x-kom hosting

Problem z przeglądarkami - logi

motkka
utworzono
utworzono
ogfile of Trend Micro HijackThis v2.0.2Scan saved at 14:03:16, on 2008-09-14Platform: Windows XP Dodatek SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.5730.0013)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\RTHDCPL.EXEC:\Program Files\Winamp\winampa.exeC:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXEC:\Program Files\ESET\ESET NOD32 Antivirus\egui.exeC:\Program Files\Java\jre1.6.0_07\bin\jusched.exeC:\Program Files\HP\HP Software Update\HPWuSchd2.exeC:\Program Files\Microsoft Office\Office12\GrooveMonitor.exeC:\Program Files\BearShare\BearShare.exeC:\Program Files\Unlocker\UnlockerAssistant.exeC:\WINDOWS\system32\ctfmon.exeC:\Program Files\Gadu-Gadu\gg.exeC:\Program Files\AutoConnect\AutoConnect.exeC:\Program Files\Konnekt\konnekt.exeC:\Program Files\DAEMON Tools Lite\daemon.exeC:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exeC:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exeC:\Program Files\Ares\Ares.exeC:\Program Files\AirLive WL-5480USB WLAN USB\AirLive WL-5480USB WLAN USB\WlanUtil.exeC:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exeC:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exeC:\Program Files\HP\Digital Imaging\bin\hpqtra08.exeC:\Program Files\Microsoft Office\Office12\ONENOTEM.EXEC:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exeC:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exeC:\WINDOWS\system32\PnkBstrA.exeC:\WINDOWS\system32\svchost.exeC:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exeC:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exeC:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exeC:\Program Files\Winamp\winamp.exeC:\WINDOWS\system32\wuauclt.exeC:\Program Files\Internet Explorer\IEXPLORE.EXEC:\Program Files\Trend Micro\HijackThis\HijackThis.exeR0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=74005R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = ŁączaR3 - URLSearchHook: Winamp Search Class - {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dllO2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dllO2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dllO2 - BHO: My Global Search Bar BHO - {37B85A21-692B-4205-9CAD-2626E4993404} - (no file)O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLLO2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dllO2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dllO2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dllO3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dllO3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dllO3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dllO4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXEO4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXEO4 - HKLM\..\Run: [JMB36X IDE Setup] C:\WINDOWS\JM\JMInsIDE.exeO4 - HKLM\..\Run: [36X Raid Configurer] C:\WINDOWS\system32\JMRaidSetup.exe bootO4 - HKLM\..\Run: [startCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitserviceO4 - HKLM\..\Run: [NodLogin] C:\Program Files\ESET\ESET NOD32 Antivirus\nodlogin.exeO4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exeO4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exeO4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -kO4 - HKLM\..\Run: [bearShare] "C:\Program Files\BearShare\BearShare.exe" /pauseO4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"O4 - HKLM\..\Run: [unlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exeO4 - HKCU\..\Run: [Gadu-Gadu] "C:\Program Files\Gadu-Gadu\gg.exe" /trayO4 - HKCU\..\Run: [AutoConnect] C:\Program Files\AutoConnect\AutoConnect.exeO4 - HKCU\..\Run: [Konnekt] "C:\Program Files\Konnekt\konnekt.exe" /autostartO4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorunO4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -hO4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA LOKALNA')O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'USŁUGA LOKALNA')O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA SIECIOWA')O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'USŁUGA SIECIOWA')O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM')O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')O4 - Startup: hamachi.lnk = C:\Program Files\Hamachi\hamachi.exeO4 - Startup: Tworzenie wycinków ekranu i uruchamianie programu OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXEO4 - Global Startup: AirLive WL-5480USB WLAN USB Utility.lnk = C:\Program Files\AirLive WL-5480USB WLAN USB\AirLive WL-5480USB WLAN USB\WlanUtil.exeO4 - Global Startup: BlueSoleil.lnk = ?O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exeO4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exeO8 - Extra context menu item: &Winamp Search - C:\Documents and Settings\All Users\Dane aplikacji\Winamp Toolbar\ieToolbar\resources\en-US\local\search.htmlO8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dllO9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dllO9 - Extra button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dllO9 - Extra 'Tools' menuitem: Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dllO9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLLO9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exeO9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exeO9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO16 - DPF: {1A781DED-C22D-4153-3213-A3211E29DF13} (GameDesire Card Games) - http://download.gamedesire.com/g_bin/pl/cards_2_0_0_77.cabO16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cabO17 - HKLM\System\CCS\Services\Tcpip\..\{67E1392E-4F65-4F81-BEE1-1EE58230CB77}: NameServer = 83.238.255.76 213.241.79.37O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLLO23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exeO23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exeO23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exeO23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exeO23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exeO23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exeO23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exeO23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exeO23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exeO23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exeO23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe--End of file - 10749 bytes

Psycholandia
komentarz
komentarz
O2 - BHO: My Global Search Bar BHO - {37B85A21-692B-4205-9CAD-2626E4993404} - (no file)O8 - Extra context menu item: &Winamp Search - C:\Documents and Settings\All Users\Dane aplikacji\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html

Zaznacz i Fix.

motkka
komentarz
komentarz

Niestety nie pomogło

Psycholandia
komentarz
komentarz

Loga z Combofixa daj.

motkka
komentarz
komentarz
ComboFix 08-09-13.05 - suzuki 2008-09-14 15:08:41.1 - NTFSx86Microsoft Windows XP Professional  5.1.2600.3.1250.1.1045.18.1479 [GMT 2:00]Uruchomiony z: C:\Documents and Settings\suzuki\Pulpit\ComboFix.exe * Utworzono nowy punkt przywracania * Resident AV is active[b]UWAGA - TEN KOMPUTER NIE MA ZAINSTALOWANEJ KONSOLI ODZYSKIWANIA !![/b].(((((((((((((((((((((((((((((((((((((((   Usunięto   ))))))))))))))))))))))))))))))))))))))))))))))))).C:\Documents and Settings\suzuki\Cookies\suzuki@nuggad[2].txtC:\Documents and Settings\suzuki\Cookies\suzuki@tradedoubler[1].txtC:\Program Files\myglobalsearchC:\Program Files\myglobalsearch\bar\1.bin\M9FFXTBR.JARC:\Program Files\myglobalsearch\bar\1.bin\M9FFXTBR.MANIFESTC:\Program Files\myglobalsearch\bar\1.bin\M9NTSTBR.JARC:\Program Files\myglobalsearch\bar\1.bin\M9NTSTBR.MANIFESTC:\Program Files\myglobalsearch\bar\1.bin\NPMYGLSH.DLLC:\Program Files\myglobalsearch\bar\Cache\[u]0[/u]001A1C9C:\Program Files\myglobalsearch\bar\Cache\[u]0[/u]08B826A.binC:\Program Files\myglobalsearch\bar\Cache\[u]0[/u]08B85A6.binC:\Program Files\myglobalsearch\bar\Cache\[u]0[/u]08B873D.binC:\Program Files\myglobalsearch\bar\Cache\files.iniC:\Program Files\myglobalsearch\bar\History\searchC:\Program Files\myglobalsearch\bar\Settings\prevcfg.htm.(((((((((((((((((((((((((   Pliki utworzone od 2008-08-14 do 2008-09-14  ))))))))))))))))))))))))))))))).2008-09-14 14:03 . 2008-09-14 14:03	<DIR>	d--------	C:\Program Files\Trend Micro2008-09-11 21:04 . 2008-09-11 21:04	<DIR>	d--------	C:\Project IGI2008-09-11 20:59 . 2008-09-11 21:03	<DIR>	d--------	C:\Program Files\Max Payne2008-09-07 11:38 . 2008-09-07 11:42	47,900,000	--a------	C:\dd.wav2008-09-07 11:16 . 2008-09-07 13:30	<DIR>	d--------	C:\Program Files\Arial Sound Recorder2008-09-07 11:10 . 2008-09-07 13:30	<DIR>	d--------	C:\Documents and Settings\suzuki\Dane aplikacji\Audacity2008-09-06 12:26 . 2008-09-06 12:26	22,328	--a------	C:\WINDOWS\system32\drivers\PnkBstrK.sys2008-09-05 13:11 . 2008-09-06 12:26	103,736	--a------	C:\WINDOWS\system32\PnkBstrB.exe2008-09-05 13:10 . 2008-09-05 13:10	<DIR>	d--------	C:\WINDOWS\system32\LogFiles2008-09-05 13:10 . 2008-09-05 13:10	66,872	--a------	C:\WINDOWS\system32\PnkBstrA.exe2008-08-30 22:27 . 2008-08-30 22:27	664	--a------	C:\WINDOWS\system32\d3d9caps.dat2008-08-26 18:52 . 2008-04-14 22:50	159,232	--a------	C:\WINDOWS\system32\ptpusd.dll2008-08-26 18:52 . 2001-10-26 17:29	5,632	--a------	C:\WINDOWS\system32\ptpusb.dll2008-08-26 16:18 . 2008-08-26 16:18	<DIR>	d--------	C:\Documents and Settings\suzuki\Dane aplikacji\EPSON2008-08-26 16:00 . 2008-08-26 16:00	<DIR>	d--------	C:\Program Files\ABBYY FineReader 6.0 Sprint2008-08-26 16:00 . 2008-08-26 16:02	<DIR>	d--------	C:\Documents and Settings\All Users\Dane aplikacji\UDL2008-08-26 15:56 . 2008-08-26 16:01	<DIR>	d--------	C:\Program Files\epson2008-08-26 15:56 . 2005-02-25 00:00	46,080	--a------	C:\WINDOWS\system32\escimgd.dll2008-08-26 15:56 . 2005-02-25 00:00	29,696	--a------	C:\WINDOWS\system32\escwiad.dll2008-08-26 15:56 . 2005-02-25 00:00	22,016	--a------	C:\WINDOWS\system32\esccmd.dll2008-08-26 15:55 . 2008-08-26 15:55	26	--a------	C:\WINDOWS\CDE DX4000.ini2008-08-20 09:47 . 2008-08-20 09:47	<DIR>	d--------	C:\Program Files\Sierra On-Line2008-08-20 09:47 . 2008-08-20 09:47	<DIR>	d--------	C:\Documents and Settings\suzuki\WINDOWS2008-08-20 09:47 . 1998-10-07 12:54	327,168	--a------	C:\WINDOWS\IsUn0415.exe2008-08-20 09:47 . 2008-08-20 09:47	175	--a------	C:\WINDOWS\SIERRA.INI2008-08-19 17:26 . 2008-08-19 17:26	<DIR>	d--------	C:\Program Files\DIFX2008-08-19 17:26 . 2007-09-17 15:53	21,632	--a------	C:\WINDOWS\system32\drivers\pccsmcfd.sys2008-08-19 17:24 . 2006-10-08 21:51	23,856	--a------	C:\WINDOWS\system32\spupdsvc.exe2008-08-19 17:24 . 2008-08-19 17:24	0	--ah-----	C:\WINDOWS\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf2008-08-19 17:24 . 2008-08-19 17:24	0	--ah-----	C:\WINDOWS\system32\drivers\Msft_Kernel_ccdcmb_01005.Wdf2008-08-19 17:13 . 2008-08-19 17:26	<DIR>	d----c---	C:\WINDOWS\system32\DRVSTORE2008-08-19 17:13 . 2008-08-19 17:13	<DIR>	d--------	C:\Program Files\Nokia2008-08-19 17:13 . 2007-11-29 10:33	1,419,232	--a------	C:\WINDOWS\system32\wdfcoinstaller01005.dll2008-08-19 17:13 . 2007-11-29 10:39	95,744	--a------	C:\WINDOWS\system32\nmwcdcocls.dll2008-08-19 17:13 . 2007-11-29 10:32	48,128	--a------	C:\WINDOWS\system32\nmwcdcls.dll2008-08-19 17:13 . 2007-11-29 10:39	16,896	--a------	C:\WINDOWS\system32\drivers\ccdcmb.sys2008-08-19 17:12 . 2008-08-19 17:12	<DIR>	d--------	C:\Documents and Settings\All Users\Dane aplikacji\Installations2008-08-19 17:11 . 2008-08-19 17:11	<DIR>	d--hs----	C:\WINDOWS\ftpcache2008-08-17 15:36 . 2008-08-17 15:36	280	--a------	C:\WINDOWS\game.ini2008-08-17 15:34 . 2008-08-17 15:34	<DIR>	d--------	C:\Program Files\Activision2008-08-17 15:05 . 2008-09-14 13:40	<DIR>	d--------	C:\Documents and Settings\suzuki\Dane aplikacji\Hamachi2008-08-17 15:04 . 2008-08-17 15:05	<DIR>	d--------	C:\Program Files\Hamachi2008-08-17 15:04 . 2008-08-17 15:04	25,280	--a------	C:\WINDOWS\system32\drivers\hamachi.sys2008-08-16 17:25 . 2008-08-16 17:25	4,096	--a------	C:\WINDOWS\d3dx.dat2008-08-16 17:20 . 2008-08-16 17:20	<DIR>	d--------	C:\Program Files\Piranha Bytes2008-08-16 17:20 . 2008-08-16 17:20	<DIR>	d--------	C:\Documents and Settings\suzuki\Dane aplikacji\InstallShield2008-08-16 16:38 . 1999-12-17 10:13	86,016	--a------	C:\WINDOWS\unvise32.exe2008-08-16 16:37 . 2008-08-16 16:37	<DIR>	d--------	C:\Program Files\Eidos Interactive2008-08-15 23:18 . 2008-08-15 23:18	<DIR>	d--------	C:\Program Files\Linearteam2008-08-15 22:31 . 2008-08-15 22:31	<DIR>	d--------	C:\Program Files\WinISD2008-08-14 12:06 . 2008-08-14 12:06	<DIR>	d--------	C:\Program Files\GameSpy Arcade2008-08-14 11:23 . 2008-08-14 11:23	<DIR>	d--------	C:\Program Files\Creative2008-08-14 11:23 . 2002-06-06 14:38	139,264	--a------	C:\WINDOWS\system32\eax.dll2008-08-14 11:20 . 2008-08-14 12:03	<DIR>	d--------	C:\Program Files\Mafia2008-08-14 10:58 . 2008-08-14 10:58	<DIR>	d--------	C:\Program Files\directx2008-08-14 10:58 . 2008-08-14 10:58	0	--a------	C:\WINDOWS\DXT5B5.tmp2008-08-14 10:58 . 2008-08-14 10:58	0	--a------	C:\WINDOWS\DXT5B4.tmp2008-08-14 10:57 . 2008-08-14 10:58	<DIR>	d--------	C:\UnrealTournament.((((((((((((((((((((((((((((((((((((((((   Sekcja Find3M   )))))))))))))))))))))))))))))))))))))))))))))))))))).2008-09-14 11:40	---------	d-----w	C:\Program Files\AutoConnect2008-09-11 19:03	---------	d--h--w	C:\Program Files\InstallShield Installation Information2008-08-27 15:23	---------	d-----w	C:\Documents and Settings\All Users\Dane aplikacji\Microsoft Help2008-08-26 14:03	---------	d-----w	C:\Program Files\Common Files\InstallShield2008-08-19 12:29	---------	d-----w	C:\Program Files\Total Video Converter2008-08-18 08:04	---------	d-----w	C:\Program Files\Gadu-Gadu2008-08-16 18:09	---------	d-----w	C:\Program Files\Common Files\Adobe2008-08-16 09:45	---------	d-----w	C:\Documents and Settings\suzuki\Dane aplikacji\Image Zone Express2008-08-13 09:43	---------	d-----w	C:\Documents and Settings\LocalService\Dane aplikacji\Ahead2008-08-13 09:23	---------	d-----w	C:\Program Files\Rockstar Games2008-08-13 09:13	---------	d-----w	C:\Program Files\eMule2008-08-13 09:06	---------	d-----w	C:\Program Files\Wolfenstein - Enemy Territory2008-08-10 15:17	---------	d-----w	C:\Documents and Settings\suzuki\Dane aplikacji\Desktopicon2008-08-09 08:16	---------	d-----w	C:\Documents and Settings\All Users\Dane aplikacji\Bluetooth2008-08-08 22:21	---------	d-----w	C:\Program Files\Unlocker2008-08-08 13:19	---------	d-----w	C:\Program Files\IVT Corporation2008-08-02 17:01	---------	d-----w	C:\Program Files\BearShare2008-07-31 16:39	---------	d-----w	C:\Program Files\SubEdit-Player2008-07-31 15:10	---------	d-----w	C:\Documents and Settings\suzuki\Dane aplikacji\Styler2008-07-20 07:41	---------	d-----w	C:\Documents and Settings\suzuki\Dane aplikacji\GanymedeNet2008-07-17 12:54	---------	d-----w	C:\Program Files\MyXOFT2008-07-16 12:34	---------	d-----w	C:\Documents and Settings\suzuki\Dane aplikacji\HP2008-07-15 15:46	---------	d-----w	C:\Program Files\Hide Folders XP 2.------- Sigcheck -------2008-05-08 20:02  361344  accf5a9a1ffaa490f33dba1c632b95e1	C:\WINDOWS\system32\drivers\tcpip.sys.(((((((((((((((((((((((((((((((((((((   Wpisy startowe rejestru   ))))))))))))))))))))))))))))))))))))))))))))))))))..*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane REGEDIT4[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]"{57BCA5FA-5DBB-45a2-B558-1755C3F6253B}"= "C:\Program Files\Winamp Toolbar\winamptb.dll" [2008-03-20 1267040][HKEY_CLASSES_ROOT\clsid\{57bca5fa-5dbb-45a2-b558-1755c3f6253b}][HKEY_CLASSES_ROOT\WINAMPTB.AOLTBSearch.1][HKEY_CLASSES_ROOT\TypeLib\{538CD77C-BFDD-49b0-9562-77419CAB89D1}][HKEY_CLASSES_ROOT\WINAMPTB.AOLTBSearch][HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-14 15360]"Gadu-Gadu"="C:\Program Files\Gadu-Gadu\gg.exe" [2008-03-20 2127296]"AutoConnect"="C:\Program Files\AutoConnect\AutoConnect.exe" [2004-08-28 295424]"Konnekt"="C:\Program Files\Konnekt\konnekt.exe" [2005-05-24 503808]"DAEMON Tools Lite"="C:\Program Files\DAEMON Tools Lite\daemon.exe" [2008-04-01 486856]"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-03-12 153136]"ares"="C:\Program Files\Ares\Ares.exe" [2007-05-04 961024]"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2008-04-14 1695232][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"JMB36X IDE Setup"="C:\WINDOWS\JM\JMInsIDE.exe" [2006-10-30 36864]"36X Raid Configurer"="C:\WINDOWS\system32\JMRaidSetup.exe" [2006-11-16 1953792]"StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 90112]"WinampAgent"="C:\Program Files\Winamp\winampa.exe" [2008-04-01 36352]"egui"="C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" [2008-06-10 1447168]"NodLogin"="C:\Program Files\ESET\ESET NOD32 Antivirus\nodlogin.exe" [2008-06-13 359020]"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2006-02-19 49152]"GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-27 31016]"NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-09 153136]"BearShare"="C:\Program Files\BearShare\BearShare.exe" [2006-08-01 3313664]"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]"UnlockerAssistant"="C:\Program Files\Unlocker\UnlockerAssistant.exe" [2008-05-02 15872]"RTHDCPL"="RTHDCPL.EXE" [2006-04-17 C:\WINDOWS\RTHDCPL.exe][HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2008-04-14 15360][HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]"nltide_2"="shell32" [X]C:\Documents and Settings\suzuki\Menu Start\Programy\Autostart\hamachi.lnk - C:\Program Files\Hamachi\hamachi.exe [2008-08-17 624416]Tworzenie wycink˘w ekranu i uruchamianie programu OneNote 2007.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE [2006-10-26 98632]C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\AirLive WL-5480USB WLAN USB Utility.lnk - C:\Program Files\AirLive WL-5480USB WLAN USB\AirLive WL-5480USB WLAN USB\WlanUtil.exe [2008-07-06 479232]BlueSoleil.lnk - C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe [2008-08-08 1183744]DSLMON.lnk - C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe [2008-06-29 962661]HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2006-02-19 288472][HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]"VIDC.YV12"= yv12vfw.dll[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\system32\\sessmgr.exe"="C:\\Program Files\\Gadu-Gadu\\gg.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"="C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"="C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"="C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"="C:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"="C:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"="C:\\Program Files\\Konnekt\\konnekt.exe"="C:\\Program Files\\eMule\\emule.exe"="C:\\Program Files\\EA GAMES\\Battlefield Vietnam\\bfvietnam.exe"="C:\\Program Files\\Virgin Interactive\\Screamer 4x4\\Screamer4x4_d3d.exe"="C:\\Program Files\\Activision\\Call of Duty 2\\CoD2MP_s.exe"="C:\\Program Files\\Ares\\Ares.exe"="C:\\Program Files\\Wolfenstein - Enemy Territory\\ET.exe"="E:\\GRY\\uaz\\uaz4x4.exe"="C:\\Program Files\\BearShare\\BearShare.exe"="C:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"="C:\\UnrealTournament\\System\\UnrealTournament.exe"="C:\\Program Files\\Hamachi\\hamachi.exe"="C:\\Documents and Settings\\suzuki\\Pulpit\\CALL OF DUTY 4\\iw3mp.exe"=R0 HFXP2;HFXP2;C:\WINDOWS\system32\DRIVERS\HFXP2.SYS [2007-01-23 17264]R1 epfwtdir;epfwtdir;C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2008-06-10 34312]S2 NOD32FiXTemDono;Eset Nod32 Boot;C:\WINDOWS\system32\regedt32.exe [2001-10-26 3584]S3 BRGSp50;BRGSp50 NDIS Protocol Driver;C:\WINDOWS\system32\Drivers\BRGSp50.sys [2005-06-08 20608]S3 ZD1211BU(AirLive);AirLive  WL-5480USB WLAN USB Driver(AirLive);C:\WINDOWS\system32\DRIVERS\zd1211Bu.sys [2005-10-28 402432]*Newly Created Service* - PROCEXP90..------- Skan uzupełniający -------.FireFox -: Profile - C:\Documents and Settings\suzuki\Dane aplikacji\Mozilla\Firefox\Profiles\ryo8ez1q.default\FF -: plugin - C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dllFF -: plugin - C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dllFF -: plugin - C:\Program Files\Mozilla Firefox\plugins\NPMyGlSh.dll.**************************************************************************catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.netRootkit scan 2008-09-14 15:10:01Windows 5.1.2600 Dodatek Service Pack 3 NTFSskanowanie ukrytych procesów ... skanowanie ukrytych wpisów autostartu ...skanowanie ukrytych plików ... skanowanie pomyślnie ukończoneukryte pliki: 0**************************************************************************.Czas ukończenia: 2008-09-14 15:10:33ComboFix-quarantined-files.txt  2008-09-14 13:10:27Przed: 6,807,371,776 bajt˘w wolnychPo: 7,518,232,576 bajt˘w wolnych228
Mateusz J.
komentarz
komentarz
2008-09-07 11:38 . 2008-09-07 11:42	47,900,000	--a------	C:\dd.wav

Twoje? Znasz to?

Usuń folder C:\QooBox

Ogólnie czysto.

Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!

Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.

×
×
  • Dodaj nową pozycję...

Powiadomienie o plikach cookie

Strona wykorzystuje pliki cookies w celu prawidłowego świadczenia usług i wygody użytkowników. Warunki przechowywania i dostępu do plików cookies możesz zmienić w ustawieniach przeglądarki.