bardzo prosze o sprawdzenie logow :(
Zaczęły mi się ponownie pojawiać dziwne reklamy na stronach na ktorych tych reklam wczesniej nie bylo:( Prosze o pomoc...oto logi z HiJack This i ComboFix:
HiJack This:
Logfile of HijackThis v1.99.1
Scan saved at 14:25:56, on 2007-08-19
Platform: Windows XP Dodatek SP. 1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Sygate\SPF\smc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\System32\ctfmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\eMule\emule.exe
D:\z 40\E\Instalki\hijackthis\HijackThis.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: IeCatch5 Class - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\PROGRA~1\FlashGet\jccatch.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O2 - BHO: WebAssist - {85589B5D-D53D-4237-A677-46B82EA275F3} - C:\WINDOWS\WebAssist.dll
O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\PROGRA~1\FlashFXP\IEFlash.dll
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\fgiebar.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: Download All by FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: Download using FlashGet - C:\Program Files\FlashGet\jc_link.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O16 - DPF: {E0BE586C-7C66-4909-94D6-D18BBBDD6373} (????????????E) - http://app.filebank.co.jp/setup/win/fbx2.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs:
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Sygate Personal Firewall Pro (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\smc.exe
-------------------------------------------------------------------------------------
Combo Fix:
"Bellevar" - 2007-08-19 14:29:35 - ComboFix 07-07-14.6 - Dodatek Service Pack. 1 NTFS
((((((((((((((((((((((((( Files Created from 2007-07-19 to 2007-08-19 )))))))))))))))))))))))))))))))
2007-08-19 13:13 84,992 --a------ C:\WINDOWS\WebAssist.dll
2007-08-19 13:02 26,176 --a------ C:\WINDOWS\system32\Fm2336c4.exe
2007-08-16 13:23 d-------- C:\eMule Incoming
2007-08-14 11:15 11,616 --a------ C:\WINDOWS\system32\drivers\SECDRV.SYS
2007-07-27 11:33 4,096 --a------ C:\WINDOWS\d3dx.dat
2007-07-24 20:35 d-------- C:\C64
2007-07-22 14:48 1 --a------ C:\WINDOWS\system32\ps.dat
2007-07-22 14:43 50,688 --a------ C:\WINDOWS\system32\zoox1.dll
2007-07-20 19:09 51,200 --a------ C:\WINDOWS\nircmd.exe
2007-07-19 22:24 95,872 --a------ C:\WINDOWS\system32\AVASTSS.scr
2007-07-19 22:24 94,552 --a------ C:\WINDOWS\system32\drivers\aswmon2.sys
2007-07-19 22:24 85,952 --a------ C:\WINDOWS\system32\drivers\aswmon.sys
2007-07-19 22:24 745,600 --a------ C:\WINDOWS\system32\aswBoot.exe
2007-07-19 22:24 43,176 --a------ C:\WINDOWS\system32\drivers\aswTdi.sys
2007-07-19 22:24 26,888 --a------ C:\WINDOWS\system32\drivers\aavmker4.sys
2007-07-19 22:24 23,416 --a------ C:\WINDOWS\system32\drivers\aswRdr.sys
2007-07-19 21:02 d-------- C:\Program Files\Mp3 Knife
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
2007-08-19 12:30:46 19,403 ----a-w C:\WINDOWS\system32\wiavuud.dat
2007-08-19 12:24:52 5,518 ----a-w C:\WINDOWS\system32\kbdlp.dat
2007-08-19 12:24:52 21,976 ----a-w C:\WINDOWS\system32\vga2s6v.dat
2007-08-19 12:24:52 0 ----a-w C:\WINDOWS\system32\vgak.dat
2007-08-19 12:24:42 4,042 ----a-w C:\WINDOWS\system32\comptbj.dat
2007-08-19 12:24:42 3,964 ----a-w C:\WINDOWS\system32\nvwrsok.dat
2007-08-19 12:24:42 27,714 ----a-w C:\WINDOWS\system32\dmsydths.dat
2007-08-19 12:24:42 0 ----a-w C:\WINDOWS\system32\ole2nlx.dat
2007-08-19 12:16:43 -------- d-----w C:\Program Files\FlashGet
2007-08-19 12:07:43 -------- d-----w C:\Program Files\eMule
2007-08-19 09:55:10 365 ----a-w C:\WINDOWS\system32\ctl3ov2c.dat
2007-08-18 17:22:48 -------- d-----w C:\Program Files\mIRC
2007-08-18 11:38:30 -------- d-----w C:\DOCUME~1\Bellevar\DANEAP~1\Azureus
2007-08-15 16:17:42 -------- d-----w C:\DOCUME~1\Bellevar\DANEAP~1\Skype
2007-07-31 22:03:10 -------- d-----w C:\Program Files\Warcraft III
2007-07-17 20:10:27 -------- d-----w C:\DOCUME~1\Bellevar\DANEAP~1\Hamachi
2007-07-12 15:00:55 -------- d--h--w C:\Program Files\InstallShield Installation Information
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
2004-12-14 11:56 63136 -ra------ C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{2F364306-AA45-47B5-9F9D-39A8B94E7EF7}]
2006-05-16 15:19 81920 --a------ C:\PROGRA~1\FlashGet\jccatch.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
2005-05-31 02:04 853672 --a------ C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
2006-09-07 17:06 434279 --a------ C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{85589B5D-D53D-4237-A677-46B82EA275F3}]
2007-08-19 13:13 84992 --a------ C:\WINDOWS\WebAssist.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{E5A1691B-D188-4419-AD02-90002030B8EE}]
2006-03-31 23:27 191096 --a------ C:\PROGRA~1\FlashFXP\IEFlash.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"="SOUNDMAN.EXE" [2005-06-20 15:42 C:\WINDOWS\SOUNDMAN.EXE]
"nwiz"="nwiz.exe" [2005-06-15 11:20 C:\WINDOWS\system32\nwiz.exe]
"SmcService"="C:\PROGRA~1\Sygate\SPF\smc.exe" [2004-08-13 20:05]
"DAEMON Tools"="C:\Program Files\DAEMON Tools\daemon.exe" [2006-09-14 22:09]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-04-30 17:42]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\ctfmon.exe" [2002-09-20 19:05]
[HKEY_USERS\.default\software\microsoft\windows\currentversion\runonce]
"RunNarrator"=Narrator.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls"=
Contents of the 'Scheduled Tasks' folder
2007-05-01 08:00:00 C:\WINDOWS\tasks\At1.job
2007-08-19 04:00:00 C:\WINDOWS\tasks\At10.job
2007-08-19 05:00:00 C:\WINDOWS\tasks\At11.job
2007-08-19 06:00:00 C:\WINDOWS\tasks\At12.job
2007-08-19 07:00:00 C:\WINDOWS\tasks\At13.job
2007-08-19 08:00:00 C:\WINDOWS\tasks\At14.job
2007-08-19 09:00:00 C:\WINDOWS\tasks\At15.job
2007-08-19 10:00:00 C:\WINDOWS\tasks\At16.job
2007-08-19 11:00:00 C:\WINDOWS\tasks\At17.job
2007-08-19 12:00:00 C:\WINDOWS\tasks\At18.job
2007-08-18 13:00:00 C:\WINDOWS\tasks\At19.job
2007-08-01 18:00:00 C:\WINDOWS\tasks\At2.job
2007-08-18 14:00:00 C:\WINDOWS\tasks\At20.job
2007-08-18 15:00:00 C:\WINDOWS\tasks\At21.job
2007-08-18 16:00:00 C:\WINDOWS\tasks\At22.job
2007-08-18 17:00:00 C:\WINDOWS\tasks\At23.job
2007-08-18 18:00:00 C:\WINDOWS\tasks\At24.job
2007-08-18 19:00:00 C:\WINDOWS\tasks\At25.job
2007-08-18 20:00:00 C:\WINDOWS\tasks\At26.job
2007-08-18 21:00:00 C:\WINDOWS\tasks\At27.job
2007-08-19 11:02:15 C:\WINDOWS\tasks\At29.job
2007-08-01 12:00:00 C:\WINDOWS\tasks\At3.job
2007-08-19 11:02:15 C:\WINDOWS\tasks\At30.job
2007-08-19 11:02:15 C:\WINDOWS\tasks\At31.job
2007-08-19 11:02:15 C:\WINDOWS\tasks\At32.job
2007-08-19 11:02:15 C:\WINDOWS\tasks\At33.job
2007-08-19 11:02:15 C:\WINDOWS\tasks\At34.job
2007-08-19 11:02:15 C:\WINDOWS\tasks\At35.job
2007-08-19 11:02:15 C:\WINDOWS\tasks\At36.job
2007-08-19 11:02:15 C:\WINDOWS\tasks\At37.job
2007-08-19 11:02:15 C:\WINDOWS\tasks\At38.job
2007-08-19 11:02:15 C:\WINDOWS\tasks\At39.job
2007-08-18 22:00:00 C:\WINDOWS\tasks\At4.job
2007-08-19 11:02:15 C:\WINDOWS\tasks\At40.job
2007-08-19 11:02:15 C:\WINDOWS\tasks\At41.job
2007-08-19 11:02:15 C:\WINDOWS\tasks\At42.job
2007-08-19 12:01:00 C:\WINDOWS\tasks\At43.job
2007-08-19 11:02:15 C:\WINDOWS\tasks\At44.job
2007-08-19 11:02:15 C:\WINDOWS\tasks\At45.job
2007-08-19 11:02:15 C:\WINDOWS\tasks\At46.job
2007-08-19 11:02:15 C:\WINDOWS\tasks\At47.job
2007-08-19 11:02:15 C:\WINDOWS\tasks\At48.job
2007-08-19 11:02:15 C:\WINDOWS\tasks\At49.job
2007-08-18 23:00:00 C:\WINDOWS\tasks\At5.job
2007-08-19 11:02:15 C:\WINDOWS\tasks\At50.job
2007-08-19 11:02:15 C:\WINDOWS\tasks\At51.job
2007-08-19 11:02:15 C:\WINDOWS\tasks\At52.job
2007-08-19 00:00:00 C:\WINDOWS\tasks\At6.job
2007-08-19 01:00:00 C:\WINDOWS\tasks\At7.job
2007-08-19 02:00:00 C:\WINDOWS\tasks\At8.job
2007-08-19 03:00:00 C:\WINDOWS\tasks\At9.job
**************************************************************************
catchme 0.3.915 W2K/XP/Vista - rootkit detector by Gmer, http://www.gmer.net
Rootkit scan 2007-08-19 14:30:50
Windows 5.1.2600 Dodatek Service Pack. 1 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
Completion time: 2007-08-19 14:31:11
C:\ComboFix-quarantined-files.txt ... 2007-08-19 14:30
--- E O F ---
Odpowiedzi: 2
O2 - BHO: WebAssist - {85589B5D-D53D-4237-A677-46B82EA275F3} - C:\WINDOWS\WebAssist.dll
Parasite detected by Kaspersky, http://www.kaspersky.com/ antivirus as not-a-virus:AdWare.Win32.Agent.db
to jeszcze...
A tak na przyszłość: [url=http://forum.centrumxp.pl/Default.aspx?g=posts&t=84673]link[/url]
poki co sam uporalem sie z tymi zadaniami i usunalem plik C:\WINDOWS\system32\Fm2336c4.exe ale nadal mam te dziwne reklamy...log z combo fix wyglada teraz tak:
"Bellevar" - 2007-08-19 15:03:46 - ComboFix 07-07-14.6 - Dodatek Service Pack. 1 NTFS
((((((((((((((((((((((((( Files Created from 2007-07-19 to 2007-08-19 )))))))))))))))))))))))))))))))
2007-08-19 13:13 84,992 --a------ C:\WINDOWS\WebAssist.dll
2007-08-16 13:23 d-------- C:\eMule Incoming
2007-08-14 11:15 11,616 --a------ C:\WINDOWS\system32\drivers\SECDRV.SYS
2007-07-27 11:33 4,096 --a------ C:\WINDOWS\d3dx.dat
2007-07-24 20:35 d-------- C:\C64
2007-07-22 14:48 1 --a------ C:\WINDOWS\system32\ps.dat
2007-07-22 14:43 50,688 --a------ C:\WINDOWS\system32\zoox1.dll
2007-07-20 19:09 51,200 --a------ C:\WINDOWS\nircmd.exe
2007-07-19 22:24 95,872 --a------ C:\WINDOWS\system32\AVASTSS.scr
2007-07-19 22:24 94,552 --a------ C:\WINDOWS\system32\drivers\aswmon2.sys
2007-07-19 22:24 85,952 --a------ C:\WINDOWS\system32\drivers\aswmon.sys
2007-07-19 22:24 745,600 --a------ C:\WINDOWS\system32\aswBoot.exe
2007-07-19 22:24 43,176 --a------ C:\WINDOWS\system32\drivers\aswTdi.sys
2007-07-19 22:24 26,888 --a------ C:\WINDOWS\system32\drivers\aavmker4.sys
2007-07-19 22:24 23,416 --a------ C:\WINDOWS\system32\drivers\aswRdr.sys
2007-07-19 21:02 d-------- C:\Program Files\Mp3 Knife
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
2007-08-19 13:04:01 4,092 ----a-w C:\WINDOWS\system32\nvwrsok.dat
2007-08-19 13:04:01 4,066 ----a-w C:\WINDOWS\system32\comptbj.dat
2007-08-19 13:04:01 27,738 ----a-w C:\WINDOWS\system32\dmsydths.dat
2007-08-19 13:04:01 0 ----a-w C:\WINDOWS\system32\ole2nlx.dat
2007-08-19 13:03:34 5,614 ----a-w C:\WINDOWS\system32\kbdlp.dat
2007-08-19 13:03:34 22,072 ----a-w C:\WINDOWS\system32\vga2s6v.dat
2007-08-19 13:03:34 19,675 ----a-w C:\WINDOWS\system32\wiavuud.dat
2007-08-19 13:03:34 0 ----a-w C:\WINDOWS\system32\vgak.dat
2007-08-19 12:16:43 -------- d-----w C:\Program Files\FlashGet
2007-08-19 12:07:43 -------- d-----w C:\Program Files\eMule
2007-08-19 09:55:10 365 ----a-w C:\WINDOWS\system32\ctl3ov2c.dat
2007-08-18 17:22:48 -------- d-----w C:\Program Files\mIRC
2007-08-18 11:38:30 -------- d-----w C:\DOCUME~1\Bellevar\DANEAP~1\Azureus
2007-08-15 16:17:42 -------- d-----w C:\DOCUME~1\Bellevar\DANEAP~1\Skype
2007-07-31 22:03:10 -------- d-----w C:\Program Files\Warcraft III
2007-07-17 20:10:27 -------- d-----w C:\DOCUME~1\Bellevar\DANEAP~1\Hamachi
2007-07-12 15:00:55 -------- d--h--w C:\Program Files\InstallShield Installation Information
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
2004-12-14 11:56 63136 -ra------ C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{2F364306-AA45-47B5-9F9D-39A8B94E7EF7}]
2006-05-16 15:19 81920 --a------ C:\PROGRA~1\FlashGet\jccatch.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
2005-05-31 02:04 853672 --a------ C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
2006-09-07 17:06 434279 --a------ C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{85589B5D-D53D-4237-A677-46B82EA275F3}]
2007-08-19 13:13 84992 --a------ C:\WINDOWS\WebAssist.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{E5A1691B-D188-4419-AD02-90002030B8EE}]
2006-03-31 23:27 191096 --a------ C:\PROGRA~1\FlashFXP\IEFlash.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"="SOUNDMAN.EXE" [2005-06-20 15:42 C:\WINDOWS\SOUNDMAN.EXE]
"nwiz"="nwiz.exe" [2005-06-15 11:20 C:\WINDOWS\system32\nwiz.exe]
"SmcService"="C:\PROGRA~1\Sygate\SPF\smc.exe" [2004-08-13 20:05]
"DAEMON Tools"="C:\Program Files\DAEMON Tools\daemon.exe" [2006-09-14 22:09]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-04-30 17:42]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\ctfmon.exe" [2002-09-20 19:05]
[HKEY_USERS\.default\software\microsoft\windows\currentversion\runonce]
"RunNarrator"=Narrator.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls"=
**************************************************************************
catchme 0.3.915 W2K/XP/Vista - rootkit detector by Gmer, http://www.gmer.net
Rootkit scan 2007-08-19 15:04:04
Windows 5.1.2600 Dodatek Service Pack. 1 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
Completion time: 2007-08-19 15:04:27
C:\ComboFix-quarantined-files.txt ... 2007-08-19 15:04
C:\ComboFix2.txt ... 2007-08-19 14:31
--- E O F ---
Strona 1 / 1