoft2009-01-02 13:40	---------	d-----w	c:\documents and settings\All Users\Dane aplikacji\Ubisoft2008-12-29 02:12	---------	d-----w	c:\program files\TRACERMM SOFT2008-12-22 15:39	98,304	----a-w	c:\windows\system32\CmdLineExt.dll2008-12-20 23:03	826,368	----a-w	c:\windows\system32\wininet.dll2008-12-16 19:43	118,784	------r	c:\windows\bwUnin-7.2.0.157-8876480SL.exe2008-12-01 16:40	410,976	----a-w	c:\windows\system32\deploytk.dll.(((((((((((((((((((((((((((((   snapshot_2009-01-27_19.12.31,06   ))))))))))))))))))))))))))))))))))))))))).+ 2008-06-17 19:04:53	8,490,496	----a-w	c:\windows\$hf_mig$\KB967715\SP3QFE\shell32.dll+ 2008-07-09 07:57:12	19,320	----a-w	c:\windows\$hf_mig$\KB967715\spmsg.dll+ 2008-07-09 07:57:13	234,360	----a-w	c:\windows\$hf_mig$\KB967715\spuninst.exe+ 2008-07-09 07:57:12	26,488	----a-w	c:\windows\$hf_mig$\KB967715\update\spcustom.dll+ 2008-07-09 07:57:15	763,256	----a-w	c:\windows\$hf_mig$\KB967715\update\update.exe+ 2008-07-09 07:57:23	398,200	----a-w	c:\windows\$hf_mig$\KB967715\update\updspapi.dll+ 2008-10-16 20:33:23	124,928	-c----w	c:\windows\ie7updates\KB961260-IE7\advpack.dll+ 2008-10-16 20:33:23	347,136	-c----w	c:\windows\ie7updates\KB961260-IE7\dxtmsft.dll+ 2008-10-16 20:33:24	214,528	-c----w	c:\windows\ie7updates\KB961260-IE7\dxtrans.dll+ 2008-10-16 20:33:24	133,120	-c----w	c:\windows\ie7updates\KB961260-IE7\extmgr.dll+ 2008-10-16 20:33:24	63,488	-c----w	c:\windows\ie7updates\KB961260-IE7\icardie.dll+ 2008-10-16 13:15:01	70,656	-c----w	c:\windows\ie7updates\KB961260-IE7\ie4uinit.exe+ 2008-10-16 20:33:24	153,088	-c----w	c:\windows\ie7updates\KB961260-IE7\ieakeng.dll+ 2008-10-16 20:33:24	230,400	-c----w	c:\windows\ie7updates\KB961260-IE7\ieaksie.dll+ 2008-10-15 07:04:53	161,792	-c----w	c:\windows\ie7updates\KB961260-IE7\ieakui.dll+ 2008-10-16 20:33:24	383,488	-c----w	c:\windows\ie7updates\KB961260-IE7\ieapfltr.dll+ 2008-10-16 20:33:25	384,512	-c----w	c:\windows\ie7updates\KB961260-IE7\iedkcs32.dll+ 2008-10-16 20:33:27	6,066,176	-c----w	c:\windows\ie7updates\KB961260-IE7\ieframe.dll+ 2008-10-16 20:33:27	44,544	-c----w	c:\windows\ie7updates\KB961260-IE7\iernonce.dll+ 2008-10-16 20:33:28	267,776	-c----w	c:\windows\ie7updates\KB961260-IE7\iertutil.dll+ 2008-10-16 13:11:09	13,824	-c----w	c:\windows\ie7updates\KB961260-IE7\ieudinit.exe+ 2008-10-15 07:06:26	633,632	-c----w	c:\windows\ie7updates\KB961260-IE7\iexplore.exe+ 2008-10-16 20:33:29	27,648	-c----w	c:\windows\ie7updates\KB961260-IE7\jsproxy.dll+ 2008-10-16 20:33:29	459,264	-c----w	c:\windows\ie7updates\KB961260-IE7\msfeeds.dll+ 2008-10-16 20:33:29	52,224	-c----w	c:\windows\ie7updates\KB961260-IE7\msfeedsbs.dll+ 2008-12-13 06:39:17	3,593,216	-c----w	c:\windows\ie7updates\KB961260-IE7\mshtml.dll+ 2008-10-16 20:33:33	477,696	-c----w	c:\windows\ie7updates\KB961260-IE7\mshtmled.dll+ 2008-10-16 20:33:33	193,024	-c----w	c:\windows\ie7updates\KB961260-IE7\msrating.dll+ 2008-10-16 20:33:33	671,232	-c----w	c:\windows\ie7updates\KB961260-IE7\mstime.dll+ 2008-10-16 20:33:33	102,912	-c----w	c:\windows\ie7updates\KB961260-IE7\occache.dll+ 2008-10-16 20:33:33	44,544	-c----w	c:\windows\ie7updates\KB961260-IE7\pngfilt.dll+ 2007-03-06 03:28:40	216,288	-c----w	c:\windows\ie7updates\KB961260-IE7\spuninst\spuninst.exe+ 2007-03-06 03:29:50	386,784	-c----w	c:\windows\ie7updates\KB961260-IE7\spuninst\updspapi.dll+ 2008-10-16 20:33:33	105,984	-c----w	c:\windows\ie7updates\KB961260-IE7\url.dll+ 2008-10-16 20:33:34	1,160,192	-c----w	c:\windows\ie7updates\KB961260-IE7\urlmon.dll+ 2008-10-16 20:33:34	233,472	-c----w	c:\windows\ie7updates\KB961260-IE7\webcheck.dll+ 2008-10-16 20:33:34	826,368	-c----w	c:\windows\ie7updates\KB961260-IE7\wininet.dll- 2008-10-16 20:33:23	124,928	----a-w	c:\windows\system32\advpack.dll+ 2008-12-20 23:03:39	124,928	----a-w	c:\windows\system32\advpack.dll+ 2008-12-20 23:03:39	124,928	-c----w	c:\windows\system32\dllcache\advpack.dll+ 2008-12-20 23:03:39	347,136	-c----w	c:\windows\system32\dllcache\dxtmsft.dll+ 2008-12-20 23:03:39	214,528	-c----w	c:\windows\system32\dllcache\dxtrans.dll+ 2008-12-20 23:03:39	133,120	-c----w	c:\windows\system32\dllcache\extmgr.dll+ 2008-12-20 23:03:40	63,488	-c----w	c:\windows\system32\dllcache\icardie.dll+ 2008-12-19 09:13:43	70,656	-c----w	c:\windows\system32\dllcache\ie4uinit.exe+ 2008-12-20 23:03:40	153,088	-c----w	c:\windows\system32\dllcache\ieakeng.dll+ 2008-12-20 23:03:40	230,400	-c----w	c:\windows\system32\dllcache\ieaksie.dll+ 2008-12-19 05:23:56	161,792	-c----w	c:\windows\system32\dllcache\ieakui.dll+ 2007-04-17 09:32:38	2,455,488	-c----w	c:\windows\system32\dllcache\ieapfltr.dat+ 2008-12-20 23:03:41	383,488	-c----w	c:\windows\system32\dllcache\ieapfltr.dll+ 2008-12-20 23:03:41	384,512	-c----w	c:\windows\system32\dllcache\iedkcs32.dll+ 2008-12-20 23:03:44	6,066,688	-c----w	c:\windows\system32\dllcache\ieframe.dll+ 2008-12-20 23:03:45	44,544	-c----w	c:\windows\system32\dllcache\iernonce.dll+ 2008-12-20 23:03:45	267,776	-c----w	c:\windows\system32\dllcache\iertutil.dll+ 2008-12-19 09:10:15	13,824	-c----w	c:\windows\system32\dllcache\ieudinit.exe+ 2008-12-19 05:25:25	634,024	-c----w	c:\windows\system32\dllcache\iexplore.exe+ 2008-12-20 23:03:47	27,648	-c----w	c:\windows\system32\dllcache\jsproxy.dll+ 2008-12-20 23:03:47	459,264	-c----w	c:\windows\system32\dllcache\msfeeds.dll+ 2008-12-20 23:03:47	52,224	-c----w	c:\windows\system32\dllcache\msfeedsbs.dll+ 2009-01-16 20:30:38	3,594,752	-c----w	c:\windows\system32\dllcache\mshtml.dll+ 2008-12-20 23:03:51	477,696	-c----w	c:\windows\system32\dllcache\mshtmled.dll+ 2008-12-20 23:03:51	193,024	-c----w	c:\windows\system32\dllcache\msrating.dll+ 2008-12-20 23:03:51	671,232	-c----w	c:\windows\system32\dllcache\mstime.dll+ 2008-12-20 23:03:51	102,912	-c----w	c:\windows\system32\dllcache\occache.dll+ 2008-12-20 23:03:51	44,544	-c----w	c:\windows\system32\dllcache\pngfilt.dll+ 2008-06-17 19:03:15	8,489,984	-c----w	c:\windows\system32\dllcache\shell32.dll+ 2008-12-20 23:03:51	105,984	-c----w	c:\windows\system32\dllcache\url.dll+ 2008-12-20 23:03:52	1,160,192	-c----w	c:\windows\system32\dllcache\urlmon.dll+ 2008-12-20 23:03:52	233,472	-c----w	c:\windows\system32\dllcache\webcheck.dll+ 2008-12-20 23:03:53	826,368	-c----w	c:\windows\system32\dllcache\wininet.dll+ 2007-02-14 13:21:00	30,285	----a-w	c:\windows\system32\drivers\btwmodem.sys- 2008-10-16 20:33:23	347,136	------w	c:\windows\system32\dxtmsft.dll+ 2008-12-20 23:03:39	347,136	------w	c:\windows\system32\dxtmsft.dll- 2008-10-16 20:33:24	214,528	------w	c:\windows\system32\dxtrans.dll+ 2008-12-20 23:03:39	214,528	------w	c:\windows\system32\dxtrans.dll- 2008-10-16 20:33:24	133,120	------w	c:\windows\system32\extmgr.dll+ 2008-12-20 23:03:39	133,120	------w	c:\windows\system32\extmgr.dll- 2008-10-16 20:33:24	63,488	----a-w	c:\windows\system32\icardie.dll+ 2008-12-20 23:03:40	63,488	----a-w	c:\windows\system32\icardie.dll- 2008-10-16 13:15:01	70,656	------w	c:\windows\system32\ie4uinit.exe+ 2008-12-19 09:13:43	70,656	------w	c:\windows\system32\ie4uinit.exe- 2008-10-16 20:33:24	153,088	------w	c:\windows\system32\ieakeng.dll+ 2008-12-20 23:03:40	153,088	------w	c:\windows\system32\ieakeng.dll- 2008-10-16 20:33:24	230,400	------w	c:\windows\system32\ieaksie.dll+ 2008-12-20 23:03:40	230,400	------w	c:\windows\system32\ieaksie.dll- 2008-10-15 07:04:53	161,792	------w	c:\windows\system32\ieakui.dll+ 2008-12-19 05:23:56	161,792	------w	c:\windows\system32\ieakui.dll- 2008-10-16 20:33:24	383,488	----a-w	c:\windows\system32\ieapfltr.dll+ 2008-12-20 23:03:41	383,488	----a-w	c:\windows\system32\ieapfltr.dll- 2008-10-16 20:33:25	384,512	------w	c:\windows\system32\iedkcs32.dll+ 2008-12-20 23:03:41	384,512	------w	c:\windows\system32\iedkcs32.dll- 2008-10-16 20:33:27	6,066,176	----a-w	c:\windows\system32\ieframe.dll+ 2008-12-20 23:03:44	6,066,688	----a-w	c:\windows\system32\ieframe.dll- 2008-10-16 20:33:27	44,544	------w	c:\windows\system32\iernonce.dll+ 2008-12-20 23:03:45	44,544	------w	c:\windows\system32\iernonce.dll- 2008-10-16 20:33:28	267,776	----a-w	c:\windows\system32\iertutil.dll+ 2008-12-20 23:03:45	267,776	----a-w	c:\windows\system32\iertutil.dll- 2008-10-16 13:11:09	13,824	----a-w	c:\windows\system32\ieudinit.exe+ 2008-12-19 09:10:15	13,824	----a-w	c:\windows\system32\ieudinit.exe- 2008-10-16 20:33:29	27,648	------w	c:\windows\system32\jsproxy.dll+ 2008-12-20 23:03:47	27,648	------w	c:\windows\system32\jsproxy.dll- 2009-01-10 01:35:28	20,853,704	----a-w	c:\windows\system32\MRT.exe+ 2009-02-12 04:56:17	21,244,872	----a-w	c:\windows\system32\MRT.exe- 2008-10-16 20:33:29	459,264	----a-w	c:\windows\system32\msfeeds.dll+ 2008-12-20 23:03:47	459,264	----a-w	c:\windows\system32\msfeeds.dll- 2008-10-16 20:33:29	52,224	----a-w	c:\windows\system32\msfeedsbs.dll+ 2008-12-20 23:03:47	52,224	----a-w	c:\windows\system32\msfeedsbs.dll- 2008-12-13 06:39:17	3,593,216	----a-w	c:\windows\system32\mshtml.dll+ 2009-01-16 20:30:38	3,594,752	----a-w	c:\windows\system32\mshtml.dll- 2008-10-16 20:33:33	477,696	------w	c:\windows\system32\mshtmled.dll+ 2008-12-20 23:03:51	477,696	------w	c:\windows\system32\mshtmled.dll- 2008-10-16 20:33:33	193,024	------w	c:\windows\system32\msrating.dll+ 2008-12-20 23:03:51	193,024	------w	c:\windows\system32\msrating.dll- 2008-10-16 20:33:33	671,232	------w	c:\windows\system32\mstime.dll+ 2008-12-20 23:03:51	671,232	------w	c:\windows\system32\mstime.dll- 2008-10-16 20:33:33	102,912	------w	c:\windows\system32\occache.dll+ 2008-12-20 23:03:51	102,912	------w	c:\windows\system32\occache.dll- 2009-01-21 12:35:54	40,326	----a-w	c:\windows\system32\perfc009.dat+ 2009-02-15 09:08:44	41,170	----a-w	c:\windows\system32\perfc009.dat- 2009-01-21 12:35:54	49,910	----a-w	c:\windows\system32\perfc015.dat+ 2009-02-15 09:08:44	51,166	----a-w	c:\windows\system32\perfc015.dat- 2009-01-21 12:35:54	311,938	----a-w	c:\windows\system32\perfh009.dat+ 2009-02-15 09:08:44	314,842	----a-w	c:\windows\system32\perfh009.dat- 2009-01-21 12:35:54	356,068	----a-w	c:\windows\system32\perfh015.dat+ 2009-02-15 09:08:44	359,416	----a-w	c:\windows\system32\perfh015.dat- 2008-10-16 20:33:33	44,544	----a-w	c:\windows\system32\pngfilt.dll+ 2008-12-20 23:03:51	44,544	----a-w	c:\windows\system32\pngfilt.dll- 2008-04-14 20:50:48	8,489,984	----a-w	c:\windows\system32\shell32.dll+ 2008-06-17 19:03:15	8,489,984	----a-w	c:\windows\system32\shell32.dll- 2007-11-30 12:40:46	19,320	------w	c:\windows\system32\spmsg.dll+ 2008-07-09 07:57:12	19,320	------w	c:\windows\system32\spmsg.dll- 2008-10-16 20:33:33	105,984	----a-w	c:\windows\system32\url.dll+ 2008-12-20 23:03:51	105,984	----a-w	c:\windows\system32\url.dll- 2008-10-16 20:33:34	1,160,192	----a-w	c:\windows\system32\urlmon.dll+ 2008-12-20 23:03:52	1,160,192	----a-w	c:\windows\system32\urlmon.dll- 2008-10-16 20:33:34	233,472	----a-w	c:\windows\system32\webcheck.dll+ 2008-12-20 23:03:52	233,472	----a-w	c:\windows\system32\webcheck.dll+ 2009-02-27 12:13:28	16,384	----atw	c:\windows\Temp\Perflib_Perfdata_1e8.dat.-- Migawka wyzerowana --.(((((((((((((((((((((((((((((((((((((   Wpisy startowe rejestru   ))))))))))))))))))))))))))))))))))))))))))))))))))..*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane  REGEDIT4[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]"Gadu-Gadu"="c:\program files\Gadu-Gadu\gg.exe" [2008-03-20 2127296]"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-02-11 68856]"LDM"="c:\program files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [2008-12-16 36864]"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2006-12-23 143360][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"UserFaultCheck"="c:\windows\system32\dumprep 0 -u" [X]"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2007-01-05 872448]"IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-09-24 141848]"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-09-24 166424]"Persistence"="c:\windows\system32\igfxpers.exe" [2007-09-24 137752]"KAVWks50"="c:\program files\Kaspersky Lab\Kaspersky Anti-Virus 5.0 for Windows Workstations\kav.exe" [2006-07-12 98407]"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2008-12-01 136600]"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]"LogitechCommunicationsManager"="c:\program files\Common Files\Logitech\LComMgr\Communications_Helper.exe" [2006-10-31 284184]"LogitechQuickCamRibbon"="c:\program files\Logitech\QuickCam10\QuickCam10.exe" [2006-11-15 746520]"LVCOMSX"="c:\program files\Common Files\Logitech\LComMgr\LVComSX.exe" [2006-11-15 244512]"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648]"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-27 31016][HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360][HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]"AppInit_DLLs"= [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]"DisableMonitoring"=dword:00000001[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\system32\\sessmgr.exe"="c:\\Program Files\\Java\\jre6\\launch4j-tmp\\JDownloader.exe"="c:\\WINDOWS\\system32\\java.exe"="c:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"="c:\\Program Files\\Gadu-Gadu\\gg.exe"="c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"="c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"="c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"="c:\\WINDOWS\\system32\\mmc.exe"="c:\\Program Files\\Skype\\Phone\\Skype.exe"=R1 klmc;Sterownik KLMC;c:\windows\system32\drivers\klmc.sys [2006-07-12 14803]S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [2008-04-14 14336][HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]WINRM	REG_MULTI_SZ   	WINRM[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{09ac86d7-bfc3-11dd-a061-0021006b3287}]\Shell\AutoRun\command - H:\USBNB.exe..------- Skan uzupełniający -------.uStart Page = hxxp://www.google.pl/IE: E&ksport do programu Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000IE: E&ksportuj do programu Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000IE: Wyślij do urządzenia &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htmHandler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dllFF - ProfilePath - c:\documents and settings\Kasia\Dane aplikacji\Mozilla\Firefox\Profiles\nd7anuko.default\FF - prefs.js: browser.startup.homepage - www.onet.plFF - component: c:\program files\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\components\NPComponent.dllFF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dllFF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll.**************************************************************************catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.netRootkit scan 2009-02-27 13:17:40Windows 5.1.2600 Dodatek Service Pack 3 NTFSskanowanie ukrytych procesów ...  skanowanie ukrytych wpisów autostartu ... skanowanie ukrytych plików ...  skanowanie pomyślnie ukończoneukryte pliki: 0**************************************************************************.Czas ukończenia: 2009-02-27 13:18:32ComboFix-quarantined-files.txt  2009-02-27 12:18:30ComboFix2.txt  2009-02-09 18:03:03ComboFix3.txt  2009-01-27 18:13:10ComboFix4.txt  2009-01-13 17:36:59ComboFix5.txt  2009-02-27 12:16:04Przed: 103 321 591 808 bajtów wolnychPo: 103,386,255,360 bajtów wolnych261

Mateusz J.
komentarz
komentarz

Oba czyste...w czym problem?

dastin
komentarz
komentarz

wszystko co włączałem to sie wyłączało i pisało że jest jakiś tam błąd dlatego wstawiłem a drugi komputer to jest mamy wiec na wszlki wypadek dałem go :) ale skoro jest czystko to super :)

Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!

Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.

×
×
  • Dodaj nową pozycję...

Powiadomienie o plikach cookie

Strona wykorzystuje pliki cookies w celu prawidłowego świadczenia usług i wygody użytkowników. Warunki przechowywania i dostępu do plików cookies możesz zmienić w ustawieniach przeglądarki.