djdzidzias utworzono 13 stycznia 2009 utworzono 13 stycznia 2009 Witam! Prosiłbym o sprawdzenie logów ComboFix 09-01-11.04 - Admin 2009-01-13 5:45:31.1 - NTFSx86Microsoft Windows XP Professional 5.1.2600.2.1250.1.1045.18.255.90 [GMT 1:00]Uruchomiony z: D:\ComboFix.exeAV: avast! antivirus 4.8.1296 [VPS 090113-0] *On-access scanning disabled* (Outdated) * Utworzono nowy punkt przywracania[b]UWAGA - TEN KOMPUTER NIE MA ZAINSTALOWANEJ KONSOLI ODZYSKIWANIA !![/b].((((((((((((((((((((((((((((((((((((((( Usunięto ))))))))))))))))))))))))))))))))))))))))))))))))).c:\program files\Mozilla Firefox\plugins\NPMyGlSh.dllc:\program files\myglobalsearchc:\program files\myglobalsearch\bar\1.bin\M9FFXTBR.JARc:\program files\myglobalsearch\bar\1.bin\M9FFXTBR.MANIFESTc:\program files\myglobalsearch\bar\1.bin\M9NTSTBR.JARc:\program files\myglobalsearch\bar\1.bin\M9NTSTBR.MANIFESTc:\program files\myglobalsearch\bar\1.bin\M9PLUGIN.DLLc:\program files\myglobalsearch\bar\1.bin\MGSBAR.DLLc:\program files\myglobalsearch\bar\1.bin\NPMYGLSH.DLLc:\program files\myglobalsearch\bar\Cache\[u]0[/u]00B96DBc:\program files\myglobalsearch\bar\Cache\[u]0[/u]00B9891c:\program files\myglobalsearch\bar\Cache\[u]0[/u]00B9A37.binc:\program files\myglobalsearch\bar\Cache\[u]0[/u]00B9C0B.binc:\program files\myglobalsearch\bar\Cache\[u]0[/u]00B9D53.binc:\program files\myglobalsearch\bar\Cache\files.inic:\program files\myglobalsearch\bar\History\searchc:\program files\myglobalsearch\bar\Settings\prevcfg.htm.((((((((((((((((((((((((( Pliki utworzone od 2008-12-13 do 2009-01-13 ))))))))))))))))))))))))))))))).2009-01-13 05:38 . 2009-01-13 05:39 <DIR> d----c--- c:\documents and settings\Admin\Dane aplikacji\BESTplayer2009-01-13 05:37 . 2009-01-13 05:37 69 --a--c--- c:\windows\NeroDigital.ini2009-01-13 05:28 . 2009-01-13 05:28 <DIR> d----c--- c:\documents and settings\Admin\Dane aplikacji\Ahead2009-01-13 05:22 . 2009-01-13 05:22 <DIR> d----c--- c:\program files\Nero2009-01-13 05:22 . 2009-01-13 05:26 <DIR> d----c--- c:\program files\Common Files\Ahead2009-01-13 05:22 . 2009-01-13 05:22 <DIR> d----c--- c:\documents and settings\All Users\Dane aplikacji\Nero2009-01-13 05:19 . 2009-01-13 05:19 <DIR> d----c--- c:\windows\LastGood2009-01-13 02:44 . 2009-01-13 02:44 <DIR> d----c--- c:\program files\XP Codec Pack2009-01-13 02:44 . 2008-07-09 10:05 421,888 --a--c--- c:\windows\system32\ac3filter.acm2009-01-12 15:29 . 2009-01-13 02:57 <DIR> d----c--- c:\program files\uTorrent2009-01-12 15:29 . 2009-01-13 05:45 <DIR> d----c--- c:\documents and settings\Admin\Dane aplikacji\uTorrent2009-01-12 10:43 . 2009-01-12 10:43 <DIR> d----c--- c:\documents and settings\Admin\Dane aplikacji\Gadu-Gadu2009-01-12 08:17 . 2009-01-13 01:36 <DIR> d----c--- c:\program files\Odkurzacz2009-01-12 01:59 . 2009-01-12 08:24 <DIR> d----c--- c:\program files\SpeedFan2009-01-12 01:59 . 2009-01-12 01:59 45 --a--c--- c:\windows\system32\initdebug.nfo2009-01-12 01:08 . 2009-01-12 01:08 <DIR> d----c--- c:\documents and settings\All Users\Dane aplikacji\MailFrontier2009-01-12 01:08 . 2004-04-27 04:40 11,264 --a--c--- c:\windows\system32\SpOrder.dll2009-01-12 01:08 . 2009-01-12 01:10 4,212 ---h-c--- c:\windows\system32\zllictbl.dat2009-01-12 01:07 . 2009-01-12 08:11 <DIR> d----c--- c:\windows\Internet Logs2009-01-12 00:54 . 2009-01-12 00:54 <DIR> d----c--- c:\program files\Alwil Software2009-01-12 00:54 . 2003-03-18 21:20 1,060,864 --a--c--- c:\windows\system32\MFC71.dll2009-01-12 00:54 . 2003-03-18 20:14 499,712 --a--c--- c:\windows\system32\MSVCP71.dll2009-01-12 00:54 . 2003-02-21 04:42 348,160 --a--c--- c:\windows\system32\MSVCR71.dll2009-01-12 00:44 . 2009-01-12 00:44 <DIR> d----c--- c:\documents and settings\Admin\Dane aplikacji\Carthago2009-01-12 00:43 . 2009-01-12 00:43 <DIR> d----c--- c:\program files\MemInfo2009-01-12 00:41 . 2009-01-12 00:41 <DIR> d----c--- c:\windows\system32\QuickTime2009-01-12 00:41 . 2009-01-12 00:41 <DIR> d----c--- c:\program files\QuickTime Alternative2009-01-12 00:41 . 2009-01-12 00:41 <DIR> d----c--- c:\program files\Media Player Classic2009-01-12 00:41 . 2009-01-12 00:41 <DIR> d----c--- c:\documents and settings\All Users\Dane aplikacji\Apple Computer2009-01-12 00:41 . 2004-09-23 18:57 6,676,480 --a--c--- c:\windows\system32\QuickTime.qts2009-01-12 00:41 . 2004-09-23 18:57 747,008 --a--c--- c:\windows\system32\Indeo4.qtx2009-01-12 00:41 . 2004-09-23 18:57 430,592 --a--c--- c:\windows\system32\QuickTimeVR.qtx2009-01-12 00:41 . 2005-06-10 17:40 360,504 --a--c--- c:\windows\system32\QTPlugin.ocx2009-01-12 00:41 . 2004-09-23 18:57 323,072 --a--c--- c:\windows\system32\QuickTime.cpl2009-01-12 00:41 . 2002-11-08 20:04 225,280 --a--c--- c:\windows\system32\qtmlClient.dll2009-01-12 00:41 . 2004-09-23 18:57 70,144 --a--c--- c:\windows\system32\QuickTimeCheck.ocx2009-01-12 00:37 . 2009-01-12 00:37 <DIR> d----c--- c:\program files\Gadu-Gadu2009-01-12 00:37 . 2009-01-13 01:22 <DIR> d----c--- c:\documents and settings\Admin\Gadu-Gadu2009-01-12 00:28 . 2009-01-12 00:29 <DIR> d----c--- c:\windows\ShellNew2009-01-12 00:06 . 2009-01-12 00:06 766 --a--c--- c:\windows\system32\uCF2000.ico2009-01-12 00:02 . 2009-01-12 00:30 427 --a--c--- c:\windows\ODBC.INI2009-01-11 23:57 . 2009-01-11 23:58 <DIR> d----c--- c:\program files\BearShare2009-01-11 23:57 . 2009-01-11 23:57 <DIR> d----c--- C:\My Downloads2009-01-11 23:56 . 2009-01-11 23:56 <DIR> d----c--- C:\totalcmd2009-01-11 23:56 . 2008-08-08 07:04 545 --a--c--- c:\windows\UC.PIF2009-01-11 23:56 . 2008-08-08 07:04 545 --a--c--- c:\windows\RAR.PIF2009-01-11 23:56 . 2008-08-08 07:04 545 --a--c--- c:\windows\PKZIP.PIF2009-01-11 23:56 . 2008-08-08 07:04 545 --a--c--- c:\windows\PKUNZIP.PIF2009-01-11 23:56 . 2008-08-08 07:04 545 --a--c--- c:\windows\NOCLOSE.PIF2009-01-11 23:56 . 2008-08-08 07:04 545 --a--c--- c:\windows\LHA.PIF2009-01-11 23:56 . 2008-08-08 07:04 545 --a--c--- c:\windows\ARJ.PIF2009-01-11 23:56 . 2009-01-11 23:56 90 --a--c--- c:\windows\wincmd.ini2009-01-11 23:55 . 2009-01-11 23:55 <DIR> d----c--- c:\documents and settings\Admin\Dane aplikacji\Tlen.pl2009-01-11 23:54 . 2009-01-11 23:54 <DIR> d----c--- c:\program files\Tlen.pl2009-01-11 23:52 . 2009-01-11 23:52 <DIR> d----c--- c:\program files\Winamp Toolbar2009-01-11 23:52 . 2009-01-11 23:52 <DIR> d----c--- c:\documents and settings\All Users\Dane aplikacji\Winamp Toolbar2009-01-11 23:51 . 2009-01-11 23:52 <DIR> d----c--- c:\program files\Winamp2009-01-11 23:51 . 2009-01-11 23:54 <DIR> d----c--- c:\documents and settings\Admin\Dane aplikacji\Winamp2009-01-11 23:50 . 2009-01-12 08:24 <DIR> d----c--- c:\program files\Dziobas Rar Player2009-01-11 23:49 . 2009-01-11 23:49 <DIR> d----c--- c:\program files\Elaborate Bytes2009-01-11 23:48 . 2009-01-13 05:36 <DIR> d----c--- c:\program files\NAPI-PROJEKT2009-01-11 23:48 . 2009-01-11 23:48 <DIR> d----c--- c:\program files\ALLPlayer2009-01-11 23:48 . 2009-01-12 01:50 2,950 --a--c--- c:\windows\mozver.dat2009-01-11 23:48 . 2009-01-11 23:48 0 --a--c--- c:\windows\nsreg.dat2009-01-11 23:45 . 2009-01-11 23:45 <DIR> d----c--- c:\program files\Realtek AC972009-01-11 23:45 . 2009-01-11 23:45 <DIR> d--h-c--- c:\program files\InstallShield Installation Information2009-01-11 23:45 . 2006-11-17 05:40 18,804,736 --a--c--- c:\windows\system32\alsndmgr.cpl2009-01-11 23:44 . 2009-01-11 23:44 <DIR> d----c--- c:\documents and settings\All Users\Dane aplikacji\nView_Profiles2009-01-11 23:16 . 2009-01-11 23:44 <DIR> d----c--- c:\windows\nview2009-01-11 23:16 . 2009-01-11 23:16 <DIR> d----c--- c:\program files\Common Files\InstallShield2009-01-11 23:16 . 2005-02-24 16:32 176,128 --a--c--- c:\windows\system32\nvudisp.exe2009-01-11 23:16 . 2005-02-24 16:32 14,435 --a--c--- c:\windows\system32\nvdisp.nvu2009-01-11 23:06 . 2004-08-03 23:08 26,496 --a--c--- c:\windows\system32\dllcache\usbstor.sys.(((((((((((((((((((((((((((((((((((((((( Sekcja Find3M )))))))))))))))))))))))))))))))))))))))))))))))))))).2009-01-11 21:38 --------- dc----w c:\program files\microsoft frontpage2009-01-11 21:36 --------- dc----w c:\program files\Usługi online2008-12-19 15:15 4,338,246 -c--a-w c:\windows\system32\libavcodec.dll2008-12-17 17:41 884,237 -c--a-w c:\windows\system32\ff_x264.dll2008-12-17 17:22 93,184 -c--a-w c:\windows\system32\ff_wmv9.dll2008-12-17 17:22 57,344 -c--a-w c:\windows\system32\ff_vfw.dll2008-12-17 17:17 239,247 -c--a-w c:\windows\system32\ff_theora.dll2008-12-17 16:59 560,802 -c--a-w c:\windows\system32\libmplayer.dll2008-11-29 20:26 991,232 -c--a-w c:\windows\system32\VSFilter.dll2008-10-31 15:47 991,744 -c--a-w c:\windows\system32\syssetup.dll2008-10-31 15:47 1,548,288 -c--a-w c:\windows\system32\sfcfiles.dll2009-01-11 22:48 60,526 -c--a-w c:\program files\mozilla firefox\components\jar50.dll2009-01-11 22:48 49,256 -c--a-w c:\program files\mozilla firefox\components\jsd3250.dll2009-01-11 22:48 166,000 -c--a-w c:\program files\mozilla firefox\components\xpinstal.dll.((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru ))))))))))))))))))))))))))))))))))))))))))))))))))..*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane REGEDIT4[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2004-08-03 15360]"Komunikator"="c:\program files\Tlen.pl\tlen.exe" [2008-01-15 6290944]"Odkurzacz-MCD"="c:\program files\Odkurzacz\odk_mcd.exe" [2008-08-16 264704][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2005-02-24 5537792]"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2005-02-24 86016]"VirtualCloneDrive"="c:\program files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" [2008-06-29 52168]"WinampAgent"="c:\program files\Winamp\winampa.exe" [2008-08-04 36352]"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2008-11-26 81000]"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-02-26 153136]"nwiz"="nwiz.exe" [2005-02-24 c:\windows\system32\nwiz.exe]"SoundMan"="SOUNDMAN.EXE" [2007-04-16 c:\windows\soundman.exe][HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-03 15360]c:\documents and settings\Admin\Menu Start\Programy\Autostart\uTorrent.lnk - c:\program files\uTorrent\uTorrent.exe [2009-01-12 270128]c:\documents and settings\All Users\Menu Start\Programy\Autostart\Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-02-13 83360][HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]"vidc.ffds"= ffdshow.ax"msacm.ac3filter"= ac3filter.acm[HKEY_LOCAL_MACHINE\software\microsoft\security center]"AntiVirusDisableNotify"=dword:00000001"UpdatesDisableNotify"=dword:00000001"AntiVirusOverride"=dword:00000001[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]"%windir%\\system32\\sessmgr.exe"="c:\\Program Files\\Tlen.pl\\tlen.exe"="c:\\Program Files\\uTorrent\\uTorrent.exe"="d:\\MOHAA\\MOHAA.exe"=R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2009-01-12 111184]R4 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2009-01-12 20560]--- Inne Uslugi/Sterowniki w Pamieci ---*NewlyCreated* - NMINDEXINGSERVICE..------- Skan uzupełniający -------.uStart Page = hxxp://google.bearshare.com/pl/IE: &Winamp Search - c:\documents and settings\All Users\Dane aplikacji\Winamp Toolbar\ieToolbar\resources\en-US\local\search.htmlIE: E&ksport do programu Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000FF - ProfilePath - c:\documents and settings\Admin\Dane aplikacji\Mozilla\Firefox\Profiles\[u]0[/u]24mdolz.default\FF - prefs.js: browser.search.selectedEngine - GoogleFF - component: c:\documents and settings\Admin\Dane aplikacji\Mozilla\Firefox\Profiles\[u]0[/u]24mdolz.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}\components\WinampTBPlayer.dllFF - component: c:\program files\Mozilla Firefox\components\xpinstal.dll---- FIREFOX - SPOSÓB POSTEPOWANIA ----c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.cookie.p3plevel", 1); // 0=low, 1=medium, 2=high, 3=customc:\program files\Mozilla Firefox\greprefs\all.js - pref("network.enablePad", false); // Allow client to do proxy autodiscoveryc:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.search.param.Google.1.default", "chrome://branding/content/searchconfig.properties");c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.search.param.Google.1.custom", "chrome://branding/content/searchconfig.properties");.**************************************************************************catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.netRootkit scan 2009-01-13 05:46:39Windows 5.1.2600 Dodatek Service Pack 2 NTFSskanowanie ukrytych procesów ... skanowanie ukrytych wpisów autostartu ...skanowanie ukrytych plików ... skanowanie pomyślnie ukończoneukryte pliki: 0**************************************************************************.Czas ukończenia: 2009-01-13 5:47:47ComboFix-quarantined-files.txt 2009-01-13 04:47:43Przed: 12 062 547 968 bajtów wolnychPo: 12,118,433,792 bajtów wolnych192
Mateusz J. komentarz 13 stycznia 2009 komentarz 13 stycznia 2009 Usuń folder c:\QooBox Log czysty. Powód sprawdzania?
djdzidzias komentarz 13 stycznia 2009 Autor komentarz 13 stycznia 2009 Powód sprawdzenia: Nie chciał mi się usunąć My global search. Ale juz dałem radę, topic close.
Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!
Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.