Wykryto wyłączony javascript
Aktualnie masz wyłączony javascript. Kilka funkcji może nie działać. Włącz ponownie javascript, aby korzystać z pełnej funkcjonalności.
Firewall

Rozpoczęty przez Grigo , 31 03 2008 20:04
Temat jest zamknięty
3 odpowiedzi w tym temacie
#1 Grigo

Początkujący
116 postów
Napisano 31 03 2008 - 20:04
Witam:)
dzisiaj cos mi wylaczylo firewalla i niemoge go juz uaktywnic...;/
oto screeny:

1 zdjecie:)

2 zdjecie:)

prosze o pomoc
0
Do góry
#2 krzyhoo

Admin
1 039 postów
Napisano 31 03 2008 - 23:09
W Sieci pojawiły się trzy nowe wersje uciążliwego robaka Bagle - eksperci ostrzegają, że najnowsze mutacje wyposażono w mechanizm, umożliwiający im wyłączenie wbudowanej do systemu Windows "zapory ogniowej" (Windows Firewall) oraz wielu innych aplikacji zabezpieczających.
zrób skana jakimś porządnym antywirem, najlepiej ściągnij kasperskyego 7 i odpal w nim wersje testową na 30dni a do tego spyware terminator'a i zrób nimi skanowania
0
Do góry
#3 wncvirus

Leń !
851 postów
Napisano 01 04 2008 - 08:17
Daj logi z combofixa
0
Do góry
#4 Grigo

Początkujący
116 postów
Napisano 01 04 2008 - 16:58
ComboFix 08-03-30.5 - XXX 2008-04-01 17:06:18.3 - NTFSx86

Microsoft Windows XP Professional  5.1.2600.2.1250.1.1045.18.239 [GMT 2:00]

Running from: C:\Documents and Settings\XXX\Pulpit\ComboFix.exe



[color=red][b]WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED [img]http://www.forum.tweaks.pl/public/style_emoticons/default/excl.gif[/img][/b][/color]

.



(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

---- Previous Run -------

.

C:\WINDOWS\services.exe

C:\WINDOWS\system32\install.exe



.

(((((((((((((((((((((((((   Files Created from 2008-03-01 to 2008-04-01  )))))))))))))))))))))))))))))))

.



2008-03-31 21:22 . 2008-03-31 21:22	130	--a------	C:\WINDOWS\system32\drivers\fwdrv.err

2008-03-31 20:05 . 2008-03-31 20:05	<DIR>	d--------	C:\Program Files\Sunbelt Software

2008-03-31 19:53 . 2008-03-31 19:53	60,201	--ahs----	C:\WINDOWS\serwer.exe

2008-03-31 19:38 . 2008-03-31 19:38	<DIR>	d--------	C:\Program Files\WebServ

2008-03-31 19:38 . 2008-03-31 19:39	40,062	--a------	C:\WINDOWS\php.ini

2008-03-31 19:38 . 2008-03-31 19:39	428	--a------	C:\WINDOWS\my.ini

2008-03-31 08:41 . 2008-03-31 08:42	<DIR>	d--------	C:\Documents and Settings\XXX\.jpi_cache

2008-03-31 08:41 . 2008-03-31 08:41	<DIR>	d--------	C:\Documents and Settings\XXX\.java

2008-03-30 16:45 . 2008-03-30 16:45	<DIR>	d--------	C:\Program Files\NokiaFREE Unlock Codes Calculator

2008-03-29 17:10 . 2008-03-29 17:10	649	--a------	C:\WINDOWS\unins000.dat

2008-03-28 19:50 . 2008-03-28 19:54	<DIR>	d--------	C:\Program Files\VirtualDJ

2008-03-28 15:26 . 2008-03-28 15:26	<DIR>	d--------	C:\Documents and Settings\XXX\Dane aplikacji\Media Player Classic

2008-03-27 20:24 . 2004-08-04 00:08	26,496	--a--c---	C:\WINDOWS\system32\dllcache\usbstor.sys

2008-03-27 17:16 . 2008-03-27 17:16	<DIR>	d--------	C:\Program Files\Alwil Software

2008-03-27 17:16 . 2007-12-04 15:04	837,496	--a------	C:\WINDOWS\system32\aswBoot.exe

2008-03-27 17:16 . 2004-01-09 11:13	380,928	--a------	C:\WINDOWS\system32\actskin4.ocx

2008-03-27 17:16 . 2007-12-04 14:54	95,608	--a------	C:\WINDOWS\system32\AvastSS.scr

2008-03-27 17:16 . 2007-12-04 16:55	94,544	--a------	C:\WINDOWS\system32\drivers\aswmon2.sys

2008-03-27 17:16 . 2007-12-04 16:56	93,264	--a------	C:\WINDOWS\system32\drivers\aswmon.sys

2008-03-27 17:16 . 2007-12-04 16:51	42,912	--a------	C:\WINDOWS\system32\drivers\aswTdi.sys

2008-03-27 17:16 . 2007-12-04 16:49	26,624	--a------	C:\WINDOWS\system32\drivers\aavmker4.sys

2008-03-27 17:16 . 2007-12-04 16:53	23,152	--a------	C:\WINDOWS\system32\drivers\aswRdr.sys

2008-03-27 16:05 . 2008-03-27 16:05	<DIR>	d--------	C:\Program Files\MSXML 4.0

2008-03-26 19:47 . 2008-03-31 13:20	3,350	--ahs----	C:\WINDOWS\system32\KGyGaAvL.sys

2008-03-26 19:47 . 2008-03-31 13:20	88	-r-hs----	C:\WINDOWS\system32\520A10F8D3.sys

2008-03-26 19:45 . 2008-03-26 19:45	<DIR>	d--------	C:\Documents and Settings\All Users\Dane aplikacji\InstallShield

2008-03-26 19:43 . 2008-03-26 19:43	<DIR>	d--------	C:\Documents and Settings\XXX\Dane aplikacji\Corel

2008-03-26 19:42 . 2008-03-26 19:42	<DIR>	d--------	C:\Program Files\Common Files\Corel

2008-03-26 19:36 . 2008-03-26 19:42	<DIR>	d--------	C:\Program Files\Corel

2008-03-26 17:05 . 2008-03-26 17:20	<DIR>	d-a------	C:\Documents and Settings\All Users\Dane aplikacji\TEMP

2008-03-26 15:18 . 2004-08-04 00:44	221,184	--a------	C:\WINDOWS\system32\wmpns.dll

2008-03-26 15:11 . 2008-03-26 15:11	19,552	--a------	C:\Documents and Settings\XXX\Dane aplikacji\GDIPFONTCACHEV1.DAT

2008-03-26 15:07 . 2008-03-26 15:07	<DIR>	d---s----	C:\Documents and Settings\XXX\UserData

2008-03-26 12:00 . 2008-03-26 12:00	<DIR>	d--------	C:\Documents and Settings\XXX\Dane aplikacji\Ahead

2008-03-26 09:47 . 2005-06-28 11:21	22,752	--a------	C:\WINDOWS\system32\spupdsvc.exe

2008-03-25 21:45 . 2008-03-25 21:45	<DIR>	d--------	C:\Program Files\Ares

2008-03-25 21:02 . 2008-03-25 21:02	<DIR>	d--------	C:\Documents and Settings\XXX\Dane aplikacji\Tibia

2008-03-25 20:10 . 2008-03-25 20:10	1,167	--a------	C:\WINDOWS\mozver.dat

2008-03-25 15:28 . 2008-04-01 16:30	49	--a------	C:\WINDOWS\NeroDigital.ini

2008-03-25 15:22 . 2008-03-25 15:22	<DIR>	d--------	C:\Program Files\MP3 Player Utilities 4.00

2008-03-25 15:18 . 2008-03-25 15:18	427	--a------	C:\WINDOWS\ODBC.INI

2008-03-25 15:15 . 2008-03-25 15:16	<DIR>	d--------	C:\WINDOWS\ShellNew

2008-03-25 15:10 . 2004-03-25 09:06	1,802,240	---------	C:\WINDOWS\UNNMP.exe

2008-03-25 15:10 . 2004-04-21 08:10	52,418	---------	C:\WINDOWS\UNNMP.cfg

2008-03-25 15:06 . 2001-07-09 12:50	155,648	--a------	C:\WINDOWS\system32\NeroCheck.exe

2008-03-25 15:06 . 2001-08-17 23:59	3,072	--a------	C:\WINDOWS\system32\drivers\audstub.sys

2008-03-25 15:05 . 2005-02-23 04:32	2,230,176	--a------	C:\WINDOWS\system32\ati3duag.dll

2008-03-25 15:05 . 2005-02-23 04:36	986,624	--a------	C:\WINDOWS\system32\drivers\ati2mtag.sys

2008-03-25 15:05 . 2005-02-23 04:36	986,624	--a--c---	C:\WINDOWS\system32\dllcache\ati2mtag.sys

2008-03-25 15:05 . 2004-08-04 02:43	870,784	--a------	C:\WINDOWS\system32\ati3d1ag.dll

2008-03-25 15:05 . 2005-02-23 04:27	441,408	--a------	C:\WINDOWS\system32\ativvaxx.dll

2008-03-25 15:05 . 2005-02-23 04:36	224,256	--a------	C:\WINDOWS\system32\ati2dvag.dll

2008-03-25 15:05 . 2005-02-23 04:20	196,608	--a------	C:\WINDOWS\system32\ati2cqag.dll

2008-03-25 15:05 . 2004-08-04 02:35	58,624	--a------	C:\WINDOWS\system32\drivers\redbook.sys

2008-03-25 15:05 . 2004-08-04 00:31	20,992	--a------	C:\WINDOWS\system32\drivers\RTL8139.sys

2008-03-25 15:05 . 2001-08-17 22:19	3,712	--a------	C:\WINDOWS\system32\drivers\ctljystk.sys

2008-03-25 15:04 . 2008-03-25 15:04	<DIR>	d--------	C:\Program Files\Common Files\Ahead

2008-03-25 15:04 . 2008-03-25 15:10	<DIR>	d--------	C:\Program Files\Ahead

2008-03-25 15:04 . 2008-03-25 15:04	<DIR>	d--------	C:\Documents and Settings\All Users\Dane aplikacji\Ahead

2008-03-25 15:03 . 2008-03-31 21:28	<DIR>	d--hs----	C:\WINDOWS\Installer

2008-03-25 15:03 . 2008-03-25 15:03	<DIR>	dr-h-----	C:\Documents and Settings\Default User\Ustawienia lokalne

2008-03-25 15:03 . 2008-03-25 15:03	<DIR>	d--------	C:\Documents and Settings\Default User\Ulubione

2008-03-25 15:03 . 2008-03-25 14:09	<DIR>	d--h-----	C:\Documents and Settings\Default User\Szablony

2008-03-25 15:03 . 2008-03-25 15:03	<DIR>	d--------	C:\Documents and Settings\Default User\Pulpit

2008-03-25 15:03 . 2008-03-25 15:03	<DIR>	d--------	C:\Documents and Settings\Default User\Moje dokumenty

2008-03-25 15:03 . 2008-03-25 15:03	<DIR>	dr-------	C:\Documents and Settings\Default User\Menu Start

2008-03-25 15:03 . 2008-03-25 15:03	<DIR>	d--------	C:\Documents and Settings\All Users\Ulubione

2008-03-25 15:03 . 2008-03-25 15:03	<DIR>	d--h-----	C:\Documents and Settings\All Users\Szablony

2008-03-25 15:03 . 2008-03-31 15:43	<DIR>	d--------	C:\Documents and Settings\All Users\Pulpit

2008-03-25 15:03 . 2008-03-25 15:17	<DIR>	dr-------	C:\Documents and Settings\All Users\Menu Start

2008-03-25 15:03 . 2008-03-25 14:10	<DIR>	dr-------	C:\Documents and Settings\All Users\Dokumenty

2008-03-25 15:02 . 2008-04-01 16:49	<DIR>	d--------	C:\WINDOWS\system32\CatRoot2

2008-03-25 15:02 . 2008-03-26 22:31	<DIR>	d--------	C:\WINDOWS\system32\CatRoot

2008-03-25 15:02 . 2008-03-25 15:03	<DIR>	dr-h-----	C:\Documents and Settings\Default User\Dane aplikacji

2008-03-25 15:02 . 2008-03-26 19:45	<DIR>	dr-h-----	C:\Documents and Settings\All Users\Dane aplikacji

2008-03-25 15:02 . 2004-08-04 01:27	1,086,058	-ra------	C:\WINDOWS\SET4.tmp

2008-03-25 15:02 . 2004-08-04 01:32	1,014,483	-ra------	C:\WINDOWS\SET3.tmp

2008-03-25 15:01 . 2008-03-25 14:16	261	--a------	C:\WINDOWS\system32\$winnt$.inf

2008-03-25 15:00 . 2008-03-25 15:00	37	--a------	C:\WINDOWS\r007



.

((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2008-04-01 15:06	---------	d-----w	C:\Program Files\Neostrada TP

2008-03-29 15:10	72,748	----a-w	C:\WINDOWS\unins000.exe

2008-03-27 15:00	---------	d-----w	C:\Program Files\Common Files\Panda Software

2008-03-27 14:38	---------	d-----w	C:\Program Files\Winamp

2008-03-27 13:58	---------	d-----w	C:\Program Files\Gadu-Gadu

2008-03-26 17:42	---------	d-----w	C:\Program Files\Common Files\InstallShield

2008-03-25 13:12	---------	d-----w	C:\Program Files\ULI5289

2008-03-25 12:57	---------	d--h--w	C:\Program Files\InstallShield Installation Information

2008-03-25 12:51	23	----a-w	C:\WINDOWS\system32\drivers\adidsl.cfg

2008-03-25 12:51	---------	d-----w	C:\Program Files\SAGEM

2008-03-25 12:51	---------	d-----w	C:\Program Files\Java Web Start

2008-03-25 12:51	---------	d-----w	C:\Program Files\Java

2008-03-25 12:49	---------	d-----w	C:\Documents and Settings\XXX\Dane aplikacji\Talkback

2008-03-25 12:49	---------	d-----w	C:\Documents and Settings\XXX\Dane aplikacji\Gadu-Gadu

2008-03-25 12:48	---------	d-----w	C:\Program Files\CDex_150

2008-03-25 12:47	---------	d-----w	C:\Program Files\Common Files\Adobe

2008-03-25 12:46	---------	d-----w	C:\Documents and Settings\All Users\Dane aplikacji\Apple Computer

2008-03-25 12:45	---------	d-----w	C:\Program Files\MarBit

2008-03-25 12:45	---------	d-----w	C:\Program Files\<a href="http://www.download.net.pl/105/K-Lite-Codec-Pack/">K-Lite Codec Pack</a>

2008-03-25 12:44	---------	d-----w	C:\Documents and Settings\XXX\Dane aplikacji\Winamp

2008-03-25 12:41	---------	d-----w	C:\Program Files\Creative

2008-03-25 12:41	---------	d-----w	C:\Documents and Settings\XXX\Dane aplikacji\Creative

2008-03-25 12:41	---------	d-----w	C:\Documents and Settings\XXX\Dane aplikacji\ATI

2008-03-25 12:37	---------	d-----w	C:\Documents and Settings\All Users\Dane aplikacji\Creative

2008-03-25 12:33	---------	d-----w	C:\Program Files\ATI Technologies

2008-03-25 12:14	---------	d-----w	C:\Program Files\microsoft frontpage

2008-03-25 12:12	---------	d-----w	C:\Program Files\Usługi online

.



(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown 

REGEDIT4



[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 00:44 15360]

"Gadu-Gadu"="C:\Program Files\Gadu-Gadu\gg.exe" [2007-04-17 13:12 2113536]



[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"ALi5289"="C:\Program Files\ULI5289\ALi5289.exe" [2005-03-10 15:56 405504]

"ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-02-22 22:05 339968]

"ATICCC"="C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" [2005-02-22 23:21 32768]

"CTHelper"="CTHELPER.EXE" [2003-08-28 10:45 24576 C:\WINDOWS\system32\CTHELPER.EXE]

"UpdReg"="C:\WINDOWS\UpdReg.EXE" [2000-05-11 02:00 90112]

"Jet Detection"="C:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe" [2001-11-29 02:00 28672]

"WinampAgent"="C:\Program Files\Winamp\winampa.exe" [2008-01-16 00:54 37376]

"WooCnxMon"="C:\PROGRA~1\NEOSTR~1\CnxMon.exe" [2003-10-16 19:07 24576]

"WOOWATCH"="C:\PROGRA~1\NEOSTR~1\Watch.exe" [2003-10-16 19:07 20480]

"WOOTASKBARICON"="C:\PROGRA~1\NEOSTR~1\TaskbarIcon.exe" [2003-10-16 19:07 53248]

"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 12:50 155648]

"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-12-04 15:00 79224]



[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-04 00:44 15360]

"ATICCC"="C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" [2005-02-22 23:21 32768]



C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\

Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2004-12-14 15:44:06 29696]

ATI CATALYST System Tray.lnk - C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe [2005-02-22 23:21:26 32768]

DSLMON.lnk - C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe [2008-03-25 14:51:49 962661]

Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2001-02-13 11:01:04 83360]



[HKEY_LOCAL_MACHINE\software\microsoft\security center]

"AntiVirusOverride"=dword:00000001



R0 m5289;m5289;C:\WINDOWS\system32\DRIVERS\m5289.sys [2004-12-01 11:49]

R0 uliagpkx;ULi AGP Bus Filter Driver;C:\WINDOWS\system32\DRIVERS\agpkx.sys [2005-05-03 18:31]

R2 ALIEHCD;ULi PCI to USB Enhanced Host Controller;C:\WINDOWS\system32\Drivers\ALIEHCI.sys [2005-06-02 20:59]

R3 aliroothub;USB 2.0 Root Hub;C:\WINDOWS\system32\DRIVERS\AliRtHub.sys [2005-06-02 19:27]

S3 PavSRK.sys;PavSRK.sys;C:\WINDOWS\system32\PavSRK.sys []



.

**************************************************************************



catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2008-04-01 17:07:02

Windows 5.1.2600 Dodatek Service Pack 2 NTFS



scanning hidden processes ... 



scanning hidden autostart entries ...



scanning hidden files ... 



scan completed successfully 

hidden files: 0 



**************************************************************************

.

Completion time: 2008-04-01 17:07:32

ComboFix-quarantined-files.txt  2008-04-01 15:07:18

Pre-Run: 2,880,348,160 bajtów wolnych

Post-Run: 2,871,046,144 bajtów wolnych

.

2008-03-27 14:06:24	--- E O F ---
0
Do góry
Wróć do Bezpieczeństwo (wirusy i trojany)
Użytkownicy przeglądający ten temat: 1

0 użytkowników, 1 gości, 0 anonimowych