Kod: 25405 WKLEJTO.PL Darmowa wklejka, na zawsze!

1. 2. 3. 4. 5. 6. 7. 8. 9. 10. 11. 12. 13. 14. 15. 16. 17. 18. 19. 20. 21. 22. 23. 24. 25. 26. 27. 28. 29. 30. 31. 32. 33. 34. 35. 36. 37. 38. 39. 40. 41. 42. 43. 44. 45. 46. 47. 48. 49. 50. 51. 52. 53. 54. 55. 56. 57. 58. 59. 60. 61. 62. 63. 64. 65. 66. 67. 68. 69. 70. 71. 72. 73. 74. 75. 76. 77. 78. 79. 80. 81. 82. 83. 84. 85. 86. 87. 88. 89. 90. 91. 92. 93. 94. 95. 96. 97. 98. 99. 100. 101. 102. 103. 104. 105. 106. 107. 108. 109. 110. 111. 112. 113. 114. 115. 116. 117. 118. 119. 120. 121. 122. 123. 124. 125. 126. 127. 128. 129. 130. 131. 132. 133. 134. 135. 136. 137. 138. 139. 140. 141. 142. 143. 144. 145. 146. 147. 148. 149. 150. 151. 152. 153. 154. 155. 156. 157. 158. 159. 160. 161. 162. 163. 164. 165. 166. 167. 168. 169. 170. 171. 172. 173. 174. 175. 176. 177. 178. 179. 180. 181. 182. 183. 184. 185. 186. 187. 188. 189. 190. 191. 192. 193. 194. 195. 196. 197. 198. 199. 200. 201. 202. 203. 204. 205. 206. 207. 208. 209. 210. 211. 212. 213. 214. 215. 216. 217. 218. 219. 220. 221. 222. 223. 224. 225. 226. 227. 228. 229. 230. 231. 232. 233. 234. 235. 236. 237. 238. 239. 240. 241. 242. 243. 244. 245. 246. 247. 248. 249. 250.

ComboFix 09-02-06.04 - Anetka 2009-02-07 19:10:54.11 - NTFSx86 Microsoft Windows XP Home Edition 5.1.2600.3.1250.1.1045.18.1022.645 [GMT 1:00] Uruchomiony z: d:\instalki\ComboFix.exe * Utworzono nowy punkt przywracania . ((((((((((((((((((((((((((((((((((((((( Usuni�to ))))))))))))))))))))))))))))))))))))))))))))))))) . C:\1utbfd.bat C:\8.bat C:\autorun.inf C:\m0vnonh.bat C:\pook.com c:\windows\system32\nmdfgds0.dll c:\windows\system32\nmdfgds1.dll c:\windows\system32\olhrwef.exe D:\1utbfd.bat D:\8.bat D:\Autorun.inf D:\m0vnonh.bat D:\pook.com E:\1utbfd.bat E:\autorun.inf G:\1utbfd.bat G:\autorun.inf H:\1utbfd.bat H:\8.bat H:\Autorun.inf I:\1utbfd.bat I:\8.bat I:\Autorun.inf J:\1utbfd.bat J:\8.bat J:\Autorun.inf K:\1utbfd.bat K:\8.bat K:\Autorun.inf . ((((((((((((((((((((((((( Pliki utworzone od 2009-01-07 do 2009-02-07 ))))))))))))))))))))))))))))))) . 2009-02-07 18:44 . 2009-02-07 18:44 <DIR> d-------- c:\documents and settings\Anetka\Dane aplikacji\Apple Computer 2009-02-07 18:43 . 2009-02-07 18:43 54,156 --ah----- c:\windows\QTFont.qfn 2009-02-07 18:43 . 2009-02-07 18:43 1,409 --a------ c:\windows\QTFont.for 2009-02-07 18:31 . 2009-02-07 18:31 <DIR> d-------- c:\documents and settings\Anetka\Dane aplikacji\Sony 2009-02-07 18:31 . 2009-02-07 18:31 <DIR> d-------- c:\documents and settings\All Users\Dane aplikacji\Sony 2009-02-04 19:49 . 2009-02-04 19:50 <DIR> d-------- c:\program files\QuickTime 2009-02-04 19:49 . 2009-02-04 19:49 <DIR> d-------- c:\program files\Apple Software Update 2009-02-04 19:49 . 2009-02-04 19:49 <DIR> d-------- c:\documents and settings\All Users\Dane aplikacji\Apple Computer 2009-02-04 19:49 . 2009-02-04 19:49 <DIR> d-------- c:\documents and settings\All Users\Dane aplikacji\Apple 2009-01-31 16:12 . 2009-02-01 09:07 109,930 -r-hs---- C:\a2h2.com 2009-01-31 09:14 . 2009-01-31 09:13 109,127 -r-hs---- C:\hl80c6b1.com 2009-01-22 18:19 . 2009-01-23 05:57 107,882 -r-hs---- C:\w98.com 2009-01-20 16:49 . 2009-01-20 23:22 108,869 -r-hs---- C:\gy.exe 2009-01-18 13:40 . 2009-01-18 13:40 <DIR> d-------- c:\program files\Common Files\Adobe AIR 2009-01-18 13:40 . 2009-01-18 13:40 <DIR> d-------- c:\program files\Adobe Media Player 2009-01-16 10:40 . 2008-04-14 18:21 70,144 --a------ c:\windows\AhnRpta.exe 2009-01-16 10:34 . 2009-01-17 09:11 110,003 -r-hs---- C:\x2csvg.exe 2009-01-16 06:10 . 2009-01-15 17:38 108,940 -r-hs---- C:\ve.exe . (((((((((((((((((((((((((((((((((((((((( Sekcja Find3M )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-02-07 18:02 22,528 ----a-w c:\windows\system32\drivers\nhcDriver.sys 2009-02-07 17:37 2,828 --sha-w c:\documents and settings\All Users\Dane aplikacji\KGyGaAvL.sys 2009-02-07 17:36 88 --sh--r c:\documents and settings\All Users\Dane aplikacji\[u]0[/u]20ADEE2A4.sys 2009-02-07 08:30 --------- d-----w c:\documents and settings\All Users\Dane aplikacji\PrevxCSI 2009-02-06 21:26 --------- d-----w c:\documents and settings\Anetka\Dane aplikacji\Skype 2009-02-04 18:44 --------- d--h--w c:\program files\InstallShield Installation Information 2009-01-28 16:18 85,504 --sh--r c:\windows\system32\vbsdfe0.dll 2009-01-05 13:23 --------- d-----w c:\documents and settings\Anetka\Dane aplikacji\OpenOffice.org2 2009-01-04 10:17 --------- d-----w c:\program files\FlashGet 2008-12-26 08:01 85,504 --sh--r c:\windows\system32\vbsdfe1.dll 2008-12-20 10:35 --------- d-----w c:\documents and settings\Anetka\Dane aplikacji\Media Player Classic 2008-12-20 10:33 --------- d-----w c:\program files\7-Zip 2008-12-20 10:31 --------- d-----w c:\program files\Real Alternative 2008-12-11 10:57 333,952 ----a-w c:\windows\system32\drivers\srv.sys 2001-02-23 17:22 299,008 ----a-w c:\program files\bestplayer1.0.exe 2008-05-25 17:02 67,696 ----a-w c:\program files\mozilla firefox\components\jar50.dll 2008-05-25 17:02 54,376 ----a-w c:\program files\mozilla firefox\components\jsd3250.dll 2008-05-25 17:02 34,952 ----a-w c:\program files\mozilla firefox\components\myspell.dll 2008-05-25 17:02 46,720 ----a-w c:\program files\mozilla firefox\components\spellchk.dll 2008-05-25 17:02 172,144 ----a-w c:\program files\mozilla firefox\components\xpinstal.dll 2008-10-09 07:27 32,768 --sha-w c:\windows\system32\config\systemprofile\Ustawienia lokalne\Historia\History.IE5\MSHist012008100920081010\index.dat . ((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Uwaga* puste wpisy oraz domy�lne, prawid�owe wpisy nie s� pokazane REGEDIT4 [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks] "{57BCA5FA-5DBB-45a2-B558-1755C3F6253B}"= "c:\program files\Winamp Toolbar\winamptb.dll" [2008-03-19 1267040] [HKEY_CLASSES_ROOT\clsid\{57bca5fa-5dbb-45a2-b558-1755c3f6253b}] [HKEY_CLASSES_ROOT\WINAMPTB.AOLTBSearch.1] [HKEY_CLASSES_ROOT\TypeLib\{538CD77C-BFDD-49b0-9562-77419CAB89D1}] [HKEY_CLASSES_ROOT\WINAMPTB.AOLTBSearch] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "TOSCDSPD"="c:\program files\TOSHIBA\TOSCDSPD\toscdspd.exe" [2005-04-12 65536] "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "HWSetup"="c:\program files\TOSHIBA\TOSHIBA Applet\HWSetup.exe" [2004-05-01 28672] "PadTouch"="c:\program files\TOSHIBA\Touch and Launch\PadExe.exe" [2005-08-30 1077328] "SVPWUTIL"="c:\program files\Toshiba\Windows Utilities\SVPWUTIL.exe" [2004-05-01 65536] "TPNF"="c:\program files\TOSHIBA\TouchPad\TPTray.exe" [2005-08-25 53248] "Tvs"="c:\program files\TOSHIBA\Tvs\TvsTray.exe" [2005-04-05 73728] "SmoothView"="c:\program files\TOSHIBA\Program narz�dziowy TOSHIBA Zooming Utility\SmoothView.exe" [2005-05-13 118784] "Apoint"="c:\program files\Apoint2K\Apoint.exe" [2004-03-24 196608] "CeEKEY"="c:\program files\TOSHIBA\E-KEY\CeEKey.exe" [2005-09-06 671744] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2007-10-19 286720] "NotebookHardwareControl"="c:\program files\Notebook Hardware Control\nhc.exe" [2007-05-04 2629632] "TPSMain"="TPSMain.exe" [2004-06-28 c:\windows\system32\TPSMain.exe] "TPSODDCtl"="TPSODDCtl.exe" [2006-04-24 c:\windows\system32\TPSODDCtl.exe] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] "{BB4C402F-882A-4526-8C08-51278EA437C1}"= "c:\windows\system32\afmain0.dll" [2008-04-14 78848] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "msacm.iac2"= c:\progra~1\ACEMEG~1\SystemS\Intel\iac25_32.ax "msacm.sl_anet"= c:\progra~1\ACEMEG~1\SystemS\sl_anet.acm "vidc.yv12"= c:\progra~1\ACEMEG~1\SystemS\ATI\atiyuv12.DLL "vidc.divx"= c:\progra~1\ACEMEG~1\SystemS\DivX\DivX520.dll "msacm.msaudio1"= c:\progra~1\ACEMEG~1\SystemS\MICROS~1\msaud32.acm [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^Bluetooth Manager.lnk] path=c:\documents and settings\All Users\Menu Start\Programy\Autostart\Bluetooth Manager.lnk backup=c:\windows\pss\Bluetooth Manager.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^LUMIX Simple Viewer.lnk] path=c:\documents and settings\All Users\Menu Start\Programy\Autostart\LUMIX Simple Viewer.lnk backup=c:\windows\pss\LUMIX Simple Viewer.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^Microsoft Office.lnk] path=c:\documents and settings\All Users\Menu Start\Programy\Autostart\Microsoft Office.lnk backup=c:\windows\pss\Microsoft Office.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^Anetka^Menu Start^Programy^Autostart^Adobe Gamma.lnk] path=c:\documents and settings\Anetka\Menu Start\Programy\Autostart\Adobe Gamma.lnk backup=c:\windows\pss\Adobe Gamma.lnkStartup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATIPTA] --a------ 2005-08-05 20:05 344064 c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPUsageTracking] --a------ 2005-09-07 02:25 36864 c:\program files\HP\HP UT\bin\hppusg.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype] --a------ 2007-01-12 14:11 25448488 c:\program files\Skype\Phone\Skype.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ToolBoxFX] --a------ 2005-11-21 14:55 45056 c:\program files\HP\ToolBoxFX\bin\HPTLBXFX.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WheelMouse] --a------ 2005-09-21 18:23 159744 c:\progra~1\A4Tech\Mouse\Amoumain.exe [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusDisableNotify"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "8072:TCP"= 8072:TCP:BitComet 8072 TCP "8072:UDP"= 8072:UDP:BitComet 8072 UDP R0 pxark;pxark;c:\windows\system32\drivers\pxark.sys [2008-10-29 26808] R2 CSIScanner;CSIScanner;c:\program files\PrevxCSI\prevxcsi.exe [2008-10-29 927288] R3 Amps2prt;A4Tech PS/2 Port Mouse Driver;c:\windows\system32\drivers\Amps2prt.sys [2006-06-03 12800] R3 RMSPPPOE;WAN Miniport (PPP over Ethernet Protocol);c:\windows\system32\drivers\RMSPPPOE.SYS [2006-06-01 31424] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\H] \Shell\AutoRun\command - H:\j60osk9.cmd \Shell\open\Command - H:\j60osk9.cmd [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\I] \Shell\AutoRun\command - I:\2u.com \Shell\explore\Command - I:\2u.com \Shell\open\Command - I:\2u.com . Zawarto�� folderu 'Zaplanowane zadania' 2009-02-04 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2007-08-29 14:57] . - - - - USUNI�TO PUSTE WPISY - - - - HKCU-Run-cdoosoft - c:\windows\system32\olhrwef.exe . ------- Skan uzupe�niaj�cy ------- . uStart Page = hxxp://www.wp.pl/ uSearchMigratedDefaultURL = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} uInternet Connection Wizard,ShellNext = iexplore uSearchURL,(Default) = hxxp://g.msn.co.uk/0SEENGB/SAOS01?FORM=TOOLBR IE: &Winamp Search - c:\documents and settings\All Users\Dane aplikacji\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html IE: {{7BFE183A-7A50-420C-84EE-6EFD2DA47994} - c:\program files\TransAng3\tren3ie_tlumacz2.htm IE: {{7DE19680-4CF2-418B-BB5F-6374EDB40116} - c:\program files\TransAng3\tren3ie_tlumacz.htm IE: {{7F27B609-F13A-42FC-8D66-3AE87E5E01D8} - c:\program files\TransAng3\tren3ie_opcje.htm DPF: {5A09E43F-A0A7-4ABF-AF80-11367CF1DC8F} - hxxp://mks.com.pl/skaner/SkanerOnline.cab DPF: {68282C51-9459-467B-95BF-3C0E89627E55} - hxxp://www.mks.com.pl/skaner/SkanerOnline.cab FF - ProfilePath - . ************************************************************************** catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-02-07 19:13:20 Windows 5.1.2600 Dodatek Service Pack 3 NTFS skanowanie ukrytych proces�w ... skanowanie ukrytych wpis�w autostartu ... skanowanie ukrytych plik�w ... skanowanie pomy�lnie uko�czone ukryte pliki: 0 ************************************************************************** . --------------------- Pliki DLL �adowane pod uruchomionymi procesami --------------------- - - - - - - - > 'winlogon.exe'(928) c:\windows\system32\Ati2evxx.dll . Czas uko�czenia: 2009-02-07 19:14:56 ComboFix-quarantined-files.txt 2009-02-07 18:14:27 Przed: 1�186�758�656 bajt�w wolnych Po: 1,196,089,344 bajt�w wolnych 205 --- E O F --- 2009-01-14 19:03:30

Nowy Komentarz:

Komentarze: