x-kom hosting

Nie otwierają sięstrony

GloomRelic
utworzono
utworzono

Nie otwiera mi się np strona Microsoftu oto logi z combofixa

ComboFix 09-06-14.02 - GriX 2009-06-15 14:16.1 - NTFSx86Microsoft Windows XP Home Edition  5.1.2600.3.1250.48.1045.18.2047.1547 [GMT 2:00]Uruchomiony z: c:\documents and settings\GriX\Pulpit\ComboFix.exeAV: avast! antivirus 4.8.1335 [VPS 090614-0] *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}UWAGA - TEN KOMPUTER NIE MA ZAINSTALOWANEJ KONSOLI ODZYSKIWANIA !!.(((((((((((((((((((((((((((((((((((((((   Usunięto   ))))))))))))))))))))))))))))))))))))))))))))))))).c:\windows\IE4 Error Log.txt.(((((((((((((((((((((((((   Pliki utworzone od 2009-05-15 do 2009-06-15  ))))))))))))))))))))))))))))))).2009-06-14 19:23 . 2009-06-14 19:23    138920    ----a-w-    c:\windows\system32\drivers\PnkBstrK.sys2009-06-14 19:23 . 2009-06-14 19:23    189072    ----a-w-    c:\windows\system32\PnkBstrB.exe2009-06-14 19:23 . 2009-06-14 19:23    75064    ----a-w-    c:\windows\system32\PnkBstrA.exe2009-06-14 16:23 . 2008-12-01 12:35    593920    ------w-    c:\windows\system32\ati2sgag.exe2009-06-14 16:22 . 2009-06-14 16:22    --------    d-----w-    C:\ATI2009-06-14 15:01 . 2009-06-14 17:01    107888    ----a-w-    c:\windows\system32\CmdLineExt.dll2009-06-14 07:52 . 2009-06-14 07:52    --------    d-----w-    c:\documents and settings\All Users\Dane aplikacji\ATI2009-06-13 17:59 . 2008-10-21 12:51    118784    ----a-w-    c:\windows\system32\atibrtmon.exe2009-06-13 17:59 . 2008-05-16 09:48    446464    ----a-w-    c:\windows\system32\NVUNINST.EXE2009-06-13 16:00 . 2009-06-13 16:03    --------    d-----w-    c:\documents and settings\GriX\polanie-online2009-06-13 10:36 . 2009-06-13 10:36    --------    d-----w-    C:\icytower1.32009-06-13 07:51 . 2008-07-10 09:00    3851784    ----a-w-    c:\windows\system32\D3DX9_39.dll2009-06-12 18:13 . 2009-06-12 18:13    --------    d-----w-    C:\Ice Tower 42009-06-04 20:26 . 2009-06-04 20:26    1700352    ----a-w-    c:\windows\system32\gdiplus.dll2009-06-04 17:39 . 2009-06-13 19:48    1324    ----a-w-    c:\windows\system32\d3d9caps.dat2009-06-04 16:23 . 2009-06-04 16:23    --------    d-----w-    c:\program files\MSBuild2009-06-04 16:23 . 2009-06-15 05:20    1880472    ----a-w-    c:\documents and settings\LocalService\Ustawienia lokalne\Dane aplikacji\FontCache3.0.0.0.dat2009-06-04 16:21 . 2009-06-04 16:21    --------    d-----w-    c:\windows\system32\XPSViewer2009-06-04 16:20 . 2009-06-04 16:20    --------    d-----w-    c:\program files\Reference Assemblies2009-06-04 16:20 . 2006-06-29 11:07    14048    ------w-    c:\windows\system32\spmsg2.dll2009-06-04 15:56 . 2009-06-04 16:26    --------    d-----w-    c:\documents and settings\GriX\Ustawienia lokalne\Dane aplikacji\Rockstar Games2009-06-04 15:50 . 2009-06-04 16:55    --------    d-----w-    c:\program files\Microsoft Games for Windows - LIVE2009-06-04 15:50 . 2009-06-04 15:50    --------    d-----w-    c:\windows\system32\xlive2009-06-02 15:02 . 2009-06-02 15:03    --------    d-----w-    c:\documents and settings\All Users\Dane aplikacji\Bluetooth2009-05-28 20:03 . 2009-06-07 20:10    --------    d-----w-    c:\windows\system32\Adobe2009-05-23 18:26 . 2009-05-23 18:26    --------    d-----w-    c:\documents and settings\GriX\Ustawienia lokalne\Dane aplikacji\Help2009-05-23 10:31 . 2009-05-23 10:31    --------    d-----w-    c:\documents and settings\All Users\Dane aplikacji\FLEXnet2009-05-23 10:28 . 2009-05-23 10:28    --------    d-----w-    c:\program files\Bonjour2009-05-23 09:44 . 2009-05-23 09:44    --------    d-----w-    c:\program files\Common Files\Macrovision Shared2009-05-16 16:21 . 2009-05-16 16:21    --------    d-----w-    c:\program files\Common Files\DirectX.((((((((((((((((((((((((((((((((((((((((   Sekcja Find3M   )))))))))))))))))))))))))))))))))))))))))))))))))))).2009-06-14 17:48 . 2009-04-22 18:35    --------    d---a-w-    c:\documents and settings\All Users\Dane aplikacji\TEMP2009-06-14 16:28 . 2009-02-09 18:02    --------    d--h--w-    c:\program files\InstallShield Installation Information2009-06-14 07:52 . 2009-02-09 18:24    --------    d-----w-    c:\documents and settings\GriX\Dane aplikacji\ATI2009-06-14 07:51 . 2009-02-09 18:17    --------    d-----w-    c:\program files\ATI Technologies2009-06-13 14:32 . 2009-02-12 19:01    --------    d-----w-    c:\documents and settings\GriX\Dane aplikacji\gtk-2.02009-06-04 16:52 . 2009-02-09 18:24    64760    ----a-w-    c:\documents and settings\GriX\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT2009-06-04 16:24 . 2004-08-04 12:00    96732    ----a-w-    c:\windows\system32\perfc015.dat2009-06-04 16:24 . 2004-08-04 12:00    526636    ----a-w-    c:\windows\system32\perfh015.dat2009-05-30 16:52 . 2009-02-10 16:51    --------    d-----w-    c:\documents and settings\GriX\Dane aplikacji\teamspeak22009-05-23 10:29 . 2009-02-16 13:53    --------    d-----w-    c:\program files\Common Files\Adobe2009-05-22 07:57 . 2009-03-25 16:08    --------    d-----w-    c:\documents and settings\All Users\Dane aplikacji\TrackMania2009-05-05 16:37 . 2009-05-05 16:31    --------    d-----w-    c:\documents and settings\GriX\Dane aplikacji\DAEMON Tools Lite2009-05-05 16:35 . 2009-05-05 16:35    --------    d-----w-    c:\documents and settings\All Users\Dane aplikacji\DAEMON Tools Lite2009-05-05 16:34 . 2009-05-05 16:34    --------    d-----w-    c:\program files\DAEMON Tools Toolbar2009-05-05 16:31 . 2009-03-10 16:54    721904    ----a-w-    c:\windows\system32\drivers\sptd.sys2009-04-21 22:20 . 2009-04-21 22:20    14311680    ----a-w-    c:\windows\system32\xlive.dll2009-04-21 22:20 . 2009-04-21 22:20    13642496    ----a-w-    c:\windows\system32\xlivefnt.dll2009-03-31 16:37 . 2009-03-31 16:37    152576    ----a-w-    c:\documents and settings\GriX\Dane aplikacji\Sun\Java\jre1.6.0_13\lzma.dll2009-03-24 16:11 . 2009-03-31 15:17    154624    ----a-w-    c:\windows\system32\zlib4.dll2009-03-21 13:32 . 2009-03-03 13:12    22328    ----a-w-    c:\documents and settings\GriX\Dane aplikacji\PnkBstrK.sys2009-03-21 13:32 . 2009-03-03 13:12    22328    ----a-w-    c:\documents and settings\GriX\Dane aplikacji\PnkBstrK.sys2009-03-19 20:19 . 2009-03-19 20:19    6834    ----a-w-    c:\windows\system32\ealregsnapshot1.reg2004-08-04 12:00 . 2004-08-04 12:00    163185    --sha-r-    c:\windows\system32\fzznfnom.dll.(((((((((((((((((((((((((((((((((((((   Wpisy startowe rejestru   ))))))))))))))))))))))))))))))))))))))))))))))))))..*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane  REGEDIT4[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]"SpybotSD TeaTimer"="f:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-01-26 2144088]"Nowe Gadu-Gadu"="f:\program files\Gadu-Gadu\gg.exe" [2009-04-20 9818728]"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-14 1695232]"LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2008-01-24 2289664]"EA Core"="f:\program files\Electronic Arts\EADM\Core.exe" [2009-04-29 3338240]"DAEMON Tools Lite"="f:\program files\DAEMON Tools Lite\daemon.exe" [2009-04-23 691656]"RGSC"="f:\program files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe" [2009-06-14 306088][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-01 153136]"au"="c:\program files\Dealio\DealioAU.exe" [2008-05-26 595296]"SearchSettings"="c:\program files\Search Settings\SearchSettings.exe" [2008-06-12 991584]"Adobe Reader Speed Launcher"="f:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]"avast!"="f:\progra~1\Avast\Avast4\ashDisp.exe" [2009-02-05 81000]"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-03-09 148888]"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-03-03 61440]"RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.exe [2007-11-22 16858112][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]"NSSInstallation"="c:\windows\system32\Adobe\Shockwave 11\nssstub.exe" [2009-05-28 181624][HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]c:\documents and settings\All Users\Menu Start\Programy\Autostart\ASRock WiFi-802.11g.lnk - c:\program files\ASRock WiFi-802.11g\RtWLan.exe [2009-2-9 978944][HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WB]2001-12-20 22:34    24576    ----a-w-    f:\program files\AlienGUIse\fastload.dll[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]"AppInit_DLLs"=c:\windows\system32\wbsys.dll[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]@=""[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]"EnableFirewall"= 0 (0x0)[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]"%windir%\\system32\\sessmgr.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe"="c:\\WINDOWS\\system32\\PnkBstrA.exe"="c:\\WINDOWS\\system32\\PnkBstrB.exe"="f:\\Program Files\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"="f:\\Program Files\\Activision\\Call of Duty - World at War\\CoDWaWmp.exe"="f:\\Program Files\\Activision\\Call of Duty - World at War\\CoDWaW.exe"="c:\\Program Files\\Bonjour\\mDNSResponder.exe"="f:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"="f:\\Program Files\\Rockstar Games\\Rockstar Games Social Club\\RGSCLauncher.exe"="f:\\Program Files\\Rockstar Games\\Grand Theft Auto IV\\LaunchGTAIV.exe"=[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]"3451:TCP"= 3451:TCP:gwkjqexgR1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2009-03-31 114768]R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2009-03-31 20560]R3 AtiHdmiService;ATI Function Driver for HDMI Service;c:\windows\system32\drivers\AtiHdmi.sys [2009-02-09 93184]S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys --> c:\windows\system32\DRIVERS\Lbd.sys [?]S2 uahavip;Support Windows;c:\windows\system32\svchost.exe -k netsvcs [2004-08-04 14336]HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - NetSvcsuahavip[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]"c:\program files\Common Files\LightScribe\LSRunOnce.exe".Zawartość folderu 'Zaplanowane zadania'2009-06-15 c:\windows\Tasks\NSSstub.job- c:\windows\system32\Adobe\Shockwave 11\nssstub.exe [2009-05-28 20:03].- - - - USUNIĘTO PUSTE WPISY - - - -HKCU-Run-AQQ - f:\progra~1\WapSter\WAPSTE~1\AQQ.exeNotify-klogon - (no file).------- Skan uzupełniający -------.uInternet Connection Wizard,ShellNext = iexploreuInternet Settings,ProxyOverride = *.localIE: Compare Prices with &Dealio - c:\documents and settings\GriX\Dane aplikacji\Dealio\kb127\res\DealioSearch.htmlIE: Dodaj do blokowanych banerówIE: E&ksport do programu Microsoft Excel - f:\progra~1\MICROS~1\OFFICE11\EXCEL.EXE/3000FF - ProfilePath - c:\documents and settings\GriX\Dane aplikacji\Mozilla\Firefox\Profiles\ory7kj0p.default\FF - plugin: f:\program files\Adobe\Reader 9.0\Reader\browser\nppdf32.dllFF - plugin: f:\program files\Mozilla Firefox\plugins\np-mswmp.dll.**************************************************************************catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.netRootkit scan 2009-06-15 14:17Windows 5.1.2600 Dodatek Service Pack 3 NTFSskanowanie ukrytych procesów ...  skanowanie ukrytych wpisów autostartu ...skanowanie ukrytych plików ...  skanowanie pomyślnie ukończoneukryte pliki: 0**************************************************************************[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\uahavip]"ServiceDll"="c:\windows\system32\fzznfnom.dll".--------------------- ZABLOKOWANE KLUCZE REJESTRU ---------------------[HKEY_USERS\S-1-5-21-2000478354-73586283-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Explorer\CLSID]@Denied: (Full) (LocalSystem)[HKEY_USERS\S-1-5-21-2000478354-73586283-725345543-1004\Software\SecuROM\License information*]"datasecu"=hex:74,13,b7,c5,1a,54,37,a9,0d,a6,63,6e,4f,1f,78,4f,8b,54,65,bb,a1,   d6,fd,46,e4,d7,71,d0,ea,94,a1,5a,9a,4d,db,43,6c,4e,3d,dd,b2,f3,20,5c,44,e3,\"rkeysecu"=hex:c7,13,b5,ed,e0,62,39,50,2a,6b,a7,a8,74,d2,e5,d8.--------------------- Pliki DLL ładowane pod uruchomionymi procesami ---------------------- - - - - - - > 'winlogon.exe'(972)c:\windows\system32\Ati2evxx.dllf:\program files\AlienGUIse\fastload.dll.Czas ukończenia: 2009-06-15 14:18ComboFix-quarantined-files.txt  2009-06-15 12:18Przed: 65 934 397 440 bajtów wolnychPo: 65 979 441 152 bajtów wolnychCurrent=1 Default=1 Failed=0 LastKnownGood=4 Sets=1,2,3,4180= ';

Mateusz J.
komentarz
komentarz

Do notatnika wklej:

Folder::c:\program files\Dealioc:\program files\Search SettingsRegistry::[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"au"=-"SearchSettings"=-

>>Plik>>Zapisz jako... >>> CFScript

Przeciągnij i upuść plik CFScript.txt na plik ComboFix.exe

-->cfscriptb5b4me3.gif

Ma się rozpocząć usuwanie. (i powstanie log).Daj ten log, który powstanie w trakcie usuwania.

Jeśli pójdzie dobrze, to: Po restarcie usuń ręcznie folder C:\Qoobox.

GloomRelic
komentarz
komentarz

Zrobiłem wszystko usunelem ten folder . Oto ten log:

ComboFix 09-06-15.06 - GriX 2009-06-16 14:21.2 - NTFSx86Microsoft Windows XP Home Edition  5.1.2600.3.1250.48.1045.18.2047.1488 [GMT 2:00]Uruchomiony z: c:\documents and settings\GriX\Pulpit\ComboFix.exeUżyto następujących komend :: c:\documents and settings\GriX\Pulpit\CFScript.txtAV: avast! antivirus 4.8.1335 [VPS 090615-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}UWAGA - TEN KOMPUTER NIE MA ZAINSTALOWANEJ KONSOLI ODZYSKIWANIA !!.(((((((((((((((((((((((((((((((((((((((   Usunięto   ))))))))))))))))))))))))))))))))))))))))))))))))).c:\program files\Dealioc:\program files\Search Settingsc:\program files\Dealio\DealioAU.exec:\program files\Dealio\kb127\Dealio Deskbar.exec:\program files\Dealio\kb127\Dealio.dllc:\program files\Dealio\kb127\DealioRes409.dllc:\program files\Dealio\kb127\res\alerts.gifc:\program files\Dealio\kb127\res\alerts_over.gifc:\program files\Dealio\kb127\res\alerts_rec.gifc:\program files\Dealio\kb127\res\alerts_rec_over.gifc:\program files\Dealio\kb127\res\chevron-small.gifc:\program files\Dealio\kb127\res\deal_report.jpgc:\program files\Dealio\kb127\res\DealioSearch.htmlc:\program files\Dealio\kb127\res\deals-leftcap.gifc:\program files\Dealio\kb127\res\ebay_login.jpgc:\program files\Dealio\kb127\res\err_mainwindow.htmlc:\program files\Dealio\kb127\res\err_toolbar.htmlc:\program files\Dealio\kb127\res\global_scripts.jsc:\program files\Dealio\kb127\res\headerbgthin.jpgc:\program files\Dealio\kb127\res\highlight-bg.pngc:\program files\Dealio\kb127\res\logo.gifc:\program files\Dealio\kb127\res\logo_over.gifc:\program files\Dealio\kb127\res\man_toolbar.cssc:\program files\Dealio\kb127\res\man_toolbar.htmlc:\program files\Dealio\kb127\res\man_toolbar.jsc:\program files\Dealio\kb127\res\man_toolbarl.jsc:\program files\Dealio\kb127\res\post-this-deal.gifc:\program files\Dealio\kb127\res\post-this-deal_over.gifc:\program files\Dealio\kb127\res\scripts.jsc:\program files\Dealio\kb127\res\scroller.jsc:\program files\Dealio\kb127\res\search-chevron.gifc:\program files\Dealio\kb127\res\search-chevron_over.gifc:\program files\Dealio\kb127\res\search_bg_blink.gifc:\program files\Dealio\kb127\res\separator.gifc:\program files\Dealio\kb127\res\settings.gifc:\program files\Dealio\kb127\res\settings_over.gifc:\program files\Dealio\kb127\res\yahoo-search.pngc:\program files\Dealio\kb127\resDN\bottom.gifc:\program files\Dealio\kb127\resDN\chevron_down.gifc:\program files\Dealio\kb127\resDN\chevron_up.gifc:\program files\Dealio\kb127\resDN\close.gifc:\program files\Dealio\kb127\resDN\deskbar.cssc:\program files\Dealio\kb127\resDN\deskbar.jsc:\program files\Dealio\kb127\resDN\dispatch_helper.jsc:\program files\Dealio\kb127\resDN\ebay_compatible.jpgc:\program files\Dealio\kb127\resDN\logo.gifc:\program files\Dealio\kb127\resDN\logo_chevron_bkg.gifc:\program files\Dealio\kb127\resDN\losing.gifc:\program files\Dealio\kb127\resDN\lost.gifc:\program files\Dealio\kb127\resDN\man_deskbar.htmlc:\program files\Dealio\kb127\resDN\menu_arrow.gifc:\program files\Dealio\kb127\resDN\menu_check.gifc:\program files\Dealio\kb127\resDN\no_image.gifc:\program files\Dealio\kb127\resDN\prod_img.gifc:\program files\Dealio\kb127\resDN\search_chevron.gifc:\program files\Dealio\kb127\resDN\spacer.gifc:\program files\Dealio\kb127\resDN\textfield_bkg.gifc:\program files\Dealio\kb127\resDN\top.gifc:\program files\Dealio\kb127\resDN\unknown.gifc:\program files\Dealio\kb127\resDN\winning.gifc:\program files\Dealio\kb127\resDN\won.gifc:\program files\Dealio\kb127\rules\index.76.35c:\program files\Dealio\kb127\rules\rules.1.10.76c:\program files\Dealio\kb127\rules\rules.1.109.43c:\program files\Dealio\kb127\rules\rules.1.110.43c:\program files\Dealio\kb127\rules\rules.1.12.52c:\program files\Dealio\kb127\rules\rules.1.13.58c:\program files\Dealio\kb127\rules\rules.1.130.58c:\program files\Dealio\kb127\rules\rules.1.135.50c:\program files\Dealio\kb127\rules\rules.1.153.44c:\program files\Dealio\kb127\rules\rules.1.155.43c:\program files\Dealio\kb127\rules\rules.1.156.49c:\program files\Dealio\kb127\rules\rules.1.16.60c:\program files\Dealio\kb127\rules\rules.1.161.52c:\program files\Dealio\kb127\rules\rules.1.178.66c:\program files\Dealio\kb127\rules\rules.1.184.55c:\program files\Dealio\kb127\rules\rules.1.188.52c:\program files\Dealio\kb127\rules\rules.1.189.45c:\program files\Dealio\kb127\rules\rules.1.196.43c:\program files\Dealio\kb127\rules\rules.1.198.56c:\program files\Dealio\kb127\rules\rules.1.199.43c:\program files\Dealio\kb127\rules\rules.1.200.53c:\program files\Dealio\kb127\rules\rules.1.201.43c:\program files\Dealio\kb127\rules\rules.1.202.43c:\program files\Dealio\kb127\rules\rules.1.203.71c:\program files\Dealio\kb127\rules\rules.1.205.62c:\program files\Dealio\kb127\rules\rules.1.213.71c:\program files\Dealio\kb127\rules\rules.1.214.49c:\program files\Dealio\kb127\rules\rules.1.215.43c:\program files\Dealio\kb127\rules\rules.1.216.67c:\program files\Dealio\kb127\rules\rules.1.217.67c:\program files\Dealio\kb127\rules\rules.1.218.52c:\program files\Dealio\kb127\rules\rules.1.219.43c:\program files\Dealio\kb127\rules\rules.1.220.43c:\program files\Dealio\kb127\rules\rules.1.221.57c:\program files\Dealio\kb127\rules\rules.1.222.43c:\program files\Dealio\kb127\rules\rules.1.223.68c:\program files\Dealio\kb127\rules\rules.1.226.68c:\program files\Dealio\kb127\rules\rules.1.227.43c:\program files\Dealio\kb127\rules\rules.1.228.62c:\program files\Dealio\kb127\rules\rules.1.229.76c:\program files\Dealio\kb127\rules\rules.1.23.63c:\program files\Dealio\kb127\rules\rules.1.239.43c:\program files\Dealio\kb127\rules\rules.1.24.43c:\program files\Dealio\kb127\rules\rules.1.240.43c:\program files\Dealio\kb127\rules\rules.1.241.43c:\program files\Dealio\kb127\rules\rules.1.242.43c:\program files\Dealio\kb127\rules\rules.1.243.43c:\program files\Dealio\kb127\rules\rules.1.244.63c:\program files\Dealio\kb127\rules\rules.1.245.43c:\program files\Dealio\kb127\rules\rules.1.247.43c:\program files\Dealio\kb127\rules\rules.1.248.43c:\program files\Dealio\kb127\rules\rules.1.249.43c:\program files\Dealio\kb127\rules\rules.1.250.43c:\program files\Dealio\kb127\rules\rules.1.251.43c:\program files\Dealio\kb127\rules\rules.1.252.43c:\program files\Dealio\kb127\rules\rules.1.253.43c:\program files\Dealio\kb127\rules\rules.1.254.43c:\program files\Dealio\kb127\rules\rules.1.255.43c:\program files\Dealio\kb127\rules\rules.1.256.43c:\program files\Dealio\kb127\rules\rules.1.257.43c:\program files\Dealio\kb127\rules\rules.1.279.43c:\program files\Dealio\kb127\rules\rules.1.28.58c:\program files\Dealio\kb127\rules\rules.1.282.75c:\program files\Dealio\kb127\rules\rules.1.283.43c:\program files\Dealio\kb127\rules\rules.1.284.43c:\program files\Dealio\kb127\rules\rules.1.289.67c:\program files\Dealio\kb127\rules\rules.1.290.62c:\program files\Dealio\kb127\rules\rules.1.291.61c:\program files\Dealio\kb127\rules\rules.1.296.43c:\program files\Dealio\kb127\rules\rules.1.297.43c:\program files\Dealio\kb127\rules\rules.1.304.43c:\program files\Dealio\kb127\rules\rules.1.307.43c:\program files\Dealio\kb127\rules\rules.1.308.75c:\program files\Dealio\kb127\rules\rules.1.31.47c:\program files\Dealio\kb127\rules\rules.1.310.46c:\program files\Dealio\kb127\rules\rules.1.311.43c:\program files\Dealio\kb127\rules\rules.1.315.43c:\program files\Dealio\kb127\rules\rules.1.316.43c:\program files\Dealio\kb127\rules\rules.1.317.43c:\program files\Dealio\kb127\rules\rules.1.318.43c:\program files\Dealio\kb127\rules\rules.1.319.49c:\program files\Dealio\kb127\rules\rules.1.32.48c:\program files\Dealio\kb127\rules\rules.1.334.44c:\program files\Dealio\kb127\rules\rules.1.335.60c:\program files\Dealio\kb127\rules\rules.1.336.44c:\program files\Dealio\kb127\rules\rules.1.337.44c:\program files\Dealio\kb127\rules\rules.1.338.75c:\program files\Dealio\kb127\rules\rules.1.339.47c:\program files\Dealio\kb127\rules\rules.1.34.43c:\program files\Dealio\kb127\rules\rules.1.340.47c:\program files\Dealio\kb127\rules\rules.1.341.47c:\program files\Dealio\kb127\rules\rules.1.349.50c:\program files\Dealio\kb127\rules\rules.1.35.48c:\program files\Dealio\kb127\rules\rules.1.350.50c:\program files\Dealio\kb127\rules\rules.1.351.51c:\program files\Dealio\kb127\rules\rules.1.352.54c:\program files\Dealio\kb127\rules\rules.1.353.51c:\program files\Dealio\kb127\rules\rules.1.354.51c:\program files\Dealio\kb127\rules\rules.1.357.62c:\program files\Dealio\kb127\rules\rules.1.358.52c:\program files\Dealio\kb127\rules\rules.1.359.52c:\program files\Dealio\kb127\rules\rules.1.360.53c:\program files\Dealio\kb127\rules\rules.1.361.54c:\program files\Dealio\kb127\rules\rules.1.362.68c:\program files\Dealio\kb127\rules\rules.1.363.58c:\program files\Dealio\kb127\rules\rules.1.364.54c:\program files\Dealio\kb127\rules\rules.1.365.53c:\program files\Dealio\kb127\rules\rules.1.367.56c:\program files\Dealio\kb127\rules\rules.1.368.58c:\program files\Dealio\kb127\rules\rules.1.369.55c:\program files\Dealio\kb127\rules\rules.1.370.56c:\program files\Dealio\kb127\rules\rules.1.371.56c:\program files\Dealio\kb127\rules\rules.1.372.57c:\program files\Dealio\kb127\rules\rules.1.373.55c:\program files\Dealio\kb127\rules\rules.1.375.56c:\program files\Dealio\kb127\rules\rules.1.376.57c:\program files\Dealio\kb127\rules\rules.1.377.55c:\program files\Dealio\kb127\rules\rules.1.378.65c:\program files\Dealio\kb127\rules\rules.1.384.58c:\program files\Dealio\kb127\rules\rules.1.386.71c:\program files\Dealio\kb127\rules\rules.1.387.59c:\program files\Dealio\kb127\rules\rules.1.388.59c:\program files\Dealio\kb127\rules\rules.1.389.59c:\program files\Dealio\kb127\rules\rules.1.390.60c:\program files\Dealio\kb127\rules\rules.1.391.60c:\program files\Dealio\kb127\rules\rules.1.392.60c:\program files\Dealio\kb127\rules\rules.1.393.60c:\program files\Dealio\kb127\rules\rules.1.394.60c:\program files\Dealio\kb127\rules\rules.1.396.61c:\program files\Dealio\kb127\rules\rules.1.397.61c:\program files\Dealio\kb127\rules\rules.1.398.60c:\program files\Dealio\kb127\rules\rules.1.399.60c:\program files\Dealio\kb127\rules\rules.1.403.61c:\program files\Dealio\kb127\rules\rules.1.404.63c:\program files\Dealio\kb127\rules\rules.1.405.61c:\program files\Dealio\kb127\rules\rules.1.406.61c:\program files\Dealio\kb127\rules\rules.1.407.76c:\program files\Dealio\kb127\rules\rules.1.408.63c:\program files\Dealio\kb127\rules\rules.1.409.61c:\program files\Dealio\kb127\rules\rules.1.412.62c:\program files\Dealio\kb127\rules\rules.1.413.62c:\program files\Dealio\kb127\rules\rules.1.414.62c:\program files\Dealio\kb127\rules\rules.1.415.62c:\program files\Dealio\kb127\rules\rules.1.416.62c:\program files\Dealio\kb127\rules\rules.1.417.62c:\program files\Dealio\kb127\rules\rules.1.418.62c:\program files\Dealio\kb127\rules\rules.1.419.62c:\program files\Dealio\kb127\rules\rules.1.420.62c:\program files\Dealio\kb127\rules\rules.1.421.62c:\program files\Dealio\kb127\rules\rules.1.423.63c:\program files\Dealio\kb127\rules\rules.1.424.63c:\program files\Dealio\kb127\rules\rules.1.425.63c:\program files\Dealio\kb127\rules\rules.1.426.63c:\program files\Dealio\kb127\rules\rules.1.427.63c:\program files\Dealio\kb127\rules\rules.1.428.65c:\program files\Dealio\kb127\rules\rules.1.429.63c:\program files\Dealio\kb127\rules\rules.1.430.63c:\program files\Dealio\kb127\rules\rules.1.432.65c:\program files\Dealio\kb127\rules\rules.1.433.64c:\program files\Dealio\kb127\rules\rules.1.434.65c:\program files\Dealio\kb127\rules\rules.1.435.64c:\program files\Dealio\kb127\rules\rules.1.436.76c:\program files\Dealio\kb127\rules\rules.1.437.64c:\program files\Dealio\kb127\rules\rules.1.438.71c:\program files\Dealio\kb127\rules\rules.1.439.71c:\program files\Dealio\kb127\rules\rules.1.440.75c:\program files\Dealio\kb127\rules\rules.1.442.73c:\program files\Dealio\kb127\rules\rules.1.443.73c:\program files\Dealio\kb127\rules\rules.1.444.73c:\program files\Dealio\kb127\rules\rules.1.445.68c:\program files\Dealio\kb127\rules\rules.1.446.69c:\program files\Dealio\kb127\rules\rules.1.450.67c:\program files\Dealio\kb127\rules\rules.1.451.67c:\program files\Dealio\kb127\rules\rules.1.452.68c:\program files\Dealio\kb127\rules\rules.1.453.68c:\program files\Dealio\kb127\rules\rules.1.454.69c:\program files\Dealio\kb127\rules\rules.1.456.69c:\program files\Dealio\kb127\rules\rules.1.457.75c:\program files\Dealio\kb127\rules\rules.1.458.70c:\program files\Dealio\kb127\rules\rules.1.459.70c:\program files\Dealio\kb127\rules\rules.1.460.69c:\program files\Dealio\kb127\rules\rules.1.462.74c:\program files\Dealio\kb127\rules\rules.1.463.69c:\program files\Dealio\kb127\rules\rules.1.464.70c:\program files\Dealio\kb127\rules\rules.1.465.68c:\program files\Dealio\kb127\rules\rules.1.468.70c:\program files\Dealio\kb127\rules\rules.1.469.70c:\program files\Dealio\kb127\rules\rules.1.470.70c:\program files\Dealio\kb127\rules\rules.1.471.73c:\program files\Dealio\kb127\rules\rules.1.472.70c:\program files\Dealio\kb127\rules\rules.1.478.74c:\program files\Dealio\kb127\rules\rules.1.479.73c:\program files\Dealio\kb127\rules\rules.1.480.68c:\program files\Dealio\kb127\rules\rules.1.481.71c:\program files\Dealio\kb127\rules\rules.1.482.74c:\program files\Dealio\kb127\rules\rules.1.49.67c:\program files\Dealio\kb127\rules\rules.1.50.43c:\program files\Dealio\kb127\rules\rules.1.500.71c:\program files\Dealio\kb127\rules\rules.1.501.74c:\program files\Dealio\kb127\rules\rules.1.502.71c:\program files\Dealio\kb127\rules\rules.1.51.69c:\program files\Dealio\kb127\rules\rules.1.52.72c:\program files\Dealio\kb127\rules\rules.1.520.76c:\program files\Dealio\kb127\rules\rules.1.521.76c:\program files\Dealio\kb127\rules\rules.1.522.76c:\program files\Dealio\kb127\rules\rules.1.53.51c:\program files\Dealio\kb127\rules\rules.1.531.76c:\program files\Dealio\kb127\rules\rules.1.532.75c:\program files\Dealio\kb127\rules\rules.1.534.75c:\program files\Dealio\kb127\rules\rules.1.54.47c:\program files\Dealio\kb127\rules\rules.1.55.45c:\program files\Dealio\kb127\rules\rules.1.56.69c:\program files\Dealio\kb127\rules\rules.1.57.43c:\program files\Dealio\kb127\rules\rules.1.58.47c:\program files\Dealio\kb127\rules\rules.1.593.76c:\program files\Dealio\kb127\rules\rules.1.595.76c:\program files\Dealio\kb127\rules\rules.1.63.57c:\program files\Dealio\kb127\rules\rules.1.66.47c:\program files\Dealio\kb127\rules\rules.1.70.75c:\program files\Dealio\kb127\rules\rules.1.71.43c:\program files\Dealio\SearchSettingsKit.exec:\program files\Search Settings\kb127\SearchSettings.dllc:\program files\Search Settings\kb127\SearchSettingsRes409.dllc:\program files\Search Settings\SearchSettings.exe.(((((((((((((((((((((((((   Pliki utworzone od 2009-05-16 do 2009-06-16  ))))))))))))))))))))))))))))))).2009-06-15 18:43 . 2009-06-15 18:43	107888	----a-w-	c:\windows\system32\CmdLineExt.dll2009-06-15 18:05 . 2009-06-15 18:05	--------	d-----w-	c:\windows\system32\wbem\Repository2009-06-15 18:01 . 2009-06-15 18:01	--------	d-----w-	c:\documents and settings\All Users\Dane aplikacji\ATI2009-06-15 17:42 . 2009-06-15 17:50	--------	d-----w-	c:\documents and settings\All Users\Dane aplikacji\ATI(2)2009-06-15 17:35 . 2008-06-24 13:36	887724	----a-r-	c:\windows\system32\ativva6x.dat2009-06-15 17:35 . 2008-06-24 13:36	3107788	----a-r-	c:\windows\system32\ativva5x.dat2009-06-15 17:35 . 2008-06-24 13:36	3107788	----a-r-	c:\windows\system32\ativvaxx.dat2009-06-15 17:35 . 2008-06-10 09:50	174819	----a-r-	c:\windows\system32\atiicdxx.dat2009-06-15 12:59 . 2009-06-15 17:52	--------	d-sh--w-	C:\RECYCLER(2)2009-06-13 18:08 . 2009-03-03 22:24	43520	----a-w-	c:\windows\system32\ati2edxx(16).dll2009-06-13 16:00 . 2009-06-15 17:59	--------	d-----w-	c:\documents and settings\GriX\polanie-online2009-06-13 10:36 . 2009-06-13 10:36	--------	d-----w-	C:\icytower1.32009-06-12 18:13 . 2009-06-12 18:13	--------	d-----w-	C:\Ice Tower 42009-06-10 14:20 . 2009-03-16 14:04	11563008	----a-w-	c:\windows\system32\atioglxx.dll2009-06-10 14:20 . 2009-03-16 13:40	49664	----a-w-	c:\windows\system32\atimpc32.dll2009-06-10 14:20 . 2009-03-16 13:35	45056	----a-w-	c:\windows\system32\aticalrt.dll2009-06-10 14:20 . 2009-03-16 13:34	45056	----a-w-	c:\windows\system32\aticalcl.dll2009-06-10 14:20 . 2009-03-16 13:33	3264512	----a-w-	c:\windows\system32\aticaldd.dll2009-06-10 14:20 . 2009-03-03 13:56	118784	----a-w-	c:\windows\system32\atibtmon.exe2009-06-04 20:26 . 2009-06-04 20:26	1700352	----a-w-	c:\windows\system32\gdiplus.dll2009-06-04 17:39 . 2009-06-15 17:31	1324	----a-w-	c:\windows\system32\d3d9caps.dat2009-06-04 16:23 . 2009-06-04 16:23	--------	d-----w-	c:\program files\MSBuild2009-06-04 16:23 . 2009-06-16 12:11	1880472	----a-w-	c:\documents and settings\LocalService\Ustawienia lokalne\Dane aplikacji\FontCache3.0.0.0.dat2009-06-04 16:21 . 2009-06-04 16:21	--------	d-----w-	c:\windows\system32\XPSViewer2009-06-04 16:20 . 2009-06-04 16:20	--------	d-----w-	c:\program files\Reference Assemblies2009-06-04 16:20 . 2006-06-29 11:07	14048	------w-	c:\windows\system32\spmsg2.dll2009-06-04 15:56 . 2009-06-04 16:26	--------	d-----w-	c:\documents and settings\GriX\Ustawienia lokalne\Dane aplikacji\Rockstar Games2009-06-04 15:50 . 2009-06-04 16:55	--------	d-----w-	c:\program files\Microsoft Games for Windows - LIVE2009-06-04 15:50 . 2009-06-04 15:50	--------	d-----w-	c:\windows\system32\xlive2009-06-02 15:02 . 2009-06-02 15:03	--------	d-----w-	c:\documents and settings\All Users\Dane aplikacji\Bluetooth2009-05-28 20:03 . 2009-06-07 20:10	--------	d-----w-	c:\windows\system32\Adobe2009-05-23 18:26 . 2009-05-23 18:26	--------	d-----w-	c:\documents and settings\GriX\Ustawienia lokalne\Dane aplikacji\Help2009-05-23 10:31 . 2009-05-23 10:31	--------	d-----w-	c:\documents and settings\All Users\Dane aplikacji\FLEXnet2009-05-23 10:28 . 2009-05-23 10:28	--------	d-----w-	c:\program files\Bonjour2009-05-23 09:44 . 2009-05-23 09:44	--------	d-----w-	c:\program files\Common Files\Macrovision Shared.((((((((((((((((((((((((((((((((((((((((   Sekcja Find3M   )))))))))))))))))))))))))))))))))))))))))))))))))))).2009-06-15 18:15 . 2009-02-09 18:02	--------	d--h--w-	c:\program files\InstallShield Installation Information2009-06-15 18:00 . 2009-02-09 18:24	--------	d-----w-	c:\documents and settings\GriX\Dane aplikacji\ATI2009-06-15 17:59 . 2009-02-12 19:01	--------	d-----w-	c:\documents and settings\GriX\Dane aplikacji\gtk-2.02009-06-15 17:50 . 2009-02-09 18:17	--------	d-----w-	c:\program files\ATI Technologies2009-06-14 17:48 . 2009-04-22 18:35	--------	d---a-w-	c:\documents and settings\All Users\Dane aplikacji\TEMP2009-06-09 20:06 . 2009-03-03 15:07	189072	----a-w-	c:\windows\system32\PnkBstrB.exe2009-06-09 20:05 . 2009-03-03 15:07	138920	----a-w-	c:\windows\system32\drivers\PnkBstrK.sys2009-06-04 16:52 . 2009-02-09 18:24	64760	----a-w-	c:\documents and settings\GriX\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT2009-06-04 16:24 . 2004-08-04 12:00	96732	----a-w-	c:\windows\system32\perfc015.dat2009-06-04 16:24 . 2004-08-04 12:00	526636	----a-w-	c:\windows\system32\perfh015.dat2009-05-30 16:52 . 2009-02-10 16:51	--------	d-----w-	c:\documents and settings\GriX\Dane aplikacji\teamspeak22009-05-23 10:29 . 2009-02-16 13:53	--------	d-----w-	c:\program files\Common Files\Adobe2009-05-22 07:57 . 2009-03-25 16:08	--------	d-----w-	c:\documents and settings\All Users\Dane aplikacji\TrackMania2009-05-16 16:21 . 2009-05-16 16:21	--------	d-----w-	c:\program files\Common Files\DirectX2009-05-05 16:37 . 2009-05-05 16:31	--------	d-----w-	c:\documents and settings\GriX\Dane aplikacji\DAEMON Tools Lite2009-05-05 16:35 . 2009-05-05 16:35	--------	d-----w-	c:\documents and settings\All Users\Dane aplikacji\DAEMON Tools Lite2009-05-05 16:34 . 2009-05-05 16:34	--------	d-----w-	c:\program files\DAEMON Tools Toolbar2009-05-05 16:31 . 2009-03-10 16:54	721904	----a-w-	c:\windows\system32\drivers\sptd.sys2009-04-29 02:07 . 2008-06-24 14:00	204800	----a-w-	c:\windows\system32\atipdlxx(32).dll2009-04-29 02:07 . 2008-06-24 14:00	204800	----a-w-	c:\windows\system32\atipdlxx(31).dll2009-04-29 02:07 . 2008-06-24 14:00	204800	----a-w-	c:\windows\system32\atipdlxx(30).dll2009-04-29 02:07 . 2008-06-24 14:00	204800	----a-w-	c:\windows\system32\atipdlxx(29).dll2009-04-29 02:07 . 2008-06-24 14:00	204800	----a-w-	c:\windows\system32\atipdlxx(28).dll2009-04-29 01:20 . 2008-06-24 13:18	135168	----a-w-	c:\windows\system32\atiadlxx(31).dll2009-04-29 01:20 . 2008-06-24 13:18	135168	----a-w-	c:\windows\system32\atiadlxx(30).dll2009-04-29 01:20 . 2008-06-24 13:18	135168	----a-w-	c:\windows\system32\atiadlxx(29).dll2009-04-29 01:20 . 2008-06-24 13:18	135168	----a-w-	c:\windows\system32\atiadlxx(28).dll2009-04-29 01:20 . 2008-06-24 13:18	135168	----a-w-	c:\windows\system32\atiadlxx(27).dll2009-04-21 22:20 . 2009-04-21 22:20	14311680	----a-w-	c:\windows\system32\xlive.dll2009-04-21 22:20 . 2009-04-21 22:20	13642496	----a-w-	c:\windows\system32\xlivefnt.dll2009-03-31 16:37 . 2009-03-31 16:37	152576	----a-w-	c:\documents and settings\GriX\Dane aplikacji\Sun\Java\jre1.6.0_13\lzma.dll2009-03-24 16:11 . 2009-03-31 15:17	154624	----a-w-	c:\windows\system32\zlib4.dll2009-03-21 13:32 . 2009-03-03 13:12	22328	----a-w-	c:\documents and settings\GriX\Dane aplikacji\PnkBstrK.sys2009-03-21 13:32 . 2009-03-03 13:12	22328	----a-w-	c:\documents and settings\GriX\Dane aplikacji\PnkBstrK.sys2009-03-21 13:31 . 2009-03-21 13:31	682280	----a-w-	c:\windows\system32\pbsvc.exe2009-03-19 20:19 . 2009-03-19 20:19	6834	----a-w-	c:\windows\system32\ealregsnapshot1.reg2004-08-04 12:00 . 2004-08-04 12:00	163185	--sha-r-	c:\windows\system32\fzznfnom.dll.(((((((((((((((((((((((((((((   SnapShot@2009-06-16_12.09.48   ))))))))))))))))))))))))))))))))))))))))).+ 2009-06-16 12:13 . 2009-06-16 12:13	16384              c:\windows\Temp\Perflib_Perfdata_7d8.dat+ 2009-06-16 12:13 . 2009-06-16 12:13	16384              c:\windows\Temp\Perflib_Perfdata_340.dat.(((((((((((((((((((((((((((((((((((((   Wpisy startowe rejestru   ))))))))))))))))))))))))))))))))))))))))))))))))))..*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane  REGEDIT4[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]"SpybotSD TeaTimer"="f:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-01-26 2144088]"AQQ"="f:\progra~1\WapSter\WAPSTE~1\AQQ.exe" [bU]"Nowe Gadu-Gadu"="f:\program files\Gadu-Gadu\gg.exe" [2009-04-20 9818728]"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-14 1695232]"LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2008-01-24 2289664]"EA Core"="f:\program files\Electronic Arts\EADM\Core.exe" [2009-04-29 3338240]"DAEMON Tools Lite"="f:\program files\DAEMON Tools Lite\daemon.exe" [2009-04-23 691656]"RGSC"="f:\program files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe" [2009-06-15 306088][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-01 153136]"Adobe Reader Speed Launcher"="f:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]"avast!"="f:\progra~1\Avast\Avast4\ashDisp.exe" [2009-02-05 81000]"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-03-09 148888]"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-03-17 61440]"RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.exe [2007-11-22 16858112][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]"NSSInstallation"="c:\windows\system32\Adobe\Shockwave 11\nssstub.exe" [2009-05-28 181624][HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]c:\documents and settings\All Users\Menu Start\Programy\Autostart\ASRock WiFi-802.11g.lnk - c:\program files\ASRock WiFi-802.11g\RtWLan.exe [2009-2-9 978944][HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WB]2001-12-20 22:34	24576	----a-w-	f:\program files\AlienGUIse\fastload.dll[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\klogon] [bU][HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]"AppInit_DLLs"=c:\windows\system32\wbsys.dll[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]@=""[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]"EnableFirewall"= 0 (0x0)[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]"%windir%\\system32\\sessmgr.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe"="c:\\WINDOWS\\system32\\PnkBstrA.exe"="c:\\WINDOWS\\system32\\PnkBstrB.exe"="f:\\Program Files\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"="f:\\Program Files\\Activision\\Call of Duty - World at War\\CoDWaWmp.exe"="f:\\Program Files\\Activision\\Call of Duty - World at War\\CoDWaW.exe"="c:\\Program Files\\Bonjour\\mDNSResponder.exe"="f:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"="f:\\Program Files\\Rockstar Games\\Rockstar Games Social Club\\RGSCLauncher.exe"="f:\\Program Files\\Rockstar Games\\Grand Theft Auto IV\\LaunchGTAIV.exe"=[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]"3451:TCP"= 3451:TCP:gwkjqexgR1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2009-03-31 114768]R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2009-03-31 20560]R3 AtiHdmiService;ATI Function Driver for HDMI Service;c:\windows\system32\drivers\AtiHdmi.sys [2009-02-09 99856]S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys --> c:\windows\system32\DRIVERS\Lbd.sys [?]S2 uahavip;Support Windows;c:\windows\system32\svchost.exe -k netsvcs [2004-08-04 14336]HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - NetSvcsuahavip[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]"c:\program files\Common Files\LightScribe\LSRunOnce.exe".Zawartość folderu 'Zaplanowane zadania'2009-06-16 c:\windows\Tasks\NSSstub.job- c:\windows\system32\Adobe\Shockwave 11\nssstub.exe [2009-05-28 20:03]..------- Skan uzupełniający -------.uInternet Connection Wizard,ShellNext = iexploreuInternet Settings,ProxyOverride = *.localIE: Compare Prices with &Dealio - c:\documents and settings\GriX\Dane aplikacji\Dealio\kb127\res\DealioSearch.htmlIE: Dodaj do blokowanych banerówIE: E&ksport do programu Microsoft Excel - f:\progra~1\MICROS~1\OFFICE11\EXCEL.EXE/3000FF - ProfilePath - c:\documents and settings\GriX\Dane aplikacji\Mozilla\Firefox\Profiles\ory7kj0p.default\FF - plugin: f:\program files\Adobe\Reader 9.0\Reader\browser\nppdf32.dllFF - plugin: f:\program files\Mozilla Firefox\plugins\np-mswmp.dll.**************************************************************************catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.netRootkit scan 2009-06-16 14:23Windows 5.1.2600 Dodatek Service Pack 3 NTFSskanowanie ukrytych procesów ...  skanowanie ukrytych wpisów autostartu ... skanowanie ukrytych plików ...  skanowanie pomyślnie ukończoneukryte pliki: 0**************************************************************************[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\uahavip]"ServiceDll"="c:\windows\system32\fzznfnom.dll".--------------------- ZABLOKOWANE KLUCZE REJESTRU ---------------------[HKEY_USERS\S-1-5-21-2000478354-73586283-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Explorer\CLSID]@Denied: (Full) (LocalSystem)[HKEY_USERS\S-1-5-21-2000478354-73586283-725345543-1004\Software\SecuROM\License information*]"datasecu"=hex:54,5e,d2,94,f5,ff,9d,2c,01,d4,71,96,a4,a0,c8,dc,aa,2d,40,4b,10,   08,29,9a,e6,ed,b2,b4,08,29,72,8b,93,06,e7,65,f4,6c,e5,d0,04,31,80,c8,ba,56,\"rkeysecu"=hex:2f,0f,d5,3e,02,2b,06,63,b1,0b,dd,b6,71,e2,54,98.--------------------- Pliki DLL ładowane pod uruchomionymi procesami ---------------------- - - - - - - > 'winlogon.exe'(972)c:\windows\system32\Ati2evxx.dllf:\program files\AlienGUIse\fastload.dll.Czas ukończenia: 2009-06-16 14:24ComboFix-quarantined-files.txt  2009-06-16 12:24ComboFix2.txt  2009-06-16 12:10ComboFix3.txt  2009-06-15 12:18Przed: 62 709 530 624 bajtów wolnychPo: 62 686 998 528 bajtów wolnych488= ';
Gość
komentarz
komentarz
S2 uahavip;Support Windows;c:\windows\system32\svchost.exe -k netsvcs [2004-08-04 14336]

Tym się zajmie SDFix.

Użyj (w Trybie Awaryjnym)-->SDFix. (niżej na stronie linku).

Pokaż Report.txt znajdujący się w folderze SDFix.

.

GloomRelic
komentarz
komentarz (edytowane)

Oto raport:

[b]SDFix: Version 1.240 [/b]Run by GriX on 2009-06-16 at 15:24Microsoft Windows XP [Wersja 5.1.2600]Running From: C:\SDFix[b]Checking Services [/b]:Restoring Default Security ValuesRestoring Default Hosts FileRebooting[b]Checking Files [/b]: No Trojan Files FoundRemoving Temp Files[b]ADS Check [/b]:                                 [b]Final Check [/b]:catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.netRootkit scan 2009-06-16 17:26:23Windows 5.1.2600 Dodatek Service Pack 3 NTFSscanning hidden processes ...scanning hidden services & system hive ...[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg]"s1"=dword:2df9c43f"s2"=dword:110480d0"h0"=dword:00000002[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]"h0"=dword:00000000"ujdew"=hex:b1,23,09,dd,91,82,d5,01,cc,c6,1e,b7,8b,a9,b7,c8,49,25,c6,08,45,..[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC]"p0"="f:\Program Files\DAEMON Tools Lite\""h0"=dword:00000001"hdf12"=hex:e3,c8,f6,9e,70,79,8b,b9,ef,24,99,52,6f,15,0d,0e,da,56,3e,41,9b,..[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001]"a0"=hex:20,01,00,00,2c,36,ad,05,9b,c3,09,a4,44,8a,e2,1f,f0,4c,40,18,62,.."hdf12"=hex:a4,d1,d3,f9,4b,87,3a,72,0d,cf,54,8c,f4,bd,91,0a,ba,bb,c8,02,c7,..[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0]"hdf12"=hex:32,c1,16,79,fc,93,9d,0e,14,97,d6,5d,4f,f9,79,bb,97,e2,a4,33,e4,..[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\uahavip]"DisplayName"="Support Windows""Type"=dword:00000020"Start"=dword:00000002"ErrorControl"=dword:00000000"ImagePath"=str(2):"%SystemRoot%\system32\svchost.exe -k netsvcs""ObjectName"="LocalSystem""Description"="Umo|liwia uruchamianie procesów z u|yciem alternatywnych po[wiadczeD. Je[li ta usBuga zostanie zatrzymana, ten typ dostpu poprzez logowanie stanie si niedostpny. Je[li ta usBuga zostanie wyBczona, wszelkie usBugi jawnie od niej zale|ne przestan si uruchamia."[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\uahavip\Parameters]"ServiceDll"=str(2):"C:\WINDOWS\system32\fzznfnom.dll"[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\uahavip]"DisplayName"="Support Windows""Type"=dword:00000020"Start"=dword:00000002"ErrorControl"=dword:00000000"ImagePath"=str(2):"%SystemRoot%\system32\svchost.exe -k netsvcs""ObjectName"="LocalSystem""Description"="Umo|liwia uruchamianie procesów z u|yciem alternatywnych po[wiadczeD. Je[li ta usBuga zostanie zatrzymana, ten typ dostpu poprzez logowanie stanie si niedostpny. Je[li ta usBuga zostanie wyBczona, wszelkie usBugi jawnie od niej zale|ne przestan si uruchamia."[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\uahavip\Parameters]"ServiceDll"=str(2):"C:\WINDOWS\system32\fzznfnom.dll"[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]"h0"=dword:00000000"ujdew"=hex:b1,23,09,dd,91,82,d5,01,cc,c6,1e,b7,8b,a9,b7,c8,49,25,c6,08,45,..[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC]"p0"="f:\Program Files\DAEMON Tools Lite\""h0"=dword:00000001"hdf12"=hex:e3,c8,f6,9e,70,79,8b,b9,ef,24,99,52,6f,15,0d,0e,da,56,3e,41,9b,..[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001]"a0"=hex:20,01,00,00,2c,36,ad,05,9b,c3,09,a4,44,8a,e2,1f,f0,4c,40,18,62,.."hdf12"=hex:a4,d1,d3,f9,4b,87,3a,72,0d,cf,54,8c,f4,bd,91,0a,ba,bb,c8,02,c7,..[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0]"hdf12"=hex:32,c1,16,79,fc,93,9d,0e,14,97,d6,5d,4f,f9,79,bb,97,e2,a4,33,e4,..[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\uahavip]"DisplayName"="Support Windows""Type"=dword:00000020"Start"=dword:00000002"ErrorControl"=dword:00000000"ImagePath"=str(2):"%SystemRoot%\system32\svchost.exe -k netsvcs""ObjectName"="LocalSystem""Description"="Umo|liwia uruchamianie procesów z u|yciem alternatywnych po[wiadczeD. Je[li ta usBuga zostanie zatrzymana, ten typ dostpu poprzez logowanie stanie si niedostpny. Je[li ta usBuga zostanie wyBczona, wszelkie usBugi jawnie od niej zale|ne przestan si uruchamia."[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\uahavip\Parameters]"ServiceDll"=str(2):"C:\WINDOWS\system32\fzznfnom.dll"scanning hidden registry entries ...scanning hidden files ...scan completed successfullyhidden processes: 0hidden services: 0hidden files: 0[b]Remaining Services [/b]:Authorized Application Key Export:[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019""%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000""C:\\WINDOWS\\system32\\PnkBstrA.exe"="C:\\WINDOWS\\system32\\PnkBstrA.exe:*:Enabled:PnkBstrA""C:\\WINDOWS\\system32\\PnkBstrB.exe"="C:\\WINDOWS\\system32\\PnkBstrB.exe:*:Enabled:PnkBstrB""F:\\Program Files\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"="F:\\Program Files\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe:*:Enabled:Call of Duty® 4 - Modern Warfare ""F:\\Program Files\\Activision\\Call of Duty - World at War\\CoDWaWmp.exe"="F:\\Program Files\\Activision\\Call of Duty - World at War\\CoDWaWmp.exe:*:Enabled:Call of Duty® - World at War""F:\\Program Files\\Activision\\Call of Duty - World at War\\CoDWaW.exe"="F:\\Program Files\\Activision\\Call of Duty - World at War\\CoDWaW.exe:*:Enabled:Call of Duty® - World at War""C:\\Program Files\\Bonjour\\mDNSResponder.exe"="C:\\Program Files\\Bonjour\\mDNSResponder.exe:*:Enabled:Bonjour""F:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"="F:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe:*:Enabled:BlueSoleil""F:\\Program Files\\Rockstar Games\\Rockstar Games Social Club\\RGSCLauncher.exe"="F:\\Program Files\\Rockstar Games\\Rockstar Games Social Club\\RGSCLauncher.exe:*:Enabled:Rockstar Games Social Club""F:\\Program Files\\Rockstar Games\\Grand Theft Auto IV\\LaunchGTAIV.exe"="F:\\Program Files\\Rockstar Games\\Grand Theft Auto IV\\LaunchGTAIV.exe:*:Enabled:Grand Theft Auto IV"[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019""%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"[b]Remaining Files [/b]:[b]Files with Hidden Attributes [/b]:Wed  4 Aug 2004       163,185 A.SHR --- "C:\WINDOWS\system32\fzznfnom.dll"Wed 11 Feb 2009             0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv01.tmp"Tue 16 Jun 2009         3,954 ...HR --- "C:\Documents and Settings\GriX\Dane aplikacji\SecuROM\UserData\securom_v7_01.bak"[b]Finished![/b]= ';

.

Gość
komentarz
komentarz

Pokaż teraz najnowszy log z ComboFixa.

.

GloomRelic
komentarz
komentarz

Proszę:

ComboFix 09-06-15.06 - GriX 2009-06-16 21:24.3 - NTFSx86Microsoft Windows XP Home Edition  5.1.2600.3.1250.48.1045.18.2047.1557 [GMT 2:00]Uruchomiony z: c:\documents and settings\GriX\Pulpit\ComboFix.exeAV: avast! antivirus 4.8.1335 [VPS 090615-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}UWAGA - TEN KOMPUTER NIE MA ZAINSTALOWANEJ KONSOLI ODZYSKIWANIA !!.(((((((((((((((((((((((((   Pliki utworzone od 2009-05-16 do 2009-06-16  ))))))))))))))))))))))))))))))).2009-06-16 13:23 . 2009-06-16 13:23	580096	-c--a-w-	c:\windows\system32\dllcache\user32.dll2009-06-16 13:22 . 2009-06-16 13:22	--------	d-----w-	c:\windows\ERUNT2009-06-16 13:13 . 2009-06-16 15:27	--------	d-----w-	C:\SDFix2009-06-15 18:43 . 2009-06-15 18:43	107888	----a-w-	c:\windows\system32\CmdLineExt.dll2009-06-15 18:05 . 2009-06-15 18:05	--------	d-----w-	c:\windows\system32\wbem\Repository2009-06-15 18:01 . 2009-06-15 18:01	--------	d-----w-	c:\documents and settings\All Users\Dane aplikacji\ATI2009-06-15 17:42 . 2009-06-15 17:50	--------	d-----w-	c:\documents and settings\All Users\Dane aplikacji\ATI(2)2009-06-15 17:35 . 2008-06-24 13:36	887724	----a-r-	c:\windows\system32\ativva6x.dat2009-06-15 17:35 . 2008-06-24 13:36	3107788	----a-r-	c:\windows\system32\ativva5x.dat2009-06-15 17:35 . 2008-06-24 13:36	3107788	----a-r-	c:\windows\system32\ativvaxx.dat2009-06-15 17:35 . 2008-06-10 09:50	174819	----a-r-	c:\windows\system32\atiicdxx.dat2009-06-15 12:59 . 2009-06-15 17:52	--------	d-sh--w-	C:\RECYCLER(2)2009-06-13 18:08 . 2009-03-03 22:24	43520	----a-w-	c:\windows\system32\ati2edxx(16).dll2009-06-13 16:00 . 2009-06-15 17:59	--------	d-----w-	c:\documents and settings\GriX\polanie-online2009-06-13 10:36 . 2009-06-13 10:36	--------	d-----w-	C:\icytower1.32009-06-12 18:13 . 2009-06-12 18:13	--------	d-----w-	C:\Ice Tower 42009-06-10 14:20 . 2009-03-16 14:04	11563008	----a-w-	c:\windows\system32\atioglxx.dll2009-06-10 14:20 . 2009-03-16 13:40	49664	----a-w-	c:\windows\system32\atimpc32.dll2009-06-10 14:20 . 2009-03-16 13:35	45056	----a-w-	c:\windows\system32\aticalrt.dll2009-06-10 14:20 . 2009-03-16 13:34	45056	----a-w-	c:\windows\system32\aticalcl.dll2009-06-10 14:20 . 2009-03-16 13:33	3264512	----a-w-	c:\windows\system32\aticaldd.dll2009-06-10 14:20 . 2009-03-03 13:56	118784	----a-w-	c:\windows\system32\atibtmon.exe2009-06-04 20:26 . 2009-06-04 20:26	1700352	----a-w-	c:\windows\system32\gdiplus.dll2009-06-04 17:39 . 2009-06-15 17:31	1324	----a-w-	c:\windows\system32\d3d9caps.dat2009-06-04 16:23 . 2009-06-04 16:23	--------	d-----w-	c:\program files\MSBuild2009-06-04 16:23 . 2009-06-16 13:13	1880472	----a-w-	c:\documents and settings\LocalService\Ustawienia lokalne\Dane aplikacji\FontCache3.0.0.0.dat2009-06-04 16:21 . 2009-06-04 16:21	--------	d-----w-	c:\windows\system32\XPSViewer2009-06-04 16:20 . 2009-06-04 16:20	--------	d-----w-	c:\program files\Reference Assemblies2009-06-04 16:20 . 2006-06-29 11:07	14048	------w-	c:\windows\system32\spmsg2.dll2009-06-04 15:56 . 2009-06-04 16:26	--------	d-----w-	c:\documents and settings\GriX\Ustawienia lokalne\Dane aplikacji\Rockstar Games2009-06-04 15:50 . 2009-06-04 16:55	--------	d-----w-	c:\program files\Microsoft Games for Windows - LIVE2009-06-04 15:50 . 2009-06-04 15:50	--------	d-----w-	c:\windows\system32\xlive2009-06-02 15:02 . 2009-06-02 15:03	--------	d-----w-	c:\documents and settings\All Users\Dane aplikacji\Bluetooth2009-05-28 20:03 . 2009-06-07 20:10	--------	d-----w-	c:\windows\system32\Adobe2009-05-23 18:26 . 2009-05-23 18:26	--------	d-----w-	c:\documents and settings\GriX\Ustawienia lokalne\Dane aplikacji\Help2009-05-23 10:31 . 2009-05-23 10:31	--------	d-----w-	c:\documents and settings\All Users\Dane aplikacji\FLEXnet2009-05-23 10:28 . 2009-05-23 10:28	--------	d-----w-	c:\program files\Bonjour2009-05-23 09:44 . 2009-05-23 09:44	--------	d-----w-	c:\program files\Common Files\Macrovision Shared.((((((((((((((((((((((((((((((((((((((((   Sekcja Find3M   )))))))))))))))))))))))))))))))))))))))))))))))))))).2009-06-16 16:47 . 2009-02-10 16:51	--------	d-----w-	c:\documents and settings\GriX\Dane aplikacji\teamspeak22009-06-16 16:31 . 2009-03-03 15:07	189072	----a-w-	c:\windows\system32\PnkBstrB.exe2009-06-16 16:30 . 2009-03-03 15:07	138920	----a-w-	c:\windows\system32\drivers\PnkBstrK.sys2009-06-15 18:15 . 2009-02-09 18:02	--------	d--h--w-	c:\program files\InstallShield Installation Information2009-06-15 18:00 . 2009-02-09 18:24	--------	d-----w-	c:\documents and settings\GriX\Dane aplikacji\ATI2009-06-15 17:59 . 2009-02-12 19:01	--------	d-----w-	c:\documents and settings\GriX\Dane aplikacji\gtk-2.02009-06-15 17:50 . 2009-02-09 18:17	--------	d-----w-	c:\program files\ATI Technologies2009-06-14 17:48 . 2009-04-22 18:35	--------	d---a-w-	c:\documents and settings\All Users\Dane aplikacji\TEMP2009-06-04 16:52 . 2009-02-09 18:24	64760	----a-w-	c:\documents and settings\GriX\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT2009-06-04 16:24 . 2004-08-04 12:00	96732	----a-w-	c:\windows\system32\perfc015.dat2009-06-04 16:24 . 2004-08-04 12:00	526636	----a-w-	c:\windows\system32\perfh015.dat2009-05-23 10:29 . 2009-02-16 13:53	--------	d-----w-	c:\program files\Common Files\Adobe2009-05-22 07:57 . 2009-03-25 16:08	--------	d-----w-	c:\documents and settings\All Users\Dane aplikacji\TrackMania2009-05-16 16:21 . 2009-05-16 16:21	--------	d-----w-	c:\program files\Common Files\DirectX2009-05-05 16:37 . 2009-05-05 16:31	--------	d-----w-	c:\documents and settings\GriX\Dane aplikacji\DAEMON Tools Lite2009-05-05 16:35 . 2009-05-05 16:35	--------	d-----w-	c:\documents and settings\All Users\Dane aplikacji\DAEMON Tools Lite2009-05-05 16:34 . 2009-05-05 16:34	--------	d-----w-	c:\program files\DAEMON Tools Toolbar2009-05-05 16:31 . 2009-03-10 16:54	721904	----a-w-	c:\windows\system32\drivers\sptd.sys2009-04-29 02:07 . 2008-06-24 14:00	204800	----a-w-	c:\windows\system32\atipdlxx(32).dll2009-04-29 02:07 . 2008-06-24 14:00	204800	----a-w-	c:\windows\system32\atipdlxx(31).dll2009-04-29 02:07 . 2008-06-24 14:00	204800	----a-w-	c:\windows\system32\atipdlxx(30).dll2009-04-29 02:07 . 2008-06-24 14:00	204800	----a-w-	c:\windows\system32\atipdlxx(29).dll2009-04-29 02:07 . 2008-06-24 14:00	204800	----a-w-	c:\windows\system32\atipdlxx(28).dll2009-04-29 01:20 . 2008-06-24 13:18	135168	----a-w-	c:\windows\system32\atiadlxx(31).dll2009-04-29 01:20 . 2008-06-24 13:18	135168	----a-w-	c:\windows\system32\atiadlxx(30).dll2009-04-29 01:20 . 2008-06-24 13:18	135168	----a-w-	c:\windows\system32\atiadlxx(29).dll2009-04-29 01:20 . 2008-06-24 13:18	135168	----a-w-	c:\windows\system32\atiadlxx(28).dll2009-04-29 01:20 . 2008-06-24 13:18	135168	----a-w-	c:\windows\system32\atiadlxx(27).dll2009-04-21 22:20 . 2009-04-21 22:20	14311680	----a-w-	c:\windows\system32\xlive.dll2009-04-21 22:20 . 2009-04-21 22:20	13642496	----a-w-	c:\windows\system32\xlivefnt.dll2009-03-31 16:37 . 2009-03-31 16:37	152576	----a-w-	c:\documents and settings\GriX\Dane aplikacji\Sun\Java\jre1.6.0_13\lzma.dll2009-03-24 16:11 . 2009-03-31 15:17	154624	----a-w-	c:\windows\system32\zlib4.dll2009-03-21 13:32 . 2009-03-03 13:12	22328	----a-w-	c:\documents and settings\GriX\Dane aplikacji\PnkBstrK.sys2009-03-21 13:32 . 2009-03-03 13:12	22328	----a-w-	c:\documents and settings\GriX\Dane aplikacji\PnkBstrK.sys2009-03-21 13:31 . 2009-03-21 13:31	682280	----a-w-	c:\windows\system32\pbsvc.exe2009-03-19 20:19 . 2009-03-19 20:19	6834	----a-w-	c:\windows\system32\ealregsnapshot1.reg2004-08-04 12:00 . 2004-08-04 12:00	163185	--sha-r-	c:\windows\system32\fzznfnom.dll.(((((((((((((((((((((((((((((((((((((   Wpisy startowe rejestru   ))))))))))))))))))))))))))))))))))))))))))))))))))..*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane  REGEDIT4[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]"SpybotSD TeaTimer"="f:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-01-26 2144088]"Nowe Gadu-Gadu"="f:\program files\Gadu-Gadu\gg.exe" [2009-04-20 9818728]"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-14 1695232]"LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2008-01-24 2289664]"EA Core"="f:\program files\Electronic Arts\EADM\Core.exe" [2009-04-29 3338240]"DAEMON Tools Lite"="f:\program files\DAEMON Tools Lite\daemon.exe" [2009-04-23 691656]"RGSC"="f:\program files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe" [2009-06-15 306088][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-01 153136]"Adobe Reader Speed Launcher"="f:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]"avast!"="f:\progra~1\Avast\Avast4\ashDisp.exe" [2009-02-05 81000]"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-03-09 148888]"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-03-17 61440]"RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.exe [2007-11-22 16858112][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]"NSSInstallation"="c:\windows\system32\Adobe\Shockwave 11\nssstub.exe" [2009-05-28 181624][HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]c:\documents and settings\All Users\Menu Start\Programy\Autostart\ASRock WiFi-802.11g.lnk - c:\program files\ASRock WiFi-802.11g\RtWLan.exe [2009-2-9 978944][HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WB]2001-12-20 22:34	24576	----a-w-	f:\program files\AlienGUIse\fastload.dll[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]"AppInit_DLLs"=c:\windows\system32\wbsys.dll[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]@=""[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]"EnableFirewall"= 0 (0x0)[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]"%windir%\\system32\\sessmgr.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe"="c:\\WINDOWS\\system32\\PnkBstrA.exe"="c:\\WINDOWS\\system32\\PnkBstrB.exe"="f:\\Program Files\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"="f:\\Program Files\\Activision\\Call of Duty - World at War\\CoDWaWmp.exe"="f:\\Program Files\\Activision\\Call of Duty - World at War\\CoDWaW.exe"="c:\\Program Files\\Bonjour\\mDNSResponder.exe"="f:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"="f:\\Program Files\\Rockstar Games\\Rockstar Games Social Club\\RGSCLauncher.exe"="f:\\Program Files\\Rockstar Games\\Grand Theft Auto IV\\LaunchGTAIV.exe"=[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]"3451:TCP"= 3451:TCP:gwkjqexgR1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2009-03-31 114768]R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2009-03-31 20560]R3 AtiHdmiService;ATI Function Driver for HDMI Service;c:\windows\system32\drivers\AtiHdmi.sys [2009-02-09 99856]S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys --> c:\windows\system32\DRIVERS\Lbd.sys [?]S2 uahavip;Support Windows;c:\windows\system32\svchost.exe -k netsvcs [2004-08-04 14336]--- Inne Usługi/Sterowniki w Pamięci ---*NewlyCreated* - PNKBSTRBHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - NetSvcsuahavip[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]"c:\program files\Common Files\LightScribe\LSRunOnce.exe".Zawartość folderu 'Zaplanowane zadania'2009-06-16 c:\windows\Tasks\NSSstub.job- c:\windows\system32\Adobe\Shockwave 11\nssstub.exe [2009-05-28 20:03].- - - - USUNIĘTO PUSTE WPISY - - - -HKCU-Run-AQQ - f:\progra~1\WapSter\WAPSTE~1\AQQ.exeNotify-klogon - (no file).------- Skan uzupełniający -------.uInternet Connection Wizard,ShellNext = iexploreuInternet Settings,ProxyOverride = *.localIE: Compare Prices with &Dealio - c:\documents and settings\GriX\Dane aplikacji\Dealio\kb127\res\DealioSearch.htmlIE: Dodaj do blokowanych banerówIE: E&ksport do programu Microsoft Excel - f:\progra~1\MICROS~1\OFFICE11\EXCEL.EXE/3000FF - ProfilePath - c:\documents and settings\GriX\Dane aplikacji\Mozilla\Firefox\Profiles\ory7kj0p.default\FF - plugin: f:\program files\Adobe\Reader 9.0\Reader\browser\nppdf32.dllFF - plugin: f:\program files\Mozilla Firefox\plugins\np-mswmp.dll.**************************************************************************catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.netRootkit scan 2009-06-16 21:26Windows 5.1.2600 Dodatek Service Pack 3 NTFSskanowanie ukrytych procesów ...  skanowanie ukrytych wpisów autostartu ... skanowanie ukrytych plików ...  skanowanie pomyślnie ukończoneukryte pliki: 0**************************************************************************[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\uahavip]"ServiceDll"="c:\windows\system32\fzznfnom.dll".--------------------- ZABLOKOWANE KLUCZE REJESTRU ---------------------[HKEY_USERS\S-1-5-21-2000478354-73586283-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Explorer\CLSID]@Denied: (Full) (LocalSystem)[HKEY_USERS\S-1-5-21-2000478354-73586283-725345543-1004\Software\SecuROM\License information*]"datasecu"=hex:fe,c2,21,64,3d,62,95,30,40,12,76,c1,da,97,02,6b,16,75,bb,af,6f,   7d,a5,cb,3c,de,f7,3e,f6,9b,28,2a,39,39,4c,42,5a,b9,66,05,77,39,e1,67,e0,cd,\"rkeysecu"=hex:2f,0f,d5,3e,02,2b,06,63,b1,0b,dd,b6,71,e2,54,98.--------------------- Pliki DLL ładowane pod uruchomionymi procesami ---------------------- - - - - - - > 'winlogon.exe'(972)c:\windows\system32\Ati2evxx.dllf:\program files\AlienGUIse\fastload.dll- - - - - - - > 'explorer.exe'(2224)c:\windows\system32\WPDShServiceObj.dllc:\windows\system32\PortableDeviceTypes.dllc:\windows\system32\PortableDeviceApi.dll.Czas ukończenia: 2009-06-16 21:27ComboFix-quarantined-files.txt  2009-06-16 19:27ComboFix2.txt  2009-06-16 12:24Przed: 62 585 192 448 bajtów wolnychPo: 62 574 096 384 bajtów wolnych202= ';

.

.

.

Gość
komentarz
komentarz

Wklej do Notatnika:

File::c:\windows\system32\fzznfnom.dllNetSvc::uahavipDriver::uahavipRegistry::[-HKEY_LOCAL_MACHINE\System\ControlSet001\Services\uahavip]

>>Plik>>Zapisz jako... >>> CFScript

Przeciągnij i upuść plik CFScript.txt na plik ComboFix.exe

-->cfscriptb5b4me3.gif

Ma się rozpocząć usuwanie. (i powstanie log).Daj ten log, który powstanie w trakcie usuwania.

Jeśli pójdzie dobrze, to: Po restarcie usuń ręcznie folder C:\Qoobox.

.

GloomRelic
komentarz
komentarz

Proszę:

ComboFix 09-06-17.04 - GriX 2009-06-18 16:09.4 - NTFSx86Microsoft Windows XP Home Edition  5.1.2600.3.1250.48.1045.18.2047.1517 [GMT 2:00]Uruchomiony z: c:\documents and settings\GriX\Pulpit\ComboFix.exeUżyto następujących komend :: c:\documents and settings\GriX\Pulpit\CFScript.txtAV: avast! antivirus 4.8.1335 [VPS 090617-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}UWAGA - TEN KOMPUTER NIE MA ZAINSTALOWANEJ KONSOLI ODZYSKIWANIA !!FILE ::"c:\windows\system32\fzznfnom.dll".(((((((((((((((((((((((((((((((((((((((   Usunięto   ))))))))))))))))))))))))))))))))))))))))))))))))).c:\windows\system32\ATIODCLI.exec:\windows\system32\ATIODE.exec:\windows\system32\fzznfnom.dll.(((((((((((((((((((((((((((((((((((((((   Sterowniki/Usługi   ))))))))))))))))))))))))))))))))))))))))))))))))).-------\Legacy_UAHAVIP-------\Service_uahavip(((((((((((((((((((((((((   Pliki utworzone od 2009-05-18 do 2009-06-18  ))))))))))))))))))))))))))))))).2009-06-18 07:56 . 2009-06-18 07:56	107888	----a-w-	c:\windows\system32\CmdLineExt.dll2009-06-17 19:12 . 2009-06-17 19:12	--------	d-----w-	c:\documents and settings\GriX\Dane aplikacji\Auslogics2009-06-16 13:23 . 2009-06-16 13:23	580096	-c--a-w-	c:\windows\system32\dllcache\user32.dll2009-06-16 13:22 . 2009-06-16 13:22	--------	d-----w-	c:\windows\ERUNT2009-06-16 13:13 . 2009-06-16 15:27	--------	d-----w-	C:\SDFix2009-06-15 18:05 . 2009-06-15 18:05	--------	d-----w-	c:\windows\system32\wbem\Repository2009-06-15 18:01 . 2009-06-15 18:01	--------	d-----w-	c:\documents and settings\All Users\Dane aplikacji\ATI2009-06-15 17:42 . 2009-06-15 17:50	--------	d-----w-	c:\documents and settings\All Users\Dane aplikacji\ATI(2)2009-06-15 17:35 . 2008-06-24 13:36	887724	----a-r-	c:\windows\system32\ativva6x.dat2009-06-15 17:35 . 2008-06-24 13:36	3107788	----a-r-	c:\windows\system32\ativva5x.dat2009-06-15 17:35 . 2008-06-24 13:36	3107788	----a-r-	c:\windows\system32\ativvaxx.dat2009-06-15 17:35 . 2008-06-10 09:50	174819	----a-r-	c:\windows\system32\atiicdxx.dat2009-06-15 12:59 . 2009-06-15 17:52	--------	d-sh--w-	C:\RECYCLER(2)2009-06-13 18:08 . 2009-03-03 22:24	43520	----a-w-	c:\windows\system32\ati2edxx(16).dll2009-06-13 16:00 . 2009-06-15 17:59	--------	d-----w-	c:\documents and settings\GriX\polanie-online2009-06-13 10:36 . 2009-06-13 10:36	--------	d-----w-	C:\icytower1.32009-06-12 18:13 . 2009-06-12 18:13	--------	d-----w-	C:\Ice Tower 42009-06-10 14:20 . 2009-03-16 14:04	11563008	----a-w-	c:\windows\system32\atioglxx.dll2009-06-10 14:20 . 2009-03-16 13:40	49664	----a-w-	c:\windows\system32\atimpc32.dll2009-06-10 14:20 . 2009-03-16 13:35	45056	----a-w-	c:\windows\system32\aticalrt.dll2009-06-10 14:20 . 2009-03-16 13:34	45056	----a-w-	c:\windows\system32\aticalcl.dll2009-06-10 14:20 . 2009-03-16 13:33	3264512	----a-w-	c:\windows\system32\aticaldd.dll2009-06-10 14:20 . 2009-03-03 13:56	118784	----a-w-	c:\windows\system32\atibtmon.exe2009-06-04 20:26 . 2009-06-04 20:26	1700352	----a-w-	c:\windows\system32\gdiplus.dll2009-06-04 17:39 . 2009-06-15 17:31	1324	----a-w-	c:\windows\system32\d3d9caps.dat2009-06-04 16:23 . 2009-06-04 16:23	--------	d-----w-	c:\program files\MSBuild2009-06-04 16:23 . 2009-06-18 14:11	1880472	----a-w-	c:\documents and settings\LocalService\Ustawienia lokalne\Dane aplikacji\FontCache3.0.0.0.dat2009-06-04 16:21 . 2009-06-04 16:21	--------	d-----w-	c:\windows\system32\XPSViewer2009-06-04 16:20 . 2009-06-04 16:20	--------	d-----w-	c:\program files\Reference Assemblies2009-06-04 16:20 . 2006-06-29 11:07	14048	------w-	c:\windows\system32\spmsg2.dll2009-06-04 15:56 . 2009-06-04 16:26	--------	d-----w-	c:\documents and settings\GriX\Ustawienia lokalne\Dane aplikacji\Rockstar Games2009-06-04 15:50 . 2009-06-04 16:55	--------	d-----w-	c:\program files\Microsoft Games for Windows - LIVE2009-06-04 15:50 . 2009-06-04 15:50	--------	d-----w-	c:\windows\system32\xlive2009-06-02 15:02 . 2009-06-17 15:54	--------	d-----w-	c:\documents and settings\All Users\Dane aplikacji\Bluetooth2009-05-28 20:03 . 2009-06-07 20:10	--------	d-----w-	c:\windows\system32\Adobe2009-05-23 18:26 . 2009-05-23 18:26	--------	d-----w-	c:\documents and settings\GriX\Ustawienia lokalne\Dane aplikacji\Help2009-05-23 10:31 . 2009-05-23 10:31	--------	d-----w-	c:\documents and settings\All Users\Dane aplikacji\FLEXnet2009-05-23 10:28 . 2009-05-23 10:28	--------	d-----w-	c:\program files\Bonjour2009-05-23 09:44 . 2009-05-23 09:44	--------	d-----w-	c:\program files\Common Files\Macrovision Shared.((((((((((((((((((((((((((((((((((((((((   Sekcja Find3M   )))))))))))))))))))))))))))))))))))))))))))))))))))).2009-06-18 14:02 . 2009-03-03 15:07	189072	----a-w-	c:\windows\system32\PnkBstrB.exe2009-06-18 13:49 . 2009-03-03 15:07	138920	----a-w-	c:\windows\system32\drivers\PnkBstrK.sys2009-06-18 07:22 . 2009-02-09 18:02	--------	d--h--w-	c:\program files\InstallShield Installation Information2009-06-16 16:47 . 2009-02-10 16:51	--------	d-----w-	c:\documents and settings\GriX\Dane aplikacji\teamspeak22009-06-15 18:00 . 2009-02-09 18:24	--------	d-----w-	c:\documents and settings\GriX\Dane aplikacji\ATI2009-06-15 17:59 . 2009-02-12 19:01	--------	d-----w-	c:\documents and settings\GriX\Dane aplikacji\gtk-2.02009-06-15 17:50 . 2009-02-09 18:17	--------	d-----w-	c:\program files\ATI Technologies2009-06-14 17:48 . 2009-04-22 18:35	--------	d---a-w-	c:\documents and settings\All Users\Dane aplikacji\TEMP2009-06-04 16:52 . 2009-02-09 18:24	64760	----a-w-	c:\documents and settings\GriX\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT2009-06-04 16:24 . 2004-08-04 12:00	96732	----a-w-	c:\windows\system32\perfc015.dat2009-06-04 16:24 . 2004-08-04 12:00	526636	----a-w-	c:\windows\system32\perfh015.dat2009-05-23 10:29 . 2009-02-16 13:53	--------	d-----w-	c:\program files\Common Files\Adobe2009-05-22 07:57 . 2009-03-25 16:08	--------	d-----w-	c:\documents and settings\All Users\Dane aplikacji\TrackMania2009-05-16 16:21 . 2009-05-16 16:21	--------	d-----w-	c:\program files\Common Files\DirectX2009-05-05 16:37 . 2009-05-05 16:31	--------	d-----w-	c:\documents and settings\GriX\Dane aplikacji\DAEMON Tools Lite2009-05-05 16:35 . 2009-05-05 16:35	--------	d-----w-	c:\documents and settings\All Users\Dane aplikacji\DAEMON Tools Lite2009-05-05 16:34 . 2009-05-05 16:34	--------	d-----w-	c:\program files\DAEMON Tools Toolbar2009-05-05 16:31 . 2009-03-10 16:54	721904	----a-w-	c:\windows\system32\drivers\sptd.sys2009-04-29 02:07 . 2008-06-24 14:00	204800	----a-w-	c:\windows\system32\atipdlxx(32).dll2009-04-29 02:07 . 2008-06-24 14:00	204800	----a-w-	c:\windows\system32\atipdlxx(31).dll2009-04-29 02:07 . 2008-06-24 14:00	204800	----a-w-	c:\windows\system32\atipdlxx(30).dll2009-04-29 02:07 . 2008-06-24 14:00	204800	----a-w-	c:\windows\system32\atipdlxx(29).dll2009-04-29 02:07 . 2008-06-24 14:00	204800	----a-w-	c:\windows\system32\atipdlxx(28).dll2009-04-29 01:20 . 2008-06-24 13:18	135168	----a-w-	c:\windows\system32\atiadlxx(31).dll2009-04-29 01:20 . 2008-06-24 13:18	135168	----a-w-	c:\windows\system32\atiadlxx(30).dll2009-04-29 01:20 . 2008-06-24 13:18	135168	----a-w-	c:\windows\system32\atiadlxx(29).dll2009-04-29 01:20 . 2008-06-24 13:18	135168	----a-w-	c:\windows\system32\atiadlxx(28).dll2009-04-29 01:20 . 2008-06-24 13:18	135168	----a-w-	c:\windows\system32\atiadlxx(27).dll2009-04-21 22:20 . 2009-04-21 22:20	14311680	----a-w-	c:\windows\system32\xlive.dll2009-04-21 22:20 . 2009-04-21 22:20	13642496	----a-w-	c:\windows\system32\xlivefnt.dll2009-03-31 16:37 . 2009-03-31 16:37	152576	----a-w-	c:\documents and settings\GriX\Dane aplikacji\Sun\Java\jre1.6.0_13\lzma.dll2009-03-24 16:11 . 2009-03-31 15:17	154624	----a-w-	c:\windows\system32\zlib4.dll2009-03-21 13:32 . 2009-03-03 13:12	22328	----a-w-	c:\documents and settings\GriX\Dane aplikacji\PnkBstrK.sys2009-03-21 13:32 . 2009-03-03 13:12	22328	----a-w-	c:\documents and settings\GriX\Dane aplikacji\PnkBstrK.sys2009-03-21 13:31 . 2009-03-21 13:31	682280	----a-w-	c:\windows\system32\pbsvc.exe.(((((((((((((((((((((((((((((   SnapShot@2009-06-16_19.26.30   ))))))))))))))))))))))))))))))))))))))))).+ 2009-06-18 14:13 . 2009-06-18 14:13	16384              c:\windows\Temp\Perflib_Perfdata_79c.dat+ 2009-06-18 14:13 . 2009-06-18 14:13	16384              c:\windows\Temp\Perflib_Perfdata_6a4.dat+ 2003-07-03 09:58 . 2003-07-03 09:58	63488              c:\windows\system32\drivers\wssbtr1f.sys- 2003-07-04 00:58 . 2003-07-04 00:58	63488              c:\windows\system32\drivers\wssbtr1f.sys+ 2007-03-05 03:57 . 2007-03-05 03:57	19472              c:\windows\system32\drivers\VHIDMini.sys+ 2007-03-05 03:53 . 2007-03-05 03:53	44304              c:\windows\system32\drivers\VCommMgr.sys+ 2007-03-05 03:52 . 2007-03-05 03:52	34448              c:\windows\system32\drivers\VComm.sys+ 2007-03-05 03:55 . 2007-03-05 03:55	20880              c:\windows\system32\drivers\vbtenum.sys+ 2004-03-22 17:26 . 2004-03-22 17:26	48556              c:\windows\system32\drivers\SktBt2k.sys- 2004-03-23 08:26 . 2004-03-23 08:26	48556              c:\windows\system32\drivers\SktBt2k.sys- 2002-09-18 05:11 . 2002-09-18 05:11	77824              c:\windows\system32\drivers\SioUi2k.dll+ 2002-09-17 14:11 . 2002-09-17 14:11	77824              c:\windows\system32\drivers\SioUi2k.dll+ 2004-02-10 20:29 . 2004-02-10 20:29	48076              c:\windows\system32\drivers\Sio9502k.sys- 2004-02-11 11:29 . 2004-02-11 11:29	48076              c:\windows\system32\drivers\Sio9502k.sys- 2002-09-23 05:30 . 2002-09-23 05:30	40960              c:\windows\system32\drivers\SCTray.exe+ 2007-01-12 03:22 . 2007-01-12 03:22	40960              c:\windows\system32\drivers\SCTray.exe- 2003-04-28 23:31 . 2003-04-28 23:31	51169              c:\windows\system32\drivers\OXSER.SYS+ 2003-04-28 08:31 . 2003-04-28 08:31	51169              c:\windows\system32\drivers\OXSER.SYS+ 2006-11-21 20:41 . 2006-11-21 20:41	22416              c:\windows\system32\drivers\BTNetFilter.sys+ 2007-03-05 03:59 . 2007-03-05 03:59	18320              c:\windows\system32\drivers\btnetdrv.sys+ 2007-03-05 03:56 . 2007-03-05 03:56	35600              c:\windows\system32\drivers\BTHidMgr.sys+ 2007-03-05 04:01 . 2007-03-05 04:01	39184              c:\windows\system32\drivers\btcusb.sys+ 2007-03-05 04:00 . 2007-03-05 04:00	27792              c:\windows\system32\drivers\BlueletSCOAudio.sys+ 2007-03-05 03:51 . 2007-03-05 03:51	34576              c:\windows\system32\drivers\blueletaudio.sys+ 2007-03-05 04:00 . 2007-03-05 04:00	15632              c:\windows\system32\btinstall.dll+ 2007-04-21 12:52 . 2007-04-21 12:52	57426              c:\windows\system32\btfunc.dll+ 2009-06-17 15:39 . 2009-06-17 15:39	45056              c:\windows\Installer\{85B73D1A-EEEA-4F95-BA6F-7A8EC31D94F6}\BsolStartupShortcut_5F4A9C5DDE4741A284DAEED5CA08428B.exe+ 2009-06-17 15:39 . 2009-06-17 15:39	45056              c:\windows\Installer\{85B73D1A-EEEA-4F95-BA6F-7A8EC31D94F6}\BsolDesktopShortcut_5F4A9C5DDE4741A284DAEED5CA08428B.exe+ 2009-06-17 15:39 . 2009-06-17 15:39	45056              c:\windows\Installer\{85B73D1A-EEEA-4F95-BA6F-7A8EC31D94F6}\BlueSoleilShortcut_A4441B3FD7624BD9B8E935C7D26B381D.exe+ 2009-06-18 07:47 . 2009-06-18 07:47	12800              c:\windows\assembly\GAC\Microsoft.DirectX.Diagnostics\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Diagnostics.dll- 2009-06-15 18:42 . 2009-06-15 18:42	12800              c:\windows\assembly\GAC\Microsoft.DirectX.Diagnostics\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Diagnostics.dll- 2009-06-15 18:42 . 2009-06-15 18:42	53248              c:\windows\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.AudioVideoPlayback.dll+ 2009-06-18 07:47 . 2009-06-18 07:47	53248              c:\windows\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.AudioVideoPlayback.dll+ 2009-06-17 15:39 . 2009-06-17 15:39	8854              c:\windows\Installer\{85B73D1A-EEEA-4F95-BA6F-7A8EC31D94F6}\Uninstall_BlueSoleil_DA0C16B5026041ACAA4BA0D7EA548378.exe+ 2009-06-17 15:39 . 2009-06-17 15:39	3638              c:\windows\Installer\{85B73D1A-EEEA-4F95-BA6F-7A8EC31D94F6}\ARPPRODUCTICON.exe- 2004-09-21 16:18 . 2004-09-21 16:18	116021              c:\windows\system32\drivers\fw203x.sys+ 2004-09-21 01:18 . 2004-09-21 01:18	116021              c:\windows\system32\drivers\fw203x.sys- 2004-09-21 16:18 . 2004-09-21 16:18	148830              c:\windows\system32\drivers\bcbthub.sys+ 2004-09-21 01:18 . 2004-09-21 01:18	148830              c:\windows\system32\drivers\bcbthub.sys- 2009-06-15 18:42 . 2009-06-15 18:42	223232              c:\windows\assembly\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.dll+ 2009-06-18 07:47 . 2009-06-18 07:47	223232              c:\windows\assembly\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.dll- 2009-06-15 18:42 . 2009-06-15 18:42	178176              c:\windows\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectSound.dll+ 2009-06-18 07:47 . 2009-06-18 07:47	178176              c:\windows\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectSound.dll+ 2009-06-18 07:47 . 2009-06-18 07:47	364544              c:\windows\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectPlay.dll- 2009-06-15 18:42 . 2009-06-15 18:42	364544              c:\windows\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectPlay.dll+ 2009-06-18 07:47 . 2009-06-18 07:47	159232              c:\windows\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectInput.dll- 2009-06-15 18:42 . 2009-06-15 18:42	159232              c:\windows\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectInput.dll- 2009-06-15 18:42 . 2009-06-15 18:42	145920              c:\windows\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectDraw.dll+ 2009-06-18 07:47 . 2009-06-18 07:47	145920              c:\windows\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectDraw.dll+ 2009-06-18 07:47 . 2009-06-18 07:47	578560              c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2911.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll- 2009-06-15 18:42 . 2009-06-15 18:42	578560              c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2911.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll+ 2009-06-18 07:47 . 2009-06-18 07:47	578560              c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2910.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll- 2009-06-15 18:42 . 2009-06-15 18:42	578560              c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2910.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll+ 2009-06-18 07:47 . 2009-06-18 07:47	577536              c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2909.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll- 2009-06-15 18:42 . 2009-06-15 18:42	577536              c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2909.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll- 2009-06-15 18:42 . 2009-06-15 18:42	577536              c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2908.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll+ 2009-06-18 07:47 . 2009-06-18 07:47	577536              c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2908.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll- 2009-06-15 18:42 . 2009-06-15 18:42	577024              c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2907.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll+ 2009-06-18 07:47 . 2009-06-18 07:47	577024              c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2907.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll+ 2009-06-18 07:47 . 2009-06-18 07:47	576000              c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2906.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll- 2009-06-15 18:42 . 2009-06-15 18:42	576000              c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2906.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll- 2009-06-15 18:42 . 2009-06-15 18:42	567296              c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2905.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll+ 2009-06-18 07:47 . 2009-06-18 07:47	567296              c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2905.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll- 2009-06-15 18:42 . 2009-06-15 18:42	563712              c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2904.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll+ 2009-06-18 07:47 . 2009-06-18 07:47	563712              c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2904.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll+ 2009-06-18 07:47 . 2009-06-18 07:47	473600              c:\windows\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3D.dll- 2009-06-15 18:42 . 2009-06-15 18:42	473600              c:\windows\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3D.dll- 2009-06-15 18:42 . 2009-06-15 18:42	2846720              c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2903.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll+ 2009-06-18 07:47 . 2009-06-18 07:47	2846720              c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2903.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll+ 2009-06-18 07:47 . 2009-06-18 07:47	2676224              c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll- 2009-06-15 18:42 . 2009-06-15 18:42	2676224              c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll.-- Migawka wyzerowana --.(((((((((((((((((((((((((((((((((((((   Wpisy startowe rejestru   ))))))))))))))))))))))))))))))))))))))))))))))))))..*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane  REGEDIT4[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]"SpybotSD TeaTimer"="f:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-01-26 2144088]"Nowe Gadu-Gadu"="f:\program files\Gadu-Gadu\gg.exe" [2009-04-20 9818728]"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-14 1695232]"LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2008-01-24 2289664]"EA Core"="f:\program files\Electronic Arts\EADM\Core.exe" [2009-04-29 3338240]"DAEMON Tools Lite"="f:\program files\DAEMON Tools Lite\daemon.exe" [2009-04-23 691656]"RGSC"="f:\program files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe" [2009-06-15 306088][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-01 153136]"Adobe Reader Speed Launcher"="f:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]"avast!"="f:\progra~1\Avast\Avast4\ashDisp.exe" [2009-02-05 81000]"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-03-09 148888]"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-03-17 61440]"RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.exe [2007-11-22 16858112][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]"NSSInstallation"="c:\windows\system32\Adobe\Shockwave 11\nssstub.exe" [2009-05-28 181624][HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]c:\documents and settings\All Users\Menu Start\Programy\Autostart\ASRock WiFi-802.11g.lnk - c:\program files\ASRock WiFi-802.11g\RtWLan.exe [2009-2-9 978944][HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WB]2001-12-20 22:34	24576	----a-w-	f:\program files\AlienGUIse\fastload.dll[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\klogon] [bU][HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]"AppInit_DLLs"=c:\windows\system32\wbsys.dll[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]@=""[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]"EnableFirewall"= 0 (0x0)[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]"%windir%\\system32\\sessmgr.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe"="c:\\WINDOWS\\system32\\PnkBstrA.exe"="c:\\WINDOWS\\system32\\PnkBstrB.exe"="f:\\Program Files\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"="f:\\Program Files\\Activision\\Call of Duty - World at War\\CoDWaWmp.exe"="f:\\Program Files\\Activision\\Call of Duty - World at War\\CoDWaW.exe"="c:\\Program Files\\Bonjour\\mDNSResponder.exe"="f:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"="f:\\Program Files\\Rockstar Games\\Rockstar Games Social Club\\RGSCLauncher.exe"="f:\\Program Files\\Rockstar Games\\Grand Theft Auto IV\\LaunchGTAIV.exe"=[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]"3451:TCP"= 3451:TCP:gwkjqexgR1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2009-03-31 114768]R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2009-03-31 20560]R3 AtiHdmiService;ATI Function Driver for HDMI Service;c:\windows\system32\drivers\AtiHdmi.sys [2009-02-09 99856]S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys --> c:\windows\system32\DRIVERS\Lbd.sys [?]S3 Start BT in service;Start BT in service;f:\program files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe [2007-04-21 52080][HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]"c:\program files\Common Files\LightScribe\LSRunOnce.exe".Zawartość folderu 'Zaplanowane zadania'2009-06-18 c:\windows\Tasks\NSSstub.job- c:\windows\system32\Adobe\Shockwave 11\nssstub.exe [2009-05-28 20:03]..------- Skan uzupełniający -------.uInternet Connection Wizard,ShellNext = iexploreuInternet Settings,ProxyOverride = *.localIE: Compare Prices with &Dealio - c:\documents and settings\GriX\Dane aplikacji\Dealio\kb127\res\DealioSearch.htmlIE: Dodaj do blokowanych banerówIE: E&ksport do programu Microsoft Excel - f:\progra~1\MICROS~1\OFFICE11\EXCEL.EXE/3000FF - ProfilePath - c:\documents and settings\GriX\Dane aplikacji\Mozilla\Firefox\Profiles\ory7kj0p.default\FF - plugin: f:\program files\Adobe\Reader 9.0\Reader\browser\nppdf32.dllFF - plugin: f:\program files\Mozilla Firefox\plugins\np-mswmp.dll.**************************************************************************catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.netRootkit scan 2009-06-18 16:13Windows 5.1.2600 Dodatek Service Pack 3 NTFSskanowanie ukrytych procesów ...  skanowanie ukrytych wpisów autostartu ... skanowanie ukrytych plików ...  skanowanie pomyślnie ukończoneukryte pliki: 0**************************************************************************.--------------------- ZABLOKOWANE KLUCZE REJESTRU ---------------------[HKEY_USERS\S-1-5-21-2000478354-73586283-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Explorer\CLSID]@Denied: (Full) (LocalSystem)[HKEY_USERS\S-1-5-21-2000478354-73586283-725345543-1004\Software\SecuROM\License information*]"datasecu"=hex:b2,dd,3b,0d,1f,dd,c3,76,8c,fe,96,ce,33,61,7e,23,ec,46,9b,1d,4f,   6d,e9,e4,d3,ee,cd,14,71,40,5c,89,b4,dd,de,a2,6e,85,20,74,bf,ab,f6,ec,ca,fc,\"rkeysecu"=hex:8a,74,7b,44,bc,88,7a,d4,a9,33,64,8e,4d,0c,c9,d5.--------------------- Pliki DLL ładowane pod uruchomionymi procesami ---------------------- - - - - - - > 'winlogon.exe'(856)c:\windows\system32\Ati2evxx.dllf:\program files\AlienGUIse\fastload.dll- - - - - - - > 'explorer.exe'(3680)c:\windows\system32\WPDShServiceObj.dllc:\windows\system32\PortableDeviceTypes.dllc:\windows\system32\PortableDeviceApi.dll.------------------------ Pozostałe uruchomione procesy ------------------------.c:\windows\system32\ati2evxx.exec:\windows\system32\ati2evxx.exef:\program files\Avast\Avast4\aswUpdSv.exef:\program files\Avast\Avast4\ashServ.exec:\windows\ATKKBService.exec:\program files\Bonjour\mDNSResponder.exec:\program files\Java\jre6\bin\jqs.exec:\program files\Common Files\LightScribe\LSSrvc.exec:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXEc:\windows\system32\PnkBstrA.exec:\windows\system32\PnkBstrB.exef:\program files\Avast\Avast4\ashMaiSv.exef:\program files\Avast\Avast4\ashWebSv.exec:\windows\system32\wbem\wmiapsrv.exec:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exec:\windows\system32\wscntfy.exec:\program files\ATI Technologies\ATI.ACE\Core-Static\CCC.exec:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe.**************************************************************************.Czas ukończenia: 2009-06-18 16:17 - komputer został uruchomiony ponownieComboFix-quarantined-files.txt  2009-06-18 14:17ComboFix2.txt  2009-06-16 19:27ComboFix3.txt  2009-06-16 12:24Przed: 62 269 734 912 bajtów wolnychPo: 62 159 101 952 bajtów wolnych307= ';
Gość
komentarz
komentarz

Teraz jest czysto.

1. Posprzątaj po ComboFixie i różnych narzędziach >>> OTCleanIt.

2. Użyj programu Malwarebytes.

Wciskamy Skanuj, wybieramy dyski do skanowania i Rozpoczynamy skanowanie, na końcu wciskamy Usuń zaznaczone jak będą i Ok.

Wrzuć wygenerowany raport po usuwaniu MBAMem.

.

GloomRelic
komentarz
komentarz

Strony już działają, dzięki wielkie, a to ten raport

Malwarebytes' Anti-Malware 1.38Wersja bazy definicji: 2304Windows 5.1.2600 Dodatek Service Pack 32009-06-18 17:18:44mbam-log-2009-06-18 (17-18-44).txtTyp skanowania: Pełne skanowanie (C:\|E:\|F:\|)Przeskanowane obiekty: 219286Upłynęło: 47 minute(s), 8 second(s)Zainfekowane procesy w pamięci: 0Zainfekowane moduły pamięci: 0Zainfekowane klucze rejestru: 0Zainfekowane wartości rejestru: 0Zainfekowane pliki rejestru: 0Zainfekowane foldery: 0Zainfekowane pliki: 3Zainfekowane procesy w pamięci:(Nie wykryto groźnych plików)Zainfekowane moduły pamięci:(Nie wykryto groźnych plików)Zainfekowane klucze rejestru:(Nie wykryto groźnych plików)Zainfekowane wartości rejestru:(Nie wykryto groźnych plików)Zainfekowane pliki rejestru:(Nie wykryto groźnych plików)Zainfekowane foldery:(Nie wykryto groźnych plików)Zainfekowane pliki:c:\documents and settings\GriX\moje dokumenty\instalki z netu\SmileyCentralPFSetup2.2.60.11-2.ZNfox000.exe (Adware.MyWeb) -> Quarantined and deleted successfully.c:\system volume information\_restore{3ffb5e09-28aa-4923-954c-7023e116c029}\RP133\A0057834.exe (Trojan.Agent) -> Quarantined and deleted successfully.C:\WINDOWS\system32\zlib4.dll (Trojan.Agent) -> Quarantined and deleted successfully.= ';
Gość
komentarz
komentarz

Powinno być OK.

.

GloomRelic
komentarz
komentarz

A, jeszcze chciałem wiedzieć, czemu te strony nie działały?

Gość
komentarz
komentarz

Bo miałeś Rootkita, bardzo groźnego, które te strony blokował.

.

Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!

Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.

×
×
  • Dodaj nową pozycję...

Powiadomienie o plikach cookie

Strona wykorzystuje pliki cookies w celu prawidłowego świadczenia usług i wygody użytkowników. Warunki przechowywania i dostępu do plików cookies możesz zmienić w ustawieniach przeglądarki.