Re: Komunikat o spamie


(jacek69) #1

Dołaczam LOGA do sprawdzenia


(Gutek) #2

Daj log z ComboFix


(jacek69) #3

Czy to jest to z tego COmboFixa bo pierwszraz go użyłem

ComboFix 07-12-19.2 - jacek 2007-12-18 22:44:00.1 - NTFSx86

Microsoft Windows XP Home Edition 5.1.2600.2.1250.1.1045.18.1567 [GMT 1:00]

Running from: C:\Downloads\Software\ComboFix.exe

* Created a new restore point

.

((((((((((((((((((((((((( Files Created from 2007-11-19 to 2007-12-19 )))))))))))))))))))))))))))))))

.

2007-12-18 21:56 . 2007-12-18 21:56

2007-12-18 21:44 . 2007-12-18 21:44

2007-12-17 23:22 . 2007-12-17 23:22

2007-12-17 22:58 . 2007-12-17 22:58

2007-12-17 22:30 . 2007-12-17 23:26

2007-12-17 17:37 . 2007-12-17 17:37

2007-12-17 14:10 . 2007-12-17 14:10 47,312 --a------ C:\WINDOWS\system32\drivers\MiniIcpt.sys

2007-12-17 14:06 . 2007-12-17 17:28

2007-12-17 06:27 . 2007-12-17 08:17

2007-12-16 22:37 . 2007-12-16 22:37

2007-12-16 22:09 . 2007-12-16 22:09

2007-12-16 22:02 . 2007-12-16 22:02

2007-12-16 21:59 . 2007-12-16 21:59

2007-12-16 21:59 . 2007-12-16 21:59

2007-12-16 21:56 . 2007-12-16 21:56

2007-12-16 21:52 . 2007-12-16 21:52

2007-12-16 21:52 . 2003-08-29 23:51 156,160 --a------ C:\WINDOWS\system32\unrar3.dll

2007-12-16 21:52 . 2003-08-29 23:52 75,264 --a------ C:\WINDOWS\system32\unacev2.dll

2007-12-16 21:30 . 2007-12-16 21:30

2007-12-16 21:30 . 2007-12-16 21:30 0 --a------ C:\Documents and Settings\jacek\Dane aplikacji\wklnhst.dat

2007-12-16 21:08 . 2007-12-16 21:08

2007-12-16 21:06 . 2007-12-16 21:06

2007-12-16 20:46 . 2007-12-16 20:46

2007-12-16 20:42 . 2007-12-16 20:45

2007-12-16 20:39 . 2007-12-16 20:39

2007-12-16 20:32 . 2007-12-16 20:32 150,176 --a------ C:\Documents and Settings\All Users\Dane aplikacji\firstlsp.reg.dat

2007-12-16 20:29 . 2007-12-16 20:29

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2007-12-18 21:03 --------- d-----w C:\Documents and Settings\jacek\Dane aplikacji\The Bat!

2007-12-18 20:56 --------- d-----w C:\Documents and Settings\jacek\Dane aplikacji\Free Download Manager

2007-12-18 18:18 --------- d-----w C:\Documents and Settings\jacek\Dane aplikacji\Skype

2007-12-17 22:28 --------- d-----w C:\Program Files\eMule

2007-12-17 21:44 --------- d--h--w C:\Program Files\InstallShield Installation Information

2007-12-17 17:02 --------- d---a-w C:\Documents and Settings\All Users\Dane aplikacji\TEMP

2007-12-16 21:00 685,816 ----a-w C:\WINDOWS\system32\drivers\sptd.sys

2007-12-16 18:50 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard

2007-12-16 18:35 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\Microsoft Help

2007-12-07 15:22 --------- d-----w C:\Program Files\English Translator 3

2007-11-14 15:11 --------- d-----w C:\Program Files\Szkola podstawowa klasa 4 - Tajemnice przyrody

2007-11-04 19:28 --------- d-----w C:\Documents and Settings\jacek\Dane aplikacji\Wildfire

2007-10-26 21:02 2,277,376 ----a-w C:\WINDOWS\system32\TUKernel.exe

2007-10-24 18:28 --------- d-----w C:\Program Files\Cartall

2007-10-23 21:30 --------- d-----w C:\Program Files\Gadu-Gadu

2007-10-21 20:09 81,920 ----a-w C:\Documents and Settings\jacek\Dane aplikacji\ezpinst.exe

2007-10-21 20:09 47,360 ----a-w C:\Documents and Settings\jacek\Dane aplikacji\pcouffin.sys

2007-10-21 20:09 --------- d-----w C:\Documents and Settings\jacek\Dane aplikacji\Vso

2007-10-21 19:21 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\DVD Shrink

2007-10-21 19:18 --------- d-----w C:\Documents and Settings\jacek\Dane aplikacji\RipIt4Me

2007-10-21 19:04 47,360 ----a-w C:\WINDOWS\system32\drivers\pcouffin.sys

2007-10-21 11:29 --------- d-----w C:\Program Files\AGEIA Technologies

2007-10-19 20:26 --------- d-----w C:\Documents and Settings\jacek\Dane aplikacji\Media Player Classic

2007-10-19 16:33 --------- d-----w C:\Program Files\Windows Media Connect 2

2007-10-19 16:14 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\nabocorp

2007-08-12 11:57 774,144 ----a-w C:\Program Files\RngInterstitial.dll

2007-04-12 06:49 94,080 ----a-w C:\Documents and Settings\jacek\Dane aplikacji\ezplay.sys

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-03 23:44]

"Gadu-Gadu"="C:\Program Files\Gadu-Gadu\gg.exe" [2007-01-30 15:58]

"Skype"="C:\Program Files\Skype\Phone\Skype.exe" [2007-08-17 02:45]

"AlcoholAutomount"="C:\Program Files\Alcohol Soft\Alcohol 52\axcmd.exe" [2007-07-02 11:22]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2006-01-12 14:40]

"EPSON Stylus DX3800 Series"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.exe" [2005-02-08 05:00]

"SkyTel"="SkyTel.EXE" [2006-05-16 11:04 C:\WINDOWS\SkyTel.exe]

"NvCplDaemon"="RUNDLL32.exe" [2004-08-03 23:44 C:\WINDOWS\system32\rundll32.exe]

"NvMediaCenter"="RUNDLL32.exe" [2004-08-03 23:44 C:\WINDOWS\system32\rundll32.exe]

"RTHDCPL"="RTHDCPL.EXE" [2006-05-27 03:47 C:\WINDOWS\RTHDCPL.EXE]

[HKEY_USERS.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-03 23:44]

"PcSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2006-11-09 16:15]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]

"MaxRecentDocs"= 15 (0xf)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]

"UIHost"="C:\WINDOWS\system32\logonui.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\voicesub32]

voicesub32.dll

R0 sfdrv01a;StarForce Protection Environment Driver (version 1.x.a);C:\WINDOWS\system32\drivers\sfdrv01a.sys [2006-07-05 13:46]

R3 USBSTOR;Sterownik magazynu masowego USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 22:08]

S2 CX23880;KWorld TV88X Video Capture;C:\WINDOWS\system32\drivers\cx88vid.sys [2005-01-18 11:57]

S2 CX88XBAR;KWorld TV88X Crossbar;C:\WINDOWS\system32\drivers\CX88XBAR.sys [2005-01-18 11:58]

S2 CXTUNE;KWorld TV88X Tuner;C:\WINDOWS\system32\drivers\CX88TUNE.sys [2005-01-18 11:58]

S3 Boonty Games;Boonty Games;"C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe" [2007-08-11 23:42]

S3 BTNetFilter;Bluetooth Network Filter;C:\WINDOWS\system32\drivers\BTNetFilter.sys [2004-12-16 15:32]

S3 s125bus;Sony Ericsson Device 125 driver (WDM);C:\WINDOWS\system32\DRIVERS\s125bus.sys [2007-04-24 10:33]

S3 s125mdfl;Sony Ericsson Device 125 USB WMC Modem Filter;C:\WINDOWS\system32\DRIVERS\s125mdfl.sys [2007-04-24 10:33]

S3 s125mdm;Sony Ericsson Device 125 USB WMC Modem Driver;C:\WINDOWS\system32\DRIVERS\s125mdm.sys [2007-04-24 10:33]

S3 s125mgmt;Sony Ericsson Device 125 USB WMC Device Management Drivers (WDM);C:\WINDOWS\system32\DRIVERS\s125mgmt.sys [2007-04-24 10:33]

S3 s125obex;Sony Ericsson Device 125 USB WMC OBEX Interface;C:\WINDOWS\system32\DRIVERS\s125obex.sys [2007-04-24 10:33]

S3 usbscan;Sterownik skanera USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 21:58]

*Newly Created Service* - CATCHME

*Newly Created Service* - PROCEXP90

.

Contents of the 'Scheduled Tasks' folder

"2007-10-26 15:15:41 C:\WINDOWS\Tasks\1-Click Maintenance.job"

"2007-12-16 21:37:58 C:\WINDOWS\Tasks\SmartDefrag.job"

  • C:\Program Files\IObit\IObit SmartDefrag\schedule.exe

.


(Monczkin) #4

jacek69

Popraw tytuł na konkretny i posta z logiem.


(Gutek) #5

Skan AVG Anti-Spyware 7.5 po update + raport :wink: