Zwiech po jakimś czasie


(Adamawa13) #1

Nowo zainstalowany windows.

Logfile of HijackThis v1.99.1

Scan saved at 23:55:56, on 2008-09-19

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.5730.0013)


Running processes:

D:\WINDOWS\System32\smss.exe

D:\WINDOWS\system32\winlogon.exe

D:\WINDOWS\system32\services.exe

D:\WINDOWS\system32\lsass.exe

D:\WINDOWS\system32\svchost.exe

D:\WINDOWS\System32\svchost.exe

D:\WINDOWS\Explorer.EXE

D:\WINDOWS\system32\spoolsv.exe

D:\WINDOWS\system32\ctfmon.exe

D:\Program Files\Gadu-Gadu\gg.exe

D:\Program Files\Strokeit\strokeit.exe

D:\Program Files\trayit\trayit!.exe

D:\WINDOWS\system32\CTsvcCDA.exe

D:\WINDOWS\system32\nvsvc32.exe

D:\WINDOWS\system32\MsPMSPSv.exe

D:\WINDOWS\system32\svchost.exe

D:\Program Files\Mozilla Firefox\firefox.exe

D:\WINDOWS\system32\wuauclt.exe

D:\WINDOWS\System32\WScript.exe

\?\D:\WINDOWS\system32\WBEM\WMIADAP.EXE

D:\Documents and Settings\Administrator\Desktop\HijackThis.exe


R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKCU\..\Run: [Gadu-Gadu] "D:\Program Files\Gadu-Gadu\gg.exe" /tray

O4 - HKCU\..\Run: [StrokeIt] D:\Program Files\Strokeit\strokeit.exe

O4 - HKCU\..\Run: [ctfmon.exe] D:\WINDOWS\system32\ctfmon.exe

O4 - Startup: TrayIt!.lnk = D:\Program Files\trayit\trayit!.exe

O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe

O11 - Options group: [INTERNATIONAL] International*

O20 - AppInit_DLLs: prio.dll

O20 - Winlogon Notify: dimsntfy - %SystemRoot%\System32\dimsntfy.dll (file missing)

O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - D:\WINDOWS\system32\WPDShServiceObj.dll

O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - D:\WINDOWS\system32\CTsvcCDA.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - D:\WINDOWS\system32\nvsvc32.exe

ComboFix 08-09-19.06 - Administrator 2008-09-20 8:02:32.1 - NTFSx86 NETWORK

(huber2t) #2

fix w hijackthis

Podaj log z Combofix


(Adamawa13) #3

Jest już log z Combofix


(huber2t) #4

Pobierz ComboFix, ale nie uruchamiaj

Otwórz notatnik i wklej do niego:

File::

D:\taqhptr.bat

Plik -> zapisz jako -> CFScript.txt.

Przeciągnij i upuść ikonkę CFScript.txt na ikonkę ComboFix.exe tak jak tu->

cfscript10uc2.gif

Rozpocznie się usuwanie i powstanie log, który dasz na forum.

Logi dajesz na http://wklej.eu lub na http://wklej.org a w poście dajesz tylko link


(Adamawa13) #5

http://wklej.eu/index.php?id=a704987417


(huber2t) #6

Log wyglada na czysty

usuń ręcznie folder C: \Qoobox , usuń instalkę Combofix z dysku.

Przeczyść komputer Ccleanerem

Wykonaj optymalizację autostartu

Wyłącz i włącz przywracanie systemu na wszystkich dyskach. Instrukcja

Przeskanuj obszar całego komputera http://www.kaspersky.pl/virusscanner.html (uruchom przez IE) Daj raport z niego na forum

lub

Dr.WEB CureIt!


(Adamawa13) #7

Skan przez http://www.kaspersky.pl/virusscanner.html :

--------------------------------------------------------------------------------

KASPERSKY ONLINE SCANNER 7 REPORT

 Saturday, September 27, 2008

 Operating System: Microsoft Windows XP Professional Dodatek Service Pack 2 (build 2600)

 Kaspersky Online Scanner 7 version: 7.0.25.0

 Program database last update: Saturday, September 27, 2008 17:36:42

 Records in database: 1266068

--------------------------------------------------------------------------------


Scan settings:

	Scan using the following database: extended

	Scan archives: yes

	Scan mail databases: yes


Scan area - Folder:

	K:\


Scan statistics:

	Files scanned: 30593

	Threat name: 7

	Infected objects: 7

	Suspicious objects: 0

	Duration of the scan: 00:35:16



File name / Threat name / Threats count

K:\0u.cmd	Infected: Worm.Win32.AutoRun.owt	1

K:\1u0o8bnq.cmd	Infected: Trojan-GameThief.Win32.Magania.aczm	1

K:\9yqusig.bat	Infected: Trojan.Win32.Inject.iav	1

K:\fe.bat	Infected: Packed.Win32.Krap.b	1

K:\Recycled\ctfmon.exe	Infected: Trojan.Win32.VB.aqt	1

K:\taqhptr.bat	Infected: Trojan.Win32.Vaklik.doi	1

K:\WINDOWS\system32\cmdow.exe	Infected: not-a-virus:RiskTool.Win32.HideWindows	1


The selected area was scanned.

(Leon$) #8

Pobierz i uruchom narzędzie The Avenger Zaznaczasz tekst podany do usunięcia na forum

kopiuj >> klikasz na Paste Script from Clipboard >> Execute >> Potwierdzasz i zgadzasz się na restart klikając OK.

Kasujesz ręcznie z dysku plik: C:\Avenger\backup.zip i wklejasz na forum raport: C:\avenger.txt

przeskanuj jeszcze raz miałeś

czyli obszar Mój komputer

a nie

:slight_smile:


(Adamawa13) #9
--------------------------------------------------------------------------------

KASPERSKY ONLINE SCANNER 7 REPORT

 Sunday, September 28, 2008

 Operating System: Microsoft Windows XP Professional Dodatek Service Pack 2 (build 2600)

 Kaspersky Online Scanner 7 version: 7.0.25.0

 Program database last update: Saturday, September 27, 2008 20:43:35

 Records in database: 1266393

--------------------------------------------------------------------------------


Scan settings:

	Scan using the following database: extended

	Scan archives: yes

	Scan mail databases: yes


Scan area - My Computer:

	C:\

	D:\

	E:\

	F:\

	G:\

	H:\

	I:\

	J:\

	K:\

	L:\


Scan statistics:

	Files scanned: 120519

	Threat name: 148

	Infected objects: 328

	Suspicious objects: 1

	Duration of the scan: 02:34:03



File name / Threat name / Threats count

C:\WINDOWS\system32\sprint.dll/C:\WINDOWS\system32\sprint.dll	Infected: Trojan-Downloader.Win32.Agent.ahts	1

C:\WINDOWS\system32\amvo0.dll/C:\WINDOWS\system32\amvo0.dll	Infected: Packed.Win32.Krap.b	10

C:\WINDOWS\system32\mstmdm.dll/C:\WINDOWS\system32\mstmdm.dll	Infected: Trojan.Win32.Agent.bve	1

C:\WINDOWS\system32\ckvo1.dll/C:\WINDOWS\system32\ckvo1.dll	Infected: Trojan-GameThief.Win32.OnLineGames.tjua	7

ctfmon.exe\ctfmon.exe/ctfmon.exe\ctfmon.exe	Infected: Trojan.Win32.VB.aqt	1

C:\Documents and Settings\Adam\Menu Start\Programy\Autostart\ctfmon.exe/C:\Documents and Settings\Adam\Menu Start\Programy\Autostart\ctfmon.exe	Infected: Trojan.Win32.VB.aqt	1

C:\WINDOWS\system32\SkypeComm.dll/C:\WINDOWS\system32\SkypeComm.dll	Infected: Trojan-Spy.Win32.BHO.s	1

C:\DOCUME~1\Adam\USTAWI~1\Temp\help.exe/C:\DOCUME~1\Adam\USTAWI~1\Temp\help.exe	Infected: Trojan.Win32.Inject.iav	1

C:\0.com	Infected: Trojan-GameThief.Win32.OnLineGames.arvn	1

C:\00hoeav.com	Infected: Trojan-GameThief.Win32.OnLineGames.sdki	1

C:\0gjn3yw.exe	Infected: Trojan.Win32.Vaklik.bpw	1

C:\0hct8ybw.bat	Infected: Trojan-GameThief.Win32.OnLineGames.rie	1

C:\0n.bat	Infected: Trojan-PSW.Win32.OnLineGames.acdy	1

C:\0u.cmd	Infected: Worm.Win32.AutoRun.owt	1

C:\1dg.exe	Infected: Trojan-PSW.Win32.OnLineGames.acas	1

C:\1u0o8bnq.cmd	Infected: Trojan-GameThief.Win32.Magania.aczm	1

C:\22wcb21o.exe	Infected: Trojan-PSW.Win32.OnLineGames.ubg	1

C:\22xo.exe	Infected: Trojan-GameThief.Win32.Magania.abkz	1

C:\32e2.com	Infected: Trojan-PSW.Win32.OnLineGames.uek	1

C:\39lpji.com	Infected: Worm.Win32.AutoRun.nan	1

C:\6l6w8.com	Infected: Trojan-PSW.Win32.OnLineGames.ywy	1

C:\9yqusig.bat	Infected: Trojan.Win32.Inject.iav	1

C:\bpu.exe	Infected: Worm.Win32.AutoRun.lpk	1

C:\cayfq2.cmd	Infected: Trojan-PSW.Win32.OnLineGames.ujl	1

C:\Documents and Settings\Adam\Menu Start\Programy\Autostart\ctfmon.exe	Infected: Trojan.Win32.VB.aqt	1

C:\Documents and Settings\Adam\Ustawienia lokalne\Temp\22umqpcg.dll	Infected: Trojan-PSW.Win32.OnLineGames.yub	1

C:\Documents and Settings\Adam\Ustawienia lokalne\Temp\54mo4e.dll	Infected: Trojan-PSW.Win32.OnLineGames.acbe	1

C:\Documents and Settings\Adam\Ustawienia lokalne\Temp\7bpapp.dll	Infected: Trojan-PSW.Win32.OnLineGames.aina	1

C:\Documents and Settings\Adam\Ustawienia lokalne\Temp\7iipw8do.dll	Infected: Trojan-GameThief.Win32.OnLineGames.sarp	1

C:\Documents and Settings\Adam\Ustawienia lokalne\Temp\8mmxdjlw.dll	Infected: Trojan-GameThief.Win32.OnLineGames.skue	1

C:\Documents and Settings\Adam\Ustawienia lokalne\Temp\98hgb.dll	Infected: Trojan-GameThief.Win32.OnLineGames.sged	1

C:\Documents and Settings\Adam\Ustawienia lokalne\Temp\9ba4xn.dll	Infected: Rootkit.Win32.Agent.wa	1

C:\Documents and Settings\Adam\Ustawienia lokalne\Temp\9sky8pia.dll	Infected: Trojan-PSW.Win32.OnLineGames.abeg	1

C:\Documents and Settings\Adam\Ustawienia lokalne\Temp\9sob2.dll	Infected: Trojan-PSW.Win32.OnLineGames.urp	1

C:\Documents and Settings\Adam\Ustawienia lokalne\Temp\aqb2.dll	Infected: Trojan-PSW.Win32.OnLineGames.ahiy	1

C:\Documents and Settings\Adam\Ustawienia lokalne\Temp\boalrz.dll	Infected: Trojan-PSW.Win32.OnLineGames.yuc	1

C:\Documents and Settings\Adam\Ustawienia lokalne\Temp\c5yd.dll	Infected: Trojan-GameThief.Win32.OnLineGames.sqie	1

C:\Documents and Settings\Adam\Ustawienia lokalne\Temp\cfmwfbi.dll	Infected: Trojan-PSW.Win32.OnLineGames.urw	1

C:\Documents and Settings\Adam\Ustawienia lokalne\Temp\d7xfi.dll	Infected: Trojan-PSW.Win32.OnLineGames.ahiw	1

C:\Documents and Settings\Adam\Ustawienia lokalne\Temp\dtzr9je.dll	Infected: Worm.Win32.AutoRun.dml	1

C:\Documents and Settings\Adam\Ustawienia lokalne\Temp\dxw.dll	Infected: Trojan.Win32.Pakes.cin	1

C:\Documents and Settings\Adam\Ustawienia lokalne\Temp\ep.dll	Infected: Trojan.Win32.Pakes.cgq	1

C:\Documents and Settings\Adam\Ustawienia lokalne\Temp\es8m88z.dll	Infected: Trojan-PSW.Win32.OnLineGames.acdy	1

C:\Documents and Settings\Adam\Ustawienia lokalne\Temp\f.dll	Infected: Trojan-GameThief.Win32.OnLineGames.sfwg	1

C:\Documents and Settings\Adam\Ustawienia lokalne\Temp\gj4hn.dll	Infected: Worm.Win32.AutoRun.dan	1

C:\Documents and Settings\Adam\Ustawienia lokalne\Temp\gjrud8qh.dll	Infected: Trojan-GameThief.Win32.OnLineGames.sdkj	1

C:\Documents and Settings\Adam\Ustawienia lokalne\Temp\help.exe	Infected: Trojan.Win32.Inject.iav	1

C:\Documents and Settings\Adam\Ustawienia lokalne\Temp\hg2d.dll	Infected: Trojan-PSW.Win32.OnLineGames.abuz	1

C:\Documents and Settings\Adam\Ustawienia lokalne\Temp\hnlro54.dll	Infected: Trojan-GameThief.Win32.OnLineGames.rzxs	1

C:\Documents and Settings\Adam\Ustawienia lokalne\Temp\ilpggjj.dll	Infected: Trojan-PSW.Win32.OnLineGames.skg	1

C:\Documents and Settings\Adam\Ustawienia lokalne\Temp\k4jm.dll	Infected: Trojan-GameThief.Win32.OnLineGames.arvm	1

C:\Documents and Settings\Adam\Ustawienia lokalne\Temp\kqyg5uy.dll	Infected: Trojan-GameThief.Win32.OnLineGames.sgen	1

C:\Documents and Settings\Adam\Ustawienia lokalne\Temp\m.dll	Infected: Trojan-PSW.Win32.OnLineGames.ywx	1

C:\Documents and Settings\Adam\Ustawienia lokalne\Temp\mirc631.exe	Infected: not-a-virus:Client-IRC.Win32.mIRC.631	1

C:\Documents and Settings\Adam\Ustawienia lokalne\Temp\n.dll	Infected: Trojan-GameThief.Win32.OnLineGames.spps	1

C:\Documents and Settings\Adam\Ustawienia lokalne\Temp\n2.dll	Infected: Worm.Win32.AutoRun.dsv	1

C:\Documents and Settings\Adam\Ustawienia lokalne\Temp\nod2.tmp	Infected: Trojan.Win32.Agent.adpj	1

C:\Documents and Settings\Adam\Ustawienia lokalne\Temp\nod3.tmp	Infected: Trojan.Win32.Agent.adpj	1

C:\Documents and Settings\Adam\Ustawienia lokalne\Temp\nod4.tmp	Infected: Trojan.Win32.Agent.adpj	1

C:\Documents and Settings\Adam\Ustawienia lokalne\Temp\nod5.tmp	Infected: Trojan.Win32.Agent.adpj	1

C:\Documents and Settings\Adam\Ustawienia lokalne\Temp\nod6.tmp	Infected: Trojan.Win32.Vaklik.doh	1

C:\Documents and Settings\Adam\Ustawienia lokalne\Temp\nod7.tmp	Infected: Trojan.Win32.Vaklik.doh	1

C:\Documents and Settings\Adam\Ustawienia lokalne\Temp\nod8.tmp	Infected: Trojan.Win32.Vaklik.doh	1

C:\Documents and Settings\Adam\Ustawienia lokalne\Temp\nod9.tmp	Infected: Trojan.Win32.Vaklik.doh	1

C:\Documents and Settings\Adam\Ustawienia lokalne\Temp\nx.dll	Infected: Trojan-GameThief.Win32.OnLineGames.sghq	1

C:\Documents and Settings\Adam\Ustawienia lokalne\Temp\oji.dll	Infected: Trojan-PSW.Win32.OnLineGames.acyr	1

C:\Documents and Settings\Adam\Ustawienia lokalne\Temp\ovlx.dll	Infected: Trojan-GameThief.Win32.OnLineGames.sfyf	1

C:\Documents and Settings\Adam\Ustawienia lokalne\Temp\port.dll	Infected: Worm.Win32.AutoRun.ekw	1

C:\Documents and Settings\Adam\Ustawienia lokalne\Temp\psdtohkm.dll	Infected: Trojan-PSW.Win32.OnLineGames.abkg	1

C:\Documents and Settings\Adam\Ustawienia lokalne\Temp\q5jh9.dll	Infected: Trojan-GameThief.Win32.OnLineGames.sjnt	1

C:\Documents and Settings\Adam\Ustawienia lokalne\Temp\q8gqt.dll	Infected: Trojan-GameThief.Win32.OnLineGames.sbrj	1

C:\Documents and Settings\Adam\Ustawienia lokalne\Temp\q8k4m7wy.dll	Infected: Trojan-GameThief.Win32.OnLineGames.sars	1

C:\Documents and Settings\Adam\Ustawienia lokalne\Temp\qrwafza.dll	Infected: Trojan-GameThief.Win32.OnLineGames.sgmo	1

C:\Documents and Settings\Adam\Ustawienia lokalne\Temp\rlbaort.dll	Infected: Trojan-GameThief.Win32.OnLineGames.sjpm	1

C:\Documents and Settings\Adam\Ustawienia lokalne\Temp\skmu.dll	Infected: Worm.Win32.AutoRun.dla	1

C:\Documents and Settings\Adam\Ustawienia lokalne\Temp\t.dll	Infected: Trojan-GameThief.Win32.OnLineGames.sezk	1

C:\Documents and Settings\Adam\Ustawienia lokalne\Temp\t4h.dll	Infected: Worm.Win32.AutoRun.efb	1

C:\Documents and Settings\Adam\Ustawienia lokalne\Temp\tru1.tmp	Infected: Trojan-Dropper.Win32.Agent.tbo	1

C:\Documents and Settings\Adam\Ustawienia lokalne\Temp\tru10.tmp	Infected: Trojan.Win32.Vaklik.bar	1

C:\Documents and Settings\Adam\Ustawienia lokalne\Temp\tru11.tmp	Infected: Trojan.Win32.Vaklik.bbn	1

C:\Documents and Settings\Adam\Ustawienia lokalne\Temp\tru12.tmp	Infected: Trojan.Win32.Vaklik.bbn	1

C:\Documents and Settings\Adam\Ustawienia lokalne\Temp\tru13.tmp	Infected: Trojan.Win32.Vaklik.bel	1

C:\Documents and Settings\Adam\Ustawienia lokalne\Temp\tru14.tmp	Infected: Trojan.Win32.Vaklik.bil	1

C:\Documents and Settings\Adam\Ustawienia lokalne\Temp\tru15.tmp	Infected: Trojan.Win32.Vaklik.biv	1

C:\Documents and Settings\Adam\Ustawienia lokalne\Temp\tru16.tmp	Infected: Trojan.Win32.Vaklik.bje	1

C:\Documents and Settings\Adam\Ustawienia lokalne\Temp\tru17.tmp	Infected: Trojan.Win32.Vaklik.bkh	1

C:\Documents and Settings\Adam\Ustawienia lokalne\Temp\tru18.tmp	Infected: Trojan.Win32.Vaklik.bku	1

C:\Documents and Settings\Adam\Ustawienia lokalne\Temp\tru19.tmp	Infected: Trojan.Win32.Vaklik.blc	1

C:\Documents and Settings\Adam\Ustawienia lokalne\Temp\tru1A.tmp	Infected: Trojan.Win32.Vaklik.bnk	1

C:\Documents and Settings\Adam\Ustawienia lokalne\Temp\tru1B.tmp	Infected: Trojan.Win32.Vaklik.cgv	1

C:\Documents and Settings\Adam\Ustawienia lokalne\Temp\tru1C.tmp	Infected: Trojan.Win32.Vaklik.ckl	1

C:\Documents and Settings\Adam\Ustawienia lokalne\Temp\tru1D.tmp	Infected: Trojan.Win32.Vaklik.cly	1

C:\Documents and Settings\Adam\Ustawienia lokalne\Temp\tru1E.tmp	Infected: Trojan.Win32.Vaklik.cpf	1

C:\Documents and Settings\Adam\Ustawienia lokalne\Temp\tru1F.tmp	Infected: Trojan.Win32.Vaklik.cpf	1

C:\Documents and Settings\Adam\Ustawienia lokalne\Temp\tru2.tmp	Infected: Worm.Win32.AutoRun.dkw	1

C:\Documents and Settings\Adam\Ustawienia lokalne\Temp\tru20.tmp	Infected: Trojan.Win32.Vaklik.cpu	1

C:\Documents and Settings\Adam\Ustawienia lokalne\Temp\tru21.tmp	Infected: Trojan.Win32.Crypt.lr	1

C:\Documents and Settings\Adam\Ustawienia lokalne\Temp\tru23.tmp	Infected: Trojan.Win32.Crypt.jd	1

C:\Documents and Settings\Adam\Ustawienia lokalne\Temp\tru24.tmp	Infected: Trojan.Win32.Crypt.jd	1

C:\Documents and Settings\Adam\Ustawienia lokalne\Temp\tru25.tmp	Infected: Trojan.Win32.Vaklik.cwu	1

C:\Documents and Settings\Adam\Ustawienia lokalne\Temp\tru27.tmp	Infected: Trojan.Win32.Crypt.le	1

C:\Documents and Settings\Adam\Ustawienia lokalne\Temp\tru28.tmp	Infected: Trojan.Win32.Crypt.ks	1

C:\Documents and Settings\Adam\Ustawienia lokalne\Temp\tru29.tmp	Infected: Trojan.Win32.Vaklik.cxq	1

C:\Documents and Settings\Adam\Ustawienia lokalne\Temp\tru2B.tmp	Infected: Trojan.Win32.Crypt.lz	1

C:\Documents and Settings\Adam\Ustawienia lokalne\Temp\tru2D.tmp	Infected: Trojan-GameThief.Win32.OnLineGames.szad	1

C:\Documents and Settings\Adam\Ustawienia lokalne\Temp\tru2E.tmp	Infected: Trojan-GameThief.Win32.OnLineGames.szad	1

C:\Documents and Settings\Adam\Ustawienia lokalne\Temp\tru2F.tmp	Infected: Worm.Win32.AutoRun.dlz	1

C:\Documents and Settings\Adam\Ustawienia lokalne\Temp\tru3.tmp	Infected: Trojan-PSW.Win32.OnLineGames.abvb	1

C:\Documents and Settings\Adam\Ustawienia lokalne\Temp\tru30.tmp	Infected: Trojan-GameThief.Win32.OnLineGames.szad	1

C:\Documents and Settings\Adam\Ustawienia lokalne\Temp\tru31.tmp	Infected: Trojan-GameThief.Win32.OnLineGames.szad	1

C:\Documents and Settings\Adam\Ustawienia lokalne\Temp\tru4.tmp	Infected: Worm.Win32.AutoRun.dmt	1

C:\Documents and Settings\Adam\Ustawienia lokalne\Temp\tru5.tmp	Infected: Worm.Win32.AutoRun.dmt	1

C:\Documents and Settings\Adam\Ustawienia lokalne\Temp\tru51.tmp	Infected: Worm.Win32.AutoRun.dlc	1

C:\Documents and Settings\Adam\Ustawienia lokalne\Temp\tru6.tmp	Infected: Trojan-PSW.Win32.OnLineGames.acdy	1

C:\Documents and Settings\Adam\Ustawienia lokalne\Temp\tru7.tmp	Infected: Worm.Win32.AutoRun.dni	1

C:\Documents and Settings\Adam\Ustawienia lokalne\Temp\tru8.tmp	Infected: Trojan-PSW.Win32.OnLineGames.acyr	1

C:\Documents and Settings\Adam\Ustawienia lokalne\Temp\tru9.tmp	Infected: Trojan-PSW.Win32.OnLineGames.aehj	1

C:\Documents and Settings\Adam\Ustawienia lokalne\Temp\truA.tmp	Infected: Trojan-PSW.Win32.OnLineGames.aenm	1

C:\Documents and Settings\Adam\Ustawienia lokalne\Temp\truB.tmp	Infected: Worm.Win32.AutoRun.dxg	1

C:\Documents and Settings\Adam\Ustawienia lokalne\Temp\truC.tmp	Infected: Trojan.Win32.Vaklik.aqj	1

C:\Documents and Settings\Adam\Ustawienia lokalne\Temp\truD.tmp	Infected: Trojan-Dropper.Win32.Agent.sli	1

C:\Documents and Settings\Adam\Ustawienia lokalne\Temp\truE.tmp	Infected: Trojan-Dropper.Win32.Crypter.t	1

C:\Documents and Settings\Adam\Ustawienia lokalne\Temp\truF.tmp	Infected: Trojan-Dropper.Win32.Crypter.v	1

C:\Documents and Settings\Adam\Ustawienia lokalne\Temp\vyjx4s.dll	Infected: Worm.Win32.AutoRun.egi	1

C:\Documents and Settings\Adam\Ustawienia lokalne\Temp\w.dll	Infected: Trojan-GameThief.Win32.OnLineGames.sgem	1

C:\Documents and Settings\Adam\Ustawienia lokalne\Temp\yut.dll	Infected: Trojan-GameThief.Win32.OnLineGames.szps	1

C:\Documents and Settings\Adam\Ustawienia lokalne\Temp\yv.dll	Infected: Trojan-GameThief.Win32.OnLineGames.sezl	1

C:\Documents and Settings\Adam\Ustawienia lokalne\Temp\z.dll	Infected: Trojan-PSW.Win32.OnLineGames.abqm	1

C:\Documents and Settings\Adam\Ustawienia lokalne\Temp\z5.dll	Infected: Trojan-GameThief.Win32.OnLineGames.rio	1

C:\Documents and Settings\Adam\Ustawienia lokalne\Temp\z8.dll	Infected: Trojan-PSW.Win32.OnLineGames.xji	1

C:\Documents and Settings\Adam\Ustawienia lokalne\Temp\zsh4zci.dll	Infected: Trojan-PSW.Win32.OnLineGames.yuf	1

C:\Documents and Settings\Adam\Ustawienia lokalne\Temp\~DF129.tmp	Infected: Trojan.Win32.Agent.bve	1

C:\Documents and Settings\Adam\Ustawienia lokalne\Temp\~DF13.tmp	Infected: Trojan.Win32.Agent.bve	1

C:\Documents and Settings\Adam\Ustawienia lokalne\Temp\~DF153.tmp	Infected: Trojan.Win32.Agent.bve	1

C:\Documents and Settings\Adam\Ustawienia lokalne\Temp\~DF167.tmp	Infected: Trojan.Win32.Agent.bve	1

C:\Documents and Settings\Adam\Ustawienia lokalne\Temp\~DF2.tmp	Infected: Trojan.Win32.Agent.bve	1

C:\Documents and Settings\Adam\Ustawienia lokalne\Temp\~DF216.tmp	Infected: Trojan.Win32.Agent.bve	1

C:\Documents and Settings\Adam\Ustawienia lokalne\Temp\~DF217.tmp	Infected: Trojan.Win32.Agent.bve	1

C:\Documents and Settings\Adam\Ustawienia lokalne\Temp\~DF219.tmp	Infected: Trojan.Win32.Agent.bve	1

C:\Documents and Settings\Adam\Ustawienia lokalne\Temp\~DF225.tmp	Infected: Trojan.Win32.Agent.bve	1

C:\Documents and Settings\Adam\Ustawienia lokalne\Temp\~DF251.tmp	Infected: Trojan.Win32.Agent.bve	1

C:\Documents and Settings\Adam\Ustawienia lokalne\Temp\~DF26.tmp	Infected: Trojan.Win32.Agent.bve	1

C:\Documents and Settings\Adam\Ustawienia lokalne\Temp\~DF26C.tmp	Infected: Trojan.Win32.Agent.bve	1

C:\Documents and Settings\Adam\Ustawienia lokalne\Temp\~DF26D.tmp	Infected: Trojan.Win32.Agent.bve	1

C:\Documents and Settings\Adam\Ustawienia lokalne\Temp\~DF2A9.tmp	Infected: Trojan.Win32.Agent.bve	1

C:\Documents and Settings\Adam\Ustawienia lokalne\Temp\~DF2BD.tmp	Infected: Trojan.Win32.Agent.bve	1

C:\Documents and Settings\Adam\Ustawienia lokalne\Temp\~DF2DB.tmp	Infected: Trojan.Win32.Agent.bve	1

C:\Documents and Settings\Adam\Ustawienia lokalne\Temp\~DF31D.tmp	Infected: Trojan.Win32.Agent.bve	1

C:\Documents and Settings\Adam\Ustawienia lokalne\Temp\~DF37C.tmp	Infected: Trojan.Win32.Agent.bve	1

C:\Documents and Settings\Adam\Ustawienia lokalne\Temp\~DF3AC.tmp	Infected: Trojan.Win32.Agent.bve	1

C:\Documents and Settings\Adam\Ustawienia lokalne\Temp\~DF3B1.tmp	Infected: Trojan.Win32.Agent.bve	1

C:\Documents and Settings\Adam\Ustawienia lokalne\Temp\~DF3E.tmp	Infected: Trojan.Win32.Agent.bve	1

C:\Documents and Settings\Adam\Ustawienia lokalne\Temp\~DF43.tmp	Infected: Trojan.Win32.Agent.bve	1

C:\Documents and Settings\Adam\Ustawienia lokalne\Temp\~DF451.tmp	Infected: Trojan.Win32.Agent.bve	1

C:\Documents and Settings\Adam\Ustawienia lokalne\Temp\~DF490.tmp	Infected: Trojan.Win32.Agent.bve	1

C:\Documents and Settings\Adam\Ustawienia lokalne\Temp\~DF4C.tmp	Infected: Trojan.Win32.Agent.bve	1

C:\Documents and Settings\Adam\Ustawienia lokalne\Temp\~DFBE.tmp	Infected: Trojan.Win32.Agent.bve	1

C:\Documents and Settings\Adam\Ustawienia lokalne\Temp\~DFF8.tmp	Infected: Trojan.Win32.Agent.bve	1

C:\Documents and Settings\Adam\Ustawienia lokalne\Temporary Internet Files\Content.IE5\W5V3Q1W8\help[2].exe	Infected: Trojan.Win32.Vaklik.doh	1

C:\dwvo.cmd	Infected: Trojan-PSW.Win32.OnLineGames.abop	1

C:\fe.bat	Infected: Packed.Win32.Krap.b	1

C:\g2pfnid.com	Infected: Trojan.Win32.Vaklik.cfe	1

C:\igxv.cmd	Infected: Trojan-PSW.Win32.OnLineGames.adye	1

C:\jdhc2x2.com	Infected: Trojan-GameThief.Win32.OnLineGames.wvs	1

C:\knupkb.com	Infected: Trojan.Win32.Pakes.jzz	1

C:\lkxcqdb.bat	Infected: Worm.Win32.AutoRun.dml	1

C:\mgjpcfdg.cmd	Infected: Worm.Win32.AutoRun.dan	1

C:\mnl6on3.com	Infected: Trojan-GameThief.Win32.OnLineGames.swzp	1

C:\mug0sd.cmd	Infected: Trojan-PSW.Win32.OnLineGames.abki	1

C:\nby.bat	Infected: Trojan.Win32.Vaklik.aqk	1

C:\oq.cmd	Infected: Worm.Win32.AutoRun.dni	1

C:\ph.com	Infected: Trojan-GameThief.Win32.Magania.aaye	1

C:\Program Files\MSTpscre\Tpscrex.exe	Infected: Trojan-Downloader.Win32.Agent.loz	1

C:\Program Files\TimeSink\AdGateway\TSAdBot.exe	Infected: not-a-virus:AdWare.Win32.TimeSink	1

C:\qa8sywva.cmd	Infected: Trojan.Win32.Vaklik.amc	1

C:\qwc.exe	Infected: Trojan-PSW.Win32.Magania.jag	1

C:\Recycled\ctfmon.exe	Infected: Trojan.Win32.VB.aqt	1

C:\Recycled\Recycled\ctfmon.exe	Infected: Trojan.Win32.VB.aqt	1

C:\ser.com	Infected: Trojan.Win32.Vaklik.xe	1

C:\t1ypkh.exe	Infected: Trojan-GameThief.Win32.Magania.zou	1

C:\t9peum02.exe	Infected: Worm.Win32.AutoRun.egi	1

C:\taqhptr.bat	Infected: Trojan.Win32.Vaklik.doi	1

C:\tym8a.exe	Infected: Worm.Win32.AutoRun.dly	1

C:\uis.com	Infected: Trojan.Win32.Vaklik.clx	1

C:\v.com	Infected: Trojan-PSW.Win32.OnLineGames.too	1

C:\vqv.exe	Infected: Trojan-PSW.Win32.OnLineGames.abwv	1

C:\vy.cmd	Infected: Worm.Win32.AutoRun.dla	1

C:\w0o.com	Infected: Worm.Win32.AutoRun.llh	1

C:\WINDOWS\pss\ctfmon.exeStartup	Infected: Trojan.Win32.VB.aqt	1

C:\WINDOWS\system32\amvo.exe	Infected: Trojan.Win32.Vaklik.doi	1

C:\WINDOWS\system32\amvo0.dll	Infected: Packed.Win32.Krap.b	1

C:\WINDOWS\system32\amvo1.dll	Infected: Packed.Win32.Krap.b	1

C:\WINDOWS\system32\ckvo.exe	Infected: Trojan.Win32.Inject.iav	1

C:\WINDOWS\system32\ckvo0.dll	Infected: Trojan-GameThief.Win32.OnLineGames.tjua	1

C:\WINDOWS\system32\ckvo1.dll	Infected: Trojan-GameThief.Win32.OnLineGames.tjua	1

C:\WINDOWS\system32\ckvo2.dll	Infected: Worm.Win32.AutoRun.lxx	1

C:\WINDOWS\system32\mstmdm.dll	Infected: Trojan.Win32.Agent.bve	1

C:\WINDOWS\system32\SkypeComm.dll	Infected: Trojan-Spy.Win32.BHO.s	1

C:\WINDOWS\system32\sprint.dll	Infected: Trojan-Downloader.Win32.Agent.ahts	1

C:\WINDOWS\TSAd.dll	Infected: not-a-virus:AdWare.Win32.TimeSink	1

C:\WINDOWS\VcpDLL.dll	Infected: not-a-virus:AdWare.Win32.TimeSink	1

C:\xp19.com	Infected: Packed.Win32.PolyCrypt.h	1

D:\0.com	Infected: Trojan-GameThief.Win32.OnLineGames.arvn	1

D:\00hoeav.com	Infected: Trojan-GameThief.Win32.OnLineGames.sdki	1

D:\0gjn3yw.exe	Infected: Trojan.Win32.Vaklik.bpw	1

D:\0hct8ybw.bat	Infected: Trojan-GameThief.Win32.OnLineGames.rie	1

D:\0n.bat	Infected: Trojan-PSW.Win32.OnLineGames.acdy	1

D:\0u.cmd	Infected: Worm.Win32.AutoRun.owt	1

D:\1dg.exe	Infected: Trojan-PSW.Win32.OnLineGames.acas	1

D:\1u0o8bnq.cmd	Infected: Trojan-GameThief.Win32.Magania.aczm	1

D:\22wcb21o.exe	Infected: Trojan-PSW.Win32.OnLineGames.ubg	1

D:\22xo.exe	Infected: Trojan-GameThief.Win32.Magania.abkz	1

D:\32e2.com	Infected: Trojan-PSW.Win32.OnLineGames.uek	1

D:\39lpji.com	Infected: Worm.Win32.AutoRun.nan	1

D:\6l6w8.com	Infected: Trojan-PSW.Win32.OnLineGames.ywy	1

D:\9yqusig.bat	Infected: Trojan.Win32.Inject.iav	1

D:\bpu.exe	Infected: Worm.Win32.AutoRun.lpk	1

D:\cayfq2.cmd	Infected: Trojan-PSW.Win32.OnLineGames.ujl	1

D:\Dokumenty\Adam\SX1\Symbian\Restart\restart.v1.10_191.sis	Infected: Trojan.SymbOS.Skuller.gen	1

D:\dwvo.cmd	Infected: Trojan-PSW.Win32.OnLineGames.abop	1

D:\fe.bat	Infected: Packed.Win32.Krap.b	1

D:\g2pfnid.com	Infected: Trojan.Win32.Vaklik.cfe	1

D:\igxv.cmd	Infected: Trojan-PSW.Win32.OnLineGames.adye	1

D:\jdhc2x2.com	Infected: Trojan-GameThief.Win32.OnLineGames.wvs	1

D:\knupkb.com	Infected: Trojan.Win32.Pakes.jzz	1

D:\lkxcqdb.bat	Infected: Worm.Win32.AutoRun.dml	1

D:\mgjpcfdg.cmd	Infected: Worm.Win32.AutoRun.dan	1

D:\mnl6on3.com	Infected: Trojan-GameThief.Win32.OnLineGames.swzp	1

D:\mug0sd.cmd	Infected: Trojan-PSW.Win32.OnLineGames.abki	1

D:\My Downloads\ayumi hamasaki song for xx.mp3	Infected: Trojan-Downloader.WMA.Wimad.n	1

D:\nby.bat	Infected: Trojan.Win32.Vaklik.aqk	1

D:\oq.cmd	Infected: Worm.Win32.AutoRun.dni	1

D:\ph.com	Infected: Trojan-GameThief.Win32.Magania.aaye	1

D:\Propellerhead\Reason\ReasonRpsPatch.exe	Infected: Backdoor.Win32.PcClient.jhu	1

D:\qa8sywva.cmd	Infected: Trojan.Win32.Vaklik.amc	1

D:\qwc.exe	Infected: Trojan-PSW.Win32.Magania.jag	1

D:\Recycled\ctfmon.exe	Infected: Trojan.Win32.VB.aqt	1

D:\ser.com	Infected: Trojan.Win32.Vaklik.xe	1

D:\t1ypkh.exe	Infected: Trojan-GameThief.Win32.Magania.zou	1

D:\t9peum02.exe	Infected: Worm.Win32.AutoRun.egi	1

D:\taqhptr.bat	Infected: Trojan.Win32.Vaklik.doi	1

D:\tym8a.exe	Infected: Worm.Win32.AutoRun.dly	1

D:\uis.com	Infected: Trojan.Win32.Vaklik.clx	1

D:\v.com	Infected: Trojan-PSW.Win32.OnLineGames.too	1

D:\vqv.exe	Infected: Trojan-PSW.Win32.OnLineGames.abwv	1

D:\vy.cmd	Infected: Worm.Win32.AutoRun.dla	1

D:\w0o.com	Infected: Worm.Win32.AutoRun.llh	1

D:\xp19.com	Infected: Packed.Win32.PolyCrypt.h	1

E:\0.com	Infected: Trojan-GameThief.Win32.OnLineGames.arvn	1

E:\00hoeav.com	Infected: Trojan-GameThief.Win32.OnLineGames.sdki	1

E:\0gjn3yw.exe	Infected: Trojan.Win32.Vaklik.bpw	1

E:\0hct8ybw.bat	Infected: Trojan-GameThief.Win32.OnLineGames.rie	1

E:\0n.bat	Infected: Trojan-PSW.Win32.OnLineGames.acdy	1

E:\0u.cmd	Infected: Worm.Win32.AutoRun.owt	1

E:\1dg.exe	Infected: Trojan-PSW.Win32.OnLineGames.acas	1

E:\1u0o8bnq.cmd	Infected: Trojan-GameThief.Win32.Magania.aczm	1

E:\22wcb21o.exe	Infected: Trojan-PSW.Win32.OnLineGames.ubg	1

E:\22xo.exe	Infected: Trojan-GameThief.Win32.Magania.abkz	1

E:\32e2.com	Infected: Trojan-PSW.Win32.OnLineGames.uek	1

E:\39lpji.com	Infected: Worm.Win32.AutoRun.nan	1

E:\6l6w8.com	Infected: Trojan-PSW.Win32.OnLineGames.ywy	1

E:\9yqusig.bat	Infected: Trojan.Win32.Inject.iav	1

E:\bpu.exe	Infected: Worm.Win32.AutoRun.lpk	1

E:\cayfq2.cmd	Infected: Trojan-PSW.Win32.OnLineGames.ujl	1

E:\dwvo.cmd	Infected: Trojan-PSW.Win32.OnLineGames.abop	1

E:\fe.bat	Infected: Packed.Win32.Krap.b	1

E:\g2pfnid.com	Infected: Trojan.Win32.Vaklik.cfe	1

E:\GG Serwer Changer\GG Serwer Changer.exe	Infected: Trojan-Downloader.Win32.Delf.kes	1

E:\igxv.cmd	Infected: Trojan-PSW.Win32.OnLineGames.adye	1

E:\jdhc2x2.com	Infected: Trojan-GameThief.Win32.OnLineGames.wvs	1

E:\knupkb.com	Infected: Trojan.Win32.Pakes.jzz	1

E:\lkxcqdb.bat	Infected: Worm.Win32.AutoRun.dml	1

E:\mgjpcfdg.cmd	Infected: Worm.Win32.AutoRun.dan	1

E:\mIRC\mirc.exe	Infected: not-a-virus:Client-IRC.Win32.mIRC.631	1

E:\mnl6on3.com	Infected: Trojan-GameThief.Win32.OnLineGames.swzp	1

E:\mug0sd.cmd	Infected: Trojan-PSW.Win32.OnLineGames.abki	1

E:\nby.bat	Infected: Trojan.Win32.Vaklik.aqk	1

E:\oq.cmd	Infected: Worm.Win32.AutoRun.dni	1

E:\ph.com	Infected: Trojan-GameThief.Win32.Magania.aaye	1

E:\qa8sywva.cmd	Infected: Trojan.Win32.Vaklik.amc	1

E:\qwc.exe	Infected: Trojan-PSW.Win32.Magania.jag	1

E:\Recycled\ctfmon.exe	Infected: Trojan.Win32.VB.aqt	1

E:\ser.com	Infected: Trojan.Win32.Vaklik.xe	1

E:\t1ypkh.exe	Infected: Trojan-GameThief.Win32.Magania.zou	1

E:\t9peum02.exe	Infected: Worm.Win32.AutoRun.egi	1

E:\taqhptr.bat	Infected: Trojan.Win32.Vaklik.doi	1

E:\The Bat!\Konta\Trash\MESSAGES.TBB	Suspicious: Trojan-Spy.HTML.Fraud.gen	1

E:\The Bat!\Konta\Trash\MESSAGES.TBB	Infected: Email-Worm.Win32.Luder.a	1

E:\The Bat!\Konta\Trash\MESSAGES.TBB	Infected: Email-Worm.Win32.Zhelatin.d	1

E:\The Bat!\Konta\Trash\MESSAGES.TBB	Infected: Email-Worm.Win32.Zhelatin.h	2

E:\The Bat!\Konta\Trash\MESSAGES.TBB	Infected: Email-Worm.Win32.Zhelatin.m	1

E:\The Bat!\Konta\Trash\MESSAGES.TBB	Infected: Email-Worm.Win32.Zhelatin.u	1

E:\The Bat!\Konta\Trash\MESSAGES.TBB	Infected: Email-Worm.Win32.Zhelatin.cq	1

E:\The Bat!\Konta\Trash\MESSAGES.TBB	Infected: Email-Worm.Win32.Zhelatin.ct	2

E:\The Bat!\Konta\Trash\MESSAGES.TBB	Infected: Email-Worm.Win32.NetSky.q	1

E:\The Bat!\Konta\Trash\MESSAGES.TBB	Infected: Worm.Win32.Feebs.gen	1

E:\tym8a.exe	Infected: Worm.Win32.AutoRun.dly	1

E:\uis.com	Infected: Trojan.Win32.Vaklik.clx	1

E:\v.com	Infected: Trojan-PSW.Win32.OnLineGames.too	1

E:\vqv.exe	Infected: Trojan-PSW.Win32.OnLineGames.abwv	1

E:\vy.cmd	Infected: Worm.Win32.AutoRun.dla	1

E:\w0o.com	Infected: Worm.Win32.AutoRun.llh	1

E:\xp19.com	Infected: Packed.Win32.PolyCrypt.h	1

K:\9yqusig.bat	Infected: Trojan.Win32.Inject.iav	1

K:\Recycled\ctfmon.exe	Infected: Trojan.Win32.VB.aqt	1

K:\taqhptr.bat	Infected: Trojan.Win32.Vaklik.doi	1

L:\0u.cmd	Infected: Worm.Win32.AutoRun.owt	1

L:\1u0o8bnq.cmd	Infected: Trojan-GameThief.Win32.Magania.aczm	1

L:\9yqusig.bat	Infected: Trojan.Win32.Inject.iav	1

L:\fe.bat	Infected: Packed.Win32.Krap.b	1

L:\Recycled\ctfmon.exe	Infected: Trojan.Win32.VB.aqt	1

L:\taqhptr.bat	Infected: Trojan.Win32.Vaklik.doi	1


The selected area was scanned.

(Leon$) #10

pozamykaj dziurawe porty WWDC http://cybertrash.pl/images/tata/WWDC.html

pobierz i zastosuj ATF Cleaner http://cybertrash.pl/images/tata/ATF/ATF.html

pobierz i zainstaluj Kaspersky Anti-Virus http://www.kaspersky.pl/download.html?s=trial

pełna 30 dniowa wersja

wtedy przeskanuj cały komp

zrób nowe logi Combofix ,HijackThis Pobierz System Repair Engineer

http://www.cybertrash.pl/images/tata/System%20Repair/System%20Repair%20Engineer.html

przeskanuj daj log

wszystkie logi robisz po skanowaniu kasperskim w kolejności którą podałem

:slight_smile: