szyszuniaaak utworzono 28 czerwca 2009 utworzono 28 czerwca 2009 Witam! Mam problem od pewnego czasu po włączeniu komputera wyświetlają mi się taki komunikaty: co to oznacza? Da się coś z tym zrobić? Jestem w sumie zielona w sprawach komputerowych więc jakby ktoś mógłby mi krok po kroku wytłumaczyć byłabym wdzięczna. Z góry dziękuje!
szyszuniaaak komentarz 28 czerwca 2009 Autor komentarz 28 czerwca 2009 Daj log z ComboFixa.. boże mój drogi ocb? ale ok klikam ;P ok przeczytałam. Więc zaczynam ;P dzięki, że ktoś się zainteresował ! ComboFix 09-06-26.02 - Marta 2009-06-28 20:08.1 - NTFSx86Microsoft Windows XP Professional 5.1.2600.2.1250.1.1045.18.638.414 [GMT 2:00]Uruchomiony z: c:\documents and settings\Marta\Pulpit\ComboFix.exeAV: ESET NOD32 Antivirus 3.0 *On-access scanning disabled* (Outdated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}.((((((((((((((((((((((((((((((((((((((( Usunięto ))))))))))))))))))))))))))))))))))))))))))))))))).c:\program files\Adzgalore Games Collectionc:\program files\Adzgalore Games Collection\BattlesOfHelicopters.exec:\program files\Adzgalore Games Collection\BobAndBill.exec:\program files\Adzgalore Games Collection\CrazyBlocks.exec:\program files\Adzgalore Games Collection\Lines.exec:\program files\Adzgalore Games Collection\uninstall.exec:\program files\Adzgalore Games Collection\VideoPool.exec:\program files\INSTALL.LOGc:\program files\Mozilla Firefox\Components\b839a6ba-5bbc-0129-5181-669d0f90e436.dllc:\program files\Mozilla Firefox\components\bypeelqsfsflt.dllc:\program files\Mozilla Firefox\components\nsadzgalore.dllc:\program files\Mozilla Firefox\plugins\NPMyGlSh.dllc:\program files\myglobalsearchc:\program files\myglobalsearch\bar\2.bin\M9FFXTBR.JARc:\program files\myglobalsearch\bar\2.bin\M9FFXTBR.MANIFESTc:\program files\myglobalsearch\bar\2.bin\M9NTSTBR.JARc:\program files\myglobalsearch\bar\2.bin\M9NTSTBR.MANIFESTc:\program files\myglobalsearch\bar\2.bin\NPMYGLSH.DLLc:\program files\myglobalsearch\bar\Cache\0001EEEEc:\program files\myglobalsearch\bar\Cache\00061B2Fc:\program files\myglobalsearch\bar\Cache\0018A62Ac:\program files\myglobalsearch\bar\Cache\001AEACEc:\program files\myglobalsearch\bar\Cache\01078EBAc:\program files\myglobalsearch\bar\Cache\0107902D.binc:\program files\myglobalsearch\bar\Cache\0107934E.binc:\program files\myglobalsearch\bar\Cache\010797F5.binc:\program files\myglobalsearch\bar\Cache\files.inic:\program files\myglobalsearch\bar\History\searchc:\program files\myglobalsearch\bar\Settings\prevcfg.htmc:\windows\system32\1f973a68-77e0-66ef-1235-b2e9fdbdc403.exec:\windows\system32\adzgalore-remove.exec:\windows\system32\bypeelqsfsflt.dll-uninst.exec:\windows\system32\cont_adzgalore-remove.exe.((((((((((((((((((((((((( Pliki utworzone od 2009-05-28 do 2009-06-28 ))))))))))))))))))))))))))))))).2009-06-25 20:00 . 2009-06-25 20:01 2383904 ----a-w- c:\documents and settings\All Users\Dane aplikacji\BigFishGamesCache\Upgrade\Unpack\bfgsetup_s1_l1.exe2009-06-25 20:00 . 2009-06-25 20:00 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\BigFishGamesCache2009-06-25 16:31 . 2009-06-25 16:31 1215488 ----a-w- c:\windows\system32\nso7.dll2009-06-24 14:36 . 2009-06-28 18:12 -------- d-----w- c:\temp\_ir_tmpfnt_12009-06-08 20:03 . 2001-01-12 17:47 122884 ----a-w- c:\windows\UnGins.exe2009-06-08 14:46 . 2009-06-08 14:46 542 ----a-w- c:\windows\eReg.dat2009-06-08 14:21 . 2009-06-08 14:21 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\DAEMON Tools Lite2009-06-08 14:20 . 2009-06-08 14:21 -------- d-----w- c:\program files\DAEMON Tools Toolbar2009-06-08 14:20 . 2009-06-08 14:21 -------- d-----w- c:\program files\DAEMON Tools Lite2009-06-08 14:16 . 2009-06-08 14:16 721904 ----a-w- c:\windows\system32\drivers\sptd.sys2009-06-08 14:15 . 2009-06-08 14:27 -------- d-----w- c:\documents and settings\Marta\Dane aplikacji\DAEMON Tools Lite2009-06-07 10:14 . 2009-06-07 10:14 -------- d-----w- c:\documents and settings\Marta\Dane aplikacji\.purple2009-06-06 17:33 . 1998-04-30 12:56 129024 ----a-w- c:\program files\UNWISE.EXE2009-06-02 13:28 . 2009-06-02 13:28 419840 ----a-w- c:\windows\system32\bypeelqsfsflt.dll.(((((((((((((((((((((((((((((((((((((((( Sekcja Find3M )))))))))))))))))))))))))))))))))))))))))))))))))))).2009-06-28 15:36 . 2009-06-28 15:36 -------- d-----w- c:\program files\Prograph2009-06-28 14:40 . 2009-06-28 14:39 -------- d-----w- c:\program files\Różowa Pantera2009-06-28 14:39 . 2007-03-11 08:48 -------- d--h--w- c:\program files\InstallShield Installation Information2009-06-28 12:21 . 2007-05-07 10:53 -------- d-----w- c:\program files\LogMeIn2009-06-27 18:55 . 2007-03-02 13:58 -------- d-----w- c:\documents and settings\Marta\Dane aplikacji\Tlen.pl2009-06-26 14:05 . 2007-07-24 10:26 -------- d-----w- c:\documents and settings\Marta\Dane aplikacji\Skype2009-06-08 14:47 . 2004-08-04 12:00 12464 -c--a-w- c:\windows\system32\drivers\secdrv.sys2009-05-19 22:10 . 2009-05-19 22:10 2319528 ----a-w- c:\documents and settings\All Users\Dane aplikacji\BigFishGamesCache\Upgrade\clientinstaller\bfgsetup_s1_l1.exe2009-05-03 16:17 . 2009-05-03 16:17 -------- d-----w- c:\program files\ESET2009-04-23 13:15 . 2009-04-23 13:15 1134024 ----a-w- c:\documents and settings\Marta\Dane aplikacji\Mozilla\Firefox\Profiles\rt6fsf0d.default\extensions\DTToolbar@toolbarnet.com\components\DTToolbarFF.dll2009-03-30 19:25 . 2007-03-02 13:38 45936 -c--a-w- c:\documents and settings\Marta\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT2007-12-29 17:25 . 2007-07-08 15:13 88 --sh--r- c:\windows\system32\5E028CB8AE.sys2007-12-29 17:25 . 2007-07-08 15:13 2516 -csha-w- c:\windows\system32\KGyGaAvL.sys.------- Sigcheck -------[-] 2008-04-14 17:21 14336 8607D35D92528E2DF386F19A960D23CE c:\windows\SoftwareDistribution\Download\bb44941ebc6c98c13a74d1f65de46494\svchost.exe[7] 2004-08-04 12:00 14336 BA98327E90022DBD6EE76490E0622E2E c:\windows\system32\svchost.exe[7] 2004-08-04 12:00 14336 BA98327E90022DBD6EE76490E0622E2E c:\windows\system32\dllcache\svchost.exe[7] 2005-03-02 18:21 578560 6A93565BE9B8422EB7538C66AC732D76 c:\windows\$hf_mig$\KB890859\SP2QFE\user32.dll[7] 2007-03-08 15:51 579584 11ABDECC02EFC1D2B6A6A0FA46C26594 c:\windows\$hf_mig$\KB925902\SP2QFE\user32.dll[7] 2004-08-04 12:00 578560 0C81764F50F32D376E6E4B9E9F4B01A0 c:\windows\$NtUninstallKB890859$\user32.dll[7] 2005-03-02 18:18 578560 B7EEB1A1AF740306049241DDF61F21FF c:\windows\$NtUninstallKB925902$\user32.dll[-] 2008-04-14 17:20 580096 A435C5C069AFD901751AC323AD238793 c:\windows\SoftwareDistribution\Download\bb44941ebc6c98c13a74d1f65de46494\user32.dll[7] 2007-03-08 15:38 579072 A37A4637F84F8DD771274EAF8D17FA65 c:\windows\system32\user32.dll[7] 2007-03-08 15:38 579072 A37A4637F84F8DD771274EAF8D17FA65 c:\windows\system32\dllcache\user32.dll[-] 2008-04-14 17:20 82432 C0AA2AB856680C44739B41E01F5BD4E9 c:\windows\SoftwareDistribution\Download\bb44941ebc6c98c13a74d1f65de46494\ws2_32.dll[7] 2004-08-04 12:00 82944 AB82237486B727DD7DAB36A76F38A3A2 c:\windows\system32\ws2_32.dll[7] 2004-08-04 12:00 82944 AB82237486B727DD7DAB36A76F38A3A2 c:\windows\system32\dllcache\ws2_32.dll[7] 2007-01-04 14:05 667648 B9CD00815EFFA790279A1D2F0D07323F c:\windows\$hf_mig$\KB928090\SP2QFE\wininet.dll[7] 2007-02-19 15:23 668160 F3D9666793B8C21EF3101D367DE29519 c:\windows\$hf_mig$\KB931768\SP2QFE\wininet.dll[7] 2008-10-16 10:35 670208 721DD14395B1EAD8D0B330F8B7B5B9F4 c:\windows\$hf_mig$\KB958215\SP2QFE\wininet.dll[7] 2008-10-16 01:02 668672 81AB7E7CEBEB09BCFB8C4AE1074E1CC1 c:\windows\$hf_mig$\KB958215\SP3GDR\wininet.dll[7] 2008-10-16 01:06 669696 D9A313E9E938FCD9C63EFD544C997183 c:\windows\$hf_mig$\KB958215\SP3QFE\wininet.dll[7] 2004-08-04 12:00 658944 D37DAFB534AC8343D59A1B501ABE852C c:\windows\$NtUninstallKB928090$\wininet.dll[7] 2007-01-04 13:58 661504 88D99579DC0A7BF56A7F875A078C66E0 c:\windows\$NtUninstallKB931768$\wininet.dll[7] 2007-02-19 15:05 661504 7E74AEDAAC9627358C3533B0837A6F36 c:\windows\$NtUninstallKB958215$\wininet.dll[-] 2008-04-14 17:20 668672 0457F0AFD6EE10445D8CF721FB5FA4EB c:\windows\SoftwareDistribution\Download\bb44941ebc6c98c13a74d1f65de46494\wininet.dll[7] 2008-10-16 10:39 662016 E3B72859EAEBBC3D2415E85B258D98A8 c:\windows\system32\wininet.dll[7] 2008-10-16 10:39 662016 E3B72859EAEBBC3D2415E85B258D98A8 c:\windows\system32\dllcache\wininet.dll[7] 2006-04-20 12:18 360576 B2220C618B42A2212A59D91EBD6FC4B4 c:\windows\$hf_mig$\KB917953\SP2QFE\tcpip.sys[7] 2008-06-20 10:44 360960 744E57C99232201AE98C49168B918F48 c:\windows\$hf_mig$\KB951748\SP2QFE\tcpip.sys[7] 2008-06-20 11:51 361600 9AEFA14BD6B182D61E3119FA5F436D3D c:\windows\$hf_mig$\KB951748\SP3GDR\tcpip.sys[7] 2008-06-20 11:59 361600 AD978A1B783B5719720CFF204B666C8E c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip.sys[7] 2004-08-04 12:00 359040 9F4B36614A0FC234525BA224957DE55C c:\windows\$NtUninstallKB917953$\tcpip.sys[7] 2006-04-20 11:51 359808 1DBF125862891817F374F407626967F4 c:\windows\$NtUninstallKB951748$\tcpip.sys[-] 2008-04-13 19:20 361344 93EA8D04EC73A85DB02EB8805988F733 c:\windows\SoftwareDistribution\Download\bb44941ebc6c98c13a74d1f65de46494\tcpip.sys[7] 2008-06-20 10:45 360320 2A5554FC5B1E04E131230E3CE035C3F9 c:\windows\system32\dllcache\tcpip.sys[7] 2008-06-20 10:45 360320 2A5554FC5B1E04E131230E3CE035C3F9 c:\windows\system32\drivers\tcpip.sys[-] 2008-04-14 17:21 510464 51FD2E13D723857B9CA239AE77150F48 c:\windows\SoftwareDistribution\Download\bb44941ebc6c98c13a74d1f65de46494\winlogon.exe[7] 2004-08-04 12:00 504832 0344407089B08548D4FEBA62BB0F32D0 c:\windows\system32\winlogon.exe[7] 2004-08-04 12:00 504832 0344407089B08548D4FEBA62BB0F32D0 c:\windows\system32\dllcache\winlogon.exe[-] 2008-04-13 19:20 182656 1DF7F42665C94B825322FAE71721130D c:\windows\SoftwareDistribution\Download\bb44941ebc6c98c13a74d1f65de46494\ndis.sys[7] 2004-08-04 12:00 182912 558635D3AF1C7546D26067D5D9B6959E c:\windows\system32\dllcache\ndis.sys[7] 2004-08-04 12:00 182912 558635D3AF1C7546D26067D5D9B6959E c:\windows\system32\drivers\ndis.sys[-] 2008-04-13 18:53 36608 3BB22519A194418D5FEC05D800A19AD0 c:\windows\SoftwareDistribution\Download\bb44941ebc6c98c13a74d1f65de46494\ip6fw.sys[7] 2004-08-04 12:00 29056 4448006B6BC60E6C027932CFC38D6855 c:\windows\system32\dllcache\ip6fw.sys[7] 2004-08-04 12:00 29056 4448006B6BC60E6C027932CFC38D6855 c:\windows\system32\drivers\ip6fw.sys[7] 2005-03-02 18:14 2058240 35D11FDC381536AB95E3005489131F44 c:\windows\$hf_mig$\KB890859\SP2QFE\ntkrnlpa.exe[7] 2006-12-19 18:47 2060672 4A447A38F3D164BB634D20D0A2C6833B c:\windows\$hf_mig$\KB929338\SP2QFE\ntkrnlpa.exe[7] 2007-02-28 16:09 2060672 2F4A36B1B03D64FB176CB0F3EB597118 c:\windows\$hf_mig$\KB931784\SP2QFE\ntkrnlpa.exe[7] 2008-08-14 13:40 2064256 BD1C2093733023E5AFC1520C095C2195 c:\windows\$hf_mig$\KB956841\SP2QFE\ntkrnlpa.exe[7] 2008-08-14 13:26 2067328 5AB2F07AD3FD76790294DDCCC6E06D46 c:\windows\$hf_mig$\KB956841\SP3GDR\ntkrnlpa.exe[7] 2008-08-14 17:27 2067328 638346856E53887B0C3DA62A9AB2C203 c:\windows\$hf_mig$\KB956841\SP3QFE\ntkrnlpa.exe[7] 2004-08-04 12:00 2058112 44D1BC1B05E0C7C82E81687B79C653C7 c:\windows\$NtUninstallKB890859$\ntkrnlpa.exe[7] 2005-03-02 18:08 2058112 0F6990820C6CE0A7A911FAE5937EF1F6 c:\windows\$NtUninstallKB929338$\ntkrnlpa.exe[7] 2006-12-19 18:24 2058880 3D50D5DB6343C789A75523714C8AB8C2 c:\windows\$NtUninstallKB931784$\ntkrnlpa.exe[7] 2007-02-28 16:04 2058880 2BDC1A6CEFE320E9C39FABF1961EBB9D c:\windows\$NtUninstallKB956841$\ntkrnlpa.exe[7] 2008-08-14 13:46 2059008 740D5209CE5EC76BB99923A710CD0A53 c:\windows\Driver Cache\i386\ntkrnlpa.exe[-] 2008-04-14 16:29 2067200 4BBA965664FAA56B187C27F4CAD7E7C5 c:\windows\SoftwareDistribution\Download\bb44941ebc6c98c13a74d1f65de46494\ntkrnlpa.exe[7] 2008-08-14 13:46 2059008 740D5209CE5EC76BB99923A710CD0A53 c:\windows\system32\ntkrnlpa.exe[7] 2008-08-14 13:46 2059008 740D5209CE5EC76BB99923A710CD0A53 c:\windows\system32\dllcache\ntkrnlpa.exe[7] 2005-03-02 18:14 2180864 DBA3E4215279C8012B37D2135B531258 c:\windows\$hf_mig$\KB890859\SP2QFE\ntoskrnl.exe[7] 2006-12-19 18:47 2183296 745C1A081AA663EA324E87432C244F70 c:\windows\$hf_mig$\KB929338\SP2QFE\ntoskrnl.exe[7] 2007-02-28 16:09 2183424 C450518EF9ACC02A2D799698021E31A8 c:\windows\$hf_mig$\KB931784\SP2QFE\ntoskrnl.exe[7] 2008-08-14 13:40 2187264 8EAC2F887F5E093186A6B2E548F719BA c:\windows\$hf_mig$\KB956841\SP2QFE\ntoskrnl.exe[7] 2008-08-14 13:26 2190464 9CE159C91E076FF6C25D055310EBB259 c:\windows\$hf_mig$\KB956841\SP3GDR\ntoskrnl.exe[7] 2008-08-14 17:27 2190464 DCDD970025463DFC9676EBE18ABD6A86 c:\windows\$hf_mig$\KB956841\SP3QFE\ntoskrnl.exe[7] 2004-08-04 12:00 2182272 DCF53422B7EDDED3B7431FBAE4A7EE3F c:\windows\$NtUninstallKB890859$\ntoskrnl.exe[7] 2005-03-02 18:09 2180608 3F3612846D67352468D2286FC23FB0C2 c:\windows\$NtUninstallKB929338$\ntoskrnl.exe[7] 2006-12-19 18:24 2181632 0DE4E7F68803B29526ED89F6C0DD013C c:\windows\$NtUninstallKB931784$\ntoskrnl.exe[7] 2007-02-28 16:04 2181632 C378BE3A1EDC5E4421D428655AC4A48C c:\windows\$NtUninstallKB956841$\ntoskrnl.exe[7] 2008-08-14 13:46 2181632 1E808411607A060AD7C582B7556C9AFA c:\windows\Driver Cache\i386\ntoskrnl.exe[-] 2008-04-14 16:30 2190336 8CA14ECF04594EABBE93C9FF2E3CBFB1 c:\windows\SoftwareDistribution\Download\bb44941ebc6c98c13a74d1f65de46494\ntoskrnl.exe[7] 2008-08-14 13:46 2181632 1E808411607A060AD7C582B7556C9AFA c:\windows\system32\ntoskrnl.exe[7] 2008-08-14 13:46 2181632 1E808411607A060AD7C582B7556C9AFA c:\windows\system32\dllcache\ntoskrnl.exe[7] 2004-08-04 12:00 1033728 379098A96E6C165B659DE7E4328010EA c:\windows\explorer.exe[-] 2008-04-14 17:21 1035264 C791ED9EAC5E76D9525E157B1D7A599A c:\windows\SoftwareDistribution\Download\bb44941ebc6c98c13a74d1f65de46494\explorer.exe[7] 2004-08-04 12:00 1033728 379098A96E6C165B659DE7E4328010EA c:\windows\system32\dllcache\explorer.exe[-] 2008-04-14 17:21 109056 3E3AE424E27C4CEFE4CAB368C7B570EA c:\windows\SoftwareDistribution\Download\bb44941ebc6c98c13a74d1f65de46494\services.exe[7] 2004-08-04 12:00 108544 3DA8D964D2CC12EF8E8C342471A37917 c:\windows\system32\services.exe[7] 2004-08-04 12:00 108544 3DA8D964D2CC12EF8E8C342471A37917 c:\windows\system32\dllcache\services.exe[-] 2008-04-14 17:21 13312 88296F7943F30A1EE3AF735440B92268 c:\windows\SoftwareDistribution\Download\bb44941ebc6c98c13a74d1f65de46494\lsass.exe[7] 2004-08-04 12:00 13312 F485FEFC8CC4FD29243D800BE5D275D1 c:\windows\system32\lsass.exe[7] 2004-08-04 12:00 13312 F485FEFC8CC4FD29243D800BE5D275D1 c:\windows\system32\dllcache\lsass.exe[-] 2008-04-14 17:21 15360 1BD41EDA5B869AFC99895C39A8DE36E1 c:\windows\SoftwareDistribution\Download\bb44941ebc6c98c13a74d1f65de46494\ctfmon.exe[7] 2004-08-04 12:00 15360 CBFA30492D70CE3938D8A7783D0C0436 c:\windows\system32\ctfmon.exe[7] 2004-08-04 12:00 15360 CBFA30492D70CE3938D8A7783D0C0436 c:\windows\system32\dllcache\ctfmon.exe[7] 2005-06-11 00:17 57856 AD3D9D191AEA7B5445FE1D82FFBB4788 c:\windows\$hf_mig$\KB896423\SP2QFE\spoolsv.exe[7] 2004-08-04 12:00 57856 BEBE8A85954FF460374FD5A0CD21E19B c:\windows\$NtUninstallKB896423$\spoolsv.exe[-] 2008-04-14 17:21 57856 DD69EC597AB942C39B950D9C3CE1375D c:\windows\SoftwareDistribution\Download\bb44941ebc6c98c13a74d1f65de46494\spoolsv.exe[7] 2005-06-10 23:53 57856 DA81EC57ACD4CDC3D4C51CF3D409AF9F c:\windows\system32\spoolsv.exe[7] 2005-06-10 23:53 57856 DA81EC57ACD4CDC3D4C51CF3D409AF9F c:\windows\system32\dllcache\spoolsv.exe[-] 2008-04-14 17:21 112128 9A19BA6D99B8EC3DB5B3EFF71B0A0BB5 c:\windows\SoftwareDistribution\Download\bb44941ebc6c98c13a74d1f65de46494\wuauclt.exe[7] 2008-10-16 12:09 51224 E654B78D2F1D791B30D0ED9A8195EC22 c:\windows\system32\wuauclt.exe[7] 2008-10-16 12:09 51224 E654B78D2F1D791B30D0ED9A8195EC22 c:\windows\system32\dllcache\wuauclt.exe[-] 2008-04-14 17:21 26624 2A5B37D520508BE6570A3EA79695F5B5 c:\windows\SoftwareDistribution\Download\bb44941ebc6c98c13a74d1f65de46494\userinit.exe[7] 2004-08-04 12:00 25088 BD768099B4C44AA631728CB74EB54396 c:\windows\system32\userinit.exe[7] 2004-08-04 12:00 25088 BD768099B4C44AA631728CB74EB54396 c:\windows\system32\dllcache\userinit.exe[-] 2008-04-14 17:20 296448 52E0505408EDD4AB5CCC7F83B67B4299 c:\windows\SoftwareDistribution\Download\bb44941ebc6c98c13a74d1f65de46494\termsrv.dll[7] 2004-08-04 12:00 296448 2C28157229925280916B3041CCC5FE4B c:\windows\system32\termsrv.dll[7] 2004-08-04 12:00 296448 2C28157229925280916B3041CCC5FE4B c:\windows\system32\dllcache\termsrv.dll[7] 2006-07-05 10:58 1013760 0139C7F85C0B3BBA2ABA93404A523276 c:\windows\$hf_mig$\KB917422\SP2QFE\kernel32.dll[7] 2004-08-04 12:00 1012224 578BB2F44597CB53451DED99013573F3 c:\windows\$NtUninstallKB917422$\kernel32.dll[-] 2008-04-14 17:20 1018368 FCE4ECC34A36EDACF03DBE8DE5E28910 c:\windows\SoftwareDistribution\Download\bb44941ebc6c98c13a74d1f65de46494\kernel32.dll[7] 2006-07-05 10:56 1012736 F46E92BB377A01C8911B60A83FE947BF c:\windows\system32\kernel32.dll[7] 2006-07-05 10:56 1012736 F46E92BB377A01C8911B60A83FE947BF c:\windows\system32\dllcache\kernel32.dll[-] 2008-04-14 17:20 17408 414C17A2958AEDAC700BBAAFBF999F94 c:\windows\SoftwareDistribution\Download\bb44941ebc6c98c13a74d1f65de46494\powrprof.dll[7] 2004-08-04 12:00 17408 B20BB2A65349EF132FA7F2EB51A29E5C c:\windows\system32\powrprof.dll[7] 2004-08-04 12:00 17408 B20BB2A65349EF132FA7F2EB51A29E5C c:\windows\system32\dllcache\powrprof.dll[-] 2008-04-14 17:20 110080 2E9A03268E609917B83921EE16FD9CFB c:\windows\SoftwareDistribution\Download\bb44941ebc6c98c13a74d1f65de46494\imm32.dll[7] 2004-08-04 12:00 110080 BDB679C04273B19BF46BD0D591FDEEC3 c:\windows\system32\imm32.dll[7] 2004-08-04 12:00 110080 BDB679C04273B19BF46BD0D591FDEEC3 c:\windows\system32\dllcache\imm32.dll[-] 2008-04-14 17:20 1571840 A9ED600F08A92143253C10EDB5651ECF c:\windows\SoftwareDistribution\Download\bb44941ebc6c98c13a74d1f65de46494\sfcfiles.dll[7] 2004-08-04 12:00 1548288 F044A12CFFB8E58BC044A2605283A636 c:\windows\system32\sfcfiles.dll[7] 2004-08-04 12:00 1548288 F044A12CFFB8E58BC044A2605283A636 c:\windows\system32\dllcache\sfcfiles.dll[-] 2008-04-14 17:19 172032 1561430DA2F2AB81CC0CE71AF95A778D c:\windows\SoftwareDistribution\Download\bb44941ebc6c98c13a74d1f65de46494\appmgmts.dll[7] 2004-08-04 12:00 172032 8D60B308D061DA209CC271D9B480468C c:\windows\system32\appmgmts.dll[7] 2004-08-04 12:00 172032 8D60B308D061DA209CC271D9B480468C c:\windows\system32\dllcache\appmgmts.dll[-] 2008-04-14 16:20 24960 2AECA45D4AEAACBDCB77AD11184E4601 c:\windows\SoftwareDistribution\Download\bb44941ebc6c98c13a74d1f65de46494\kbdclass.sys[7] 2004-08-04 12:00 24960 CC13DB862F929AE33F64C3BEDC01CD31 c:\windows\system32\drivers\kbdclass.sys.((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru ))))))))))))))))))))))))))))))))))))))))))))))))))..*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane REGEDIT4[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{2949ab62-4072-64bb-f30b-9e96509d06f4}]2009-06-25 16:31 1215488 ----a-w- c:\windows\system32\nso7.dll[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{370C37EB-F1F4-D8C1-01B8-C4249DAC6304}]2009-06-02 13:28 419840 ----a-w- c:\windows\system32\bypeelqsfsflt.dll[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-04 15360]"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" [2009-04-23 691656]"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2006-12-23 143360][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"LogMeIn GUI"="c:\program files\LogMeIn\x86\LogMeInSystray.exe" [2007-04-17 63048]"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2006-11-23 56928]"LanguageShortcut"="c:\program files\CyberLink\PowerDVD\Language\Language.exe" [2006-12-05 54832]"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648]"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2006-09-01 282624]"WinampAgent"="c:\program files\Winamp\winampa.exe" [2004-12-20 33792]"WireLessKeyboard"="c:\program files\Multimedia Keyboard Driver\StartAutorun.exe" [2005-11-30 94208]"Device Detector"="c:\program files\Common Files\ACD Systems\EN\DevDetect.exe" [2003-09-17 212992]"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2008-07-01 1447168][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]"NSSInstallation"="c:\windows\system32\Adobe\Shockwave 11\nssstub.exe" [2009-04-10 181624][HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-04 15360][HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LMIinit]2008-10-17 17:33 87352 ----a-w- c:\windows\system32\LMIinit.dll[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]"EnableFirewall"= 0 (0x0)[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]"%windir%\\system32\\sessmgr.exe"="c:\\Program Files\\Skype\\Phone\\Skype.exe"=R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [2008-07-01 34312]R2 ekrn;Eset Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [2008-07-01 468224]R2 LMIRfsDriver;LogMeIn Remote File System Driver;c:\windows\system32\drivers\LMIRfsDriver.sys [2007-07-20 47640]S2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files\LogMeIn\x86\rainfo.sys [2007-07-20 12856]S3 SER120;OTI Serial port driver;c:\windows\system32\drivers\ser120.sys [2007-08-20 32782]S3 w300mgmt;Sony Ericsson W300 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\w300mgmt.sys [2007-12-12 87824]S3 w300obex;Sony Ericsson W300 USB WMC OBEX Interface;c:\windows\system32\drivers\w300obex.sys [2007-12-12 85696]S4 LMIRfsClientNP;LMIRfsClientNP; [x].Zawartość folderu 'Zaplanowane zadania'2007-12-26 c:\windows\Tasks\AppleSoftwareUpdate.job- c:\program files\Apple Software Update\SoftwareUpdate.exe [2006-08-29 13:21]2009-06-28 c:\windows\Tasks\NSSstub.job- c:\windows\system32\Adobe\Shockwave 11\nssstub.exe [2009-04-10 20:34].- - - - USUNIĘTO PUSTE WPISY - - - -HKLM-Run-{d0c76bd5-0af6-564a-e2ab-ddf648b3628e} - c:\windows\system32\jjpavjtdkadd.dll.------- Skan uzupełniający -------.uStart Page = hxxp://search.bearshare.com/pl/IE: E&ksport do programu Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000IE: Easy-WebPrint Add To Print List - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.htmlIE: Easy-WebPrint High Speed Print - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.htmlIE: Easy-WebPrint Preview - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.htmlIE: Easy-WebPrint Print - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_Print.htmlFF - ProfilePath - c:\documents and settings\Marta\Dane aplikacji\Mozilla\Firefox\Profiles\rt6fsf0d.default\FF - prefs.js: browser.search.defaulturl - hxxp://www3.yoog.com/search.php?q=FF - prefs.js: browser.search.selectedEngine - Yoog SearchFF - prefs.js: browser.startup.homepage - www.google.plFF - prefs.js: keyword.URL - hxxp://www3.yoog.com/search.php?q=FF - component: c:\documents and settings\Marta\Dane aplikacji\Mozilla\Firefox\Profiles\rt6fsf0d.default\extensions\DTToolbar@toolbarnet.com\components\DTToolbarFF.dllFF - plugin: c:\documents and settings\All Users\Dane aplikacji\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dllFF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dllFF - plugin: c:\program files\Mozilla Firefox\plugins\npganymedenet.dllFF - plugin: c:\program files\Mozilla Firefox\plugins\npOggX.dllFF - plugin: c:\program files\Mozilla Firefox\plugins\npzylomgamesplayer.dllFF - HiddenExtension: Java Console: No Registry Reference - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}---- FIREFOX - SPOSÓB POSTĘPOWANIA ----FF - user.js: google.toolbar.linkdoctor.enabled - falseFF - user.js: browser.search.selectedEngine - Yoog SearchFF - user.js: keyword.URL - hxxp://www3.yoog.com/search.php?q=FF - user.js: keyword.enabled - trueFF - user.js: browser.search.defaultenginename - Yoog SearchFF - user.js: browser.search.defaulturl - hxxp://www3.yoog.com/search.php?q=.**************************************************************************catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.netRootkit scan 2009-06-28 20:12Windows 5.1.2600 Dodatek Service Pack 2 NTFSskanowanie ukrytych procesów ... skanowanie ukrytych wpisów autostartu ... skanowanie ukrytych plików ... skanowanie pomyślnie ukończoneukryte pliki: 0**************************************************************************.--------------------- Pliki DLL ładowane pod uruchomionymi procesami ---------------------- - - - - - - > 'winlogon.exe'(536)c:\windows\system32\LMIinit.dllc:\windows\system32\LMIRfsClientNP.dllc:\windows\system32\CLBCATQ.DLL.Czas ukończenia: 2009-06-28 20:17ComboFix-quarantined-files.txt 2009-06-28 18:17Przed: 2,957,938,688 bajtów wolnychPo: 3,001,159,680 bajtów wolnychWindowsXP-KB310994-SP2-Pro-BootDisk-PLK.exe[boot loader]timeout=2default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS[operating systems]c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdconsmulti(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect300 --- E O F --- 2009-04-03 13:14 // Logi wstawiamy w tagi . // Temat też przenoszę do działu >>> "Logi do sprawdzenia". // KamilJB
Gość komentarz 28 czerwca 2009 komentarz 28 czerwca 2009 1. Wklej do Notatnika: File::c:\windows\system32\nso7.dllc:\windows\system32\bypeelqsfsflt.dllFolder::c:\documents and settings\All Users\Dane aplikacji\BigFishGamesCacheDriver::LMIRfsClientNPRegistry::[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{2949ab62-4072-64bb-f30b-9e96509d06f4}][-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{370C37EB-F1F4-D8C1-01B8-C4249DAC6304}][HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"DAEMON Tools Lite"=-"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=-[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"LogMeIn GUI"=-"RemoteControl"=-"LanguageShortcut"=-"NeroFilterCheck"=-"QuickTime Task"=-"WinampAgent"=-"WireLessKeyboard"=-"Device Detector"=-"Adobe Reader Speed Launcher"=- >>Plik>>Zapisz jako... >>> CFScript Przeciągnij i upuść plik CFScript.txt na plik ComboFix.exe --> Ma się rozpocząć usuwanie. (i powstanie log).Daj ten log, który powstanie w trakcie usuwania. Jeśli pójdzie dobrze, to: Po restarcie usuń ręcznie folder C:\Qoobox. 2. Daj log z >>> DDS + OTL + RSIT'a (niżej na stronie linku). .
szyszuniaaak komentarz 1 lipca 2009 Autor komentarz 1 lipca 2009 Niestety po tym całym sprawdzaniu i wklejeniu LOGA wyłączyłam komputer i od tamtej pory nie chce się włączyć wyskakuje ekran błędu stop. Chyba niedługo będe mieć nowy bo nic z tego nie będzie. Dziękuje za pomoc
Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!
Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.