wklejto.pl

Dodane przez: ~oklej (2009-02-21 10:36) -> text
1.
2.
3.
4.
5.
6.
7.
8.
9.
10.
11.
12.
13.
14.
15.
16.
17.
18.
19.
20.
21.
22.
23.
24.
25.
26.
27.
28.
29.
30.
31.
32.
33.
34.
35.
36.
37.
38.
39.
40.
41.
42.
43.
44.
45.
46.
47.
48.
49.
50.
51.
52.
53.
54.
55.
56.
57.
58.
59.
60.
61.
62.
63.
64.
65.
66.
67.
68.
69.
70.
71.
72.
73.
74.
75.
76.
77.
78.
79.
80.
81.
82.
83.
84.
85.
86.
87.
88.
89.
90.
91.
92.
93.
94.
95.
96.
97.
98.
99.
100.
101.
102.
103.
104.
105.
106.
107.
108.
109.
110.
111.
112.
113.
114.
115.
116.
117.
118.
119.
120.
121.
122.
123.
124.
125.
126.
127.
128.
129.
130.
131.
132.
133.
134.
135.
136.
137.
138.
139.
140.
141.
142.
143.
144.
145.
146.
147.
148.
149.
150.
151.
152.
153.
154.
155.
156.
157.
158.
159.
160.
161.
162.
163.
164.
165.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 09:48:14, on 2009-02-21
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
 
Running processes:
C:\\WINDOWS\\System32\\smss.exe
C:\\WINDOWS\\system32\\winlogon.exe
C:\\WINDOWS\\system32\\services.exe
C:\\WINDOWS\\system32\\lsass.exe
C:\\WINDOWS\\system32\\Ati2evxx.exe
C:\\WINDOWS\\system32\\svchost.exe
C:\\WINDOWS\\System32\\svchost.exe
C:\\WINDOWS\\system32\\Ati2evxx.exe
C:\\Program Files\\Common Files\\Symantec Shared\\ccSvcHst.exe
C:\\Program Files\\Alwil Software\\Avast4\\aswUpdSv.exe
C:\\Program Files\\Lavasoft\\Ad-Aware\\AAWService.exe
C:\\Program Files\\Alwil Software\\Avast4\\ashServ.exe
C:\\WINDOWS\\system32\\spoolsv.exe
C:\\Program Files\\WIDCOMM\\Bluetooth Software\\bin\\btwdins.exe
C:\\Program Files\\Symantec AntiVirus\\DefWatch.exe
C:\\Program Files\\Analog Devices\\SoundMAX\\SMAgent.exe
C:\\WINDOWS\\system32\\svchost.exe
C:\\Program Files\\Symantec AntiVirus\\Rtvscan.exe
C:\\PROGRA~1\\ALWILS~1\\Avast4\\ashDisp.exe
C:\\Program Files\\Analog Devices\\SoundMAX\\SMax4PNP.exe
C:\\WINDOWS\\AGRSMMSG.exe
C:\\Program Files\\ATI Technologies\\ATI Control Panel\\atiptaxx.exe
C:\\Program Files\\Common Files\\Symantec Shared\\ccApp.exe
C:\\PROGRA~1\\SYMANT~1\\VPTray.exe
C:\\Program Files\\Winamp\\winampa.exe
C:\\Program Files\\Lavasoft\\Ad-Aware\\AAWTray.exe
C:\\Program Files\\BitComet\\BitComet.exe
C:\\Program Files\\WIDCOMM\\Bluetooth Software\\BTTray.exe
C:\\PROGRA~1\\WIDCOMM\\BLUETO~1\\BTSTAC~1.EXE
C:\\Program Files\\Gadu-Gadu\\gg.exe
C:\\WINDOWS\\system32\\wuauclt.exe
C:\\WINDOWS\\explorer.exe
C:\\Program Files\\Mozilla Firefox\\firefox.exe
C:\\Program Files\\Alwil Software\\Avast4\\ashMaiSv.exe
C:\\Program Files\\Alwil Software\\Avast4\\ashWebSv.exe
C:\\Program Files\\Trend Micro\\HijackThis\\HijackThis.exe
 
R1 - HKLM\\Software\\Microsoft\\Internet Explorer\\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\\Software\\Microsoft\\Internet Explorer\\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\\Software\\Microsoft\\Internet Explorer\\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\\Software\\Microsoft\\Internet Explorer\\Toolbar,LinksFolderName = Łącza
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\\Program Files\\BitComet\\tools\\BitCometBHO_1.3.1.15.dll
O4 - HKLM\\..\\Run: [TrojanScanner] C:\\Program Files\\Trojan Remover\\Trjscan.exe
O4 - HKLM\\..\\Run: [avast!] C:\\PROGRA~1\\ALWILS~1\\Avast4\\ashDisp.exe
O4 - HKLM\\..\\Run: [SoundMAXPnP] C:\\Program Files\\Analog Devices\\SoundMAX\\SMax4PNP.exe
O4 - HKLM\\..\\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\\..\\Run: [ATIPTA] \"C:\\Program Files\\ATI Technologies\\ATI Control Panel\\atiptaxx.exe\"
O4 - HKLM\\..\\Run: [ccApp] \"C:\\Program Files\\Common Files\\Symantec Shared\\ccApp.exe\"
O4 - HKLM\\..\\Run: [vptray] C:\\PROGRA~1\\SYMANT~1\\VPTray.exe
O4 - HKLM\\..\\Run: [WinampAgent] \"C:\\Program Files\\Winamp\\winampa.exe\"
O4 - HKLM\\..\\Run: [Ad-Watch] C:\\Program Files\\Lavasoft\\Ad-Aware\\AAWTray.exe
O4 - HKCU\\..\\Run: [CTFMON.EXE] C:\\WINDOWS\\system32\\ctfmon.exe
O4 - HKCU\\..\\Run: [BitComet] \"C:\\Program Files\\BitComet\\BitComet.exe\" /tray
O4 - HKCU\\..\\Run: [Skype] \"C:\\Program Files\\Skype\\Phone\\Skype.exe\" /nosplash /minimized
O4 - HKUS\\S-1-5-18\\..\\Run: [CTFMON.EXE] C:\\WINDOWS\\system32\\CTFMON.EXE (User \'SYSTEM\')
O4 - HKUS\\.DEFAULT\\..\\Run: [CTFMON.EXE] C:\\WINDOWS\\system32\\CTFMON.EXE (User \'Default user\')
O4 - Global Startup: BTTray.lnk = ?
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\\WINDOWS\\system32\\GPhotos.scr/200
O8 - Extra context menu item: Pobierz wszystkie VIdeo za pomocą BitComet - res://C:\\Program Files\\BitComet\\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: Pobierz wszystko za pomocą BitComet - res://C:\\Program Files\\BitComet\\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: Pobierz za pomocą BitComet - res://C:\\Program Files\\BitComet\\BitComet.exe/AddLink.htm
O8 - Extra context menu item: Wyślij do interfejsu &Bluetooth - C:\\Program Files\\WIDCOMM\\Bluetooth Software\\btsendto_ie_ctx.htm
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\\Program Files\\WIDCOMM\\Bluetooth Software\\btsendto_ie.htm
O9 - Extra \'Tools\' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\\Program Files\\WIDCOMM\\Bluetooth Software\\btsendto_ie.htm
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\\Program Files\\BitComet\\tools\\BitCometBHO_1.3.1.15.dll/206 (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\\Program Files\\Messenger\\msmsgs.exe
O9 - Extra \'Tools\' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\\Program Files\\Messenger\\msmsgs.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\\PROGRA~1\\COMMON~1\\Skype\\SKYPE4~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\\Program Files\\Alwil Software\\Avast4\\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\\WINDOWS\\system32\\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\\Program Files\\Alwil Software\\Avast4\\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\\Program Files\\Alwil Software\\Avast4\\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\\Program Files\\Alwil Software\\Avast4\\ashWebSv.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\\Program Files\\WIDCOMM\\Bluetooth Software\\bin\\btwdins.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\\Program Files\\Common Files\\Symantec Shared\\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\\Program Files\\Common Files\\Symantec Shared\\ccSvcHst.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\\Program Files\\Symantec AntiVirus\\DefWatch.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\\Program Files\\Google\\Common\\Google Updater\\GoogleUpdaterService.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\\Program Files\\Lavasoft\\Ad-Aware\\AAWService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\\PROGRA~1\\Symantec\\LIVEUP~1\\LUCOMS~1.EXE
O23 - Service: SAVRoam (SavRoam) - symantec - C:\\Program Files\\Symantec AntiVirus\\SavRoam.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\\Program Files\\Analog Devices\\SoundMAX\\SMAgent.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\\Program Files\\Symantec AntiVirus\\Rtvscan.exe
 
--
End of file - 6666 bytes
 
 
ComboFix 09-02-14.01 - ToMaS 2009-02-21  9:42:26.2 - NTFSx86
Microsoft Windows XP Professional  5.1.2600.2.1250.1.1045.18.1023.309 [GMT 1:00]
Uruchomiony z: c:\\documents and settings\\ToMaS\\Pulpit\\ComboFix.exe
AV: avast! antivirus 4.8.1335 [VPS 090220-0] *On-access scanning disabled* (Updated)
 
UWAGA - TEN KOMPUTER NIE MA ZAINSTALOWANEJ KONSOLI ODZYSKIWANIA !!
.
 
(((((((((((((((((((((((((   Pliki utworzone od 2009-01-21 do 2009-02-21  )))))))))))))))))))))))))))))))
.
 
2009-02-21 15:08 . 2009-02-21 15:08     <DIR>   d--------       c:\\program files\\IrfanView
2009-02-21 09:28 . 2009-02-21 09:28     <DIR>   d--------       c:\\program files\\Trend Micro
2009-02-21 09:20 . 2009-02-21 09:20     <DIR>   d--------       c:\\windows\\LastGood
2009-02-21 07:35 . 2009-02-21 07:35     <DIR>   d--------       c:\\documents and settings\\ToMaS\\Dane aplikacji\\Simply Super Software
2009-02-21 07:35 . 2009-02-21 09:02     <DIR>   d-a------       c:\\documents and settings\\All Users\\Dane aplikacji\\TEMP
2009-02-20 23:02 . 2009-02-20 22:55     15,688  --a------       c:\\windows\\system32\\lsdelete.exe
2009-02-20 23:00 . 2009-02-20 23:00     <DIR>   d--------       c:\\documents and settings\\LocalService\\Pulpit
2009-02-20 22:55 . 2009-02-20 22:55     64,160  --a------       c:\\windows\\system32\\drivers\\Lbd.sys
2009-02-20 22:54 . 2009-02-20 22:54     <DIR>   d--------       c:\\program files\\Lavasoft
2009-02-20 22:54 . 2009-02-20 22:55     <DIR>   d--------       c:\\documents and settings\\All Users\\Dane aplikacji\\Lavasoft
2009-02-20 22:54 . 2009-02-20 22:54     <DIR>   d--h-c---       c:\\documents and settings\\All Users\\Dane aplikacji\\{83C91755-2546-441D-AC40-9A6B4B860800}
2009-02-18 21:15 . 2001-10-26 16:57     12,160  --a------       c:\\windows\\system32\\drivers\\mouhid.sys
2009-02-18 11:26 . 2009-02-20 15:29     <DIR>   d--------       c:\\documents and settings\\ToMaS\\Dane aplikacji\\skypePM
2009-02-18 11:26 . 2009-02-18 11:26     56      --ah-----       c:\\windows\\system32\\ezsidmv.dat
2009-02-18 11:25 . 2009-02-18 11:25     <DIR>   dr-------       c:\\program files\\Skype
2009-02-18 11:25 . 2009-02-18 11:25     <DIR>   d--------       c:\\program files\\Common Files\\Skype
2009-02-18 11:25 . 2009-02-20 23:26     <DIR>   d--------       c:\\documents and settings\\ToMaS\\Dane aplikacji\\Skype
2009-02-18 11:25 . 2009-02-18 11:25     <DIR>   d--------       c:\\documents and settings\\All Users\\Dane aplikacji\\Skype
2009-02-16 22:22 . 2009-02-16 22:22     <DIR>   d--------       c:\\documents and settings\\ToMaS\\Dane aplikacji\\Media Player Classic
2009-02-16 22:21 . 2009-02-16 22:22     <DIR>   d--------       c:\\program files\\K-Lite Codec Pack
2009-02-16 22:21 . 2008-11-06 17:37     3,596,288       --a------       c:\\windows\\system32\\qt-dx331.dll
2009-02-16 22:21 . 2008-09-24 19:41     839,680 --a------       c:\\windows\\system32\\lameACM.acm
2009-02-16 22:21 . 2008-12-07 19:08     795,648 --a------       c:\\windows\\system32\\xvidcore.dll
2009-02-16 22:21 . 2004-01-25 17:18     217,088 --a------       c:\\windows\\system32\\yv12vfw.dll
2009-02-16 22:21 . 2008-09-16 20:23     168,448 --a------       c:\\windows\\system32\\unrar.dll
2009-02-16 22:21 . 2008-12-07 19:08     130,048 --a------       c:\\windows\\system32\\xvidvfw.dll
2009-02-16 22:21 . 2007-09-21 01:52     118,784 --a------       c:\\windows\\system32\\ac3acm.acm
2009-02-16 22:21 . 2008-12-11 01:33     86,016  --a------       c:\\windows\\system32\\dpl100.dll
2009-02-16 22:21 . 2009-02-09 19:56     67,584  --a------       c:\\windows\\system32\\ff_vfw.dll
2009-02-16 22:21 . 2007-07-10 17:10     547     --a------       c:\\windows\\system32\\ff_vfw.dll.manifest
2009-02-16 22:21 . 2008-10-03 13:30     414     --a------       c:\\windows\\system32\\lame_acm.xml
2009-02-15 21:49 . 2009-02-15 21:49     35,440  --a------       c:\\windows\\system32\\sschk.trb
2009-02-15 21:19 . 2009-02-15 22:33     <DIR>   d--------       c:\\windows\\system32\\CatRoot_bak
2009-02-15 18:06 . 2009-02-15 18:06     <DIR>   d--------       C:\\Ajt Soft
2009-02-14 01:21 . 2009-02-14 01:21     <DIR>   d--------       C:\\gomora
2009-02-14 00:38 . 2009-02-16 22:21     <DIR>   d--------       c:\\windows\\system32\\quicktime
2009-02-14 00:38 . 2009-02-14 00:38     <DIR>   d--------       c:\\program files\\DivX
2009-02-14 00:28 . 2009-02-14 00:29     <DIR>   d--------       C:\\totalcmd
2009-02-14 00:28 . 2009-02-14 08:02     1,118   --a------       c:\\windows\\wincmd.ini
2009-02-14 00:28 . 2008-07-29 07:04     545     --a------       c:\\windows\\UC.PIF
2009-02-14 00:28 . 2008-07-29 07:04     545     --a------       c:\\windows\\RAR.PIF
2009-02-14 00:28 . 2008-07-29 07:04     545     --a------       c:\\windows\\PKZIP.PIF
2009-02-14 00:28 . 2008-07-29 07:04     545     --a------       c:\\windows\\PKUNZIP.PIF
2009-02-14 00:28 . 2008-07-29 07:04     545     --a------       c:\\windows\\NOCLOSE.PIF
2009-02-14 00:28 . 2008-07-29 07:04     545     --a------       c:\\windows\\LHA.PIF
2009-02-14 00:28 . 2008-07-29 07:04     545     --a------       c:\\windows\\ARJ.PIF
2009-02-14 00:23 . 2009-02-14 00:24     <DIR>   d--------       c:\\program files\\SubEdit-Player
2009-02-14 00:10 . 2009-02-14 00:21     <DIR>   d--------       c:\\program files\\Winamp
2009-02-14 00:10 . 2009-02-14 00:21     <DIR>   d--------       c:\\documents and settings\\ToMaS\\Dane aplikacji\\Winamp
2009-02-14 00:10 . 2007-03-08 00:51     129,784 ---------       c:\\windows\\system32\\pxafs.dll
2009-02-13 23:06 . 2009-02-18 14:46     <DIR>   d--------       C:\\Downloads
2009-02-13 23:05 . 2009-02-21 09:39     <DIR>   d--------       c:\\program files\\BitComet
2009-02-13 14:36 . 2009-02-13 14:36     <DIR>   d--------       c:\\program files\\Gadu-Gadu
2009-02-13 14:36 . 2009-02-13 14:36     <DIR>   d--------       c:\\documents and settings\\ToMaS\\Gadu-Gadu
2009-02-13 08:27 . 2009-02-13 08:27     <DIR>   d--------       c:\\program files\\Symantec
2009-02-13 08:27 . 2006-10-09 18:47     110,256 --a------       c:\\windows\\system32\\drivers\\SYMEVENT.SYS
2009-02-13 08:27 . 2006-10-09 18:47     48,816  --a------       c:\\windows\\system32\\S32EVNT1.DLL
2009-02-13 08:26 . 2009-02-13 08:27     <DIR>   d--------       c:\\program files\\Symantec AntiVirus
2009-02-13 08:26 . 2009-02-13 08:28     <DIR>   d--------       c:\\program files\\Common Files\\Symantec Shared
Wygenerowano w 0.081s, przy pomocy GeSHi 1.0.8
'
Podziel się na Facebook Podziel się na BLIP Podziel się na Twitter Podziel się na Buzz Podziel się na Flaker Dodaj zakładkę Google Podziel się na Delicious Wykop to!

Nowy Komentarz:

Komentarze:

Brak Komentarzy!