x-kom hosting

Prosze o sprawdzenie logów.

Danyyy
utworzono
utworzono

Mateusz J.
komentarz
komentarz
O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)O17 - HKLM\System\CCS\Services\Tcpip\..\{05D66F00-CACA-4FA8-8346-8B88B1402BA8}: NameServer = 208.67.222.222,208.67.220.220O17 - HKLM\System\CS1\Services\Tcpip\..\{05D66F00-CACA-4FA8-8346-8B88B1402BA8}: NameServer = 208.67.222.222,208.67.220.220O17 - HKLM\System\CS4\Services\Tcpip\..\{05D66F00-CACA-4FA8-8346-8B88B1402BA8}: NameServer = 208.67.222.222,208.67.220.220

Fix w HijackThis.

Jaki powód sprawdzenia logów?

Danyyy
komentarz
komentarz

np w przeglądarce jak wpisuje hasło to mi wraca do loginu i musze sie streszczac,albo na gg gdy otwieram okno to pisze i nagle staje i nie pisze nic chociarz klikam w klawisze. nie wiem czy to od tego ale postanowiłem umiescic logi żeby sprawdzic.

Mateusz J.
komentarz
komentarz

Możesz jeszcze pokazać loga z ComboFix.

Danyyy
komentarz
komentarz

Combo fix :

ComboFix 08-07-30.02 - Łucznik335 2008-07-31 14:31:03.1 - NTFSx86Microsoft Windows XP Home Edition  5.1.2600.2.1250.1.1045.18.3071 [GMT 2:00]Running from: C:\Documents and Settings\Łucznik335\Pulpit\ComboFix.exe * Created a new restore point * Resident AV is active[color=red][b]WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !![/b][/color].(((((((((((((((((((((((((((((((((((((((   Other Deletions   ))))))))))))))))))))))))))))))))))))))))))))))))).C:\WINDOWS\system32\dcbfadecd8_z.dll.(((((((((((((((((((((((((   Files Created from 2008-06-28 to 2008-07-31  ))))))))))))))))))))))))))))))).2008-07-31 13:11 . 2008-07-31 13:11	<DIR>	d--------	C:\Program Files\Trend Micro2008-07-30 20:00 . 2008-07-30 20:00	<DIR>	d--------	C:\Documents and Settings\All Users\Dane aplikacji\Apple Computer2008-07-30 16:34 . 2008-07-30 16:34	<DIR>	d--------	C:\Program Files\Switch Off2008-07-29 15:04 . 2008-04-28 15:53	805,400	-ra------	C:\WINDOWS\system32\tmp361.tmp2008-07-29 15:04 . 2008-04-28 15:53	805,400	-ra------	C:\WINDOWS\system32\tmp360.tmp2008-07-29 00:13 . 2008-07-29 00:14	<DIR>	d--------	C:\WINDOWS\NV37602608.TMP2008-07-29 00:13 . 2008-07-29 00:13	<DIR>	d--------	C:\NVIDIA2008-07-29 00:13 . 2008-05-19 18:16	186,407	--a------	C:\WINDOWS\system32\nvapps.nvb2008-07-28 22:56 . 2008-07-28 23:03	<DIR>	d--------	C:\Program Files\SpeedFan2008-07-28 22:56 . 2008-07-28 22:56	45	--a------	C:\WINDOWS\system32\initdebug.nfo2008-07-28 20:08 . 2008-04-28 15:53	805,400	-ra------	C:\WINDOWS\system32\tmpE7.tmp2008-07-28 20:08 . 2008-04-28 15:53	805,400	-ra------	C:\WINDOWS\system32\tmpE6.tmp2008-07-28 15:13 . 2008-04-28 15:53	805,400	-ra------	C:\WINDOWS\system32\tmp20E.tmp2008-07-28 15:13 . 2008-04-28 15:53	805,400	-ra------	C:\WINDOWS\system32\tmp20D.tmp2008-07-24 12:38 . 2007-01-15 16:48	122,240	--a------	C:\WINDOWS\system32\drivers\Gtm51Irp.sys2008-07-24 12:38 . 2007-01-15 16:48	36,992	--a------	C:\WINDOWS\system32\drivers\gtuqbus.sys2008-07-24 12:38 . 2007-01-15 16:48	17,152	--a------	C:\WINDOWS\system32\drivers\gtffbus.sys2008-07-24 12:38 . 2007-01-15 16:48	8,064	--a------	C:\WINDOWS\system32\drivers\gtptser.sys2008-07-24 12:37 . 2006-03-01 19:53	94,208	--a------	C:\WINDOWS\system32\w32n50.dll2008-07-24 12:37 . 2003-09-23 11:38	34,688	--a------	C:\WINDOWS\system32\pcampr5.sys2008-07-24 12:37 . 2006-03-01 19:53	32,128	--a------	C:\WINDOWS\system32\pcandis5.sys2008-07-24 12:36 . 2008-07-24 14:43	<DIR>	d--------	C:\Program Files\OrangeBS2008-07-24 12:36 . 2008-07-24 14:42	<DIR>	d--------	C:\Program Files\Common Files\France Telecom2008-07-23 12:28 . 2008-07-29 15:06	<DIR>	d--------	C:\Documents and Settings\All Users\Dane aplikacji\Codemasters2008-07-23 12:27 . 2008-07-23 12:27	<DIR>	d--------	C:\Program Files\OpenAL2008-07-23 12:27 . 2008-03-05 15:56	3,786,760	--a------	C:\WINDOWS\system32\D3DX9_37.dll2008-07-23 12:27 . 2008-03-05 15:56	1,420,824	--a------	C:\WINDOWS\system32\D3DCompiler_37.dll2008-07-23 12:27 . 2008-04-28 15:53	805,400	-ra------	C:\WINDOWS\system32\tmpD50.tmp2008-07-23 12:27 . 2008-04-28 15:53	805,400	-ra------	C:\WINDOWS\system32\tmpD4F.tmp2008-07-23 12:27 . 2008-03-05 16:03	479,752	--a------	C:\WINDOWS\system32\XAudio2_0.dll2008-07-23 12:27 . 2008-02-05 23:07	462,864	--a------	C:\WINDOWS\system32\d3dx10_37.dll2008-07-23 12:27 . 2008-07-29 15:04	444,952	--a------	C:\WINDOWS\system32\wrap_oal.dll2008-07-23 12:27 . 2008-03-05 16:03	238,088	--a------	C:\WINDOWS\system32\xactengine3_0.dll2008-07-23 12:27 . 2008-07-29 15:04	109,080	--a------	C:\WINDOWS\system32\OpenAL32.dll2008-07-23 12:27 . 2008-03-05 16:00	25,608	--a------	C:\WINDOWS\system32\X3DAudio1_3.dll2008-07-22 21:55 . 2008-07-22 21:58	1,572	--a------	C:\WINDOWS\system32\tmp.reg2008-07-22 21:54 . 2007-09-06 00:22	289,144	--a------	C:\WINDOWS\system32\VCCLSID.exe2008-07-22 21:54 . 2006-04-27 17:49	288,417	--a------	C:\WINDOWS\system32\SrchSTS.exe2008-07-22 21:54 . 2008-05-29 09:35	86,528	--a------	C:\WINDOWS\system32\VACFix.exe2008-07-22 21:54 . 2008-05-18 21:40	82,944	--a------	C:\WINDOWS\system32\IEDFix.exe2008-07-22 21:54 . 2008-07-02 13:33	82,432	--a------	C:\WINDOWS\system32\IEDFix.C.exe2008-07-22 21:54 . 2008-05-23 18:21	81,920	--a------	C:\WINDOWS\system32\404Fix.exe2008-07-22 21:54 . 2003-06-05 21:13	53,248	--a------	C:\WINDOWS\system32\Process.exe2008-07-22 21:54 . 2004-07-31 18:50	51,200	--a------	C:\WINDOWS\system32\dumphive.exe2008-07-22 21:54 . 2007-10-04 00:36	25,600	--a------	C:\WINDOWS\system32\WS2Fix.exe2008-07-22 21:40 . 2008-07-22 21:40	219,648	--a--c---	C:\WINDOWS\system32\dllcache\uxtheme.dll2008-07-21 20:35 . 2008-07-22 19:51	<DIR>	d--------	C:\Documents and Settings\Łucznik335\Dane aplikacji\Bioshock2008-07-21 17:38 . 2008-07-21 17:38	<DIR>	d--------	C:\Documents and Settings\Łucznik335\Dane aplikacji\InstallShield Installation Information2008-07-21 16:48 . 2008-07-21 16:48	<DIR>	d--------	C:\Program Files\Common Files\LightScribe2008-07-21 16:48 . 2008-07-21 16:48	<DIR>	d--------	C:\Documents and Settings\All Users\Dane aplikacji\LightScribe2008-07-21 16:43 . 2008-07-21 16:43	<DIR>	d--------	C:\Program Files\Nero2008-07-21 16:43 . 2008-07-21 16:43	<DIR>	d--------	C:\Documents and Settings\All Users\Dane aplikacji\Nero2008-07-21 16:40 . 2008-07-21 16:40	278,984	--a------	C:\WINDOWS\system32\drivers\atksgt.sys2008-07-21 16:40 . 2008-07-21 16:40	25,416	--a------	C:\WINDOWS\system32\drivers\lirsgt.sys2008-07-21 13:30 . 2008-07-21 13:35	<DIR>	d--------	C:\Program Files\GordianKnot2008-07-21 12:08 . 2008-07-21 12:08	<DIR>	d--------	C:\Program Files\Aud-X2008-07-20 21:34 . 2008-07-20 21:34	<DIR>	d--------	C:\Program Files\DreamCatcher2008-07-20 20:06 . 2003-03-16 00:15	90,112	--a------	C:\WINDOWS\unvise32.exe2008-07-20 19:19 . 2008-07-20 19:19	<DIR>	d--------	C:\Documents and Settings\Łucznik335\Dane aplikacji\Ashampoo2008-07-20 19:18 . 2008-07-20 19:18	<DIR>	d--------	C:\Documents and Settings\All Users\Dane aplikacji\ashampoo2008-07-20 13:13 . 2008-07-20 13:13	<DIR>	d--------	C:\Program Files\Lavalys2008-07-19 23:36 . 2008-07-30 19:43	69	--a------	C:\WINDOWS\NeroDigital.ini2008-07-19 23:19 . 2008-07-19 23:19	<DIR>	d--------	C:\Documents and Settings\Łucznik335\Dane aplikacji\dvdcss2008-07-19 23:01 . 2008-07-19 23:01	<DIR>	d--------	C:\Program Files\QuickTime2008-07-19 23:01 . 2007-09-17 11:34	45,056	--a------	C:\WINDOWS\system32\WNASPI32.DLL2008-07-19 23:01 . 2007-09-17 11:34	16,512	--a------	C:\WINDOWS\system32\drivers\ASPI32.SYS2008-07-19 23:00 . 2008-07-19 23:00	<DIR>	d--------	C:\Program Files\ImTOO2008-07-19 21:21 . 2008-07-27 10:40	<DIR>	d--------	C:\Fraps2008-07-19 20:25 . 2008-07-19 21:00	<DIR>	d--------	C:\Program Files\CamStudio2008-07-19 14:10 . 2008-07-21 16:46	<DIR>	d--------	C:\Program Files\Common Files\Ahead2008-07-19 14:10 . 2008-07-19 23:03	<DIR>	d--------	C:\Program Files\Ahead2008-07-19 00:35 . 2008-07-19 00:35	23	--a------	C:\WINDOWS\system32\feaaa3_z.ocx2008-07-19 00:34 . 2008-07-19 00:35	<DIR>	d--------	C:\Program Files\jv16 PowerTools 20082008-07-18 23:46 . 2008-07-18 23:46	25,992	--a------	C:\WINDOWS\system32\pgdfgsvc.exe2008-07-18 23:36 . 2008-07-18 23:36	<DIR>	d--------	C:\Program Files\CCleaner2008-07-18 18:01 . 2008-07-18 18:01	<DIR>	d--------	C:\WINDOWS\system32\AGEIA2008-07-18 18:01 . 2008-07-18 18:01	<DIR>	d--------	C:\Program Files\Common Files\Wise Installation Wizard2008-07-18 18:01 . 2008-07-18 18:01	<DIR>	d--------	C:\Program Files\AGEIA Technologies2008-07-18 16:46 . 2008-07-18 20:09	<DIR>	d--------	C:\Program Files\vghd2008-07-18 16:38 . 2008-07-18 16:38	<DIR>	d--------	C:\Program Files\Common Files\Totem Shared2008-07-18 15:34 . 2008-07-18 15:35	<DIR>	d--------	C:\Program Files\SystemRequirementsLab2008-07-18 15:34 . 2008-07-18 15:34	<DIR>	d--------	C:\Documents and Settings\Łucznik335\SystemRequirementsLab2008-07-18 15:34 . 2008-07-18 15:34	<DIR>	d--------	C:\Documents and Settings\Łucznik335\SystemRequirementsLab2008-07-18 14:44 . 2008-07-18 14:44	<DIR>	d--------	C:\Documents and Settings\Łucznik335\Dane aplikacji\AdobeUM2008-07-17 16:55 . 2008-07-18 23:31	<DIR>	d--------	C:\Program Files\Free Download Manager2008-07-17 16:22 . 2008-07-17 16:22	<DIR>	d--------	C:\Program Files\Google2008-07-17 16:22 . 2008-07-17 16:54	<DIR>	d--------	C:\Program Files\FlashGet2008-07-17 15:30 . 2008-07-18 10:08	<DIR>	d--------	C:\Downloads2008-07-17 15:27 . 2008-07-17 16:48	<DIR>	d--------	C:\Program Files\Software Informer2008-07-15 20:33 . 2008-07-15 20:33	<DIR>	d--------	C:\Program Files\Common Files\Adobe2008-07-15 20:31 . 2008-07-16 16:37	992	--a------	C:\WINDOWS\unins000.dat2008-07-15 10:58 . 2008-07-15 12:06	21,840	--a----t-	C:\WINDOWS\system32\SIntfNT.dll2008-07-15 10:58 . 2008-07-15 12:06	17,212	--a----t-	C:\WINDOWS\system32\SIntf32.dll2008-07-15 10:58 . 2008-07-15 12:06	12,067	--a----t-	C:\WINDOWS\system32\SIntf16.dll2008-07-14 23:36 . 2008-07-16 15:42	<DIR>	d--------	C:\Program Files\ASCPCWK2008-07-14 21:37 . 2008-07-14 21:37	<DIR>	d--------	C:\Program Files\TorrentMan2008-07-14 21:37 . 2008-07-14 21:37	<DIR>	d--------	C:\Program Files\Conduit2008-07-14 21:37 . 2008-07-14 21:38	<DIR>	d--------	C:\Program Files\BitLord2008-07-11 19:58 . 2008-07-22 22:53	<DIR>	d--------	C:\Program Files\Common Files\Native Instruments2008-07-11 19:57 . 2008-07-22 22:53	<DIR>	d--------	C:\Program Files\Native Instruments2008-07-10 18:51 . 2008-07-10 18:51	<DIR>	d--------	C:\Program Files\Play2008-07-10 18:51 . 2008-07-10 18:51	<DIR>	d--------	C:\Documents and Settings\Łucznik335\Dane aplikacji\Ponys2008-07-09 15:29 . 2008-07-09 15:29	<DIR>	d--------	C:\Program Files\Juz w szkole klasa 2a2008-07-09 15:29 . 2008-07-09 15:29	<DIR>	d--------	C:\Program Files\Common Files\YDP2008-07-09 15:29 . 1998-10-07 12:54	327,168	--a------	C:\WINDOWS\IsUn0415.exe2008-07-08 23:57 . 2006-03-02 14:00	221,184	--a------	C:\WINDOWS\system32\wmpns.dll2008-07-08 23:55 . 2004-07-17 11:40	19,528	--a------	C:\WINDOWS\[u]0[/u]00001_.tmp2008-07-08 23:33 . 2006-03-02 14:00	219,648	--a------	C:\WINDOWS\system32\uxtheme.tm2008-07-08 22:04 . 2008-07-08 22:33	<DIR>	d--------	C:\Program Files\KM Remote2008-07-08 17:37 . 2008-07-08 17:37	<DIR>	d--------	C:\WINDOWS\system32\pl-PL2008-07-08 17:36 . 2008-07-08 17:37	<DIR>	d--------	C:\WINDOWS\system32\XPSViewer2008-07-08 17:36 . 2008-07-08 17:36	<DIR>	d--------	C:\Program Files\Reference Assemblies2008-07-08 17:36 . 2006-06-29 13:07	14,048	---------	C:\WINDOWS\system32\spmsg2.dll2008-07-08 17:35 . 2008-07-08 17:35	<DIR>	d--------	C:\Program Files\MSXML 6.02008-07-08 14:52 . 2008-07-08 14:52	<DIR>	d--------	C:\Program Files\Plus!2008-07-08 14:52 . 2008-07-09 00:00	2,359,350	--a------	C:\WINDOWS\Topthemes wallpaper.bmp2008-07-08 14:52 . 2008-07-08 14:52	1,129,409	--a------	C:\WINDOWS\system32\New World.scr2008-07-08 14:20 . 2008-07-08 14:20	<DIR>	d--------	C:\cda2008-07-08 11:55 . 2008-07-08 11:55	<DIR>	dr-h-----	C:\Documents and Settings\Łucznik335\Dane aplikacji\SecuROM2008-07-08 11:03 . 2008-07-27 21:13	<DIR>	d--------	C:\WINDOWS\system32\LogFiles2008-07-08 11:03 . 2008-07-08 11:03	669,184	--a------	C:\WINDOWS\system32\pbsvc.exe2008-07-08 11:03 . 2008-07-08 11:03	103,736	--a------	C:\WINDOWS\system32\PnkBstrB.exe2008-07-08 11:03 . 2008-07-08 11:03	103,736	--a------	C:\Documents and Settings\Łucznik335\Dane aplikacji\PnkBstrB.exe2008-07-08 11:03 . 2008-07-08 11:03	66,872	--a------	C:\WINDOWS\system32\PnkBstrA.exe2008-07-06 21:10 . 2008-07-06 21:10	<DIR>	d--------	C:\Program Files\Ubisoft.((((((((((((((((((((((((((((((((((((((((   Find3M Report   )))))))))))))))))))))))))))))))))))))))))))))))))))).2008-07-22 19:40	219,648	----a-w	C:\WINDOWS\system32\uxtheme.dll2008-07-19 12:10	---------	d-----w	C:\Documents and Settings\All Users\Dane aplikacji\Ahead2008-06-27 14:13	---------	d-----w	C:\Documents and Settings\Łucznik335\Dane aplikacji\Ahead2008-06-27 11:59	715,248	----a-w	C:\WINDOWS\system32\drivers\sptd.sys2008-06-27 11:59	---------	d-----w	C:\Documents and Settings\Łucznik335\Dane aplikacji\Gadu-Gadu2008-06-27 11:28	---------	d-----w	C:\Documents and Settings\Łucznik335\Dane aplikacji\Media Player Classic2008-06-27 11:24	---------	d-----w	C:\Documents and Settings\Łucznik335\Dane aplikacji\Winamp2008-06-27 11:01	---------	d-----w	C:\Program Files\ESET2008-06-27 11:01	---------	d-----w	C:\Documents and Settings\All Users\Dane aplikacji\ESET2008-06-27 09:58	---------	d-----w	C:\Program Files\microsoft frontpage2008-06-27 09:57	---------	d-----w	C:\Program Files\Usługi online2008-05-16 09:48	446,464	----a-w	C:\WINDOWS\system32\NVUNINST.EXE.(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))..*Note* empty entries & legit default entries are not shown REGEDIT4[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]"{7c5c0f58-e061-457d-9033-77307f5ed00c}"= "C:\Program Files\TorrentMan\tbTorr.dll" [2008-05-21 00:43 1526296][HKEY_CLASSES_ROOT\clsid\{7c5c0f58-e061-457d-9033-77307f5ed00c}][HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{7c5c0f58-e061-457d-9033-77307f5ed00c}]2008-05-21 00:43	1526296	--a------	C:\Program Files\TorrentMan\tbTorr.dll[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]"{7c5c0f58-e061-457d-9033-77307f5ed00c}"= "C:\Program Files\TorrentMan\tbTorr.dll" [2008-05-21 00:43 1526296][HKEY_CLASSES_ROOT\clsid\{7c5c0f58-e061-457d-9033-77307f5ed00c}][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]"{7C5C0F58-E061-457D-9033-77307F5ED00C}"= "C:\Program Files\TorrentMan\tbTorr.dll" [2008-05-21 00:43 1526296][HKEY_CLASSES_ROOT\clsid\{7c5c0f58-e061-457d-9033-77307f5ed00c}][HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2006-03-02 14:00 15360][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2008-05-16 14:01 13529088]"nTrayFw"="C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nTrayFw.exe" [2006-02-17 10:40 270336]"JMB36X IDE Setup"="C:\WINDOWS\JM\JMInsIDE.exe" [2006-10-30 14:44 36864]"JMB36X Configure"="C:\WINDOWS\system32\JMRaidSetup.exe" [2006-10-30 14:44 1953792]"egui"="C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" [2008-02-20 11:06 1443072]"AsusStartupHelp"="C:\Program Files\ASUS\AASP\1.00.17\AsRunHelp.exe" [2006-11-14 08:25 363008]"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2008-05-16 14:01 86016]"SkyTel"="SkyTel.EXE" [2006-05-16 12:04 2879488 C:\WINDOWS\SkyTel.exe]"RTHDCPL"="RTHDCPL.EXE" [2006-11-14 11:21 16270848 C:\WINDOWS\RTHDCPL.exe]"nwiz"="nwiz.exe" [2008-05-16 14:01 1630208 C:\WINDOWS\system32\nwiz.exe][HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2006-03-02 14:00 15360][HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]"msacm.audxacm"= audxacm.acm"msacm.ac3acm4audx"= AC3ACM4AUDX.acm[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^Adobe Reader Speed Launch.lnk]path=C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Adobe Reader Speed Launch.lnkbackup=C:\WINDOWS\pss\Adobe Reader Speed Launch.lnkCommon Startup[HKLM\~\startupfolder\C:^Documents and Settings^Łucznik335^Menu Start^Programy^Autostart^MagicDisc.lnk]path=C:\Documents and Settings\Łucznik335\Menu Start\Programy\Autostart\MagicDisc.lnkbackup=C:\WINDOWS\pss\MagicDisc.lnkStartupHKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TXP[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BEWINTERNET-PLSessionManager]--a------ 2007-07-24 19:03 102400 C:\Program Files\OrangeBS\BEWInternet-PL\SessionManager\SessionManager.exe[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]--a------ 2007-06-01 10:21 153136 C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]--a------ 2006-03-02 14:00 15360 C:\WINDOWS\system32\ctfmon.exe[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]--a------ 2006-10-27 00:47 31016 C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]--a------ 2007-03-01 15:57 153136 C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite]-ra------ 2006-11-24 01:06 487424 C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]--a------ 2007-09-25 01:11 132496 C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]--a------ 2008-05-16 14:01 1630208 C:\WINDOWS\system32\nwiz.exe[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]"%windir%\\system32\\sessmgr.exe"="C:\\Program Files\\NVIDIA Corporation\\NetworkAccessManager\\Apache Group\\Apache2\\bin\\Apache.exe"="C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"="C:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"="C:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"="D:\\Microsoft Games\\Gears of War\\Binaries\\WarGame-G4WLive.exe"="D:\\Ubisoft\\Assassin's Creed\\AssassinsCreed_Dx9.exe"="D:\\Ubisoft\\Assassin's Creed\\AssassinsCreed_Dx10.exe"="D:\\Ubisoft\\Assassin's Creed\\AssassinsCreed_Launcher.exe"="D:\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\BearShare\\BearShare.exe"="D:\\Electronic Arts\\Crytek\\Crysis\\Bin32\\Crysis.exe"="D:\\Electronic Arts\\Crytek\\Crysis\\Bin32\\CrysisDedicatedServer.exe"="C:\\WINDOWS\\system32\\PnkBstrA.exe"="C:\\WINDOWS\\system32\\PnkBstrB.exe"="D:\\Gadu-Gadu\\gg.exe"="E:\\Gadu-Gadu\\gg.exe"="C:\\Program Files\\BitLord\\BitLord.exe"="D:\\Electronic Arts\\Medal of Honor Airborne\\UnrealEngine3\\Binaries\\MOHA.exe"="D:\\Ubisoft\\Tom Clancy's Rainbow Six Vegas\\Binaries\\R6Vegas_Game.exe"="C:\\Program Files\\OrangeBS\\BEWInternet-PL\\Connectivity\\ConnectivityManager.exe"="D:\\Ubisoft\\Tom Clancy?s Rainbow Six Vegas 2\\Binaries\\R6Vegas2_Game.exe"="D:\\Ubisoft\\Tom Clancy?s Rainbow Six Vegas 2\\Binaries\\R6Vegas2_Launcher.exe"="E:\\Codemasters\\GRID\\GRID.exe"=R1 epfwtdir;epfwtdir;C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2008-02-20 11:11]S2 NOD32FiXTemDono;Eset Nod32 Boot;C:\WINDOWS\system32\regedt32.exe [2006-03-02 14:00]S3 GTFFBUS;GT FF BUS;C:\WINDOWS\system32\DRIVERS\gtffbus.sys [2007-01-15 16:48]S3 GTMNDISIRPXP;GT M 3G+ IRP NDIS;C:\WINDOWS\system32\DRIVERS\Gtm51Irp.sys [2007-01-15 16:48]S3 GTPTSER;GT PT SER;C:\WINDOWS\system32\DRIVERS\gtptser.sys [2007-01-15 16:48]S3 GTUQBUS;GT UQ BUS;C:\WINDOWS\system32\DRIVERS\gtuqbus.sys [2007-01-15 16:48]*Newly Created Service* - CATCHME*Newly Created Service* - PROCEXP90[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]"C:\Program Files\Common Files\LightScribe\LSRunOnce.exe".Contents of the 'Scheduled Tasks' folder2008-07-26 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job- C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2007-08-29 14:57]..------- Supplementary Scan -------.FireFox -: Profile - C:\Documents and Settings\Łucznik335\Dane aplikacji\Mozilla\Firefox\Profiles\pu4kbnsg.default\**************************************************************************catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.netRootkit scan 2008-07-31 14:32:01Windows 5.1.2600 Dodatek Service Pack 2 NTFSscanning hidden processes ... scanning hidden autostart entries ...scanning hidden files ... scan completed successfullyhidden files: 0**************************************************************************.Completion time: 2008-07-31 14:32:26ComboFix-quarantined-files.txt  2008-07-31 12:32:24Pre-Run: 48,349,511,680 bajtów wolnychPost-Run: 48,427,524,096 bajtów wolnych271

antywirus wykrywa mi 2 pliki w katalogu C:\Documents and Settings\Lucznik335\Ustawienia lokalne\temp av-test.txt i Toolbar.exe problem w tym że nie ma tam takich plików. mozna cos z tym zrobic?

Mateusz J.
komentarz
komentarz

1.

2008-07-29 15:04 . 2008-04-28 15:53 805,400 -ra------ C:\WINDOWS\system32\tmp361.tmp2008-07-29 15:04 . 2008-04-28 15:53 805,400 -ra------ C:\WINDOWS\system32\tmp360.tmp2008-07-28 20:08 . 2008-04-28 15:53 805,400 -ra------ C:\WINDOWS\system32\tmpE7.tmp2008-07-28 20:08 . 2008-04-28 15:53 805,400 -ra------ C:\WINDOWS\system32\tmpE6.tmp2008-07-28 15:13 . 2008-04-28 15:53 805,400 -ra------ C:\WINDOWS\system32\tmp20E.tmp2008-07-28 15:13 . 2008-04-28 15:53 805,400 -ra------ C:\WINDOWS\system32\tmp20D.tmp2008-07-23 12:27 . 2008-04-28 15:53 805,400 -ra------ C:\WINDOWS\system32\tmpD50.tmp2008-07-23 12:27 . 2008-04-28 15:53 805,400 -ra------ C:\WINDOWS\system32\tmpD4F.tmp

Te pliki nie potrzebnie zajmują miejsce na Twoim dysku, możesz je usunąć.

2.

2008-07-22 21:55 . 2008-07-22 21:58 1,572 --a------ C:\WINDOWS\system32\tmp.reg2008-07-22 21:54 . 2007-09-06 00:22 289,144 --a------ C:\WINDOWS\system32\VCCLSID.exe2008-07-22 21:54 . 2006-04-27 17:49 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe2008-07-22 21:54 . 2008-05-29 09:35 86,528 --a------ C:\WINDOWS\system32\VACFix.exe2008-07-22 21:54 . 2008-05-18 21:40 82,944 --a------ C:\WINDOWS\system32\IEDFix.exe2008-07-22 21:54 . 2008-07-02 13:33 82,432 --a------ C:\WINDOWS\system32\IEDFix.C.exe2008-07-22 21:54 . 2008-05-23 18:21 81,920 --a------ C:\WINDOWS\system32\404Fix.exe2008-07-22 21:54 . 2003-06-05 21:13 53,248 --a------ C:\WINDOWS\system32\Process.exe2008-07-22 21:54 . 2004-07-31 18:50 51,200 --a------ C:\WINDOWS\system32\dumphive.exe2008-07-22 21:54 . 2007-10-04 00:36 25,600 --a------ C:\WINDOWS\system32\WS2Fix.exe

A to pozostałości po SmitfraudFixa, usuń je ręcznie z dysku.

3.

antywirus wykrywa mi 2 pliki w katalogu C:\Documents and Settings\Lucznik335\Ustawienia lokalne\temp av-test.txt i Toolbar.exe problem w tym że nie ma tam takich plików. mozna cos z tym zrobic?

Włączasz opcje pokaż ukryte pliki i foldery.

Następnie usuwasz całą zawartość folderu C:\Documents and Settings\Lucznik335\Ustawienia lokalne\temp

Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!

Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.

×
×
  • Dodaj nową pozycję...

Powiadomienie o plikach cookie

Strona wykorzystuje pliki cookies w celu prawidłowego świadczenia usług i wygody użytkowników. Warunki przechowywania i dostępu do plików cookies możesz zmienić w ustawieniach przeglądarki.