Dobra Panowie, robie formata.
1. Co wgrać z Antyivirusów, Firewalli etc.
2. Robić coś z routerem?
3. Co jeszcze wgrać.
- Forum komputerowe
- → Przeglądanie profilu: Posty: Alex84
Statystyki
- Grupa: Użytkownik
- Całość postów: 11
- Odwiedzin: 897
- Tytuł: Początkujący
- Wiek: Wiek nie został ustalony
- Urodziny: Data urodzin nie została podana
-
Płeć
Nie podano
O mnie
-
Jaki posiadasz system operacyjny?
Windows XP
0
Neutralna
Moje posty
W temacie: Logi - Robale w systemie
16 05 2008 - 15:17
W temacie: Logi - Robale w systemie
13 05 2008 - 23:04
kurcze to ja już nie wiem :/ może pozostałosci po firewallu że nie mogę sluchac radia, grać w CS'a, łączyć się z FTP :/ kurcze jak to usunąć bo pozatym jak usunołem jednego trojana to net już mi nie muli...nie mogę nawet meczu obejżec na sopcascie :/:/:/
hmm, a może coś jest z routerem bo 2 komputer który jest podłączny do niego ma te same obiawy?
hmm, a może coś jest z routerem bo 2 komputer który jest podłączny do niego ma te same obiawy?
W temacie: Logi - Robale w systemie
13 05 2008 - 17:08
dobra daje sobie chyba spokój. robie formata i mam pytanie czy to utnie te problemy? (DNS, złe dopasowanie obrazu na ekranie?)
W temacie: Logi - Robale w systemie
12 05 2008 - 21:03
ok daje loga z combofixa po fixwareout
i daje jeszcze screna z programu ACTIVE PORTS. a i czy może mój router (Pentagram Cerberus P 6311-072) jest zainfekowany?
pozdrawiam
ComboFix 08-05-09.1 - Olek 2008-05-12 21:04:47.4 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1250.1.1045.18.1552 [GMT 2:00] Running from: E:\ComboFix.exe [color=red][b]WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED [img]http://www.forum.tweaks.pl/public/style_emoticons/default/excl.gif[/img][/b][/color] . ((((((((((((((((((((((((( Files Created from 2008-04-12 to 2008-05-12 ))))))))))))))))))))))))))))))) . 2008-05-12 20:39 . 2008-05-12 20:42 <DIR> d-------- C:\fixwareout 2008-05-11 16:03 . 1999-12-17 10:13 49,664 --a------ C:\WINDOWS\unvise32.exe 2008-05-08 16:03 . 2008-05-08 16:36 <DIR> d-------- C:\Program Files\Symantec 2008-05-08 14:43 . 2008-05-08 14:58 249,856 --------- C:\WINDOWS\Setup1.exe 2008-05-08 14:43 . 2008-05-08 14:58 73,216 --a------ C:\WINDOWS\ST6UNST.EXE 2008-05-08 14:35 . 2008-05-08 14:35 <DIR> d-------- C:\Documents and Settings\Olek\Dane aplikacji\Symantec 2008-05-08 14:15 . 2008-05-08 16:36 <DIR> d-------- C:\Documents and Settings\All Users\Dane aplikacji\Symantec 2008-05-08 14:14 . 2008-05-08 16:37 <DIR> d-------- C:\Program Files\Common Files\Symantec Shared 2008-05-07 20:32 . 2008-05-07 20:32 <DIR> d-------- C:\!KillBox 2008-04-27 17:16 . 2008-04-27 17:16 <DIR> d-------- C:\Documents and Settings\All Users\Dane aplikacji\Ubisoft 2008-04-26 11:57 . 2008-05-09 23:49 320 --a------ C:\WINDOWS\HAFASWIN.INI 2008-04-26 11:57 . 2008-04-26 11:57 21 --a------ C:\WINDOWS\progman.ini 2008-04-23 21:33 . 2008-05-03 10:23 791,224 --a------ C:\WINDOWS\system32\GDIPFONTCACHEV1.DAT 2008-04-16 08:15 . 2007-10-12 15:14 3,734,536 --a------ C:\WINDOWS\system32\d3dx9_36.dll 2008-04-16 08:15 . 2007-10-12 15:14 1,374,232 --a------ C:\WINDOWS\system32\D3DCompiler_36.dll 2008-04-16 08:15 . 2007-10-02 09:56 444,776 --a------ C:\WINDOWS\system32\d3dx10_36.dll 2008-04-16 08:15 . 2007-10-22 03:39 267,272 --a------ C:\WINDOWS\system32\xactengine2_10.dll 2008-04-12 18:14 . 2008-04-12 18:14 <DIR> d--hs---- C:\found.000 2008-04-12 02:09 . 2008-01-01 01:00 60,273 --a------ C:\WINDOWS\system32\pthreadGC2.dll 2008-04-12 02:09 . 2008-04-10 17:50 7,680 --a------ C:\WINDOWS\system32\ff_vfw.dll 2008-04-12 02:09 . 2008-04-10 17:50 6,144 --a------ C:\WINDOWS\system32\ff_acm.acm 2008-04-12 02:09 . 2008-01-01 01:00 547 --a------ C:\WINDOWS\system32\ff_vfw.dll.manifest . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-05-12 19:06 79,867,680 --sha-w C:\WINDOWS\system32\drivers\fidbox.dat 2008-05-12 19:06 2,318,880 --sha-w C:\WINDOWS\system32\drivers\fidbox2.dat 2008-05-12 18:59 --------- d-----w C:\Documents and Settings\Olek\Dane aplikacji\Skype 2008-05-12 18:56 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\Kaspersky Lab 2008-05-12 18:40 223,328 --sha-w C:\WINDOWS\system32\drivers\fidbox2.idx 2008-05-12 18:40 1,076,156 --sha-w C:\WINDOWS\system32\drivers\fidbox.idx 2008-05-12 14:47 --------- d-----w C:\Documents and Settings\Olek\Dane aplikacji\MyPhoneExplorer 2008-05-12 12:53 --------- d-----w C:\Documents and Settings\Olek\Dane aplikacji\skypePM 2008-05-11 14:25 --------- d---a-w C:\Documents and Settings\All Users\Dane aplikacji\TEMP 2008-05-06 20:51 --------- d--h--w C:\Program Files\InstallShield Installation Information 2008-04-27 21:28 --------- d-----w C:\Program Files\Java 2008-04-27 15:15 22,328 ----a-w C:\WINDOWS\system32\drivers\PnkBstrK.sys 2008-04-27 15:15 22,328 ----a-w C:\Documents and Settings\Olek\Dane aplikacji\PnkBstrK.sys 2008-04-27 15:15 2,337,865 ----a-w C:\WINDOWS\system32\pbsvc.exe 2008-04-27 15:15 107,832 ----a-w C:\WINDOWS\system32\PnkBstrB.exe 2008-04-26 22:25 --------- d-----w C:\Documents and Settings\Olek\Dane aplikacji\Tibia 2008-04-17 13:46 96,645 ----a-w C:\WINDOWS\system32\drivers\klin.dat 2008-04-17 13:46 87,941 ----a-w C:\WINDOWS\system32\drivers\klick.dat 2008-04-15 20:11 --------- d-----w C:\Program Files\TibiaTek Development Team 2008-04-07 04:32 --------- d-----w C:\Program Files\Opera 2008-04-04 21:00 3,086,336 ----a-w C:\WINDOWS\system32\flvvideo.dll 2008-03-13 19:49 --------- d-----w C:\Program Files\Avanquest update 2008-03-13 19:49 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\BVRP Software 2008-03-13 19:47 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\Sony Ericsson 2008-03-13 19:44 --------- d-----w C:\Program Files\Common Files\Teleca Shared 2008-03-13 19:44 --------- d-----w C:\Program Files\Common Files\Sony Ericsson Shared 2008-03-13 19:44 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\Teleca 2008-02-15 13:40 32 ----a-w C:\Documents and Settings\All Users\Dane aplikacji\ezsid.dat . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 00:44 15360] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" [ ] "AQQ"="E:\PROGRA~1\WapSter\WAPSTE~1\AQQ.exe" [2008-04-28 21:15 1209328] "DAEMON Tools Lite"="C:\Program Files\DAEMON Tools Lite\daemon.exe" [2007-12-19 22:13 486856] "SpybotSD TeaTimer"="e:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2007-08-31 17:46 1460560] "MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-08-04 01:55 1667584] "Uniblue RegistryBooster 2"="E:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe" [2008-01-12 17:34 1910040] "AlcoholAutomount"="e:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" [2007-12-22 09:23 221568] "Skype"="C:\Program Files\Skype\Phone\Skype.exe" [2008-02-01 18:26 22014760] "Sony Ericsson PC Suite"="e:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe" [2007-11-20 16:29 360448] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SoundMAXPnP"="C:\Program Files\Analog Devices\Core\smax4pnp.exe" [2006-09-26 09:29 872448] "JMB36X Configure"="C:\WINDOWS\system32\JMRaidTool.exe" [2006-08-14 04:51 352256] "ATICCC"="C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe" [2006-09-25 10:12 90112] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 02:11 132496] "WinampAgent"="e:\Program Files\Winamp\winampa.exe" [2007-12-20 17:16 37376] "AVP"="C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe" [2007-06-28 13:51 218376] "UnlockerAssistant"="E:\Program Files\Unlocker\UnlockerAssistant.exe" [2006-09-07 19:19 15872] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "isDeleteMe"="C:\WINDOWS\system32\cmd.exe" [2004-08-04 00:44 395776] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-04 00:44 15360] C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\ Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-24 08:05:26 29696] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "aux"= ctwdm32.dll "aux1"= ctwdm32.dll "msacm.ac3filter"= ac3filter.acm "msacm.dvacm"= C:\PROGRA~1\COMMON~1\ULEADS~1\Vio\Dvacm.acm "msacm.MPEGacm"= C:\PROGRA~1\COMMON~1\ULEADS~1\MPEG\MPEGacm.acm "msacm.ulmp3acm"= C:\PROGRA~1\COMMON~1\ULEADS~1\MPEG\ulmp3acm.acm "msacm.avis"= ff_acm.acm [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "C:\\Program Files\\WapSter\\AQQ\\AQQ.exe"= "C:\\PROGRA~1\\WapSter\\AQQ\\AQQ.exe"= "C:\\WINDOWS\\system32\\PnkBstrA.exe"= "C:\\WINDOWS\\system32\\PnkBstrB.exe"= "C:\\Program Files\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"= "C:\\Program Files\\Bonjour\\mDNSResponder.exe"= "C:\\totalcmd\\TOTALCMD.EXE"= "C:\\Program Files\\Winamp Remote\\bin\\Orb.exe"= "C:\\Program Files\\Winamp Remote\\bin\\OrbTray.exe"= "C:\\Program Files\\Winamp Remote\\bin\\OrbStreamerClient.exe"= "C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "C:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"= "C:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"= "E:\\Program Files\\KONAMI\\Pro Evolution Soccer 2008\\PES2008.exe"= "E:\\Program Files\\THQ\\S.T.A.L.K.E.R. - Shadow of Chernobyl\\bin\\XR_3DA.exe"= "E:\\Program Files\\THQ\\S.T.A.L.K.E.R. - Shadow of Chernobyl\\bin\\dedicated\\XR_3DA.exe"= "E:\\Program Files\\SopCast\\SopCast.exe"= "E:\\Program Files\\SopCast\\adv\\SopAdver.exe"= "C:\\Program Files\\TibiaTek\\TibiaTek Bot\\TibiaTekBot.exe"= "E:\\Program Files\\WapSter\\WapSter AQQ\\AQQ.exe"= "E:\\Program Files\\Valve\\hl.exe"= "E:\\Program Files\\Valve\\hlds.exe"= "E:\\Program Files\\Ubisoft\\Tom Clancy's Splinter Cell Double Agent\\SCDA-Offline\\System\\SplinterCell4.exe"= "E:\\Program Files\\Electronic Arts\\Crytek\\Crysis\\Bin32\\Crysis.exe"= "E:\\Program Files\\Electronic Arts\\Crytek\\Crysis\\Bin32\\CrysisDedicatedServer.exe"= "E:\\Program Files\\TVAnts\\Tvants.exe"= "E:\\Program Files\\Ubisoft\\Tom Clancy's Rainbow Six Vegas 2\\Binaries\\R6Vegas2_Game.exe"= "E:\\Program Files\\Ubisoft\\Tom Clancy's Rainbow Six Vegas 2\\Binaries\\R6Vegas2_Launcher.exe"= "C:\\Program Files\\Skype\\Phone\\Skype.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "27015:UDP"= 27015:UDP:1 "27016:UDP"= 27016:UDP:2 "27015:TCP"= 27015:TCP:3 R3 klim5;Kaspersky Anti-Virus NDIS Filter;C:\WINDOWS\system32\DRIVERS\klim5.sys [2007-04-04 15:58] S3 ALSysIO;ALSysIO;C:\DOCUME~1\Olek\USTAWI~1\Temp\ALSysIO.sys [] S3 ddsxeiservice;ddsxeiservice2;E:\Program Files\sXe Injected\ddsxei.sys [] S3 s816bus;Sony Ericsson Device 816 driver (WDM);C:\WINDOWS\system32\DRIVERS\s816bus.sys [2007-06-19 09:51] S3 s816mdfl;Sony Ericsson Device 816 USB WMC Modem Filter;C:\WINDOWS\system32\DRIVERS\s816mdfl.sys [2007-06-19 09:51] S3 s816mdm;Sony Ericsson Device 816 USB WMC Modem Driver;C:\WINDOWS\system32\DRIVERS\s816mdm.sys [2007-06-19 09:51] S3 s816mgmt;Sony Ericsson Device 816 USB WMC Device Management Drivers (WDM);C:\WINDOWS\system32\DRIVERS\s816mgmt.sys [2007-06-19 09:51] S3 s816nd5;Sony Ericsson Device 816 USB Ethernet Emulation SEMCMR7 (NDIS);C:\WINDOWS\system32\DRIVERS\s816nd5.sys [2007-06-19 09:51] S3 s816obex;Sony Ericsson Device 816 USB WMC OBEX Interface;C:\WINDOWS\system32\DRIVERS\s816obex.sys [2007-06-19 09:51] S3 s816unic;Sony Ericsson Device 816 USB Ethernet Emulation SEMCMR7 (WDM);C:\WINDOWS\system32\DRIVERS\s816unic.sys [2007-06-19 09:51] . Contents of the 'Scheduled Tasks' folder "2008-05-03 08:59:01 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job" - C:\Program Files\Apple Software Update\SoftwareUpdate.exe . ************************************************************************** catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-05-12 21:06:15 Windows 5.1.2600 Dodatek Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . Completion time: 2008-05-12 21:06:56 ComboFix-quarantined-files.txt 2008-05-12 19:06:44 Pre-Run: 12,753,391,616 bajtów wolnych Post-Run: 12,751,327,232 bajtów wolnych 173
i daje jeszcze screna z programu ACTIVE PORTS. a i czy może mój router (Pentagram Cerberus P 6311-072) jest zainfekowany?
pozdrawiam
W temacie: Logi - Robale w systemie
12 05 2008 - 06:16
ok jak wrócę, do domu później to poskanuje. Daje jeszcze netstat
- Forum Komputerowe Tweaks.pl
- → Przeglądanie profilu: Posty: Alex84
- Polityka prywatności
- Szukaj
- Regulamin Forum ·