azupak
(Azupak)
15 Lipiec 2007 14:12
#1
Witam, mam problem ze strona broadcaster.com , która wyskakuje mi bez przerwy przy korzystaniu z dowolnej przeglądarki. Wszelkie próby usunięcie spełzły na niczym - programy usuwały różne trojany itp, ale po pół godziny wszytko było tak samo. Dodatkowo obecnie wyskakuje mi również strony betzip.com i publishers.clickbooth.com . Spowalnia mi to bardzo komputer. Bardzo prosilbym o pomoc.
logi z hijacka:
Logfile of HijackThis v1.99.1 Scan saved at 16:06, on 2007-07-15 Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe C:\WINDOWS\System32\CTsvcCDA.exe C:\WINDOWS\system32\nvsvc32.exe E:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe E:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe E:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe E:\Program Files\Trend Micro\Internet Security 2007\pccguide.exe C:\WINDOWS\System32\MsPMSPSv.exe C:\Program Files\A4Tech\Mouse\Amoumain.exe C:\WINDOWS\system32\ctfmon.exe E:\Program Files\Gadu-Gadu\gg.exe C:\WINDOWS\system32\wscntfy.exe E:\PROGRA~1\TRENDM~1\INTERN~1\PcScnSrv.exe C:\WINDOWS\System32\svchost.exe E:\Program Files\Winamp\winamp.exe C:\WINDOWS\system32\cisvc.exe C:\WINDOWS\system32\cidaemon.exe C:\WINDOWS\system32\cidaemon.exe C:\WINDOWS\explorer.exe C:\Documents and Settings\Krzysiek\Pulpit\HijackThis.exe C:\Program Files\Mozilla Firefox\firefox.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchURL = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchURL = about:blank R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = about:blank R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page_bak = prosearching.com R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = L1cza R3 - URLSearchHook: (no name) - {CAD568E9-D87B-CCF7-7004-FB1A01CF5693} - (no file) O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {084CC73F-6F96-3345-8D9B-516E8554DAAA} - (no file) O2 - BHO: (no name) - {1CF581DA-782D-74F8-38CA-140A63CBC1AD} - (no file) O2 - BHO: (no name) - {20A81A6E-E8CF-BD40-8C71-DF0663A0FFF9} - (no file) O2 - BHO: (no name) - {2160FDB7-024B-0B97-0681-30B8F8C5A4F8} - (no file) O2 - BHO: (no name) - {259F3818-90E0-9734-AFCB-F44407C9F3F7} - (no file) O2 - BHO: (no name) - {7444A345-54E0-5467-FB9E-3198DA84F5AB} - (no file) O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O2 - BHO: (no name) - {97B49066-33C1-6613-899D-543E70ED13A6} - (no file) O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll O2 - BHO: (no name) - {BF628CDC-7676-27A8-34E7-46DFFE333AA1} - (no file) O2 - BHO: (no name) - {CAD568E9-D87B-CCF7-7004-FB1A01CF5693} - (no file) O2 - BHO: (no name) - {D35DAE08-56FA-5520-B39A-617D95C606A1} - (no file) O2 - BHO: (no name) - {F76C8714-77BC-2438-F2CF-113AF0B273F0} - (no file) O2 - BHO: (no name) - {F8A0F1F7-0D58-0684-47DD-65AD390822AD} - (no file) O2 - BHO: (no name) - {FE286C62-9292-9716-DA88-A001B35D21F9} - (no file) O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll O4 - HKLM…\Run: [nwiz] nwiz.exe /install O4 - HKLM…\Run: [pccguide.exe] “E:\Program Files\Trend Micro\Internet Security 2007\pccguide.exe” O4 - HKLM…\Run: [WheelMouse] C:\Program Files\A4Tech\Mouse\Amoumain.exe O4 - HKCU…\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU…\Run: [Gadu-Gadu] “E:\Program Files\Gadu-Gadu\gg.exe” /tray O8 - Extra context menu item: &Save Flash In This Page by Flash Saver - E:\PROGRA~1\FLASHS~1\save.htm O8 - Extra context menu item: Add to AMV Converter… - E:\Program Files\MP3 Player Utilities 4.05\AMVConverter\grab.html O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: MediaManager tool grab multimedia file - E:\Program Files\MP3 Player Utilities 4.05\MediaManager\grab.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra ‘Tools’ menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra button: Flash Saver - {09EA1F80-F40A-11D1-B792-444553540001} - E:\PROGRA~1\FLASHS~1\save.htm O9 - Extra ‘Tools’ menuitem: Flash Saver - {09EA1F80-F40A-11D1-B792-444553540001} - E:\PROGRA~1\FLASHS~1\save.htm O9 - Extra button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing) O9 - Extra ‘Tools’ menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing) O17 - HKLM\System\CCS\Services\Tcpip…{EC69C0A5-29AE-43A2-B61E-EB6CBAB4F6BD}: NameServer = 194.204.159.1 217.98.63.164 O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll O20 - Winlogon Notify: !SASWinLogon - E:\Program Files\SUPERAntiSpyware\SASWINLO.dll O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Autodesk Licensing Service - Unknown owner - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe O23 - Service: SQL Server (SQLEXPRESS) (MSSQL$SQLEXPRESS) - Unknown owner - C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe" -sSQLEXPRESS (file missing) O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe O23 - Service: Trend Micro Central Control Component (PcCtlCom) - Trend Micro Inc. - E:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe O23 - Service: Trend Micro Protection Against Spyware (PcScnSrv) - Trend Micro Inc. - E:\PROGRA~1\TRENDM~1\INTERN~1\PcScnSrv.exe O23 - Service: Spyware Doctor Auxiliary Service (sdAuxService) - PC Tools - e:\Program Files\Spyware Doctor\svcntaux.exe O23 - Service: Spyware Doctor Service (sdCoreService) - PC Tools - e:\Program Files\Spyware Doctor\swdsvc.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: Trend Micro Real-time Service (Tmntsrv) - Trend Micro Inc. - E:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - E:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. - E:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe
Złączono Posta : 15.07.2007 (Nie) 16:53
dodaje loga z combo fix :
“Krzysiek” - 2007-07-15 16:30:55 - ComboFix 07-07-14.6 - Dodatek Service Pack 2 NTFS ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) C:\temp\tn3 C:\WINDOWS\system32\drivers\core.cache.dsk C:\WINDOWS\system32\drivers\core.sys ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) -------\core ((((((((((((((((((((((((( Files Created from 2007-06-15 to 2007-07-15 ))))))))))))))))))))))))))))))) 2007-07-15 16:46 2007-07-15 16:30 2007-07-15 15:51 51,200 --a------ C:\WINDOWS\nircmd.exe 2007-07-14 15:05 2007-07-06 17:46 2007-07-06 17:23 75,088 --a------ C:\WINDOWS\system32\drivers\tmtdi.sys 2007-07-06 17:23 36,112 --a------ C:\WINDOWS\system32\drivers\tmpreflt.sys 2007-07-06 17:23 288,848 --a------ C:\WINDOWS\system32\drivers\TM_CFW.sys 2007-07-06 17:23 203,024 --a------ C:\WINDOWS\system32\drivers\tmxpflt.sys 2007-07-06 17:23 111,888 --a------ C:\WINDOWS\system32\drivers\tm_mbd_c.sys 2007-07-06 17:23 1,126,328 --a------ C:\WINDOWS\system32\drivers\vsapint.sys 2007-07-06 17:23 2007-07-02 21:41 200,704 --a------ C:\WINDOWS\system32\ssldivx.dll 2007-07-02 21:41 1,044,480 --a------ C:\WINDOWS\system32\libdivx.dll 2007-06-29 17:02 2,560 --a------ C:\WINDOWS\system32\drivers\mchInjDrv.sys 2007-06-20 19:21 626,688 --a------ C:\WINDOWS\system32\msvcr80.dll 2007-06-20 19:21 2007-06-20 12:18 2007-06-19 13:41 2007-06-15 17:51 61,440 --a------ C:\WINDOWS\system32\mplapx.dll 2007-06-15 17:51 19,968 --a------ C:\WINDOWS\system32\cpuinf32.dll 2007-06-15 17:51 1,118,208 --a------ C:\WINDOWS\system32\mplvpx.dll (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) 2007-07-15 14:41:06 288 ----a-w C:\WINDOWS\system32\DVCStateBkp-{00000000-00000000-0000000B-00001102-00000002-80671102}.dat 2007-07-15 14:41:06 288 ----a-w C:\WINDOWS\system32\DVCState-{00000000-00000000-0000000B-00001102-00000002-80671102}.dat 2007-07-15 14:27:31 -------- d-----w C:\DOCUME~1\Krzysiek\DANEAP~1\uTorrent 2007-07-14 11:13:38 1,744 ----a-w C:\WINDOWS\system32\d3d9caps.dat 2007-07-07 10:41:00 1,503 ----a-w C:\WINDOWS\mozver.dat 2007-07-07 10:40:59 -------- d-----w C:\Program Files\DivX 2007-07-06 14:54:06 -------- d–h--w C:\Program Files\InstallShield Installation Information 2007-06-20 23:08:59 1,632 ----a-w C:\WINDOWS\system32\d3d8caps.dat 2007-06-12 13:44:23 -------- d-----w C:\DOCUME~1\Krzysiek\DANEAP~1\SUPERAntiSpyware.com 2007-06-12 13:43:13 -------- d-----w C:\Program Files\Common Files\Wise Installation Wizard 2007-06-11 21:58:07 249,856 ------w C:\WINDOWS\Setup1.exe 2007-06-11 21:58:06 73,216 ----a-w C:\WINDOWS\ST6UNST.EXE 2007-06-04 13:52:01 -------- d-----w C:\DOCUME~1\Krzysiek\DANEAP~1\Sparx Systems 2007-05-20 16:34:58 540,912 ----a-w C:\WINDOWS\system32\perfh015.dat 2007-05-20 16:34:58 105,028 ----a-w C:\WINDOWS\system32\perfc015.dat 2007-05-17 16:10:06 -------- d-----w C:\Program Files\Common Files\PCSuite 2007-05-17 16:10:00 -------- d-----w C:\Program Files\Common Files\Nokia 2007-05-17 16:09:15 -------- d-----w C:\Program Files\PC Connectivity Solution 2007-05-17 15:15:34 -------- d-----w C:\DOCUME~1\Krzysiek\DANEAP~1\Nokia 2007-05-17 14:51:31 -------- d-----w C:\DOCUME~1\Krzysiek\DANEAP~1\PC Suite 2007-05-17 14:50:51 -------- d-----w C:\Program Files\DIFX 2007-05-16 15:18:58 683,520 ----a-w C:\WINDOWS\system32\inetcomm.dll 2007-05-15 21:39:41 -------- d-----w C:\Program Files\DScaler5 2007-05-15 19:57:24 -------- d-----w C:\Program Files\DirectVobSub 2007-05-15 19:52:35 -------- d-----w C:\Program Files\CD Audio Reader Filter 2007-05-15 19:51:48 -------- d-----w C:\Program Files\OpenSource Flash Video Splitter 2007-05-15 19:51:36 -------- d-----w C:\Program Files\RealMedia 2007-05-15 19:47:47 -------- d-----w C:\Program Files\SHOUTcast Source 2007-05-15 19:47:24 -------- d-----w C:\Program Files\Haali 2007-05-15 19:46:49 -------- d-----w C:\Program Files\DS-MP3 Source 2007-05-15 16:08:14 -------- d–h--w C:\Program Files\Zero G Registry 2007-05-15 15:59:41 1,012 ----a-w C:\WINDOWS\unins000.dat 2007-05-07 14:24:55 1,386,496 ----a-w C:\WINDOWS\system32\msvbvm60.dll 2007-04-25 14:23:30 144,896 ----a-w C:\WINDOWS\system32\schannel.dll 2007-04-18 16:14:32 2,854,400 ----a-w C:\WINDOWS\system32\msi.dll 2007-04-16 20:47:36 33,624 ----a-w C:\WINDOWS\system32\wups.dll 2007-04-16 20:45:54 1,710,936 ----a-w C:\WINDOWS\system32\wuaueng.dll 2007-04-16 20:45:48 549,720 ----a-w C:\WINDOWS\system32\wuapi.dll 2007-04-16 20:45:42 325,976 ----a-w C:\WINDOWS\system32\wucltui.dll 2007-04-16 20:45:36 203,096 ----a-w C:\WINDOWS\system32\wuweb.dll 2007-04-16 20:45:28 92,504 ----a-w C:\WINDOWS\system32\cdm.dll 2007-04-16 20:45:20 53,080 ----a-w C:\WINDOWS\system32\wuauclt.exe 2007-04-16 20:45:20 43,352 ----a-w C:\WINDOWS\system32\wups2.dll 2006-06-03 19:27:55 56 --sh–r C:\WINDOWS\system32\7C5DD56F63.sys 2005-07-14 20:31:20 27,648 --sha-w C:\WINDOWS\system32\AVSredirect.dll 2005-06-26 23:32:28 616,448 --sha-r C:\WINDOWS\system32\cygwin1.dll 2005-06-22 06:37:42 45,568 --sha-r C:\WINDOWS\system32\cygz.dll 2006-06-03 19:27:55 11,270 --sha-w C:\WINDOWS\system32\KGyGaAvL.sys ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE~\Browser Helper Objects{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] 2006-10-23 00:08 62080 --a------ C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [HKEY_LOCAL_MACHINE~\Browser Helper Objects{084CC73F-6F96-3345-8D9B-516E8554DAAA}] [HKEY_LOCAL_MACHINE~\Browser Helper Objects{1CF581DA-782D-74F8-38CA-140A63CBC1AD}] [HKEY_LOCAL_MACHINE~\Browser Helper Objects{20A81A6E-E8CF-BD40-8C71-DF0663A0FFF9}] [HKEY_LOCAL_MACHINE~\Browser Helper Objects{2160FDB7-024B-0B97-0681-30B8F8C5A4F8}] [HKEY_LOCAL_MACHINE~\Browser Helper Objects{259F3818-90E0-9734-AFCB-F44407C9F3F7}] [HKEY_LOCAL_MACHINE~\Browser Helper Objects{7444A345-54E0-5467-FB9E-3198DA84F5AB}] [HKEY_LOCAL_MACHINE~\Browser Helper Objects{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] 2007-03-14 03:43 501400 --a------ C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll [HKEY_LOCAL_MACHINE~\Browser Helper Objects{97B49066-33C1-6613-899D-543E70ED13A6}] [HKEY_LOCAL_MACHINE~\Browser Helper Objects{AA58ED58-01DD-4d91-8333-CF10577473F7}] 2007-01-20 00:55 2403392 -ra------ c:\program files\google\googletoolbar4.dll [HKEY_LOCAL_MACHINE~\Browser Helper Objects{BF628CDC-7676-27A8-34E7-46DFFE333AA1}] [HKEY_LOCAL_MACHINE~\Browser Helper Objects{CAD568E9-D87B-CCF7-7004-FB1A01CF5693}] [HKEY_LOCAL_MACHINE~\Browser Helper Objects{D35DAE08-56FA-5520-B39A-617D95C606A1}] [HKEY_LOCAL_MACHINE~\Browser Helper Objects{F76C8714-77BC-2438-F2CF-113AF0B273F0}] [HKEY_LOCAL_MACHINE~\Browser Helper Objects{F8A0F1F7-0D58-0684-47DD-65AD390822AD}] [HKEY_LOCAL_MACHINE~\Browser Helper Objects{FE286C62-9292-9716-DA88-A001B35D21F9}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] “nwiz”=“nwiz.exe” [2004-10-29 17:50 C:\WINDOWS\system32\nwiz.exe] “pccguide.exe”=“E:\Program Files\Trend Micro\Internet Security 2007\pccguide.exe” [2007-03-07 22:19] “WheelMouse”=“C:\Program Files\A4Tech\Mouse\Amoumain.exe” [2007-02-10 23:07] “NvCplDaemon”=“C:\WINDOWS\system32\NvCpl.dll” [2004-10-29 17:50] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] “CTFMON.EXE”=“C:\WINDOWS\system32\ctfmon.exe” [2004-08-04 00:44] “Gadu-Gadu”=“E:\Program Files\Gadu-Gadu\gg.exe” [2005-03-31 11:18] [HKEY_USERS.default\software\microsoft\windows\currentversion\run] “Nokia.PCSync”=E:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer] “NoRemoteRecursiveEvents”=1 (0x1) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] “{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}”=“E:\Program Files\SUPERAntiSpyware\SASSEH.DLL” [2006-12-20 13:55] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify!SASWinLogon] E:\Program Files\SUPERAntiSpyware\SASWINLO.dll --a------ 2007-04-19 13:41 294912 E:\Program Files\SUPERAntiSpyware\SASWINLO.dll [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\sdauxservice] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\sdcoreservice] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Krzysiek^Menu Start^Programy^Autostart^Adobe Gamma.lnk] path=C:\Documents and Settings\Krzysiek\Menu Start\Programy\Autostart\Adobe Gamma.lnk backup=C:\WINDOWS\pss\Adobe Gamma.lnkStartup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Absolute StartUp monitor] e:\Program Files\F-Group\Absolute StartUp\ASMon.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Jet Detection] “C:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe” [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS] “C:\Program Files\Messenger\msmsgs.exe” /background [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] “E:\Program Files\QuickTime\qttask.exe” -atboottime [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteCenter] C:\Program Files\Creative\SBLive\RemoteCenter\Rc\Rcman.exe HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Svchost - netsvcs UxTuneUp ************************************************************************** catchme 0.3.915 W2K/XP/Vista - rootkit detector by Gmer, http://www.gmer.net Rootkit scan 2007-07-15 16:46:26 Windows 5.1.2600 Dodatek Service Pack 2 NTFS scanning hidden processes … scanning hidden autostart entries … scanning hidden files … scan completed successfully hidden files: 0 ************************************************************************** Completion time: 2007-07-15 16:48:49 - machine was rebooted C:\ComboFix-quarantined-files.txt … 2007-07-15 16:48 — E O F —
azupak
(Azupak)
15 Lipiec 2007 20:49
#3
=) ok dzieki - zrobilem …na razie nic nie wyskakuje:)