Wykryto wyłączony javascript

Aktualnie masz wyłączony javascript. Kilka funkcji może nie działać. Włącz ponownie javascript, aby korzystać z pełnej funkcjonalności.

Logi - Profilaktyczna kontrola

Rozpoczęty przez Macsch15 , 03 08 2008 21:58

Temat jest zamknięty

2 odpowiedzi w tym temacie

#1 Macsch15

Profesjonalista

3 705 postów

Napisano 03 08 2008 - 21:58

ComboFIX

ComboFix 08-08-02.01 - usr 2008-08-03 19:18:53.4 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1250.1.1045.18.706 [GMT 2:00]
Running from: C:\Documents and Settings\usr\Pulpit\ComboFix.exe
* Created a new restore point
* Resident AV is active

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED
.

((((((((((((((((((((((((( Files Created from 2008-07-03 to 2008-08-03 )))))))))))))))))))))))))))))))
.

2008-07-31 15:48 . 2008-08-02 17:59 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-07-31 15:48 . 2008-07-31 15:48 1,409 --a------ C:\WINDOWS\QTFont.for
2008-07-31 15:25 . 2008-07-31 15:36 <DIR> d-------- C:\Documents and Settings\usr\DoctorWeb
2008-07-30 14:33 . 2008-07-30 14:33 <DIR> d-------- C:\Documents and Settings\GoťŠ\Ustawienia lokalne
2008-07-30 14:33 . 2008-07-30 14:33 <DIR> d-------- C:\Documents and Settings\GoťŠ
2008-07-30 12:36 . 2008-07-30 12:36 <DIR> d-------- C:\Documents and Settings\usr\Dane aplikacji\ArcaBit
2008-07-28 09:04 . 2008-07-28 09:04 <DIR> d-------- C:\Documents and Settings\All Users\Dane aplikacji\MailFrontier
2008-07-28 09:04 . 2004-04-27 04:40 11,264 --a------ C:\WINDOWS\system32\SpOrder.dll
2008-07-28 09:04 . 2008-07-28 09:08 4,212 ---h----- C:\WINDOWS\system32\zllictbl.dat
2008-07-28 09:03 . 2008-07-28 09:11 <DIR> d-------- C:\WINDOWS\Internet Logs
2008-07-27 22:32 . 2008-07-27 22:36 <DIR> d-------- C:\Program Files\everest ultimate
2008-07-27 02:46 . 2008-07-27 02:46 <DIR> d-------- C:\Documents and Settings\All Users\Dane aplikacji\SlySoft
2008-07-27 02:46 . 2008-07-27 02:46 0 ---hs---- C:\WINDOWS\S46C1F6B6.tmp
2008-07-27 02:32 . 2008-07-27 02:32 <DIR> d-------- C:\Program Files\SubEdit-Player
2008-07-27 02:29 . 2008-07-27 02:29 <DIR> d-------- C:\Documents and Settings\All Users\Dane aplikacji\DVD Shrink
2008-07-25 22:53 . 2008-07-25 22:53 <DIR> d-------- C:\Program Files\NVIDIA Corporation
2008-07-24 20:35 . 2008-07-24 20:39 <DIR> d-------- C:\Documents and Settings\usr\Dane aplikacji\Audacity
2008-07-23 18:00 . 2008-07-23 18:00 <DIR> d-------- C:\Program Files\NSS
2008-07-20 12:33 . 2008-07-20 12:33 1,887 --a------ C:\WINDOWS\diagwrn.xml
2008-07-20 12:33 . 2008-07-20 12:33 1,887 --a------ C:\WINDOWS\diagerr.xml
2008-07-16 18:37 . 2008-07-19 23:46 <DIR> d-------- C:\Program Files\Gadu-Gadu
2008-07-16 16:07 . 2006-08-29 16:56 32,377 --a------ C:\WINDOWS\system32\drivers\prodigy.sys
2008-07-15 00:12 . 2008-07-15 00:12 249,856 --------- C:\WINDOWS\Setup1.exe
2008-07-15 00:12 . 2008-07-15 00:12 73,216 --a------ C:\WINDOWS\ST6UNST.EXE
2008-07-14 17:28 . 2001-10-26 16:57 12,160 --a------ C:\WINDOWS\system32\drivers\mouhid.sys
2008-07-14 17:28 . 2001-10-26 16:57 12,160 --a--c--- C:\WINDOWS\system32\dllcache\mouhid.sys
2008-07-14 14:15 . 2008-07-14 14:16 <DIR> d-------- C:\Program Files\DivX
2008-07-14 13:40 . 2008-07-14 13:41 <DIR> d-------- C:\Documents and Settings\usr\Dane aplikacji\Nowe Gadu-Gadu
2008-07-11 22:07 . 2008-07-11 22:07 <DIR> d-------- C:\Documents and Settings\usr\Dane aplikacji\IDM
2008-07-11 14:49 . 2008-07-11 14:49 <DIR> d-------- C:\Program Files\PC Connectivity Solution
2008-07-11 14:49 . 2007-09-17 15:53 21,632 --a------ C:\WINDOWS\system32\drivers\pccsmcfd.sys
2008-07-11 14:16 . 2008-07-28 19:05 <DIR> d-------- C:\Documents and Settings\usr\Dane aplikacji\foobar2000
2008-07-11 11:51 . 2008-07-18 00:04 <DIR> d-------- C:\Documents and Settings\All Users\Dane aplikacji\TrackMania
2008-07-11 11:50 . 2008-07-11 11:50 <DIR> d-------- C:\Documents and Settings\usr\Dane aplikacji\CDBurnerXP_Soft
2008-07-11 11:44 . 2008-07-11 11:50 <DIR> d-------- C:\Program Files\TmNationsForever
2008-07-11 11:42 . 2008-07-11 11:42 <DIR> d-------- C:\Program Files\Audacity 1.3 Beta
2008-07-11 11:31 . 2008-07-11 11:31 <DIR> d-------- C:\Program Files\foobar2000
2008-07-11 11:31 . 2008-07-11 11:32 <DIR> d-------- C:\Program Files\CDBurnerXP
2008-07-11 11:24 . 2008-05-07 07:39 1,419,232 --a------ C:\WINDOWS\system32\wdfcoinstaller01005.dll
2008-07-11 11:24 . 2008-05-07 07:38 659,968 --a------ C:\WINDOWS\system32\nmwcdcocls.dll
2008-07-11 11:24 . 2008-05-07 07:38 20,864 --a------ C:\WINDOWS\system32\drivers\ccdcmbo.sys
2008-07-11 11:24 . 2008-05-07 07:38 17,536 --a------ C:\WINDOWS\system32\drivers\ccdcmb.sys
2008-07-11 11:24 . 2008-05-07 07:38 8,064 --a------ C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys
2008-07-11 11:24 . 2008-06-06 09:24 8,064 --a------ C:\WINDOWS\system32\drivers\usbser_lowerflt.sys
2008-07-11 11:23 . 2008-07-31 19:35 <DIR> d-------- C:\Program Files\Nokia
2008-07-11 11:23 . 2008-02-01 16:17 138,112 --a------ C:\WINDOWS\system32\drivers\nmwcdnsu.sys
2008-07-11 11:23 . 2008-02-01 16:17 8,320 --a------ C:\WINDOWS\system32\drivers\nmwcdnsuc.sys
2008-07-10 10:42 . 2004-08-04 00:44 159,232 --a------ C:\WINDOWS\system32\ptpusd.dll
2008-07-10 10:42 . 2001-10-26 17:29 5,632 --a------ C:\WINDOWS\system32\ptpusb.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-08-03 17:16 --------- d-----w C:\Program Files\Mozilla Thunderbird
2008-08-02 19:58 --------- d-----w C:\Program Files\SpeedFan
2008-08-02 09:47 --------- d-----w C:\Program Files\Google
2008-08-01 11:45 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-08-01 11:36 --------- d-----w C:\Program Files\Activision
2008-07-31 17:34 --------- d-----w C:\Program Files\Common Files\Nokia
2008-07-31 17:34 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\Installations
2008-07-31 15:45 --------- d-----w C:\Program Files\BearShare
2008-07-30 22:01 --------- d-----w C:\Program Files\IrfanView
2008-07-30 22:00 --------- d-----w C:\Program Files\EA Sports
2008-07-30 16:03 --------- d-----w C:\Documents and Settings\usr\Dane aplikacji\OpenOffice.ux.pl2
2008-07-29 21:17 --------- d-----w C:\Documents and Settings\usr\Dane aplikacji\PC Suite
2008-07-29 17:00 --------- d-----w C:\Documents and Settings\usr\Dane aplikacji\Any Video Converter
2008-07-28 14:44 108,144 ----a-w C:\WINDOWS\system32\CmdLineExt.dll
2008-07-27 20:39 --------- d-----w C:\Documents and Settings\usr\Dane aplikacji\Winamp
2008-07-27 00:45 --------- d---a-w C:\Documents and Settings\All Users\Dane aplikacji\TEMP
2008-07-25 17:23 --------- d-----w C:\Program Files\Odkurzacz
2008-07-25 17:17 --------- d-----w C:\Program Files\NAPI-PROJEKT
2008-07-25 17:07 43,520 ----a-w C:\WINDOWS\system32\CmdLineExt03.dll
2008-07-24 18:55 --------- d-----w C:\Documents and Settings\usr\Dane aplikacji\gtk-2.0
2008-07-22 11:30 --------- d-----w C:\Documents and Settings\usr\Dane aplikacji\skypePM
2008-07-22 10:25 --------- d-----w C:\Documents and Settings\usr\Dane aplikacji\Skype
2008-07-11 20:09 --------- d-----w C:\Documents and Settings\usr\Dane aplikacji\DMCache
2008-07-11 12:49 --------- d-----w C:\Program Files\Common Files\PCSuite
2008-07-11 12:49 --------- d-----w C:\Documents and Settings\usr\Dane aplikacji\Nokia
2008-07-11 09:25 --------- d-----w C:\Program Files\CyberLink DVD Solution
2008-07-09 16:50 219,648 ----a-w C:\WINDOWS\system32\uxtheme.dll
2008-07-02 12:29 --------- d-----w C:\Program Files\AIDA32 - Enterprise System Information
2008-07-02 11:24 --------- d-----w C:\Program Files\Common Files\Ahead
2008-07-02 11:20 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\Nero
2008-07-02 11:16 --------- d-----w C:\Program Files\Winamp
2008-07-02 10:46 --------- d-----w C:\Program Files\Defraggler
2008-07-02 10:39 --------- d-----w C:\Program Files\xp-AntiSpy
2008-07-02 10:37 --------- d-----w C:\Documents and Settings\usr\Dane aplikacji\Thunderbird
2008-07-02 10:22 --------- d-----w C:\Program Files\MSXML 6.0
2008-07-02 10:22 --------- d-----w C:\Program Files\Common Files\EasyInfo
2008-07-02 10:22 --------- d-----w C:\Documents and Settings\usr\Dane aplikacji\Toshiba
2008-07-02 10:22 --------- d-----w C:\Documents and Settings\usr\Dane aplikacji\SecuROM
2008-07-02 10:22 --------- d-----w C:\Documents and Settings\usr\Dane aplikacji\Apple Computer
2008-07-02 10:22 --------- d-----w C:\Documents and Settings\Gość\Dane aplikacji\ESET
2008-07-02 10:22 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\nView_Profiles
2008-07-02 10:22 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\Nokia
2008-07-02 10:22 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\Cerience
2008-07-02 10:22 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\AVS4YOU
2008-07-02 10:18 --------- d-----w C:\Program Files\Common Files\LightScribe
2008-07-02 10:17 --------- d-----w C:\Documents and Settings\usr\Dane aplikacji\eMule(2)
2008-06-19 11:58 --------- d-----w C:\Program Files\Aspyr Media, Inc
2008-06-17 17:04 --------- d-----w C:\Program Files\Rockstar Games
2008-06-17 13:51 --------- d-----w C:\Program Files\CCleaner
2008-06-17 11:59 --------- d-----w C:\Program Files\GIMP-2.0
2008-06-16 21:18 --------- d-----w C:\Program Files\Realtek
2008-06-15 10:04 --------- d-----w C:\Program Files\Common Files\InstallShield
2008-06-15 10:04 --------- d-----w C:\Program Files\7-Zip
2008-06-15 10:03 --------- d-----w C:\Documents and Settings\usr\Dane aplikacji\IDM(3)
2008-06-15 09:59 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\CyberLink
2008-06-13 14:25 --------- d-----w C:\Documents and Settings\usr\Dane aplikacji\InstallShield
2008-06-12 11:00 --------- d-----w C:\Program Files\CamStudio
2008-06-12 10:18 --------- d-----w C:\Program Files\Electronic Arts
2008-06-12 10:02 --------- d-----w C:\Program Files\Common Files\DirectX
2008-06-10 17:47 --------- d-----w C:\Program Files\QuickTime
2008-06-09 18:03 --------- d-----w C:\Program Files\CubeDesktop
2008-06-09 18:00 --------- d-----w C:\Documents and Settings\usr\Dane aplikacji\HateML
2008-06-09 17:50 219,648 ----a-w C:\WINDOWS\system32\uxtheme(2).dll
2008-06-09 13:48 --------- d-----w C:\Documents and Settings\usr\Dane aplikacji\Artweaver
2008-06-09 13:33 --------- d-----w C:\Documents and Settings\usr\Dane aplikacji\Thinking Minds Budiling Bytes
2008-06-08 18:47 --------- d-----w C:\Program Files\Empire Interactive
2008-06-08 18:41 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\Apple Computer
2008-06-08 11:39 --------- d-----w C:\Program Files\Team17 Software Ltd
2008-06-08 11:16 --------- d-----w C:\Program Files\Starbreeze Studios
2008-06-07 19:51 --------- d-----w C:\Documents and Settings\usr\Dane aplikacji\GetRightToGo
2008-05-16 12:39 16,862,720 ----a-w C:\WINDOWS\RTHDCPL.exe
2008-05-07 05:38 90,624 ----a-w C:\WINDOWS\system32\nmwcdcls.dll
2008-04-17 07:09 32 ----a-w C:\Documents and Settings\All Users\Dane aplikacji\ezsid.dat
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-10-04 17:14 8491008]
"egui"="C:\Program Files\ESET\ESET Smart Security\egui.exe" [2008-02-20 11:06 1443072]
"nwiz"="nwiz.exe" [2007-10-04 17:14 1626112 C:\WINDOWS\system32\nwiz.exe]
"High Definition Audio Property Page Shortcut"="HDAShCut.exe" [2005-01-07 17:07 61952 C:\WINDOWS\system32\HdAShCut.exe]
"NvMediaCenter"="NvMCTray.dll" [2007-10-04 17:14 81920 C:\WINDOWS\system32\nvmctray.dll]
"Tweak UI"="TWEAKUI.CPL" [2000-06-18 14:03 106544 C:\WINDOWS\system32\TWEAKUI.CPL]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-04 00:44 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"SynchronousMachineGroupPolicy"= 0 (0x0)
"SynchronousUserGroupPolicy"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoStrCmpLogical"= 1 (0x1)
"NoResolveSearch"= 1 (0x1)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoSMBalloonTip"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.X264"= x264vfw.dll

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^Adobe Reader Speed Launch.lnk]
path=C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Adobe Reader Speed Launch.lnk
backup=C:\WINDOWS\pss\Adobe Reader Speed Launch.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^Adobe Reader Synchronizer.lnk]
path=C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Adobe Reader Synchronizer.lnk
backup=C:\WINDOWS\pss\Adobe Reader Synchronizer.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^usr^Menu Start^Programy^Autostart^Y'z Toolbar.lnk]
path=C:\Documents and Settings\usr\Menu Start\Programy\Autostart\Y'z Toolbar.lnk
backup=C:\WINDOWS\pss\Y'z Toolbar.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
--a------ 2008-01-11 22:16 39792 C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
--a------ 2004-08-04 00:44 15360 C:\WINDOWS\system32\ctfmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
--a------ 2007-03-15 20:02 153136 C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2008-03-28 23:37 413696 C:\Program Files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
--a------ 2004-11-02 20:24 32768 C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
--a------ 2008-02-22 04:25 144784 C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Tweak UI]
--a------ 2000-06-18 14:03 106544 C:\WINDOWS\system32\TWEAKUI.CPL

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"Pml Driver HPZ12"=2 (0x2)
"NMIndexingService"=3 (0x3)
"NBService"=3 (0x3)
"gusvc"=3 (0x3)

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UpdatesDisableNotify"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Team17 Software Ltd\\WormsForts\\WF.exe"=
"C:\\Program Files\\BearShare\\BearShare.exe"=
"C:\\Program Files\\NovaLogic\\Delta Force Xtreme\\dfx.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"C:\\WINDOWS\\system32\\mmc.exe"=
"C:\\Program Files\\Quake III Arena\\quake3.exe"=
"C:\\Program Files\\Common Files\\Ahead\\Nero Web\\SetupX.exe"=
"C:\\Program Files\\BitSpirit\\BitSpirit.exe"=
"C:\\Program Files\\EA GAMES\\Need for Speed Most Wanted\\speed.exe"=
"C:\\Program Files\\Gadu-Gadu\\gg.exe"=
"C:\\Program Files\\Activision\\Call of Duty 2\\CoD2MP_s.exe"=
"C:\\Program Files\\Electronic Arts\\Need for Speed Carbon\\NFSC.exe"=
"C:\\Program Files\\Common Files\\Nokia\\Service Layer\\A\\nsl_host_process.exe"=
"C:\\Program Files\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe"=
"C:\\Program Files\\TmNationsForever\\TmForever.exe"=
"C:\\WINDOWS\\system32\\usmt\\migwiz.exe"=
"C:\\Program Files\\Skype\\Phone\\Skype.exe"=
"C:\\Program Files\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"16633:TCP"= 16633:TCP:BitComet 16633 TCP
"16633:UDP"= 16633:UDP:BitComet 16633 UDP

R0 videX32;videX32;C:\WINDOWS\system32\DRIVERS\videX32.sys [2006-10-18 21:22]
R0 xfilt;VIA SATA IDE Hot-plug Driver;C:\WINDOWS\system32\DRIVERS\xfilt.sys [2006-10-19 18:39]
R2 NMSAccessU;NMSAccessU;C:\Program Files\CDBurnerXP\NMSAccessU.exe [2008-03-09 11:20]
S2 NOD32FiXTemDono;Eset Nod32 Boot;C:\WINDOWS\system32\regedt32.exe [2001-10-26 19:30]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;C:\WINDOWS\system32\drivers\nmwcdnsu.sys [2008-02-01 16:17]
S3 nmwcdnsuc;Nokia USB Flashing Generic;C:\WINDOWS\system32\drivers\nmwcdnsuc.sys [2008-02-01 16:17]
S3 PRODIGY;PRODIGY;C:\WINDOWS\system32\Drivers\PRODIGY.SYS [2006-08-29 16:56]

*Newly Created Service* - CATCHME
.
.
------- Supplementary Scan -------
.
FireFox -: Profile - C:\Documents and Settings\usr\Dane aplikacji\Mozilla\Firefox\Profiles\vpjg02i8.default\
FireFox -: prefs.js - SEARCH.DEFAULTURL - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FireFox -: prefs.js - STARTUP.HOMEPAGE - google.pl
FF -: plugin - C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
FF -: plugin - C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll
FF -: plugin - C:\Program Files\Mozilla Firefox\plugins\npOggX.dll

**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-08-03 19:20:36
Windows 5.1.2600 Dodatek Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2008-08-03 19:21:17
ComboFix-quarantined-files.txt 2008-08-03 17:21:12

Pre-Run: 36,446,756,864 bajtów wolnych
Post-Run: 36,488,253,440 bajtów wolnych

253

HijackThis

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:58:19, on 2008-08-03
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\WINDOWS\system32\RunDLL32.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\explorer.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Winamp\winamp.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Tweak UI] RUNDLL32.EXE TWEAKUI.CPL,TweakMeUp
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA LOKALNA')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA SIECIOWA')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Pobierz z &BitSpirit - C:\Program Files\BitSpirit\bsurl.htm
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

--
End of file - 3575 bytes

0

Do góry

#2 ordynat

Zaawansowany użytkownik

804 postów

Napisano 04 08 2008 - 06:17

Oba logi czyste.

ordynat

0

Do góry

#3 Macsch15

Profesjonalista

3 705 postów

Napisano 04 08 2008 - 13:08

to możesz mi powiedzieć dlaczego tak jest ::
http://img56.imageshack.us/my.php?image=beztytuuqw2.jpg
Zawsze miałem urzydkownik "usr"
teraz nic nie ma
I jeszcze znikneły mi strzałeczki od skrótów

0

Do góry

Wróć do Bezpieczeństwo (wirusy i trojany)

Użytkownicy przeglądający ten temat: 1

0 użytkowników, 1 gości, 0 anonimowych

Logi - Profilaktyczna kontrola

#1 Macsch15

#2 ordynat

#3 Macsch15

Użytkownicy przeglądający ten temat: 1

Zaloguj się