x-kom hosting

prosze o sprawdzenie loga

dr.hanibale
utworzono
utworzono
Logfile of Trend Micro HijackThis v2.0.2Scan saved at 18:14:21, on 2008-10-08Platform: Windows XP SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.16705)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\Program\Delade filer\Symantec Shared\ccSvcHst.exeC:\WINDOWS\Explorer.EXEC:\Program\Lavasoft\Ad-Aware\aawservice.exeC:\WINDOWS\system32\LEXBCES.EXEC:\WINDOWS\system32\LEXPPS.EXEC:\WINDOWS\system32\spoolsv.exeC:\Program\Symantec\LiveUpdate\AluSchedulerSvc.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\hkcmd.exeC:\Program\Java\jre1.6.0_07\bin\jusched.exeC:\Program\Dell\Media Experience\PCMService.exeC:\WINDOWS\system32\dla\tfswctrl.exeC:\Program\Microsoft IntelliPoint\point32.exeC:\Program\Analog Devices\Core\smax4pnp.exeC:\Program\CyberLink\PowerDVD\DVDLauncher.exeC:\WINDOWS\system32\ctfmon.exeC:\Program\Delade filer\Symantec Shared\ccSvcHst.exeC:\Program\Delade filer\Sony Shared\AVLib\SSScsiSV.exeC:\Program\Gadu-Gadu\gg.exeC:\Program\Mozilla Firefox\firefox.exeC:\Program\Trend Micro\HijackThis\HijackThis.exeR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.euro.dell.com/countries/se/sve/gen/default.htmR0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.comR1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhostR0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = LänkarR3 - URLSearchHook: (no name) - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - (no file)R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dllO2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program\FlashGet\jccatch.dllO2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dllO2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program\Delade filer\Symantec Shared\coShared\Browser\2.5\coIEPlg.dllO2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program\DELADE~1\SYMANT~1\IDS\IPSBHO.dllO2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program\Java\jre1.6.0_07\bin\ssv.dllO2 - BHO: Windows Live inloggningshjälpen - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program\Delade filer\Microsoft Shared\Windows Live\WindowsLiveLogin.dllO2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dllO2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program\google\googletoolbar3.dllO2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program\MSN Apps\MSN Toolbar\01.02.5000.1021\sv\msntb.dllO2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program\FlashGet\getflash.dllO3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program\MSN Apps\MSN Toolbar\01.02.5000.1021\sv\msntb.dllO3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program\google\googletoolbar3.dllO3 - Toolbar: (no name) - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - (no file)O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program\Delade filer\Symantec Shared\coShared\Browser\2.5\CoIEPlg.dllO4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exeO4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exeO4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program\Java\jre1.6.0_07\bin\jusched.exe"O4 - HKLM\..\Run: [PCMService] "C:\Program\Dell\Media Experience\PCMService.exe"O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exeO4 - HKLM\..\Run: [updateManager] "C:\Program\Delade filer\Sonic\Update Manager\sgtray.exe" /rO4 - HKLM\..\Run: [intelliPoint] "C:\Program\Microsoft IntelliPoint\point32.exe"O4 - HKLM\..\Run: [soundMAXPnP] C:\Program\Analog Devices\Core\smax4pnp.exeO4 - HKLM\..\Run: [ccApp] "C:\Program\Delade filer\Symantec Shared\ccApp.exe"O4 - HKLM\..\Run: [osCheck] "C:\Program\Norton Internet Security\osCheck.exe"O4 - HKLM\..\Run: [ssAAD.exe] C:\Program\Sony\SONICS~1\SsAAD.exeO4 - HKLM\..\Run: [DVDLauncher] "C:\Program\CyberLink\PowerDVD\DVDLauncher.exe"O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exeO4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOKAL TJÄNST')O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')O4 - Global Startup: Microsoft Office.lnk = C:\Program\Microsoft Office\Office10\OSA.EXEO8 - Extra context menu item: &Download All with FlashGet - C:\Program\FlashGet\jc_all.htmO8 - Extra context menu item: &Download with FlashGet - C:\Program\FlashGet\jc_link.htmO8 - Extra context menu item: E&xportera till Microsoft Excel - res://C:\Program\MICROS~3\Office10\EXCEL.EXE/3000O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program\Java\jre1.6.0_07\bin\ssv.dllO9 - Extra 'Tools' menuitem: Sun Java-konsol - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program\Java\jre1.6.0_07\bin\ssv.dllO9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program\FlashGet\FlashGet.exeO9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program\FlashGet\FlashGet.exeO9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exeO9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exeO9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exeO9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exeO10 - Broken Internet access because of LSP provider 'c:\program\newdotnet\newdotnet3_88.dll' missingO16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedC...bin/AvSniff.cabO16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program\Yahoo!\Common\yinsthelper.dllO16 - DPF: {3451DEDE-631F-421C-8127-FD793AFC6CC8} (ControlInstaller Class) - http://www.symantec.com/techsupp/asa/ctrl/SymAData.cabO16 - DPF: {44990200-3C9D-426D-81DF-AAB636FA4345} (Symantec SmartIssue) - http://www.symantec.com/techsupp/asa/ctrl/tgctlsi.cabO16 - DPF: {44990301-3C9D-426D-81DF-AAB636FA4345} (Symantec Script Runner Class) - http://www.symantec.com/techsupp/asa/ctrl/tgctlsr.cabO16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5co...b?1094858987075O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cabO16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1181044071312O16 - DPF: {BFA1F11D-3121-AFE1-4112-894323212DAC} (GameDesire Word Games) - http://67.15.101.33/g_bin/pl/words_2_0_0_51.cabO16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cabO18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dllO18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program\DELADE~1\Skype\SKYPE4~1.DLLO22 - SharedTaskScheduler: auditioned - {44e670f2-d57b-4815-a576-955d17dbbf2d} - (no file)O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program\Lavasoft\Ad-Aware\aawservice.exeO23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program\Symantec\LiveUpdate\AluSchedulerSvc.exeO23 - Service: Automatisk LiveUpdate-schemaläggare - Symantec Corporation - C:\Program\Symantec\LiveUpdate\ALUSchedulerSvc.exeO23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program\Delade filer\Symantec Shared\ccSvcHst.exeO23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program\Delade filer\Symantec Shared\ccSvcHst.exeO23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program\Delade filer\Symantec Shared\ccSvcHst.exeO23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program\Delade filer\Symantec Shared\VAScanner\comHost.exeO23 - Service: Google Updater Service (gusvc) - Google - C:\Program\Google\Common\Google Updater\GoogleUpdaterService.exeO23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program\Delade filer\InstallShield\Driver\1150\Intel 32\IDriverT.exeO23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXEO23 - Service: LiveUpdate - Symantec Corporation - C:\Program\Symantec\LiveUpdate\LuComServer_3_4.EXEO23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program\Delade filer\Symantec Shared\ccSvcHst.exeO23 - Service: MSCSPTISRV - Sony Corporation - C:\Program\Delade filer\Sony Shared\AVLib\MSCSPTISRV.exeO23 - Service: PACSPTISVR - Sony Corporation - C:\Program\Delade filer\Sony Shared\AVLib\PACSPTISVR.exeO23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program\Delade filer\Sony Shared\AVLib\SPTISRV.exeO23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program\Delade filer\Sony Shared\AVLib\SSScsiSV.exeO23 - Service: Symantec Core LC - Unknown owner - C:\Program\DELADE~1\SYMANT~1\CCPD-LC\symlcsvc.exe--End of file - 11009 bytes
"Silent Runners.vbs", revision 58, http://www.silentrunners.org/Operating System: Windows XPOutput limited to non-default values, except where indicated by "{++}"Startup items buried in registry:---------------------------------HKCU\Software\Microsoft\Windows\CurrentVersion\Run\ {++}"ctfmon.exe" = "C:\WINDOWS\system32\ctfmon.exe" [MS]HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ {++}"IgfxTray" = "C:\WINDOWS\system32\igfxtray.exe" ["Intel Corporation"]"HotKeysCmds" = "C:\WINDOWS\system32\hkcmd.exe" ["Intel Corporation"]"SunJavaUpdateSched" = ""C:\Program\Java\jre1.6.0_07\bin\jusched.exe"" ["Sun Microsystems, Inc."]"PCMService" = ""C:\Program\Dell\Media Experience\PCMService.exe"" ["CyberLink Corp."]"dla" = "C:\WINDOWS\system32\dla\tfswctrl.exe" ["Sonic Solutions"]"UpdateManager" = ""C:\Program\Delade filer\Sonic\Update Manager\sgtray.exe" /r" ["Sonic Solutions"]"IntelliPoint" = ""C:\Program\Microsoft IntelliPoint\point32.exe"" [MS]"SoundMAXPnP" = "C:\Program\Analog Devices\Core\smax4pnp.exe" ["Analog Devices, Inc."]"ccApp" = ""C:\Program\Delade filer\Symantec Shared\ccApp.exe"" ["Symantec Corporation"]"osCheck" = ""C:\Program\Norton Internet Security\osCheck.exe"" ["Symantec Corporation"]"SsAAD.exe" = "C:\Program\Sony\SONICS~1\SsAAD.exe" [null data]"DVDLauncher" = ""C:\Program\CyberLink\PowerDVD\DVDLauncher.exe"" ["CyberLink Corp."]HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}\(Default) = (no title provided)  -> {HKLM...CLSID} = "Adobe PDF Reader Link Helper"				   \InProcServer32\(Default) = "C:\Program\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll" ["Adobe Systems Incorporated"]{2F364306-AA45-47B5-9F9D-39A8B94E7EF7}\(Default) = "flashget urlcatch"  -> {HKLM...CLSID} = "FGCatchUrl"				   \InProcServer32\(Default) = "C:\Program\FlashGet\jccatch.dll" ["www.flashget.com"]{5CA3D70E-1895-11CF-8E15-001234567890}\(Default) = (no title provided)  -> {HKLM...CLSID} = "DriveLetterAccess"				   \InProcServer32\(Default) = "C:\WINDOWS\system32\dla\tfswshx.dll" ["Sonic Solutions"]{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}\(Default) = "NCO 2.0 IE BHO"  -> {HKLM...CLSID} = (no title provided)				   \InProcServer32\(Default) = "C:\Program\Delade filer\Symantec Shared\coShared\Browser\2.5\coIEPlg.dll" ["Symantec Corporation"]{6D53EC84-6AAE-4787-AEEE-F4628F01010C}\(Default) = "Symantec Intrusion Prevention"  -> {HKLM...CLSID} = "Symantec Intrusion Prevention"				   \InProcServer32\(Default) = "C:\Program\DELADE~1\SYMANT~1\IDS\IPSBHO.dll" ["Symantec Corporation"]{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\(Default) = (no title provided)  -> {HKLM...CLSID} = "SSVHelper Class"				   \InProcServer32\(Default) = "C:\Program\Java\jre1.6.0_07\bin\ssv.dll" ["Sun Microsystems, Inc."]{9030D464-4C02-4ABF-8ECC-5164760863C6}\(Default) = (no title provided)  -> {HKLM...CLSID} = "Windows Live inloggningshjälpen"				   \InProcServer32\(Default) = "C:\Program\Delade filer\Microsoft Shared\Windows Live\WindowsLiveLogin.dll" [MS]{9394EDE7-C8B5-483E-8773-474BF36AF6E4}\(Default) = (no title provided)  -> {HKLM...CLSID} = "ST"				   \InProcServer32\(Default) = "C:\Program\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll" [MS]{AA58ED58-01DD-4d91-8333-CF10577473F7}\(Default) = (no title provided)  -> {HKLM...CLSID} = "Google Toolbar Helper"				   \InProcServer32\(Default) = "c:\program\google\googletoolbar3.dll" ["Google Inc."]{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0}\(Default) = (no title provided)  -> {HKLM...CLSID} = "MSNToolBandBHO"				   \InProcServer32\(Default) = "C:\Program\MSN Apps\MSN Toolbar\01.02.5000.1021\sv\msntb.dll" [MS]{F156768E-81EF-470C-9057-481BA8380DBA}\(Default) = (no title provided)  -> {HKLM...CLSID} = "FlashGet GetFlash Class"				   \InProcServer32\(Default) = "C:\Program\FlashGet\getflash.dll" ["www.flashget.com"]HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\"{42071714-76d4-11d1-8b24-00a0c9068ff3}" = "Kontrollpanelstillägg för bildskärmspanorering"  -> {HKLM...CLSID} = "Kontrollpanelstillägg för bildskärmspanorering"				   \InProcServer32\(Default) = "deskpan.dll" [file not found]"{88895560-9AA2-1069-930E-00AA0030EBC8}" = "HyperTerminal-ikontillägg"  -> {HKLM...CLSID} = "HyperTerminal Icon Ext"				   \InProcServer32\(Default) = "C:\WINDOWS\System32\hticons.dll" ["Hilgraeve, Inc."]"{5CA3D70E-1895-11CF-8E15-001234567890}" = "DriveLetterAccess"  -> {HKLM...CLSID} = "DriveLetterAccess"				   \InProcServer32\(Default) = "C:\WINDOWS\system32\dla\tfswshx.dll" ["Sonic Solutions"]"{400CFEE2-39D0-46DC-96DF-E0BB5A4324B3}" = "My Logitech Pictures"  -> {HKLM...CLSID} = "My Logitech Pictures"				   \InProcServer32\(Default) = "C:\Program\Logitech\Video\Namespc2.dll" ["Logitech Inc."]"{B41DB860-8EE4-11D2-9906-E49FADC173CA}" = "WinRAR shell extension"  -> {HKLM...CLSID} = "WinRAR"				   \InProcServer32\(Default) = "C:\Program\WinRAR\rarext.dll" [null data]"{DEE12703-6333-4D4E-8F34-738C4DCC2E04}" = "RecordNow! SendToExt"  -> {HKLM...CLSID} = "RecordNow! SendToExt"				   \InProcServer32\(Default) = "C:\Program\Sonic\RecordNow!\shlext.dll" [null data]"{20082881-FC36-4E47-9A7A-644C95FF749F}" = "IntelliPoint Wireless Control Panel Property Page"  -> {HKLM...CLSID} = "Wireless Property Page"				   \InProcServer32\(Default) = ""C:\Program\Microsoft IntelliPoint\ipcplwir.dll"" [MS]"{AF90F543-6A3A-4C1B-8B16-ECEC073E69BE}" = "IntelliPoint Wheel Control Panel Property Page"  -> {HKLM...CLSID} = "Wheel Property Page"				   \InProcServer32\(Default) = ""C:\Program\Microsoft IntelliPoint\ipcplwhl.dll"" [MS]"{653DCCC2-13DB-45B2-A389-427885776CFE}" = "IntelliPoint Activities Control Panel Property Page"  -> {HKLM...CLSID} = "Activities Property Page"				   \InProcServer32\(Default) = ""C:\Program\Microsoft IntelliPoint\ipcplact.dll"" [MS]"{124597D8-850A-41AE-849C-017A4FA99CA2}" = "IntelliPoint Buttons Control Panel Property Page"  -> {HKLM...CLSID} = "Buttons Property Page"				   \InProcServer32\(Default) = ""C:\Program\Microsoft IntelliPoint\ipcplbtn.dll"" [MS]"{FC9FB64A-1EB2-4CCF-AF5E-1A497A9B5C2D}" = "Messenger Sharing Folders"  -> {HKLM...CLSID} = "Mina delade mappar"				   \InProcServer32\(Default) = "C:\Program\Windows Live\Messenger\fsshext.8.5.1302.1018.dll" [MS]"{0006F045-0000-0000-C000-000000000046}" = "Microsoft Outlook Custom Icon Handler"  -> {HKLM...CLSID} = "Outlook File Icon Extension"				   \InProcServer32\(Default) = "C:\Program\Microsoft Office\Office10\OLKFSTUB.DLL" [MS]"{42042206-2D85-11D3-8CFF-005004838597}" = "Microsoft Office HTML Icon Handler"  -> {HKLM...CLSID} = (no title provided)				   \InProcServer32\(Default) = "C:\Program\Microsoft Office\Office10\msohev.dll" [MS]"{03DAACC5-10BA-4E3E-9D54-2A569F6B4B87}" = "Sony Ericsson File Manager"  -> {HKLM...CLSID} = "Sony Ericsson File Manager"				   \InProcServer32\(Default) = "C:\Program\Sony Ericsson\Mobile2\File Manager\FM.dll" ["Popwire AB"]"{738D66C6-0149-4D40-84E4-A7BB2D0CE949}" = "Sony Ericsson File Manager"  -> {HKLM...CLSID} = "Sony Ericsson File Manager"				   \InProcServer32\(Default) = "C:\Program\Sony Ericsson\Mobile2\File Manager\FM.dll" ["Popwire AB"]"{EFA24E62-B078-11d0-89E4-00C04FC9E26E}" = "History Band"  -> {HKLM...CLSID} = "History Band"				   \InProcServer32\(Default) = "C:\WINDOWS\system32\shdocvw.dll" [MS]"{10677009-C23C-4FC2-A62C-29323A2201F0}" = "AQQ File Transfer Shell Extension"  -> {HKLM...CLSID} = "AQQ File Transfer Shell Extension"				   \InProcServer32\(Default) = "C:\Program\WapSter\WAPSTE~1\System\AQQSHE~1.DLL" [file not found]HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\"WPDShServiceObj" = "{AAA288BA-9A4C-45B0-95D7-94D524869DB5}"  -> {HKLM...CLSID} = "WPDShServiceObj Class"				   \InProcServer32\(Default) = "C:\WINDOWS\system32\WPDShServiceObj.dll" [MS]HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\<<!>> "BootExecute" = "autocheck autochk *"|"lsdelete" [null data]HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\<<!>> dimsntfy\DLLName = "C:\WINDOWS\System32\dimsntfy.dll" [MS]<<!>> igfxcui\DLLName = "igfxsrvc.dll" ["Intel Corporation"]

Mateusz J.
komentarz
komentarz
O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)O3 - Toolbar: (no name) - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - (no file)O10 - Broken Internet access because of LSP provider 'c:\program\newdotnet\newdotnet3_88.dll' missingO22 - SharedTaskScheduler: auditioned - {44e670f2-d57b-4815-a576-955d17dbbf2d} - (no file)

Fix.

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.euro .dell.com/countries/se/sve/gen/default.htm

Nie znasz = Fix

Do notatnika wklej:

Windows Registry Editor Version 5.00[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager]"BootExecute"=hex(7):61,00,75,00,74,00,6f,00,63,00,68,00,65,00,63,00,6b,00,20,\00,61,00,75,00,74,00,6f,00,63,00,68,00,6b,00,20,00,2a,00,00,00,00,00

Plik ==> Zapisz jako ==> Zmień rozszerzenie na Wszystkie pliki ==> Zapisz pod nazwą FIX.REG

Uruchom utworzony plik FIX.REG i potwierdź dodanie do Rejestru i zresetuj komputer.

Pokaż log z ComboFix.

Podaj powód sprawdzania logów.

dr.hanibale
komentarz
komentarz

Dzieki wielkie!

Tylko jest problem, bo ja w tym nowa:P wiec zielono mi:))) krok po kroku bym prosila i jak tylko mozliwie wyczerpujace instrukcje bo ni hu hu nie poniemaju:D a tak na serio...to nie wiem co mam teraz z tym uczynic:/

combofix po uruchomieniu jest dziwny i wcale nie taki jak w instrukcj obslugi..jest masa po angielsku ktorego nie czaje:) i jest yes albo no na koncu:D kliknelam na yes to kazal mi zamknac przegladarke a ja wtedy nie wiem co mam robic bez instrukcji:P wlaczyl sie i stalo, ze ok 10 minut moze to zajac...a ja spanikowalam:P i przerwalam:/ potem nie dzialala mi przegladarka:> dopiero po resecie...boje sie tego:P HELP!;)

Pzdr

po zainstalowaniu pojawil mi sie na c:

w ktora ikone kliknac aby uruchomic?

powod sprawdzania: http://www.forumpc.pl/index.php?showtopic=68984

No wiec tak: po zainstalowaniu combofix, nie pojawia sie NIC. Po ponownym kliknieciu na ComboFix.exe wylacza mi okno z netem i wyskakuje dziwny komunikat in english ktorego ja nie rozumiem:) aaa...wczesniej jeszcze komputer wydobywa z siebie dziwne 'piiip' krotkie ale donosne. Wiec ja z obawy przed nieznanym, klikam na 'no' i okienko z informacja znika.

ok, nie wiem czy o to chodzilo ale kombinowalam sama;)

te 5 zaznaczylam i wtedy fix checked z czego ten 010.... sie nie dalo. DOBRZE?

O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)O3 - Toolbar: (no name) - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - (no file)O10 - Broken Internet access because of LSP provider 'c:\program\newdotnet\newdotnet3_88.dll' missingO22 - SharedTaskScheduler: auditioned - {44e670f2-d57b-4815-a576-955d17dbbf2d} - (no file)R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.euro .dell.com/countries/se/sve/gen/default.htm

do notatnika na samym dole wkleilam podany powyzej kod i zapisalam tak jak sugerowano.

po otworzeniu pliku wyskakuje komunikat iz nie da sie imoprtowac:/

Mateusz J.
komentarz
komentarz

Masz tu parę innych opisów ComboFix:

http://forum.idg.pl/bezpieczenstwo_kompute...ia-t118804.html

http://forum.pcformat.pl/showthread.php?tid=4505

http://peb.pl/logi-do-sprawdzenia/100567-h...-maly-opis.html

http://www.searchengines.pl/index.php?show...p;p=395642&

A ComboFix wyłącza internet na czas skanowania. Ty go wyłączyłaś i nie zdążył go z powrotem uruchomić :)

Muszę mieć loga z ComboFix, bo HijackThis w tych czasach jest za słaby na wirusy.

Ja lecę do szkoły :)

dr.hanibale
komentarz
komentarz

Dziekuje i prosze bardzo:)

ComboFix 08-10-08.02 - kinga viklund 2008-10-09  9:03:36.1 - NTFSx86Running from: C:\Documents and Settings\kinga viklund\Skrivbord\downloads\ComboFix.exe * Created a new restore point[b]WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !![/b].(((((((((((((((((((((((((((((((((((((((   Other Deletions   ))))))))))))))))))))))))))))))))))))))))))))))))).C:\Program\MWC:\Program\newdotnetC:\Program\newdotnet\readme.txtC:\WINDOWS\Downloaded Program Files\setup.infC:\WINDOWS\system32\drivers\fad.sysC:\WINDOWS\system32\fcea8_z.dll.(((((((((((((((((((((((((   Files Created from 2008-09-09 to 2008-10-09  ))))))))))))))))))))))))))))))).2008-10-04 21:51 . 2008-10-04 21:51	<KAT>	d--------	C:\Program\jv16 PowerTools 20082008-10-04 21:51 . 2008-10-04 21:51	23	--a------	C:\WINDOWS\SYSTEM32\adbeefe_z.ocx2008-10-04 14:22 . 2008-10-04 14:22	25,992	--a------	C:\WINDOWS\SYSTEM32\pgdfgsvc.exe2008-09-29 17:47 . 2008-09-29 17:47	361,728	--a------	C:\WINDOWS\SYSTEM32\TuneUpDefragService.exe2008-09-25 11:21 . 2008-09-25 11:25	<KAT>	d--------	C:\Documents and Settings\kinga viklund\Application Data\Nowe Gadu-Gadu2008-09-25 08:20 . 2008-09-25 08:20	<KAT>	d--------	C:\Documents and Settings\kinga viklund\WapSter2008-09-25 08:18 . 2008-09-25 08:18	<KAT>	d--------	C:\Program\WapSter2008-09-25 00:57 . 2008-09-25 00:57	<KAT>	d--------	C:\WINDOWS\SYSTEM32\sv2008-09-25 00:57 . 2008-09-25 00:57	<KAT>	d--------	C:\WINDOWS\l2schemas2008-09-24 23:07 . 2008-04-14 18:04	69,120	---------	C:\WINDOWS\SYSTEM32\wlanapi.dll2008-09-24 23:06 . 2008-04-14 18:04	53,248	---------	C:\WINDOWS\SYSTEM32\tsgqec.dll2008-09-24 23:06 . 2008-04-14 18:04	50,688	---------	C:\WINDOWS\SYSTEM32\tspkg.dll2008-09-24 23:05 . 2008-04-14 18:04	291,328	---------	C:\WINDOWS\SYSTEM32\qagentrt.dll2008-09-24 23:05 . 2008-04-14 18:04	290,304	---------	C:\WINDOWS\SYSTEM32\rhttpaa.dll2008-09-24 23:05 . 2008-04-14 18:04	150,528	---------	C:\WINDOWS\SYSTEM32\qagent.dll2008-09-24 23:05 . 2008-04-14 18:04	144,384	---------	C:\WINDOWS\SYSTEM32\onex.dll2008-09-24 23:05 . 2008-04-14 18:04	76,800	---------	C:\WINDOWS\SYSTEM32\qutil.dll2008-09-24 23:05 . 2008-04-14 18:04	62,464	---------	C:\WINDOWS\SYSTEM32\qcliprov.dll2008-09-24 23:05 . 2008-04-14 18:04	61,952	---------	C:\WINDOWS\SYSTEM32\rasqec.dll2008-09-24 23:05 . 2008-04-14 18:05	32,768	---------	C:\WINDOWS\SYSTEM32\setupn.exe2008-09-24 23:05 . 2008-04-13 20:40	10,240	---------	C:\WINDOWS\SYSTEM32\DRIVERS\sffp_mmc.sys2008-09-24 23:04 . 2008-04-14 18:04	1,306,624	---------	C:\WINDOWS\SYSTEM32\msxml6.dll2008-09-24 23:04 . 2008-04-14 18:04	194,048	---------	C:\WINDOWS\SYSTEM32\napmontr.dll2008-09-24 23:04 . 2008-04-14 18:05	176,128	---------	C:\WINDOWS\SYSTEM32\napstat.exe2008-09-24 23:04 . 2008-04-14 17:41	79,872	---------	C:\WINDOWS\SYSTEM32\msxml6r.dll2008-09-24 23:04 . 2008-04-14 18:04	30,208	---------	C:\WINDOWS\SYSTEM32\napipsec.dll2008-09-24 23:03 . 2008-04-14 18:04	155,136	---------	C:\WINDOWS\SYSTEM32\mssha.dll2008-09-24 23:03 . 2008-04-14 17:41	77,312	---------	C:\WINDOWS\SYSTEM32\msshavmsg.dll2008-09-24 23:02 . 2008-04-14 18:04	397,312	---------	C:\WINDOWS\SYSTEM32\mmcex.dll2008-09-24 23:02 . 2008-04-14 18:04	184,320	---------	C:\WINDOWS\SYSTEM32\microsoft.managementconsole.dll2008-09-24 23:02 . 2008-04-14 18:04	106,496	---------	C:\WINDOWS\SYSTEM32\mmcfxcommon.dll2008-09-24 23:02 . 2008-04-14 18:05	33,792	---------	C:\WINDOWS\SYSTEM32\mmcperf.exe2008-09-24 23:01 . 2008-04-14 18:04	61,440	---------	C:\WINDOWS\SYSTEM32\kmsvc.dll2008-09-24 23:01 . 2008-04-14 18:04	37,376	---------	C:\WINDOWS\SYSTEM32\l2gpstore.dll2008-09-24 23:00 . 2008-04-14 18:03	6,144	---------	C:\WINDOWS\SYSTEM32\kbdpash.dll2008-09-24 23:00 . 2008-04-14 18:03	6,144	---------	C:\WINDOWS\SYSTEM32\kbdnepr.dll2008-09-24 23:00 . 2008-04-14 18:03	6,144	---------	C:\WINDOWS\SYSTEM32\kbdiultn.dll2008-09-24 23:00 . 2008-04-14 18:03	6,144	---------	C:\WINDOWS\SYSTEM32\kbdbhc.dll2008-09-24 22:59 . 2008-04-14 17:46	2,524	---------	C:\WINDOWS\SYSTEM32\pid.inf2008-09-24 22:58 . 2008-04-13 18:36	144,384	---------	C:\WINDOWS\SYSTEM32\DRIVERS\hdaudbus.sys2008-09-24 22:57 . 2008-04-14 18:04	184,832	---------	C:\WINDOWS\SYSTEM32\eapp3hst.dll2008-09-24 22:57 . 2008-04-14 18:04	180,224	---------	C:\WINDOWS\SYSTEM32\eapphost.dll2008-09-24 22:57 . 2008-04-14 18:04	126,976	---------	C:\WINDOWS\SYSTEM32\eappcfg.dll2008-09-24 22:57 . 2008-04-14 18:04	94,208	---------	C:\WINDOWS\SYSTEM32\eappgnui.dll2008-09-24 22:57 . 2008-04-14 18:04	58,880	---------	C:\WINDOWS\SYSTEM32\eapqec.dll2008-09-24 22:57 . 2008-04-14 18:04	40,960	---------	C:\WINDOWS\SYSTEM32\eappprxy.dll2008-09-24 22:57 . 2008-04-14 18:04	33,280	---------	C:\WINDOWS\SYSTEM32\eapsvc.dll2008-09-24 22:57 . 2008-04-14 18:04	30,720	---------	C:\WINDOWS\SYSTEM32\eapolqec.dll2008-09-24 22:57 . 2006-12-28 21:01	19,569	--a------	C:\WINDOWS\[u]0[/u]05618_.tmp2008-09-24 22:56 . 2008-04-14 18:04	651,264	---------	C:\WINDOWS\SYSTEM32\dot3ui.dll2008-09-24 22:56 . 2008-04-14 18:04	132,608	---------	C:\WINDOWS\SYSTEM32\dot3svc.dll2008-09-24 22:56 . 2008-04-14 18:04	59,392	---------	C:\WINDOWS\SYSTEM32\dot3cfg.dll2008-09-24 22:56 . 2008-04-14 18:04	56,320	---------	C:\WINDOWS\SYSTEM32\dot3msm.dll2008-09-24 22:56 . 2008-04-14 18:04	48,640	---------	C:\WINDOWS\SYSTEM32\dhcpqec.dll2008-09-24 22:56 . 2008-04-14 18:04	39,936	---------	C:\WINDOWS\SYSTEM32\dot3gpclnt.dll2008-09-24 22:56 . 2008-04-14 18:04	39,936	---------	C:\WINDOWS\SYSTEM32\dimsroam.dll2008-09-24 22:56 . 2008-04-14 18:04	26,112	---------	C:\WINDOWS\SYSTEM32\dot3api.dll2008-09-24 22:56 . 2008-04-14 18:04	19,456	---------	C:\WINDOWS\SYSTEM32\dimsntfy.dll2008-09-24 22:56 . 2008-04-14 18:04	9,216	---------	C:\WINDOWS\SYSTEM32\dot3dlg.dll2008-09-24 22:55 . 2008-04-14 18:04	12,800	---------	C:\WINDOWS\SYSTEM32\credssp.dll2008-09-24 22:54 . 2008-04-14 18:04	233,472	---------	C:\WINDOWS\SYSTEM32\azroles.dll2008-09-24 22:54 . 2008-04-14 18:04	7,168	---------	C:\WINDOWS\SYSTEM32\bitsprx4.dll2008-09-24 22:52 . 2008-04-14 18:04	136,192	---------	C:\WINDOWS\SYSTEM32\aaclient.dll2008-09-23 23:39 . 2008-09-23 23:39	<KAT>	d--------	C:\Program\Sun.((((((((((((((((((((((((((((((((((((((((   Find3M Report   )))))))))))))))))))))))))))))))))))))))))))))))))))).2008-10-09 07:09	---------	d-----w	C:\Program\Delade filer\Symantec Shared2008-10-06 22:28	---------	d-----w	C:\Program\FlashGet2008-10-04 11:34	---------	d-----w	C:\Program\Yahoo!2008-10-03 15:28	---------	d-----w	C:\Program\TuneUp Utilities 20082008-10-03 15:28	---------	d-----w	C:\Program\Delade filer\Wise Installation Wizard2008-09-23 22:32	---------	d-----w	C:\Program\Symantec2008-09-23 22:31	805	----a-w	C:\WINDOWS\system32\drivers\SYMEVENT.INF2008-09-23 22:31	60,800	----a-w	C:\WINDOWS\SYSTEM32\S32EVNT1.DLL2008-09-23 22:31	123,952	----a-w	C:\WINDOWS\system32\drivers\SYMEVENT.SYS2008-09-23 22:31	10,671	----a-w	C:\WINDOWS\system32\drivers\SYMEVENT.CAT2008-09-23 22:23	---------	d-----w	C:\Documents and Settings\All Users\Application Data\Symantec2008-09-23 21:36	---------	d-----w	C:\Program\Java2008-07-18 20:10	94,920	----a-w	C:\WINDOWS\SYSTEM32\cdm.dll2008-07-18 20:10	53,448	----a-w	C:\WINDOWS\SYSTEM32\wuauclt.exe2008-07-18 20:10	45,768	----a-w	C:\WINDOWS\SYSTEM32\wups2.dll2008-07-18 20:10	36,552	----a-w	C:\WINDOWS\SYSTEM32\wups.dll2008-07-18 20:09	563,912	----a-w	C:\WINDOWS\SYSTEM32\wuapi.dll2008-07-18 20:09	325,832	----a-w	C:\WINDOWS\SYSTEM32\wucltui.dll2008-07-18 20:09	205,000	----a-w	C:\WINDOWS\SYSTEM32\wuweb.dll2008-07-18 20:09	1,811,656	----a-w	C:\WINDOWS\SYSTEM32\wuaueng.dll2008-07-18 20:07	270,880	----a-w	C:\WINDOWS\SYSTEM32\mucltui.dll2008-07-18 20:07	210,976	----a-w	C:\WINDOWS\SYSTEM32\muweb.dll2008-06-07 08:27	63,992	----a-w	C:\Documents and Settings\kinga viklund\Application Data\GDIPFONTCACHEV1.DAT2008-05-21 13:43	20	---ha-w	C:\Documents and Settings\All Users\Application Data\PKP_DLdw.DAT2008-05-21 13:42	20	---ha-w	C:\Documents and Settings\All Users\Application Data\PKP_DLdu.DAT2005-11-02 13:55	774,144	----a-w	C:\Program\RngInterstitial.dll2005-04-08 07:40	36	----a-w	C:\Documents and Settings\kinga viklund\klextlock.dat.(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))..*Note* empty entries & legit default entries are not shown REGEDIT4[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-14 15360][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"IgfxTray"="C:\WINDOWS\system32\igfxtray.exe" [2005-10-19 155648]"HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" [2005-10-19 126976]"SunJavaUpdateSched"="C:\Program\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]"PCMService"="C:\Program\Dell\Media Experience\PCMService.exe" [2004-04-11 290816]"dla"="C:\WINDOWS\system32\dla\tfswctrl.exe" [2004-03-15 122933]"UpdateManager"="C:\Program\Delade filer\Sonic\Update Manager\sgtray.exe" [2003-08-19 110592]"IntelliPoint"="C:\Program\Microsoft IntelliPoint\point32.exe" [2005-03-24 217088]"SoundMAXPnP"="C:\Program\Analog Devices\Core\smax4pnp.exe" [2004-10-14 1404928]"ccApp"="C:\Program\Delade filer\Symantec Shared\ccApp.exe" [2008-01-25 51048]"osCheck"="C:\Program\Norton Internet Security\osCheck.exe" [2008-02-07 718704]"SsAAD.exe"="C:\Program\Sony\SONICS~1\SsAAD.exe" [2005-01-24 81920]"DVDLauncher"="C:\Program\CyberLink\PowerDVD\DVDLauncher.exe" [2004-04-11 53248][HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2008-04-14 15360]C:\Documents and Settings\All Users\Start-meny\Program\Autostart\Microsoft Office.lnk - C:\Program\Microsoft Office\Office10\OSA.EXE [2001-02-13 83360][HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]"msacm.enc"= ITIG726.acm"VIDC.MJPG"= pvmjpg21.dll"VIDC.YV12"= yv12vfw.dll[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]"Gadu-Gadu"="C:\Program\Gadu-Gadu\PowerGG.exe"[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]"Adobe Photo Downloader"="C:\Program\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe""QuickTime Task"="C:\Program\QuickTime\qttask.exe" -atboottime"Lexmark X1100 Series"="C:\Program\Lexmark X1100 Series\lxbkbmgr.exe""LogitechVideoRepair"=C:\Program\Logitech\Video\ISStart.exe"LogitechVideoTray"=C:\Program\Logitech\Video\LogiTray.exe"SsAAD.exe"=C:\Program\Sony\SONICS~1\SsAAD.exe"Sony Ericsson PC Suite"="C:\Program\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions[HKEY_LOCAL_MACHINE\software\microsoft\security center]"AntiVirusOverride"=dword:00000001"FirewallOverride"=dword:00000001[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]"DisableMonitoring"=dword:00000001[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]"DisableMonitoring"=dword:00000001[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]"DisableMonitoring"=dword:00000001[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]"EnableFirewall"= 0 (0x0)[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]"C:\\Program\\Messenger\\msmsgs.exe"="C:\\WINDOWS\\SYSTEM32\\fxsclnt.exe"="C:\\Program\\Gadu-Gadu\\gg.exe"="C:\\WINDOWS\\system32\\sessmgr.exe"="C:\\Program\\LimeWire\\LimeWire.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe"="C:\\Program\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"="C:\\Program\\Skype\\Phone\\Skype.exe"="C:\\Program\\uTorrent\\uTorrent.exe"="C:\\Program\\FlashGet\\FlashGet.exe"="%windir%\\system32\\sessmgr.exe"="C:\\Program\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program\\Windows Live\\Messenger\\livecall.exe"=R2 LiveUpdate Notice;LiveUpdate Notice;C:\Program\Delade filer\Symantec Shared\ccSvcHst.exe [2008-01-25 149864]R3 COH_Mon;COH_Mon;C:\WINDOWS\system32\Drivers\COH_Mon.sys [2008-07-30 23888]S2 Automatisk LiveUpdate-schemaläggare;Automatisk LiveUpdate-schemaläggare;C:\Program\Symantec\LiveUpdate\ALUSchedulerSvc.exe [2008-02-09 238968]*Newly Created Service* - COMHOST.Contents of the 'Scheduled Tasks' folder2008-10-09 C:\WINDOWS\Tasks\1-Click Maintenance.job- C:\Program\TuneUp Utilities 2008\OneClickStarter.exe []2008-10-09 C:\WINDOWS\Tasks\Konserwacja jednym kliknieciem.job- C:\Program\TuneUp Utilities 2008\OneClickStarter.exe []2008-10-06 C:\WINDOWS\Tasks\Norton Internet Security - Kör fullständig systemsökning - kinga viklund.job- C:\Program\Norton Internet Security\Norton AntiVirus\Navw32.exe [2008-02-07 08:05]..------- Supplementary Scan -------.FireFox -: Profile - C:\Documents and Settings\kinga viklund\Application Data\Mozilla\Firefox\Profiles\5xvbq04y.default\FireFox -: prefs.js - STARTUP.HOMEPAGE - www.google.seFF -: plugin - C:\Program\Adobe\Acrobat 7.0\Reader\browser\nppdf32.dllFF -: plugin - C:\Program\Mozilla Firefox\plugins\NPWORDS.dllFF -: plugin - C:\Program\Real\RealArcade\Plugins\Mozilla\npracplug.dllFF -: plugin - C:\Program\Yahoo!\Common\npyaxmpb.dll.**************************************************************************catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.netRootkit scan 2008-10-09 09:09:41Windows 5.1.2600 Service Pack 3 NTFSscanning hidden processes ... scanning hidden autostart entries ...scanning hidden files ... scan completed successfullyhidden files: 0**************************************************************************.Completion time: 2008-10-09  9:13:41ComboFix-quarantined-files.txt  2008-10-09 07:12:51Pre-Run: 40 523 567 104 byte ledigtPost-Run: 40,629,600,256 byte ledigt212	--- E O F ---	2008-09-25 16:25:09
Mateusz J.
komentarz
komentarz

Usuń c:\QooBox

Log wygląda na czysty.

Przeskanuj komputer skanerem online (Kaspersky), raport pokaż na forum.

dr.hanibale
komentarz
komentarz

Dzieki wielkie!

A z Kasperskiego nie chca mi dac skorzystac cus:/ ;) po kliknieciu na 'zgadzam sie' nic sie nie dzieje :|

Psycholandia
komentarz
komentarz

Musisz go włączyć w przeglądarce Internet Explorer.

dr.hanibale
komentarz
komentarz

Wszystkim bardzo wielkie dzieki za pomoc! Norton nie wykazal juz niczego...dla pewnosci sprawdze tez pozniej kasperskym, bo on bardzo dlugo czasu zajmuje...ale jak znajde dluzsza chwile to to zrobie;)

Temat do zamkniecia.

Pzdr

Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!

Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.

×
×
  • Dodaj nową pozycję...

Powiadomienie o plikach cookie

Strona wykorzystuje pliki cookies w celu prawidłowego świadczenia usług i wygody użytkowników. Warunki przechowywania i dostępu do plików cookies możesz zmienić w ustawieniach przeglądarki.