Load! 0.48.13 i zamulony komp


(Mateuszrysik) #1

Mam to samo zrobiłem tak jak napisałeś oto log:

[b]SDFix: Version 1.240 [/b]

Run by Mateusz on 2009-01-11 at 09:33


Microsoft Windows XP [Wersja 5.1.2600]

Running From: C:\SDFix


[b]Checking Services [/b]:



Restoring Default Security Values

Restoring Default Hosts File


Rebooting



[b]Checking Files [/b]: 


No Trojan Files Found







Removing Temp Files


[b]ADS Check [/b]:




                                 [b]Final Check [/b]:


catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2009-01-11 09:42:30

Windows 5.1.2600 Dodatek Service Pack 3 NTFS


scanning hidden processes ...


scanning hidden services & system hive ...


scanning hidden registry entries ...


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Prefetcher]

"TracesProcessed"=dword:0000014f


scanning hidden files ...


scan completed successfully

hidden processes: 0

hidden services: 0

hidden files: 0



[b]Remaining Services [/b]:





Authorized Application Key Export:


[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

"C:\\Program Files\\Tlen.pl\\tlen.exe"="C:\\Program Files\\Tlen.pl\\tlen.exe:*:Enabled:Komunikator Tlen.pl"

"C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype. Take a deep breath "


[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"


[b]Remaining Files [/b]:




[b]Files with Hidden Attributes [/b]:


Sat 10 Jan 2009 122,352 ..SHR --- "C:\2.exe"


[b]Finished![/b]

(Gutek) #2

Użyj - http://www.bezpieczenstwosystemow.pl/in ... pic=1647.0

- Flash Disinfector

- BitDefender Pica Removal Tool

- PRT (Perlovga Removal Tool)

Daj log z ComboFix