x-kom hosting

LOG

nec170v
utworzono
utworzono

Prośba o spr. loga :) i skasowanie totalnie nie potrzebnych rzeczy

Logfile of Trend Micro HijackThis v2.0.2Scan saved at 20:46:37, on 2008-09-11Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.20583)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\system32\RUNDLL32.EXEC:\Program Files\Multimedia Keyboard Driver\PS2USBKbdDrv.exeC:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exeC:\Program Files\Google\Google Desktop Search\GoogleDesktop.exeC:\WINDOWS\system32\ctfmon.exeC:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exeC:\Program Files\Google\Google Desktop Search\GoogleDesktop.exeC:\Program Files\Google\Google Desktop Search\GoogleDesktop.exeC:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exeC:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exeC:\Program Files\Bonjour\mDNSResponder.exeC:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exeC:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exeC:\WINDOWS\system32\nvsvc32.exeC:\WINDOWS\system32\HPZipm12.exeC:\Program Files\Common Files\Protexis\License Service\PsiService_2.exeC:\WINDOWS\system32\svchost.exeC:\Program Files\Common Files\Nero\Lib\NMIndexingService.exeC:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exeC:\Program Files\Mozilla Firefox\firefox.exeC:\Program Files\Trend Micro\HijackThis\HijackThis.exeR0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=74005R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = socks=R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dllO2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLLO2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dllO4 - HKLM\..\Run: [HP Software Update] rem C:\Program Files\HP\HP Software Update\HPWuSchd2.exeO4 - HKLM\..\Run: [WireLessKeyboard] C:\Program Files\Multimedia Keyboard Driver\StartAutorun.exe PS2USBKbdDrv.exeO4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exeO4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartupO4 - HKLM\..\Run: [nwiz] nwiz.exe /installO4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInitO4 - HKLM\..\Run: [AppleSyncNotifier] rem C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exeO4 - HKLM\..\Run: [QuickTime Task] rem "C:\Program Files\QuickTime Alternative\QTTask.exe" -atboottimeO4 - HKLM\..\Run: [iTunesHelper] rem "C:\Program Files\iTunes\iTunesHelper.exe"O4 - HKLM\..\Run: [sunJavaUpdateSched] rem "C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe"O4 - HKLM\..\Run: [RivaTunerStartupDaemon] rem "C:\Program Files\RivaTuner v2.09\RivaTuner.exe" /SO4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe"O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startupO4 - HKLM\..\Run: [GrooveMonitor] rem "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Real Alternative\Update_OB\realsched.exe"  -osbootO4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exeO4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe"O4 - HKCU\..\Run: [DAEMON Tools Lite] rem "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorunO4 - HKCU\..\Run: [uniblue RegistryBooster 2009] C:\Program Files\Uniblue\RegistryBooster\RegistryBooster.exe /SO4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA LOKALNA')O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'USŁUGA LOKALNA')O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA SIECIOWA')O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'USŁUGA SIECIOWA')O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM')O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')O8 - Extra context menu item: Dodaj do listy blokowanych banerów - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htmO8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dllO9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dllO9 - Extra button: Statystyki ochrony WWW - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\SCIEPlgn.dllO9 - Extra button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dllO9 - Extra 'Tools' menuitem: Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dllO9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLLO17 - HKLM\System\CCS\Services\Tcpip\..\{A076C97D-B4A8-44FD-9851-59F38F5B78FF}: NameServer = 208.67.222.222,208.67.220.220O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLLO20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLLO23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exeO23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exeO23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exeO23 - Service: Indexing Service (CiSvc) - Unknown owner - C:\WINDOWS\system32\cisvc.exe (file missing)O23 - Service: Menedżer Google Desktop 5.7.806.10245 (GoogleDesktopManager-061008-081103) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exeO23 - Service: Usługa iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exeO23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exeO23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exeO23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exeO23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exeO23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exeO23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe--End of file - 8426 bytes
ComboFix 08-09-10.04 - Administrator 2008-09-11 20:53:53.5 - NTFSx86Microsoft Windows XP Professional  5.1.2600.2.1250.1.1045.18.1097 [GMT 2:00]Uruchomiony z: C:\Documents and Settings\Administrator\Pulpit\ComboFix.exe * Utworzono nowy punkt przywracania[b]UWAGA - TEN KOMPUTER NIE MA ZAINSTALOWANEJ KONSOLI ODZYSKIWANIA !![/b].(((((((((((((((((((((((((   Pliki utworzone od 2008-08-11 do 2008-09-11  ))))))))))))))))))))))))))))))).2008-09-09 14:14 . 2001-08-18 06:36	8,704	--a------	C:\WINDOWS\system32\kbdjpn.dll2008-09-09 14:14 . 2001-08-18 06:36	8,704	--a------	C:\WINDOWS\system32\dllcache\kbdjpn.dll2008-09-09 14:14 . 2001-08-18 06:36	8,192	--a------	C:\WINDOWS\system32\kbdkor.dll2008-09-09 14:14 . 2001-08-18 06:36	8,192	--a------	C:\WINDOWS\system32\dllcache\kbdkor.dll2008-09-07 21:57 . 2008-09-07 21:57	<DIR>	d--------	C:\Documents and Settings\Administrator\Dane aplikacji\Thinstall2008-09-07 21:52 . 2008-09-07 21:52	<DIR>	d--------	C:\Documents and Settings\Administrator\Dane aplikacji\Uniblue2008-09-05 13:04 . 2008-09-05 13:04	<DIR>	d--hs----	C:\WINDOWS\ftpcache2008-09-02 21:58 . 2008-09-02 21:58	<DIR>	d--------	C:\Program Files\SubEdit-Player2008-09-01 17:39 . 2008-09-03 14:49	<DIR>	d--------	C:\Program Files\IDoser v42008-08-31 09:19 . 2008-08-31 09:19	<DIR>	d--------	C:\WINDOWS\system32\Adobe2008-08-29 17:32 . 2008-08-29 17:32	40	--ah-----	C:\WINDOWS\system32\ivireg.ivr2008-08-29 15:16 . 2008-08-29 15:16	38	--a------	C:\WINDOWS\pbMv.INI2008-08-29 14:55 . 2008-08-29 14:59	<DIR>	d--------	C:\Documents and Settings\Administrator\Dane aplikacji\Corel2008-08-29 14:55 . 2008-09-02 21:53	3,350	--ahs----	C:\Documents and Settings\All Users\Dane aplikacji\KGyGaAvL.sys2008-08-29 14:55 . 2008-08-29 15:09	88	-r-hs----	C:\Documents and Settings\All Users\Dane aplikacji\7A788F8D8F.sys2008-08-29 14:54 . 2005-09-20 17:27	10,368	--a------	C:\WINDOWS\system32\drivers\iviaspi.sys2008-08-29 14:53 . 2008-08-29 14:53	<DIR>	d--------	C:\Program Files\Common Files\xing shared2008-08-29 14:52 . 2008-08-29 14:52	<DIR>	d--------	C:\Program Files\Real2008-08-29 14:52 . 2008-08-29 14:52	<DIR>	d--------	C:\Program Files\Common Files\Real2008-08-29 14:50 . 2008-08-29 14:50	<DIR>	d--------	C:\Program Files\InterVideo2008-08-29 14:50 . 2008-08-29 14:50	<DIR>	d--------	C:\Program Files\Common Files\Protexis2008-08-29 14:50 . 2008-08-29 14:50	<DIR>	d--------	C:\Program Files\Common Files\InterVideo2008-08-29 14:50 . 2008-08-29 14:50	<DIR>	d--------	C:\Documents and Settings\All Users\Dane aplikacji\Corel2008-08-29 14:49 . 2008-08-29 14:49	<DIR>	d--------	C:\Program Files\Corel2008-08-29 13:45 . 2008-08-29 13:45	<DIR>	d--------	C:\Program Files\Ashampoo2008-08-29 13:20 . 2008-08-29 13:20	<DIR>	d--------	C:\Program Files\CD Label Designer2008-08-29 13:20 . 2008-08-30 15:25	<DIR>	d-a------	C:\Documents and Settings\All Users\Dane aplikacji\TEMP2008-08-28 13:20 . 2006-10-26 19:56	32,592	--a------	C:\WINDOWS\system32\msonpmon.dll2008-08-28 13:15 . 2008-08-28 13:15	<DIR>	d--------	C:\Program Files\MSBuild2008-08-28 13:15 . 2008-08-28 13:15	<DIR>	d--------	C:\Program Files\Microsoft Works2008-08-28 13:12 . 2008-08-28 13:12	<DIR>	d--------	C:\Program Files\Microsoft.NET2008-08-28 13:08 . 2008-08-28 13:14	<DIR>	d--------	C:\WINDOWS\SHELLNEW2008-08-28 13:07 . 2008-08-28 13:20	<DIR>	d--------	C:\Documents and Settings\All Users\Dane aplikacji\Microsoft Help2008-08-28 13:06 . 2008-08-28 13:06	<DIR>	dr-h-----	C:\MSOCache2008-08-28 10:44 . 2008-08-28 10:44	<DIR>	d--------	C:\Documents and Settings\All Users\Dane aplikacji\nView_Profiles2008-08-28 09:42 . 2008-08-28 09:42	<DIR>	d--------	C:\Program Files\MTA San Andreas2008-08-28 07:41 . 2008-08-28 07:41	<DIR>	d--------	C:\Program Files\Foxit Software2008-08-27 19:09 . 2008-08-27 19:14	<DIR>	d--------	C:\Program Files\Mp3DoctorPRO2008-08-27 18:51 . 2008-08-27 19:35	<DIR>	d--------	C:\Program Files\EvilLyrics2008-08-27 07:49 . 2008-08-27 07:49	<DIR>	d--------	C:\Program Files\Google2008-08-25 15:16 . 2008-08-25 15:16	<DIR>	d--------	C:\WINDOWS\system32\xircom2008-08-25 15:16 . 2008-08-25 15:16	<DIR>	d--------	C:\WINDOWS\system32\oobe2008-08-25 15:16 . 2008-08-25 15:16	<DIR>	d--------	C:\WINDOWS\srchasst2008-08-25 15:16 . 2008-08-25 15:16	<DIR>	d--------	C:\WINDOWS\msagent2008-08-25 15:16 . 2008-08-25 15:16	<DIR>	d--------	C:\Program Files\microsoft frontpage2008-08-25 14:47 . 2008-08-25 14:47	<DIR>	d--------	C:\Program Files\Trend Micro2008-08-24 17:37 . 2008-08-24 17:37	<DIR>	d--------	C:\Documents and Settings\Administrator\Dane aplikacji\AdobeUM2008-08-24 08:10 . 2008-08-24 08:10	<DIR>	d--------	C:\Program Files\DAEMON Tools Toolbar2008-08-24 08:10 . 2008-08-24 08:10	<DIR>	d--------	C:\Program Files\DAEMON Tools Lite2008-08-24 08:07 . 2008-08-24 08:07	<DIR>	d--------	C:\Documents and Settings\Administrator\Dane aplikacji\DAEMON Tools2008-08-24 08:07 . 2008-08-24 08:08	717,296	--a------	C:\WINDOWS\system32\drivers\sptd.sys2008-08-24 08:05 . 2008-08-24 08:05	<DIR>	d--------	C:\Program Files\Postal 22008-08-24 08:03 . 1999-12-17 08:13	86,016	--a------	C:\WINDOWS\unvise32.exe2008-08-23 15:40 . 2008-08-23 15:40	<DIR>	d--------	C:\Program Files\Croteam2008-08-23 11:49 . 2008-08-23 11:49	<DIR>	d--------	C:\WINDOWS\Sun2008-08-23 08:33 . 2008-08-23 08:35	754	--a------	C:\WINDOWS\WORDPAD.INI2008-08-22 15:48 . 2008-08-22 15:48	<DIR>	d--------	C:\Program Files\ReflexiveArcade2008-08-22 08:18 . 2008-08-22 08:18	<DIR>	d--------	C:\Program Files\Save2008-08-21 17:50 . 2008-08-21 17:50	<DIR>	d--------	C:\Program Files\RAR Password Cracker2008-08-21 16:02 . 2008-08-21 16:02	<DIR>	d--h-----	C:\WINDOWS\system32\GroupPolicy2008-08-21 10:46 . 2008-08-27 08:39	<DIR>	d--------	C:\Documents and Settings\Administrator\Dane aplikacji\Hide IP NG2008-08-21 07:39 . 2008-08-21 07:39	<DIR>	d--------	C:\Program Files\RivaTuner v2.092008-08-17 09:12 . 2008-09-11 20:27	<DIR>	d--------	C:\Documents and Settings\All Users\Dane aplikacji\Kaspersky Lab2008-08-17 09:12 . 2008-09-11 20:55	1,627,168	--ahs----	C:\WINDOWS\system32\drivers\fidbox.dat2008-08-17 09:12 . 2008-09-11 20:55	352,288	--ahs----	C:\WINDOWS\system32\drivers\fidbox2.dat2008-08-17 09:12 . 2008-08-17 09:29	96,976	--a------	C:\WINDOWS\system32\drivers\klin.dat2008-08-17 09:12 . 2008-08-17 09:29	87,855	--a------	C:\WINDOWS\system32\drivers\klick.dat2008-08-17 09:12 . 2008-09-11 20:55	14,840	--ahs----	C:\WINDOWS\system32\drivers\fidbox.idx2008-08-17 09:12 . 2008-09-11 20:55	3,332	--ahs----	C:\WINDOWS\system32\drivers\fidbox2.idx2008-08-16 19:50 . 2004-08-03 22:58	15,104	--a------	C:\WINDOWS\system32\drivers\usbscan.sys2008-08-16 19:40 . 2008-08-17 09:00	<DIR>	d--------	C:\Documents and Settings\Administrator\Dane aplikacji\OpenOffice.org22008-08-15 08:27 . 2008-08-15 08:28	<DIR>	d--------	C:\Program Files\GameSpy Arcade2008-08-14 20:41 . 2008-08-14 20:41	617	--a------	C:\WINDOWS\eReg.dat2008-08-14 20:23 . 2008-08-14 20:24	<DIR>	d--------	C:\Documents and Settings\Administrator\Dane aplikacji\Tlen.pl2008-08-14 20:21 . 2008-08-14 20:22	<DIR>	d--------	C:\Program Files\Nowe Gadu-Gadu2008-08-14 13:25 . 2008-09-11 16:53	69	--a------	C:\WINDOWS\NeroDigital.ini2008-08-13 09:39 . 2008-08-13 09:39	<DIR>	d--------	C:\Program Files\Common Files\DirectX2008-08-13 08:35 . 2008-08-13 08:35	<DIR>	d--------	C:\Program Files\iTunes2008-08-13 08:35 . 2008-08-13 08:35	<DIR>	d--------	C:\Program Files\iPod2008-08-13 08:35 . 2008-08-13 08:35	<DIR>	d--------	C:\Documents and Settings\Administrator\Dane aplikacji\Apple Computer2008-08-13 08:34 . 2008-08-28 13:26	<DIR>	d--------	C:\Program Files\Bonjour2008-08-13 08:32 . 2008-08-13 08:32	<DIR>	d--------	C:\Documents and Settings\All Users\Dane aplikacji\Last.fm2008-08-13 08:30 . 2008-08-13 08:30	<DIR>	d----c---	C:\WINDOWS\system32\DRVSTORE2008-08-13 08:30 . 2008-08-13 08:30	<DIR>	d--------	C:\Program Files\Apple Software Update2008-08-13 08:29 . 2008-08-13 08:29	<DIR>	d--------	C:\Program Files\Common Files\Apple2008-08-13 08:29 . 2008-08-13 08:29	<DIR>	d--------	C:\Documents and Settings\All Users\Dane aplikacji\Apple2008-08-12 19:45 . 2008-08-12 19:45	<DIR>	d--------	C:\Program Files\Last.fm2008-08-12 19:36 . 2008-08-12 19:36	<DIR>	d--------	C:\Documents and Settings\All Users\Dane aplikacji\SiteAdvisor2008-08-12 19:36 . 2008-08-12 19:36	<DIR>	d--------	C:\Documents and Settings\All Users\Dane aplikacji\McAfee2008-08-12 19:36 . 2008-09-11 20:50	<DIR>	d--------	C:\Documents and Settings\Administrator\Dane aplikacji\SiteAdvisor2008-08-12 19:23 . 2008-08-27 10:43	<DIR>	d--------	C:\Program Files\Premium Booster2008-08-12 13:34 . 2008-08-12 13:34	<DIR>	d--------	C:\Documents and Settings\Administrator\Dane aplikacji\FastStone2008-08-12 13:16 . 2008-09-01 12:17	<DIR>	d--------	C:\Program Files\FastStone Image Viewer2008-08-12 13:16 . 2008-08-12 13:22	<DIR>	d--------	C:\NVIDIA2008-08-12 13:13 . 2008-08-12 13:13	<DIR>	d--------	C:\Documents and Settings\Administrator\Dane aplikacji\Nero2008-08-12 13:10 . 2008-08-12 13:10	<DIR>	d--------	C:\Program Files\Lavalys2008-08-12 13:08 . 2008-08-12 13:08	<DIR>	d--------	C:\Program Files\Nero2008-08-12 13:08 . 2008-08-12 13:11	<DIR>	d--------	C:\Program Files\Common Files\Nero2008-08-12 13:08 . 2008-08-12 13:08	<DIR>	d--------	C:\Documents and Settings\All Users\Dane aplikacji\Nero.((((((((((((((((((((((((((((((((((((((((   Sekcja Find3M   )))))))))))))))))))))))))))))))))))))))))))))))))))).2008-08-29 12:50	---------	d--h--w	C:\Program Files\InstallShield Installation Information2008-08-28 11:16	---------	d-----w	C:\Documents and Settings\Administrator\Dane aplikacji\Nowe Gadu-Gadu2008-08-24 06:06	12,528	----a-w	C:\WINDOWS\system32\drivers\secdrv.sys2008-08-23 13:39	---------	d-----w	C:\Program Files\Common Files\InstallShield2008-08-17 07:12	---------	d-----w	C:\Program Files\Kaspersky Lab2008-08-16 17:37	---------	d-----w	C:\Program Files\Java2008-08-13 06:35	---------	d-----w	C:\Documents and Settings\All Users\Dane aplikacji\Apple Computer2008-08-13 06:34	---------	d-----w	C:\Program Files\QuickTime Alternative2008-08-12 10:51	---------	d-----w	C:\Program Files\Multimedia Keyboard Driver2008-08-12 10:41	---------	d-----w	C:\Program Files\C-Media 3D Audio2008-08-12 10:40	---------	d-----w	C:\Documents and Settings\All Users\Dane aplikacji\HP2008-08-12 10:39	---------	d-----w	C:\Program Files\HP2008-08-12 10:39	---------	d-----w	C:\Program Files\Common Files\HP2008-08-12 10:38	---------	d-----w	C:\Program Files\Hewlett-Packard2008-08-12 10:37	---------	d-----w	C:\Program Files\Common Files\Hewlett-Packard2008-08-12 10:34	---------	d-----w	C:\Documents and Settings\Administrator\Dane aplikacji\HP2008-08-12 10:32	---------	d-----w	C:\Program Files\Defraggler2008-08-12 10:26	---------	d-----w	C:\Documents and Settings\All Users\Dane aplikacji\Kaspersky Lab Setup Files2008-08-12 10:21	---------	d-----w	C:\Program Files\Real Alternative2008-08-12 10:20	---------	d-----w	C:\Program Files\Common Files\Java2008-08-12 10:16	---------	d-----w	C:\Program Files\Windows Media Connect 22001-11-23 04:08	712,704	----a-w	C:\WINDOWS\inf\OTHER\AUDIO3D.DLL.------- Sigcheck -------2007-07-10 15:06  642560  ce594e18fe0d0af804f1f3694921ce62	C:\WINDOWS\system32\user32.dll2007-07-14 00:56  814592  ce7193c5f7c01b19768e066087c1c919	C:\WINDOWS\system32\wininet.dll2007-07-28 03:15  360576  0fb6743e937c7bb248b2530a5a77abc6	C:\WINDOWS\system32\drivers\tcpip.sys2007-07-26 19:30  2067584  5362d54a6925afdcbbba53b43ee65774	C:\WINDOWS\system32\ntkrnlpa.exe2007-07-26 19:31  2190464  9899bb89856e3bd4ef13e11ccee49b71	C:\WINDOWS\system32\ntoskrnl.exe2007-07-14 00:42  974848  32f67215c57df2c401bf93b7ee65987f	C:\WINDOWS\explorer.exe.(((((((((((((((((((((((((((((((((((((   Wpisy startowe rejestru   ))))))))))))))))))))))))))))))))))))))))))))))))))..*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane REGEDIT4[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"DAEMON Tools Lite"="rem" [X]"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 15360]"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe" [2007-10-23 202024][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"HP Software Update"="rem" [X]"AppleSyncNotifier"="rem" [X]"QuickTime Task"="rem" [X]"iTunesHelper"="rem" [X]"SunJavaUpdateSched"="rem" [X]"RivaTunerStartupDaemon"="rem" [X]"GrooveMonitor"="rem" [X]"WireLessKeyboard"="C:\Program Files\Multimedia Keyboard Driver\StartAutorun.exe" [2005-11-30 94208]"NeroFilterCheck"="C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe" [2007-03-01 153136]"NBKeyScan"="C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2007-09-20 1836328]"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-03-09 7561216]"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2006-03-09 86016]"Google Desktop Search"="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" [2008-08-27 29744]"TkBellExe"="C:\Program Files\Real Alternative\Update_OB\realsched.exe" [2008-08-29 180269]"AVP"="C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe" [2008-04-25 201992]"nwiz"="nwiz.exe" [2006-03-09 C:\WINDOWS\system32\nwiz.exe][HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-04 15360][HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]"nltide_2"="shell32" [X]"nltide_3"="advpack.dll" [2007-07-27 C:\WINDOWS\system32\advpack.dll][HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]"DisableStatusMessages"= 1 (0x1)[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]"NoSMMyPictures"= 1 (0x1)"NoSMConfigurePrograms"= 1 (0x1)"NoSMHelp"= 1 (0x1)"NoResolveTrack"= 1 (0x1)"NoResolveSearch"= 1 (0x1)[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]"NoSMMyPictures"= 1 (0x1)"NoSMConfigurePrograms"= 1 (0x1)"NoSMHelp"= 1 (0x1)"NoResolveTrack"= 1 (0x1)"NoResolveSearch"= 1 (0x1)[HKEY_LOCAL_MACHINE\software\microsoft\security center]"AntiVirusDisableNotify"=dword:00000001"AntiVirusOverride"=dword:00000001[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]"DisableMonitoring"=dword:00000001[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]"EnableFirewall"= 0 (0x0)[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\system32\\sessmgr.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"="C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"="C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"="C:\\Program Files\\Nowe Gadu-Gadu\\gg.exe"="C:\\Documents and Settings\\All Users\\Dane aplikacji\\Kaspersky Lab Setup Files\\Kaspersky Anti-Virus 7.0.1.325\\Polish\\setup.exe"="C:\\Program Files\\Bonjour\\mDNSResponder.exe"="C:\\Program Files\\iTunes\\iTunes.exe"="C:\\Documents and Settings\\All Users\\Dane aplikacji\\Kaspersky Lab Setup Files\\Kaspersky Internet Security 2009\\Polish\\setup.exe"="C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"="C:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"="C:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=R0 klbg;Kaspersky Lab Boot Guard Driver;C:\WINDOWS\system32\drivers\klbg.sys [2008-01-29 32784]R2 PSI_SVC_2;Protexis Licensing V2;C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [2007-07-24 185632]R2 regi;regi;C:\WINDOWS\system32\drivers\regi.sys [2007-04-17 11032]R3 KLFLTDEV;Kaspersky Lab KLFltDev;C:\WINDOWS\system32\DRIVERS\klfltdev.sys [2008-03-13 26640]R3 klim5;Kaspersky Anti-Virus NDIS Filter;C:\WINDOWS\system32\DRIVERS\klim5.sys [2008-03-25 24592]S3 GoogleDesktopManager-061008-081103;Menedżer Google Desktop 5.7.806.10245;C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2008-08-27 29744]S3 usbscan;Sterownik skanera USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]S3 USBSTOR;Sterownik magazynu masowego USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496].Zawartość folderu 'Zaplanowane zadania'.- - - - USUNIĘTO PUSTE WPISY - - - -HKCU-Run-Uniblue RegistryBooster 2009 - C:\Program Files\Uniblue\RegistryBooster\RegistryBooster.exe.------- Skan uzupełniający -------.FireFox -: Profile - C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\8gr3dkh0.default\FireFox -: prefs.js - STARTUP.HOMEPAGE - www.google.plFF -: plugin - C:\Program Files\Adobe\Acrobat 7.0\Reader\browser\nppdf32.dllFF -: plugin - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dllFF -: plugin - C:\Program Files\Mozilla Firefox\plugins\npGoogleGadgetPluginFirefoxWin.dll.**************************************************************************catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.netRootkit scan 2008-09-11 20:57:35Windows 5.1.2600 Dodatek Service Pack 2 NTFSskanowanie ukrytych procesów ... skanowanie ukrytych wpisów autostartu ...skanowanie ukrytych plików ... **************************************************************************.------------------------ Pozostałe uruchomione procesy ------------------------.C:\WINDOWS\system32\rundll32.exeC:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exeC:\Program Files\Bonjour\mDNSResponder.exeC:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exeC:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exeC:\Program Files\Multimedia Keyboard Driver\PS2USBKbdDrv.exeC:\WINDOWS\system32\nvsvc32.exeC:\WINDOWS\system32\HPZipm12.exeC:\Program Files\Common Files\Nero\Lib\NMIndexingService.exeC:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exeC:\Program Files\Mozilla Firefox\firefox.exe.**************************************************************************.Czas ukończenia: 2008-09-11 21:02:57 - komputer został uruchomiony ponownieComboFix-quarantined-files.txt  2008-09-11 19:02:54Przed: 13,504,380,928 bajt˘w wolnychPo: 13,602,271,232 bajt˘w wolnych268

Mateusz J.
komentarz
komentarz

Witam :)

O17 - HKLM\System\CCS\Services\Tcpip\..\{A076C97D-B4A8-44FD-9851-59F38F5B78FF}: NameServer = 208.67.222.222,208.67.220.220

DNS, którą ustawiamy w celu przyspieszenia internetu, jeśli jednak Ty tego nie ustawiałeś sfixuj wpis.

O23 - Service: Indexing Service (CiSvc) - Unknown owner - C:\WINDOWS\system32\cisvc.exe (file missing)

Fix

O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exeO4 - HKLM\..\Run: [HP Software Update] rem C:\Program Files\HP\HP Software Update\HPWuSchd2.exeO4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"O4 - HKLM\..\Run: [nwiz] nwiz.exe /installO4 - HKLM\..\Run: [QuickTime Task] rem "C:\Program Files\QuickTime Alternative\QTTask.exe" -atboottimeO4 - HKLM\..\Run: [iTunesHelper] rem "C:\Program Files\iTunes\iTunesHelper.exe"O4 - HKLM\..\Run: [sunJavaUpdateSched] rem "C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe"O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Real Alternative\Update_OB\realsched.exe" -osbootO4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe"

w msconfig => zakładka Uruchamianie odznacz powyższe wpisy, no chyba, że Ci coś jest z tego potrzebne przy starcie systemu.

msconfig raczej wiesz jak załączyć, ale napisze :)

start => Uruchom => msconfig => ok => zakładka Uruchamianie

Nareszcie ktoś raczył dzisiaj wstawić logi w tagi CODE, brawo dla tego Pana :)

Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!

Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.

×
×
  • Dodaj nową pozycję...

Powiadomienie o plikach cookie

Strona wykorzystuje pliki cookies w celu prawidłowego świadczenia usług i wygody użytkowników. Warunki przechowywania i dostępu do plików cookies możesz zmienić w ustawieniach przeglądarki.