x-kom hosting

[Rozwiazany]Lagi

luko

luko

utworzono
utworzono

Witam

Moj problem polega na tym ze mam lagi w grach a takze nieraz mi muli neta. Moze jestescie w stanie temu zaradzić :>

Logfile of HijackThis v1.99.1

Scan saved at 15:09:25, on 2007-07-17

Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:

C:WINDOWSSystem32smss.exe

C:WINDOWSsystem32winlogon.exe

C:WINDOWSsystem32services.exe

C:WINDOWSsystem32lsass.exe

C:WINDOWSsystem32svchost.exe

C:WINDOWSSystem32svchost.exe

C:WINDOWSExplorer.EXE

C:WINDOWSsystem32spoolsv.exe

C:Program FilesJavajre1.6.0_01binjusched.exe

C:WINDOWSsystem32ctfmon.exe

C:Program FilesMessengermsmsgs.exe

C:Program FilesMozilla Firefoxfirefox.exe

C:WINDOWSsystem32wuauclt.exe

C:Documents and SettingsMadziulkaPulpitHijackThis.exe

R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://google.pl/

R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Local Page =

R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Łącza

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:Program FilesAdobeAcrobat 5.0 CEReaderActiveXAcroIEHelper.ocx

O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:Program FilesFlashGetjccatch.dll

O2 - BHO: My Global Search Bar BHO - {37B85A21-692B-4205-9CAD-2626E4993404} - C:Program FilesMyGlobalSearchbar1.binMGSBAR.DLL

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:Program FilesJavajre1.6.0_01binssv.dll

O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:Program FilesFlashGetgetflash.dll

O3 - Toolbar: My Global Search Bar - {37B85A29-692B-4205-9CAD-2626E4993404} - C:Program FilesMyGlobalSearchbar1.binMGSBAR.DLL

O4 - HKLM..Run: [sunJavaUpdateSched] "C:Program FilesJavajre1.6.0_01binjusched.exe"

O4 - HKCU..Run: [CTFMON.EXE] C:WINDOWSsystem32ctfmon.exe

O4 - HKCU..Run: [Gadu-Gadu] "C:Program FilesGadu-Gadugg.exe" /tray

O4 - HKCU..Run: [MSMSGS] "C:Program FilesMessengermsmsgs.exe" /background

O8 - Extra context menu item: &Ściągnij przy pomocy FlashGet'a - C:Program FilesFlashGetjc_link.htm

O8 - Extra context menu item: &Ściągnij wszystko przy pomocy FlashGet'a - C:Program FilesFlashGetjc_all.htm

O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:PROGRA~1MICROS~2OFFICE11EXCEL.EXE/3000

O8 - Extra context menu item: Pobierz z &BitSpirit - C:Program FilesBitSpiritbsurl.htm

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program FilesJavajre1.6.0_01binssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program FilesJavajre1.6.0_01binssv.dll

O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%bdoscandel.exe (file missing)

O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%bdoscandel.exe (file missing)

O9 - Extra button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:PROGRA~1MICROS~2OFFICE11REFIEBAR.DLL

O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:Program FilesFlashGetFlashGet.exe

O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:Program FilesFlashGetFlashGet.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe

O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B7D41EF1CB52} - C:Program FilesAWSWeatherBugWeather.exe (file missing) (HKCU)

O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab

O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} (MksSkanerOnline Class) - http://www.mks.com.pl/skaner/SkanerOnline.cab

"Silent Runners.vbs", revision R50, http://www.silentrunners.org/

Operating System: Windows XP SP2

Output limited to non-default values, except where indicated by "{++}"

Startup items buried in registry:

---------------------------------

HKCUSoftwareMicrosoftWindowsCurrentVersionRun {++}

"CTFMON.EXE" = "C:WINDOWSsystem32ctfmon.exe" [MS]

"Gadu-Gadu" = ""C:Program FilesGadu-Gadugg.exe" /tray" ["Gadu-Gadu S.A."]

"MSMSGS" = ""C:Program FilesMessengermsmsgs.exe" /background" [MS]

HKLMSoftwareMicrosoftWindowsCurrentVersionRun {++}

"SunJavaUpdateSched" = ""C:Program FilesJavajre1.6.0_01binjusched.exe"" ["Sun Microsystems, Inc."]

HKLMSoftwareMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects

{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}(Default) = (no title provided)

-> {HKLM...CLSID} = "AcroIEHlprObj Class"

InProcServer32(Default) = "C:Program FilesAdobeAcrobat 5.0 CEReaderActiveXAcroIEHelper.ocx" [empty string]

{2F364306-AA45-47B5-9F9D-39A8B94E7EF7}(Default) = "flashget urlcatch"

-> {HKLM...CLSID} = "FGCatchUrl"

InProcServer32(Default) = "C:Program FilesFlashGetjccatch.dll" ["www.flashget.com"]

{37B85A21-692B-4205-9CAD-2626E4993404}(Default) = "My Global Search Bar BHO"

-> {HKLM...CLSID} = "My Global Search Bar BHO"

InProcServer32(Default) = "C:Program FilesMyGlobalSearchbar1.binMGSBAR.DLL" ["My Global Search"]

{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}(Default) = (no title provided)

-> {HKLM...CLSID} = "SSVHelper Class"

InProcServer32(Default) = "C:Program FilesJavajre1.6.0_01binssv.dll" ["Sun Microsystems, Inc."]

{F156768E-81EF-470C-9057-481BA8380DBA}(Default) = (no title provided)

-> {HKLM...CLSID} = "FlashGet GetFlash Class"

InProcServer32(Default) = "C:Program FilesFlashGetgetflash.dll" ["www.flashget.com"]

HKLMSoftwareMicrosoftWindowsCurrentVersionShell ExtensionsApproved

"{42071714-76d4-11d1-8b24-00a0c9068ff3}" = "Rozszerzenie CPL kadrowania wyświetlania"

-> {HKLM...CLSID} = "Rozszerzenie CPL kadrowania wyświetlania"

InProcServer32(Default) = "deskpan.dll" [file not found]

"{88895560-9AA2-1069-930E-00AA0030EBC8}" = "Rozszerzenie ikony HyperTerminalu"

-> {HKLM...CLSID} = "HyperTerminal Icon Ext"

InProcServer32(Default) = "C:WINDOWSsystem32hticons.dll" ["Hilgraeve, Inc."]

"{42042206-2D85-11D3-8CFF-005004838597}" = "Microsoft Office HTML Icon Handler"

-> {HKLM...CLSID} = (no title provided)

InProcServer32(Default) = "C:Program FilesMicrosoft OfficeOFFICE11msohev.dll" [MS]

"{B41DB860-8EE4-11D2-9906-E49FADC173CA}" = "WinRAR shell extension"

-> {HKLM...CLSID} = "WinRAR"

InProcServer32(Default) = "C:Program FilesWinRARrarext.dll" [null data]

HKLMSoftwareClassesPROTOCOLSFilter

<<!>> text/xmlCLSID = "{807553E5-5146-11D5-A672-00B0D022E945}"

-> {HKLM...CLSID} = (no title provided)

InProcServer32(Default) = "C:Program FilesCommon FilesMicrosoft SharedOFFICE11MSOXMLMF.DLL" [MS]

HKLMSoftwareClasses*shellexContextMenuHandlers

WinRAR(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"

-> {HKLM...CLSID} = "WinRAR"

InProcServer32(Default) = "C:Program FilesWinRARrarext.dll" [null data]

HKLMSoftwareClassesDirectoryshellexContextMenuHandlers

WinRAR(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"

-> {HKLM...CLSID} = "WinRAR"

InProcServer32(Default) = "C:Program FilesWinRARrarext.dll" [null data]

HKLMSoftwareClassesFoldershellexContextMenuHandlers

WinRAR(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"

-> {HKLM...CLSID} = "WinRAR"

InProcServer32(Default) = "C:Program FilesWinRARrarext.dll" [null data]

Group Policies {GPedit.msc branch and setting}:

-----------------------------------------------

Note: detected settings may not have any effect.

HKLMSoftwareMicrosoftWindowsCurrentVersionPoliciesSystem

"shutdownwithoutlogon" = (REG_DWORD) hex:0x00000001

{Computer Configuration|Windows Settings|Security Settings|Local Policies|Security Options|

Shutdown: Allow system to be shut down without having to log on}

"undockwithoutlogon" = (REG_DWORD) hex:0x00000001

{Computer Configuration|Windows Settings|Security Settings|Local Policies|Security Options|

Devices: Allow undock without having to log on}

Active Desktop and Wallpaper:

-----------------------------

Active Desktop may be disabled at this entry:

HKCUSoftwareMicrosoftWindowsCurrentVersionExplorerShellState

Displayed if Active Desktop enabled and wallpaper not set by Group Policy:

HKCUSoftwareMicrosoftInternet ExplorerDesktopGeneral

"Wallpaper" = "C:WINDOWSsystem32configsystemprofileUstawienia lokalneDane aplikacjiMicrosoftWallpaper1.bmp"

Displayed if Active Desktop disabled and wallpaper not set by Group Policy:

HKCUControl PanelDesktop

"Wallpaper" = "C:Documents and SettingsMadziulkaUstawienia lokalneDane aplikacjiMicrosoftWallpaper1.bmp"

Enabled Screen Saver:

---------------------

HKCUControl PanelDesktop

"SCRNSAVE.EXE" = "C:WINDOWSsystem32logon.scr" [MS]

Winsock2 Service Provider DLLs:

-------------------------------

Namespace Service Providers

HKLMSystemCurrentControlSetServicesWinsock2ParametersNameSpace_Catalog5Catalog_E

tries {++}

000000000001LibraryPath = "%SystemRoot%System32mswsock.dll" [MS]

000000000002LibraryPath = "%SystemRoot%System32winrnr.dll" [MS]

000000000003LibraryPath = "%SystemRoot%System32mswsock.dll" [MS]

Transport Service Providers

HKLMSystemCurrentControlSetServicesWinsock2ParametersProtocol_Catalog9Catalog_En

ries {++}

0000000000##PackedCatalogItem (contains) DLL [Company Name], (at) ## range:

%SystemRoot%system32mswsock.dll [MS], 01 - 03, 06 - 13

%SystemRoot%system32rsvpsp.dll [MS], 04 - 05

Toolbars, Explorer Bars, Extensions:

------------------------------------

Toolbars

HKCUSoftwareMicrosoftInternet ExplorerToolbarWebBrowser

"{37B85A29-692B-4205-9CAD-2626E4993404}"

-> {HKLM...CLSID} = "My Global Search Bar"

InProcServer32(Default) = "C:Program FilesMyGlobalSearchbar1.binMGSBAR.DLL" ["My Global Search"]

HKLMSoftwareMicrosoftInternet ExplorerToolbar

"{37B85A29-692B-4205-9CAD-2626E4993404}" = (no title provided)

-> {HKLM...CLSID} = "My Global Search Bar"

InProcServer32(Default) = "C:Program FilesMyGlobalSearchbar1.binMGSBAR.DLL" ["My Global Search"]

Explorer Bars

HKLMSoftwareMicrosoftInternet ExplorerExplorer Bars

HKLMSoftwareClassesCLSID{FF059E31-CC5A-4E2E-BF3B-96E929D65503}(Default) = "&Badanie"

Implemented Categories{00021493-0000-0000-C000-000000000046} [vertical bar]

InProcServer32(Default) = "C:PROGRA~1MICROS~2OFFICE11REFIEBAR.DLL" [MS]

Extensions (Tools menu items, main toolbar menu buttons)

HKCUSoftwareMicrosoftInternet ExplorerExtensions

{AF6CABAB-61F9-4F12-A198-B7D41EF1CB52}

"ButtonText" = "WeatherBug"

"CLSIDExtension" = "{AF6CABAB-61F9-4f12-A198-B7D41EF1CB52}"

"Exec" = "C:Program FilesAWSWeatherBugWeather.exe" [file not found]

HKLMSoftwareMicrosoftInternet ExplorerExtensions

{08B0E5C0-4FCB-11CF-AAA5-00401C608501}

"MenuText" = "Sun Java Console"

"CLSIDExtension" = "{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBC}"

-> {HKCU...CLSID} = "Java Plug-in 1.6.0_01"

InProcServer32(Default) = "C:Program FilesJavajre1.6.0_01binssv.dll" ["Sun Microsystems, Inc."]

-> {HKLM...CLSID} = "Java Plug-in 1.6.0_01"

InProcServer32(Default) = "C:Program FilesJavajre1.6.0_01binnpjpi160_01.dll" ["Sun Microsystems, Inc."]

{85D1F590-48F4-11D9-9669-0800200C9A66}

"MenuText" = "Uninstall BitDefender Online Scanner v8"

"Exec" = "%windir%bdoscandel.exe" [file not found]

{92780B25-18CC-41C8-B9BE-3C9C571A8263}

"ButtonText" = "Badanie"

{D6E814A0-E0C5-11D4-8D29-0050BA6940E3}

"ButtonText" = "FlashGet"

"MenuText" = "FlashGet"

"Exec" = "C:Program FilesFlashGetFlashGet.exe" ["FlashGet.com"]

{FB5F1910-F110-11D2-BB9E-00C04F795683}

"ButtonText" = "Messenger"

"MenuText" = "Windows Messenger"

"Exec" = "C:Program FilesMessengermsmsgs.exe" [MS]

Print Monitors:

---------------

HKLMSystemCurrentControlSetControlPrintMonitors

Microsoft Document Imaging Writer MonitorDriver = "mdimon.dll" [MS]

----------

<<!>>: Suspicious data at a malware launch point.

+ This report excludes default entries except where indicated.

+ To see *everywhere* the script checks and *everything* it finds,

launch it from a command prompt or a shortcut with the -all parameter.

+ The search for DESKTOP.INI DLL launch points on all local fixed drives

took 41 seconds.

---------- (total run time: 147 seconds)

CatchMe

CatchMe

komentarz
komentarz

Pogrubione foldery usuń z dysku, a wpisy skasuj w HijackThis:

O2 - BHO: My Global Search Bar BHO - {37B85A21-692B-4205-9CAD-2626E4993404} - C:Program FilesMyGlobalSearchbar1.binMGSBAR.DLL

O3 - Toolbar: My Global Search Bar - {37B85A29-692B-4205-9CAD-2626E4993404} - C:Program FilesMyGlobalSearchbar1.binMGSBAR.DLL

O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%bdoscandel.exe (file missing)

O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%bdoscandel.exe (file missing)

O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B7D41EF1CB52} - C:Program FilesAWSWeatherBugWeather.exe (file missing) (HKCU)

- Następnie wklejasz logi z HijackThis i ComboFix

luko

luko

komentarz
  • Autor
komentarz

Hijackthis

Logfile of HijackThis v1.99.1

Scan saved at 09:54:41, on 2007-07-18

Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:

C:WINDOWSSystem32smss.exe

C:WINDOWSsystem32winlogon.exe

C:WINDOWSsystem32services.exe

C:WINDOWSsystem32lsass.exe

C:WINDOWSsystem32svchost.exe

C:WINDOWSSystem32svchost.exe

C:WINDOWSsystem32spoolsv.exe

C:Program FilesJavajre1.6.0_01binjusched.exe

C:WINDOWSsystem32ctfmon.exe

C:Program FilesMessengermsmsgs.exe

C:Program FilesMozilla Firefoxfirefox.exe

C:WINDOWSsystem32wuauclt.exe

C:Program FilesCommon FilesMicrosoft SharedSource EngineOSE.EXE

C:WINDOWSexplorer.exe

C:WINDOWSsystem32notepad.exe

C:Documents and SettingsMadziulkaPulpitHijackThis.exe

R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://google.pl/

R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Local Page =

R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Łącza

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:Program FilesAdobeAcrobat 5.0 CEReaderActiveXAcroIEHelper.ocx

O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:Program FilesFlashGetjccatch.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:Program FilesJavajre1.6.0_01binssv.dll

O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:Program FilesFlashGetgetflash.dll

O4 - HKLM..Run: [sunJavaUpdateSched] "C:Program FilesJavajre1.6.0_01binjusched.exe"

O4 - HKCU..Run: [CTFMON.EXE] C:WINDOWSsystem32ctfmon.exe

O4 - HKCU..Run: [Gadu-Gadu] "C:Program FilesGadu-Gadugg.exe" /tray

O4 - HKCU..Run: [MSMSGS] "C:Program FilesMessengermsmsgs.exe" /background

O8 - Extra context menu item: &Ściągnij przy pomocy FlashGet'a - C:Program FilesFlashGetjc_link.htm

O8 - Extra context menu item: &Ściągnij wszystko przy pomocy FlashGet'a - C:Program FilesFlashGetjc_all.htm

O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:PROGRA~1MICROS~2OFFICE11EXCEL.EXE/3000

O8 - Extra context menu item: Pobierz z &BitSpirit - C:Program FilesBitSpiritbsurl.htm

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program FilesJavajre1.6.0_01binssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program FilesJavajre1.6.0_01binssv.dll

O9 - Extra button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:PROGRA~1MICROS~2OFFICE11REFIEBAR.DLL

O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:Program FilesFlashGetFlashGet.exe

O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:Program FilesFlashGetFlashGet.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe

O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab

O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} (MksSkanerOnline Class) - http://www.mks.com.pl/skaner/SkanerOnline.cab

Combofix

"Madziulka" - 2007-07-18 9:51:42 - ComboFix 07-07-14.6 - Dodatek Service Pack 2 FAT32

((((((((((((((((((((((((( Files Created from 2007-06-18 to 2007-07-18 )))))))))))))))))))))))))))))))

2007-07-18 09:44 51,200 --a------ C:WINDOWSnircmd.exe

2007-07-13 20:35 <DIR> d-------- C:DOCUME~1ALLUSE~1DANEAP~1Google

2007-07-12 13:11 <DIR> d-------- C:WINDOWSBDOSCAN8

2007-07-12 11:05 <DIR> d-------- C:Program FilesTeamspeak2_RC2

2007-07-01 23:05 <DIR> d-------- C:DOCUME~1MADZIU~1DANEAP~1Hamachi

2007-07-01 23:04 25,544 --a------ C:WINDOWSsystem32drivershamachi.sys

2007-07-01 23:04 <DIR> d-------- C:Program FilesHamachi

2007-06-22 18:58 <DIR> d-------- C:WINDOWSpss

2007-06-22 12:51 <DIR> d-------- C:Program FilesSubEdit-Player

2007-06-21 14:47 <DIR> d-------- C:Program FilesSteam

2007-06-21 12:26 <DIR> d-------- C:Program FilesFlashGet

2007-06-18 19:10 <DIR> d-------- C:Program FilesToniArts

2007-06-18 19:02 <DIR> d-------- C:Program FilesSkanerOnline

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

2007-07-17 20:54:00 4,000 ----a-w C:ao.dat

2007-06-17 09:56:42 -------- d-----w C:Program FilesBearShare

2007-06-16 11:04:16 1,465 ----a-w C:WINDOWSmozver.dat

2007-06-16 11:03:46 -------- d-----w C:DOCUME~1MADZIU~1DANEAP~1Real

2007-06-13 18:55:38 -------- d-----w C:DOCUME~1MADZIU~1DANEAP~1WinRAR

2007-06-13 10:51:14 49,492 ----a-w C:WINDOWSsystem32perfc015.dat

2007-06-13 10:51:14 355,486 ----a-w C:WINDOWSsystem32perfh015.dat

2007-06-11 18:05:44 -------- d-----w C:Program FilesBitSpirit

2007-06-10 17:40:22 -------- d-----w C:DOCUME~1MADZIU~1DANEAP~1teamspeak2

2007-06-08 13:39:44 -------- d-----w C:Program FilesMySearch

2007-06-08 13:37:54 -------- d-----w C:Program FilesGameSpy Arcade

2007-06-08 13:37:04 -------- d-----w C:DOCUME~1MADZIU~1DANEAP~1InterTrust

2007-06-08 13:22:32 -------- d--h--w C:Program FilesInstallShield Installation Information

2007-06-08 13:22:32 -------- d-----w C:Program FilesJoWood

2007-06-08 13:22:10 -------- d-----w C:Program FilesCommon FilesInstallShield

2007-06-08 11:30:54 -------- d-----w C:Program FilesSiS7012

2007-06-08 11:22:30 -------- d-----w C:Program FilesWinamp

2007-06-08 11:17:42 0 ----a-w C:WINDOWSnsreg.dat

2007-06-08 11:16:26 -------- d-----w C:DOCUME~1MADZIU~1DANEAP~1Gadu-Gadu

2007-06-08 11:14:10 -------- d-----w C:Program FilesGadu-Gadu

2007-06-08 10:49:00 -------- d-----w C:Program Filesmicrosoft frontpage

2007-06-08 10:48:12 0 --sha-r C:MSDOS.SYS

2007-06-08 10:48:12 0 --sha-r C:IO.SYS

2007-06-08 10:48:12 0 ----a-w C:CONFIG.SYS

2007-06-08 10:48:12 0 ----a-w C:AUTOEXEC.BAT

2007-06-08 10:45:30 -------- d--h--w C:Program FilesWindowsUpdate

2007-06-08 10:45:24 -------- d-----w C:Program FilesUsługi online

2007-06-08 10:44:18 -------- d-----w C:Program FilesCommon FilesMSSoap

2007-06-08 10:44:02 -------- d-----w C:Program FilesMovie Maker

2007-06-08 10:42:24 21,856 ----a-w C:WINDOWSsystem32emptyregdb.dat

2007-06-08 10:41:34 -------- d-----w C:Program FilesMessenger

2007-06-08 10:41:30 -------- d-----w C:Program FilesMSN Gaming Zone

2007-06-08 10:40:56 -------- d-----w C:Program FilesWindows NT

2007-06-08 10:26:48 -------- d-----w C:Program FilesCommon FilesODBC

2007-06-08 10:26:42 -------- d-----w C:Program FilesCommon FilesSpeechEngines

2007-05-16 15:18:58 683,520 ----a-w C:WINDOWSsystem32inetcomm.dll

2007-04-25 14:23:30 144,896 ----a-w C:WINDOWSsystem32schannel.dll

2007-04-18 16:14:32 2,854,400 ----a-w C:WINDOWSsystem32msi.dll

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE~Browser Helper Objects{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]

2001-04-16 18:39 37808 --a------ C:Program FilesAdobeAcrobat 5.0 CEReaderActiveXAcroIEHelper.ocx

[HKEY_LOCAL_MACHINE~Browser Helper Objects{2F364306-AA45-47B5-9F9D-39A8B94E7EF7}]

2007-05-16 11:03 94308 --a------ C:Program FilesFlashGetjccatch.dll

[HKEY_LOCAL_MACHINE~Browser Helper Objects{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]

2007-03-14 03:43 501400 --a------ C:Program FilesJavajre1.6.0_01binssv.dll

[HKEY_LOCAL_MACHINE~Browser Helper Objects{F156768E-81EF-470C-9057-481BA8380DBA}]

2007-05-16 07:05 163840 --a------ C:Program FilesFlashGetgetflash.dll

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun]

"SunJavaUpdateSched"="C:Program FilesJavajre1.6.0_01binjusched.exe" [2007-03-14 03:43]

[HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRun]

"CTFMON.EXE"="C:WINDOWSsystem32ctfmon.exe" [2004-08-03 22:44]

"Gadu-Gadu"="C:Program FilesGadu-Gadugg.exe" [2007-05-10 16:36]

"MSMSGS"="C:Program FilesMessengermsmsgs.exe" [2004-10-13 18:24]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregFlashget]

"C:Program FilesFlashGetFlashGet.exe" /min

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregWinampAgent]

C:Program FilesWinampwinampa.exe

**************************************************************************

catchme 0.3.915 W2K/XP/Vista - rootkit detector by Gmer, http://www.gmer.net

Rootkit scan 2007-07-18 09:53:29

Windows 5.1.2600 Dodatek Service Pack 2 FAT NTAPI

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully

hidden files: 0

**************************************************************************

Completion time: 2007-07-18 9:54:18

--- E O F ---

CatchMe

CatchMe

komentarz
komentarz

C:Program FilesMySearch - znasz? Jeżeli nie to kasujesz ten folder.

Poza tym logi czyste. :)

luko

luko

komentarz
  • Autor
komentarz

Dzieki za pomoc , coś pomoglo ciekawe czy na dlugo ;]

Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!

Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.

Zadaj pytanie bez logowania
Przejdź do listy tematów
×
×
  • Dodaj nową pozycję...

Powiadomienie o plikach cookie

Strona wykorzystuje pliki cookies w celu prawidłowego świadczenia usług i wygody użytkowników. Warunki przechowywania i dostępu do plików cookies możesz zmienić w ustawieniach przeglądarki.

  Akceptuję