x-kom hosting

Logi po formacie , check plz :)

Sulski
utworzono
utworzono

Prosze o sprawdzenie bo po formacie znowu mi internet nie chce dzialac ...

combo :

ComboFix 09-02-21.01 - User 2009-02-23 20:12:01.1 - NTFSx86Microsoft Windows XP Professional  5.1.2600.2.1252.1.1033.18.1535.1031 [GMT 1:00]Running from: d:\sulski\Instalki & Programy\ComboFix.exe * Created a new restore pointWARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!.(((((((((((((((((((((((((((((((((((((((   Other Deletions   ))))))))))))))))))))))))))))))))))))))))))))))))).c:\windows\svchost.exec:\windows\system32\drivers\sysdrv32.sys.(((((((((((((((((((((((((((((((((((((((   Drivers/Services   ))))))))))))))))))))))))))))))))))))))))))))))))).-------\Legacy_POWERMANAGER-------\Service_PowerManager(((((((((((((((((((((((((   Files Created from 2009-01-23 to 2009-02-23  ))))))))))))))))))))))))))))))).2009-02-24 01:19 . 2009-02-24 01:19	<DIR>	d--------	c:\program files\PLANET2009-02-24 01:19 . 2009-02-24 01:19	<DIR>	d--h-----	c:\program files\InstallShield Installation Information2009-02-24 01:19 . 2009-02-24 01:19	<DIR>	d--------	c:\program files\Common Files\InstallShield2009-02-24 01:19 . 2003-11-26 23:40	159,744	--a------	c:\windows\system32\RtlLib.dll2009-02-24 01:19 . 2003-11-18 18:27	155,648	--a------	c:\windows\system32\IpLib.dll2009-02-24 01:19 . 2004-03-16 03:33	118,784	--a------	c:\windows\system32\WakeResDll.dll2009-02-24 01:19 . 2004-03-29 18:45	118,784	--a------	c:\windows\system32\RtWLanRes.dll2009-02-24 01:19 . 2003-10-17 05:20	110,592	--a------	c:\windows\system32\EnumDevLib.dll2009-02-24 01:19 . 2002-10-02 17:57	13,532	--a------	c:\windows\system32\drivers\SjyPkt.sys2009-02-24 01:19 . 2003-12-11 00:06	8,576	--a------	c:\windows\system32\drivers\EAPPkt.sys2009-02-24 01:05 . 2009-02-23 20:13	<DIR>	d--------	c:\documents and settings\User\Application Data\foobar20002009-02-24 01:04 . 2009-02-24 01:05	<DIR>	d--------	c:\program files\foobar20002009-02-23 19:30 . 2009-02-23 19:30	538,624	-r-hs----	c:\windows\system\wmisys.exe.((((((((((((((((((((((((((((((((((((((((   Find3M Report   )))))))))))))))))))))))))))))))))))))))))))))))))))).2009-02-23 23:34	---------	d-----w	c:\documents and settings\User\Application Data\Nero2009-02-23 23:33	---------	d-----w	c:\program files\Nero2009-02-23 23:33	---------	d-----w	c:\program files\Common Files\Nero2009-02-23 23:33	---------	d-----w	c:\documents and settings\All Users\Application Data\Nero2009-02-23 23:25	---------	d-----w	c:\program files\Alky for Applications2009-02-23 23:24	---------	d-----w	c:\program files\Mozilla Thunderbird2009-02-23 23:20	---------	d-----w	c:\windows\system32\config\systemprofile\Application Data\uTorrent2009-02-23 23:20	---------	d-----w	c:\program files\uTorrent2009-02-23 23:20	---------	d-----w	c:\documents and settings\User\Application Data\uTorrent2009-02-23 23:19	---------	d-----w	c:\program files\Windows Sidebar2009-02-23 23:19	---------	d-----w	c:\program files\VistaExperience.org2009-02-23 23:17	---------	d-----w	c:\program files\Windows Media Connect 22009-02-23 19:14	---------	d-----w	c:\program files\microsoft frontpage2009-02-23 17:25	---------	d-----w	c:\documents and settings\User\Application Data\Nowe Gadu-Gadu2009-02-23 17:24	---------	d-----w	c:\program files\Nowe Gadu-Gadu2009-02-23 16:35	---------	d-----w	c:\program files\Java2009-02-23 16:32	---------	d-----w	c:\program files\Opera2009-02-23 16:31	---------	d-----w	c:\documents and settings\User\Application Data\Talkback2007-10-09 05:33	66,408	----a-w	c:\program files\mozilla firefox\components\jar50.dll2007-10-09 05:33	54,112	----a-w	c:\program files\mozilla firefox\components\jsd3250.dll2007-10-09 05:33	34,688	----a-w	c:\program files\mozilla firefox\components\myspell.dll2007-10-09 05:33	46,456	----a-w	c:\program files\mozilla firefox\components\spellchk.dll2007-10-09 05:33	171,880	----a-w	c:\program files\mozilla firefox\components\xpinstal.dll.------- Sigcheck -------2007-10-27 08:27  360704  a11391be25035570ae4b8970920f2c74	c:\windows\system32\drivers\tcpip.sys2007-10-27 08:32  2223616  95e8b55443bd91dab5632924d2616a1e	c:\windows\system32\ntkrnlpa.exe2007-10-27 08:26  2346752  24fcd8fb0c6bd0e5f3b1203769948336	c:\windows\system32\ntoskrnl.exe.(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))..*Note* empty entries & legit default entries are not shown REGEDIT4[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2007-09-26 1232384]"Nowe Gadu-Gadu"="c:\program files\Nowe Gadu-Gadu\gg.exe" [2009-02-16 9302632]"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-03 15360][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-07-13 8466432]"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-07-13 81920]"NeroFilterCheck"="c:\program files\Common Files\Nero\Lib\NeroCheck.exe" [2007-03-02 153136]"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-02-23 148888]"SoundMan"="SOUNDMAN.EXE" [2007-04-16 c:\windows\SOUNDMAN.EXE]"nwiz"="nwiz.exe" [2007-07-13 c:\windows\system32\nwiz.exe][HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-03 15360]"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2007-09-26 1232384][HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]"nltide_3"="advpack.dll" [2007-10-27 c:\windows\system32\advpack.dll]c:\documents and settings\All Users\Start Menu\Programs\Startup\PLANET WL-8303.lnk - c:\program files\PLANET\WL-8303\RtlWake.exe [2009-02-24 720896][HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]"EnableFirewall"= 0 (0x0)"DisableUnicastResponsesToMulticastBroadcast"= 0 (0x0)[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\system32\\sessmgr.exe"="c:\\WINDOWS\\system\\wmisys.exe"=R0 nvcchflt;NVIDIA Disk Cache Filter Driver;c:\windows\system32\drivers\nvcchflt.sys [2009-02-23 16640]R2 EAPPkt;Realtek EAPPkt Protocol;c:\windows\system32\drivers\EAPPkt.sys [2009-02-24 8576]R2 WMISYS;WMI System App;c:\windows\system\wmisys.exe [2009-02-23 538624]R3 rtl8180;Realtek RTL8180 Wireless LAN (Mini-)PCI NIC NT Driver;c:\windows\system32\drivers\RTL8180.sys [2009-02-23 185216][HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{D58F39FF-953E-4F45-898F-59F243B9A523}]RUNDLL32 advpack.dll,LaunchINFSection Sidebar.inf,Register..------- Supplementary Scan -------.FF - ProfilePath - c:\documents and settings\User\Application Data\Mozilla\Firefox\Profiles\8lkbtjt4.default\FF - component: c:\program files\Mozilla Firefox\components\xpinstal.dllFF - component: c:\program files\Mozilla Firefox\extensions\talkback@mozilla.org\components\qfaservices.dll.**************************************************************************catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.netRootkit scan 2009-02-23 20:14:09Windows 5.1.2600 Service Pack 2 NTFSscanning hidden processes ...  c:\windows\system\wmisys.exe [232] 0x8961ADA0scanning hidden autostart entries ... scanning hidden files ...  scan completed successfullyhidden files: 0**************************************************************************.------------------------ Other Running Processes ------------------------.c:\program files\Java\jre6\bin\jqs.exec:\windows\system32\nvsvc32.exec:\windows\system32\wscntfy.exec:\windows\system32\rundll32.exec:\program files\Nowe Gadu-Gadu\spellchecker_gg.exec:\program files\Opera\opera.exe.**************************************************************************.Completion time: 2009-02-23 20:15:43 - machine was rebootedComboFix-quarantined-files.txt  2009-02-23 19:15:40Pre-Run: 35 911 815 168 bytes freePost-Run: 35,883,057,152 bytes free133

hijack :

Logfile of Trend Micro HijackThis v2.0.2Scan saved at 20:18:21, on 2009-02-23Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.20627)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\spoolsv.exeC:\Program Files\Java\jre6\bin\jqs.exeC:\WINDOWS\system32\nvsvc32.exeC:\WINDOWS\system32\wscntfy.exeC:\WINDOWS\SOUNDMAN.EXEC:\WINDOWS\system32\RUNDLL32.EXEC:\Program Files\Java\jre6\bin\jusched.exeC:\Program Files\Windows Sidebar\sidebar.exeC:\Program Files\Nowe Gadu-Gadu\gg.exeC:\Program Files\PLANET\WL-8303\RtlWake.exeC:\Program Files\Nowe Gadu-Gadu\spellchecker_gg.exeC:\WINDOWS\system32\ctfmon.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Opera\opera.exeC:\WINDOWS\system32\notepad.exeC:\WINDOWS\explorer.exeC:\Program Files\Trend Micro\HijackThis\HijackThis.exeR0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dllO2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dllO4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXEO4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartupO4 - HKLM\..\Run: [nwiz] nwiz.exe /installO4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInitO4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exeO4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRunO4 - HKCU\..\Run: [Nowe Gadu-Gadu] "C:\Program Files\Nowe Gadu-Gadu\gg.exe"O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exeO4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')O4 - HKUS\S-1-5-18\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun (User 'SYSTEM')O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')O4 - Global Startup: PLANET WL-8303.lnk = ?O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exeO9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exeO9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exeO23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exeO23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exeO23 - Service: WMI System App (WMISYS) - WMI Managment - C:\WINDOWS\system\wmisys.exe--End of file - 4046 bytes

Prosze bardzo o sprawdzenie tych logow ... Postaram sie przyblizyc moj problem , otoz internet przez przegladarke nie dziala tak jak powinien , gdy probuje wejsc na jakas strone wyskakuje "Polaczenie przerwane przez serwer " albo " Wewnetrzny blad komunikacji " , dopiero po kilkakrotnym odswiezeniu strony ona sie zaladuje. czasem trwa to nawet 10 min :)

Mateusz J.
komentarz
komentarz

Do notatnika wklej:

File::c:\windows\system\wmisys.exeRegistry::[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]"c:\\WINDOWS\\system\\wmisys.exe"=-Driver::WMISYS

W notatniku zakladka Plik ==> Zapisz jako ==> zapisz pod nazwą CFScript.txt i zapisz go w tym katalogu co ściągnięty i zapisany został combofix

Na ikonę ComboFix przeciągasz zrobiony plik CFScript.txt Tak jak na obrazku:

cfscript10uc2su5.gif

Rozpocznie się usuwanie i powstanie log , który pokazujesz na forum.

Sulski
komentarz
komentarz

Oto log po wykononaniu tego co napisales :)

Bardzo dziekuje za zainteresowanie sie moim problemem, akurat na dzisiaj wieczor potrzebny mi komputer z dostepem do internetu.

ComboFix 09-02-21.01 - User 2009-02-24  9:12:05.2 - NTFSx86Microsoft Windows XP Professional  5.1.2600.2.1252.1.1033.18.1535.1114 [GMT 1:00]Running from: d:\sulski\Instalki & Programy\ComboFix.exeCommand switches used :: d:\sulski\Instalki & Programy\CFScript.txt * Created a new restore pointWARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!FILE ::c:\windows\system\wmisys.exe.(((((((((((((((((((((((((((((((((((((((   Other Deletions   ))))))))))))))))))))))))))))))))))))))))))))))))).c:\windows\system\wmisys.exec:\windows\system32\drivers\sysdrv32.sys.(((((((((((((((((((((((((((((((((((((((   Drivers/Services   ))))))))))))))))))))))))))))))))))))))))))))))))).-------\Legacy_WMISYS-------\Service_WMISYS(((((((((((((((((((((((((   Files Created from 2009-01-24 to 2009-02-24  ))))))))))))))))))))))))))))))).2009-02-24 01:19 . 2009-02-24 01:19	<DIR>	d--------	c:\program files\PLANET2009-02-24 01:19 . 2009-02-24 01:19	<DIR>	d--h-----	c:\program files\InstallShield Installation Information2009-02-24 01:19 . 2009-02-24 01:19	<DIR>	d--------	c:\program files\Common Files\InstallShield2009-02-24 01:19 . 2003-11-26 23:40	159,744	--a------	c:\windows\system32\RtlLib.dll2009-02-24 01:19 . 2003-11-18 18:27	155,648	--a------	c:\windows\system32\IpLib.dll2009-02-24 01:19 . 2004-03-16 03:33	118,784	--a------	c:\windows\system32\WakeResDll.dll2009-02-24 01:19 . 2004-03-29 18:45	118,784	--a------	c:\windows\system32\RtWLanRes.dll2009-02-24 01:19 . 2003-10-17 05:20	110,592	--a------	c:\windows\system32\EnumDevLib.dll2009-02-24 01:19 . 2002-10-02 17:57	13,532	--a------	c:\windows\system32\drivers\SjyPkt.sys2009-02-24 01:19 . 2003-12-11 00:06	8,576	--a------	c:\windows\system32\drivers\EAPPkt.sys2009-02-24 01:05 . 2009-02-23 23:11	<DIR>	d--------	c:\documents and settings\User\Application Data\foobar20002009-02-24 01:04 . 2009-02-24 01:05	<DIR>	d--------	c:\program files\foobar2000.((((((((((((((((((((((((((((((((((((((((   Find3M Report   )))))))))))))))))))))))))))))))))))))))))))))))))))).2009-02-23 23:34	---------	d-----w	c:\documents and settings\User\Application Data\Nero2009-02-23 23:33	---------	d-----w	c:\program files\Nero2009-02-23 23:33	---------	d-----w	c:\program files\Common Files\Nero2009-02-23 23:33	---------	d-----w	c:\documents and settings\All Users\Application Data\Nero2009-02-23 23:25	---------	d-----w	c:\program files\Alky for Applications2009-02-23 23:24	---------	d-----w	c:\program files\Mozilla Thunderbird2009-02-23 23:20	---------	d-----w	c:\windows\system32\config\systemprofile\Application Data\uTorrent2009-02-23 23:20	---------	d-----w	c:\program files\uTorrent2009-02-23 23:20	---------	d-----w	c:\documents and settings\User\Application Data\uTorrent2009-02-23 23:19	---------	d-----w	c:\program files\Windows Sidebar2009-02-23 23:19	---------	d-----w	c:\program files\VistaExperience.org2009-02-23 23:17	---------	d-----w	c:\program files\Windows Media Connect 22009-02-23 19:16	---------	d-----w	c:\program files\Trend Micro2009-02-23 19:15	---------	d-----w	c:\documents and settings\User\Application Data\Nowe Gadu-Gadu2009-02-23 19:14	---------	d-----w	c:\program files\microsoft frontpage2009-02-23 17:24	---------	d-----w	c:\program files\Nowe Gadu-Gadu2009-02-23 16:35	410,984	----a-w	c:\windows\system32\deploytk.dll2009-02-23 16:35	---------	d-----w	c:\program files\Java2009-02-23 16:32	---------	d-----w	c:\program files\Opera2009-02-23 16:31	---------	d-----w	c:\documents and settings\User\Application Data\Talkback2007-10-09 05:33	66,408	----a-w	c:\program files\mozilla firefox\components\jar50.dll2007-10-09 05:33	54,112	----a-w	c:\program files\mozilla firefox\components\jsd3250.dll2007-10-09 05:33	34,688	----a-w	c:\program files\mozilla firefox\components\myspell.dll2007-10-09 05:33	46,456	----a-w	c:\program files\mozilla firefox\components\spellchk.dll2007-10-09 05:33	171,880	----a-w	c:\program files\mozilla firefox\components\xpinstal.dll.------- Sigcheck -------2007-10-27 08:27  360704  a11391be25035570ae4b8970920f2c74	c:\windows\system32\drivers\tcpip.sys2007-10-27 08:32  2223616  95e8b55443bd91dab5632924d2616a1e	c:\windows\system32\ntkrnlpa.exe2007-10-27 08:26  2346752  24fcd8fb0c6bd0e5f3b1203769948336	c:\windows\system32\ntoskrnl.exe.(((((((((((((((((((((((((((((   SnapShot@2009-02-23_20.15.12.56   ))))))))))))))))))))))))))))))))))))))))).+ 2009-02-24 08:14:04	16,384	----atw	c:\windows\Temp\Perflib_Perfdata_7a4.dat.(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))..*Note* empty entries & legit default entries are not shown REGEDIT4[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2007-09-26 1232384]"Nowe Gadu-Gadu"="c:\program files\Nowe Gadu-Gadu\gg.exe" [2009-02-16 9302632]"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-03 15360][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-07-13 8466432]"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-07-13 81920]"NeroFilterCheck"="c:\program files\Common Files\Nero\Lib\NeroCheck.exe" [2007-03-02 153136]"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-02-23 148888]"SoundMan"="SOUNDMAN.EXE" [2007-04-16 c:\windows\SOUNDMAN.EXE]"nwiz"="nwiz.exe" [2007-07-13 c:\windows\system32\nwiz.exe][HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-03 15360]"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2007-09-26 1232384][HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]"nltide_3"="advpack.dll" [2007-10-27 c:\windows\system32\advpack.dll]c:\documents and settings\All Users\Start Menu\Programs\Startup\PLANET WL-8303.lnk - c:\program files\PLANET\WL-8303\RtlWake.exe [2009-02-24 720896][HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]"EnableFirewall"= 0 (0x0)"DisableUnicastResponsesToMulticastBroadcast"= 0 (0x0)[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\system32\\sessmgr.exe"=R0 nvcchflt;NVIDIA Disk Cache Filter Driver;c:\windows\system32\drivers\nvcchflt.sys [2009-02-23 16640]R2 EAPPkt;Realtek EAPPkt Protocol;c:\windows\system32\drivers\EAPPkt.sys [2009-02-24 8576]R3 rtl8180;Realtek RTL8180 Wireless LAN (Mini-)PCI NIC NT Driver;c:\windows\system32\drivers\RTL8180.sys [2009-02-23 185216][HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{D58F39FF-953E-4F45-898F-59F243B9A523}]RUNDLL32 advpack.dll,LaunchINFSection Sidebar.inf,Register..------- Supplementary Scan -------.FF - ProfilePath - c:\documents and settings\User\Application Data\Mozilla\Firefox\Profiles\8lkbtjt4.default\FF - component: c:\program files\Mozilla Firefox\components\xpinstal.dllFF - component: c:\program files\Mozilla Firefox\extensions\talkback@mozilla.org\components\qfaservices.dll.**************************************************************************catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.netRootkit scan 2009-02-24 09:14:09Windows 5.1.2600 Service Pack 2 NTFSscanning hidden processes ...  scanning hidden autostart entries ... scanning hidden files ...  scan completed successfullyhidden files: 0**************************************************************************.------------------------ Other Running Processes ------------------------.c:\program files\Java\jre6\bin\jqs.exec:\windows\system32\nvsvc32.exec:\windows\system32\wscntfy.exec:\windows\system32\rundll32.exe.**************************************************************************.Completion time: 2009-02-24  9:15:03 - machine was rebootedComboFix-quarantined-files.txt  2009-02-24 08:15:01ComboFix2.txt  2009-02-23 19:15:44Pre-Run: 36 121 133 056 bytes freePost-Run: 36,112,429,056 bytes free137

Co jest przyczyna owych problemow ? Juz drugi raz mi sie tak dzieje kiedys pomogles rowniez i bylo dobrze dopoki nie sformatowalem dysku. Sa to jakies wirusy czy bledy ?

Pozdrawiam serdecznie

Mateusz J.
komentarz
komentarz

Są to wirusy i to nie byle jakie.

Log wygląda na czysty, usuń folder c:\QooBox.

Jednak po takiej infekcji wymagany jest skan komputera skanerem online np. Kaspersky.

Oraz programem malwarebytes.

Raporty z obu skanowań pokaż na forum.

Sulski
komentarz
komentarz

Oto raporty

malewarebytes

Malwarebytes' Anti-Malware 1.34Wersja bazy definicji: 1798Windows 5.1.2600 Service Pack 22009-02-24 19:32:36mbam-log-2009-02-24 (19-32-36).txtTyp skanowania: Szybkie skanowaniePrzeskanowane obiekty: 57689Up³ynê³o: 2 minute(s), 14 second(s)Zainfekowane procesy w pamiêci: 0Zainfekowane modu³y pamiêci: 0Zainfekowane klucze rejestru: 0Zainfekowane wartoœci rejestru: 0Zainfekowane pliki rejestru: 0Zainfekowane foldery: 0Zainfekowane pliki: 0Zainfekowane procesy w pamiêci:(Nie wykryto groŸnych plików)Zainfekowane modu³y pamiêci:(Nie wykryto groŸnych plików)Zainfekowane klucze rejestru:(Nie wykryto groŸnych plików)Zainfekowane wartoœci rejestru:(Nie wykryto groŸnych plików)Zainfekowane pliki rejestru:(Nie wykryto groŸnych plików)Zainfekowane foldery:(Nie wykryto groŸnych plików)Zainfekowane pliki:(Nie wykryto groŸnych plików)

Kaspersky online :

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN""http://www.w3.org/TR/1999/REC-html401-19991224/loose.dtd"><html><head><title>RAPORT KASPERSKY ONLINE SCANNER 7.0</title><meta http-equiv='Content-Type' content='text/html; charset=utf-8'><style type='text/css'>	.pagetitle { font-size:20px; color:#FFFFFF; font-family: Arial, Geneva, sans-serif; }	.text { font-size:11px; font-family: Arial, Geneva, sans-serif; }	TD { font-size:11px; font-family: Arial, Geneva, sans-serif; }</style></head><body>	<table width='100%' border='0'>		<tr align='center' bgcolor='#005447'>			<td colspan='2' height='30px' class='pagetitle'>				<b>RAPORT KASPERSKY ONLINE SCANNER 7.0</b>			</td>		</tr>		<tr>			<td colspan='2' height='70px'>				wtorek, 24 luty 2009<br>				System operacyjny: Microsoft Windows XP Professional Service Pack 2 (build 2600)<br>				Wersja Kaspersky Online Scanner: 7.0.26.12<br>				Data ostatniej aktualizacji bazy danych: Tuesday, February 24, 2009 16:30:35<br>				Liczba wpisów: 1839529<br>			</td>		</tr>		<tr>			<td colspan='2' height='10px'>			</td>		</tr>	</table>	<table width='100%' border='0'>		<tr bgcolor='#EFEBDE'>			<td colspan='2' height='20px'><b>Ustawienia skanowania</b></td>		</tr>		<tr>			<td height='15px' width='250px'>Typ bazy danych użytej do skanowania</td>			<td>rozszerzona</td>		</tr>		<tr>			<td height='15px'>Skanuj archiwa</td>			<td>tak</td>		</tr>		<tr>			<td height='15px'>Skanuj pocztowe bazy danych</td>			<td>tak</td>		</tr>		<tr>			<td colspan='2' height='10px'>			</td>		</tr>		<tr bgcolor='#EFEBDE'>			<td height='20px'><b>Obszar skanowania</b></td>			<td>Mój komputer</td>		</tr>		<tr>			<td colspan='2' height='20px'>				A:\<br>				C:\<br>				D:\<br>				E:\			</td>		</tr>		<tr>			<td colspan='2' height='10px'>			</td>		</tr>		<tr bgcolor='#EFEBDE'>			<td colspan='2' height='20px'><b>Statystyki skanowania</b></td>		</tr>		<tr>			<td height='15px'>Przeskanowanych plików</td>			<td>80256</td>		</tr>		<tr>			<td height='15px'>Nazwa zagrożenia</td>			<td>5</td>		</tr>		<tr>			<td height='15px'>Zainfekowanych obiektów</td>			<td>69</td>		</tr>		<tr>			<td height='15px'>Podejrzanych obiektów</td>			<td>0</td>		</tr>		<tr>			<td height='15px'>Czas skanowania</td>			<td>01:17:42</td>		</tr>	</table>	<br>	<table width='100%%' border="0"><tr bgcolor='#EFEBDE'><td height='20px'><b>Nazwa pliku</b></td><td width='200px'><b>Nazwa zagrożenia</b></td><td width='100px'><b>Liczba zagrożeń</b></td></tr><tr><td height='20px'>C:\Documents and Settings\All Users\Desktop\keys for programs\DDVDFabPlat3200Reg.ICU\All.Fengtao.Software.Universal.Patch.1.01-ICU\All.Fengtao.Software.Universal.Patch.1.01-ICU.exe</td><td>Zainfekowany: Trojan.Win32.Delf.emr</td><td>1</td><td></tr><tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr><tr><td height='20px'>C:\WINDOWS\fix\system.exe</td><td>Zainfekowany: Trojan.BAT.Agent.mo</td><td>1</td><td></tr><tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr><tr><td height='20px'>D:\Ares\SShot\folder.htt</td><td>Zainfekowany: Trojan.VBS.Starter.e</td><td>1</td><td></tr><tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr><tr><td height='20px'>D:\folder.htt</td><td>Zainfekowany: Trojan.VBS.Zapchast.b</td><td>1</td><td></tr><tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr><tr><td height='20px'>D:\Gry\ Voleyball manager\folder.htt</td><td>Zainfekowany: Trojan.VBS.Starter.e</td><td>1</td><td></tr><tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr><tr><td height='20px'>D:\Gry\ Voleyball manager\Volleyball Manager.exe</td><td>Zainfekowany: Virus.Win32.Hidrag.a</td><td>1</td><td></tr><tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr><tr><td height='20px'>D:\Gry\CS\avi\binkplay.exe</td><td>Zainfekowany: Virus.Win32.Hidrag.a</td><td>1</td><td></tr><tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr><tr><td height='20px'>D:\Gry\EU2\agc\agc_config.exe</td><td>Zainfekowany: Virus.Win32.Hidrag.a</td><td>1</td><td></tr><tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr><tr><td height='20px'>D:\Gry\EU2\AVI\Binkplay.exe</td><td>Zainfekowany: Virus.Win32.Hidrag.a</td><td>1</td><td></tr><tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr><tr><td height='20px'>D:\Gry\EU2\cd projekt.exe</td><td>Zainfekowany: Virus.Win32.Hidrag.a</td><td>1</td><td></tr><tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr><tr><td height='20px'>D:\Gry\EU2\EU2.backup.exe</td><td>Zainfekowany: Virus.Win32.Hidrag.a</td><td>1</td><td></tr><tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr><tr><td height='20px'>D:\Gry\EU2\EU2UnlimitedPatch.exe</td><td>Zainfekowany: Virus.Win32.Hidrag.a</td><td>1</td><td></tr><tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr><tr><td height='20px'>D:\Gry\EU2\EU2_Settings.exe</td><td>Zainfekowany: Virus.Win32.Hidrag.a</td><td>1</td><td></tr><tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr><tr><td height='20px'>D:\Gry\EU2\ScenarioEditor.exe</td><td>Zainfekowany: Virus.Win32.Hidrag.a</td><td>1</td><td></tr><tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr><tr><td height='20px'>D:\Gry\Eu2pl_107_108.exe</td><td>Zainfekowany: Virus.Win32.Hidrag.a</td><td>1</td><td></tr><tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr><tr><td height='20px'>D:\Gry\Europa Universalis 2\avi\binkplay.exe</td><td>Zainfekowany: Virus.Win32.Hidrag.a</td><td>1</td><td></tr><tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr><tr><td height='20px'>D:\Gry\folder.htt</td><td>Zainfekowany: Trojan.VBS.Starter.e</td><td>1</td><td></tr><tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr><tr><td height='20px'>D:\Gry\loa\Ares.exe</td><td>Zainfekowany: Virus.Win32.Hidrag.a</td><td>1</td><td></tr><tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr><tr><td height='20px'>D:\Gry\loa\CHR\folder.htt</td><td>Zainfekowany: Trojan.VBS.Starter.e</td><td>1</td><td></tr><tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr><tr><td height='20px'>D:\Gry\loa\LoginScene\folder.htt</td><td>Zainfekowany: Trojan.VBS.Starter.e</td><td>1</td><td></tr><tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr><tr><td height='20px'>D:\Gry\LuxSetup.exe</td><td>Zainfekowany: Virus.Win32.Hidrag.a</td><td>1</td><td></tr><tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr><tr><td height='20px'>D:\Gry\owce\Sven.exe</td><td>Zainfekowany: Virus.Win32.Hidrag.a</td><td>1</td><td></tr><tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr><tr><td height='20px'>D:\Gry\Rome\gfx\folder.htt</td><td>Zainfekowany: Trojan.VBS.Starter.e</td><td>1</td><td></tr><tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr><tr><td height='20px'>D:\Gry\Rome\history\folder.htt</td><td>Zainfekowany: Trojan.VBS.Starter.e</td><td>1</td><td></tr><tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr><tr><td height='20px'>D:\Gry\Rome\logs\folder.htt</td><td>Zainfekowany: Trojan.VBS.Starter.e</td><td>1</td><td></tr><tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr><tr><td height='20px'>D:\Gry\Rome\RomeGame.exe</td><td>Zainfekowany: Virus.Win32.Hidrag.a</td><td>1</td><td></tr><tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr><tr><td height='20px'>D:\Gry\Rome\save games\folder.htt</td><td>Zainfekowany: Trojan.VBS.Starter.e</td><td>1</td><td></tr><tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr><tr><td height='20px'>D:\Gry\Rome\Screenshots\folder.htt</td><td>Zainfekowany: Trojan.VBS.Starter.e</td><td>1</td><td></tr><tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr><tr><td height='20px'>D:\Gry\Sven - Collection - by bOgz\folder.htt</td><td>Zainfekowany: Trojan.VBS.Starter.e</td><td>1</td><td></tr><tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr><tr><td height='20px'>D:\Gry\utorrent.exe</td><td>Zainfekowany: Virus.Win32.Hidrag.a</td><td>1</td><td></tr><tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr><tr><td height='20px'>D:\Gry\vm_2008_v1_17_www.victorygames.eu.exe</td><td>Zainfekowany: Virus.Win32.Hidrag.a</td><td>1</td><td></tr><tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr><tr><td height='20px'>D:\Gry\Warcraft 2\WAR2ED95.EXE</td><td>Zainfekowany: Virus.Win32.Hidrag.a</td><td>1</td><td></tr><tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr><tr><td height='20px'>D:\Gry\Warcraft III\BNUpdate.exe</td><td>Zainfekowany: Virus.Win32.Hidrag.a</td><td>1</td><td></tr><tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr><tr><td height='20px'>D:\Gry\Warcraft III\war3.exe</td><td>Zainfekowany: Virus.Win32.Hidrag.a</td><td>1</td><td></tr><tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr><tr><td height='20px'>D:\Gry\Warcraft III\worldedit.exe</td><td>Zainfekowany: Virus.Win32.Hidrag.a</td><td>1</td><td></tr><tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr><tr><td height='20px'>D:\Sulski\Filmy\Angielska robota[2008](LEKTOR PL)DVDRip.RMVB[www.wielkiekino.eu]\folder.htt</td><td>Zainfekowany: Trojan.VBS.Starter.e</td><td>1</td><td></tr><tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr><tr><td height='20px'>D:\Sulski\Filmy\Beyond The Clouds\folder.htt</td><td>Zainfekowany: Trojan.VBS.Starter.e</td><td>1</td><td></tr><tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr><tr><td height='20px'>D:\Sulski\Filmy\Chłopaki też płaczą[2008](LEKTOR PL)DVDRip.XviD[www.wielkiekino.eu]\folder.htt</td><td>Zainfekowany: Trojan.VBS.Starter.e</td><td>1</td><td></tr><tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr><tr><td height='20px'>D:\Sulski\Filmy\Garden.State\folder.htt</td><td>Zainfekowany: Trojan.VBS.Starter.e</td><td>1</td><td></tr><tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr><tr><td height='20px'>D:\Sulski\Filmy\Grubazzzki[2006](LEKTOR PL)DVDRip.RMVB[www.wielkiekino.eu]\folder.htt</td><td>Zainfekowany: Trojan.VBS.Starter.e</td><td>1</td><td></tr><tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr><tr><td height='20px'>D:\Sulski\Filmy\Legend.Of.Earthsea 1 Earthsea.Epizod.I.2005.PL.DVDRip\folder.htt</td><td>Zainfekowany: Trojan.VBS.Starter.e</td><td>1</td><td></tr><tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr><tr><td height='20px'>D:\Sulski\Filmy\Made Of Honor[2008](LEKTOR PL)DVDRip.RMVB[www.wielkiekino.eu]\folder.htt</td><td>Zainfekowany: Trojan.VBS.Starter.e</td><td>1</td><td></tr><tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr><tr><td height='20px'>D:\Sulski\Filmy\Nagi instykt 2\folder.htt</td><td>Zainfekowany: Trojan.VBS.Starter.e</td><td>1</td><td></tr><tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr><tr><td height='20px'>D:\Sulski\Filmy\OCEAN's 13-Ocean's Thirteen[2007](LEKTOR PL)DVDRip.RMVB[www.wielkiekino.za.pl]\folder.htt</td><td>Zainfekowany: Trojan.VBS.Starter.e</td><td>1</td><td></tr><tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr><tr><td height='20px'>D:\Sulski\Filmy\Porachunki\folder.htt</td><td>Zainfekowany: Trojan.VBS.Starter.e</td><td>1</td><td></tr><tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr><tr><td height='20px'>D:\Sulski\Filmy\Sh_em_up\folder.htt</td><td>Zainfekowany: Trojan.VBS.Starter.e</td><td>1</td><td></tr><tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr><tr><td height='20px'>D:\Sulski\Filmy\Thought Crimes\folder.htt</td><td>Zainfekowany: Trojan.VBS.Starter.e</td><td>1</td><td></tr><tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr><tr><td height='20px'>D:\Sulski\Filmy\totek\What Happens In Vegas\folder.htt</td><td>Zainfekowany: Trojan.VBS.Starter.e</td><td>1</td><td></tr><tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr><tr><td height='20px'>D:\Sulski\Filmy\Toudi\Midnight Movie (2008)\folder.htt</td><td>Zainfekowany: Trojan.VBS.Starter.e</td><td>1</td><td></tr><tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr><tr><td height='20px'>D:\Sulski\Filmy\Toudi\Passengers (2008)\folder.htt</td><td>Zainfekowany: Trojan.VBS.Starter.e</td><td>1</td><td></tr><tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr><tr><td height='20px'>D:\Sulski\Filmy\Toudi\Wyspa Nim 2008 [DVDRip.RMVB-Ps] [Dubbing PL]\folder.htt</td><td>Zainfekowany: Trojan.VBS.Starter.e</td><td>1</td><td></tr><tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr><tr><td height='20px'>D:\Sulski\Filmy\UFileDownloadTrial.EXE</td><td>Zainfekowany: Virus.Win32.Hidrag.a</td><td>1</td><td></tr><tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr><tr><td height='20px'>D:\Sulski\Filmy\W rękach wroga[2004](LEKTOR PL)DVDRip.RMVB[www.wielkiekino.eu]\folder.htt</td><td>Zainfekowany: Trojan.VBS.Starter.e</td><td>1</td><td></tr><tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr><tr><td height='20px'>D:\Sulski\Filmy\X-Men.The.Last.Stand.DVDRip.XviD-DoNE\folder.htt</td><td>Zainfekowany: Trojan.VBS.Starter.e</td><td>1</td><td></tr><tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr><tr><td height='20px'>D:\Sulski\Instalki & Programy\realalt190.exe</td><td>Zainfekowany: Virus.Win32.Hidrag.a</td><td>1</td><td></tr><tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr><tr><td height='20px'>D:\Sulski\Torenty\Age of Empires III 3in1\folder.htt</td><td>Zainfekowany: Trojan.VBS.Starter.e</td><td>1</td><td></tr><tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr><tr><td height='20px'>D:\Sulski\Torenty\Age of Empires III 3in1\setup.exe</td><td>Zainfekowany: Virus.Win32.Hidrag.a</td><td>1</td><td></tr><tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr><tr><td height='20px'>D:\Sulski\Torenty\Crusader_Kings-iMMERSiON\folder.htt</td><td>Zainfekowany: Trojan.VBS.Starter.e</td><td>1</td><td></tr><tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr><tr><td height='20px'>D:\Sulski\Torenty\gothika pl\folder.htt</td><td>Zainfekowany: Trojan.VBS.Starter.e</td><td>1</td><td></tr><tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr><tr><td height='20px'>D:\Sulski\Torenty\Handball Manager 2007 - World Edition [PC - CLONECD - English][www.TMasGames.com]\folder.htt</td><td>Zainfekowany: Trojan.VBS.Starter.e</td><td>1</td><td></tr><tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr><tr><td height='20px'>D:\Sulski\Torenty\lhm2005setup.exe</td><td>Zainfekowany: Virus.Win32.Hidrag.a</td><td>1</td><td></tr><tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr><tr><td height='20px'>D:\Sulski\Torenty\Medieval II Total War + Kingdoms\folder.htt</td><td>Zainfekowany: Trojan.VBS.Starter.e</td><td>1</td><td></tr><tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr><tr><td height='20px'>D:\Sulski\Torenty\Patch\folder.htt</td><td>Zainfekowany: Trojan.VBS.Starter.e</td><td>1</td><td></tr><tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr><tr><td height='20px'>D:\Sulski\Torenty\Shogun Total War Gold Edition-Evocation8\folder.htt</td><td>Zainfekowany: Trojan.VBS.Starter.e</td><td>1</td><td></tr><tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr><tr><td height='20px'>D:\Sulski\Torenty\The.Curious.Case.of.Benjamin.Button.DVDSCR.XviD-DEViSE\folder.htt</td><td>Zainfekowany: Trojan.VBS.Starter.e</td><td>1</td><td></tr><tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr><tr><td height='20px'>D:\Sulski\Torenty\Underworld.Rise.Of.The.Lycans.2009.DvDscr.SubPL.RMVBHunters\folder.htt</td><td>Zainfekowany: Trojan.VBS.Starter.e</td><td>1</td><td></tr><tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr><tr><td height='20px'>D:\Sulski\Torenty\Warcraft III and The Frozen Throne\folder.htt</td><td>Zainfekowany: Trojan.VBS.Starter.e</td><td>1</td><td></tr><tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr><tr><td height='20px'>D:\Sulski\Torenty\Wild.Child.2008.PL[DVDrip.RMVB][LEK-PL]\folder.htt</td><td>Zainfekowany: Trojan.VBS.Starter.e</td><td>1</td><td></tr><tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr><tr><td height='20px'>D:\T1.rar</td><td>Zainfekowany: Virus.Win32.Hidrag.a</td><td>1</td><td></tr><tr><td colspan='3' height='1' bgcolor='#EFEBDE'></td></tr><tr><td colspan='3' height='20px'><b>Wybrany obszar został przeskanowany.</td></tr></table></body></html>
Mateusz J.
komentarz
komentarz

Wygląda jakby było wszystko ok.

Nie jestem tylko pewien czy te pliki, które są pokazane jako zainfekowane rzeczywiście są zainfekowane.

Tu już musisz sam zadecydować.

Sulski
komentarz
komentarz

Bardzo dziekuje , mysle ze juz wszystko okej , internet dziala jak nalezy , blad explorera ktory wyskakiwal po kazdym uruchomieniu takze ustapil.

Tylko moje pytanie czemu te problemy ukazuja sie po formacie ?

Mateusz J.
komentarz
komentarz (edytowane)

najprawdopodobniej isntalujesz oprogramowanie z wirusem

ale może instalujesz windows z podpiętym kablem sieciowym z jeszcze nie zainstalowanym antywirem

ale jeśli tak się robi za każdym razem to stawiał bym na ten pierwszy przypadek

Sulski
komentarz
komentarz

Nowy log z combofixa i hijacka bo znowu cos zaczyna zamulac , mianowicie nie moge dociagnac zadnego pliku do koncu , przerywalo mniej wiecej po 200mb , a teraz w operze , bo jej uzywam od zawsze , w ogole nie chce zastartowac pliku do sciagniecia.

combofix :

ComboFix 09-02-25.02 - Sulski 2009-02-26 13:01:04.3 - NTFSx86Microsoft Windows XP Professional  5.1.2600.2.1252.1.1033.18.1535.1060 [GMT 1:00]Running from: d:\sulski\Instalki & Programy\ComboFix.exe * Created a new restore pointWARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!.(((((((((((((((((((((((((   Files Created from 2009-01-26 to 2009-02-26  ))))))))))))))))))))))))))))))).2009-02-25 18:09 . 2009-02-25 18:09	<DIR>	d--------	c:\program files\ACE Mega CoDecS Pack2009-02-24 20:15 . 2009-02-24 20:15	<DIR>	d--------	c:\windows\system32\IOSUBSYS2009-02-24 20:15 . 2009-02-24 20:15	<DIR>	d--------	c:\program files\Google2009-02-24 20:15 . 2008-04-08 00:16	9,200	---------	c:\windows\system32\drivers\cdralw2k.sys2009-02-24 20:15 . 2008-04-08 00:16	9,072	---------	c:\windows\system32\drivers\cdr4_xp.sys2009-02-24 19:28 . 2009-02-24 19:28	<DIR>	d--------	c:\program files\Malwarebytes' Anti-Malware2009-02-24 19:28 . 2009-02-24 19:28	<DIR>	d--------	c:\documents and settings\Sulski\Application Data\Malwarebytes2009-02-24 19:28 . 2009-02-24 19:28	<DIR>	d--------	c:\documents and settings\All Users\Application Data\Malwarebytes2009-02-24 19:28 . 2009-02-11 10:19	38,496	--a------	c:\windows\system32\drivers\mbamswissarmy.sys2009-02-24 19:28 . 2009-02-11 10:19	15,504	--a------	c:\windows\system32\drivers\mbam.sys2009-02-24 15:12 . 2009-02-24 15:12	<DIR>	d--------	c:\program files\Nowe Gadu-Gadu2009-02-24 12:31 . 2009-02-25 14:25	<DIR>	d--------	c:\documents and settings\Sulski\Application Data\foobar20002009-02-24 12:26 . 2009-02-24 12:26	<DIR>	d--------	c:\documents and settings\Sulski\Application Data\Talkback2009-02-24 12:10 . 2009-02-24 12:10	<DIR>	d--------	c:\documents and settings\Sulski\Application Data\Nowe Gadu-Gadu2009-02-24 10:08 . 2009-02-24 10:08	<DIR>	d--------	c:\documents and settings\Milena2009-02-24 09:50 . 2009-02-24 09:50	<DIR>	d--------	c:\windows\system32\10452009-02-24 09:50 . 2001-12-05 00:00	65,536	--a------	c:\windows\system32\WMErrPLK.dll2009-02-24 09:50 . 2001-12-05 00:00	36,946	--a------	c:\windows\WMPrfPLK.prx2009-02-24 09:47 . 2009-02-24 00:20	<DIR>	d--------	c:\documents and settings\Sulski\Application Data\uTorrent2009-02-24 09:47 . 2009-02-24 09:47	<DIR>	d--------	c:\documents and settings\Sulski2009-02-24 09:47 . 2004-08-03 22:00	221,184	--a------	c:\windows\system32\wmpns.dll2009-02-24 09:22 . 2009-02-24 09:22	<DIR>	d--------	c:\program files\FDRLab2009-02-24 01:19 . 2009-02-24 01:19	<DIR>	d--------	c:\program files\PLANET2009-02-24 01:19 . 2009-02-24 10:14	<DIR>	d--h-----	c:\program files\InstallShield Installation Information2009-02-24 01:19 . 2009-02-24 01:19	<DIR>	d--------	c:\program files\Common Files\InstallShield2009-02-24 01:19 . 2003-11-26 23:40	159,744	--a------	c:\windows\system32\RtlLib.dll2009-02-24 01:19 . 2003-11-18 18:27	155,648	--a------	c:\windows\system32\IpLib.dll2009-02-24 01:19 . 2004-03-16 03:33	118,784	--a------	c:\windows\system32\WakeResDll.dll2009-02-24 01:19 . 2004-03-29 18:45	118,784	--a------	c:\windows\system32\RtWLanRes.dll2009-02-24 01:19 . 2003-10-17 05:20	110,592	--a------	c:\windows\system32\EnumDevLib.dll2009-02-24 01:19 . 2002-10-02 17:57	13,532	--a------	c:\windows\system32\drivers\SjyPkt.sys2009-02-24 01:19 . 2003-12-11 00:06	8,576	--a------	c:\windows\system32\drivers\EAPPkt.sys2009-02-24 01:04 . 2009-02-24 01:05	<DIR>	d--------	c:\program files\foobar2000.((((((((((((((((((((((((((((((((((((((((   Find3M Report   )))))))))))))))))))))))))))))))))))))))))))))))))))).2009-02-23 23:33	---------	d-----w	c:\program files\Nero2009-02-23 23:33	---------	d-----w	c:\program files\Common Files\Nero2009-02-23 23:33	---------	d-----w	c:\documents and settings\All Users\Application Data\Nero2009-02-23 23:25	---------	d-----w	c:\program files\Alky for Applications2009-02-23 23:24	---------	d-----w	c:\program files\Mozilla Thunderbird2009-02-23 23:20	---------	d-----w	c:\program files\uTorrent2009-02-23 23:19	---------	d-----w	c:\program files\Windows Sidebar2009-02-23 23:19	---------	d-----w	c:\program files\VistaExperience.org2009-02-23 23:17	---------	d-----w	c:\program files\Windows Media Connect 22009-02-23 19:16	---------	d-----w	c:\program files\Trend Micro2009-02-23 19:14	---------	d-----w	c:\program files\microsoft frontpage2009-02-23 16:35	410,984	----a-w	c:\windows\system32\deploytk.dll2009-02-23 16:35	---------	d-----w	c:\program files\Java2009-02-23 16:32	---------	d-----w	c:\program files\Opera2009-01-05 22:33	3,751,995	----a-w	c:\windows\system32\GPhotos.scr2007-10-09 05:33	66,408	----a-w	c:\program files\mozilla firefox\components\jar50.dll2007-10-09 05:33	54,112	----a-w	c:\program files\mozilla firefox\components\jsd3250.dll2007-10-09 05:33	34,688	----a-w	c:\program files\mozilla firefox\components\myspell.dll2007-10-09 05:33	46,456	----a-w	c:\program files\mozilla firefox\components\spellchk.dll2007-10-09 05:33	171,880	----a-w	c:\program files\mozilla firefox\components\xpinstal.dll.------- Sigcheck -------2007-10-27 08:27  360704  a11391be25035570ae4b8970920f2c74	c:\windows\system32\drivers\tcpip.sys2007-10-27 08:32  2223616  95e8b55443bd91dab5632924d2616a1e	c:\windows\system32\ntkrnlpa.exe2007-10-27 08:26  2346752  24fcd8fb0c6bd0e5f3b1203769948336	c:\windows\system32\ntoskrnl.exe.(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))..*Note* empty entries & legit default entries are not shown REGEDIT4[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2007-09-26 1232384]"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-03 15360]"Google Update"="c:\documents and settings\Sulski\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2009-02-24 133104][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-07-13 8466432]"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-07-13 81920]"NeroFilterCheck"="c:\program files\Common Files\Nero\Lib\NeroCheck.exe" [2007-03-02 153136]"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-02-23 148888]"SoundMan"="SOUNDMAN.EXE" [2007-04-16 c:\windows\SOUNDMAN.EXE]"nwiz"="nwiz.exe" [2007-07-13 c:\windows\system32\nwiz.exe][HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-03 15360]"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2007-09-26 1232384][HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]"nltide_3"="advpack.dll" [2007-10-27 c:\windows\system32\advpack.dll]c:\documents and settings\All Users\Start Menu\Programs\Startup\PLANET WL-8303.lnk - c:\program files\PLANET\WL-8303\RtlWake.exe [2009-02-24 720896][HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]"msacm.iac2"= c:\progra~1\ACEMEG~1\SystemS\Intel\iac25_32.ax"msacm.sl_anet"= c:\progra~1\ACEMEG~1\SystemS\sl_anet.acm"vidc.yv12"= c:\progra~1\ACEMEG~1\SystemS\ATI\atiyuv12.DLL"vidc.divx"= c:\progra~1\ACEMEG~1\SystemS\DivX\DivX520.dll"vidc.iyuv"= c:\progra~1\ACEMEG~1\SystemS\Intel\iyuv_32.dll"vidc.yvu9"= c:\progra~1\ACEMEG~1\SystemS\Intel\Iyvu9_32.dll"vidc.uyvy"= c:\progra~1\ACEMEG~1\SystemS\MICROS~1\msyuv.dll"vidc.yuy2"= c:\progra~1\ACEMEG~1\SystemS\MICROS~1\msyuv.dll"vidc.yvyu"= c:\progra~1\ACEMEG~1\SystemS\MICROS~1\msyuv.dll"msacm.msaudio1"= c:\progra~1\ACEMEG~1\SystemS\MICROS~1\msaud32.acm[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]"EnableFirewall"= 0 (0x0)"DisableUnicastResponsesToMulticastBroadcast"= 0 (0x0)[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\system32\\sessmgr.exe"=R0 nvcchflt;NVIDIA Disk Cache Filter Driver;c:\windows\system32\drivers\nvcchflt.sys [2009-02-23 16640]R3 IZRyrGGUr;IZRyrGGUr;\??\d:\t\LUZVOKFF --> d:\t\LUZVOKFF [?]R3 rtl8180;Realtek RTL8180 Wireless LAN (Mini-)PCI NIC NT Driver;c:\windows\system32\drivers\RTL8180.sys [2009-02-23 185216]R3 XDva076;XDva076;\??\c:\windows\system32\XDva076.sys --> c:\windows\system32\XDva076.sys [?]S?2 EAPPkt;Realtek EAPPkt Protocol;c:\windows\system32\drivers\EAPPkt.sys [2009-02-24 8576]S3 bptEPeStKF;bptEPeStKF;\??\d:\t\PEBETCHM --> d:\t\PEBETCHM [?]S3 DfhcRUuJyv;DfhcRUuJyv;\??\d:\t\TARI --> d:\t\TARI [?]--- Other Services/Drivers In Memory ---*NewlyCreated* - IZRYRGGUR[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{D58F39FF-953E-4F45-898F-59F243B9A523}]RUNDLL32 advpack.dll,LaunchINFSection Sidebar.inf,Register.Contents of the 'Scheduled Tasks' folder2009-02-26 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2052111302-1060284298-725345543-1005.job- c:\documents and settings\Sulski\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-02-24 12:40]..------- Supplementary Scan -------.uInternet Connection Wizard,ShellNext = hxxp://ares.netgame.com/IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200DPF: {99CAAA27-FA0C-4FA4-B88A-4AB1CC7A17FE} - hxxp://ares.netgame.com/launch/object/mglaunch_USAv1004.cabFF - ProfilePath - c:\documents and settings\Sulski\Application Data\Mozilla\Firefox\Profiles\5cpud36w.default\FF - prefs.js: network.proxy.type - 2FF - component: c:\program files\Mozilla Firefox\components\xpinstal.dllFF - component: c:\program files\Mozilla Firefox\extensions\talkback@mozilla.org\components\qfaservices.dll.**************************************************************************catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.netRootkit scan 2009-02-26 13:02:13Windows 5.1.2600 Service Pack 2 NTFSscanning hidden processes ...  scanning hidden autostart entries ... scanning hidden files ...  scan completed successfullyhidden files: 0**************************************************************************[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\bptEPeStKF]"ImagePath"="\??\d:\t\PEBETCHM"[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\DfhcRUuJyv]"ImagePath"="\??\d:\t\TARI"[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\IZRyrGGUr]"ImagePath"="\??\d:\t\LUZVOKFF".Completion time: 2009-02-26 13:03:03ComboFix-quarantined-files.txt  2009-02-26 12:03:01ComboFix2.txt  2009-02-24 08:15:04Pre-Run: 35 369 676 800 bytes freePost-Run: 35,429,572,608 bytes free159

Hijack

Logfile of Trend Micro HijackThis v2.0.2Scan saved at 13:09:29, on 2009-02-26Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.20627)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\spoolsv.exeC:\Program Files\Java\jre6\bin\jqs.exeC:\WINDOWS\system32\nvsvc32.exeC:\WINDOWS\system32\wscntfy.exeC:\WINDOWS\system32\RUNDLL32.EXEC:\Program Files\Java\jre6\bin\jusched.exeC:\Program Files\Windows Sidebar\sidebar.exeC:\WINDOWS\system32\ctfmon.exeC:\Documents and Settings\Sulski\Local Settings\Application Data\Google\Update\GoogleUpdate.exeC:\Program Files\PLANET\WL-8303\RtlWake.exeC:\Program Files\Windows Sidebar\sidebar.exeC:\Program Files\Nowe Gadu-Gadu\gg.exeC:\Program Files\Nowe Gadu-Gadu\spellchecker_gg.exeC:\Program Files\foobar2000\foobar2000.exeD:\T\sulski.exeC:\Program Files\Opera\opera.exeC:\WINDOWS\explorer.exeC:\Program Files\Trend Micro\HijackThis\HijackThis.exeR0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://ares.netgame.com/O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dllO2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dllO4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXEO4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartupO4 - HKLM\..\Run: [nwiz] nwiz.exe /installO4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInitO4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exeO4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRunO4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exeO4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Sulski\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /cO4 - HKUS\S-1-5-21-2052111302-1060284298-725345543-1003\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun (User 'User')O4 - HKUS\S-1-5-21-2052111302-1060284298-725345543-1003\..\Run: [Nowe Gadu-Gadu] "C:\Program Files\Nowe Gadu-Gadu\gg.exe" (User 'User')O4 - HKUS\S-1-5-21-2052111302-1060284298-725345543-1003\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'User')O4 - HKUS\S-1-5-21-2052111302-1060284298-725345543-1004\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Milena')O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')O4 - Global Startup: PLANET WL-8303.lnk = ?O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exeO9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exeO9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO16 - DPF: {99CAAA27-FA0C-4FA4-B88A-4AB1CC7A17FE} (MGLaunch_v1004 Class) - http://ares.netgame.com/launch/object/mglaunch_USAv1004.cabO23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exeO23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exeO23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exeO23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe--End of file - 5052 bytes

Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!

Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.

×
×
  • Dodaj nową pozycję...

Powiadomienie o plikach cookie

Strona wykorzystuje pliki cookies w celu prawidłowego świadczenia usług i wygody użytkowników. Warunki przechowywania i dostępu do plików cookies możesz zmienić w ustawieniach przeglądarki.