Prosze o sprawdzenie loga z combofixa

Greg888 · 15 Luty 2009 19:15

Prosze o sprawdzenie loga z combofixa i z góry dziekuję na http://www.wklej.org/

– Dodane 15.02.2009 (N) 20:24 –

ComboFix 09-02-14.01 - Grzegorz 2009-02-15 19:16:56.2 - NTFSx86

Microsoft Windows XP Home Edition 5.1.2600.3.1250.1.1045.18.479.125 [GMT 1:00]

Uruchomiony z: c:\documents and settings\Grzegorz\Moje dokumenty\ComboFix.exe

* Utworzono nowy punkt przywracania

.

((((((((((((((((((((((((( Pliki utworzone od 2009-01-15 do 2009-02-15 )))))))))))))))))))))))))))))))

.

2009-02-15 17:34 . 2009-02-15 17:34 580,096 --a–c— c:\windows\system32\dllcache\user32.dll

2009-02-15 17:30 . 2009-02-15 17:30

2009-02-12 10:29 . 2009-02-12 10:29 118 --a------ c:\windows\system32\MRT.INI

2009-02-03 19:17 . 2009-02-15 17:49

2009-01-30 19:57 . 2003-03-18 21:20 1,060,864 --a------ c:\windows\system32\MFC71.dll

2009-01-30 19:57 . 2003-03-18 20:14 499,712 --a------ c:\windows\system32\MSVCP71.dll

2009-01-30 19:57 . 2003-02-21 04:42 348,160 --a------ c:\windows\system32\MSVCR71.dll

2009-01-30 15:05 . 2009-01-30 15:05

2009-01-28 20:02 . 2009-01-28 20:02

2009-01-28 13:45 . 2009-01-28 18:58 2,219 --a------ c:\windows\wininit.ini

2009-01-28 12:43 . 2009-01-28 12:46 109 --ahs---- c:\windows\system32\3301713972.dat

2009-01-21 17:11 . 2009-01-21 17:11 473,600 --a------ c:\windows\system32\SkanerOnline.dll

.

(((((((((((((((((((((((((((((((((((((((( Sekcja Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2009-01-30 18:35 --------- d-----w c:\program files\Symantec

2009-01-30 18:35 --------- d-----w c:\program files\Common Files\Symantec Shared

2009-01-30 18:35 --------- d-----w c:\documents and settings\All Users\Dane aplikacji\Symantec

2009-01-30 18:20 --------- d-----w c:\program files\Spybot - Search & Destroy

2009-01-30 18:16 --------- d-----w c:\documents and settings\All Users\Dane aplikacji\Spybot - Search & Destroy

2009-01-28 15:29 --------- d-----w c:\program files\Neostrada TP

2009-01-22 19:44 --------- d-----w c:\program files\Google

2008-12-18 20:29 --------- d-----w c:\program files\Java

2008-01-17 18:00 32 ----a-w c:\documents and settings\All Users\Dane aplikacji\ezsid.dat

2008-08-22 15:30 32,768 --sha-w c:\windows\system32\config\systemprofile\Ustawienia lokalne\Historia\History.IE5\MSHist012008082220080823\index.dat

.

------- Sigcheck -------

2005-05-25 20:07 359936 63fdfea54eb53de2d863ee454937ce1e c:\windows$hf_mig$\KB893066\SP2QFE\tcpip.sys

2006-01-13 18:07 360448 5562cc0a47b2aef06d3417b733f3c195 c:\windows$hf_mig$\KB913446\SP2QFE\tcpip.sys

2006-04-20 13:18 360576 b2220c618b42a2212a59d91ebd6fc4b4 c:\windows$hf_mig$\KB917953\SP2QFE\tcpip.sys

2007-10-30 17:53 360832 64798ecfa43d78c7178375fcdd16d8c8 c:\windows$hf_mig$\KB941644\SP2QFE\tcpip.sys

2008-06-20 11:44 360960 744e57c99232201ae98c49168b918f48 c:\windows$hf_mig$\KB951748\SP2QFE\tcpip.sys

2008-06-20 12:51 361600 9aefa14bd6b182d61e3119fa5f436d3d c:\windows$hf_mig$\KB951748\SP3GDR\tcpip.sys

2008-06-20 12:59 361600 ad978a1b783b5719720cff204b666c8e c:\windows$hf_mig$\KB951748\SP3QFE\tcpip.sys

2008-06-20 11:45 360320 2a5554fc5b1e04e131230e3ce035c3f9 c:\windows$NtServicePackUninstall$\tcpip.sys

2004-08-03 22:14 359040 9f4b36614a0fc234525ba224957de55c c:\windows$NtUninstallKB893066$\tcpip.sys

2005-05-25 20:04 359808 88763a98a4c26c409741b4aa162720c9 c:\windows$NtUninstallKB913446$\tcpip.sys

2006-01-13 03:28 359808 583e063fdc888ca30d05c2724b0d7ef4 c:\windows$NtUninstallKB917953$\tcpip.sys

2006-04-20 12:51 359808 1dbf125862891817f374f407626967f4 c:\windows$NtUninstallKB941644$\tcpip.sys

2008-04-13 20:20 361344 93ea8d04ec73a85db02eb8805988f733 c:\windows$NtUninstallKB951748$\tcpip.sys

2007-10-30 18:20 360064 90caff4b094573449a0872a0f919b178 c:\windows$NtUninstallKB951748_0$\tcpip.sys

2008-04-13 20:20 361344 accf5a9a1ffaa490f33dba1c632b95e1 c:\windows\ServicePackFiles\i386\tcpip.sys

2008-06-20 12:51 361600 9425b72f40257b45d45d24773273dad0 c:\windows\system32\dllcache\tcpip.sys

2008-06-20 12:51 361600 9425b72f40257b45d45d24773273dad0 c:\windows\system32\drivers\tcpip.sys

.

((((((((((((((((((((((((((((( snapshot@2009-01-30_19.38.25,01 )))))))))))))))))))))))))))))))))))))))))

.

2005-10-20 19:02:28 163,328 ----a-w c:\windows\ERDNT\subs\ERDNT.EXE
2008-08-07 14:27:04 163,328 ----a-w c:\windows\ERUNT\SDFIX\ERDNT.EXE
2009-02-15 16:31:10 8,118,272 ----a-w c:\windows\ERUNT\SDFIX\Users\00000001\ntuser.dat
2009-02-15 16:31:10 172,032 ----a-w c:\windows\ERUNT\SDFIX\Users\00000002\UsrClass.dat
2008-08-07 14:27:04 163,328 ----a-w c:\windows\ERUNT\SDFIX_First_Run\ERDNT.EXE
2009-02-15 16:30:52 8,118,272 ----a-w c:\windows\ERUNT\SDFIX_First_Run\Users\00000001\ntuser.dat
2009-02-15 16:30:52 172,032 ----a-w c:\windows\ERUNT\SDFIX_First_Run\Users\00000002\UsrClass.dat
2008-10-16 20:33:23 124,928 -c----w c:\windows\ie7updates\KB961260-IE7\advpack.dll
2008-10-16 20:33:23 347,136 -c----w c:\windows\ie7updates\KB961260-IE7\dxtmsft.dll
2008-10-16 20:33:24 214,528 -c----w c:\windows\ie7updates\KB961260-IE7\dxtrans.dll
2008-10-16 20:33:24 133,120 -c----w c:\windows\ie7updates\KB961260-IE7\extmgr.dll
2008-10-16 20:33:24 63,488 -c----w c:\windows\ie7updates\KB961260-IE7\icardie.dll
2008-10-16 13:15:01 70,656 -c----w c:\windows\ie7updates\KB961260-IE7\ie4uinit.exe
2008-10-16 20:33:24 153,088 -c----w c:\windows\ie7updates\KB961260-IE7\ieakeng.dll
2008-10-16 20:33:24 230,400 -c----w c:\windows\ie7updates\KB961260-IE7\ieaksie.dll
2008-10-15 07:04:53 161,792 -c----w c:\windows\ie7updates\KB961260-IE7\ieakui.dll
2008-10-16 20:33:24 383,488 -c----w c:\windows\ie7updates\KB961260-IE7\ieapfltr.dll
2008-10-16 20:33:25 384,512 -c----w c:\windows\ie7updates\KB961260-IE7\iedkcs32.dll
2008-10-16 20:33:27 6,066,176 -c----w c:\windows\ie7updates\KB961260-IE7\ieframe.dll
2008-10-16 20:33:27 44,544 -c----w c:\windows\ie7updates\KB961260-IE7\iernonce.dll
2008-10-16 20:33:28 267,776 -c----w c:\windows\ie7updates\KB961260-IE7\iertutil.dll
2008-10-16 13:11:09 13,824 -c----w c:\windows\ie7updates\KB961260-IE7\ieudinit.exe
2008-10-15 07:06:26 633,632 -c----w c:\windows\ie7updates\KB961260-IE7\iexplore.exe
2008-10-16 20:33:29 27,648 -c----w c:\windows\ie7updates\KB961260-IE7\jsproxy.dll
2008-10-16 20:33:29 459,264 -c----w c:\windows\ie7updates\KB961260-IE7\msfeeds.dll
2008-10-16 20:33:29 52,224 -c----w c:\windows\ie7updates\KB961260-IE7\msfeedsbs.dll
2008-12-13 06:39:17 3,593,216 -c----w c:\windows\ie7updates\KB961260-IE7\mshtml.dll
2008-10-16 20:33:33 477,696 -c----w c:\windows\ie7updates\KB961260-IE7\mshtmled.dll
2008-10-16 20:33:33 193,024 -c----w c:\windows\ie7updates\KB961260-IE7\msrating.dll
2008-10-16 20:33:33 671,232 -c----w c:\windows\ie7updates\KB961260-IE7\mstime.dll
2008-10-16 20:33:33 102,912 -c----w c:\windows\ie7updates\KB961260-IE7\occache.dll
2008-10-16 20:33:33 44,544 -c----w c:\windows\ie7updates\KB961260-IE7\pngfilt.dll
2007-03-06 03:28:40 216,288 -c----w c:\windows\ie7updates\KB961260-IE7\spuninst\spuninst.exe
2007-03-06 03:29:50 386,784 -c----w c:\windows\ie7updates\KB961260-IE7\spuninst\updspapi.dll
2008-10-16 20:33:33 105,984 -c----w c:\windows\ie7updates\KB961260-IE7\url.dll
2008-10-16 20:33:34 1,160,192 -c----w c:\windows\ie7updates\KB961260-IE7\urlmon.dll
2008-10-16 20:33:34 233,472 -c----w c:\windows\ie7updates\KB961260-IE7\webcheck.dll
2008-10-16 20:33:34 826,368 -c----w c:\windows\ie7updates\KB961260-IE7\wininet.dll

2008-10-16 20:33:23 124,928 ----a-w c:\windows\system32\advpack.dll

2008-12-20 23:03:39 124,928 ----a-w c:\windows\system32\advpack.dll

2008-10-16 20:33:23 124,928 -c----w c:\windows\system32\dllcache\advpack.dll

2008-12-20 23:03:39 124,928 -c----w c:\windows\system32\dllcache\advpack.dll

2008-10-16 20:33:23 347,136 -c–a-w c:\windows\system32\dllcache\dxtmsft.dll

2008-12-20 23:03:39 347,136 -c–a-w c:\windows\system32\dllcache\dxtmsft.dll

2008-10-16 20:33:24 214,528 -c----w c:\windows\system32\dllcache\dxtrans.dll

2008-12-20 23:03:39 214,528 -c----w c:\windows\system32\dllcache\dxtrans.dll

2008-10-16 20:33:24 133,120 -c----w c:\windows\system32\dllcache\extmgr.dll

2008-12-20 23:03:39 133,120 -c----w c:\windows\system32\dllcache\extmgr.dll

2008-10-16 20:33:24 63,488 -c----w c:\windows\system32\dllcache\icardie.dll

2008-12-20 23:03:40 63,488 -c----w c:\windows\system32\dllcache\icardie.dll

2008-10-16 13:15:01 70,656 -c----w c:\windows\system32\dllcache\ie4uinit.exe

2008-12-19 09:13:43 70,656 -c----w c:\windows\system32\dllcache\ie4uinit.exe

2008-10-16 20:33:24 153,088 -c----w c:\windows\system32\dllcache\ieakeng.dll

2008-12-20 23:03:40 153,088 -c----w c:\windows\system32\dllcache\ieakeng.dll

2008-10-16 20:33:24 230,400 -c----w c:\windows\system32\dllcache\ieaksie.dll

2008-12-20 23:03:40 230,400 -c----w c:\windows\system32\dllcache\ieaksie.dll

2008-10-15 07:04:53 161,792 -c----w c:\windows\system32\dllcache\ieakui.dll

2008-12-19 05:23:56 161,792 -c----w c:\windows\system32\dllcache\ieakui.dll

2008-10-16 20:33:24 383,488 -c----w c:\windows\system32\dllcache\ieapfltr.dll

2008-12-20 23:03:41 383,488 -c----w c:\windows\system32\dllcache\ieapfltr.dll

2008-10-16 20:33:25 384,512 -c----w c:\windows\system32\dllcache\iedkcs32.dll

2008-12-20 23:03:41 384,512 -c----w c:\windows\system32\dllcache\iedkcs32.dll

2008-10-16 20:33:27 6,066,176 -c----w c:\windows\system32\dllcache\ieframe.dll

2008-12-20 23:03:44 6,066,688 -c----w c:\windows\system32\dllcache\ieframe.dll

2008-10-16 20:33:27 44,544 -c----w c:\windows\system32\dllcache\iernonce.dll

2008-12-20 23:03:45 44,544 -c----w c:\windows\system32\dllcache\iernonce.dll

2008-10-16 20:33:28 267,776 -c----w c:\windows\system32\dllcache\iertutil.dll

2008-12-20 23:03:45 267,776 -c----w c:\windows\system32\dllcache\iertutil.dll

2008-10-16 13:11:09 13,824 -c----w c:\windows\system32\dllcache\ieudinit.exe

2008-12-19 09:10:15 13,824 -c----w c:\windows\system32\dllcache\ieudinit.exe

2008-10-15 07:06:26 633,632 -c----w c:\windows\system32\dllcache\iexplore.exe

2008-12-19 05:25:25 634,024 -c----w c:\windows\system32\dllcache\iexplore.exe

2008-10-16 20:33:29 27,648 -c----w c:\windows\system32\dllcache\jsproxy.dll

2008-12-20 23:03:47 27,648 -c----w c:\windows\system32\dllcache\jsproxy.dll

2008-10-16 20:33:29 459,264 -c----w c:\windows\system32\dllcache\msfeeds.dll

2008-12-20 23:03:47 459,264 -c----w c:\windows\system32\dllcache\msfeeds.dll

2008-10-16 20:33:29 52,224 -c----w c:\windows\system32\dllcache\msfeedsbs.dll

2008-12-20 23:03:47 52,224 -c----w c:\windows\system32\dllcache\msfeedsbs.dll

2008-12-13 06:39:17 3,593,216 -c----w c:\windows\system32\dllcache\mshtml.dll

2009-01-16 20:30:38 3,594,752 -c----w c:\windows\system32\dllcache\mshtml.dll

2008-10-16 20:33:33 477,696 -c----w c:\windows\system32\dllcache\mshtmled.dll

2008-12-20 23:03:51 477,696 -c----w c:\windows\system32\dllcache\mshtmled.dll

2008-10-16 20:33:33 193,024 -c----w c:\windows\system32\dllcache\msrating.dll

2008-12-20 23:03:51 193,024 -c----w c:\windows\system32\dllcache\msrating.dll

2008-10-16 20:33:33 671,232 -c----w c:\windows\system32\dllcache\mstime.dll

2008-12-20 23:03:51 671,232 -c----w c:\windows\system32\dllcache\mstime.dll

2008-10-16 20:33:33 102,912 -c----w c:\windows\system32\dllcache\occache.dll

2008-12-20 23:03:51 102,912 -c----w c:\windows\system32\dllcache\occache.dll

2008-10-16 20:33:33 44,544 -c–a-w c:\windows\system32\dllcache\pngfilt.dll

2008-12-20 23:03:51 44,544 -c–a-w c:\windows\system32\dllcache\pngfilt.dll

2008-10-16 20:33:33 105,984 -c----w c:\windows\system32\dllcache\url.dll

2008-12-20 23:03:51 105,984 -c----w c:\windows\system32\dllcache\url.dll

2008-10-16 20:33:34 1,160,192 -c----w c:\windows\system32\dllcache\urlmon.dll

2008-12-20 23:03:52 1,160,192 -c----w c:\windows\system32\dllcache\urlmon.dll

2008-10-16 20:33:34 233,472 -c----w c:\windows\system32\dllcache\webcheck.dll

2008-12-20 23:03:52 233,472 -c----w c:\windows\system32\dllcache\webcheck.dll

2008-10-16 20:33:34 826,368 -c----w c:\windows\system32\dllcache\wininet.dll

2008-12-20 23:03:53 826,368 -c----w c:\windows\system32\dllcache\wininet.dll

2008-10-16 20:33:23 347,136 ----a-w c:\windows\system32\dxtmsft.dll

2008-12-20 23:03:39 347,136 ----a-w c:\windows\system32\dxtmsft.dll

2008-10-16 20:33:24 214,528 ------w c:\windows\system32\dxtrans.dll

2008-12-20 23:03:39 214,528 ------w c:\windows\system32\dxtrans.dll

2008-10-16 20:33:24 133,120 ------w c:\windows\system32\extmgr.dll

2008-12-20 23:03:39 133,120 ------w c:\windows\system32\extmgr.dll

2008-10-16 20:33:24 63,488 ----a-w c:\windows\system32\icardie.dll

2008-12-20 23:03:40 63,488 ----a-w c:\windows\system32\icardie.dll

2008-10-16 13:15:01 70,656 ------w c:\windows\system32\ie4uinit.exe

2008-12-19 09:13:43 70,656 ------w c:\windows\system32\ie4uinit.exe

2008-10-16 20:33:24 153,088 ------w c:\windows\system32\ieakeng.dll

2008-12-20 23:03:40 153,088 ------w c:\windows\system32\ieakeng.dll

2008-10-16 20:33:24 230,400 ------w c:\windows\system32\ieaksie.dll

2008-12-20 23:03:40 230,400 ------w c:\windows\system32\ieaksie.dll

2008-10-15 07:04:53 161,792 ------w c:\windows\system32\ieakui.dll

2008-12-19 05:23:56 161,792 ------w c:\windows\system32\ieakui.dll

2008-10-16 20:33:24 383,488 ----a-w c:\windows\system32\ieapfltr.dll

2008-12-20 23:03:41 383,488 ----a-w c:\windows\system32\ieapfltr.dll

2008-10-16 20:33:25 384,512 ------w c:\windows\system32\iedkcs32.dll

2008-12-20 23:03:41 384,512 ------w c:\windows\system32\iedkcs32.dll

2008-10-16 20:33:27 6,066,176 ----a-w c:\windows\system32\ieframe.dll

2008-12-20 23:03:44 6,066,688 ----a-w c:\windows\system32\ieframe.dll

2008-10-16 20:33:27 44,544 ------w c:\windows\system32\iernonce.dll

2008-12-20 23:03:45 44,544 ------w c:\windows\system32\iernonce.dll

2008-10-16 20:33:28 267,776 ----a-w c:\windows\system32\iertutil.dll

2008-12-20 23:03:45 267,776 ----a-w c:\windows\system32\iertutil.dll

2008-10-16 13:11:09 13,824 ----a-w c:\windows\system32\ieudinit.exe

2008-12-19 09:10:15 13,824 ----a-w c:\windows\system32\ieudinit.exe

2008-10-16 20:33:29 27,648 ------w c:\windows\system32\jsproxy.dll

2008-12-20 23:03:47 27,648 ------w c:\windows\system32\jsproxy.dll

2009-01-10 01:35:28 20,853,704 ----a-w c:\windows\system32\MRT.exe

2009-02-03 23:21:12 21,244,864 ----a-w c:\windows\system32\MRT.exe

2008-10-16 20:33:29 459,264 ----a-w c:\windows\system32\msfeeds.dll

2008-12-20 23:03:47 459,264 ----a-w c:\windows\system32\msfeeds.dll

2008-10-16 20:33:29 52,224 ----a-w c:\windows\system32\msfeedsbs.dll

2008-12-20 23:03:47 52,224 ----a-w c:\windows\system32\msfeedsbs.dll

2008-12-13 06:39:17 3,593,216 ----a-w c:\windows\system32\mshtml.dll

2009-01-16 20:30:38 3,594,752 ----a-w c:\windows\system32\mshtml.dll

2008-10-16 20:33:33 477,696 ----a-w c:\windows\system32\mshtmled.dll

2008-12-20 23:03:51 477,696 ----a-w c:\windows\system32\mshtmled.dll

2008-10-16 20:33:33 193,024 ----a-w c:\windows\system32\msrating.dll

2008-12-20 23:03:51 193,024 ----a-w c:\windows\system32\msrating.dll

2008-10-16 20:33:33 671,232 ------w c:\windows\system32\mstime.dll

2008-12-20 23:03:51 671,232 ------w c:\windows\system32\mstime.dll

2008-10-16 20:33:33 102,912 ------w c:\windows\system32\occache.dll

2008-12-20 23:03:51 102,912 ------w c:\windows\system32\occache.dll

2008-10-16 20:33:33 44,544 ----a-w c:\windows\system32\pngfilt.dll

2008-12-20 23:03:51 44,544 ----a-w c:\windows\system32\pngfilt.dll

2007-11-30 12:40:46 19,320 ------w c:\windows\system32\spmsg.dll

2008-07-09 07:57:12 19,320 ------w c:\windows\system32\spmsg.dll

2008-10-16 20:33:33 105,984 ----a-w c:\windows\system32\url.dll

2008-12-20 23:03:51 105,984 ----a-w c:\windows\system32\url.dll

2008-10-16 20:33:34 1,160,192 ----a-w c:\windows\system32\urlmon.dll

2008-12-20 23:03:52 1,160,192 ----a-w c:\windows\system32\urlmon.dll

2008-10-16 20:33:34 233,472 ----a-w c:\windows\system32\webcheck.dll

2008-12-20 23:03:52 233,472 ----a-w c:\windows\system32\webcheck.dll

2008-10-16 20:33:34 826,368 ----a-w c:\windows\system32\wininet.dll

2008-12-20 23:03:53 826,368 ----a-w c:\windows\system32\wininet.dll
2009-02-15 18:20:55 16,384 ----atw c:\windows\Temp\Perflib_Perfdata_12c.dat

.

– Migawka wyzerowana –

.

((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru ))))))))))))))))))))))))))))))))))))))))))))))))))

.

*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane

REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]

“{0A94B116-4504-4e26-AB05-E61E474AA38B}”= “c:\program files\AskPBar\SrchAstt\1.bin\A9SRCHAS.DLL” [2007-08-29 61440]

[HKEY_CLASSES_ROOT\clsid{0a94b116-4504-4e26-ab05-e61e474aa38b}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

“Gadu-Gadu”=“c:\program files\Gadu-Gadu\gg.exe” [2007-05-10 2111176]

“swg”=“c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe” [2007-10-17 68856]

“Picasa Media Detector”=“c:\program files\Picasa2\PicasaMediaDetector.exe” [2007-10-23 443968]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

“SunJavaUpdateSched”=“c:\program files\Java\jre6\bin\jusched.exe” [2008-12-18 136600]

“EasyTuneV”=“c:\program files\Gigabyte\Gigabyte Windows Utility Manager\ET5\et5tray.exe” [2004-08-26 245760]

“NeroFilterCheck”=“c:\windows\system32\NeroCheck.exe” [2001-07-09 155648]

“zBrowser Launcher”=“c:\program files\Logitech\iTouch\iTouch.exe” [2002-11-23 631362]

“RemoteControl”=“c:\program files\CyberLink\PowerDVD\PDVDServ.exe” [2003-10-31 32768]

“IgfxTray”=“c:\windows\system32\igfxtray.exe” [2007-01-13 131072]

“HotKeysCmds”=“c:\windows\system32\hkcmd.exe” [2007-01-13 163840]

“Persistence”=“c:\windows\system32\igfxpers.exe” [2007-01-13 135168]

“Google Desktop Search”=“c:\program files\Google\Google Desktop Search\GoogleDesktop.exe” [2008-09-05 29744]

“Skrót do strony właściwości High Definition Audio”=“HDAudPropShortcut.exe” [2004-03-17 c:\windows\system32\Hdaudpropshortcut.exe]

“SoundMan”=“SOUNDMAN.EXE” [2004-08-24 c:\windows\SOUNDMAN.EXE]

“AlcWzrd”=“ALCWZRD.EXE” [2004-08-24 c:\windows\ALCWZRD.EXE]

“Logitech Utility”=“Logi_MwX.Exe” [2002-11-08 c:\windows\LOGI_MWX.EXE]

[HKEY_USERS.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

“CTFMON.EXE”=“c:\windows\System32\CTFMON.EXE” [2008-04-14 15360]

“MSMSGS”=“c:\program files\Messenger\MSMSGS.EXE” [2008-04-14 1695232]

c:\documents and settings\All Users\Menu Start\Programy\Autostart\

Logitech Desktop Messenger.lnk - c:\program files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe [2004-09-18 169472]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]

“msacm.l3codecp”= l3codecp.acm

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]

SecurityProviders msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll, ntoskrnl.dll

[HKLM~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

“%windir%\system32\sessmgr.exe”=

“c:\WINDOWS\system32\ftp.exe”=

“c:\Program Files\Gadu-Gadu\gg.exe”=

“%windir%\Network Diagnostic\xpnetdiag.exe”=

R3 MarkFun_NT;MarkFun_NT;c:\program files\Gigabyte\Gigabyte Windows Utility Manager\ET5\MARKFUN.W32 [2004-09-09 8236]

R3 PhTVTune;Philips WDM TVTuner;c:\windows\system32\drivers\PhTVTune.sys [2004-09-18 17632]

S3 Asppaio;Asppaio; [x]

S3 GoogleDesktopManager-061008-081103;Google Desktop Manager 5.7.806.10245;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [2008-02-25 29744]

S3 LCcfltr;Logitech USB Filter Driver;c:\windows\system32\drivers\LCCFLTR.SYS [2004-09-18 14156]

— Inne Usługi/Sterowniki w Pamięci —

*NewlyCreated* - MARKFUN_NT

.

- - - USUNIĘTO PUSTE WPISY - - - -

HKLM-Run-Nbuvaga - c:\windows\Aquvitob.dll

.

------- Skan uzupełniający -------

.

uStart Page = hxxp://www.google.pl/

uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8

uDefault_Search_URL = hxxp://www.google.com/ie

uSearchURL,(Default) = hxxp://www.google.com/keyword/%s

IE: E&ksport do programu Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

DPF: {68282C51-9459-467B-95BF-3C0E89627E55} - hxxp://www.mks.com.pl/skaner/SkanerOnline.cab

.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2009-02-15 19:21:04

Windows 5.1.2600 Dodatek Service Pack 3 NTFS

skanowanie ukrytych procesów …

skanowanie ukrytych wpisów autostartu …

skanowanie ukrytych plików …

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet003\Services\MarkFun_NT]

“ImagePath”="??\c:\program files\Gigabyte\Gigabyte Windows Utility Manager\ET5\markfun.w32"

.

------------------------ Pozostałe uruchomione procesy ------------------------

.

c:\program files\Java\jre6\bin\jqs.exe

c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

c:\windows\system32\wscntfy.exe

c:\program files\Logitech\MouseWare\system\EM_EXEC.EXE

.

**************************************************************************

.

Czas ukończenia: 2009-02-15 19:25:10 - komputer został uruchomiony ponownie [Grzegorz]

ComboFix-quarantined-files.txt 2009-02-15 18:23:50

ComboFix2.txt 2009-01-30 21:31:06

Przed: 66 326 102 016 bajtów wolnych

Po: 66,256,445,440 bajtów wolnych

299 — E O F — 2009-02-12 09:29:42

Leon1 · 15 Luty 2009 19:35

Otwórz notatnik i wklej

zapisz jako CFScript.txt (zapisz by ikonka CFScript.txt była obok ikonki ComboFix.exe) >> Przeciągnij i upuść ikonkę CFScript.txt na ikonkę ComboFix.exe

http://img.wklej.org/images/88953CFScri … iemoes.gif

Powinno rozpocząć się usuwanie

Potem log z usuwania Combofix

Greg888 · 15 Luty 2009 19:36

Prosze o sprawdzenie loga z combofixa i z góry dziekuję na http://www.wklej.org/id/53171/

– Dodane 15.02.2009 (N) 20:39 –

Sory namieszałem z tym wklejaniem ![-o<

Leon1 · 15 Luty 2009 19:50

Greg888 · 15 Luty 2009 20:14

oto log i co dalej? http://www.wklej.org/id/53193/ to ten nowy

huber2t · 15 Luty 2009 20:47

W logu nic nie widzę

usuń ręcznie folder C:\Qoobox oraz Combofix , usuń instalkę Combofix z dysku.

Przeczyść system Ccleanerem

Wykonaj optymalizację autostartu

Wyłącz i włącz przywracanie systemu na wszystkich dyskach. Instrukcja

Przeskanuj obszar całego komputera http://www.kaspersky.pl/virusscanner.html Daj raport z niego na forum

Greg888 · 15 Luty 2009 21:14

Wielkie dzięki