Wykryto wyłączony javascript
Aktualnie masz wyłączony javascript. Kilka funkcji może nie działać. Włącz ponownie javascript, aby korzystać z pełnej funkcjonalności.
Logi - Ciągłe alerty antyvirusa

Rozpoczęty przez PcTowiec , 24 04 2010 11:20
Temat jest zamknięty
1 odpowiedź w tym temacie
#1 PcTowiec

Nowy
2 postów
Napisano 24 04 2010 - 11:20
Witam. Mój problem polega na tym, ze odrazu po zainstalowaniu systemu i programu antywirusowego, antywirus wykrywa mi wirusy. Przeskanowałem system programem ComboFix i otrzymałem następujący LOG. Proszę o sprawdzenie loga i wyjaśnienie w czym tkwi problem. Zaznaczam, że jestem początkujący. :]
ComboFix 10-04-21.01 - Suchy 2010-04-25  11:05:48.1.1 - x86

Microsoft Windows XP Professional  5.1.2600.2.1250.48.1045.18.1014.571 [GMT 2:00]

Uruchomiony z: c:\documents and settings\Suchy\Moje dokumenty\Pobieranie\ComboFix.exe

AV: avast! antivirus 4.7.1029 [VPS 100423-1] *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}

.



(((((((((((((((((((((((((((((((((((((((   Usunięto   )))))))))))))))))))))))))))))))))))))))))))))))))

.



c:\windows\system32\AutoRun.inf



.

(((((((((((((((((((((((((   Pliki utworzone od 2010-03-25 do 2010-04-25  )))))))))))))))))))))))))))))))

.



2010-04-25 08:16 . 2010-04-25 08:46	--------	d-----w-	c:\windows\system32\CatRoot_bak

2010-04-25 07:55 . 2009-05-29 20:31	881664	----a-w-	c:\windows\system32\xvidcore.dll

2010-04-25 07:55 . 2008-07-02 17:44	258048	----a-w-	c:\windows\system32\libFLAC.dll

2010-04-25 07:55 . 2010-04-25 07:56	--------	d-----w-	c:\program files\NAPI-PROJEKT

2010-04-25 07:55 . 2010-04-25 07:56	--------	d-----w-	c:\program files\ALLPlayer

2010-04-25 07:35 . 2010-04-25 07:35	42168	----a-w-	c:\documents and settings\Suchy\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT

2010-04-25 07:35 . 2010-04-25 07:50	--------	d-----w-	c:\documents and settings\Suchy\Ustawienia lokalne\Dane aplikacji\gctmp

2010-04-25 07:35 . 2010-04-25 07:35	--------	d-----w-	c:\documents and settings\Suchy\Ustawienia lokalne\Dane aplikacji\Xenocode

2010-04-25 07:31 . 2010-04-25 08:02	--------	d-----w-	c:\program files\Game Cam V2

2010-04-22 03:24 . 2010-04-22 03:24	--------	d-----w-	c:\documents and settings\Suchy\Ustawienia lokalne\Dane aplikacji\Identities

2010-04-21 16:34 . 2010-04-21 16:34	--------	d-----w-	c:\documents and settings\All Users\Dane aplikacji\WEBREG

2010-04-21 16:29 . 2010-04-21 16:29	--------	d-----w-	c:\documents and settings\All Users\Dane aplikacji\Hewlett-Packard

2010-04-21 16:28 . 2007-03-28 12:01	117760	----a-w-	c:\windows\system32\hpzll5ha.dll

2010-04-21 16:28 . 2007-03-28 11:57	274944	----a-w-	c:\windows\system32\Spool\prtprocs\w32x86\hpzpp5ha.dll

2010-04-21 16:28 . 2006-09-13 16:19	15104	----a-w-	c:\windows\system32\drivers\usbscan.sys

2010-04-20 14:55 . 2010-04-20 14:55	--------	d-----w-	c:\documents and settings\All Users\Dane aplikacji\HPSSUPPLY

2010-04-20 14:53 . 2010-04-20 14:53	--------	d-----w-	c:\documents and settings\All Users\Dane aplikacji\HP Product Assistant

2010-04-20 14:53 . 2010-04-20 14:54	--------	d-----w-	c:\documents and settings\All Users\Dane aplikacji\HP

2010-04-20 14:53 . 2010-04-20 14:53	--------	d-----w-	c:\program files\Common Files\HP

2010-04-20 14:53 . 2010-04-20 14:53	--------	d-----w-	c:\program files\Hewlett-Packard

2010-04-20 14:53 . 2010-04-20 14:53	--------	d-----w-	c:\program files\Common Files\Hewlett-Packard

2010-04-20 14:48 . 2010-04-21 16:34	141057	----a-w-	c:\windows\hpoins14.dat

2010-04-20 14:48 . 2007-09-20 15:56	2000	------w-	c:\windows\hpomdl14.dat

2010-04-20 03:51 . 2010-04-20 03:51	--------	d-----w-	c:\windows\system32\Lang



.

((((((((((((((((((((((((((((((((((((((((   Sekcja Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2010-04-25 07:31 . 2001-10-26 17:15	74648	----a-w-	c:\windows\system32\perfc015.dat

2010-04-25 07:31 . 2001-10-26 17:15	448586	----a-w-	c:\windows\system32\perfh015.dat

2010-04-24 19:52 . 2010-04-19 18:09	86327	----a-w-	c:\windows\pchealth\helpctr\OfflineCache\index.dat

2010-04-22 16:05 . 2010-04-19 19:00	--------	d-----w-	c:\documents and settings\Suchy\Dane aplikacji\Nowe Gadu-Gadu

2010-04-20 14:55 . 2010-04-20 14:52	--------	d-----w-	c:\program files\HP

2010-04-19 19:00 . 2010-04-19 19:00	--------	d-----w-	c:\program files\Nowe Gadu-Gadu

2010-04-19 18:54 . 2010-04-19 18:54	--------	d-----w-	c:\program files\Alwil Software

2010-04-19 18:49 . 2010-04-19 18:49	0	----a-w-	c:\windows\nsreg.dat

2010-04-19 18:41 . 2010-04-19 18:41	--------	d-----w-	c:\program files\Microsoft.NET

2010-04-19 18:36 . 2010-04-19 18:32	--------	d-----w-	c:\program files\Launch Manager

2010-04-19 18:35 . 2010-04-19 18:35	--------	d-----w-	c:\windows\system32\config\systemprofile\Dane aplikacji\Intel

2010-04-19 18:34 . 2010-04-19 18:32	--------	d--h--w-	c:\program files\InstallShield Installation Information

2010-04-19 18:33 . 2010-04-19 18:31	--------	d-----w-	c:\program files\Common Files\InstallShield

2010-04-19 18:32 . 2010-04-19 18:32	--------	d-----w-	c:\program files\Synaptics

2010-04-19 18:30 . 2010-04-19 18:30	--------	d-----w-	c:\documents and settings\Suchy\Dane aplikacji\Intel

2010-04-19 18:30 . 2010-04-19 18:30	21275	----a-w-	c:\windows\system32\drivers\AegisP.sys

2010-04-19 18:28 . 2010-04-19 18:28	--------	d-----w-	c:\documents and settings\All Users\Dane aplikacji\Intel

2010-04-19 18:27 . 2010-04-19 18:27	--------	d-----w-	c:\program files\Intel

2010-04-19 18:08 . 2010-04-19 18:08	--------	d-----w-	c:\program files\Usługi online

2010-04-19 18:06 . 2010-04-19 18:06	21856	----a-w-	c:\windows\system32\emptyregdb.dat

.



------- Sigcheck -------



[-] 2004-08-03 . CDFE4411A69C224BD1D11B2DA92DAC51 . 95360 . . [5.1.2600.2180] . . c:\windows\system32\ReinstallBackups\0007\DriverFiles\i386\atapi.sys

[-] 2004-08-03 . CDFE4411A69C224BD1D11B2DA92DAC51 . 95360 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\ed6d6d62d5e16751de83264797e1efd6\backup\atapi.sys

[-] 2004-08-03 . CDFE4411A69C224BD1D11B2DA92DAC51 . 95360 . . [5.1.2600.2180] . . c:\windows\system32\drivers\atapi.sys



[-] 2004-08-03 . 02000ABF34AF4C218C35D257024807D6 . 14336 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\ed6d6d62d5e16751de83264797e1efd6\backup\asyncmac.sys

[-] 2004-08-03 . 02000ABF34AF4C218C35D257024807D6 . 14336 . . [5.1.2600.2180] . . c:\windows\system32\drivers\asyncmac.sys



[-] 2001-08-17 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . c:\windows\system32\drivers\beep.sys



[-] 2004-08-03 . CC13DB862F929AE33F64C3BEDC01CD31 . 24960 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\ed6d6d62d5e16751de83264797e1efd6\backup\kbdclass.sys

[-] 2004-08-03 . CC13DB862F929AE33F64C3BEDC01CD31 . 24960 . . [5.1.2600.2180] . . c:\windows\system32\drivers\kbdclass.sys



[-] 2004-08-03 . 558635D3AF1C7546D26067D5D9B6959E . 182912 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\ed6d6d62d5e16751de83264797e1efd6\backup\ndis.sys

[-] 2004-08-03 . 558635D3AF1C7546D26067D5D9B6959E . 182912 . . [5.1.2600.2180] . . c:\windows\system32\drivers\ndis.sys



[-] 2004-08-03 . B78BE402C3F63DD55521F73876951CDD . 574592 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\ed6d6d62d5e16751de83264797e1efd6\backup\ntfs.sys

[-] 2004-08-03 . B78BE402C3F63DD55521F73876951CDD . 574592 . . [5.1.2600.2180] . . c:\windows\system32\drivers\ntfs.sys



[-] 2001-08-17 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0] . . c:\windows\system32\drivers\null.sys



[-] 2004-08-03 . 210830D2497FEF78694076179AF8C795 . 77312 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\ed6d6d62d5e16751de83264797e1efd6\backup\browser.dll

[-] 2004-08-03 . 210830D2497FEF78694076179AF8C795 . 77312 . . [5.1.2600.2180] . . c:\windows\system32\browser.dll



[-] 2004-08-03 . F485FEFC8CC4FD29243D800BE5D275D1 . 13312 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\ed6d6d62d5e16751de83264797e1efd6\backup\lsass.exe

[-] 2004-08-03 . F485FEFC8CC4FD29243D800BE5D275D1 . 13312 . . [5.1.2600.2180] . . c:\windows\system32\lsass.exe



[-] 2004-08-03 . A6BFD910074B02C8794FC65F39CC6B28 . 382464 . . [6.6.2600.2180] . . c:\windows\SoftwareDistribution\Download\ed6d6d62d5e16751de83264797e1efd6\backup\qmgr.dll

[-] 2004-08-03 . A6BFD910074B02C8794FC65F39CC6B28 . 382464 . . [6.6.2600.2180] . . c:\windows\system32\qmgr.dll



[-] 2009-02-09 . 02A467E27AF55F7064C5B251E587315F . 111104 . . [5.1.2600.5755] . . c:\windows\SoftwareDistribution\Download\759d1ea8b2dedf36036c168a2c973aa4\SP3GDR\services.exe

[-] 2009-02-09 . 8816E60BF654353E8E0D35ED98875445 . 111104 . . [5.1.2600.5755] . . c:\windows\SoftwareDistribution\Download\759d1ea8b2dedf36036c168a2c973aa4\SP3QFE\services.exe

[-] 2009-02-09 . ED4E5391100287B9EABF8F2CF4B42235 . 111104 . . [5.1.2600.3520] . . c:\windows\SoftwareDistribution\Download\759d1ea8b2dedf36036c168a2c973aa4\SP2GDR\services.exe

[-] 2009-02-09 . 245A46964D7F534E1D20563ACF215E80 . 111104 . . [5.1.2600.3520] . . c:\windows\SoftwareDistribution\Download\759d1ea8b2dedf36036c168a2c973aa4\SP2QFE\services.exe

[-] 2004-08-03 . 3DA8D964D2CC12EF8E8C342471A37917 . 108544 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\ed6d6d62d5e16751de83264797e1efd6\backup\services.exe

[-] 2004-08-03 . 3DA8D964D2CC12EF8E8C342471A37917 . 108544 . . [5.1.2600.2180] . . c:\windows\system32\services.exe



[-] 2004-08-03 . 0344407089B08548D4FEBA62BB0F32D0 . 504832 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\ed6d6d62d5e16751de83264797e1efd6\backup\winlogon.exe

[-] 2004-08-03 . 0344407089B08548D4FEBA62BB0F32D0 . 504832 . . [5.1.2600.2180] . . c:\windows\system32\winlogon.exe



[-] 2004-08-03 . 91723CD7C96C5854149F9CAE820A90DD . 60416 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\ed6d6d62d5e16751de83264797e1efd6\backup\cryptsvc.dll

[-] 2004-08-03 . 91723CD7C96C5854149F9CAE820A90DD . 60416 . . [5.1.2600.2180] . . c:\windows\system32\cryptsvc.dll



[-] 2004-08-03 . BDB679C04273B19BF46BD0D591FDEEC3 . 110080 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\ed6d6d62d5e16751de83264797e1efd6\backup\imm32.dll

[-] 2004-08-03 . BDB679C04273B19BF46BD0D591FDEEC3 . 110080 . . [5.1.2600.2180] . . c:\windows\system32\imm32.dll



[-] 2004-08-03 . 261DB4366ECB4220EA960F0CA78CABAC . 22016 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\ed6d6d62d5e16751de83264797e1efd6\backup\lpk.dll

[-] 2004-08-03 . 261DB4366ECB4220EA960F0CA78CABAC . 22016 . . [5.1.2600.2180] . . c:\windows\system32\lpk.dll



[-] 2004-08-03 . 9AFE931CBC9244A5EB0B9E9D5FA74F44 . 343040 . . [7.0.2600.2180] . . c:\windows\SoftwareDistribution\Download\ed6d6d62d5e16751de83264797e1efd6\backup\msvcrt.dll

[-] 2004-08-03 . 9AFE931CBC9244A5EB0B9E9D5FA74F44 . 343040 . . [7.0.2600.2180] . . c:\windows\SoftwareDistribution\Download\ed6d6d62d5e16751de83264797e1efd6\backup\asms\70\msft\windows\mswincrt\msvcrt.dll

[-] 2004-08-03 . 9AFE931CBC9244A5EB0B9E9D5FA74F44 . 343040 . . [7.0.2600.2180] . . c:\windows\system32\msvcrt.dll



[-] 2008-06-20 . 300BCC512DE4038F1494230941DB2C2A . 246784 . . [5.1.2600.5625] . . c:\windows\SoftwareDistribution\Download\5cb56d26ae277f6fc62b86faa15488d1\sp3gdr\mswsock.dll

[-] 2008-06-20 . BF80D884E1C60DED1C7CEA3EC6F9DC28 . 246784 . . [5.1.2600.5625] . . c:\windows\SoftwareDistribution\Download\5cb56d26ae277f6fc62b86faa15488d1\sp3qfe\mswsock.dll

[-] 2008-06-20 . F1590C9B2294DB9ACE3B081ABD596174 . 246784 . . [5.1.2600.3394] . . c:\windows\SoftwareDistribution\Download\5cb56d26ae277f6fc62b86faa15488d1\sp2qfe\mswsock.dll

[-] 2004-08-03 . 83387067B25E000E64B178A62E5DCD24 . 246784 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\ed6d6d62d5e16751de83264797e1efd6\backup\mswsock.dll

[-] 2004-08-03 . 83387067B25E000E64B178A62E5DCD24 . 246784 . . [5.1.2600.2180] . . c:\windows\system32\mswsock.dll



[-] 2009-02-06 . B771DCBE0449C9F0F290092DEC48E698 . 408064 . . [5.1.2600.3520] . . c:\windows\SoftwareDistribution\Download\b9be243db6b894ce9e323522cf6ec04e\sp2qfe\netlogon.dll

[-] 2009-02-06 . B771DCBE0449C9F0F290092DEC48E698 . 408064 . . [5.1.2600.3520] . . c:\windows\SoftwareDistribution\Download\d6a0beecc09811560f2d8f8cf59409a0\sp2qfe\netlogon.dll

[-] 2004-08-03 . 8BE1BEBB1447EFFAF5F2135DC098431E . 407040 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\ed6d6d62d5e16751de83264797e1efd6\backup\netlogon.dll

[-] 2004-08-03 . 8BE1BEBB1447EFFAF5F2135DC098431E . 407040 . . [5.1.2600.2180] . . c:\windows\system32\netlogon.dll



[-] 2004-08-03 . B20BB2A65349EF132FA7F2EB51A29E5C . 17408 . . [6.00.2900.2180] . . c:\windows\SoftwareDistribution\Download\ed6d6d62d5e16751de83264797e1efd6\backup\powrprof.dll

[-] 2004-08-03 . B20BB2A65349EF132FA7F2EB51A29E5C . 17408 . . [6.00.2900.2180] . . c:\windows\system32\powrprof.dll



[-] 2004-08-03 . 3609496AE18FF399920C494270C526F9 . 185344 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\ed6d6d62d5e16751de83264797e1efd6\backup\scecli.dll

[-] 2004-08-03 . 3609496AE18FF399920C494270C526F9 . 185344 . . [5.1.2600.2180] . . c:\windows\system32\scecli.dll



[-] 2004-08-03 . 3F342B984E9E1ABD58347DA859CD44C6 . 5120 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\ed6d6d62d5e16751de83264797e1efd6\backup\sfc.dll

[-] 2004-08-03 . 3F342B984E9E1ABD58347DA859CD44C6 . 5120 . . [5.1.2600.2180] . . c:\windows\system32\sfc.dll



[-] 2004-08-03 . BA98327E90022DBD6EE76490E0622E2E . 14336 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\ed6d6d62d5e16751de83264797e1efd6\backup\svchost.exe

[-] 2004-08-03 . BA98327E90022DBD6EE76490E0622E2E . 14336 . . [5.1.2600.2180] . . c:\windows\system32\svchost.exe



[-] 2004-08-03 . BD768099B4C44AA631728CB74EB54396 . 25088 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\ed6d6d62d5e16751de83264797e1efd6\backup\userinit.exe

[-] 2004-08-03 . BD768099B4C44AA631728CB74EB54396 . 25088 . . [5.1.2600.2180] . . c:\windows\system32\userinit.exe



[-] 2004-08-03 . AB82237486B727DD7DAB36A76F38A3A2 . 82944 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\ed6d6d62d5e16751de83264797e1efd6\backup\ws2_32.dll

[-] 2004-08-03 . AB82237486B727DD7DAB36A76F38A3A2 . 82944 . . [5.1.2600.2180] . . c:\windows\system32\ws2_32.dll



[-] 2004-08-03 . F309D9894FCA821E3C2F557A8032D47A . 171008 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\ed6d6d62d5e16751de83264797e1efd6\backup\srsvc.dll

[-] 2004-08-03 . F309D9894FCA821E3C2F557A8032D47A . 171008 . . [5.1.2600.2180] . . c:\windows\system32\srsvc.dll



[-] 2004-08-03 . 1905812AB06A70FF21907FAA10C927D6 . 13824 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\ed6d6d62d5e16751de83264797e1efd6\backup\wscntfy.exe

[-] 2004-08-03 . 1905812AB06A70FF21907FAA10C927D6 . 13824 . . [5.1.2600.2180] . . c:\windows\system32\wscntfy.exe



[-] 2004-08-03 . E3C9EF5BCC9EB171BD81051CD19BDED7 . 129536 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\ed6d6d62d5e16751de83264797e1efd6\backup\xmlprov.dll

[-] 2004-08-03 . E3C9EF5BCC9EB171BD81051CD19BDED7 . 129536 . . [5.1.2600.2180] . . c:\windows\system32\xmlprov.dll



[-] 2004-08-03 . 05684DE2DA55A04C8AAAB5911AFE7643 . 55808 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\ed6d6d62d5e16751de83264797e1efd6\backup\eventlog.dll

[-] 2004-08-03 . 05684DE2DA55A04C8AAAB5911AFE7643 . 55808 . . [5.1.2600.2180] . . c:\windows\system32\eventlog.dll



[-] 2004-08-03 . F044A12CFFB8E58BC044A2605283A636 . 1548288 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\ed6d6d62d5e16751de83264797e1efd6\backup\sfcfiles.dll

[-] 2004-08-03 . F044A12CFFB8E58BC044A2605283A636 . 1548288 . . [5.1.2600.2180] . . c:\windows\system32\sfcfiles.dll



[-] 2004-08-03 . CBFA30492D70CE3938D8A7783D0C0436 . 15360 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\ed6d6d62d5e16751de83264797e1efd6\backup\ctfmon.exe

[-] 2004-08-03 . CBFA30492D70CE3938D8A7783D0C0436 . 15360 . . [5.1.2600.2180] . . c:\windows\system32\ctfmon.exe



[-] 2004-08-03 . A19BFED61736127DB5B8B815AFB35190 . 59904 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\ed6d6d62d5e16751de83264797e1efd6\backup\regsvc.dll

[-] 2004-08-03 . A19BFED61736127DB5B8B815AFB35190 . 59904 . . [5.1.2600.2180] . . c:\windows\system32\regsvc.dll



[-] 2004-08-03 . E5F1C9EAD4C6617ACD40CA90882CC7D4 . 192000 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\ed6d6d62d5e16751de83264797e1efd6\backup\schedsvc.dll

[-] 2004-08-03 . E5F1C9EAD4C6617ACD40CA90882CC7D4 . 192000 . . [5.1.2600.2180] . . c:\windows\system32\schedsvc.dll



[-] 2004-08-03 . BB754C4BE0B18F0FAF01A7EBDE7025C4 . 71680 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\ed6d6d62d5e16751de83264797e1efd6\backup\ssdpsrv.dll

[-] 2004-08-03 . BB754C4BE0B18F0FAF01A7EBDE7025C4 . 71680 . . [5.1.2600.2180] . . c:\windows\system32\ssdpsrv.dll



[-] 2004-08-03 . 2C28157229925280916B3041CCC5FE4B . 296448 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\ed6d6d62d5e16751de83264797e1efd6\backup\termsrv.dll

[-] 2004-08-03 . 2C28157229925280916B3041CCC5FE4B . 296448 . . [5.1.2600.2180] . . c:\windows\system32\termsrv.dll



[-] 2004-08-03 . 8D60B308D061DA209CC271D9B480468C . 172032 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\ed6d6d62d5e16751de83264797e1efd6\backup\appmgmts.dll

[-] 2004-08-03 . 8D60B308D061DA209CC271D9B480468C . 172032 . . [5.1.2600.2180] . . c:\windows\system32\appmgmts.dll



[-] 2001-10-26 . 66A42B7DB194E24B973BBCCE840A0F3F . 12032 . . [5.1.2600.0] . . c:\windows\system32\drivers\acpiec.sys



[-] 2004-08-03 . 4448006B6BC60E6C027932CFC38D6855 . 29056 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\ed6d6d62d5e16751de83264797e1efd6\backup\ip6fw.sys

[-] 2004-08-03 . 4448006B6BC60E6C027932CFC38D6855 . 29056 . . [5.1.2600.2180] . . c:\windows\system32\drivers\ip6fw.sys



[-] 2004-08-03 . 1D0EBF9EDAE8A61CBF56ED1FF8489FAC . 33792 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\ed6d6d62d5e16751de83264797e1efd6\backup\msgsvc.dll

[-] 2004-08-03 . 1D0EBF9EDAE8A61CBF56ED1FF8489FAC . 33792 . . [5.1.2600.2180] . . c:\windows\system32\msgsvc.dll



[-] 2004-08-03 23:44 . C8CE1566B0537C3F5F7AE1CA458A6697 . 435712 . . [5.1.2400.2180] . . c:\windows\SoftwareDistribution\Download\ed6d6d62d5e16751de83264797e1efd6\backup\ntmssvc.dll

[-] 2004-08-03 23:44 . C8CE1566B0537C3F5F7AE1CA458A6697 . 435712 . . [5.1.2400.2180] . . c:\windows\system32\ntmssvc.dll



[-] 2004-08-03 . 387D2A06C8E7CCCEA8E9A350C8FE6781 . 185856 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\ed6d6d62d5e16751de83264797e1efd6\backup\upnphost.dll

[-] 2004-08-03 . 387D2A06C8E7CCCEA8E9A350C8FE6781 . 185856 . . [5.1.2600.2180] . . c:\windows\system32\upnphost.dll



[-] 2004-08-03 . 9E46388FE1308B54F843959FBE2764F9 . 367616 . . [5.3.2600.2180] . . c:\windows\SoftwareDistribution\Download\ed6d6d62d5e16751de83264797e1efd6\backup\dsound.dll

[-] 2004-08-03 . 9E46388FE1308B54F843959FBE2764F9 . 367616 . . [5.3.2600.2180] . . c:\windows\system32\dsound.dll

.

(((((((((((((((((((((((((((((((((((((   Wpisy startowe rejestru   ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane  

REGEDIT4



[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Nowe Gadu-Gadu"="c:\program files\Nowe Gadu-Gadu\gg.exe" [2009-10-28 11539048]

"ALLUpdate"="c:\program files\ALLPlayer\ALLUpdate.exe" [2010-03-23 1432064]



[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"igfxtray"="c:\windows\system32\igfxtray.exe" [2005-07-19 94208]

"igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2005-07-19 77824]

"igfxpers"="c:\windows\system32\igfxpers.exe" [2005-07-19 114688]

"IntelZeroConfig"="c:\program files\Intel\Wireless\bin\ZCfgSvc.exe" [2006-04-14 667718]

"IntelWireless"="c:\program files\Intel\Wireless\Bin\ifrmewrk.exe" [2006-04-14 602182]

"EOUApp"="c:\program files\Intel\Wireless\Bin\EOUWiz.exe" [2006-04-14 569413]

"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-07-14 798810]

"LaunchAp"="c:\program files\Launch Manager\LaunchAp.exe" [2005-07-25 32768]

"HotkeyApp"="c:\program files\Launch Manager\HotkeyApp.exe" [2006-07-17 65536]

"CtrlVol"="c:\program files\Launch Manager\CtrlVol.exe" [2003-09-16 20480]

"LMgrOSD"="c:\program files\Launch Manager\OSD.exe" [2005-03-16 204800]

"Wbutton"="c:\program files\Launch Manager\Wbutton.exe" [2006-07-10 86016]

"RTHDCPL"="RTHDCPL.EXE" [2006-07-06 16251904]

"SkyTel"="SkyTel.EXE" [2006-05-16 2879488]

"SMSERIAL"="sm56hlpr.exe" [2005-09-16 557056]

"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-03-11 49152]



[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-03 15360]



c:\documents and settings\All Users\Menu Start\Programy\Autostart\

HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-3-11 210520]



[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"c:\\Program Files\\Nowe Gadu-Gadu\\gg.exe"=

"d:\\metin2 patch\\metin2.bin"=

"d:\\metin2 patch\\metin2client.bin"=

"d:\\Program Files\\Valve\\hlds.exe"=

"d:\\Program Files\\Valve\\hl.exe"=



S1 mailKmd;mailKmd; [x]



[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

HPZ12	REG_MULTI_SZ   	Pml Driver HPZ12 Net Driver HPZ12

hpdevmgmt	REG_MULTI_SZ   	hpqcxs08 hpqddsvc

.

.

------- Skan uzupełniający -------

.

IE: E&ksport do programu Microsoft Excel - c:\progra~1\MICROS~1\OFFICE11\EXCEL.EXE/3000

FF - ProfilePath - c:\documents and settings\Suchy\Dane aplikacji\Mozilla\Firefox\Profiles\tipmddx9.default\

FF - plugin: c:\documents and settings\Suchy\Dane aplikacji\Nowe Gadu-Gadu\_userdata\npgg.1.dll



---- FIREFOX - SPOSÓB POSTĘPOWANIA ----

c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency",   1600);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.debug",            false);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.agedWeight",       2);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.bucketSize",       1);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight",   25);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.prefixWeight",     5);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("html5.enable", false);

c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);

c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");

c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);

c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation",  false);

c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);

c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");

c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");

c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");

c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");

c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");

c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");

c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);

c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);

c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);

c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);

c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);

c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);

c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);

c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);

.



**************************************************************************



catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2010-04-25 11:09

Windows 5.1.2600 Dodatek Service Pack 2 NTFS



skanowanie ukrytych procesów ...  



skanowanie ukrytych wpisów autostartu ... 



skanowanie ukrytych plików ...  



skanowanie pomyślnie ukończone

ukryte pliki: 0



**************************************************************************

.

Czas ukończenia: 2010-04-25  11:10:40

ComboFix-quarantined-files.txt  2010-04-25 09:10



Przed: 14 970 757 120 bajtów wolnych

Po: 15 551 139 840 bajtów wolnych



WindowsXP-KB310994-SP2-Pro-BootDisk-PLK.exe

[boot loader]

timeout=2

default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS

[operating systems]

c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons

multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect



- - End Of File - - 7EC5C3B5EC43DA9B9307F036677FFEA2