Skocz do zawartości

lebronek23

Użytkownik
 Pokaż profil  Zobacz aktywność

  • Postów

    1

  • Dołączył

  • Ostatnia wizyta

Osiągnięcia lebronek23

Newbie

Newbie (1/14)

0

Reputacja

  1. lebronek23
    Prosze o sprawdzenie logo. Avast wykrywa mi go jako win32 kavos ComboFix 08-02-17.2 - pawel 2008-02-17 1:54:16.1 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1250.1.1045.18.506 [GMT 1:00] Running from: E:\combofix\ComboFix.exe Command switches used :: C:\Documents and Settings\pawel\Pulpit\CFScript.txt * Created a new restore point WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! FILE :: C:\188qsm.bat C:\xo8wr9.exe L:\188qsm.bat L:\xo8wr9.exe . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . C:\188qsm.bat C:\Autorun.inf C:\Documents and Settings\All Users\Dane aplikacji\Microsoft\Network\Downloader\qmgr0.dat C:\Documents and Settings\All Users\Dane aplikacji\Microsoft\Network\Downloader\qmgr1.dat C:\WINDOWS\system32\amvo.exe C:\xo8wr9.exe E:\Autorun.inf ----- BITS: Possible infected sites ----- hxxp://au.download.windowsupdate.c . ((((((((((((((((((((((((( Files Created from 2008-01-17 to 2008-02-17 ))))))))))))))))))))))))))))))) . 2008-02-16 22:40 . 2008-02-16 22:40 <DIR> d-------- C:\Documents and Settings\pawel\Dane aplikacji\PC Tools 2008-02-16 22:40 . 2008-02-17 00:03 <DIR> d-a------ C:\Documents and Settings\All Users\Dane aplikacji\TEMP 2008-02-16 22:40 . 2007-12-10 14:53 81,288 --a------ C:\WINDOWS\system32\drivers\iksyssec.sys 2008-02-16 22:40 . 2007-12-10 14:53 66,952 --a------ C:\WINDOWS\system32\drivers\iksysflt.sys 2008-02-16 22:40 . 2007-12-10 14:53 41,864 --a------ C:\WINDOWS\system32\drivers\ikfilesec.sys 2008-02-16 22:40 . 2007-12-10 14:53 29,576 --a------ C:\WINDOWS\system32\drivers\kcom.sys 2008-02-16 19:24 . 1998-10-29 16:45 306,688 --a------ C:\WINDOWS\IsUninst.exe 2008-02-16 19:24 . 2008-02-16 19:24 260 --a------ C:\WINDOWS\_delis32.ini 2008-02-03 15:13 . 2008-02-04 16:24 103,367 -r-hs---- C:\2ifetri.cmd 2008-01-30 11:04 . 2008-02-01 16:28 103,574 -r-hs---- C:\h.cmd 2008-01-29 18:21 . 2008-01-29 18:21 <DIR> d-------- C:\Program Files\Miranda IM 2008-01-29 18:21 . 2008-01-29 18:22 <DIR> d-------- C:\Documents and Settings\pawel\Dane aplikacji\Miranda 2008-01-29 18:10 . 2008-01-29 18:10 <DIR> d-------- C:\Program Files\Gadu-Gadu 2008-01-29 18:10 . 2008-02-03 22:40 <DIR> d-------- C:\Documents and Settings\pawel\Gadu-Gadu 2008-01-29 14:28 . 2008-01-29 16:43 103,894 -r-hs---- C:\ylr.exe 2008-01-28 08:46 . 2008-01-28 08:46 54,784 -r-hs---- C:\WINDOWS\system32\amvo2.dll 2008-01-23 20:46 . 2008-01-24 10:09 106,936 -r-hs---- C:\awda2.exe . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-02-16 18:24 --------- d-----w C:\Program Files\Common Files\Logitech 2008-02-15 09:50 --------- d-----w C:\Documents and Settings\pawel\Dane aplikacji\Skype 2007-12-28 13:30 --------- d-----w C:\Program Files\Microsoft CAPICOM 2.1.0.2 2007-12-25 14:32 --------- d--h--w C:\Program Files\InstallShield Installation Information 2007-12-25 14:32 --------- d-----w C:\Program Files\Logitech 2007-12-25 14:24 --------- d-----w C:\Program Files\Common Files\InstallShield 2007-12-18 09:51 179,584 ----a-w C:\WINDOWS\system32\drivers\mrxdav.sys 2007-12-07 02:14 824,832 ----a-w C:\WINDOWS\system32\wininet.dll 2007-12-04 18:42 550,912 ----a-w C:\WINDOWS\system32\oleaut32.dll 2007-12-04 13:04 837,496 ----a-w C:\WINDOWS\system32\aswBoot.exe 2007-12-04 12:54 95,608 ----a-w C:\WINDOWS\system32\AvastSS.scr . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-03 23:44 15360] "Twoje TVN24"="E:\Pasek TVN24\tvn-ustawienia.exe" [2007-11-27 17:06 2744400] "MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [2007-10-18 11:34 5724184] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-12-04 14:00 79224] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 00:11 132496] "WinampAgent"="E:\jet player\Winamp\winampa.exe" [ ] "Skrót do strony właściwości High Definition Audio"="HDAShCut.exe" [2005-01-07 16:07 61952 C:\WINDOWS\system32\HdAShCut.exe] "RTHDCPL"="RTHDCPL.EXE" [2006-11-14 16:21 16270848 C:\WINDOWS\RTHDCPL.exe] "SkyTel"="SkyTel.EXE" [2006-05-16 17:04 2879488 C:\WINDOWS\SkyTel.exe] "VTTimer"="VTTimer.exe" [2006-09-21 15:36 53248 C:\WINDOWS\system32\VTTimer.exe] "S3Trayp"="S3trayp.exe" [2006-10-10 04:14 176128 C:\WINDOWS\system32\S3Trayp.exe] "ISTray"="E:\doctor\Spyware Doctor\pctsTray.exe" [2007-12-10 14:53 1103752] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-03 23:44 15360] R2 regi;regi;C:\WINDOWS\system32\drivers\regi.sys [2007-01-03 10:19] R3 S3GIGP;S3GIGP;C:\WINDOWS\system32\DRIVERS\S3gIGPm.sys [2006-11-15 08:38] S2 par1284;par1284;C:\WINDOWS\system32\drivers\par1284.sys [2003-05-08 09:44] S2 STM Parallel Driver;STM Parallel Driver;C:\WINDOWS\system32\drivers\parstm.sys [2003-07-09 14:31] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8e88b516-c420-11dc-b338-0040d0b45c88}] \Shell\AutoRun\command - F:\semo2x.exe \Shell\explore\Command - F:\semo2x.exe \Shell\open\Command - F:\semo2x.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8e88b519-c420-11dc-b338-0040d0b45c88}] \Shell\AutoRun\command - F:\semo2x.exe \Shell\explore\Command - F:\semo2x.exe \Shell\open\Command - F:\semo2x.exe *Newly Created Service* - IKFILESEC *Newly Created Service* - IKSYSFLT *Newly Created Service* - IKSYSSEC *Newly Created Service* - MCHINJDRV *Newly Created Service* - SDAUXSERVICE *Newly Created Service* - SDCORESERVICE . Contents of the 'Scheduled Tasks' folder "2008-02-17 00:31:01 C:\WINDOWS\Tasks\Sprawdź aktualizacje paska narzędzi Windows Live Toolbar.job" - C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE . ************************************************************************** catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-02-17 01:56:13 Windows 5.1.2600 Dodatek Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . Completion time: 2008-02-17 1:57:47 ComboFix-quarantined-files.txt 2008-02-17 00:57:44 . 2008-02-13 15:55:31 --- E O F ---
×
×
  • Dodaj nową pozycję...