Prośba o sprawdzenie log


(Bufeer) #1

ComboFix 08-05-24.1 - Sebastian 2008-05-25 15:40:09.3 - NTFSx86

Microsoft Windows XP Home Edition 5.1.2600.3.1250.1.1045.18.458 [GMT 2:00]

Running from: C:\Documents and Settings\Sebastian\Moje dokumenty\ComboFix.exe

* Resident AV is active

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED!!

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

C:\Program Files\MyWebSearch

C:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE.vir

C:\Program Files\MyWebSearch\bar\Settings\s_pid.dat.vir

C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL.vir

.

---- Previous Run -------

.

C:\Documents and Settings\Sebastian\Dane aplikacji\inst.exe

C:\Documents and Settings\Sebastian\Dane aplikacji\ShoppingReport

C:\Documents and Settings\Sebastian\Dane aplikacji\ShoppingReport\cs\Config.xml

C:\Documents and Settings\Sebastian\Dane aplikacji\ShoppingReport\cs\db\Aliases.dbs

C:\Documents and Settings\Sebastian\Dane aplikacji\ShoppingReport\cs\db\Sites.dbs

C:\Documents and Settings\Sebastian\Dane aplikacji\ShoppingReport\cs\dwld\WhiteList.xip

C:\Documents and Settings\Sebastian\Dane aplikacji\ShoppingReport\cs\report\aggr_storage.xml

C:\Documents and Settings\Sebastian\Dane aplikacji\ShoppingReport\cs\report\send_storage.xml

C:\Documents and Settings\Sebastian\Dane aplikacji\ShoppingReport\cs\res1\WhiteList.dbs

C:\Program Files\FunWebProducts

C:\Program Files\internet explorer\msimg32.dll

C:\Program Files\MyWebSearch

C:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE

C:\Program Files\MyWebSearch\bar\Settings\s_pid.dat

C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL

C:\Program Files\ShoppingReport

C:\Program Files\ShoppingReport\Uninst.exe

C:\Program Files\Zumie

C:\Program Files\Zumie\home.js

C:\Program Files\Zumie\uninstall.exe

C:\Program Files\Zumie\zopt.exe

C:\Program Files\Zumie\zumie.dll

C:\Program Files\Zumie\zumie.exe

C:\WINDOWS\system32\AutoRun.inf

C:\WINDOWS\system32\systeminfo3.dll

.

((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

.

-------\Legacy_ZUMIE_SEARCH_SERVICE

-------\Service_Zumie Search Service

((((((((((((((((((((((((( Files Created from 2008-04-25 to 2008-05-25 )))))))))))))))))))))))))))))))

.

2008-05-23 23:36 . 2008-05-24 00:31 254 --a------ C:\WINDOWS\7THLEVEL.INI

2008-05-23 23:33 . 1996-07-18 13:06 297,472 --a------ C:\WINDOWS\uninst.exe

2008-05-23 21:57 . 2006-08-17 02:46 139,264 --a------ C:\WINDOWS\NeoUninstall.exe

2008-05-23 21:57 . 2008-05-23 21:58 26 --a------ C:\WINDOWS\neosetup.INI

2008-05-23 14:20 . 2008-05-23 14:21

2008-05-18 20:51 . 2008-05-18 20:51

2008-05-16 10:15 . 2008-05-16 10:15 427 --a------ C:\WINDOWS\ODBC.INI

2008-05-16 10:13 . 2008-05-16 10:14

2008-05-16 00:01 . 2008-05-16 00:36

2008-05-14 02:33 . 2008-01-25 18:00 9,270 --a------ C:\WINDOWS\desktop_icon_generic.bmp

2008-05-13 22:38 . 2008-05-13 22:38

2008-05-13 22:38 . 2008-05-13 22:38

2008-05-13 22:38 . 2007-11-22 17:00 483,328 --a------ C:\WINDOWS\system32\actskn45.ocx

2008-05-12 12:04 . 2008-05-12 12:04

2008-05-11 00:58 . 2008-05-11 00:58

2008-05-11 00:53 . 2008-05-11 21:14

2008-05-11 00:36 . 2008-05-11 00:36 479,298 --a------ C:\WINDOWS\system32\wbocx.ocx

2008-05-11 00:36 . 2008-05-11 00:36 172,032 --a------ C:\WINDOWS\system32\AniGIF.ocx

2008-05-11 00:36 . 2008-05-11 00:36 50,688 --a------ C:\WINDOWS\system32\wbhelp2.dll

2008-05-08 15:36 . 2008-05-08 15:36

2008-05-08 15:36 . 2008-05-08 15:36

2008-05-08 15:36 . 2008-05-08 15:36

2008-05-08 15:36 . 2008-05-08 15:41

2008-05-08 15:36 . 2008-05-08 15:36

2008-05-08 15:36 . 2008-05-08 15:36

2008-05-05 01:15 . 2008-05-05 01:24

2008-05-05 01:15 . 2008-05-05 01:15 2,285,222 --a------ C:\WINDOWS\Matrix Code.exe

2008-05-05 01:15 . 2008-05-05 01:15 232,784 --a------ C:\WINDOWS\Matrix Code.scr

2008-05-05 01:15 . 2008-05-05 01:15 29,696 --a------ C:\WINDOWS\mickey32.dll

2008-05-05 01:10 . 2008-05-05 01:10

2008-05-05 00:59 . 2001-03-26 05:43 167,936 --a------ C:\WINDOWS\fishMaus99.scr

2008-05-05 00:59 . 2008-05-05 00:59 49,152 --a------ C:\WINDOWS\fLoSaftRemov1_04.exe

2008-05-05 00:28 . 2008-05-05 00:28 1,515,520 --a------ C:\WINDOWS\Dancing Baby.scr

2008-05-05 00:28 . 2008-05-05 00:28 1,202,738 --a------ C:\WINDOWS\baby.avi

2008-05-05 00:28 . 2008-05-05 00:28 266,846 --a------ C:\WINDOWS\baby.wav

2008-05-05 00:28 . 2008-05-05 00:29 30 --a------ C:\WINDOWS\avibaby.ini

2008-05-05 00:21 . 2004-05-26 00:06 1,294,336 --a------ C:\WINDOWS\FanFish25.scr

2008-05-04 23:53 . 2008-05-05 10:46 236,800 --a------ C:\lma_log.html

2008-05-04 23:46 . 2008-05-04 23:46

2008-05-04 23:46 . 2005-09-14 12:46 475,136 --a------ C:\WINDOWS\Living Marine Aquarium 2.scr

2008-05-04 23:46 . 2005-09-29 14:55 69,632 --a------ C:\WINDOWS\system32\FreezeScreenSaver.exe

2008-05-04 23:46 . 2008-05-25 15:19 12,376 --a------ C:\log.html

2008-05-04 23:45 . 2006-07-24 08:56 212,240 --a------ C:\WINDOWS\system32\Richtx32.ocx

2008-05-04 23:44 . 2008-05-04 23:51

2008-05-04 23:44 . 2006-10-09 14:06 495,616 --a------ C:\WINDOWS\system32\WINUTIL5.DLL

2008-05-04 23:26 . 2008-05-04 23:26 129,536 --a------ C:\WINDOWS\system32\IJL15.dll

2008-05-01 21:32 . 2008-05-13 11:37

2008-05-01 21:20 . 2008-05-16 10:40

2008-05-01 20:59 . 2004-08-04 14:00 221,184 --a------ C:\WINDOWS\system32\wmpns.dll

2008-05-01 20:49 . 2008-05-01 20:49

2008-05-01 20:44 . 2006-12-29 00:31 19,569 --a------ C:\WINDOWS\002729_.tmp

2008-05-01 20:41 . 2008-05-01 20:41

2008-05-01 09:05 . 2008-05-01 20:36

2008-04-30 11:55 . 2008-04-30 11:55

2008-04-30 11:51 . 2008-04-30 11:51

2008-04-30 11:49 . 2008-04-30 11:49

2008-04-30 11:39 . 2008-04-30 11:39

2008-04-29 19:39 . 2008-04-29 19:39

2008-04-29 19:39 . 2008-04-29 19:39

2008-04-29 14:21 . 2008-05-18 10:12 19 --a------ C:\WINDOWS\cie12.ini

2008-04-29 13:40 . 2008-05-16 01:33

2008-04-28 20:35 . 2008-04-28 20:35

2008-04-28 20:04 . 2008-04-28 20:04 94,208 --------- C:\WINDOWS\system32\drivers\ezplay.sys

2008-04-28 20:04 . 2008-05-13 22:58 94,208 --a------ C:\Documents and Settings\Sebastian\Dane aplikacji\ezplay.sys

2008-04-28 19:37 . 2008-05-13 22:58

2008-04-28 19:37 . 2008-05-12 12:04 81,920 --a------ C:\Documents and Settings\Sebastian\Dane aplikacji\ezpinst.exe

2008-04-28 19:37 . 2008-04-28 20:04 47,360 --------- C:\WINDOWS\system32\drivers\pcouffin.sys

2008-04-28 19:37 . 2008-05-12 12:04 47,360 --a------ C:\Documents and Settings\Sebastian\Dane aplikacji\pcouffin.sys

2008-04-28 18:52 . 2008-05-12 11:38 716,272 --a------ C:\WINDOWS\system32\drivers\sptd.sys

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2008-05-25 10:12 --------- d---a-w C:\Documents and Settings\All Users\Dane aplikacji\TEMP

2008-05-19 21:22 --------- d--h--w C:\Program Files\InstallShield Installation Information

2008-05-18 18:41 --------- d-----w C:\Program Files\CyberLink

2008-05-01 19:20 --------- d-----w C:\Program Files\Java

2008-04-30 09:49 --------- d-----w C:\Program Files\Common Files\Adobe

2008-04-29 18:19 --------- d-----w C:\Program Files\Winamp

2008-04-29 17:36 --------- d-----w C:\Documents and Settings\Sebastian\Dane aplikacji\Winamp

2008-04-29 16:48 --------- d-----w C:\Program Files\Google

2008-04-28 17:53 --------- d-----w C:\Documents and Settings\Sebastian\Dane aplikacji\Ahead

2008-04-27 19:18 --------- d-----w C:\Documents and Settings\Sebastian\Dane aplikacji\HPAppData

2008-04-24 19:59 968,021 ------w C:\WINDOWS\system32\1.scr

2008-04-23 07:43 --------- d-----w C:\Documents and Settings\Sebastian\Dane aplikacji\AdobeUM

2008-04-20 17:44 10,944 ------w C:\WINDOWS\BYEFISH.EXE

2008-04-19 11:54 --------- d-----w C:\Program Files\ESET

2008-04-19 11:54 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\ESET

2008-04-18 18:04 --------- d-----w C:\Documents and Settings\Sebastian\Dane aplikacji\Gadu-Gadu

2008-04-18 18:01 --------- d-----w C:\Program Files\Gadu-Gadu

2008-04-17 16:47 --------- d-----w C:\Program Files\Common Files\Java

2008-04-17 12:44 --------- d-----w C:\Program Files\Motorola

2008-04-15 18:46 --------- d-----w C:\Program Files\MSXML 4.0

2008-04-15 10:35 --------- d-----w C:\Documents and Settings\Sebastian\Dane aplikacji\InstallShield

2008-04-15 10:26 --------- d-----w C:\Program Files\Atheros

2008-04-14 21:16 1,804 ------w C:\WINDOWS\system32\dcache.bin

2008-04-14 20:56 332,288 ----a-w C:\WINDOWS\system32\netsetup.exe

2008-04-14 20:52 92,424 ----a-w C:\WINDOWS\system32\rdpdd.dll

2008-04-14 20:52 87,176 ----a-w C:\WINDOWS\system32\rdpwsx.dll

2008-04-14 20:52 40,840 ----a-w C:\WINDOWS\system32\drivers\termdd.sys

2008-04-14 20:52 21,896 ----a-w C:\WINDOWS\system32\drivers\tdtcp.sys

2008-04-14 20:52 139,656 ----a-w C:\WINDOWS\system32\drivers\rdpwd.sys

2008-04-14 20:52 12,168 ----a-w C:\WINDOWS\system32\tsddd.dll

2008-04-14 20:52 12,040 ----a-w C:\WINDOWS\system32\drivers\tdpipe.sys

2008-04-14 20:50 999,936 ----a-w C:\WINDOWS\system32\syssetup.dll

2008-04-14 20:49 98,304 ----a-w C:\WINDOWS\system32\actxprxy.dll

2008-04-14 20:48 5,632 ----a-w C:\WINDOWS\system32\wmi.dll

2008-04-14 20:48 1,449,472 ----a-w C:\WINDOWS\system32\winntbbu.dll

2008-04-14 20:47 57,375 ----a-w C:\WINDOWS\system32\odbcji32.dll

2008-04-14 20:43 4,126 ----a-w C:\WINDOWS\system32\msdxmlc.dll

2008-04-14 20:42 3,584 ----a-w C:\WINDOWS\system32\msafd.dll

2008-04-14 20:36 3,584 ----a-w C:\WINDOWS\system32\icmp.dll

2008-04-14 20:35 9,344 ----a-w C:\WINDOWS\system32\framebuf.dll

2008-04-14 20:33 3,072 ----a-w C:\WINDOWS\system32\dpnlobby.dll

2008-04-14 20:33 3,072 ----a-w C:\WINDOWS\system32\dpnaddr.dll

2008-04-14 20:31 16,896 ----a-w C:\WINDOWS\system32\cfgmgr32.dll

2008-04-14 20:30 285,696 ----a-w C:\WINDOWS\system32\atmfd.dll

2008-04-14 20:04 73,472 ----a-w C:\WINDOWS\system32\drivers\sr.sys

2008-04-14 20:03 80,256 ----a-w C:\WINDOWS\system32\drivers\parport.sys

2008-04-14 20:03 68,608 ----a-w C:\WINDOWS\system32\drivers\pci.sys

2008-04-14 20:03 46,848 ----a-w C:\WINDOWS\system32\drivers\p3.sys

2008-04-14 20:03 120,320 ----a-w C:\WINDOWS\system32\drivers\pcmcia.sys

2008-04-14 20:00 2,190,336 ----a-w C:\WINDOWS\system32\ntoskrnl.exe

2008-04-14 19:59 2,067,200 ----a-w C:\WINDOWS\system32\ntkrnlpa.exe

2008-04-14 19:55 4,096 ----a-w C:\WINDOWS\system32\dsprpres.dll

2008-04-14 19:52 89,600 ------w C:\WINDOWS\system32\msxml6r.dll

2008-04-14 19:52 800,000 ----a-w C:\WINDOWS\system32\drivers\dmboot.sys

2008-04-14 19:52 153,856 ----a-w C:\WINDOWS\system32\drivers\dmio.sys

2008-04-14 19:50 80,896 ------w C:\WINDOWS\system32\msshavmsg.dll

2008-04-14 19:50 24,960 ----a-w C:\WINDOWS\system32\drivers\kbdclass.sys

2008-04-14 19:48 37,632 ----a-w C:\WINDOWS\system32\drivers\isapnp.sys

2008-04-14 19:47 40,832 ----a-w C:\WINDOWS\system32\drivers\crusoe.sys

2008-04-14 19:46 40,448 ----a-w C:\WINDOWS\system32\drivers\intelppm.sys

2008-04-14 19:45 49,664 ----a-w C:\WINDOWS\system32\inetres.dll

2008-04-14 19:43 563,200 ----a-w C:\WINDOWS\system32\shdoclc.dll

2008-04-14 19:41 65,280 ----a-w C:\WINDOWS\system32\drivers\serial.sys

2008-04-14 19:41 53,248 ----a-w C:\WINDOWS\system32\drivers\i8042prt.sys

2008-04-14 19:39 25,728 ------w C:\WINDOWS\system32\drivers\hidbth.sys

2008-04-14 19:37 10,240 ----a-w C:\WINDOWS\system32\gpkrsrc.dll

2008-04-14 19:35 67,584 ----a-w C:\WINDOWS\system32\browselc.dll

2008-04-14 19:35 58,880 ----a-w C:\WINDOWS\system32\drivers\redbook.sys

2008-04-14 19:35 273,920 ------w C:\WINDOWS\system32\drivers\bthport.sys

2008-04-14 19:35 1,845,888 ----a-w C:\WINDOWS\system32\win32k.sys

2008-04-14 19:33 44,672 ----a-w C:\WINDOWS\system32\drivers\fips.sys

2008-04-14 19:32 57,344 ----a-w C:\WINDOWS\system32\mshtmler.dll

2008-04-14 19:31 52,864 ----a-w C:\WINDOWS\system32\drivers\volsnap.sys

2008-04-14 19:30 39,936 ----a-w C:\WINDOWS\system32\drivers\processr.sys

2008-04-14 19:30 327,040 ------w C:\WINDOWS\system32\drivers\ati2mtaa.sys

2008-04-14 19:29 103,936 ----a-w C:\WINDOWS\system32\dpcdll.dll

2008-04-14 19:28 41,856 ----a-w C:\WINDOWS\system32\drivers\amdk7.sys

2008-04-14 19:28 41,472 ----a-w C:\WINDOWS\system32\drivers\amdk6.sys

2008-04-14 19:25 23,296 ----a-w C:\WINDOWS\system32\drivers\mouclass.sys

2008-04-14 19:24 30,208 ----a-w C:\WINDOWS\system32\drivers\modem.sys

2008-04-14 19:24 188,544 ----a-w C:\WINDOWS\system32\drivers\acpi.sys

2008-04-14 18:53 --------- d-----w C:\Program Files\Common Files\AVSMedia

2008-04-14 18:53 --------- d-----w C:\Program Files\AVSMedia

2008-04-14 15:38 --------- d-----w C:\Program Files\Windows Media Connect 2

2008-04-13 22:58 175,744 ----a-w C:\WINDOWS\system32\drivers\rdbss.sys

2008-04-13 22:51 162,816 ----a-w C:\WINDOWS\system32\drivers\netbt.sys

2008-04-13 22:50 91,520 ----a-w C:\WINDOWS\system32\drivers\ndiswan.sys

2008-04-13 22:50 361,344 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys

2008-04-13 22:50 182,656 ----a-w C:\WINDOWS\system32\drivers\ndis.sys

2008-04-13 22:49 75,264 ----a-w C:\WINDOWS\system32\drivers\ipsec.sys

2008-04-13 22:49 51,328 ----a-w C:\WINDOWS\system32\drivers\rasl2tp.sys

2008-04-13 22:49 48,384 ----a-w C:\WINDOWS\system32\drivers\raspptp.sys

2008-04-13 22:49 146,048 ----a-w C:\WINDOWS\system32\drivers\portcls.sys

2008-04-13 22:49 138,112 ----a-w C:\WINDOWS\system32\drivers\afd.sys

2008-04-13 22:47 83,072 ----a-w C:\WINDOWS\system32\drivers\wdmaud.sys

2008-04-13 22:47 456,576 ----a-w C:\WINDOWS\system32\drivers\mrxsmb.sys

2008-04-13 22:47 105,344 ----a-w C:\WINDOWS\system32\drivers\mup.sys

2008-04-13 22:46 49,536 ----a-w C:\WINDOWS\system32\drivers\classpnp.sys

2008-04-13 22:46 141,056 ----a-w C:\WINDOWS\system32\drivers\ks.sys

2008-04-13 22:45 60,800 ----a-w C:\WINDOWS\system32\drivers\sysaudio.sys

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries legit default entries are not shown

REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects{25CEE8EC-5730-41bc-8B58-22DDC8AB8C20}]

2008-03-20 00:36 1267040 --------- C:\Program Files\Winamp Toolbar\winamptb.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

"{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}"= "C:\Program Files\Winamp Toolbar\winamptb.dll" [2008-03-20 00:36 1267040]

[HKEY_CLASSES_ROOT\clsid{ebf2ba02-9094-4c5a-858b-bb198f3d8de2}]

[HKEY_CLASSES_ROOT\WINAMPTB.AOLToolBand.1]

[HKEY_CLASSES_ROOT\TypeLib{538CD77C-BFDD-49b0-9562-77419CAB89D1}]

[HKEY_CLASSES_ROOT\WINAMPTB.AOLToolBand]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]

"{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}"= C:\Program Files\Winamp Toolbar\winamptb.dll [2008-03-20 00:36 1267040]

[HKEY_CLASSES_ROOT\clsid{ebf2ba02-9094-4c5a-858b-bb198f3d8de2}]

[HKEY_CLASSES_ROOT\WINAMPTB.AOLToolBand.1]

[HKEY_CLASSES_ROOT\TypeLib{538CD77C-BFDD-49b0-9562-77419CAB89D1}]

[HKEY_CLASSES_ROOT\WINAMPTB.AOLToolBand]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 13:35 90112]

"TV Watcher"="D:\Użytki\Akcesoria\TV Watcher\TV Watcher.exe" [2007-10-14 16:21 1210368]

"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-14 22:51 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"RTHDCPL"="RTHDCPL.EXE" [2007-11-06 11:50 16855552 C:\WINDOWS\RTHDCPL.exe]

"SkyTel"="SkyTel.EXE" [2007-10-11 12:04 1826816 C:\WINDOWS\SkyTel.exe]

"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2006-05-25 21:02 786521]

"NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-01 16:57 153136]

"WinampAgent"="C:\Program Files\Winamp\winampa.exe" [2008-04-01 20:49 36352]

"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2007-03-11 21:34 49152]

"SMSERIAL"="C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe" [2006-11-22 17:31 630784]

"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 04:25 144784]

"egui"="C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" [2008-03-13 16:48 1443072]

"HControl"="C:\WINDOWS\ATK0100\HControl.exe" [2006-10-14 17:37 110592]

"Onet.pl AutoUpdate"="C:\Program Files\Common Files\Onet.pl\AutoUpdate.exe" [2006-02-08 16:40 260096]

"MyWebSearch Plugin"="C:\PROGRA~1\MYWEBS~1\bar\1.bin\M3PLUGIN.DLL" []

[HKEY_USERS.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2008-04-14 22:51 15360]

C:\Documents and Settings\Sebastian\Menu Start\Programy\Autostart\

CCC.lnk - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe [2006-09-29 10:57:36 49152]

PopTray.lnk - C:\Program Files\PopTray\PopTray.exe [2006-09-16 15:01:16 1666048]

C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\

Bluetooth Manager.lnk - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng1.exe [2006-05-24 15:16:14 49152]

HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2007-03-11 21:26:24 210520]

Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2001-02-13 10:01:04 83360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]

"msacm.divxa32"= msaud32_divx.acm

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\system32\sessmgr.exe"=

"C:\Program Files\Gadu-Gadu\gg.exe"=

"C:\Program Files\Bonjour\mDNSResponder.exe"=

"%windir%\Network Diagnostic\xpnetdiag.exe"=

"D:\Gry\MW4TRIAL\MW4.EXE"=

"D:\Gry\MW4\MW4.exe"=

"D:\Użytki\Internetowe\BeerShare\BearShare.exe"=

R1 epfwtdir;epfwtdir;C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2008-03-13 16:52]

R2 FreezeScreenSaver;FreezeScreenSaver;C:\WINDOWS\system32\FreezeScreenSaver.exe [2005-09-29 14:55]

R3 ASNDIS5;ASNDIS5 Protocol Driver;C:\WINDOWS\ATK0100\ASNDIS5.SYS [2004-05-28 10:13]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2{efca3896-cc17-11dc-bd2e-001d606a8bbb}]

\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe pagefile.sys.vbs

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\ccc-core-static]

msiexec /fums {857D4360-762B-978B-76AD-491AA719E47A} /qb

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components{10880D85-AAD9-4558-ABDC-2AB1552D831F}]

"C:\Program Files\Common Files\LightScribe\LSRunOnce.exe"

.

Contents of the 'Scheduled Tasks' folder

"2008-05-25 13:19:26 C:\WINDOWS\Tasks\PCConfidential.job"

  • C:\Program Files\Winferno\PC Confidential\PCConfidential.exe

"2008-05-04 21:44:09 C:\WINDOWS\Tasks\rpc.job"

  • C:\Program Files\Winferno\RegistryPowerCleaner\RegPowerClean.exe

.

**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2008-05-25 15:42:58

Windows 5.1.2600 Dodatek Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully

hidden files: 0

**************************************************************************

.

Completion time: 2008-05-25 15:43:47

ComboFix-quarantined-files.txt 2008-05-25 13:43:38

Pre-Run: 20,409,081,856 bajtów wolnych

Post-Run: 20,399,972,352 bajtów wolnych

308 --- E O F --- 2008-05-16 08:10:00


(huber2t) #2

otwórz notatnik i wklej

Z menu Notatnika -> Plik -> Zapisz jako -> Zmień rozszerzenie z .txt na wszystkie pliki -> zapisz pod nazwą Fix.reg

Uruchom ten plik, uruchom ponownie komputer

usuń instalkę Combofix z dysku

Przeczyść komputer Ccleanerem

Wykonaj optymalizację autostartu

Wyłącz przywracanie systemu na wszystkich dyskach. Instrukcja

Przeskanuj obszar mojego komputera http://www.kaspersky.pl/virusscanner.html (uruchom przez IE) Daj raport z niego na forum

Włącz przywracanie systemu.


(Gutek) #3

Zastosuj się do tego Tematu i zmień tytuł tematu na konkretny inaczej KOSZ

Pozdrawiam Gutek2222

Zmiana zasad wklejania logów na forum - viewtopic.php?f=16&t=213350