Strony się praktycznie nie wczytują

marcin.kieszek · 6 Lipiec 2007 07:49

Witam,

chciałem wrzucić na forum logi z HJ, pnieważ strony internetowe wczytują mi się po 2 - 3 minuty lub wcale (Netia 1 mb, strefa 022), gg działa bez problemów, programy i gry też bez zarzutów.

chcąc włączyć HJ wyskakuje mi następujący komunikat:

Co mam robić?

Gutek · 6 Lipiec 2007 08:09

Jak masz XP to Daj log z Combofix

marcin.kieszek · 6 Lipiec 2007 09:18

Logi z ComboFix’a:

“Marcin Kieszek” - 2007-07-06 11:08:22 - ComboFix 07-07-04.4 ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) C:\WINDOWS\system32\f.exe C:\WINDOWS\system32\rpcc.dll ((((((((((((((((((((((((( Files Created from 2007-06-06 to 2007-07-06 ))))))))))))))))))))))))))))))) 2007-07-06 11:08 51,200 --a------ C:\WINDOWS\nircmd.exe 2007-07-05 22:42 2007-07-04 22:55 37,888 --a------ C:\df3lang.exe 2007-07-03 23:18 67,584 --ahs---- C:\WINDOWS\system32\urdvxc.exe 2007-07-03 21:08 37,888 -r-hs---- C:\WINDOWS\system32\drivers\spoolsv32.exe 2007-07-03 21:08 37,888 --a------ C:\djsss93.exe 2007-07-03 21:03 25,544 --a------ C:\WINDOWS\system32\drivers\hamachi.sys 2007-07-03 21:03 2007-07-03 21:03 2007-07-03 20:58 63,488 --ahs---- C:\WINDOWS\system32\irdvxc.exe 2007-07-02 00:04 2007-07-01 16:28 98,816 --a------ C:\WINDOWS\system32\dmstyle.dll 2007-07-01 16:28 974,848 --a------ C:\WINDOWS\system32\dxdiag.exe 2007-07-01 16:28 83,968 --a------ C:\WINDOWS\system32\drivers\nabtsfec.sys 2007-07-01 16:28 80,896 --a------ C:\WINDOWS\system32\dpvsetup.exe 2007-07-01 16:28 8,192 --a------ C:\WINDOWS\system32\d3d8thk.dll 2007-07-01 16:28 797,184 --a------ C:\WINDOWS\system32\d3dim700.dll 2007-07-01 16:28 79,360 --a------ C:\WINDOWS\system32\dpwsockx.dll 2007-07-01 16:28 77,824 --a------ C:\WINDOWS\system32\dpmodemx.dll 2007-07-01 16:28 76,800 --a------ C:\WINDOWS\system32\dmscript.dll 2007-07-01 16:28 733,184 --a------ C:\WINDOWS\system32\qedwipes.dll 2007-07-01 16:28 723,968 --a------ C:\WINDOWS\system32\dpnet.dll 2007-07-01 16:28 7,424 --a------ C:\WINDOWS\system32\drivers\mskssrv.sys 2007-07-01 16:28 68,096 --a------ C:\WINDOWS\system32\dpnhupnp.dll 2007-07-01 16:28 667,648 --a------ C:\WINDOWS\system32\dinput8.dll 2007-07-01 16:28 648,704 --a------ C:\WINDOWS\system32\dinput.dll 2007-07-01 16:28 64,512 --a------ C:\WINDOWS\system32\amstream.dll 2007-07-01 16:28 602,624 --a------ C:\WINDOWS\system32\dx7vb.dll 2007-07-01 16:28 58,368 --a------ C:\WINDOWS\system32\dmcompos.dll 2007-07-01 16:28 52,096 --a------ C:\WINDOWS\system32\drivers\msdv.sys 2007-07-01 16:28 5,504 --a------ C:\WINDOWS\system32\drivers\mstee.sys 2007-07-01 16:28 5,248 --a------ C:\WINDOWS\system32\drivers\mspclock.sys 2007-07-01 16:28 491,520 --a------ C:\WINDOWS\system32\dsdmoprp.dll 2007-07-01 16:28 48,512 --a------ C:\WINDOWS\system32\drivers\stream.sys 2007-07-01 16:28 470,528 --a------ C:\WINDOWS\system32\qdvd.dll 2007-07-01 16:28 47,104 --a------ C:\WINDOWS\system32\wstdecod.dll 2007-07-01 16:28 4,608 --a------ C:\WINDOWS\system32\drivers\mspqm.sys 2007-07-01 16:28 4,096 --a------ C:\WINDOWS\system32\ksuser.dll 2007-07-01 16:28 4,096 --a------ C:\WINDOWS\system32\drivers\swenum.sys 2007-07-01 16:28 381,952 --a------ C:\WINDOWS\system32\dsound.dll 2007-07-01 16:28 381,952 --a------ C:\WINDOWS\system32\dpvoice.dll 2007-07-01 16:28 354,816 --a------ C:\WINDOWS\system32\psisdecd.dll 2007-07-01 16:28 34,304 --a------ C:\WINDOWS\system32\mciqtz32.dll 2007-07-01 16:28 33,280 --a------ C:\WINDOWS\system32\dmloader.dll 2007-07-01 16:28 324,096 --a------ C:\WINDOWS\system32\mswebdvd.dll 2007-07-01 16:28 32,768 --a------ C:\WINDOWS\system32\dpnhpast.dll 2007-07-01 16:28 316,928 --a------ C:\WINDOWS\system32\qdv.dll 2007-07-01 16:28 31,744 --a------ C:\WINDOWS\system32\pid.dll 2007-07-01 16:28 3,072 --a------ C:\WINDOWS\system32\dpnlobby.dll 2007-07-01 16:28 3,072 --a------ C:\WINDOWS\system32\dpnaddr.dll 2007-07-01 16:28 292,864 --a------ C:\WINDOWS\system32\ddraw.dll 2007-07-01 16:28 28,160 --a------ C:\WINDOWS\system32\dplaysvr.exe 2007-07-01 16:28 27,136 --a------ C:\WINDOWS\system32\dmband.dll 2007-07-01 16:28 257,024 --a------ C:\WINDOWS\system32\qcap.dll 2007-07-01 16:28 24,064 --a------ C:\WINDOWS\system32\ddrawex.dll 2007-07-01 16:28 230,400 --a------ C:\WINDOWS\system32\dplayx.dll 2007-07-01 16:28 19,968 --a------ C:\WINDOWS\system32\dpvacm.dll 2007-07-01 16:28 186,880 --a------ C:\WINDOWS\system32\dsdmo.dll 2007-07-01 16:28 181,248 --a------ C:\WINDOWS\system32\dmime.dll 2007-07-01 16:28 18,944 --a------ C:\WINDOWS\system32\encapi.dll 2007-07-01 16:28 18,688 --a------ C:\WINDOWS\system32\drivers\wstcodec.sys 2007-07-01 16:28 18,432 --a------ C:\WINDOWS\system32\dswave.dll 2007-07-01 16:28 16,896 --a------ C:\WINDOWS\system32\msyuv.dll 2007-07-01 16:28 16,896 --a------ C:\WINDOWS\system32\dpnsvr.exe 2007-07-01 16:28 16,384 --a------ C:\WINDOWS\system32\drivers\ccdecode.sys 2007-07-01 16:28 15,104 --a------ C:\WINDOWS\system32\drivers\mpe.sys 2007-07-01 16:28 14,976 --a------ C:\WINDOWS\system32\drivers\streamip.sys 2007-07-01 16:28 132,608 --a------ C:\WINDOWS\system32\devenum.dll 2007-07-01 16:28 130,304 --a------ C:\WINDOWS\system32\drivers\ks.sys 2007-07-01 16:28 13,312 --a------ C:\WINDOWS\system32\msdmo.dll 2007-07-01 16:28 122,880 --a------ C:\WINDOWS\system32\dmusic.dll 2007-07-01 16:28 112,128 --a------ C:\WINDOWS\system32\dpvvox.dll 2007-07-01 16:28 11,392 --a------ C:\WINDOWS\system32\drivers\bdasup.sys 2007-07-01 16:28 100,864 --a------ C:\WINDOWS\system32\dmsynth.dll 2007-07-01 16:28 10,880 --a------ C:\WINDOWS\system32\drivers\slip.sys 2007-07-01 16:28 10,496 --a------ C:\WINDOWS\system32\drivers\dxapi.sys 2007-07-01 16:28 10,112 --a------ C:\WINDOWS\system32\drivers\ndisip.sys 2007-07-01 16:28 1,962,496 --a------ C:\WINDOWS\system32\quartz.dll 2007-07-01 16:28 1,798,144 --a------ C:\WINDOWS\system32\qedit.dll 2007-07-01 16:28 1,769,472 --a------ C:\WINDOWS\system32\dxdiagn.dll 2007-07-01 16:28 1,703,936 --a------ C:\WINDOWS\system32\d3d9.dll 2007-07-01 16:28 1,294,336 --a------ C:\WINDOWS\system32\dsound3d.dll 2007-07-01 16:28 1,230,336 --a------ C:\WINDOWS\system32\msvidctl.dll 2007-07-01 16:28 1,201,152 --a------ C:\WINDOWS\system32\d3d8.dll 2007-07-01 16:28 1,189,888 --a------ C:\WINDOWS\system32\dx8vb.dll 2007-07-01 16:20 327,168 --a------ C:\WINDOWS\IsUn0415.exe 2007-07-01 16:20 2007-07-01 16:19 168,448 --a------ C:\WINDOWS\system32\scrcons32.exe 2007-07-01 14:53 2007-07-01 14:53 2007-07-01 14:52 2007-07-01 14:42 2007-07-01 14:42 2007-07-01 14:36 2007-07-01 14:36 2007-07-01 14:31 2007-07-01 14:27 2007-07-01 14:23 2007-07-01 14:23 2007-07-01 14:23 (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) 2007-07-06 09:11:44 22,528 ----a-w C:\WINDOWS\system32\iexploresr.exe 2007-07-05 20:59:45 49,712 ----a-w C:\WINDOWS\system32\perfc015.dat 2007-07-05 20:59:45 355,830 ----a-w C:\WINDOWS\system32\perfh015.dat 2007-07-01 10:41:51 -------- d-----w C:\Program Files\Usługi online 2001-10-26 17:29:52 168,448 --sh–r C:\WINDOWS\system32\wbem\scrcons32.exe ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE~\Browser Helper Objects{53707962-6F74-2D53-2644-206D7942484F}] 2005-05-31 01:04 853672 --a------ C:\Program Files\Spybot - Search & Destroy\SDHelper.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] “nwiz”=“nwiz.exe” [2005-11-11 13:47 C:\WINDOWS\system32\nwiz.exe] “SoundMan”=“SOUNDMAN.EXE” [2006-08-03 05:12 C:\WINDOWS\soundman.exe] “avast!”=“C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe” [2007-04-30 17:42] “SpeedTouch USB Diagnostics”=“C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe” [2004-01-26 11:38] “WMI Standard Event Consumer - Scripting”=“C:\WINDOWS\System32\wbem\scrcons32.exe” [2001-10-26 19:29] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] “CTFMON.EXE”=“C:\WINDOWS\System32\ctfmon.exe” [2001-10-26 19:29] “MSMSGS”=“C:\Program Files\Messenger\msmsgs.exe” [2001-08-02 07:14] “NETIANET”=“C:\Program Files\Netia\Net\netianet.exe” [2007-02-10 20:55] “Gadu-Gadu”=“C:\Program Files\Gadu-Gadu\gg.exe” [2007-05-10 16:36] “WMI Standard Event Consumer - Scripting”=“C:\WINDOWS\System32\wbem\scrcons32.exe” [2001-10-26 19:29] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\runservices] “WMI Standard Event Consumer - Scripting”=C:\WINDOWS\System32\wbem\scrcons32.exe [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runservices] “WMI Standard Event Consumer - Scripting”=C:\WINDOWS\System32\wbem\scrcons32.exe [HKEY_USERS.default\software\microsoft\windows\currentversion\runservices] “WMI Standard Event Consumer - Scripting”=C:\WINDOWS\System32\wbem\scrcons32.exe [HKEY_USERS.default\software\microsoft\windows\currentversion\run] “NETIANET”=C:\Program Files\Netia\Net\netianet.exe “WMI Standard Event Consumer - Scripting”=C:\WINDOWS\System32\wbem\scrcons32.exe [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] WMI Standard Event Consumer - Scripting C:\WINDOWS\System32\wbem\scrcons32.exe *Newly Created Service* - ALG *Newly Created Service* - AVAST!_MAIL_SCANNER *Newly Created Service* - IPNAT HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components{ACC563BC-4266-43f0-B6ED-9D38C4202C7E} rundll32 iesetup.dll,IEAccessUserInst ************************************************************************** catchme 0.3.915 W2K/XP/Vista - rootkit detector by Gmer, http://www.gmer.net Rootkit scan 2007-07-06 11:10:52 Windows 5.1.2600 NTFS scanning hidden processes … scanning hidden autostart entries … scanning hidden files … C:\WINDOWS\system32\iexploresr.exe scan completed successfully hidden files: 1 ************************************************************************** Completion time: 2007-07-06 11:12:39 - machine was rebooted C:\ComboFix-quarantined-files.txt … 2007-07-06 11:12 — E O F —

Gutek · 6 Lipiec 2007 09:28

Ściągnij The Avenger,

wypakuj > uruchom > Input script manually > klikasz w lupkę > w nowo otwartym oknie wklejasz:

Po wklejeniu > Done > klik na zielone światło > ok i będzie restart. Po restarcie wchodzisz gdzie masz The Avenger wklejasz raport C:\avenger.txt

Czyszczenie rejestru:

RegCleaner - http://www.dobreprogramy.pl/index.php?dz=2&t=29&id=177

możesz rejestr przelecieć albo

jv16 PowerTools - http://www.dobreprogramy.pl/index.php?dz=2&t=29&id=509

marcin.kieszek · 7 Lipiec 2007 21:24

Raport Avangera:

Rejestr wyczyściłem po restarcie jv16 PowerTools .

Gutek · 8 Lipiec 2007 11:03

Daj nowy log z Combofix-a

marcin.kieszek · 8 Lipiec 2007 11:52

“Marcin Kieszek” - 2007-07-08 13:40:52 - ComboFix 07-07-04.4 (((((((((((((((((((((((((((((((((((((((((((( V Log ))))))))))))))))))))))))))))))))))))))))))))))))))))))) C:\WINDOWS\system32\oebnfplp.exe C:\WINDOWS\system32\ijkkj.bak1 C:\WINDOWS\system32\ijkkj.ini C:\WINDOWS\system32\ijkkj.bak1 C:\WINDOWS\system32\ijkkj.ini C:\WINDOWS\system32\jkkji.dll C:\WINDOWS\system32\yayvwww.dll * * * POST RUN FILES/FOLDERS * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) C:\WINDOWS\system32.exe C:\WINDOWS\system32\crypts.dll ((((((((((((((((((((((((( Files Created from 2007-06-08 to 2007-07-08 ))))))))))))))))))))))))))))))) 2007-07-08 12:25 67,584 --ahs---- C:\WINDOWS\system32\urdvxc.exe 2007-07-08 10:46 1,345,536 -r-hs---- C:\WINDOWS\system32\pas.exe 2007-07-08 09:00 68,608 --a------ C:\sgfdgf.exe 2007-07-07 23:07 23 --ahs---- C:\WINDOWS\system32\dabceda6_r.dll 2007-07-07 23:07 2007-07-07 22:41 65,763 --a------ C:\sdsed.exe 2007-07-07 22:40 65,763 --a------ C:\sonyviso.exe 2007-07-06 20:33 65,763 --a------ C:\msnd.exe 2007-07-06 18:52 737,280 --a------ C:\WINDOWS\iun6002.exe 2007-07-06 18:52 2007-07-06 11:13 39,424 --a------ C:\WINDOWS\system32\ne1.exe 2007-07-06 11:13 37,888 --a------ C:\WINDOWS\system32\re1.exe 2007-07-06 11:08 51,200 --a------ C:\WINDOWS\nircmd.exe 2007-07-05 22:42 2007-07-03 21:03 25,544 --a------ C:\WINDOWS\system32\drivers\hamachi.sys 2007-07-03 21:03 2007-07-03 21:03 2007-07-02 00:04 2007-07-01 16:28 98,816 --a------ C:\WINDOWS\system32\dmstyle.dll 2007-07-01 16:28 974,848 --a------ C:\WINDOWS\system32\dxdiag.exe 2007-07-01 16:28 83,968 --a------ C:\WINDOWS\system32\drivers\nabtsfec.sys 2007-07-01 16:28 80,896 --a------ C:\WINDOWS\system32\dpvsetup.exe 2007-07-01 16:28 8,192 --a------ C:\WINDOWS\system32\d3d8thk.dll 2007-07-01 16:28 797,184 --a------ C:\WINDOWS\system32\d3dim700.dll 2007-07-01 16:28 79,360 --a------ C:\WINDOWS\system32\dpwsockx.dll 2007-07-01 16:28 77,824 --a------ C:\WINDOWS\system32\dpmodemx.dll 2007-07-01 16:28 76,800 --a------ C:\WINDOWS\system32\dmscript.dll 2007-07-01 16:28 733,184 --a------ C:\WINDOWS\system32\qedwipes.dll 2007-07-01 16:28 723,968 --a------ C:\WINDOWS\system32\dpnet.dll 2007-07-01 16:28 7,424 --a------ C:\WINDOWS\system32\drivers\mskssrv.sys 2007-07-01 16:28 68,096 --a------ C:\WINDOWS\system32\dpnhupnp.dll 2007-07-01 16:28 667,648 --a------ C:\WINDOWS\system32\dinput8.dll 2007-07-01 16:28 648,704 --a------ C:\WINDOWS\system32\dinput.dll 2007-07-01 16:28 64,512 --a------ C:\WINDOWS\system32\amstream.dll 2007-07-01 16:28 602,624 --a------ C:\WINDOWS\system32\dx7vb.dll 2007-07-01 16:28 58,368 --a------ C:\WINDOWS\system32\dmcompos.dll 2007-07-01 16:28 52,096 --a------ C:\WINDOWS\system32\drivers\msdv.sys 2007-07-01 16:28 5,504 --a------ C:\WINDOWS\system32\drivers\mstee.sys 2007-07-01 16:28 5,248 --a------ C:\WINDOWS\system32\drivers\mspclock.sys 2007-07-01 16:28 491,520 --a------ C:\WINDOWS\system32\dsdmoprp.dll 2007-07-01 16:28 48,512 --a------ C:\WINDOWS\system32\drivers\stream.sys 2007-07-01 16:28 470,528 --a------ C:\WINDOWS\system32\qdvd.dll 2007-07-01 16:28 47,104 --a------ C:\WINDOWS\system32\wstdecod.dll 2007-07-01 16:28 4,608 --a------ C:\WINDOWS\system32\drivers\mspqm.sys 2007-07-01 16:28 4,096 --a------ C:\WINDOWS\system32\ksuser.dll 2007-07-01 16:28 4,096 --a------ C:\WINDOWS\system32\drivers\swenum.sys 2007-07-01 16:28 381,952 --a------ C:\WINDOWS\system32\dsound.dll 2007-07-01 16:28 381,952 --a------ C:\WINDOWS\system32\dpvoice.dll 2007-07-01 16:28 354,816 --a------ C:\WINDOWS\system32\psisdecd.dll 2007-07-01 16:28 34,304 --a------ C:\WINDOWS\system32\mciqtz32.dll 2007-07-01 16:28 33,280 --a------ C:\WINDOWS\system32\dmloader.dll 2007-07-01 16:28 324,096 --a------ C:\WINDOWS\system32\mswebdvd.dll 2007-07-01 16:28 32,768 --a------ C:\WINDOWS\system32\dpnhpast.dll 2007-07-01 16:28 316,928 --a------ C:\WINDOWS\system32\qdv.dll 2007-07-01 16:28 31,744 --a------ C:\WINDOWS\system32\pid.dll 2007-07-01 16:28 3,072 --a------ C:\WINDOWS\system32\dpnlobby.dll 2007-07-01 16:28 3,072 --a------ C:\WINDOWS\system32\dpnaddr.dll 2007-07-01 16:28 292,864 --a------ C:\WINDOWS\system32\ddraw.dll 2007-07-01 16:28 28,160 --a------ C:\WINDOWS\system32\dplaysvr.exe 2007-07-01 16:28 27,136 --a------ C:\WINDOWS\system32\dmband.dll 2007-07-01 16:28 257,024 --a------ C:\WINDOWS\system32\qcap.dll 2007-07-01 16:28 24,064 --a------ C:\WINDOWS\system32\ddrawex.dll 2007-07-01 16:28 230,400 --a------ C:\WINDOWS\system32\dplayx.dll 2007-07-01 16:28 19,968 --a------ C:\WINDOWS\system32\dpvacm.dll 2007-07-01 16:28 186,880 --a------ C:\WINDOWS\system32\dsdmo.dll 2007-07-01 16:28 181,248 --a------ C:\WINDOWS\system32\dmime.dll 2007-07-01 16:28 18,944 --a------ C:\WINDOWS\system32\encapi.dll 2007-07-01 16:28 18,688 --a------ C:\WINDOWS\system32\drivers\wstcodec.sys 2007-07-01 16:28 18,432 --a------ C:\WINDOWS\system32\dswave.dll 2007-07-01 16:28 16,896 --a------ C:\WINDOWS\system32\msyuv.dll 2007-07-01 16:28 16,896 --a------ C:\WINDOWS\system32\dpnsvr.exe 2007-07-01 16:28 16,384 --a------ C:\WINDOWS\system32\drivers\ccdecode.sys 2007-07-01 16:28 15,104 --a------ C:\WINDOWS\system32\drivers\mpe.sys 2007-07-01 16:28 14,976 --a------ C:\WINDOWS\system32\drivers\streamip.sys 2007-07-01 16:28 132,608 --a------ C:\WINDOWS\system32\devenum.dll 2007-07-01 16:28 130,304 --a------ C:\WINDOWS\system32\drivers\ks.sys 2007-07-01 16:28 13,312 --a------ C:\WINDOWS\system32\msdmo.dll 2007-07-01 16:28 122,880 --a------ C:\WINDOWS\system32\dmusic.dll 2007-07-01 16:28 112,128 --a------ C:\WINDOWS\system32\dpvvox.dll 2007-07-01 16:28 11,392 --a------ C:\WINDOWS\system32\drivers\bdasup.sys 2007-07-01 16:28 100,864 --a------ C:\WINDOWS\system32\dmsynth.dll 2007-07-01 16:28 10,880 --a------ C:\WINDOWS\system32\drivers\slip.sys 2007-07-01 16:28 10,496 --a------ C:\WINDOWS\system32\drivers\dxapi.sys 2007-07-01 16:28 10,112 --a------ C:\WINDOWS\system32\drivers\ndisip.sys 2007-07-01 16:28 1,962,496 --a------ C:\WINDOWS\system32\quartz.dll 2007-07-01 16:28 1,798,144 --a------ C:\WINDOWS\system32\qedit.dll 2007-07-01 16:28 1,769,472 --a------ C:\WINDOWS\system32\dxdiagn.dll 2007-07-01 16:28 1,703,936 --a------ C:\WINDOWS\system32\d3d9.dll 2007-07-01 16:28 1,294,336 --a------ C:\WINDOWS\system32\dsound3d.dll 2007-07-01 16:28 1,230,336 --a------ C:\WINDOWS\system32\msvidctl.dll 2007-07-01 16:28 1,201,152 --a------ C:\WINDOWS\system32\d3d8.dll 2007-07-01 16:28 1,189,888 --a------ C:\WINDOWS\system32\dx8vb.dll 2007-07-01 16:20 327,168 --a------ C:\WINDOWS\IsUn0415.exe 2007-07-01 16:20 2007-07-01 14:53 2007-07-01 14:53 2007-07-01 14:52 2007-07-01 14:42 2007-07-01 14:42 2007-07-01 14:36 (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) 2007-07-08 08:47:10 49,712 ----a-w C:\WINDOWS\system32\perfc015.dat 2007-07-08 08:47:10 355,830 ----a-w C:\WINDOWS\system32\perfh015.dat 2007-07-01 10:41:51 -------- d-----w C:\Program Files\Usługi online 2001-10-26 17:29:52 168,448 --sh–r C:\WINDOWS\system32\wbem\scrcons32.exe ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE~\Browser Helper Objects{53707962-6F74-2D53-2644-206D7942484F}] 2005-05-31 01:04 853672 --a------ C:\Program Files\Spybot - Search & Destroy\SDHelper.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] “nwiz”=“nwiz.exe” [2005-11-11 13:47 C:\WINDOWS\system32\nwiz.exe] “SoundMan”=“SOUNDMAN.EXE” [2006-08-03 05:12 C:\WINDOWS\soundman.exe] “avast!”=“C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe” [2007-04-30 17:42] “SpeedTouch USB Diagnostics”=“C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe” [2004-01-26 11:38] “msvccc66”=“svcchosst.exe” [] “Pas Windows Monitor”=“pas.exe” [] “WMI Standard Event Consumer - Scripting”=“C:\WINDOWS\System32\wbem\scrcons32.exe” [2001-10-26 19:29] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] “CTFMON.EXE”=“C:\WINDOWS\System32\ctfmon.exe” [2001-10-26 19:29] “MSMSGS”=“C:\Program Files\Messenger\msmsgs.exe” [2001-08-02 07:14] “NETIANET”=“C:\Program Files\Netia\Net\netianet.exe” [2007-02-10 20:55] “Gadu-Gadu”=“C:\Program Files\Gadu-Gadu\gg.exe” [2007-05-10 16:36] “WMI Standard Event Consumer - Scripting”=“C:\WINDOWS\System32\wbem\scrcons32.exe” [2001-10-26 19:29] “Pas Windows Monitor”=“pas.exe” [] “tray”=“C:\Program Files\Pogoda\pogoda.exe” [2006-07-22 13:30] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\runservices] “WMI Standard Event Consumer - Scripting”=C:\WINDOWS\System32\wbem\scrcons32.exe [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runservices] “WMI Standard Event Consumer - Scripting”=C:\WINDOWS\System32\wbem\scrcons32.exe “msvccc66”=svcchosst.exe “Pas Windows Monitor”=pas.exe [HKEY_USERS.default\software\microsoft\windows\currentversion\runservices] “WMI Standard Event Consumer - Scripting”=C:\WINDOWS\System32\wbem\scrcons32.exe [HKEY_USERS.default\software\microsoft\windows\currentversion\run] “NETIANET”=C:\Program Files\Netia\Net\netianet.exe “WMI Standard Event Consumer - Scripting”=C:\WINDOWS\System32\wbem\scrcons32.exe “Pas Windows Monitor”=pas.exe [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] WMI Standard Event Consumer - Scripting C:\WINDOWS\System32\wbem\scrcons32.exe HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components{ACC563BC-4266-43f0-B6ED-9D38C4202C7E} rundll32 iesetup.dll,IEAccessUserInst ************************************************************************** catchme 0.3.915 W2K/XP/Vista - rootkit detector by Gmer, http://www.gmer.net Rootkit scan 2007-07-08 13:45:47 Windows 5.1.2600 NTFS scanning hidden processes … scanning hidden autostart entries … scanning hidden files … scan completed successfully hidden files: 0 ************************************************************************** Completion time: 2007-07-08 13:47:35 - machine was rebooted C:\ComboFix-quarantined-files.txt … 2007-07-08 13:47 C:\ComboFix2.txt … 2007-07-06 11:12 — E O F —

Przy uruchamianiu komputera muszę przez jakiś czas zamykać okna Avasta! o wirusach, żeby móc cokolwiek zrobić ;/

Gutek · 8 Lipiec 2007 12:17

Pobierz The Avenger. Wypakuj => uruchom => zaznacz opcję Input script manually => kliknij w taką lupkę => w okienku, które się otworzy wklej:

kliknij klawisz Done => teraz kliknij na zielone światełko => powinna pojawić się pewna informacja i kliknij OK (teraz restart).

Otwórz Notatnik i wklej w nim to:

Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] “msvccc66”=- “Pas Windows Monitor”=- “WMI Standard Event Consumer - Scripting”=- [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] “Pas Windows Monitor”=- [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\runservices] “WMI Standard Event Consumer - Scripting”=- [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runservices] “WMI Standard Event Consumer - Scripting”=- “msvccc66”=- “Pas Windows Monitor”=- [HKEY_USERS.default\software\microsoft\windows\currentversion\runservices] “WMI Standard Event Consumer - Scripting”=- [HKEY_USERS.default\software\microsoft\windows\currentversion\run] “WMI Standard Event Consumer - Scripting”=- “Pas Windows Monitor”=-

Plik >>> Zapisz jako >>> Zmień rozszerzenie z TXT na Wszystkie pliki >>> Zapisz pod nazwą FIX.REG >>> kliknij dwa razy na utworzony plik FIX.REG i potwierdź dodanie do rejestru >>> restart.

marcin.kieszek · 8 Lipiec 2007 13:45

Avanger:

Teraz ciagle pojawia mi się okno Avasta! “podejrzana wiadomość” i mało co mogę na komputerze zrobić, strony wczytują się dość długo, ale szybciej niż na samym początku. Komputer też czasem się restertuje bezpośrednio po włączeniu, pojawia się okno z komunikatem i jest odliczanie jednej minuty. Chciałem zrobić screena, ale przy włączaniu Painta wyskakuje mi jakiś błąd

Gutek · 8 Lipiec 2007 16:11

Nic nie usunięto, usuń pliki ręcznie i po tym daj nowy log z combofix-a

marcin.kieszek · 12 Lipiec 2007 21:31

Zrobiłem skan online i Avanger jednak usunął te pliki:

Avanger:

Logfile of The Avenger version 1, by Swandog46 Running from registry key: \Registry\Machine\System\CurrentControlSet\Services\lobgtsrw ******************* Script file located at: ??\C:\Documents and Settings\xeejqwul.txt Script file opened successfully. Script file read successfully Backups directory opened successfully at C:\Avenger ******************* Beginning to process script file: File C:\WINDOWS\system32\urdvxc.exe deleted successfully. File C:\WINDOWS\system32\pas.exe not found! Deletion of file C:\WINDOWS\system32\pas.exe failed! Could not process line: C:\WINDOWS\system32\pas.exe Status: 0xc0000034 File C:\sgfdgf.exe deleted successfully. File C:\WINDOWS\system32\dabceda6_r.dll deleted successfully. File C:\sdsed.exe deleted successfully. File C:\sonyviso.exe deleted successfully. File C:\msnd.exe deleted successfully. File C:\WINDOWS\iun6002.exe deleted successfully. File C:\WINDOWS\system32\wbem\scrcons32.exe deleted successfully. Completed script processing. ******************* Finished! Terminate.

ComboFix:

“Marcin Kieszek” - 2007-07-12 23:26:24 - ComboFix 07-07-04.4 ((((((((((((((((((((((((( Files Created from 2007-06-12 to 2007-07-12 ))))))))))))))))))))))))))))))) 2007-07-12 23:08 65,763 --a------ C:\sdsed.exe 2007-07-12 23:00 524,288 --ah----- C:\DOCUME~1\ADMINI~1\NTUSER.DAT 2007-07-12 23:00 2007-07-12 23:00 2007-07-12 23:00 2007-07-12 23:00 2007-07-12 23:00 2007-07-12 23:00 2007-07-12 23:00 2007-07-12 22:59 2007-07-12 22:37 66,580 --a------ C:\WINDOWS\system32\xeeefrim.dll 2007-07-12 22:25 66,068 --a------ C:\WINDOWS\system32\lgfnrrpt.exe 2007-07-10 16:32 62,976 --ahs---- C:\WINDOWS\system32\irdvxc.exe 2007-07-10 15:14 2007-07-10 15:14 2007-07-10 01:43 2007-07-10 01:43 2007-07-08 14:19 2007-07-08 13:49 38,912 --a------ C:\WINDOWS\system32\ze1.exe 2007-07-07 23:07 2007-07-06 18:52 2007-07-06 11:13 39,424 --a------ C:\WINDOWS\system32\ne1.exe 2007-07-06 11:13 37,888 --a------ C:\WINDOWS\system32\re1.exe 2007-07-06 11:08 51,200 --a------ C:\WINDOWS\nircmd.exe 2007-07-05 22:42 2007-07-03 21:03 25,544 --a------ C:\WINDOWS\system32\drivers\hamachi.sys 2007-07-03 21:03 2007-07-03 21:03 2007-07-02 00:04 2007-07-01 16:28 98,816 --a------ C:\WINDOWS\system32\dmstyle.dll 2007-07-01 16:28 974,848 --a------ C:\WINDOWS\system32\dxdiag.exe 2007-07-01 16:28 83,968 --a------ C:\WINDOWS\system32\drivers\nabtsfec.sys 2007-07-01 16:28 80,896 --a------ C:\WINDOWS\system32\dpvsetup.exe 2007-07-01 16:28 8,192 --a------ C:\WINDOWS\system32\d3d8thk.dll 2007-07-01 16:28 797,184 --a------ C:\WINDOWS\system32\d3dim700.dll 2007-07-01 16:28 79,360 --a------ C:\WINDOWS\system32\dpwsockx.dll 2007-07-01 16:28 77,824 --a------ C:\WINDOWS\system32\dpmodemx.dll 2007-07-01 16:28 76,800 --a------ C:\WINDOWS\system32\dmscript.dll 2007-07-01 16:28 733,184 --a------ C:\WINDOWS\system32\qedwipes.dll 2007-07-01 16:28 723,968 --a------ C:\WINDOWS\system32\dpnet.dll 2007-07-01 16:28 7,424 --a------ C:\WINDOWS\system32\drivers\mskssrv.sys 2007-07-01 16:28 68,096 --a------ C:\WINDOWS\system32\dpnhupnp.dll 2007-07-01 16:28 667,648 --a------ C:\WINDOWS\system32\dinput8.dll 2007-07-01 16:28 648,704 --a------ C:\WINDOWS\system32\dinput.dll 2007-07-01 16:28 64,512 --a------ C:\WINDOWS\system32\amstream.dll 2007-07-01 16:28 602,624 --a------ C:\WINDOWS\system32\dx7vb.dll 2007-07-01 16:28 58,368 --a------ C:\WINDOWS\system32\dmcompos.dll 2007-07-01 16:28 52,096 --a------ C:\WINDOWS\system32\drivers\msdv.sys 2007-07-01 16:28 5,504 --a------ C:\WINDOWS\system32\drivers\mstee.sys 2007-07-01 16:28 5,248 --a------ C:\WINDOWS\system32\drivers\mspclock.sys 2007-07-01 16:28 491,520 --a------ C:\WINDOWS\system32\dsdmoprp.dll 2007-07-01 16:28 48,512 --a------ C:\WINDOWS\system32\drivers\stream.sys 2007-07-01 16:28 470,528 --a------ C:\WINDOWS\system32\qdvd.dll 2007-07-01 16:28 47,104 --a------ C:\WINDOWS\system32\wstdecod.dll 2007-07-01 16:28 4,608 --a------ C:\WINDOWS\system32\drivers\mspqm.sys 2007-07-01 16:28 4,096 --a------ C:\WINDOWS\system32\ksuser.dll 2007-07-01 16:28 4,096 --a------ C:\WINDOWS\system32\drivers\swenum.sys 2007-07-01 16:28 381,952 --a------ C:\WINDOWS\system32\dsound.dll 2007-07-01 16:28 381,952 --a------ C:\WINDOWS\system32\dpvoice.dll 2007-07-01 16:28 354,816 --a------ C:\WINDOWS\system32\psisdecd.dll 2007-07-01 16:28 34,304 --a------ C:\WINDOWS\system32\mciqtz32.dll 2007-07-01 16:28 33,280 --a------ C:\WINDOWS\system32\dmloader.dll 2007-07-01 16:28 324,096 --a------ C:\WINDOWS\system32\mswebdvd.dll 2007-07-01 16:28 32,768 --a------ C:\WINDOWS\system32\dpnhpast.dll 2007-07-01 16:28 316,928 --a------ C:\WINDOWS\system32\qdv.dll 2007-07-01 16:28 31,744 --a------ C:\WINDOWS\system32\pid.dll 2007-07-01 16:28 3,072 --a------ C:\WINDOWS\system32\dpnlobby.dll 2007-07-01 16:28 3,072 --a------ C:\WINDOWS\system32\dpnaddr.dll 2007-07-01 16:28 292,864 --a------ C:\WINDOWS\system32\ddraw.dll 2007-07-01 16:28 28,160 --a------ C:\WINDOWS\system32\dplaysvr.exe 2007-07-01 16:28 27,136 --a------ C:\WINDOWS\system32\dmband.dll 2007-07-01 16:28 257,024 --a------ C:\WINDOWS\system32\qcap.dll 2007-07-01 16:28 24,064 --a------ C:\WINDOWS\system32\ddrawex.dll 2007-07-01 16:28 230,400 --a------ C:\WINDOWS\system32\dplayx.dll 2007-07-01 16:28 19,968 --a------ C:\WINDOWS\system32\dpvacm.dll 2007-07-01 16:28 186,880 --a------ C:\WINDOWS\system32\dsdmo.dll 2007-07-01 16:28 181,248 --a------ C:\WINDOWS\system32\dmime.dll 2007-07-01 16:28 18,944 --a------ C:\WINDOWS\system32\encapi.dll 2007-07-01 16:28 18,688 --a------ C:\WINDOWS\system32\drivers\wstcodec.sys 2007-07-01 16:28 18,432 --a------ C:\WINDOWS\system32\dswave.dll 2007-07-01 16:28 16,896 --a------ C:\WINDOWS\system32\msyuv.dll 2007-07-01 16:28 16,896 --a------ C:\WINDOWS\system32\dpnsvr.exe 2007-07-01 16:28 16,384 --a------ C:\WINDOWS\system32\drivers\ccdecode.sys 2007-07-01 16:28 15,104 --a------ C:\WINDOWS\system32\drivers\mpe.sys 2007-07-01 16:28 14,976 --a------ C:\WINDOWS\system32\drivers\streamip.sys 2007-07-01 16:28 132,608 --a------ C:\WINDOWS\system32\devenum.dll 2007-07-01 16:28 130,304 --a------ C:\WINDOWS\system32\drivers\ks.sys 2007-07-01 16:28 13,312 --a------ C:\WINDOWS\system32\msdmo.dll 2007-07-01 16:28 122,880 --a------ C:\WINDOWS\system32\dmusic.dll 2007-07-01 16:28 112,128 --a------ C:\WINDOWS\system32\dpvvox.dll 2007-07-01 16:28 11,392 --a------ C:\WINDOWS\system32\drivers\bdasup.sys 2007-07-01 16:28 100,864 --a------ C:\WINDOWS\system32\dmsynth.dll 2007-07-01 16:28 10,880 --a------ C:\WINDOWS\system32\drivers\slip.sys 2007-07-01 16:28 10,496 --a------ C:\WINDOWS\system32\drivers\dxapi.sys 2007-07-01 16:28 10,112 --a------ C:\WINDOWS\system32\drivers\ndisip.sys 2007-07-01 16:28 1,962,496 --a------ C:\WINDOWS\system32\quartz.dll 2007-07-01 16:28 1,798,144 --a------ C:\WINDOWS\system32\qedit.dll 2007-07-01 16:28 1,769,472 --a------ C:\WINDOWS\system32\dxdiagn.dll 2007-07-01 16:28 1,703,936 --a------ C:\WINDOWS\system32\d3d9.dll 2007-07-01 16:28 1,294,336 --a------ C:\WINDOWS\system32\dsound3d.dll (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) 2007-07-12 21:26:57 50,032 ----a-w C:\WINDOWS\system32\perfc015.dat 2007-07-12 21:26:57 356,494 ----a-w C:\WINDOWS\system32\perfh015.dat 2007-07-08 12:18:57 42,496 ----a-w C:\WINDOWS\system32\ftp.exe 2007-07-08 12:18:57 16,896 ----a-w C:\WINDOWS\system32\tftp.exe 2007-07-08 12:18:57 133,120 ----a-w C:\WINDOWS\system32\sfc_os.dll 2007-07-01 10:41:51 -------- d-----w C:\Program Files\Usługi online ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE~\Browser Helper Objects{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] 2001-04-16 18:39 37808 --a------ C:\Program Files\Adobe\Acrobat 5.0 CE\Reader\ActiveX\AcroIEHelper.ocx [HKEY_LOCAL_MACHINE~\Browser Helper Objects{53707962-6F74-2D53-2644-206D7942484F}] 2005-05-31 01:04 853672 --a------ C:\Program Files\Spybot - Search & Destroy\SDHelper.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] “nwiz”=“nwiz.exe” [2005-11-11 13:47 C:\WINDOWS\system32\nwiz.exe] “SoundMan”=“SOUNDMAN.EXE” [2006-08-03 05:12 C:\WINDOWS\soundman.exe] “avast!”=“C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe” [2007-04-30 17:42] “SpeedTouch USB Diagnostics”=“C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe” [2004-01-26 11:38] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] “CTFMON.EXE”=“C:\WINDOWS\System32\ctfmon.exe” [2001-10-26 19:29] “MSMSGS”=“C:\Program Files\Messenger\msmsgs.exe” [2001-08-02 07:14] “NETIANET”=“C:\Program Files\Netia\Net\netianet.exe” [2007-02-10 20:55] “Gadu-Gadu”=“C:\Program Files\Gadu-Gadu\gg.exe” [2007-05-10 16:36] “WMI Standard Event Consumer - Scripting”=“C:\WINDOWS\System32\wbem\scrcons32.exe” [] “tray”=“C:\Program Files\Pogoda\pogoda.exe” [2006-07-22 13:30] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\runservices] “WMI Standard Event Consumer - Scripting”=C:\WINDOWS\System32\wbem\scrcons32.exe [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runservices] “WMI Standard Event Consumer - Scripting”=C:\WINDOWS\System32\wbem\scrcons32.exe [HKEY_USERS.default\software\microsoft\windows\currentversion\run] “NETIANET”=C:\Program Files\Netia\Net\netianet.exe [HKEY_USERS.default\software\microsoft\windows\currentversion\policies\system] “DisableRegistryTools”=1 (0x1) [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] WMI Standard Event Consumer - Scripting C:\WINDOWS\System32\wbem\scrcons32.exe HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components{ACC563BC-4266-43f0-B6ED-9D38C4202C7E} rundll32 iesetup.dll,IEAccessUserInst ************************************************************************** catchme 0.3.915 W2K/XP/Vista - rootkit detector by Gmer, http://www.gmer.net Rootkit scan 2007-07-12 23:27:10 Windows 5.1.2600 NTFS scanning hidden processes … scanning hidden autostart entries … scanning hidden files … scan completed successfully hidden files: 0 ************************************************************************** Completion time: 2007-07-12 23:27:43 C:\ComboFix-quarantined-files.txt … 2007-07-12 23:27 C:\ComboFix2.txt … 2007-07-08 13:47 C:\ComboFix3.txt … 2007-07-06 11:12 — E O F —

Proszę o pomoc…

Gutek · 12 Lipiec 2007 23:12

Skan AVG Anti-Spyware 7.5 po update + raport

marcin.kieszek · 13 Lipiec 2007 21:28

AVG Anti-Spyware 7.5:

(Coś tam usunął po skanie…)

--------------------------------------------------------- AVG Anti-Spyware - Scan Report --------------------------------------------------------- + Created at: 23:23:56 2007-07-13 + Scan result: [1320] C:\WINDOWS\System32\nnnomlm.dll -> Adware.Virtumonde : Ignored. [540] C:\WINDOWS\system32\nnnomlm.dll -> Adware.Virtumonde : Ignored. C:\System Volume Information_restore{CC02E671-10B8-4F86-A4BF-04741FB37F7F}\RP10\A0004745.exe -> Backdoor.Aimbot.fd : Ignored. C:\System Volume Information_restore{CC02E671-10B8-4F86-A4BF-04741FB37F7F}\RP10\A0005741.exe -> Backdoor.Aimbot.fd : Ignored. C:\System Volume Information_restore{CC02E671-10B8-4F86-A4BF-04741FB37F7F}\RP12\A0017034.exe -> Backdoor.Aimbot.fd : Ignored. C:\System Volume Information_restore{CC02E671-10B8-4F86-A4BF-04741FB37F7F}\RP12\A0017035.exe -> Backdoor.Aimbot.fd : Ignored. C:\System Volume Information_restore{CC02E671-10B8-4F86-A4BF-04741FB37F7F}\RP12\A0017038.exe -> Backdoor.Aimbot.fd : Ignored. C:\System Volume Information_restore{CC02E671-10B8-4F86-A4BF-04741FB37F7F}\RP12\A0020205.exe -> Backdoor.Aimbot.fd : Ignored. C:\System Volume Information_restore{CC02E671-10B8-4F86-A4BF-04741FB37F7F}\RP14\A0030468.exe -> Backdoor.Aimbot.fd : Ignored. C:\System Volume Information_restore{CC02E671-10B8-4F86-A4BF-04741FB37F7F}\RP16\A0040946.exe -> Backdoor.Aimbot.fd : Ignored. C:\avenger\backup-2007-07-08-15.04.49,56.zip/avenger/df3lang.exe -> Backdoor.Aimbot.fd : Ignored. C:\avenger\backup-2007-07-08-15.04.49,56.zip/avenger/djsss93.exe -> Backdoor.Aimbot.fd : Ignored. C:\avenger\backup-2007-07-08-15.04.49,56.zip/avenger/spoolsv32.exe -> Backdoor.Aimbot.fd : Ignored. C:\System Volume Information_restore{CC02E671-10B8-4F86-A4BF-04741FB37F7F}\RP15\A0033642.exe -> Backdoor.Rbot.bni : Ignored. C:\System Volume Information_restore{CC02E671-10B8-4F86-A4BF-04741FB37F7F}\RP10\A0001615.exe -> Backdoor.Rbot.com : Ignored. C:\System Volume Information_restore{CC02E671-10B8-4F86-A4BF-04741FB37F7F}\RP10\A0003700.exe -> Backdoor.Rbot.com : Ignored. C:\System Volume Information_restore{CC02E671-10B8-4F86-A4BF-04741FB37F7F}\RP10\A0003739.exe -> Backdoor.Rbot.com : Ignored. C:\System Volume Information_restore{CC02E671-10B8-4F86-A4BF-04741FB37F7F}\RP10\A0004746.exe -> Backdoor.Rbot.com : Ignored. C:\System Volume Information_restore{CC02E671-10B8-4F86-A4BF-04741FB37F7F}\RP10\A0007836.exe -> Backdoor.Rbot.com : Ignored. C:\System Volume Information_restore{CC02E671-10B8-4F86-A4BF-04741FB37F7F}\RP12\A0017037.exe -> Backdoor.Rbot.com : Ignored. C:\System Volume Information_restore{CC02E671-10B8-4F86-A4BF-04741FB37F7F}\RP12\A0017059.exe -> Backdoor.Rbot.com : Ignored. C:\System Volume Information_restore{CC02E671-10B8-4F86-A4BF-04741FB37F7F}\RP16\A0038868.exe -> Backdoor.Rbot.com : Ignored. C:\avenger\backup-2007-07-08-15.04.49,56.zip/avenger/scrcons32.exe -> Backdoor.Rbot.com : Ignored. C:\avenger\backup.zip/avenger/scrcons32.exe -> Backdoor.Rbot.com : Ignored. C:\QooBox\Quarantine\C\WINDOWS\system32\f.exe.vir -> Backdoor.SdBot.aad : Ignored. C:\System Volume Information_restore{CC02E671-10B8-4F86-A4BF-04741FB37F7F}\RP11\A0008880.exe -> Backdoor.SdBot.aad : Ignored. C:\System Volume Information_restore{CC02E671-10B8-4F86-A4BF-04741FB37F7F}\RP11\A0009899.exe -> Backdoor.SdBot.aad : Ignored. C:\System Volume Information_restore{CC02E671-10B8-4F86-A4BF-04741FB37F7F}\RP11\A0010965.exe -> Backdoor.SdBot.aad : Ignored. C:\System Volume Information_restore{CC02E671-10B8-4F86-A4BF-04741FB37F7F}\RP12\A0018090.exe -> Backdoor.SdBot.aad : Ignored. C:\System Volume Information_restore{CC02E671-10B8-4F86-A4BF-04741FB37F7F}\RP12\A0020206.exe -> Backdoor.SdBot.aad : Ignored. C:\System Volume Information_restore{CC02E671-10B8-4F86-A4BF-04741FB37F7F}\RP14\A0030469.exe -> Backdoor.SdBot.aad : Ignored. C:\System Volume Information_restore{CC02E671-10B8-4F86-A4BF-04741FB37F7F}\RP16\A0040945.exe -> Backdoor.SdBot.aad : Ignored. C:\System Volume Information_restore{CC02E671-10B8-4F86-A4BF-04741FB37F7F}\RP16\A0040975.exe -> Backdoor.SdBot.aad : Ignored. C:\System Volume Information_restore{CC02E671-10B8-4F86-A4BF-04741FB37F7F}\RP7\A0000327.exe -> Backdoor.SdBot.aad : Ignored. C:\System Volume Information_restore{CC02E671-10B8-4F86-A4BF-04741FB37F7F}\RP11\A0010912.exe -> Backdoor.SdBot.bkp : Ignored. C:\System Volume Information_restore{CC02E671-10B8-4F86-A4BF-04741FB37F7F}\RP11\A0010962.exe -> Backdoor.SdBot.bkp : Ignored. C:\System Volume Information_restore{CC02E671-10B8-4F86-A4BF-04741FB37F7F}\RP11\A0009889.exe -> Backdoor.VanBot.cy : Ignored. C:\Program Files\Common Files\delsim\del.exe -> Dialer.Delsim : Ignored. C:\System Volume Information_restore{CC02E671-10B8-4F86-A4BF-04741FB37F7F}\RP13\A0020248.exe -> Dialer.Delsim : Ignored. C:\System Volume Information_restore{CC02E671-10B8-4F86-A4BF-04741FB37F7F}\RP13\A0020249.exe -> Dialer.Delsim : Ignored. C:\System Volume Information_restore{CC02E671-10B8-4F86-A4BF-04741FB37F7F}\RP13\A0024401.exe -> Dialer.Delsim : Ignored. C:\QooBox\Quarantine\C\WINDOWS\system32\oebnfplp.exe.vir -> Downloader.Tiny.id : Ignored. C:\QooBox\Quarantine\C\WINDOWS\system32\qkdwljml.exe.vir -> Downloader.Tiny.id : Ignored. C:\System Volume Information_restore{CC02E671-10B8-4F86-A4BF-04741FB37F7F}\RP12\A0020131.exe -> Downloader.Tiny.id : Ignored. C:\System Volume Information_restore{CC02E671-10B8-4F86-A4BF-04741FB37F7F}\RP16\A0038896.exe -> Downloader.Tiny.id : Ignored. C:\WINDOWS\system32\trjkbqgh.exe -> Downloader.Tiny.id : Ignored. C:\System Volume Information_restore{CC02E671-10B8-4F86-A4BF-04741FB37F7F}\RP12\A0019089.exe -> Hijacker.Agent.jn : Ignored. C:\System Volume Information_restore{CC02E671-10B8-4F86-A4BF-04741FB37F7F}\RP12\A0020088.exe -> Hijacker.Agent.jn : Ignored. C:\System Volume Information_restore{CC02E671-10B8-4F86-A4BF-04741FB37F7F}\RP12\A0020147.exe -> Hijacker.Agent.jn : Ignored. C:\System Volume Information_restore{CC02E671-10B8-4F86-A4BF-04741FB37F7F}\RP12\A0020231.exe -> Hijacker.Agent.jn : Ignored. C:\System Volume Information_restore{CC02E671-10B8-4F86-A4BF-04741FB37F7F}\RP13\A0020245.exe -> Hijacker.Agent.jn : Ignored. C:\System Volume Information_restore{CC02E671-10B8-4F86-A4BF-04741FB37F7F}\RP13\A0021223.exe -> Hijacker.Agent.jn : Ignored. C:\System Volume Information_restore{CC02E671-10B8-4F86-A4BF-04741FB37F7F}\RP13\A0021245.exe -> Hijacker.Agent.jn : Ignored. C:\System Volume Information_restore{CC02E671-10B8-4F86-A4BF-04741FB37F7F}\RP13\A0021266.exe -> Hijacker.Agent.jn : Ignored. C:\System Volume Information_restore{CC02E671-10B8-4F86-A4BF-04741FB37F7F}\RP13\A0021298.exe -> Hijacker.Agent.jn : Ignored. C:\System Volume Information_restore{CC02E671-10B8-4F86-A4BF-04741FB37F7F}\RP13\A0021317.exe -> Hijacker.Agent.jn : Ignored. C:\System Volume Information_restore{CC02E671-10B8-4F86-A4BF-04741FB37F7F}\RP13\A0021331.exe -> Hijacker.Agent.jn : Ignored. C:\System Volume Information_restore{CC02E671-10B8-4F86-A4BF-04741FB37F7F}\RP13\A0022337.exe -> Hijacker.Agent.jn : Ignored. C:\System Volume Information_restore{CC02E671-10B8-4F86-A4BF-04741FB37F7F}\RP13\A0023346.exe -> Hijacker.Agent.jn : Ignored. C:\System Volume Information_restore{CC02E671-10B8-4F86-A4BF-04741FB37F7F}\RP13\A0023375.exe -> Hijacker.Agent.jn : Ignored. C:\System Volume Information_restore{CC02E671-10B8-4F86-A4BF-04741FB37F7F}\RP13\A0024375.exe -> Hijacker.Agent.jn : Ignored. C:\System Volume Information_restore{CC02E671-10B8-4F86-A4BF-04741FB37F7F}\RP13\A0026423.exe -> Hijacker.Agent.jn : Ignored. C:\System Volume Information_restore{CC02E671-10B8-4F86-A4BF-04741FB37F7F}\RP13\A0027428.exe -> Hijacker.Agent.jn : Ignored. C:\System Volume Information_restore{CC02E671-10B8-4F86-A4BF-04741FB37F7F}\RP13\A0028419.exe -> Hijacker.Agent.jn : Ignored. C:\System Volume Information_restore{CC02E671-10B8-4F86-A4BF-04741FB37F7F}\RP14\A0030479.exe -> Hijacker.Agent.jn : Ignored. C:\System Volume Information_restore{CC02E671-10B8-4F86-A4BF-04741FB37F7F}\RP14\A0031476.exe -> Hijacker.Agent.jn : Ignored. C:\System Volume Information_restore{CC02E671-10B8-4F86-A4BF-04741FB37F7F}\RP14\A0032476.exe -> Hijacker.Agent.jn : Ignored. C:\System Volume Information_restore{CC02E671-10B8-4F86-A4BF-04741FB37F7F}\RP14\A0032495.exe -> Hijacker.Agent.jn : Ignored. C:\System Volume Information_restore{CC02E671-10B8-4F86-A4BF-04741FB37F7F}\RP16\A0038870.exe -> Hijacker.Agent.jn : Ignored. C:\avenger\backup.zip/avenger/sgfdgf.exe -> Hijacker.Agent.jn : Ignored. C:\Documents and Settings\Marcin Kieszek\Cookies\marcin kieszek@stats1.reliablestats[1].txt -> TrackingCookie.Reliablestats : Ignored. C:\Documents and Settings\Marcin Kieszek\Cookies\marcin kieszek@tradedoubler[2].txt -> TrackingCookie.Tradedoubler : Ignored. ::Report end

Joan · 13 Lipiec 2007 21:42

usun wszystko, co znalazł, powinno być potem ok