ComboFix.txt

Log z combofixa - prosze o sprawdzenie

Prosiłbym o sprawdzenie kolejnego loga z drugiego kompa oto log:


ComboFix 09-03-06.02 - Administrator 2009-03-10 19:32:21.4 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1250.1.1045.18.511.238 [GMT 1:00]
Uruchomiony z: c:\documents and settings\Administrator\Moje dokumenty\Downloads\ComboFix.exe
AV: ESET NOD32 Antivirus 3.0 *On-access scanning disabled* (Updated)
* Utworzono nowy punkt przywracania

UWAGA - TEN KOMPUTER NIE MA ZAINSTALOWANEJ KONSOLI ODZYSKIWANIA !!
.

((((((((((((((((((((((((((((((((((((((( Usuni?to )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\Mozilla Firefox\plugins\NPMyGlSh.dll

.
((((((((((((((((((((((((( Pliki utworzone od 2009-02-10 do 2009-03-10 )))))))))))))))))))))))))))))))
.

2009-03-10 19:07 . 2009-03-10 19:07 361,728 --a------ c:\windows\system32\TuneUpDefragService.exe
2009-03-10 19:07 . 2008-07-18 15:05 28,416 --a------ c:\windows\system32\uxtuneup.dll
2009-03-10 19:06 . 2009-03-10 19:06 & lt; DIR & gt; d-------- c:\program files\TuneUp Utilities 2008
2009-03-10 19:06 . 2009-03-10 19:06 & lt; DIR & gt; d-------- c:\program files\Common Files\Wise Installation Wizard
2009-03-10 19:06 . 2009-03-10 19:06 & lt; DIR & gt; d-------- c:\documents and settings\All Users\Dane aplikacji\TuneUp Software
2009-03-10 19:06 . 2009-03-10 19:06 & lt; DIR & gt; d-------- c:\documents and settings\Administrator\Dane aplikacji\TuneUp Software
2009-03-03 17:09 . 2009-03-03 17:09 & lt; DIR & gt; d-------- c:\documents and settings\Administrator\Dane aplikacji\Nowe Gadu-Gadu
2009-03-03 17:08 . 2009-03-03 17:08 & lt; DIR & gt; d-------- c:\program files\Nowe Gadu-Gadu
2009-02-10 19:35 . 2009-02-10 19:35 & lt; DIR & gt; d-------- c:\windows\Sun
2009-02-10 19:34 . 2009-02-10 19:33 410,984 --a------ c:\windows\system32\deploytk.dll
2009-02-10 19:34 . 2009-02-10 19:33 73,728 --a------ c:\windows\system32\javacpl.cpl
2009-02-10 19:33 . 2009-02-10 19:33 & lt; DIR & gt; d-------- c:\program files\Java

.
(((((((((((((((((((((((((((((((((((((((( Sekcja Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-03-10 18:30 --------- d-----w c:\program files\DNA
2009-03-10 18:30 --------- d-----w c:\documents and settings\Administrator\Dane aplikacji\DNA
2009-03-10 18:05 --------- d-----w c:\program files\Opera
2009-02-15 16:50 --------- d-----w c:\documents and settings\Administrator\Dane aplikacji\BitTorrent
2009-01-27 18:33 --------- d-----w c:\program files\PITy
.

((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawid?owe wpisy nie s? pokazane
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
" BitTorrent DNA " = " c:\program files\DNA\btdna.exe " [2008-12-16 342848]
" Gadu-Gadu " = " c:\program files\Gadu-Gadu\gg.exe " [2008-03-20 2127296]
" Nowe Gadu-Gadu " = " c:\program files\Nowe Gadu-Gadu\gg.exe " [2009-02-27 9339496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
" NVRaidService " = " c:\windows\system32\nvraidservice.exe " [2004-06-11 83968]
" ATIPTA " = " c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe " [2004-11-30 344064]
" NeroFilterCheck " = " c:\windows\system32\NeroCheck.exe " [2001-07-09 155648]
" Adobe Reader Speed Launcher " = " c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe " [2008-01-11 39792]
" egui " = " c:\program files\ESET\ESET NOD32 Antivirus\egui.exe " [2008-07-01 1447168]
" lxccmon.exe " = " c:\program files\Lexmark 3300 Series\lxccmon.exe " [2005-02-21 192512]
" SunJavaUpdateSched " = " c:\program files\Java\jre6\bin\jusched.exe " [2009-02-10 148888]
" SoundMan " = " SOUNDMAN.EXE " [2004-07-27 c:\windows\SOUNDMAN.EXE]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
" CTFMON.EXE " = " c:\windows\system32\CTFMON.EXE " [2004-08-03 15360]

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
" EnableFirewall " = 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
" %windir%\\system32\\sessmgr.exe " =
" c:\\Program Files\\Gadu-Gadu\\gg.exe " =
" c:\\Program Files\\DNA\\btdna.exe " =
" c:\\Program Files\\BitTorrent\\bittorrent.exe " =

R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [2008-07-01 34312]
R2 ekrn;Eset Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [2008-07-01 468224]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Zawartośae folderu 'Zaplanowane zadania'

2009-03-10 c:\windows\Tasks\Konserwacja jednym klikni?ciem.job
- c:\program files\TuneUp Utilities 2008\OneClickStarter.exe [2008-08-27 12:09]
.
.
------- Skan uzupe?niaj?cy -------
.
uStart Page = hxxp://google.bearshare.com/pl
IE: Crawler Search - tbr:iemenu
IE: E & ksport do programu Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
Trusted Zone: com.pl\mks
Handler: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - c:\progra~1\Crawler\Toolbar\ctbr.dll
FF - ProfilePath - c:\documents and settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\pmwxovk1.default\
FF - plugin: c:\program files\Mozilla Firefox\plugins\npbittorrent.dll
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-03-10 19:33:14
Windows 5.1.2600 Dodatek Service Pack 2 NTFS

skanowanie ukrytych procesów ...

skanowanie ukrytych wpisów autostartu ...

skanowanie ukrytych plików ...

skanowanie pomyślnie uko?czone
ukryte pliki: 0

**************************************************************************
.
--------------------- Pliki DLL ?adowane pod uruchomionymi procesami ---------------------

- - - - - - - & gt; 'winlogon.exe'(672)
c:\windows\system32\Ati2evxx.dll
.
Czas uko?czenia: 2009-03-10 19:34:04
ComboFix-quarantined-files.txt 2009-03-10 18:33:55
ComboFix2.txt 2008-09-20 08:58:42

Przed: 9 370 275 840 bajtów wolnych
Po: 9,736,515,584 bajtów wolnych

101


Download file - link to post
  Search 5 million + Products