x-kom hosting

sprawdzenie loga

cdplayer
utworzono
utworzono

Prosze o sprawdzenie loga

Logfile of Trend Micro HijackThis v2.0.2Scan saved at 22:03:41, on 2008-08-06Platform: Windows Vista  (WinNT 6.00.1904)MSIE: Internet Explorer v7.00 (7.00.6000.16681)Boot mode: NormalRunning processes:C:\Windows\system32\Dwm.exeC:\Windows\Explorer.EXEC:\Windows\system32\taskeng.exeC:\Program Files\Windows Defender\MSASCui.exeC:\Windows\RtHDVCpl.exeC:\Program Files\TP-LINK\TWCU\TWCU.exeC:\Program Files\Alwil Software\Avast4\ashDisp.exeC:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exeC:\Program Files\Java\jre1.6.0_07\bin\jusched.exeC:\Program Files\Windows Sidebar\sidebar.exeC:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exeC:\Program Files\DAEMON Tools Lite\daemon.exeC:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exeC:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exeC:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exeC:\Users\ROGOWSCY\Program Files\DNA\btdna.exeC:\Program Files\Spybot - Search & Destroy\TeaTimer.exeC:\Windows\System32\mobsync.exeC:\Program Files\PC Connectivity Solution\Transports\NclIrSrv.exeC:\Program Files\Common Files\Nokia\MPAPI\MPAPI3s.exeC:\Program Files\Common Files\Teleca Shared\Generic.exeC:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exeC:\Windows\system32\wuauclt.exeC:\Windows\system32\conime.exeC:\Program Files\Internet Explorer\ieuser.exeC:\Program Files\Windows Media Player\WMPNSCFG.exeC:\Program Files\Spybot - Search & Destroy\SpybotSD.exeC:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exeC:\Program Files\Internet Explorer\iexplore.exeC:\Windows\system32\Macromed\Flash\FlashUtil9d.exeC:\Program Files\Trend Micro\HijackThis\HijackThis.exeC:\Windows\system32\SearchFilterHost.exeR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhostO2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dllO2 - BHO: My Global Search Bar BHO - {37B85A21-692B-4205-9CAD-2626E4993404} - C:\Program Files\MyGlobalSearch\bar\1.bin\MGSBAR.DLLO2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dllO2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dllO2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)O2 - BHO: Pomocnik rejestracji usługi Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllO2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dllO3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dllO3 - Toolbar: My Global Search Bar - {37B85A29-692B-4205-9CAD-2626E4993404} - C:\Program Files\MyGlobalSearch\bar\1.bin\MGSBAR.DLLO4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hideO4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exeO4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exeO4 - HKLM\..\Run: [TWCU] "C:\Program Files\TP-LINK\TWCU\TWCU.exe" -noguiO4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exeO4 - HKLM\..\Run: [sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptionsO4 - HKLM\..\Run: [bearShare] "C:\Program Files\BearShare\BearShare.exe" /pauseO4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRunO4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenterO4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorunO4 - HKCU\..\Run: [Nokia.PCSync] "C:\Program Files\Nokia\Nokia PC Suite 6\PCSync2.exe" /NoDialogO4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe" -onlytrayO4 - HKCU\..\Run: [bitTorrent DNA] "C:\Users\ROGOWSCY\Program Files\DNA\btdna.exe"O4 - HKCU\..\Run: [Gadu-Gadu] "C:\Program Files\Gadu-Gadu\gg.exe" /trayO4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exeO4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'USŁUGA LOKALNA')O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'USŁUGA LOKALNA')O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'USŁUGA SIECIOWA')O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXEO8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htmO8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~2.0_0\bin\ssv.dllO9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~2.0_0\bin\ssv.dllO9 - Extra button: Wpis w blogu - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dllO9 - Extra 'Tools' menuitem: &Wpis w blogu w Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dllO9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLLO9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dllO9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dllO13 - Gopher Prefix: O16 - DPF: {3D8700FB-86A4-4CB4-B738-6F0FC016AC7D} (MainControl Class) - http://arcaonline.arcabit.com/ArcaOnline.cabO16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - http://www.eset.eu/buxus/docs/OnlineScanner.cabO16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} (MksSkanerOnline Class) - http://www.mks.com.pl/skaner/SkanerOnline.cabO16 - DPF: {92ECE6FA-AC2E-4042-BFAE-0C8608E52A43} (SignActivX Control) - https://www.bph.pl/sezam/components/SignActivX.cabO23 - Service: TP-LINK Configuration Service (ACS) - Unknown owner - C:\Windows\system32\acs.exeO23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exeO23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exeO23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exeO23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exeO23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exeO23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exeO23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exeO23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exeO23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe--End of file - 8726 bytes

snip91
komentarz
komentarz
O2 - BHO: My Global Search Bar BHO - {37B85A21-692B-4205-9CAD-2626E4993404} - C:\Program Files\MyGlobalSearch\bar\1.bin\MGSBAR.DLLO2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)O3 - Toolbar: My Global Search Bar - {37B85A29-692B-4205-9CAD-2626E4993404} - C:\Program Files\MyGlobalSearch\bar\1.bin\MGSBAR.DLL

FIX

C:\Program Files\MyGlobalSearch

Folder usuń ręcznie.

Dodaj log z ComboFix.

cdplayer
komentarz
komentarz

Gdy chce usunąć folder pisze że: Musisz mieć uprawnienia do wykonania tej operacji. Ja zapewniam ze to moj komp :). Może trzeba jakoś usunąć to programem??

A te logi to zaznaczam klikam Fix checked ale póżniej jak znów skanuje to dalej są te wpisy.

A ComboFix pisze ze nie jest kompatybilne z Windows Vista.

Mateusz J.
komentarz
komentarz
A ComboFix pisze ze nie jest kompatybilne z Windows Vista.

Więc daj log z DDS:

Opis pod CobmoFix.

Gdy chce usunąć folder pisze że: Musisz mieć uprawnienia do wykonania tej operacji. Ja zapewniam ze to moj komp smile.gif. Może trzeba jakoś usunąć to programem??

Jesteś zalogowany na koncie administratora?

Jeśli tak, to spróbuj w Trybie Awaryjnym.

cdplayer
komentarz
komentarz

Rzeczywiscie w Trybie Awaryjnym mogłem usunąć folder bez najmniejszych problemów. Teraz tylko nie moge wybrac odpowiedniej tapety na pulpi( po włączeniu trybu awaryjnego kolor pulpitu był czarny teraz tylko moge zmienic kolory).Tak jakby został zlikwidowany podgląd do wszystkich obrazów.

Logi z pliku main.txt ??

Mateusz J.
komentarz
komentarz
Logi z pliku main.txt ??

Tak.

cdplayer
komentarz
komentarz
Deckard's System Scanner v20071014.68Run by ROGOWSCY on 2008-08-08 10:33:14Computer is in Normal Mode.---------------------------------------------------------------------------------- HijackThis (run as ROGOWSCY.exe) --------------------------------------------Logfile of Trend Micro HijackThis v2.0.2Scan saved at 10:33:24, on 2008-08-08Platform: Windows Vista  (WinNT 6.00.1904)MSIE: Internet Explorer v7.00 (7.00.6000.16681)Boot mode: NormalRunning processes:C:\Windows\system32\Dwm.exeC:\Windows\Explorer.EXEC:\Windows\system32\taskeng.exeC:\Program Files\Windows Defender\MSASCui.exeC:\Windows\RtHDVCpl.exeC:\Program Files\TP-LINK\TWCU\TWCU.exeC:\Program Files\Alwil Software\Avast4\ashDisp.exeC:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exeC:\Program Files\Java\jre1.6.0_07\bin\jusched.exeC:\Program Files\Common Files\Teleca Shared\Generic.exeC:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exeC:\Windows\system32\conime.exeC:\Windows\system32\wuauclt.exeC:\Program Files\Internet Explorer\ieuser.exeC:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exeC:\Windows\system32\Macromed\Flash\FlashUtil9d.exeC:\Users\ROGOWSCY\Desktop\dss.exeC:\PROGRA~1\TRENDM~1\HIJACK~1\ROGOWSCY.exeR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = O1 - Hosts: ::1 localhostO2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dllO2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dllO2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dllO2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)O2 - BHO: Pomocnik rejestracji usługi Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllO2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dllO3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dllO3 - Toolbar: (no name) - {37B85A29-692B-4205-9CAD-2626E4993404} - (no file)O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hideO4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exeO4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exeO4 - HKLM\..\Run: [TWCU] "C:\Program Files\TP-LINK\TWCU\TWCU.exe" -noguiO4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exeO4 - HKLM\..\Run: [sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptionsO4 - HKLM\..\Run: [bearShare] "C:\Program Files\BearShare\BearShare.exe" /pauseO4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"O4 - HKCU\..\Run: [Gadu-Gadu] "C:\Program Files\Gadu-Gadu\gg.exe" /trayO4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'USŁUGA LOKALNA')O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'USŁUGA LOKALNA')O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'USŁUGA SIECIOWA')O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXEO9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~2.0_0\bin\ssv.dllO9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~2.0_0\bin\ssv.dllO9 - Extra button: Wpis w blogu - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dllO9 - Extra 'Tools' menuitem: &Wpis w blogu w Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dllO9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLLO9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dllO9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dllO13 - Gopher Prefix: O16 - DPF: {3D8700FB-86A4-4CB4-B738-6F0FC016AC7D} (MainControl Class) - http://arcaonline.arcabit.com/ArcaOnline.cabO16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - http://www.eset.eu/buxus/docs/OnlineScanner.cabO16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} (MksSkanerOnline Class) - http://www.mks.com.pl/skaner/SkanerOnline.cabO16 - DPF: {92ECE6FA-AC2E-4042-BFAE-0C8608E52A43} (SignActivX Control) - https://www.bph.pl/sezam/components/SignActivX.cabO23 - Service: TP-LINK Configuration Service (ACS) - Unknown owner - C:\Windows\system32\acs.exeO23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exeO23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exeO23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exeO23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exeO23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exeO23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exeO23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exeO23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exeO23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe--End of file - 6527 bytes-- Files created between 2008-07-08 and 2008-08-08 -----------------------------2008-08-07 17:55:29         0 d-------- C:\327882R2FWJFW2008-08-06 21:55:04         0 d-------- C:\Program Files\Trend Micro2008-08-06 19:29:56         0 d-------- C:\Users\All Users\Spybot - Search & Destroy2008-08-03 19:16:03         0 d-------- C:\Users\All Users\SimCity Societies2008-08-03 18:58:44     20400 --a------ C:\Windows\system32\drivers\entech.sys <Not Verified; EnTech Taiwan; PowerStrip>2008-08-02 21:49:40    164352 --a------ C:\Windows\system32\unrar.dll2008-08-02 21:49:38    217088 --a------ C:\Windows\system32\yv12vfw.dll <Not Verified; www.helixcommunity.org; Helix YV12 YUV Codec>2008-08-02 21:49:37    159839 --a------ C:\Windows\system32\xvidvfw.dll2008-08-02 21:49:37    755027 --a------ C:\Windows\system32\xvidcore.dll2008-08-02 21:49:37   3596288 --a------ C:\Windows\system32\qt-dx331.dll2008-08-02 21:49:37     81920 --a------ C:\Windows\system32\dpl100.dll <Not Verified; DivX, Inc.; DivX, Inc. dpl100>2008-08-02 21:49:36      7680 --a------ C:\Windows\system32\ff_vfw.dll2008-08-02 21:49:36    683520 --a------ C:\Windows\system32\divx.dll <Not Verified; DivX, Inc.; DivX®>2008-08-02 21:49:34         0 d-------- C:\Program Files\K-Lite Codec Pack2008-08-02 21:41:14         0 d-------- C:\Program Files\MarBit2008-07-27 17:02:13    151552 --a------ C:\Windows\system32\MSOSS.DLL <Not Verified; Microsoft Corporation; Microsoft® Windows NT® Operating System>2008-07-18 12:54:03         0 d-------- C:\Program Files\SkanerOnline2008-07-16 18:57:08         0 d-------- C:\Users\All Users\Codemasters2008-07-16 18:56:03         0 d-------- C:\Program Files\OpenAL2008-07-14 21:00:35         0 d-------- C:\Program Files\uTorrent2008-07-12 21:50:44         0 d-------- C:\Program Files\PhotoFiltre-- Find3M Report ---------------------------------------------------------------2008-08-07 17:08:50         0 d-------- C:\Users\ROGOWSCY\AppData\Roaming\teamspeak22008-08-06 22:02:08         0 d-------- C:\Users\ROGOWSCY\AppData\Roaming\DNA2008-08-06 12:56:34    582038 --a------ C:\Windows\system32\perfh015.dat2008-08-06 12:56:33    103732 --a------ C:\Windows\system32\perfc015.dat2008-08-05 22:59:27         0 d-------- C:\Users\ROGOWSCY\AppData\Roaming\uTorrent2008-07-30 17:31:06         0 d--h----- C:\Program Files\InstallShield Installation Information2008-07-30 11:04:03         0 d-------- C:\Program Files\cFosSpeed2008-07-27 17:01:36         0 d-------- C:\Program Files\Common Files\InstallShield2008-07-11 16:31:23         0 d-------- C:\Program Files\Java2008-07-10 10:02:15       174 --ahs---- C:\Program Files\desktop.ini2008-07-10 09:53:31         0 d-------- C:\Program Files\Windows Mail2008-06-29 14:25:08         0 d-------- C:\Users\ROGOWSCY\AppData\Roaming\BitTorrent2008-06-29 14:15:22         0 d-------- C:\Program Files\DNA2008-06-28 15:07:56         0 d-------- C:\Users\ROGOWSCY\AppData\Roaming\Hamachi2008-06-27 15:45:26         0 d-------- C:\Users\ROGOWSCY\AppData\Roaming\PC Suite2008-06-27 15:45:10         0 d-------- C:\Users\ROGOWSCY\AppData\Roaming\Nokia2008-06-27 10:09:10         0 d-------- C:\Program Files\Gadu-Gadu2008-06-26 20:22:39         0 d-------- C:\Users\ROGOWSCY\AppData\Roaming\Gadu-Gadu2008-06-19 14:21:50         0 d-------- C:\Program Files\Sun2008-06-19 14:18:04         0 d-------- C:\Program Files\Common Files2008-06-19 14:18:04         0 d-------- C:\Program Files\Common Files\Java2008-06-19 14:15:36         0 d-------- C:\Program Files\Opera2008-06-18 14:12:59         0 d-------- C:\Program Files\MSXML 4.02008-06-15 13:23:42         0 d-------- C:\Program Files\ATI Technologies-- Registry Dump ---------------------------------------------------------------*Note* empty entries & legit default entries are not shown[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [2008-03-18 17:42]"RtHDVCpl"="RtHDVCpl.exe" [2007-07-06 05:06 C:\Windows\RtHDVCpl.exe]"NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-05-04 11:59]"TWCU"="C:\Program Files\TP-LINK\TWCU\TWCU.exe" [2005-08-09 08:42]"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2008-03-29 19:37]"Sony Ericsson PC Suite"="C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" [2007-06-13 08:16]"BearShare"="C:\Program Files\BearShare\BearShare.exe" []"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 04:27][HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"Gadu-Gadu"="C:\Program Files\Gadu-Gadu\gg.exe" [2008-03-20 12:04]C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE [1999-02-17 21:20:56][HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]"ConsentPromptBehaviorAdmin"=2 (0x2)[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]"DisableRegistryTools"=0 (0x0)[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo]@="Service"[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso]@="Service"[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS]@="Service"[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc]@="Service"[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr]@="Service"[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV]@="Service"[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService]@="Service"[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS]@="Service"[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller]@="Service"[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\VDS]@="Service"[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys]@="Driver"[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys]@="Driver"[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]@="Volume shadow copy"[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]@="IEEE 1394 Bus host controllers"[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]@="SBP2 IEEE 1394 Devices"[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]@="SecurityDevices"[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]LocalSystemNetworkRestricted	hidserv UxSms WdiSystemHost Netman trkwks AudioEndpointBuilder WUDFSvc irmon sysmain IPBusEnum dot3svc PcaSvc EMDMgmt TabletInputService wlansvc WPDBusEnum[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{31721498-1dd2-11dd-b592-001a4d90472b}]AutoRun\command- I:\setup.exe[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]C:\Windows\system32\unregmp2.exe /ShowWMP[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]%SystemRoot%\system32\unregmp2.exe /FirstLogon /Shortcuts /RegBrowsers /ResetMUI-- End of Deckard's System Scanner: finished at 2008-08-08 10:35:16 ------------

Ps. jak sie wstawia logi w tag code??

Mateusz J.
komentarz
komentarz

Regulamin Działu Bezp.:

Sporządzone logi z programów, należy stawiać w tagi: [*codebox]Tutaj umieść log[*/codebox]. Usuwamy w poście gwiazdki (*).

Usuń folder: C:\327882R2FWJFW

Ogólnie czysto.

Jaki powód sprawdzania logów?

cdplayer
komentarz
komentarz

Powodem sprawdzania logow była obawa przed posiadaniem keylogera.

A sprawa z pulpitem? Miałem pewną tapete ustawioną a po wejsciu w tryb awaryjny i po pozniejszym wejsciu w tryb normalny tapeta załadowała sie na moment przy włączeniu windowsa ale kiedy zaczeły się pojawiać ikonki zrobił sie czarny pulpit. Moge tylko zmienic co najwyzej kolor całego pulpitu( może ono być np. całe zielone albo całe niebieskie ale juz normalnej tapety nie moge ustawic.)

Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!

Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.

×
×
  • Dodaj nową pozycję...

Powiadomienie o plikach cookie

Strona wykorzystuje pliki cookies w celu prawidłowego świadczenia usług i wygody użytkowników. Warunki przechowywania i dostępu do plików cookies możesz zmienić w ustawieniach przeglądarki.