Proszę o sprawdzenie loga - Wersja do druku +- SafeGroup (https://safegroup.pl) +-- Dział: Bezpieczeństwo (https://safegroup.pl/forum-10.html) +--- Dział: Pomoc po zainfekowaniu (https://safegroup.pl/forum-5.html) +--- Wątek: Proszę o sprawdzenie loga (/thread-231.html) |
Proszę o sprawdzenie loga - Lucas82 - 07.11.2007 [code:1] Logfile of HijackThis v1.99.1 Scan saved at 22:30:27, on 2007-11-07 Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16544) Running processes: C:WINDOWSSystem32smss.exe C:WINDOWSsystem32winlogon.exe C:WINDOWSsystem32services.exe C:WINDOWSsystem32lsass.exe C:WINDOWSsystem32Ati2evxx.exe C:WINDOWSsystem32svchost.exe C:WINDOWSSystem32svchost.exe C:WINDOWSsystem32ZoneLabsvsmon.exe Crogram FilesLavasoftAd-Aware 2007aawservice.exe C:WINDOWSsystem32spoolsv.exe Crogram FilesAntiVir PersonalEdition Premiumavguard.exe C:WINDOWSsystem32Ati2evxx.exe C:WINDOWSExplorer.EXE Crogram Filesa-squared Freea2service.exe Crogram FilesAntiVir PersonalEdition Premiumsched.exe Crogram FilesAntiVir PersonalEdition Premiumavesvc.exe Crogram FilesWIDCOMMOprogramowanie interfejsu Bluetoothbinbtwdins.exe Crogram FilesioloCommonLibioloDMVSvc.exe crogram FilesCommon FilesLightScribeLSSrvc.exe C:WINDOWSsystem32svchost.exe Crogram FilesAntiVir PersonalEdition Premiumavmailc.exe C:WINDOWSRTHDCPL.EXE Crogram FilesASUSPower4 GearBatteryLife.exe Crogram FilesAntiVir PersonalEdition Premiumavgnt.exe Crogram FilesioloSystem Mechanic 7SMSystemAnalyzer.exe Crogram FilesZone LabsZoneAlarmzlclient.exe C:WINDOWSvsnpstd.exe Crogram FilesSpybot - Search & DestroyTeaTimer.exe Crogram FilesDNAbtdna.exe Crogram FilesLavasoftAd-Aware 2007Ad-Watch2007.exe Crogram FilesASUSAsus ChkMailChkMail.exe Crogram FilesWIDCOMMOprogramowanie interfejsu BluetoothBTTray.exe Crogram FilesTlen.pltlen.exe Crogram FilesMozilla Firefoxfirefox.exe C:WINDOWSsystem32ctfmon.exe Cocuments and SettingsLucasPulpitHijackThis.exe R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = [Aby zobaczyć linki, zarejestruj się tutaj] R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL =[Aby zobaczyć linki, zarejestruj się tutaj] R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Local Page =R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Local Page = R1 - HKCUSoftwareMicrosoftInternet Connection Wizard,ShellNext = [Aby zobaczyć linki, zarejestruj się tutaj] R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Window Title = Di-RectR0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Ĺącza O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - Crogram FilesAdobeAcrobat 7.0ActiveXAcroIEHelper.dll O2 - BHO: (no name) - {4E7BD74F-2B8D-469E-F6C9-A83FF099B532} - (no file) O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - CROGRA~1SPYBOT~1SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - Crogram FilesJavajre1.6.0_03binssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - Crogram FilesCommon FilesMicrosoft SharedWindows LiveWindowsLiveLogin.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - Crogram FilesWindows Live Toolbarmsntb.dll O3 - Toolbar: (no name) - {4E7BD74F-2B8D-469E-F6C9-A83FF099B532} - (no file) O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - Crogram FilesWindows Live Toolbarmsntb.dll O4 - HKLM..Run: [RTHDCPL]RTHDCPL.EXE O4 - HKLM..Run: [Alcmtr]ALCMTR.EXE O4 - HKLM..Run: [Power_Gear]Crogram FilesASUSPower4 GearBatteryLife.exe 1 O4 - HKLM..Run: [avgnt]"Crogram FilesAntiVir PersonalEdition Premiumavgnt.exe" /min O4 - HKLM..Run: [SMSystemAnalyzer]"Crogram FilesioloSystem Mechanic 7SMSystemAnalyzer.exe" O4 - HKLM..Run: [Ad-Watch]Crogram FilesLavasoftAd-Aware 2007Ad-Watch2007.exe O4 - HKLM..Run: [ZoneAlarm Client]"Crogram FilesZone LabsZoneAlarmzlclient.exe" O4 - HKLM..Run: [snpstd]C:WINDOWSvsnpstd.exe O4 - HKLM..Run: [SBAutoUpdate]"Crogram FilesSpywareBlastersbautoupdate.exe" O4 - HKCU..Run: [SpybotSD TeaTimer]Crogram FilesSpybot - Search & DestroyTeaTimer.exe O4 - HKCU..Run: [BitTorrent DNA]"Crogram FilesDNAbtdna.exe" O4 - Global Startup: ASUS ChkMail.lnk = Crogram FilesASUSAsus ChkMailChkMail.exe O4 - Global Startup: BTTray.lnk = ? O8 - Extra context menu item: &Windows Live Search - [Aby zobaczyć linki, zarejestruj się tutaj] FilesWindows Live Toolbarmsntb.dll/search.htmO8 - Extra context menu item: Wyślij do interfejsu &Bluetooth - Crogram FilesWIDCOMMOprogramowanie interfejsu Bluetoothbtsendto_ie_ctx.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - Crogram FilesJavajre1.6.0_03binssv.dll O9 - Extra ''Tools'' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - Crogram FilesJavajre1.6.0_03binssv.dll O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - Crogram FilesWIDCOMMOprogramowanie interfejsu Bluetoothbtsendto_ie.htm O9 - Extra ''Tools'' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - Crogram FilesWIDCOMMOprogramowanie interfejsu Bluetoothbtsendto_ie.htm O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - CROGRA~1SPYBOT~1SDHelper.dll O9 - Extra ''Tools'' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - CROGRA~1SPYBOT~1SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%Network Diagnosticxpnetdiag.exe (file missing) O9 - Extra ''Tools'' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%Network Diagnosticxpnetdiag.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - Crogram FilesMessengermsmsgs.exe O9 - Extra ''Tools'' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - Crogram FilesMessengermsmsgs.exe O10 - Broken Internet access because of LSP provider ''avsda.dll'' missing O11 - Options group: [INTERNATIONAL]International* O14 - IERESET.INF: START_PAGE_URL=http://www.asus.com O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - [Aby zobaczyć linki, zarejestruj się tutaj] O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) -[Aby zobaczyć linki, zarejestruj się tutaj] O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - CROGRA~1MSNMES~1MSGRAP~1.DLLO18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - CROGRA~1MSNMES~1MSGRAP~1.DLL O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - CROGRA~1COMMON~1SkypeSKYPE4~1.DLL O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:WINDOWSsystem32WPDShServiceObj.dll O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - Crogram Filesa-squared Freea2service.exe O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - Crogram FilesLavasoftAd-Aware 2007aawservice.exe O23 - Service: AntiVir PersonalEdition Premium MailGuard (AntiVirMailService) - Avira GmbH - Crogram FilesAntiVir PersonalEdition Premiumavmailc.exe O23 - Service: AntiVir PersonalEdition Premium Scheduler (AntiVirScheduler) - Avira GmbH - Crogram FilesAntiVir PersonalEdition Premiumsched.exe O23 - Service: AntiVir PersonalEdition Premium Guard (AntiVirService) - Avira GmbH - Crogram FilesAntiVir PersonalEdition Premiumavguard.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:WINDOWSsystem32Ati2evxx.exe O23 - Service: AntiVir PersonalEdition Premium MailGuard helper service (AVEService) - Avira GmbH - Crogram FilesAntiVir PersonalEdition Premiumavesvc.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - Crogram FilesWIDCOMMOprogramowanie interfejsu Bluetoothbinbtwdins.exe O23 - Service: iolo DMV Service (ioloDMV) - Unknown owner - Crogram FilesioloCommonLibioloDMVSvc.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - crogram FilesCommon FilesLightScribeLSSrvc.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:WINDOWSsystem32ZoneLabsvsmon.exe [/code:1] Jest tu parę wpisów które mi się nie podobają Re: Proszę o sprawdzenie loga - Serafin - 08.11.2007 Cytat: R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Local Page = Skasuj te wpisy w hijacku. Możesz dać log z [Aby zobaczyć linki, zarejestruj się tutaj] Re: Proszę o sprawdzenie loga - Lucas82 - 08.11.2007 Daje jeszcze raz log z hijackthis [code:1] Logfile of HijackThis v1.99.1 Scan saved at 23:34:27, on 2007-11-08 Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16544) Running processes: C:WINDOWSSystem32smss.exe C:WINDOWSsystem32winlogon.exe C:WINDOWSsystem32services.exe C:WINDOWSsystem32lsass.exe C:WINDOWSsystem32Ati2evxx.exe C:WINDOWSsystem32svchost.exe C:WINDOWSSystem32svchost.exe Crogram FilesLavasoftAd-Aware 2007aawservice.exe C:WINDOWSsystem32spoolsv.exe Crogram FilesAntiVir PersonalEdition Premiumavguard.exe C:WINDOWSsystem32Ati2evxx.exe C:WINDOWSExplorer.EXE Crogram Filesa-squared Freea2service.exe Crogram FilesAntiVir PersonalEdition Premiumsched.exe Crogram FilesAntiVir PersonalEdition Premiumavesvc.exe Crogram FilesWIDCOMMOprogramowanie interfejsu Bluetoothbinbtwdins.exe Crogram FilesioloCommonLibioloDMVSvc.exe crogram FilesCommon FilesLightScribeLSSrvc.exe Crogram FilesSandboxieSbieSvc.exe C:WINDOWSsystem32svchost.exe Crogram FilesAntiVir PersonalEdition Premiumavmailc.exe C:WINDOWSRTHDCPL.EXE Crogram FilesASUSPower4 GearBatteryLife.exe Crogram FilesAntiVir PersonalEdition Premiumavgnt.exe Crogram FilesioloSystem Mechanic 7SMSystemAnalyzer.exe C:WINDOWSvsnpstd.exe Crogram FilesSpybot - Search & DestroyTeaTimer.exe Crogram FilesDNAbtdna.exe Crogram FilesASUSAsus ChkMailChkMail.exe Crogram FilesWIDCOMMOprogramowanie interfejsu BluetoothBTTray.exe Crogram FilesLavasoftAd-Aware 2007Ad-Watch2007.exe C:WINDOWSsystem32ctfmon.exe Crogram FilesZone LabsZoneAlarmzlclient.exe C:WINDOWSsystem32ZoneLabsvsmon.exe Crogram FilesMozilla Firefoxfirefox.exe Crogram FilesTlen.pltlen.exe Crogram FilesSpamihilatorspamihilator.exe Cocuments and SettingsLucasPulpitHijackThis.exe R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = [Aby zobaczyć linki, zarejestruj się tutaj] R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL =[Aby zobaczyć linki, zarejestruj się tutaj] R1 - HKCUSoftwareMicrosoftInternet Connection Wizard,ShellNext =[Aby zobaczyć linki, zarejestruj się tutaj] R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Window Title = Di-RectR0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Ĺącza O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - Crogram FilesAdobeAcrobat 7.0ActiveXAcroIEHelper.dll O2 - BHO: (no name) - {4E7BD74F-2B8D-469E-F6C9-A83FF099B532} - (no file) O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - CROGRA~1SPYBOT~1SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - Crogram FilesJavajre1.6.0_03binssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - Crogram FilesCommon FilesMicrosoft SharedWindows LiveWindowsLiveLogin.dll O4 - HKLM..Run: [RTHDCPL]RTHDCPL.EXE O4 - HKLM..Run: [Power_Gear]Crogram FilesASUSPower4 GearBatteryLife.exe 1 O4 - HKLM..Run: [avgnt]"Crogram FilesAntiVir PersonalEdition Premiumavgnt.exe" /min O4 - HKLM..Run: [SMSystemAnalyzer]"Crogram FilesioloSystem Mechanic 7SMSystemAnalyzer.exe" O4 - HKLM..Run: [Ad-Watch]Crogram FilesLavasoftAd-Aware 2007Ad-Watch2007.exe O4 - HKLM..Run: [ZoneAlarm Client]"Crogram FilesZone LabsZoneAlarmzlclient.exe" O4 - HKLM..Run: [snpstd]C:WINDOWSvsnpstd.exe O4 - HKLM..Run: [SBAutoUpdate]"Crogram FilesSpywareBlastersbautoupdate.exe" O4 - HKCU..Run: [SpybotSD TeaTimer]Crogram FilesSpybot - Search & DestroyTeaTimer.exe O4 - HKCU..Run: [BitTorrent DNA]"Crogram FilesDNAbtdna.exe" O4 - HKCU..Run: [SandboxieControl]Crogram FilesSandboxieControl.exe O4 - Global Startup: ASUS ChkMail.lnk = Crogram FilesASUSAsus ChkMailChkMail.exe O4 - Global Startup: BTTray.lnk = ? O8 - Extra context menu item: Wyślij do interfejsu &Bluetooth - Crogram FilesWIDCOMMOprogramowanie interfejsu Bluetoothbtsendto_ie_ctx.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - Crogram FilesJavajre1.6.0_03binssv.dll O9 - Extra ''Tools'' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - Crogram FilesJavajre1.6.0_03binssv.dll O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - Crogram FilesWIDCOMMOprogramowanie interfejsu Bluetoothbtsendto_ie.htm O9 - Extra ''Tools'' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - Crogram FilesWIDCOMMOprogramowanie interfejsu Bluetoothbtsendto_ie.htm O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - CROGRA~1SPYBOT~1SDHelper.dll O9 - Extra ''Tools'' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - CROGRA~1SPYBOT~1SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%Network Diagnosticxpnetdiag.exe (file missing) O9 - Extra ''Tools'' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%Network Diagnosticxpnetdiag.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - Crogram FilesMessengermsmsgs.exe O9 - Extra ''Tools'' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - Crogram FilesMessengermsmsgs.exe O10 - Broken Internet access because of LSP provider ''avsda.dll'' missing O11 - Options group: [INTERNATIONAL]International* O14 - IERESET.INF: START_PAGE_URL=http://www.asus.com O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - [Aby zobaczyć linki, zarejestruj się tutaj] O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) -[Aby zobaczyć linki, zarejestruj się tutaj] O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - CROGRA~1MSNMES~1MSGRAP~1.DLLO18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - CROGRA~1MSNMES~1MSGRAP~1.DLL O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - CROGRA~1COMMON~1SkypeSKYPE4~1.DLL O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:WINDOWSsystem32WPDShServiceObj.dll O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - Crogram Filesa-squared Freea2service.exe O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - Crogram FilesLavasoftAd-Aware 2007aawservice.exe O23 - Service: AntiVir PersonalEdition Premium MailGuard (AntiVirMailService) - Avira GmbH - Crogram FilesAntiVir PersonalEdition Premiumavmailc.exe O23 - Service: AntiVir PersonalEdition Premium Scheduler (AntiVirScheduler) - Avira GmbH - Crogram FilesAntiVir PersonalEdition Premiumsched.exe O23 - Service: AntiVir PersonalEdition Premium Guard (AntiVirService) - Avira GmbH - Crogram FilesAntiVir PersonalEdition Premiumavguard.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:WINDOWSsystem32Ati2evxx.exe O23 - Service: AntiVir PersonalEdition Premium MailGuard helper service (AVEService) - Avira GmbH - Crogram FilesAntiVir PersonalEdition Premiumavesvc.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - Crogram FilesWIDCOMMOprogramowanie interfejsu Bluetoothbinbtwdins.exe O23 - Service: iolo DMV Service (ioloDMV) - Unknown owner - Crogram FilesioloCommonLibioloDMVSvc.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - crogram FilesCommon FilesLightScribeLSSrvc.exe O23 - Service: Sandboxie Service (SbieSvc) - tzuk - Crogram FilesSandboxieSbieSvc.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:WINDOWSsystem32ZoneLabsvsmon.exe Cytat:[/code:1] Log z combo [code:1] ComboFix 07-11-08.1 - Lucas 2007-11-08 23:36:35.1 - NTFSx86 Microsoft Windows XP Home Edition5.1.2600.2.1250.1.1045.18.261 [GMT 1:00] Running from: Cocuments and SettingsLucasPulpitComboFix.exe * Created a new restore point . ((((((((((((((((((((((((( Files Created from 2007-10-08 to 2007-11-08))))))))))))))))))))))))))))))) . 2007-11-08 23:35 51,200 --a------ C:WINDOWSNirCmd.exe 2007-11-07 23:43 <DIR> d-------- Crogram FilesAxBx 2007-11-07 23:04 <DIR> d-------- Cocuments and SettingsLucasDane aplikacjiSandbox 2007-11-07 22:58 <DIR> d-------- Crogram FilesSandboxie 2007-11-06 11:11 <DIR> d-------- Crogram FilesFotosik Manager 2007-11-04 21:03 <DIR> d-------- Crogram FilesMicrosoft Games 2007-11-04 16:06 <DIR> d-------- C:WINDOWSSun 2007-11-04 16:04 <DIR> d-------- Crogram FilesJava 2007-11-04 16:03 <DIR> d-------- Crogram FilesCommon FilesJava 2007-11-04 12:05 <DIR> d-------- Cocuments and SettingsLucasBluetooth Software 2007-11-04 11:59 <DIR> d-------- Crogram FilesWIDCOMM 2007-11-04 09:27 <DIR> d-------- Cocuments and SettingsAll UsersDane aplikacjiWindows Live Toolbar 2007-11-04 09:26 <DIR> d-------- Crogram FilesWindows Live Toolbar 2007-11-04 09:22 <DIR> d-------- Crogram FilesFREETOOLBAR20 Toolbar 2007-11-03 21:53 <DIR> d-------- Cocuments and SettingsLucasContacts 2007-11-03 21:52 <DIR> d----c--- C:WINDOWSsystem32DRVSTORE 2007-11-03 21:48 <DIR> d-------- Crogram FilesMSN Messenger 2007-11-03 20:02 <DIR> d-------- Crogram FilesGrupa33 2007-11-03 19:06 5,504 --a------ C:WINDOWSsystem32driversMSTEE.sys 2007-11-03 19:06 5,504 --a------ C:WINDOWSsystem32dllcachemstee.sys 2007-11-03 19:05 <DIR> d-------- Crogram Filesdirectx 2007-11-03 19:04 <DIR> d-------- Crogram FilesTRUST 120 SPACEC@M 2007-11-03 19:04 299,776 --a------ C:WINDOWSsystem32driverssnpstd.sys 2007-11-03 19:04 245,408 --a------ C:WINDOWSUnicows.dll 2007-11-03 19:04 57,344 --a------ C:WINDOWSsystem32csnpstd.dll 2007-11-03 19:04 53,248 --a------ C:WINDOWSsystem32dsnpstd.dll 2007-11-03 19:04 40,960 --a------ C:WINDOWSvsnpstd.exe 2007-11-03 19:04 40,960 --a------ C:WINDOWSCleanDev.exe 2007-11-03 19:04 36,864 --a------ C:WINDOWSsystem32vsnpstd.dll 2007-11-03 18:35 <DIR> d-------- Cocuments and SettingsLucasDane aplikacjiSkype 2007-11-03 18:33 <DIR> d-------- Crogram FilesSkype 2007-11-03 18:33 <DIR> d-------- Crogram FilesCommon FilesSkype 2007-11-03 18:33 <DIR> d-------- Cocuments and SettingsAll UsersDane aplikacjiSkype 2007-11-03 17:25 <DIR> d-------- Crogram Files10 voor Taal Deluxe 2007-11-03 16:51 4,096 --a------ C:WINDOWSd3dx.dat 2007-11-03 16:49 <DIR> d-------- Crogram FilesRayStorm 2007-11-03 16:44 <DIR> d-------- Cocuments and SettingsLucasDane aplikacjiLeadertech 2007-11-03 16:20 <DIR> d-------- Cocuments and SettingsLucasDane aplikacjiAdobeUM 2007-11-03 00:43 <DIR> d-------- Crogram FilesSony Ericsson 2007-11-03 00:14 45,056 --a------ C:WINDOWSsystem32WNASPI32.DLL 2007-11-03 00:14 16,877 --a------ C:WINDOWSsystem32driversASPI32.SYS 2007-11-03 00:14 5,600 --a------ C:WINDOWSsystemWINASPI.DLL 2007-11-03 00:14 4,672 --a------ C:WINDOWSsystemWOWPOST.EXE 2007-11-02 23:58 <DIR> d--hs---- C:INCINERATE 2007-11-02 23:38 <DIR> d-------- Crogram FilesDNA 2007-11-02 23:38 <DIR> d-------- Crogram FilesBitTorrent 2007-11-02 23:38 <DIR> d-------- Cocuments and SettingsLucasDane aplikacjiDNA 2007-11-02 23:38 <DIR> d-------- Cocuments and SettingsLucasDane aplikacjiBitTorrent 2007-11-02 23:32 <DIR> d-------- Cocuments and SettingsLucasDane aplikacji.phish 2007-11-02 22:23 18,462,752 --ahs---- C:WINDOWSsystem32driversfidbox.dat 2007-11-02 21:46 <DIR> d-------- Cocuments and SettingsAll UsersDane aplikacjiMailFrontier 2007-11-02 21:46 75,248 --a------ C:WINDOWSzllsputility.exe 2007-11-02 21:46 4,212 ---h----- C:WINDOWSsystem32zllictbl.dat 2007-11-02 21:45 <DIR> d-------- C:WINDOWSsystem32ZoneLabs 2007-11-02 21:45 1,086,952 --a------ C:WINDOWSsystem32zpeng24.dll 2007-11-02 21:44 <DIR> d-------- C:WINDOWSInternet Logs 2007-11-02 20:51 <DIR> d-------- Cocuments and SettingsLucasDane aplikacjiOfficeUpdate12 2007-11-02 20:48 <DIR> d-------- Crogram FilesQuickTime Alternative 2007-11-02 20:48 <DIR> d-------- Cocuments and SettingsAll UsersDane aplikacjiApple Computer 2007-11-02 20:47 <DIR> d-------- Crogram FilesReal Alternative 2007-11-02 20:24 1,467 --a------ C:WINDOWSmozver.dat 2007-11-02 20:14 <DIR> d-------- Crogram FilesXP Codec Pack 2007-11-02 20:07 <DIR> d-------- Crogram FilesTlen.pl 2007-11-02 20:07 <DIR> d-------- Cocuments and SettingsLucasDane aplikacjiTlen.pl 2007-11-02 20:04 <DIR> d-------- Crogram FilesSpamihilator 2007-11-02 19:54 6,058,496 --a------ C:WINDOWSsystem32dllcacheieframe.dll 2007-11-02 19:54 2,455,488 --a------ C:WINDOWSsystem32dllcacheieapfltr.dat 2007-11-02 19:54 459,264 --a------ C:WINDOWSsystem32dllcachemsfeeds.dll 2007-11-02 19:54 383,488 --a------ C:WINDOWSsystem32dllcacheieapfltr.dll 2007-11-02 19:54 267,776 --a------ C:WINDOWSsystem32dllcacheiertutil.dll 2007-11-02 19:54 63,488 --a------ C:WINDOWSsystem32dllcacheicardie.dll 2007-11-02 19:54 52,224 --a------ C:WINDOWSsystem32dllcachemsfeedsbs.dll 2007-11-02 19:54 13,824 --a------ C:WINDOWSsystem32dllcacheieudinit.exe 2007-11-02 19:44 <DIR> d-------- Crogram FilesMSXML 6.0 2007-11-02 19:32 <DIR> d-------- Crogram FilesMSBuild 2007-11-02 19:29 <DIR> d-------- C:WINDOWSsystem32XPSViewer 2007-11-02 19:28 <DIR> d-------- Crogram FilesReference Assemblies 2007-11-02 19:28 14,048 --a------ C:WINDOWSsystem32spmsg2.dll 2007-11-02 19:27 <DIR> d-------- Crogram FilesWindows Media Connect 2 2007-11-02 19:26 <DIR> d-------- C:WINDOWSsystem32LogFiles 2007-11-02 19:26 <DIR> d-------- C:WINDOWSsystem32driversUMDF 2007-11-02 19:21 <DIR> d-------- C:WINDOWSsystem32URTTemp 2007-11-02 19:05 584,192 --a------ C:WINDOWSsystem32dllcacherpcrt4.dll 2007-11-02 19:00 <DIR> d--hs---- Cocuments and SettingsLucasUserData 2007-11-02 18:59 <DIR> d-------- Crogram FilesCCleaner 2007-11-02 18:53 <DIR> d-------- C:WINDOWSShellNew 2007-11-02 18:53 <DIR> d-------- Crogram FilesPrzeglądarka migawek 2007-11-02 18:52 <DIR> d-------- C:WINDOWSTwain32 2007-11-02 18:52 <DIR> d-------- Cocuments and SettingsLucasDane aplikacjiMicrosoft Web Folders 2007-11-02 18:50 <DIR> d-------- Crogram FilesDAEMON Tools 2007-11-02 18:47 646,392 --a------ C:WINDOWSsystem32driverssptd.sys 2007-11-02 18:42 <DIR> d-------- Crogram Filesa-squared Free 2007-11-02 18:30 <DIR> d-------- Crogram FilesLavasoft 2007-11-02 18:30 <DIR> d-------- Cocuments and SettingsAll UsersDane aplikacjiLavasoft 2007-11-02 18:29 <DIR> d-------- Crogram FilesCommon FilesWise Installation Wizard 2007-11-02 18:24 <DIR> d-------- Crogram Filesiolo 2007-11-02 18:24 <DIR> d-------- Cocuments and SettingsLocalServiceDane aplikacjiiolo 2007-11-02 18:24 378,216 --a------ C:WINDOWSsystem32Incinerator.dll 2007-11-02 18:24 41,472 --a------ C:WINDOWSsystem32iolobtdfg.exe 2007-11-02 18:24 25,264 --a------ C:WINDOWSsystem32smrgdf.exe . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2007-11-08 17:02 218,564 --sha-w C:WINDOWSsystem32driversfidbox.idx 2007-11-03 18:04 --------- d--h--w Crogram FilesInstallShield Installation Information 2007-11-03 15:29 --------- d-----w Crogram FilesCommon FilesAdobe 2007-11-02 22:38 --------- d-----w Cocuments and SettingsLucasDane aplikacji.phish 2007-11-02 17:36 9,344 ----a-w C:WINDOWSsystem32driversNSDriver.sys 2007-11-02 17:36 8,320 ----a-w C:WINDOWSsystem32driversAWRTRD.sys 2007-08-22 12:58 474,112 ----a-w C:WINDOWSsystem32dllcacheshlwapi.dll 2007-08-22 12:58 151,552 ----a-w C:WINDOWSsystem32dllcachecdfview.dll 2007-08-22 12:58 1,498,112 ----a-w C:WINDOWSsystem32dllcacheshdocvw.dll 2007-08-22 12:58 1,055,744 ----a-w C:WINDOWSsystem32dllcachedanim.dll 2007-08-22 12:58 1,022,976 ----a-w C:WINDOWSsystem32dllcachebrowseui.dll 2007-08-21 06:18 683,520 ----a-w C:WINDOWSsystem32inetcomm.dll 2007-08-20 14:31 3,584,512 ----a-w C:WINDOWSsystem32dllcachemshtml.dll 2007-08-20 10:01 824,832 ----a-w C:WINDOWSsystem32dllcachewininet.dll 2007-08-20 10:01 671,232 ----a-w C:WINDOWSsystem32dllcachemstime.dll 2007-08-20 10:01 477,696 ----a-w C:WINDOWSsystem32dllcachemshtmled.dll 2007-08-20 10:01 44,544 ----a-w C:WINDOWSsystem32dllcacheiernonce.dll 2007-08-20 10:01 384,512 ----a-w C:WINDOWSsystem32dllcacheiedkcs32.dll 2007-08-20 10:01 27,648 ----a-w C:WINDOWSsystem32dllcachejsproxy.dll 2007-08-20 10:01 232,960 ----a-w C:WINDOWSsystem32dllcachewebcheck.dll 2007-08-20 10:01 230,400 ----a-w C:WINDOWSsystem32dllcacheieaksie.dll 2007-08-20 10:01 214,528 ----a-w C:WINDOWSsystem32dllcachedxtrans.dll 2007-08-20 10:01 193,024 ----a-w C:WINDOWSsystem32dllcachemsrating.dll 2007-08-20 10:01 153,088 ----a-w C:WINDOWSsystem32dllcacheieakeng.dll 2007-08-20 10:01 132,608 ----a-w C:WINDOWSsystem32dllcacheextmgr.dll 2007-08-20 10:01 124,928 ----a-w C:WINDOWSsystem32dllcacheadvpack.dll 2007-08-20 10:01 105,984 ----a-w C:WINDOWSsystem32dllcacheurl.dll 2007-08-20 10:01 102,400 ----a-w C:WINDOWSsystem32dllcacheoccache.dll 2007-08-20 10:01 1,152,000 ----a-w C:WINDOWSsystem32dllcacheurlmon.dll 2007-08-17 15:23 679,936 ----a-w C:WINDOWSsystem32spsplib1.dll 2007-08-17 10:24 63,488 ----a-w C:WINDOWSsystem32dllcacheie4uinit.exe 2007-08-17 10:24 625,152 ----a-w C:WINDOWSsystem32dllcacheiexplore.exe 2007-08-17 07:34 161,792 ----a-w C:WINDOWSsystem32dllcacheieakui.dll 2007-08-13 17:54 413,696 ----a-w C:WINDOWSsystem32vbscript.dll 2007-08-13 17:54 413,696 ----a-w C:WINDOWSsystem32dllcachevbscript.dll 2007-08-13 17:54 33,792 ----a-w C:WINDOWSsystem32dllcachecustsat.dll 2007-08-13 17:54 191,488 ----a-w C:WINDOWSsystem32dllcacheiepeers.dll 2007-08-13 17:54 156,160 ----a-w C:WINDOWSsystem32msls31.dll 2007-08-13 17:54 156,160 ----a-w C:WINDOWSsystem32dllcachemsls31.dll 2007-08-13 17:45 78,336 ----a-w C:WINDOWSsystem32ieencode.dll 2007-08-13 17:45 78,336 ----a-w C:WINDOWSsystem32dllcacheieencode.dll 2007-08-13 17:44 69,120 ----a-w C:WINDOWSsystem32dllcacheiedw.exe 2007-08-13 17:44 40,960 ----a-w C:WINDOWSsystem32licmgr10.dll 2007-08-13 17:44 40,960 ----a-w C:WINDOWSsystem32dllcachelicmgr10.dll 2007-08-13 17:42 17,408 ----a-w C:WINDOWSsystem32dllcachecorpol.dll 2007-08-13 17:39 92,672 ----a-w C:WINDOWSsystem32dllcacheinseng.dll 2007-08-13 17:39 71,680 ----a-w C:WINDOWSsystem32dllcacheadmparse.dll 2007-08-13 17:39 71,680 ----a-w C:WINDOWSsystem32admparse.dll 2007-08-13 17:39 55,296 ----a-w C:WINDOWSsystem32iesetup.dll 2007-08-13 17:39 55,296 ----a-w C:WINDOWSsystem32dllcacheiesetup.dll 2007-08-13 17:38 491,520 ----a-w C:WINDOWSsystem32dllcachejscript.dll 2007-08-13 17:36 44,544 ----a-w C:WINDOWSsystem32dllcachepngfilt.dll 2007-08-13 17:36 36,352 ----a-w C:WINDOWSsystem32imgutil.dll 2007-08-13 17:36 36,352 ----a-w C:WINDOWSsystem32dllcacheimgutil.dll 2007-08-13 17:35 346,624 ----a-w C:WINDOWSsystem32dllcachedxtmsft.dll 2007-08-13 17:32 45,568 ----a-w C:WINDOWSsystem32mshta.exe 2007-08-13 17:32 45,568 ----a-w C:WINDOWSsystem32dllcachemshta.exe 2007-08-13 17:18 60,416 ----a-w C:WINDOWSsystem32dllcachehmmapi.dll 2007-08-13 17:01 48,128 ----a-w C:WINDOWSsystem32mshtmler.dll 2007-08-13 17:01 48,128 ----a-w C:WINDOWSsystem32dllcachemshtmler.dll . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE~Browser Helper Objects{4E7BD74F-2B8D-469E-F6C9-A83FF099B532}] [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun] "RTHDCPL"="RTHDCPL.EXE" [2006-04-17 03:34 C:WINDOWSRTHDCPL.exe] "Power_Gear"="Crogram FilesASUSPower4 GearBatteryLife.exe" [2006-03-14 17:46] "avgnt"="Crogram FilesAntiVir PersonalEdition Premiumavgnt.exe" [2007-11-02 18:20] "SMSystemAnalyzer"="Crogram FilesioloSystem Mechanic 7SMSystemAnalyzer.exe" [2007-10-03 09:05] "Ad-Watch"="Crogram FilesLavasoftAd-Aware 2007Ad-Watch2007.exe" [2007-11-02 18:37] "ZoneAlarm Client"="Crogram FilesZone LabsZoneAlarmzlclient.exe" [2007-09-06 16:14] "snpstd"="C:WINDOWSvsnpstd.exe" [2003-12-31 17:39] "SBAutoUpdate"="Crogram FilesSpywareBlastersbautoupdate.exe" [2006-01-01 15:08] [HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRun] "SpybotSD TeaTimer"="Crogram FilesSpybot - Search & DestroyTeaTimer.exe" [2007-08-31 16:46] "BitTorrent DNA"="Crogram FilesDNAbtdna.exe" [2007-11-02 23:38] "SandboxieControl"="Crogram FilesSandboxieControl.exe" [2007-10-19 23:13] R2 AntiVirMailService;AntiVir PersonalEdition Premium MailGuard;"Crogram FilesAntiVir PersonalEdition Premiumavmailc.exe" R2 AVEService;AntiVir PersonalEdition Premium MailGuard helper service;"Crogram FilesAntiVir PersonalEdition Premiumavesvc.exe" R3 SbieDrv;SbieDrv;??Crogram FilesSandboxieSbieDrv.sys R3 ZD1211BU(ASUS);ASUS ZD1211B IEEE 802.11 b+g Wireless LAN Driver (USB)(ASUS);C:WINDOWSsystem32DRIVERSzd1211Bu.sys S3 ASNDIS5;ASNDIS5 Protocol Driver;??C:WINDOWSsystem32ASNDIS5.SYS S3 USBSTOR;Sterownik magazynu masowego USB;C:WINDOWSsystem32DRIVERSUSBSTOR.SYS *Newly Created Service* - AD-WATCH_REGISTRY_FILTER *Newly Created Service* - CATCHME . ************************************************************************** catchme 0.3.1250 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [Aby zobaczyć linki, zarejestruj się tutaj] Rootkit scan 2007-11-08 23:38:11Windows 5.1.2600 Dodatek Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . Completion time: 2007-11-08 23:39:11 . --- E O F --- Cytat:[/code:1] ok mam nadzieje ze tu tez wszystko ok Re: Proszę o sprawdzenie loga - Serafin - 13.11.2007 Cytat: Crogram FilesAxBx Znasz te foldery? Cytat: C:WINDOWSsystem32iolobtdfg.exe Przeskanujplik na [Aby zobaczyć linki, zarejestruj się tutaj] lub[Aby zobaczyć linki, zarejestruj się tutaj] W hijacku skasuj Cytat: O2 - BHO: (no name) - {4E7BD74F-2B8D-469E-F6C9-A83FF099B532} - (no file) Re: Proszę o sprawdzenie loga - Lucas82 - 15.11.2007 bodek napisał(a):Cytat: Crogram FilesAxBx Foldery znama to iolobtdfg.exe to jest czesc programu System Mechanic 7 wiec tez nie szkodliwewpis w hijacku wykasowany Re: Proszę o sprawdzenie loga - Serafin - 17.11.2007 W takim razie zastosuj jeszcze [Aby zobaczyć linki, zarejestruj się tutaj] Instrukcja: Cytat: Re: Proszę o sprawdzenie loga - Lucas82 - 17.11.2007 Cytat: Re: Proszę o sprawdzenie loga - Serafin - 17.11.2007 Log jest ok Re: Proszę o sprawdzenie loga - Lucas82 - 21.11.2007 Dzieki wielkie za pomoc Cytat: Logfile of HijackThis v1.99.1 Re: Proszę o sprawdzenie loga - Serafin - 21.11.2007 Cytat: R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Local Page = Skasuj te wpisy w hijacku Zobacz [Aby zobaczyć linki, zarejestruj się tutaj] Re: Proszę o sprawdzenie loga - Lucas82 - 21.11.2007 Cytat: ComboFix 07-10-23.1 - admin 2007-10-24 16:55:46.1 - NTFSx86 Re: Proszę o sprawdzenie loga - Serafin - 13.11.2011 Cytat: Cocuments and SettingsadminDane aplikacjiDealio Skasuj te foldery ręcznie z dysku. Zainstaluj wersją LiteBearshara |