Skocz do zawartości

  2. Przeglądanie profilu: Posty: Gilu18

Gilu18

Rejestracja: 04 mar 2009
OFFLINE Ostatnio: 11 03 2009 10:52
-----

Moje posty

W temacie: Komputer wolno chodzi

08 03 2009 - 23:17

ok

combofix-em

CODE-BOX
ComboFix 09-03-06.02 - Daniel AkA Gilu 2009-03-08 20:20:10.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1250.1.1045.18.2047.1652 [GMT 1:00]
Uruchomiony z: f:\programy\z forum programy\ComboFix.exe
AV: Avira AntiVir PersonalEdition *On-access scanning disabled* (Updated)
* Utworzono nowy punkt przywracania
.

((((((((((((((((((((((((( Pliki utworzone od 2009-02-08 do 2009-03-08 )))))))))))))))))))))))))))))))
.

2009-03-06 13:18 . 2009-03-06 13:18 <DIR> d-------- c:\program files\HD Tune
2009-03-06 13:11 . 2009-03-08 20:08 19,134 --a------ c:\windows\system32\oodbs.lor
2009-03-06 13:09 . 2009-03-06 16:51 <DIR> d-------- c:\windows\system32\oodag
2009-03-06 13:07 . 2009-03-06 13:07 <DIR> d-------- c:\documents and settings\Daniel AkA Gilu\Dane aplikacji\Auslogics
2009-03-06 12:37 . 2009-03-06 12:37 <DIR> d-------- c:\program files\Wise Registry Cleaner
2009-03-06 12:37 . 2009-03-06 12:37 <DIR> d-------- c:\program files\Auslogics
2009-03-06 12:37 . 2009-03-06 13:19 <DIR> d-------- c:\program files\AskBarDis
2009-03-06 12:36 . 2009-03-06 12:36 <DIR> d-------- c:\program files\RegCompact.NET
2009-03-06 12:36 . 2009-03-06 12:36 <DIR> d-------- c:\program files\OO Software
2009-03-06 12:36 . 2009-03-06 13:41 <DIR> d-------- c:\program files\Odkurzacz
2009-03-06 12:36 . 2009-03-06 12:36 <DIR> d-------- c:\program files\CCleaner
2009-03-05 10:39 . 2009-03-05 10:39 <DIR> d-------- c:\program files\EA Sports
2009-03-04 20:55 . 2004-08-03 23:08 26,496 --a--c--- c:\windows\system32\dllcache\usbstor.sys
2009-03-04 20:15 . 2009-03-06 12:56 <DIR> d-------- c:\documents and settings\Daniel AkA Gilu\Dane aplikacji\skypePM
2009-03-04 20:15 . 2009-03-04 20:15 32 --a------ c:\documents and settings\All Users\Dane aplikacji\ezsid.dat
2009-03-04 20:14 . 2009-03-04 20:14 <DIR> d-------- c:\program files\Skype
2009-03-04 20:14 . 2009-03-04 20:14 <DIR> d-------- c:\program files\Common Files\Skype
2009-03-04 20:14 . 2009-03-06 11:41 <DIR> d-------- c:\documents and settings\Daniel AkA Gilu\Dane aplikacji\Skype
2009-03-04 20:14 . 2009-03-04 20:14 <DIR> d-------- c:\documents and settings\All Users\Dane aplikacji\Skype
2009-03-04 14:29 . 2009-03-04 14:29 <DIR> d-------- c:\windows\system32\Futuremark
2009-03-04 14:29 . 1999-10-21 10:12 20,400 --a------ c:\windows\system32\drivers\Entech.sys
2009-03-04 14:29 . 2001-11-19 19:05 3,972 --a------ c:\windows\system32\drivers\PciBus.sys
2009-03-04 14:28 . 2009-03-04 14:28 <DIR> d-------- c:\program files\Futuremark
2009-03-04 13:50 . 2009-03-04 13:50 <DIR> d-------- C:\xx
2009-03-04 13:50 . 2009-03-06 12:56 <DIR> d-------- c:\windows\Logs
2009-03-04 13:30 . 2009-03-04 13:30 <DIR> d-------- c:\program files\MadOnion.com
2009-03-04 13:23 . 2009-03-04 13:23 <DIR> d-------- c:\program files\SpeedFan
2009-03-04 13:23 . 2009-03-04 13:23 45 --a------ c:\windows\system32\initdebug.nfo
2009-03-03 12:28 . 2006-05-19 08:01 18,796,544 --a------ c:\windows\system32\alsndmgr.cpl
2009-03-03 12:28 . 2006-05-11 07:18 10,527,232 --a------ c:\windows\system32\RTLCPL.exe
2009-03-03 12:28 . 2006-05-19 15:44 3,965,056 --a------ c:\windows\system32\drivers\alcxwdm.sys
2009-03-03 12:28 . 2006-03-02 07:22 577,536 --a------ c:\windows\soundman.exe
2009-03-03 12:28 . 2002-02-05 13:54 141,016 --a------ c:\windows\system32\alsndmgr.wav
2009-03-03 12:28 . 2006-01-10 13:38 135,168 --a------ c:\windows\system32\RtlCPAPI.dll
2009-03-03 12:28 . 2005-07-15 16:48 40,960 --a------ c:\windows\system32\ChCfg.exe
2009-03-03 12:27 . 2009-03-03 12:27 <DIR> d-------- c:\program files\Realtek Sound Manager
2009-03-03 12:27 . 2009-03-03 12:27 <DIR> d-------- c:\program files\Realtek AC97
2009-03-03 12:27 . 2009-03-03 12:27 <DIR> d-------- c:\program files\AvRack
2009-03-03 12:27 . 2006-03-20 11:48 315,392 --a------ c:\windows\alcupd.exe
2009-03-03 12:27 . 2005-11-18 11:20 217,088 --a------ c:\windows\alcrmv.exe
2009-03-03 12:27 . 2001-07-06 00:19 164 --a------ c:\windows\avrack.ini
2009-03-03 12:12 . 2008-05-12 01:08 32,768 --a------ c:\windows\system\VRAIDlog.dll
2009-03-03 12:11 . 2007-09-20 10:43 331,184 --------- c:\windows\system32\difxapi.dll
2009-03-03 11:56 . 2009-03-06 12:56 <DIR> d-------- c:\windows\NV27642880.TMP
2009-03-03 11:56 . 2009-02-09 13:18 211,189 --a------ c:\windows\system32\nvapps.nvb
2009-03-03 11:55 . 2009-03-03 11:55 <DIR> d-------- C:\NVIDIA
2009-03-03 11:09 . 2009-03-03 11:09 <DIR> d-------- c:\program files\Lavalys
2009-03-03 10:45 . 2004-06-21 21:35 51,088 -ra------ c:\windows\system32\drivers\hpzid412.sys
2009-03-03 10:45 . 2004-06-21 21:35 21,744 -ra------ c:\windows\system32\drivers\HPZius12.sys
2009-03-03 10:45 . 2004-06-21 21:35 16,496 -ra------ c:\windows\system32\drivers\HPZipr12.sys
2009-03-03 10:44 . 2004-08-03 22:58 15,104 --a------ c:\windows\system32\drivers\usbscan.sys
2009-03-03 10:44 . 2004-08-03 22:58 15,104 --a--c--- c:\windows\system32\dllcache\usbscan.sys
2009-03-03 10:35 . 2009-03-03 10:35 <DIR> d-------- c:\program files\Microsoft.NET
2009-03-03 10:35 . 2009-03-03 10:35 <DIR> d-------- c:\program files\Microsoft Works
2009-03-03 10:33 . 2009-03-03 10:33 <DIR> d-------- c:\windows\SHELLNEW
2009-03-03 10:33 . 2009-03-03 10:33 <DIR> dr-h----- C:\MSOCache
2009-03-03 10:33 . 2009-03-03 10:36 <DIR> d-------- c:\documents and settings\All Users\Dane aplikacji\Microsoft Help
2009-03-03 10:31 . 2009-03-03 10:31 <DIR> d-------- c:\program files\Hewlett-Packard
2009-03-03 10:31 . 2009-03-03 10:31 <DIR> d-------- c:\documents and settings\All Users\Dane aplikacji\Hewlett-Packard
2009-03-03 10:31 . 2004-05-11 10:53 1,230,336 -ra------ c:\windows\system32\MSXML4.dll
2009-03-03 10:31 . 2004-05-11 10:53 626,960 -ra------ c:\windows\system32\hpvaut32.dll
2009-03-03 10:31 . 2004-05-11 10:53 487,424 -ra------ c:\windows\system32\hpvcp70.dll
2009-03-03 10:31 . 2004-05-11 10:53 344,064 -ra------ c:\windows\system32\hpvcr70.dll
2009-03-03 10:31 . 2004-05-11 10:53 82,432 -ra------ c:\windows\system32\MSXML4r.dll
2009-03-03 10:31 . 2004-05-11 10:53 44,544 -ra------ c:\windows\system32\MSXML4a.dll
2009-03-03 10:29 . 2009-03-03 10:29 <DIR> d-------- c:\program files\Common Files\Hewlett-Packard
2009-03-03 10:28 . 1998-10-29 16:45 306,688 --a------ c:\windows\IsUninst.exe
2009-03-03 10:28 . 2004-03-18 16:53 278,584 --a------ c:\windows\system32\HPZidr12.dll
2009-03-03 10:28 . 2004-03-18 16:56 204,800 --a------ c:\windows\system32\HPZipr12.dll
2009-03-03 10:28 . 2004-03-18 16:39 94,208 --a------ c:\windows\system32\HPZipt12.dll
2009-03-03 10:28 . 2004-03-18 16:55 65,536 --a------ c:\windows\system32\HPZipm12.exe
2009-03-03 10:28 . 2004-03-18 16:38 61,440 --a------ c:\windows\system32\HPZinw12.exe
2009-03-03 10:28 . 2004-03-18 16:39 57,344 --a------ c:\windows\system32\HPZisn12.dll
2009-03-03 10:27 . 2009-03-03 10:31 <DIR> d-------- c:\program files\HP
2009-03-03 10:25 . 2009-03-03 10:46 104,729 --a------ c:\windows\hpoins04.dat
2009-03-03 10:25 . 2004-06-21 21:34 17,176 --------- c:\windows\hpomdl04.dat
2009-03-03 10:24 . 2004-08-03 23:08 31,616 --a------ c:\windows\system32\drivers\usbccgp.sys
2009-03-03 10:24 . 2004-08-03 23:08 31,616 --a--c--- c:\windows\system32\dllcache\usbccgp.sys
2009-03-03 10:24 . 2004-08-03 23:01 25,856 --a------ c:\windows\system32\drivers\usbprint.sys
2009-03-03 10:24 . 2004-08-03 23:01 25,856 --a--c--- c:\windows\system32\dllcache\usbprint.sys
2009-03-01 19:32 . 2009-03-01 19:32 <DIR> d-------- c:\documents and settings\All Users\Dane aplikacji\Electronic Arts
2009-03-01 19:10 . 2009-03-01 19:10 <DIR> dr-h----- c:\documents and settings\Daniel AkA Gilu\Dane aplikacji\SecuROM
2009-03-01 19:10 . 2009-03-01 19:10 107,888 --a------ c:\windows\system32\CmdLineExt.dll
2009-03-01 19:09 . 2009-03-01 19:09 <DIR> d-------- C:\ProgramData
2009-03-01 19:09 . 2009-03-01 19:09 <DIR> d-------- c:\program files\Electronic Arts
2009-03-01 19:09 . 2009-03-01 19:09 <DIR> d-------- c:\documents and settings\Daniel AkA Gilu\Dane aplikacji\Leadertech
2009-03-01 19:09 . 2009-03-01 19:09 1,102 --a------ c:\windows\system32\ealregsnapshot1.reg

.
(((((((((((((((((((((((((((((((((((((((( Sekcja Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-03-08 19:09 --------- d-----w c:\program files\mIRC
2009-03-08 19:09 --------- d-----w c:\documents and settings\Daniel AkA Gilu\Dane aplikacji\NoNameScript
2009-03-04 15:12 --------- d--h--w c:\program files\InstallShield Installation Information
2009-03-04 12:55 --------- d-----w c:\program files\Common Files\InstallShield
2009-03-01 17:57 --------- d-----w c:\program files\MSBuild
2009-03-01 17:52 --------- d-----w c:\program files\Winamp
2009-03-01 17:52 --------- d-----w c:\program files\Reference Assemblies
2009-03-01 17:52 --------- d-----w c:\documents and settings\Daniel AkA Gilu\Dane aplikacji\Winamp
2009-03-01 17:40 --------- d-----w c:\program files\DAEMON Tools Lite
2009-03-01 17:36 717,296 ----a-w c:\windows\system32\drivers\sptd.sys
2009-03-01 17:36 --------- d-----w c:\program files\Avira
2009-03-01 17:36 --------- d-----w c:\documents and settings\Daniel AkA Gilu\Dane aplikacji\DAEMON Tools
2009-03-01 17:36 --------- d-----w c:\documents and settings\All Users\Dane aplikacji\Avira
2009-03-01 17:34 --------- d-----w c:\documents and settings\Daniel AkA Gilu\Dane aplikacji\Gadu-Gadu
2009-03-01 17:30 --------- d-----w c:\program files\Gadu-Gadu
2009-03-01 17:29 --------- d-----w c:\program files\ACE Mega CoDecS Pack
2009-03-01 17:24 --------- d-----w c:\documents and settings\Daniel AkA Gilu\Dane aplikacji\mIRC
2009-03-01 17:04 --------- d-----w c:\program files\VIA
2009-03-01 16:56 --------- d-----w c:\program files\SAGEM
2009-03-01 16:56 --------- d-----w c:\documents and settings\Daniel AkA Gilu\Dane aplikacji\InstallShield
2009-03-01 16:44 --------- d-----w c:\program files\microsoft frontpage
2009-03-01 16:43 --------- d-----w c:\program files\Usługi online
2009-02-25 20:59 730,368 ----a-w c:\windows\system32\oodsvct.exe
2009-02-25 20:59 1,352,960 ----a-w c:\windows\system32\oodag.exe
2009-02-25 20:59 1,316,096 ----a-w c:\windows\system32\ooscrsav.scr
2009-02-25 20:58 2,553,088 ----a-w c:\windows\system32\oodtray.exe
2009-02-25 20:57 194,816 ----a-w c:\windows\system32\oodbs.exe
2009-02-25 20:53 951,552 ----a-w c:\windows\system32\oodtrrs.dll
2009-02-25 20:53 9,984 ----a-w c:\windows\system32\oodbsrs.dll
2009-02-25 20:53 8,448 ----a-w c:\windows\system32\OODAGRS.DLL
2009-02-25 20:53 541,952 ----a-w c:\windows\system32\oodssrs.dll
2009-02-25 20:52 15,616 ----a-w c:\windows\system32\OODAGMG.DLL
2009-02-23 19:05 37,896 ----a-w c:\windows\system32\drivers\oobctm.sys
2009-02-23 19:03 15,104 ----a-w c:\windows\system32\ootmapi.dll
2009-02-05 09:54 453,152 ----a-w c:\windows\system32\NVUNINST.EXE
.

((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
2008-12-09 18:40 333192 --a------ c:\program files\AskBarDis\bar\bin\askBar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{3041d03e-fd4b-44e0-b742-2d9b88305f98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2008-12-09 333192]

[HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{3041D03E-FD4B-44E0-B742-2D9B88305F98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2008-12-09 333192]

[HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2006-03-02 15360]
"Gadu-Gadu"="c:\program files\Gadu-Gadu\gg.exe" [2007-11-14 2131392]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2004-08-04 1667584]
"Odkurzacz-MCD"="c:\program files\Odkurzacz\odk_mcd.exe" [2008-08-16 264704]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avgnt"="c:\program files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-06-12 266497]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-02-09 86016]
"VIARaidUtl"="c:\program files\VIA\RAID\raid_tool.exe" [2008-09-24 4918936]
"OODefragTray"="c:\windows\system32\oodtray.exe" [2009-02-25 2553088]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-02-09 13680640]
"nwiz"="nwiz.exe" [2009-02-09 c:\windows\system32\nwiz.exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2006-03-02 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"= ctwdm32.dll
"msacm.sl_anet"= c:\progra~1\ACEMEG~1\SystemS\sl_anet.acm
"vidc.yv12"= c:\progra~1\ACEMEG~1\SystemS\ATI\atiyuv12.DLL
"vidc.divx"= c:\progra~1\ACEMEG~1\SystemS\DivX\DivX520.dll
"vidc.iyuv"= c:\progra~1\ACEMEG~1\SystemS\Intel\iyuv_32.dll
"vidc.yvu9"= c:\progra~1\ACEMEG~1\SystemS\Intel\Iyvu9_32.dll
"vidc.uyvy"= c:\progra~1\ACEMEG~1\SystemS\MICROS~1\msyuv.dll
"vidc.yuy2"= c:\progra~1\ACEMEG~1\SystemS\MICROS~1\msyuv.dll
"vidc.yvyu"= c:\progra~1\ACEMEG~1\SystemS\MICROS~1\msyuv.dll
"msacm.msaudio1"= c:\progra~1\ACEMEG~1\SystemS\MICROS~1\msaud32.acm

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0OODBS

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\mIRC\\mirc.exe"=
"c:\\Program Files\\Gadu-Gadu\\gg.exe"=
"c:\\Program Files\\Electronic Arts\\EADM\\Core.exe"=
"c:\\Program Files\\EA Sports\\FIFA 09\\FIFA09.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

R2 VRAID Log Service;VRAID Log Service;c:\program files\VIA\RAID\vialogsv.exe [2009-03-03 52888]
S2 ASKUpgrade;ASKUpgrade;c:\program files\AskBarDis\bar\bin\ASKUpgrade.exe [2009-03-06 234888]
.
.
------- Skan uzupełniający -------
.
IE: E&ksportuj do programu Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-03-08 20:21:24
Windows 5.1.2600 Dodatek Service Pack 2 NTFS

skanowanie ukrytych procesów ...

skanowanie ukrytych wpisów autostartu ...

HKLM\Software\Microsoft\Windows\CurrentVersion\Run
VIARaidUtl = c:\program files\VIA\RAID\raid_tool.exe?Tool\utili

skanowanie ukrytych plików ...

skanowanie pomyślnie ukończone
ukryte pliki: 0

**************************************************************************
.
--------------------- ZABLOKOWANE KLUCZE REJESTRU ---------------------

[HKEY_USERS\S-1-5-21-1844237615-823518204-839522115-1004\Software\SecuROM\License information*]
"datasecu"=hex:3b,2b,c9,0e,30,7a,40,dd,e3,fe,e7,ba,2d,4e,d5,ae,a3,7e,ec,8a,b4,
de,f8,a9,2d,d6,27,c6,57,e2,72,0d,f1,d8,52,3e,58,ec,00,45,a1,28,61,84,be,ac,\
"rkeysecu"=hex:2e,12,7d,27,dc,57,03,d3,5b,8b,8e,fe,b8,1e,1d,b8

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG11.00.00.01WORKSTATION"="D0C1BC2083DDFB9BFDBC15D1933DA94C02B8A62813C5BAB5F7A2F82E00A8B70FDC8CB06503D
8DE315CD49D20E4461EBBE25B16E94B0E57408C4CA409CD55748DDA7301FCCF1EC9F9BAA064A539B
F
4ECA61A29B65EDFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFE
B
C9E127BECC74CFEBC9E127BECC74CA6A0AC4980AC79335D575E7D6A3B9808A2D97226D213B5559DB
7
CE019D40AA5C306A4350A2BB9170A1151C389F01EB4A309FC7A03B67FE76DDD0F7E0B3CB6399F8A6
8
D4AB84EB5DB0406007AD9F440703AC1D085180CB1669CEE8B6F726FEEC18B06D875928FE4727D5E2
2
A3FD4EFB14B46BC03D642F8C7B9656C6F9ED516A1A845E4A8A263B812DC811CCF0F1F97CBE9ACBAB
2
B170904F5A99425284E9507B7BDB6E5166E06929563413075A1D5C012A9C30B842C47312D75660A7
5
405894C55B4C18796717C24D104B5F177AB96D42E5EBBBD5A109D188DC423A31F326898240902EE7
9
409E105543AD18E6F694997160CFBFB7DE6C486894DDD7F1F807FBE9626596B796AE2057BD1E2EAF
5
24C06E462671ABC6E58FB7E66504D9795E34634BE6B2E0A03FDA289285D20C0B98E33644E8A56A08
0
6DB4125979D88C02A8AE7905EB378987E065F6C0043A92C6BE5F3A4BD029452B6F6DD382A00AE344
1
075CD94EB9B7721344AB9F9EBD4CDBB220BF3E3E5957395DCF59D812E3BE99F5D4E2612A08F5C2DA
9
62605F22BD2A1FD0D462B3860B553D3FD1582FBE700B98E41B1A39BC46125A925F8BB425D6E86C9C
D
C7CA2F2E06BBE53707F5C68C8EDFC3BE12627EF97A3547B964250706259A8C251742D93FF414D45B
B
7B787375A5EC462E323E2189516ECC43A686DBD4F702DFA1E752174FE7FD669C50F8433A788B3E61
8
AD8D6E5CECCC58E36F577F9C9D07DCD813259278A493876088B9AA0DB72629B58FF7354A6306AA5A
E
75A2A0E3E6C78D78638410830A8FDCEF3D5B0F748A52CD61C4D0732A7B2972E43C00279EF1F24BE8
6
600D285026B969663DBBA61BB194A8E4EEE0366ADB1E033988AD08D4D7D545885966A6BA13CB9D36
0
823AD953B2EEF467127D0E082E00EC360393995C229B9C6102228A5E6E8EB8100A6749E2865805A1
D
1ECEC718A61E9FB093DC5B80DF7A4327F7224D10E9EB28A5E536A3D24CC585EDF14F58045A0FD091
1
0995425DCFB3DF584DFF16ECB444DAD6505968918BEEA162FC958A08AD51C5066E9B4B628C7BF074
8
80D556AF33D87D11C1E90EA47B7378CA050BBEEAF90C70B29A32336D789298A7754112D98979B135
2
61817EEA44DAD191E3A20D215EF25F24D870A7C40481E6C8700DEB42E9B99033D1DCD98F2E983D58
6
347C3BD8D7D88AF7F220C9E1313B404FE1EC4B19F6B91066785068B5FCF71E02CAFCC3869A2AC2E4
3
94BECB5E4CD363DB9E04F58814855"
.
Czas ukończenia: 2009-03-08 20:22:19
ComboFix-quarantined-files.txt 2009-03-08 19:22:16

Przed: 27 504 295 936 bajtów wolnych
Po: 27,525,664,768 bajtów wolnych

WindowsXP-KB310994-SP2-Home-BootDisk-PLK.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect

225


hijacks-em

Logfile of HijackThis v1.99.1
Scan saved at 20:24:36, on 2009-03-08
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\oodag.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\VIA\RAID\vialogsv.exe
C:\WINDOWS\system32\devldr32.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\mIRC\mirc.exe
C:\WINDOWS\system32\wpabaln.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\imapi.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\WinRAR\WinRAR.exe
C:\DOCUME~1\DANIEL~1\USTAWI~1\Temp\Rar$EX00.344\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [VIARaidUtl] C:\Program Files\VIA\RAID\raid_tool.exe
O4 - HKLM\..\Run: [OODefragTray] C:\WINDOWS\system32\oodtray.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Gadu-Gadu] "C:\Program Files\Gadu-Gadu\gg.exe" /tray
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Odkurzacz-MCD] C:\Program Files\Odkurzacz\odk_mcd.exe
O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: ASKUpgrade - Unknown owner - C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: VRAID Log Service - Unknown owner - C:\Program Files\VIA\RAID\vialogsv.exe



Carcik_s

I nie odpowiedziałeś na pytanie czy jak ma te przycięcia to np. dysk wtedy intensywnie pracuje?

normalnie pracuje ... nic sie nie dzieje .. zreszta dysk ma dopiero rok ..

W temacie: Komputer zmula podczas gry w FIFE 09

06 03 2009 - 22:02

tylko ze wczesniej mi normalnie chodziła .... pd 1 miecha mam własnie taki problem ze ,uli mi ... z 2 4 sek opoznienia ma ..

W temacie: Komputer wolno chodzi

06 03 2009 - 21:59

Płyta główna 34 °C (93 °F)

Procesor 32 °C (90 °F)

Procesor graficzny 50 °C (122 °F)

WDC WD2500JB-00REA0 44 °C (111 °F)

SAMSUNG SP6003H 34 °C (93 °F)

W temacie: Komputer wolno chodzi

06 03 2009 - 21:12

okej dzieki za informacje :D

ehhh dalej w grze go muli ...

W temacie: Komputer wolno chodzi

06 03 2009 - 17:17

słyszysz defragmentuje dysk programem o&o Defrag i sam dysk C chce defragmentowac 19 godzin mozliwe to jest ? ....

Screen z defr : http://img144.imageshack.us/my.php?image=beztytuum.jpg

  1. Forum Komputerowe Tweaks.pl
  2. Przeglądanie profilu: Posty: Gilu18
  3. Polityka prywatności
  4. Szukaj
  5. Regulamin Forum ·