Kod: 27004 WKLEJTO.PL Darmowa wklejka, na zawsze!

1. 2. 3. 4. 5. 6. 7. 8. 9. 10. 11. 12. 13. 14. 15. 16. 17. 18. 19. 20. 21. 22. 23. 24. 25. 26. 27. 28. 29. 30. 31. 32. 33. 34. 35. 36. 37. 38. 39. 40. 41. 42. 43. 44. 45. 46. 47. 48. 49. 50. 51. 52. 53. 54. 55. 56. 57. 58. 59. 60. 61. 62. 63. 64. 65. 66. 67. 68. 69. 70. 71. 72. 73. 74. 75. 76. 77. 78. 79. 80. 81. 82. 83. 84. 85. 86. 87. 88. 89. 90. 91. 92. 93. 94. 95. 96. 97. 98. 99. 100. 101. 102. 103. 104. 105. 106. 107. 108. 109. 110. 111. 112. 113. 114. 115. 116. 117. 118. 119. 120. 121. 122. 123. 124. 125. 126. 127. 128. 129. 130. 131. 132. 133. 134. 135. 136. 137. 138. 139. 140. 141. 142. 143. 144. 145. 146. 147. 148. 149. 150. 151. 152. 153. 154. 155. 156. 157. 158. 159. 160. 161. 162. 163. 164. 165. 166. 167. 168. 169. 170. 171. 172. 173. 174. 175. 176. 177. 178. 179. 180. 181. 182. 183. 184. 185. 186. 187. 188. 189. 190. 191. 192. 193. 194. 195. 196. 197. 198. 199. 200. 201. 202. 203. 204. 205. 206. 207. 208. 209. 210. 211. 212. 213. 214. 215. 216. 217. 218. 219. 220. 221. 222. 223. 224. 225. 226. 227. 228. 229. 230. 231. 232. 233. 234. 235. 236. 237. 238. 239. 240. 241. 242. 243. 244. 245. 246. 247. 248. 249. 250. 251. 252. 253. 254. 255. 256. 257. 258. 259. 260. 261. 262. 263. 264. 265. 266. 267. 268. 269. 270. 271. 272. 273. 274. 275. 276. 277. 278. 279. 280. 281. 282. 283. 284. 285. 286. 287. 288. 289. 290. 291. 292. 293. 294. 295. 296. 297. 298. 299. 300. 301. 302. 303. 304. 305. 306. 307. 308. 309. 310. 311. 312. 313. 314. 315.

ComboFix 09-02-14.01 - ToMaS 2009-02-21 9:42:26.2 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1250.1.1045.18.1023.309 [GMT 1:00] Uruchomiony z: c:\\documents and settings\\ToMaS\\Pulpit\\ComboFix.exe AV: avast! antivirus 4.8.1335 [VPS 090220-0] *On-access scanning disabled* (Updated) UWAGA - TEN KOMPUTER NIE MA ZAINSTALOWANEJ KONSOLI ODZYSKIWANIA !! . ((((((((((((((((((((((((( Pliki utworzone od 2009-01-21 do 2009-02-21 ))))))))))))))))))))))))))))))) . 2009-02-21 15:08 . 2009-02-21 15:08 <DIR> d-------- c:\\program files\\IrfanView 2009-02-21 09:28 . 2009-02-21 09:28 <DIR> d-------- c:\\program files\\Trend Micro 2009-02-21 09:20 . 2009-02-21 09:20 <DIR> d-------- c:\\windows\\LastGood 2009-02-21 07:35 . 2009-02-21 07:35 <DIR> d-------- c:\\documents and settings\\ToMaS\\Dane aplikacji\\Simply Super Software 2009-02-21 07:35 . 2009-02-21 09:02 <DIR> d-a------ c:\\documents and settings\\All Users\\Dane aplikacji\\TEMP 2009-02-20 23:02 . 2009-02-20 22:55 15,688 --a------ c:\\windows\\system32\\lsdelete.exe 2009-02-20 23:00 . 2009-02-20 23:00 <DIR> d-------- c:\\documents and settings\\LocalService\\Pulpit 2009-02-20 22:55 . 2009-02-20 22:55 64,160 --a------ c:\\windows\\system32\\drivers\\Lbd.sys 2009-02-20 22:54 . 2009-02-20 22:54 <DIR> d-------- c:\\program files\\Lavasoft 2009-02-20 22:54 . 2009-02-20 22:55 <DIR> d-------- c:\\documents and settings\\All Users\\Dane aplikacji\\Lavasoft 2009-02-20 22:54 . 2009-02-20 22:54 <DIR> d--h-c--- c:\\documents and settings\\All Users\\Dane aplikacji\\{83C91755-2546-441D-AC40-9A6B4B860800} 2009-02-18 21:15 . 2001-10-26 16:57 12,160 --a------ c:\\windows\\system32\\drivers\\mouhid.sys 2009-02-18 11:26 . 2009-02-20 15:29 <DIR> d-------- c:\\documents and settings\\ToMaS\\Dane aplikacji\\skypePM 2009-02-18 11:26 . 2009-02-18 11:26 56 --ah----- c:\\windows\\system32\\ezsidmv.dat 2009-02-18 11:25 . 2009-02-18 11:25 <DIR> dr------- c:\\program files\\Skype 2009-02-18 11:25 . 2009-02-18 11:25 <DIR> d-------- c:\\program files\\Common Files\\Skype 2009-02-18 11:25 . 2009-02-20 23:26 <DIR> d-------- c:\\documents and settings\\ToMaS\\Dane aplikacji\\Skype 2009-02-18 11:25 . 2009-02-18 11:25 <DIR> d-------- c:\\documents and settings\\All Users\\Dane aplikacji\\Skype 2009-02-16 22:22 . 2009-02-16 22:22 <DIR> d-------- c:\\documents and settings\\ToMaS\\Dane aplikacji\\Media Player Classic 2009-02-16 22:21 . 2009-02-16 22:22 <DIR> d-------- c:\\program files\\K-Lite Codec Pack 2009-02-16 22:21 . 2008-11-06 17:37 3,596,288 --a------ c:\\windows\\system32\\qt-dx331.dll 2009-02-16 22:21 . 2008-09-24 19:41 839,680 --a------ c:\\windows\\system32\\lameACM.acm 2009-02-16 22:21 . 2008-12-07 19:08 795,648 --a------ c:\\windows\\system32\\xvidcore.dll 2009-02-16 22:21 . 2004-01-25 17:18 217,088 --a------ c:\\windows\\system32\\yv12vfw.dll 2009-02-16 22:21 . 2008-09-16 20:23 168,448 --a------ c:\\windows\\system32\\unrar.dll 2009-02-16 22:21 . 2008-12-07 19:08 130,048 --a------ c:\\windows\\system32\\xvidvfw.dll 2009-02-16 22:21 . 2007-09-21 01:52 118,784 --a------ c:\\windows\\system32\\ac3acm.acm 2009-02-16 22:21 . 2008-12-11 01:33 86,016 --a------ c:\\windows\\system32\\dpl100.dll 2009-02-16 22:21 . 2009-02-09 19:56 67,584 --a------ c:\\windows\\system32\\ff_vfw.dll 2009-02-16 22:21 . 2007-07-10 17:10 547 --a------ c:\\windows\\system32\\ff_vfw.dll.manifest 2009-02-16 22:21 . 2008-10-03 13:30 414 --a------ c:\\windows\\system32\\lame_acm.xml 2009-02-15 21:49 . 2009-02-15 21:49 35,440 --a------ c:\\windows\\system32\\sschk.trb 2009-02-15 21:19 . 2009-02-15 22:33 <DIR> d-------- c:\\windows\\system32\\CatRoot_bak 2009-02-15 18:06 . 2009-02-15 18:06 <DIR> d-------- C:\\Ajt Soft 2009-02-14 01:21 . 2009-02-14 01:21 <DIR> d-------- C:\\gomora 2009-02-14 00:38 . 2009-02-16 22:21 <DIR> d-------- c:\\windows\\system32\\quicktime 2009-02-14 00:38 . 2009-02-14 00:38 <DIR> d-------- c:\\program files\\DivX 2009-02-14 00:28 . 2009-02-14 00:29 <DIR> d-------- C:\\totalcmd 2009-02-14 00:28 . 2009-02-14 08:02 1,118 --a------ c:\\windows\\wincmd.ini 2009-02-14 00:28 . 2008-07-29 07:04 545 --a------ c:\\windows\\UC.PIF 2009-02-14 00:28 . 2008-07-29 07:04 545 --a------ c:\\windows\\RAR.PIF 2009-02-14 00:28 . 2008-07-29 07:04 545 --a------ c:\\windows\\PKZIP.PIF 2009-02-14 00:28 . 2008-07-29 07:04 545 --a------ c:\\windows\\PKUNZIP.PIF 2009-02-14 00:28 . 2008-07-29 07:04 545 --a------ c:\\windows\\NOCLOSE.PIF 2009-02-14 00:28 . 2008-07-29 07:04 545 --a------ c:\\windows\\LHA.PIF 2009-02-14 00:28 . 2008-07-29 07:04 545 --a------ c:\\windows\\ARJ.PIF 2009-02-14 00:23 . 2009-02-14 00:24 <DIR> d-------- c:\\program files\\SubEdit-Player 2009-02-14 00:10 . 2009-02-14 00:21 <DIR> d-------- c:\\program files\\Winamp 2009-02-14 00:10 . 2009-02-14 00:21 <DIR> d-------- c:\\documents and settings\\ToMaS\\Dane aplikacji\\Winamp 2009-02-14 00:10 . 2007-03-08 00:51 129,784 --------- c:\\windows\\system32\\pxafs.dll 2009-02-13 23:06 . 2009-02-18 14:46 <DIR> d-------- C:\\Downloads 2009-02-13 23:05 . 2009-02-21 09:39 <DIR> d-------- c:\\program files\\BitComet 2009-02-13 14:36 . 2009-02-13 14:36 <DIR> d-------- c:\\program files\\Gadu-Gadu 2009-02-13 14:36 . 2009-02-13 14:36 <DIR> d-------- c:\\documents and settings\\ToMaS\\Gadu-Gadu 2009-02-13 08:27 . 2009-02-13 08:27 <DIR> d-------- c:\\program files\\Symantec 2009-02-13 08:27 . 2006-10-09 18:47 110,256 --a------ c:\\windows\\system32\\drivers\\SYMEVENT.SYS 2009-02-13 08:27 . 2006-10-09 18:47 48,816 --a------ c:\\windows\\system32\\S32EVNT1.DLL 2009-02-13 08:26 . 2009-02-13 08:27 <DIR> d-------- c:\\program files\\Symantec AntiVirus 2009-02-13 08:26 . 2009-02-13 08:28 <DIR> d-------- c:\\program files\\Common Files\\Symantec Shared 2009-02-13 08:26 . 2009-02-13 08:28 <DIR> d-------- c:\\documents and settings\\All Users\\Dane aplikacji\\Symantec 2009-02-13 02:06 . 2009-02-13 02:06 <DIR> d-------- c:\\documents and settings\\ToMaS\\Bluetooth Software 2009-02-13 02:03 . 2009-02-13 02:03 <DIR> d-------- c:\\program files\\WIDCOMM 2009-02-13 02:02 . 2009-02-13 02:02 <DIR> d-------- c:\\windows\\system32\\IOSUBSYS 2009-02-13 02:02 . 2008-07-31 23:17 9,200 --------- c:\\windows\\system32\\drivers\\cdralw2k.sys 2009-02-13 02:02 . 2008-07-31 23:17 9,072 --------- c:\\windows\\system32\\drivers\\cdr4_xp.sys 2009-02-13 02:01 . 2009-02-13 02:02 <DIR> d-------- c:\\program files\\Google 2009-02-13 01:37 . 2009-02-13 01:37 <DIR> d-------- c:\\program files\\ATI Technologies 2009-02-13 01:26 . 2009-02-13 01:26 <DIR> d-------- c:\\windows\\Options 2009-02-13 01:25 . 2004-08-03 23:15 82,944 --a------ c:\\windows\\system32\\drivers\\wdmaud.sys 2009-02-13 01:25 . 2004-08-03 23:15 82,944 --a--c--- c:\\windows\\system32\\dllcache\\wdmaud.sys 2009-02-13 01:25 . 2004-08-03 23:07 52,864 --a------ c:\\windows\\system32\\drivers\\DMusic.sys 2009-02-13 01:25 . 2004-08-03 23:07 52,864 --a--c--- c:\\windows\\system32\\dllcache\\dmusic.sys 2009-02-13 01:25 . 2004-08-03 23:07 6,400 --a------ c:\\windows\\system32\\drivers\\splitter.sys 2009-02-13 01:25 . 2004-08-03 23:07 6,400 --a--c--- c:\\windows\\system32\\dllcache\\splitter.sys 2009-02-13 01:24 . 2009-02-13 01:24 <DIR> d-------- c:\\program files\\Analog Devices 2009-02-13 01:23 . 2009-02-13 01:36 <DIR> d-------- c:\\program files\\Common Files\\InstallShield 2009-02-13 01:22 . 2009-02-13 01:22 <DIR> d-------- c:\\program files\\Texas Instruments Inc 2009-02-13 01:22 . 2009-02-13 01:37 <DIR> d--h----- c:\\program files\\InstallShield Installation Information 2009-02-13 01:22 . 2006-07-06 13:44 168,448 --a------ c:\\windows\\system32\\drivers\\tifm21.sys 2009-02-13 01:22 . 2006-04-06 15:49 88,192 --a------ c:\\windows\\system32\\drivers\\gtipci21.sys 2009-02-13 01:22 . 2004-03-23 11:45 28,672 --a------ c:\\windows\\cttib1.dll 2009-02-13 01:22 . 2005-01-14 17:28 17,120 --a------ c:\\windows\\system32\\drivers\\tiscfw.deb 2009-02-13 00:55 . 2009-02-13 00:57 <DIR> d-------- c:\\documents and settings\\ToMaS\\Dane aplikacji\\Nowe Gadu-Gadu 2009-02-13 00:55 . 2009-02-13 00:55 0 --a------ c:\\windows\\nsreg.dat . (((((((((((((((((((((((((((((((((((((((( Sekcja Find3M )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-02-15 21:02 --------- d-----w c:\\program files\\Trojan Remover 2009-02-15 20:47 --------- d-----w c:\\documents and settings\\All Users\\Dane aplikacji\\Trojan Remover 2009-02-15 20:46 1,734 ----a-w c:\\windows\\system32\\TRJ_NTAUTO.TMP 2009-02-12 18:58 --------- d-----w c:\\program files\\DIFX 2009-02-12 18:57 --------- d-----w c:\\program files\\Alwil Software 2009-02-12 18:29 --------- d-----w c:\\program files\\microsoft frontpage 2009-02-12 18:27 --------- d-----w c:\\program files\\Usługi online 2009-01-05 22:33 3,751,995 ----a-w c:\\windows\\system32\\GPhotos.scr . ((((((((((((((((((((((((((((( SnapShot@2009-02-15_22.04.57.48 ))))))))))))))))))))))))))))))))))))))))) . + 2008-10-04 19:16:46 1,887,080 ----a-w c:\\windows\\Downloaded Program Files\\FP_AX_CAB_INSTALLER.exe + 2009-02-18 10:25:31 364,726 ----a-r c:\\windows\\Installer\\{24D753CA-6AE9-4E30-8F5F-EFC93E08BF3D}\\SkypeIcon.exe - 2009-02-12 18:28:29 8,738 ----a-w c:\\windows\\pchealth\\helpctr\\Config\\Cntstore.bin + 2009-02-16 23:46:48 8,972 ----a-w c:\\windows\\pchealth\\helpctr\\Config\\Cntstore.bin - 2009-02-12 18:28:26 86,327 ----a-w c:\\windows\\pchealth\\helpctr\\OfflineCache\\index.dat + 2009-02-16 23:48:03 86,327 ----a-w c:\\windows\\pchealth\\helpctr\\OfflineCache\\index.dat - 2009-02-12 18:28:29 2,112 ----a-w c:\\windows\\pchealth\\helpctr\\PackageStore\\SkuStore.bin + 2009-02-16 23:48:03 2,426 ----a-w c:\\windows\\pchealth\\helpctr\\PackageStore\\SkuStore.bin - 2005-01-28 12:44:28 96,768 -c--a-w c:\\windows\\system32\\dllcache\\logagent.exe + 2008-06-10 04:52:04 96,768 -c--a-w c:\\windows\\system32\\dllcache\\logagent.exe + 2008-09-05 22:31:14 267,816 -c----w c:\\windows\\system32\\dllcache\\wgaLogon.dll + 2008-09-05 22:30:06 952,872 -c----w c:\\windows\\system32\\dllcache\\WgaTray.exe - 2005-01-28 12:44:28 224,768 -c--a-w c:\\windows\\system32\\dllcache\\wmasf.dll + 2007-10-20 05:01:32 227,328 -c--a-w c:\\windows\\system32\\dllcache\\wmasf.dll - 2005-01-28 12:44:28 1,027,072 -c--a-w c:\\windows\\system32\\dllcache\\wmnetmgr.dll + 2008-06-10 05:28:36 1,028,096 -c--a-w c:\\windows\\system32\\dllcache\\WMNetmgr.dll - 2005-01-28 12:44:28 2,370,296 -c--a-w c:\\windows\\system32\\dllcache\\wmvcore.dll + 2008-06-10 06:07:24 2,376,760 -c--a-w c:\\windows\\system32\\dllcache\\WMVCore.dll + 2004-10-26 10:46:58 44,035 ----a-w c:\\windows\\system32\\drivers\\btwhid.sys + 2004-08-03 22:10:18 17,024 ----a-w c:\\windows\\system32\\drivers\\CCDECODE.sys + 2004-08-03 21:58:40 5,504 ----a-w c:\\windows\\system32\\drivers\\MSTEE.sys + 2004-08-03 22:10:30 85,376 ----a-w c:\\windows\\system32\\drivers\\NABTSFEC.sys + 2004-08-03 22:10:14 10,880 ----a-w c:\\windows\\system32\\drivers\\NdisIP.sys + 2001-08-17 21:05:12 48,000 ----a-w c:\\windows\\system32\\drivers\\OVCam2.sys + 2001-08-17 21:05:16 28,032 ----a-w c:\\windows\\system32\\drivers\\OVCD.sys + 2001-08-17 21:05:12 351,616 ----a-w c:\\windows\\system32\\drivers\\OVCodek2.sys + 2004-08-03 22:10:18 11,136 ----a-w c:\\windows\\system32\\drivers\\SLIP.sys + 2004-08-03 22:10:14 15,360 ----a-w c:\\windows\\system32\\drivers\\StreamIP.sys + 2004-08-03 22:10:22 19,328 ----a-w c:\\windows\\system32\\drivers\\WSTCODEC.SYS + 2009-02-20 21:55:32 64,160 -c--a-w c:\\windows\\system32\\DRVSTORE\\lbd_923BE31CA656B1FA81A83E39136817ED80E62FB3\\Lbd.sys + 2008-09-05 22:30:06 1,480,232 ------w c:\\windows\\system32\\LegitCheckControl.dll - 2005-01-28 12:44:28 96,768 ----a-w c:\\windows\\system32\\logagent.exe + 2008-06-10 04:52:04 96,768 ----a-w c:\\windows\\system32\\logagent.exe + 2008-10-05 03:16:26 235,936 ----a-r c:\\windows\\system32\\Macromed\\Flash\\FlashUtil10a.exe + 2009-02-18 10:06:43 89,102 ----a-w c:\\windows\\system32\\Macromed\\Flash\\uninstall_activeX.exe + 2009-02-11 19:56:18 21,244,872 ----a-w c:\\windows\\system32\\MRT.exe + 2001-10-26 16:29:42 116,736 ----a-w c:\\windows\\system32\\OVCodec2.dll + 2001-10-26 16:29:42 20,480 ----a-w c:\\windows\\system32\\OVComC.dll + 2001-10-26 16:30:02 39,424 ----a-w c:\\windows\\system32\\OVComS.exe + 2001-10-26 16:29:42 44,544 ----a-w c:\\windows\\system32\\OVUI2.dll + 2001-10-26 16:28:44 42,496 ----a-w c:\\windows\\system32\\OVUI2RC.dll - 2009-02-15 20:49:55 40,326 ----a-w c:\\windows\\system32\\perfc009.dat + 2009-02-20 22:28:43 40,326 ----a-w c:\\windows\\system32\\perfc009.dat - 2009-02-15 20:49:55 49,910 ----a-w c:\\windows\\system32\\perfc015.dat + 2009-02-20 22:28:43 49,910 ----a-w c:\\windows\\system32\\perfc015.dat - 2009-02-15 20:49:55 311,938 ----a-w c:\\windows\\system32\\perfh009.dat + 2009-02-20 22:28:43 311,938 ----a-w c:\\windows\\system32\\perfh009.dat - 2009-02-15 20:49:55 356,068 ----a-w c:\\windows\\system32\\perfh015.dat + 2009-02-20 22:28:43 356,068 ----a-w c:\\windows\\system32\\perfh015.dat - 2007-11-30 11:21:28 19,320 ------w c:\\windows\\system32\\spmsg.dll + 2007-07-27 08:41:40 16,760 ------w c:\\windows\\system32\\spmsg.dll + 2004-08-03 23:44:14 54,784 ----a-w c:\\windows\\system32\\vfwwdm32.dll + 2008-09-05 22:31:14 267,816 ------w c:\\windows\\system32\\WgaLogon.dll + 2008-09-05 22:30:06 952,872 ------w c:\\windows\\system32\\WgaTray.exe - 2005-01-28 12:44:28 224,768 ----a-w c:\\windows\\system32\\wmasf.dll + 2007-10-20 05:01:32 227,328 ----a-w c:\\windows\\system32\\wmasf.dll - 2005-01-28 12:44:28 1,027,072 ----a-w c:\\windows\\system32\\wmnetmgr.dll + 2008-06-10 05:28:36 1,028,096 ----a-w c:\\windows\\system32\\WMNetmgr.dll - 2005-01-28 12:44:28 2,370,296 ----a-w c:\\windows\\system32\\wmvcore.dll + 2008-06-10 06:07:24 2,376,760 ----a-w c:\\windows\\system32\\wmvcore.dll + 2009-02-20 22:23:46 16,384 ----atw c:\\windows\\Temp\\Perflib_Perfdata_12c.dat + 2008-07-29 07:05:06 161,784 ----a-w c:\\windows\\WinSxS\\x86_Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_d01483b2\\atl90.dll + 2008-07-29 02:54:08 225,280 ----a-w c:\\windows\\WinSxS\\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\\msvcm90.dll + 2008-07-29 07:05:08 572,928 ----a-w c:\\windows\\WinSxS\\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\\msvcp90.dll + 2008-07-29 07:05:08 655,872 ----a-w c:\\windows\\WinSxS\\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\\msvcr90.dll + 2008-07-29 02:54:12 312,832 ----a-w c:\\windows\\WinSxS\\x86_Microsoft.VC90.DebugCRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_f863c71f\\msvcm90d.dll + 2008-07-29 07:05:08 875,520 ----a-w c:\\windows\\WinSxS\\x86_Microsoft.VC90.DebugCRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_f863c71f\\msvcp90d.dll + 2008-07-29 07:05:08 1,180,672 ----a-w c:\\windows\\WinSxS\\x86_Microsoft.VC90.DebugCRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_f863c71f\\msvcr90d.dll + 2008-07-29 07:05:12 5,937,144 ----a-w c:\\windows\\WinSxS\\x86_Microsoft.VC90.DebugMFC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_c94a3a24\\mfc90d.dll + 2008-07-29 07:05:12 5,982,720 ----a-w c:\\windows\\WinSxS\\x86_Microsoft.VC90.DebugMFC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_c94a3a24\\mfc90ud.dll + 2008-07-29 05:07:42 80,896 ----a-w c:\\windows\\WinSxS\\x86_Microsoft.VC90.DebugMFC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_c94a3a24\\mfcm90d.dll + 2008-07-29 05:07:42 80,896 ----a-w c:\\windows\\WinSxS\\x86_Microsoft.VC90.DebugMFC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_c94a3a24\\mfcm90ud.dll + 2008-07-29 07:05:08 3,768,312 ----a-w c:\\windows\\WinSxS\\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_405b0943\\mfc90.dll + 2008-07-29 07:05:10 3,783,672 ----a-w c:\\windows\\WinSxS\\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_405b0943\\mfc90u.dll + 2008-07-29 05:07:42 59,904 ----a-w c:\\windows\\WinSxS\\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_405b0943\\mfcm90.dll + 2008-07-29 05:07:42 59,904 ----a-w c:\\windows\\WinSxS\\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_405b0943\\mfcm90u.dll + 2008-07-29 07:05:06 38,912 ----a-w c:\\windows\\WinSxS\\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\\mfc90chs.dll + 2008-07-29 07:05:06 39,936 ----a-w c:\\windows\\WinSxS\\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\\mfc90cht.dll + 2008-07-29 07:05:08 66,560 ----a-w c:\\windows\\WinSxS\\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\\mfc90deu.dll + 2008-07-29 07:05:08 56,832 ----a-w c:\\windows\\WinSxS\\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\\mfc90enu.dll + 2008-07-29 07:05:06 65,024 ----a-w c:\\windows\\WinSxS\\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\\mfc90esn.dll + 2008-07-29 07:05:08 65,024 ----a-w c:\\windows\\WinSxS\\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\\mfc90esp.dll + 2008-07-29 07:05:06 66,048 ----a-w c:\\windows\\WinSxS\\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\\mfc90fra.dll + 2008-07-29 07:05:08 64,512 ----a-w c:\\windows\\WinSxS\\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\\mfc90ita.dll + 2008-07-29 07:05:08 46,592 ----a-w c:\\windows\\WinSxS\\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\\mfc90jpn.dll + 2008-07-29 07:05:08 46,080 ----a-w c:\\windows\\WinSxS\\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\\mfc90kor.dll + 2008-07-29 07:05:08 62,976 ----a-w c:\\windows\\WinSxS\\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\\mfc90rus.dll . -- Migawka wyzerowana -- . ((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane REGEDIT4 [HKEY_CURRENT_USER\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run] \"CTFMON.EXE\"=\"c:\\windows\\system32\\ctfmon.exe\" [2004-08-04 15360] \"BitComet\"=\"c:\\program files\\BitComet\\BitComet.exe\" [2009-01-20 2523960] \"Skype\"=\"c:\\program files\\Skype\\Phone\\Skype.exe\" [2009-02-04 23975720] [HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run] \"TrojanScanner\"=\"c:\\program files\\Trojan Remover\\Trjscan.exe\" [2009-02-15 1237896] \"avast!\"=\"c:\\progra~1\\ALWILS~1\\Avast4\\ashDisp.exe\" [2009-02-05 81000] \"SoundMAXPnP\"=\"c:\\program files\\Analog Devices\\SoundMAX\\SMax4PNP.exe\" [2004-10-14 1388544] \"ATIPTA\"=\"c:\\program files\\ATI Technologies\\ATI Control Panel\\atiptaxx.exe\" [2006-03-08 344064] \"ccApp\"=\"c:\\program files\\Common Files\\Symantec Shared\\ccApp.exe\" [2006-10-13 95848] \"vptray\"=\"c:\\progra~1\\SYMANT~1\\VPTray.exe\" [2006-10-14 134856] \"WinampAgent\"=\"c:\\program files\\Winamp\\winampa.exe\" [2008-08-04 36352] \"Ad-Watch\"=\"c:\\program files\\Lavasoft\\Ad-Aware\\AAWTray.exe\" [2009-02-20 509784] \"AGRSMMSG\"=\"AGRSMMSG.exe\" [2005-11-16 c:\\windows\\AGRSMMSG.exe] [HKEY_USERS\\.DEFAULT\\Software\\Microsoft\\Windows\\CurrentVersion\\Run] \"CTFMON.EXE\"=\"c:\\windows\\system32\\CTFMON.EXE\" [2004-08-04 15360] c:\\documents and settings\\All Users\\Menu Start\\Programy\\Autostart\\ BTTray.lnk - c:\\program files\\WIDCOMM\\Bluetooth Software\\BTTray.exe [2004-10-26 569405] [HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Control\\SafeBoot\\Minimal\\Lavasoft Ad-Aware Service] @=\"Service\" [HKEY_LOCAL_MACHINE\\software\\microsoft\\security center\\Monitoring\\SymantecAntiVirus] \"DisableMonitoring\"=dword:00000001 [HKLM\\~\\services\\sharedaccess\\parameters\\firewallpolicy\\standardprofile\\AuthorizedApplications\\List] \"%windir%\\\\system32\\\\sessmgr.exe\"= \"c:\\\\Program Files\\\\Symantec AntiVirus\\\\Rtvscan.exe\"= \"c:\\\\Program Files\\\\Common Files\\\\Symantec Shared\\\\ccApp.exe\"= \"c:\\\\Program Files\\\\Gadu-Gadu\\\\gg.exe\"= \"c:\\\\Program Files\\\\BitComet\\\\BitComet.exe\"= \"c:\\\\Program Files\\\\Skype\\\\Phone\\\\Skype.exe\"= [HKLM\\~\\services\\sharedaccess\\parameters\\firewallpolicy\\standardprofile\\GloballyOpenPorts\\List] \"7995:TCP\"= 7995:TCP:BitComet 7995 TCP \"7995:UDP\"= 7995:UDP:BitComet 7995 UDP R0 Lbd;Lbd;c:\\windows\\system32\\drivers\\Lbd.sys [2009-02-20 64160] R1 aswSP;avast! Self Protection;c:\\windows\\system32\\drivers\\aswSP.sys [2009-02-12 114768] R2 aswFsBlk;aswFsBlk;c:\\windows\\system32\\drivers\\aswFsBlk.sys [2009-02-12 20560] R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\\program files\\Lavasoft\\Ad-Aware\\AAWService.exe [2009-01-18 950096] R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\\program files\\Common Files\\Symantec Shared\\EENGINE\\EraserUtilRebootDrv.sys [2009-02-13 99376] R3 GTIPCI21;GTIPCI21;c:\\windows\\system32\\drivers\\gtipci21.sys [2009-02-13 88192] S3 SavRoam;SAVRoam;c:\\program files\\Symantec AntiVirus\\SavRoam.exe [2006-10-14 122056] [HKEY_CURRENT_USER\\software\\microsoft\\windows\\currentversion\\explorer\\mountpoints2\\{81547f07-fa1a-11dd-a2eb-0012f096fe46}] \\Shell\\AutoRun\\command - E:\\ur0.com \\Shell\\open\\Command - E:\\ur0.com [HKEY_CURRENT_USER\\software\\microsoft\\windows\\currentversion\\explorer\\mountpoints2\\{d3926846-f933-11dd-a2e5-c7b8b4b7a437}] \\Shell\\AutoRun\\command - F:\\ur0.com \\Shell\\open\\Command - F:\\ur0.com . Zawartość folderu \'Zaplanowane zadania\' 2009-02-20 c:\\windows\\Tasks\\Ad-Aware Update (Weekly).job - c:\\program files\\Lavasoft\\Ad-Aware\\Ad-AwareAdmin.exe [2009-02-20 22:55] . . ------- Skan uzupełniający ------- . uStart Page = hxxp://google.atcomet.com/b/ uDefault_Search_URL = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: Add to Google Photos Screensa&ver - c:\\windows\\system32\\GPhotos.scr/200 IE: Pobierz wszystkie VIdeo za pomocą BitComet - c:\\program files\\BitComet\\BitComet.exe/AddVideo.htm IE: Pobierz wszystko za pomocą BitComet - c:\\program files\\BitComet\\BitComet.exe/AddAllLink.htm IE: Pobierz za pomocą BitComet - c:\\program files\\BitComet\\BitComet.exe/AddLink.htm IE: Wyślij do interfejsu &Bluetooth - c:\\program files\\WIDCOMM\\Bluetooth Software\\btsendto_ie_ctx.htm FF - ProfilePath - c:\\documents and settings\\ToMaS\\Dane aplikacji\\Mozilla\\Firefox\\Profiles\\92ahmm44.default\\ FF - component: c:\\documents and settings\\ToMaS\\Dane aplikacji\\Mozilla\\Firefox\\Profiles\\92ahmm44.default\\extensions\\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}\\components\\IBitCometExtension.dll FF - component: c:\\program files\\Mozilla Firefox\\extensions\\{B13721C7-F507-4982-B2E5-502A71474FED}\\components\\NPComponent.dll FF - plugin: c:\\program files\\Google\\Picasa3\\npPicasa3.dll . ************************************************************************** catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-02-21 09:43:35 Windows 5.1.2600 Dodatek Service Pack 2 NTFS skanowanie ukrytych procesów ... skanowanie ukrytych wpisów autostartu ... skanowanie ukrytych plików ... skanowanie pomyślnie ukończone ukryte pliki: 0 ************************************************************************** . --------------------- Pliki DLL ładowane pod uruchomionymi procesami --------------------- - - - - - - - > \'winlogon.exe\'(828) c:\\windows\\system32\\Ati2evxx.dll . Czas ukończenia: 2009-02-21 9:44:32 ComboFix-quarantined-files.txt 2009-02-21 08:44:30 ComboFix2.txt 2009-02-15 21:05:27 Przed: 286 068 736 bajtów wolnych Po: 435,175,424 bajtów wolnych 287 --- E O F --- 2009-02-21 08:22:16

Nowy Komentarz:

Komentarze: