Windows Security Alert - POMOCY


(Lukiti) #1

Witam

Mam problem bo co jakiś czas wyskakuje mi okienko o nazwie Windows Security Alert.

windowssecuritynr4.th.png

Gdy klikam prawym przyciskiem i daje na Właściwości pisze że Operacja została anulowana ze względu na ograniczenia na ten komputer. Skontaktuj się z administratorem systemu.

operacjazostaaanulowanaao7.th.png

I zniknął mi Panel Sterowania.

Logi z HijackThis

Logfile of HijackThis v1.99.1

Scan saved at 14:45:00, on 2008-01-22

Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.5730.0013)

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\SYSTEM32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\Explorer.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\system32\printer.exe

C:\WINDOWS\SOUNDMAN.EXE

C:\WINDOWS\system32\RunDLL32.exe

C:\WINDOWS\system32\hphmon05.exe

C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe

C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe

C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe

C:\Program Files\G DATA\InternetSecurity 2007\AVKTray\AVKTray.exe

C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe

C:\Program Files\Creative\Shared Files\CamTray.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\G DATA\InternetSecurity 2007\Firewall\GDFirewallTray.exe

C:\Program Files\G DATA\InternetSecurity 2007\AVK\AVKService.exe

C:\Program Files\G DATA\InternetSecurity 2007\AVK\AVKWCtl.exe

C:\WINDOWS\system32\CTsvcCDA.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Common Files\Teleca Shared\Generic.exe

C:\Program Files\Common Files\G DATA\AVKProxy\AVKProxy.exe

C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe

C:\WINDOWS\system32\wscntfy.exe

C:\WINDOWS\system32\HPZipm12.exe

C:\Program Files\G DATA\InternetSecurity 2007\Firewall\GDFwSvc.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\DOCUME~1\UKASZ~1\USTAWI~1\Temp\Rar$EX00.266\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza

F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\system32\printer.exe

O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll

O3 - Toolbar: Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll

O3 - Toolbar: Steganos Internet Anonym - {00000000-5736-4205-0008-f7ed0776fb27} - c:\program files\steganos internet anonym 2006\sia2006iep.dll

O3 - Toolbar: G DATA WebFilter - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files\G DATA\InternetSecurity 2007\Webfilter\AvkWebIE.dll

O4 - HKLM..\Run: [WinAVX] C:\WINDOWS\system32\WinAvXX.exe

O4 - HKLM..\Run: [WinFoxV2] C:\WINDOWS\system32\WF2K.EXE Initial

O4 - HKLM..\Run: [WinFast2KLoadDefault] rundll32.exe wf2kcpl.dll,DllLoadDefaultSettings

O4 - HKLM..\Run: [WinFast Schedule] C:\Program Files\WinFast\WFTVFM\WFWIZ.exe

O4 - HKLM..\Run: [WheelMouse] C:\Program Files\A4Tech\Mouse\Amoumain.exe

O4 - HKLM..\Run: [soundMan] SOUNDMAN.EXE

O4 - HKLM..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe

O4 - HKLM..\Run: [PD0620 STISvc] RunDLL32.exe P0620Pin.dll,RunDLL32EP 513

O4 - HKLM..\Run: [nwiz] nwiz.exe /install

O4 - HKLM..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM..\Run: [HPHUPD05] C:\Program Files\Hewlett-Packard{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe

O4 - HKLM..\Run: [HPHmon05] C:\WINDOWS\system32\hphmon05.exe

O4 - HKLM..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe

O4 - HKLM..\Run: [HP Software Update] "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe"

O4 - HKLM..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"

O4 - HKLM..\Run: [EasyTuneV] C:\Program Files\Gigabyte\ET5\GUI.exe

O4 - HKLM..\Run: [sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions

O4 - HKLM..\Run: [Flashget] "C:\Program Files\FlashGet\FlashGet.exe" /min

O4 - HKLM..\Run: [AVKTray] "C:\Program Files\G DATA\InternetSecurity 2007\AVKTray\AVKTray.exe"

O4 - HKCU..\Run: [WinAVX] C:\WINDOWS\system32\WinAvXX.exe

O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

O4 - HKCU..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized

O4 - HKCU..\Run: [Gadu-Gadu] "C:\Program Files\Gadu-Gadu\gg.exe" /tray

O4 - HKCU..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033

O4 - HKCU..\Run: [CTSyncU.exe] "C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe"

O4 - HKCU..\Run: [Creative WebCam Tray] "C:\Program Files\Creative\Shared Files\CamTray.exe"

O4 - HKCU..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU..\Run: [sIA2006] "C:\Program Files\Steganos Internet Anonym 2006\SIA2006.exe" -boot

O4 - Startup: system.exe

O4 - Global Startup: autorun.exe

O4 - Global Startup: G DATA Firewall Tray.lnk = ?

O7 - HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1

O8 - Extra context menu item: Download with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm

O8 - Extra context menu item: Download all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm

O8 - Extra context menu item: Download all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm

O8 - Extra context menu item: Download All with FlashGet - C:\Program Files\FlashGet\jc_all.htm

O8 - Extra context menu item: Download with FlashGet - C:\Program Files\FlashGet\jc_link.htm

O8 - Extra context menu item: Eksportuj do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

O9 - Extra button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra button: BitComet Search - {461CC20B-FB6E-4f16-8FE8-C29359DB100E} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.9.24.dll (file missing)

O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL

O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe

O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O11 - Options group: [iNTERNATIONAL] International*

O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL

O20 - AppInit_DLLs: hadjajr.ini

O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe

O23 - Service: AVKProxy - G DATA Software AG - C:\Program Files\Common Files\G DATA\AVKProxy\AVKProxy.exe

O23 - Service: AVK Service (AVKService) - G DATA Software AG - C:\Program Files\G DATA\InternetSecurity 2007\AVK\AVKService.exe

O23 - Service: Strażnik AVK (AVKWCtl) - Unknown owner - C:\Program Files\G DATA\InternetSecurity 2007\AVK\AVKWCtl.exe

O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe

O23 - Service: G DATA Personal Firewall (GDFwSvc) - Unknown owner - C:\Program Files\G DATA\InternetSecurity 2007\Firewall\GDFwSvc.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

Bardzo bym prosił o pomoc.


(Slawomir Szal) #2

Usuń w HJT

Ściagnij Combofix

Do notatnika wklej:

zapisz jako CFScript (zapisz by ikonka CFScript.txt była obok ikonki ComboFix.exe) >> Przeciągnij i upuść ikonkę CFScript.txt na ikonkę ComboFix.exe

na pytanie "1 or 2" - to wpisz 1 i naciśnij ENTER

Powinno rozpocząć się usuwanie

Potem log z usuwania


(Lukiti) #3

ComboFix 08-01-23.1 - Łukasz 2008-01-22 20:05:20.1 - NTFSx86

Microsoft Windows XP Professional 5.1.2600.2.1250.1.1045.18.466 [GMT 1:00]

Running from: C:\Documents and Settings\Łukasz\Pulpit\ComboFix.exe

Command switches used :: C:\Documents and Settings\Łukasz\Pulpit\CFScript.txt

* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED!!

FILE

C:\WINDOWS\system32\printer.exe

C:\WINDOWS\system32\WinAvXX.exe

.

((((((((((((((((((((((((( Files Created from 2007-12-23 to 2008-01-23 )))))))))))))))))))))))))))))))

.

2008-01-16 07:49 . 2008-01-16 07:49 34,143 --a------ C:\WINDOWS\system32\drivers\MiniIcpt.sys

2008-01-16 07:49 . 2008-01-16 07:49 29,730 --a------ C:\WINDOWS\system32\drivers\HookCentre.sys

2008-01-16 07:49 . 2008-01-16 07:49 20,096 --a------ C:\WINDOWS\system32\drivers\GDNdisIc.sys

2008-01-16 07:48 . 2008-01-16 07:48

2008-01-16 07:48 . 2008-01-16 07:48

2008-01-16 07:47 . 2008-01-16 07:47

2008-01-15 20:03 . 2008-01-16 07:51

2008-01-10 20:24 . 2008-01-22 14:14

2007-12-30 19:47 . 2007-12-30 20:14

2007-12-29 15:52 . 2007-12-29 15:52

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2008-01-22 16:27 --------- d-----w C:\Program Files\FlashGet

2008-01-17 17:53 --------- d-----w C:\Program Files\Gadu-Gadu

2008-01-16 06:51 --------- d--h--w C:\Program Files\InstallShield Installation Information

2008-01-15 16:49 --------- d-----w C:\Program Files\IrfanView

2007-12-26 11:47 --------- d-----w C:\Program Files\Tibia

2007-12-20 17:49 --------- d-----w C:\Program Files\Winamp

2007-12-14 19:00 --------- d-----w C:\Program Files\Steganos Internet Anonym 2006

2007-12-14 19:00 --------- d-----w C:\Program Files\Secure Surfing Engine

2007-12-06 15:50 --------- d-----w C:\Program Files\Firaxis Games

2007-12-06 14:22 --------- d-----w C:\Program Files\MarBit

2007-12-06 14:21 --------- d-----w C:\Program Files\K-Lite Codec Pack

2007-12-06 14:15 --------- d-----w C:\Program Files\Easy RealMedia Tools

2007-12-05 11:18 --------- d-----w C:\Program Files\Lavasoft

2007-12-01 08:56 --------- d-----w C:\Program Files\Sony Ericsson

2007-12-01 08:56 --------- d-----w C:\Program Files\Common Files\Teleca Shared

2007-12-01 08:56 --------- d-----w C:\Program Files\Common Files\Sony Ericsson Shared

2007-11-24 08:07 --------- d-----w C:\Program Files\Alcohol Soft

2007-11-24 06:52 --------- d-----w C:\Program Files\Gigabyte

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries legit default entries are not shown

REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-09-07 11:50 68856]

"Skype"="C:\Program Files\Skype\Phone\Skype.exe" [2007-08-31 16:40 22879528]

"Gadu-Gadu"="C:\Program Files\Gadu-Gadu\gg.exe" [2007-07-09 08:39 2119104]

"DAEMON Tools"="C:\Program Files\DAEMON Tools\daemon.exe" [2007-08-16 12:24 167368]

"CTSyncU.exe"="C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe" [2006-08-07 09:06 700416]

"Creative WebCam Tray"="C:\Program Files\Creative\Shared Files\CamTray.exe" [2005-10-27 19:00 299008]

"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-03 23:44 15360]

"SIA2006"="C:\Program Files\Steganos Internet Anonym 2006\SIA2006.exe" [2005-11-09 11:35 3063808]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"WinFoxV2"="C:\WINDOWS\system32\WF2K.exe" [2005-07-22 09:43 1310720]

"WinFast2KLoadDefault"="wf2kcpl.dll" [2005-04-14 09:32 612352 C:\WINDOWS\system32\WF2KCPL.dll]

"WinFast Schedule"="C:\Program Files\WinFast\WFTVFM\WFWIZ.exe" [2005-07-22 09:16 311296]

"WheelMouse"="C:\Program Files\A4Tech\Mouse\Amoumain.exe" [2006-02-17 10:14 163840]

"SoundMan"="SOUNDMAN.EXE" [2004-12-22 10:09 77824 C:\WINDOWS\SOUNDMAN.EXE]

"Picasa Media Detector"="C:\Program Files\Picasa2\PicasaMediaDetector.exe" [2006-03-16 00:07 421888]

"PD0620 STISvc"="P0620Pin.dll" [2005-05-10 18:03 36864 C:\WINDOWS\system32\P0620Pin.dll]

"nwiz"="nwiz.exe" [2005-06-15 16:20 1519616 C:\WINDOWS\system32\nwiz.exe]

"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2005-06-15 16:20 86016]

"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2005-06-15 16:20 6803456]

"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 09:50 155648]

"HPHUPD05"="C:\Program Files\Hewlett-Packard{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe" [2003-05-23 04:03 49152]

"HPHmon05"="C:\WINDOWS\system32\hphmon05.exe" [2003-05-23 03:55 483328]

"HPDJ Taskbar Utility"="C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe" [2003-05-07 20:56 188416]

"HP Software Update"="C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe" [2002-12-17 10:40 49152]

"HP Component Manager"="C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" [2003-04-08 11:45 212992]

"EasyTuneV"="C:\Program Files\Gigabyte\ET5\GUI.exe" [2004-06-14 10:54 200704]

"Sony Ericsson PC Suite"="C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" [2007-06-13 08:16 528384]

"Flashget"="C:\Program Files\FlashGet\FlashGet.exe" [2007-09-25 09:10 2007088]

"AVKTray"="C:\Program Files\G DATA\InternetSecurity 2007\AVKTray\AVKTray.exe" [2006-11-02 14:59 872448]

[HKEY_USERS.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-03 23:44 15360]

[HKEY_USERS.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"SIA2006"="C:\Program Files\Steganos Internet Anonym 2006\SIA2006.exe" [2005-11-09 11:35 3063808]

C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\

G DATA Firewall Tray.lnk - C:\Program Files\G DATA\InternetSecurity 2007\Firewall\GDFirewallTray.exe [2008-01-16 07:48:58 866136]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]

"NVSvc"=2 (0x2)

R0 GDNdisIc;GDNdisIc;C:\WINDOWS\system32\drivers\GDNdisIc.sys [2008-01-16 07:49]

R2 AVKProxy;AVKProxy;"C:\Program Files\Common Files\G DATA\AVKProxy\AVKProxy.exe" [2006-09-20 12:10]

R2 AVKService;AVK Service;C:\Program Files\G DATA\InternetSecurity 2007\AVK\AVKService.exe [2006-09-04 10:41]

R2 AVKWCtl;Strażnik AVK;C:\Program Files\G DATA\InternetSecurity 2007\AVK\AVKWCtl.exe [2006-09-11 19:42]

R2 GDTdiInterceptor;GDTdiInterceptor;C:\WINDOWS\system32\drivers\GDTdiIcpt.sys [2007-09-02 17:36]

R3 Amps2prt;A4Tech PS/2 Port Mouse Driver;C:\WINDOWS\system32\DRIVERS\Amps2prt.sys [2006-01-11 07:34]

R3 GDFwSvc;G DATA Personal Firewall;C:\Program Files\G DATA\InternetSecurity 2007\Firewall\GDFwSvc.exe [2006-09-20 14:03]

R3 GDMnIcpt;GDMnIcpt;C:\WINDOWS\system32\drivers\MiniIcpt.sys [2008-01-16 07:49]

R3 HookCentre;HookCentre;C:\WINDOWS\system32\drivers\HookCentre.sys [2008-01-16 07:49]

R3 WFIOCTL;WFIOCTL;C:\Program Files\WinFast\WFTVFM\WFIOCTL.SYS [2005-01-06 15:55]

R4 WINFOXIO;WINFOXIO;C:\WINDOWS\system32\Drivers\WINFOXIO.SYS [2005-03-25 17:24]

S3 gdrv;gdrv;C:\WINDOWS\gdrv.sys [2007-09-02 18:05]

S3 w200bus;Sony Ericsson W200 driver (WDM);C:\WINDOWS\system32\DRIVERS\w200bus.sys [2006-11-07 09:42]

S3 w200mdfl;Sony Ericsson W200 USB WMC Modem Filter;C:\WINDOWS\system32\DRIVERS\w200mdfl.sys [2006-11-07 09:42]

S3 w200mdm;Sony Ericsson W200 USB WMC Modem Driver;C:\WINDOWS\system32\DRIVERS\w200mdm.sys [2006-11-07 09:42]

S3 w200mgmt;Sony Ericsson W200 USB WMC Device Management Drivers (WDM);C:\WINDOWS\system32\DRIVERS\w200mgmt.sys [2006-11-07 09:42]

S3 w200obex;Sony Ericsson W200 USB WMC OBEX Interface;C:\WINDOWS\system32\DRIVERS\w200obex.sys [2006-11-07 09:42]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2{ebadd84f-5953-11dc-99a8-806d6172696f}]

\Shell\AutoRun\command - E:\setup.exe

*Newly Created Service* - PROCEXP90

.

Contents of the 'Scheduled Tasks' folder

"2007-12-27 19:04:13 C:\WINDOWS\Tasks\HP DArC Task #Hewlett-Packard#7600#MY3A232329K2.job"

  • C:\Program Files\HP\hpcoretech\comp\hpdarc.exe$/#Hewlett-Packard#7600#MY3A232329K2

"2008-01-22 19:03:00 C:\WINDOWS\Tasks\HP Usg Daily.job"

  • C:\Program Files\Hewlett-Packard{45B6180B-DCAB-4093-8EE8-6164457517F0}\pexpress\hphped05.exe

.

**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2008-01-23 20:09:43

Windows 5.1.2600 Dodatek Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully

hidden files: 0

**************************************************************************

.

--------------------- DLLs Loaded Under Running Processes ---------------------

PROCESS: C:\WINDOWS\system32\lsass.exe [5.01.2600.2180]

  • C:\Program Files\Secure Surfing Engine\sselsp.dll

.

Completion time: 2008-01-23 20:10:24

Myślę że pomogło.


(Gutek) #4

Zastosuj się do tego Tematu i zmień tytuł tematu na konkretny inaczej KOSZ

Pozdrawiam Gutek2222

Zmiana zasad wklejania logów na forum - viewtopic.php?f=16&t=213350

Masz C:\Program Files\Common Files\G DATA a niżej C:\Program Files\Common Files\Panda Software usuń folder Pandy


(Lukiti) #5

Mam pytanie bo ten problem wrócił i w HijackThis było tylko to F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\system32\printer.exe i to usunołem i myśle że już nie ma problemu.


(Gutek) #6

Pobierz program SDFix

-