luko utworzono 17 lipca 2007 utworzono 17 lipca 2007 Witam Moj problem polega na tym ze mam lagi w grach a takze nieraz mi muli neta. Moze jestescie w stanie temu zaradzić :> Logfile of HijackThis v1.99.1Scan saved at 15:09:25, on 2007-07-17 Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:WINDOWSSystem32smss.exe C:WINDOWSsystem32winlogon.exe C:WINDOWSsystem32services.exe C:WINDOWSsystem32lsass.exe C:WINDOWSsystem32svchost.exe C:WINDOWSSystem32svchost.exe C:WINDOWSExplorer.EXE C:WINDOWSsystem32spoolsv.exe C:Program FilesJavajre1.6.0_01binjusched.exe C:WINDOWSsystem32ctfmon.exe C:Program FilesMessengermsmsgs.exe C:Program FilesMozilla Firefoxfirefox.exe C:WINDOWSsystem32wuauclt.exe C:Documents and SettingsMadziulkaPulpitHijackThis.exe R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://google.pl/ R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Local Page = R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Łącza O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:Program FilesAdobeAcrobat 5.0 CEReaderActiveXAcroIEHelper.ocx O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:Program FilesFlashGetjccatch.dll O2 - BHO: My Global Search Bar BHO - {37B85A21-692B-4205-9CAD-2626E4993404} - C:Program FilesMyGlobalSearchbar1.binMGSBAR.DLL O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:Program FilesJavajre1.6.0_01binssv.dll O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:Program FilesFlashGetgetflash.dll O3 - Toolbar: My Global Search Bar - {37B85A29-692B-4205-9CAD-2626E4993404} - C:Program FilesMyGlobalSearchbar1.binMGSBAR.DLL O4 - HKLM..Run: [sunJavaUpdateSched] "C:Program FilesJavajre1.6.0_01binjusched.exe" O4 - HKCU..Run: [CTFMON.EXE] C:WINDOWSsystem32ctfmon.exe O4 - HKCU..Run: [Gadu-Gadu] "C:Program FilesGadu-Gadugg.exe" /tray O4 - HKCU..Run: [MSMSGS] "C:Program FilesMessengermsmsgs.exe" /background O8 - Extra context menu item: &Ściągnij przy pomocy FlashGet'a - C:Program FilesFlashGetjc_link.htm O8 - Extra context menu item: &Ściągnij wszystko przy pomocy FlashGet'a - C:Program FilesFlashGetjc_all.htm O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:PROGRA~1MICROS~2OFFICE11EXCEL.EXE/3000 O8 - Extra context menu item: Pobierz z &BitSpirit - C:Program FilesBitSpiritbsurl.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program FilesJavajre1.6.0_01binssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program FilesJavajre1.6.0_01binssv.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%bdoscandel.exe (file missing) O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%bdoscandel.exe (file missing) O9 - Extra button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:PROGRA~1MICROS~2OFFICE11REFIEBAR.DLL O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:Program FilesFlashGetFlashGet.exe O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:Program FilesFlashGetFlashGet.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B7D41EF1CB52} - C:Program FilesAWSWeatherBugWeather.exe (file missing) (HKCU) O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} (MksSkanerOnline Class) - http://www.mks.com.pl/skaner/SkanerOnline.cab "Silent Runners.vbs", revision R50, http://www.silentrunners.org/Operating System: Windows XP SP2 Output limited to non-default values, except where indicated by "{++}" Startup items buried in registry: --------------------------------- HKCUSoftwareMicrosoftWindowsCurrentVersionRun {++} "CTFMON.EXE" = "C:WINDOWSsystem32ctfmon.exe" [MS] "Gadu-Gadu" = ""C:Program FilesGadu-Gadugg.exe" /tray" ["Gadu-Gadu S.A."] "MSMSGS" = ""C:Program FilesMessengermsmsgs.exe" /background" [MS] HKLMSoftwareMicrosoftWindowsCurrentVersionRun {++} "SunJavaUpdateSched" = ""C:Program FilesJavajre1.6.0_01binjusched.exe"" ["Sun Microsystems, Inc."] HKLMSoftwareMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}(Default) = (no title provided) -> {HKLM...CLSID} = "AcroIEHlprObj Class" InProcServer32(Default) = "C:Program FilesAdobeAcrobat 5.0 CEReaderActiveXAcroIEHelper.ocx" [empty string] {2F364306-AA45-47B5-9F9D-39A8B94E7EF7}(Default) = "flashget urlcatch" -> {HKLM...CLSID} = "FGCatchUrl" InProcServer32(Default) = "C:Program FilesFlashGetjccatch.dll" ["www.flashget.com"] {37B85A21-692B-4205-9CAD-2626E4993404}(Default) = "My Global Search Bar BHO" -> {HKLM...CLSID} = "My Global Search Bar BHO" InProcServer32(Default) = "C:Program FilesMyGlobalSearchbar1.binMGSBAR.DLL" ["My Global Search"] {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}(Default) = (no title provided) -> {HKLM...CLSID} = "SSVHelper Class" InProcServer32(Default) = "C:Program FilesJavajre1.6.0_01binssv.dll" ["Sun Microsystems, Inc."] {F156768E-81EF-470C-9057-481BA8380DBA}(Default) = (no title provided) -> {HKLM...CLSID} = "FlashGet GetFlash Class" InProcServer32(Default) = "C:Program FilesFlashGetgetflash.dll" ["www.flashget.com"] HKLMSoftwareMicrosoftWindowsCurrentVersionShell ExtensionsApproved "{42071714-76d4-11d1-8b24-00a0c9068ff3}" = "Rozszerzenie CPL kadrowania wyświetlania" -> {HKLM...CLSID} = "Rozszerzenie CPL kadrowania wyświetlania" InProcServer32(Default) = "deskpan.dll" [file not found] "{88895560-9AA2-1069-930E-00AA0030EBC8}" = "Rozszerzenie ikony HyperTerminalu" -> {HKLM...CLSID} = "HyperTerminal Icon Ext" InProcServer32(Default) = "C:WINDOWSsystem32hticons.dll" ["Hilgraeve, Inc."] "{42042206-2D85-11D3-8CFF-005004838597}" = "Microsoft Office HTML Icon Handler" -> {HKLM...CLSID} = (no title provided) InProcServer32(Default) = "C:Program FilesMicrosoft OfficeOFFICE11msohev.dll" [MS] "{B41DB860-8EE4-11D2-9906-E49FADC173CA}" = "WinRAR shell extension" -> {HKLM...CLSID} = "WinRAR" InProcServer32(Default) = "C:Program FilesWinRARrarext.dll" [null data] HKLMSoftwareClassesPROTOCOLSFilter <<!>> text/xmlCLSID = "{807553E5-5146-11D5-A672-00B0D022E945}" -> {HKLM...CLSID} = (no title provided) InProcServer32(Default) = "C:Program FilesCommon FilesMicrosoft SharedOFFICE11MSOXMLMF.DLL" [MS] HKLMSoftwareClasses*shellexContextMenuHandlers WinRAR(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}" -> {HKLM...CLSID} = "WinRAR" InProcServer32(Default) = "C:Program FilesWinRARrarext.dll" [null data] HKLMSoftwareClassesDirectoryshellexContextMenuHandlers WinRAR(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}" -> {HKLM...CLSID} = "WinRAR" InProcServer32(Default) = "C:Program FilesWinRARrarext.dll" [null data] HKLMSoftwareClassesFoldershellexContextMenuHandlers WinRAR(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}" -> {HKLM...CLSID} = "WinRAR" InProcServer32(Default) = "C:Program FilesWinRARrarext.dll" [null data] Group Policies {GPedit.msc branch and setting}: ----------------------------------------------- Note: detected settings may not have any effect. HKLMSoftwareMicrosoftWindowsCurrentVersionPoliciesSystem "shutdownwithoutlogon" = (REG_DWORD) hex:0x00000001 {Computer Configuration|Windows Settings|Security Settings|Local Policies|Security Options| Shutdown: Allow system to be shut down without having to log on} "undockwithoutlogon" = (REG_DWORD) hex:0x00000001 {Computer Configuration|Windows Settings|Security Settings|Local Policies|Security Options| Devices: Allow undock without having to log on} Active Desktop and Wallpaper: ----------------------------- Active Desktop may be disabled at this entry: HKCUSoftwareMicrosoftWindowsCurrentVersionExplorerShellState Displayed if Active Desktop enabled and wallpaper not set by Group Policy: HKCUSoftwareMicrosoftInternet ExplorerDesktopGeneral "Wallpaper" = "C:WINDOWSsystem32configsystemprofileUstawienia lokalneDane aplikacjiMicrosoftWallpaper1.bmp" Displayed if Active Desktop disabled and wallpaper not set by Group Policy: HKCUControl PanelDesktop "Wallpaper" = "C:Documents and SettingsMadziulkaUstawienia lokalneDane aplikacjiMicrosoftWallpaper1.bmp" Enabled Screen Saver: --------------------- HKCUControl PanelDesktop "SCRNSAVE.EXE" = "C:WINDOWSsystem32logon.scr" [MS] Winsock2 Service Provider DLLs: ------------------------------- Namespace Service Providers HKLMSystemCurrentControlSetServicesWinsock2ParametersNameSpace_Catalog5Catalog_E tries {++} 000000000001LibraryPath = "%SystemRoot%System32mswsock.dll" [MS] 000000000002LibraryPath = "%SystemRoot%System32winrnr.dll" [MS] 000000000003LibraryPath = "%SystemRoot%System32mswsock.dll" [MS] Transport Service Providers HKLMSystemCurrentControlSetServicesWinsock2ParametersProtocol_Catalog9Catalog_En ries {++} 0000000000##PackedCatalogItem (contains) DLL [Company Name], (at) ## range: %SystemRoot%system32mswsock.dll [MS], 01 - 03, 06 - 13 %SystemRoot%system32rsvpsp.dll [MS], 04 - 05 Toolbars, Explorer Bars, Extensions: ------------------------------------ Toolbars HKCUSoftwareMicrosoftInternet ExplorerToolbarWebBrowser "{37B85A29-692B-4205-9CAD-2626E4993404}" -> {HKLM...CLSID} = "My Global Search Bar" InProcServer32(Default) = "C:Program FilesMyGlobalSearchbar1.binMGSBAR.DLL" ["My Global Search"] HKLMSoftwareMicrosoftInternet ExplorerToolbar "{37B85A29-692B-4205-9CAD-2626E4993404}" = (no title provided) -> {HKLM...CLSID} = "My Global Search Bar" InProcServer32(Default) = "C:Program FilesMyGlobalSearchbar1.binMGSBAR.DLL" ["My Global Search"] Explorer Bars HKLMSoftwareMicrosoftInternet ExplorerExplorer Bars HKLMSoftwareClassesCLSID{FF059E31-CC5A-4E2E-BF3B-96E929D65503}(Default) = "&Badanie" Implemented Categories{00021493-0000-0000-C000-000000000046} [vertical bar] InProcServer32(Default) = "C:PROGRA~1MICROS~2OFFICE11REFIEBAR.DLL" [MS] Extensions (Tools menu items, main toolbar menu buttons) HKCUSoftwareMicrosoftInternet ExplorerExtensions {AF6CABAB-61F9-4F12-A198-B7D41EF1CB52} "ButtonText" = "WeatherBug" "CLSIDExtension" = "{AF6CABAB-61F9-4f12-A198-B7D41EF1CB52}" "Exec" = "C:Program FilesAWSWeatherBugWeather.exe" [file not found] HKLMSoftwareMicrosoftInternet ExplorerExtensions {08B0E5C0-4FCB-11CF-AAA5-00401C608501} "MenuText" = "Sun Java Console" "CLSIDExtension" = "{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBC}" -> {HKCU...CLSID} = "Java Plug-in 1.6.0_01" InProcServer32(Default) = "C:Program FilesJavajre1.6.0_01binssv.dll" ["Sun Microsystems, Inc."] -> {HKLM...CLSID} = "Java Plug-in 1.6.0_01" InProcServer32(Default) = "C:Program FilesJavajre1.6.0_01binnpjpi160_01.dll" ["Sun Microsystems, Inc."] {85D1F590-48F4-11D9-9669-0800200C9A66} "MenuText" = "Uninstall BitDefender Online Scanner v8" "Exec" = "%windir%bdoscandel.exe" [file not found] {92780B25-18CC-41C8-B9BE-3C9C571A8263} "ButtonText" = "Badanie" {D6E814A0-E0C5-11D4-8D29-0050BA6940E3} "ButtonText" = "FlashGet" "MenuText" = "FlashGet" "Exec" = "C:Program FilesFlashGetFlashGet.exe" ["FlashGet.com"] {FB5F1910-F110-11D2-BB9E-00C04F795683} "ButtonText" = "Messenger" "MenuText" = "Windows Messenger" "Exec" = "C:Program FilesMessengermsmsgs.exe" [MS] Print Monitors: --------------- HKLMSystemCurrentControlSetControlPrintMonitors Microsoft Document Imaging Writer MonitorDriver = "mdimon.dll" [MS] ---------- <<!>>: Suspicious data at a malware launch point. + This report excludes default entries except where indicated. + To see *everywhere* the script checks and *everything* it finds, launch it from a command prompt or a shortcut with the -all parameter. + The search for DESKTOP.INI DLL launch points on all local fixed drives took 41 seconds. ---------- (total run time: 147 seconds)
CatchMe komentarz 18 lipca 2007 komentarz 18 lipca 2007 Pogrubione foldery usuń z dysku, a wpisy skasuj w HijackThis: O2 - BHO: My Global Search Bar BHO - {37B85A21-692B-4205-9CAD-2626E4993404} - C:Program FilesMyGlobalSearchbar1.binMGSBAR.DLL O3 - Toolbar: My Global Search Bar - {37B85A29-692B-4205-9CAD-2626E4993404} - C:Program FilesMyGlobalSearchbar1.binMGSBAR.DLL O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%bdoscandel.exe (file missing) O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%bdoscandel.exe (file missing) O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B7D41EF1CB52} - C:Program FilesAWSWeatherBugWeather.exe (file missing) (HKCU) - Następnie wklejasz logi z HijackThis i ComboFix
luko komentarz 18 lipca 2007 Autor komentarz 18 lipca 2007 Hijackthis Logfile of HijackThis v1.99.1Scan saved at 09:54:41, on 2007-07-18 Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:WINDOWSSystem32smss.exe C:WINDOWSsystem32winlogon.exe C:WINDOWSsystem32services.exe C:WINDOWSsystem32lsass.exe C:WINDOWSsystem32svchost.exe C:WINDOWSSystem32svchost.exe C:WINDOWSsystem32spoolsv.exe C:Program FilesJavajre1.6.0_01binjusched.exe C:WINDOWSsystem32ctfmon.exe C:Program FilesMessengermsmsgs.exe C:Program FilesMozilla Firefoxfirefox.exe C:WINDOWSsystem32wuauclt.exe C:Program FilesCommon FilesMicrosoft SharedSource EngineOSE.EXE C:WINDOWSexplorer.exe C:WINDOWSsystem32notepad.exe C:Documents and SettingsMadziulkaPulpitHijackThis.exe R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://google.pl/ R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Local Page = R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Łącza O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:Program FilesAdobeAcrobat 5.0 CEReaderActiveXAcroIEHelper.ocx O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:Program FilesFlashGetjccatch.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:Program FilesJavajre1.6.0_01binssv.dll O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:Program FilesFlashGetgetflash.dll O4 - HKLM..Run: [sunJavaUpdateSched] "C:Program FilesJavajre1.6.0_01binjusched.exe" O4 - HKCU..Run: [CTFMON.EXE] C:WINDOWSsystem32ctfmon.exe O4 - HKCU..Run: [Gadu-Gadu] "C:Program FilesGadu-Gadugg.exe" /tray O4 - HKCU..Run: [MSMSGS] "C:Program FilesMessengermsmsgs.exe" /background O8 - Extra context menu item: &Ściągnij przy pomocy FlashGet'a - C:Program FilesFlashGetjc_link.htm O8 - Extra context menu item: &Ściągnij wszystko przy pomocy FlashGet'a - C:Program FilesFlashGetjc_all.htm O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:PROGRA~1MICROS~2OFFICE11EXCEL.EXE/3000 O8 - Extra context menu item: Pobierz z &BitSpirit - C:Program FilesBitSpiritbsurl.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program FilesJavajre1.6.0_01binssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program FilesJavajre1.6.0_01binssv.dll O9 - Extra button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:PROGRA~1MICROS~2OFFICE11REFIEBAR.DLL O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:Program FilesFlashGetFlashGet.exe O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:Program FilesFlashGetFlashGet.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} (MksSkanerOnline Class) - http://www.mks.com.pl/skaner/SkanerOnline.cab Combofix "Madziulka" - 2007-07-18 9:51:42 - ComboFix 07-07-14.6 - Dodatek Service Pack 2 FAT32 ((((((((((((((((((((((((( Files Created from 2007-06-18 to 2007-07-18 ))))))))))))))))))))))))))))))) 2007-07-18 09:44 51,200 --a------ C:WINDOWSnircmd.exe 2007-07-13 20:35 <DIR> d-------- C:DOCUME~1ALLUSE~1DANEAP~1Google 2007-07-12 13:11 <DIR> d-------- C:WINDOWSBDOSCAN8 2007-07-12 11:05 <DIR> d-------- C:Program FilesTeamspeak2_RC2 2007-07-01 23:05 <DIR> d-------- C:DOCUME~1MADZIU~1DANEAP~1Hamachi 2007-07-01 23:04 25,544 --a------ C:WINDOWSsystem32drivershamachi.sys 2007-07-01 23:04 <DIR> d-------- C:Program FilesHamachi 2007-06-22 18:58 <DIR> d-------- C:WINDOWSpss 2007-06-22 12:51 <DIR> d-------- C:Program FilesSubEdit-Player 2007-06-21 14:47 <DIR> d-------- C:Program FilesSteam 2007-06-21 12:26 <DIR> d-------- C:Program FilesFlashGet 2007-06-18 19:10 <DIR> d-------- C:Program FilesToniArts 2007-06-18 19:02 <DIR> d-------- C:Program FilesSkanerOnline (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) 2007-07-17 20:54:00 4,000 ----a-w C:ao.dat 2007-06-17 09:56:42 -------- d-----w C:Program FilesBearShare 2007-06-16 11:04:16 1,465 ----a-w C:WINDOWSmozver.dat 2007-06-16 11:03:46 -------- d-----w C:DOCUME~1MADZIU~1DANEAP~1Real 2007-06-13 18:55:38 -------- d-----w C:DOCUME~1MADZIU~1DANEAP~1WinRAR 2007-06-13 10:51:14 49,492 ----a-w C:WINDOWSsystem32perfc015.dat 2007-06-13 10:51:14 355,486 ----a-w C:WINDOWSsystem32perfh015.dat 2007-06-11 18:05:44 -------- d-----w C:Program FilesBitSpirit 2007-06-10 17:40:22 -------- d-----w C:DOCUME~1MADZIU~1DANEAP~1teamspeak2 2007-06-08 13:39:44 -------- d-----w C:Program FilesMySearch 2007-06-08 13:37:54 -------- d-----w C:Program FilesGameSpy Arcade 2007-06-08 13:37:04 -------- d-----w C:DOCUME~1MADZIU~1DANEAP~1InterTrust 2007-06-08 13:22:32 -------- d--h--w C:Program FilesInstallShield Installation Information 2007-06-08 13:22:32 -------- d-----w C:Program FilesJoWood 2007-06-08 13:22:10 -------- d-----w C:Program FilesCommon FilesInstallShield 2007-06-08 11:30:54 -------- d-----w C:Program FilesSiS7012 2007-06-08 11:22:30 -------- d-----w C:Program FilesWinamp 2007-06-08 11:17:42 0 ----a-w C:WINDOWSnsreg.dat 2007-06-08 11:16:26 -------- d-----w C:DOCUME~1MADZIU~1DANEAP~1Gadu-Gadu 2007-06-08 11:14:10 -------- d-----w C:Program FilesGadu-Gadu 2007-06-08 10:49:00 -------- d-----w C:Program Filesmicrosoft frontpage 2007-06-08 10:48:12 0 --sha-r C:MSDOS.SYS 2007-06-08 10:48:12 0 --sha-r C:IO.SYS 2007-06-08 10:48:12 0 ----a-w C:CONFIG.SYS 2007-06-08 10:48:12 0 ----a-w C:AUTOEXEC.BAT 2007-06-08 10:45:30 -------- d--h--w C:Program FilesWindowsUpdate 2007-06-08 10:45:24 -------- d-----w C:Program FilesUsługi online 2007-06-08 10:44:18 -------- d-----w C:Program FilesCommon FilesMSSoap 2007-06-08 10:44:02 -------- d-----w C:Program FilesMovie Maker 2007-06-08 10:42:24 21,856 ----a-w C:WINDOWSsystem32emptyregdb.dat 2007-06-08 10:41:34 -------- d-----w C:Program FilesMessenger 2007-06-08 10:41:30 -------- d-----w C:Program FilesMSN Gaming Zone 2007-06-08 10:40:56 -------- d-----w C:Program FilesWindows NT 2007-06-08 10:26:48 -------- d-----w C:Program FilesCommon FilesODBC 2007-06-08 10:26:42 -------- d-----w C:Program FilesCommon FilesSpeechEngines 2007-05-16 15:18:58 683,520 ----a-w C:WINDOWSsystem32inetcomm.dll 2007-04-25 14:23:30 144,896 ----a-w C:WINDOWSsystem32schannel.dll 2007-04-18 16:14:32 2,854,400 ----a-w C:WINDOWSsystem32msi.dll ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE~Browser Helper Objects{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] 2001-04-16 18:39 37808 --a------ C:Program FilesAdobeAcrobat 5.0 CEReaderActiveXAcroIEHelper.ocx [HKEY_LOCAL_MACHINE~Browser Helper Objects{2F364306-AA45-47B5-9F9D-39A8B94E7EF7}] 2007-05-16 11:03 94308 --a------ C:Program FilesFlashGetjccatch.dll [HKEY_LOCAL_MACHINE~Browser Helper Objects{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] 2007-03-14 03:43 501400 --a------ C:Program FilesJavajre1.6.0_01binssv.dll [HKEY_LOCAL_MACHINE~Browser Helper Objects{F156768E-81EF-470C-9057-481BA8380DBA}] 2007-05-16 07:05 163840 --a------ C:Program FilesFlashGetgetflash.dll [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun] "SunJavaUpdateSched"="C:Program FilesJavajre1.6.0_01binjusched.exe" [2007-03-14 03:43] [HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRun] "CTFMON.EXE"="C:WINDOWSsystem32ctfmon.exe" [2004-08-03 22:44] "Gadu-Gadu"="C:Program FilesGadu-Gadugg.exe" [2007-05-10 16:36] "MSMSGS"="C:Program FilesMessengermsmsgs.exe" [2004-10-13 18:24] [HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregFlashget] "C:Program FilesFlashGetFlashGet.exe" /min [HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregWinampAgent] C:Program FilesWinampwinampa.exe ************************************************************************** catchme 0.3.915 W2K/XP/Vista - rootkit detector by Gmer, http://www.gmer.net Rootkit scan 2007-07-18 09:53:29 Windows 5.1.2600 Dodatek Service Pack 2 FAT NTAPI scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** Completion time: 2007-07-18 9:54:18 --- E O F ---
CatchMe komentarz 18 lipca 2007 komentarz 18 lipca 2007 C:Program FilesMySearch - znasz? Jeżeli nie to kasujesz ten folder. Poza tym logi czyste.
luko komentarz 18 lipca 2007 Autor komentarz 18 lipca 2007 Dzieki za pomoc , coś pomoglo ciekawe czy na dlugo
Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!
Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.