Proszę o sprawdzenie loga

	Strona Główna -> Forum elektroda -> Kosz -> Kosz Archiwum -> Proszę o sprawdzenie loga

Autor

Wiadomość

Erca77
Poziom 3

Dołączył: 17 Cze 2009
Posty: 5

10 Lip 2009 04:16

Proszę o sprawdzenie loga

ComboFix 09-07-09.06 - Print'z 2009-07-10 5:07.1.2 - FAT32x86
Microsoft Windows XP Home Edition 5.1.2600.2.1250.48.1045.18.1023.622 [GMT 2:00]
Uruchomiony z: J:\ComboFix.exe
AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}

UWAGA - TEN KOMPUTER NIE MA ZAINSTALOWANEJ KONSOLI ODZYSKIWANIA !!
.

((((((((((((((((((((((((((((((((((((((( Usunięto )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\Print'z\Dane aplikacji\BITS
c:\documents and settings\Print'z\Dane aplikacji\BITS\BITS.ini
c:\documents and settings\Print'z\Dane aplikacji\BITS\DHTTable.dat
c:\documents and settings\Print'z\Dane aplikacji\BITS\ProxyList.ini
c:\documents and settings\Print'z\Dane aplikacji\inst.exe
c:\windows\desktop
c:\windows\Installer\a3f6e.msi
c:\windows\system32\mfc45.dll
c:\windows\system32\netjr32.dll

.
((((((((((((((((((((((((( Pliki utworzone od 2009-06-10 do 2009-07-10 )))))))))))))))))))))))))))))))
.

2009-07-09 06:26 . 2009-07-09 06:26 -------- d-----w- c:\documents and settings\Print'z\.idlerc
2009-07-09 06:23 . 2009-07-09 06:23 -------- d-----w- c:\documents and settings\Print'z\Dane aplikacji\CrystalSpace
2009-07-09 06:11 . 2009-07-09 06:11 -------- d-----w- c:\program files\Common Files\CrystalSpace
2009-07-06 21:10 . 2004-06-14 12:56 427864 ----a-w- c:\windows\system32\XceedZip.dll
2009-07-03 11:49 . 2009-07-03 11:49 -------- d-sh--w- C:\FOUND.003
2009-06-29 07:42 . 2009-06-14 14:07 1004800 ----a-w- c:\documents and settings\All Users\Dane aplikacji\AVG Security Toolbar\IEToolbar.dll
2009-06-29 07:33 . 2009-06-29 07:33 -------- d-----w- c:\documents and settings\LocalService\Ustawienia lokalne\Dane aplikacji\Google
2009-06-29 07:32 . 2009-06-29 07:32 -------- d-----w- c:\documents and settings\Print'z\Ustawienia lokalne\Dane aplikacji\Google
2009-06-29 07:29 . 2009-06-29 07:29 -------- d-----w- c:\program files\Google
2009-06-27 06:45 . 2009-06-26 07:16 2052888 ----a-w- c:\documents and settings\All Users\Dane aplikacji\avg8\update\backup\avgcorex.dll
2009-06-26 07:19 . 2009-06-26 07:19 -------- d-----w- c:\documents and settings\Print'z\Ustawienia lokalne\Dane aplikacji\AVG Security Toolbar
2009-06-26 07:16 . 2009-06-26 07:16 11952 ----a-w- c:\windows\system32\avgrsstx.dll
2009-06-26 07:16 . 2009-06-26 07:16 108552 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2009-06-26 07:16 . 2009-06-26 07:16 327688 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2009-06-26 07:16 . 2009-06-26 07:16 27784 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2009-06-26 07:16 . 2009-06-26 07:16 -------- d-----w- c:\windows\system32\drivers\Avg
2009-06-26 07:16 . 2009-06-26 07:16 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\AVG Security Toolbar
2009-06-26 07:16 . 2009-06-26 07:16 -------- d-----w- c:\program files\AVG
2009-06-26 07:16 . 2009-06-26 07:16 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\avg8
2009-06-26 06:25 . 2009-06-26 06:25 -------- d-----w- c:\documents and settings\Print'z\Dane aplikacji\GRETECH
2009-06-25 04:09 . 2009-06-25 04:09 -------- d-----w- c:\documents and settings\Print'z\Dane aplikacji\Thinstall
2009-06-23 10:00 . 2009-06-23 10:00 -------- d-----w- c:\documents and settings\Print'z\DoctorWeb
2009-06-15 19:20 . 2009-06-15 19:20 -------- d-----w- c:\documents and settings\Print'z\Ustawienia lokalne\Dane aplikacji\Xenocode
2009-06-15 19:14 . 2009-06-15 19:14 -------- d-----w- c:\windows\Encyklopedia Podboju Kosmosu 2009
2009-06-15 13:01 . 2009-06-15 13:01 1258776 ----a-w- c:\documents and settings\All Users\Dane aplikacji\Rapidsolution\Radiotracker5\CommonDlls\RadioRip.dll
2009-06-15 13:01 . 2009-06-15 13:01 278528 ----a-w- c:\documents and settings\All Users\Dane aplikacji\Rapidsolution\Radiotracker5\CommonDlls\WebRip.dll
2009-06-15 13:00 . 2009-06-15 13:01 427288 ----a-w- c:\documents and settings\All Users\Dane aplikacji\Rapidsolution\Radiotracker5\general\yahoomusic.dll
2009-06-15 13:00 . 2009-06-15 13:00 427288 ----a-w- c:\documents and settings\All Users\Dane aplikacji\Rapidsolution\Radiotracker5\general\aol.dll
2009-06-15 13:00 . 2009-06-15 13:00 419096 ----a-w- c:\documents and settings\All Users\Dane aplikacji\Rapidsolution\Radiotracker5\general\allmusic.dll
2009-06-15 13:00 . 2009-06-15 13:00 427288 ----a-w- c:\documents and settings\All Users\Dane aplikacji\Rapidsolution\Radiotracker5\general\musicline.dll
2009-06-15 12:59 . 2009-06-15 13:00 427288 ----a-w- c:\documents and settings\All Users\Dane aplikacji\Rapidsolution\Radiotracker5\general\sonybmg.dll
2009-06-15 12:59 . 2009-06-15 12:59 480536 ----a-w- c:\documents and settings\All Users\Dane aplikacji\Rapidsolution\Radiotracker5\general\amazon.dll
2009-06-15 12:57 . 2009-06-15 12:57 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\Rapidsolution

.
(((((((((((((((((((((((((((((((((((((((( Sekcja Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-07-08 09:52 . 2007-11-14 17:20 378200 ----a-w- c:\documents and settings\Print'z\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT
2009-06-25 18:25 . 2003-04-16 10:00 76208 ----a-w- c:\windows\system32\perfc015.dat
2009-06-25 18:25 . 2003-04-16 10:00 454178 ----a-w- c:\windows\system32\perfh015.dat
2009-06-04 21:54 . 2009-06-04 21:54 -------- d-----w- c:\documents and settings\Print'z\Dane aplikacji\Ashampoo
2009-06-01 06:39 . 2009-06-01 06:39 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\nView_Profiles
2009-05-31 17:34 . 2009-05-31 17:34 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\AlawarWrapper
2009-04-15 20:03 . 2009-04-17 07:07 585728 ------w- c:\windows\system32\AReadyLB.dll
2009-04-15 20:03 . 2009-04-17 07:07 229376 ------w- c:\windows\system32\AudDevicePlugin.dll
2009-04-12 18:18 . 2008-08-16 17:26 444952 ----a-w- c:\windows\system32\wrap_oal.dll
2009-04-12 18:18 . 2008-08-16 17:26 109080 ----a-w- c:\windows\system32\OpenAL32.dll
2009-04-11 03:26 . 2009-03-07 08:12 94208 ----a-w- c:\documents and settings\Print'z\Dane aplikacji\ezplay.sys
2009-04-11 03:26 . 2009-03-07 08:12 94208 ----a-w- c:\documents and settings\Print'z\Dane aplikacji\ezplay.sys
2009-04-11 03:26 . 2008-12-16 20:09 47360 ----a-w- c:\documents and settings\Print'z\Dane aplikacji\pcouffin.sys
2009-04-11 03:26 . 2008-12-16 20:09 47360 ----a-w- c:\documents and settings\Print'z\Dane aplikacji\pcouffin.sys
2008-12-18 03:24 . 2008-12-18 03:24 23 --sha-w- c:\windows\system32\eaeffb_d.dll
2008-12-13 10:25 . 2008-12-13 10:25 606208 --sha-w- c:\windows\system32\drivers\fidbox.dat
.

((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]
2009-06-14 14:07 1004800 ----a-w- c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-06-26 1948440]
"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-04-17 196608]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-07-23 8466432]

c:\documents and settings\All Users\Menu Start\Programy\Autostart\
Privoxy.lnk - d:\program files\Vidalia Bundle\Privoxy\privoxy.exe [2006-11-20 250368]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveTrack"= 1 (0x1)
"NoFileAssociate"= 0 (0x0)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"EditLevel"= 0 (0x0)
"NoCommonGroups"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2009-06-26 07:16 11952 ----a-w- c:\windows\system32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\system32\wbsys.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"H/PC Connection Agent"="d:\program files\ActiveSync\wcescomm.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"NvCplDaemon"=RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
"nwiz"=nwiz.exe /install

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"d:\program files\ActiveSync\wcescomm.exe"= d:\program files\ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"d:\program files\ActiveSync\WCESMgr.exe"= d:\program files\ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"d:\program files\ActiveSync\rapimgr.exe"= d:\program files\ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Disabled:ActiveSync RAPI Manager
"c:\\windows\\System32\\PnkBstrA.exe"=
"c:\\windows\\System32\\PnkBstrB.exe"=
"e:\\Two Worlds\\TwoWorlds_RADEON.exe"=
"e:\\Two Worlds\\TwoWorlds.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgemc.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgnsx.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Disabled:ActiveSync Service

R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2009-06-26 327688]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-06-26 108552]
R2 acedrv11;acedrv11;c:\windows\system32\drivers\acedrv11.sys [2008-07-30 277736]
R2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [2009-06-26 906520]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [2009-06-26 298776]
R2 CrypticDisk;CrypticDisk;c:\windows\system32\drivers\CrypticDisk.sys [2009-03-10 66688]
R3 uscbs109;uscbs109;c:\windows\system32\drivers\uscbs109.sys [2005-03-22 8672]
R3 uscsc109;uscsc109;c:\windows\system32\drivers\uscsc109.sys [2005-03-22 102336]
S0 sfdrv01a;StarForce Protection Environment Driver (version 1.x.a);c:\windows\system32\drivers\sfdrv01a.sys --> c:\windows\system32\drivers\sfdrv01a.sys [?]
S1 SuperMounter;SuperMounter; [x]
S2 gupdate1c9f88be2206a0c;Usługa Google Update (gupdate1c9f88be2206a0c);c:\program files\Google\Update\GoogleUpdate.exe [2009-06-29 133104]
S3 ASPI;Advanced SCSI Programming Interface Driver;c:\windows\system32\drivers\ASPI32.SYS [2009-01-11 16512]
S3 SER120;OTI Serial port driver;c:\windows\system32\drivers\ser120.sys [2008-10-11 32910]
S3 SynasUSB;SynasUSB;c:\windows\system32\drivers\synasUSB.sys [2008-09-28 16896]
.
Zawartość folderu 'Zaplanowane zadania'

2009-04-03 c:\windows\Tasks\Wise Registry Cleaner 4.job
- d:\program files\Wise Registry Cleaner\WiseRegistryCleaner.exe [2009-04-03 14:20]

2009-07-01 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-06-29 07:32]
.
- - - - USUNIĘTO PUSTE WPISY - - - -

Notify-WB - (no file)
SafeBoot-safensec

.
------- Skan uzupełniający -------
.
uInternet Settings,ProxyServer = 127.0.0.1:4001
FF - ProfilePath - c:\documents and settings\Print'z\Dane aplikacji\Mozilla\Firefox\Profiles\tm5l2k0r.default\
FF - component: c:\documents and settings\Print'z\Dane aplikacji\Mozilla\Firefox\Profiles\tm5l2k0r.default\extensions\piclens(małpa)cooliris.com\components\coolirisstub.dll
FF - component: c:\program files\AVG\AVG8\Firefox\components\avgssff.dll
FF - component: c:\program files\AVG\AVG8\Toolbar\Firefox\avg(małpa)igeared\components\IGeared_tavgp_xputils2.dll
FF - component: c:\program files\AVG\AVG8\Toolbar\Firefox\avg(małpa)igeared\components\IGeared_tavgp_xputils3.dll
FF - component: c:\program files\AVG\AVG8\Toolbar\Firefox\avg(małpa)igeared\components\IGeared_tavgp_xputils35.dll
FF - component: c:\program files\AVG\AVG8\Toolbar\Firefox\avg(małpa)igeared\components\xpavgtbapi.dll
FF - plugin: c:\program files\Google\Google Earth Plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Update\1.2.183.7\npGoogleOneClick8.dll
.
.
------- Skojarzenia plików -------
.
JSEFile=NOTEPAD.EXE %1
VBEFile=NOTEPAD.EXE %1
VBSFile=NOTEPAD.EXE %1
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-07-10 05:10
Windows 5.1.2600 Dodatek Service Pack 2 FAT NTAPI

skanowanie ukrytych procesów ...

skanowanie ukrytych wpisów autostartu ...

skanowanie ukrytych plików ...

skanowanie pomyślnie ukończone
ukryte pliki: 0

**************************************************************************
.
--------------------- ZABLOKOWANE KLUCZE REJESTRU ---------------------

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*]
"OOCC06.00.00.01WSSV"="6A1CC884BEED16D1436BF5A189746017426047ADC5FEEB48B9B4DF3CC001B74E4B12AB56FEA5B502476167DD8163FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA6A0AC4980AC79335D575E7D6A3B9808A6A0AC4980AC7933A6171C11EC38DE3D4D86B67BA0BD57BE1F67F75E3AA684C9557FB4E5DD187D5149D71BC83EF22CF8ED77E9D3E0F3F540B5C0D536A497889BBB64C6EE9C17F624C8DACE36B3E9264CA3778A02AA5D09AB2F843F9D5BBAABDD5DEFD044570093666E0F845ACA22663081671B2BB7E7EA9476912F3EFE4FD67A1BA5EBB83401E6FBAE371352CEDA4BA132EA4D521B85E9B0890FD5A503166581E64AE6052D4E79EC915C039E5E5AAC42F2EB89603528C859FAE598C7B1D5A426C8E843C2109E48E332C796236C6453D694146B25404B3B8CEF420F7AA757583D5ACEB5717DAAC1B34309BC2ABE47FA48FC554150C669EC6CA3948777D568B7C24E8F28766C324BCD86731E5DF052D4A2A3E2907728837B3EE41580DD01D9ED57E480B817A6793C4AD51E144FF159869897350F941A9FF86C95B92FAFC08299BA76BB3800C9C360E51D64AD728433A8FCF909A884A245EB06ABC17C53823C4DD66E9F2C3F475F777FDB662E213FBBC84A7FDD7D091E014D3A32AD059309E391B34C4DCEC9E498371DA8050A160CD2E69BF1F6E047BC648CE0C5C1981EE45BDF03A1AC0D763D42C5E3A869EE73AB5CF934ADDDD94902820A741A083D060309281619668800BCB340229A7D38BC2F3FE77726DEA47B45F51D90F44EA8C29E55CDE26AE91707A6C736C54DF07A5AFD6891EDDD09B02F32598F7931244AACC7ADA607E6E8C10E8FDB2C6426B7FA9852C5C4C56FB1219B494F9E14BB60C1836305FD3F71D8C57C615499341C87B5283C4C48CF87704D57DDFAFCE8191A62E7AB51136F80F4159E5B16EA133D5B589C1DF25400692142E29807D0285DB036E22C8A991E213AD5A20D8DFE7F2873C46FAC3617EFE7E3BD9CF31D3423B3C3F95C45AFB77670EBE09C5DA7AC1E1253917C7595B0DB6D1DB3CC40EFB4CEDA391C252D4189C6230FC4058658B83642C00B045614B526F6754C1B21345446A43A43EDEBC51C8280EEC0B4159661B396C72EAB82B92FD19658E2158EA20946F6B3C6CDDDC77441E3994CECEC5B5527FD37ADF9FE919B88717606ACD475BDB14CD534BE34D2893C3B60115141A63AC3FCA2705CA72CEA983F43FAB513F0CF8D3398CB1F73F8C4D28A59EA679D7AA561ACE111242D9C02EF4EF7B6EBBC5791044E31013275528689E95FEC1D5FDDA67CB80EDC838EFABAA5800F67EC1B71C8E3D3A07D1DE5F4A0050411DC3F38DABAB4E108D894A56361F24A4AEB37C70E2F9E8DA59CEAC581DB92984F32832D01574FFA7139D31BF3B6B3B52E"

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\b6dae321-8580-f5f9-8072-b648963e227]
@Denied: (Full) (AuthenticatedUsers)
@Denied: (Full) (Administrators)
"1vkf4psbfhjlg"=hex:65,39,63,33,34,33,35,36,2d,36,66,61,35,2d,34,30,38,31,2d,
39,34,38,61,2d,62,30,32,65,64,32,33,39,63,65,66,64
"1a635x6qfzgi5"=hex:65,00,00,00,f8,00,00,00,a9,1a,30,b4,50,72,69,6e,74,7a,50,
6f,6c,61,6e,64,37,37,00,00,56,43,c3,e9,a5,6f,81,40,94,8a,b0,2e,d2,39,ce,fd,\

[HKEY_LOCAL_MACHINE\software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:e2,6a,01,4a,6e,90,71,7f,0a,32,d6,af,9a,e4,00,15,57,1d,c8,15,e8,2f,4d,
3c,a5,57,38,3e,7c,c7,af,d5,68,f0,8a,60,81,c8,68,59,09,1b,55,c8,9b,3c,1c,7d,\
"??"=hex:d0,52,1f,ad,51,e7,50,88,bc,fb,5b,d3,d2,16,36,03
.
Czas ukończenia: 2009-07-10 5:11
ComboFix-quarantined-files.txt 2009-07-10 03:11

Przed: 5 642 084 352 bajtów wolnych
Po: 5 665 095 680 bajtów wolnych

192

Moderowano przez Mery84:

Kosz. Logi zawsze dodajemy w załącznikach!

Powrót do góry

Google
AdSense
Google Adsense

10 Lip 2009 04:16

Powrót do góry

Strona Główna -> Forum elektroda -> Kosz -> Kosz Archiwum -> Proszę o sprawdzenie loga

Strona 1 z 1

[ Page generation time: 0.12 seconds ]

Regulamin || Administrator || Moderatorzy || Nasze bannery || Kontakt