Wolna praca systemu


(Tomi1975) #1


(Gutek) #2

wpisy HJT a foldery ręcznie usuwasz

Daj log z ComboFix


(Tomi1975) #3

ComboFix 07-09-13.3 - "Tomek" 2007-09-13 20:34:22.1 - NTFSx86

Microsoft Windows XP Professional 5.1.2600.2.1250.1.1045.18.455 [GMT 2:00]

* Created a new restore point

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

C:\DOCUME~1\Tomek\DANEAP~1\ShoppingReport

C:\DOCUME~1\Tomek\DANEAP~1\ShoppingReport\cs\Config.xml

C:\DOCUME~1\Tomek\DANEAP~1\ShoppingReport\cs\db\Aliases.dbs

C:\DOCUME~1\Tomek\DANEAP~1\ShoppingReport\cs\db\Sites.dbs

C:\DOCUME~1\Tomek\DANEAP~1\ShoppingReport\cs\dwld\WhiteList.xip

C:\DOCUME~1\Tomek\DANEAP~1\ShoppingReport\cs\report\aggr_storage.xml

C:\DOCUME~1\Tomek\DANEAP~1\ShoppingReport\cs\report\send_storage.xml

C:\DOCUME~1\Tomek\DANEAP~1\ShoppingReport\cs\res1\WhiteList.dbs

C:\Program Files\ShoppingReport

C:\Program Files\ShoppingReport\Bin\2.0.22\ShoppingReport.dll

C:\Program Files\ShoppingReport\Uninst.exe

C:\WINDOWS\msvrc20.dll

.

((((((((((((((((((((((((( Files Created from 2007-08-13 to 2007-09-13 )))))))))))))))))))))))))))))))

.

2007-09-13 20:33 51,200 --a------ C:\WINDOWS\NirCmd.exe

2007-09-11 23:35

2007-09-11 22:14

2007-09-10 19:05

2007-08-31 23:56

2007-08-31 23:56

2007-08-30 09:17

2007-08-30 09:16

2007-08-30 09:16

2007-08-26 21:27

2007-08-26 21:27

2007-08-22 09:23

2007-08-15 22:38

2007-08-15 22:04

2007-08-15 21:53

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2007-09-13 15:19 --------- d-------- C:\Program Files\Google

2007-09-12 20:17 --------- d-------- C:\Program Files\eMule

2007-09-11 23:48 --------- d-------- C:\Program Files\PopCap Games

2007-09-11 23:46 --------- d-------- C:\Program Files\Winamp

2007-09-11 16:06 --------- d-------- C:\Program Files\Multi_Media

2007-09-10 18:31 --------- d-------- C:\DOCUME~1\ALLUSE~1\DANEAP~1\Google

2007-09-09 00:03 --------- d-------- C:\DOCUME~1\Tomek\DANEAP~1\URSoft

2007-09-02 17:00 --------- d-------- C:\DOCUME~1\ALLUSE~1\DANEAP~1\PC Suite

2007-08-24 22:38 --------- d-------- C:\DOCUME~1\ALLUSE~1\DANEAP~1\Microsoft Help

2007-08-11 07:06 --------- d-------- C:\DOCUME~1\Tomek\DANEAP~1\Skype

2007-08-10 19:26 --------- d-------- C:\Program Files\Nokia

2007-08-10 19:26 --------- d-------- C:\Program Files\Common Files\PCSuite

2007-08-10 19:26 --------- d-------- C:\Program Files\Common Files\Nokia

2007-08-10 19:25 --------- d-------- C:\Program Files\PC Connectivity Solution

2007-08-10 19:24 --------- d-------- C:\DOCUME~1\ALLUSE~1\DANEAP~1\Installations

2007-08-10 19:17 --------- d-------- C:\DOCUME~1\Tomek\DANEAP~1\Nokia

2007-08-05 19:03 --------- d-------- C:\Program Files\Ashampoo

2007-07-31 22:29 --------- d-------- C:\Program Files\eDonkey Accelerator

2007-07-15 11:02 --------- d-------- C:\Program Files\Kraina Gier

2007-07-14 21:17 --------- d--h----- C:\Program Files\InstallShield Installation Information

2007-07-14 21:10 --------- d-------- C:\DOCUME~1\Tomek\DANEAP~1\InterTrust

2007-06-13 15:23 1034752 --a------ C:\WINDOWS\explorer.exe

2007-05-27 20:19 1526 --a------ C:\Program Files\INSTALL.LOG

2007-03-19 20:13 6422611 --a------ C:\Program Files\temp.000

2007-03-19 20:13 6422611 --------- C:\Program Files\frostwire-4.13.1.6.windows.exe

2004-10-01 15:00 40960 --a------ C:\Program Files\Uninstall_CDS.exe

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"High Definition Audio Property Page Shortcut"="HDAShCut.exe" [2005-01-07 18:07 C:\WINDOWS\system32\HdAShCut.exe]

"RTHDCPL"="RTHDCPL.EXE" [2006-05-18 08:27 C:\WINDOWS\RTHDCPL.exe]

"SkyTel"="SkyTel.EXE" [2006-05-16 12:04 C:\WINDOWS\SkyTel.exe]

"QuickTime Task"="C:\WINDOWS\system32\qttask.exe" [2007-01-02 21:40]

"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" [2007-07-12 04:00]

"HP Software Update"="D:\HP Software Update\HPWuSchd2.exe" [2005-05-12 00:12]

"nod32kui"="C:\Program Files\Eset\nod32kui.exe" [2007-02-11 03:15]

"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-02-13 22:05]

"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 11:50]

"Adobe Reader Speed Launcher"="D:\Reader\Reader_sl.exe" [2007-05-11 03:06]

"WinampAgent"="D:\Winamp\winampa.exe" [2007-05-15 00:22]

"PCSuiteTrayApplication"="C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe" [2007-06-18 15:10]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 01:44]

"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-07-24 21:07]

"RunTheMop"="C:\Program Files\The Mop Team\The Mop 4\themop.exe" []

"Odkurzacz-MCD"="C:\Program Files\Odkurzacz\odk_mcd.exe" [2007-05-03 10:02]

[HKEY_USERS.default\software\microsoft\windows\currentversion\run]

"Nokia.PCSync"=C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog

C:\DOCUME~1\ALLUSE~1\MENUST~1\Programy\AUTOST~1\

Enable Labtec Wireless Desktop.lnk - C:\Program Files\Labtec Wireless Desktop\MagicKey.exe [2007-03-21 23:22:10]

HP Digital Imaging Monitor.lnk - D:\Digital Imaging\bin\hpqtra08.exe [2005-05-12 00:23:26]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]

"DisableRegedit"=0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]

"NoResolveSearch"=1 (0x1)

R1 kbfilter;Keyboard Filter Driver;C:\WINDOWS\system32\drivers\kbfilter.sys

R1 moufiltr;Mouse Filter Driver;C:\WINDOWS\system32\drivers\moufiltr.sys

R1 MUsbFltr;WayTechUSBFilterDriver;C:\WINDOWS\system32\drivers\MUsbFltr.sys

R1 UsbFltr;WayTechUSBFilterDriver;C:\WINDOWS\system32\drivers\UsbFltr.sys

S3 PRODIGY;PRODIGY;C:\WINDOWS\system32\Drivers\PRODIGY.SYS

.

Contents of the 'Scheduled Tasks' folder

"2007-09-10 17:05:59 C:\WINDOWS\Tasks\Norton Security Scan.job"

  • C:\Program Files\Norton Security Scan\Nss.exe

.

**************************************************************************

catchme 0.3.1061 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2007-09-13 20:36:48

Windows 5.1.2600 Dodatek Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully

hidden files: 0

**************************************************************************

.

Completion time: 2007-09-13 20:37:41 - machine was rebooted

C:\ComboFix-quarantined-files.txt ... 2007-09-13 20:37

.

--- E O F ---


(Monczkin) #4

jako03 zabrakło znaczników ?? Proszę to poprawić. Tytuł zmieniono.


(Tomi1975) #5

jakich znaczników


(jessica) #6

Sfiksuj w Hijacku ten bezplikowy wpis:

>>Hijack>>scan(Do a system scan only)>>zaznacz go >> Fix checked.

Log jest czysty.

A jeśli chodzi o sprawę "znaczników":

chodzi o to, by log umieszczać w znacznikach [*quote]Twój log[*/quote], oczywiście bez tych gwiazdek*.

Albo zrób tak: zaznacz cały log i kliknij nad postem przycisk "Quote".

jessi