x-kom hosting

Pomoże mi ktoś?

Kamashi
utworzono
utworzono (edytowane)

Witam, wczoraj cos musialo sie stac, bo dzisiaj wlaczam komputer a tu nie ma zadnych ikonek... NIC pusto tylko tapeta. W internet wszedlem poprzez menedzera zadan i mam dostep do wszystkich plikow przez tego menadzera zadan teraz nie wiem co zrobic zeby przywrocic te wszystkie foldery .. prosze o jak najszybsza pomoc!

log z hijackthisa

CYTAT

Logfile of HijackThis v1.99.1

Scan saved at 12:22:07, on 2008-03-01

Platform: Windows XP Dodatek SP. 1 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\HPZipm12.exe

C:\WINDOWS\System32\taskmgr.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Documents and Settings\Don\Pulpit\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.pl/

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza

R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\idm\IDMIECC.dll

O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {206E52E0-D52E-11D4-AD54-0000E86C26F6} - C:\PROGRA~1\FreshDevices\FreshDownload\fdcatch.dll

O2 - BHO: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MegauploadToolbar\megauploadtoolbar.dll

O2 - BHO: Peer2Mail Toolbar Helper - {4FB971C4-99FB-480d-BA3F-55B8263010FB} - C:\Program Files\Peer2Mail Toolbar\v2.0.0.0\Peer2Mail_Toolbar.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

O3 - Toolbar: Peer2Mail Toolbar - {43F2A7F9-06F6-48a5-B0DC-8530BF29CE66} - C:\Program Files\Peer2Mail Toolbar\v2.0.0.0\Peer2Mail_Toolbar.dll

O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)

O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\system32\msdxm.ocx

O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto

O4 - HKCU\..\Run: [iDMan] C:\idm\IDMan.exe /onboot

O4 - Startup: ctfmon.exe

O8 - Extra context menu item: Download All Links with IDM - C:\idm\IEGetAll.htm

O8 - Extra context menu item: Download FLV video content with IDM - C:\idm\IEGetVL.htm

O8 - Extra context menu item: Download with IDM - C:\idm\IEExt.htm

O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm

O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm

O17 - HKLM\System\CCS\Services\Tcpip\..\{91E88758-D61D-4611-B466-5D0B93FEA469}: NameServer = 192.168.1.1,194.204.159.1

O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll

O20 - Winlogon Notify: WBSrv - C:\PROGRA~1\Stardock\Object Desktop\WindowBlinds\wbsrv.dll

O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe

A tu log z combofix:

ComboFix 08-03-01.3 - Don 2008-03-01 14:07:31.2 - NTFSx86

Running from: C:\Documents and Settings\Don\Pulpit\ComboFix.exe

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED excl.gif

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

.#BR_R

PLACE#---- Previous Run -------

.

C:\WINDOWS\system32\drivers\npf.sys

C:\WINDOWS\system32\packet.dll

C:\WINDOWS\system32\pthreadVC.dll

C:\WINDOWS\system32\wanpacket.dll

C:\WINDOWS\system32\wpcap.dll

.

(((((((((((((((((((((((((((((

((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

.#BR_RE

LACE#-------\LEGACY_NPF

-------\NPF

((((((((((((

(((((((((((( Files Created from 2008-02-01 to 2008-03-01 )))))))))))))))))))))))))))))))

.

2008-03-01 12:53 . 2008-03-01 12:53 <DIR> d-------- C:\Program Files\Vista Drive Icon

2008-03-01 12:02 . 2008-03-01 12:02 <DIR> d-------- C:\Program Files\Registry Repair 2006

2008-03-01 00:43 . 2008-03-01 00:43 <DIR> d-------- C:\VTPFiles

2008-03-01 00:42 . 2005-05-18 11:43 81,920 --a------ C:\WINDOWS\system32\CloseApp.exe

2008-03-01 00:10 . 2008-03-01 00:10 <DIR> d-------- C:\Program Files\Common Files\Stardock

2008-03-01 00:10 . 2004-04-26 13:47 163,456 --a------ C:\WINDOWS\system32\drivers\vidstub.sys

2008-03-01 00:06 . 2008-03-01 00:06 0 --a------ C:\WINDOWS\WB.ini

2008-02-29 23:57 . 2008-03-01 00:10 <DIR> d-------- C:\Program Files\Stardock

2008-02-29 23:57 . 2003-02-26 20:27 36,864 --a------ C:\WINDOWS\system32\wbsys.dll

2008-02-29 23:57 . 2005-01-22 18:05 20,480 --a------ C:\WINDOWS\system32\wbload.dll

2008-02-27 20:09 . 2008-02-27 20:10 <DIR> d-------- C:\Program Files\18 Wheels of Steel Haulin

2008-02-25 23:53 . 2008-02-27 16:47 <DIR> d-------- C:\idm

2008-02-25 18:31 . 2008-02-25 18:31 <DIR> d-------- C:\Program Files\D-Tools

2008-02-25 18:31 . 2004-08-22 16:31 155,136 --a------ C:\WINDOWS\system32\drivers\d347bus.sys

2008-02-25 18:31 . 2004-08-22 16:31 5,248 --a------ C:\WINDOWS\system32\drivers\d347prt.sys

2008-02-25 17:35 . 2008-02-25 17:35 <DIR> d-------- C:\GAMES

2008-02-24 23:36 . 2008-02-24 23:36 <DIR> d-------- C:\Program Files\Budzik

2008-02-24 20:09 . 2008-02-24 20:09 416,530 ---h----- C:\treeinfo.wc

2008-02-24 19:39 . 2008-02-27 18:07 313 --a------ C:\WINDOWS\wcx_ftp.ini

2008-02-24 19:35 . 2008-02-24 19:35 <DIR> d-------- C:\totalcmd

2008-02-24 19:35 . 2008-02-27 18:07 1,379 --a------ C:\WINDOWS\wincmd.ini

2008-02-24 19:35 . 2007-09-14 07:02 545 --a------ C:\WINDOWS\UC.PIF

2008-02-24 19:35 . 2007-09-14 07:02 545 --a------ C:\WINDOWS\RAR.PIF

2008-02-24 19:35 . 2007-09-14 07:02 545 --a------ C:\WINDOWS\PKZIP.PIF

2008-02-24 19:35 . 2007-09-14 07:02 545 --a------ C:\WINDOWS\PKUNZIP.PIF

2008-02-24 19:35 . 2007-09-14 07:02 545 --a------ C:\WINDOWS\NOCLOSE.PIF

2008-02-24 19:35 . 2007-09-14 07:02 545 --a------ C:\WINDOWS\LHA.PIF

2008-02-24 19:35 . 2007-09-14 07:02 545 --a------ C:\WINDOWS\ARJ.PIF

2008-02-24 12:56 . 2008-02-27 19:38 <DIR> d-------- C:\Program Files\Dachshund Software

2008-02-24 12:56 . 2008-02-27 12:17 257 --ah----- C:\WINDOWS\wininf.dat

2008-02-24 10:14 . 2008-02-24 10:44 <DIR> dr-hs---- C:\Recycled

2008-02-24 10:14 . 2008-02-24 10:14 123 -r-hs---- C:\autorun.inf

2008-02-23 23:26 . 2008-02-29 16:41 38 --a------ C:\WINDOWS\avisplitter.INI

2008-02-23 15:23 . 2008-02-23 15:23 43,520 --a------ C:\WINDOWS\system32\CmdLineExt03.dll

2008-02-23 00:42 . 2008-02-23 00:42 <DIR> d-------- C:\WINDOWS\speech

2008-02-22 20:01 . 2008-02-22 20:31 <DIR> d-------- C:\Tibia Auto

2008-02-22 19:57 . 2008-02-22 19:58 <DIR> d-------- C:\tibia 8.1

2008-02-22 01:12 . 2008-02-22 01:12 <DIR> d-------- C:\Documents and Settings\Don\Dane aplikacji\DivX

2008-02-21 23:45 . 2008-02-24 16:22 <DIR> d-------- C:\www

2008-02-21 23:00 . 2008-02-21 23:00 <DIR> d-------- C:\Program Files\Microsoft Expression

2008-02-21 19:17 . 2008-02-21 19:26 <DIR> d-------- C:\WINDOWS\system32\XPSViewer

2008-02-21 19:16 . 2008-02-21 19:16 <DIR> d-------- C:\Program Files\Reference Assemblies

2008-02-21 19:15 . 2006-06-29 13:07 14,048 --------- C:\WINDOWS\system32\spmsg2.dll

2008-02-19 22:41 . 2008-02-19 22:41 <DIR> d-------- C:\Documents and Settings\Don\Dane aplikacji\Sony

2008-02-19 22:03 . 2008-02-19 22:03 <DIR> d-------- C:\Documents and Settings\Don\Dane aplikacji\Publish Providers

2008-02-19 22:03 . 2008-02-19 22:03 <DIR> d-------- C:\Documents and Settings\Don\Dane aplikacji\NetMedia Providers

2008-02-19 22:00 . 2008-02-27 19:45 <DIR> d-------- C:\Program Files\Sony

2008-02-19 21:59 . 2008-02-19 21:59 <DIR> d-------- C:\Program Files\Sony Setup

2008-02-19 19:58 . 2007-12-10 14:53 81,288 --a------ C:\WINDOWS\system32\drivers\iksyssec.sys

2008-02-19 19:58 . 2007-12-10 14:53 66,952 --a------ C:\WINDOWS\system32\drivers\iksysflt.sys

2008-02-19 19:58 . 2007-12-10 14:53 41,864 --a------ C:\WINDOWS\system32\drivers\ikfilesec.sys

2008-02-19 19:58 . 2007-12-10 14:53 29,576 --a------ C:\WINDOWS\system32\drivers\kcom.sys

2008-02-19 19:57 . 2008-02-21 15:09 <DIR> d-------- C:\Program Files\Spyware Doctor

2008-02-19 19:57 . 2008-02-19 19:57 <DIR> d-------- C:\Documents and Settings\Don\Dane aplikacji\PC Tools

2008-02-19 18:40 . 2008-02-19 22:25 <DIR> d-------- C:\Program Files\Unlocker

2008-02-18 00:27 . 2008-02-18 00:27 <DIR> d-------- C:\Program Files\Tasker

2008-02-17 20:00 . 2008-02-17 20:00 <DIR> d-------- C:\WINDOWS\Cache

2008-02-17 19:18 . 2008-02-17 19:19 <DIR> d-------- C:\Documents and Settings\Don\Dane aplikacji\Ulead Systems

2008-02-17 19:02 . 2008-02-17 19:02 <DIR> d-------- C:\Program Files\Windows Media Components

2008-02-17 19:02 . 2008-02-17 19:02 <DIR> d-------- C:\Documents and Settings\All Users\Dane aplikacji\InstallShield

2008-02-17 19:02 . 2008-02-17 19:02 <DIR> d-------- C:\Documents and Settings\All Users\Dane aplikacji\Apple Computer

2008-02-17 19:01 . 2008-02-17 19:01 <DIR> d-------- C:\Program Files\Ulead Systems

2008-02-17 19:01 . 2008-02-18 16:50 <DIR> d-------- C:\Documents and Settings\All Users\Dane aplikacji\Ulead Systems

2008-02-17 16:59 . 2008-02-17 16:59 <DIR> d-------- C:\Program Files\Neoretix

2008-02-17 16:45 . 2008-02-17 16:45 <DIR> d-------- C:\WINDOWS\system32\XPToolsLicenseComponent

2008-02-17 16:45 . 2001-08-24 08:25 1,706,800 --a------ C:\WINDOWS\system32\gdiplus.dll

2008-02-17 13:12 . 2008-02-27 19:38 <DIR> d-------- C:\Program Files\ivo

2008-02-16 12:26 . 2008-02-16 12:26 <DIR> d-------- C:\Program Files\MegauploadToolbar

2008-02-16 12:26 . 2008-02-29 22:21 <DIR> d-------- C:\Documents and Settings\Don\Dane aplikacji\MegauploadToolbar

2008-02-13 14:17 . 2008-02-13 14:17 <DIR> d-------- C:\Documents and Settings\All Users\Dane aplikacji\Bluetooth

2008-02-13 14:13 . 2004-08-04 00:44 91,136 --a------ C:\WINDOWS\system32\drivers\kswdmcap.ax

2008-02-13 14:13 . 2004-08-04 00:44 61,952 --a------ C:\WINDOWS\system32\drivers\kstvtune.ax

2008-02-13 14:13 . 2004-08-04 00:44 54,784 --a------ C:\WINDOWS\system32\drivers\vfwwdm32.dll

2008-02-13 14:13 . 2004-08-04 00:44 43,008 --a------ C:\WINDOWS\system32\drivers\ksxbar.ax

2008-02-13 14:13 . 2004-08-04 00:44 28,672 --a------ C:\WINDOWS\system32\drivers\vidcap.ax

2008-02-11 21:35 . 2008-02-11 21:35 <DIR> d-------- C:\Program Files\Xilisoft

2008-02-11 21:35 . 2008-02-27 19:42 <DIR> d-------- C:\Program Files\QuickTime

2008-02-11 19:18 . 2008-02-12 12:31 <DIR> d-------- C:\Program Files\Mistrz Klawiatury 1.0 Demo

2008-02-11 16:32 . 2008-02-11 16:32 <DIR> d-------- C:\WINDOWS\Desktop

2008-02-11 16:31 . 2008-02-11 16:31 <DIR> d-------- C:\Program Files\FreshDevices

2008-02-10 14:05 . 2008-02-10 14:05 <DIR> d-------- C:\Program Files\ToniArts

2008-02-09 14:05 . 2008-02-09 14:05 262,144 --a------ C:\WINDOWS\system32\wrap_oal.dll

2008-02-09 14:05 . 2008-02-09 14:05 86,016 --a------ C:\WINDOWS\system32\OpenAL32.dll

2008-02-09 13:48 . 2008-02-09 13:48 <DIR> d-------- C:\Program Files\AML Products

2008-02-09 13:48 . 2006-03-11 04:56 438,272 --a------ C:\WINDOWS\system32\Mpeg2DecFilter.ax

2008-02-09 13:48 . 2005-11-25 21:46 421,888 --a------ C:\WINDOWS\system32\RealMediaSplitter.ax

2008-02-09 13:48 . 2004-01-11 15:47 327,680 --a------ C:\WINDOWS\system32\MatroskaSplitter.ax

2008-02-09 13:48 . 2005-06-21 17:48 1 --a------ C:\WINDOWS\gamidnof.lnl

2008-02-09 11:13 . 2008-02-09 11:14 <DIR> d-------- C:\Program Files\4Musics WMA to MP3 Converter

2008-02-09 11:13 . 2007-11-01 17:53 42,880 --a------ C:\WINDOWS\system32\drivers\vacs2xkd.sys

2008-02-09 11:13 . 2001-03-17 21:34 22,528 --a------ C:\WINDOWS\system32\WNASPI32.DLL

2008-02-09 11:13 . 2002-07-17 08:05 16,512 --a------ C:\WINDOWS\system32\drivers\ASPI32.SYS

2008-02-09 02:22 . 2008-02-09 02:22 <DIR> d-------- C:\Program Files\Damian Pasternak

2008-02-08 23:14 . 1995-07-14 00:00 146,321 --a------ C:\WINDOWS\system32\plus!.hlp

2008-02-08 23:14 . 1995-06-01 12:00 1,300 --a------ C:\WINDOWS\system32\cool.dll

2008-02-08 23:06 . 2008-02-11 23:52 <DIR> d-------- C:\Program Files\Tapeter

2008-02-08 19:58 . 2008-02-08 19:58 <DIR> d-------- C:\Program Files\K-Lite Codec Pack

2008-02-08 19:58 . 2008-02-08 19:58 <DIR> d-------- C:\Documents and Settings\Don\Dane aplikacji\Media Player Classic

2008-02-08 19:48 . 2008-02-08 19:48 <DIR> d-------- C:\Program Files\MarBit

2008-02-07 17:57 . 2008-02-07 17:57 <DIR> d-------- C:\Program Files\TibiaBot NG

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

200

-03-01 11:01 --------- d-----w C:\Documents and Settings\Don\Dane aplikacji\DMCache

2008-02-29 14:20 --------- d-----w C:\Documents and Settings\Don\Dane aplikacji\iMesh

2008-02-27 18:46 --------- d-----w C:\Program Files\WebServ

2008-02-27 18:43 --------- d--h--w C:\Program Files\InstallShield Installation Information

2008-02-22 23:02 --------- d-----w C:\Program Files\Tibia

2008-02-22 18:10 --------- d-----w C:\Documents and Settings\Don\Dane aplikacji\IDM

2008-02-19 21:24 --------- d-----w C:\Program Files\C-Media Audio

2008-02-17 18:01 --------- d-----w C:\Program Files\Common Files\InstallShield

2008-02-07 17:14 --------- d-----w C:\Documents and Settings\Don\Dane aplikacji\Tibia

2008-02-07 16:09 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\Lavasoft

2008-02-06 19:12 --------- d-----w C:\Documents and Settings\Don\Dane aplikacji\Hamachi

2008-02-06 12:59 --------- d-----w C:\Documents and Settings\Don\Dane aplikacji\TibiaTestserver

2008-02-04 11:18 --------- d-----w C:\Program Files\Google

2008-02-03 01:26 --------- d-----w C:\Program Files\eMule

2008-02-02 10:11 --------- d-----w C:\Program Files\Winamp

2008-01-31 16:36 --------- d-----w C:\Program Files\YafRay

2008-01-31 14:32 --------- d-----w C:\Program Files\Blender Foundation

2008-01-29 23:19 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\Yahoo! Companion

2008-01-29 21:01 --------- d-----w C:\Program Files\Yahoo!

2008-01-29 21:01 --------- d-----w C:\Program Files\FLV Player

2008-01-28 18:07 --------- d-----w C:\Program Files\uTorrent

2008-01-28 15:28 --------- d-----w C:\Program Files\IrfanView

2008-01-27 21:58 --------- d-----w C:\Program Files\UltraISO

2008-01-27 15:12 --------- d-----w C:\Program Files\AirSnare

2008-01-27 15:04 --------- d-----w C:\Program Files\WinPcap

2008-01-26 12:30 --------- d-----w C:\Program Files\Java

2008-01-26 12:27 --------- d-----w C:\Program Files\Common Files\Java

2008-01-25 22:26 --------- d-----w C:\Documents and Settings\Don\Dane aplikacji\Winamp

2008-01-25 22:18 --------- d-----w C:\Program Files\Winamp Remote

2008-01-25 22:18 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\OrbNetworks

2008-01-25 17:49 --------- d-----w C:\Program Files\MP3Dancer

2008-01-25 13:49 --------- d-----w C:\Program Files\RonOTS Client

2008-01-25 12:07 2,238,016 ----a-w C:\WINDOWS\inf\isprnt.exe

2008-01-24 21:00 25,280 ----a-w C:\WINDOWS\system32\drivers\hamachi.sys

2008-01-24 14:51 --------- d-----w C:\Documents and Settings\Don\Dane aplikacji\Dev-Cpp

2008-01-24 11:40 --------- d-----w C:\Program Files\Arjaloc

2008-01-24 10:57 --------- d-----w C:\Program Files\MyPortal

2008-01-23 20:06 --------- d-----w C:\Program Files\MP3Gain

2008-01-23 12:03 --------- d-----w C:\Program Files\Common Files\Totem Shared

2008-01-23 11:43 --------- d-----w C:\Program Files\Alcohol Soft

2008-01-23 11:40 715,248 ----a-w C:\WINDOWS\system32\drivers\sptd.sys

2008-01-23 11:37 --------- d-----w C:\Program Files\Astonsoft

2008-01-23 11:35 --------- d-----w C:\Documents and Settings\Don\Dane aplikacji\DeepBurner

2008-01-23 10:48 --------- d-----w C:\Documents and Settings\Don\Dane aplikacji\Teleca

2008-01-22 20:34 --------- d-----w C:\Documents and Settings\Don\Dane aplikacji\Gadu-Gadu

2008-01-22 20:25 --------- d-----w C:\Program Files\Gadu-Gadu

2008-01-22 18:55 --------- d-----w C:\Program Files\Asprate

2008-01-22 18:29 231,302 ----a-w C:\WINDOWS\Peer2Mail_Toolbar_Uninstaller_9859.exe

2008-01-22 18:29 --------- d-----w C:\Program Files\Peer2Mail Toolbar

2008-01-22 18:29 --------- d-----w C:\Program Files\Peer2Mail

2008-01-22 15:21 --------- d-----w C:\Program Files\Common Files\Teleca Shared

2008-01-22 15:21 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\Teleca

2008-01-22 15:21 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\Sony Ericsson

2008-01-22 15:20 --------- d-----w C:\Program Files\Sony Ericsson

2008-01-22 14:44 --------- d-----w C:\Program Files\iMesh Applications

2008-01-18 22:47 --------- d-----w C:\Program Files\C-Media 3D Audio

2008-01-18 22:46 --------- d-----w C:\Program Files\Intel

2008-01-18 22:36 --------- d-----w C:\Program Files\microsoft frontpage

2008-01-18 22:35 558,142 ----a-w C:\WINDOWS\java\Packages\1bdrb1f7.zip

2008-01-18 22:35 155,995 ----a-w C:\WINDOWS\java\Packages\3d35bjnt.zip

2008-01-18 22:34 --------- d-----w C:\Program Files\Usługi online

2007-12-14 10:32 12,632 ----a-w C:\WINDOWS\system32\lsdelete.exe

.

------- Sigcheck -------

b3c95bfeef6781a82a1c429f466a3a11 C:\WINDOWS\system32\svchost.exe

----a-w 12,800 2001-10-26 17:30:02 C:\WINDOWS\system32\svchost.exe

3a4892a57cfe05d61e4bbc3ec3e24a63 C:\WINDOWS\system32\user32.dll

------w 561,664 2002-09-20 17:04:58 C:\WINDOWS\ServicePackFiles\i386\user32.dll

----a-w 561,664 2002-09-20 17:04:58 C:\WINDOWS\system32\user32.dll

9b7d1c56cc12d806314b853bf52ecb4c C:\WINDOWS\system32\ws2_32.dll

----a-w 75,264 2001-10-26 17:29:46 C:\WINDOWS\system32\ws2_32.dll

4965c02574610e9b2d1e18d63d11a772 C:\WINDOWS\system32\wininet.dll

-c----w 658,944 2004-08-03 23:44:16 C:\WINDOWS\ie7\wininet.dll

------w 601,600 2002-09-20 17:05:00 C:\WINDOWS\ServicePackFiles\i386\wininet.dll

----a-w 601,600 2002-09-20 17:05:00 C:\WINDOWS\system32\wininet.dll

244a2f9816bc9b593957281ef577d976 C:\WINDOWS\system32\drivers\tcpip.sys

------w 332,928 2002-08-29 00:58:12 C:\WINDOWS\ServicePackFiles\i386\tcpip.sys

----a-w 332,928 2002-08-29 00:58:12 C:\WINDOWS\system32\drivers\tcpip.sys

8b6e6bb5d451f8bbc0621203b687d993 C:\WINDOWS\system32\winlogon.exe

------w 519,168 2002-09-20 17:05:50 C:\WINDOWS\ServicePackFiles\i386\winlogon.exe

----a-w 519,168 2002-09-20 17:05:50 C:\WINDOWS\system32\winlogon.exe

3b350e5a2a5e951453f3993275a4523a C:\WINDOWS\system32\drivers\ndis.sys

------w 167,552 2002-08-29 01:09:26 C:\WINDOWS\ServicePackFiles\i386\ndis.sys

----a-w 167,552 2002-08-29 01:09:26 C:\WINDOWS\system32\drivers\ndis.sys

79d262478c985e736deb38ce2224fc75 C:\WINDOWS\system32\ntkrnlpa.exe

------w 1,949,184 2002-09-20 16:12:16 C:\WINDOWS\ServicePackFiles\i386\ntkrnlpa.exe

----a-w 1,949,184 2002-09-20 17:18:00 C:\WINDOWS\system32\ntkrnlpa.exe

ae94ae0da6ed874ce08912fc63f8c6c2 C:\WINDOWS\system32\ntoskrnl.exe

------w 2,043,520 2002-09-20 16:12:28 C:\WINDOWS\ServicePackFiles\i386\ntoskrnl.exe

----a-w 2,043,520 2002-09-20 16:12:28 C:\WINDOWS\system32\ntoskrnl.exe

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.#BR_

EPLACE#*Note* empty entries & legit default entries are not shown

REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"IDMan"="C:\idm\IDMan.exe" [2007-07-28 15:38 1360304]

"Gadu-Gadu"="C:\Program Files\Gadu-Gadu\gg.exe" [2007-11-14 11:54 2131392]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]

"WindowBlinds"="C:\PROGRA~1\Stardock\Object Desktop\WindowBlinds\wbconfig.exe" [2007-02-21 15:06 1023152]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"MSConfig"="C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe" [2002-09-20 18:05 146944]

"DrvIcon"="C:\Program Files\Vista Drive Icon\DrvIcon.exe" [2007-07-04 20:59 45056]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2002-09-20 18:05 13312]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]

"NoLowDiscSpaceChecks"= 000000000000f03f

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]

"NoBandCustomize"= 0 (0x0)

"NoMovingBands"= 0 (0x0)

"NoCloseDragDropBands"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WBSrv]

C:\PROGRA~1\Stardock\Object Desktop\WindowBlinds\wbsrv.dll 2007-02-07 17:31 226992 C:\PROGRA~1\Stardock\Object Desktop\WindowBlinds\WbSrv.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]

"AppInit_DLLs"=wbsys.dll

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^Adobe Gamma Loader.lnk]

path=C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Adobe Gamma Loader.lnk

backup=C:\WINDOWS\pss\Adobe Gamma Loader.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^Don^Menu Start^Programy^Autostart^Budzik.lnk]

path=C:\Documents and Settings\Don\Menu Start\Programy\Autostart\Budzik.lnk

backup=C:\WINDOWS\pss\Budzik.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^Don^Menu Start^Programy^Autostart^ctfmon.exe]

path=C:\Documents and Settings\Don\Menu Start\Programy\Autostart\ctfmon.exe

backup=C:\WINDOWS\pss\ctfmon.exeStartup

[HKLM\~\startupfolder\C:^Documents and Settings^Don^Menu Start^Programy^Autostart^hamachi.lnk]

path=C:\Documents and Settings\Don\Menu Start\Programy\Autostart\hamachi.lnk

backup=C:\WINDOWS\pss\hamachi.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^Don^Menu Start^Programy^Autostart^MP3 Dancer.lnk]

path=C:\Documents and Settings\Don\Menu Start\Programy\Autostart\MP3 Dancer.lnk

backup=C:\WINDOWS\pss\MP3 Dancer.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]

--a------ 2002-09-20 18:05 13312 C:\WINDOWS\System32\ctfmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Gadu-Gadu]

--a------ 2007-11-14 11:54 2131392 C:\Program Files\Gadu-Gadu\gg.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IDMan]

--a------ 2007-07-28 15:38 1360304 C:\idm\IDMan.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxhkcmd]

-ra------ 2005-09-20 03:32 77824 C:\WINDOWS\System32\hkcmd.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxpers]

-ra------ 2005-09-20 03:36 114688 C:\WINDOWS\System32\igfxpers.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxtray]

-ra------ 2005-09-20 03:35 94208 C:\WINDOWS\System32\igfxtray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite]

-ra------ 2005-10-26 16:17 159744 C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]

--a------ 2007-09-25 01:11 132496 C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UnlockerAssistant]

--a------ 2006-09-07 18:19 15872 C:\Program Files\Unlocker\UnlockerAssistant.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]

"WZCSVC"=2 (0x2)

"WudfSvc"=3 (0x3)

"wuauserv"=2 (0x2)

"WMPNetworkSvc"=3 (0x3)

"WmiApSrv"=3 (0x3)

"Wmi"=3 (0x3)

"WmdmPmSN"=3 (0x3)

"winmgmt"=2 (0x2)

"WebClient"=2 (0x2)

"W32Time"=2 (0x2)

"VSS"=3 (0x3)

"UPS"=3 (0x3)

"upnphost"=3 (0x3)

"uploadmgr"=2 (0x2)

"TrkWks"=2 (0x2)

"Themes"=2 (0x2)

"TermService"=3 (0x3)

"TapiSrv"=3 (0x3)

"SysmonLog"=3 (0x3)

"SwPrv"=3 (0x3)

"stisvc"=3 (0x3)

"StarWindServiceAE"=2 (0x2)

"SSDPSRV"=3 (0x3)

"srservice"=2 (0x2)

"Spooler"=2 (0x2)

"ShellHWDetection"=2 (0x2)

"SharedAccess"=3 (0x3)

"SENS"=2 (0x2)

"seclogon"=2 (0x2)

"sdCoreService"=3 (0x3)

"sdAuxService"=3 (0x3)

"Schedule"=2 (0x2)

"SCardSvr"=3 (0x3)

"SamSs"=2 (0x2)

"RSVP"=3 (0x3)

"rpcapd"=3 (0x3)

"RemoteRegistry"=2 (0x2)

"RDSessMgr"=3 (0x3)

"RasMan"=3 (0x3)

"RasAuto"=3 (0x3)

"ProtectedStorage"=2 (0x2)

"PolicyAgent"=2 (0x2)

"Pml Driver HPZ12"=2 (0x2)

"PlugPlay"=2 (0x2)

"ose"=3 (0x3)

"NtmsSvc"=3 (0x3)

"NtLmSsp"=3 (0x3)

"Nla"=3 (0x3)

"Netman"=3 (0x3)

"Netlogon"=3 (0x3)

"NetDDEdsdm"=3 (0x3)

"NetDDE"=3 (0x3)

"MSIServer"=3 (0x3)

"MSDTC"=3 (0x3)

"mnmsrvc"=3 (0x3)

"Messenger"=2 (0x2)

"LmHosts"=2 (0x2)

"lanmanworkstation"=2 (0x2)

"lanmanserver"=2 (0x2)

"Irmon"=2 (0x2)

"ImapiService"=3 (0x3)

"idsvc"=3 (0x3)

"IDriverT"=3 (0x3)

"HTTPFilter"=3 (0x3)

"helpsvc"=2 (0x2)

"FontCache3.0.0.0"=3 (0x3)

"FastUserSwitchingCompatibility"=3 (0x3)

"EventSystem"=3 (0x3)

"Eventlog"=2 (0x2)

"ERSvc"=2 (0x2)

"Dnscache"=2 (0x2)

"dmserver"=2 (0x2)

"dmadmin"=3 (0x3)

"Dhcp"=2 (0x2)

"CryptSvc"=2 (0x2)

"COMSysApp"=3 (0x3)

"clr_optimization_v2.0.50727_32"=3 (0x3)

"ClipSrv"=3 (0x3)

"CiSvc"=3 (0x3)

"Browser"=2 (0x2)

"BITS"=3 (0x3)

"AudioSrv"=2 (0x2)

"aspnet_state"=3 (0x3)

"AppMgmt"=3 (0x3)

"ALG"=3 (0x3)

"Alerter"=3 (0x3)

.

**************************

***********************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2008-03-01 14:08:49

Windows 5.1.2600 Dodatek Service Pack. 1 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully

hidden files: 0

********************************************************

*****************

.

Completion time: 2008-03-01 14:09:22

ComboFix-quarantined-files.txt 2008-03-01 13:09:13

Acha, i w ogóle nie mam "explorer.exe" w procesach...

//zmień temat , bo łamiesz regulamin

Tomek
komentarz
komentarz

alt+ctrl+del

plik nowe zadanie explorer.exe

jeżeli nie działa

w konsoli odzyskiwanie(uruchom komputer z płyty z WIn poczekaj aż załadują się sterowniki i wciskasz R

piszesz

expand X:\i386\explorer.ex_ C:\Windows\explorer.exe

X- litera twojego napędu płyt.

Kamashi
komentarz
komentarz

Robiłem to i nic... pisze, że windows nie moze odnalezc tego pliku .. ;/

Tomek
komentarz
komentarz

wykonaj polecenia z postu wyżej

wgrasz plik explorer.exe z płyty instalacyjnej.

Kamashi
komentarz
komentarz

nie mam plyty instalacyjnej

M4tth3w
komentarz
komentarz

Przywróć system do wcześniejszego, prawidłowego stanu.

Gość
Ten temat został zamknięty. Brak możliwości dodania odpowiedzi.
Zarejestruj się lub zaloguj, aby dodać nowy temat albo zadaj pytanie bez logowania
×
×
  • Dodaj nową pozycję...

Powiadomienie o plikach cookie

Strona wykorzystuje pliki cookies w celu prawidłowego świadczenia usług i wygody użytkowników. Warunki przechowywania i dostępu do plików cookies możesz zmienić w ustawieniach przeglądarki.