http://www.techsupportforum.com/sectools/Deckard/comboscan.exe
Aktualizacje na programosy.pl:
Chromium • Kaspersky Rescue Disk • Vim • Microsoft OneNote • Draco Organizer • UserBenchMark • VDownloader • WebCatalog • SmartFTP
-
- Ogłoszenie:
dziwny komunikat.sprawdzenie loga
24 posty(ów) • Strona 2 z 2 • 1, 2
przez wojtas 05 Kwi 2007, 19:15
http://www.techsupportforum.com/sectools/Deckard/comboscan.exe
-
wojtas - *mod
- Posty: 18165
- Dołączenie: 13 Sty 2006, 16:00
- Miejscowość: Krzeszyce
- Pochwały: 1656
przez Hary2305 05 Kwi 2007, 19:59
ComboScan v20070306.20 run by user on 2007-04-05 at 19:47:21
Computer is in Normal Mode.
--------------------------------------------------------------------------------
-- System Restore --------------------------------------------------------------
Successfully created ComboScan Restore Point.
-- Last 2 Restore Point(s) --
2: 2007-04-05 17:47:23 UTC - RP2 - ComboScan Restore Point
1: 2007-04-05 12:07:14 UTC - RP1 - Punkt kontrolny systemu
Performed disk cleanup.
-- HijackThis (run as user.exe) ------------------------------------------------
Logfile of HijackThis v1.99.1
Scan saved at 19:48:01, on 2007-04-05
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
E:\Programy\Alwil Software\Avast4\aswUpdSv.exe
C:\WINDOWS\Explorer.EXE
E:\Programy\Alwil Software\Avast4\ashServ.exe
C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe
C:\Program Files\Lexmark X1100 Series\lxbkbmon.exe
E:\Programy\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\NEOSTR~1\TaskBarIcon.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\ctfmon.exe
E:\Programy\Alwil Software\Avast4\ashMaiSv.exe
E:\Programy\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\neostrada tp\neostradatp.exe
C:\Program Files\neostrada tp\ComComp.exe
C:\PROGRA~1\NEOSTR~1\Toaster.exe
C:\PROGRA~1\NEOSTR~1\Inactivity.exe
C:\PROGRA~1\NEOSTR~1\PollingModule.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\Program Files\neostrada tp\Watch.exe
C:\Program Files\Programy\Gadu-Gadu\gg.exe
E:\Programy\uTorrent\utorrent.exe
E:\Programy\Teamspeak2_RC2\TeamSpeak.exe
C:\Program Files\Windows Media Player\wmplayer.exe
E:\Programy\firefox.exe
E:\comboscan.exe
E:\user.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.bearshare.com/pl/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = neostrada tp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\NEOSTR~1\SEARCH~1.DLL
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_6_2_0.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: My Global Search Bar BHO - {37B85A21-692B-4205-9CAD-2626E4993404} - C:\Program Files\MyGlobalSearch\bar\1.bin\MGSBAR.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_6_2_0.dll
O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [LGODDFU] "C:\Program Files\lg_fwupdate\fwupdate.exe" blrun
O4 - HKLM\..\Run: [Lexmark X1100 Series] "C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe"
O4 - HKLM\..\Run: [avast!] E:\Programy\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [QuickTime Task] "E:\Programy\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe"
O4 - HKLM\..\Run: [VGAUtil] C:\Program Files\GigaByte\VGA Utility Manager\G-VGA.exe
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\NEOSTR~1\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\NEOSTR~1\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [PowerBar] "C:\Program Files\CyberLink DVD Solution\Multimedia Launcher\PowerBar.exe" /AtBootTime
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:\PROGRA~1\Programy\OFFICE\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Crawl.ws Toolbar - {01E69986-A054-4C52-ABE8-EF63DF1C5211} - (no file)
O9 - Extra 'Tools' menuitem: Crawl.ws Toolbar - {01E69986-A054-4C52-ABE8-EF63DF1C5211} - (no file)
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\Programy\OFFICE\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} (MksSkanerOnline Class) - http://www.mks.com.pl/skaner/SkanerOnline.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{2EE668CD-BA60-49F7-85CE-E5CF3930241A}: NameServer = 194.204.159.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{925716BC-755F-4F56-9987-04BF34066FA1}: NameServer = 194.204.159.1 217.98.63.164
O17 - HKLM\System\CS1\Services\Tcpip\..\{2EE668CD-BA60-49F7-85CE-E5CF3930241A}: NameServer = 194.204.159.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{2EE668CD-BA60-49F7-85CE-E5CF3930241A}: NameServer = 194.204.159.1
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - E:\Programy\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - E:\Programy\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - E:\Programy\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - E:\Programy\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Armed Assault Drivers Auto Removal (pr2agmlb) (pr2agmlb) - Bohemia Interactive - C:\WINDOWS\system32\pr2agmlb.exe
O23 - Service: FrontLine Drivers Auto Removal (v2) (sfrem02) - Protection Technology (StarForce) - C:\WINDOWS\system32\sfrem02.exe
-- File Associations -----------------------------------------------------------
.bat - batfile - "%1" %*
.chm - chm.file - "C:\WINDOWS\hh.exe" %1
.cmd - cmdfile - "%1" %*
.com - comfile - "%1" %*
.exe - exefile - "%1" %*
.hlp - hlpfile - %SystemRoot%\System32\winhlp32.exe %1
.inf - inffile - %SystemRoot%\System32\NOTEPAD.EXE %1
.ini - inifile - %SystemRoot%\System32\NOTEPAD.EXE %1
.js - JSFile - %SystemRoot%\System32\WScript.exe "%1" %*
.lnk - lnkfile - {00021401-0000-0000-C000-000000000046}
.pif - piffile - "%1" %*
.reg - regfile - regedit.exe "%1"
.scr - scrfile - "%1" /S
.txt - txtfile - %SystemRoot%\system32\NOTEPAD.EXE %1
.vbs - VBSFile - %SystemRoot%\System32\WScript.exe "%1" %*
-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------
1R Aavmker4 (avast! Asynchronous Virus Monitor) - C:\WINDOWS\system32\drivers\aavmker4.sys
1R AmdK8 (Sterownik procesora AMD) - C:\WINDOWS\system32\drivers\AmdK8.sys
3S Arp1394 (Protokół klienta 1394 ARP) - C:\WINDOWS\system32\drivers\arp1394.sys
2R aswMon2 (avast! Standard Shield Support) - C:\WINDOWS\system32\drivers\aswmon2.sys
3R aswRdr - C:\WINDOWS\system32\drivers\aswRdr.sys
1R aswTdi (avast! Network Shield Support) - C:\WINDOWS\system32\drivers\aswTdi.sys
2R atksgt - C:\WINDOWS\system32\drivers\atksgt.sys
3S dtscsi - C:\WINDOWS\system32\Drivers\dtscsi.sys (not found)
3R e4usbaw (USB ADSL2 WAN Adapter) - C:\WINDOWS\system32\drivers\e4usbaw.sys
3S gdrv - C:\WINDOWS\gdrv.sys
3S GVCplDrv - C:\WINDOWS\system32\drivers\GVCplDrv.sys
3S hamachi (Hamachi Network Interface) - C:\WINDOWS\system32\drivers\hamachi.sys
3R HDAudBus (Sterownik magistrali Microsoft UAA dla High Definition Audio) - C:\WINDOWS\system32\drivers\Hdaudbus.sys
3S HidUsb (Sterownik Microsoft klasy HID) - C:\WINDOWS\system32\drivers\hidusb.sys
2S IKANLOADER2 (General Purpose USB Driver (e4ldr.sys)) - C:\WINDOWS\system32\drivers\e4ldr.sys
4R InCDfs (InCD File System) - C:\WINDOWS\system32\drivers\InCDfs.sys
1R InCDPass - C:\WINDOWS\system32\drivers\InCDpass.sys
1R incdrm (InCD Reader) - C:\WINDOWS\system32\drivers\InCDrm.sys
3R IntcAzAudAddService (Service for Realtek HD Audio (WDM)) - C:\WINDOWS\system32\drivers\RtkHDAud.Sys
2R lirsgt - C:\WINDOWS\system32\drivers\lirsgt.sys
3S NIC1394 (Sterownik sieci 1394) - C:\WINDOWS\system32\drivers\nic1394.sys
3R nv - C:\WINDOWS\system32\drivers\nv4_mini.sys
0R nvata - C:\WINDOWS\system32\drivers\nvata.sys
3R NVENETFD (NVIDIA nForce Networking Controller Driver) - C:\WINDOWS\system32\drivers\NVENETFD.sys
3R nvnetbus (NVIDIA Network Bus Enumerator) - C:\WINDOWS\system32\drivers\nvnetbus.sys
0R ohci1394 (Kontroler hosta Texas Instruments IEEE 1394 zgodny z OHCI) - C:\WINDOWS\system32\drivers\ohci1394.sys
3S PCAMPR5 (PCAMPR5 NDIS Protocol Driver) - C:\WINDOWS\system32\PCAMPR5.SYS (not found)
3S PCANDIS5 (PCANDIS5 NDIS Protocol Driver) - C:\WINDOWS\system32\PCANDIS5.SYS
0R pe3agmlb (Armed Assault Environment Driver (pe3agmlb)) - C:\WINDOWS\system32\drivers\pe3agmlb.sys
3R pfc (Padus ASPI Shell) - C:\WINDOWS\system32\drivers\pfc.sys
1R PQNTDrv - C:\WINDOWS\system32\drivers\PQNTDRV.sys
1R prodrv06 (StarForce Protection Environment Driver v6) - C:\WINDOWS\system32\drivers\prodrv06.sys
0R prohlp02 (StarForce Protection Helper Driver v2) - C:\WINDOWS\system32\drivers\prohlp02.sys
0R prosync1 (StarForce Protection Synchronization Driver v1) - C:\WINDOWS\system32\drivers\prosync1.sys
0R ps6agmlb (Armed Assault Synchronization Driver (ps6agmlb)) - C:\WINDOWS\system32\drivers\ps6agmlb.sys
0R PxHelp20 - C:\WINDOWS\system32\drivers\PxHelp20.sys
0R sfdrv02 (FrontLine Environment Driver (v2)) - C:\WINDOWS\system32\drivers\sfdrv02.sys
0R sfhlp01 (StarForce Protection Helper Driver) - C:\WINDOWS\system32\drivers\sfhlp01.sys
0R sfsync05 (FrontLine Synchronization Driver (v5)) - C:\WINDOWS\system32\drivers\sfsync05.sys
0R sptd - C:\WINDOWS\system32\drivers\sptd.sys
3R usbehci (Sterownik Miniport rozszerzonego kontrolera hosta USB 2.0 Microsoft) - C:\WINDOWS\system32\drivers\usbehci.sys
3R usbohci (Sterownik Miniport otwartego kontrolera hosta USB Microsoft) - C:\WINDOWS\system32\drivers\usbohci.sys
3R usbprint (Klasa PRINTER USB Microsoft) - C:\WINDOWS\system32\drivers\usbprint.sys
3R usbscan (Sterownik skanera USB) - C:\WINDOWS\system32\drivers\usbscan.sys
3S USBSTOR (Sterownik magazynu masowego USB) - C:\WINDOWS\system32\drivers\USBSTOR.SYS
3S USB_RNDIS (ADI Remote NDIS Network Device Driver) - C:\WINDOWS\system32\drivers\usb8023.sys
3S vaxscsi - C:\WINDOWS\system32\Drivers\vaxscsi.sys (not found)
3S WudfPf (Windows Driver Foundation - User-mode Driver Framework Platform Driver) - C:\WINDOWS\system32\drivers\WudfPf.sys
3S WudfRd (Windows Driver Foundation - User-mode Driver Framework Reflector) - C:\WINDOWS\system32\drivers\WudfRd.sys
-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------
2R aswUpdSv (avast! iAVS4 Control Service) - "E:\Programy\Alwil Software\Avast4\aswUpdSv.exe"
2R avast! Antivirus - "E:\Programy\Alwil Software\Avast4\ashServ.exe"
3R avast! Mail Scanner - "E:\Programy\Alwil Software\Avast4\ashMaiSv.exe" /service
3R avast! Web Scanner - "E:\Programy\Alwil Software\Avast4\ashWebSv.exe" /service
2R FTRTSVC (France Telecom Routing Table Service) - C:\WINDOWS\System32\FTRTSVC.exe
2R InCDsrv (InCD Helper) - C:\Program Files\Ahead\InCD\InCDsrv.exe
2R LexBceS (LexBce Server) - C:\WINDOWS\system32\LEXBCES.EXE
2R LightScribeService (LightScribeService Direct Disc Labeling Service) - "C:\Program Files\Common Files\LightScribe\LSSrvc.exe"
2R NVSvc (NVIDIA Display Driver Service) - C:\WINDOWS\system32\nvsvc32.exe
3S ose (Office Source Engine) -
2S pr2agmlb (Armed Assault Drivers Auto Removal (pr2agmlb)) - C:\WINDOWS\system32\pr2agmlb.exe svc
2S sfrem02 (FrontLine Drivers Auto Removal (v2)) - C:\WINDOWS\system32\sfrem02.exe svc
-- Files created between 2007-03-05 and 2007-04-05 -----------------------------
2007-03-25 10:44:47 251672 --a------ C:\WINDOWS\system32\xactengine2_5.dll<XA3C56~1.DLL>
2007-03-25 10:44:46 68888 --a------ C:\WINDOWS\system32\xinput1_3.dll<XINPUT~4.DLL>
2007-03-25 10:44:46 237848 --a------ C:\WINDOWS\system32\xactengine2_4.dll<XA3856~1.DLL>
2007-03-25 10:44:46 15128 --a------ C:\WINDOWS\system32\x3daudio1_1.dll<X3DAUD~2.DLL>
2007-03-25 10:44:46 3426072 --a------ C:\WINDOWS\system32\d3dx9_32.dll
2007-03-25 10:44:45 2414360 --a------ C:\WINDOWS\system32\d3dx9_31.dll
2007-03-14 19:21:00 0 d-------- C:\Program Files\SkanerOnline<SKANER~1>
-- Find3M Report ---------------------------------------------------------------
2007-04-05 19:47:53 0 d-------- C:\Documents and Settings\user\Dane aplikacji\uTorrent
2007-04-05 14:07:26 0 d-------- C:\Program Files\neostrada tp<NEOSTR~1>
2007-04-05 14:06:50 0 d-------- C:\Program Files\lg_fwupdate<LG_FWU~1>
2007-04-05 13:47:07 0 d-------- C:\Program Files\Crawl.ws Toolbar<CRAWL~1.WST>
2007-04-01 20:52:32 0 d-------- C:\Documents and Settings\user\Dane aplikacji\Hamachi
2007-03-31 18:38:29 0 d---s---- C:\Documents and Settings\user\Dane aplikacji\Microsoft<MICROS~1>
2007-03-28 22:26:47 0 d-------- C:\Program Files\Programy
2007-03-28 22:22:56 0 d-------- C:\Documents and Settings\user\Dane aplikacji\AdobeUM
2007-03-28 22:22:56 0 d-------- C:\Documents and Settings\user\Dane aplikacji\Adobe
2007-03-25 18:19:45 0 d-------- C:\Program Files\Lexmark X1100 Series<LEXMAR~1>
2007-03-25 10:15:04 359046 --a------ C:\WINDOWS\system32\perfh015.dat
2007-03-25 10:15:04 50968 --a------ C:\WINDOWS\system32\perfc015.dat
2007-03-23 16:48:06 0 d--h----- C:\Program Files\InstallShield Installation Information<INSTAL~1>
2007-03-08 17:38:47 579072 --a------ C:\WINDOWS\system32\user32.dll
2007-03-08 17:38:47 40960 --a------ C:\WINDOWS\system32\mf3216.dll
2007-03-08 17:38:47 281600 --a------ C:\WINDOWS\system32\gdi32.dll
2007-03-08 17:37:33 1843840 --a------ C:\WINDOWS\system32\win32k.sys
2007-03-06 17:38:03 409600 --a------ C:\WINDOWS\system32\wrap_oal.dll
2007-03-06 17:38:03 114688 --a------ C:\WINDOWS\system32\OpenAL32.dll
2007-03-04 14:02:35 0 d-------- C:\Documents and Settings\user\Dane aplikacji\DivX
2007-02-28 18:52:08 407168 --a------ C:\WINDOWS\system32\pr2agmlb.exe
2007-02-26 18:13:16 0 d-------- C:\Program Files\Common Files\Adobe
2007-02-25 17:03:01 0 d-------- C:\Program Files\Java
2007-02-24 23:39:31 0 d-------- C:\Program Files\GanymedeNet<GANYME~1>
2007-02-24 23:38:30 0 d-------- C:\Program Files\GinBillard<GINBIL~1>
2007-02-24 23:38:29 0 d-------- C:\Program Files\Common
2007-02-24 23:38:11 3716 --a------ C:\WINDOWS\mozver.dat
2007-02-24 23:38:11 0 d-------- C:\Program Files\Temp
2007-02-24 23:38:11 0 d-------- C:\Program Files\Adv
2007-02-23 19:28:04 98304 --a------ C:\WINDOWS\system32\CmdLineExt.dll<CMDLIN~1.DLL>
2007-02-01 05:56:04 639066 --a------ C:\WINDOWS\system32\divx.dll
2007-01-31 22:27:00 524288 --a------ C:\WINDOWS\system32\divxsm.exe
2007-01-30 06:03:40 3596288 --a------ C:\WINDOWS\system32\qt-dx331.dll
2007-01-30 06:03:26 1044480 --a------ C:\WINDOWS\system32\libdivx.dll
2007-01-30 05:56:56 196608 --a------ C:\WINDOWS\system32\dtu100.dll
2007-01-30 05:56:56 73728 --a------ C:\WINDOWS\system32\dpl100.dll
2007-01-29 10:58:06 60416 -----n--- C:\WINDOWS\system32\tzchange.exe
2007-01-22 13:00:36 719088 --a------ C:\WINDOWS\system32\SkanerOnline.dll<SKANER~1.DLL>
2007-01-19 10:40:42 89088 --a------ C:\WINDOWS\system32\SkanerOnlineUninstall.exe<SKANER~1.EXE>
2007-01-15 19:32:07 689280 --a------ C:\WINDOWS\system32\aswBoot.exe
2007-01-15 19:23:20 90112 --a------ C:\WINDOWS\system32\AVASTSS.scr
2007-01-12 10:27:42 232960 --a------ C:\WINDOWS\system32\webcheck.dll
2007-01-12 10:27:42 51712 -----n--- C:\WINDOWS\system32\msfeedsbs.dll<MSFEED~1.DLL>
2007-01-12 10:27:42 458752 -----n--- C:\WINDOWS\system32\msfeeds.dll
2007-01-12 10:27:42 6054400 -----n--- C:\WINDOWS\system32\ieframe.dll
2007-01-08 20:04:54 105984 --a------ C:\WINDOWS\system32\url.dll
2007-01-08 20:04:08 102400 --a------ C:\WINDOWS\system32\occache.dll
2007-01-08 20:02:04 266752 --a------ C:\WINDOWS\system32\iertutil.dll
2007-01-08 20:02:04 44544 --a------ C:\WINDOWS\system32\iernonce.dll
2007-01-08 20:02:02 384000 --a------ C:\WINDOWS\system32\iedkcs32.dll
2007-01-08 20:02:02 383488 -----n--- C:\WINDOWS\system32\ieapfltr.dll
2007-01-08 20:02:02 161792 --a------ C:\WINDOWS\system32\ieakui.dll
2007-01-08 20:02:02 230400 --a------ C:\WINDOWS\system32\ieaksie.dll
2007-01-08 20:02:02 153088 --a------ C:\WINDOWS\system32\ieakeng.dll
2007-01-08 20:01:14 17408 --a------ C:\WINDOWS\system32\corpol.dll
2007-01-08 20:00:48 124928 --a------ C:\WINDOWS\system32\advpack.dll
2007-01-08 19:08:14 56832 --a------ C:\WINDOWS\system32\ie4uinit.exe
2007-01-08 19:08:10 13824 --a------ C:\WINDOWS\system32\ieudinit.exe
-- Registry Dump ---------------------------------------------------------------
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"CTFMON.EXE"="C:\\WINDOWS\\system32\\ctfmon.exe"
"PowerBar"="\"C:\\Program Files\\CyberLink DVD Solution\\Multimedia Launcher\\PowerBar.exe\" /AtBootTime"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"RTHDCPL"="RTHDCPL.EXE"
"SkyTel"="SkyTel.EXE"
"RemoteControl"="\"C:\\Program Files\\CyberLink DVD Solution\\PowerDVD\\PDVDServ.exe\""
"InCD"="C:\\Program Files\\Ahead\\InCD\\InCD.exe"
"NeroFilterCheck"="C:\\WINDOWS\\system32\\NeroCheck.exe"
"LGODDFU"="\"C:\\Program Files\\lg_fwupdate\\fwupdate.exe\" blrun"
"Lexmark X1100 Series"="\"C:\\Program Files\\Lexmark X1100 Series\\lxbkbmgr.exe\""
"avast!"="E:\\Programy\\ALWILS~1\\Avast4\\ashDisp.exe"
"QuickTime Task"="\"E:\\Programy\\QuickTime\\qttask.exe\" -atboottime"
"SunJavaUpdateSched"="\"C:\\Program Files\\Java\\jre1.5.0_11\\bin\\jusched.exe\""
"VGAUtil"="C:\\Program Files\\GigaByte\\VGA Utility Manager\\G-VGA.exe"
"WOOWATCH"="C:\\PROGRA~1\\NEOSTR~1\\Watch.exe"
"WOOTASKBARICON"="C:\\PROGRA~1\\NEOSTR~1\\GestMaj.exe TaskBarIcon.exe"
"NvCplDaemon"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvCpl.dll,NvStartup"
"nwiz"="nwiz.exe /install"
"NvMediaCenter"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvMcTray.dll,NvTaskbarInit"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL]
"Installed"="1"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI]
"Installed"="1"
"NoChange"="1"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS]
"Installed"="1"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BearFlix]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="bearflix"
"hkey"="HKLM"
"command"="\"E:\\Programy\\BearFlix\\bearflix.exe\" /pause"
"inimapping"="0"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="daemon"
"hkey"="HKLM"
"command"="\"E:\\Programy\\DAEMON Tools\\daemon.exe\" -lang 1033"
"inimapping"="0"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload]
"WPDShServiceObj"="{AAA288BA-9A4C-45B0-95D7-94D524869DB5}"
[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"CTFMON.EXE"="C:\\WINDOWS\\system32\\CTFMON.EXE"
[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\run]
"CTFMON.EXE"="C:\\WINDOWS\\system32\\CTFMON.EXE"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost]
HTTPFilter REG_MULTI_SZ HTTPFilter\0\0
LocalService REG_MULTI_SZ Alerter\0WebClient\0LmHosts\0RemoteRegistry\0upnphost\0SSDPSRV\0\0
NetworkService REG_MULTI_SZ DnsCache\0\0
DcomLaunch REG_MULTI_SZ DcomLaunch\0TermService\0\0
rpcss REG_MULTI_SZ RpcSs\0\0
imgsvc REG_MULTI_SZ StiSvc\0\0
termsvcs REG_MULTI_SZ TermService\0\0
WudfServiceGroup REG_MULTI_SZ WUDFSvc\0\0
[HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5e5d903c-86d6-11db-b04e-0016e65b34eb}]
Shell\AutoRun\command G:\autorun.exe
Shell\install\command G:\autorun.exe
-- End of ComboScan: finished at 2007-04-05 at 19:48:26 ------------------------
przez wojtas 05 Kwi 2007, 20:06
Wyłącz przywracanie systemu ( właściwości mój komputer-zakładka przywracanie - wyłącz przywracanie na wszystkich dyskach)
Start do awaryjnego ( F8 ) przy starcie komputera.
Odpalasz hijackthis i zaznaczasz ptaszkami powyższe wpisy i dajesz Fix checked.
Pogrubione pliki usuwasz ręcznie z dysku
potem nowe logi z Hijack This oraz Silent runners
start>urchom> wpisz msconfig> zakladka uruchamianie> wylacz progsy ktore nie chcesz zeby startowaly z systemem
te mozesz wylaczyc nie kasuj ich czasem w Hijacku:
zaisntaluj:"
http://www.microsoft.com/downloads/details.aspx?displaylang=pl&FamilyID=74ad4188-3131-429c-8fcb-f7b3b0fd3d86#QuickInfoContainer
Autor postu otrzymał pochwałę
Start do awaryjnego ( F8 ) przy starcie komputera.
O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
O2 - BHO: My Global Search Bar BHO - {37B85A21-692B-4205-9CAD-2626E4993404} - C:\Program Files\MyGlobalSearch\bar\1.bin\MGSBAR.DLL
Odpalasz hijackthis i zaznaczasz ptaszkami powyższe wpisy i dajesz Fix checked.
Pogrubione pliki usuwasz ręcznie z dysku
potem nowe logi z Hijack This oraz Silent runners
start>urchom> wpisz msconfig> zakladka uruchamianie> wylacz progsy ktore nie chcesz zeby startowaly z systemem
te mozesz wylaczyc nie kasuj ich czasem w Hijacku:
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [LGODDFU] "C:\Program Files\lg_fwupdate\fwupdate.exe" blrun
O4 - HKLM\..\Run: [QuickTime Task] "E:\Programy\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe"
O4 - HKLM\..\Run: [VGAUtil] C:\Program Files\GigaByte\VGA Utility Manager\G-VGA.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [PowerBar] "C:\Program Files\CyberLink DVD Solution\Multimedia Launcher\PowerBar.exe" /AtBootTime
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
zaisntaluj:"
http://www.microsoft.com/downloads/details.aspx?displaylang=pl&FamilyID=74ad4188-3131-429c-8fcb-f7b3b0fd3d86#QuickInfoContainer
Autor postu otrzymał pochwałę
-
wojtas - *mod
- Posty: 18165
- Dołączenie: 13 Sty 2006, 16:00
- Miejscowość: Krzeszyce
- Pochwały: 1656
-
24 posty(ów) • Strona 2 z 2 • 1, 2
Kto jest na forum
Użytkownicy przeglądający to forum: Brak zarejestrowanych użytkowników oraz 8 gości