Skocz do zawartości




Zdjęcie

Problem z explorer.exe


  • Zaloguj się, aby dodać odpowiedź
5 odpowiedzi w tym temacie

Katalogi.pl

Katalogi.pl
  • Bywalec

#1 maximusXII

maximusXII

    1

  • Members
  • PipPip
  • 14 postów

Napisano 24 grudzień 2007 - 11:49

Problem w tym ze zawiesza mi sie dosc czesto explorer.exe i musze uruchmiac go w menadzerze urzadzen Prosze pomozcie mi wklejam tu log myle ze to jaki wirus POMOCY !!!!


Logfile of HijackThis v1.99.1
Scan saved at 11:49:41, on 2007-12-24
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Vista Drive Icon\DrvIcon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\BitTorrent_DNA\dna.exe
C:\Program Files\BitTorrent\bittorrent.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\PC-TV\WinManager\WinManager.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\WapSter\AQQ\AQQ.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Dom\Pulpit\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Winamp Toolbar BHO - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: IE to GetRight Helper - {31FF080D-12A3-439A-A2EF-4BA95A3148E8} - C:\Program Files\GetRight\xx2gr.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O3 - Toolbar: (no name) - {37B85A29-692B-4205-9CAD-2626E4993404} - (no file)
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [BootSkin Startup Jobs] "C:\PROGRA~1\Stardock\WINCUS~1\BootSkin\BootSkin.exe" /StartupJobs
O4 - HKLM\..\Run: [LogonStudio] "C:\Program Files\WinCustomize\LogonStudio\logonstudio.exe" /RANDOM
O4 - HKLM\..\Run: [DrvIcon] C:\Program Files\Vista Drive Icon\DrvIcon.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\BitTorrent_DNA\dna.exe"
O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - Startup: Thoosje Sidebar.lnk = C:\Program Files\Thoosje Sidebar V2.3\Thoosje Vista Sidebar.exe
O4 - Global Startup: WinManager.lnk = C:\Program Files\PC-TV\WinManager\WinManager.exe
O8 - Extra context menu item: &Winamp Toolbar Search - C:\Documents and Settings\All Users\Dane aplikacji\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: Download with GetRight - C:\Program Files\GetRight\GRdownload.htm
O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Open with GetRight Browser - C:\Program Files\GetRight\GRbrowse.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} (MksSkanerOnline Class) - http://www.mks.com.p...kanerOnline.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O20 - Winlogon Notify: WBSrv - C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbsrv.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe








#2 maximusXII

maximusXII

    1

  • Members
  • PipPip
  • 14 postów

Napisano 24 grudzień 2007 - 11:58

Dolanczam log z combofix'a


ComboFix 07-12-21.4 - Dom 2007-12-24 11:53:28.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1250.1.1045.18.807 [GMT 1:00]
Running from: C:\Downloads\ComboFix.exe
* Created a new restore point
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Program Files\myglobalsearch

.
((((((((((((((((((((((((( Files Created from 2007-11-24 to 2007-12-24 )))))))))))))))))))))))))))))))
.

2007-12-23 22:18 . 2007-12-23 22:18 d-------- C:\Program Files\Deluxe Ski Jump 3
2007-12-22 16:43 . 2007-12-22 16:43 d-------- C:\Program Files\Vista Drive Icon
2007-12-22 16:42 . 2007-12-22 17:18 d-------- C:\Program Files\Thoosje Sidebar V2.3
2007-12-22 16:32 . 2007-12-24 09:38 24 --a------ C:\WINDOWS\LogonStudio.ini
2007-12-22 16:31 . 2007-12-22 16:31 d-------- C:\Program Files\WinCustomize
2007-12-22 16:31 . 2000-05-17 09:52 187,392 --a------ C:\WINDOWS\system32\JPGUtils.dll
2007-12-22 16:30 . 2007-12-22 16:34 d-------- C:\Program Files\Common Files\Stardock
2007-12-22 16:30 . 2007-12-22 16:31 163,712 --a------ C:\WINDOWS\system32\drivers\vidstub.sys
2007-12-22 00:16 . 2007-12-22 00:16 72 --a------ C:\WINDOWS\WB.ini
2007-12-22 00:08 . 2007-12-22 16:30 d-------- C:\Program Files\Stardock
2007-12-22 00:08 . 2003-02-26 20:27 36,864 --a------ C:\WINDOWS\system32\wbsys.dll
2007-12-22 00:08 . 2005-01-22 18:05 20,480 --a------ C:\WINDOWS\system32\wbload.dll
2007-12-21 17:16 . 2007-12-21 17:16 d-------- C:\Program Files\Winamp Toolbar
2007-12-21 17:16 . 2007-12-21 17:16 d-------- C:\Documents and Settings\All Users\Dane aplikacji\Winamp Toolbar
2007-12-21 17:16 . 2007-12-21 17:16 d-------- C:\Documents and Settings\All Users\Dane aplikacji\OrbNetworks
2007-12-21 17:15 . 2007-12-21 17:16 d-------- C:\Program Files\Winamp Remote
2007-12-21 16:48 . 2007-12-21 16:48 d-------- C:\WINDOWS\[u]0[/u]48298C9A4D3490B9FF9AB023A9238F3.TMP
2007-12-21 16:47 . 2007-12-21 16:47 d-------- C:\Documents and Settings\Dom\Dane aplikacji\TrueCrypt
2007-12-20 18:29 . 2007-12-20 18:29 d-------- C:\INTERsoft
2007-12-20 15:30 . 2007-12-20 15:31 d-------- C:\Documents and Settings\Dom\Dane aplikacji\ViStart
2007-12-20 15:28 . 2007-12-21 16:50 d-------- C:\WINDOWS\system32\VIRepair
2007-12-20 15:28 . 2007-12-21 16:47 d-------- C:\Program Files\WinFlip
2007-12-20 15:28 . 2007-12-21 16:47 d-------- C:\Program Files\VisualTooltip
2007-12-20 15:28 . 2007-12-21 16:47 d-------- C:\Program Files\ViStart
2007-12-20 15:28 . 2007-12-21 16:47 d-------- C:\Program Files\Vista Sidebar
2007-12-20 15:28 . 2007-12-21 16:47 d-------- C:\Program Files\ViOrb
2007-12-20 15:28 . 2007-12-21 16:47 d-------- C:\Program Files\TrueTransparency
2007-12-20 15:28 . 2007-12-21 16:47 d-------- C:\Program Files\Styler
2007-12-20 15:28 . 2007-12-21 16:47 d-------- C:\Program Files\LClock(2)
2007-12-20 15:28 . 2007-11-25 22:11 49,208 --a------ C:\WINDOWS\system32\vistartup.bmp
2007-12-20 14:39 . 2007-12-21 16:50 d-------- C:\VTPFiles
2007-12-20 14:38 . 2007-12-21 16:48 d-------- C:\Program Files\TopDesk
2007-12-20 14:34 . 2004-09-03 23:43 199 --a------ C:\WINDOWS\system32\paypal.url
2007-12-20 14:34 . 2006-05-26 22:54 83 --a------ C:\WINDOWS\system32\winx.url
2007-12-19 21:35 . 2007-12-19 21:35 d-------- C:\Program Files\Broderbund
2007-12-18 16:41 . 2007-12-18 16:41 d-------- C:\Program Files\Google
2007-12-18 13:32 . 2007-12-21 16:48 d-------- C:\Program Files\Steam
2007-12-18 12:34 . 2007-12-24 11:52 d-------- C:\Downloads
2007-12-17 20:29 . 2007-12-17 20:29 d-------- C:\Program Files\Total Video Converter
2007-12-17 20:29 . 2000-05-22 22:58 608,448 --a------ C:\WINDOWS\system32\comctl32.ocx
2007-12-17 12:19 . 2007-12-17 12:20 978 --a------ C:\WINDOWS\unins000.dat
2007-12-16 12:53 . 2007-05-03 21:22 188,672 --a------ C:\WINDOWS\system32\drivers\truecrypt.sys
2007-12-16 12:52 . 2007-12-21 16:47 d-------- C:\Program Files\TrueCrypt
2007-12-15 10:44 . 2007-12-15 10:44 d-------- C:\Program Files\Smart Projects
2007-12-15 10:40 . 2007-12-15 10:41 d-------- C:\Program Files\MagicISO
2007-12-14 20:36 . 2007-12-14 20:36 d-------- C:\Documents and Settings\All Users\Dane aplikacji\Age of Empires 3
2007-12-14 12:54 . 2007-12-14 12:56 d-------- C:\ddddddddddddddddd
2007-12-14 11:38 . 2007-12-14 11:38 d-------- C:\Program Files\OpenAL
2007-12-14 11:38 . 2007-12-14 11:38 413,696 --a------ C:\WINDOWS\system32\wrap_oal.dll
2007-12-14 11:38 . 2007-12-14 11:38 110,592 --a------ C:\WINDOWS\system32\OpenAL32.dll
2007-12-13 16:21 . 2007-12-13 16:21 d-------- C:\Program Files\Audacity
2007-12-13 15:50 . 2007-12-13 15:58 d-------- C:\Program Files\Fma
2007-12-13 15:50 . 2007-12-13 15:50 d-------- C:\Documents and Settings\Dom\Dane aplikacji\FMA
2007-12-10 16:31 . 2007-12-10 16:31 0 --a------ C:\WINDOWS\system32\SBRC.dat
2007-12-10 16:31 . 2007-12-10 16:31 0 --a------ C:\WINDOWS\system32\SBFC.dat
2007-12-10 15:39 . 2007-12-10 15:39 d-------- C:\Documents and Settings\Dom\Dane aplikacji\Sunbelt Software
2007-12-09 17:01 . 2007-12-09 17:20 d-------- C:\Program Files\Prawo Jazdy
2007-12-08 19:57 . 2007-12-08 19:57 d-------- C:\Documents and Settings\All Users\Dane aplikacji\Kaspersky Lab Setup Files
2007-12-08 14:57 . 2007-12-08 14:57 d-------- C:\Program Files\BearShare
2007-12-07 20:49 . 2007-12-07 20:49 d-------- C:\Program Files\Gadu-Gadu
2007-12-07 20:08 . 2007-12-07 20:08 d-------- C:\WINDOWS\Sun
2007-12-07 18:22 . 2007-12-07 18:22 d-------- C:\Program Files\Microsoft Virtual PC
2007-12-06 19:58 . 2007-12-06 21:24 d-------- C:\Documents and Settings\All Users\Dane aplikacji\Spybot - Search & Destroy
2007-12-06 18:39 . 2007-12-06 18:39 d-------- C:\Documents and Settings\Dom\Dane aplikacji\Grisoft
2007-12-06 18:39 . 2007-12-06 18:39 d-------- C:\Documents and Settings\All Users\Dane aplikacji\Grisoft
2007-12-06 18:39 . 2007-05-30 13:10 10,872 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
2007-12-06 13:07 . 2007-12-06 13:07 164 --a------ C:\install.dat
2007-12-06 13:05 . 2007-12-06 13:05 d-------- C:\Program Files\DaemonTools_WhenUSave_Installer
2007-12-06 13:05 . 2007-12-06 13:11 d-------- C:\Program Files\DAEMON Tools
2007-12-06 13:01 . 2006-11-29 13:06 3,426,072 --a------ C:\WINDOWS\system32\d3dx9_32.dll
2007-12-06 13:01 . 2007-12-06 13:01 1,957,672 --a------ C:\WINDOWS\system32\pbsvc.exe
2007-12-06 13:01 . 2006-12-08 12:02 251,672 --a------ C:\WINDOWS\system32\xactengine2_5.dll
2007-12-06 13:01 . 2007-12-06 13:01 103,736 --a------ C:\WINDOWS\system32\PnkBstrB.exe
2007-12-06 13:01 . 2007-12-06 13:01 66,872 --a------ C:\WINDOWS\system32\PnkBstrA.exe
2007-12-06 13:01 . 2007-12-06 13:01 22,328 --a------ C:\WINDOWS\system32\drivers\PnkBstrK.sys
2007-12-06 13:01 . 2007-12-06 13:01 22,328 --a------ C:\Documents and Settings\Dom\Dane aplikacji\PnkBstrK.sys
2007-12-06 13:01 . 2006-11-15 11:38 15,128 --a------ C:\WINDOWS\system32\x3daudio1_1.dll
2007-12-06 12:24 . 2007-09-24 23:31 69,632 --a------ C:\WINDOWS\system32\javacpl.cpl
2007-12-06 12:23 . 2007-12-06 12:24 d-------- C:\Program Files\Java
2007-12-06 12:18 . 2007-12-06 12:18 d-------- C:\Program Files\Common Files\Java
2007-12-05 17:43 . 2007-12-10 17:00 d-------- C:\Program Files\The KMPlayer
2007-12-05 17:34 . 2007-12-05 17:35 d-------- C:\Program Files\NAPI-PROJEKT
2007-12-04 21:31 . 2007-12-04 21:31 d-------- C:\Program Files\Arjaloc
2007-12-04 17:55 . 2007-12-04 17:55 230 --a------ C:\WINDOWS\system32\spupdsvc.inf
2007-12-04 16:16 . 2007-12-05 20:08 d-a------ C:\Documents and Settings\All Users\Dane aplikacji\TEMP
2007-12-04 16:15 . 2005-09-23 08:29 626,688 --a------ C:\WINDOWS\system32\msvcr80.dll
2007-12-03 21:42 . 2007-12-06 21:30 d-------- C:\Program Files\SkanerOnline
2007-12-03 15:18 . 2007-12-03 15:18 940,794 --a------ C:\WINDOWS\system32\LoopyMusic.wav
2007-12-03 15:18 . 2007-12-03 15:18 146,650 --a------ C:\WINDOWS\system32\BuzzingBee.wav
2007-12-03 15:18 . 2007-12-03 15:18 60,416 --a------ C:\WINDOWS\ALCFDRTM.VER
2007-12-03 15:18 . 2007-12-03 15:18 60,416 --a------ C:\WINDOWS\ALCFDRTM.EXE
2007-12-03 15:17 . 2007-12-03 15:17 d-------- C:\WINDOWS\system32\Lang
2007-12-03 14:44 . 2007-12-04 17:58 d-------- C:\WINDOWS\system32\pl-pl
2007-12-03 14:43 . 2001-10-26 20:27 68,608 --a------ C:\WINDOWS\system32\plugin.ocx
2007-12-03 14:43 . 2001-10-26 20:27 68,608 --a--c--- C:\WINDOWS\system32\dllcache\plugin.ocx
2007-12-03 14:42 . 2007-12-03 14:42 d--h----- C:\WINDOWS\$hf_mig$
2007-12-03 13:54 . 2007-12-03 10:30 217,088 --a------ C:\WINDOWS\jetctrl.dll
2007-12-03 13:54 . 2007-12-03 10:30 77,824 --a------ C:\WINDOWS\nretcip.exe
2007-12-01 14:17 . 2007-12-01 14:17 d-------- C:\Program Files\FLVPlayer
2007-11-26 17:56 . 2007-11-26 17:56 0 --a------ C:\WINDOWS\graphedt.INI

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-12-24 10:52 --------- d-----w C:\Documents and Settings\Dom\Dane aplikacji\GetRight
2007-12-24 10:52 --------- d-----w C:\Documents and Settings\Dom\Dane aplikacji\BitTorrent
2007-12-24 10:48 --------- d-----w C:\Documents and Settings\Dom\Dane aplikacji\BitTorrent DNA
2007-12-22 15:01 --------- d-----w C:\Program Files\BitTorrent
2007-12-21 20:14 --------- d-----w C:\Documents and Settings\Dom\Dane aplikacji\Winamp
2007-12-21 16:16 --------- d-----w C:\Program Files\Winamp
2007-12-20 17:29 --------- d--h--w C:\Program Files\InstallShield Installation Information
2007-12-17 19:10 --------- d-----w C:\Program Files\DS28
2007-12-12 17:36 --------- d-----w C:\Documents and Settings\Dom\Dane aplikacji\Skype
2007-12-10 17:53 --------- d-----w C:\Documents and Settings\Dom\Dane aplikacji\Vso
2007-12-10 12:53 219,648 ----a-w C:\WINDOWS\system32\uxtheme.dll
2007-12-06 20:26 --------- d-----w C:\Program Files\Digital Image Recovery
2007-11-24 21:40 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\Apple Computer
2007-11-24 16:40 --------- d-----w C:\Program Files\KM Remote
2007-11-22 17:37 --------- d-----w C:\Program Files\ToniArts
2007-11-22 17:36 --------- d-----w C:\Program Files\RegCleaner
2007-11-20 16:50 --------- d-----w C:\Program Files\WinAVI Video Converter
2007-11-18 16:26 --------- d-----w C:\Program Files\Ubisoft
2007-11-15 17:24 --------- d-----w C:\Program Files\BreakPoint Software
2007-11-13 19:02 --------- d-----w C:\Program Files\Common Files\InstallShield
2007-11-12 18:02 --------- d-----w C:\Documents and Settings\Dom\Dane aplikacji\Apple Computer
2007-11-10 18:07 107,888 ----a-w C:\WINDOWS\system32\CmdLineExt.dll
2007-11-09 18:12 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\Microsoft Help
2007-11-05 19:26 --------- d-----w C:\Program Files\Skype
2007-11-05 19:26 --------- d-----w C:\Program Files\Common Files\Skype
2007-11-05 19:26 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\Skype
2007-11-05 12:10 --------- d-----w C:\Program Files\ATI Technologies
2007-11-03 19:13 --------- d-----w C:\Program Files\Common Files\NSV
2007-11-02 22:50 --------- d-----w C:\Program Files\VSD Software
2007-11-02 22:49 --------- d-----w C:\Documents and Settings\Dom\Dane aplikacji\vlc
2007-11-02 22:41 --------- d-----w C:\Program Files\VideoLAN
2007-11-02 22:28 --------- d-----w C:\Program Files\Common Files\Adobe
2007-11-02 21:43 --------- d-----w C:\Documents and Settings\Dom\Dane aplikacji\Pegasys Inc
2007-11-02 21:43 --------- d-----w C:\Documents and Settings\Dom\Dane aplikacji\LEAPS
2007-11-02 21:41 --------- d-----w C:\Program Files\Pegasys Inc
2007-11-02 18:36 --------- d-----w C:\Documents and Settings\Dom\Dane aplikacji\AdobeUM
2007-11-01 22:14 --------- d-----w C:\Program Files\Lavalys
2007-11-01 22:07 --------- d-----w C:\Program Files\Samurize
2007-11-01 21:40 --------- d-----w C:\Documents and Settings\Dom\Dane aplikacji\Creative
2007-11-01 21:39 --------- d-----w C:\Program Files\Creative
2007-11-01 21:01 --------- d-----w C:\Program Files\MSBuild
2007-11-01 21:01 --------- d-----w C:\Program Files\Microsoft Works
2007-11-01 16:04 --------- d-----w C:\Program Files\Real Alternative
2007-11-01 16:04 --------- d-----w C:\Documents and Settings\Dom\Dane aplikacji\Media Player Classic
2007-11-01 15:28 --------- d-----w C:\Documents and Settings\Dom\Dane aplikacji\CyberLink
2007-11-01 15:27 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\CyberLink
2007-11-01 15:03 --------- d-----w C:\Program Files\CyberLink
2007-11-01 11:11 --------- d-----w C:\Program Files\Windows Media Connect 2
2007-11-01 08:40 --------- d-----w C:\Program Files\Common Files\LightScribe
2007-11-01 07:51 --------- d--h--r C:\Documents and Settings\Dom\Dane aplikacji\SecuROM
2007-11-01 07:43 47,360 ----a-w C:\WINDOWS\system32\drivers\pcouffin.sys
2007-11-01 07:43 47,360 ----a-w C:\Documents and Settings\Dom\Dane aplikacji\pcouffin.sys
2007-11-01 07:43 --------- d-----w C:\Program Files\VSO
2007-11-01 07:33 --------- d-----w C:\Program Files\K-Lite Codec Pack
2007-10-31 17:37 --------- d-----w C:\Program Files\Alcohol Soft
2007-10-31 16:03 685,816 ----a-w C:\WINDOWS\system32\drivers\sptd.sys
2007-10-31 14:23 --------- d-----w C:\Program Files\Common Files\Borland Shared
2007-10-31 13:52 --------- d-----w C:\Program Files\BitTorrent_DNA
2007-10-31 12:10 --------- d-----w C:\Program Files\GetRight
2007-10-30 22:41 --------- d-----w C:\Program Files\Common Files\Nero
2007-10-30 22:40 --------- d-----w C:\Program Files\Common Files\Ahead
2007-10-30 22:40 --------- d-----w C:\Program Files\Ahead
2007-10-30 22:33 --------- d-----w C:\Program Files\Alwil Software
2007-10-30 22:25 --------- d-----w C:\Program Files\Realtek Sound Manager
2007-10-30 22:25 --------- d-----w C:\Program Files\Realtek AC97
2007-10-30 22:25 --------- d-----w C:\Program Files\AvRack
2007-10-30 22:20 --------- d-----w C:\Documents and Settings\Dom\Dane aplikacji\Talkback
2007-10-30 22:19 --------- d-----w C:\Program Files\WapSter
2007-10-30 22:15 --------- d-----w C:\Program Files\Simpli Software
2007-10-30 22:10 --------- d-----w C:\Program Files\microsoft frontpage
2007-10-30 22:08 --------- d-----w C:\Program Files\Usługi online
2007-09-28 17:07 3,596,288 ----a-w C:\WINDOWS\system32\qt-dx331.dll
2007-09-28 17:05 81,920 ----a-w C:\WINDOWS\system32\dpl100.dll
2007-09-28 17:05 739,840 ----a-w C:\WINDOWS\system32\divx.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{25CEE8EC-5730-41bc-8B58-22DDC8AB8C20}]
2007-12-13 17:49 1185120 --a------ C:\Program Files\Winamp Toolbar\winamptb.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{37B85A29-692B-4205-9CAD-2626E4993404}
{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}

[HKEY_CLASSES_ROOT\clsid\{ebf2ba02-9094-4c5a-858b-bb198f3d8de2}]
[HKEY_CLASSES_ROOT\WINAMPTB.AOLToolBand.1]
[HKEY_CLASSES_ROOT\TypeLib\{538CD77C-BFDD-49b0-9562-77419CAB89D1}]
[HKEY_CLASSES_ROOT\WINAMPTB.AOLToolBand]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}"= C:\Program Files\Winamp Toolbar\winamptb.dll [2007-12-13 17:49 1185120]

[HKEY_CLASSES_ROOT\clsid\{ebf2ba02-9094-4c5a-858b-bb198f3d8de2}]
[HKEY_CLASSES_ROOT\WINAMPTB.AOLToolBand.1]
[HKEY_CLASSES_ROOT\TypeLib\{538CD77C-BFDD-49b0-9562-77419CAB89D1}]
[HKEY_CLASSES_ROOT\WINAMPTB.AOLToolBand]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-03 23:44]
"BitTorrent DNA"="C:\Program Files\BitTorrent_DNA\dna.exe" [2007-10-31 14:51]
"BitTorrent"="C:\Program Files\BitTorrent\bittorrent.exe" [2007-09-19 00:37]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2007-08-31 16:46]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"="SOUNDMAN.EXE" [2006-01-11 15:08 C:\WINDOWS\soundman.exe]
"RemoteControl"="C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" [2007-01-08 22:26]
"GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-27 00:47]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11]
"DAEMON Tools"="C:\Program Files\DAEMON Tools\daemon.exe" [2006-09-14 21:09]
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 10:25]
"BootSkin Startup Jobs"="C:\PROGRA~1\Stardock\WINCUS~1\BootSkin\BootSkin.exe" [2004-04-26 16:21]
"LogonStudio"="C:\Program Files\WinCustomize\LogonStudio\logonstudio.exe" [2002-09-03 18:38]
"DrvIcon"="C:\Program Files\Vista Drive Icon\DrvIcon.exe" [2007-07-04 20:59]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-03 23:44]

C:\Documents and Settings\Dom\Menu Start\Programy\Autostart\
Thoosje Sidebar.lnk - C:\Program Files\Thoosje Sidebar V2.3\Thoosje Vista Sidebar.exe [2007-10-22 01:28:57]

C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\
WinManager.lnk - C:\Program Files\PC-TV\WinManager\WinManager.exe [2007-11-24 16:28:14]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"UIHost"="C:\\WINDOWS\\system32\\logonuiX.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WBSrv]
C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbsrv.dll 2005-12-06 21:16 176128 C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\WbSrv.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=wbsys.dll

R0 viamraid;viamraid;C:\WINDOWS\system32\drivers\viamraid.sys [2005-06-20 19:53]
R3 DtvAudio;DtvAudio;C:\WINDOWS\system32\DRIVERS\DtvAudio.sys [2004-02-26 02:42]
R3 DtvVideo;DtvVideo;C:\WINDOWS\system32\DRIVERS\DtvVideo.sys [2004-02-26 03:27]
R3 V0260VID;Live! Cam Vista IM;C:\WINDOWS\system32\DRIVERS\V0260Vid.sys [2006-11-04 06:45]
S0 878BDA;DVB-TV 878 BDA Driver;C:\WINDOWS\system32\Drivers\878BDA.sys []
S3 VPNET;DTVNet Ethernet Controller;C:\WINDOWS\system32\DRIVERS\DTVNet.sys [2004-03-19 04:11]

.
**************************************************************************

catchme 0.3.1333 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-12-24 11:56:00
Windows 5.1.2600 Dodatek Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

PROCESS: C:\WINDOWS\explorer.exe [6.00.2900.2180]
-> C:\Program Files\Stardock\Object Desktop\WindowBlinds\tray.dll
.
Completion time: 2007-12-24 11:56:56
C:\ComboFix2.txt ... 2007-12-06 19:32


#3 w11

w11

    1

  • Members
  • PipPipPip
  • 67 postów

Napisano 24 grudzień 2007 - 15:12

O3 - Toolbar: (no name) - {37B85A29-692B-4205-9CAD-2626E4993404} - (no file)

O8 - Extra context menu item: &Winamp Toolbar Search - C:\Documents and Settings\All Users\Dane aplikacji\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html

Toolbary sa niby nieszkodliwe..ale kto je do kona wie;p

Troche mnie wkurza,ze wszedzie musze pisac to samo...
Skanowałeś tylko antywirusem ?
Przeskanuj : ad-aware , avg anti-spyware, spy bot search & destroy.
Te programy znajdziesz na [[[www.komputerswiat.pl]]]
Sciągnij,uaktualnij (update) i przeskanuj.

Jeśli nic nie znajdzie to poprostu przeinstaluj przegladarke..albo zainstaluj inna (np. firefox).Probowales juz przeinstalowac?

#4 maximusXII

maximusXII

    1

  • Members
  • PipPip
  • 14 postów

Napisano 24 grudzień 2007 - 16:37

Mam przeglądarke firefox a pare tyg temu skasowalem internet explorer Przeskanuje sobie po wigilli

Ale wielkie dzieki Wesolych Swiat i Szczeliwego Nowego Roku

#5 maximusXII

maximusXII

    1

  • Members
  • PipPip
  • 14 postów

Napisano 24 grudzień 2007 - 17:08

Znlazlem w czym tkwil problem Wylaczylem WindowsBlinds 5.0 i juz jest wporzadku

#6 w11

w11

    1

  • Members
  • PipPipPip
  • 67 postów

Napisano 24 grudzień 2007 - 21:15

;]
Ale przeskanować i tak możesz ;p Moze sie cos znajdzie ;]



Similar Topics Collapse

  Temat Forum Autor Podsumowanie Ostatni post


Użytkownicy przeglądający ten temat: 0

0 użytkowników, 0 gości, 0 anonimowych


Inne serwisy: IFD