cs 1.6 Krotkie scinki na pulpicie i w grach ;/

9 Lipca 2009

Witam!

Tak jak w temacie pisze mam krotkie scinki na pulpicie jak i w grze;/

Nie wiem co zrobic, temperatura kompa Ok.. komp czysty ..;/

Tylko nie piszcie zebym zrobił formata bo nie umiem ;]

Prosze o jakies porady !

9 Lipca 2009

jaka karta graficzna ?

9 Lipca 2009

NVIDIA GeForce4 Ti 4200

Ale to nie od karty bo tak mam od niedawna a karta jest z rok ;]

9 Lipca 2009

Pewnie jakiś syfek wpadł

ComboFix - przeskanuj.

9 Lipca 2009

Hej Hej ścinki na pulpicie robią się jak nie ma sterowników do grafiki, wejdź w menagera urządzeń i zobacz czy nie ma jakiś "wykrzykników".

10 Lipca 2009

Przeinstaluj sterowniki od grafiki, powinno pomóc.

Pokaż co tam z combofixa wyszło.

10 Lipca 2009

Ja użyłem ComboFix'a i wyszło mi coś takiego:

ComboFix 09-07-09.02 - DOM 2009-07-09 22:15.1.2 - NTFSx86
Microsoft Windows XP Home Edition  5.1.2600.2.1250.48.1045.18.1022.487 [GMT 2:00]
Uruchomiony z: c:\documents and settings\DOM\Pulpit\ComboFix.exe
.

(((((((((((((((((((((((((((((((((((((((   Usunięto   )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\3j2h0tf.bat
C:\8.exe
C:\9dlvtiil.exe
C:\Autorun.inf
C:\cahpcg.cmd
C:\d9c.bat
C:\fsaht.cmd
C:\gbm6n.exe
C:\gpcdt.cmd
C:\ix8bmwx.bat
C:\lad.bat
C:\m.com
C:\metdgv.bat
C:\okssgcjo.bat
C:\p.exe
C:\s.exe
C:\sm.exe
C:\sv8c2bjw.bat
C:\uhoxajc.cmd
C:\uo10sn.cmd
c:\windows\AhnRpta.exe
c:\windows\system32\_004087_.tmp.dll
c:\windows\system32\_004088_.tmp.dll
c:\windows\system32\_004089_.tmp.dll
c:\windows\system32\_004090_.tmp.dll
c:\windows\system32\_004097_.tmp.dll
c:\windows\system32\_004098_.tmp.dll
c:\windows\system32\_004099_.tmp.dll
c:\windows\system32\_004100_.tmp.dll
c:\windows\system32\_004101_.tmp.dll
c:\windows\system32\_004102_.tmp.dll
c:\windows\system32\_004103_.tmp.dll
c:\windows\system32\_004104_.tmp.dll
c:\windows\system32\_004105_.tmp.dll
c:\windows\system32\_004106_.tmp.dll
c:\windows\system32\_004107_.tmp.dll
c:\windows\system32\_004108_.tmp.dll
c:\windows\system32\_004109_.tmp.dll
c:\windows\system32\_004110_.tmp.dll
c:\windows\system32\_004111_.tmp.dll
c:\windows\system32\_004113_.tmp.dll
c:\windows\system32\_004116_.tmp.dll
c:\windows\system32\_004117_.tmp.dll
c:\windows\system32\_004121_.tmp.dll
c:\windows\system32\_004122_.tmp.dll
c:\windows\system32\_004123_.tmp.dll
c:\windows\system32\_004124_.tmp.dll
c:\windows\system32\_004125_.tmp.dll
c:\windows\system32\_004126_.tmp.dll
c:\windows\system32\_004127_.tmp.dll
c:\windows\system32\_004129_.tmp.dll
c:\windows\system32\_004130_.tmp.dll
c:\windows\system32\_004131_.tmp.dll
c:\windows\system32\_004132_.tmp.dll
c:\windows\system32\_004133_.tmp.dll
c:\windows\system32\_004134_.tmp.dll
c:\windows\system32\_004135_.tmp.dll
c:\windows\system32\_004136_.tmp.dll
c:\windows\system32\_004137_.tmp.dll
c:\windows\system32\_004138_.tmp.dll
c:\windows\system32\_004139_.tmp.dll
c:\windows\system32\_004140_.tmp.dll
c:\windows\system32\_004143_.tmp.dll
c:\windows\system32\_004144_.tmp.dll
c:\windows\system32\_004145_.tmp.dll
c:\windows\system32\_004147_.tmp.dll
c:\windows\system32\_004148_.tmp.dll
c:\windows\system32\_004149_.tmp.dll
c:\windows\system32\_004151_.tmp.dll
c:\windows\system32\_004154_.tmp.dll
c:\windows\system32\_004155_.tmp.dll
c:\windows\system32\_004159_.tmp.dll
c:\windows\system32\_004160_.tmp.dll
c:\windows\system32\_004162_.tmp.dll
c:\windows\system32\_004165_.tmp.dll
c:\windows\system32\_004167_.tmp.dll
c:\windows\system32\_004168_.tmp.dll
c:\windows\system32\_004169_.tmp.dll
c:\windows\system32\_004170_.tmp.dll
c:\windows\system32\_004173_.tmp.dll
c:\windows\system32\_004174_.tmp.dll
c:\windows\system32\_004175_.tmp.dll
c:\windows\system32\_004176_.tmp.dll
c:\windows\system32\_004177_.tmp.dll
c:\windows\system32\_004182_.tmp.dll
c:\windows\system32\afmain0.dll
c:\windows\system32\ddr.exe
c:\windows\system32\e8main0.dll
c:\windows\system32\e8main1.dll
c:\windows\system32\nmdfgds0.dll
c:\windows\system32\nmdfgds1.dll
c:\windows\system32\nmdfgds2.dll
c:\windows\system32\olhrwef.exe
C:\xdglur.bat
C:\xh319r9b.bat
C:\y6yol.exe
D:\2a.exe
D:\3.cmd
D:\3j2h0tf.bat
D:\8.exe
D:\9dlvtiil.exe
D:\Autorun.inf
D:\cahpcg.cmd
D:\d1vmq.exe
D:\d9c.bat
D:\fsaht.cmd
D:\gbm6n.exe
D:\gclwpivc.cmd
D:\gpcdt.cmd
D:\hkn6k.bat
D:\icxpa.cmd
D:\ix8bmwx.bat
D:\j.cmd
D:\lad.bat
D:\lc.exe
D:\m.com
D:\metdgv.bat
D:\n68mqcra.exe
D:\okssgcjo.bat
D:\q9.cmd
D:\sm.exe
D:\sv8c2bjw.bat
D:\uhoxajc.cmd
D:\ukvr.bat
D:\uo10sn.cmd
D:\w.com
D:\xdglur.bat
D:\xh319r9b.bat
D:\y6yol.exe
D:\yhh.bat
D:\ysep1.exe

.
(((((((((((((((((((((((((((((((((((((((   Sterowniki/Usługi   )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_AVPsys


(((((((((((((((((((((((((   Pliki utworzone od 2009-06-09 do 2009-07-09  )))))))))))))))))))))))))))))))
.

2050-06-07 16:51 . 2050-06-07 16:51	--------	d-----w-	c:\documents and settings\LocalService\Ustawienia lokalne\Dane aplikacji\ESET
2050-06-07 16:47 . 2050-06-07 16:47	--------	d-----w-	c:\documents and settings\DOM\Ustawienia lokalne\Dane aplikacji\ESET
2050-06-07 16:46 . 2050-06-07 16:46	--------	d-----w-	c:\documents and settings\All Users\Dane aplikacji\ESET
2050-05-08 19:13 . 2009-07-09 16:37	--------	d-----w-	c:\documents and settings\DOM\Dane aplikacji\AIMP
2009-07-06 21:37 . 2009-07-06 21:36	108130	--sh--r-	C:\q1alx.exe
2009-07-06 12:35 . 2009-07-06 12:35	--------	d-----w-	c:\program files\Robster Productions
2009-07-06 11:39 . 2009-07-06 12:11	--------	d-----w-	C:\Games
2009-07-05 18:46 . 2009-07-06 21:28	111059	--sh--r-	C:\aphqg.exe
2009-07-02 19:07 . 2009-07-02 19:07	106352	--sh--r-	C:\cj1m.com
2009-07-01 21:59 . 2009-07-01 21:59	--------	d-----w-	c:\documents and settings\DOM\Ustawienia lokalne\Dane aplikacji\AskToolbar
2009-06-30 16:28 . 2009-06-30 16:28	107917	--sh--r-	C:\hifdmgt.com
2009-06-30 09:49 . 2009-07-06 12:52	--------	d-----w-	c:\documents and settings\All Users\Dane aplikacji\OpenFM
2009-06-30 09:49 . 2009-06-30 09:49	--------	d-----w-	c:\documents and settings\DOM\.gstreamer-0.10
2009-06-29 16:12 . 2009-06-29 16:11	108386	--sh--r-	C:\2nuk.com
2009-06-29 11:02 . 2009-06-29 11:02	106931	--sh--r-	C:\n0euybx.exe
2009-06-28 14:31 . 2009-06-28 14:31	--------	d-----w-	c:\documents and settings\DOM\Dane aplikacji\OpenFM
2009-06-28 14:27 . 2009-06-28 14:27	--------	d-----w-	c:\program files\Nowe Gadu-Gadu
2009-06-24 22:05 . 2009-06-24 22:05	--------	d-----w-	c:\program files\Lavalys
2009-06-24 17:54 . 2009-06-24 17:54	--------	d-----w-	c:\documents and settings\DOM\Ustawienia lokalne\Dane aplikacji\vdownloader
2009-06-24 17:54 . 2009-06-24 17:54	--------	d-----w-	c:\program files\Ask.com
2009-06-24 17:54 . 2009-06-24 17:54	--------	d-----w-	c:\documents and settings\DOM\Dane aplikacji\Desktopicon
2009-06-24 17:54 . 2009-06-24 17:54	--------	d-----w-	c:\program files\VDOWNLOADER
2009-06-24 10:27 . 2009-06-24 10:34	--------	d-----w-	c:\program files\SpeedFan
2009-06-24 10:10 . 2009-06-24 10:09	106448	--sh--r-	C:\8paf1d.com
2009-06-23 18:45 . 2009-06-23 18:45	106209	--sh--r-	C:\xbvv6o.com
2009-06-23 12:19 . 2009-06-23 12:19	45768	----a-w-	c:\windows\system32\drivers\MiniIcpt.sys
2009-06-23 12:18 . 2009-06-23 12:18	766	----a-r-	c:\documents and settings\DOM\Dane aplikacji\Microsoft\Installer\{E89B484C-B913-49A0-959B-89E836001658}\ARPPRODUCTICON.exe
2009-06-23 11:07 . 2009-07-09 20:19	--------	d-----w-	c:\program files\Steam
2009-06-22 21:57 . 2009-06-22 21:57	--------	d-sh--w-	c:\documents and settings\All Users\Dane aplikacji\SecuROM
2009-06-22 21:54 . 2009-06-22 21:54	107888	----a-w-	c:\windows\system32\CmdLineExt.dll
2009-06-22 21:20 . 2009-06-22 21:20	--------	d--h--r-	c:\documents and settings\DOM\Dane aplikacji\SecuROM
2009-06-22 21:18 . 2009-06-22 21:18	--------	d-----w-	c:\windows\system32\LogFiles
2009-06-22 21:18 . 2009-06-22 21:18	--------	d-----w-	c:\windows\system32\drivers\umdf
2009-06-22 18:44 . 2006-03-02 12:00	9728	----a-w-	c:\windows\system32\dllcache\comrepl.exe
2009-06-22 18:15 . 2009-06-22 18:16	--------	d-----w-	c:\documents and settings\Administrator\Ustawienia lokalne\Dane aplikacji\Microsoft
2009-06-22 17:32 . 2009-06-23 10:58	--------	d-----w-	c:\windows\system32\pl-pl
2009-06-22 17:32 . 2009-06-23 10:54	--------	d-----w-	c:\windows\l2schemas
2009-06-22 17:32 . 2009-06-23 10:55	--------	d-----w-	c:\windows\system32\pl
2009-06-22 17:32 . 2009-06-23 10:55	--------	d-----w-	c:\windows\system32\bits
2009-06-22 17:27 . 2006-03-02 12:00	71040	------w-	c:\windows\system32\drivers\_004075_.tmp.dll
2009-06-22 17:26 . 2009-06-22 18:44	--------	d-----w-	c:\windows\EHome
2009-06-22 10:58 . 2009-06-22 10:58	--------	d-----w-	c:\documents and settings\DOM\Ustawienia lokalne\Dane aplikacji\Apple Computer
2009-06-19 19:54 . 2009-06-22 15:22	--------	d-----w-	c:\documents and settings\DOM\Dane aplikacji\Hamachi
2009-06-19 19:53 . 2009-06-19 19:53	25280	----a-w-	c:\windows\system32\drivers\hamachi.sys
2009-06-19 19:53 . 2009-06-19 19:53	--------	d-----w-	c:\program files\Hamachi
2009-06-14 18:25 . 2009-06-14 18:25	--------	d-----w-	c:\program files\TeamViewer
2009-06-14 17:21 . 2009-06-14 17:21	--------	d-----w-	c:\documents and settings\DOM\Dane aplikacji\TeamViewer
2009-06-14 17:18 . 2009-06-14 17:21	--------	d-----w-	c:\documents and settings\DOM\temp
2009-06-13 11:56 . 2009-06-13 11:56	--------	d-----w-	c:\documents and settings\DOM\Dane aplikacji\GlarySoft
2009-06-13 11:52 . 2009-06-13 11:53	--------	d-----w-	c:\program files\Absolute Uninstaller
2009-06-12 20:36 . 2009-06-12 20:36	--------	d-----w-	c:\documents and settings\All Users\Dane aplikacji\Blizzard
2009-06-12 20:30 . 2009-06-13 07:04	--------	d-----w-	c:\program files\Common Files\Blizzard Entertainment
2009-06-11 19:57 . 2009-06-11 19:57	--------	d-----w-	c:\documents and settings\DOM\Ustawienia lokalne\Dane aplikacji\Opera
2009-06-11 19:57 . 2009-06-28 14:36	--------	d-----w-	c:\program files\Opera

.
((((((((((((((((((((((((((((((((((((((((   Sekcja Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-07-03 19:30 . 2009-05-25 13:32	--------	d-----w-	c:\documents and settings\DOM\Dane aplikacji\teamspeak2
2009-06-28 16:53 . 2009-05-07 17:59	70008	----a-w-	c:\documents and settings\DOM\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT
2009-06-23 12:18 . 2009-05-06 21:33	--------	d-----w-	c:\program files\Common Files\InstallShield
2009-06-23 12:18 . 2009-05-06 21:33	--------	d--h--w-	c:\program files\InstallShield Installation Information
2009-06-23 11:00 . 2006-03-02 12:00	49712	----a-w-	c:\windows\system32\perfc015.dat
2009-06-23 11:00 . 2006-03-02 12:00	355830	----a-w-	c:\windows\system32\perfh015.dat
2009-06-23 10:58 . 2009-05-07 17:51	96256	----a-w-	c:\windows\system32\drivers\sptd6605.sys
2009-06-23 10:54 . 2009-05-06 21:25	76487	----a-w-	c:\windows\pchealth\helpctr\OfflineCache\index.dat
2009-06-13 10:48 . 2009-05-23 15:49	--------	d-----w-	c:\program files\Norton Security Scan
2009-06-13 10:48 . 2009-05-23 15:49	--------	d-----w-	c:\program files\Common Files\Symantec Shared
2009-06-09 18:11 . 2009-06-09 18:12	104826	--sh--r-	C:\g6e.exe
2009-06-07 14:42 . 2009-06-07 14:42	152576	----a-w-	c:\documents and settings\DOM\Dane aplikacji\Sun\Java\jre1.6.0_13\lzma.dll
2009-06-04 20:56 . 2009-06-04 20:56	--------	d-----w-	c:\documents and settings\DOM\Dane aplikacji\Media Player Classic
2009-06-02 13:49 . 2009-06-02 13:49	--------	d-----w-	c:\documents and settings\DOM\Dane aplikacji\dBpoweramp
2009-06-01 21:24 . 2009-06-01 21:24	--------	d-----w-	c:\documents and settings\DOM\Dane aplikacji\AccurateRip
2009-06-01 21:24 . 2009-06-01 21:24	14373	----a-w-	c:\windows\system32\SpoonUninstall-dBpoweramp Music Converter.dat
2009-06-01 21:24 . 2009-06-01 21:24	--------	d-----w-	c:\program files\Illustrate
2009-06-01 21:23 . 2009-06-01 21:24	5433520	----a-w-	c:\windows\system32\SpoonUninstall.exe
2009-05-30 11:27 . 2009-05-30 11:27	--------	d-----w-	c:\program files\Livebox Reconnect 2.0 Pro
2009-05-28 09:23 . 2009-05-28 09:23	42088	----a-w-	c:\documents and settings\DOM\Dane aplikacji\Nowe Gadu-Gadu\_userdata\ggbho.1.dll
2009-05-28 08:34 . 2009-05-28 08:34	11264	----a-w-	c:\documents and settings\DOM\Dane aplikacji\Nowe Gadu-Gadu\_userdata\npgg.1.dll
2009-05-15 13:44 . 2009-05-15 13:44	4096	----a-w-	c:\windows\d3dx.dat
2009-05-12 18:27 . 2009-05-12 18:24	--------	d-----w-	c:\documents and settings\DOM\Dane aplikacji\Ventrilo
2009-05-12 18:24 . 2009-05-12 18:24	--------	d-----w-	c:\program files\Ventrilo Mix
2009-05-12 16:43 . 2009-05-12 16:43	--------	d-----w-	c:\documents and settings\All Users\Dane aplikacji\Yahoo! Companion
2009-05-08 18:53 . 2009-05-08 18:49	6110	----a-w-	c:\windows\BricoPackFoldersDelete.cmd
2009-05-08 18:53 . 2009-05-08 18:53	65109	----a-w-	c:\windows\BricoPackUninst.cmd
2009-05-08 18:53 . 2009-05-08 18:53	219648	----a-w-	c:\windows\system32\nse343.tmp
2009-05-08 18:44 . 2009-05-08 18:44	0	----a-w-	c:\windows\nsreg.dat
2009-05-07 17:53 . 2009-05-07 17:53	223128	----a-w-	c:\windows\system32\drivers\dtscsi.sys
2009-05-07 17:51 . 2009-05-07 17:51	664064	----a-w-	c:\windows\system32\drivers\sptd.sys
2009-05-06 21:43 . 2009-05-06 21:32	15600	----a-w-	c:\windows\gdrv.sys
2009-05-06 21:33 . 2009-05-06 21:33	315392	----a-w-	c:\windows\HideWin.exe
2009-05-06 21:23 . 2009-05-06 21:23	21856	----a-w-	c:\windows\system32\emptyregdb.dat
.

(((((((((((((((((((((((((((((((((((((   Wpisy startowe rejestru   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane  
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2009-05-19 11:37	1144712	----a-w-	c:\program files\Ask.com\GenericAskToolbar.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2006-03-02 15360]
"Steam"="c:\program files\steam\steam.exe" [2009-06-23 1217784]
"Nowe Gadu-Gadu"="c:\program files\Nowe Gadu-Gadu\gg.exe" [2009-05-28 10486376]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-05-10 8429568]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-05-10 81920]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 40048]
"WheelMouse"="c:\program files\A4Tech\Mouse\Amoumain.exe" [2008-03-05 241664]
"RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.exe [2007-05-10 16342528]
"nwiz"="nwiz.exe" - c:\windows\system32\nwiz.exe [2007-05-10 1626112]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2006-03-02 15360]

c:\documents and settings\DOM\Menu Start\Programy\Autostart\
RocketDock.lnk - d:\windows\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe [2007-3-19 630784]

[HKLM\~\startupfolder\C:^Documents and Settings^DOM^Menu Start^Programy^Autostart^hamachi.lnk]
path=c:\documents and settings\DOM\Menu Start\Programy\Autostart\hamachi.lnk
backup=c:\windows\pss\hamachi.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"d:\\Program Files\\Steam\\steamapps\\masieqte\\counter-strike\\hl.exe"=
"d:\\Program Files\\Gadu-Gadu\\gg.exe"=
"d:\\Program Files\\PES 2009\\pes2009.exe"=
"d:\\Program Files\\World of Warcraft\\WoW-3.0.1-to-3.0.2-enGB-Win-Update-downloader.exe"=
"d:\\Program Files\\World of Warcraft\\Launcher.exe"=
"d:\\Program Files\\World of Warcraft\\WoW-3.0.9.9551-to-3.1.0.9767-enGB-downloader.exe"=
"c:\\Documents and Settings\\DOM\\temp\\TeamViewer3\\TeamViewer.exe"=
"c:\\Program Files\\TeamViewer\\Version4\\TeamViewer.exe"=
"c:\\Program Files\\Steam\\steamapps\\masieqte\\counter-strike\\hl.exe"=
"c:\\Program Files\\Steam\\Steam.exe"=
"c:\\Program Files\\Nowe Gadu-Gadu\\gg.exe"=
"c:\\Program Files\\Steam\\steamapps\\mrmakaveli223\\counter-strike\\hl.exe"=
"d:\\Program Files\\Electronic Arts\\Need for Speed Carbon\\NFSC.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3724:TCP"= 3724:TCP:Blizzard Downloader
"6112:TCP"= 6112:TCP:Blizzard Downloader

.
Zawartość folderu 'Zaplanowane zadania'

2009-07-09 c:\windows\Tasks\Scheduled Update for Ask Toolbar.job
- c:\program files\Ask.com\UpdateTask.exe [2009-05-19 11:37]
.
- - - - USUNIĘTO PUSTE WPISY - - - -

Notify-dimsntfy - (no file)


.
------- Skan uzupełniający -------
.
uStart Page = hxxp://www.ask.com?o=14780&l=dis
mStart Page = hxxp://www.yahoo.com
IE: E&ksportuj do programu Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
FF - ProfilePath - c:\documents and settings\DOM\Dane aplikacji\Mozilla\Firefox\Profiles\3t1srfo7.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.pl/
FF - prefs.js: keyword.URL - hxxp://supertoolbar.ask.com/redirect?client=ff&src=kw&tb=VD&o=14778&locale=en_US&q=
FF - plugin: c:\documents and settings\DOM\Dane aplikacji\Nowe Gadu-Gadu\_userdata\npgg.1.dll
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [URL]http://www.gmer.net[/URL]
Rootkit scan 2009-07-09 22:19
Windows 5.1.2600 Dodatek Service Pack 2 NTFS

skanowanie ukrytych procesów ...  

skanowanie ukrytych wpisów autostartu ... 

skanowanie ukrytych plików ...  

skanowanie pomyślnie ukończone
ukryte pliki: 0

**************************************************************************
.
--------------------- ZABLOKOWANE KLUCZE REJESTRU ---------------------

[HKEY_USERS\S-1-5-21-1547161642-1604221776-725345543-1004\Software\SecuROM\License information*]
"datasecu"=hex:7d,5e,0b,05,b4,70,f7,a2,1d,6c,f3,95,5b,96,52,f2,26,ab,e2,86,be,
   75,11,5c,5e,fe,79,21,97,2e,76,d9,19,b6,f6,b4,ad,8d,82,e2,35,4c,38,5f,c0,2d,\
"rkeysecu"=hex:2f,0f,d5,3e,02,2b,06,63,b1,0b,dd,b6,71,e2,54,98
.
--------------------- Pliki DLL ładowane pod uruchomionymi procesami ---------------------

- - - - - - - > 'explorer.exe'(2908)
d:\windows\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.dll
c:\windows\system32\msi.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Pozostałe uruchomione procesy ------------------------
.
c:\windows\system32\nvsvc32.exe
c:\windows\system32\rundll32.exe
c:\program files\Nowe Gadu-Gadu\spellchecker_gg.exe
.
**************************************************************************
.
Czas ukończenia: 2009-07-09 22:20 - komputer został uruchomiony ponownie
ComboFix-quarantined-files.txt  2009-07-09 20:20

Przed: 7 856 037 888 bajtów wolnych
Po: 9 137 180 672 bajtów wolnych

WindowsXP-KB310994-SP2-Home-BootDisk-PLK.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect /usepmtimer

Current=1 Default=1 Failed=0 LastKnownGood=6 Sets=1,2,3,4,5,6
349

10 Lipca 2009

ComboFix 09-07-09.08 - User 2009-07-10 14:40.1.1 - NTFSx86

Microsoft Windows XP Professional 5.1.2600.2.1250.48.1045.18.255.84 [GMT 2:00]

Uruchomiony z: c:\documents and settings\User\Pulpit\ComboFix.exe

AV: BitDefender Antivirus *On-access scanning enabled* (Updated) {6C4BB89C-B0ED-4F41-A29C-4373888923BB}

FW: BitDefender Firewall *disabled* {4055920F-2E99-48A8-A270-4243D2B8F242}

FW: Norton AntiVirus *disabled* {990F9400-4CEE-43EA-A83A-D013ADD8EA6E}

.

((((((((((((((((((((((((((((((((((((((( Usunięto )))))))))))))))))))))))))))))))))))))))))))))))))

.

c:\docume~1\User\USTAWI~1\Temp\~75.tmp

c:\documents and settings\User\Ustawienia lokalne\Temp\~75.tmp

c:\program files\Mozilla Firefox\plugins\NPMyGlSh.dll

c:\program files\myglobalsearch

c:\program files\myglobalsearch\bar\2.bin\M9FFXTBR.JAR

c:\program files\myglobalsearch\bar\2.bin\M9FFXTBR.MANIFEST

c:\program files\myglobalsearch\bar\2.bin\M9NTSTBR.JAR

c:\program files\myglobalsearch\bar\2.bin\M9NTSTBR.MANIFEST

c:\program files\myglobalsearch\bar\2.bin\M9PLUGIN.DLL

c:\program files\myglobalsearch\bar\2.bin\MGSBAR.DLL

c:\program files\myglobalsearch\bar\2.bin\NPMYGLSH.DLL

c:\program files\myglobalsearch\bar\Cache\00045734

c:\program files\myglobalsearch\bar\Cache\000742A4.bin

c:\program files\myglobalsearch\bar\Cache\000745A2.bin

c:\program files\myglobalsearch\bar\Cache\00074796.bin

c:\program files\myglobalsearch\bar\Cache\files.ini

c:\program files\myglobalsearch\bar\History\search

c:\program files\myglobalsearch\bar\Settings\prevcfg.htm

c:\windows\system32\bn.dll

.

((((((((((((((((((((((((((((((((((((((( Sterowniki/Usługi )))))))))))))))))))))))))))))))))))))))))))))))))

.

-------\Legacy_OREANS32

-------\Service_oreans32

((((((((((((((((((((((((( Pliki utworzone od 2009-06-10 do 2009-07-10 )))))))))))))))))))))))))))))))

.

2009-07-05 13:09 . 2007-03-13 15:30 649432 ----a-w- c:\windows\system32\drivers\cfosspeed.sys

2009-07-05 13:08 . 2007-03-13 15:30 281816 ----a-w- c:\windows\system32\cfosspeed.dll

2009-06-29 18:01 . 2009-06-29 18:01 15872 ----a-r- c:\documents and settings\User\Dane aplikacji\Microsoft\Installer\{048298C9-A4D3-490B-9FF9-AB023A9238F3}\Icon048298C9.exe

2009-06-29 18:01 . 2009-06-29 18:01 -------- d-----w- c:\program files\Valve

2009-06-28 19:51 . 2009-06-28 19:51 -------- d-----w- c:\program files\MSXML 4.0

2009-06-23 18:00 . 2006-11-01 12:42 33280 ----a-w- c:\windows\system32\drivers\AmdLLD.sys

2009-06-23 18:00 . 2009-06-23 18:00 -------- d-----w- c:\program files\AMD

2009-06-23 17:24 . 2007-03-29 02:42 29704 ----a-w- c:\windows\system32\uxtuneup.dll

2009-06-23 17:22 . 2009-07-05 13:54 -------- d-----w- c:\program files\TuneUp Utilities 2007

2009-06-23 17:22 . 2009-06-23 17:22 -------- d-----w- c:\documents and settings\User\Dane aplikacji\TuneUp Software

2009-06-23 17:22 . 2009-06-23 17:22 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\TuneUp Software

2009-06-23 17:22 . 2009-06-23 17:22 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard

2009-06-23 16:31 . 2009-06-23 16:31 -------- d-----w- c:\program files\NVTweak

2009-06-23 16:28 . 2009-06-23 16:29 -------- d-----w- c:\program files\aTuner

2009-06-23 16:18 . 2009-06-28 19:01 -------- d-----w- C:\NVIDIA

2009-06-23 16:05 . 2009-06-23 16:05 664 ----a-w- c:\windows\system32\d3d9caps.dat

2009-06-23 15:59 . 2009-06-23 16:28 -------- d-----w- c:\program files\GeForceTweakUtility

2009-06-23 15:52 . 2006-10-22 10:22 1622016 ----a-w- c:\windows\system32\nwiz.exe

2009-06-23 15:52 . 2006-10-22 10:22 466944 ----a-w- c:\windows\system32\nvshell.dll

2009-06-23 15:52 . 2006-10-22 10:22 1470464 ----a-w- c:\windows\system32\nview.dll

2009-06-23 15:52 . 2006-10-22 10:22 1019904 ----a-w- c:\windows\system32\nvwimg.dll

2009-06-23 15:52 . 2006-10-22 13:06 208896 ----a-w- c:\windows\system32\nvudisp.exe

2009-06-23 15:52 . 2006-10-22 10:22 442368 ----a-w- c:\windows\system32\nvappbar.exe

2009-06-23 15:52 . 2006-10-22 10:22 425984 ----a-w- c:\windows\system32\keystone.exe

2009-06-23 15:52 . 2006-10-22 10:22 1339392 ----a-w- c:\windows\system32\nvdspsch.exe

2009-06-23 15:50 . 2006-10-22 10:22 81920 ----a-w- c:\windows\system32\nvwddi.dll

2009-06-23 15:50 . 2006-10-22 10:22 1662976 ----a-w- c:\windows\system32\nvwdmcpl.dll

2009-06-23 15:50 . 2006-10-22 10:22 86016 ----a-w- c:\windows\system32\nvmctray.dll

2009-06-23 15:50 . 2006-10-22 10:22 5644288 ----a-w- c:\windows\system32\nvoglnt.dll

2009-06-23 15:50 . 2006-10-22 10:22 286720 ----a-w- c:\windows\system32\nvnt4cpl.dll

2009-06-23 15:50 . 2006-10-22 10:22 7700480 ----a-w- c:\windows\system32\nvcpl.dll

2009-06-23 15:50 . 2006-10-22 10:22 35840 ----a-w- c:\windows\system32\nvcodins.dll

2009-06-23 15:50 . 2006-10-22 10:22 35840 ----a-w- c:\windows\system32\nvcod.dll

2009-06-23 15:48 . 2006-10-22 10:22 3994624 -c--a-w- c:\windows\system32\dllcache\nv4_mini.sys

2009-06-23 15:48 . 2006-10-22 10:22 3994624 ----a-w- c:\windows\system32\drivers\nv4_mini.sys

2009-06-12 12:35 . 2009-06-28 13:37 -------- d-----w- C:\Downloads

2009-06-12 12:34 . 2009-06-12 12:34 1048576 ----a-w- c:\documents and settings\User\Dane aplikacji\Mozilla\Firefox\Profiles\4jchpx9a.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}\components\IBitCometExtension.dll

.

(((((((((((((((((((((((((((((((((((((((( Sekcja Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2009-07-06 16:45 . 2009-02-02 16:26 -------- d-----w- c:\documents and settings\User\Dane aplikacji\mIRC

2009-07-06 16:33 . 2009-06-08 17:09 -------- d-----w- c:\program files\mIRC

2009-07-05 16:44 . 2009-02-07 21:02 -------- d-----w- c:\documents and settings\User\Dane aplikacji\skypePM

2009-07-05 16:14 . 2009-02-26 19:16 -------- d-----w- c:\documents and settings\User\Dane aplikacji\Skype

2009-07-03 15:20 . 2009-05-17 21:29 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\FLEXnet

2009-06-29 11:40 . 2009-01-09 13:28 32544 -c--a-w- c:\documents and settings\User\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT

2009-06-14 10:02 . 2009-01-09 13:19 -------- d-----w- c:\program files\HD Tune

2009-06-11 13:29 . 2009-01-09 13:35 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\Microsoft Help

2009-06-11 13:22 . 2009-03-19 14:05 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\Lavasoft

2009-06-10 10:08 . 2009-01-24 23:05 -------- d-----w- c:\documents and settings\User\Dane aplikacji\Hamachi

2009-06-04 18:14 . 2009-06-03 18:12 -------- d-----w- c:\program files\NAPI-PROJEKT

2009-06-04 15:51 . 2009-06-04 15:51 33824 ----a-w- c:\windows\system32\drivers\oreans32.sys

2009-06-03 20:20 . 2009-06-03 20:20 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\nView_Profiles

2009-06-03 18:12 . 2009-06-03 18:12 -------- d-----w- c:\program files\ALLPlayer

2009-06-02 13:20 . 2009-06-02 13:20 -------- d-----w- c:\documents and settings\User\Dane aplikacji\Ahead

2009-05-30 10:17 . 2009-05-29 12:35 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\Spybot - Search & Destroy

2009-05-30 10:15 . 2009-04-04 14:58 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\Apple Computer

2009-05-30 10:12 . 2009-05-22 14:16 -------- d-----w- c:\program files\Winamp

2009-05-29 12:21 . 2009-05-29 12:21 -------- d-----w- c:\documents and settings\User\Dane aplikacji\Lavasoft

2009-05-26 18:49 . 2009-05-26 18:47 -------- d-----w- c:\program files\Hamachi

2009-05-26 18:48 . 2009-01-24 23:04 25280 ----a-w- c:\windows\system32\drivers\hamachi.sys

2009-05-23 11:21 . 2009-05-22 14:16 -------- d-----w- c:\documents and settings\User\Dane aplikacji\Winamp

2009-05-20 15:20 . 2009-02-21 20:06 -------- d-----w- c:\program files\BearShare

2009-05-17 21:23 . 2009-01-09 13:32 -------- d-----w- c:\program files\Common Files\Adobe

2009-05-17 21:20 . 2009-05-17 21:20 -------- d-----w- c:\program files\Bonjour

2009-05-17 20:52 . 2009-05-17 20:52 -------- d-----w- c:\program files\Common Files\Macrovision Shared

2009-05-12 15:16 . 2009-03-13 19:12 -------- d-----w- c:\program files\VentriloMIX

2009-05-10 16:27 . 2009-05-10 16:27 259584 ----a-w- c:\windows\system32\xtbaksm.dat

2009-05-07 18:26 . 2001-10-26 18:15 49492 ----a-w- c:\windows\system32\perfc015.dat

2009-05-07 18:26 . 2001-10-26 18:15 355486 ----a-w- c:\windows\system32\perfh015.dat

2009-05-07 18:20 . 2009-05-07 18:17 81984 ----a-w- c:\windows\system32\bdod.bin

2009-05-07 15:44 . 2004-08-04 00:44 346112 ----a-w- c:\windows\system32\localspl.dll

2009-04-29 04:53 . 2004-08-04 00:44 662016 ----a-w- c:\windows\system32\wininet.dll

2009-04-23 11:45 . 2009-04-23 11:45 510 ----a-w- c:\windows\system32\xtupdate.dat

2009-04-21 18:58 . 2009-04-21 18:58 1 ----a-w- c:\documents and settings\User\Dane aplikacji\OpenOffice.org\3\user\uno_packages\cache\stamp.sys

2009-04-19 20:11 . 2004-08-04 00:37 1846912 ----a-w- c:\windows\system32\win32k.sys

2009-04-15 15:18 . 2004-08-04 00:44 584192 ----a-w- c:\windows\system32\rpcrt4.dll

.

((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru ))))))))))))))))))))))))))))))))))))))))))))))))))

.

*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane

REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Gadu-Gadu"="d:\program files\Gadu-Gadu\gg.exe" [2008-03-20 2127296]

"Steam"="c:\program files\valve\steam\steam.exe" [2009-06-29 1217784]

"ccleaner"="d:\program files\CCleaner\CCleaner.exe" [2009-06-25 1578736]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-10-22 7700480]

"cFosSpeed"="d:\program files\cFosSpeed.exe" [2007-03-13 834776]

"NvMediaCenter"="NvMCTray.dll" - c:\windows\system32\nvmctray.dll [2006-10-22 86016]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"SynchronousMachineGroupPolicy"= 0 (0x0)

"SynchronousUserGroupPolicy"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]

"NoStrCmpLogical"= 1 (0x1)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]

"NoSMBalloonTip"= 1 (0x1)

"MemCheckBoxInRunDlg"= 0 (0x0)

"NoResolveTrack"= 0 (0x0)

"NoWelcomeScreen"= 1 (0x1)

"NoRecentDocsNetHood"= 1 (0x1)

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^Kalendarz XP.lnk]

path=c:\documents and settings\All Users\Menu Start\Programy\Autostart\Kalendarz XP.lnk

backup=c:\windows\pss\Kalendarz XP.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^User^Menu Start^Programy^Autostart^hamachi.lnk]

path=c:\documents and settings\User\Menu Start\Programy\Autostart\hamachi.lnk

backup=c:\windows\pss\hamachi.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^User^Menu Start^Programy^Autostart^OpenOffice.org 3.0.lnk]

path=c:\documents and settings\User\Menu Start\Programy\Autostart\OpenOffice.org 3.0.lnk

backup=c:\windows\pss\OpenOffice.org 3.0.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^User^Menu Start^Programy^Autostart^smgr32.exe]

path=c:\documents and settings\User\Menu Start\Programy\Autostart\smgr32.exe

backup=c:\windows\pss\smgr32.exeStartup

[HKLM\~\startupfolder\C:^Documents and Settings^User^Menu Start^Programy^Autostart^Tworzenie wycinków ekranu i uruchamianie programu OneNote 2007.lnk]

path=c:\documents and settings\User\Menu Start\Programy\Autostart\Tworzenie wycinków ekranu i uruchamianie programu OneNote 2007.lnk

backup=c:\windows\pss\Tworzenie wycinków ekranu i uruchamianie programu OneNote 2007.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]

"xmlprov"=3 (0x3)

"WmiApSrv"=3 (0x3)

"Wmi"=3 (0x3)

"WmdmPmSN"=3 (0x3)

"VSS"=3 (0x3)

"UPS"=3 (0x3)

"upnphost"=3 (0x3)

"SysmonLog"=3 (0x3)

"SwPrv"=3 (0x3)

"SCardSvr"=3 (0x3)

"RSVP"=3 (0x3)

"RDSessMgr"=3 (0x3)

"ose"=3 (0x3)

"odserv"=3 (0x3)

"NtmsSvc"=3 (0x3)

"NtLmSsp"=3 (0x3)

"Netlogon"=2 (0x2)

"MSIServer"=3 (0x3)

"MSDTC"=3 (0x3)

"mnmsrvc"=3 (0x3)

"ImapiService"=3 (0x3)

"HTTPFilter"=3 (0x3)

"dmadmin"=3 (0x3)

"COMSysApp"=3 (0x3)

"Browser"=3 (0x3)

"AppMgmt"=3 (0x3)

"stisvc"=3 (0x3)

"RichVideo"=2 (0x2)

"RasAuto"=3 (0x3)

"NMIndexingService"=3 (0x3)

"JavaQuickStarterService"=2 (0x2)

"iPod Service"=3 (0x3)

"Bonjour Service"=2 (0x2)

"Apple Mobile Device"=2 (0x2)

"FLEXnet Licensing Service"=3 (0x3)

"wuauserv"=3 (0x3)

"WebClient"=3 (0x3)

"W32Time"=3 (0x3)

"seclogon"=3 (0x3)

"Schedule"=3 (0x3)

"PolicyAgent"=3 (0x3)

"helpsvc"=3 (0x3)

"FastUserSwitchingCompatibility"=3 (0x3)

"CryptSvc"=3 (0x3)

"Alerter"=3 (0x3)

"cFosSpeedS"=2 (0x2)

[HKEY_LOCAL_MACHINE\software\microsoft\security center]

"UpdatesDisableNotify"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]

"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]

"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]

"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]

"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"c:\\Program Files\\CyberLink\\PowerDVD\\PowerDVD.exe"=

"c:\\Program Files\\Valve\\Steam\\SteamApps\\mlody1423\\counter-strike\\hl.exe"=

"c:\\Program Files\\Valve\\Steam\\Steam.exe"=

"c:\\Program Files\\mIRC\\mirc.exe"=

"c:\\Program Files\\BearShare\\BearShare.exe"=

"c:\\Documents and Settings\\All Users\\Dane aplikacji\\Kaspersky Lab Setup Files\\Kaspersky Anti-Virus 2009\\english\\setup.exe"=

"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=

"c:\\Program Files\\Common Files\\Ahead\\Nero Web\\SetupX.exe"=

"d:\\Program Files\\BitComet\\BitComet.exe"=

"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]

"8749:TCP"= 8749:TCP:BitComet 8749 TCP

"8749:UDP"= 8749:UDP:BitComet 8749 UDP

R2 PStrip;PStrip;c:\windows\system32\drivers\pstrip.sys [2007-07-15 27992]

R3 V0330VID;WebCam Vista/Live! Cam Chat;c:\windows\system32\drivers\V0330Vid.sys [2009-03-08 157696]

S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys --> c:\windows\system32\DRIVERS\Lbd.sys [?]

S3 pnicml;pnicml;\??\c:\docume~1\User\USTAWI~1\Temp\pnicml.sys --> c:\docume~1\User\USTAWI~1\Temp\pnicml.sys [?]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs

UxTuneUp

.

Zawartość folderu 'Zaplanowane zadania'

2009-06-26 c:\windows\Tasks\1-Click Maintenance.job

- c:\program files\TuneUp Utilities 2007\SystemOptimizer.exe [2006-12-19 04:51]

2009-05-06 c:\windows\Tasks\WGASetup.job

- c:\windows\system32\KB905474\wgasetup.exe [2009-05-06 20:18]

.

------- Skan uzupełniający -------

.

uStart Page = hxxp://www.onet.pl/

uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7

uInternet Settings,ProxyOverride = *.local

IE: E&ksportuj do programu Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000

IE: Pobierz wszystkie VIdeo za pomocą BitComet - d:\program files\BitComet\BitComet.exe/AddVideo.htm

IE: Pobierz wszystko za pomocą BitComet - d:\program files\BitComet\BitComet.exe/AddAllLink.htm

IE: Pobierz za pomocą BitComet - d:\program files\BitComet\BitComet.exe/AddLink.htm

TCP: {96982BD1-26A5-42AB-9859-0F2B38DBBE41} = 208.67.222.222,208.67.220.220

FF - ProfilePath - c:\documents and settings\User\Dane aplikacji\Mozilla\Firefox\Profiles\4jchpx9a.default\

---- FIREFOX - SPOSÓB POSTĘPOWANIA ----

FF - user.js: network.http.max-connections-per-server - 4

FF - user.js: content.max.tokenizing.time - 1500000

FF - user.js: content.notify.interval - 750000

FF - user.js: nglayout.initialpaint.delay - 100

.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2009-07-10 14:53

Windows 5.1.2600 Dodatek Service Pack 2 NTFS

skanowanie ukrytych procesów ...

skanowanie ukrytych wpisów autostartu ...

skanowanie ukrytych plików ...

skanowanie pomyślnie ukończone

ukryte pliki: 0

**************************************************************************

.

------------------------ Pozostałe uruchomione procesy ------------------------

.

c:\windows\system32\nvsvc32.exe

c:\windows\system32\wdfmgr.exe

c:\windows\pchealth\helpctr\binaries\HelpSvc.exe

.

**************************************************************************

.

Czas ukończenia: 2009-07-10 14:58 - komputer został uruchomiony ponownie

ComboFix-quarantined-files.txt 2009-07-10 12:58

Przed: 19 940 929 536 bajtów wolnych

Po: 19 874 242 560 bajtów wolnych

WindowsXP-KB310994-SP2-Pro-BootDisk-PLK.exe

[boot loader]

timeout=2

default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS

[operating systems]

c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons

multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect /usepmtimer

285 --- E O F --- 2009-06-28 22:06

Takie coś mi wyszło .. polepszyło sie ale o troche

Co mam jeszcze zrobic ?

12 Lipca 2009

To dla fatalek!

Otwórz Notatnik i wklej do niego:

File::
    C:\q1alx.exe
    C:\n0euybx.exe
    C:\2nuk.com 
    C:\cj1m.com 
    C:\xbvv6o.com 
    C:\8paf1d.com 
    
    Registry::
[HKLM\~\startupfolder\C:^Documents and Settings^User^Menu Start^Programy^Autostart^smgr32.exe]
path=c:\documents and settings\User\Menu Start\Programy\Autostart\smgr32.exe
backup=c:\windows\pss\smgr32.exeStartup

Plik zapisz pod nazwą CFScript, najlepiej w tym samym folderze co Combofix.exe

Przeciągnij i upuść ikonkę CFScript.txt na ikonkę Combofix.exe

Powinno się rozpocząć usuwanie.

Potem dajesz log z usuwania Combofix.

Zaloguj się

cs 1.6 Krotkie scinki na pulpicie i w grach ;/

Masz dosyć problemów z czynnikiem zaufania w CS2 lub notorycznymi banami?

Rekomendowane odpowiedzi

gb dust

Odnośnik do komentarza

DarkGL

Odnośnik do komentarza

gb dust

Odnośnik do komentarza

EMO

Odnośnik do komentarza

.rk

Odnośnik do komentarza

chester

Odnośnik do komentarza

fatalek!

Odnośnik do komentarza

gb dust

Odnośnik do komentarza

chester

Odnośnik do komentarza

Ostatnio przeglądający 0 użytkowników

Podobna zawartość

Cała aktywność

Społeczność

CSH Shop

Powiadomienie o plikach cookie