Muli mi neta... Help


(Arturtsw) #1

Witam...

Od kilku dni gdy uruchamiam przeglądarke dosyć wolno wgrywają mi się strony (nie tak jak kiedyś :cry: ). Jestem nowicjuszem i dopiero się ucze :P, daje log do sprawdzenia... jeśli jednak to nie w tym rzecz niech ktoś mi pomoże... z Góry dzięki ... pozdro

ComboFix 07-11-08.1 - Artur 2007-11-12 21:14:44.2 - NTFSx86

Microsoft Windows XP Professional 5.1.2600.2.1250.1.1045.18.178 [GMT 1:00]

Running from: C:\Documents and Settings\Artur&Nati\Pulpit\combofix.exe

.

((((((((((((((((((((((((( Files Created from 2007-10-12 to 2007-11-12 )))))))))))))))))))))))))))))))

.

2007-11-12 21:11 51,200 --a------ C:\WINDOWS\NirCmd.exe

2007-11-08 21:47

2007-11-08 14:35

2007-11-08 14:35

2007-11-08 14:35

2007-11-04 00:35

2007-10-31 17:53

2007-10-31 17:37

2007-10-31 17:37

2007-10-29 21:03

2007-10-28 01:32 512,096 --a------ C:\WINDOWS\system32\drivers\amon.sys

2007-10-28 01:32 298,104 --a------ C:\WINDOWS\system32\imon.dll

2007-10-28 01:32 15,424 --a------ C:\WINDOWS\system32\drivers\nod32drv.sys

2007-10-27 01:12

2007-10-21 21:18 127,488 --------- C:\WINDOWS\system32\drivers\imagesrv.sys

2007-10-21 21:18 5,888 --------- C:\WINDOWS\system32\drivers\imagedrv.sys

2007-10-21 21:17

2007-10-21 21:17

2007-10-21 21:17 1,568,768 --------- C:\WINDOWS\system32\ImagX7.dll

2007-10-21 21:17 476,320 --------- C:\WINDOWS\system32\ImagXpr7.dll

2007-10-21 21:17 471,040 --------- C:\WINDOWS\system32\ImagXRA7.dll

2007-10-21 21:17 364,544 --------- C:\WINDOWS\system32\TwnLib4.dll

2007-10-21 21:17 262,144 --------- C:\WINDOWS\system32\ImagXR7.dll

2007-10-21 21:17 155,648 --a------ C:\WINDOWS\system32\NeroCheck.exe

2007-10-21 21:17 106,496 --a------ C:\WINDOWS\system32\TwnLib20.dll

2007-10-21 12:59 36,480 --a------ C:\WINDOWS\system32\drivers\P2k.sys

2007-10-21 10:41

2007-10-21 10:41 107,888 --a------ C:\WINDOWS\system32\CmdLineExt.dll

2007-10-21 10:38

2007-10-21 10:37

2007-10-21 01:21

2007-10-20 23:29 23,856 --a------ C:\WINDOWS\system32\spupdsvc.exe

2007-10-20 23:26

2007-10-20 23:26 1,419,232 --a------ C:\WINDOWS\system32\wdfcoinstaller01005.dll

2007-10-20 23:26 40,832 --a------ C:\WINDOWS\system32\drivers\motodrv.sys

2007-10-20 23:26 20,992 --a------ C:\WINDOWS\system32\drivers\motmodem.sys

2007-10-20 15:55

2007-10-19 19:51

2007-10-19 19:51

2007-10-19 19:51

2007-10-19 19:51

2007-10-15 21:28

2007-10-15 17:38

2007-10-15 17:38 49,664 -ra------ C:\WINDOWS\system32\drivers\HPZid412.sys

2007-10-15 17:38 16,496 -ra------ C:\WINDOWS\system32\drivers\HPZipr12.sys

2007-10-15 17:37 77,824 -ra------ C:\WINDOWS\system32\HPZIDS01.dll

2007-10-15 17:37 48,128 --a------ C:\WINDOWS\system32\hpzll054.dll

2007-10-15 17:37 15,104 --a------ C:\WINDOWS\system32\drivers\usbscan.sys

2007-10-15 17:37 15,104 --a--c--- C:\WINDOWS\system32\dllcache\usbscan.sys

2007-10-15 17:20

2007-10-15 17:19

2007-10-15 17:17

2007-10-15 17:17

2007-10-15 17:16 306,688 --a------ C:\WINDOWS\IsUninst.exe

2007-10-15 17:16 282,680 --a------ C:\WINDOWS\system32\HPZidr12.dll

2007-10-15 17:16 204,800 --a------ C:\WINDOWS\system32\HPZipr12.dll

2007-10-15 17:16 94,208 --a------ C:\WINDOWS\system32\HPZipt12.dll

2007-10-15 17:16 69,632 --a------ C:\WINDOWS\system32\HPZipm12.exe

2007-10-15 17:16 65,536 --a------ C:\WINDOWS\system32\HPZinw12.exe

2007-10-15 17:16 57,344 --a------ C:\WINDOWS\system32\HPZisn12.dll

2007-10-15 17:14

2007-10-15 17:13 120,340 --a------ C:\WINDOWS\hpoins11.dat

2007-10-15 17:02 31,616 --a------ C:\WINDOWS\system32\drivers\usbccgp.sys

2007-10-15 17:02 31,616 --a--c--- C:\WINDOWS\system32\dllcache\usbccgp.sys

2007-10-15 17:02 25,856 --a------ C:\WINDOWS\system32\drivers\usbprint.sys

2007-10-15 17:02 25,856 --a--c--- C:\WINDOWS\system32\dllcache\usbprint.sys

2007-10-14 10:14

2007-10-14 09:48

2007-10-14 09:38 2,297,552 --a------ C:\WINDOWS\system32\d3dx9_26.dll

2007-10-13 23:00

2007-10-13 23:00 25,280 --a------ C:\WINDOWS\system32\drivers\hamachi.sys

2007-10-12 15:23

2007-10-12 15:23 4 --a------ C:\WINDOWS\system32\proc233803746.bin

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2007-11-11 17:54 --------- d-----w C:\Documents and Settings\Artur&Nati\Dane aplikacji\uTorrent

2007-11-11 13:36 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\Microsoft Help

2007-11-10 13:08 --------- d-----w C:\Documents and Settings\Artur&Nati\Dane aplikacji\FreeCall

2007-11-08 19:13 --------- d-----w C:\Program Files\Deutsch Translator 2

2007-11-02 10:22 --------- d-----w C:\Program Files\DkZ Studio

2007-10-29 20:06 --------- d-----w C:\Documents and Settings\Artur&Nati\Dane aplikacji\Hamachi

2007-10-29 18:26 --------- d-----w C:\Program Files\Gadu-Gadu

2007-10-29 16:04 --------- d-----w C:\Documents and Settings\Artur&Nati\Dane aplikacji\Skype

2007-10-27 10:40 --------- d-----w C:\Program Files\NAPI-PROJEKT

2007-10-27 01:31 --------- d--h--w C:\Program Files\InstallShield Installation Information

2007-10-24 16:30 --------- d-----w C:\Program Files\Picasa2

2007-10-24 11:15 --------- d-----w C:\Program Files\neostrada tp

2007-10-22 18:53 --------- d-----w C:\Documents and Settings\Artur&Nati\Dane aplikacji\HP

2007-10-21 09:43 --------- d-----w C:\Documents and Settings\Artur&Nati\Dane aplikacji\Sports Interactive

2007-10-21 09:41 --------- d--h--r C:\Documents and Settings\Artur&Nati\Dane aplikacji\SecuROM

2007-10-20 22:29 0 ---ha-w C:\WINDOWS\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf

2007-10-20 22:29 0 ---ha-w C:\WINDOWS\system32\drivers\Msft_Kernel_motmodem_01005.Wdf

2007-10-12 14:23 --------- d-----w C:\Documents and Settings\Artur&Nati\Dane aplikacji\GanymedeNet

2007-10-10 13:32 68,920 ----a-w C:\Documents and Settings\Artur&Nati\Dane aplikacji\GDIPFONTCACHEV1.DAT

2007-10-10 13:09 --------- d-----w C:\Program Files\MSECache

2007-10-09 14:20 --------- d-----w C:\Program Files\xat.com JPEG Optimizer

2007-10-06 10:31 2,522,222 ----a-w C:\jv16pt_setup.exe

2007-10-06 10:26 51,232 ----a-w C:\wwdc.exe

2007-10-05 18:17 --------- d-----w C:\Program Files\FrameShow

2007-10-04 15:16 41,984 ----a-w C:\WINDOWS\jqvdwlxo.exe

2007-10-04 11:53 --------- d-----w C:\Documents and Settings\Artur&Nati\Dane aplikacji\Teleca

2007-10-03 15:36 --------- d-----w C:\Program Files\Sony Ericsson

2007-10-03 15:36 --------- d-----w C:\Program Files\Common Files\Teleca Shared

2007-10-03 15:36 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\Teleca

2007-10-03 15:36 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\Sony Ericsson

2007-10-03 15:34 6,144 ----a-w C:\WINDOWS\system32\drivers\k750cm.sys

2007-10-03 15:34 5,744 ----a-w C:\WINDOWS\system32\drivers\k750wh.sys

2007-10-01 20:52 --------- d-----w C:\Program Files\SkaWit

2007-09-30 19:14 --------- d-----w C:\Program Files\LD-Anime

2007-09-29 13:12 --------- d-----w C:\Program Files\uTorrent

2007-09-29 05:20 --------- d-----w C:\Documents and Settings\Artur&Nati\Dane aplikacji\PhotoFrameShow

2007-09-27 09:16 --------- d-----w C:\Program Files\MSBuild

2007-09-27 09:16 --------- d-----w C:\Program Files\Microsoft Works

2007-09-27 08:46 --------- d-----w C:\Program Files\KONAMI

2007-09-26 17:47 --------- d-----w C:\Program Files\FreeCall.com

2007-09-26 15:18 --------- d-----w C:\Program Files\Allok RM RMVB to AVI MPEG DVD Converter

2007-09-25 19:26 --------- d-----w C:\Documents and Settings\Artur&Nati\Dane aplikacji\SopCast

2007-09-25 19:22 --------- d-----w C:\Program Files\SopCast

2007-09-25 08:50 737,280 ----a-w C:\WINDOWS\iun6002.exe

2007-09-25 08:45 --------- d-----w C:\Program Files\DkZ Update

2007-09-25 07:07 --------- d-----w C:\Program Files\Real Alternative

2007-09-24 13:55 --------- d-----w C:\Program Files\Dealio

2007-09-23 20:30 --------- d-----w C:\Program Files\Google

2007-09-23 08:00 --------- d-----w C:\Program Files\Common Files\InstallShield

2007-09-23 07:40 163,644 ----a-w C:\WINDOWS\system32\drivers\secdrv.sys

2007-09-22 19:16 --------- d-----w C:\Program Files\Xvid

2007-09-22 19:14 --------- d-----w C:\Program Files\EA SPORTS

2007-09-22 19:11 --------- d-----w C:\Program Files\DAEMON Tools

2007-09-22 19:08 685,816 ----a-w C:\WINDOWS\system32\drivers\sptd.sys

2007-09-22 15:45 --------- d-----w C:\Documents and Settings\Artur&Nati\Dane aplikacji\Media Player Classic

2007-09-22 15:41 --------- d-----w C:\Program Files\MarBit

2007-09-22 15:39 --------- d-----w C:\Documents and Settings\Artur&Nati\Dane aplikacji\vlc

2007-09-22 15:23 --------- d-----w C:\Program Files\VideoLAN

2007-09-22 14:40 --------- d-----w C:\Program Files\BitLord

2007-09-22 14:12 --------- d-----w C:\Program Files\Analog Devices

2007-09-22 12:39 --------- d-----w C:\Documents and Settings\Artur&Nati\Dane aplikacji\Apple Computer

2007-09-22 12:30 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\Apple Computer

2007-09-22 12:29 --------- d-----w C:\Program Files\QuickTime

2007-09-22 12:29 --------- d-----w C:\Program Files\Apple Software Update

2007-09-22 12:28 --------- d-----w C:\Program Files\Common Files\Apple

2007-09-22 12:28 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\Apple

2007-09-22 10:35 --------- d-----w C:\Program Files\SpectroN

2007-09-22 09:58 --------- d-----w C:\Documents and Settings\Artur&Nati\Dane aplikacji\Gadu-Gadu

2007-09-22 09:39 --------- d-----w C:\Documents and Settings\Artur&Nati\Dane aplikacji\Talkback

2007-09-22 09:31 --------- d-----w C:\Program Files\Konnekt

2007-09-22 09:21 --------- d-----w C:\Program Files\Java

2007-09-22 09:16 --------- d-----w C:\Program Files\ZTE ZXDSL 852

2007-09-22 09:06 --------- d-----w C:\Program Files\microsoft frontpage

2007-09-22 09:05 --------- d-----w C:\Program Files\Usługi online

2007-09-11 11:02 81,920 ----a-w C:\WINDOWS\system32\frapsvid.dll

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"nod32kui"="C:\Program Files\Eset\nod32kui.exe" [2007-10-28 01:32]

"MSConfig"="C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe" [2004-08-03 23:44]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"AutoConnect"="C:\Program Files\AutoConnect\AutoConnect.exe" [2004-08-28 19:27]

"P2kAutostart"="E:\Jarek\Motorola\Moto\P2kAutostart.exe" [2005-11-01 18:56]

"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-03 23:44]

[HKEY_USERS.default\software\microsoft\windows\currentversion\run]

"Picasa Media Detector"=C:\Program Files\Picasa2\PicasaMediaDetector.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]

"Userinit"="C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\ntos.exe,"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^Adobe Reader Speed Launch.lnk]

path=C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Adobe Reader Speed Launch.lnk

backup=C:\WINDOWS\pss\Adobe Reader Speed Launch.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^Adobe Reader Synchronizer.lnk]

path=C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Adobe Reader Synchronizer.lnk

backup=C:\WINDOWS\pss\Adobe Reader Synchronizer.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^HP Digital Imaging Monitor.lnk]

path=C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\HP Digital Imaging Monitor.lnk

backup=C:\WINDOWS\pss\HP Digital Imaging Monitor.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^Microsoft Office.lnk]

path=C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Microsoft Office.lnk

backup=C:\WINDOWS\pss\Microsoft Office.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Artur&Nati^Menu Start^Programy^Autostart^Registration Call of Juarez.LNK]

path=C:\Documents and Settings\Artur&Nati\Menu Start\Programy\Autostart\Registration Call of Juarez.LNK

backup=C:\WINDOWS\pss\Registration Call of Juarez.LNKStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdslTaskBar]

rundll32.exe stmctrl.dll,TaskBar

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\au]

C:\Program Files\Dealio\DealioAU.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]

C:\WINDOWS\system32\ctfmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools]

"C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Explorer]

C:\WINDOWS\iexplorer.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FreeCall]

"C:\Program Files\FreeCall.com\FreeCall\FreeCall.exe" -nosplash -minimized

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]

"C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]

C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]

C:\WINDOWS\system32\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Picasa Media Detector]

C:\Program Files\Picasa2\PicasaMediaDetector.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]

"C:\Program Files\QuickTime\qttask.exe" -atboottime

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Smapp]

C:\Program Files\Analog Devices\SoundMAX\SMTray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite]

"C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WOOTASKBARICON]

C:\PROGRA~1\NEOSTR~1\GestMaj.exe TaskBarIcon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WOOWATCH]

C:\PROGRA~1\NEOSTR~1\Watch.exe

R0 sfsync03;StarForce Protection Synchronization Driver (version 3.x);C:\WINDOWS\system32\drivers\sfsync03.sys

R3 Stmatm;ATM/ADSL miniport;C:\WINDOWS\system32\DRIVERS\stmatm.sys

R3 TaurusUsb;ADSL Modem USB Service;C:\WINDOWS\system32\DRIVERS\torususb.sys

S3 MotDev;Motorola Inc. USB Device;C:\WINDOWS\system32\DRIVERS\motodrv.sys

S3 motmodem;Motorola USB CDC ACM Driver;C:\WINDOWS\system32\DRIVERS\motmodem.sys

*Newly Created Service* - CATCHME

.

Contents of the 'Scheduled Tasks' folder

"2007-11-10 14:29:01 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"

.

**************************************************************************

catchme 0.3.1250 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2007-11-12 21:16:51

Windows 5.1.2600 Dodatek Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

HKCU\Software\Microsoft\Windows\CurrentVersion\Run

P2kAutostart = E:\Jarek\Motorola\Moto\P2kAutostart.exe?0?????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????

scanning hidden files ...

C:\WINDOWS\system32\ntos.exe 505344 bytes executable

C:\WINDOWS\system32\wsnpoem

scan completed successfully

hidden files: 2

**************************************************************************

.

Completion time: 2007-11-12 21:17:50

.

--- E O F ---


(lazikar) #2

Wstaw to wszystko w tagi code! !!


(Gutek) #3

przeskanuj plik na http://virusscan.jotti.org/

Użyj

Pobierz program SDFix

-