x-kom hosting

log do sprawdzenia

horscik
utworzono
utworzono
Logfile of Trend Micro HijackThis v2.0.2Scan saved at 23:29:41, on 2009-01-12Platform: Windows XP Dodatek SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\system32\RUNDLL32.EXEC:\WINDOWS\RTHDCPL.EXEC:\Program Files\ESET\ESET NOD32 Antivirus\egui.exeC:\Program Files\Java\jre6\bin\jusched.exeC:\Program Files\ASUS\AI Suite\AiNap\AiNap.exeC:\WINDOWS\system32\ctfmon.exeC:\Program Files\EXPERTool\TBPanel.exeC:\Program Files\Gadu-Gadu\gg.exeC:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exeC:\Program Files\Logitech\SetPoint\SetPoint.exeC:\Documents and Settings\bart\Menu Start\Programy\Autostart\Total Commander Updater.exeC:\Program Files\Common Files\Logitech\KhalShared\KHALMNPR.EXEC:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exeC:\Program Files\Java\jre6\bin\jqs.exeC:\Program Files\Common Files\LightScribe\LSSrvc.exeC:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXEC:\WINDOWS\system32\nvsvc32.exeC:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exeC:\WINDOWS\system32\wbem\wmiapsrv.exeC:\Program Files\Mozilla Firefox\firefox.exeC:\PROGRA~1\MICROS~2\OFFICE11\OUTLOOK.EXEC:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXEc:\program files\windows media player\wmplayer.exeC:\WINDOWS\msagent\AgentSvr.exeC:\Program Files\Malwarebytes' Anti-Malware\mbam.exeC:\Documents and Settings\bart\Pulpit\HiJackThis.exeR0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = ŁączaO2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dllO2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dllO2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dllO2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dllO4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartupO4 - HKLM\..\Run: [nwiz] nwiz.exe /installO4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInitO4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXEO4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXEO4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitserviceO4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exeO4 - HKLM\..\Run: [Ai Nap] "C:\Program Files\ASUS\AI Suite\AiNap\AiNap.exe"O4 - HKLM\..\Run: [QFan Help] "C:\Program Files\ASUS\AI Suite\QFan3\QFanHelp.exe"O4 - HKLM\..\Run: [Cpu Level Up help] C:\Program Files\ASUS\AI Suite\CpuLevelUpHelp.exeO4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXEO4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silentO4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exeO4 - HKCU\..\Run: [GAINWARD] C:\Program Files\EXPERTool\TBPanel.exe /AO4 - HKCU\..\Run: [Gadu-Gadu] "C:\Program Files\Gadu-Gadu\gg.exe" /trayO4 - HKCU\..\Run: [RGSC] F:\GTAIV\Rockstar Games Social Club\RGSCLauncher.exe /silentO4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA LOKALNA')O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA SIECIOWA')O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')O4 - Startup: Total Commander Updater.exeO4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exeO4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exeO8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000O9 - Extra button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLLO9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exeO9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exeO9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1230731896921O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dllO23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exeO23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exeO23 - Service: getPlus? Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exeO23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exeO23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exeO23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe--End of file - 6376 bytes

jp44
komentarz
komentarz

A czy jakieś są problemy z systemem , że wstawiasz log ? . Czysto .

horscik
komentarz
komentarz

Tak, (muli się minimalnie) ale widocznie nie w tym problem. W sumie nie przeszkadza to, aż tak bardzo, ale ok nie w tym problem co myślałem. Dzięki za odp.

Głównie chodzi o to, że długo się ładuje sam Windows.

Mateusz J.
komentarz
komentarz

Możesz pokazać jeszcze loga z ComboFix.

Proponuję wyczyścić autostart.

horscik
komentarz
komentarz

Co do autostartu mam tylko: gg, nod32, rockstar z gta, expert tool z grafy (to ewentualnie mogę usunąć).

Patrząc w jv16 wychodzi, że mam ich więcej, co mogę usunąć bezpiecznie? (chyba, że są one nie aktywne). Foto w jpg.

Rejestr wyczyszczony z zbędnych rzeczy. Ogólnie system wyczyszczony.

Tutaj log ComboFix (jeżeli coś się stało to poproszę o info, co i gdzie):

ComboFix 09-01-12.04 - bart 2009-01-13 19:01:43.1 - NTFSx86Microsoft Windows XP Professional  5.1.2600.3.1250.1.1045.18.3327.2646 [GMT 1:00]Uruchomiony z: c:\documents and settings\bart\Pulpit\ComboFix.exeAV: ESET NOD32 Antivirus 3.0 *On-access scanning disabled* (Outdated) * Utworzono nowy punkt przywracania * Resident AV is active.(((((((((((((((((((((((((   Pliki utworzone od 2008-12-13 do 2009-01-13  ))))))))))))))))))))))))))))))).2009-01-13 18:52 . 2009-01-13 18:52	<DIR>	d--------	c:\program files\Windows Media Connect 22009-01-13 18:52 . 2008-04-14 18:20	221,184	--a------	c:\windows\system32\wmpns.dll2009-01-13 18:52 . 2009-01-13 18:52	1,320	--a------	c:\windows\system32\spupdsvc.inf2009-01-13 18:51 . 2009-01-13 18:51	<DIR>	d--------	c:\windows\LastGood2009-01-12 23:08 . 2009-01-12 23:09	<DIR>	d--------	c:\program files\Malwarebytes' Anti-Malware2009-01-12 23:08 . 2009-01-12 23:08	<DIR>	d--------	c:\documents and settings\bart\Dane aplikacji\Malwarebytes2009-01-12 23:08 . 2009-01-12 23:08	<DIR>	d--------	c:\documents and settings\All Users\Dane aplikacji\Malwarebytes2009-01-12 23:08 . 2009-01-04 18:38	38,496	--a------	c:\windows\system32\drivers\mbamswissarmy.sys2009-01-12 23:08 . 2009-01-04 18:38	15,504	--a------	c:\windows\system32\drivers\mbam.sys2009-01-07 20:25 . 2009-01-07 20:25	<DIR>	dr-h-----	c:\documents and settings\bart\Dane aplikacji\SecuROM2009-01-07 20:23 . 2009-01-07 20:23	1,700,352	--a------	c:\windows\system32\gdiplus.dll2009-01-07 20:23 . 2009-01-07 20:23	1,060,864	--a------	c:\windows\system32\mfc71.dll2009-01-07 20:22 . 2009-01-07 20:22	107,888	--a------	c:\windows\system32\CmdLineExt.dll2009-01-07 20:16 . 2009-01-07 20:16	<DIR>	d--------	c:\windows\system32\LogFiles2009-01-07 20:16 . 2009-01-07 20:16	<DIR>	d--------	c:\windows\system32\drivers\umdf2009-01-07 20:16 . 2009-01-13 18:52	1,374	--a------	c:\windows\imsins.BAK2009-01-07 20:15 . 2009-01-07 20:15	<DIR>	d--------	c:\windows\system32\xlive2009-01-07 20:15 . 2009-01-07 20:45	<DIR>	d--------	c:\program files\Microsoft Games for Windows - LIVE2009-01-07 16:04 . 2009-01-13 16:31	69	--a------	c:\windows\NeroDigital.ini2009-01-06 18:05 . 2009-01-06 18:05	<DIR>	d--------	c:\program files\Pivot Stickfigure Animator2009-01-06 17:33 . 2009-01-06 19:47	<DIR>	d--------	C:\Downloads2009-01-06 17:31 . 2009-01-06 17:31	<DIR>	d--------	c:\program files\NOS2009-01-06 17:31 . 2009-01-06 17:31	<DIR>	d--------	c:\documents and settings\All Users\Dane aplikacji\NOS2009-01-06 17:27 . 2009-01-06 19:48	<DIR>	d--------	c:\program files\Free Download Manager2009-01-06 15:50 . 2008-05-20 16:59	1,048,576	--a------	c:\windows\P5Q-ASUS-0205.ROM2009-01-06 15:50 . 2009-01-06 15:50	673,298	--a------	c:\windows\P5Q-ASUS-0205.zip2009-01-03 19:49 . 2009-01-06 17:14	<DIR>	d--------	c:\documents and settings\bart\Dane aplikacji\skypePM2009-01-03 19:49 . 2009-01-03 19:49	56	--ah-----	c:\windows\system32\ezsidmv.dat2009-01-03 19:47 . 2009-01-03 19:55	<DIR>	d--------	c:\documents and settings\All Users\Dane aplikacji\Skype2009-01-03 17:57 . 2009-01-03 18:05	<DIR>	d--------	c:\program files\Kyodai2009-01-02 14:34 . 2009-01-02 14:57	168	--a------	c:\windows\wcx_ftp.ini2009-01-02 14:19 . 2009-01-02 14:20	<DIR>	d--------	C:\totalcmd2009-01-02 14:19 . 2009-01-02 15:14	620	--a------	c:\windows\wincmd.ini2009-01-02 14:19 . 2008-07-29 07:04	545	--a------	c:\windows\UC.PIF2009-01-02 14:19 . 2008-07-29 07:04	545	--a------	c:\windows\RAR.PIF2009-01-02 14:19 . 2008-07-29 07:04	545	--a------	c:\windows\PKZIP.PIF2009-01-02 14:19 . 2008-07-29 07:04	545	--a------	c:\windows\PKUNZIP.PIF2009-01-02 14:19 . 2008-07-29 07:04	545	--a------	c:\windows\NOCLOSE.PIF2009-01-02 14:19 . 2008-07-29 07:04	545	--a------	c:\windows\LHA.PIF2009-01-02 14:19 . 2008-07-29 07:04	545	--a------	c:\windows\ARJ.PIF2009-01-02 09:52 . 2009-01-02 09:52	<DIR>	d--------	c:\windows\SQLTools9_KB954606_ENU2009-01-02 09:50 . 2009-01-02 09:50	<DIR>	d--------	c:\windows\SQL9_KB954606_ENU2008-12-31 18:59 . 2008-12-31 18:59	<DIR>	d--------	c:\program files\MSXML 6.02008-12-31 18:57 . 2008-12-31 18:57	<DIR>	d--------	c:\program files\Microsoft CAPICOM 2.1.0.22008-12-31 18:10 . 2008-10-16 14:06	268,648	--a------	c:\windows\system32\mucltui.dll2008-12-31 18:10 . 2008-10-16 14:06	27,496	--a------	c:\windows\system32\mucltui.dll.mui2008-12-31 14:57 . 2008-12-31 14:57	<DIR>	d---s----	c:\documents and settings\bart\UserData2008-12-30 20:16 . 2008-12-30 20:16	4,096	--a------	c:\windows\d3dx.dat2008-12-30 19:01 . 2008-12-30 19:01	<DIR>	d--------	c:\windows\Sun2008-12-30 13:45 . 2008-12-30 13:45	<DIR>	d--------	c:\program files\Common Files\LogiShared2008-12-30 13:45 . 2008-12-30 13:45	<DIR>	d--------	c:\documents and settings\bart\Dane aplikacji\Logitech2008-12-30 13:45 . 2008-12-30 13:45	127,034	-r-------	c:\windows\bwUnin-8.1.1.50-8876480SL.exe2008-12-30 13:43 . 2007-04-11 15:33	1,419,024	--a------	c:\windows\system32\WdfCoInstaller01005.dll2008-12-30 13:43 . 2007-04-11 15:32	56,080	--a------	c:\windows\KHALMNPR.Exe2008-12-30 13:43 . 2007-04-11 15:32	36,112	--a------	c:\windows\system32\drivers\LMouFilt.Sys2008-12-30 13:43 . 2007-04-11 15:32	34,832	--a------	c:\windows\system32\drivers\LHidFilt.Sys2008-12-30 13:43 . 2007-04-11 15:32	20,496	--a------	c:\windows\system32\drivers\L8042Kbd.sys2008-12-30 13:43 . 2008-12-30 13:43	0	--ah-----	c:\windows\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf2008-12-30 13:43 . 2008-12-30 13:43	0	--ah-----	c:\windows\system32\drivers\Msft_Kernel_LMouFilt_01005.Wdf2008-12-30 13:43 . 2008-12-30 13:43	0	--ah-----	c:\windows\system32\drivers\Msft_Kernel_LHidFilt_01005.Wdf2008-12-30 13:42 . 2008-12-30 13:45	<DIR>	d--------	c:\program files\Logitech2008-12-30 13:42 . 2008-12-30 13:42	<DIR>	d--------	c:\program files\Common Files\Logitech2008-12-30 13:42 . 2008-12-30 13:42	<DIR>	d--------	c:\documents and settings\bart\Dane aplikacji\InstallShield2008-12-30 13:42 . 2008-12-30 13:42	<DIR>	d--------	c:\documents and settings\All Users\Dane aplikacji\Logitech2008-12-30 13:42 . 2007-04-23 04:00	163,840	--a------	c:\windows\system32\kemutb.dll2008-12-30 13:42 . 2007-04-23 04:00	135,168	--a------	c:\windows\system32\KemUtil.dll2008-12-30 13:42 . 2007-04-23 04:00	110,592	--a------	c:\windows\system32\KemWnd.dll2008-12-30 13:42 . 2007-04-23 04:00	69,632	--a------	c:\windows\system32\KemXML.dll2008-12-30 13:41 . 2008-12-30 13:41	<DIR>	d--------	c:\documents and settings\All Users\Dane aplikacji\LogiShrd2008-12-30 13:15 . 2008-04-13 19:45	32,128	--a------	c:\windows\system32\drivers\usbccgp.sys2008-12-30 13:15 . 2008-04-13 19:45	32,128	--a--c---	c:\windows\system32\dllcache\usbccgp.sys2008-12-30 13:15 . 2008-04-14 18:20	21,504	--a------	c:\windows\system32\hidserv.dll2008-12-30 13:15 . 2008-04-14 18:20	21,504	--a--c---	c:\windows\system32\dllcache\hidserv.dll2008-12-30 13:15 . 2008-04-14 17:20	14,720	--a------	c:\windows\system32\drivers\kbdhid.sys2008-12-30 13:15 . 2008-04-14 17:20	14,720	--a--c---	c:\windows\system32\dllcache\kbdhid.sys2008-12-29 16:51 . 2008-04-13 19:47	25,856	--a------	c:\windows\system32\drivers\usbprint.sys2008-12-29 16:51 . 2008-04-13 19:47	25,856	--a--c---	c:\windows\system32\dllcache\usbprint.sys2008-12-28 01:03 . 2008-12-28 01:03	<DIR>	d--------	c:\documents and settings\bart\Dane aplikacji\gtk-2.02008-12-28 01:03 . 2008-12-28 01:03	<DIR>	d--------	c:\documents and settings\bart\.thumbnails2008-12-28 01:02 . 2008-12-28 01:02	<DIR>	d--------	c:\program files\Gimp-2.02008-12-28 01:02 . 2008-12-31 14:52	<DIR>	d--------	c:\documents and settings\bart\.gimp-2.62008-12-28 01:02 . 2008-12-28 01:02	<DIR>	d--------	c:\documents and settings\bart\.gegl-0.02008-12-27 19:16 . 2008-12-27 23:07	<DIR>	d--------	c:\program files\OCCT2008-12-26 20:23 . 2008-12-26 20:23	<DIR>	d--------	c:\windows\system32\Futuremark2008-12-26 20:23 . 2008-12-26 20:23	262,144	--a------	c:\windows\system32\wrap_oal.dll2008-12-26 20:23 . 2008-12-26 20:23	86,016	--a------	c:\windows\system32\OpenAL32.dll2008-12-26 20:23 . 2004-10-25 20:02	21,664	--a------	c:\windows\system32\drivers\Entech.sys2008-12-26 20:23 . 1999-11-02 10:01	6,173	--a------	c:\windows\system32\drivers\Entech.vxd2008-12-26 20:23 . 2004-06-22 15:44	5,632	--a------	c:\windows\system32\drivers\Entech64.sys2008-12-26 20:23 . 2001-11-19 19:05	3,972	--a------	c:\windows\system32\drivers\PciBus.sys2008-12-26 20:22 . 2008-12-26 20:22	<DIR>	d--------	c:\program files\Futuremark2008-12-25 23:35 . 2008-12-28 14:05	<DIR>	d--------	c:\program files\Microsoft Visual Studio 82008-12-25 23:35 . 2008-12-25 23:35	<DIR>	d--------	c:\program files\Common Files\Merge Modules2008-12-25 21:31 . 2009-01-02 09:52	<DIR>	d--------	c:\program files\Microsoft SQL Server2008-12-25 21:23 . 2008-12-25 21:23	<DIR>	d--------	c:\documents and settings\bart\Dane aplikacji\DAEMON Tools Pro2008-12-25 21:23 . 2008-12-25 21:23	<DIR>	d--------	c:\documents and settings\bart\Dane aplikacji\DAEMON Tools2008-12-25 21:22 . 2008-12-25 21:23	<DIR>	d--------	c:\program files\DAEMON Tools Lite2008-12-25 21:22 . 2008-12-25 21:22	<DIR>	d--------	c:\documents and settings\All Users\Dane aplikacji\DAEMON Tools Lite2008-12-25 21:20 . 2008-12-25 21:20	<DIR>	d--------	c:\documents and settings\bart\Dane aplikacji\DAEMON Tools Lite2008-12-25 21:20 . 2008-12-25 21:20	717,296	--a------	c:\windows\system32\drivers\sptd.sys2008-12-25 17:04 . 1998-07-30 06:44	14,336	-ra------	c:\windows\system32\pmxusb.cpl2008-12-25 16:44 . 2008-04-13 19:45	15,104	--a------	c:\windows\system32\drivers\usbscan.sys2008-12-25 16:44 . 2008-04-13 19:45	15,104	--a--c---	c:\windows\system32\dllcache\usbscan.sys2008-12-25 16:41 . 1998-10-29 16:45	306,688	--a------	c:\windows\IsUninst.exe2008-12-25 16:41 . 2000-08-02 13:47	26,112	-ra------	c:\windows\RunUnDrv.exe2008-12-25 16:41 . 1999-07-16 09:21	4,608	-ra------	c:\windows\system32\W95Inf32.DLL2008-12-25 16:41 . 1999-07-16 09:21	2,272	-ra------	c:\windows\system32\W95Inf16.DLL2008-12-25 11:32 . 2008-12-25 11:32	410,984	--a------	c:\windows\system32\deploytk.dll2008-12-24 19:27 . 2008-12-24 19:27	<DIR>	d--------	c:\program files\ALLPlayer2008-12-24 18:53 . 2008-12-24 18:57	<DIR>	d--------	c:\program files\Common Files\LightScribe2008-12-24 18:52 . 2008-12-24 18:52	<DIR>	d--------	c:\program files\Common Files\Ahead2008-12-24 18:52 . 2008-12-24 18:52	<DIR>	d--------	c:\program files\Ahead2008-12-24 18:52 . 2004-07-26 16:16	1,568,768	---------	c:\windows\system32\ImagX7.dll2008-12-24 18:52 . 2004-07-26 16:16	476,320	---------	c:\windows\system32\ImagXpr7.dll2008-12-24 18:52 . 2004-07-26 16:16	471,040	---------	c:\windows\system32\ImagXRA7.dll2008-12-24 18:52 . 2004-07-09 08:43	364,544	---------	c:\windows\system32\TwnLib4.dll2008-12-24 18:52 . 2004-07-26 16:16	262,144	---------	c:\windows\system32\ImagXR7.dll2008-12-24 18:52 . 2001-07-09 10:50	155,648	--a------	c:\windows\system32\NeroCheck.exe2008-12-24 18:52 . 2005-09-01 11:03	127,488	---------	c:\windows\system32\drivers\imagesrv.sys2008-12-24 18:52 . 2000-06-26 10:45	106,496	--a------	c:\windows\system32\TwnLib20.dll2008-12-24 18:52 . 2005-09-01 11:03	5,888	---------	c:\windows\system32\drivers\imagedrv.sys2008-12-24 18:13 . 2008-12-25 11:32	73,728	--a------	c:\windows\system32\javacpl.cpl2008-12-24 18:12 . 2008-12-25 11:32	<DIR>	d--------	c:\program files\Java2008-12-24 18:12 . 2008-12-24 18:12	<DIR>	d--------	c:\program files\Common Files\Java2008-12-24 18:10 . 2008-12-24 18:10	<DIR>	d--------	c:\documents and settings\bart\Dane aplikacji\OpenOffice.org.((((((((((((((((((((((((((((((((((((((((   Sekcja Find3M   )))))))))))))))))))))))))))))))))))))))))))))))))))).2008-12-23 18:51	---------	d-----w	c:\program files\Intel2008-12-23 18:40	---------	d-----w	c:\program files\Common Files\Wise Installation Wizard2008-12-23 18:40	---------	d-----w	c:\program files\AGEIA Technologies2008-12-23 18:37	---------	d-----w	c:\program files\EXPERTool2008-12-23 18:30	---------	d-----w	c:\program files\microsoft frontpage2008-12-23 18:29	---------	d-----w	c:\program files\Usługi online2008-10-28 16:41	14,303,392	----a-w	c:\windows\system32\xlive.dll2008-10-28 16:41	13,643,936	----a-w	c:\windows\system32\xlivefnt.dll2008-10-27 09:04	70,992	----a-w	c:\windows\system32\XAPOFX1_2.dll2008-10-27 09:04	514,384	----a-w	c:\windows\system32\XAudio2_3.dll2008-10-27 09:04	235,856	----a-w	c:\windows\system32\xactengine3_3.dll2008-10-27 09:04	23,376	----a-w	c:\windows\system32\X3DAudio1_5.dll2008-10-23 12:42	286,720	----a-w	c:\windows\system32\gdi32.dll2008-10-16 13:13	202,776	----a-w	c:\windows\system32\wuweb.dll2008-10-16 13:13	1,809,944	----a-w	c:\windows\system32\wuaueng.dll2008-10-16 13:12	561,688	----a-w	c:\windows\system32\wuapi.dll2008-10-16 13:12	323,608	----a-w	c:\windows\system32\wucltui.dll2008-10-16 13:09	92,696	----a-w	c:\windows\system32\cdm.dll2008-10-16 13:09	51,224	----a-w	c:\windows\system32\wuauclt.exe2008-10-16 13:09	43,544	----a-w	c:\windows\system32\wups2.dll2008-10-16 13:08	34,328	----a-w	c:\windows\system32\wups.dll2008-10-16 13:07	208,744	----a-w	c:\windows\system32\muweb.dll2008-10-16 01:02	668,672	----a-w	c:\windows\system32\wininet.dll2006-06-24 06:48	32,768	----a-r	c:\windows\inf\UpdateUSB.exe.(((((((((((((((((((((((((((((((((((((   Wpisy startowe rejestru   ))))))))))))))))))))))))))))))))))))))))))))))))))..*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane REGEDIT4[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]"GAINWARD"="c:\program files\EXPERTool\TBPanel.exe" [2008-08-20 2177576]"Gadu-Gadu"="c:\program files\Gadu-Gadu\gg.exe" [2008-03-20 2127296]"RGSC"="f:\gtaiv\Rockstar Games Social Club\RGSCLauncher.exe" [2009-01-07 306088][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-08-20 13570048]"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-08-20 86016]"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2008-02-20 1443072]"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2008-12-25 136600]"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]"Ai Nap"="c:\program files\ASUS\AI Suite\AiNap\AiNap.exe" [2008-05-21 1423360]"QFan Help"="c:\program files\ASUS\AI Suite\QFan3\QFanHelp.exe" [2008-05-06 594432]"Cpu Level Up help"="c:\program files\ASUS\AI Suite\CpuLevelUpHelp.exe" [2007-11-30 881152]"MP10_EnsureFileVer"="c:\windows\inf\unregmp2.exe" [2006-12-01 317440]"nwiz"="nwiz.exe" [2008-08-20 c:\windows\system32\nwiz.exe]"RTHDCPL"="RTHDCPL.EXE" [2008-05-16 c:\windows\RTHDCPL.exe]"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2007-04-11 c:\windows\KHALMNPR.Exe][HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]c:\documents and settings\bart\Menu Start\Programy\Autostart\Total Commander Updater.exe [2008-12-18 33982]c:\documents and settings\All Users\Menu Start\Programy\Autostart\Logitech Desktop Messenger.lnk - c:\program files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [2008-12-30 67128]Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2008-12-30 692224][HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]"NoLogOff"= 1 (0x1)[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]@=""[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]"%windir%\\system32\\sessmgr.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe"="f:\\pro2009\\PES 2009\\pes2009.exe"="c:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"="f:\\GTAIV\\Rockstar Games Social Club\\RGSCLauncher.exe"="f:\\GTAIV\\Grand Theft Auto IV\\LaunchGTAIV.exe"="f:\\GTAIV\\Grand Theft Auto IV\\GTAIV.exe"=R0 mv61xx;mv61xx;c:\windows\system32\drivers\mv61xx.sys [2008-06-23 150568]R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [2008-02-20 33800]R3 L1e;Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller;c:\windows\system32\drivers\l1e51x86.sys [2008-12-23 36864]R4 ekrn;Eset Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [2008-02-20 472320]S3 getPlus® Helper;getPlus® Helper;c:\program files\NOS\bin\getPlus_HelperSvc.exe [2009-01-06 33752]S3 pmxscan;USB ScanModule V5.1 Driver;c:\windows\system32\drivers\usbscan.sys [2008-12-25 15104]S3 WinRing0_1_2_0;WinRing0_1_2_0;c:\documents and settings\bart\Pulpit\RealTempBeta\WinRing0.sys [2008-12-28 14416]S4 spupdsvc;Windows Service Pack Installer update service;c:\windows\system32\spupdsvc.exe [2008-12-23 26488].- - - - USUNIĘTO PUSTE WPISY - - - -HKCU-Run-fsm - (no file).------- Skan uzupełniający -------.IE: E&ksport do programu Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000IE: E&ksportuj do programu Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dllFF - ProfilePath - c:\documents and settings\bart\Dane aplikacji\Mozilla\Firefox\Profiles\6ugqf1t1.default\FF - component: c:\documents and settings\bart\Dane aplikacji\Mozilla\Firefox\Profiles\6ugqf1t1.default\extensions\piclens@cooliris.com\components\coolirisstub.dllFF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dllFF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll.**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.netRootkit scan 2009-01-13 19:02:26Windows 5.1.2600 Dodatek Service Pack 3 NTFSskanowanie ukrytych procesów ... skanowanie ukrytych wpisów autostartu ...skanowanie ukrytych plików ... skanowanie pomyślnie ukończoneukryte pliki: 0**************************************************************************.--------------------- ZABLOKOWANE KLUCZE REJESTRU ---------------------[HKEY_USERS\S-1-5-21-842925246-583907252-839522115-1003\Software\SecuROM\License information*]"datasecu"=hex:3c,8a,4b,ae,79,5e,9f,44,e2,7a,aa,74,ef,70,d7,35,6a,2b,a7,44,77,   b0,af,af,d6,2f,55,08,8c,ad,11,f5,1d,5f,59,70,cb,57,0a,0a,76,b5,86,24,1d,6a,\"rkeysecu"=hex:29,23,be,84,e1,6c,d6,ae,52,90,49,f1,f1,bb,e9,eb.Czas ukończenia: 2009-01-13 19:03:01ComboFix-quarantined-files.txt  2009-01-13 18:02:59Przed: 85 945 643 008 bajtów wolnychPo: 86,023,557,120 bajtów wolnychWindowsXP-KB310994-SP2-Pro-BootDisk-PLK.exe[boot loader]timeout=2default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS[operating systems]c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdconsmulti(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect255	--- E O F ---	2009-01-13 16:43:16

auto.JPG

post-30995-1231870111_thumb.jpg

Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!

Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.

×
×
  • Dodaj nową pozycję...

Powiadomienie o plikach cookie

Strona wykorzystuje pliki cookies w celu prawidłowego świadczenia usług i wygody użytkowników. Warunki przechowywania i dostępu do plików cookies możesz zmienić w ustawieniach przeglądarki.