Temat jest zamknięty
Po włączeniu komputera pojawiały mi sie okienka z tekstem mówiącym o zagrozeniu prywatnosci i o tym abym zainstalowal tak zwanego oczyszczacz komputera (nic nieinstalowalem) ,na pulpicie pojawiła się tapeta z jego logiem i ogólnie pulpit zachowywał się tak jakby był stroną internetową .Manager zadań nieodpoiwadał na alt+ctrl+delete .
Oto log z combofix:
ComboFix 08-04-14.2 - Administrator 2008-04-15 16:14:50.1 - NTFSx86 NETWORK
Microsoft Windows XP Professional 5.1.2600.2.1250.1.1045.18.126 [GMT 2:00]
Running from: D:\Documents and Settings\Administrator\Pulpit\ComboFix.exe
[color=red][b]WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED [img]http://www.forum.tweaks.pl/public/style_emoticons/default/excl.gif[/img][/b][/color]
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
D:\Documents and Settings\LocalService.ZARZĄDZANIE NT\Dane aplikacji\wsnpoem
D:\Documents and Settings\LocalService.ZARZĄDZANIE NT\Dane aplikacji\wsnpoem\audio.dll
D:\Documents and Settings\LocalService\ftpdll.dll
D:\Documents and Settings\MUZYKA\Dane aplikacji\ShoppingReport
D:\Documents and Settings\MUZYKA\Dane aplikacji\ShoppingReport\cs\Config.xml
D:\Documents and Settings\MUZYKA\Dane aplikacji\ShoppingReport\cs\db\Aliases.dbs
D:\Documents and Settings\MUZYKA\Dane aplikacji\ShoppingReport\cs\db\Sites.dbs
D:\Documents and Settings\MUZYKA\Dane aplikacji\ShoppingReport\cs\dwld\WhiteList.xip
D:\Documents and Settings\MUZYKA\Dane aplikacji\ShoppingReport\cs\report\aggr_storage.xml
D:\Documents and Settings\MUZYKA\Dane aplikacji\ShoppingReport\cs\report\send_storage.xml
D:\Documents and Settings\MUZYKA\Dane aplikacji\ShoppingReport\cs\res1\WhiteList.dbs
D:\Documents and Settings\MUZYKA\ftpdll.dll
D:\Documents and Settings\MUZYKA\iexplorer.exe
D:\findfast.exe
D:\Program Files\antiviirus.exe
D:\Program Files\bho.exe
D:\Program Files\Helper
D:\Program Files\ShoppingReport
D:\Program Files\ShoppingReport\Uninst.exe
D:\Program Files\tmp0.exe
D:\Program Files\tmp1.exe
D:\Program Files\tmp2.exe
D:\Program Files\tmp3.exe
D:\WINDOWS\cookies.ini
D:\WINDOWS\privacy_danger
D:\WINDOWS\privacy_danger\images\capt.gif
D:\WINDOWS\privacy_danger\images\danger.jpg
D:\WINDOWS\privacy_danger\images\down.gif
D:\WINDOWS\privacy_danger\images\spacer.gif
D:\WINDOWS\privacy_danger\index.htm
D:\WINDOWS\resources\ComponentBoot.dll
D:\WINDOWS\rs.txt
D:\WINDOWS\system32\anvelqcm.ini
D:\WINDOWS\system32\dceMonmp.ini
D:\WINDOWS\system32\dceMonmp.ini2
D:\WINDOWS\system32\mcqlevna.dll
D:\WINDOWS\system32\mcrh.tmp
D:\WINDOWS\system32\nnnnLday.dll
D:\WINDOWS\system32\pmnoMecd.dll
D:\WINDOWS\system32\winuyw32.dll
D:\WINDOWS\winlogon.exe
D:\WINDOWS\zalpqbj.sys
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Service_zalpqbj
((((((((((((((((((((((((( Files Created from 2008-03-15 to 2008-04-15 )))))))))))))))))))))))))))))))
.
2008-04-15 16:01 . 2008-04-15 16:01 <DIR> d-------- D:\Documents and Settings\Administrator\Gadu-Gadu
2008-04-15 15:22 . 2008-04-15 15:22 <DIR> d---s---- D:\Documents and Settings\Administrator\UserData
2008-04-15 15:21 . 2008-04-15 15:21 <DIR> d-------- D:\Documents and Settings\Administrator\Dane aplikacji\Subversion
2008-04-15 15:20 . 2008-04-15 16:32 <DIR> d--h----- D:\Documents and Settings\Administrator\Ustawienia lokalne
2008-04-15 15:20 . 2008-04-15 15:21 <DIR> d-------- D:\Documents and Settings\Administrator\Ulubione
2008-04-15 15:20 . 2008-03-18 21:26 <DIR> d--h----- D:\Documents and Settings\Administrator\Szablony
2008-04-15 15:20 . 2008-04-15 16:34 <DIR> d-------- D:\Documents and Settings\Administrator\Pulpit
2008-04-15 15:20 . 2008-03-18 21:39 <DIR> d-------- D:\Documents and Settings\Administrator\Moje dokumenty
2008-04-15 15:20 . 2008-03-18 21:39 <DIR> dr------- D:\Documents and Settings\Administrator\Menu Start
2008-04-15 15:20 . 2008-04-15 16:02 <DIR> dr-h----- D:\Documents and Settings\Administrator\Dane aplikacji
2008-04-15 15:20 . 2008-04-15 16:01 <DIR> d-------- D:\Documents and Settings\Administrator
2008-04-15 07:44 . 2008-04-15 07:44 <DIR> d-------- D:\Program Files\store
2008-04-15 07:44 . 2007-06-01 16:15 962,560 --a------ D:\Program Files\Jigsaw.exe
2008-04-15 07:44 . 2007-06-01 16:13 942,080 --a------ D:\Program Files\Jigsaw.dll
2008-04-15 07:43 . 2008-04-15 07:44 <DIR> d-------- D:\Program Files\puzzles
2008-04-15 07:43 . 2001-05-24 12:59 162,304 --a------ D:\Program Files\un-Medley.exe
2008-04-15 07:41 . 2008-04-15 07:41 3,648 --a------ D:\WINDOWS\system32\gbqsalnq.dll
2008-04-15 07:33 . 2008-04-15 07:33 <DIR> d-------- D:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\nmfgzwrm
2008-04-15 07:33 . 2008-04-15 04:20 233,472 --a------ D:\WINDOWS\lgmxvpatrqm.dll
2008-04-15 07:33 . 2008-04-15 04:20 217,088 --a------ D:\WINDOWS\omlbpkaw.dll
2008-04-15 07:33 . 2008-04-15 04:20 184,320 --a------ D:\WINDOWS\qtvglped.dll
2008-04-15 07:33 . 2008-04-15 04:20 172,032 --a------ D:\WINDOWS\pmsoarbf.dll
2008-04-15 07:33 . 2008-04-15 04:20 94,208 --a------ D:\WINDOWS\npqtsrak.exe
2008-04-15 07:33 . 2008-04-15 07:33 90,112 --a------ D:\WINDOWS\system32\ratitsfs.exe
2008-04-15 07:33 . 2008-04-15 04:20 81,920 --a------ D:\WINDOWS\rtqmekwg.exe
2008-04-15 07:26 . 2008-04-15 07:26 63 --a------ D:\WINDOWS\mdm.ini
2008-04-14 07:19 . 2008-04-15 15:51 <DIR> d-------- D:\Documents and Settings\MUZYKA.MUZYKA-CA405851\Dane aplikacji\MEGAUPLOADTOOLBAR
2008-04-12 10:25 . 2008-04-12 10:25 4,096 --a------ D:\WINDOWS\d3dx.dat
2008-04-07 22:15 . 2008-04-07 22:15 427 --a------ D:\WINDOWS\ODBC.INI
2008-04-07 22:01 . 2008-04-07 22:01 <DIR> d-------- D:\WINDOWS\ShellNew
2008-04-07 22:00 . 2008-04-07 22:00 <DIR> d-------- D:\Documents and Settings\MUZYKA.MUZYKA-CA405851\Dane aplikacji\Microsoft Web Folders
2008-04-06 12:39 . 2008-04-06 12:40 <DIR> d-------- D:\Program Files\Common Files\Adobe
2008-04-06 12:36 . 2008-04-06 12:36 <DIR> d-------- D:\WINDOWS\Cache
2008-04-06 10:05 . 2008-04-06 10:05 9,652 --a------ D:\Documents and Settings\MUZYKA.MUZYKA-CA405851\93828.exe
2008-04-05 16:26 . 2008-04-05 16:26 <DIR> d-------- D:\Documents and Settings\MUZYKA.MUZYKA-CA405851\Dane aplikacji\Creative
2008-04-03 19:16 . 2008-04-03 19:16 34 --a------ D:\WINDOWS\Necromania - demo.dr
2008-04-03 15:42 . 2008-04-03 15:42 13,646 --a------ D:\WINDOWS\system32\wpa.bak
2008-04-02 18:52 . 2008-04-05 16:28 <DIR> d-------- D:\Nowy folder (2)
2008-04-01 21:52 . 2008-04-15 15:58 <DIR> d--hs---- D:\WINDOWS\system32\wsnpoem
2008-04-01 13:44 . 2008-04-01 13:44 <DIR> d-------- D:\Program Files\Trymedia
2008-04-01 11:51 . 2008-04-01 11:51 <DIR> d-------- D:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\75-55-87-55-55-55
2008-04-01 11:15 . 2008-04-01 11:15 69 --a------ D:\WINDOWS\NeroDigital.ini
2008-04-01 08:40 . 2008-04-01 08:40 <DIR> d-------- D:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\LightScribe
2008-03-31 19:13 . 2008-04-14 19:07 <DIR> d-------- D:\Documents and Settings\MUZYKA.MUZYKA-CA405851\Dane aplikacji\codeblocks
2008-03-31 19:06 . 2008-03-31 19:06 <DIR> d-------- D:\Documents and Settings\MUZYKA.MUZYKA-CA405851\.CodeBlocks
2008-03-31 15:51 . 2008-03-31 16:02 <DIR> d-------- D:\Documents and Settings\MUZYKA.MUZYKA-CA405851\Dane aplikacji\TortoiseSVN
2008-03-31 09:05 . 2008-03-31 09:05 <DIR> d-------- D:\Program Files\Common Files\LightScribe
2008-03-31 09:03 . 2008-04-01 11:15 <DIR> d-------- D:\Documents and Settings\MUZYKA.MUZYKA-CA405851\Dane aplikacji\Ahead
2008-03-31 08:59 . 2008-03-31 08:59 <DIR> d-------- D:\Program Files\Nero
2008-03-31 08:59 . 2008-03-31 09:02 <DIR> d-------- D:\Program Files\Common Files\Ahead
2008-03-31 08:59 . 2008-03-31 08:59 <DIR> d-------- D:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\Nero
2008-03-29 12:40 . 2008-03-29 12:40 <DIR> d-------- D:\Program Files\Infinite Loop
2008-03-28 23:06 . 2008-03-29 11:24 <DIR> d-------- D:\Documents and Settings\MUZYKA.MUZYKA-CA405851\Dane aplikacji\gtk-2.0
2008-03-28 23:04 . 2008-03-28 23:04 <DIR> d-------- D:\Documents and Settings\MUZYKA.MUZYKA-CA405851\.thumbnails
2008-03-28 23:02 . 2008-04-09 19:56 <DIR> d-------- D:\Documents and Settings\MUZYKA.MUZYKA-CA405851\.<a href="http://www.download.net.pl/354/GIMP/">gimp</a>-2.4
2008-03-28 23:01 . 2008-03-28 23:01 <DIR> d-------- D:\Program Files\GIMP-2.0
2008-03-27 13:38 . 2008-03-27 13:38 <DIR> d-------- D:\Documents and Settings\admin\Pulpit
2008-03-27 13:38 . 2008-03-27 13:38 <DIR> d-------- D:\Documents and Settings\admin
2008-03-27 00:19 . 2008-03-27 00:19 25,600 --a------ D:\WINDOWS\system32\winndz32.dll
2008-03-25 22:15 . 2000-05-22 10:58 647,872 --------- D:\WINDOWS\system32\Mscomct2.ocx
2008-03-25 22:15 . 1999-10-10 19:00 41,984 --------- D:\WINDOWS\Ctregrun.exe
2008-03-25 22:14 . 2008-04-05 08:28 <DIR> d-------- D:\Program Files\Audible
2008-03-25 22:14 . 2003-03-18 22:20 1,060,864 --------- D:\WINDOWS\system32\mfc71.dll
2008-03-25 22:14 . 2003-03-18 21:14 499,712 --------- D:\WINDOWS\system32\msvcp71.dll
2008-03-25 22:14 . 2008-03-25 22:14 417,792 --a------ D:\WINDOWS\system32\awrdscdc.ax
2008-03-25 22:14 . 2001-08-17 23:43 24,576 --------- D:\WINDOWS\system32\msxml3a.dll
2008-03-25 22:13 . 2005-02-24 13:21 22,752 --a------ D:\WINDOWS\system32\spupdsvc.exe
2008-03-25 22:11 . 2008-03-25 22:11 <DIR> d--h----- D:\Program Files\Creative Installation Information
2008-03-25 22:05 . 2008-04-05 16:33 <DIR> d-------- D:\Program Files\Creative
2008-03-25 21:35 . 2008-03-25 21:35 <DIR> d-------- D:\Program Files\Smallvideosoft
2008-03-25 21:35 . 2007-03-01 05:18 4,762,112 --a------ D:\WINDOWS\system32\NCMedia.dll
2008-03-25 21:35 . 2007-02-25 16:36 383,238 --a------ D:\WINDOWS\system32\libmp3lame-0.dll
2008-03-25 21:13 . 2004-08-04 00:08 26,496 --a--c--- D:\WINDOWS\system32\dllcache\usbstor.sys
2008-03-25 13:22 . 2008-03-25 13:22 <DIR> d-------- D:\Program Files\K-Lite Codec Pack
2008-03-24 22:04 . 2008-03-24 22:04 <DIR> d-------- D:\Program Files\Media Player Classic
2008-03-24 21:47 . 2008-03-24 22:13 <DIR> d-------- D:\WINDOWS\system32\quicktime
2008-03-24 21:47 . 2008-03-24 21:47 <DIR> d-------- D:\Program Files\XviD
2008-03-24 21:47 . 2008-03-24 21:47 <DIR> d-------- D:\Program Files\DivXCodec
2008-03-24 21:47 . 2008-03-24 21:47 <DIR> d-------- D:\Program Files\DivX
2008-03-24 21:19 . 2008-03-24 21:19 <DIR> d-------- D:\Documents and Settings\MUZYKA.MUZYKA-CA405851\Dane aplikacji\Media Player Classic
2008-03-24 21:14 . 2004-01-12 00:00 348,160 --a------ D:\WINDOWS\system32\msvcr71.dll
2008-03-23 19:29 . 2008-03-24 21:48 980 --a------ D:\WINDOWS\VPlayer.INI
2008-03-23 19:29 . 2008-03-24 21:48 77 --a------ D:\WINDOWS\VplayerINI.vpl
2008-03-21 12:09 . 2008-03-26 17:35 754 --a------ D:\WINDOWS\WORDPAD.INI
2008-03-20 13:07 . 2008-03-20 13:07 <DIR> d---s---- D:\Documents and Settings\MUZYKA.MUZYKA-CA405851\UserData
2008-03-20 11:17 . 2008-04-12 15:17 <DIR> d-------- D:\Documents and Settings\MUZYKA.MUZYKA-CA405851\Dane aplikacji\Hamachi
2008-03-20 11:16 . 2008-03-20 11:17 <DIR> d-------- D:\Program Files\Hamachi
2008-03-20 11:16 . 2008-03-20 11:16 25,280 --a------ D:\WINDOWS\system32\drivers\hamachi.sys
2008-03-20 10:38 . 1998-10-07 13:54 327,168 --a------ D:\WINDOWS\IsUn0415.exe
2008-03-20 10:36 . 2004-08-04 00:15 82,944 --a------ D:\WINDOWS\system32\drivers\wdmaud.sys
2008-03-20 10:36 . 2004-08-04 00:15 82,944 --a--c--- D:\WINDOWS\system32\dllcache\wdmaud.sys
2008-03-20 10:36 . 2004-08-04 00:07 52,864 --a------ D:\WINDOWS\system32\drivers\DMusic.sys
2008-03-20 10:36 . 2004-08-04 00:07 52,864 --a--c--- D:\WINDOWS\system32\dllcache\dmusic.sys
2008-03-20 10:36 . 2004-08-04 00:07 6,400 --a------ D:\WINDOWS\system32\drivers\splitter.sys
2008-03-20 10:36 . 2004-08-04 00:07 6,400 --a--c--- D:\WINDOWS\system32\dllcache\splitter.sys
2008-03-20 10:35 . 2008-03-20 10:35 <DIR> d-------- D:\Program Files\VIAudioi
2008-03-20 10:07 . 2008-03-20 10:07 <DIR> d-------- D:\Documents and Settings\MUZYKA.MUZYKA-CA405851\Dane aplikacji\Gadu-Gadu
2008-03-19 21:32 . 2008-03-19 21:32 <DIR> d-------- D:\Documents and Settings\MUZYKA.MUZYKA-CA405851\Dane aplikacji\Subversion
2008-03-19 16:53 . 2008-03-20 13:05 <DIR> d-------- D:\Documents and Settings\MUZYKA.MUZYKA-CA405851\Gadu-Gadu
2008-03-19 16:48 . 2007-08-21 22:05 593,920 --------- D:\WINDOWS\system32\ati2sgag.exe
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-04-15 05:44 5,335 ----a-w D:\Program Files\Medley-INSTALL.LOG
2008-04-07 19:59 --------- d-----w D:\Program Files\microsoft frontpage
2008-03-31 17:06 357 ----a-w D:\Documents and Settings\MUZYKA.MUZYKA-CA405851\.cb_layout.bin
2008-03-18 16:54 357 ----a-w D:\Documents and Settings\MUZYKA\.cb_layout.bin
2008-03-15 18:23 --------- d-----w D:\Documents and Settings\MUZYKA\Dane aplikacji\Gadu-Gadu
2008-03-15 18:01 --------- d-----w D:\Program Files\Usługi online
2008-01-29 01:53 612,864 ----a-w D:\WINDOWS\system32\x264vfw.dll
2007-03-22 08:00 4,700 ----a-w D:\Program Files\readme.txt
2006-09-15 14:53 306 ----a-w D:\Program Files\SuperJigsaw.bmp
2006-09-15 14:51 807 ----a-w D:\Program Files\Medley Credits.txt
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{27f06e78-8650-4e11-934c-4cf91f971277}]
2008-04-15 04:20 233472 --a------ D:\WINDOWS\lgmxvpatrqm.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\1TortoiseSVN]
@={30351346-7B7D-4FCC-81B4-1E394CA267EB}
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\2TortoiseSVN]
@={30351347-7B7D-4FCC-81B4-1E394CA267EB}
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\3TortoiseSVN]
@={30351348-7B7D-4FCC-81B4-1E394CA267EB}
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\4TortoiseSVN]
@={3035134B-7B7D-4FCC-81B4-1E394CA267EB}
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\5TortoiseSVN]
@={3035134C-7B7D-4FCC-81B4-1E394CA267EB}
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\6TortoiseSVN]
@={3035134D-7B7D-4FCC-81B4-1E394CA267EB}
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\7TortoiseSVN]
@={3035134E-7B7D-4FCC-81B4-1E394CA267EB}
[HKEY_CLASSES_ROOT\CLSID\{30351346-7B7D-4FCC-81B4-1E394CA267EB}]
2008-02-16 12:35 536576 --a------ C:\TortoiseSVN\bin\tortoisesvn.dll
[HKEY_CLASSES_ROOT\CLSID\{30351347-7B7D-4FCC-81B4-1E394CA267EB}]
2008-02-16 12:35 536576 --a------ C:\TortoiseSVN\bin\tortoisesvn.dll
[HKEY_CLASSES_ROOT\CLSID\{30351348-7B7D-4FCC-81B4-1E394CA267EB}]
2008-02-16 12:35 536576 --a------ C:\TortoiseSVN\bin\tortoisesvn.dll
[HKEY_CLASSES_ROOT\CLSID\{3035134B-7B7D-4FCC-81B4-1E394CA267EB}]
2008-02-16 12:35 536576 --a------ C:\TortoiseSVN\bin\tortoisesvn.dll
[HKEY_CLASSES_ROOT\CLSID\{3035134C-7B7D-4FCC-81B4-1E394CA267EB}]
2008-02-16 12:35 536576 --a------ C:\TortoiseSVN\bin\tortoisesvn.dll
[HKEY_CLASSES_ROOT\CLSID\{3035134D-7B7D-4FCC-81B4-1E394CA267EB}]
2008-02-16 12:35 536576 --a------ C:\TortoiseSVN\bin\tortoisesvn.dll
[HKEY_CLASSES_ROOT\CLSID\{3035134E-7B7D-4FCC-81B4-1E394CA267EB}]
2008-02-16 12:35 536576 --a------ C:\TortoiseSVN\bin\tortoisesvn.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="D:\WINDOWS\system32\ctfmon.exe" [2004-08-04 14:00 15360]
"MSMSGS"="D:\Program Files\Messenger\msmsgs.exe" [2004-08-04 01:55 1667584]
"swg"="D:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe" [2008-03-23 01:16 171448]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="D:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2006-12-23 18:05 143360]
"DAEMON Tools Lite"="D:\Program Files\DAEMON Tools Lite\daemon.exe" [2008-02-14 01:09 486856]
"qdvtgjru"="D:\WINDOWS\system32\ratitsfs.exe" [2008-04-15 07:33 90112]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 13:35 90112]
"AudioDeck"="D:\Program Files\VIAudioi\SBADeck\ADeck.exe" [2006-09-05 19:28 540672]
"NeroFilterCheck"="D:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 15:40 155648]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="D:\WINDOWS\system32\CTFMON.EXE" [2004-08-04 14:00 15360]
D:\Documents and Settings\All Users.WINDOWS\Menu Start\Programy\Autostart\
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE [1999-02-17 19:05:56 65588]
[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\[u]0[/u]]
Source= file:///D:\WINDOWS\privacy_danger\index.htm
FriendlyName= Privacy Protection
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
"pmsoarbf"= {F049F11D-FE6B-4273-9779-5930EB6F5F6B} - D:\WINDOWS\pmsoarbf.dll [2008-04-15 04:20 172032]
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Gadu-Gadu\\gg.exe"=
"E:\\Program Files\\Gadu-Gadu\\gg.exe"=
"D:\\Program Files\\Hamachi\\hamachi.exe"=
"C:\\Tzar\\Tzar.exe"=
"C:\\HydraIRC\\HydraIRC.exe"=
.
**************************************************************************
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-04-15 16:35:02
Windows 5.1.2600 Dodatek Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
PROCESS: D:\WINDOWS\explorer.exe
-> C:\TortoiseSVN\iconv\_tbl_simple.so
-> C:\TortoiseSVN\iconv\windows-1250.so
-> C:\TortoiseSVN\iconv\utf-8.so
.
------------------------ Other Running Processes ------------------------
.
D:\WINDOWS\system32\ati2evxx.exe
D:\WINDOWS\system32\ati2evxx.exe
D:\Program Files\Common Files\LightScribe\LSSrvc.exe
D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
D:\WINDOWS\system32\wdfmgr.exe
D:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
D:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
D:\WINDOWS\system32\wscntfy.exe
C:\TortoiseSVN\bin\TSVNCache.exe
.
**************************************************************************
.
Completion time: 2008-04-15 16:39:29 - machine was rebooted [MUZYKA]
ComboFix-quarantined-files.txt 2008-04-15 14:39:18
Pre-Run: 1,186,013,184 bajtów wolnych
Post-Run: 932,511,744 bajt˘w wolnychPo użyciu combofix częsciowo problem został rozwiązany bo manager zadan juz dziala i niepojawiaja sie (przynajmniej narazie) okienka ,ale pulpit nadal zachowuje sie jak strona internetowa .Prosze o pomoc
![;]](/public/style_emoticons/default/biggrin.gif)
