Skocz do zawartości
nappy

Niektóre Strony Nie ładują Się.

Przez nappy, w Centrum Bezpieczeństwa

Rekomendowane odpowiedzi

nappy Newbie

nappy

Opublikowano
Opublikowano

Ostatnio nie moge wejsc na wiele stron, myslalem, ze to wina chello (problemy z dnsami maja) ale po sprawdzeniu wszystkiego co sie da wyszlo, ze jednak wina lezy po stronie mojego komputera.

 

W kazdym razie:

 

Net z Chello, router D-Link 514 (;x), 3 kompy w sieci. Na Lapku (wifi) i drugim PC smiga wszystko idealnie, natomiast na moim nie dzialaja niektore strony (np google, purepc). Sprawdzalem rozne przegladarki, przelecialem sys avastem i adaware, sprawdzalem na roznych browserach - za kazdym razem to samo. Jakis syf to jest, IE wywala takie oto cudo:

 

Dołączona grafika

 

I probuje mnie zmusic do instalacji i skanu tym 'czyms'. Ponizej log z hijack.

 

Logfile of Trend Micro HijackThis v2.0.2Scan saved at 18:52:58, on 2008-08-18Platform: Windows XP Dodatek SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.16674)Boot mode: Normal Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Alwil Software\Avast4\aswUpdSv.exeC:\Program Files\Alwil Software\Avast4\ashServ.exeC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\Explorer.EXEC:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exeC:\WINDOWS\system32\RUNDLL32.EXEC:\Program Files\Razer\DeathAdder\razerhid.exeC:\WINDOWS\system32\kxmixer.exeC:\Program Files\Java\jre1.6.0_07\bin\jusched.exeC:\Program Files\HP\HP Software Update\HPWuSchd2.exeC:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exeC:\Program Files\Microsoft Office\Office12\GrooveMonitor.exeC:\Program Files\Autodesk\3dsMax8\mentalray\satellite\raysat_3dsmax8server.exeC:\WINDOWS\system32\Rundll32.exeC:\WINDOWS\system32\rundll32.exeC:\Program Files\Konnekt\konnekt.exeC:\WINDOWS\system32\ctfmon.exeD:\steam\steam.exeC:\WINDOWS\system32\nvsvc32.exeC:\WINDOWS\system32\svchost.exeC:\Program Files\HP\Digital Imaging\bin\hpqtra08.exeC:\Program Files\Razer\DeathAdder\razertra.exeC:\Program Files\Alwil Software\Avast4\ashMaiSv.exeC:\Program Files\Alwil Software\Avast4\ashWebSv.exeC:\Program Files\Razer\DeathAdder\razerofa.exeC:\WINDOWS\system32\wscntfy.exeC:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exeC:\Program Files\HP\Digital Imaging\Product Assistant\bin\hprblog.exeC:\Program Files\Windows Live\Messenger\usnsvc.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Last.fm\LastFM.exeD:\GammaAdjuster.exeC:\Program Files\Opera\opera.exeC:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.localR0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = ŁączaO4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exeO4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartupO4 - HKLM\..\Run: [nwiz] nwiz.exe /installO4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInitO4 - HKLM\..\Run: [DeathAdder] C:\Program Files\Razer\DeathAdder\razerhid.exeO4 - HKLM\..\Run: [kX Mixer] C:\WINDOWS\system32\kxmixer.exe --startupO4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exeO4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottimeO4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exeO4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"O4 - HKLM\..\Run: [ac101c98] rundll32.exe "C:\WINDOWS\system32\lngwgtbq.dll",bO4 - HKLM\..\Run: [BMaf232f04] Rundll32.exe "C:\WINDOWS\system32\gvamgjgp.dll",sO4 - HKCU\..\Run: [Konnekt] "C:\Program Files\Konnekt\konnekt.exe" /autostartO4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /backgroundO4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exeO4 - HKCU\..\Run: [Steam] "d:\steam\steam.exe" -silentO4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exeO8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dllO9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dllO9 - Extra button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dllO9 - Extra 'Tools' menuitem: Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dllO9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLLO9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exeO9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exeO9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO10 - Broken Internet access because of LSP provider 'c:\program files\bonjour\mdnsnsp.dll' missingO16 - DPF: {051D0E35-F4E3-4C8D-B411-AB0875F4C683} (Anark Client 4.0 ActiveX Control) - http://install.anark.com/client/version4/windows-ie/en/AMClient.cabO17 - HKLM\System\CS2\Services\Tcpip\..\{47FD8465-3FA3-4F87-9B85-3FACB35E59B1}: NameServer = 208.67.222.222,208.67.220.220O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLLO23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exeO23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exeO23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exeO23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exeO23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exeO23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exeO23 - Service: RaySat_3dsmax8 Server (mi-raysat_3dsmax8) - Unknown owner - C:\Program Files\Autodesk\3dsMax8\mentalray\satellite\raysat_3dsmax8server.exeO23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exeO23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe --End of file - 6976 bytes

pls help, bo mam internet w wersji demo bardziej okrojonej niz w Korei. 8O

Udostępnij tę odpowiedź

Odnośnik do odpowiedzi
Udostępnij na innych stronach
nappy Newbie

nappy

Opublikowano
Opublikowano (edytowane)

Ok, narazie doszedłem do tego, że po zabiciu procesu explorer.exe net hula aż miło... średnio to pocieszające, tym bardziej, że to 'oryginalny' i cała powłoka też zdycha 8O

 

Jak narazie nic nie wie co to za syf ;/

 

 

--

 

jeszcze jedno - strony ktore nie dzialaja mozna pingowac bez problemu.

Edytowane przez nappy

Udostępnij tę odpowiedź

Odnośnik do odpowiedzi
Udostępnij na innych stronach
nappy Newbie

nappy

Opublikowano
Opublikowano

Ave ComboFix 8O To małe cudo w 3 min zrobiło to czego nie zdołały naprawić dziesiątki skanerów.

 

(Odpaliłem CF, przeskanował, reboot, i pokazał log. Strony już śmigają ale wrzuce dla pewności).

 

ComboFix 08-08-18.04 - nappy 2008-08-19 14:39:08.1 - NTFSx86Microsoft Windows XP Professional  5.1.2600.3.1250.1.1045.18.574 [GMT 2:00]Running from: C:\Documents and Settings\nappy\Pulpit\system\ComboFix.exe * Created a new restore point[color=red][b]WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !![/b][/color].(((((((((((((((((((((((((((((((((((((((   Other Deletions   ))))))))))))))))))))))))))))))))))))))))))))))))).C:\Documents and Settings\nappy\UserDataC:\Documents and Settings\nappy\UserData\index.datC:\Documents and Settings\nappy\UserData\SX6FWX67\Tdy58[1].xmlC:\WINDOWS\BMaf232f04.txtC:\WINDOWS\BMaf232f04.xmlC:\WINDOWS\cookies.iniC:\WINDOWS\pskt.iniC:\WINDOWS\system32\bgporloc.exeC:\WINDOWS\system32\edaurrud.dllC:\WINDOWS\system32\gvamgjgp.dllC:\WINDOWS\system32\gvomdmem.dllC:\WINDOWS\system32\jrvgwyst.exeC:\WINDOWS\system32\lqnaclvp.iniC:\WINDOWS\system32\ltugpxnf.exeC:\WINDOWS\system32\orplfykv.iniC:\WINDOWS\system32\qbtgwgnl.iniC:\WINDOWS\system32\qqWGPXyb.iniC:\WINDOWS\system32\qqWGPXyb.ini2C:\WINDOWS\system32\riigkeua.iniC:\WINDOWS\system32\uvscayav.iniC:\WINDOWS\system32\yewvmlhr.exe.(((((((((((((((((((((((((   Files Created from 2008-07-19 to 2008-08-19  ))))))))))))))))))))))))))))))).2008-08-19 13:38 . 2008-08-19 13:41	<DIR>	d--------	C:\HaxFix2008-08-19 13:38 . 2008-08-19 13:38	466,502	--a------	C:\HaxFix.exe2008-08-19 11:19 . 2008-08-19 11:19	5,120	--ahs----	C:\WINDOWS\system32\Thumbs.db2008-08-19 01:27 . 2008-08-19 01:27	118	--a------	C:\WINDOWS\system32\MRT.INI2008-08-18 23:58 . 2008-08-18 23:57	102,664	--a------	C:\WINDOWS\system32\drivers\tmcomm.sys2008-08-18 23:57 . 2008-08-18 23:57	<DIR>	d--------	C:\WINDOWS\Sun2008-08-18 23:57 . 2008-08-18 23:58	<DIR>	d--------	C:\Documents and Settings\nappy\.housecall6.62008-08-18 23:54 . 2008-08-18 23:54	<DIR>	d--------	C:\WINDOWS\system32\Kaspersky Lab2008-08-18 23:54 . 2008-08-18 23:54	<DIR>	d--------	C:\Documents and Settings\All Users\Dane aplikacji\Kaspersky Lab2008-08-18 23:27 . 2007-09-06 00:22	289,144	--a------	C:\WINDOWS\system32\VCCLSID.exe2008-08-18 23:27 . 2006-04-27 17:49	288,417	--a------	C:\WINDOWS\system32\SrchSTS.exe2008-08-18 23:27 . 2008-05-29 09:35	86,528	--a------	C:\WINDOWS\system32\VACFix.exe2008-08-18 23:27 . 2008-05-18 21:40	82,944	--a------	C:\WINDOWS\system32\IEDFix.exe2008-08-18 23:27 . 2008-08-14 21:52	82,432	--a------	C:\WINDOWS\system32\IEDFix.C.exe2008-08-18 23:27 . 2008-08-18 12:19	82,432	--a------	C:\WINDOWS\system32\404Fix.exe2008-08-18 23:27 . 2003-06-05 21:13	53,248	--a------	C:\WINDOWS\system32\Process.exe2008-08-18 23:27 . 2004-07-31 18:50	51,200	--a------	C:\WINDOWS\system32\dumphive.exe2008-08-18 23:27 . 2007-10-04 00:36	25,600	--a------	C:\WINDOWS\system32\WS2Fix.exe2008-08-18 22:11 . 2008-08-19 13:44	2,980	--a------	C:\WINDOWS\system32\tmp.reg2008-08-18 22:09 . 2008-08-18 23:41	<DIR>	d--------	C:\Documents and Settings\nappy\SmitfraudFix2008-08-18 14:30 . 2008-08-18 14:30	<DIR>	d--------	C:\Program Files\Trend Micro2008-08-16 20:44 . 2008-08-16 20:44	<DIR>	d--------	C:\Documents and Settings\nappy\Dane aplikacji\Toribash2008-08-12 02:44 . 2008-08-12 02:44	<DIR>	d--------	C:\Program Files\Neat Image2008-08-08 02:27 . 2008-08-08 02:27	<DIR>	d--h-----	C:\WINDOWS\PIF2008-08-07 23:43 . 2008-08-07 23:43	<DIR>	d--h-----	C:\WINDOWS\system32\sysdatcus2008-08-06 23:52 . 2008-08-06 23:52	<DIR>	d--------	C:\Program Files\Anark2008-08-06 23:52 . 2006-11-22 15:27	212,992	--a------	C:\WINDOWS\system32\AKCPanel.cpl2008-08-06 18:48 . 2008-08-06 18:48	<DIR>	d--------	C:\Program Files\Chaos Group2008-08-04 13:08 . 2008-08-04 13:08	<DIR>	d--------	C:\WINDOWS\system32\LogFiles2008-08-03 21:14 . 2008-04-14 22:50	219,648	--a------	C:\WINDOWS\system32\uxtheme.uxtender2008-08-02 12:05 . 2008-04-14 22:51	221,184	--a------	C:\WINDOWS\system32\wmpns.dll2008-07-29 18:58 . 2008-07-29 18:59	<DIR>	d--------	C:\Program Files\Macromedia2008-07-29 18:58 . 2008-07-29 18:59	<DIR>	d--------	C:\Program Files\Common Files\Macromedia2008-07-29 17:18 . 2008-07-29 17:18	<DIR>	d--------	C:\Program Files\HDDGURU LLF Tool2008-07-29 16:51 . 2008-07-29 16:51	<DIR>	d--------	C:\Program Files\PowerQuest2008-07-28 12:51 . 2008-07-28 12:51	<DIR>	d--------	C:\Documents and Settings\nappy\Dane aplikacji\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.12008-07-26 16:02 . 2008-08-18 14:35	<DIR>	d--------	C:\Program Files\Real Alternative2008-07-26 16:00 . 2008-07-26 16:00	<DIR>	d--------	C:\Documents and Settings\nappy\Dane aplikacji\vlc2008-07-26 15:46 . 2008-07-26 15:46	<DIR>	d--------	C:\Program Files\VideoLAN2008-07-26 15:46 . 2008-07-26 15:46	<DIR>	d--------	C:\Documents and Settings\nappy\Dane aplikacji\Media Player Classic2008-07-26 05:05 . 2008-07-31 11:24	<DIR>	d--------	C:\Program Files\NAPI-PROJEKT2008-07-24 04:25 . 2008-07-24 04:25	<DIR>	d--------	C:\Program Files\Peer2Mail2008-07-23 20:26 . 2008-07-23 20:26	<DIR>	d--------	C:\Program Files\Common Files\Adobe AIR2008-07-23 17:10 . 2008-07-23 17:11	<DIR>	d--------	C:\WINDOWS\system32\XPSViewer2008-07-23 17:10 . 2008-07-23 17:10	<DIR>	d--------	C:\Program Files\Reference Assemblies2008-07-23 17:09 . 2006-06-29 13:07	14,048	---------	C:\WINDOWS\system32\spmsg2.dll2008-07-23 03:02 . 2008-07-23 03:02	<DIR>	d--------	C:\Program Files\Microsoft CAPICOM 2.1.0.22008-07-23 03:01 . 2008-07-23 03:01	<DIR>	d--------	C:\Program Files\MSXML 4.02008-07-23 02:28 . 2008-07-23 02:29	<DIR>	d--------	C:\Documents and Settings\nappy\Dane aplikacji\Ventrilo2008-07-23 02:27 . 2008-07-23 02:27	<DIR>	d--------	C:\Program Files\VentriloMIX2008-07-23 00:21 . 2008-07-23 00:21	<DIR>	d--------	C:\joomlaPE2008-07-22 23:28 . 2008-07-24 00:20	<DIR>	d--------	C:\Program Files\Autodesk2008-07-22 23:10 . 2008-07-24 00:20	<DIR>	d--------	C:\Program Files\Common Files\Autodesk Shared2008-07-22 23:10 . 2008-07-24 00:21	<DIR>	d--------	C:\Documents and Settings\All Users\Dane aplikacji\Autodesk2008-07-22 20:42 . 2008-07-22 20:42	<DIR>	d--------	C:\Program Files\Common Files\ChaosGroup2008-07-22 20:40 . 2008-08-19 13:20	49	--a------	C:\WINDOWS\NeroDigital.ini2008-07-22 19:18 . 2005-05-26 15:34	2,297,552	--a------	C:\WINDOWS\system32\d3dx9_26.dll2008-07-22 18:55 . 2008-06-23 18:42	6,066,176	-----c---	C:\WINDOWS\system32\dllcache\ieframe.dll2008-07-22 18:55 . 2007-04-17 11:32	2,455,488	-----c---	C:\WINDOWS\system32\dllcache\ieapfltr.dat2008-07-22 18:55 . 2007-03-08 07:11	1,036,288	-----c---	C:\WINDOWS\system32\dllcache\ieframe.dll.mui2008-07-22 18:55 . 2008-06-23 18:42	459,264	-----c---	C:\WINDOWS\system32\dllcache\msfeeds.dll2008-07-22 18:55 . 2008-06-23 18:42	383,488	-----c---	C:\WINDOWS\system32\dllcache\ieapfltr.dll2008-07-22 18:55 . 2008-06-23 18:42	267,776	-----c---	C:\WINDOWS\system32\dllcache\iertutil.dll2008-07-22 18:55 . 2008-06-23 18:42	63,488	-----c---	C:\WINDOWS\system32\dllcache\icardie.dll2008-07-22 18:55 . 2008-06-23 18:42	52,224	-----c---	C:\WINDOWS\system32\dllcache\msfeedsbs.dll2008-07-22 18:55 . 2008-06-23 11:20	13,824	-----c---	C:\WINDOWS\system32\dllcache\ieudinit.exe2008-07-22 18:47 . 2006-10-26 19:56	32,592	--a------	C:\WINDOWS\system32\msonpmon.dll2008-07-22 18:46 . 2008-07-22 18:46	<DIR>	d--------	C:\Program Files\Microsoft Works2008-07-22 18:45 . 2008-07-23 17:10	<DIR>	d--------	C:\Program Files\MSBuild2008-07-22 18:43 . 2008-08-19 11:19	<DIR>	d--------	C:\WINDOWS\SHELLNEW2008-07-22 18:42 . 2008-07-22 18:42	<DIR>	dr-h-----	C:\MSOCache2008-07-22 18:42 . 2008-08-19 01:28	<DIR>	d--------	C:\Documents and Settings\All Users\Dane aplikacji\Microsoft Help2008-07-22 18:36 . 2008-07-22 18:36	<DIR>	d--------	C:\Program Files\Common Files\HP2008-07-22 18:36 . 2008-07-22 18:36	<DIR>	d--------	C:\Documents and Settings\All Users\Dane aplikacji\HP2008-07-22 18:34 . 2008-07-22 18:34	<DIR>	d--------	C:\Program Files\Hewlett-Packard2008-07-22 18:34 . 2008-07-22 18:34	<DIR>	d--------	C:\Program Files\Common Files\Hewlett-Packard2008-07-22 18:33 . 2005-03-08 06:43	51,120	-ra------	C:\WINDOWS\system32\drivers\HPZid412.sys2008-07-22 18:33 . 2005-03-08 06:43	16,496	-ra------	C:\WINDOWS\system32\drivers\HPZipr12.sys2008-07-22 18:32 . 2005-03-08 06:43	21,744	-ra------	C:\WINDOWS\system32\drivers\HPZius12.sys2008-07-22 18:32 . 2008-04-14 00:15	15,104	--a------	C:\WINDOWS\system32\drivers\usbscan.sys2008-07-22 18:32 . 2008-04-14 00:15	15,104	--a--c---	C:\WINDOWS\system32\dllcache\usbscan.sys2008-07-22 18:31 . 1998-10-29 16:45	306,688	--a------	C:\WINDOWS\IsUninst.exe2008-07-22 18:31 . 2004-09-29 12:12	278,584	--a------	C:\WINDOWS\system32\HPZidr12.dll2008-07-22 18:31 . 2004-09-29 12:15	204,800	--a------	C:\WINDOWS\system32\HPZipr12.dll2008-07-22 18:31 . 2004-09-29 12:09	94,208	--a------	C:\WINDOWS\system32\HPZipt12.dll2008-07-22 18:31 . 2004-09-29 12:14	69,632	--a------	C:\WINDOWS\system32\HPZipm12.exe2008-07-22 18:31 . 2004-09-29 12:08	61,440	--a------	C:\WINDOWS\system32\HPZinw12.exe2008-07-22 18:31 . 2004-09-29 12:09	57,344	--a------	C:\WINDOWS\system32\HPZisn12.dll2008-07-22 18:28 . 2008-07-22 18:36	<DIR>	d--------	C:\Program Files\HP2008-07-22 18:28 . 2008-04-14 00:17	25,856	--a------	C:\WINDOWS\system32\drivers\usbprint.sys2008-07-22 18:28 . 2008-04-14 00:17	25,856	--a--c---	C:\WINDOWS\system32\dllcache\usbprint.sys2008-07-22 18:25 . 2008-07-22 18:37	113,548	--a------	C:\WINDOWS\hpoins07.dat2008-07-22 18:25 . 2005-05-24 10:22	21,124	---------	C:\WINDOWS\hpomdl07.dat2008-07-22 18:24 . 2008-07-22 18:24	<DIR>	d--------	C:\Documents and Settings\nappy\Dane aplikacji\HP2008-07-22 15:22 . 2008-07-24 18:47	187	--a------	C:\WINDOWS\wcx_ftp.ini2008-07-22 04:04 . 2008-07-22 04:04	4	--a------	C:\WINDOWS\system32\ulfconfig0103.ulf2008-07-22 04:01 . 2008-07-29 18:58	<DIR>	d--------	C:\WINDOWS\Downloaded Installations2008-07-22 04:01 . 2008-07-22 04:01	<DIR>	d--------	C:\Program Files\Pixologic2008-07-22 03:48 . 2008-07-22 03:48	<DIR>	d--------	C:\Program Files\Java2008-07-22 03:48 . 2008-07-22 03:48	<DIR>	d--------	C:\Program Files\Common Files\Java2008-07-22 03:48 . 2008-06-10 02:32	73,728	--a------	C:\WINDOWS\system32\javacpl.cpl2008-07-22 03:36 . 2008-07-22 20:38	<DIR>	d-a------	C:\Documents and Settings\All Users\Dane aplikacji\TEMP2008-07-22 03:35 . 2008-07-22 03:35	<DIR>	d--------	C:\Program Files\Silo 2.0.62008-07-22 01:58 . 2008-07-22 01:58	<DIR>	d--------	C:\Documents and Settings\nappy\Dane aplikacji\Apple Computer2008-07-22 01:56 . 2008-07-22 01:57	<DIR>	d--------	C:\Program Files\QuickTime2008-07-22 01:56 . 2008-07-22 01:56	<DIR>	d--------	C:\Program Files\Apple Software Update2008-07-22 01:56 . 2008-08-11 15:43	<DIR>	d--------	C:\Documents and Settings\All Users\Dane aplikacji\Apple Computer2008-07-22 01:56 . 2008-07-22 01:56	<DIR>	d--------	C:\Documents and Settings\All Users\Dane aplikacji\Apple2008-07-21 23:57 . 2008-07-21 23:57	<DIR>	d--------	C:\Documents and Settings\nappy\Dane aplikacji\HateML2008-07-21 23:07 . 2007-07-30 19:19	271,224	--a------	C:\WINDOWS\system32\mucltui.dll2008-07-21 23:07 . 2007-07-30 19:19	207,736	--a------	C:\WINDOWS\system32\muweb.dll2008-07-21 23:07 . 2007-07-30 19:18	30,072	--a------	C:\WINDOWS\system32\mucltui.dll.mui2008-07-21 22:57 . 2008-07-21 22:57	<DIR>	d--------	C:\Program Files\uTorrent2008-07-21 22:57 . 2008-08-12 15:20	<DIR>	d--------	C:\Documents and Settings\nappy\Dane aplikacji\uTorrent2008-07-21 22:51 . 2008-07-22 15:21	<DIR>	d--------	C:\Program Files\totalcmd2008-07-21 22:51 . 2008-08-19 13:24	7,168	--ahs----	C:\WINDOWS\Thumbs.db2008-07-21 22:51 . 2008-07-31 01:32	3,070	--a------	C:\WINDOWS\wincmd.ini2008-07-21 22:51 . 2008-04-22 07:03	545	--a------	C:\WINDOWS\UC.PIF2008-07-21 22:51 . 2008-04-22 07:03	545	--a------	C:\WINDOWS\RAR.PIF2008-07-21 22:51 . 2008-04-22 07:03	545	--a------	C:\WINDOWS\PKZIP.PIF2008-07-21 22:51 . 2008-04-22 07:03	545	--a------	C:\WINDOWS\PKUNZIP.PIF2008-07-21 22:51 . 2008-04-22 07:03	545	--a------	C:\WINDOWS\NOCLOSE.PIF2008-07-21 22:51 . 2008-04-22 07:03	545	--a------	C:\WINDOWS\LHA.PIF2008-07-21 22:51 . 2008-04-22 07:03	545	--a------	C:\WINDOWS\ARJ.PIF2008-07-21 22:48 . 2008-07-21 22:48	<DIR>	d--------	C:\Program Files\Migajek Software.((((((((((((((((((((((((((((((((((((((((   Find3M Report   )))))))))))))))))))))))))))))))))))))))))))))))))))).2008-07-29 14:52	---------	d--h--w	C:\Program Files\InstallShield Installation Information2008-07-21 01:53	---------	d-----w	C:\Program Files\Realtek2008-07-21 01:53	---------	d-----w	C:\Documents and Settings\nappy\Dane aplikacji\InstallShield2008-07-21 01:50	---------	d-----w	C:\Program Files\Intel2008-07-21 01:35	---------	d-----w	C:\Program Files\microsoft frontpage2008-07-21 01:34	---------	d-----w	C:\Program Files\Usługi online2008-06-20 11:51	361,600	----a-w	C:\WINDOWS\system32\drivers\tcpip.sys2008-06-20 11:40	138,496	----a-w	C:\WINDOWS\system32\drivers\afd.sys2008-06-20 11:08	225,856	----a-w	C:\WINDOWS\system32\drivers\tcpip6.sys.(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))..*Note* empty entries & legit default entries are not shown REGEDIT4[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"Konnekt"="C:\Program Files\Konnekt\konnekt.exe" [2005-05-24 23:41 503808]"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 11:34 5724184]"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-14 22:51 15360]"Steam"="d:\steam\steam.exe" [2008-05-21 14:51 1271032][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2008-05-16 14:01 13529088]"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2008-05-16 14:01 86016]"DeathAdder"="C:\Program Files\Razer\DeathAdder\razerhid.exe" [2007-09-07 15:54 159744]"kX Mixer"="C:\WINDOWS\system32\kxmixer.exe" [2008-04-05 01:10 500224]"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 10:50 155648]"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2008-05-27 10:50 413696]"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 04:27 144784]"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2005-05-11 23:12 49152]"GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-27 00:47 31016]"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 02:38 34672]"nwiz"="nwiz.exe" [2008-05-16 14:01 1630208 C:\WINDOWS\system32\nwiz.exe]C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2005-05-11 23:23:26 282624][HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\system32\\sessmgr.exe"="C:\\Program Files\\Konnekt\\konnekt.exe"="C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\uTorrent\\uTorrent.exe"="C:\\Program Files\\Migajek Software\\HateML\\DbgListener\\DbgListener.exe"="C:\\Program Files\\totalcmd\\TOTALCMD.EXE"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"="C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"="C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"="C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"="C:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"="C:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"="D:\\steam\\steamapps\\nappy_byd\\counter-strike\\hl.exe"="C:\\Program Files\\Autodesk\\backburner\\monitor.exe"="C:\\Program Files\\Autodesk\\backburner\\manager.exe"="C:\\Program Files\\Autodesk\\backburner\\server.exe"="D:\\steam\\steamapps\\tog24\\counter-strike source\\hl2.exe"="C:\\Program Files\\Chaos Group\\V-Ray\\3dsmax R8 for x86\\vrlserver.exe"=R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-05-16 01:20]R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-05-16 01:16]R3 DAdderFltr;DeathAdder Mouse;C:\WINDOWS\system32\drivers\dadder.sys [2007-08-02 17:32]R3 kxwdmdrv;kX WDM Driver Service;C:\WINDOWS\system32\drivers\kx.sys [2008-04-05 01:10].Contents of the 'Scheduled Tasks' folder2008-07-21 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job- C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2008-04-11 17:57].- - - - ORPHANS REMOVED - - - -BHO-{C99F3B85-7415-407F-84C3-151A48C9C484} - C:\WINDOWS\system32\byXPGWqq.dllHKLM-Run-BMaf232f04 - C:\WINDOWS\system32\gvamgjgp.dllNotify-byXPJdee - byXPJdee.dll.------- Supplementary Scan -------.R1 -: HKCU-Internet Settings,ProxyOverride = *.localO8 -: E&ksportuj do programu Microsoft Excel - C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000O16 -: {051D0E35-F4E3-4C8D-B411-AB0875F4C683} - hxxp://install.anark.com/client/version4/windows-ie/en/AMClient.cabC:\WINDOWS\Downloaded Program Files\InstallClient.infO16 -: {193C772A-87BE-4B19-A7BB-445B226FE9A1} - hxxp://downloads.ewido.net/ewidoOnlineScan.cabC:\WINDOWS\Downloaded Program Files\ewidoOnlineScan.dll.**************************************************************************catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.netRootkit scan 2008-08-19 14:42:18Windows 5.1.2600 Dodatek Service Pack 3 NTFSscanning hidden processes ... scanning hidden autostart entries ...scanning hidden files ... scan completed successfullyhidden files: 0**************************************************************************.------------------------ Other Running Processes ------------------------.C:\Program Files\Alwil Software\Avast4\aswUpdSv.exeC:\Program Files\Alwil Software\Avast4\ashServ.exeC:\WINDOWS\system32\rundll32.exeC:\Program Files\Razer\DeathAdder\razertra.exeC:\Program Files\Razer\DeathAdder\razerofa.exeC:\Program Files\HP\Digital Imaging\bin\hpqste08.exeC:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exeC:\Program Files\Autodesk\3dsMax8\mentalray\satellite\raysat_3dsmax8server.exeC:\WINDOWS\system32\nvsvc32.exeC:\Program Files\Alwil Software\Avast4\ashMaiSv.exeC:\Program Files\Alwil Software\Avast4\ashWebSv.exeC:\Program Files\HP\Digital Imaging\Product Assistant\bin\hprblog.exeC:\Program Files\Windows Live\Messenger\usnsvc.exe.**************************************************************************.Completion time: 2008-08-19 14:45:18 - machine was rebootedComboFix-quarantined-files.txt  2008-08-19 12:45:02Pre-Run: 8,048,373,760 bajtów wolnychPost-Run: 8,218,734,592 bajt˘w wolnych282	--- E O F ---	2008-08-18 23:28:12

Udostępnij tę odpowiedź

Odnośnik do odpowiedzi
Udostępnij na innych stronach

Dołącz do dyskusji

Możesz dodać zawartość już teraz a zarejestrować się później. Jeśli posiadasz już konto, zaloguj się aby dodać zawartość za jego pomocą.

Gość
Dodaj odpowiedź do tematu...

×   Wklejono zawartość z formatowaniem.   Przywróć formatowanie

  Dozwolonych jest tylko 75 emoji.

×   Odnośnik został automatycznie osadzony.   Przywróć wyświetlanie jako odnośnik

×   Przywrócono poprzednią zawartość.   Wyczyść edytor

×   Nie możesz bezpośrednio wkleić grafiki. Dodaj lub załącz grafiki z adresu URL.

Ładowanie
×
Tematy
×
×
  • Dodaj nową pozycję...