Skocz do zawartości

olkkaa1986

Użytkownik
 Pokaż profil  Zobacz aktywność

  • Liczba zawartości

    3

  • Rejestracja

  • Ostatnia wizyta

olkkaa1986's Achievements

Newbie

Newbie (1/14)

0

Reputacja

  1. olkkaa1986
    Teraz już chyba się go pozbyłam. Zamieszam bynajmniej log jaki powstał po zastosowaniu się do Pańskiej instrukcji: » Naciśnij aby pokazać/ukryć tekst oznaczony jako spoiler « - ComboFix ComboFix 08-06-09.7 - dom 2008-06-10 9:10:09.2 - FAT32x86 Microsoft Windows XP Professional 5.1.2600.2.1250.1.1045.18.249 [GMT 2:00] Running from: C:\Documents and Settings\dom\Pulpit\ComboFix.exe Command switches used :: C:\Documents and Settings\dom\Pulpit\CFScript.txt * Created a new restore point WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! FILE :: C:\WINDOWS\tusant8x.dll . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . C:\WINDOWS\tusant8x.dll . ((((((((((((((((((((((((( Files Created from 2008-05-10 to 2008-06-10 ))))))))))))))))))))))))))))))) . 2008-06-10 00:23 . 2008-06-10 00:23 <DIR> d-------- C:\Program Files\SUPERAntiSpyware 2008-06-10 00:23 . 2008-06-10 00:23 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard 2008-06-10 00:23 . 2008-06-10 00:23 <DIR> d-------- C:\Documents and Settings\dom\Dane aplikacji\SUPERAntiSpyware.com 2008-06-10 00:23 . 2008-06-10 00:23 <DIR> d-------- C:\Documents and Settings\All Users\Dane aplikacji\SUPERAntiSpyware.com 2008-06-09 23:04 . 2008-06-09 23:04 <DIR> d-------- C:\Documents and Settings\All Users\Dane aplikacji\TEMP 2008-06-09 22:11 . 2008-06-09 22:11 <DIR> d-------- C:\Program Files\SkanerOnline 2008-06-09 20:23 . 2008-03-27 18:26 15,024 --a------ C:\WINDOWS\system32\drivers\RkPavProc.sys 2008-06-09 20:05 . 2008-06-09 20:05 <DIR> d-------- C:\Program Files\Panda Security 2008-06-09 16:20 . 2008-06-09 16:20 <DIR> d-------- C:\Program Files\PhotoFiltre . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-05-06 15:33 --------- d-----w C:\Program Files\EA GAMES 2008-04-20 16:23 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\WEBREG 2008-04-20 16:21 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\Hewlett-Packard 2008-04-20 16:16 --------- d-----w C:\Documents and Settings\dom\Dane aplikacji\HPAppData 2008-04-20 16:16 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\HPSSUPPLY 2008-04-20 16:15 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\HP Product Assistant 2008-04-20 16:14 --------- d-----w C:\Program Files\Common Files\HP . ((((((((((((((((((((((((((((( snapshot@2008-06-09_23.57.15.46 ))))))))))))))))))))))))))))))))))))))))) . + 2008-06-09 22:23:56 18,944 ----a-r C:\WINDOWS\Installer\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}\IconCDDCBBF13.exe + 2008-06-09 22:23:56 65,024 ----a-r C:\WINDOWS\Installer\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}\IconCDDCBBF15.exe + 2008-06-10 06:37:10 16,384 ----a-w C:\WINDOWS\Temp\Perflib_Perfdata_530.dat . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NBJ"="C:\Program Files\Ahead\Nero BackItUp\NBJ.exe" [2005-10-11 18:25 1961984] "Skype"="C:\Program Files\Skype\Phone\Skype.exe" [2007-01-12 14:11 25448488] "DAEMON Tools"="C:\Program Files\DAEMON Tools\daemon.exe" [2006-11-12 11:48 157592] "Gadu-Gadu"="C:\Program Files\Gadu-Gadu\gg.exe" [2007-01-30 15:58 1716224] "BitComet"="C:\Program Files\BitComet\BitComet.exe" [2007-12-07 16:03 1913656] "SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2008-05-28 10:33 1506544] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SkyTel"="SkyTel.EXE" [2006-05-16 12:04 2879488 C:\WINDOWS\SkyTel.exe] "RTHDCPL"="RTHDCPL.EXE" [2006-05-18 08:27 16207872 C:\WINDOWS\RTHDCPL.EXE] "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-06-01 11:22 7618560] "nwiz"="nwiz.exe" [2006-06-01 11:22 1519616 C:\WINDOWS\system32\nwiz.exe] "NvMediaCenter"="NvMCTray.dll" [2006-06-01 11:22 86016 C:\WINDOWS\system32\nvmctray.dll] "NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 10:50 155648] "RemoteControl"="C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" [2004-11-02 20:24 32768] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 04:25 144784] "WinampAgent"="C:\Program Files\Winamp\winampa.exe" [2006-10-25 07:37 35328] "Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" [2005-06-06 23:46 57344] "PCSuiteTrayApplication"="C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe" [2007-06-18 15:10 271360] "HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2007-03-11 21:34 49152] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-03 22:44 15360] "ALUalert"="C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe" [2002-10-08 12:29 54880] "Nokia.PCSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-06-19 10:17 1241088] C:\Documents and Settings\dom\Menu Start\Programy\Autostart\ OpenOfficePL 2005 Home.lnk - C:\Program Files\OpenOfficePL2005 Home\program\quickstart.exe [2005-03-01 01:10:00 49229] C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\ HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2007-03-11 21:26:24 210520] [hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks] "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2008-05-13 10:13 77824] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon] C:\Program Files\SUPERAntiSpyware\SASWINLO.dll 2007-04-19 13:41 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "C:\\WINDOWS\\system32\\sessmgr.exe"= "C:\\Program Files\\Gadu-Gadu\\GG.EXE"= "C:\\Program Files\\HP\\Digital Imaging\\BIN\\HPQTRA08.EXE"= "C:\\Program Files\\HP\\Digital Imaging\\BIN\\hpqste08.exe"= "C:\\Program Files\\HP\\Digital Imaging\\BIN\\hposid01.exe"= "C:\\Program Files\\HP\\Digital Imaging\\BIN\\hpqscnvw.exe"= "C:\\Program Files\\HP\\Digital Imaging\\BIN\\hpqkygrp.exe"= "C:\\Program Files\\HP\\Digital Imaging\\BIN\\hpqnrs08.exe"= "C:\\Program Files\\Skype\\Phone\\Skype.exe"= "C:\\Program Files\\BitComet\\BitComet.exe"= "C:\\Program Files\\BitComet\\tools\\CometBrowser.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "22065:TCP"= 22065:TCP:BitComet 22065 TCP "22065:UDP"= 22065:UDP:BitComet 22065 UDP R0 PzWDM;PzWDM;C:\WINDOWS\system32\Drivers\PzWDM.sys [2008-01-06 12:13] R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-05-16 01:20] R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-05-16 01:16] S3 usbscan;Sterownik skanera USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 22:58] S3 USBSTOR;Sterownik magazynu masowego USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 23:08] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12 hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc *Newly Created Service* - CATCHME . Contents of the 'Scheduled Tasks' folder "2008-06-10 06:37:36 C:\WINDOWS\Tasks\Symantec NetDetect.job" - C:\Program Files\Symantec\LiveUpdate\NDETECT.EXE . ************************************************************************** catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-06-10 09:11:06 Windows 5.1.2600 Dodatek Service Pack 2 FAT NTAPI scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . Completion time: 2008-06-10 9:11:27 ComboFix-quarantined-files.txt 2008-06-10 07:11:26 ComboFix2.txt 2008-06-09 21:57:46 Pre-Run: 3,880,878,080 bajtów wolnych Post-Run: 3,877,289,984 bajtów wolnych 123 POZDRAWIAM GORąCO
  2. olkkaa1986
    Nie bardzo się orientuję w tym bo z natury blondynką jestem, więc może dokładniej napisz co mam zrobić 8O PROSZę !! » Naciśnij aby pokazać/ukryć tekst oznaczony jako spoiler « - ComboFix ComboFix 08-06-09.3 - dom 2008-06-09 23:52:26.1 - FAT32x86 Running from: C:\Documents and Settings\dom\Pulpit\ComboFix.exe WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . C:\Program Files\myglobalsearch C:\Program Files\myglobalsearch\bar\1.bin\M9FFXTBR.JAR C:\Program Files\myglobalsearch\bar\1.bin\M9FFXTBR.MANIFEST C:\Program Files\myglobalsearch\bar\1.bin\M9NTSTBR.JAR C:\Program Files\myglobalsearch\bar\1.bin\M9NTSTBR.MANIFEST C:\Program Files\myglobalsearch\bar\1.bin\M9PLUGIN.DLL C:\Program Files\myglobalsearch\bar\1.bin\MGSBAR.DLL C:\Program Files\myglobalsearch\bar\1.bin\NPMYGLSH.DLL C:\Program Files\myglobalsearch\bar\Cache\00038473.bin C:\Program Files\myglobalsearch\bar\Cache\000386F4.bin C:\Program Files\myglobalsearch\bar\Cache\000388F7.bin C:\Program Files\myglobalsearch\bar\Cache\0045D89D C:\Program Files\myglobalsearch\bar\Cache\files.ini C:\Program Files\myglobalsearch\bar\History\search C:\Program Files\myglobalsearch\bar\Settings\prevcfg.htm C:\WINDOWS\system32\AutoRun.inf . ((((((((((((((((((((((((( Files Created from 2008-05-09 to 2008-06-09 ))))))))))))))))))))))))))))))) . 2008-06-09 23:04 . 2008-06-09 23:04 <DIR> d-------- C:\WINDOWS\system32\Kaspersky Lab 2008-06-09 23:04 . 2008-06-09 23:04 <DIR> d-------- C:\Program Files\Spyware Doctor 2008-06-09 23:04 . 2008-06-09 23:04 <DIR> d-------- C:\Documents and Settings\dom\Dane aplikacji\PC Tools 2008-06-09 23:04 . 2008-06-09 23:04 <DIR> d-------- C:\Documents and Settings\All Users\Dane aplikacji\TEMP 2008-06-09 23:04 . 2008-06-09 23:04 <DIR> d-------- C:\Documents and Settings\All Users\Dane aplikacji\Kaspersky Lab 2008-06-09 23:04 . 2007-12-10 14:53 81,288 --a------ C:\WINDOWS\system32\drivers\iksyssec.sys 2008-06-09 23:04 . 2007-12-10 14:53 66,952 --a------ C:\WINDOWS\system32\drivers\iksysflt.sys 2008-06-09 23:04 . 2008-02-01 12:55 42,376 --a------ C:\WINDOWS\system32\drivers\ikfilesec.sys 2008-06-09 23:04 . 2007-12-10 14:53 29,576 --a------ C:\WINDOWS\system32\drivers\kcom.sys 2008-06-09 22:11 . 2008-06-09 22:11 <DIR> d-------- C:\Program Files\SkanerOnline 2008-06-09 20:23 . 2008-03-27 18:26 15,024 --a------ C:\WINDOWS\system32\drivers\RkPavProc.sys 2008-06-09 20:05 . 2008-06-09 20:05 <DIR> d-------- C:\Program Files\Panda Security 2008-06-09 16:20 . 2008-06-09 16:20 <DIR> d-------- C:\Program Files\PhotoFiltre 2008-06-09 16:09 . 2008-06-09 16:09 254,464 --a------ C:\WINDOWS\tusant8x.dll . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-05-06 15:33 --------- d-----w C:\Program Files\EA GAMES 2008-04-20 16:23 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\WEBREG 2008-04-20 16:21 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\Hewlett-Packard 2008-04-20 16:16 --------- d-----w C:\Documents and Settings\dom\Dane aplikacji\HPAppData 2008-04-20 16:16 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\HPSSUPPLY 2008-04-20 16:15 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\HP Product Assistant 2008-04-20 16:14 --------- d-----w C:\Program Files\Common Files\HP . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{50AB4474-F8B5-4F66-BAC5-4251E765B827}] 2008-06-09 16:09 254464 --a------ C:\WINDOWS\tusant8x.dll [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NBJ"="C:\Program Files\Ahead\Nero BackItUp\NBJ.exe" [2005-10-11 18:25 1961984] "Skype"="C:\Program Files\Skype\Phone\Skype.exe" [2007-01-12 14:11 25448488] "DAEMON Tools"="C:\Program Files\DAEMON Tools\daemon.exe" [2006-11-12 11:48 157592] "Gadu-Gadu"="C:\Program Files\Gadu-Gadu\gg.exe" [2007-01-30 15:58 1716224] "BitComet"="C:\Program Files\BitComet\BitComet.exe" [2007-12-07 16:03 1913656] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SkyTel"="SkyTel.EXE" [2006-05-16 12:04 2879488 C:\WINDOWS\SkyTel.exe] "RTHDCPL"="RTHDCPL.EXE" [2006-05-18 08:27 16207872 C:\WINDOWS\RTHDCPL.EXE] "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-06-01 11:22 7618560] "nwiz"="nwiz.exe" [2006-06-01 11:22 1519616 C:\WINDOWS\system32\nwiz.exe] "NvMediaCenter"="NvMCTray.dll" [2006-06-01 11:22 86016 C:\WINDOWS\system32\nvmctray.dll] "NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 10:50 155648] "RemoteControl"="C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" [2004-11-02 20:24 32768] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 04:25 144784] "BearShare"="C:\Program Files\BearShare\BearShare.exe" [2006-08-01 17:04 3313664] "WinampAgent"="C:\Program Files\Winamp\winampa.exe" [2006-10-25 07:37 35328] "Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" [2005-06-06 23:46 57344] "MBBalloon"="C:\Program Files\HOTALBUMMyBOX\MBBalloon.exe" [2006-12-15 11:45 787096] "PCSuiteTrayApplication"="C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe" [2007-06-18 15:10 271360] "HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2007-03-11 21:34 49152] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-03 22:44 15360] "ALUalert"="C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe" [2002-10-08 12:29 54880] "Nokia.PCSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-06-19 10:17 1241088] C:\Documents and Settings\dom\Menu Start\Programy\Autostart\ OpenOfficePL 2005 Home.lnk - C:\Program Files\OpenOfficePL2005 Home\program\quickstart.exe [2005-03-01 01:10:00 49229] C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\ MediaChecker.lnk - C:\Program Files\HOTALBUMMyBOX\MediaChecker.exe [2006-12-15 11:48:22 913560] HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2007-03-11 21:26:24 210520] [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "C:\\WINDOWS\\system32\\sessmgr.exe"= "C:\\Program Files\\BearShare\\BearShare.exe"= "C:\\Program Files\\Gadu-Gadu\\GG.EXE"= "C:\\Program Files\\HP\\Digital Imaging\\BIN\\HPQTRA08.EXE"= "C:\\Program Files\\HP\\Digital Imaging\\BIN\\hpqste08.exe"= "C:\\Program Files\\HP\\Digital Imaging\\BIN\\hposid01.exe"= "C:\\Program Files\\HP\\Digital Imaging\\BIN\\hpqscnvw.exe"= "C:\\Program Files\\HP\\Digital Imaging\\BIN\\hpqkygrp.exe"= "C:\\Program Files\\HP\\Digital Imaging\\BIN\\hpqnrs08.exe"= "C:\\Program Files\\Skype\\Phone\\Skype.exe"= "C:\\Program Files\\BitComet\\BitComet.exe"= "C:\\Program Files\\BitComet\\tools\\CometBrowser.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "22065:TCP"= 22065:TCP:BitComet 22065 TCP "22065:UDP"= 22065:UDP:BitComet 22065 UDP R0 PzWDM;PzWDM;C:\WINDOWS\system32\Drivers\PzWDM.sys [2008-01-06 12:13] R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-05-16 01:20] R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-05-16 01:16] S3 usbscan;Sterownik skanera USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 22:58] S3 USBSTOR;Sterownik magazynu masowego USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 23:08] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12 hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1c4cfa84-d285-11dc-9f15-0016178f5616}] \Shell\AutoRun\command - 6l6w8.com \Shell\explore\Command - 6l6w8.com \Shell\open\Command - 6l6w8.com . Contents of the 'Scheduled Tasks' folder "2008-06-09 21:54:40 C:\WINDOWS\Tasks\Symantec NetDetect.job" - C:\Program Files\Symantec\LiveUpdate\NDETECT.EXE . ************************************************************************** catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-06-09 23:54:31 Windows 5.1.2600 Dodatek Service Pack 2 FAT NTAPI scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . ------------------------ Other Running Processes ------------------------ . C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\ASHSERV.EXE C:\WINDOWS\SYSTEM32\NVSVC32.EXE C:\WINDOWS\system32\wdfmgr.exe C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\ASHMAISV.EXE C:\WINDOWS\system32\rundll32.exe C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\ASHWEBSV.EXE C:\Program Files\PC Connectivity Solution\ServiceLayer.exe C:\PROGRAM FILES\OPENOFFICEPL2005 HOME\PROGRAM\SOFFICE.EXE C:\Program Files\Skype\Plugin Manager\SkypePM.exe C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\HP\Smart Web Printing\hpswp_clipbook.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\Program Files\Mozilla Firefox\firefox.exe . ************************************************************************** . Completion time: 2008-06-09 23:57:43 - machine was rebooted [dom] ComboFix-quarantined-files.txt 2008-06-09 21:57:36 Pre-Run: 5,519,196,160 bajtów wolnych Post-Run: 5,756,583,936 bajt˘w wolnych 155
  3. olkkaa1986
    Mam taki problem, na mój komputer wkradł się jakis wirus, gdy przeglądam pliki na dysku wyświetla mi się komunikat Attention. Some dangerous Trojan horses detected in your system. Microsoft Windows XP files corrupted. This may lead to the destruction of important files in C:\Windows. Download protection software now! Click OK to download the antispyware. (Recommended)". Wyczytałam, że trzeba sprawdzic log czy jak to tam się nazywa. Wyszło tak: » Naciśnij aby pokazać/ukryć tekst oznaczony jako spoiler « - HijackThis Logfile of HijackThis v1.99.1 Scan saved at 22:47:55, on 2008-06-09 Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\userinit.exe C:\WINDOWS\Explorer.EXE C:\Documents and Settings\dom\Pulpit\Ola\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.bearshare.com/pl/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Smart Web Printing\hpswp_printenhancer.dll O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: My Global Search Bar BHO - {37B85A21-692B-4205-9CAD-2626E4993404} - C:\Program Files\MyGlobalSearch\bar\1.bin\MGSBAR.DLL O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.11.30.dll O2 - BHO: SVC plugin - {50AB4474-F8B5-4F66-BAC5-4251E765B827} - C:\WINDOWS\tusant8x.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O3 - Toolbar: My Global Search Bar - {37B85A29-692B-4205-9CAD-2626E4993404} - C:\Program Files\MyGlobalSearch\bar\1.bin\MGSBAR.DLL O4 - HKLM\..\Run: [skyTel] SkyTel.EXE O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" O4 - HKLM\..\Run: [bearShare] "C:\Program Files\BearShare\BearShare.exe" /pause O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [MBBalloon] C:\Program Files\HOTALBUMMyBOX\MBBalloon.exe O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe" O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033 O4 - HKCU\..\Run: [Gadu-Gadu] "C:\Program Files\Gadu-Gadu\gg.exe" /tray O4 - HKCU\..\Run: [bitComet] "C:\Program Files\BitComet\BitComet.exe" /tray O4 - Startup: OpenOfficePL 2005 Home.lnk = C:\Program Files\OpenOfficePL2005 Home\program\quickstart.exe O4 - Global Startup: MediaChecker.lnk = C:\Program Files\HOTALBUMMyBOX\MediaChecker.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra button: Kolekcja wycinków HP - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll O9 - Extra button: Zaznaczanie HP Smart - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll O9 - Extra button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.1.11.30.dll/206 (file missing) O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} (MksSkanerOnline Class) - http://www.mks.com.pl/skaner/SkanerOnline.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe Co usnąć ? Pomocy !!
×
×
  • Dodaj nową pozycję...