- Forum komputerowe
- → Przeglądanie profilu: Posty: MAGx2
Statystyki
- Grupa: Użytkownik
- Całość postów: 12
- Odwiedzin: 623
- Tytuł: Początkujący
- Wiek: Wiek nie został ustalony
- Urodziny: Data urodzin nie została podana
-
Płeć
Nie podano
O mnie
-
GG
244110
-
Tlen
brak
Moje posty
W temacie: Program do "ochrony" przed niepożądaną treścią najmłodszych
02 09 2008 - 19:34
Wielkie dzięki za pomoc
W temacie: Logi - Podejrzenie infekcji
25 08 2008 - 09:51
Wielkie dzięki za pomoc i poświęcenie swojego czasu
W temacie: Logi - Podejrzenie infekcji
24 08 2008 - 16:58
Zrobiłem to co mówiłeś i wrzucam raport.
[b]SDFix: Version 1.219 [/b] Run by Administrator on 2008-08-24 at 16:28 Microsoft Windows XP [Wersja 5.1.2600] Running From: C:\SDFix [b]Checking Services [/b]: Restoring Default Security Values Restoring Default Hosts File Rebooting [b]Checking Files [/b]: No Trojan Files Found Folder C:\Documents and Settings\MAG\Dane aplikacji\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#w*w.redtube.com - Removed Folder C:\Documents and Settings\MAG\Menu Start\Antivirus 2009 - Removed Removing Temp Files [b]ADS Check [/b]: [b]Final Check [/b]: catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-08-24 16:35:20 Windows 5.1.2600 Dodatek Service Pack 2 NTFS scanning hidden processes ... scanning hidden services & system hive ... [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg] "s1"=dword:2df9c43f "s2"=dword:110480d0 "h0"=dword:00000002 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "h0"=dword:00000001 "ujdew"=hex:a2,65,f0,24,ad,45,ec,ca,8c,5c,ed,b3,c0,cc,44,1d,45,ce,0c,d5,a0,.. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000000 "khjeh"=hex:07,04,55,bc,67,6a,04,13,0f,85,59,6c,84,d7,fd,bb,82,c0,56,e1,6c,.. "p0"="C:\Program Files\DAEMON Tools Lite\" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001] "a0"=hex:20,01,00,00,0c,4b,74,96,7c,ce,62,43,64,db,1d,d0,10,0f,4e,b2,02,.. "khjeh"=hex:89,81,0a,27,ba,fd,a5,35,06,9b,7b,e0,d6,c4,16,97,ba,36,f8,e5,a1,.. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40] "khjeh"=hex:5e,57,5f,fc,d4,d0,a5,01,fd,36,51,ee,fd,4a,5a,e4,b2,67,f8,f7,52,.. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41] "khjeh"=hex:7b,d9,17,91,4f,41,77,d0,f3,17,57,44,81,ae,7e,c5,36,cf,23,bf,f3,.. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf42] "khjeh"=hex:da,1a,31,da,0a,77,bf,db,2a,e6,8c,40,14,f8,f7,e8,8a,91,de,8e,03,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "h0"=dword:00000001 "ujdew"=hex:a2,65,f0,24,ad,45,ec,ca,8c,5c,ed,b3,c0,cc,44,1d,45,ce,0c,d5,a0,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000000 "khjeh"=hex:07,04,55,bc,67,6a,04,13,0f,85,59,6c,84,d7,fd,bb,82,c0,56,e1,6c,.. "p0"="C:\Program Files\DAEMON Tools Lite\" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001] "a0"=hex:20,01,00,00,0c,4b,74,96,7c,ce,62,43,64,db,1d,d0,10,0f,4e,b2,02,.. "khjeh"=hex:89,81,0a,27,ba,fd,a5,35,06,9b,7b,e0,d6,c4,16,97,ba,36,f8,e5,a1,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40] "khjeh"=hex:5e,57,5f,fc,d4,d0,a5,01,fd,36,51,ee,fd,4a,5a,e4,b2,67,f8,f7,52,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41] "khjeh"=hex:7b,d9,17,91,4f,41,77,d0,f3,17,57,44,81,ae,7e,c5,36,cf,23,bf,f3,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf42] "khjeh"=hex:da,1a,31,da,0a,77,bf,db,2a,e6,8c,40,14,f8,f7,e8,8a,91,de,8e,03,.. scanning hidden registry entries ... scanning hidden files ... scan completed successfully hidden processes: 0 hidden services: 0 hidden files: 0 [b]Remaining Services [/b]: Authorized Application Key Export: [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe:*:Enabled:hpqtra08.exe" "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe:*:Enabled:hpqste08.exe" "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe:*:Enabled:hpofxm08.exe" "C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe:*:Enabled:hposfx08.exe" "C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe:*:Enabled:hposid01.exe" "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe:*:Enabled:hpqscnvw.exe" "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe:*:Enabled:hpqkygrp.exe" "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe:*:Enabled:hpqcopy.exe" "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe:*:Enabled:hpfccopy.exe" "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe:*:Enabled:hpzwiz01.exe" "C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"="C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe:*:Enabled:hpqphunl.exe" "C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"="C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe:*:Enabled:hpqdia.exe" "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe:*:Enabled:hpoews01.exe" "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe:*:Enabled:hpqnrs08.exe" "C:\\Program Files\\<a href="http://www.download.net.pl/297/uTorrent/">uTorrent</a>\\<a href="http://www.download.net.pl/297/uTorrent/">uTorrent</a>.exe"="C:\\Program Files\\<a href="http://www.download.net.pl/297/uTorrent/">uTorrent</a>\\<a href="http://www.download.net.pl/297/uTorrent/">uTorrent</a>.exe:*:Enabled:<a href="http://www.download.net.pl/297/uTorrent/">uTorrent</a>" "C:\\Program Files\\Konnekt\\konnekt.exe"="C:\\Program Files\\Konnekt\\konnekt.exe:*:Enabled:Konnekt - Core" "D:\\Martin\\Gry\\Soldir\\SoF2MP.exe"="D:\\Martin\\Gry\\Soldir\\SoF2MP.exe:*:Enabled:SoF2MP" "D:\\Martin\\Programy\\p2p\\BearShare\\BearShare.exe"="D:\\Martin\\Programy\\p2p\\BearShare\\BearShare.exe:*:Enabled:BearShare" "D:\\Martin\\Gry\\Tibia\\Boty\\Tibia Tek Bot\\TibiaTekBot.exe"="D:\\Martin\\Gry\\Tibia\\Boty\\Tibia Tek Bot\\TibiaTekBot.exe:*:Enabled:TibiaTek Bot" "D:\\Martin\\Gry\\Little Fighter II\\lf2.exe"="D:\\Martin\\Gry\\Little Fighter II\\lf2.exe:*:Enabled:lf2" "C:\\Program Files\\Hamachi\\hamachi.exe"="C:\\Program Files\\Hamachi\\hamachi.exe:*:Enabled:Hamachi Client" "D:\\Martin\\Gry\\Diablo II\\Diablo II.exe"="D:\\Martin\\Gry\\Diablo II\\Diablo II.exe:*:Enabled:Diablo II" "D:\\Xawery\\gry\\Flat Out\\flatout.exe"="D:\\Xawery\\gry\\Flat Out\\flatout.exe:*:Enabled:flatout" "D:\\Xawery\\gry\\James Bond 007 Nightfire\\Bond.exe"="D:\\Xawery\\gry\\James Bond 007 Nightfire\\Bond.exe:*:Enabled:Bond" "D:\\Martin\\Gry\\Counter Strike\\hl.exe"="D:\\Martin\\Gry\\Counter Strike\\hl.exe:*:Enabled:Half-Life Launcher" "D:\\Xawery\\gry\\Delta Force Xtrema\\dfx.exe"="D:\\Xawery\\gry\\Delta Force Xtrema\\dfx.exe:*:Enabled:dfx" "D:\\Xawery\\gry\\Return to Castle Wolfenstein\\WolfMP.exe"="D:\\Xawery\\gry\\Return to Castle Wolfenstein\\WolfMP.exe:*:Enabled:WolfMP" "C:\\Program Files\\Java\\jdk1.6.0_07\\bin\\java.exe"="C:\\Program Files\\Java\\jdk1.6.0_07\\bin\\java.exe:*:Enabled:Java(TM) Platform SE binary" "C:\\Program Files\\Java\\jdk1.6.0_07\\jre\\bin\\java.exe"="C:\\Program Files\\Java\\jdk1.6.0_07\\jre\\bin\\java.exe:*:Enabled:Java(TM) Platform SE binary" "D:\\Xawery\\gry\\Tzar\\Tzar.exe"="D:\\Xawery\\gry\\Tzar\\Tzar.exe:*:Enabled:Tzar" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" [b]Remaining Files [/b]: [b]Files with Hidden Attributes [/b]: Fri 28 Mar 2008 6,104,632 A..H. --- "C:\Program Files\Picasa2\setup.exe" Tue 18 Mar 2008 4,348 A.SH. --- "C:\Documents and Settings\All Users\DRM\DRMv1.bak" Mon 12 May 2008 24,064 ...H. --- "C:\Documents and Settings\MAG\Moje dokumenty\~WRL0005.tmp" Mon 12 May 2008 24,576 ...H. --- "C:\Documents and Settings\MAG\Moje dokumenty\~WRL2301.tmp" Mon 12 May 2008 25,600 ...H. --- "C:\Documents and Settings\MAG\Moje dokumenty\~WRL3104.tmp" Mon 12 May 2008 24,576 ...H. --- "C:\Documents and Settings\MAG\Moje dokumenty\~WRL3287.tmp" Mon 12 May 2008 25,600 ...H. --- "C:\Documents and Settings\MAG\Moje dokumenty\~WRL3904.tmp" Tue 18 Mar 2008 0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv01.tmp" Wed 7 May 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\05030212059e1b9876d47b8cf2fa5e95\BITD2.tmp" [b]Finished![/b]
W temacie: Logi - Podejrzenie infekcji
24 08 2008 - 16:11
Wielki dzięki za pomoc .
Już usunąłem te rzeczy które wskazałeś i już zasysam SDFix i zaraz wrzucam raport.
Już usunąłem te rzeczy które wskazałeś i już zasysam SDFix i zaraz wrzucam raport.
- Forum Komputerowe Tweaks.pl
- → Przeglądanie profilu: Posty: MAGx2
- Polityka prywatności
- Szukaj
- Regulamin Forum ·