x-kom hosting

Brak internetu pod IE - pod FF jest

Gość
utworzono
utworzono

Tak jak w temacie, zawiesza si e IE7 - nie wyświetla żadnej stronki :( FireFox działa poprawnie.

Ps. Muszę mieć IE

Logfile of Trend Micro HijackThis v2.0.2Scan saved at 11:29:52, on 2008-07-03Platform: Windows XP Dodatek SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.16674)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\spoolsv.exeC:\PROGRA~1\AVG\AVG8\avgwdsvc.exeC:\WINDOWS\system32\svchost.exeC:\PROGRA~1\AVG\AVG8\avgam.exeC:\PROGRA~1\AVG\AVG8\avgrsx.exeC:\PROGRA~1\AVG\AVG8\avgnsx.exeC:\PROGRA~1\AVG\AVG8\avgemc.exeC:\WINDOWS\explorer.exeC:\WINDOWS\system32\ctfmon.exeC:\WINDOWS\system32\zshp1020.exeC:\Program Files\Mozilla Firefox\firefox.exeC:\Program Files\Trend Micro\HijackThis\HijackThis.exeR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://go.microsoft.com/fwlink/?LinkId=54843R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = ŁączaF2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,,SKEYS /IO2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dllO2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dllO2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dllO2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dllO4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exeO4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exeO4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exeO4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXEO4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXEO4 - HKLM\..\Run: [OrderReminder] C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder.exeO4 - HKLM\..\Run: [Onet.pl AutoUpdate] C:\Program Files\Common Files\Onet.pl\AutoUpdate.exe /tsrO4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exeO4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exeO4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA LOKALNA')O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA SIECIOWA')O4 - HKUS\S-1-5-21-2466340433-1607916153-1840330083-1005\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User '?')O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')O4 - Global Startup: Action Manager 32.lnk = C:\Program Files\ScannerU\AM32.exeO4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exeO4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exeO4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXEO9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dllO9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dllO9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dllO9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dllO9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exeO9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exeO9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO16 - DPF: {F9043C85-F6F2-101A-A3C9-08002B2F49FB} (Microsoft Common Dialog Control, version 5.0 (SP2)) - http://activex.microsoft.com/controls/vb5/comdlg32.cabO18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dllO20 - AppInit_DLLs: avgrsstx.dllO23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exeO23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exeO23 - Service: Hard Disk Noise Control (HDDFC) - Fujitsu Siemens Computers - c:\Program Files\Fujitsu Siemens\Hard Disk Noise Control\HDDFC.exeO23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exeO23 - Service: OracleMTSRecoveryService - Oracle Corporation - C:\XEClient\BIN\omtsreco.exe

CatchMe
komentarz
komentarz

puciek - wklejaj logi z nagłówkiem. Nic nie widać w tym logu. Wklej log z ComboFix.

Gość
komentarz
komentarz

CompoFix:

ComboFix 08-07-02.3 - Uzytkownik 2008-07-03 11:34:12.1 - NTFSx86Microsoft Windows XP Professional  5.1.2600.3.1250.1.1045.18.124 [GMT 2:00]Running from: C:\Documents and Settings\Uzytkownik.ZABLUDOW1002\Pulpit\ComboFix.exe * Created a new restore point[b]WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !![/b].(((((((((((((((((((((((((   Files Created from 2008-06-03 to 2008-07-03  ))))))))))))))))))))))))))))))).2008-07-03 11:01 . 2008-07-03 11:01	<DIR>	d--------	C:\Program Files\Trend Micro2008-07-03 09:34 . 2008-07-03 09:34	<DIR>	d--------	C:\Program Files\Spybot - Search & Destroy2008-07-03 09:34 . 2008-07-03 10:53	<DIR>	d--------	C:\Documents and Settings\All Users\Dane aplikacji\Spybot - Search & Destroy2008-07-03 08:12 . 2008-07-03 08:12	<DIR>	d--------	C:\Documents and Settings\All Users\Dane aplikacji\Grisoft2008-07-01 13:20 . 2008-07-01 13:20	<DIR>	d--------	C:\WINDOWS\system32\CatRoot_bak2008-07-01 13:04 . 2006-12-29 00:31	19,569	--a------	C:\WINDOWS\[u]0[/u]00001_.tmp2008-06-27 14:21 . 2008-06-27 14:25	<DIR>	d--------	C:\WINDOWS\ServicePackFiles2008-06-27 14:15 . 2006-12-29 00:31	19,569	--a------	C:\WINDOWS\[u]0[/u]02901_.tmp2008-06-27 09:29 . 2004-08-04 00:44	159,232	--a------	C:\WINDOWS\system32\ptpusd.dll2008-06-27 09:29 . 2001-10-26 17:29	5,632	--a------	C:\WINDOWS\system32\ptpusb.dll2008-06-20 13:32 . 2008-06-20 13:32	1,160	--a------	C:\WINDOWS\mozver.dat2008-06-20 08:23 . 2008-06-20 08:25	2,753,608	--a------	C:\sam.tmp2008-06-20 08:15 . 2008-06-20 08:15	<DIR>	d--------	C:\Documents and Settings\Uzytkownik.ZABLUDOW1002\WINDOWS2008-06-17 09:56 . 2008-06-20 08:35	<DIR>	d--------	C:\Program Files\ScannerU2008-06-17 09:56 . 1996-11-05 16:13	299,008	--a------	C:\WINDOWS\uninst.exe2008-06-17 09:56 . 2001-10-26 17:29	87,040	--a------	C:\WINDOWS\system32\wiafbdrv.dll2008-06-17 09:56 . 2001-10-26 17:29	87,040	--a------	C:\WINDOWS\system32\dllcache\wiafbdrv.dll2008-06-17 09:56 . 2002-10-31 10:12	49,152	--a------	C:\WINDOWS\AutoSet.dll2008-06-17 09:56 . 2008-04-14 00:15	15,104	--a------	C:\WINDOWS\system32\drivers\usbscan.sys2008-06-17 09:56 . 2008-06-17 09:56	266	--a------	C:\WINDOWS\SCNDRVU.INI2008-06-17 09:55 . 2008-06-17 09:55	<DIR>	d--------	C:\Documents and Settings\admin\WINDOWS2008-06-17 09:55 . 2002-08-07 11:09	45,056	--a------	C:\WINDOWS\system32\micdrv.dll2008-06-16 08:26 . 2008-06-16 08:27	<DIR>	d--------	C:\WINDOWS\system32\NtmsData2008-06-16 08:00 . 2008-07-01 13:06	<DIR>	d--h-----	C:\$AVG8.VAULT$2008-06-13 14:51 . 2008-06-23 07:10	76,040	--a------	C:\WINDOWS\system32\drivers\avgtdix.sys2008-06-13 14:51 . 2008-06-23 07:10	12,936	--a------	C:\WINDOWS\system32\drivers\avgrkx86.sys2008-06-13 14:51 . 2008-06-23 07:10	10,520	--a------	C:\WINDOWS\system32\avgrsstx.dll2008-06-13 14:50 . 2008-06-23 07:10	96,520	--a------	C:\WINDOWS\system32\drivers\avgldx86.sys2008-06-13 14:25 . 2008-06-13 14:40	<DIR>	d--------	C:\Program Files\Mozilla Firefox(2)2008-06-13 14:25 . 2008-06-13 14:25	0	--a------	C:\WINDOWS\nsreg.dat2008-06-13 14:18 . 2008-06-13 14:23	<DIR>	d--------	C:\WINDOWS\system32\drivers\Avg(3)2008-06-13 14:18 . 2008-06-13 14:40	<DIR>	d--------	C:\Program Files\AVG(3)2008-06-13 14:18 . 2008-06-13 14:40	<DIR>	d--------	C:\Documents and Settings\All Users\Dane aplikacji\avg8(3)2008-06-13 14:18 . 2008-06-13 14:18	10,520	--a------	C:\WINDOWS\system32\avgrsstx(2)(2).dll2008-06-13 13:50 . 2008-06-13 14:45	<DIR>	d--------	C:\Documents and Settings\All Users\Dane aplikacji\avg7(2)2008-06-13 13:33 . 2008-06-13 14:45	<DIR>	d--------	C:\Recycled2008-06-13 13:32 . 2008-07-03 07:06	<DIR>	d--------	C:\WINDOWS\system32\drivers\Avg2008-06-13 13:32 . 2008-06-13 14:45	<DIR>	d--------	C:\Program Files\AVG2008-06-13 13:32 . 2008-06-13 14:50	<DIR>	d--------	C:\Documents and Settings\All Users\Dane aplikacji\avg82008-06-11 07:08 . 2008-06-14 19:36	273,024	---------	C:\WINDOWS\system32\drivers\bthport.sys2008-06-11 07:08 . 2008-06-14 19:36	273,024	---------	C:\WINDOWS\system32\dllcache\bthport.sys2008-06-11 07:08 . 2008-05-08 16:02	203,136	---------	C:\WINDOWS\system32\dllcache\rmcast.sys.((((((((((((((((((((((((((((((((((((((((   Find3M Report   )))))))))))))))))))))))))))))))))))))))))))))))))))).2008-07-03 05:36	---------	d-----w	C:\Program Files\FlowER Urzad2008-07-01 10:50	19,720	----a-w	C:\Documents and Settings\Uzytkownik.ZABLUDOW1002\Dane aplikacji\GDIPFONTCACHEV1.DAT2008-05-08 14:02	203,136	----a-w	C:\WINDOWS\system32\drivers\rmcast.sys2008-05-07 05:12	1,291,776	----a-w	C:\WINDOWS\system32\quartz.dll2008-05-07 05:12	1,291,776	------w	C:\WINDOWS\system32\dllcache\quartz.dll2008-04-23 23:20	3,591,680	------w	C:\WINDOWS\system32\dllcache\mshtml.dll2008-04-22 07:43	70,656	------w	C:\WINDOWS\system32\dllcache\ie4uinit.exe2008-04-22 07:43	625,664	------w	C:\WINDOWS\system32\dllcache\iexplore.exe2008-04-22 07:39	13,824	------w	C:\WINDOWS\system32\dllcache\ieudinit.exe2008-04-20 05:07	161,792	------w	C:\WINDOWS\system32\dllcache\ieakui.dll2008-04-14 21:16	1,804	----a-w	C:\WINDOWS\system32\dcache.bin2008-04-14 20:56	332,288	----a-w	C:\WINDOWS\system32\netsetup.exe2008-04-14 20:52	92,424	----a-w	C:\WINDOWS\system32\rdpdd.dll2008-04-14 20:52	87,176	----a-w	C:\WINDOWS\system32\rdpwsx.dll2008-04-14 20:52	299,520	----a-w	C:\WINDOWS\system32\drmclien.dll2008-04-14 20:52	299,520	----a-w	C:\WINDOWS\system32\dllcache\drmclien.dll2008-04-14 20:52	226,816	----a-w	C:\WINDOWS\system32\dllcache\npdrmv2.dll2008-04-14 20:52	12,168	----a-w	C:\WINDOWS\system32\tsddd.dll2008-04-14 20:50	999,936	----a-w	C:\WINDOWS\system32\syssetup.dll2008-04-14 20:49	98,304	----a-w	C:\WINDOWS\system32\actxprxy.dll2008-04-14 20:48	5,632	----a-w	C:\WINDOWS\system32\wmi.dll2008-04-14 20:48	24,064	----a-w	C:\WINDOWS\system32\pidgen.dll2008-04-14 20:48	1,449,472	----a-w	C:\WINDOWS\system32\winntbbu.dll2008-04-14 20:47	57,375	----a-w	C:\WINDOWS\system32\odbcji32.dll2008-04-14 20:43	4,126	----a-w	C:\WINDOWS\system32\msdxmlc.dll2008-04-14 20:43	4,126	----a-w	C:\WINDOWS\system32\dllcache\msdxmlc.dll2008-04-14 20:42	3,584	----a-w	C:\WINDOWS\system32\msafd.dll2008-04-14 20:36	3,584	----a-w	C:\WINDOWS\system32\icmp.dll2008-04-14 20:35	9,344	----a-w	C:\WINDOWS\system32\framebuf.dll2008-04-14 20:35	569,856	----a-w	C:\WINDOWS\system32\gpedit.dll2008-04-14 20:33	3,072	----a-w	C:\WINDOWS\system32\dpnlobby.dll2008-04-14 20:33	3,072	----a-w	C:\WINDOWS\system32\dpnaddr.dll2008-04-14 20:31	16,896	----a-w	C:\WINDOWS\system32\cfgmgr32.dll2008-04-14 20:30	285,696	----a-w	C:\WINDOWS\system32\atmfd.dll2008-04-14 20:00	2,190,336	----a-w	C:\WINDOWS\system32\ntoskrnl.exe2008-04-14 19:59	2,067,200	----a-w	C:\WINDOWS\system32\ntkrnlpa.exe2008-04-14 19:55	4,096	----a-w	C:\WINDOWS\system32\dsprpres.dll2008-04-14 19:52	89,600	------w	C:\WINDOWS\system32\msxml6r.dll2008-04-14 19:52	89,600	------w	C:\WINDOWS\system32\dllcache\msxml6r.dll2008-04-14 19:50	80,896	------w	C:\WINDOWS\system32\msshavmsg.dll2008-04-14 19:45	49,664	----a-w	C:\WINDOWS\system32\inetres.dll2008-04-14 19:43	563,200	----a-w	C:\WINDOWS\system32\shdoclc.dll2008-04-14 19:37	10,240	----a-w	C:\WINDOWS\system32\gpkrsrc.dll2008-04-14 19:35	67,584	----a-w	C:\WINDOWS\system32\browselc.dll2008-04-14 19:35	1,845,888	----a-w	C:\WINDOWS\system32\win32k.sys2008-04-13 22:15	17,664	----a-w	C:\WINDOWS\system32\watchdog.sys2008-04-13 22:13	9,728	------w	C:\WINDOWS\system32\comsdupd.exe2008-04-13 22:13	12,800	----a-w	C:\WINDOWS\system32\spiisupd.exe2008-04-13 22:10	427,008	----a-w	C:\WINDOWS\system32\xpob2res.dll2008-04-13 22:08	2,953,216	----a-w	C:\WINDOWS\system32\xpsp2res.dll2008-04-13 22:05	194,560	----a-w	C:\WINDOWS\system32\xpsp1res.dll2008-04-13 22:01	7,424	----a-w	C:\WINDOWS\system32\kd1394.dll2008-04-13 22:00	61,440	----a-w	C:\WINDOWS\system32\msvcrt40.dll2008-04-13 21:07	208,384	----a-w	C:\WINDOWS\system32\rsaenh.dll2008-04-13 21:07	138,752	----a-w	C:\WINDOWS\system32\dssenh.dll2008-04-13 20:56	12,288	----a-w	C:\WINDOWS\system32\odbcp32r.dll2008-04-13 20:56	12,288	----a-w	C:\WINDOWS\system32\mscpx32r.dll2008-04-13 20:51	733,696	----a-w	C:\WINDOWS\system32\qedwipes.dll2008-04-13 20:18	1,647,616	----a-w	C:\WINDOWS\system32\winbrand.dll2008-04-13 20:15	216,064	----a-w	C:\WINDOWS\system32\moricons.dll2008-04-13 19:53	48,128	----a-w	C:\WINDOWS\system32\msprivs.dll2008-04-13 19:09	884,736	----a-w	C:\WINDOWS\system32\msimsg.dll.(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))..*Note* empty entries & legit default entries are not shown REGEDIT4[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-14 22:51 15360][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"igfxtray"="C:\WINDOWS\system32\igfxtray.exe" [2005-07-19 11:09 94208]"igfxhkcmd"="C:\WINDOWS\system32\hkcmd.exe" [2005-07-19 11:06 77824]"igfxpers"="C:\WINDOWS\system32\igfxpers.exe" [2005-07-19 11:10 114688]"OrderReminder"="C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder.exe" [2005-03-18 13:18 98304]"AVG8_TRAY"="C:\PROGRA~1\AVG\AVG8\avgtray.exe" [2008-06-23 07:10 1231128]"RTHDCPL"="RTHDCPL.EXE" [2005-09-22 13:36 14854144 C:\WINDOWS\RTHDCPL.EXE][HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2008-04-14 22:51 15360]C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Action Manager 32.lnk - C:\Program Files\ScannerU\AM32.exe [2008-06-17 09:56:22 57344]Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2004-12-14 14:44:06 29696]HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2005-05-12 00:23:26 282624]Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2001-02-13 10:01:04 83360][HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]"AppInit_DLLs"=avgrsstx.dll[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]--a------ 2008-04-14 22:51 15360 C:\WINDOWS\system32\ctfmon.exe[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]--a------ 2005-05-12 00:12 49152 C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]--------- 2008-04-14 22:51 1695232 C:\Program Files\Messenger\msmsgs.exe[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]--a------ 2001-07-09 10:50 155648 C:\WINDOWS\system32\NeroCheck.exe[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]--a------ 2007-07-12 04:00 132496 C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe[HKEY_LOCAL_MACHINE\software\microsoft\security center]"AntiVirusOverride"=dword:00000001[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]"%windir%\\system32\\sessmgr.exe"="\\\\SKARBNIK\\PROFINFO\\lplocal.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe"="C:\\Program Files\\AVG\\AVG8\\avgupd.exe"="C:\\Program Files\\AVG\\AVG8\\avgemc.exe"="C:\\Program Files\\AVG\\AVG8\\avgnsx.exe"=[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009R0 AvgRkx86;avgrkx86.sys;C:\WINDOWS\system32\Drivers\avgrkx86.sys [2008-06-23 07:10]R1 AvgLdx86;AVG AVI Loader Driver x86;C:\WINDOWS\system32\Drivers\avgldx86.sys [2008-06-23 07:10]R2 avg8emc;AVG8 E-mail Scanner;C:\PROGRA~1\AVG\AVG8\avgemc.exe [2008-06-23 07:10]R2 avg8wd;AVG8 WatchDog;C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2008-06-23 07:10]R2 AvgTdiX;AVG8 Network Redirector;C:\WINDOWS\system32\Drivers\avgtdix.sys [2008-06-23 07:10]R3 SMBus_2k;SMBus_2k;C:\WINDOWS\system32\drivers\SMBus_2k.sys [2006-04-27 17:25]S2 HDDFC;Hard Disk Noise Control;c:\Program Files\Fujitsu Siemens\Hard Disk Noise Control\HDDFC.exe [2005-03-22 10:51]S2 IcRecUsb;IC Recorder Driver;C:\WINDOWS\system32\Drivers\IcRecUsb.sys [2001-10-01 23:37]S3 {DEF85C80-216A-43ab-AF70-1665EDBE2780};{DEF85C80-216A-43ab-AF70-1665EDBE2780};C:\WINDOWS\TEMP\C4.tmp []S3 usbscan;Sterownik skanera USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 00:15]S3 USBSTOR;Sterownik magazynu masowego USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 00:15][HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\##umz-srv#Lex]\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Recycled\ctfmon.exe\Shell\Open(&0)\command - L:\Recycled\ctfmon.exe[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{9b9e2e5e-b50b-11dc-b6ab-003005c391d7}]\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Recycled\ctfmon.exe\Shell\Open(&0)\command - Recycled\ctfmon.exe[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{9c765f32-64e6-11dc-b65e-003005c391d7}]\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Recycled\ctfmon.exe\Shell\Open(&0)\command - Recycled\ctfmon.exe[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a3b94bff-d3b5-11dc-b6c1-003005c391d7}]\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Recycled\ctfmon.exe\Shell\Open(&0)\command - Recycled\ctfmon.exe[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b0f7dcf9-ba9b-11db-b5b0-003005c391d7}]\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Recycled\ctfmon.exe\Shell\Open(&0)\command - Recycled\ctfmon.exe[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c3200f48-3dc0-11dd-b734-003005c391d7}]\Shell\AutoRun\command - F:\USBNB.exe*Newly Created Service* - AVG_ANTI-SPYWARE_DRIVER*Newly Created Service* - CATCHME.Contents of the 'Scheduled Tasks' folder"2008-07-03 05:30:11 C:\WINDOWS\Tasks\User_Feed_Synchronization-{E2EA5778-D031-4D77-B68C-715F0BF8A756}.job"- C:\WINDOWS\system32\msfeedssync.exe.- - - - ORPHANS REMOVED - - - -HKLM-Run-Onet.pl AutoUpdate - C:\Program Files\Common Files\Onet.pl\AutoUpdate.exe**************************************************************************catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.netRootkit scan 2008-07-03 11:36:04Windows 5.1.2600 Dodatek Service Pack 3 NTFSscanning hidden processes ... scanning hidden autostart entries ...scanning hidden files ... scan completed successfullyhidden files: 0**************************************************************************[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\{DEF85C80-216A-43ab-AF70-1665EDBE2780}]"ImagePath"="\??\C:\WINDOWS\TEMP\C4.tmp".Completion time: 2008-07-03 11:36:55ComboFix-quarantined-files.txt  2008-07-03 09:36:52Pre-Run: 22,716,084,224 bajtów wolnychPost-Run: 22,725,742,592 bajtów wolnych214	--- E O F ---	2008-06-20 05:54:23

i dodatkowo procesy przy odpalonym IE:

afc1065b060beee0.jpg

CatchMe
komentarz
komentarz

Zrób z tym porządek, w rejestrze masz pewnie niezły zamęt...

2008-06-13 14:25 . 2008-06-13 14:40	<DIR>	d--------	C:\Program Files\Mozilla Firefox(2)2008-06-13 14:25 . 2008-06-13 14:25	0	--a------	C:\WINDOWS\nsreg.dat2008-06-13 14:18 . 2008-06-13 14:23	<DIR>	d--------	C:\WINDOWS\system32\drivers\Avg(3)2008-06-13 14:18 . 2008-06-13 14:40	<DIR>	d--------	C:\Program Files\AVG(3)2008-06-13 14:18 . 2008-06-13 14:40	<DIR>	d--------	C:\Documents and Settings\All Users\Dane aplikacji\avg8(3)2008-06-13 14:18 . 2008-06-13 14:18	10,520	--a------	C:\WINDOWS\system32\avgrsstx(2)(2).dll2008-06-13 13:50 . 2008-06-13 14:45	<DIR>	d--------	C:\Documents and Settings\All Users\Dane aplikacji\avg7(2)2008-06-13 13:32 . 2008-07-03 07:06	<DIR>	d--------	C:\WINDOWS\system32\drivers\Avg2008-06-13 13:32 . 2008-06-13 14:45	<DIR>	d--------	C:\Program Files\AVG2008-06-13 13:32 . 2008-06-13 14:50	<DIR>	d--------	C:\Documents and Settings\All Users\Dane aplikacji\avg8

Znasz to?

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\##umz-srv#Lex]\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Recycled\ctfmon.exe\Shell\Open(&0)\command - [b]L:\Recycled\ctfmon.exe[/b]

Skasuj tempy:

C:\WINDOWS\TEMP\C4.tmpC:\WINDOWS\[u]0[/u]00001_.tmpC:\sam.tmpC:\WINDOWS\[u]0[/u]02901_.tmp

// Zamykam. Puciek

Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!

Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.

×
×
  • Dodaj nową pozycję...

Powiadomienie o plikach cookie

Strona wykorzystuje pliki cookies w celu prawidłowego świadczenia usług i wygody użytkowników. Warunki przechowywania i dostępu do plików cookies możesz zmienić w ustawieniach przeglądarki.