Malware-gen, Win32: AuCrypt, Win32: Adware-gen. log

przez **jarowia** » 14 Lip 2008, 21:11

Avast wykrył i usunął wirusy o nazwie: Malware-gen, Win32: AuCrypt, Win32: Adware-gen.
Póżniej uruchomiłam CoomboFix.
Bardzo proszę o spr loga:
ComboFix 08-07-13.6 - Pierwszy 2008-07-13 21:59:50.3 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1250.1.1045.18.59 [GMT 2:00]
Running from: C:\Documents and Settings\Pierwszy\Pulpit\ComboFix.exe
* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((( Files Created from 2008-06-13 to 2008-07-13 )))))))))))))))))))))))))))))))
.

2008-06-14 09:45 . 2008-06-14 20:01 273,024 --------- C:\WINDOWS\system32\drivers\bthport.sys
2008-06-14 09:45 . 2008-06-14 20:01 273,024 -----c--- C:\WINDOWS\system32\dllcache\bthport.sys

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-07-13 19:50 --------- d-----w C:\Documents and Settings\Pierwszy\Dane aplikacji\Skype
2008-07-13 18:51 --------- d-----w C:\Documents and Settings\Pierwszy\Dane aplikacji\skypePM
2008-05-07 05:16 1,291,264 ----a-w C:\WINDOWS\system32\quartz.dll
2008-04-23 07:20 826,368 ----a-w C:\WINDOWS\system32\wininet.dll
2008-03-03 18:49 32 ----a-w C:\Documents and Settings\All Users\Dane aplikacji\ezsid.dat
.

((((((((((((((((((((((((((((( snapshot@2008-04-30_23.49.57,09 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-02-26 11:49:59 297,984 ----a-w C:\WINDOWS\$hf_mig$\KB932823-v3\SP2QFE\msctf.dll
+ 2007-03-06 03:28:35 16,096 ----a-w C:\WINDOWS\$hf_mig$\KB932823-v3\spmsg.dll
+ 2007-03-06 03:28:40 216,288 ----a-w C:\WINDOWS\$hf_mig$\KB932823-v3\spuninst.exe
+ 2007-03-06 03:28:33 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB932823-v3\update\spcustom.dll
+ 2007-03-06 03:28:58 723,680 ----a-w C:\WINDOWS\$hf_mig$\KB932823-v3\update\update.exe
+ 2007-03-06 03:29:50 386,784 ----a-w C:\WINDOWS\$hf_mig$\KB932823-v3\update\updspapi.dll
+ 2008-01-23 04:56:21 554,008 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\dao360.dll
+ 2007-12-10 12:41:11 518,944 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msexch40.dll
+ 2007-12-10 12:41:11 326,432 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msexcl40.dll
+ 2007-12-10 12:41:11 1,516,568 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msjet40.dll
+ 2007-12-10 12:41:11 355,112 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msjetol1.dll
+ 2007-11-01 05:16:26 178,976 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msjint40.dll
+ 2007-12-10 12:41:12 60,192 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msjter40.dll
+ 2007-12-10 12:41:12 248,608 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msjtes40.dll
+ 2007-12-10 12:41:12 219,936 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msltus40.dll
+ 2007-12-10 12:41:12 355,104 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\mspbde40.dll
+ 2007-12-10 12:41:13 432,928 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msrd2x40.dll
+ 2007-12-10 12:41:13 322,336 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msrd3x40.dll
+ 2007-12-10 12:41:13 559,904 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msrepl40.dll
+ 2007-12-10 12:41:13 264,992 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\mstext40.dll
+ 2007-12-10 12:41:13 838,432 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\mswdat10.dll
+ 2007-11-01 05:16:27 621,344 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\mswstr10.dll
+ 2007-12-10 12:41:14 355,104 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msxbde40.dll
+ 2007-03-06 03:28:35 16,096 ----a-w C:\WINDOWS\$hf_mig$\KB950749\spmsg.dll
+ 2007-03-06 03:28:40 216,288 ----a-w C:\WINDOWS\$hf_mig$\KB950749\spuninst.exe
+ 2007-03-06 03:28:33 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB950749\update\spcustom.dll
+ 2007-03-06 03:28:58 723,680 ----a-w C:\WINDOWS\$hf_mig$\KB950749\update\update.exe
+ 2007-03-06 03:29:50 386,784 ----a-w C:\WINDOWS\$hf_mig$\KB950749\update\updspapi.dll
+ 2004-08-04 12:00:00 294,400 -c----w C:\WINDOWS\$NtUninstallKB932823-v3$\msctf.dll
+ 2007-03-06 03:28:40 216,288 -c----w C:\WINDOWS\$NtUninstallKB932823-v3$\spuninst\spuninst.exe
+ 2007-03-06 03:29:50 386,784 -c----w C:\WINDOWS\$NtUninstallKB932823-v3$\spuninst\updspapi.dll
+ 2004-08-04 12:00:00 561,179 -c----w C:\WINDOWS\$NtUninstallKB950749$\dao360.dll
+ 2004-08-04 12:00:00 512,029 -c----w C:\WINDOWS\$NtUninstallKB950749$\msexch40.dll
+ 2004-08-04 12:00:00 319,517 -c----w C:\WINDOWS\$NtUninstallKB950749$\msexcl40.dll
+ 2004-08-04 12:00:00 1,507,356 -c----w C:\WINDOWS\$NtUninstallKB950749$\msjet40.dll
+ 2004-08-04 12:00:00 358,976 -c----w C:\WINDOWS\$NtUninstallKB950749$\msjetol1.dll
+ 2004-08-04 12:00:00 358,976 -c----w C:\WINDOWS\$NtUninstallKB950749$\msjetoledb40.dll
+ 2004-08-04 12:00:00 172,063 -c----w C:\WINDOWS\$NtUninstallKB950749$\msjint40.dll
+ 2004-08-04 12:00:00 53,279 -c----w C:\WINDOWS\$NtUninstallKB950749$\msjter40.dll
+ 2004-08-04 12:00:00 241,693 -c----w C:\WINDOWS\$NtUninstallKB950749$\msjtes40.dll
+ 2004-08-04 12:00:00 213,023 -c----w C:\WINDOWS\$NtUninstallKB950749$\msltus40.dll
+ 2004-08-04 12:00:00 348,189 -c----w C:\WINDOWS\$NtUninstallKB950749$\mspbde40.dll
+ 2004-08-04 12:00:00 421,919 -c----w C:\WINDOWS\$NtUninstallKB950749$\msrd2x40.dll
+ 2004-08-04 12:00:00 315,423 -c----w C:\WINDOWS\$NtUninstallKB950749$\msrd3x40.dll
+ 2004-08-04 12:00:00 552,989 -c----w C:\WINDOWS\$NtUninstallKB950749$\msrepl40.dll
+ 2004-08-04 12:00:00 258,077 -c----w C:\WINDOWS\$NtUninstallKB950749$\mstext40.dll
+ 2004-08-04 12:00:00 831,519 -c----w C:\WINDOWS\$NtUninstallKB950749$\mswdat10.dll
+ 2004-08-04 12:00:00 614,429 -c----w C:\WINDOWS\$NtUninstallKB950749$\mswstr10.dll
+ 2004-08-04 12:00:00 348,189 -c----w C:\WINDOWS\$NtUninstallKB950749$\msxbde40.dll
+ 2007-03-06 03:28:40 216,288 -c----w C:\WINDOWS\$NtUninstallKB950749$\spuninst\spuninst.exe
+ 2007-03-06 03:29:50 386,784 -c----w C:\WINDOWS\$NtUninstallKB950749$\spuninst\updspapi.dll
- 2008-04-30 20:50:44 2,048 --s-a-w C:\WINDOWS\bootstat.dat
+ 2008-07-13 19:48:52 2,048 --s-a-w C:\WINDOWS\bootstat.dat
+ 2008-06-14 18:01:34 273,024 ------w C:\WINDOWS\Driver Cache\i386\bthport.sys
- 2000-08-31 06:00:00 73,728 ----a-w C:\WINDOWS\fdsv.exe
+ 2000-08-31 06:00:00 89,504 ----a-w C:\WINDOWS\fdsv.exe
+ 2008-03-01 13:02:23 124,928 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\advpack.dll
+ 2008-03-01 13:02:23 347,136 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\dxtmsft.dll
+ 2008-03-01 13:02:23 214,528 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\dxtrans.dll
+ 2008-03-01 13:02:23 133,120 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\extmgr.dll
+ 2008-03-01 13:02:23 63,488 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\icardie.dll
+ 2008-02-29 08:59:00 70,656 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\ie4uinit.exe
+ 2008-03-01 13:02:23 153,088 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\ieakeng.dll
+ 2008-03-01 13:02:23 230,400 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\ieaksie.dll
+ 2008-02-15 05:44:25 161,792 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\ieakui.dll
+ 2008-03-01 13:02:24 383,488 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\ieapfltr.dll
+ 2008-03-01 13:02:24 384,512 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\iedkcs32.dll
+ 2008-03-01 13:02:26 6,066,176 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\ieframe.dll
+ 2008-03-01 13:02:26 44,544 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\iernonce.dll
+ 2008-03-01 13:02:26 267,776 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\iertutil.dll
+ 2008-02-22 10:00:51 13,824 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\ieudinit.exe
+ 2008-02-29 08:59:23 625,664 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\iexplore.exe
+ 2008-03-01 13:02:27 27,648 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\jsproxy.dll
+ 2008-03-01 13:02:27 459,264 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\msfeeds.dll
+ 2008-03-01 13:02:27 52,224 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\msfeedsbs.dll
+ 2008-03-01 16:32:30 3,591,680 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\mshtml.dll
+ 2008-03-01 13:02:29 478,208 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\mshtmled.dll
+ 2008-03-01 13:02:29 193,024 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\msrating.dll
+ 2008-03-01 13:02:29 671,232 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\mstime.dll
+ 2008-03-01 13:02:29 102,912 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\occache.dll
+ 2008-03-01 13:02:29 44,544 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\pngfilt.dll
+ 2007-03-06 03:28:39 216,288 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe
+ 2007-03-06 03:29:50 386,784 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\updspapi.dll
+ 2008-03-01 13:02:29 105,984 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\url.dll
+ 2008-03-01 13:02:29 1,159,680 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\urlmon.dll
+ 2008-03-01 13:02:29 233,472 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\webcheck.dll
+ 2008-03-01 13:02:29 826,368 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\wininet.dll
- 2000-08-31 06:00:00 28,160 ----a-w C:\WINDOWS\Nircmd.exe
+ 2000-08-31 06:00:00 28,672 ----a-w C:\WINDOWS\Nircmd.exe
- 2008-03-01 13:02:23 124,928 ----a-w C:\WINDOWS\system32\advpack.dll
+ 2008-04-23 07:20:42 124,928 ----a-w C:\WINDOWS\system32\advpack.dll
- 2008-03-29 17:45:49 1,146,232 ----a-w C:\WINDOWS\system32\aswBoot.exe
+ 2008-05-15 23:24:43 1,152,888 ----a-w C:\WINDOWS\system32\aswBoot.exe
- 2008-03-29 17:23:22 95,608 ----a-w C:\WINDOWS\system32\AvastSS.scr
+ 2008-05-15 23:12:36 95,608 ----a-w C:\WINDOWS\system32\AvastSS.scr
- 2008-03-01 13:02:23 124,928 -c----w C:\WINDOWS\system32\dllcache\advpack.dll
+ 2008-04-23 07:20:42 124,928 -c----w C:\WINDOWS\system32\dllcache\advpack.dll
- 2004-08-04 12:00:00 561,179 -c--a-w C:\WINDOWS\system32\dllcache\dao360.dll
+ 2008-03-25 04:50:25 554,008 -c--a-w C:\WINDOWS\system32\dllcache\dao360.dll
- 2008-03-01 13:02:23 347,136 -c--a-w C:\WINDOWS\system32\dllcache\dxtmsft.dll
+ 2008-04-23 07:20:42 347,136 -c--a-w C:\WINDOWS\system32\dllcache\dxtmsft.dll
- 2008-03-01 13:02:23 214,528 -c----w C:\WINDOWS\system32\dllcache\dxtrans.dll
+ 2008-04-23 07:20:42 214,528 -c----w C:\WINDOWS\system32\dllcache\dxtrans.dll
- 2008-03-01 13:02:23 133,120 -c----w C:\WINDOWS\system32\dllcache\extmgr.dll
+ 2008-04-23 07:20:42 133,120 -c----w C:\WINDOWS\system32\dllcache\extmgr.dll
- 2008-03-01 13:02:23 63,488 -c----w C:\WINDOWS\system32\dllcache\icardie.dll
+ 2008-04-23 07:20:42 63,488 -c----w C:\WINDOWS\system32\dllcache\icardie.dll
- 2008-02-29 08:59:00 70,656 -c----w C:\WINDOWS\system32\dllcache\ie4uinit.exe
+ 2008-04-22 07:43:26 70,656 -c----w C:\WINDOWS\system32\dllcache\ie4uinit.exe
- 2008-03-01 13:02:23 153,088 -c----w C:\WINDOWS\system32\dllcache\ieakeng.dll
+ 2008-04-23 07:20:42 153,088 -c----w C:\WINDOWS\system32\dllcache\ieakeng.dll
- 2008-03-01 13:02:23 230,400 -c----w C:\WINDOWS\system32\dllcache\ieaksie.dll
+ 2008-04-23 07:20:42 230,400 -c----w C:\WINDOWS\system32\dllcache\ieaksie.dll
- 2008-02-15 05:44:25 161,792 -c----w C:\WINDOWS\system32\dllcache\ieakui.dll
+ 2008-04-20 05:07:51 161,792 -c----w C:\WINDOWS\system32\dllcache\ieakui.dll
- 2008-03-01 13:02:24 383,488 -c----w C:\WINDOWS\system32\dllcache\ieapfltr.dll
+ 2008-04-23 07:20:42 383,488 -c----w C:\WINDOWS\system32\dllcache\ieapfltr.dll
- 2008-03-01 13:02:24 384,512 -c----w C:\WINDOWS\system32\dllcache\iedkcs32.dll
+ 2008-04-23 07:20:42 384,512 -c----w C:\WINDOWS\system32\dllcache\iedkcs32.dll
- 2008-03-01 13:02:26 6,066,176 -c----w C:\WINDOWS\system32\dllcache\ieframe.dll
+ 2008-04-23 07:20:42 6,066,176 -c----w C:\WINDOWS\system32\dllcache\ieframe.dll
- 2008-03-01 13:02:26 44,544 -c----w C:\WINDOWS\system32\dllcache\iernonce.dll
+ 2008-04-23 07:20:43 44,544 -c----w C:\WINDOWS\system32\dllcache\iernonce.dll
- 2008-03-01 13:02:26 267,776 -c----w C:\WINDOWS\system32\dllcache\iertutil.dll
+ 2008-04-23 07:20:43 267,776 -c----w C:\WINDOWS\system32\dllcache\iertutil.dll
- 2008-02-22 10:00:51 13,824 -c----w C:\WINDOWS\system32\dllcache\ieudinit.exe
+ 2008-04-22 07:39:58 13,824 -c----w C:\WINDOWS\system32\dllcache\ieudinit.exe
- 2008-02-29 08:59:23 625,664 -c----w C:\WINDOWS\system32\dllcache\iexplore.exe
+ 2008-04-22 07:43:46 625,664 -c----w C:\WINDOWS\system32\dllcache\iexplore.exe
- 2008-03-01 13:02:27 27,648 -c----w C:\WINDOWS\system32\dllcache\jsproxy.dll
+ 2008-04-23 07:20:43 27,648 -c----w C:\WINDOWS\system32\dllcache\jsproxy.dll
- 2004-08-04 12:00:00 294,400 -c--a-w C:\WINDOWS\system32\dllcache\msctf.dll
+ 2008-02-26 12:01:52 294,912 -c--a-w C:\WINDOWS\system32\dllcache\msctf.dll
- 2004-08-04 12:00:00 512,029 -c--a-w C:\WINDOWS\system32\dllcache\msexch40.dll
+ 2008-03-25 04:50:28 518,944 -c--a-w C:\WINDOWS\system32\dllcache\msexch40.dll
- 2004-08-04 12:00:00 319,517 -c--a-w C:\WINDOWS\system32\dllcache\msexcl40.dll
+ 2008-03-25 04:50:30 326,432 -c--a-w C:\WINDOWS\system32\dllcache\msexcl40.dll
- 2008-03-01 13:02:27 459,264 -c----w C:\WINDOWS\system32\dllcache\msfeeds.dll
+ 2008-04-23 07:20:43 459,264 -c----w C:\WINDOWS\system32\dllcache\msfeeds.dll
- 2008-03-01 13:02:27 52,224 -c----w C:\WINDOWS\system32\dllcache\msfeedsbs.dll
+ 2008-04-23 07:20:43 52,224 -c----w C:\WINDOWS\system32\dllcache\msfeedsbs.dll
- 2008-03-01 16:32:30 3,591,680 -c----w C:\WINDOWS\system32\dllcache\mshtml.dll
+ 2008-04-23 23:20:44 3,591,680 -c----w C:\WINDOWS\system32\dllcache\mshtml.dll
- 2008-03-01 13:02:29 478,208 -c----w C:\WINDOWS\system32\dllcache\mshtmled.dll
+ 2008-04-23 07:20:43 478,208 -c----w C:\WINDOWS\system32\dllcache\mshtmled.dll
- 2004-08-04 12:00:00 1,507,356 -c--a-w C:\WINDOWS\system32\dllcache\msjet40.dll
+ 2008-03-25 04:50:34 1,516,568 -c--a-w C:\WINDOWS\system32\dllcache\msjet40.dll
- 2004-08-04 12:00:00 358,976 -c--a-w C:\WINDOWS\system32\dllcache\msjetol1.dll
+ 2008-03-25 04:50:40 355,112 -c--a-w C:\WINDOWS\system32\dllcache\msjetol1.dll
- 2004-08-04 12:00:00 172,063 -c--a-w C:\WINDOWS\system32\dllcache\msjint40.dll
+ 2008-03-25 04:52:02 178,976 -c--a-w C:\WINDOWS\system32\dllcache\msjint40.dll
- 2004-08-04 12:00:00 53,279 -c--a-w C:\WINDOWS\system32\dllcache\msjter40.dll
+ 2008-03-25 04:50:42 60,192 -c--a-w C:\WINDOWS\system32\dllcache\msjter40.dll
- 2004-08-04 12:00:00 241,693 -c--a-w C:\WINDOWS\system32\dllcache\msjtes40.dll
+ 2008-03-25 04:50:42 248,608 -c--a-w C:\WINDOWS\system32\dllcache\msjtes40.dll
- 2004-08-04 12:00:00 213,023 -c--a-w C:\WINDOWS\system32\dllcache\msltus40.dll
+ 2008-03-25 04:50:44 219,936 -c--a-w C:\WINDOWS\system32\dllcache\msltus40.dll
- 2004-08-04 12:00:00 348,189 -c--a-w C:\WINDOWS\system32\dllcache\mspbde40.dll
+ 2008-03-25 04:50:45 355,104 -c--a-w C:\WINDOWS\system32\dllcache\mspbde40.dll
- 2008-03-01 13:02:29 193,024 -c----w C:\WINDOWS\system32\dllcache\msrating.dll
+ 2008-04-23 07:20:43 193,024 -c----w C:\WINDOWS\system32\dllcache\msrating.dll
- 2004-08-04 12:00:00 421,919 -c--a-w C:\WINDOWS\system32\dllcache\msrd2x40.dll
+ 2008-03-25 04:50:47 432,928 -c--a-w C:\WINDOWS\system32\dllcache\msrd2x40.dll
- 2004-08-04 12:00:00 315,423 -c--a-w C:\WINDOWS\system32\dllcache\msrd3x40.dll
+ 2008-03-25 04:50:49 322,336 -c--a-w C:\WINDOWS\system32\dllcache\msrd3x40.dll
- 2004-08-04 12:00:00 552,989 -c--a-w C:\WINDOWS\system32\dllcache\msrepl40.dll
+ 2008-03-25 04:50:52 559,904 -c--a-w C:\WINDOWS\system32\dllcache\msrepl40.dll
- 2004-08-04 12:00:00 258,077 -c--a-w C:\WINDOWS\system32\dllcache\mstext40.dll
+ 2008-03-25 04:50:55 264,992 -c--a-w C:\WINDOWS\system32\dllcache\mstext40.dll
- 2008-03-01 13:02:29 671,232 -c----w C:\WINDOWS\system32\dllcache\mstime.dll
+ 2008-04-23 07:20:43 671,232 -c----w C:\WINDOWS\system32\dllcache\mstime.dll
- 2004-08-04 12:00:00 831,519 -c--a-w C:\WINDOWS\system32\dllcache\mswdat10.dll
+ 2008-03-25 04:50:57 838,432 -c--a-w C:\WINDOWS\system32\dllcache\mswdat10.dll
- 2004-08-04 12:00:00 614,429 -c--a-w C:\WINDOWS\system32\dllcache\mswstr10.dll
+ 2008-03-25 04:52:02 621,344 -c--a-w C:\WINDOWS\system32\dllcache\mswstr10.dll
- 2004-08-04 12:00:00 348,189 -c--a-w C:\WINDOWS\system32\dllcache\msxbde40.dll
+ 2008-03-25 04:50:58 355,104 -c--a-w C:\WINDOWS\system32\dllcache\msxbde40.dll
- 2008-03-01 13:02:29 102,912 -c----w C:\WINDOWS\system32\dllcache\occache.dll
+ 2008-04-23 07:20:43 102,912 -c----w C:\WINDOWS\system32\dllcache\occache.dll
- 2008-03-01 13:02:29 44,544 -c--a-w C:\WINDOWS\system32\dllcache\pngfilt.dll
+ 2008-04-23 07:20:43 44,544 -c--a-w C:\WINDOWS\system32\dllcache\pngfilt.dll
- 2007-10-29 22:44:30 1,291,264 -c--a-w C:\WINDOWS\system32\dllcache\quartz.dll
+ 2008-05-07 05:16:26 1,291,264 -c--a-w C:\WINDOWS\system32\dllcache\quartz.dll
- 2006-07-13 08:48:58 202,240 -c--a-w C:\WINDOWS\system32\dllcache\rmcast.sys
+ 2008-05-08 12:28:49 202,752 -c--a-w C:\WINDOWS\system32\dllcache\rmcast.sys
- 2008-03-01 13:02:29 105,984 -c----w C:\WINDOWS\system32\dllcache\url.dll
+ 2008-04-23 07:20:43 105,984 -c----w C:\WINDOWS\system32\dllcache\url.dll
- 2008-03-01 13:02:29 1,159,680 -c----w C:\WINDOWS\system32\dllcache\urlmon.dll
+ 2008-04-23 07:20:43 1,159,680 -c----w C:\WINDOWS\system32\dllcache\urlmon.dll
- 2008-03-01 13:02:29 233,472 -c----w C:\WINDOWS\system32\dllcache\webcheck.dll
+ 2008-04-23 07:20:43 233,472 -c----w C:\WINDOWS\system32\dllcache\webcheck.dll
- 2008-03-01 13:02:29 826,368 -c----w C:\WINDOWS\system32\dllcache\wininet.dll
+ 2008-04-23 07:20:44 826,368 -c----w C:\WINDOWS\system32\dllcache\wininet.dll
- 2008-03-29 17:26:52 26,944 ----a-w C:\WINDOWS\system32\drivers\aavmker4.sys
+ 2008-05-15 23:13:26 26,944 ----a-w C:\WINDOWS\system32\drivers\aavmker4.sys
- 2008-03-29 17:35:49 20,560 ----a-w C:\WINDOWS\system32\drivers\aswFsBlk.sys
+ 2008-05-15 23:16:06 20,560 ----a-w C:\WINDOWS\system32\drivers\aswFsBlk.sys
- 2008-03-29 17:35:21 94,544 ----a-w C:\WINDOWS\system32\drivers\aswmon2.sys
+ 2008-05-15 23:18:33 94,416 ----a-w C:\WINDOWS\system32\drivers\aswmon2.sys
- 2008-03-29 17:29:08 23,152 ----a-w C:\WINDOWS\system32\drivers\aswRdr.sys
+ 2008-05-15 23:15:29 23,152 ----a-w C:\WINDOWS\system32\drivers\aswRdr.sys
- 2008-03-29 17:31:34 75,856 ----a-w C:\WINDOWS\system32\drivers\aswSP.sys
+ 2008-05-15 23:20:32 78,416 ----a-w C:\WINDOWS\system32\drivers\aswSP.sys
- 2008-03-29 17:27:33 42,912 ----a-w C:\WINDOWS\system32\drivers\aswTdi.sys
+ 2008-05-15 23:14:11 42,912 ----a-w C:\WINDOWS\system32\drivers\aswTdi.sys
- 2006-07-13 08:48:58 202,240 ----a-w C:\WINDOWS\system32\drivers\rmcast.sys
+ 2008-05-08 12:28:49 202,752 ----a-w C:\WINDOWS\system32\drivers\rmcast.sys
- 2008-03-01 13:02:23 347,136 ----a-w C:\WINDOWS\system32\dxtmsft.dll
+ 2008-04-23 07:20:42 347,136 ----a-w C:\WINDOWS\system32\dxtmsft.dll
- 2008-03-01 13:02:23 214,528 ------w C:\WINDOWS\system32\dxtrans.dll
+ 2008-04-23 07:20:42 214,528 ------w C:\WINDOWS\system32\dxtrans.dll
- 2008-03-01 13:02:23 133,120 ------w C:\WINDOWS\system32\extmgr.dll
+ 2008-04-23 07:20:42 133,120 ------w C:\WINDOWS\system32\extmgr.dll
- 2008-03-01 13:02:23 63,488 ----a-w C:\WINDOWS\system32\icardie.dll
+ 2008-04-23 07:20:42 63,488 ----a-w C:\WINDOWS\system32\icardie.dll
- 2008-02-29 08:59:00 70,656 ------w C:\WINDOWS\system32\ie4uinit.exe
+ 2008-04-22 07:43:26 70,656 ------w C:\WINDOWS\system32\ie4uinit.exe
- 2008-03-01 13:02:23 153,088 ------w C:\WINDOWS\system32\ieakeng.dll
+ 2008-04-23 07:20:42 153,088 ------w C:\WINDOWS\system32\ieakeng.dll
- 2008-03-01 13:02:23 230,400 ------w C:\WINDOWS\system32\ieaksie.dll
+ 2008-04-23 07:20:42 230,400 ------w C:\WINDOWS\system32\ieaksie.dll
- 2008-02-15 05:44:25 161,792 ------w C:\WINDOWS\system32\ieakui.dll
+ 2008-04-20 05:07:51 161,792 ------w C:\WINDOWS\system32\ieakui.dll
- 2008-03-01 13:02:24 383,488 ----a-w C:\WINDOWS\system32\ieapfltr.dll
+ 2008-04-23 07:20:42 383,488 ----a-w C:\WINDOWS\system32\ieapfltr.dll
- 2008-03-01 13:02:24 384,512 ------w C:\WINDOWS\system32\iedkcs32.dll
+ 2008-04-23 07:20:42 384,512 ------w C:\WINDOWS\system32\iedkcs32.dll
- 2008-03-01 13:02:26 6,066,176 ----a-w C:\WINDOWS\system32\ieframe.dll
+ 2008-04-23 07:20:42 6,066,176 ----a-w C:\WINDOWS\system32\ieframe.dll
- 2008-03-01 13:02:26 44,544 ------w C:\WINDOWS\system32\iernonce.dll
+ 2008-04-23 07:20:43 44,544 ------w C:\WINDOWS\system32\iernonce.dll
- 2008-03-01 13:02:26 267,776 ----a-w C:\WINDOWS\system32\iertutil.dll
+ 2008-04-23 07:20:43 267,776 ----a-w C:\WINDOWS\system32\iertutil.dll
- 2008-02-22 10:00:51 13,824 ----a-w C:\WINDOWS\system32\ieudinit.exe
+ 2008-04-22 07:39:58 13,824 ----a-w C:\WINDOWS\system32\ieudinit.exe
- 2008-03-01 13:02:27 27,648 ------w C:\WINDOWS\system32\jsproxy.dll
+ 2008-04-23 07:20:43 27,648 ------w C:\WINDOWS\system32\jsproxy.dll
- 2008-04-06 05:56:20 19,836,024 ----a-w C:\WINDOWS\system32\MRT.exe
+ 2008-05-29 23:35:12 17,486,968 ----a-w C:\WINDOWS\system32\MRT.exe
- 2004-08-04 12:00:00 294,400 ----a-w C:\WINDOWS\system32\MSCTF.dll
+ 2008-02-26 12:01:52 294,912 ----a-w C:\WINDOWS\system32\msctf.dll
- 2004-08-04 12:00:00 512,029 ----a-w C:\WINDOWS\system32\msexch40.dll
+ 2008-03-25 04:50:28 518,944 ----a-w C:\WINDOWS\system32\msexch40.dll
- 2004-08-04 12:00:00 319,517 ----a-w C:\WINDOWS\system32\msexcl40.dll
+ 2008-03-25 04:50:30 326,432 ----a-w C:\WINDOWS\system32\msexcl40.dll
- 2008-03-01 13:02:27 459,264 ----a-w C:\WINDOWS\system32\msfeeds.dll
+ 2008-04-23 07:20:43 459,264 ----a-w C:\WINDOWS\system32\msfeeds.dll
- 2008-03-01 13:02:27 52,224 ----a-w C:\WINDOWS\system32\msfeedsbs.dll
+ 2008-04-23 07:20:43 52,224 ----a-w C:\WINDOWS\system32\msfeedsbs.dll
- 2008-03-01 16:32:30 3,591,680 ----a-w C:\WINDOWS\system32\mshtml.dll
+ 2008-04-23 23:20:44 3,591,680 ----a-w C:\WINDOWS\system32\mshtml.dll
- 2008-03-01 13:02:29 478,208 ------w C:\WINDOWS\system32\mshtmled.dll
+ 2008-04-23 07:20:43 478,208 ------w C:\WINDOWS\system32\mshtmled.dll
- 2004-08-04 12:00:00 1,507,356 ----a-w C:\WINDOWS\system32\msjet40.dll
+ 2008-03-25 04:50:34 1,516,568 ----a-w C:\WINDOWS\system32\msjet40.dll
- 2004-08-04 12:00:00 358,976 ----a-w C:\WINDOWS\system32\msjetoledb40.dll
+ 2008-03-25 04:50:40 355,112 ----a-w C:\WINDOWS\system32\msjetoledb40.dll
- 2004-08-04 12:00:00 172,063 ----a-w C:\WINDOWS\system32\msjint40.dll
+ 2008-03-25 04:52:02 178,976 ----a-w C:\WINDOWS\system32\msjint40.dll
- 2004-08-04 12:00:00 53,279 ----a-w C:\WINDOWS\system32\msjter40.dll
+ 2008-03-25 04:50:42 60,192 ----a-w C:\WINDOWS\system32\msjter40.dll
- 2004-08-04 12:00:00 241,693 ----a-w C:\WINDOWS\system32\msjtes40.dll
+ 2008-03-25 04:50:42 248,608 ----a-w C:\WINDOWS\system32\msjtes40.dll
- 2004-08-04 12:00:00 213,023 ----a-w C:\WINDOWS\system32\msltus40.dll
+ 2008-03-25 04:50:44 219,936 ----a-w C:\WINDOWS\system32\msltus40.dll
- 2004-08-04 12:00:00 348,189 ----a-w C:\WINDOWS\system32\mspbde40.dll
+ 2008-03-25 04:50:45 355,104 ----a-w C:\WINDOWS\system32\mspbde40.dll
- 2008-03-01 13:02:29 193,024 ------w C:\WINDOWS\system32\msrating.dll
+ 2008-04-23 07:20:43 193,024 ------w C:\WINDOWS\system32\msrating.dll
- 2004-08-04 12:00:00 421,919 ----a-w C:\WINDOWS\system32\msrd2x40.dll
+ 2008-03-25 04:50:47 432,928 ----a-w C:\WINDOWS\system32\msrd2x40.dll
- 2004-08-04 12:00:00 315,423 ----a-w C:\WINDOWS\system32\msrd3x40.dll
+ 2008-03-25 04:50:49 322,336 ----a-w C:\WINDOWS\system32\msrd3x40.dll
- 2004-08-04 12:00:00 552,989 ----a-w C:\WINDOWS\system32\msrepl40.dll
+ 2008-03-25 04:50:52 559,904 ----a-w C:\WINDOWS\system32\msrepl40.dll
- 2004-08-04 12:00:00 258,077 ----a-w C:\WINDOWS\system32\mstext40.dll
+ 2008-03-25 04:50:55 264,992 ----a-w C:\WINDOWS\system32\mstext40.dll
- 2008-03-01 13:02:29 671,232 ------w C:\WINDOWS\system32\mstime.dll
+ 2008-04-23 07:20:43 671,232 ------w C:\WINDOWS\system32\mstime.dll
- 2004-08-04 12:00:00 831,519 ----a-w C:\WINDOWS\system32\mswdat10.dll
+ 2008-03-25 04:50:57 838,432 ----a-w C:\WINDOWS\system32\mswdat10.dll
- 2004-08-04 12:00:00 614,429 ----a-w C:\WINDOWS\system32\mswstr10.dll
+ 2008-03-25 04:52:02 621,344 ----a-w C:\WINDOWS\system32\mswstr10.dll
- 2004-08-04 12:00:00 348,189 ----a-w C:\WINDOWS\system32\msxbde40.dll
+ 2008-03-25 04:50:58 355,104 ----a-w C:\WINDOWS\system32\msxbde40.dll
- 2008-03-01 13:02:29 102,912 ------w C:\WINDOWS\system32\occache.dll
+ 2008-04-23 07:20:43 102,912 ------w C:\WINDOWS\system32\occache.dll
- 2008-03-01 13:02:29 44,544 ----a-w C:\WINDOWS\system32\pngfilt.dll
+ 2008-04-23 07:20:43 44,544 ----a-w C:\WINDOWS\system32\pngfilt.dll
- 2007-10-08 13:46:18 14,640 ------w C:\WINDOWS\system32\spmsg.dll
+ 2007-11-30 11:21:28 19,320 ------w C:\WINDOWS\system32\spmsg.dll
- 2008-03-01 13:02:29 105,984 ----a-w C:\WINDOWS\system32\url.dll
+ 2008-04-23 07:20:43 105,984 ----a-w C:\WINDOWS\system32\url.dll
- 2008-03-01 13:02:29 1,159,680 ----a-w C:\WINDOWS\system32\urlmon.dll
+ 2008-04-23 07:20:43 1,159,680 ----a-w C:\WINDOWS\system32\urlmon.dll
- 2008-03-01 13:02:29 233,472 ------w C:\WINDOWS\system32\webcheck.dll
+ 2008-04-23 07:20:43 233,472 ------w C:\WINDOWS\system32\webcheck.dll
+ 2008-07-13 19:49:29 16,384 ----atw C:\WINDOWS\Temp\Perflib_Perfdata_4e0.dat
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 14:00 15360]
"Skype"="C:\Program Files\Skype\Phone\Skype.exe" [2008-02-06 19:24 21898024]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" [2007-07-12 04:00 132496]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2004-07-15 11:42 4112384]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2004-07-15 11:42 81920]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 11:50 155648]
"InCD"="C:\Program Files\Ahead\InCD\InCD.exe" [2004-03-24 12:41 1294446]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2008-05-16 01:19 79224]
"nwiz"="nwiz.exe" [2004-07-15 11:42 843776 C:\WINDOWS\system32\nwiz.exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-04 14:00 15360]

C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\
Acrobat Assistant.lnk - C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe [2006-08-22 21:33:19 49254]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"= ctwdm32.dll
"VIDC.X264"= x264vfw.dll
"VIDC.3iv2"= 3ivxVfWCodec.dll
"VIDC.VP31"= vp31vfw.dll
"msacm.l3fhg"= mp3fhg.acm
"VIDC.DIV3"= DivXc32.dll
"VIDC.DIV4"= DivXc32f.dll
"VIDC.HFYU"= huffyuv.dll
"vidc.i263"= i263_32.drv
"VIDC.MPG4"= msmpeg4.dll
"VIDC.MP42"= msmpeg4.dll
"VIDC.MP43"= msmpeg4.dll
"msacm.divxa32"= divxa32.acm
"msacm.imc"= imc32.acm

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Alwil Software\\Avast4\\ashAvast.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\Media Player Classic\\mplayerc.exe"=
"C:\\Program Files\\Skype\\Phone\\Skype.exe"=

R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-05-16 01:20]
R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-05-16 01:16]
R2 HPFECP13;HPFECP13;C:\WINDOWS\system32\drivers\HPFECP13.SYS [1998-09-25 10:55]
S3 w300bus;Sony Ericsson W300 Driver driver (WDM);C:\WINDOWS\system32\DRIVERS\w300bus.sys [2006-03-13 16:49]
S3 w300mdfl;Sony Ericsson W300 USB WMC Modem Filter;C:\WINDOWS\system32\DRIVERS\w300mdfl.sys [2006-03-13 16:50]
S3 w300mdm;Sony Ericsson W300 USB WMC Modem Driver;C:\WINDOWS\system32\DRIVERS\w300mdm.sys [2006-03-13 16:50]
S3 w300mgmt;Sony Ericsson W300 USB WMC Device Management Drivers (WDM);C:\WINDOWS\system32\DRIVERS\w300mgmt.sys [2006-03-13 16:50]
S3 w300obex;Sony Ericsson W300 USB WMC OBEX Interface;C:\WINDOWS\system32\DRIVERS\w300obex.sys [2006-03-13 16:50]

.
- - - - ORPHANS REMOVED - - - -

HKCU-Run-mxClock - D:\CLOCK\mxClock.exe
HKU-Default-RunOnce-FFTI - C:\Documents and Settings\Pierwszy\Dane aplikacji\Mozilla\Firefox\Profiles\urnvi1pg.default\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\unins000.exe
Notify-WgaLogon - (no file)

**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-07-13 22:02:57
Windows 5.1.2600 Dodatek Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

**************************************************************************
.
Completion time: 2008-07-13 22:07:00
ComboFix-quarantined-files.txt 2008-07-13 20:05:50
ComboFix2.txt 2008-05-04 20:23:05
ComboFix3.txt 2008-04-30 21:50:29

Pre-Run: 4,617,428,992 bajtów wolnych
Post-Run: 4,612,538,368 bajtów wolnych

391 --- E O F --- 2008-06-24 19:18:32

przez **huber2t** » 15 Lip 2008, 06:06

Log wyglada na czysty

usuń ręcznie folder C: \Qoobox , usuń instalkę Combofix z dysku.

Przeczyść komputer Ccleanerem

Wykonaj optymalizację autostartu

Wyłącz i włącz przywracanie systemu na wszystkich dyskach. Instrukcja

Przeskanuj obszar mojego komputera http://www.kaspersky.pl/virusscanner.html (uruchom przez IE) Daj raport z niego na forum

lub

[url=https://www.instalki.pl/download/programy/windows/bezpieczenstwo/antywirusy/dr-web-cureit/]Dr.WEB CureIt![/url

Malware-gen, Win32: AuCrypt, Win32: Adware-gen. log

Malware-gen, Win32: AuCrypt, Win32: Adware-gen. log

Kto jest na forum