stratum utworzono 14 czerwca 2007 utworzono 14 czerwca 2007 Tak więc mam problem ponieważ komputer mi się zawiesza podczas grania w gry zarówno online jak i instalowane Zostałem poinforomowany że powinienem umieścić tutaj temat sprawdzić Logi i dać do sprawdzenia więc daje i odrazu dziękuje za pomoc. ComboFix 07-06-13.3 - C:Documents and SettingsSTRPulpitLOGCOMBOComboFix.exe "STR" - 2007-06-14 16:44:27 - Dodatek Service Pack 2 NTFS ((((((((((((((((((((((((( Files Created from 2007-05-14 to 2007-06-14 ))))))))))))))))))))))))))))))) 2007-06-14 16:44 49,152 --a------ C:WINDOWSnircmd.exe 2007-06-14 00:39 221,184 --a------ C:WINDOWSsystem32wmpns.dll 2007-06-12 13:36 <DIR> d-------- C:Downloads 2007-06-11 16:54 81,768 --a------ C:WINDOWSsystem32xinput1_3.dll 2007-06-11 16:54 62,744 --a------ C:WINDOWSsystem32xinput1_2.dll 2007-06-11 16:54 443,752 --a------ C:WINDOWSsystem32d3dx10_34.dll 2007-06-11 16:54 443,752 --a------ C:WINDOWSsystem32d3dx10_33.dll 2007-06-11 16:54 3,497,832 --a------ C:WINDOWSsystem32d3dx9_34.dll 2007-06-11 16:54 3,495,784 --a------ C:WINDOWSsystem32d3dx9_33.dll 2007-06-11 16:54 3,426,072 --a------ C:WINDOWSsystem32d3dx9_32.dll 2007-06-11 16:54 266,088 --a------ C:WINDOWSsystem32xactengine2_8.dll 2007-06-11 16:54 261,480 --a------ C:WINDOWSsystem32xactengine2_7.dll 2007-06-11 16:54 255,848 --a------ C:WINDOWSsystem32xactengine2_6.dll 2007-06-11 16:54 251,672 --a------ C:WINDOWSsystem32xactengine2_5.dll 2007-06-11 16:54 237,848 --a------ C:WINDOWSsystem32xactengine2_4.dll 2007-06-11 16:54 236,824 --a------ C:WINDOWSsystem32xactengine2_3.dll 2007-06-11 16:54 2,414,360 --a------ C:WINDOWSsystem32d3dx9_31.dll 2007-06-11 16:54 2,297,552 --a------ C:WINDOWSsystem32d3dx9_26.dll 2007-06-11 16:54 18,280 --a------ C:WINDOWSsystem32x3daudio1_2.dll 2007-06-11 16:54 15,128 --a------ C:WINDOWSsystem32x3daudio1_1.dll 2007-06-11 16:54 1,124,720 --a------ C:WINDOWSsystem32D3DCompiler_34.dll 2007-06-11 16:54 1,123,696 --a------ C:WINDOWSsystem32D3DCompiler_33.dll 2007-06-11 10:14 5,504 --------- C:WINDOWSsystem32driversimagedrv.sys 2007-06-11 10:14 476,320 --------- C:WINDOWSsystem32ImagXpr7.dll 2007-06-11 10:14 471,040 --------- C:WINDOWSsystem32ImagXRA7.dll 2007-06-11 10:14 262,144 --------- C:WINDOWSsystem32ImagXR7.dll 2007-06-11 10:14 155,648 --a------ C:WINDOWSsystem32NeroCheck.exe 2007-06-11 10:14 125,184 --------- C:WINDOWSsystem32driversimagesrv.sys 2007-06-11 10:14 106,496 --a------ C:WINDOWSsystem32TwnLib20.dll 2007-06-11 10:14 1,568,768 --------- C:WINDOWSsystem32ImagX7.dll 2007-06-11 10:14 <DIR> d-------- C:Program FilesCommon FilesAhead 2007-06-11 10:05 17,920 --a------ C:WINDOWSsystem32mdimon.dll 2007-06-11 10:00 <DIR> d-------- C:Program FilesMicrosoft.NET 2007-06-11 09:59 <DIR> d-------- C:WINDOWSSHELLNEW 2007-06-11 09:59 <DIR> d-------- C:Program FilesMicrosoft Works 2007-06-10 20:23 <DIR> d-------- C:DOCUME~1STRDANEAP~1Help 2007-06-10 20:16 <DIR> d--h----- C:WINDOWS$hf_mig$ 2007-06-10 20:16 <DIR> d-------- C:WINDOWSsystem32PreInstall 2007-06-10 18:35 119,568 --------- C:WINDOWSsystem32vb6fr.dll 2007-06-10 18:35 <DIR> d---s---- C:DOCUME~1STRUserData 2007-06-10 18:35 <DIR> d-------- C:Program FilesEurobarre 2007-06-10 18:22 <DIR> dr-hsc--- C:WINDOWSsystem32dllcache 2007-06-10 18:22 <DIR> dr--s---- C:WINDOWSFonts 2007-06-10 18:22 <DIR> dr------- C:WINDOWSWeb 2007-06-10 18:22 <DIR> d--h----- C:WINDOWSinf 2007-06-10 18:22 <DIR> d-------- C:WINDOWSWinSxS 2007-06-10 18:22 <DIR> d-------- C:WINDOWStwain_32 2007-06-10 18:22 <DIR> d-------- C:WINDOWSsystem32wins 2007-06-10 18:22 <DIR> d-------- C:WINDOWSsystem32wbem 2007-06-10 18:22 <DIR> d-------- C:WINDOWSsystem32usmt 2007-06-10 18:22 <DIR> d-------- C:WINDOWSsystem32spool 2007-06-10 18:22 <DIR> d-------- C:WINDOWSsystem32ShellExt 2007-06-10 18:22 <DIR> d-------- C:WINDOWSsystem32Setup 2007-06-10 18:22 <DIR> d-------- C:WINDOWSsystem32ras 2007-06-10 18:22 <DIR> d-------- C:WINDOWSsystem32oobe 2007-06-10 18:22 <DIR> d-------- C:WINDOWSsystem32npp 2007-06-10 18:22 <DIR> d-------- C:WINDOWSsystem32mui 2007-06-10 18:22 <DIR> d-------- C:WINDOWSsystem32inetsrv 2007-06-10 18:22 <DIR> d-------- C:WINDOWSsystem32IME 2007-06-10 18:22 <DIR> d-------- C:WINDOWSsystem32icsxml 2007-06-10 18:22 <DIR> d-------- C:WINDOWSsystem32ias 2007-06-10 18:22 <DIR> d-------- C:WINDOWSsystem32export 2007-06-10 18:22 <DIR> d-------- C:WINDOWSsystem32driversetc 2007-06-10 18:22 <DIR> d-------- C:WINDOWSsystem32driversdisdn 2007-06-10 18:22 <DIR> d-------- C:WINDOWSsystem32drivers 2007-06-10 18:22 <DIR> d-------- C:WINDOWSsystem32dhcp 2007-06-10 18:22 <DIR> d-------- C:WINDOWSsystem32config 2007-06-10 18:22 <DIR> d-------- C:WINDOWSsystem323com_dmi 2007-06-10 18:22 <DIR> d-------- C:WINDOWSsystem323076 2007-06-10 18:22 <DIR> d-------- C:WINDOWSsystem322052 2007-06-10 18:22 <DIR> d-------- C:WINDOWSsystem321054 2007-06-10 18:22 <DIR> d-------- C:WINDOWSsystem321045 2007-06-10 18:22 <DIR> d-------- C:WINDOWSsystem321042 2007-06-10 18:22 <DIR> d-------- C:WINDOWSsystem321041 2007-06-10 18:22 <DIR> d-------- C:WINDOWSsystem321037 2007-06-10 18:22 <DIR> d-------- C:WINDOWSsystem321033 2007-06-10 18:22 <DIR> d-------- C:WINDOWSsystem321031 2007-06-10 18:22 <DIR> d-------- C:WINDOWSsystem321028 2007-06-10 18:22 <DIR> d-------- C:WINDOWSsystem321025 2007-06-10 18:22 <DIR> d-------- C:WINDOWSsystem32 2007-06-10 18:22 <DIR> d-------- C:WINDOWSsystem 2007-06-10 18:22 <DIR> d-------- C:WINDOWSsecurity 2007-06-10 18:22 <DIR> d-------- C:WINDOWSResources 2007-06-10 18:22 <DIR> d-------- C:WINDOWSrepair 2007-06-10 18:22 <DIR> d-------- C:WINDOWSmui 2007-06-10 18:22 <DIR> d-------- C:WINDOWSmsapps 2007-06-10 18:22 <DIR> d-------- C:WINDOWSmsagent 2007-06-10 18:22 <DIR> d-------- C:WINDOWSMedia 2007-06-10 18:22 <DIR> d-------- C:WINDOWSime 2007-06-10 18:22 <DIR> d-------- C:WINDOWSHelp 2007-06-10 18:22 <DIR> d-------- C:WINDOWSDriver Cache 2007-06-10 18:22 <DIR> d-------- C:WINDOWSDebug 2007-06-10 18:22 <DIR> d-------- C:WINDOWSCursors 2007-06-10 18:22 <DIR> d-------- C:WINDOWSConnection Wizard 2007-06-10 18:22 <DIR> d-------- C:WINDOWSConfig 2007-06-10 18:22 <DIR> d-------- C:WINDOWSAppPatch 2007-06-10 18:22 <DIR> d-------- C:WINDOWSaddins 2007-06-10 18:22 <DIR> d-------- C:WINDOWS 2007-06-10 18:09 <DIR> d-------- C:DOCUME~1STRDANEAP~1Sierra 2007-06-10 17:32 <DIR> d-------- C:DOCUME~1STRDANEAP~1Gadu-Gadu (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) 2007-06-12 11:36:45 2,560 ----a-w C:WINDOWSsystem32BitCometRes.dll 2007-06-10 15:14:15 49,492 ----a-w C:WINDOWSsystem32perfc015.dat 2007-06-10 15:14:15 355,486 ----a-w C:WINDOWSsystem32perfh015.dat 2007-06-10 14:33:34 -------- d-----w C:Program FilesUsługi online ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects] {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60}=D:ProgramyBitComettoolsBitCometBHO_1.1.5.19.dll [2007-05-18 20:17] {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}=C:Program FilesJavajre1.6.0_01binssv.dll [2007-03-14 03:43] [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun] "WooCnxMon"="C:PROGRA~1NEOSTR~1CnxMon.exe" [2003-10-16 19:07] "SpeedTouch USB Diagnostics"="C:Program FilesThomsonSpeedTouch USBDragdiag.exe" [2004-01-26 11:38] "WOOWATCH"="C:PROGRA~1NEOSTR~1Watch.exe" [2003-10-16 19:07] "WOOTASKBARICON"="C:PROGRA~1NEOSTR~1TaskbarIcon.exe" [2003-10-16 19:07] "@"="" [] "DAEMON Tools-1033"="D:ProgramyDaemondaemon.exe" [2003-10-02 02:20] "nwiz"="nwiz.exe" [2005-02-24 07:32 C:WINDOWSsystem32nwiz.exe] "SunJavaUpdateSched"="C:Program FilesJavajre1.6.0_01binjusched.exe" [2007-03-14 03:43] [HKEY_LOCAL_MACHINEsoftwaremicrosoftwindows ntcurrentversionwindows] "appinit_dlls"=D:ProgramyKASPER~1.0adialhk.dll ************************************************************************** catchme 0.3.721 W2K/XP/Vista - userland rootkit detector by Gmer, http://www.gmer.net Rootkit scan 2007-06-14 16:47:32 Windows 5.1.2600 Dodatek Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** Completion time: 2007-06-14 16:50:05 --- E O F --- Logfile of Trend Micro HijackThis v2.0.0 (BETA) Scan saved at 16:19:52, on 2007-06-14 Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600) Boot mode: Normal Running processes: C:WINDOWSSystem32smss.exe C:WINDOWSsystem32winlogon.exe C:WINDOWSsystem32services.exe C:WINDOWSsystem32lsass.exe C:WINDOWSsystem32svchost.exe C:WINDOWSSystem32svchost.exe C:WINDOWSExplorer.EXE C:WINDOWSsystem32spoolsv.exe D:ProgramyKaspersky Internet Security 6.0avp.exe C:PROGRA~1NEOSTR~1CnxMon.exe C:Program FilesThomsonSpeedTouch USBDragdiag.exe C:PROGRA~1NEOSTR~1TaskbarIcon.exe C:Program FilesCommon FilesMicrosoft SharedVS7DEBUGMDM.EXE D:ProgramyKaspersky Internet Security 6.0avp.exe C:WINDOWSsystem32nvsvc32.exe D:ProgramyDaemondaemon.exe C:WINDOWSsystem32RUNDLL32.EXE C:Program FilesJavajre1.6.0_01binjusched.exe C:Program FilesEurobarreeb.exe C:Program FilesNeostrada TPNeostradaTP.exe C:Program FilesNeostrada TPComComp.exe C:Program FilesNeostrada TPWatch.exe C:WINDOWSsystem32wuauclt.exe C:Program FilesInternet Exploreriexplore.exe C:Program FilesInternet Exploreriexplore.exe D:ProgramyGadu-Gadugg.exe C:Program FilesInternet Exploreriexplore.exe C:Documents and SettingsSTRPulpitLOGHIJACKHiJackThis_v2.exe R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Bar = http://szukaj.wp.pl R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.neostrada.pl R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Window Title = Neostrada TP R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Łącza R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:PROGRA~1NEOSTR~1SEARCH~1.DLL O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - D:ProgramyBitComettoolsBitCometBHO_1.1.5.19.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:Program FilesJavajre1.6.0_01binssv.dll O4 - HKLM..Run: [WooCnxMon] C:PROGRA~1NEOSTR~1CnxMon.exe O4 - HKLM..Run: [speedTouch USB Diagnostics] "C:Program FilesThomsonSpeedTouch USBDragdiag.exe" /icon O4 - HKLM..Run: [WOOWATCH] C:PROGRA~1NEOSTR~1Watch.exe O4 - HKLM..Run: [WOOTASKBARICON] C:PROGRA~1NEOSTR~1TaskbarIcon.exe O4 - HKLM..Run: [kis] "D:ProgramyKaspersky Internet Security 6.0avp.exe" O4 - HKLM..Run: [DAEMON Tools-1033] "D:ProgramyDaemondaemon.exe" -lang 1033 O4 - HKLM..Run: [NvCplDaemon] RUNDLL32.EXE C:WINDOWSsystem32NvCpl.dll,NvStartup O4 - HKLM..Run: [nwiz] nwiz.exe /install O4 - HKLM..Run: [NvMediaCenter] RUNDLL32.EXE C:WINDOWSsystem32NvMcTray.dll,NvTaskbarInit O4 - HKLM..Run: [sunJavaUpdateSched] "C:Program FilesJavajre1.6.0_01binjusched.exe" O4 - HKLM..Run: [NeroFilterCheck] C:WINDOWSsystem32NeroCheck.exe O4 - HKUSS-1-5-19..Run: [CTFMON.EXE] C:WINDOWSSystem32CTFMON.EXE (User 'USŁUGA LOKALNA') O4 - HKUSS-1-5-20..Run: [CTFMON.EXE] C:WINDOWSSystem32CTFMON.EXE (User 'USŁUGA SIECIOWA') O4 - HKUSS-1-5-18..Run: [CTFMON.EXE] C:WINDOWSSystem32CTFMON.EXE (User 'SYSTEM') O4 - HKUS.DEFAULT..Run: [CTFMON.EXE] C:WINDOWSSystem32CTFMON.EXE (User 'Default user') O4 - Startup: Eurobarre.lnk = C:Program FilesEurobarreeb.exe O8 - Extra context menu item: Dodaj do Kaspersky Anti-Banner - D:ProgramyKaspersky Internet Security 6.0ie_banner_deny.htm O8 - Extra context menu item: Download all links using BitComet - res://D:ProgramyBitCometBitComet.exe/AddAllLink.htm O8 - Extra context menu item: Download all videos using BitComet - res://D:ProgramyBitCometBitComet.exe/AddVideo.htm O8 - Extra context menu item: Download link using &BitComet - res://D:ProgramyBitCometBitComet.exe/AddLink.htm O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://D:ProgramyMICROS~1OFFICE11EXCEL.EXE/3000 O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program FilesJavajre1.6.0_01binssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program FilesJavajre1.6.0_01binssv.dll O9 - Extra button: Ochrona WWW - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - D:ProgramyKaspersky Internet Security 6.0scieplugin.dll O9 - Extra button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:ProgramyMICROS~1OFFICE11REFIEBAR.DLL O17 - HKLMSystemCCSServicesTcpip..{1A51D363-236F-4CB7-8FEE-7649448A2EC5}: NameServer = 194.204.159.1 217.98.63.164 O17 - HKLMSystemCS1ServicesTcpip..{1A51D363-236F-4CB7-8FEE-7649448A2EC5}: NameServer = 194.204.159.1 217.98.63.164 O20 - AppInit_DLLs: D:ProgramyKASPER~1.0adialhk.dll O22 - SharedTaskScheduler: Moduł wstępnego ładowania interfejsu Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:WINDOWSSystem32browseui.dll O22 - SharedTaskScheduler: Demon buforu kategorii składników - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:WINDOWSSystem32browseui.dll O23 - Service: Kaspersky Internet Security 6.0 (AVP) - Kaspersky Lab - D:ProgramyKaspersky Internet Security 6.0avp.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:WINDOWSsystem32nvsvc32.exe -- End of file - 5516 bytes "Silent Runners.vbs", revision R50, http://www.silentrunners.org/ Operating System: Windows XP SP2 Output limited to non-default values, except where indicated by "{++}" Startup items buried in registry: --------------------------------- HKLMSoftwareMicrosoftWindowsCurrentVersionRun {++} "WooCnxMon" = "C:PROGRA~1NEOSTR~1CnxMon.exe" [empty string] "SpeedTouch USB Diagnostics" = ""C:Program FilesThomsonSpeedTouch USBDragdiag.exe" /icon" ["THOMSON Telecom Belgium"] "WOOWATCH" = "C:PROGRA~1NEOSTR~1Watch.exe" ["France Télécom R&D"] "WOOTASKBARICON" = "C:PROGRA~1NEOSTR~1TaskbarIcon.exe" ["France Télécom R&D"] "kis" = ""D:ProgramyKaspersky Internet Security 6.0avp.exe"" ["Kaspersky Lab"] "(Default)" = "(empty string)" [file not found] "DAEMON Tools-1033" = ""D:ProgramyDaemondaemon.exe" -lang 1033" ["DAEMON'S HOME"] "NvCplDaemon" = "RUNDLL32.EXE C:WINDOWSsystem32NvCpl.dll,NvStartup" [MS] "nwiz" = "nwiz.exe /install" ["NVIDIA Corporation"] "NvMediaCenter" = "RUNDLL32.EXE C:WINDOWSsystem32NvMcTray.dll,NvTaskbarInit" [MS] "SunJavaUpdateSched" = ""C:Program FilesJavajre1.6.0_01binjusched.exe"" ["Sun Microsystems, Inc."] "NeroFilterCheck" = "C:WINDOWSsystem32NeroCheck.exe" ["Ahead Software Gmbh"] HKLMSoftwareMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60}(Default) = "BitComet ClickCapture" -> {HKLM...CLSID} = "BitComet Helper" InProcServer32(Default) = "D:ProgramyBitComettoolsBitCometBHO_1.1.5.19.dll" ["BitComet"] {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}(Default) = (no title provided) -> {HKLM...CLSID} = "SSVHelper Class" InProcServer32(Default) = "C:Program FilesJavajre1.6.0_01binssv.dll" ["Sun Microsystems, Inc."] HKLMSoftwareMicrosoftWindowsCurrentVersionShell ExtensionsApproved "{42071714-76d4-11d1-8b24-00a0c9068ff3}" = "Rozszerzenie CPL kadrowania wyświetlania" -> {HKLM...CLSID} = "Rozszerzenie CPL kadrowania wyświetlania" InProcServer32(Default) = "deskpan.dll" [file not found] "{88895560-9AA2-1069-930E-00AA0030EBC8}" = "Rozszerzenie ikony HyperTerminalu" -> {HKLM...CLSID} = "HyperTerminal Icon Ext" InProcServer32(Default) = "C:WINDOWSSystem32hticons.dll" ["Hilgraeve, Inc."] "{B41DB860-8EE4-11D2-9906-E49FADC173CA}" = "WinRAR shell extension" -> {HKLM...CLSID} = "WinRAR" InProcServer32(Default) = "D:ProgramyWinRARrarext.dll" [null data] "{85E0B171-04FA-11D1-B7DA-00A0C90348D6}" = "Ochrona WWW" -> {HKLM...CLSID} = "Ochrona WWW" InProcServer32(Default) = "D:ProgramyKaspersky Internet Security 6.0scieplugin.dll" ["Kaspersky Lab"] "{A70C977A-BF00-412C-90B7-034C51DA2439}" = "NvCpl DesktopContext Class" -> {HKLM...CLSID} = "DesktopContext Class" InProcServer32(Default) = "C:WINDOWSsystem32nvcpl.dll" ["NVIDIA Corporation"] "{FFB699E0-306A-11d3-8BD1-00104B6F7516}" = "Play on my TV helper" -> {HKLM...CLSID} = "NVIDIA CPL Extension" InProcServer32(Default) = "C:WINDOWSsystem32nvcpl.dll" ["NVIDIA Corporation"] "{1CDB2949-8F65-4355-8456-263E7C208A5D}" = "Desktop Explorer" -> {HKLM...CLSID} = "Desktop Explorer" InProcServer32(Default) = "C:WINDOWSsystem32nvshell.dll" ["NVIDIA Corporation"] "{1E9B04FB-F9E5-4718-997B-B8DA88302A47}" = "Desktop Explorer Menu" -> {HKLM...CLSID} = (no title provided) InProcServer32(Default) = "C:WINDOWSsystem32nvshell.dll" ["NVIDIA Corporation"] "{1E9B04FB-F9E5-4718-997B-B8DA88302A48}" = "nView Desktop Context Menu" -> {HKLM...CLSID} = "nView Desktop Context Menu" InProcServer32(Default) = "C:WINDOWSsystem32nvshell.dll" ["NVIDIA Corporation"] "{00020D75-0000-0000-C000-000000000046}" = "Microsoft Office Outlook Desktop Icon Handler" -> {HKLM...CLSID} = "Microsoft Office Outlook" InProcServer32(Default) = "D:ProgramyMICROS~1OFFICE11MLSHEXT.DLL" [MS] "{0006F045-0000-0000-C000-000000000046}" = "Microsoft Office Outlook Custom Icon Handler" -> {HKLM...CLSID} = "Rozszerzenie ikon plików programu Outlook" InProcServer32(Default) = "D:ProgramyMICROS~1OFFICE11OLKFSTUB.DLL" [MS] "{42042206-2D85-11D3-8CFF-005004838597}" = "Microsoft Office HTML Icon Handler" -> {HKLM...CLSID} = (no title provided) InProcServer32(Default) = "D:ProgramyMicrosoft OfficeOFFICE11msohev.dll" [MS] HKLMSoftwareMicrosoftWindows NTCurrentVersionWindows <<!>> "AppInit_DLLs" = "D:ProgramyKASPER~1.0adialhk.dll" ["Kaspersky Lab"] HKLMSoftwareMicrosoftWindows NTCurrentVersionWinlogonNotify <<!>> klogonDLLName = "C:WINDOWSsystem32klogon.dll" ["Kaspersky Lab"] HKLMSoftwareClassesPROTOCOLSFilter <<!>> text/xmlCLSID = "{807553E5-5146-11D5-A672-00B0D022E945}" -> {HKLM...CLSID} = (no title provided) InProcServer32(Default) = "C:Program FilesCommon FilesMicrosoft SharedOFFICE11MSOXMLMF.DLL" [MS] HKLMSoftwareClasses*shellexContextMenuHandlers Kaspersky Anti-Virus(Default) = "{dd230880-495a-11d1-b064-008048ec2fc5}" -> {HKLM...CLSID} = (no title provided) InProcServer32(Default) = "D:ProgramyKaspersky Internet Security 6.0shellex.dll" ["Kaspersky Lab"] WinRAR(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}" -> {HKLM...CLSID} = "WinRAR" InProcServer32(Default) = "D:ProgramyWinRARrarext.dll" [null data] HKLMSoftwareClassesDirectoryshellexContextMenuHandlers WinRAR(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}" -> {HKLM...CLSID} = "WinRAR" InProcServer32(Default) = "D:ProgramyWinRARrarext.dll" [null data] HKLMSoftwareClassesFoldershellexContextMenuHandlers Kaspersky Anti-Virus(Default) = "{dd230880-495a-11d1-b064-008048ec2fc5}" -> {HKLM...CLSID} = (no title provided) InProcServer32(Default) = "D:ProgramyKaspersky Internet Security 6.0shellex.dll" ["Kaspersky Lab"] WinRAR(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}" -> {HKLM...CLSID} = "WinRAR" InProcServer32(Default) = "D:ProgramyWinRARrarext.dll" [null data] Group Policies {GPedit.msc branch and setting}: ----------------------------------------------- Note: detected settings may not have any effect. HKLMSoftwareMicrosoftWindowsCurrentVersionPoliciesSystem "shutdownwithoutlogon" = (REG_DWORD) hex:0x00000001 {Computer Configuration|Windows Settings|Security Settings|Local Policies|Security Options| Shutdown: Allow system to be shut down without having to log on} "undockwithoutlogon" = (REG_DWORD) hex:0x00000001 {Computer Configuration|Windows Settings|Security Settings|Local Policies|Security Options| Devices: Allow undock without having to log on} Active Desktop and Wallpaper: ----------------------------- Active Desktop may be disabled at this entry: HKCUSoftwareMicrosoftWindowsCurrentVersionExplorerShellState Displayed if Active Desktop enabled and wallpaper not set by Group Policy: HKCUSoftwareMicrosoftInternet ExplorerDesktopGeneral "Wallpaper" = "C:WINDOWSwebwallpaperIdylla.bmp" Displayed if Active Desktop disabled and wallpaper not set by Group Policy: HKCUControl PanelDesktop "Wallpaper" = "C:WINDOWSwebwallpaperIdylla.bmp" Enabled Screen Saver: --------------------- HKCUControl PanelDesktop "SCRNSAVE.EXE" = "C:WINDOWSSystem32logon.scr" [MS] Startup items in "STR" & "All Users" startup folders: ----------------------------------------------------- C:Documents and SettingsSTRMenu StartProgramyAutostart "Eurobarre" -> shortcut to: "C:Program FilesEurobarreeb.exe" [null data] Winsock2 Service Provider DLLs: ------------------------------- Namespace Service Providers HKLMSystemCurrentControlSetServicesWinsock2ParametersNameSpace_Catalog5Catalog_E tries {++} 000000000001LibraryPath = "%SystemRoot%System32mswsock.dll" [MS] 000000000002LibraryPath = "%SystemRoot%System32winrnr.dll" [MS] 000000000003LibraryPath = "%SystemRoot%System32mswsock.dll" [MS] Transport Service Providers HKLMSystemCurrentControlSetServicesWinsock2ParametersProtocol_Catalog9Catalog_En ries {++} 0000000000##PackedCatalogItem (contains) DLL [Company Name], (at) ## range: %SystemRoot%system32mswsock.dll [MS], 01 - 03, 06 - 15 %SystemRoot%system32rsvpsp.dll [MS], 04 - 05 Toolbars, Explorer Bars, Extensions: ------------------------------------ Explorer Bars HKLMSoftwareMicrosoftInternet ExplorerExplorer Bars HKLMSoftwareClassesCLSID{01002DB2-8170-4D9B-A8B1-DDC9DD114E03}(Default) = "Volet Wanadoo" Implemented Categories{00021494-0000-0000-C000-000000000046} [horizontal bar] InProcServer32(Default) = "C:PROGRA~1NEOSTR~1audienceaudience.dll" [empty string] HKLMSoftwareClassesCLSID{3BAF4A27-C764-4E1A-A6F4-62F7A7E5E51C}(Default) = "ToolBand Class" Implemented Categories{00021494-0000-0000-C000-000000000046} [horizontal bar] InProcServer32(Default) = "C:PROGRA~1NEOSTR~1audienceaudience.dll" [empty string] HKLMSoftwareClassesCLSID{5BF498C0-931E-4A4F-B33F-456D07137EAA}(Default) = "Volet Wanadoo" Implemented Categories{00021494-0000-0000-C000-000000000046} [horizontal bar] InProcServer32(Default) = "C:PROGRA~1NEOSTR~1audienceaudience.dll" [empty string] HKLMSoftwareClassesCLSID{85E0B171-04FA-11D1-B7DA-00A0C90348D6}(Default) = "Ochrona WWW" Implemented Categories{00021493-0000-0000-C000-000000000046} [vertical bar] InProcServer32(Default) = "D:ProgramyKaspersky Internet Security 6.0scieplugin.dll" ["Kaspersky Lab"] HKLMSoftwareClassesCLSID{FF059E31-CC5A-4E2E-BF3B-96E929D65503}(Default) = "&Badanie" Implemented Categories{00021493-0000-0000-C000-000000000046} [vertical bar] InProcServer32(Default) = "D:ProgramyMICROS~1OFFICE11REFIEBAR.DLL" [MS] Extensions (Tools menu items, main toolbar menu buttons) HKLMSoftwareMicrosoftInternet ExplorerExtensions {08B0E5C0-4FCB-11CF-AAA5-00401C608501} "MenuText" = "Sun Java Console" "CLSIDExtension" = "{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBC}" -> {HKCU...CLSID} = "Java Plug-in 1.6.0_01" InProcServer32(Default) = "C:Program FilesJavajre1.6.0_01binssv.dll" ["Sun Microsystems, Inc."] -> {HKLM...CLSID} = "Java Plug-in 1.6.0_01" InProcServer32(Default) = "C:Program FilesJavajre1.6.0_01binnpjpi160_01.dll" ["Sun Microsystems, Inc."] {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} "ButtonText" = "Ochrona WWW" {92780B25-18CC-41C8-B9BE-3C9C571A8263} "ButtonText" = "Badanie" Miscellaneous IE Hijack Points ------------------------------ HKCUSoftwareMicrosoftInternet ExplorerURLSearchHooks <<H>> "{08C06D61-F1F3-4799-86F8-BE1A89362C85}" = (no title provided) -> {HKLM...CLSID} = "Search Class" InProcServer32(Default) = "C:PROGRA~1NEOSTR~1SEARCH~1.DLL" [empty string] Running Services (Display Name, Service Name, Path {Service DLL}): ------------------------------------------------------------------ Kaspersky Internet Security 6.0, AVP, ""D:ProgramyKaspersky Internet Security 6.0avp.exe" -r" ["Kaspersky Lab"] Machine Debug Manager, MDM, ""C:Program FilesCommon FilesMicrosoft SharedVS7DEBUGMDM.EXE"" [MS] NVIDIA Display Driver Service, NVSvc, "C:WINDOWSsystem32nvsvc32.exe" ["NVIDIA Corporation"] Print Monitors: --------------- HKLMSystemCurrentControlSetControlPrintMonitors Microsoft Document Imaging Writer MonitorDriver = "mdimon.dll" [MS] ---------- <<!>>: Suspicious data at a malware launch point. <<H>>: Suspicious data at a browser hijack point. + This report excludes default entries except where indicated. + To see *everywhere* the script checks and *everything* it finds, launch it from a command prompt or a shortcut with the -all parameter. + The search for DESKTOP.INI DLL launch points on all local fixed drives took 53 seconds. ---------- (total run time: 238 seconds)
Boski4 komentarz 14 czerwca 2007 komentarz 14 czerwca 2007 Był już taki temat i w nim masz wszytko opisane: http://www.forumpc.pl/viewtopic.php?p=7362...e8f7ee7b8#73623 /Sorry, ale miarka się przebrała. Dalej piszesz głupoty więc niestety będziesz musiał odpocząć na przymusowym urlopie. Przemyśl dokładnie Swoje postępowanie i naucz się czytać ze zrozumieniem +1 Warn.
stratum komentarz 14 czerwca 2007 Autor komentarz 14 czerwca 2007 Sorry ale to chyba nie to samo ... Bo przecież sprawdzając logi na moim kompie Nie są takie same jak tego kolesia co??
CatchMe komentarz 14 czerwca 2007 komentarz 14 czerwca 2007 Te logi są czyste. Proszę jeszcze tylko o 2 logi z Gmera. Ściagnij: Gmer`a * Rootkit >>> zaznaczone Pokaż wszystko >>> wskazane tylko Usługi >>> Szukaj >>> Kopiuj >>> CTRL+V na www.wklej.org * Rootkit >>> odznaczone Pokaż wszystko >>> wskazane wszystkie obiekty do skanu >>> Szukaj>>> Kopiuj >>> CTRL+V na www.wklej.org - W rezultacie otrzymujemy 2 logi, które wklejamy na www.wklej.org a linki podajemy na forum.
stratum komentarz 14 czerwca 2007 Autor komentarz 14 czerwca 2007 1 Log za pomocą Gmer'a http://www.wklej.org/id/f53797ca4f 2 Log http://www.wklej.org/id/e73a367ef2 Jak to nie pomoże ... ? to nie wiem może do komputerowego oddać ?? By sprawdzili czy części dobre--- dysk , płyta główna [ Dodano: 2007-06-15, 10:00 ] A może znacie jakieś programy które sprawdzają, poprawne działanie pod-zespołów komputera. ?? Byłbym bardzo wdzięczny
stratum komentarz 16 czerwca 2007 Autor komentarz 16 czerwca 2007 CatchMe Tak myślałem że logi są czyste, dzieki bardzo za sprawdzenia. Ponawiam swoje pytanie. Czy zna ktoś programy dzięki którym moge sprawdzić czy podzespoły komputera są sprawne??
CatchMe komentarz 16 czerwca 2007 komentarz 16 czerwca 2007 http://www.idg.pl/ftp/pc_6684/Hmonitor.4.2.1.3.html - w wersji ograniczonej działa seryjnie przez 10 min (wystarczy do analizy)
Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!
Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.