Dziwny problem z otwieraniem www

**Posty:** 684 · przez **djarta** 10 Sie 2008, 16:09

Daj log z -----> ComboFix.

**Posty:** 53 · przez **pulhny16** 11 Sie 2008, 10:47

Kod: Zaznacz wszystko: ComboFix 08-08-10.02 - aVaL@NcHe 2008-08-11 10:37:46.3 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1250.1.1045.18.101 [GMT 2:00] Running from: G:\Documents and Settings\aVaL@NcHe\Pulpit\ComboFix.exe * Created a new restore point [color=red][b]WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !![/b][/color] . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . G:\Documents and Settings\aVaL@NcHe\Dane aplikacji\macromedia\Flash Player\#SharedObjects\9G6RWWTC\interclick.com G:\Documents and Settings\aVaL@NcHe\Dane aplikacji\macromedia\Flash Player\#SharedObjects\9G6RWWTC\interclick.com\ud.sol G:\Documents and Settings\aVaL@NcHe\Dane aplikacji\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#interclick.com G:\Documents and Settings\aVaL@NcHe\Dane aplikacji\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#interclick.com\settings.sol G:\WINDOWS\explorer.exe.tmp . ((((((((((((((((((((((((( Files Created from 2008-07-11 to 2008-08-11 ))))))))))))))))))))))))))))))) . 2008-08-09 17:12 . 2008-08-09 17:12 177 --a------ G:\ioSpecial.ini 2008-08-09 14:16 . 2008-08-09 14:16 <DIR> d-------- G:\Program Files\MagicDVDRipper 2008-08-08 20:52 . 2008-08-08 20:52 <DIR> d-------- G:\Program Files\Onet 2008-08-08 20:52 . 2008-08-09 17:40 <DIR> d-------- G:\Program Files\Common Files\Onet.pl 2008-08-08 20:52 . 2008-08-08 20:52 <DIR> d-------- G:\Documents and Settings\aVaL@NcHe\Dane Aplikacji\Kamerzysta 2008-08-08 20:52 . 2008-08-08 20:52 <DIR> d-------- G:\Documents and Settings\aVaL@NcHe\Dane Aplikacji\AutoUpdate 2008-07-21 12:25 . 2008-07-21 12:25 54,156 --ah----- G:\WINDOWS\QTFont.qfn 2008-07-21 12:25 . 2008-07-21 12:25 1,409 --a------ G:\WINDOWS\QTFont.for 2008-07-21 09:31 . 2008-07-21 09:31 125 --a------ G:\WINDOWS\fd3.INI 2008-07-17 22:35 . 2008-07-24 15:25 <DIR> d-------- G:\Documents and Settings\Gosc\Dane aplikacji\WTablet 2008-07-17 19:58 . 2008-07-17 19:58 <DIR> d-------- G:\Documents and Settings\All Users\Dane aplikacji\TEMP 2008-07-17 19:57 . 2008-07-17 19:57 <DIR> d-------- G:\Program Files\Eltima Software 2008-07-16 21:50 . 2008-07-16 21:50 1,223,442 --a------ G:\WINDOWS\LightWave 3D 9.3 Uninstaller.exe 2008-07-16 17:38 . 2008-07-16 17:38 <DIR> d-------- G:\Documents and Settings\aVaL@NcHe\lw9 2008-07-16 17:17 . 2008-07-16 17:17 1,203,129 --a------ G:\WINDOWS\LightWave 3D 9 Uninstaller.exe . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-08-11 08:33 358,578 ----a-w G:\WINDOWS\system32\drivers\fwdrv.err 2008-08-11 08:32 --------- d-----w G:\Documents and Settings\aVaL@NcHe\Dane aplikacji\foobar2000 2008-08-10 15:04 --------- d-----w G:\WINDOWS\system32\config\systemprofile\Dane aplikacji\VMware 2008-08-10 15:04 --------- d-----w G:\Documents and Settings\LocalService\Dane aplikacji\VMware 2008-08-10 15:02 --------- d-----w G:\Documents and Settings\LocalService\Dane aplikacji\WTablet 2008-08-10 15:02 --------- d-----w G:\Documents and Settings\aVaL@NcHe\Dane aplikacji\WTablet 2008-08-10 15:02 --------- d-----w G:\Documents and Settings\All Users\Dane aplikacji\VMware 2008-07-24 14:50 --------- d-----w G:\Program Files\XMoto 2008-07-16 22:28 --------- d-----w G:\Program Files\Recuva 2008-07-14 22:23 --------- d--h--w G:\Program Files\InstallShield Installation Information 2008-06-29 17:02 --------- d-----w G:\Program Files\Parallel Port Joystick 2008-06-25 23:34 107,888 ----a-w G:\WINDOWS\system32\CmdLineExt.dll 2008-06-23 07:52 --------- d-----w G:\Program Files\McFunSoft Video Solution 2008-06-17 14:16 --------- d-----w G:\Documents and Settings\All Users\Dane aplikacji\Aspell 2008-06-16 14:57 --------- d-----w G:\Documents and Settings\aVaL@NcHe\Dane aplikacji\Vso 2008-06-16 14:56 81,920 ----a-w G:\Documents and Settings\aVaL@NcHe\Dane aplikacji\ezpinst.exe 2008-06-16 14:56 47,360 ----a-w G:\WINDOWS\system32\drivers\pcouffin.sys 2008-06-16 14:56 47,360 ----a-w G:\Documents and Settings\aVaL@NcHe\Dane aplikacji\pcouffin.sys 2008-06-15 07:50 --------- d-----w G:\Documents and Settings\aVaL@NcHe\Dane aplikacji\FontCreator 2008-06-14 23:00 --------- d-----w G:\Program Files\High-Logic 2007-01-19 17:21 335 ----a-w G:\Documents and Settings\Mozilla\registry.dat . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "AQQ"="G:\PROGRA~1\WapSter\AQQ\AQQ.exe" [2007-02-28 14:18 2351864] "CTZDetec.exe"="G:\Program Files\Creative\Creative Media Lite\CTZDetec.exe" [2007-12-18 15:20 401408] "PC Suite Tray"="G:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe" [2008-03-28 11:20 1079296] "DAEMON Tools Lite"="G:\Program Files\DAEMON Tools Lite\daemon.exe" [2008-04-01 11:39 486856] "Nokia.PCSync"="G:\Program Files\Nokia\Nokia PC Suite 6\PCSync2.exe" [2008-03-26 18:41 1232896] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IMJPMIG8.1"="G:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" [2004-08-03 22:32 208952] "PHIME2002ASync"="G:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-03 22:32 455168] "PHIME2002A"="G:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-03 22:32 455168] "avast!"="G:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2008-07-19 16:38 78008] "NvCplDaemon"="G:\WINDOWS\system32\NvCpl.dll" [2007-12-05 02:41 8523776] "NvMediaCenter"="G:\WINDOWS\system32\NvMcTray.dll" [2007-12-05 02:41 81920] "Adobe Reader Speed Launcher"="G:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 23:16 39792] "SunJavaUpdateSched"="G:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 05:25 144784] "SoundMan"="SOUNDMAN.EXE" [2006-03-01 10:22 577536 G:\WINDOWS\soundman.exe] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="G:\WINDOWS\system32\CTFMON.EXE" [2004-08-04 00:44 15360] "Nokia.PCSync"="G:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2008-03-26 18:41 1232896] G:\DOCUME~1\ALLUSE~1\MENUST~1\Programy\AUTOST~1\ Adobe Gamma Loader.lnk - G:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2008-03-01 02:30:15 113664] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "msacm.l3fhg"= mp3fhg.acm "msacm.divxa32"= divxa32.acm "VIDC.X264"= x264vfw.dll "VIDC.HFYU"= huffyuv.dll "vidc.i263"= i263_32.drv "VIDC.YV12"= yv12vfw.dll [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] -ra------ 2001-07-09 12:50 155648 G:\WINDOWS\system32\NeroCheck.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] --a------ 2008-01-31 23:13 385024 G:\Program Files\QuickTime\QTTask.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz] --a------ 2007-12-05 02:41 1626112 G:\WINDOWS\system32\nwiz.exe [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "G:\\Program Files\\WapSter\\AQQ\\AQQ.exe"= "G:\\PROGRA~1\\WapSter\\AQQ\\AQQ.exe"= "G:\\Program Files\\Sunbelt Software\\Personal Firewall\\kpf4gui.exe"= "C:\\totalcmd\\TOTALCMD.EXE"= "F:\\Need For Speed Underground\\Speed.exe"= R1 aswSP;avast! Self Protection;G:\WINDOWS\system32\drivers\aswSP.sys [2008-07-19 16:35] R1 fwdrv;Firewall Driver;G:\WINDOWS\system32\drivers\fwdrv.sys [2007-04-26 10:21] R1 khips;Kerio HIPS Driver;G:\WINDOWS\system32\drivers\khips.sys [2007-04-26 10:21] R1 VBoxDrv;VirtualBox Service;G:\WINDOWS\system32\DRIVERS\VBoxDrv.sys [2008-04-30 22:12] R1 VBoxUSBMon;VirtualBox USB Monitor Driver;G:\WINDOWS\system32\DRIVERS\VBoxUSBMon.sys [2008-04-30 22:12] R2 aswFsBlk;aswFsBlk;G:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-07-19 16:37] R2 SPF4;Sunbelt Personal Firewall 4;G:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe [2007-04-26 10:21] R2 TabletServicePen;TabletServicePen;G:\WINDOWS\system32\Pen_Tablet.exe [2008-04-03 07:59] R2 vmserverdWin32;VMware Registration Service;G:\Program Files\VMware\VMware Server\vmserverdWin32.exe [2007-04-12 21:05] R3 PPJoyBus;Parallel Port Joystick Bus device driver;G:\WINDOWS\system32\drivers\PPJoyBus.sys [2004-10-24 08:11] R3 PPortJoystick;Parallel Port Joystick device driver;G:\WINDOWS\system32\drivers\PPortJoy.sys [2004-10-24 08:11] R3 wacommousefilter;Wacom Mouse Filter Driver;G:\WINDOWS\system32\DRIVERS\wacommousefilter.sys [2007-02-16 11:12] R3 wacomvhid;Wacom Virtual Hid Driver;G:\WINDOWS\system32\DRIVERS\wacomvhid.sys [2007-02-16 10:30] R3 WacomVKHid;Virtual Keyboard Driver;G:\WINDOWS\system32\DRIVERS\WacomVKHid.sys [2007-02-15 16:11] S3 USBSTOR;Sterownik magazynu masowego USB;G:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-04 00:08] S3 VBoxUSB;VirtualBox USB;G:\WINDOWS\system32\Drivers\VBoxUSB.sys [2008-04-30 22:12] S3 wacmoumonitor;Wacom Mode Helper;G:\WINDOWS\system32\DRIVERS\wacmoumonitor.sys [2008-03-17 13:14] . Contents of the 'Scheduled Tasks' folder 2008-06-22 G:\WINDOWS\Tasks\[u]0[/u]5-Los Fastidios _ Cuba Libre.job - E:\MP3 konwertowane\Punk Rock\[u]0[/u]5-Los Fastidios _ Cuba Libre.mp3 [2005-03-06 15:11] 2008-06-22 G:\WINDOWS\Tasks\[u]0[/u]6 Fala.job - E:\MP3 konwertowane\Punk Rock\[u]0[/u]6 Fala.mp3 [2005-04-08 22:50] 2008-06-22 G:\WINDOWS\Tasks\14-Thps2 - track41.job - E:\MP3 konwertowane\Punk Rock\14-Thps2 - track41.mp3 [2004-11-22 18:41] 2008-06-22 G:\WINDOWS\Tasks\Genki Rockets - 01 - Star Line.job - G:\Documents and Settings\aVaL@NcHe\Pulpit\Genki Rockets - Star Line - Smile\Genki Rockets - 01 - Star Line.mp3 [] . . ------- Supplementary Scan ------- . FireFox -: Profile - G:\Documents and Settings\aVaL@NcHe\Dane Aplikacji\Mozilla\Firefox\Profiles\4kq3enkl.default\ FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp://www.google.pl/ FF -: plugin - G:\Documents and Settings\aVaL@NcHe\Dane Aplikacji\Mozilla\Firefox\Profiles\4kq3enkl.default\extensions\iaplayer@instantaction.com\plugins\npiaplayer.dll FF -: plugin - G:\Program Files\DivX\DivX Content Uploader\npUpload.dll FF -: plugin - G:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll FF -: plugin - G:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll ************************************************************************** catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-08-11 10:43:38 Windows 5.1.2600 Dodatek Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... HKCU\Software\Microsoft\Windows\CurrentVersion\Run CTZDetec.exe = G:\Program Files\Creative\Creative Media Lite\CTZDetec.exe????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????? scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . Completion time: 2008-08-11 10:45:41 ComboFix-quarantined-files.txt 2008-08-11 08:45:34 Pre-Run: 207,048,704 bajtów wolnych Post-Run: 2,065,346,560 bajtów wolnych 158

**Posty:** 8001 · przez **Okocza** 11 Sie 2008, 11:50

Wykonaj to co jest podane w tym temacie

1. Ściągnij OTMoveIt i go włacz i odpal go z opcji CleanUp

2. wykonaj optymalizację windowsa
3.sciagnij ATF_Cleaner
zaznacz
Windows Temp
All users Temp
Temporary internet files
Recycle Bin
i wcisnij EMPTY SELECTED
4.Wyłącz przywracanie systemu ( właściwości mój komputer-zakładka przywracanie - wyłącz przywracanie na wszystkich dyskach). Po chwili włącz je powrotem
5. Przeskanuj komputer pod względem Trojanów tym programem
6. Wstaw na forum screen z zakładki uruchamianie (start – uruchom – msconfig – uruchamianie) może uda się cos wyrzucic stamtąd.

**Posty:** 53 · przez **pulhny16** 18 Sie 2008, 11:01

Niestety ale nic to nie pomogło.

Czy może mieć to jakiś związek z umiejscowieniem systemu czyli mam akurat na dysku g:

**Posty:** 18165 · przez **wojtas** 18 Sie 2008, 11:45

1,2,3, 8 9 10 12 13 14 te wpisy mozesz odznaczyć

**Posty:** 53 · przez **pulhny16** 16 Wrz 2008, 19:49

i nic ...