Sprawdzenie temperatur i loga


(Hubert Knight) #1

Mam podobny kłopot co kolega newerayankees. Chciałbym sprawdzić czy mam dobre temperatury i jakieś logi czy coś ale nie wiem jak się te logi czy wpisy podaje (prosił bym o pomoc). Narazie podam tylko temperatury.

Płyta główna (Gigabyte GA-7VT600P-RZ©) 38 °C

Procesor (AMD Sempron, 1833 MHz (11 x 167) 2600+) 53 °C

Karta wideo (RADEON 9250) 30 °C

I chyba dysk (WDC WD800JB-00JJA0) 31 °C


(Cosik Ktosik) #2

Temperatury są dobre.

Chodzi pewnie o logi, które pozwolą wyszukać szkodliwe oprogramowanie.

Podaj logi z programów HijackThis oraz Combofix :arrow: viewtopic.php?f=16&t=36654

Logi wklejasz na http://wklej.eu lub na http://wklej.org, a w poście dajesz tylko link do nich.


(Hubert Knight) #3

log z hijackthis: http://wklej.org/id/35019/


(huber2t) #4

Pokaż log z Combofix


(Hubert Knight) #5

a o logi z combofix http://wklej.org/id/35449/


(huber2t) #6

Pokaz pełny log z Combofix


(boczi) #7

huuuubert proszę poprawić temat na konkretny, obrazujący problem używając opcji EDYTUJ


(Hubert Knight) #8

ComboFix 09-01-05.02 - Mefisto 2009-01-05 19:33:54.1 - FAT32 x86

Microsoft Windows XP Professional 5.1.2600.3.1250.1.1045.18.511.139 [GMT 1:00]

Uruchomiony z: c:\documents and settings\Mefisto\Pulpit\ComboFix.exe

* Utworzono nowy punkt przywracania

* Resident AV is active

.

((((((((((((((((((((((((((((((((((((((( Usunięto )))))))))))))))))))))))))))))))))))))))))))))))))

.

c:\windows\system32\mfc45.dll

D:\resycled

d:\resycled\boot.com

E:\resycled

e:\resycled\boot.com

F:\resycled

f:\resycled\boot.com

.

((((((((((((((((((((((((((((((((((((((( Sterowniki/Usługi )))))))))))))))))))))))))))))))))))))))))))))))))

.

-------\Legacy_NPF

((((((((((((((((((((((((( Pliki utworzone od 2008-12-05 do 2009-01-05 )))))))))))))))))))))))))))))))

.

2009-01-05 18:24 . 2009-01-05 18:24

2009-01-05 18:20 . 2009-01-05 18:20 406 --a------ c:\windows\system32\ioloBootDefrag.cfg

2009-01-05 18:19 . 2009-01-05 18:19

2009-01-05 18:19 . 2008-12-22 12:55 936,288 --a------ c:\windows\system32\Incinerator.dll

2009-01-05 18:19 . 2008-09-24 09:32 28,672 --a------ c:\windows\system32\iolobtdfg.exe

2009-01-05 18:19 . 2008-11-18 11:51 8,192 --a------ c:\windows\system32\smrgdf.exe

2009-01-05 18:15 . 2009-01-05 18:16

2009-01-05 18:15 . 2009-01-05 18:16

2009-01-04 16:40 . 2009-01-04 16:40

2009-01-02 19:47 . 2009-01-02 19:47

2009-01-02 19:47 . 2009-01-02 19:47

2009-01-02 19:41 . 2009-01-02 19:41 685,816 --a------ c:\windows\system32\drivers\sptd.sys

2009-01-02 12:14 . 2009-01-02 12:14

2009-01-01 12:34 . 2009-01-01 12:34

2009-01-01 12:34 . 2008-11-24 14:01 499,712 --a------ c:\windows\system32\msvcp71.dll

2009-01-01 10:00 . 2006-10-26 19:56 32,592 --a------ c:\windows\system32\msonpmon.dll

2009-01-01 09:59 . 2009-01-01 09:59

2009-01-01 09:59 . 2009-01-01 09:59

2009-01-01 09:53 . 2009-01-01 09:53

2009-01-01 09:51 . 2009-01-01 09:51

2008-12-31 19:06 . 2009-01-01 10:04 507 --a------ c:\windows\ATICIM.INI

2008-12-31 19:02 . 2008-12-31 19:02

2008-12-31 19:02 . 2006-05-03 11:57 520,192 --------- c:\windows\system32\ati2sgag.exe

2008-12-31 19:01 . 2008-12-31 19:01

2008-12-31 13:36 . 2008-12-31 13:36

2008-12-28 21:00 . 2008-12-28 21:00

2008-12-28 13:28 . 2009-01-05 19:37 3,208,035 --a------ c:\windows{00000000-00000000-0000000C-00001102-00000004-00521102}.BAK

2008-12-23 21:50 . 2008-12-23 21:50

2008-12-23 16:38 . 2008-12-23 16:38

2008-12-23 16:35 . 2008-12-23 16:35

2008-12-23 16:35 . 2008-12-23 16:35

2008-12-23 16:18 . 2008-12-23 16:18

2008-12-22 21:48 . 2008-12-22 21:48

2008-12-22 20:18 . 2008-12-22 20:18

2008-12-22 17:49 . 2008-12-22 17:49

2008-12-21 20:30 . 2008-12-21 20:30

2008-12-20 19:32 . 2008-12-20 19:33 304,160 --a------ C:\PA207.DAT

2008-12-19 18:43 . 2008-12-19 18:43

2008-12-19 14:57 . 2008-12-19 14:57

2008-12-19 14:57 . 2008-12-19 14:57 56 --ah----- c:\windows\system32\ezsidmv.dat

2008-12-19 14:55 . 2008-12-19 14:55

2008-12-19 14:55 . 2008-12-19 14:55

2008-12-19 14:55 . 2008-12-19 14:55

2008-12-19 14:55 . 2008-12-19 14:55

2008-12-19 14:28 . 2008-04-14 22:51 91,648 --a------ c:\windows\system32\kswdmcap.ax

2008-12-19 14:28 . 2008-04-14 22:51 91,648 --a------ c:\windows\system32\dllcache\kswdmcap.ax

2008-12-19 14:28 . 2008-04-14 22:51 61,952 --a------ c:\windows\system32\kstvtune.ax

2008-12-19 14:28 . 2008-04-14 22:51 61,952 --a------ c:\windows\system32\dllcache\kstvtune.ax

2008-12-19 14:28 . 2008-04-14 22:50 54,784 --a------ c:\windows\system32\vfwwdm32.dll

2008-12-19 14:28 . 2008-04-14 22:50 54,784 --a------ c:\windows\system32\dllcache\vfwwdm32.dll

2008-12-19 14:28 . 2008-04-14 22:51 43,008 --a------ c:\windows\system32\ksxbar.ax

2008-12-19 14:28 . 2008-04-14 22:51 43,008 --a------ c:\windows\system32\dllcache\ksxbar.ax

2008-12-19 14:26 . 2008-12-19 14:26

2008-12-19 14:26 . 2008-12-19 14:26

2008-12-19 14:26 . 2008-12-19 14:26

2008-12-19 14:26 . 2006-11-03 10:59 48,128 --a------ c:\windows\system32\Remove.exe

2008-12-19 14:26 . 2007-01-04 01:20 314 --a------ c:\windows\system32\Remover.ini

2008-12-17 19:31 . 2008-12-17 19:31

2008-12-17 19:31 . 2008-12-17 19:31

2008-12-14 17:01 . 2008-12-14 17:01

2008-12-13 17:51 . 2008-12-13 17:51

2008-12-13 17:40 . 2008-12-13 17:40

2008-12-13 17:24 . 2008-12-01 18:56

2008-12-13 17:24 . 2008-12-01 18:56

2008-12-13 17:24 . 2008-12-01 18:56

2008-12-13 17:24 . 2008-12-01 18:56

2008-12-13 17:24 . 2008-12-01 18:56

2008-12-13 17:24 . 2008-12-01 18:56

2008-12-13 17:24 . 2008-12-01 18:56

2008-12-13 17:24 . 2008-12-13 17:24

2008-12-13 16:15 . 2008-12-13 16:15

2008-12-11 20:12 . 2008-12-11 20:12 2,359,350 --a------ c:\windows\BricoPack Wallpaper.bmp

2008-12-11 20:12 . 2008-12-11 20:12 65,011 --a------ c:\windows\BricoPackUninst.cmd

2008-12-11 20:10 . 2008-12-11 20:12 6,118 --a------ c:\windows\BricoPackFoldersDelete.cmd

2008-12-11 20:09 . 2008-12-11 20:09

2008-12-11 20:02 . 2006-06-29 13:07 14,048 --------- c:\windows\system32\spmsg2.dll

2008-12-11 19:44 . 2008-12-11 19:44

2008-12-11 19:42 . 2008-12-11 19:42

2008-12-11 19:42 . 2008-12-11 19:42

2008-12-10 21:32 . 2008-12-10 21:32

2008-12-10 21:30 . 2008-12-10 21:30

2008-12-10 21:30 . 2003-07-01 21:42 27,904 -ra------ c:\windows\system32\drivers\VIAAGP1.SYS

2008-12-10 19:55 . 2008-12-11 16:02 70,656 --a------ c:\windows\ScUnin.exe

2008-12-10 19:55 . 2008-12-11 16:02 967 --a------ c:\windows\ScUnin.pif

2008-12-10 19:40 . 2004-08-22 16:31 155,136 --a------ c:\windows\system32\drivers\d347bus.sys

2008-12-10 19:40 . 2004-08-22 16:31 5,248 --a------ c:\windows\system32\drivers\d347prt.sys

2008-12-10 19:39 . 2008-12-10 19:39

2008-12-09 15:31 . 2008-12-11 16:03 59,916 --a------ c:\windows\scunin.dat

2008-12-09 10:45 . 2008-12-09 10:45

2008-12-09 10:43 . 2008-07-25 09:34 683,520 --a------ c:\windows\system32\divx.dll

2008-12-09 10:43 . 2008-06-12 19:36 7,680 --a------ c:\windows\system32\ff_vfw.dll

2008-12-09 10:43 . 2007-07-10 17:10 547 --a------ c:\windows\system32\ff_vfw.dll.manifest

2008-12-08 11:08 . 2008-12-08 11:08

2008-12-07 20:34 . 2008-12-07 20:34

2008-12-07 20:34 . 2008-12-07 20:34

2008-12-05 21:16 . 2004-01-12 00:00 348,160 --a------ c:\windows\system32\msvcr71.dll

2008-12-05 15:08 . 2008-12-05 15:08

2008-12-05 15:07 . 2008-12-05 15:07

2008-12-05 15:06 . 2006-04-13 01:04 49,664 -ra------ c:\windows\system32\drivers\HPZid412.sys

2008-12-05 15:06 . 2006-04-13 01:04 16,496 -ra------ c:\windows\system32\drivers\HPZipr12.sys

2008-12-05 15:05 . 2006-01-04 10:12 77,824 -ra------ c:\windows\system32\HPZIDS01.dll

2008-12-05 15:05 . 2006-04-10 14:03 38,400 --a------ c:\windows\system32\hpz3l054.dll

2008-12-05 15:05 . 2008-04-14 00:15 15,104 --a------ c:\windows\system32\drivers\usbscan.sys

2008-12-05 15:05 . 2008-04-14 00:15 15,104 --a------ c:\windows\system32\dllcache\usbscan.sys

2008-12-05 15:04 . 2006-03-03 21:03 282,680 --a------ c:\windows\system32\HPZidr12.dll

2008-12-05 15:04 . 2006-03-03 21:02 204,800 --a------ c:\windows\system32\HPZipr12.dll

2008-12-05 15:04 . 2006-03-03 21:02 94,208 --a------ c:\windows\system32\HPZipt12.dll

2008-12-05 15:04 . 2006-03-03 21:03 69,632 --a------ c:\windows\system32\HPZipm12.exe

2008-12-05 15:04 . 2006-03-03 21:03 65,536 --a------ c:\windows\system32\HPZinw12.exe

2008-12-05 15:04 . 2006-03-03 21:02 57,344 --a------ c:\windows\system32\HPZisn12.dll

2008-12-05 14:59 . 2008-12-05 15:09 119,523 --a------ c:\windows\hpoins11.dat

2008-12-05 14:55 . 2008-12-05 14:55

2008-12-05 14:54 . 2008-04-14 00:17 25,856 --a------ c:\windows\system32\drivers\usbprint.sys

2008-12-05 14:54 . 2008-04-14 00:17 25,856 --a------ c:\windows\system32\dllcache\usbprint.sys

.

(((((((((((((((((((((((((((((((((((((((( Sekcja Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2008-12-11 19:12 219,648 ----a-w c:\windows\system32\uxtheme.dll

2008-12-03 15:56 --------- d-----w c:\documents and settings\All Users\Dane aplikacji\InterAction studios

2008-12-02 16:43 --------- d-----w c:\program files\Java

2008-12-02 15:20 --------- d-----w c:\documents and settings\Mefisto\Dane aplikacji\Creative

2008-12-02 15:12 --------- d-----w c:\documents and settings\All Users\Dane aplikacji\Creative

2008-12-02 15:11 --------- d--h--w c:\program files\InstallShield Installation Information

2008-12-02 15:11 --------- d-----w c:\program files\Creative

2008-12-02 15:11 --------- d-----w c:\program files\Common Files\InstallShield

2008-12-01 18:41 --------- d-----w c:\documents and settings\Mefisto\Dane aplikacji\Thunderbird

2008-12-01 18:41 --------- d-----w c:\documents and settings\Mefisto\Dane aplikacji\Talkback

2008-12-01 18:33 --------- d-----w c:\documents and settings\Mefisto\Dane aplikacji\Nowe Gadu-Gadu

2008-12-01 18:30 --------- d-----w c:\documents and settings\Mefisto\Dane aplikacji\BitTorrent

2008-12-01 18:26 --------- d-----w c:\program files\NAPI-PROJEKT

2008-12-01 18:22 --------- d-----w c:\documents and settings\All Users\Dane aplikacji\ESET

2008-12-01 18:06 --------- d-----w c:\program files\microsoft frontpage

2008-12-01 18:04 --------- d-----w c:\program files\Usługi online

2008-11-10 04:43 410,984 ----a-w c:\windows\system32\deploytk.dll

2008-10-16 13:13 202,776 ----a-w c:\windows\system32\wuweb.dll

2008-10-16 13:13 1,809,944 ----a-w c:\windows\system32\wuaueng.dll

2008-10-16 13:12 561,688 ----a-w c:\windows\system32\wuapi.dll

2008-10-16 13:12 323,608 ----a-w c:\windows\system32\wucltui.dll

2008-10-16 13:09 92,696 ----a-w c:\windows\system32\cdm.dll

2008-10-16 13:09 51,224 ----a-w c:\windows\system32\wuauclt.exe

2008-10-16 13:09 43,544 ----a-w c:\windows\system32\wups2.dll

2008-10-16 13:08 34,328 ----a-w c:\windows\system32\wups.dll

.

((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane

REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]

"Nowe Gadu-Gadu"="e:\gadu-gadu\Nowe Gadu-Gadu\gg.exe" [2008-12-22 8966760]

"TaskTray"="c:\program files\Creative\SBAudigy\TaskBar\CTLTray.exe" [2001-06-29 163840]

"TaskBar"="c:\program files\Creative\SBAudigy\TaskBar\CTLTask.exe" [2002-05-08 122880]

"RocketDock"="c:\windows\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe" [2007-03-18 630784]

"BitTorrent DNA"="c:\program files\DNA\btdna.exe" [2008-12-17 342848]

"Skype"="c:\program files\Skype\Phone\Skype.exe" [2008-11-07 21633320]

"DAEMON Tools Pro Agent"="e:\daemon tools pro\DTProAgent.exe" [2007-09-06 136136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"egui"="e:\eset\ESET NOD32 Antivirus\egui.exe" [2008-07-01 1447168]

"UpdReg"="c:\windows\UpdReg.EXE" [2000-05-11 90112]

"Jet Detection"="c:\program files\Creative\SBAudigy\PROGRAM\ADGJDet.exe" [2001-11-29 28672]

"CTStartup"="c:\program files\Creative\Splash Screen\CTEaxSpl.EXE" [2001-12-20 28672]

"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2008-11-10 136600]

"VisualTooltip"="c:\documents and settings\Mefisto\Moje dokumenty\Visual tooltip\VisualToolTip.exe" [2007-04-25 956928]

"Monitor"="c:\windows\PixArt\PAC207\Monitor.exe" [2006-11-03 319488]

"DefragTaskBar"="e:\ashampoo\Ashampoo Magical Defrag 2\bin\defragTaskBar.exe" [2007-08-28 169312]

"DrvIcon"="c:\program files\Vista Drive Icon\DrvIcon.exe" [2008-04-13 49152]

"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2008-12-21 30192]

"Adobe Reader Speed Launcher"="e:\adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]

"GrooveMonitor"="e:\microsoft office\Office12\GrooveMonitor.exe" [2006-10-27 31016]

"WINDVDPatch"="CTHELPER.EXE" [2002-07-02 c:\windows\system32\CTHELPER.EXE]

[HKEY_USERS.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\Mefisto\Menu Start\Programy\Autostart\

UberIcon.lnk - c:\windows\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe [2006-05-21 180224]

TransBar.lnk - c:\windows\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe [2005-06-01 65536]

Y'z Shadow.lnk - c:\windows\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe [2006-05-21 155648]

RocketDock.lnk - c:\windows\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe [2007-03-18 630784]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]

"msacm.ctmp3"= c:\windows\system32\ctmp3.acm

"msacm.l3fhg"= mp3fhg.acm

"msacm.divxa32"= divxa32.acm

"VIDC.X264"= x264vfw.dll

"VIDC.HFYU"= huffyuv.dll

"vidc.i263"= i263_32.drv

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\system32\sessmgr.exe"=

"e:\BitTorrent\bittorrent.exe"=

"e:\Metin2_PL\metin2.bin"=

"%windir%\Network Diagnostic\xpnetdiag.exe"=

"e:\HP\Digital Imaging\bin\hpofxm08.exe"=

"e:\HP\Digital Imaging\bin\hposfx08.exe"=

"e:\HP\Digital Imaging\bin\hposid01.exe"=

"e:\HP\Digital Imaging\bin\hpqscnvw.exe"=

"e:\HP\Digital Imaging\bin\hpqkygrp.exe"=

"e:\HP\Digital Imaging\bin\hpqCopy.exe"=

"e:\HP\Digital Imaging\bin\hpzwiz01.exe"=

"e:\HP\Digital Imaging\bin\hpoews01.exe"=

"e:\HP\Digital Imaging\bin\hpqnrs08.exe"=

"e:\Gadu-Gadu\Nowe Gadu-Gadu\gg.exe"=

"c:\Program Files\DNA\btdna.exe"=

"d:\Battlefield Vietnam\bfvietnam.exe"=

"d:\Dawn of war - Dark crusade\DarkCrusade.exe"=

"e:\Microsoft Office\Office12\OUTLOOK.EXE"=

"e:\Microsoft Office\Office12\GROOVE.EXE"=

"e:\Microsoft Office\Office12\ONENOTE.EXE"=

"c:\Program Files\Skype\Phone\Skype.exe"=

R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [2008-07-01 34312]

R3 ip100xp;ASUS NX1001 Network Adapter NT Driver;c:\windows\system32\drivers\ipfnd51.sys [2008-12-01 26752]

R3 PAC207;Trust WB-1400T Webcam;c:\windows\system32\drivers\PFC027.SYS [2007-05-14 508288]

R4 ekrn;Eset Service;e:\eset\ESET NOD32 Antivirus\ekrn.exe [2008-07-01 468224]

R4 ioloFileInfoList;iolo FileInfoList Service;c:\program files\iolo\Common\Lib\ioloServiceManager.exe [2009-01-05 596336]

R4 ioloSystemService;iolo System Service;c:\program files\iolo\Common\Lib\ioloServiceManager.exe [2009-01-05 596336]

S3 GoogleDesktopManager-092308-165331;Menedżer Google Desktop 5.8.809.23506;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [2008-12-21 30192]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2{cb0d7c7e-c14f-11dd-91da-001fc6344a91}]

\Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL autorun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2{cb0d7c7f-c14f-11dd-91da-001fc6344a91}]

\Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL autorun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2{e32e93da-c094-11dd-91d8-001fc6344a91}]

\Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL autorun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2{e32e93db-c094-11dd-91d8-001fc6344a91}]

\Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL autorun.exe

.

  • USUNIĘTO PUSTE WPISY - - - -

HKCU-Run-TrueTransparency - c:\documents and settings\Mefisto\Pulpit\TrueTransparency\TrueTransparency.exe

HKLM-Run-DAEMON Tools-1033 - e:\daemon\daemon.exe

.

------- Skan uzupełniający -------

.

uStart Page = hxxp://www.vista-inspirat.net/en/

uInternet Connection Wizard,ShellNext = iexplore

IE: E&ksportuj do programu Microsoft Excel - e:\micros~1\Office12\EXCEL.EXE/3000

FF - ProfilePath - c:\documents and settings\Mefisto\Dane aplikacji\Mozilla\Firefox\Profiles\yhlwxdbj.default\

FF - prefs.js: browser.startup.homepage - hxxp://www.vista-inspirat.net/en/

FF - component: e:\mozilla firefox\components\GoogleDesktopMozilla.dll

FF - component: e:\mozilla firefox\extensions{B13721C7-F507-4982-B2E5-502A71474FED}\components\NPComponent.dll

FF - plugin: e:\adobe\Reader 9.0\Reader\browser\nppdf32.dll

FF - plugin: e:\mozilla firefox\plugins\npbittorrent.dll

.

.

------- Skojarzenia plików -------

.

JSEFile=NOTEPAD.EXE %1

VBEFile=NOTEPAD.EXE %1

VBSFile=NOTEPAD.EXE %1

.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2009-01-05 19:38:08

Windows 5.1.2600 Dodatek Service Pack 3 FAT NTAPI

skanowanie ukrytych procesów ...

skanowanie ukrytych wpisów autostartu ...

HKLM\Software\Microsoft\Windows\CurrentVersion\Run

CTStartup = c:\program files\Creative\Splash Screen\CTEaxSpl.EXE /run???h??????s?????\?w? ?w???????w???w4???????.??w4???????4???TA?s4???$???L:8?????\??? ??? ???\???\???????????5?7~e?7~\???\???????h}??????C@?\???\??????s$???\??????s\???0:8?A??s0:8??C@?x???|?w\?????@

skanowanie ukrytych plików ...

skanowanie pomyślnie ukończone

ukryte pliki: 0

**************************************************************************

.

--------------------- Pliki DLL ładowane pod uruchomionymi procesami ---------------------

  • > 'winlogon.exe'(616)

c:\windows\system32\Ati2evxx.dll

  • > 'lsass.exe'(672)

c:\windows\system32\scecli.dll

.

------------------------ Pozostałe uruchomione procesy ------------------------

.

c:\windows\SYSTEM32\ATI2EVXX.EXE

c:\windows\SYSTEM32\ATI2EVXX.EXE

e:\ashampoo\Ashampoo Magical Defrag 2\bin\aDefragService.exe

c:\windows\SYSTEM32\CTSVCCDA.EXE

e:\ashampoo\Ashampoo Magical Defrag 2\bin\defragActivityMonitor.exe

c:\program files\JAVA\JRE6\BIN\JQS.EXE

c:\windows\SYSTEM32\HPZIPM12.EXE

c:\windows\SYSTEM32\MSPMSPSV.EXE

c:\windows\system32\wscntfy.exe

.

**************************************************************************

.

Czas ukończenia: 2009-01-05 19:39:27 - komputer został uruchomiony ponownie

ComboFix-quarantined-files.txt 2009-01-05 18:39:22

Przed: 395 759 616 bajtów wolnych

Po: 290,635,776 bajtów wolnych

WindowsXP-KB310994-SP2-Pro-BootDisk-PLK.exe

[boot loader]

timeout=2

default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS

[operating systems]

c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons

multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect

311


(huber2t) #9

Do wyleczenia pendrive z wirusów użyj tych programów

otwórz notatnik i wklej

Z menu Notatnika -> Plik -> Zapisz jako -> Zmień rozszerzenie z .txt na wszystkie pliki -> zapisz pod nazwą Fix.reg

Uruchom ten plik, uruchom ponownie komputer

usuń ręcznie folder C:\Qoobox , usuń instalkę Combofix z dysku.

Przeczyść system Ccleanerem

Wykonaj optymalizację autostartu

Wyłącz i włącz przywracanie systemu na wszystkich dyskach. Instrukcja

Przeskanuj obszar całego komputera http://www.kaspersky.pl/virusscanner.html Daj raport z niego na forum

lub

Dr.WEB CureIt!