Zmienione znaczniki w WWDC

system · 19 Grudzień 2007 20:19

Witam!

Podczas śmigania po necie Avast alarmował co jakiś czas o wirusach. Stosowałem się do zaleceń i było OKI. Dziś chciałem przeskanować kompa jakimś antyvirem online, ale, ani Kaspersky, ani Symantec, ani Arcabit nie działa, nie może załadować aktualizacji, a WWDC pokazał, że port 135 (pierwszy) jest na czerwono (otwarty?), podobnie NetBios. Jestem pewny, że były wszystkie na zielono jak zalecacie (prócz NetBios-a na pomarańczowo/żółto) Kiedys przez pomyłkę otworzyłem podejrzaną pocztę, czyżby to była przyczyna moich nieszczęść. A i wygląd poczty na interii trochę mi się zmienił. Dodam, że net chodzi bez problemu. :shock:

Za chwilę wkleję logi

system · 19 Grudzień 2007 21:12

daję ponownie logi z Combo, bo nie widze ich na forum:

ComboFix 07-12-19.2 - Motolek 2007-12-19 21:59:14.5 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.0.1250.1.1045.18.160 [GMT 1:00] Running from: C:\Documents and Settings\Motolek\Pulpit\ComboFix.exe * Created a new restore point . ((((((((((((((((((((((((( Files Created from 2007-11-19 to 2007-12-19 ))))))))))))))))))))))))))))))) . 2007-11-28 20:39 . 2001-08-17 22:03 21,760 --a–c— C:\WINDOWS\system32\dllcache\usbstor.sys 2007-11-28 18:04 . 2007-11-28 18:04 250 --a------ C:\WINDOWS\gmer.ini 2007-11-28 16:35 . 2007-11-28 16:35 2007-11-26 12:15 . 2007-11-26 12:16 21,840 --a----t- C:\WINDOWS\system32\SIntfNT.dll 2007-11-26 12:15 . 2007-11-26 12:16 17,212 --a----t- C:\WINDOWS\system32\SIntf32.dll 2007-11-26 12:15 . 2007-11-26 12:16 12,067 --a----t- C:\WINDOWS\system32\SIntf16.dll 2007-11-26 12:14 . 2007-11-26 12:14 106,496 --a------ C:\WINDOWS\DIIUnin.exe 2007-11-26 12:14 . 2007-11-26 12:14 2,829 --a------ C:\WINDOWS\DIIUnin.pif 2007-11-26 12:08 . 2007-12-17 12:44 2007-11-26 11:18 . 2007-11-26 12:15 42,685 --a------ C:\WINDOWS\DIIUnin.dat 2007-11-26 11:14 . 2007-11-26 11:14 2007-11-20 21:07 . 2007-11-20 21:07 . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2007-12-19 20:54 --------- d-----w C:\Documents and Settings\Motolek\Dane aplikacji\Skype 2007-12-19 19:58 --------- d-----w C:\Program Files\ArcaMicroScan 2007-12-18 07:22 --------- d-----w C:\Program Files\Lx_cats 2007-12-18 07:21 --------- d-----w C:\Documents and Settings\Motolek\Dane aplikacji\AdobeUM 2007-12-04 14:56 93,264 ----a-w C:\WINDOWS\system32\drivers\aswmon.sys 2007-12-04 14:55 94,544 ----a-w C:\WINDOWS\system32\drivers\aswmon2.sys 2007-12-04 14:53 23,152 ----a-w C:\WINDOWS\system32\drivers\aswRdr.sys 2007-12-04 14:51 42,912 ----a-w C:\WINDOWS\system32\drivers\aswTdi.sys 2007-12-04 14:49 26,624 ----a-w C:\WINDOWS\system32\drivers\aavmker4.sys 2007-12-04 13:04 837,496 ----a-w C:\WINDOWS\system32\aswBoot.exe 2007-12-04 12:54 95,608 ----a-w C:\WINDOWS\system32\AvastSS.scr 2007-11-28 16:25 --------- d-----w C:\Program Files\Google 2007-11-26 12:33 0 ----a-w C:\Program Files\JUN2007_d3dx9_34_x86.cab 2007-11-12 20:59 --------- d-----w C:\Program Files\Lavasoft 2007-11-12 20:59 --------- d-----w C:\Documents and Settings\Motolek\Dane aplikacji\Lavasoft 2007-11-12 18:43 --------- d–h--w C:\Program Files\InstallShield Installation Information 2007-11-08 20:49 --------- d-----w C:\Program Files\AutoPatcher 2007-11-08 20:41 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard 2007-10-25 09:26 53,248 ----a-w C:\WINDOWS\bdoscandel.exe 2007-10-23 21:08 --------- d-----w C:\Program Files\Comodo 2007-10-22 22:20 --------- d-----w C:\Program Files\Warblade 2007-10-22 02:49 867,848 ----a-w C:\Program Files\NOV2007_d3dx10_36_x64.cab 2007-10-22 02:49 807,132 ----a-w C:\Program Files\NOV2007_d3dx10_36_x86.cab 2007-10-22 02:49 49,392 ----a-w C:\Program Files\NOV2007_X3DAudio_x64.cab 2007-10-22 02:49 44,850 ----a-w C:\Program Files\dxdllreg_x86.cab 2007-10-22 02:49 21,744 ----a-w C:\Program Files\NOV2007_X3DAudio_x86.cab 2007-10-22 02:49 200,010 ----a-w C:\Program Files\NOV2007_XACT_x64.cab 2007-10-22 02:49 151,512 ----a-w C:\Program Files\NOV2007_XACT_x86.cab 2007-10-22 02:49 1,805,306 ----a-w C:\Program Files\NOV2007_d3dx9_36_x64.cab 2007-10-22 02:49 1,712,608 ----a-w C:\Program Files\NOV2007_d3dx9_36_x86.cab 2007-10-22 02:31 976,020 ------w C:\Program Files\BDAXP.cab 2007-10-22 02:31 917,318 ------w C:\Program Files\Apr2006_MDX1_x86.cab 2007-10-22 02:31 88,102 ------w C:\Program Files\AUG2006_xinput_x64.cab 2007-10-22 02:31 87,989 ------w C:\Program Files\Apr2006_xinput_x64.cab 2007-10-22 02:31 86,925 ------w C:\Program Files\Oct2005_xinput_x64.cab 2007-10-22 02:31 86,802 ----a-w C:\Program Files\dxupdate.cab 2007-10-22 02:31 855,886 ------w C:\Program Files\AUG2007_d3dx10_35_x64.cab 2007-10-22 02:31 800,467 ------w C:\Program Files\AUG2007_d3dx10_35_x86.cab 2007-10-22 02:31 76,808 ----a-w C:\Program Files\DSETUP.dll 2007-10-22 02:31 702,644 ------w C:\Program Files\JUN2007_d3dx10_34_x64.cab 2007-10-22 02:31 702,212 ------w C:\Program Files\APR2007_d3dx10_33_x64.cab 2007-10-22 02:31 702,072 ------w C:\Program Files\JUN2007_d3dx10_34_x86.cab 2007-10-22 02:31 699,465 ------w C:\Program Files\APR2007_d3dx10_33_x86.cab 2007-10-22 02:31 56,902 ------w C:\Program Files\APR2007_xinput_x86.cab 2007-10-22 02:31 502,792 ----a-w C:\Program Files\DXSETUP.exe 2007-10-22 02:31 47,018 ------w C:\Program Files\AUG2006_xinput_x86.cab 2007-10-22 02:31 46,898 ------w C:\Program Files\Apr2006_xinput_x86.cab 2007-10-22 02:31 46,247 ------w C:\Program Files\Oct2005_xinput_x86.cab 2007-10-22 02:31 4,163,518 ------w C:\Program Files\Apr2006_MDX1_x86_Archive.cab 2007-10-22 02:31 213,767 ------w C:\Program Files\DEC2006_d3dx10_00_x64.cab 2007-10-22 02:31 201,696 ------w C:\Program Files\AUG2007_XACT_x64.cab 2007-10-22 02:31 200,722 ------w C:\Program Files\JUN2007_XACT_x64.cab 2007-10-22 02:31 199,366 ------w C:\Program Files\APR2007_XACT_x64.cab 2007-10-22 02:31 198,275 ------w C:\Program Files\FEB2007_XACT_x64.cab 2007-10-22 02:31 193,435 ------w C:\Program Files\DEC2006_XACT_x64.cab 2007-10-22 02:31 192,680 ------w C:\Program Files\DEC2006_d3dx10_00_x86.cab 2007-10-22 02:31 183,863 ------w C:\Program Files\AUG2006_XACT_x64.cab 2007-10-22 02:31 183,321 ------w C:\Program Files\OCT2006_XACT_x64.cab 2007-10-22 02:31 181,745 ------w C:\Program Files\JUN2006_XACT_x64.cab 2007-10-22 02:31 180,021 ------w C:\Program Files\Apr2006_XACT_x64.cab 2007-10-22 02:31 179,247 ------w C:\Program Files\Feb2006_XACT_x64.cab 2007-10-22 02:31 156,612 ------w C:\Program Files\AUG2007_XACT_x86.cab 2007-10-22 02:31 156,509 ------w C:\Program Files\JUN2007_XACT_x86.cab 2007-10-22 02:31 154,825 ------w C:\Program Files\APR2007_XACT_x86.cab 2007-10-22 02:31 151,583 ------w C:\Program Files\FEB2007_XACT_x86.cab 2007-10-22 02:31 146,559 ------w C:\Program Files\DEC2006_XACT_x86.cab 2007-10-22 02:31 138,977 ------w C:\Program Files\OCT2006_XACT_x86.cab 2007-10-22 02:31 138,195 ------w C:\Program Files\AUG2006_XACT_x86.cab 2007-10-22 02:31 134,631 ------w C:\Program Files\JUN2006_XACT_x86.cab 2007-10-22 02:31 133,991 ------w C:\Program Files\Apr2006_XACT_x86.cab 2007-10-22 02:31 133,297 ------w C:\Program Files\Feb2006_XACT_x86.cab 2007-10-22 02:31 13,265,040 ------w C:\Program Files\dxnt.cab 2007-10-22 02:31 100,417 ------w C:\Program Files\APR2007_xinput_x64.cab 2007-10-22 02:31 1,803,760 ------w C:\Program Files\AUG2007_d3dx9_35_x64.cab 2007-10-22 02:31 1,711,752 ------w C:\Program Files\AUG2007_d3dx9_35_x86.cab 2007-10-22 02:31 1,673,224 ----a-w C:\Program Files\dsetup32.dll 2007-10-22 02:31 1,611,374 ------w C:\Program Files\JUN2007_d3dx9_34_x64.cab 2007-10-22 02:31 1,610,958 ------w C:\Program Files\APR2007_d3dx9_33_x64.cab 2007-10-22 02:31 1,609,639 ------w C:\Program Files\APR2007_d3dx9_33_x86.cab 2007-10-22 02:31 1,575,336 ------w C:\Program Files\DEC2006_d3dx9_32_x86.cab 2007-10-22 02:31 1,572,114 ------w C:\Program Files\DEC2006_d3dx9_32_x64.cab 2007-10-22 02:31 1,413,862 ------w C:\Program Files\OCT2006_d3dx9_31_x64.cab 2007-10-22 02:31 1,398,718 ------w C:\Program Files\Apr2006_d3dx9_30_x64.cab 2007-10-22 02:31 1,363,684 ------w C:\Program Files\Feb2006_d3dx9_29_x64.cab 2007-10-22 02:31 1,358,864 ------w C:\Program Files\Dec2005_d3dx9_28_x64.cab 2007-10-22 02:31 1,351,430 ------w C:\Program Files\Aug2005_d3dx9_27_x64.cab 2007-10-22 02:31 1,348,242 ------w C:\Program Files\Apr2005_d3dx9_25_x64.cab 2007-10-22 02:31 1,336,890 ------w C:\Program Files\Jun2005_d3dx9_26_x64.cab 2007-10-22 02:31 1,248,387 ------w C:\Program Files\Feb2005_d3dx9_24_x64.cab 2007-10-22 02:31 1,156,363 ------w C:\Program Files\BDANT.cab 2007-10-22 02:31 1,128,177 ------w C:\Program Files\OCT2006_d3dx9_31_x86.cab 2007-10-22 02:31 1,116,109 ------w C:\Program Files\Apr2006_d3dx9_30_x86.cab 2007-10-22 02:31 1,085,608 ------w C:\Program Files\Feb2006_d3dx9_29_x86.cab 2007-10-22 02:31 1,080,344 ------w C:\Program Files\Dec2005_d3dx9_28_x86.cab 2007-10-22 02:31 1,079,850 ------w C:\Program Files\Apr2005_d3dx9_25_x86.cab 2007-10-22 02:31 1,078,532 ------w C:\Program Files\Aug2005_d3dx9_27_x86.cab 2007-10-22 02:31 1,065,813 ------w C:\Program Files\Jun2005_d3dx9_26_x86.cab 2007-10-22 02:31 1,014,113 ------w C:\Program Files\Feb2005_d3dx9_24_x86.cab 2007-10-21 21:08 499,712 ----a-w C:\WINDOWS\system32\msvcp71.dll 2007-10-21 21:08 434,252 ----a-w C:\WINDOWS\system32\MSVCRTD.DLL . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] “CTFMON.EXE”=“C:\WINDOWS\System32\ctfmon.exe” [2001-10-26 18:29] “Skype”=“C:\Program Files\Skype\Phone\Skype.exe” [2007-09-13 12:31] “swg”=“C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe” [2007-10-03 17:35] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] “ATIPTA”=“C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe” [2005-10-13 20:05] “avast!”=“C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe” [2007-12-04 14:00] “LXCFCATS”="\3\LXCFtime.dll" [] [HKEY_USERS.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] “CTFMON.EXE”=“C:\WINDOWS\System32\CTFMON.EXE” [2001-10-26 18:29] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^Microsoft Office.lnk] path=C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Microsoft Office.lnk backup=C:\WINDOWS\pss\Microsoft Office.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ccleaner] C:\Program Files\CCleaner\CCleaner.exe /AUTO [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DataLayer] 2005-03-31 08:30 1106944 --a------ C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS] C:\Program Files\Messenger\msmsgs.exe /background [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -onlytray [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSC_UserPrompt] C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] 2007-06-06 12:08 132760 --a------ C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg] 2007-10-03 17:35 68856 --a------ C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe R3 ULI5261XP;ULi M526X Ethernet NT Driver;C:\WINDOWS\System32\DRIVERS\ULILAN51.SYS [2005-03-22 19:36] . ************************************************************************** catchme 0.3.1333 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2007-12-19 22:00:00 Windows 5.1.2600 NTFS scanning hidden processes … scanning hidden autostart entries … HKLM\Software\Microsoft\Windows\CurrentVersion\Run LXCFCATS = rundll32 \3\LXCFtime.dll,_RunDLLEntry@16??? scanning hidden files … scan completed successfully hidden files: 0 ************************************************************************** . Completion time: 2007-12-19 22:00:28 C:\ComboFix2.txt … 2007-12-11 12:24 C:\ComboFix3.txt … 2007-12-04 23:02 . 2007-09-26 07:03:19 — E O F —

Gutek · 19 Grudzień 2007 21:18

Skan AVG Anti-Spyware 7.5 po update

system · 20 Grudzień 2007 07:43

Zrobione, ale znalazł tylko pliki “Cookies” 17 sztuk. Po restarcie w WWDC ponownie port 135 jest na żółto/pomarańczowo, przecież zmieniłem go na zielony.

Gutek · 20 Grudzień 2007 19:52

Też tak może być to nie jest błąd

system · 20 Grudzień 2007 23:04

a się martwiłem, że narobiłem sobie Biedy zaręczynami (zakupy w sieci).

dzięki i WESOłYCH śWIąT!