Mam problem z komputerem, zawiesza się, internet czy podstawowe komunikatory nie chodzą tak jak powinny, jestem laikiem, jeśli chodzi o informatykę, więc prosze o pomoc, tutaj podaję swojego loga, wygenerowanego przez ComboFixa, wg Waszej instrukcji, proszę o pomoc.
- Kod: Zaznacz wszystko
- Kod: Zaznacz wszystko
ComboFix 09-01-15.01 - Seba 2009-01-16 13:14:27.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.1.1045.18.511.185 [GMT 1:00]
Uruchomiony z: c:\documents and settings\Seba\Pulpit\ComboFix.exe
AV: System antywirusowy NOD32 2.70 *On-access scanning disabled* (Outdated)
* Utworzono nowy punkt przywracania
* Resident AV is active
.
((((((((((((((((((((((((((((((((((((((( Usunięto )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\LocalService\Dane aplikacji\twain_32
c:\documents and settings\LocalService\Dane aplikacji\twain_32\user.ds
c:\documents and settings\Seba\Dane aplikacji\FunWebProducts
c:\documents and settings\Seba\Dane aplikacji\FunWebProducts\Data\Seba\avatar.dat
c:\documents and settings\Seba\Dane aplikacji\FunWebProducts\Data\Seba\zbucks.dat
c:\program files\FunWebProducts
c:\program files\FunWebProducts\Shared\Cache\CursorManiaBtn.html
c:\program files\FunWebProducts\Shared\Cache\SmileyCentralBtn.html
c:\windows\Downloaded Program Files\setup.inf
c:\windows\system32\~.exe
c:\windows\system32\f3PSSavr.scr
c:\windows\system32\twain_32
c:\windows\system32\twain_32\local.ds
c:\windows\system32\twain_32\user.ds
.
((((((((((((((((((((((((( Pliki utworzone od 2008-12-16 do 2009-01-16 )))))))))))))))))))))))))))))))
.
2009-01-15 07:34 . 2009-01-16 11:09 0 --a------ c:\windows\lk00000000.tmp
2009-01-14 18:46 . 2009-01-14 18:46 15,360 --a------ c:\windows\system32\drivers\lsass.exe
2009-01-14 12:07 . 2009-01-14 12:07 410,984 --a------ c:\windows\system32\deploytk.dll
2009-01-07 22:08 . 2009-01-07 22:09 <DIR> d-------- c:\program files\CDex_150
2009-01-05 17:51 . 2009-01-05 17:51 <DIR> d-------- c:\program files\Q-Typing
2009-01-01 19:39 . 2009-01-01 19:39 <DIR> d-------- C:\Kopia Gadu-Gadu
2009-01-01 19:38 . 2009-01-02 13:40 <DIR> d-------- c:\documents and settings\Seba\Gadu-Gadu
2009-01-01 15:14 . 2009-01-01 19:38 <DIR> d-------- C:\Gadu-Gadu
2008-12-31 15:06 . 2009-01-09 00:58 <DIR> d-------- c:\documents and settings\Seba\Dane aplikacji\gtk-2.0
2008-12-31 15:04 . 2008-12-31 15:04 <DIR> d-------- c:\program files\GIMP-2.0
2008-12-31 15:04 . 2009-01-09 00:58 <DIR> d-------- c:\documents and settings\Seba\.gimp-2.6
2008-12-27 23:37 . 2008-12-27 23:38 <DIR> d-------- c:\program files\NAPI-PROJEKT
2008-12-27 13:18 . 2008-12-27 13:19 <DIR> d-------- c:\program files\Pro Volleyball 2
2008-12-17 20:52 . 2008-12-17 20:52 <DIR> d-------- C:\NVIDIA
2008-12-16 21:29 . 2008-12-16 21:29 <DIR> d-------- c:\documents and settings\Seba\Dane aplikacji\Red Alert 3
2008-12-16 21:18 . 2008-10-10 04:52 4,379,984 --a------ c:\windows\system32\D3DX9_40.dll
2008-12-16 21:18 . 2008-10-10 04:52 2,036,576 --a------ c:\windows\system32\D3DCompiler_40.dll
2008-12-16 21:18 . 2008-07-10 11:00 1,493,528 --a------ c:\windows\system32\D3DCompiler_39.dll
2008-12-16 21:18 . 2008-10-27 10:04 514,384 --a------ c:\windows\system32\XAudio2_3.dll
2008-12-16 21:18 . 2008-07-30 06:20 509,448 --a------ c:\windows\system32\XAudio2_2.dll
2008-12-16 21:18 . 2008-07-10 11:01 467,984 --a------ c:\windows\system32\d3dx10_39.dll
2008-12-16 21:18 . 2008-10-10 04:52 452,440 --a------ c:\windows\system32\d3dx10_40.dll
2008-12-16 21:18 . 2008-07-30 06:20 238,088 --a------ c:\windows\system32\xactengine3_2.dll
2008-12-16 21:18 . 2008-10-27 10:04 235,856 --a------ c:\windows\system32\xactengine3_3.dll
2008-12-16 21:18 . 2008-10-27 10:04 70,992 --a------ c:\windows\system32\XAPOFX1_2.dll
2008-12-16 21:18 . 2008-07-30 06:20 68,616 --a------ c:\windows\system32\XAPOFX1_1.dll
2008-12-16 21:18 . 2008-10-27 10:04 23,376 --a------ c:\windows\system32\X3DAudio1_5.dll
2008-12-16 21:15 . 2008-12-16 21:15 <DIR> d-------- c:\windows\Logs
.
(((((((((((((((((((((((((((((((((((((((( Sekcja Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-01-16 10:09 --------- d-----w c:\documents and settings\Seba\Dane aplikacji\OpenOffice.org2
2009-01-15 21:51 --------- d-----w c:\documents and settings\Seba\Dane aplikacji\foobar2000
2009-01-14 17:46 20 ----a-w c:\windows\system32\drivers\idinfo.txt
2009-01-14 11:07 --------- d-----w c:\program files\Java
2009-01-13 15:00 --------- d-----w c:\program files\Nokia
2009-01-12 18:23 --------- d-----w c:\documents and settings\All Users\Dane aplikacji\Installations
2009-01-12 18:14 --------- d-----w c:\documents and settings\Seba\Dane aplikacji\BitTorrent
2009-01-11 17:02 --------- d-----w c:\program files\Common Files\Symantec Shared
2009-01-11 17:00 --------- d-----w c:\program files\Norton Security Scan
2009-01-02 19:06 --------- d-----w c:\documents and settings\Seba\Dane aplikacji\Microsoft Games
2009-01-02 15:36 --------- d--h--w c:\program files\InstallShield Installation Information
2009-01-02 15:31 --------- d-----w c:\documents and settings\All Users\Dane aplikacji\Microsoft Games
2009-01-01 13:30 --------- d-----w c:\program files\Gadu-Gadu
2008-12-17 19:14 107,888 ----a-w c:\windows\system32\CmdLineExt.dll
2008-12-12 00:30 --------- d-----w c:\program files\MSXML 4.0
2008-12-11 10:57 333,952 ----a-w c:\windows\system32\drivers\srv.sys
2008-12-10 16:28 --------- d-----w c:\program files\Sonic Foundry
2008-12-10 14:32 0 ---ha-w c:\windows\system32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf
2008-12-10 14:32 0 ---ha-w c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01007.Wdf
2008-12-10 14:30 --------- d-----w c:\documents and settings\All Users\Dane aplikacji\Nokia
2008-12-10 14:28 --------- d-----w c:\program files\MSXML 6.0
2008-12-10 14:27 --------- d-----w c:\program files\Common Files\Nokia
2008-12-09 19:25 --------- d-----w c:\documents and settings\Seba\Dane aplikacji\Nokia
2008-12-09 19:24 --------- d-----w c:\documents and settings\Seba\Dane aplikacji\PC Suite
2008-12-07 17:03 --------- d-----w c:\program files\iWin.com
2008-12-07 17:02 --------- d-----w c:\program files\Alawar
2008-12-06 13:28 --------- d-----w c:\program files\Common Files\PCSuite
2008-12-05 19:06 --------- d-----w c:\documents and settings\Seba\Dane aplikacji\Gamelab
2008-12-05 19:06 --------- d-----w c:\documents and settings\All Users\Dane aplikacji\Trymedia
2008-12-05 15:56 --------- d-----w c:\documents and settings\All Users\Dane aplikacji\iWin Games
2008-12-05 13:58 --------- d-----w c:\documents and settings\Seba\Dane aplikacji\PetShowCraze
2008-12-05 13:58 --------- d-----w c:\documents and settings\All Users\Dane aplikacji\AlawarWrapper
2008-12-05 13:35 --------- d-----w c:\documents and settings\Seba\Dane aplikacji\iWin
2008-12-05 13:35 --------- d-----w c:\documents and settings\All Users\Dane aplikacji\iWin
2008-12-05 13:33 --------- d-----w c:\program files\ReflexiveArcade
2008-12-05 13:31 --------- d-----w c:\documents and settings\Seba\Dane aplikacji\iWinArcade
2008-12-03 19:31 --------- d-----w c:\documents and settings\All Users\Dane aplikacji\BigFishGamesCache
2008-12-03 19:25 --------- d-----w c:\documents and settings\Seba\Dane aplikacji\Home Sweet Home 2
2008-12-03 19:19 --------- d-----w c:\program files\bfgclient
2008-11-19 19:00 --------- d-----w c:\documents and settings\Seba\Dane aplikacji\CyberLink
2008-11-19 18:55 --------- d-----w c:\documents and settings\All Users\Dane aplikacji\CyberLink
2008-11-19 18:54 --------- d-----w c:\program files\CyberLink
2008-11-16 16:49 --------- d-----w c:\documents and settings\Seba\Dane aplikacji\Media Player Classic
2008-10-23 12:42 286,720 ----a-w c:\windows\system32\gdi32.dll
2008-10-16 20:33 826,368 ----a-w c:\windows\system32\wininet.dll
2008-10-16 13:13 202,776 ----a-w c:\windows\system32\wuweb.dll
2008-10-16 13:13 1,809,944 ----a-w c:\windows\system32\wuaueng.dll
2008-10-16 13:12 561,688 ----a-w c:\windows\system32\wuapi.dll
2008-10-16 13:12 323,608 ----a-w c:\windows\system32\wucltui.dll
2008-10-16 13:09 92,696 ----a-w c:\windows\system32\cdm.dll
2008-10-16 13:09 51,224 ----a-w c:\windows\system32\wuauclt.exe
2008-10-16 13:09 43,544 ----a-w c:\windows\system32\wups2.dll
2008-10-16 13:08 34,328 ----a-w c:\windows\system32\wups.dll
.
((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-10-04 68856]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" [2008-07-17 490952]
"PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" [2008-10-02 1124352]
"Nokia.PCSync"="c:\program files\Nokia\Nokia PC Suite 7\PCSync2.exe" [2008-06-17 1249280]
"Gadu-Gadu"="c:\gadu-gadu\gg.exe" [2008-03-20 2127296]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"nod32kui"="c:\program files\Eset\nod32kui.exe" [2008-07-17 949376]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-10-22 7700480]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2006-10-22 86016]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2003-10-14 155648]
"PaperPort PTD"="c:\program files\ScanSoft\PaperPort\pptd40nt.exe" [2005-03-17 57393]
"IndexSearch"="c:\program files\ScanSoft\PaperPort\IndexSearch.exe" [2005-03-17 40960]
"SetDefPrt"="c:\program files\Brother\Brmfl05a\BrStDvPt.exe" [2005-01-26 49152]
"ControlCenter2.0"="c:\program files\Brother\ControlCenter2\brctrcen.exe" [2005-05-17 933888]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-01-14 136600]
"WMAAD"="c:\program files\Sony\WALKMAN Launcher\WMAAD.exe" [2007-02-16 110592]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2004-11-02 32768]
"MS LSASS 5"="c:\windows\system32\drivers\lsass.exe" [2009-01-14 15360]
"el"="c:\windows\system32\el32.dll" [2008-03-03 39936]
"QuickTime Task"="G:\qttask.exe" [2008-03-01 98304]
"nwiz"="nwiz.exe" [2006-10-22 c:\windows\system32\nwiz.exe]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
c:\documents and settings\Seba\Menu Start\Programy\Autostart\
OpenOffice.org 2.4.lnk - c:\program files\OpenOffice.org 2.4\program\quickstart.exe [2008-01-21 393216]
c:\documents and settings\All Users\Menu Start\Programy\Autostart\
Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2008-10-16 113664]
QuickTV.lnk - c:\program files\AVerTV\QuickTV.exe [2005-08-30 405504]
Status Monitor.lnk - c:\program files\Brother\Brmfcmon\BrMfcWnd.exe [2008-07-24 802816]
Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2008-05-26 123904]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2008-05-26 304128]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.dvsd"= c:\program files\Common Files\Sony Shared\VideoLib\sonydv.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"e:\\Program Files\\Gadu-Gadu\\gg.exe"=
"d:\\Program Files\\Gadu-Gadu\\gg.exe"=
"c:\\Documents and Settings\\Seba\\Pulpit\\Folder Darii ;)\\gry\\blobby\\volley.exe"=
"c:\\Program Files\\DNA\\btdna.exe"=
"d:\\Program Files\\BitTorrent\\bittorrent.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\SopCast\\adv\\SopAdver.exe"=
"c:\\Program Files\\SopCast\\SopCast.exe"=
"c:\\Program Files\\TVUPlayer\\TVUPlayer.exe"=
"d:\\TVAnts\\Tvants.exe"=
"c:\\Program Files\\Gadu-Gadu\\gg.exe"=
"c:\\Program Files\\Common Files\\Nokia\\Service Layer\\A\\nsl_host_process.exe"=
"c:\\Program Files\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe"=
"c:\\Gadu-Gadu\\gg.exe"=
"d:\\Program Files\\Microsoft Games\\Zoo Tycoon 2\\zt.exe"=
R1 nod32drv;nod32drv;c:\windows\system32\drivers\nod32drv.sys [2008-07-17 15424]
R4 CX88XBAR;AVerMedia, AVerTV Crossbar (88x);c:\windows\system32\drivers\cx88xbar.sys [2005-12-09 9312]
S3 ICScsiSV;Image Converter SCSI Service;c:\program files\Sony\IMAGE CONVERTER 3\ICScsiSV.exe [2008-08-28 75952]
S3 IcVzMonLauncher;IcVzMonLauncher;c:\program files\Sony\IMAGE CONVERTER 3\IcVzMonLauncher.exe [2008-08-28 67760]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [2008-12-10 138112]
S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [2008-12-10 8320]
.
Zawartość folderu 'Zaplanowane zadania'
2009-01-14 c:\windows\Tasks\At1.job
- c:\windows\system32\el32.dll [2008-03-03 23:03]
2009-01-14 c:\windows\Tasks\At10.job
- c:\windows\system32\el32.dll [2008-03-03 23:03]
2009-01-14 c:\windows\Tasks\At11.job
- c:\windows\system32\el32.dll [2008-03-03 23:03]
2009-01-16 c:\windows\Tasks\At12.job
- c:\windows\system32\el32.dll [2008-03-03 23:03]
2009-01-16 c:\windows\Tasks\At13.job
- c:\windows\system32\el32.dll [2008-03-03 23:03]
2009-01-14 c:\windows\Tasks\At14.job
- c:\windows\system32\el32.dll [2008-03-03 23:03]
2009-01-14 c:\windows\Tasks\At15.job
- c:\windows\system32\el32.dll [2008-03-03 23:03]
2009-01-15 c:\windows\Tasks\At16.job
- c:\windows\system32\el32.dll [2008-03-03 23:03]
2009-01-15 c:\windows\Tasks\At17.job
- c:\windows\system32\el32.dll [2008-03-03 23:03]
2009-01-15 c:\windows\Tasks\At18.job
- c:\windows\system32\el32.dll [2008-03-03 23:03]
2009-01-15 c:\windows\Tasks\At19.job
- c:\windows\system32\el32.dll [2008-03-03 23:03]
2009-01-14 c:\windows\Tasks\At2.job
- c:\windows\system32\el32.dll [2008-03-03 23:03]
2009-01-15 c:\windows\Tasks\At20.job
- c:\windows\system32\el32.dll [2008-03-03 23:03]
2009-01-15 c:\windows\Tasks\At21.job
- c:\windows\system32\el32.dll [2008-03-03 23:03]
2009-01-15 c:\windows\Tasks\At22.job
- c:\windows\system32\el32.dll [2008-03-03 23:03]
2009-01-15 c:\windows\Tasks\At23.job
- c:\windows\system32\el32.dll [2008-03-03 23:03]
2009-01-15 c:\windows\Tasks\At24.job
- c:\windows\system32\el32.dll [2008-03-03 23:03]
2009-01-14 c:\windows\Tasks\At3.job
- c:\windows\system32\el32.dll [2008-03-03 23:03]
2009-01-14 c:\windows\Tasks\At4.job
- c:\windows\system32\el32.dll [2008-03-03 23:03]
2009-01-14 c:\windows\Tasks\At5.job
- c:\windows\system32\el32.dll [2008-03-03 23:03]
2009-01-14 c:\windows\Tasks\At6.job
- c:\windows\system32\el32.dll [2008-03-03 23:03]
2009-01-15 c:\windows\Tasks\At7.job
- c:\windows\system32\el32.dll [2008-03-03 23:03]
2009-01-14 c:\windows\Tasks\At8.job
- c:\windows\system32\el32.dll [2008-03-03 23:03]
2009-01-14 c:\windows\Tasks\At9.job
- c:\windows\system32\el32.dll [2008-03-03 23:03]
2009-01-11 c:\windows\Tasks\Norton Security Scan for Seba.job
- c:\program files\Norton Security Scan\Nss.exe [2008-09-19 03:18]
.
- - - - USUNIĘTO PUSTE WPISY - - - -
HKLM-Run-MyWebSearch Plugin - c:\progra~1\MYWEBS~1\bar\2.bin\M3PLUGIN.DLL
HKLM-Run-My Web Search Bar Search Scope Monitor - c:\progra~1\MYWEBS~1\bar\2.bin\m3SrchMn.exe
HKLM-Run-Cmaudio - cmicnfg.cpl
.
------- Skan uzupełniający -------
.
uStart Page = hxxp://www.google.pl/
uInternet Connection Wizard,ShellNext = iexplore
IE: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZJman000
IE: E&ksport do programu Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Transfer by Image Converter 3 - c:\program files\SONY\IMAGE CONVERTER 3\menu.htm
LSP: c:\windows\system32\imon.dll
O16 -: {DE625294-70E6-45ED-B895-CFFA13AEB044} - hxxp://85.193.223.142:10200/activex/AMC.cab
c:\windows\Downloaded Program Files\setup.inf
FF - ProfilePath - c:\documents and settings\Seba\Dane aplikacji\Mozilla\Firefox\Profiles\434yujkc.default\
FF - plugin: c:\documents and settings\All Users\Dane aplikacji\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll
.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-01-16 13:17:08
Windows 5.1.2600 Dodatek Service Pack 3 NTFS
skanowanie ukrytych procesów ...
skanowanie ukrytych wpisów autostartu ...
skanowanie ukrytych plików ...
skanowanie pomyślnie ukończone
ukryte pliki: 0
**************************************************************************
.
--------------------- Pliki DLL ładowane pod uruchomionymi procesami ---------------------
- - - - - - - > 'lsass.exe'(608)
c:\windows\system32\imon.dll
c:\program files\Eset\pr_imon.dll
- - - - - - - > 'lsass.exe'(1556)
c:\windows\system32\imon.dll
c:\program files\Eset\pr_imon.dll
.
Czas ukończenia: 2009-01-16 13:19:28
ComboFix-quarantined-files.txt 2009-01-16 12:19:25
Przed: 14 779 797 504 bajtów wolnych
Po: 14,834,040,832 bajtów wolnych
WindowsXP-KB310994-SP2-Home-BootDisk-PLK.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect
280 --- E O F --- 2009-01-14 11:27:42
