Zamulony internet - logi

[bambus]

witam prosze o sprawdzenie mojego pliku log i wskazanie co jest nie tak. strasznie zamulony mam internet,

ComboFix 08-11-30.02 - admin 2008-12-01 21:22:09.2 - NTFSx86
Uruchomiony z: c:\documents and settings\admin\Pulpit\ComboFix.exe
.

((((((((((((((((((((((((((((((((((((((( Usunięto )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\system32\_004777_.tmp.dll
c:\windows\system32\_004778_.tmp.dll
c:\windows\system32\_004779_.tmp.dll
c:\windows\system32\_004780_.tmp.dll
c:\windows\system32\_004787_.tmp.dll
c:\windows\system32\_004788_.tmp.dll
c:\windows\system32\_004789_.tmp.dll
c:\windows\system32\_004790_.tmp.dll
c:\windows\system32\_004791_.tmp.dll
c:\windows\system32\_004792_.tmp.dll
c:\windows\system32\_004793_.tmp.dll
c:\windows\system32\_004794_.tmp.dll
c:\windows\system32\_004795_.tmp.dll
c:\windows\system32\_004796_.tmp.dll
c:\windows\system32\_004797_.tmp.dll
c:\windows\system32\_004798_.tmp.dll
c:\windows\system32\_004799_.tmp.dll
c:\windows\system32\_004800_.tmp.dll
c:\windows\system32\_004801_.tmp.dll
c:\windows\system32\_004802_.tmp.dll
c:\windows\system32\_004803_.tmp.dll
c:\windows\system32\_004804_.tmp.dll
c:\windows\system32\_004805_.tmp.dll
c:\windows\system32\_004806_.tmp.dll
c:\windows\system32\_004807_.tmp.dll
c:\windows\system32\_004808_.tmp.dll
c:\windows\system32\_004809_.tmp.dll
c:\windows\system32\_004810_.tmp.dll
c:\windows\system32\_004811_.tmp.dll
c:\windows\system32\_004812_.tmp.dll
c:\windows\system32\_004813_.tmp.dll
c:\windows\system32\_004814_.tmp.dll
c:\windows\system32\_004815_.tmp.dll
c:\windows\system32\_004816_.tmp.dll
c:\windows\system32\_004817_.tmp.dll
c:\windows\system32\_004818_.tmp.dll
c:\windows\system32\_004819_.tmp.dll
c:\windows\system32\_004820_.tmp.dll
c:\windows\system32\_004821_.tmp.dll
c:\windows\system32\_004822_.tmp.dll
c:\windows\system32\_004823_.tmp.dll
c:\windows\system32\_004824_.tmp.dll
c:\windows\system32\_004825_.tmp.dll
c:\windows\system32\_004826_.tmp.dll
c:\windows\system32\_004827_.tmp.dll
c:\windows\system32\_004828_.tmp.dll
c:\windows\system32\_004829_.tmp.dll
c:\windows\system32\_004830_.tmp.dll
c:\windows\system32\_004831_.tmp.dll
c:\windows\system32\_004832_.tmp.dll
c:\windows\system32\_004833_.tmp.dll
c:\windows\system32\_004834_.tmp.dll
c:\windows\system32\_004835_.tmp.dll
c:\windows\system32\_004836_.tmp.dll
c:\windows\system32\_004837_.tmp.dll
c:\windows\system32\_004838_.tmp.dll
c:\windows\system32\_004839_.tmp.dll
c:\windows\system32\_004840_.tmp.dll
c:\windows\system32\_004841_.tmp.dll
c:\windows\system32\_004842_.tmp.dll
c:\windows\system32\_004843_.tmp.dll
c:\windows\system32\_004844_.tmp.dll
c:\windows\system32\_004845_.tmp.dll
c:\windows\system32\_004846_.tmp.dll
c:\windows\system32\_004847_.tmp.dll
c:\windows\system32\_004848_.tmp.dll
c:\windows\system32\_004849_.tmp.dll
c:\windows\system32\_004850_.tmp.dll
c:\windows\system32\_004851_.tmp.dll
c:\windows\system32\_004852_.tmp.dll
c:\windows\system32\_004853_.tmp.dll
c:\windows\system32\_004854_.tmp.dll
c:\windows\system32\_004855_.tmp.dll
c:\windows\system32\_004856_.tmp.dll
c:\windows\system32\_004857_.tmp.dll
c:\windows\system32\_004858_.tmp.dll
c:\windows\system32\_004859_.tmp.dll
c:\windows\system32\_004860_.tmp.dll
c:\windows\system32\_004861_.tmp.dll
c:\windows\system32\_004862_.tmp.dll
c:\windows\system32\_004863_.tmp.dll
c:\windows\system32\_004864_.tmp.dll
c:\windows\system32\_004865_.tmp.dll
c:\windows\system32\_004866_.tmp.dll
c:\windows\system32\_004867_.tmp.dll
c:\windows\system32\_004868_.tmp.dll
c:\windows\system32\_004869_.tmp.dll
c:\windows\system32\_004870_.tmp.dll
c:\windows\system32\_004871_.tmp.dll
c:\windows\system32\_004872_.tmp.dll
c:\windows\system32\_004873_.tmp.dll
c:\windows\system32\_004874_.tmp.dll
c:\windows\system32\_004875_.tmp.dll
c:\windows\system32\_004876_.tmp.dll
c:\windows\system32\_004877_.tmp.dll
c:\windows\system32\_004878_.tmp.dll
c:\windows\system32\_004879_.tmp.dll
c:\windows\system32\_004880_.tmp.dll
c:\windows\system32\_004881_.tmp.dll
c:\windows\system32\_004882_.tmp.dll
c:\windows\system32\_004883_.tmp.dll
c:\windows\system32\_004885_.tmp.dll
c:\windows\system32\_004886_.tmp.dll
c:\windows\system32\_004887_.tmp.dll
c:\windows\system32\_004888_.tmp.dll
c:\windows\system32\_004889_.tmp.dll
c:\windows\system32\_004890_.tmp.dll
c:\windows\system32\_004891_.tmp.dll
c:\windows\system32\_004893_.tmp.dll
c:\windows\system32\_004894_.tmp.dll
c:\windows\system32\_004895_.tmp.dll
c:\windows\system32\_004896_.tmp.dll
c:\windows\system32\_004897_.tmp.dll
c:\windows\system32\_004898_.tmp.dll
c:\windows\system32\_004899_.tmp.dll
c:\windows\system32\_004900_.tmp.dll
c:\windows\system32\_004901_.tmp.dll
c:\windows\system32\_004902_.tmp.dll
c:\windows\system32\_004903_.tmp.dll
c:\windows\system32\_004904_.tmp.dll
c:\windows\system32\_004905_.tmp.dll
c:\windows\system32\_004906_.tmp.dll
c:\windows\system32\_004907_.tmp.dll
c:\windows\system32\_004908_.tmp.dll
c:\windows\system32\_004910_.tmp.dll
c:\windows\system32\_004911_.tmp.dll
c:\windows\system32\_004912_.tmp.dll
c:\windows\system32\_004913_.tmp.dll
c:\windows\system32\_004915_.tmp.dll
c:\windows\system32\_004917_.tmp.dll
c:\windows\system32\_004918_.tmp.dll
c:\windows\system32\_004919_.tmp.dll
c:\windows\system32\_004920_.tmp.dll
c:\windows\system32\_004921_.tmp.dll
c:\windows\system32\_004922_.tmp.dll
c:\windows\system32\_004923_.tmp.dll
c:\windows\system32\_004925_.tmp.dll
c:\windows\system32\_004926_.tmp.dll
c:\windows\system32\_004927_.tmp.dll
c:\windows\system32\_004928_.tmp.dll
c:\windows\system32\_004929_.tmp.dll
c:\windows\system32\_004930_.tmp.dll
c:\windows\system32\_004931_.tmp.dll
c:\windows\system32\_004932_.tmp.dll
c:\windows\system32\_004933_.tmp.dll
c:\windows\system32\_004934_.tmp.dll
c:\windows\system32\_004935_.tmp.dll
c:\windows\system32\_004936_.tmp.dll
c:\windows\system32\_004937_.tmp.dll
c:\windows\system32\_004938_.tmp.dll
c:\windows\system32\_004939_.tmp.dll
c:\windows\system32\_004940_.tmp.dll
c:\windows\system32\_004942_.tmp.dll
c:\windows\system32\_004943_.tmp.dll
c:\windows\system32\_004944_.tmp.dll
c:\windows\system32\_004945_.tmp.dll
c:\windows\system32\_004947_.tmp.dll
c:\windows\system32\_004949_.tmp.dll
c:\windows\system32\_004950_.tmp.dll
c:\windows\system32\_004951_.tmp.dll
c:\windows\system32\_004952_.tmp.dll
c:\windows\system32\_004953_.tmp.dll
c:\windows\system32\_004954_.tmp.dll
c:\windows\system32\_004955_.tmp.dll
c:\windows\system32\_004957_.tmp.dll
c:\windows\system32\_004958_.tmp.dll
c:\windows\system32\_004959_.tmp.dll
c:\windows\system32\_004960_.tmp.dll
c:\windows\system32\_004961_.tmp.dll
c:\windows\system32\_004962_.tmp.dll
c:\windows\system32\_004963_.tmp.dll
c:\windows\system32\_004964_.tmp.dll
c:\windows\system32\_004966_.tmp.dll
c:\windows\system32\_004967_.tmp.dll
c:\windows\system32\_004969_.tmp.dll
c:\windows\system32\_004971_.tmp.dll
c:\windows\system32\_004972_.tmp.dll
c:\windows\system32\_004976_.tmp.dll
c:\windows\system32\_004977_.tmp.dll
c:\windows\system32\_004979_.tmp.dll
c:\windows\system32\_004982_.tmp.dll
c:\windows\system32\_004984_.tmp.dll
c:\windows\system32\_004985_.tmp.dll
c:\windows\system32\_004986_.tmp.dll
c:\windows\system32\_004987_.tmp.dll
c:\windows\system32\_004990_.tmp.dll
c:\windows\system32\_004991_.tmp.dll
c:\windows\system32\_004992_.tmp.dll
c:\windows\system32\_004993_.tmp.dll
c:\windows\system32\_004994_.tmp.dll
c:\windows\system32\_004999_.tmp.dll
c:\windows\system32\_005001_.tmp.dll

.
((((((((((((((((((((((((((((((((((((((( Sterowniki/Usługi )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_tdssserv


((((((((((((((((((((((((( Pliki utworzone od 2008-11-01 do 2008-12-01 )))))))))))))))))))))))))))))))
.

2009-11-25 19:00 . 2001-06-12 23:02 50,688 --a------ c:\windows\system32\DR_MX_BUTTON_CONTROLL.OCX
2009-11-25 19:00 . 2001-07-13 02:22 49,152 --a------ c:\windows\system32\DR_BUTTON_CONTROLL.OCX
2009-11-25 19:00 . 2001-07-13 02:00 32,768 --a------ c:\windows\system32\HPROP.OCX
2009-11-25 19:00 . 2001-04-25 22:33 18,944 --a------ c:\windows\system32\BEVELBOX.OCX
2009-11-25 18:53 . 1997-01-16 00:00 71,680 --a------ c:\windows\ST5UNST.EXE
2009-11-25 18:53 . 1997-01-16 00:00 29,696 --a------ c:\windows\system32\VB5StKit.dll
2008-11-27 20:35 . 2008-11-12 20:22 <DIR> d-------- C:\temp
2008-11-17 19:22 . 2008-11-17 19:22 <DIR> d-------- c:\program files\Google
2008-11-16 22:25 . 2008-04-14 00:08 2,953,216 --a------ c:\windows\system32\SET14D6.tmp
2008-11-16 22:25 . 2008-04-14 22:50 354,304 --a------ c:\windows\system32\SET14C8.tmp
2008-11-16 22:25 . 2008-04-14 00:05 194,560 --a------ c:\windows\system32\SET14D7.tmp
2008-11-16 22:25 . 2008-04-14 22:51 80,896 --a------ c:\windows\system32\SET14C3.tmp
2008-11-16 22:25 . 2008-04-14 22:50 16,896 --a------ c:\windows\system32\SET152A.tmp
2008-11-16 22:25 . 2008-04-14 22:51 6,656 --a------ c:\windows\system32\SET14BE.tmp
2008-11-16 22:22 . 2008-04-14 22:50 512,000 --a------ c:\windows\system32\SETB40.tmp
2008-11-16 22:22 . 2008-04-14 22:50 95,744 --a------ c:\windows\system32\SETB46.tmp
2008-11-16 22:20 . 2008-04-14 22:50 3,066,880 --a------ c:\windows\system32\SET853.tmp
2008-11-16 22:19 . 2008-04-14 22:50 8,489,984 --a------ c:\windows\system32\SET736.tmp
2008-11-16 22:17 . 2006-12-29 00:31 19,569 --a------ c:\windows\003228_.tmp
2008-11-16 22:14 . 2007-10-25 17:57 8,483,328 --a------ c:\windows\system32\dllcache\shell32.dll
2008-11-16 11:34 . 2008-11-17 19:22 <DIR> d-------- c:\program files\Picasa2
2008-11-15 23:17 . 2008-04-14 00:08 2,953,216 --a------ c:\windows\system32\SET1351.tmp
2008-11-15 23:17 . 2008-04-14 22:50 354,304 --a------ c:\windows\system32\SET1343.tmp
2008-11-15 23:17 . 2008-04-14 22:51 80,896 --a------ c:\windows\system32\SET133E.tmp
2008-11-15 23:17 . 2008-04-14 22:50 16,896 --a------ c:\windows\system32\SET13A5.tmp
2008-11-15 23:17 . 2008-04-14 22:51 6,656 --a------ c:\windows\system32\SET1339.tmp
2008-11-15 23:10 . 2008-04-14 22:50 512,000 --a------ c:\windows\system32\SET997.tmp
2008-11-15 23:10 . 2008-04-14 22:50 95,744 --a------ c:\windows\system32\SET99D.tmp
2008-11-15 23:07 . 2008-04-14 22:50 3,066,880 --a------ c:\windows\system32\SET67F.tmp
2008-11-15 23:06 . 2008-04-14 22:50 8,489,984 --a------ c:\windows\system32\SET51B.tmp
2008-11-15 23:05 . 2008-04-14 22:50 732,672 --a------ c:\windows\system32\SET3DD.tmp
2008-11-15 23:02 . 2006-12-29 00:31 19,569 --a------ c:\windows\003219_.tmp
2008-11-15 22:55 . 2004-08-03 23:00 71,040 --------- c:\windows\system32\drivers\_004802_.tmp.dll
2008-11-15 16:14 . 2008-04-14 00:08 2,953,216 --a------ c:\windows\system32\SET121D.tmp
2008-11-15 16:14 . 2008-04-14 22:50 354,304 --a------ c:\windows\system32\SET120F.tmp
2008-11-15 16:14 . 2008-04-14 22:51 80,896 --a------ c:\windows\system32\SET120A.tmp
2008-11-15 16:14 . 2008-04-14 22:50 16,896 --a------ c:\windows\system32\SET1271.tmp
2008-11-15 16:14 . 2008-04-14 22:51 6,656 --a------ c:\windows\system32\SET1205.tmp
2008-11-15 16:10 . 2008-04-14 22:50 512,000 --a------ c:\windows\system32\SET884.tmp
2008-11-15 16:10 . 2008-04-14 22:50 95,744 --a------ c:\windows\system32\SET88A.tmp
2008-11-15 16:08 . 2008-04-14 22:50 8,489,984 --a------ c:\windows\system32\SET3CD.tmp
2008-11-15 16:07 . 2008-04-14 22:50 732,672 --a------ c:\windows\system32\SET2B3.tmp
2008-11-15 16:05 . 2006-12-29 00:31 19,569 --a------ c:\windows\003210_.tmp
2008-11-15 15:58 . 2004-08-03 23:00 71,040 --------- c:\windows\system32\drivers\_004792_.tmp.dll
2008-11-15 14:53 . 2008-04-14 00:08 2,953,216 --a------ c:\windows\system32\SET111F.tmp
2008-11-15 14:53 . 2008-04-14 22:50 354,304 --a------ c:\windows\system32\SET1111.tmp
2008-11-15 14:53 . 2008-04-14 22:51 80,896 --a------ c:\windows\system32\SET110C.tmp
2008-11-15 14:53 . 2008-04-14 22:50 16,896 --a------ c:\windows\system32\SET1173.tmp
2008-11-15 14:53 . 2008-04-14 22:51 6,656 --a------ c:\windows\system32\SET1107.tmp
2008-11-15 14:49 . 2008-04-14 22:50 512,000 --a------ c:\windows\system32\SET789.tmp
2008-11-15 14:49 . 2008-04-14 22:50 95,744 --a------ c:\windows\system32\SET78F.tmp
2008-11-15 14:47 . 2008-04-14 22:50 3,066,880 --a------ c:\windows\system32\SET473.tmp
2008-11-15 14:46 . 2008-04-14 22:50 8,489,984 --a------ c:\windows\system32\SET2EC.tmp
2008-11-15 14:45 . 2006-12-29 00:31 19,569 --a------ c:\windows\003201_.tmp
2008-11-15 14:39 . 2004-08-03 23:00 71,040 --------- c:\windows\system32\drivers\_004782_.tmp.dll
2008-11-15 13:37 . 2008-04-14 00:08 2,953,216 --a------ c:\windows\system32\SET1020.tmp
2008-11-15 13:37 . 2008-04-14 22:50 354,304 --a------ c:\windows\system32\SET1012.tmp
2008-11-15 13:37 . 2008-04-14 22:51 80,896 --a------ c:\windows\system32\SET100D.tmp
2008-11-15 13:37 . 2008-04-14 22:50 16,896 --a------ c:\windows\system32\SET1074.tmp
2008-11-15 13:37 . 2008-04-14 22:51 6,656 --a------ c:\windows\system32\SET1008.tmp
2008-11-15 13:34 . 2008-04-14 22:50 512,000 --a------ c:\windows\system32\SET68A.tmp
2008-11-15 13:34 . 2008-04-14 22:50 95,744 --a------ c:\windows\system32\SET690.tmp
2008-11-15 13:32 . 2008-04-14 22:50 8,489,984 --a------ c:\windows\system32\SET260.tmp
2008-11-15 13:31 . 2008-04-14 22:50 732,672 --a------ c:\windows\system32\SET1C8.tmp
2008-11-15 13:30 . 2006-12-29 00:31 19,569 --a------ c:\windows\003192_.tmp
2008-11-15 13:25 . 2004-08-03 23:00 71,040 --------- c:\windows\system32\drivers\_004772_.tmp.dll
2008-11-14 22:48 . 2008-11-16 22:25 <DIR> d-------- c:\windows\system32\pl-pl
2008-11-14 22:48 . 2008-11-16 22:25 <DIR> d-------- c:\windows\system32\pl
2008-11-14 22:48 . 2008-11-16 22:39 <DIR> d-------- c:\windows\system32\bits
2008-11-14 22:48 . 2008-11-16 22:39 <DIR> d-------- c:\windows\l2schemas
2008-11-14 22:48 . 2008-04-14 00:08 2,953,216 --a------ c:\windows\system32\SETF0B.tmp
2008-11-14 22:48 . 2008-04-14 22:50 354,304 --a------ c:\windows\system32\SETEFD.tmp
2008-11-14 22:48 . 2008-04-14 22:51 80,896 --a------ c:\windows\system32\SETEF8.tmp
2008-11-14 22:48 . 2008-04-14 22:50 16,896 --a------ c:\windows\system32\SETF5F.tmp
2008-11-14 22:48 . 2008-04-14 22:51 6,656 --a------ c:\windows\system32\SETEF3.tmp
2008-11-14 22:44 . 2008-04-14 22:51 1,035,264 --a------ c:\windows\SET41D.tmp
2008-11-14 22:44 . 2008-04-14 22:50 512,000 --a------ c:\windows\system32\SET575.tmp
2008-11-14 22:44 . 2008-04-14 22:49 193,536 --a------ c:\windows\system32\SET3FB.tmp
2008-11-14 22:44 . 2008-04-14 22:49 143,360 --a------ c:\windows\system32\SET3F6.tmp
2008-11-14 22:44 . 2008-04-14 22:50 125,952 --a------ c:\windows\system32\SET3EE.tmp
2008-11-14 22:44 . 2008-04-14 22:50 100,864 --a------ c:\windows\system32\SET3F3.tmp
2008-11-14 22:44 . 2008-04-14 22:49 98,304 --a------ c:\windows\system32\SET3F9.tmp
2008-11-14 22:44 . 2008-04-14 22:50 95,744 --a------ c:\windows\system32\SET57B.tmp
2008-11-14 22:44 . 2008-04-14 22:50 58,880 --a------ c:\windows\system32\SET3E9.tmp
2008-11-14 22:44 . 2008-04-14 22:51 44,544 --a------ c:\windows\system32\SET3F1.tmp
2008-11-14 22:41 . 2006-12-29 00:31 19,569 --a------ c:\windows\003183_.tmp
2008-11-14 22:37 . 2004-08-03 23:00 71,040 --------- c:\windows\system32\drivers\_004762_.tmp.dll
2008-11-14 21:58 . 2008-11-14 21:58 <DIR> d-------- c:\program files\Avira
2008-11-14 21:58 . 2008-11-14 21:58 <DIR> d-------- c:\documents and settings\All Users\Dane aplikacji\Avira
2008-11-14 21:41 . 2008-11-14 21:41 <DIR> d-------- c:\documents and settings\admin\Dane aplikacji\iolo
2008-11-14 20:54 . 2008-11-16 21:55 <DIR> d-------- c:\program files\Spybot - Search & Destroy
2008-11-14 20:54 . 2008-11-16 21:55 <DIR> d-------- c:\documents and settings\All Users\Dane aplikacji\Spybot - Search & Destroy
2008-11-14 20:09 . 2008-11-30 11:02 <DIR> d--hs---- C:\found.000
2008-11-14 19:30 . 2008-11-14 19:30 <DIR> d-------- c:\program files\PrevxCSI
2008-11-14 19:30 . 2008-11-29 16:39 <DIR> d-------- c:\documents and settings\All Users\Dane aplikacji\PrevxCSI
2008-11-14 19:30 . 2008-11-24 20:04 26,680 --a------ c:\windows\system32\drivers\pxark.sys
2008-11-14 19:27 . 2008-11-14 19:27 <DIR> d-------- c:\documents and settings\Artur\Dane aplikacji\PC Tools
2008-11-13 23:00 . 2008-11-13 23:01 <DIR> d-------- c:\program files\WinPcap
2008-11-09 19:46 . 2008-11-12 18:34 <DIR> d-------- C:\wesele jarka i Agnieszki 04-10-2008
2008-11-07 18:45 . 2008-11-07 19:03 <DIR> d-------- c:\program files\The KMPlayer
2008-11-07 18:19 . 2008-11-07 18:20 <DIR> d-------- c:\documents and settings\admin\Dane aplikacji\Player
2008-11-07 18:18 . 2008-11-16 21:55 <DIR> d-------- c:\program files\Player

.
(((((((((((((((((((((((((((((((((((((((( Sekcja Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-12-01 20:53 --------- d-----w c:\documents and settings\LocalService\Dane aplikacji\VMware
2008-12-01 20:53 --------- d-----w c:\documents and settings\All Users\Dane aplikacji\VMware
2008-11-29 18:27 --------- d---a-w c:\documents and settings\All Users\Dane aplikacji\TEMP
2008-11-27 19:29 --------- d-----w c:\program files\PDFCreator Toolbar
2008-11-27 15:38 --------- d-----w c:\documents and settings\admin\Dane aplikacji\Skype
2008-11-27 15:36 --------- d-----w c:\documents and settings\admin\Dane aplikacji\VMware
2008-11-21 15:40 --------- d-----w c:\program files\Windows Media Connect 2
2008-11-16 20:55 --------- d-----w c:\documents and settings\Artur\Dane aplikacji\VMware
2008-11-15 19:34 --------- d-----w c:\program files\Common Files\Adobe
2008-11-15 13:07 --------- d-----w c:\program files\Java
2008-10-27 17:36 --------- d-----w c:\documents and settings\admin\Dane aplikacji\Canneverbe_Limited
2008-10-27 17:35 --------- d-----w c:\program files\CDBurnerXP
2008-10-27 16:52 --------- d-----w c:\program files\Macromedia
2008-10-27 16:09 --------- d-----w c:\program files\CCleaner
2008-10-26 11:00 --------- d--h--w c:\program files\InstallShield Installation Information
2008-10-24 11:10 453,632 ----a-w c:\windows\system32\drivers\mrxsmb.sys
2008-10-21 20:18 --------- d-----w c:\program files\Trend Micro
2008-10-21 19:26 --------- d-----w c:\documents and settings\All Users\Dane aplikacji\Nero
2008-10-21 18:29 --------- d-----w c:\program files\Common Files\PC Tools
2008-10-21 17:37 --------- d-----w c:\documents and settings\Artur\Dane aplikacji\SeriousBit
2008-10-21 17:05 --------- d-----w c:\documents and settings\admin\Dane aplikacji\SeriousBit
2008-10-21 17:04 --------- d-----w c:\program files\EnhanceMyXP
2008-10-16 13:13 1,809,944 ----a-w c:\windows\system32\wuaueng.dll
2008-10-16 13:12 561,688 ----a-w c:\windows\system32\wuapi.dll
2008-10-16 13:09 92,696 ----a-w c:\windows\system32\cdm.dll
2008-10-16 13:09 51,224 ----a-w c:\windows\system32\wuauclt.exe
2008-10-13 19:49 --------- d-----w c:\documents and settings\admin\Dane aplikacji\AdobeUM
2008-10-13 17:48 --------- d-----w c:\documents and settings\admin\Dane aplikacji\Gadu-Gadu
2008-10-13 17:33 --------- d-----w c:\documents and settings\admin\Dane aplikacji\OpenOffice.org2
2008-10-13 17:32 --------- d-----w c:\documents and settings\admin\Dane aplikacji\U3
2008-10-13 16:36 --------- d-----w c:\documents and settings\admin\Dane aplikacji\Nero
2008-10-13 16:33 0 ----a-w c:\windows\system32\drivers\47973f2a.sys
2008-10-01 17:59 --------- d-----w c:\program files\TP-LINK
2008-09-30 15:43 1,286,152 ----a-w c:\windows\system32\msxml4.dll
2008-09-24 18:05 74,703 ----a-w c:\windows\system32\mfc45.dll
2008-09-15 15:40 1,846,272 ----a-w c:\windows\system32\win32k.sys
2008-09-04 16:46 1,106,944 ----a-w c:\windows\system32\msxml3.dll
2008-06-27 14:55 14,290 ----a-w c:\program files\settings.dat
2007-10-12 12:11 48,232 ----a-w c:\documents and settings\admin\Dane aplikacji\GDIPFONTCACHEV1.DAT
2006-08-16 17:47 21,290,704 -c--a-w c:\program files\AdbeRdr708_en_US.exe
2006-08-16 17:46 7,050,552 -c--a-w c:\program files\psa30se_en_us.exe
2006-08-16 17:45 762,512 -c--a-w c:\program files\ytb612_efgsip.exe
2006-08-15 07:48 14,998,716 -c--a-w c:\program files\tcmdpp17.exe
2006-08-15 07:03 149,389 ----a-w c:\program files\kurs_php_UnderPL.org.zip
2006-08-14 19:43 11,794,104 -c--a-w c:\program files\setuppol.exe
2006-08-11 21:04 10,269,480 -c--a-w c:\program files\Onet-SkypeSetup.exe
2006-08-11 20:39 3,891,190 -c--a-w c:\program files\gg71.exe
2006-07-10 10:24 5,227,896 -c--a-w c:\program files\Firefox Setup 1.5.0.4.exe
2006-07-10 08:04 10,380,799 -c--a-w c:\program files\JAlbum-install.exe
2006-03-14 23:06 5,221,888 -c--a-w c:\program files\openofficeorg202.msi
2006-03-14 23:06 266,240 -c--a-w c:\program files\setup.exe
2006-03-14 23:06 218 -c--a-w c:\program files\setup.ini
2006-03-14 23:06 1,821,008 -c--a-w c:\program files\instmsiw.exe
2006-03-14 23:06 1,707,856 -c--a-w c:\program files\instmsia.exe
2004-10-01 14:00 40,960 ----a-w c:\program files\Uninstall_CDS.exe
.

((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Gadu-Gadu"="c:\documents and settings\All Users\Dokumenty\Gadu-Gadu\gg.exe" [2007-05-10 2111176]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2008-09-16 1833296]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Broadcom Wireless Manager UI"="c:\windows\system32\WLTRAY" [X]
"SynTPLpr"="c:\program files\Synaptics\SynTP\SynTPLpr.exe" [2005-02-04 102490]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2005-01-23 155648]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2005-01-23 126976]
"epm-dm"="c:\acer\epm\epm-dm.exe" [2005-06-01 192512]
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
"SoundMan"="SOUNDMAN.EXE" [2005-04-15 c:\windows\SOUNDMAN.EXE]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-04 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.divxa32"= msaud32_divx.acm

[HKLM\~\startupfolder\^ntuser.dat]
path=\NTUSER.DAT
backup=c:\windows\pss\NTUSER.DATCommon Startup

[HKLM\~\startupfolder\^ntuser.dat.log]
path=\ntuser.dat.LOG
backup=c:\windows\pss\ntuser.dat.LOGCommon Startup

[HKLM\~\startupfolder\^ntuser.ini]
path=\ntuser.ini
backup=c:\windows\pss\ntuser.iniCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\updatemgr]
-ra------ 2006-03-30 15:45 313472 c:\program files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"OracleServiceORCL"=2 (0x2)
"OracleOraDb10g_home2TNSListener"=2 (0x2)
"OracleOraDb10g_home2iSQL*Plus"=2 (0x2)
"OracleoraclHTTPServer"=2 (0x2)
"OracleoraclClientCache80"=3 (0x3)
"OracleDBConsoleorcl"=2 (0x2)
"Oracle WebDb Listener"=2 (0x2)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"WinampAgent"=c:\program files\Winamp\winampa.exe
"vmware-tray"=d:\vmware workstation\vmware-tray.exe
"VMware hqtray"="d:\vmware workstation\hqtray.exe"
"NeroFilterCheck"=c:\program files\Common Files\Nero\Lib\NeroCheck.exe
"NBKeyScan"="c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
"EPM-DM"=c:\acer\epm\epm-dm.exe
"ACU"="c:\program files\Atheros\ACU.exe" -nogui

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"\\\\BARNABA\\acer (c)\\Program Files\\eMule\\emule.exe"=
"c:\\usr\\apache\\Apache.exe"=
"c:\\usr\\SMTP Server\\localsrv.exe"=
"c:\\Program Files\\Macromedia\\Dreamweaver 8\\Dreamweaver.exe"=
"c:\\Program Files\\TC PowerPack\\TOTALCMD.EXE"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\WINDOWS\\system32\\java.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Documents and Settings\\All Users\\Dokumenty\\Gadu-Gadu\\gg.exe"=

*Newly Created Service* - PXARK
.
- - - - USUNIĘTO PUSTE WPISY - - - -

Notify-dimsntfy - (no file)
MSConfigStartUp-windows calculator - wincalc.exe


.
------- Skan uzupełniający -------
.
FireFox -: Profile - c:\documents and settings\admin\Dane aplikacji\Mozilla\Firefox\Profiles\ipk8jqj8.default\
FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp://www.google.pl/
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-12-01 21:55:31
Windows 5.1.2600 Dodatek Service Pack 2 NTFS

skanowanie ukrytych procesów ...

skanowanie ukrytych wpisów autostartu ...

skanowanie ukrytych plików ...

skanowanie pomyślnie ukończone
ukryte pliki: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\controlset005\Services\MySql]
"ImagePath"="c:/usr/mysql/bin/mysqld-max.exe"

[HKEY_LOCAL_MACHINE\System\controlset005\Services\MySql]
"ImagePath"="c:/usr/mysql/bin/mysqld-max.exe"

[HKEY_LOCAL_MACHINE\System\controlset005\Services\OracleOraDb10g_home2TNSListener]
"ImagePath"="c:\oracle\product\10.2.0\db_2\BIN\TNSLSNR "
.
------------------------ Pozostałe uruchomione procesy ------------------------
.
c:\windows\system32\WLTRYSVC.EXE
c:\windows\system32\BCMWLTRY.EXE
c:\program files\Avira\AntiVir PersonalEdition Classic\sched.exe
c:\acer\eManager\anbmServ.exe
c:\program files\Avira\AntiVir PersonalEdition Classic\avguard.exe
c:\program files\PrevxCSI\prevxcsi.exe
c:\usr\mysql\bin\mysqld-max.exe
c:\program files\CDBurnerXP\NMSAccessU.exe
d:\vmware workstation\vmware-authd.exe
c:\program files\Common Files\VMware\VMware Virtual Image Editing\vmount2.exe
c:\windows\system32\vmnat.exe
c:\windows\system32\vmnetdhcp.exe
c:\program files\Avira\AntiVir PersonalEdition Classic\update.exe
c:\windows\system32\wscntfy.exe
c:\windows\system32\WLTRAY.EXE
c:\program files\PrevxCSI\prevxcsi.exe
.
**************************************************************************
.
Czas ukończenia: 2008-12-01 22:02:23 - komputer został uruchomiony ponownie
ComboFix-quarantined-files.txt 2008-12-01 21:02:18

Przed: 1,809,846,272 bajtów wolnych
Po: 1,750,536,192 bajtów wolnych

477 --- E O F --- 2008-12-01 20:13:41

[huber2t]

Pobierz ComboFix, ale nie uruchamiaj
Wklej do notatnika:

Kod: Zaznacz wszystko

File::
c:\windows\system32\SET14D6.tmp
c:\windows\system32\SET14C8.tmp
c:\windows\system32\SET14D7.tmp
c:\windows\system32\SET14C3.tmp
c:\windows\system32\SET152A.tmp
c:\windows\system32\SET14BE.tmp
c:\windows\system32\SETB40.tmp
c:\windows\system32\SETB46.tmp
c:\windows\system32\SET853.tmp
c:\windows\system32\SET736.tmp
c:\windows\003228_.tmp
c:\windows\system32\SET1351.tmp
c:\windows\system32\SET1343.tmp
c:\windows\system32\SET133E.tmp
c:\windows\system32\SET13A5.tmp
c:\windows\system32\SET1339.tmp
c:\windows\system32\SET997.tmp
c:\windows\system32\SET99D.tmp
c:\windows\system32\SET67F.tmp
c:\windows\system32\SET51B.tmp
c:\windows\system32\SET3DD.tmp
c:\windows\003219_.tmp
c:\windows\system32\drivers\_004802_.tmp.dll
c:\windows\system32\SET121D.tmp
c:\windows\system32\SET120F.tmp
c:\windows\system32\SET120A.tmp
c:\windows\system32\SET1271.tmp
c:\windows\system32\SET1205.tmp
c:\windows\system32\SET884.tmp
c:\windows\system32\SET88A.tmp
c:\windows\system32\SET3CD.tmp
c:\windows\system32\SET2B3.tmp
c:\windows\003210_.tmp
c:\windows\system32\drivers\_004792_.tmp.dll
c:\windows\system32\SET111F.tmp
c:\windows\system32\SET1111.tmp
c:\windows\system32\SET110C.tmp
c:\windows\system32\SET1173.tmp
c:\windows\system32\SET1107.tmp
c:\windows\system32\SET789.tmp
c:\windows\system32\SET78F.tmp
c:\windows\system32\SET473.tmp
c:\windows\system32\SET2EC.tmp
c:\windows\003201_.tmp
c:\windows\system32\drivers\_004782_.tmp.dll
c:\windows\system32\SET1020.tmp
c:\windows\system32\SET1012.tmp
c:\windows\system32\SET100D.tmp
c:\windows\system32\SET1074.tmp
c:\windows\system32\SET1008.tmp
c:\windows\system32\SET68A.tmp
c:\windows\system32\SET690.tmp
c:\windows\system32\SET260.tmp
c:\windows\system32\SET1C8.tmp
c:\windows\003192_.tmp
c:\windows\system32\drivers\_004772_.tmp.dll
c:\windows\system32\SETF0B.tmp
c:\windows\system32\SETEFD.tmp
c:\windows\system32\SETEF8.tmp
c:\windows\system32\SETF5F.tmp
c:\windows\system32\SETEF3.tmp
c:\windows\SET41D.tmp
c:\windows\system32\SET575.tmp
c:\windows\system32\SET3FB.tmp
c:\windows\system32\SET3F6.tmp
c:\windows\system32\SET3EE.tmp
c:\windows\system32\SET3F3.tmp
c:\windows\system32\SET3F9.tmp
c:\windows\system32\SET57B.tmp
c:\windows\system32\SET3E9.tmp
c:\windows\system32\SET3F1.tmp
c:\windows\003183_.tmp
c:\windows\system32\drivers\_004762_.tmp.dll

Folder::
C:\found.000


Plik zapisz jako CFScript.txt.
Przeciągnij i upuść ikonkę CFScript.txt na ikonkę ComboFix.exe tak jak tu->

Rozpocznie się usuwanie i powstanie log, który dasz na forum.

Logi dajesz na http://www.wklej.eu a w poście dajesz tylko link

[bambus]

log po skanowaniu, a skad mam widziec ,które pliki sa wirusami?

http://www.wklej.eu/index.php?id=70cb9355ed

[huber2t]

Ja ci napiszę

Pobierz ComboFix, ale nie uruchamiaj
Wklej do notatnika:

Kod: Zaznacz wszystko

File::
c:\windows\system32\VB5StKit.dll
c:\windows\system32\SET84F.tmp
c:\windows\system32\SET737.tmp
c:\windows\system32\SET7D0.tmp
c:\windows\system32\SET67A.tmp
c:\windows\system32\SET628.tmp
c:\windows\system32\SET47D.tmp
c:\windows\system32\SET6BC.tmp
c:\windows\system32\SET56E.tmp
c:\windows\system32\SET336.tmp
c:\windows\system32\SET5C3.tmp
c:\windows\system32\SET46E.tmp
c:\windows\system32\SET2EE.tmp
c:\windows\system32\SET37D.tmp
c:\windows\system32\SET19A.tmp

Registry::
[-HKLM\~\startupfolder\^ntuser.dat]
[-HKLM\~\startupfolder\^ntuser.dat.log]
[-HKLM\~\startupfolder\^ntuser.ini]


Plik zapisz jako CFScript.txt.
Przeciągnij i upuść ikonkę CFScript.txt na ikonkę ComboFix.exe tak jak tu->

Rozpocznie się usuwanie i powstanie log, który dasz na forum.

Logi dajesz na http://www.wklej.eu a w poście dajesz tylko link

Przeczyść komputer Ccleanerem

[bambus]

log po skanowaniu, a chodzi mi o to skąd wiadomo, ze to wirusy sa jakoś oznaczone


http://www.wklej.eu/index.php?id=3d144c984f

[huber2t]

nie są one nigdy oznaczone

Log wygląda na czysty

usuń ręcznie folder C: \Qoobox , usuń instalkę Combofix z dysku.

Przeczyść komputer Ccleanerem

Wykonaj optymalizację autostartu

Wyłącz i włącz przywracanie systemu na wszystkich dyskach. Instrukcja

Przeskanuj obszar mojego komputera http://www.kaspersky.pl/virusscanner.html (uruchom przez IE) Daj raport z niego na forum

lub

Dr.WEB CureIt!