Skocz do zawartości


Zdjęcie

Logi - Podejrzenie infekcji

Rozpoczęty przez MAGx2 , 24 08 2008 14:00

  • Zamknięty Temat jest zamknięty
6 odpowiedzi w tym temacie

#1 MAGx2

MAGx2

    Początkujący

  • 12 postów

Napisano 24 08 2008 - 14:00

Tutaj jest mój log.
Bardzo proszę o sprawdzenie go ponieważ wydaje mi się iż mój komputer jest zainfekowany a nod niczego nie znajduje.
Z góry dziękuje za pomoc

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:00:04, on 2008-08-24
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.20861)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ntvdm.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\Mixer.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\Ashampoo\Ashampoo FireWall\FireWall.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Konnekt\konnekt.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
D:\Martin\Programy\Tor\Vidalia\vidalia.exe
C:\Program Files\Messenger\msmsgs.exe
C:\DOCUME~1\MAG\USTAWI~1\Temp\setup126.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
D:\Martin\Programy\Tor\Privoxy\privoxy.exe
C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\MySQL\MySQL Server 4.1\bin\mysqld-nt.exe
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\WINDOWS\system32\UAService7.exe
C:\DOCUME~1\MAG\USTAWI~1\Temp\b.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
D:\Martin\Programy\Tor\Tor\tor.exe
C:\Program Files\Mozilla Firefox\firefox.exe
D:\Martin\Delphi\Program\Bin\delphi32.exe
C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.bearshare.com/pl/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
F3 - REG:win.ini: load=d:\martin\programy\Slownik\watch.exe
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: XML module - {500BCA15-57A7-4eaf-8143-8C619470B13D} - C:\WINDOWS\system32\msxml71.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [Anti Trojan Elite] C:\Program Files\Anti Trojan Elite\TJEnder.exe :NO
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [Ashampoo FireWall] "C:\Program Files\Ashampoo\Ashampoo FireWall\FireWall.exe" -TRAY
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Konnekt] "C:\Program Files\Konnekt\konnekt.exe" /autostart
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [Vidalia] "D:\Martin\Programy\Tor\Vidalia\vidalia.exe"
O4 - HKCU\..\Run: [Nokia.PCSync] "C:\Program Files\Nokia\Nokia PC Suite 6\PCSync2.exe" /NoDialog
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Somefox] C:\DOCUME~1\MAG\USTAWI~1\Temp\setup126.exe
O4 - HKCU\..\Run: [24177921330805503153533796335449] C:\Program Files\AV9\av2009.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA LOKALNA')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'USŁUGA LOKALNA')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA SIECIOWA')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'USŁUGA SIECIOWA')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Photosmart Premier - Szybkie uruchomienie.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: Privoxy.lnk = D:\Martin\Programy\Tor\Privoxy\privoxy.exe
O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Share in Hello - {B13B4423-2647-4cfc-A4B3-C7D56CB83487} - C:\Program Files\Hello\PicasaCapture.dll
O9 - Extra 'Tools' menuitem: Share in H&ello - {B13B4423-2647-4cfc-A4B3-C7D56CB83487} - C:\Program Files\Hello\PicasaCapture.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{F5AD1653-93AC-4C00-9A2B-90E555CAE06C}: NameServer = 83.238.255.76 213.241.79.37
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MySQL - Unknown owner - C:\Program.exe (file missing)
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset  - C:\Program Files\Eset\nod32krn.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Sony DADC Austria AG. - C:\WINDOWS\system32\UAService7.exe

--
End of file - 8865 bytes


  • 0

#2 ordynat

ordynat

    Zaawansowany użytkownik

  • 804 postów

Napisano 24 08 2008 - 15:52

O2 - BHO: XML module - {500BCA15-57A7-4eaf-8143-8C619470B13D} - C:\WINDOWS\system32\msxml71.dll
O4 - HKCU\..\Run: [Somefox] C:\DOCUME~1\MAG\USTAWI~1\Temp\setup126.exe
O4 - HKCU\..\Run: [24177921330805503153533796335449] C:\Program Files\AV9\av2009.exe

Użyj -->SDFix. (niżej na stronie linku).
Pokaż Report.txt znajdujący się w folderze SDFix.

ordynat

  • 0

#3 MAGx2

MAGx2

    Początkujący

  • 12 postów

Napisano 24 08 2008 - 16:11

Wielki dzięki za pomoc :unsure: .
Już usunąłem te rzeczy które wskazałeś i już zasysam SDFix i zaraz wrzucam raport.
  • 0

#4 ordynat

ordynat

    Zaawansowany użytkownik

  • 804 postów

Napisano 24 08 2008 - 16:16

To właśnie SDFix miał usunąć te "rzeczy".
Ale i tak użyj go, mimo wszystko.
Może jeszcze coś dodatkowo wykryje i usunie.

ordynat
  • 0

#5 MAGx2

MAGx2

    Początkujący

  • 12 postów

Napisano 24 08 2008 - 16:58

Zrobiłem to co mówiłeś i wrzucam raport.

[b]SDFix: Version 1.219 [/b]
Run by Administrator on 2008-08-24 at 16:28

Microsoft Windows XP [Wersja 5.1.2600]
Running From: C:\SDFix

[b]Checking Services [/b]:


Restoring Default Security Values
Restoring Default Hosts File

Rebooting


[b]Checking Files [/b]: 

No Trojan Files Found




Folder C:\Documents and Settings\MAG\Dane aplikacji\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#w*w.redtube.com - Removed
Folder C:\Documents and Settings\MAG\Menu Start\Antivirus 2009 - Removed


Removing Temp Files

[b]ADS Check [/b]:
 


								 [b]Final Check [/b]:

catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-08-24 16:35:20
Windows 5.1.2600 Dodatek Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden services & system hive ...

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg]
"s1"=dword:2df9c43f
"s2"=dword:110480d0
"h0"=dword:00000002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]
"h0"=dword:00000001
"ujdew"=hex:a2,65,f0,24,ad,45,ec,ca,8c,5c,ed,b3,c0,cc,44,1d,45,ce,0c,d5,a0,..

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"h0"=dword:00000000
"khjeh"=hex:07,04,55,bc,67,6a,04,13,0f,85,59,6c,84,d7,fd,bb,82,c0,56,e1,6c,..
"p0"="C:\Program Files\DAEMON Tools Lite\"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
"a0"=hex:20,01,00,00,0c,4b,74,96,7c,ce,62,43,64,db,1d,d0,10,0f,4e,b2,02,..
"khjeh"=hex:89,81,0a,27,ba,fd,a5,35,06,9b,7b,e0,d6,c4,16,97,ba,36,f8,e5,a1,..

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
"khjeh"=hex:5e,57,5f,fc,d4,d0,a5,01,fd,36,51,ee,fd,4a,5a,e4,b2,67,f8,f7,52,..

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41]
"khjeh"=hex:7b,d9,17,91,4f,41,77,d0,f3,17,57,44,81,ae,7e,c5,36,cf,23,bf,f3,..

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf42]
"khjeh"=hex:da,1a,31,da,0a,77,bf,db,2a,e6,8c,40,14,f8,f7,e8,8a,91,de,8e,03,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]
"h0"=dword:00000001
"ujdew"=hex:a2,65,f0,24,ad,45,ec,ca,8c,5c,ed,b3,c0,cc,44,1d,45,ce,0c,d5,a0,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"h0"=dword:00000000
"khjeh"=hex:07,04,55,bc,67,6a,04,13,0f,85,59,6c,84,d7,fd,bb,82,c0,56,e1,6c,..
"p0"="C:\Program Files\DAEMON Tools Lite\"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
"a0"=hex:20,01,00,00,0c,4b,74,96,7c,ce,62,43,64,db,1d,d0,10,0f,4e,b2,02,..
"khjeh"=hex:89,81,0a,27,ba,fd,a5,35,06,9b,7b,e0,d6,c4,16,97,ba,36,f8,e5,a1,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
"khjeh"=hex:5e,57,5f,fc,d4,d0,a5,01,fd,36,51,ee,fd,4a,5a,e4,b2,67,f8,f7,52,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41]
"khjeh"=hex:7b,d9,17,91,4f,41,77,d0,f3,17,57,44,81,ae,7e,c5,36,cf,23,bf,f3,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf42]
"khjeh"=hex:da,1a,31,da,0a,77,bf,db,2a,e6,8c,40,14,f8,f7,e8,8a,91,de,8e,03,..

scanning hidden registry entries ...

scanning hidden files ...

scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0


[b]Remaining Services [/b]:




Authorized Application Key Export:

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe:*:Enabled:hpofxm08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe:*:Enabled:hposfx08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe:*:Enabled:hposid01.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe:*:Enabled:hpqcopy.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe:*:Enabled:hpfccopy.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"
"C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"="C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe:*:Enabled:hpqphunl.exe"
"C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"="C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe:*:Enabled:hpqdia.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe:*:Enabled:hpqnrs08.exe"
"C:\\Program Files\\<a href="http://www.download.net.pl/297/uTorrent/">uTorrent</a>\\<a href="http://www.download.net.pl/297/uTorrent/">uTorrent</a>.exe"="C:\\Program Files\\<a href="http://www.download.net.pl/297/uTorrent/">uTorrent</a>\\<a href="http://www.download.net.pl/297/uTorrent/">uTorrent</a>.exe:*:Enabled:<a href="http://www.download.net.pl/297/uTorrent/">uTorrent</a>"
"C:\\Program Files\\Konnekt\\konnekt.exe"="C:\\Program Files\\Konnekt\\konnekt.exe:*:Enabled:Konnekt - Core"
"D:\\Martin\\Gry\\Soldir\\SoF2MP.exe"="D:\\Martin\\Gry\\Soldir\\SoF2MP.exe:*:Enabled:SoF2MP"
"D:\\Martin\\Programy\\p2p\\BearShare\\BearShare.exe"="D:\\Martin\\Programy\\p2p\\BearShare\\BearShare.exe:*:Enabled:BearShare"
"D:\\Martin\\Gry\\Tibia\\Boty\\Tibia Tek Bot\\TibiaTekBot.exe"="D:\\Martin\\Gry\\Tibia\\Boty\\Tibia Tek Bot\\TibiaTekBot.exe:*:Enabled:TibiaTek Bot"
"D:\\Martin\\Gry\\Little Fighter II\\lf2.exe"="D:\\Martin\\Gry\\Little Fighter II\\lf2.exe:*:Enabled:lf2"
"C:\\Program Files\\Hamachi\\hamachi.exe"="C:\\Program Files\\Hamachi\\hamachi.exe:*:Enabled:Hamachi Client"
"D:\\Martin\\Gry\\Diablo II\\Diablo II.exe"="D:\\Martin\\Gry\\Diablo II\\Diablo II.exe:*:Enabled:Diablo II"
"D:\\Xawery\\gry\\Flat Out\\flatout.exe"="D:\\Xawery\\gry\\Flat Out\\flatout.exe:*:Enabled:flatout"
"D:\\Xawery\\gry\\James Bond 007 Nightfire\\Bond.exe"="D:\\Xawery\\gry\\James Bond 007 Nightfire\\Bond.exe:*:Enabled:Bond"
"D:\\Martin\\Gry\\Counter Strike\\hl.exe"="D:\\Martin\\Gry\\Counter Strike\\hl.exe:*:Enabled:Half-Life Launcher"
"D:\\Xawery\\gry\\Delta Force Xtrema\\dfx.exe"="D:\\Xawery\\gry\\Delta Force Xtrema\\dfx.exe:*:Enabled:dfx"
"D:\\Xawery\\gry\\Return to Castle Wolfenstein\\WolfMP.exe"="D:\\Xawery\\gry\\Return to Castle Wolfenstein\\WolfMP.exe:*:Enabled:WolfMP"
"C:\\Program Files\\Java\\jdk1.6.0_07\\bin\\java.exe"="C:\\Program Files\\Java\\jdk1.6.0_07\\bin\\java.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\\Program Files\\Java\\jdk1.6.0_07\\jre\\bin\\java.exe"="C:\\Program Files\\Java\\jdk1.6.0_07\\jre\\bin\\java.exe:*:Enabled:Java(TM) Platform SE binary"
"D:\\Xawery\\gry\\Tzar\\Tzar.exe"="D:\\Xawery\\gry\\Tzar\\Tzar.exe:*:Enabled:Tzar"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[b]Remaining Files [/b]:



[b]Files with Hidden Attributes [/b]:

Fri 28 Mar 2008	 6,104,632 A..H. --- "C:\Program Files\Picasa2\setup.exe"
Tue 18 Mar 2008		 4,348 A.SH. --- "C:\Documents and Settings\All Users\DRM\DRMv1.bak"
Mon 12 May 2008		24,064 ...H. --- "C:\Documents and Settings\MAG\Moje dokumenty\~WRL0005.tmp"
Mon 12 May 2008		24,576 ...H. --- "C:\Documents and Settings\MAG\Moje dokumenty\~WRL2301.tmp"
Mon 12 May 2008		25,600 ...H. --- "C:\Documents and Settings\MAG\Moje dokumenty\~WRL3104.tmp"
Mon 12 May 2008		24,576 ...H. --- "C:\Documents and Settings\MAG\Moje dokumenty\~WRL3287.tmp"
Mon 12 May 2008		25,600 ...H. --- "C:\Documents and Settings\MAG\Moje dokumenty\~WRL3904.tmp"
Tue 18 Mar 2008			 0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv01.tmp"
Wed  7 May 2008			 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\05030212059e1b9876d47b8cf2fa5e95\BITD2.tmp"

[b]Finished![/b]

  • 0

#6 ordynat

ordynat

    Zaawansowany użytkownik

  • 804 postów

Napisano 24 08 2008 - 17:36

No tak - SDFix nie miał już czego usuwać, bo go wyręczyłeś.
Powinno być OK.

ordynat
  • 0

#7 MAGx2

MAGx2

    Początkujący

  • 12 postów

Napisano 25 08 2008 - 09:51

Wielkie dzięki za pomoc :unsure: i poświęcenie swojego czasu :P

  • 0
Wróć do Bezpieczeństwo (wirusy i trojany)


Użytkownicy przeglądający ten temat: 0

0 użytkowników, 0 gości, 0 anonimowych

  1. Forum Komputerowe Tweaks.pl
  2. Oprogramowanie
  3. Bezpieczeństwo (wirusy i trojany)
  4. Polityka prywatności
  5. Szukaj
  6. Regulamin Forum ·