Czym jest te 'res://ieframe.dll/dnserror.htm' i jak to usunąć tak, żeby internet zaczął działać poprawnie?
Aktualizacje na programosy.pl:
FontViewOK • REAPER • Visual Studio Code • Brave Browser • Switch Sound File Converter • OCCT • AIDA64 Extreme Edition • Camtasia Studio • GPU-Z
-
- Ogłoszenie:
błąd? trojan?
26 posty(ów) • Strona 1 z 2 • 1, 2
błąd? trojan?
przez Paulaa 10 Lip 2008, 14:17
Czym jest te 'res://ieframe.dll/dnserror.htm' i jak to usunąć tak, żeby internet zaczął działać poprawnie?
przez pieszczoch 10 Lip 2008, 14:23
spróbuj zainstalować firefoxa albo operę i zobacz co i jak może spróbuj z jakąś inną stroną nie z onetem ale to w sumie dziwne. Przeskanuj kompa czy są trojany.
- pieszczoch
- ~user
- Posty: 111
- Dołączenie: 18 Kwi 2006, 15:34
- Miejscowość: Kędzierzyn-Koźle
- Pochwały: 1
przez Magik 10 Lip 2008, 14:25
wkle log z combofix'a i HJT
http://forum.programosy.pl/jak-generujemy-logi-z-combofixa-oraz-dssa-vt95026.html
http://forum.programosy.pl/hijackthis-amp-silent-runners-gtobsuga-i-umieszczanie-vt9452.html
http://forum.programosy.pl/jak-generujemy-logi-z-combofixa-oraz-dssa-vt95026.html
http://forum.programosy.pl/hijackthis-amp-silent-runners-gtobsuga-i-umieszczanie-vt9452.html
-
Magik - ~user
- Posty: 7956
- Dołączenie: 08 Maj 2004, 09:17
- Miejscowość: Głogów
- Pochwały: 886
-
przez Paulaa 10 Lip 2008, 15:11
Combofix
HJT
- Kod: Zaznacz wszystko
ComboFix 08-07-09.5 - paulina 2008-07-10 14:37:09.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1250.1.1045.18.229 [GMT 2:00]
Running from: C:\Documents and Settings\paulina\Pulpit\ComboFix.exe
[color=red][b]WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !![/b][/color]
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Documents and Settings\All Users\Menu Start\Programy\ADSTechnology
C:\Documents and Settings\All Users\Menu Start\Programy\ADSTechnology\ADSTechnology.lnk
C:\Documents and Settings\All Users\Menu Start\Programy\ADSTechnology\Uninstall.lnk
C:\Documents and Settings\paulina\Dane aplikacji\.#
C:\Documents and Settings\paulina\Dane aplikacji\inst.exe
C:\Documents and Settings\paulina\Dane aplikacji\ShoppingReport
C:\Documents and Settings\paulina\Dane aplikacji\ShoppingReport\cs\Config.xml
C:\Documents and Settings\paulina\Dane aplikacji\ShoppingReport\cs\db\Aliases.dbs
C:\Documents and Settings\paulina\Dane aplikacji\ShoppingReport\cs\db\Sites.dbs
C:\Documents and Settings\paulina\Dane aplikacji\ShoppingReport\cs\dwld\WhiteList.xip
C:\Documents and Settings\paulina\Dane aplikacji\ShoppingReport\cs\report\aggr_storage.xml
C:\Documents and Settings\paulina\Dane aplikacji\ShoppingReport\cs\report\send_storage.xml
C:\Documents and Settings\paulina\Dane aplikacji\ShoppingReport\cs\res2\WhiteList.dbs
C:\Documents and Settings\paulina\Ulubione\Online Security Test.url
C:\Documents and Settings\paulina\Ustawienia lokalne\Temporary Internet Files\AlxRes_dll_IMAGE_bg_popup.gif
C:\Documents and Settings\paulina\Ustawienia lokalne\Temporary Internet Files\AlxRes_dll_IMAGE_window_sliver.gif
C:\WINDOWS\system32\_005162_.tmp.dll
C:\WINDOWS\system32\_005163_.tmp.dll
C:\WINDOWS\system32\_005164_.tmp.dll
C:\WINDOWS\system32\_005165_.tmp.dll
C:\WINDOWS\system32\_005172_.tmp.dll
C:\WINDOWS\system32\_005173_.tmp.dll
C:\WINDOWS\system32\_005174_.tmp.dll
C:\WINDOWS\system32\_005175_.tmp.dll
C:\WINDOWS\system32\_005177_.tmp.dll
C:\WINDOWS\system32\_005178_.tmp.dll
C:\WINDOWS\system32\_005181_.tmp.dll
C:\WINDOWS\system32\_005182_.tmp.dll
C:\WINDOWS\system32\_005184_.tmp.dll
C:\WINDOWS\system32\_005185_.tmp.dll
C:\WINDOWS\system32\_005186_.tmp.dll
C:\WINDOWS\system32\_005188_.tmp.dll
C:\WINDOWS\system32\_005191_.tmp.dll
C:\WINDOWS\system32\_005192_.tmp.dll
C:\WINDOWS\system32\_005193_.tmp.dll
C:\WINDOWS\system32\_005196_.tmp.dll
C:\WINDOWS\system32\_005197_.tmp.dll
C:\WINDOWS\system32\_005199_.tmp.dll
C:\WINDOWS\system32\_005202_.tmp.dll
C:\WINDOWS\system32\_005204_.tmp.dll
C:\WINDOWS\system32\_005205_.tmp.dll
C:\WINDOWS\system32\_005206_.tmp.dll
C:\WINDOWS\system32\_005207_.tmp.dll
C:\WINDOWS\system32\_005208_.tmp.dll
C:\WINDOWS\system32\_005211_.tmp.dll
C:\WINDOWS\system32\_005212_.tmp.dll
C:\WINDOWS\system32\_005213_.tmp.dll
C:\WINDOWS\system32\_005214_.tmp.dll
C:\WINDOWS\system32\_005215_.tmp.dll
C:\WINDOWS\system32\_005220_.tmp.dll
C:\WINDOWS\system32\_005222_.tmp.dll
.
---- Previous Run -------
.
C:\Program Files\myglobalsearch
C:\Program Files\myglobalsearch\bar\1.bin\M9FFXTBR.JAR
C:\Program Files\myglobalsearch\bar\1.bin\M9FFXTBR.MANIFEST
C:\Program Files\myglobalsearch\bar\1.bin\M9NTSTBR.JAR
C:\Program Files\myglobalsearch\bar\1.bin\M9NTSTBR.MANIFEST
C:\Program Files\myglobalsearch\bar\1.bin\M9PLUGIN.DLL
C:\Program Files\myglobalsearch\bar\1.bin\MGSBAR.DLL
C:\Program Files\myglobalsearch\bar\1.bin\NPMYGLSH.DLL
C:\Program Files\myglobalsearch\bar\Cache\0002D7A9.bin
C:\Program Files\myglobalsearch\bar\Cache\00056E51.bin
C:\Program Files\myglobalsearch\bar\Cache\0009A685.bin
C:\Program Files\myglobalsearch\bar\Cache\0035B2B4
C:\Program Files\myglobalsearch\bar\Cache\0057B05D.bin
C:\Program Files\myglobalsearch\bar\Cache\0070A92F.bin
C:\Program Files\myglobalsearch\bar\Cache\0130D673.bin
C:\Program Files\myglobalsearch\bar\Cache\04AD72A1.bin
C:\Program Files\myglobalsearch\bar\Cache\07DF1469.bin
C:\Program Files\myglobalsearch\bar\Cache\files.ini
C:\Program Files\myglobalsearch\bar\History\search
C:\Program Files\myglobalsearch\bar\Settings\prevcfg.htm
C:\update.exe
C:\WINDOWS\adaway.lic
.
((((((((((((((((((((((((( Files Created from 2008-06-10 to 2008-07-10 )))))))))))))))))))))))))))))))
.
2008-07-10 10:18 . 2008-07-10 10:18 <DIR> d-------- C:\Documents and Settings\paulina\Dane aplikacji\Lavasoft
2008-07-10 10:17 . 2008-07-10 10:17 <DIR> d-------- C:\Program Files\Lavasoft
2008-07-10 10:03 . 2008-07-10 10:07 <DIR> d-------- C:\Program Files\Adware Away
2008-07-09 21:57 . 2008-07-09 21:57 <DIR> d-------- C:\Program Files\Opera
2008-07-04 09:27 . 2008-07-04 09:28 <DIR> d-------- C:\Program Files\Common Files\Adobe
2008-07-01 17:31 . 2008-07-01 17:31 <DIR> d-------- C:\AllokVideoFolder
2008-07-01 17:30 . 2008-07-01 17:30 2,368 --a------ C:\WINDOWS\system32\SVKP.sys
2008-07-01 14:08 . 2008-07-01 14:08 <DIR> d-------- C:\Program Files\WinAVI Video Converter
2008-06-22 19:44 . 2008-06-22 19:44 <DIR> d-------- C:\Program Files\SystemRequirementsLab
2008-06-22 10:05 . 2008-06-22 10:05 <DIR> d-------- C:\Documents and Settings\paulina\Dane aplikacji\Thinstall
2008-06-20 19:42 . 2008-06-20 19:42 246,784 -----c--- C:\WINDOWS\system32\dllcache\mswsock.dll
2008-06-20 19:42 . 2008-06-20 19:42 148,992 -----c--- C:\WINDOWS\system32\dllcache\dnsapi.dll
2008-06-20 12:45 . 2008-06-20 12:45 360,320 -----c--- C:\WINDOWS\system32\dllcache\tcpip.sys
2008-06-20 12:44 . 2008-06-20 12:44 138,368 -----c--- C:\WINDOWS\system32\dllcache\afd.sys
2008-06-20 11:52 . 2008-06-20 11:52 225,920 -----c--- C:\WINDOWS\system32\dllcache\tcpip6.sys
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-07-10 13:03 --------- d-----w C:\Documents and Settings\paulina\Dane aplikacji\Skype
2008-07-10 12:08 --------- d-----w C:\Documents and Settings\paulina\Dane aplikacji\MegauploadToolbar
2008-07-10 10:16 --------- d-----w C:\Program Files\eMule
2008-07-09 19:10 --------- d-----w C:\Program Files\Volleyball Manager 2008
2008-07-09 19:10 --------- d-----w C:\Program Files\Sony Ericsson
2008-07-06 12:57 --------- d-----w C:\Documents and Settings\paulina\Dane aplikacji\PowerChallenge
2008-07-02 16:44 --------- d-----w C:\Program Files\Kliper
2008-06-22 12:48 --------- d-----w C:\Program Files\Belt Generator
2008-06-22 11:15 --------- d--h--w C:\Program Files\Give4Free Plugin
2008-05-27 11:47 --------- d-----w C:\Documents and Settings\paulina\Dane aplikacji\GetRightToGo
2008-05-21 16:28 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-05-21 16:27 161 ----a-w C:\Delme.bat
2008-05-21 11:50 56,320 -c--a-w C:\WINDOWS\ginstall.dll
2008-05-21 11:29 --------- d-----w C:\Documents and Settings\paulina\Dane aplikacji\PlayFirst
2008-05-18 15:13 --------- d-----w C:\Program Files\directx
2008-05-18 11:22 --------- d-----w C:\Program Files\XeroBank
2008-05-17 11:25 --------- d-----w C:\Program Files\CGArchive.com
2008-05-16 17:20 --------- d-----w C:\Program Files\CDBurnerXP
2008-05-16 17:20 --------- d-----w C:\Documents and Settings\paulina\Dane aplikacji\CDBurnerXP_Soft
2008-05-16 15:20 --------- d-----w C:\Program Files\Folder Lock
2008-05-16 15:19 --------- d-----w C:\Program Files\toolbartv
2008-05-16 15:08 --------- d-----w C:\Program Files\Common Files\Ulead Systems
2008-05-16 15:02 --------- d-----w C:\Documents and Settings\paulina\Dane aplikacji\ppstream
2008-05-16 15:01 --------- d-----w C:\Program Files\MyPhoneExplorer
2008-04-14 20:51 70,144 ----a-w C:\WINDOWS\notepad.exe
2008-04-14 20:51 32,866 ------w C:\WINDOWS\slrundll.exe
2008-04-14 20:51 285,696 ----a-w C:\WINDOWS\winhlp32.exe
2008-04-14 20:51 149,504 ----a-w C:\WINDOWS\regedit.exe
2008-04-14 20:51 10,752 ----a-w C:\WINDOWS\hh.exe
2008-04-14 20:51 1,035,264 ----a-w C:\WINDOWS\SET425.tmp
2008-04-14 20:50 50,688 ----a-w C:\WINDOWS\twain_32.dll
2008-04-01 18:58 47,360 ----a-w C:\Documents and Settings\paulina\Dane aplikacji\pcouffin.sys
HJT
- Kod: Zaznacz wszystko
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:09, on 2008-07-10
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.20696)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\WINDOWS\system32\UAService7.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Winamp\winampa.exe
C:\WINDOWS\system32\wgp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\svchost.exe
C:\Documents and Settings\paulina\Ustawienia lokalne\Dane aplikacji\Google\Update\1.1.25.0\GoogleUpdate.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Gadu-Gadu\gg.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files\Java\jre1.6.0_03\bin\jucheck.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 192.168.100.11:8080
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 2BA1056B1A10559F
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
R3 - URLSearchHook: (no name) - <default> - (no file)
R3 - URLSearchHook: Multi Media Toolbar - {b5146c40-189a-4311-bda9-fbae3e023187} - C:\Program Files\Multi_Media\tbMul0.dll
R3 - URLSearchHook: Share_Accelerator_MM Toolbar - {4596013b-6c31-408b-a266-deae5c086dc2} - C:\Program Files\Share_Accelerator_MM\tbSha1.dll (file missing)
R3 - URLSearchHook: toolbartv Toolbar - {7762a897-2a75-4e3f-a3a7-55bd098b9879} - C:\Program Files\toolbartv\tbtool.dll
R3 - URLSearchHook: Absolutist Games Toolbar - {631ac2d4-57b3-42b0-a148-da33b462c1a3} - C:\Program Files\Absolutist_Games\tbAbs1.dll (file missing)
R3 - URLSearchHook: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfree.dll
O2 - BHO: MyWay Search Assistant BHO - {04079851-5845-4dea-848C-3ECD647AA554} - C:\Program Files\MyWay\SrchAstt\1.bin\MYSRCHAS.DLL (file missing)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: My Global Search Bar BHO - {37B85A21-692B-4205-9CAD-2626E4993404} - C:\Program Files\MyGlobalSearch\bar\1.bin\MGSBAR.DLL (file missing)
O2 - BHO: Share_Accelerator_MM Toolbar - {4596013b-6c31-408b-a266-deae5c086dc2} - C:\Program Files\Share_Accelerator_MM\tbSha1.dll (file missing)
O2 - BHO: MEGAUPLOADTOOLBAR - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: toolbartv Toolbar - {7762a897-2a75-4e3f-a3a7-55bd098b9879} - C:\Program Files\toolbartv\tbtool.dll
O2 - BHO: Multi Media Toolbar - {b5146c40-189a-4311-bda9-fbae3e023187} - C:\Program Files\Multi_Media\tbMul0.dll
O2 - BHO: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfree.dll
O3 - Toolbar: Multi Media Toolbar - {b5146c40-189a-4311-bda9-fbae3e023187} - C:\Program Files\Multi_Media\tbMul0.dll
O3 - Toolbar: My Global Search Bar - {37B85A29-692B-4205-9CAD-2626E4993404} - C:\Program Files\MyGlobalSearch\bar\1.bin\MGSBAR.DLL (file missing)
O3 - Toolbar: Share_Accelerator_MM Toolbar - {4596013b-6c31-408b-a266-deae5c086dc2} - C:\Program Files\Share_Accelerator_MM\tbSha1.dll (file missing)
O3 - Toolbar: toolbartv Toolbar - {7762a897-2a75-4e3f-a3a7-55bd098b9879} - C:\Program Files\toolbartv\tbtool.dll
O3 - Toolbar: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfree.dll
O3 - Toolbar: MEGAUPLOADTOOLBAR - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [Media Gateway] C:\Program Files\Media Gateway\MediaGateway.exe
O4 - HKLM\..\Run: [CafeNews] C:\Program Files\CafeNews\CN.exe /autostart
O4 - HKLM\..\Run: [Onet.pl AutoUpdate] "C:\Program Files\Common Files\Onet.pl\NewAutoUpdate.exe" /updateexetsr
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [WinGuard Pro] C:\WINDOWS\system32\wgp.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKCU\..\Run: [AQQ] C:\PROGRA~1\Wapster\AQQ\AQQ.exe
O4 - HKCU\..\Run: [VS Online] "C:\Program Files\VS Online\VSOnline.exe" /tray
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized
O4 - HKCU\..\Run: [Klik Online] "C:\Program Files\Klik Online\KlikOnline.exe" /tray
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\paulina\Ustawienia lokalne\Dane aplikacji\Google\Update\1.1.25.0\GoogleUpdate.exe" /lang en
O4 - HKCU\..\Run: [GoD] "C:\Program Files\GoD\GoD.exe" /tray
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA LOKALNA')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA SIECIOWA')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Add to AMV Convert Tool... - C:\Program Files\MP3 Player Utilities 3.74\AMVConverter\grab.html
O8 - Extra context menu item: Add to AMV Converter... - C:\Program Files\MP3 Player Utilities 4.04\AMVConverter\grab.html
O8 - Extra context menu item: AMV convert tool grab multimedia file - C:\Program Files\MP3 Player Utilities 5.02\AMVConverter\grab.html
O8 - Extra context menu item: Download with &FileFactory Turbo - C:\Program Files\FileFactory Turbo\Plugins\IE\FileFactoryIE.html
O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: MediaManager tool grab multimedia file - C:\Program Files\MP3 Player Utilities 4.04\MediaManager\grab.html
O8 - Extra context menu item: Web Rebates. - file://C:\Program Files\WebRebates4\websrebates\webtrebates\toprC0.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Wyslij SMS'a - {215940F1-E7E0-4801-BEE3-44D045534106} - C:\Program Files\Common Files\moje.js (file missing)
O9 - Extra button: Net2Phone - {4B30061A-5B39-11D3-80F8-0090276F843F} - C:\Program Files\Net2Phone\Net2fone.exe (file missing)
O9 - Extra 'Tools' menuitem: Net2Phone - {4B30061A-5B39-11D3-80F8-0090276F843F} - C:\Program Files\Net2Phone\Net2fone.exe (file missing)
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://static.windupdates.com/cab_adult/WebsiteAccess/ie/Bridge-c139.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {1A781DED-C22D-4153-3213-A3211E29DF13} (GameDesire Card Games) - http://67.15.101.33/g_bin/pl/cards_2_0_0_77.cab
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.srtest.com/srl_bin/sysreqlab3.cab
O16 - DPF: {41ACD49D-1974-791A-0981-AA9872721044} (Ganymede Board Games) - http://67.15.101.33/g_bin/pl/boards_2_0_0_35.cab
O16 - DPF: {4B4513E2-4E57-43DF-9496-FCD37E9DFA64} (GameDesire Sea Battle) - http://67.15.101.33/g_bin/pl/navy_2_0_0_29.cab
O16 - DPF: {4BFD075D-C36E-4F28-BB0A-5D472795197A} (PowerLoader Class) - http://powerchallenge.com/applet/PowerLoader.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1128674817234
O16 - DPF: {85D1F3B2-2A21-11D7-97B9-0010DC2A6243} - http://secure2.comned.com/signuptemplates/securelogin-devel.cab
O16 - DPF: {A1FE3DEF-CF77-11D4-8340-0080C8D7ED4A} (GameDesire Pinball Pirate) - http://67.15.101.3/g_bin/pl/pirate_2_0_0_29.cab
O16 - DPF: {FDDBE2B8-6602-4AD8-946D-94C5A32FA6C6} - http://67.15.101.3/g_bin/pl/billard8UK_2_0_0_24.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (file missing)
O18 - Protocol: wpmsg - {2E0AC5A0-3597-11D6-B3ED-0001021DC1C3} - C:\Program Files\Spik\url_wpmsg.dll
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Boonty Games - Unknown owner - C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe (file missing)
O23 - Service: Capture Device Service - InterVideo Inc. - C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Unknown owner - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Sony DADC Austria AG. - C:\WINDOWS\system32\UAService7.exe
O24 - Desktop Component 0: (no name) - file:///D:/Data/F/0/020.jpg
O24 - Desktop Component 1: (no name) - http://a1668.g.akamai.net/7/1668/16322/01/www.jetix.nl/shopping/products/images/1886b.gif
O24 - Desktop Component 2: (no name) - http://img139.imageshack.us/img139/9872/zdjcie020wv5.jpg
O24 - Desktop Component 3: (no name) - http://images27.fotosik.pl/46/824d991a8ae53036.gif
O24 - Desktop Component 4: (no name) - http://fs05u.sendspace.com/img/dlpage_wizard.gif
--
End of file - 13407 bytes
przez Magik 10 Lip 2008, 15:16
Cudownie 
te wpisy dajesz na fix(HJT) w trybie awaryjnym(F8 przy starcie kompa)
Zastosuj SDFix . Po pobraniu uruchom go a rozpakuje się do C:\SDFix. Uruchom komputer w trybie awaryjnym (F8 przy stracie systemu). Będąc w awaryjnym uruchom plik RunThis.bat z folderu SDFixa. Zatwierdź czyszczenie przez Y. Poczekaj aż ukończy i komputer zresetuje
Potem wejdz do folderu C:\SDFix wrzuc zawartość pliku Report.txt + log z combofixa oraz daj loga z hijacka
+ to
http://forum.programosy.pl/program-szukajacy-trojanow-i-malware-vt97108.html
te wpisy dajesz na fix(HJT) w trybie awaryjnym(F8 przy starcie kompa)
- Kod: Zaznacz wszystko
O4 - HKLM\..\Run: [Media Gateway] C:\Program Files\Media Gateway\MediaGateway.exe
O4 - HKCU\..\Run: [GoD] "C:\Program Files\GoD\GoD.exe" /tray
O8 - Extra context menu item: Web Rebates. - file://C:\Program Files\WebRebates4\websrebates\webtrebates\toprC0.htm
O16 - DPF: {15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://static.windupdates.com/cab_adult/WebsiteAccess/ie/Bridge-c139.cab
O16 - DPF: {85D1F3B2-2A21-11D7-97B9-0010DC2A6243} - http://secure2.comned.com/signuptemplates/securelogin-devel.cab
O23 - Service: Boonty Games - Unknown owner - C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe (file missing)
Zastosuj SDFix . Po pobraniu uruchom go a rozpakuje się do C:\SDFix. Uruchom komputer w trybie awaryjnym (F8 przy stracie systemu). Będąc w awaryjnym uruchom plik RunThis.bat z folderu SDFixa. Zatwierdź czyszczenie przez Y. Poczekaj aż ukończy i komputer zresetuje
Potem wejdz do folderu C:\SDFix wrzuc zawartość pliku Report.txt + log z combofixa oraz daj loga z hijacka
+ to
http://forum.programosy.pl/program-szukajacy-trojanow-i-malware-vt97108.html
-
Magik - ~user
- Posty: 7956
- Dołączenie: 08 Maj 2004, 09:17
- Miejscowość: Głogów
- Pochwały: 886
-
przez Paulaa 10 Lip 2008, 16:21
Report
Combofix
HJT
Program szukający trojanów
- Kod: Zaznacz wszystko
[b]SDFix: Version 1.204 [/b]
Run by paulina on 2008-07-10 at 15:34
Microsoft Windows XP [Wersja 5.1.2600]
Running From: C:\SDFix
[b]Checking Services [/b]:
Restoring Default Security Values
Restoring Default Hosts File
Rebooting
[b]Checking Files [/b]:
No Trojan Files Found
Removing Temp Files
[b]ADS Check [/b]:
[b]Final Check [/b]:
catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-07-10 15:47:03
Windows 5.1.2600 Dodatek Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden services & system hive ...
disk error: C:\WINDOWS\system32\config\system, 3
scanning hidden registry entries ...
disk error: C:\WINDOWS\system32\config\software, 3
disk error: C:\Documents and Settings\paulina\ntuser.dat, 3
scanning hidden files ...
disk error: C:\WINDOWS\
please note that you need administrator rights to perform deep scan
[b]Remaining Services [/b]:
Authorized Application Key Export:
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\games\\No Man's Land Demo\\nml.exe"="C:\\games\\No Man's Land Demo\\nml.exe:*:Enabled:NML main engine"
"C:\\iEN\\Games\\DoA\\doa.exe"="C:\\iEN\\Games\\DoA\\doa.exe:*:Enabled:wb2"
"C:\\games\\Smashing Reversi\\Reversi.exe"="C:\\games\\Smashing Reversi\\Reversi.exe:*:Enabled:Logic Game - \"Smashing Reversi\""
"C:\\Documents and Settings\\paulina\\Pulpit\\CBattle\\CBattle.exe"="C:\\Documents and Settings\\paulina\\Pulpit\\CBattle\\CBattle.exe:*:Enabled:CBattle"
"C:\\Documents and Settings\\paulina\\Pulpit\\GRY\\CBattle\\CBattle.exe"="C:\\Documents and Settings\\paulina\\Pulpit\\GRY\\CBattle\\CBattle.exe:*:Disabled:CBattle"
"C:\\games\\Paintball.exe"="C:\\games\\Paintball.exe:*:Disabled:Paintball"
"C:\\Program Files\\Wierszownik\\DATA\\BIN\\mysqld-nt.exe"="C:\\Program Files\\Wierszownik\\DATA\\BIN\\mysqld-nt.exe:*:Disabled:mysqld-nt"
"C:\\Documents and Settings\\paulina\\Pulpit\\GRY\\Statki\\CBattle.exe"="C:\\Documents and Settings\\paulina\\Pulpit\\GRY\\Statki\\CBattle.exe:*:Enabled:CBattle"
"C:\\Program Files\\Km TPR\\KM_TPR.exe"="C:\\Program Files\\Km TPR\\KM_TPR.exe:*:Enabled:KM_TPR"
"C:\\TmSunriseDemoMag\\TmSunriseDemoMag.exe"="C:\\TmSunriseDemoMag\\TmSunriseDemoMag.exe:*:Disabled:TmSunriseDemoMag"
"C:\\Program Files\\Codemasters\\Worms 4 Mayhem Demo\\Worms 4 Mayhem Demo.exe"="C:\\Program Files\\Codemasters\\Worms 4 Mayhem Demo\\Worms 4 Mayhem Demo.exe:*:Disabled:Worms 4 Mayhem Demo"
"C:\\Program Files\\Dragon Throne\\adsanguo.exe"="C:\\Program Files\\Dragon Throne\\adsanguo.exe:*:Enabled:AdSanguo"
"C:\\Gadu-Gadu\\gg.exe"="C:\\Gadu-Gadu\\gg.exe:*:Disabled:Gadu-Gadu - program glowny"
"C:\\Documents and Settings\\paulina\\Pulpit\\emule.exe"="C:\\Documents and Settings\\paulina\\Pulpit\\emule.exe:*:Disabled:eMule"
"C:\\Program Files\\Kazaa Lite Rewolucja\\kazaalite.kpp"="C:\\Program Files\\Kazaa Lite Rewolucja\\kazaalite.kpp:*:Enabled:kazaalite"
"C:\\Program Files\\eMule\\emule.exe"="C:\\Program Files\\eMule\\emule.exe:*:Enabled:eMule"
"C:\\Gadu-Gadu\\ggphone\\ggphone.exe"="C:\\Gadu-Gadu\\ggphone\\ggphone.exe:*:Disabled:Internetowe polaczenia telefoniczne"
"C:\\Program Files\\Internet Explorer\\IEXPLORE.EXE"="C:\\Program Files\\Internet Explorer\\IEXPLORE.EXE:*:Disabled:Internet Explorer"
"C:\\Program Files\\GemsNet\\MultiNet\\MultiNet.exe"="C:\\Program Files\\GemsNet\\MultiNet\\MultiNet.exe:*:Enabled:Tuner internetowy MultiNet. Szczeg˘y na www.gemsnet.pl"
"C:\\Program Files\\Real\\RealOne Player\\realplay.exe"="C:\\Program Files\\Real\\RealOne Player\\realplay.exe:*:Enabled:RealOne Player"
"C:\\WINDOWS\\system32\\usmt\\migwiz.exe"="C:\\WINDOWS\\system32\\usmt\\migwiz.exe:*:Enabled:Kreator transferu plik˘w i ustawieä"
"C:\\Program Files\\Tlen.pl\\tlen.exe"="C:\\Program Files\\Tlen.pl\\tlen.exe:*:Disabled:tlen"
"C:\\Program Files\\MyPortal\\Akuku\\Akuku.exe"="C:\\Program Files\\MyPortal\\Akuku\\Akuku.exe:*:Disabled:Akuku Communicator"
"C:\\Program Files\\WestByte\\SeaWar\\seawar.exe"="C:\\Program Files\\WestByte\\SeaWar\\seawar.exe:*:Disabled:seawar"
"C:\\Program Files\\Nero\\Nero 7\\Nero Home\\NeroHome.exe"="C:\\Program Files\\Nero\\Nero 7\\Nero Home\\NeroHome.exe:*:Enabled:Nero Home"
"C:\\Program Files\\PopCap Games\\Bejeweled Deluxe\\WinBej.exe"="C:\\Program Files\\PopCap Games\\Bejeweled Deluxe\\WinBej.exe:*:Disabled:Bejeweled"
"C:\\WINDOWS\\system32\\dpvsetup.exe"="C:\\WINDOWS\\system32\\dpvsetup.exe:*:Disabled:Microsoft DirectPlay Voice Test"
"C:\\Program Files\\Sierra\\Empire Earth\\Empire Earth.exe"="C:\\Program Files\\Sierra\\Empire Earth\\Empire Earth.exe:*:Enabled:Empire Earth"
"C:\\Program Files\\Sierra\\Empire Earth - Sztuka Podboju\\EE-AOC.exe"="C:\\Program Files\\Sierra\\Empire Earth - Sztuka Podboju\\EE-AOC.exe:*:Disabled:EE-AOC"
"C:\\Program Files\\Windows Media Player\\wmplayer.exe"="C:\\Program Files\\Windows Media Player\\wmplayer.exe:*:Disabled:Windows Media Player"
"C:\\Program Files\\Wapster\\AQQ\\AQQ.exe"="C:\\Program Files\\Wapster\\AQQ\\AQQ.exe:*:Enabled:P2P AQQ"
"C:\\PROGRA~1\\Wapster\\AQQ\\AQQ.exe"="C:\\PROGRA~1\\Wapster\\AQQ\\AQQ.exe:*:Enabled:P2P AQQ"
"C:\\Program Files\\Spik\\Spik.exe"="C:\\Program Files\\Spik\\Spik.exe:*:Enabled:Spik"
"C:\\Program Files\\FrostWire\\FrostWire.exe"="C:\\Program Files\\FrostWire\\FrostWire.exe:*:Enabled:LimeWire"
"C:\\Program Files\\Tiny Cars 2\\TinyCars2.exe"="C:\\Program Files\\Tiny Cars 2\\TinyCars2.exe:*:Enabled:TinyCars2"
"C:\\Program Files\\uTorrent\\uTorrent.exe"="C:\\Program Files\\uTorrent\\uTorrent.exe:*:Enabled:uTorrent"
"C:\\Documents and Settings\\paulina\\Pulpit\\utorrent.exe"="C:\\Documents and Settings\\paulina\\Pulpit\\utorrent.exe:*:Enabled:uTorrent"
"C:\\Program Files\\Last.fm\\LastFM.exe"="C:\\Program Files\\Last.fm\\LastFM.exe:*:Disabled:LastFM"
"C:\\Documents and Settings\\paulina\\Pulpit\\DCPlusPlus.exe"="C:\\Documents and Settings\\paulina\\Pulpit\\DCPlusPlus.exe:*:Disabled:DC++"
"C:\\Program Files\\BearShare\\BearShare.exe"="C:\\Program Files\\BearShare\\BearShare.exe:*:Disabled:BearShare"
"C:\\Program Files\\Wyzo\\wyzo.exe"="C:\\Program Files\\Wyzo\\wyzo.exe:*:Disabled:Wyzo"
"C:\\Program Files\\Ares\\Ares.exe"="C:\\Program Files\\Ares\\Ares.exe:*:Disabled:Ares p2p for windows"
"C:\\Program Files\\BitTorrent\\bittorrent.exe"="C:\\Program Files\\BitTorrent\\bittorrent.exe:*:Enabled:BitTorrent"
"C:\\Program Files\\Zapu\\Zapu\\wDivi.exe"="C:\\Program Files\\Zapu\\Zapu\\wDivi.exe:*:Enabled:Zapu Control"
"C:\\Program Files\\Migajek Software\\HateML\\DbgListener\\DbgListener.exe"="C:\\Program Files\\Migajek Software\\HateML\\DbgListener\\DbgListener.exe:*:Disabled:Listener for php debugger DBG"
"C:\\Program Files\\PPLive\\PPLive.exe"="C:\\Program Files\\PPLive\\PPLive.exe:*:Enabled:PPLive"
"C:\\Program Files\\FlashGet Network\\Flashget\\FlashGet.exe"="C:\\Program Files\\FlashGet Network\\Flashget\\FlashGet.exe:*:Enabled:Flashget2"
"C:\\Program Files\\FlashGet Network\\Flashget\\LiveUpdate.exe"="C:\\Program Files\\FlashGet Network\\Flashget\\LiveUpdate.exe:*:Enabled:FGLiveUpdate"
"C:\\Program Files\\FlashGet Network\\Flashget\\LiveUpdateEx.exe"="C:\\Program Files\\FlashGet Network\\Flashget\\LiveUpdateEx.exe:*:Enabled:FGLiveUpdateEx"
"C:\\Program Files\\PPMate\\ppmate.exe"="C:\\Program Files\\PPMate\\ppmate.exe:*:Enabled:PPMate"
"C:\\Program Files\\SopCast\\SopCast.exe"="C:\\Program Files\\SopCast\\SopCast.exe:*:Enabled:SopCast Main Application"
"C:\\Documents and Settings\\paulina\\Dane aplikacji\\SopCast\\adv\\SopAdver.exe"="C:\\Documents and Settings\\paulina\\Dane aplikacji\\SopCast\\adv\\SopAdver.exe:*:Enabled:SopCast Adver"
"C:\\Program Files\\TVUPlayer\\TVUPlayer.exe"="C:\\Program Files\\TVUPlayer\\TVUPlayer.exe:*:Enabled:TVUPlayer Component"
"C:\\Program Files\\PPMate\\ppamnet.exe"="C:\\Program Files\\PPMate\\ppamnet.exe:*:Enabled:PPMate"
"C:\\Program Files\\PPMate\\neo.exe"="C:\\Program Files\\PPMate\\neo.exe:*:Enabled:neo"
"C:\\Program Files\\SopCast\\adv\\SopAdver.exe"="C:\\Program Files\\SopCast\\adv\\SopAdver.exe:*:Enabled:SopCast Adver"
"C:\\Program Files\\PPStream\\PPStream.exe"="C:\\Program Files\\PPStream\\PPStream.exe:*:Enabled:PPSÖý¶‡u‡¨ŕ"
"C:\\WINDOWS\\system32\\java.exe"="C:\\WINDOWS\\system32\\java.exe:*:Disabled:Java(TM) Platform SE binary"
"C:\\Documents and Settings\\paulina\\Ustawienia lokalne\\Temp\\Rar$EX00.063\\volley.exe"="C:\\Documents and Settings\\paulina\\Ustawienia lokalne\\Temp\\Rar$EX00.063\\volley.exe:*:Disabled:volley"
"C:\\Program Files\\FlashGet\\FlashGet.exe"="C:\\Program Files\\FlashGet\\FlashGet.exe:*:Enabled:Flashget"
"C:\\Program Files\\Proxy Switcher Standard\\ProxySwitcher.exe"="C:\\Program Files\\Proxy Switcher Standard\\ProxySwitcher.exe:*:Enabled:Proxy Switcher"
"C:\\CrackAttack\\bin\\crackattack.exe"="C:\\CrackAttack\\bin\\crackattack.exe:*:Disabled:crackattack"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\TVAnts\\Tvants.exe"="C:\\Program Files\\TVAnts\\Tvants.exe:*:Disabled:TVAnts"
"C:\\Program Files\\PPStream\\PPSAP.exe"="C:\\Program Files\\PPStream\\PPSAP.exe:*:Enabled:PPS Öý¶‡•ŕÓŢŹö"
"C:\\Documents and Settings\\paulina\\Dane aplikacji\\PowerChallenge\\PowerSoccer\\PowerSoccer.exe"="C:\\Documents and Settings\\paulina\\Dane aplikacji\\PowerChallenge\\PowerSoccer\\PowerSoccer.exe:*:Disabled:PowerSoccer"
"C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Onet.pl - Skype"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
[b]Remaining Files [/b]:
[b]Files with Hidden Attributes [/b]:
Fri 11 Nov 2005 29,696 A..H. --- "C:\Program Files\Give4Free Plugin\ibho.dll"
Mon 12 Jun 2006 65,536 A..H. --- "C:\Program Files\Give4Free Plugin\updater.exe"
Mon 14 Apr 2008 60,928 A.SH. --- "C:\Program Files\Outlook Express\msimn.exe"
Wed 27 Jun 2007 168 ..SHR --- "C:\WINDOWS\system32\87D8837F3E.sys"
Wed 27 Jun 2007 5,852 A.SH. --- "C:\WINDOWS\system32\KGyGaAvL.sys"
Thu 15 Sep 2005 4,348 ..SH. --- "C:\Documents and Settings\All Users\DRM\DRMv1.bak"
Wed 7 May 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\05030212059e1b9876d47b8cf2fa5e95\BIT2.tmp"
[b]Finished![/b]
Combofix
- Kod: Zaznacz wszystko
ComboFix 08-07-09.5 - paulina 2008-07-10 15:56:23.4 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1250.1.1045.18.170 [GMT 2:00]
Running from: C:\Documents and Settings\paulina\Pulpit\ComboFix.exe
[color=red][b]WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !![/b][/color]
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Previous Run -------
.
C:\Documents and Settings\All Users\Menu Start\Programy\ADSTechnology
C:\Documents and Settings\All Users\Menu Start\Programy\ADSTechnology\ADSTechnology.lnk
C:\Documents and Settings\All Users\Menu Start\Programy\ADSTechnology\Uninstall.lnk
C:\Documents and Settings\paulina\Dane aplikacji\.#
C:\Documents and Settings\paulina\Dane aplikacji\inst.exe
C:\Documents and Settings\paulina\Dane aplikacji\ShoppingReport
C:\Documents and Settings\paulina\Dane aplikacji\ShoppingReport\cs\Config.xml
C:\Documents and Settings\paulina\Dane aplikacji\ShoppingReport\cs\db\Aliases.dbs
C:\Documents and Settings\paulina\Dane aplikacji\ShoppingReport\cs\db\Sites.dbs
C:\Documents and Settings\paulina\Dane aplikacji\ShoppingReport\cs\dwld\WhiteList.xip
C:\Documents and Settings\paulina\Dane aplikacji\ShoppingReport\cs\report\aggr_storage.xml
C:\Documents and Settings\paulina\Dane aplikacji\ShoppingReport\cs\report\send_storage.xml
C:\Documents and Settings\paulina\Dane aplikacji\ShoppingReport\cs\res2\WhiteList.dbs
C:\Documents and Settings\paulina\Ulubione\Online Security Test.url
C:\Documents and Settings\paulina\Ustawienia lokalne\Temporary Internet Files\AlxRes_dll_IMAGE_bg_popup.gif
C:\Documents and Settings\paulina\Ustawienia lokalne\Temporary Internet Files\AlxRes_dll_IMAGE_window_sliver.gif
C:\Program Files\myglobalsearch
C:\Program Files\myglobalsearch\bar\1.bin\M9FFXTBR.JAR
C:\Program Files\myglobalsearch\bar\1.bin\M9FFXTBR.MANIFEST
C:\Program Files\myglobalsearch\bar\1.bin\M9NTSTBR.JAR
C:\Program Files\myglobalsearch\bar\1.bin\M9NTSTBR.MANIFEST
C:\Program Files\myglobalsearch\bar\1.bin\M9PLUGIN.DLL
C:\Program Files\myglobalsearch\bar\1.bin\MGSBAR.DLL
C:\Program Files\myglobalsearch\bar\1.bin\NPMYGLSH.DLL
C:\Program Files\myglobalsearch\bar\Cache\0002D7A9.bin
C:\Program Files\myglobalsearch\bar\Cache\00056E51.bin
C:\Program Files\myglobalsearch\bar\Cache\0009A685.bin
C:\Program Files\myglobalsearch\bar\Cache\0035B2B4
C:\Program Files\myglobalsearch\bar\Cache\0057B05D.bin
C:\Program Files\myglobalsearch\bar\Cache\0070A92F.bin
C:\Program Files\myglobalsearch\bar\Cache\0130D673.bin
C:\Program Files\myglobalsearch\bar\Cache\04AD72A1.bin
C:\Program Files\myglobalsearch\bar\Cache\07DF1469.bin
C:\Program Files\myglobalsearch\bar\Cache\files.ini
C:\Program Files\myglobalsearch\bar\History\search
C:\Program Files\myglobalsearch\bar\Settings\prevcfg.htm
C:\update.exe
C:\WINDOWS\adaway.lic
C:\WINDOWS\system32\_005162_.tmp.dll
C:\WINDOWS\system32\_005163_.tmp.dll
C:\WINDOWS\system32\_005164_.tmp.dll
C:\WINDOWS\system32\_005165_.tmp.dll
C:\WINDOWS\system32\_005172_.tmp.dll
C:\WINDOWS\system32\_005173_.tmp.dll
C:\WINDOWS\system32\_005174_.tmp.dll
C:\WINDOWS\system32\_005175_.tmp.dll
C:\WINDOWS\system32\_005177_.tmp.dll
C:\WINDOWS\system32\_005178_.tmp.dll
C:\WINDOWS\system32\_005181_.tmp.dll
C:\WINDOWS\system32\_005182_.tmp.dll
C:\WINDOWS\system32\_005184_.tmp.dll
C:\WINDOWS\system32\_005185_.tmp.dll
C:\WINDOWS\system32\_005186_.tmp.dll
C:\WINDOWS\system32\_005188_.tmp.dll
C:\WINDOWS\system32\_005191_.tmp.dll
C:\WINDOWS\system32\_005192_.tmp.dll
C:\WINDOWS\system32\_005193_.tmp.dll
C:\WINDOWS\system32\_005196_.tmp.dll
C:\WINDOWS\system32\_005197_.tmp.dll
C:\WINDOWS\system32\_005199_.tmp.dll
C:\WINDOWS\system32\_005202_.tmp.dll
C:\WINDOWS\system32\_005204_.tmp.dll
C:\WINDOWS\system32\_005205_.tmp.dll
C:\WINDOWS\system32\_005206_.tmp.dll
C:\WINDOWS\system32\_005207_.tmp.dll
C:\WINDOWS\system32\_005208_.tmp.dll
C:\WINDOWS\system32\_005211_.tmp.dll
C:\WINDOWS\system32\_005212_.tmp.dll
C:\WINDOWS\system32\_005213_.tmp.dll
C:\WINDOWS\system32\_005214_.tmp.dll
C:\WINDOWS\system32\_005215_.tmp.dll
C:\WINDOWS\system32\_005220_.tmp.dll
C:\WINDOWS\system32\_005222_.tmp.dll
.
((((((((((((((((((((((((( Files Created from 2008-06-10 to 2008-07-10 )))))))))))))))))))))))))))))))
.
2008-07-10 15:26 . 2008-07-10 15:26 <DIR> d-------- C:\WINDOWS\ERUNT
2008-07-10 15:22 . 2008-07-10 15:47 <DIR> d-------- C:\SDFix
2008-07-10 15:07 . 2008-07-10 15:07 <DIR> d-------- C:\Program Files\Trend Micro
2008-07-10 10:18 . 2008-07-10 10:18 <DIR> d-------- C:\Documents and Settings\paulina\Dane aplikacji\Lavasoft
2008-07-10 10:17 . 2008-07-10 10:17 <DIR> d-------- C:\Program Files\Lavasoft
2008-07-10 10:03 . 2008-07-10 10:07 <DIR> d-------- C:\Program Files\Adware Away
2008-07-09 21:57 . 2008-07-09 21:57 <DIR> d-------- C:\Program Files\Opera
2008-07-04 09:27 . 2008-07-04 09:28 <DIR> d-------- C:\Program Files\Common Files\Adobe
2008-07-01 17:31 . 2008-07-01 17:31 <DIR> d-------- C:\AllokVideoFolder
2008-07-01 17:30 . 2008-07-01 17:30 2,368 --a------ C:\WINDOWS\system32\SVKP.sys
2008-07-01 14:08 . 2008-07-01 14:08 <DIR> d-------- C:\Program Files\WinAVI Video Converter
2008-06-22 19:44 . 2008-06-22 19:44 <DIR> d-------- C:\Program Files\SystemRequirementsLab
2008-06-22 10:05 . 2008-06-22 10:05 <DIR> d-------- C:\Documents and Settings\paulina\Dane aplikacji\Thinstall
2008-06-20 19:42 . 2008-06-20 19:42 246,784 -----c--- C:\WINDOWS\system32\dllcache\mswsock.dll
2008-06-20 19:42 . 2008-06-20 19:42 148,992 -----c--- C:\WINDOWS\system32\dllcache\dnsapi.dll
2008-06-20 12:45 . 2008-06-20 12:45 360,320 -----c--- C:\WINDOWS\system32\dllcache\tcpip.sys
2008-06-20 12:44 . 2008-06-20 12:44 138,368 -----c--- C:\WINDOWS\system32\dllcache\afd.sys
2008-06-20 11:52 . 2008-06-20 11:52 225,920 -----c--- C:\WINDOWS\system32\dllcache\tcpip6.sys
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-07-10 13:52 --------- d-----w C:\Documents and Settings\paulina\Dane aplikacji\Skype
2008-07-10 12:08 --------- d-----w C:\Documents and Settings\paulina\Dane aplikacji\MegauploadToolbar
2008-07-10 10:16 --------- d-----w C:\Program Files\eMule
2008-07-09 19:10 --------- d-----w C:\Program Files\Volleyball Manager 2008
2008-07-09 19:10 --------- d-----w C:\Program Files\Sony Ericsson
2008-07-06 12:57 --------- d-----w C:\Documents and Settings\paulina\Dane aplikacji\PowerChallenge
2008-07-02 16:44 --------- d-----w C:\Program Files\Kliper
2008-06-22 12:48 --------- d-----w C:\Program Files\Belt Generator
2008-06-22 11:15 --------- d--h--w C:\Program Files\Give4Free Plugin
2008-05-27 11:47 --------- d-----w C:\Documents and Settings\paulina\Dane aplikacji\GetRightToGo
2008-05-21 16:28 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-05-21 16:27 161 ----a-w C:\Delme.bat
2008-05-21 11:50 56,320 -c--a-w C:\WINDOWS\ginstall.dll
2008-05-21 11:29 --------- d-----w C:\Documents and Settings\paulina\Dane aplikacji\PlayFirst
2008-05-18 15:13 --------- d-----w C:\Program Files\directx
2008-05-18 11:22 --------- d-----w C:\Program Files\XeroBank
2008-05-17 11:25 --------- d-----w C:\Program Files\CGArchive.com
2008-05-16 17:20 --------- d-----w C:\Program Files\CDBurnerXP
2008-05-16 17:20 --------- d-----w C:\Documents and Settings\paulina\Dane aplikacji\CDBurnerXP_Soft
2008-05-16 15:20 --------- d-----w C:\Program Files\Folder Lock
2008-05-16 15:19 --------- d-----w C:\Program Files\toolbartv
2008-05-16 15:08 --------- d-----w C:\Program Files\Common Files\Ulead Systems
2008-05-16 15:02 --------- d-----w C:\Documents and Settings\paulina\Dane aplikacji\ppstream
2008-05-16 15:01 --------- d-----w C:\Program Files\MyPhoneExplorer
2008-04-14 20:51 70,144 ----a-w C:\WINDOWS\notepad.exe
2008-04-14 20:51 32,866 ------w C:\WINDOWS\slrundll.exe
2008-04-14 20:51 285,696 ----a-w C:\WINDOWS\winhlp32.exe
2008-04-14 20:51 149,504 ----a-w C:\WINDOWS\regedit.exe
2008-04-14 20:51 10,752 ----a-w C:\WINDOWS\hh.exe
2008-04-14 20:51 1,035,264 ----a-w C:\WINDOWS\SET425.tmp
2008-04-14 20:50 50,688 ----a-w C:\WINDOWS\twain_32.dll
2008-04-01 18:58 47,360 ----a-w C:\Documents and Settings\paulina\Dane aplikacji\pcouffin.sys
2007-06-27 14:39 168 --sh--r C:\WINDOWS\system32\87D8837F3E.sys
2007-06-27 14:39 5,852 -csha-w C:\WINDOWS\system32\KGyGaAvL.sys
.
HJT
- Kod: Zaznacz wszystko
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:52, on 2008-07-10
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.20696)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\WINDOWS\system32\UAService7.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Winamp\winampa.exe
C:\WINDOWS\system32\wgp.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\paulina\Ustawienia lokalne\Dane aplikacji\Google\Update\1.1.25.0\GoogleUpdate.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Skype\Plugin Manager\SkypePM.exe
C:\Gadu-Gadu\gg.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 192.168.100.11:8080
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 2BA1056B1A10559F
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
R3 - URLSearchHook: (no name) - <default> - (no file)
R3 - URLSearchHook: Multi Media Toolbar - {b5146c40-189a-4311-bda9-fbae3e023187} - C:\Program Files\Multi_Media\tbMul0.dll
R3 - URLSearchHook: Share_Accelerator_MM Toolbar - {4596013b-6c31-408b-a266-deae5c086dc2} - C:\Program Files\Share_Accelerator_MM\tbSha1.dll (file missing)
R3 - URLSearchHook: toolbartv Toolbar - {7762a897-2a75-4e3f-a3a7-55bd098b9879} - C:\Program Files\toolbartv\tbtool.dll
R3 - URLSearchHook: Absolutist Games Toolbar - {631ac2d4-57b3-42b0-a148-da33b462c1a3} - C:\Program Files\Absolutist_Games\tbAbs1.dll (file missing)
R3 - URLSearchHook: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfree.dll
O2 - BHO: MyWay Search Assistant BHO - {04079851-5845-4dea-848C-3ECD647AA554} - C:\Program Files\MyWay\SrchAstt\1.bin\MYSRCHAS.DLL (file missing)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: My Global Search Bar BHO - {37B85A21-692B-4205-9CAD-2626E4993404} - C:\Program Files\MyGlobalSearch\bar\1.bin\MGSBAR.DLL (file missing)
O2 - BHO: Share_Accelerator_MM Toolbar - {4596013b-6c31-408b-a266-deae5c086dc2} - C:\Program Files\Share_Accelerator_MM\tbSha1.dll (file missing)
O2 - BHO: MEGAUPLOADTOOLBAR - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: toolbartv Toolbar - {7762a897-2a75-4e3f-a3a7-55bd098b9879} - C:\Program Files\toolbartv\tbtool.dll
O2 - BHO: Multi Media Toolbar - {b5146c40-189a-4311-bda9-fbae3e023187} - C:\Program Files\Multi_Media\tbMul0.dll
O2 - BHO: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfree.dll
O3 - Toolbar: Multi Media Toolbar - {b5146c40-189a-4311-bda9-fbae3e023187} - C:\Program Files\Multi_Media\tbMul0.dll
O3 - Toolbar: My Global Search Bar - {37B85A29-692B-4205-9CAD-2626E4993404} - C:\Program Files\MyGlobalSearch\bar\1.bin\MGSBAR.DLL (file missing)
O3 - Toolbar: Share_Accelerator_MM Toolbar - {4596013b-6c31-408b-a266-deae5c086dc2} - C:\Program Files\Share_Accelerator_MM\tbSha1.dll (file missing)
O3 - Toolbar: toolbartv Toolbar - {7762a897-2a75-4e3f-a3a7-55bd098b9879} - C:\Program Files\toolbartv\tbtool.dll
O3 - Toolbar: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfree.dll
O3 - Toolbar: MEGAUPLOADTOOLBAR - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [Media Gateway] C:\Program Files\Media Gateway\MediaGateway.exe
O4 - HKLM\..\Run: [CafeNews] C:\Program Files\CafeNews\CN.exe /autostart
O4 - HKLM\..\Run: [Onet.pl AutoUpdate] "C:\Program Files\Common Files\Onet.pl\NewAutoUpdate.exe" /updateexetsr
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [WinGuard Pro] C:\WINDOWS\system32\wgp.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKCU\..\Run: [AQQ] C:\PROGRA~1\Wapster\AQQ\AQQ.exe
O4 - HKCU\..\Run: [VS Online] "C:\Program Files\VS Online\VSOnline.exe" /tray
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized
O4 - HKCU\..\Run: [Klik Online] "C:\Program Files\Klik Online\KlikOnline.exe" /tray
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\paulina\Ustawienia lokalne\Dane aplikacji\Google\Update\1.1.25.0\GoogleUpdate.exe" /lang en
O4 - HKCU\..\Run: [GoD] "C:\Program Files\GoD\GoD.exe" /tray
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA LOKALNA')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA SIECIOWA')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Add to AMV Convert Tool... - C:\Program Files\MP3 Player Utilities 3.74\AMVConverter\grab.html
O8 - Extra context menu item: Add to AMV Converter... - C:\Program Files\MP3 Player Utilities 4.04\AMVConverter\grab.html
O8 - Extra context menu item: AMV convert tool grab multimedia file - C:\Program Files\MP3 Player Utilities 5.02\AMVConverter\grab.html
O8 - Extra context menu item: Download with &FileFactory Turbo - C:\Program Files\FileFactory Turbo\Plugins\IE\FileFactoryIE.html
O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: MediaManager tool grab multimedia file - C:\Program Files\MP3 Player Utilities 4.04\MediaManager\grab.html
O8 - Extra context menu item: Web Rebates. - file://C:\Program Files\WebRebates4\websrebates\webtrebates\toprC0.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Wyslij SMS'a - {215940F1-E7E0-4801-BEE3-44D045534106} - C:\Program Files\Common Files\moje.js (file missing)
O9 - Extra button: Net2Phone - {4B30061A-5B39-11D3-80F8-0090276F843F} - C:\Program Files\Net2Phone\Net2fone.exe (file missing)
O9 - Extra 'Tools' menuitem: Net2Phone - {4B30061A-5B39-11D3-80F8-0090276F843F} - C:\Program Files\Net2Phone\Net2fone.exe (file missing)
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://static.windupdates.com/cab_adult/WebsiteAccess/ie/Bridge-c139.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {1A781DED-C22D-4153-3213-A3211E29DF13} (GameDesire Card Games) - http://67.15.101.33/g_bin/pl/cards_2_0_0_77.cab
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.srtest.com/srl_bin/sysreqlab3.cab
O16 - DPF: {41ACD49D-1974-791A-0981-AA9872721044} (Ganymede Board Games) - http://67.15.101.33/g_bin/pl/boards_2_0_0_35.cab
O16 - DPF: {4B4513E2-4E57-43DF-9496-FCD37E9DFA64} (GameDesire Sea Battle) - http://67.15.101.33/g_bin/pl/navy_2_0_0_29.cab
O16 - DPF: {4BFD075D-C36E-4F28-BB0A-5D472795197A} (PowerLoader Class) - http://powerchallenge.com/applet/PowerLoader.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1128674817234
O16 - DPF: {85D1F3B2-2A21-11D7-97B9-0010DC2A6243} - http://secure2.comned.com/signuptemplates/securelogin-devel.cab
O16 - DPF: {A1FE3DEF-CF77-11D4-8340-0080C8D7ED4A} (GameDesire Pinball Pirate) - http://67.15.101.3/g_bin/pl/pirate_2_0_0_29.cab
O16 - DPF: {FDDBE2B8-6602-4AD8-946D-94C5A32FA6C6} - http://67.15.101.3/g_bin/pl/billard8UK_2_0_0_24.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (file missing)
O18 - Protocol: wpmsg - {2E0AC5A0-3597-11D6-B3ED-0001021DC1C3} - C:\Program Files\Spik\url_wpmsg.dll
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Boonty Games - Unknown owner - C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe (file missing)
O23 - Service: Capture Device Service - InterVideo Inc. - C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Unknown owner - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Sony DADC Austria AG. - C:\WINDOWS\system32\UAService7.exe
O24 - Desktop Component 0: (no name) - file:///D:/Data/F/0/020.jpg
O24 - Desktop Component 1: (no name) - http://a1668.g.akamai.net/7/1668/16322/01/www.jetix.nl/shopping/products/images/1886b.gif
O24 - Desktop Component 2: (no name) - http://img139.imageshack.us/img139/9872/zdjcie020wv5.jpg
O24 - Desktop Component 3: (no name) - http://images27.fotosik.pl/46/824d991a8ae53036.gif
O24 - Desktop Component 4: (no name) - http://fs05u.sendspace.com/img/dlpage_wizard.gif
--
End of file - 13447 bytes
Program szukający trojanów
- Kod: Zaznacz wszystko
********************************************************************************
* *
* FixIEDef Log *
* Version 1.4.20.5942 *
* *
********************************************************************************
Created at 16:10:31 on Thursday, July 10, 2008
Time Zone :
Logged On User : paulina
Operating System : Microsoft Windows XP Professional Dodatek Service Pack 2
OS Version : 5.1.2600
System Langauge : Polish
Keyboard Layout : Polish
Processor : X86 AMD Sempron(tm) 2300+
System Drive : C:\
Windows Directory : C:\WINDOWS
System Directory : C:\WINDOWS\system32
Total Physical Memory : 536330240 bytes
Free Physical Memory : 170668 bytes
Total Virtual Memory : 2097024 bytes
Free Virtual Memory : 2053480 bytes
Boot State : Normal boot
--------------------------------------------------------------------------------
!!! Files that have been deleted !!!
C:\Documents and Settings\paulina\Dane aplikacji\Sun\Java\Deployment\cache\javapi\*.*
--------------------------------------------------------------------------------
!!! Directories that have been removed !!!
No malicious directories to be removed
--------------------------------------------------------------------------------
!!! Registry entries that have been removed !!!
No malicious Registry entries found
================================================================================
All Done :)
ShadowPuterDude
Safe Surfing!!!
przez Magik 10 Lip 2008, 16:32
Hmm Paulko daj jeszcze w HJt na fix to:
wklej do notatnika
zapisz jako CFScript.txt, przeciągnij i upuść ikonkę CFScript.txt na ikonkę ComboFix.exe
- Kod: Zaznacz wszystko
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: MyWay Search Assistant BHO - {04079851-5845-4dea-848C-3ECD647AA554} - C:\Program Files\MyWay\SrchAstt\1.bin\MYSRCHAS.DLL (file missing)
O2 - BHO: My Global Search Bar BHO - {37B85A21-692B-4205-9CAD-2626E4993404} - C:\Program Files\MyGlobalSearch\bar\1.bin\MGSBAR.DLL (file missing)
O2 - BHO: Share_Accelerator_MM Toolbar - {4596013b-6c31-408b-a266-deae5c086dc2} - C:\Program Files\Share_Accelerator_MM\tbSha1.dll (file missing)
O3 - Toolbar: My Global Search Bar - {37B85A29-692B-4205-9CAD-2626E4993404} - C:\Program Files\MyGlobalSearch\bar\1.bin\MGSBAR.DLL (file missing)
O3 - Toolbar: Share_Accelerator_MM Toolbar - {4596013b-6c31-408b-a266-deae5c086dc2} - C:\Program Files\Share_Accelerator_MM\tbSha1.dll (file missing)
O8 - Extra context menu item: Web Rebates. - file://C:\Program Files\WebRebates4\websrebates\webtrebates\toprC0.htm
O9 - Extra button: Wyslij SMS'a - {215940F1-E7E0-4801-BEE3-44D045534106} - C:\Program Files\Common Files\moje.js (file missing)
O9 - Extra button: Net2Phone - {4B30061A-5B39-11D3-80F8-0090276F843F} - C:\Program Files\Net2Phone\Net2fone.exe (file missing)
O9 - Extra 'Tools' menuitem: Net2Phone - {4B30061A-5B39-11D3-80F8-0090276F843F} - C:\Program Files\Net2Phone\Net2fone.exe (file missing)
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O16 - DPF: {4B4513E2-4E57-43DF-9496-FCD37E9DFA64} (GameDesire Sea Battle) - http://67.15.101.33/g_bin/pl/navy_2_0_0_29.cab
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.srtest.com/srl_bin/sysreqlab3.cab
O16 - DPF: {A1FE3DEF-CF77-11D4-8340-0080C8D7ED4A} (GameDesire Pinball Pirate) - http://67.15.101.3/g_bin/pl/pirate_2_0_0_29.cab
O16 - DPF: {FDDBE2B8-6602-4AD8-946D-94C5A32FA6C6} - http://67.15.101.3/g_bin/pl/billard8UK_2_0_0_24.cab
O23 - Service: Boonty Games - Unknown owner - C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe (file missing)
wklej do notatnika
- Kod: Zaznacz wszystko
FOLDER::
C:\Program Files\Media Gateway\MediaGateway.exe
C:\Program Files\GoD\GoD.exe
FILE::
C:\WINDOWS\notepad.exe
C:\WINDOWS\regedit.exe
C:\WINDOWS\hh.exe
C:\WINDOWS\SET425.tmp
C:\WINDOWS\twain_32.dll
zapisz jako CFScript.txt, przeciągnij i upuść ikonkę CFScript.txt na ikonkę ComboFix.exe
-
Magik - ~user
- Posty: 7956
- Dołączenie: 08 Maj 2004, 09:17
- Miejscowość: Głogów
- Pochwały: 886
-
przez Magik 10 Lip 2008, 17:07
Paulaa napisał(a):Zrobiłam tak.
Nie wiem czy dobrze, ale zrobiłam ;p
po tej akcji combofix pwoienien wyrzucic nowy log//powinnas go byla wkleic heh:P
zrob jeszcze to
1. Ściągnij OTMoveIt i go włacz i odpal go z opcji CleanUp
2. wykonaj optymalizację windowsa
3.sciagnij ATF_Cleaner
zaznacz
Windows Temp
All users Temp
Temporary internet files
Recycle Bin
i wcisnij EMPTY SELECTED
4.Wyłącz przywracanie systemu ( właściwości mój komputer-zakładka przywracanie - wyłącz przywracanie na wszystkich dyskach). Po chwili włącz je powrotem
i powinno byc ok
-
Magik - ~user
- Posty: 7956
- Dołączenie: 08 Maj 2004, 09:17
- Miejscowość: Głogów
- Pochwały: 886
-
przez Paulaa 10 Lip 2008, 17:17
Moment.
To z HJT mam skopiować to loga z fix czy jak?
emo Magik napisał(a):Hmm Paulko daj jeszcze w HJt na fix to:
- Kod: Zaznacz wszystko
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: MyWay Search Assistant BHO - {04079851-5845-4dea-848C-3ECD647AA554} - C:\Program Files\MyWay\SrchAstt\1.bin\MYSRCHAS.DLL (file missing)
O2 - BHO: My Global Search Bar BHO - {37B85A21-692B-4205-9CAD-2626E4993404} - C:\Program Files\MyGlobalSearch\bar\1.bin\MGSBAR.DLL (file missing)
O2 - BHO: Share_Accelerator_MM Toolbar - {4596013b-6c31-408b-a266-deae5c086dc2} - C:\Program Files\Share_Accelerator_MM\tbSha1.dll (file missing)
O3 - Toolbar: My Global Search Bar - {37B85A29-692B-4205-9CAD-2626E4993404} - C:\Program Files\MyGlobalSearch\bar\1.bin\MGSBAR.DLL (file missing)
O3 - Toolbar: Share_Accelerator_MM Toolbar - {4596013b-6c31-408b-a266-deae5c086dc2} - C:\Program Files\Share_Accelerator_MM\tbSha1.dll (file missing)
O8 - Extra context menu item: Web Rebates. - file://C:\Program Files\WebRebates4\websrebates\webtrebates\toprC0.htm
O9 - Extra button: Wyslij SMS'a - {215940F1-E7E0-4801-BEE3-44D045534106} - C:\Program Files\Common Files\moje.js (file missing)
O9 - Extra button: Net2Phone - {4B30061A-5B39-11D3-80F8-0090276F843F} - C:\Program Files\Net2Phone\Net2fone.exe (file missing)
O9 - Extra 'Tools' menuitem: Net2Phone - {4B30061A-5B39-11D3-80F8-0090276F843F} - C:\Program Files\Net2Phone\Net2fone.exe (file missing)
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O16 - DPF: {4B4513E2-4E57-43DF-9496-FCD37E9DFA64} (GameDesire Sea Battle) - http://67.15.101.33/g_bin/pl/navy_2_0_0_29.cab
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.srtest.com/srl_bin/sysreqlab3.cab
O16 - DPF: {A1FE3DEF-CF77-11D4-8340-0080C8D7ED4A} (GameDesire Pinball Pirate) - http://67.15.101.3/g_bin/pl/pirate_2_0_0_29.cab
O16 - DPF: {FDDBE2B8-6602-4AD8-946D-94C5A32FA6C6} - http://67.15.101.3/g_bin/pl/billard8UK_2_0_0_24.cab
O23 - Service: Boonty Games - Unknown owner - C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe (file missing)
To z HJT mam skopiować to loga z fix czy jak?
przez Magik 10 Lip 2008, 17:21
Paulaa napisał(a):To z HJT mam skopiować to loga z fix czy jak?
Kochana
http://forum.programosy.pl/hijackthis-amp-silent-runners-gtobsuga-i-umieszczanie-vt9452.html
Usuwanie szkodliwych wpisów
podpunk 4
-
Magik - ~user
- Posty: 7956
- Dołączenie: 08 Maj 2004, 09:17
- Miejscowość: Głogów
- Pochwały: 886
-
przez Magik 10 Lip 2008, 18:58
emo Magik napisał(a):"1. Ściągnij OTMoveIt i go włacz i odpal go z opcji CleanUp" - Błąd się pojawia.
Tym sie nie przejmuj-->ten soft jest z calej listy najmniej wazny.........Dokoncz zadanka, ktore masz i daj znac czy z kompem juz wsio oki
-
Magik - ~user
- Posty: 7956
- Dołączenie: 08 Maj 2004, 09:17
- Miejscowość: Głogów
- Pochwały: 886
-
przez Okocza 10 Lip 2008, 19:59
- Kod: Zaznacz wszystko
R3 - URLSearchHook: (no name) - <default> - (no file)
R3 - URLSearchHook: Multi Media Toolbar - {b5146c40-189a-4311-bda9-fbae3e023187} - C:\Program Files\Multi_Media\tbMul0.dll
R3 - URLSearchHook: Share_Accelerator_MM Toolbar - {4596013b-6c31-408b-a266-deae5c086dc2} - C:\Program Files\Share_Accelerator_MM\tbSha1.dll (file missing)
R3 - URLSearchHook: toolbartv Toolbar - {7762a897-2a75-4e3f-a3a7-55bd098b9879} - C:\Program Files\toolbartv\tbtool.dll
R3 - URLSearchHook: Absolutist Games Toolbar - {631ac2d4-57b3-42b0-a148-da33b462c1a3} - C:\Program Files\Absolutist_Games\tbAbs1.dll (file missing)
R3 - URLSearchHook: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfree.dll
O2 - BHO: MyWay Search Assistant BHO - {04079851-5845-4dea-848C-3ECD647AA554} - C:\Program Files\MyWay\SrchAstt\1.bin\MYSRCHAS.DLL (file missing)
O2 - BHO: My Global Search Bar BHO - {37B85A21-692B-4205-9CAD-2626E4993404} - C:\Program Files\MyGlobalSearch\bar\1.bin\MGSBAR.DLL (file missing)
O2 - BHO: Share_Accelerator_MM Toolbar - {4596013b-6c31-408b-a266-deae5c086dc2} - C:\Program Files\Share_Accelerator_MM\tbSha1.dll (file missing)
O2 - BHO: toolbartv Toolbar - {7762a897-2a75-4e3f-a3a7-55bd098b9879} - C:\Program Files\toolbartv\tbtool.dll
O2 - BHO: Multi Media Toolbar - {b5146c40-189a-4311-bda9-fbae3e023187} - C:\Program Files\Multi_Media\tbMul0.dll
O2 - BHO: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfree.dll
O3 - Toolbar: Multi Media Toolbar - {b5146c40-189a-4311-bda9-fbae3e023187} - C:\Program Files\Multi_Media\tbMul0.dll
O3 - Toolbar: My Global Search Bar - {37B85A29-692B-4205-9CAD-2626E4993404} - C:\Program Files\MyGlobalSearch\bar\1.bin\MGSBAR.DLL (file missing)
O3 - Toolbar: Share_Accelerator_MM Toolbar - {4596013b-6c31-408b-a266-deae5c086dc2} - C:\Program Files\Share_Accelerator_MM\tbSha1.dll (file missing)
O3 - Toolbar: toolbartv Toolbar - {7762a897-2a75-4e3f-a3a7-55bd098b9879} - C:\Program Files\toolbartv\tbtool.dll
O3 - Toolbar: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfree.dll
O3 - Toolbar: MEGAUPLOADTOOLBAR - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL
O2 - BHO: MEGAUPLOADTOOLBAR - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL
O9 - Extra 'Tools' menuitem: Net2Phone - {4B30061A-5B39-11D3-80F8-0090276F843F} - C:\Program Files\Net2Phone\Net2fone.exe (file missing)
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O16 - DPF: {1A781DED-C22D-4153-3213-A3211E29DF13} (GameDesire Card Games) - http://67.15.101.33/g_bin/pl/cards_2_0_0_77.cab
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.srtest.com/srl_bin/sysreqlab3.cab
O16 - DPF: {41ACD49D-1974-791A-0981-AA9872721044} (Ganymede Board Games) - http://67.15.101.33/g_bin/pl/boards_2_0_0_35.cab
O16 - DPF: {4B4513E2-4E57-43DF-9496-FCD37E9DFA64} (GameDesire Sea Battle) - http://67.15.101.33/g_bin/pl/navy_2_0_0_29.cab
O16 - DPF: {4BFD075D-C36E-4F28-BB0A-5D472795197A} (PowerLoader Class) - http://powerchallenge.com/applet/PowerLoader.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1128674817234
O16 - DPF: {85D1F3B2-2A21-11D7-97B9-0010DC2A6243} - http://secure2.comned.com/signuptemplates/securelogin-devel.cab
O16 - DPF: {A1FE3DEF-CF77-11D4-8340-0080C8D7ED4A} (GameDesire Pinball Pirate) - http://67.15.101.3/g_bin/pl/pirate_2_0_0_29.cab
O16 - DPF: {FDDBE2B8-6602-4AD8-946D-94C5A32FA6C6} - http://67.15.101.3/g_bin/pl/billard8UK_2_0_0_24.cab
O24 - Desktop Component 0: (no name) - file:///D:/Data/F/0/020.jpg
O24 - Desktop Component 1: (no name) - http://a1668.g.akamai.net/7/1668/16322/01/www.jetix.nl/shopping/products/images/1886b.gif
O24 - Desktop Component 2: (no name) - http://img139.imageshack.us/img139/9872/zdjcie020wv5.jpg
O24 - Desktop Component 3: (no name) - http://images27.fotosik.pl/46/824d991a8ae53036.gif
O24 - Desktop Component 4: (no name) - http://fs05u.sendspace.com/img/dlpage_wizard.gif
nie patrząc na to co dał Magik do fixa sfixuj jeszcze to
eMachines E730G - Core i5-430M, 2GiB RAM, ATI Mobility Radeon HD5470, WD 320GiB; Cort Z-44,DR 0.09-0.42, Peavey Backstage
Mac OS X 10.7.4 Lion // Windows 7 Professional x64 // NIE POMAGAM NA PW/GG/E-MAIL
"Moje Ego i Anima spotykają się i wymieniają przepisami na ciasteczka" - Maynard James Keenan
Mac OS X 10.7.4 Lion // Windows 7 Professional x64 // NIE POMAGAM NA PW/GG/E-MAIL
"Moje Ego i Anima spotykają się i wymieniają przepisami na ciasteczka" - Maynard James Keenan
-
Okocza - ~user
- Posty: 8001
- Dołączenie: 19 Mar 2006, 11:53
- Pochwały: 406
-
przez Magik 10 Lip 2008, 20:20
Paulaa napisał(a):Czym jest te 'res://ieframe.dll/dnserror.htm'
Poczytaj
poza tym
Przeskanuj kompa
http://www.programosy.pl/program,avg-anti-spyware.html
BTW, mialas niezle zapuszczony ten komp
-
Magik - ~user
- Posty: 7956
- Dołączenie: 08 Maj 2004, 09:17
- Miejscowość: Głogów
- Pochwały: 886
-
przez Magik 10 Lip 2008, 20:40
Paulaa napisał(a):O jaki rejestr chodzi na tej stronie? ;>
start
uruchom wpisujesz "regedit" i enter 
-
Magik - ~user
- Posty: 7956
- Dołączenie: 08 Maj 2004, 09:17
- Miejscowość: Głogów
- Pochwały: 886
-
26 posty(ów) • Strona 1 z 2 • 1, 2
Kto jest na forum
Użytkownicy przeglądający to forum: Brak zarejestrowanych użytkowników oraz 11 gości