System zamyka "eksplorator windows"


(Radziokom) #1

Witam

Mam problem z moim komputerem.Od kiedy przegrałem piosnki od kolegi przez pendrive, po wejściu do " moja muzyka" wyświetla mi się komunikat "Aby pomóc w ochronie tego komputera, system windows zamknął ten program " ten program to EKSPLORATOR WINDOWS. A gdy wchodzę od " moje obrazy" to nic się takiego nie dzieje. Oprócz tego nie mogę otworzyć żadnego filmu bo po takiej próbie cały komputer się zacina i nie mogę go nawet normalnie wyłączyć. Pendriva przed kopiowaniem skanowałem ale nic w nim nie znalazło.Komputer kolegi działa "normalnie".

Proszę o pomoc. Zaraz wkleję loga


(Radziokom) #2

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 21:06:25, on 2008-10-31

Platform: Windows XP Dodatek SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16735)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\csrss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\brsvc01a.exe

C:\WINDOWS\system32\brss01a.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Intel\Wireless\Bin\EvtEng.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe

D:\Program Files\PC Tools Internet Security\pctsAuxs.exe

D:\Program Files\PC Tools Internet Security\pctsSvc.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\ATK0100\HControl.exe

C:\WINDOWS\system32\RUNDLL32.EXE

C:\WINDOWS\RTHDCPL.EXE

C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe

C:\WINDOWS\system32\rundll32.exe

C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe

C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe

D:\Program Files\PC Tools Internet Security\pctsTray.exe

C:\WINDOWS\ATK0100\ATKOSD.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\alg.exe

D:\Program Files\PC Tools Internet Security\TFEngine\TFService.exe

D:\Program Files\Mozilla Firefox\firefox.exe

D:\Program Files\Gadu-Gadu\gg.exe

C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe

C:\WINDOWS\explorer.exe

C:\WINDOWS\system32\wbem\wmiprvse.exe

C:\DOCUME~1\Radzio\USTAWI~1\Temp\Katalog tymczasowy 1 dla HiJackThis.zip\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll

O4 - HKLM..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe

O4 - HKLM..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM..\Run: [nwiz] nwiz.exe /install

O4 - HKLM..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM..\Run: [RTHDCPL] RTHDCPL.EXE

O4 - HKLM..\Run: [skyTel] SkyTel.EXE

O4 - HKLM..\Run: [sMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe

O4 - HKLM..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM..\Run: [intelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"

O4 - HKLM..\Run: [intelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless

O4 - HKLM..\Run: [sSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot

O4 - HKLM..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"

O4 - HKLM..\Run: [iSTray] "D:\Program Files\PC Tools Internet Security\pctsTray.exe"

O4 - HKUS\S-1-5-19..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA LOKALNA')

O4 - HKUS\S-1-5-20..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA SIECIOWA')

O4 - HKUS\S-1-5-18..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS.DEFAULT..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll

O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.pl/resources/virus ... nicode.cab

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windows ... 8247390285

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe

O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe

O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe

O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - D:\Program Files\PC Tools Internet Security\pctsAuxs.exe

O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - D:\Program Files\PC Tools Internet Security\pctsSvc.exe

O23 - Service: ThreatFire - PC Tools - D:\Program Files\PC Tools Internet Security\TFEngine\TFService.exe

--

End of file - 6660 bytes


(Leon$) #3

log czysty

Pobierz Combofix http://forum.dobreprogramy.pl/viewtopic.php?f=16&t=36654 przeskanuj system daj log

:slight_smile:


(Radziokom) #4

ComboFix 08-10-30.13 - Radzio 2008-10-31 22:09:18.1 - NTFSx86

Microsoft Windows XP Home Edition 5.1.2600.3.1250.1.1045.18.2465 [GMT 1:00]

Uruchomiony z: E:\Moje dokumenty\Pobrane pliki\ComboFix.exe

* Utworzono nowy punkt przywracania

UWAGA - TEN KOMPUTER NIE MA ZAINSTALOWANEJ KONSOLI ODZYSKIWANIA!!

.

((((((((((((((((((((((((( Pliki utworzone od 2008-09-28 do 2008-10-31 )))))))))))))))))))))))))))))))

.

2008-10-30 18:11 . 2008-10-30 18:11

2008-10-29 16:03 . 2008-10-29 16:03

2008-10-29 16:03 . 2008-10-29 16:03

2008-10-29 16:03 . 2006-05-25 15:52 162,304 --a------ C:\WINDOWS\system32\ztvunrar36.dll

2008-10-29 16:03 . 2003-02-02 20:06 153,088 --a------ C:\WINDOWS\system32\unrar3.dll

2008-10-29 16:03 . 2005-08-26 01:50 77,312 --a------ C:\WINDOWS\system32\ztvunace26.dll

2008-10-29 16:03 . 2002-03-06 01:00 75,264 --a------ C:\WINDOWS\system32\unacev2.dll

2008-10-29 16:03 . 2006-06-19 13:01 69,632 --a------ C:\WINDOWS\system32\ztvcabinet.dll

2008-10-29 14:05 . 2008-10-29 14:07 664 --a------ C:\WINDOWS\system32\d3d9caps.dat

2008-10-29 12:38 . 2008-10-29 12:38

2008-10-29 12:38 . 2008-10-29 12:38

2008-10-29 12:36 . 2008-10-31 22:13

2008-10-29 12:36 . 2007-12-17 14:47

2008-10-29 12:36 . 2007-12-17 13:53

2008-10-29 12:36 . 2007-12-17 14:47

2008-10-29 12:36 . 2008-10-29 14:03

2008-10-29 12:36 . 2007-12-17 14:47

2008-10-29 12:36 . 2008-10-29 12:38

2008-10-29 12:36 . 2008-10-29 12:37

2008-10-28 09:05 . 2008-10-28 09:05

2008-10-27 19:09 . 2008-10-27 19:09

2008-10-27 19:09 . 2008-10-27 19:09

2008-10-27 19:07 . 2008-10-31 22:13

2008-10-27 19:05 . 2008-10-27 19:05

2008-10-27 19:05 . 2008-10-27 19:05

2008-10-27 19:05 . 2008-10-27 19:09

2008-10-27 19:05 . 2008-07-16 10:43 160,680 --a------ C:\WINDOWS\system32\drivers\pctfw2.sys

2008-10-27 19:05 . 2008-06-24 10:26 93,440 --a------ C:\WINDOWS\system32\drivers\pctfw.sys

2008-10-27 19:05 . 2008-07-03 18:06 81,320 --a------ C:\WINDOWS\system32\drivers\iksyssec.sys

2008-10-27 19:05 . 2008-07-03 18:06 66,984 --a------ C:\WINDOWS\system32\drivers\iksysflt.sys

2008-10-27 19:05 . 2008-07-16 10:43 57,256 --a------ C:\WINDOWS\system32\drivers\FWAuthDriver.sys

2008-10-27 19:05 . 2008-06-06 11:15 51,520 --a------ C:\WINDOWS\system32\drivers\TfFsMon.sys

2008-10-27 19:05 . 2008-07-03 18:06 42,408 --a------ C:\WINDOWS\system32\drivers\ikfilesec.sys

2008-10-27 19:05 . 2008-06-06 11:15 38,208 --a------ C:\WINDOWS\system32\drivers\TfSysMon.sys

2008-10-27 19:05 . 2008-06-06 11:15 33,088 --a------ C:\WINDOWS\system32\drivers\TfNetMon.sys

2008-10-27 19:05 . 2008-07-03 18:06 29,608 --a------ C:\WINDOWS\system32\drivers\kcom.sys

2008-10-27 19:05 . 2008-06-06 11:15 12,608 --a------ C:\WINDOWS\system32\drivers\TfKbMon.sys

2008-10-23 21:54 . 2008-10-15 17:36 337,408 -----c--- C:\WINDOWS\system32\dllcache\netapi32.dll

2008-10-15 10:09 . 2008-10-15 10:09

2008-10-15 10:08 . 2008-10-15 10:08

2008-10-15 10:08 . 2008-06-10 01:32 73,728 --a------ C:\WINDOWS\system32\javacpl.cpl

2008-10-15 10:02 . 2008-10-15 10:02

2008-10-15 07:28 . 2008-09-15 16:27 1,846,656 -----c--- C:\WINDOWS\system32\dllcache\win32k.sys

2008-10-15 07:28 . 2008-09-08 11:41 333,824 -----c--- C:\WINDOWS\system32\dllcache\srv.sys

2008-10-15 07:27 . 2008-08-14 14:26 2,190,464 -----c--- C:\WINDOWS\system32\dllcache\ntoskrnl.exe

2008-10-15 07:27 . 2008-08-14 14:26 2,146,816 -----c--- C:\WINDOWS\system32\dllcache\ntkrnlmp.exe

2008-10-15 07:27 . 2008-08-14 14:26 2,067,328 -----c--- C:\WINDOWS\system32\dllcache\ntkrnlpa.exe

2008-10-15 07:27 . 2008-08-14 14:26 2,025,472 -----c--- C:\WINDOWS\system32\dllcache\ntkrpamp.exe

2008-09-27 17:56 . 2008-09-27 17:56

2008-09-27 17:56 . 2008-09-27 17:56

2008-09-27 17:33 . 2008-09-27 17:51

2008-09-27 17:28 . 2008-09-27 17:28

2008-09-27 17:28 . 2008-09-27 17:28

2008-09-27 17:27 . 2008-09-27 17:27

2008-09-27 16:59 . 2008-09-27 16:59

2008-09-27 16:58 . 2008-09-27 16:59

2008-09-27 16:56 . 2008-09-27 16:56

2008-09-26 18:38 . 2008-09-26 18:38

2008-09-26 18:38 . 2008-09-26 18:38

2008-09-09 12:18 . 2008-09-09 12:18

2008-09-09 12:18 . 2008-09-09 12:18

2008-09-09 12:18 . 2008-09-09 12:18

2008-09-09 12:17 . 2008-09-09 12:18

2008-09-09 12:13 . 2008-09-09 12:13

.

(((((((((((((((((((((((((((((((((((((((( Sekcja Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2008-10-31 18:12 --------- d-----w C:\Program Files\Windows Media Connect 2

2008-10-31 15:20 --------- d-----w C:\Documents and Settings\Radzio\Dane aplikacji\Skype

2008-10-31 15:07 --------- d-----w C:\Documents and Settings\Radzio\Dane aplikacji\skypePM

2008-09-27 16:01 --------- d--h--w C:\Program Files\InstallShield Installation Information

2008-09-27 09:35 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\Lavasoft

2008-09-15 15:27 1,846,656 ----a-w C:\WINDOWS\system32\win32k.sys

2008-09-08 10:41 333,824 ----a-w C:\WINDOWS\system32\drivers\srv.sys

2008-08-26 08:27 826,368 ----a-w C:\WINDOWS\system32\wininet.dll

2008-08-14 13:26 2,146,816 ----a-w C:\WINDOWS\system32\ntoskrnl.exe

2008-08-14 13:26 2,025,472 ----a-w C:\WINDOWS\system32\ntkrnlpa.exe

2008-07-18 20:10 94,920 ----a-w C:\WINDOWS\system32\cdm.dll

2008-07-18 20:10 53,448 ----a-w C:\WINDOWS\system32\wuauclt.exe

2008-07-18 20:10 45,768 ----a-w C:\WINDOWS\system32\wups2.dll

2008-07-18 20:10 36,552 ----a-w C:\WINDOWS\system32\wups.dll

2008-07-18 20:09 563,912 ----a-w C:\WINDOWS\system32\wuapi.dll

2008-07-18 20:09 325,832 ----a-w C:\WINDOWS\system32\wucltui.dll

2008-07-18 20:09 205,000 ----a-w C:\WINDOWS\system32\wuweb.dll

2008-07-18 20:09 1,811,656 ----a-w C:\WINDOWS\system32\wuaueng.dll

2008-07-07 20:29 253,952 ----a-w C:\WINDOWS\system32\es.dll

2008-04-15 10:18 32 ----a-w C:\Documents and Settings\All Users\Dane aplikacji\ezsid.dat

2006-06-23 06:48 32,768 -c--a-r C:\WINDOWS\inf\UpdateUSB.exe

.

((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane

REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"HControl"="C:\WINDOWS\ATK0100\HControl.exe" [2006-10-14 110592]

"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-04-28 8429568]

"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2007-04-28 81920]

"SMSERIAL"="C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe" [2007-01-29 638976]

"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2006-05-25 786521]

"IntelZeroConfig"="C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe" [2007-02-21 819200]

"IntelWireless"="C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" [2007-02-21 970752]

"SSBkgdUpdate"="C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2003-10-14 155648]

"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]

"ISTray"="D:\Program Files\PC Tools Internet Security\pctsTray.exe" [2008-07-16 1166248]

"nwiz"="nwiz.exe" [2007-04-28 C:\WINDOWS\system32\nwiz.exe]

"RTHDCPL"="RTHDCPL.EXE" [2007-03-08 C:\WINDOWS\RTHDCPL.exe]

"SkyTel"="SkyTel.EXE" [2006-05-16 C:\WINDOWS\SkyTel.exe]

[HKEY_USERS.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]

"msacm.sl_anet"= C:\PROGRA~1\ACEMEG~1\SystemS\sl_anet.acm

"vidc.yv12"= C:\PROGRA~1\ACEMEG~1\SystemS\ATI\atiyuv12.DLL

"vidc.divx"= C:\PROGRA~1\ACEMEG~1\SystemS\DivX\DivX520.dll

"vidc.iyuv"= C:\PROGRA~1\ACEMEG~1\SystemS\Intel\iyuv_32.dll

"vidc.yvu9"= C:\PROGRA~1\ACEMEG~1\SystemS\Intel\Iyvu9_32.dll

"vidc.uyvy"= C:\PROGRA~1\ACEMEG~1\SystemS\MICROS~1\msyuv.dll

"vidc.yuy2"= C:\PROGRA~1\ACEMEG~1\SystemS\MICROS~1\msyuv.dll

"vidc.yvyu"= C:\PROGRA~1\ACEMEG~1\SystemS\MICROS~1\msyuv.dll

"msacm.msaudio1"= C:\PROGRA~1\ACEMEG~1\SystemS\MICROS~1\msaud32.acm

[HKEY_LOCAL_MACHINE\software\microsoft\security center]

"AntiVirusOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]

"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\Network Diagnostic\xpnetdiag.exe"=

"C:\WINDOWS\system32\sessmgr.exe"=

"%windir%\system32\sessmgr.exe"=

"C:\Program Files\Skype\Phone\Skype.exe"=

R0 TfFsMon;TfFsMon;C:\WINDOWS\system32\drivers\TfFsMon.sys [2008-06-06 51520]

R0 TfSysMon;TfSysMon;C:\WINDOWS\system32\drivers\TfSysMon.sys [2008-06-06 38208]

R1 pctfw2;pctfw2;C:\WINDOWS\system32\drivers\pctfw2.sys [2008-07-16 160680]

R3 FWAuth;FWAuth Driver;C:\WINDOWS\system32\drivers\FWAuthDriver.sys [2008-07-16 57256]

R3 SynMini;Syntek USB2.0 2M WebCam;C:\WINDOWS\system32\Drivers\SynMini.sys [2006-11-27 1208064]

R3 SynScan;Syntek USB2.0 2M WebCam Still Image;C:\WINDOWS\system32\Drivers\SynScan.sys [2006-10-04 8064]

R3 TfNetMon;TfNetMon;C:\WINDOWS\system32\drivers\TfNetMon.sys [2008-06-06 33088]

R3 ThreatFire;ThreatFire;D:\Program Files\PC Tools Internet Security\TFEngine\TFService.exe service []

S3 ATE_PROCMON;ATE_PROCMON;D:\Program Files\Anti Trojan Elite\ATEPMon.sys []

.

.

------- Skan uzupełniający -------

.

FireFox -: Profile - C:\Documents and Settings\Radzio\Dane aplikacji\Mozilla\Firefox\Profiles\s598jrz9.default\

FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp://www.google.pl/

.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2008-10-31 22:13:57

Windows 5.1.2600 Dodatek Service Pack 3 NTFS

detected NTDLL code modification:

ZwClose

skanowanie ukrytych procesów ...

skanowanie ukrytych wpisów autostartu ...

skanowanie ukrytych plików ...

skanowanie pomyślnie ukończone

ukryte pliki: 0

**************************************************************************

.

--------------------- Pliki DLL ładowane pod uruchomionymi procesami ---------------------

PROCES: C:\WINDOWS\explorer.exe

  • C:\WINDOWS\system32\nview.dll

.

Czas ukończenia: 2008-10-31 22:16:22

ComboFix-quarantined-files.txt 2008-10-31 21:16:08

Przed: 9 340 440 576 bajtów wolnych

Po: 9,331,417,088 bajtów wolnych

174 --- E O F --- 2008-10-23 21:28:19


(Gutek) #5

Ja nic nie widzę, mówie o syfie.

Zmiana zasad wklejania logów na forum - viewtopic.php?f=16&t=253052