Aktualizacje na programosy.pl: Diagram DesignerNTLite Free PortableNTLite Freen-Track StudioSoftPerfect WiFi GuardVidyard GoVideoK7 UltimateSecurityChromiumKaspersky Rescue Disk  

  • Ogłoszenie:

Wirusy na pendrivie, wolny komputer

Bezpieczeństwo systemów, usuwanie wirusów, dobieranie programów antywirusowych. Obowiązkowe logi w tym dziale: trzy z FRST + Gmer.
Wyślij odpowiedź

Wirusy na pendrivie, wolny komputer

Postprzez mia012 06 Lis 2008, 19:58

reklama
Witam :)

Tym razem to ja mam małe problemy z komputerem. Otóż za każdym razem gdy podłączam pendriva przenosi mi się z mojego komputera na niego wirus. Poza tym komputer zaczął dużo wolniej chodzić i ostatnio (jakies 2 dni temu) usunęłam za pomocą programu Dr.Web wirusa ckvo i ogólnie nie wiem czy ten antywirus naprawił wszystko co powienien.
Więc jak możecie to pomóżcie :)

Log z Combofix nie chce sie wygenerować, tutaj zamieszczam zdjęcie błędu.
Kod: Zaznacz wszystko
www.fotosik.pl/pokaz_obrazek/7ea811bea2ba9c54.html



logi z RSIT:
Kod: Zaznacz wszystko
info.txt logfile of random's system information tool 1.04 2008-11-06 18:18:47

======Uninstall list======

-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
32 Bit HP CIO Components Installer-->MsiExec.exe /I{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}
Adobe Acrobat 5.0-->C:\WINDOWS\ISUNINST.EXE -f"C:\Program Files\Common Files\Adobe\Acrobat 5.0\NT\Uninst.isu" -c"C:\Program Files\Common Files\Adobe\Acrobat 5.0\NT\Uninst.dll"
Adobe Reader 8.1.0 - Polish-->MsiExec.exe /I{AC76BA86-7AD7-1045-7B44-A81000000003}
ALSong-->"C:\Program Files\ESTsoft\ALSong\unins000.exe"
Archiwizator WinRAR-->C:\Program Files\WinRAR\uninstall.exe
AutoCAD 2000i Migration Assistance-->C:\WINDOWS\uninst.exe -f"C:\Program Files\AutoCAD 2000i\migration\DeIsL1.isu"
AutoCAD 2000i-->MsiExec.exe /I{5783F2D7-0001-0409-0000-0060B0CE6BBA}
AutoConnect v0.1.2.5-->C:\Program Files\AutoConnect\uninst.exe
BitSpirit v3.2.1.210 Stable-->"C:\Program Files\BitSpirit\unins000.exe"
COMODO Firewall Pro-->C:\Program Files\COMODO\Firewall\cfpconfg.exe -u
DevalVR for Netscape and compatible browsers-->C:\Program Files\DevalVR\installnpdevalvr.exe /u
EDU CD. Vademecum języka angielskiego-->"C:\Program Files\EDU CD\Vademecum języka angielskiego\unins000.exe"
eMule-->"C:\Program Files\eMule\Uninstall.exe"
ffdshow [rev 1183] [2007-05-19]-->"C:\Program Files\ffdshow\unins000.exe"
Gadu-Gadu 7.7-->C:\Program Files\Gadu-Gadu\Setup.exe
GameDesire-Pool & Snooker-->C:\Program Files\Ganymede\billiards_uninstall.exe
Glary Utilities PRO 2.2.2.67-->"C:\Program Files\Glary Utilities PRO\unins000.exe"
Google Earth-->MsiExec.exe /I{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}
Heroes III Armageddon's Blade-->C:\WINDOWS\UnGins.exe "C:\Program Files\HEROES3\BLADE\install.log"
Heroes III The Restoration of Erathia-->C:\WINDOWS\UnGins.exe "C:\Program Files\HEROES3\Erathia\install.log"
Heroes III The Shadow of Death-->C:\WINDOWS\UnGins.exe "C:\Program Files\HEROES3\Death\install.log"
HijackThis 1.99.1-->C:\Program Files\HijackThis.exe /uninstall
HP Customer cenzura! Program 10.0-->C:\Program Files\HP\Digital Imaging\ExtCapUninstall\hpzscr01.exe -datfile hpqhsc01.dat
HP Deskjet F2200 All-In-One Driver Software 10.0 Rel .3-->C:\Program Files\HP\Digital Imaging\{D77D43B5-ED55-426b-B67B-E21F804F6102}\setup\hpzscr01.exe -datfile hposcr27.dat -onestop
HP Imaging Device Functions 10.0-->C:\Program Files\HP\Digital Imaging\DeviceManagement\hpzscr01.exe -datfile hpqbud01.dat
HP Photosmart Essential 2.5-->C:\Program Files\HP\Digital Imaging\PhotoSmartEssential\hpzscr01.exe -datfile hpqbud13.dat
HP Smart Web Printing-->C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpzscr01.exe -datfile hpqbud15.dat
HP Solution Center 10.0-->C:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat
HP Update-->MsiExec.exe /X{11B83AD3-7A46-4C2E-A568-9505981D4C6F}
IrfanView (remove only)-->C:\Program Files\IrfanView\iv_uninstall.exe
Java(TM) SE Runtime Environment 6 Update 1-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160010}
Kaspersky Internet Security 7.0-->MsiExec.exe /I{C774410D-3EF9-4DE7-AC01-332613163ECF}
Kaspersky Internet Security 7.0-->MsiExec.exe /I{C774410D-3EF9-4DE7-AC01-332613163ECF}
K-Lite Codec Pack 2.65 Full-->"C:\Program Files\K-Lite Codec Pack\unins000.exe"
Microsoft Office 2000 Premium-->MsiExec.exe /I{00000415-78E1-11D2-B60F-006097C998E7}
Mozilla Firefox (2.0.0.17)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
NAPIPROJEKT 1.0.6.0-->"C:\Program Files\NAPI-PROJEKT\unins000.exe"
Neostrada TP-->C:\PROGRA~1\NEOSTR~1\SondageDesinstallation.exe
O&O Defrag Professional Edition-->MsiExec.exe /I{53480330-E1D1-41CA-B8F8-7F78644F7F50}
PhotoFiltre-->"C:\Program Files\PhotoFiltre\Uninst.exe"
QuickTime-->C:\WINDOWS\unvise32qt.exe C:\WINDOWS\system32\QuickTime\Uninstall.log
SAMSUNG Mobile Modem Driver Set-->C:\WINDOWS\system32\Samsung_USB_Drivers\3\SSCDUninstall.exe
Samsung Mobile phone USB driver Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\5\SSSDUninstall.exe
SAMSUNG Mobile USB Modem 1.0 Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\1\SS_Uninstall.exe
SAMSUNG Mobile USB Modem Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\2\SSM_Uninstall.exe
Samsung PC Studio 3 USB Driver Installer-->"C:\Program Files\InstallShield Installation Information\{EBA29752-DDD2-4B62-B2E3-9841F92A3E3A}\setup.exe" -runfromtemp -l0x0015 -removeonly
Samsung PC Studio 3-->"C:\Program Files\InstallShield Installation Information\{C4A4722E-79F9-417C-BD72-8D359A090C97}\setup.exe" -runfromtemp -l0x0015 -removeonly
Shop for HP Supplies-->C:\Program Files\HP\Digital Imaging\HPSSupply\hpzscr01.exe -datfile hpqbud16.dat
SpeedTouch USB Software-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D41FAAA9-8048-4906-86B2-9AADEA1FA0B7}\setup.exe"  /l0009 -Control_Panel
StepMania (remove only)-->"C:\Program Files\StepMania\uninstall.exe"
SubEdit-Player-->"C:\Program Files\SubEdit-Player\unins000.exe"
The Sims-->C:\WINDOWS\UnGins.exe "C:\Program Files\Sims\install.log"
VideoLAN VLC media player 0.8.6c-->C:\Program Files\VideoLAN\VLC\uninstall.exe
VobSub v2.23 (Remove Only)-->"C:\Program Files\Gabest\VobSub\uninstall.exe"
Winamp (remove only)-->"C:\Program Files\Winamp\UninstWA.exe"
Worms World Party-->C:\WINDOWS\IsUn0415.exe -f"C:\Team17\Worms World Party\Uninst.isu"

=====HijackThis Backups=====

O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm (file missing)
O8 - Extra context menu item: Mail to a Friend... - http://client.alexa.com/holiday/script/actions/mailto.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm (file missing)

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%systemroot%\system32;%systemroot%;%systemroot%\system32\wbem;C:\Program Files\Common Files\Autodesk Shared;C:\Program Files\Samsung\Samsung PC Studio 3
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 8 Stepping 6, GenuineIntel
"PROCESSOR_REVISION"=0806
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP

-----------------EOF-----------------



Kod: Zaznacz wszystko
Logfile of random's system information tool 1.04 (written by random/random)
Run by Kasia at 2008-11-06 18:17:07
Microsoft Windows XP Professional Dodatek Service Pack 2
System drive C: has 1 GB (2%) free of 76 GB
Total RAM: 383 MB (22% free)

HijackThis download failed

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2007-11-06 322880]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll [2007-03-14 501400]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2007-11-06 542016]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"QuickTime Task"=C:\WINDOWS\system32\qttask.exe [2007-10-18 28672]
"COMODO Firewall Pro"=C:\Program Files\COMODO\Firewall\cfp.exe [2008-05-31 1655552]
"WooCnxMon"=C:\PROGRA~1\NEOSTR~1\CnxMon.exe [2003-10-16 24576]
"WOOWATCH"=C:\PROGRA~1\NEOSTR~1\Watch.exe [2003-10-16 20480]
"OODefragTray"=C:\WINDOWS\system32\oodtray.exe [2007-05-11 2512392]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2007-05-11 40048]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AVP]
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe [2008-02-08 227856]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-10-14 49152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpqSRMon]
C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe [2007-08-22 80896]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Konnekt]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OODefragTray]
C:\WINDOWS\system32\oodtray.exe [2007-05-11 2512392]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpeedTouch USB Diagnostics]
C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe [2004-01-26 866816]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe [2007-03-14 83608]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Viewbar]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WhenUSearchWHSE]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
C:\Program Files\Winamp\Winampa.exe [2003-04-02 12288]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WooCnxMon]
C:\PROGRA~1\NEOSTR~1\CnxMon.exe [2003-10-16 24576]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WOOTASKBARICON]
C:\PROGRA~1\NEOSTR~1\TaskbarIcon.exe [2003-10-16 53248]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WOOWATCH]
C:\PROGRA~1\NEOSTR~1\Watch.exe [2003-10-16 20480]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^HP Digital Imaging Monitor.lnk]
C:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe [2007-10-14 214360]

C:\Documents and Settings\All Users\Menu Start\Programy\Autostart
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE

C:\Documents and Settings\Kasia\Menu Start\Programy\Autostart
MR Tech Systray.lnk - C:\Program Files\MR Tech Systray\mrsystray.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon]
C:\WINDOWS\system32\klogon.dll [2008-02-08 219664]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSEXESVC]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PSEXESVC]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Gadu-Gadu\gg.exe"="C:\Program Files\Gadu-Gadu\gg.exe:*:Enabled:Gadu-Gadu - program glowny"
"C:\Program Files\BitSpirit\BitSpirit.exe"="C:\Program Files\BitSpirit\BitSpirit.exe:*:Enabled:The powerful and easy-to-use BitTorrent Client"
"C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule"
"C:\Program Files\NAPI-PROJEKT\napisy.exe"="C:\Program Files\NAPI-PROJEKT\napisy.exe:*:Enabled:www.napiprojekt.pl"
"E:\Program Files\Gadu-Gadu\gg.exe"="E:\Program Files\Gadu-Gadu\gg.exe:*:Enabled:Gadu-Gadu - program glowny"
"C:\Real Pool\Real Pool.exe"="C:\Real Pool\Real Pool.exe:*:Disabled:Projector Skeleton"
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

======List of files/folders created in the last 1 months======

2008-11-06 18:17:15 ----D---- C:\Program Files\trend micro
2008-11-06 18:17:07 ----D---- C:\rsit
2008-11-06 18:00:15 ----A---- C:\WINDOWS\PSEXESVC.EXE
2008-11-06 17:59:30 ----D---- C:\WINDOWS\temp
2008-11-06 17:55:08 ----D---- C:\ComboFix
2008-11-06 17:54:57 ----A---- C:\WINDOWS\system32\CF7560.exe
2008-11-02 19:31:53 ----D---- C:\QooBox
2008-11-02 19:28:18 ----D---- C:\Deckard
2008-11-02 18:43:43 ----D---- C:\Documents and Settings\Kasia\Dane aplikacji\HPAppData
2008-10-29 18:04:24 ----D---- C:\Program Files\OO Software
2008-10-28 22:04:34 ----D---- C:\Documents and Settings\Kasia\Dane aplikacji\Google
2008-10-23 17:06:06 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\WEBREG
2008-10-23 17:04:17 ----D---- C:\Documents and Settings\Kasia\Dane aplikacji\HP
2008-10-23 16:59:16 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Hewlett-Packard
2008-10-23 16:58:38 ----RA---- C:\WINDOWS\system32\hpzids01.dll
2008-10-23 16:58:34 ----A---- C:\WINDOWS\system32\hpzll5mu.dll
2008-10-23 16:56:52 ----RA---- C:\WINDOWS\system32\hppldcoi.dll
2008-10-23 16:56:52 ----RA---- C:\WINDOWS\system32\difxapi.dll
2008-10-23 16:56:51 ----RA---- C:\WINDOWS\system32\hpowiax7.dll
2008-10-23 16:56:51 ----RA---- C:\WINDOWS\system32\hpovst15.dll
2008-10-23 16:56:51 ----RA---- C:\WINDOWS\system32\hpotscl6.dll
2008-10-23 16:07:23 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\HP
2008-10-23 16:07:22 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\HP Product Assistant
2008-10-23 16:03:12 ----D---- C:\Program Files\Hewlett-Packard
2008-10-23 16:01:13 ----D---- C:\Program Files\Common Files\Hewlett-Packard
2008-10-23 15:59:36 ----D---- C:\Program Files\Common Files\HP
2008-10-23 15:55:43 ----DC---- C:\WINDOWS\system32\DRVSTORE
2008-10-23 15:54:52 ----D---- C:\Program Files\HP
2008-10-21 17:08:45 ----RSH---- C:\2fiji.com
2008-10-19 20:12:36 ----RSH---- C:\pnt.com
2008-10-14 19:50:53 ----RSH---- C:\ev60a2.cmd
2008-10-14 08:11:01 ----RSH---- C:\68.exe
2008-10-12 18:55:48 ----RSH---- C:\bo1dhu.bat
2008-10-12 18:55:22 ----RSH---- C:\WINDOWS\system32\ckvo1.dll
2008-10-12 18:54:58 ----RSH---- C:\kk3.bat
2008-10-12 10:00:02 ----D---- C:\Documents and Settings\Kasia\Dane aplikacji\Samsung
2008-10-12 09:55:04 ----A---- C:\WINDOWS\system32\framedyn.dll
2008-10-12 09:44:18 ----D---- C:\Program Files\Samsung
2008-10-12 09:33:10 ----D---- C:\WINDOWS\system32\Samsung_USB_Drivers

======List of files/folders modified in the last 1 months======

2008-11-06 18:17:15 ----D---- C:\Program Files
2008-11-06 18:10:05 ----D---- C:\Program Files\Mozilla Firefox
2008-11-06 18:09:59 ----D---- C:\Program Files\AutoConnect
2008-11-06 18:06:02 ----SD---- C:\WINDOWS\Tasks
2008-11-06 18:03:47 ----D---- C:\WINDOWS\system32\CatRoot2
2008-11-06 18:00:43 ----D---- C:\WINDOWS
2008-11-06 18:00:43 ----A---- C:\WINDOWS\system.ini
2008-11-06 18:00:34 ----D---- C:\WINDOWS\system32
2008-11-06 17:36:58 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2008-11-05 22:57:06 ----A---- C:\WINDOWS\SchedLgU.Txt
2008-11-05 21:46:44 ----A---- C:\WINDOWS\winamp.ini
2008-11-05 19:58:03 ----D---- C:\WINDOWS\Prefetch
2008-11-05 14:47:23 ----A---- C:\WINDOWS\bestplayer.ini
2008-11-05 14:11:59 ----D---- C:\Downloads
2008-10-30 19:40:41 ----D---- C:\Program Files\eMule
2008-10-30 15:42:06 ----HD---- C:\Config.Msi
2008-10-29 18:04:53 ----SHD---- C:\WINDOWS\Installer
2008-10-29 18:04:28 ----D---- C:\WINDOWS\system32\drivers
2008-10-28 22:01:32 ----D---- C:\Program Files\Google
2008-10-23 17:13:22 ----SH---- C:\boot.ini
2008-10-23 17:13:22 ----A---- C:\WINDOWS\win.ini
2008-10-23 17:13:15 ----D---- C:\WINDOWS\pss
2008-10-23 16:57:06 ----D---- C:\WINDOWS\twain_32
2008-10-23 16:56:42 ----HD---- C:\WINDOWS\inf
2008-10-23 16:22:53 ----D---- C:\WINDOWS\WinSxS
2008-10-23 16:01:13 ----D---- C:\Program Files\Common Files
2008-10-23 15:54:37 ----RSHDC---- C:\WINDOWS\system32\dllcache
2008-10-21 20:28:30 ----D---- C:\Program Files\Common Files\Adobe
2008-10-21 20:28:18 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Adobe
2008-10-21 20:27:47 ----D---- C:\Program Files\Adobe
2008-10-16 17:56:52 ----D---- C:\WINDOWS\system32\CatRoot
2008-10-12 09:49:33 ----HD---- C:\Program Files\InstallShield Installation Information
2008-10-10 21:15:03 ----D---- C:\Filmy

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 cmdGuard;COMODO Firewall Pro Sandbox Driver; C:\WINDOWS\System32\DRIVERS\cmdguard.sys [2008-05-31 87056]
R1 cmdHlp;COMODO Firewall Pro Helper Driver; C:\WINDOWS\System32\DRIVERS\cmdhlp.sys [2008-05-31 24208]
R1 klif;Klif; \??\C:\WINDOWS\system32\drivers\klif.sys []
R1 P3;Sterownik procesora Intel PentiumIII; C:\WINDOWS\system32\DRIVERS\p3.sys [2004-08-04 46592]
R1 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2006-07-24 5632]
R3 alcan5wn;SpeedTouch USB ADSL PPP Networking Driver (NDISWAN); C:\WINDOWS\system32\DRIVERS\alcan5wn.sys [2003-12-08 53600]
R3 alcaudsl;SpeedTouch ADSL Modem ATM Transport; C:\WINDOWS\system32\DRIVERS\alcaudsl.sys [2003-12-08 70688]
R3 es1371;Creative AudioPCI (ES1371,ES1373) (WDM); C:\WINDOWS\system32\drivers\es1371mp.sys [2001-08-17 40704]
R3 klim5;Kaspersky Anti-Virus NDIS Filter; C:\WINDOWS\system32\DRIVERS\klim5.sys [2007-12-13 24592]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2004-08-03 1897408]
R3 rtl8139;Sterownik NT karty Realtek RTL8139(A/B/C)-based PCI Fast Ethernet; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-03 20992]
R3 usbhub;Koncentrator z obsługą USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-04 57600]
R3 usbuhci;Sterownik Miniport uniwersalnego kontrolera hosta USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-04 20480]
S3 at0m09hw;at0m09hw; C:\WINDOWS\system32\drivers\at0m09hw.sys []
S3 AVPsys;AVPsys; \??\C:\WINDOWS\system32\drivers\cdaudio.sys []
S3 gmer;gmer; C:\WINDOWS\System32\DRIVERS\gmer.sys [2007-08-22 70001]
S3 HidUsb;Sterownik Microsoft klasy HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2007-10-30 49920]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2007-10-30 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2007-10-30 21568]
S3 ss_bus;SAMSUNG Mobile USB Device 1.0 driver (WDM); C:\WINDOWS\system32\DRIVERS\ss_bus.sys [2007-05-02 83592]
S3 ss_mdfl;SAMSUNG Mobile USB Modem 1.0 Filter; C:\WINDOWS\system32\DRIVERS\ss_mdfl.sys [2007-05-02 15112]
S3 ss_mdm;SAMSUNG Mobile USB Modem 1.0 Drivers; C:\WINDOWS\system32\DRIVERS\ss_mdm.sys [2007-05-02 109704]
S3 usbccgp;Rodzajowy sterownik nadrzędny USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
S3 usbprint;Klasa PRINTER USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 usbscan;Sterownik skanera USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 USBSTOR;Sterownik magazynu masowego USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 cmdAgent;COMODO Firewall Pro Helper Service; C:\Program Files\COMODO\Firewall\cmdagent.exe [2008-05-31 519936]
R2 hpqddsvc;Usługa HP CUE DeviceDiscovery; C:\WINDOWS\system32\svchost.exe [2004-08-04 14336]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2004-08-04 14336]
R2 O&O Defrag;O&O Defrag; C:\WINDOWS\system32\oodag.exe [2007-05-11 1050120]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2004-08-04 14336]
R3 hpqcxs08;hpqcxs08; C:\WINDOWS\system32\svchost.exe [2004-08-04 14336]
S2 AVP;Kaspersky Internet Security 7.0; C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe [2008-02-08 227856]

-----------------EOF-----------------



log z HJ
Kod: Zaznacz wszystko
Logfile of HijackThis v1.99.1
Scan saved at 17:53, on 2008-11-06
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\COMODO\Firewall\cmdagent.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\oodag.exe
C:\WINDOWS\system32\qttask.exe
C:\Program Files\COMODO\Firewall\cfp.exe
C:\PROGRA~1\NEOSTR~1\CnxMon.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Kasia.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\NEOSTR~1\SEARCH~1.DLL
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O4 - HKLM\..\Run: [QuickTime Task] C:\WINDOWS\system32\qttask.exe
O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\COMODO\Firewall\cfp.exe" -h
O4 - HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\NEOSTR~1\CnxMon.exe
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\NEOSTR~1\Watch.exe
O4 - HKLM\..\Run: [OODefragTray] C:\WINDOWS\system32\oodtray.exe
O4 - Startup: MR Tech Systray.lnk = C:\Program Files\MR Tech Systray\mrsystray.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: Pobierz z &BitSpirit - C:\Program Files\BitSpirit\bsurl.htm
O9 - Extra button: Zaznaczanie HP Smart - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} - http://www.mks.com.pl/skaner/SkanerOnline.cab
O16 - DPF: {737D14F8-4090-11D4-AE0E-0010830243BD} (SysVerChk Control) - http://pointa.autodesk.com/portal/lang/neutral/SysVerChk.ocx
O16 - DPF: {78AF2F24-A9C3-11D3-BF8C-0060B0FCC122} (AcDcToday Control) - file://C:\Program Files\AutoCAD 2000i\AcDcToday.ocx
O16 - DPF: {C6637286-300D-11D4-AE0A-0010830243BD} (InstaFred) - http://pointa.autodesk.com/portal/lang/enu/InstFred.Ocx
O16 - DPF: {F281A59C-7B65-11D3-8617-0010830243BD} (AcPreview Control) - file://C:\Program Files\AutoCAD 2000i\AcPreview.ocx
O20 - Winlogon Notify: klogon - C:\WINDOWS\system32\klogon.dll
O23 - Service: Kaspersky Internet Security 7.0 (AVP) - Unknown owner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe" -r (file missing)
O23 - Service: COMODO Firewall Pro Helper Service (cmdAgent) - Unknown owner - C:\Program Files\COMODO\Firewall\cmdagent.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe
Trzeźwieją z marzeń o krok od spełnienia. O krok od celu własny cień ich płoszy.
Awatar użytkownika
mia012
~user
 
Posty: 113
Dołączenie: 02 Lip 2005, 11:10
Miejscowość: Warszawa
Pochwały: 5


Góra
Wyślij odpowiedź

Powróć do Bezpieczeństwo

Kto jest na forum

Użytkownicy przeglądający to forum: Brak zarejestrowanych użytkowników oraz 34 gości

Powered by phpBB © Group
Forum Programosy.pl