Wnb
21 Marzec 2008 07:38
#1
Cześć. Chciałbym sprawdzić, co jest tego przyczyną. Z góry dziękuje za sprawdzenie loga.
ComboFix 08-03-20.5 - c 2008-03-21 8:30:48.3 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1250.1.1045.18.64 [GMT 1:00] Running from: D:\Programy\Combofix\ComboFix.exe * Created a new restore point WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED . ((((((((((((((((((((((((( Files Created from 2008-02-21 to 2008-03-21 ))))))))))))))))))))))))))))))) . No new files created in this timespan . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-03-21 07:25 --------- d-----w C:\Documents and Settings\c\Dane aplikacji\foobar2000 2008-03-21 06:45 --------- d-----w C:\Program Files\Kalendarz XP 2008-03-21 00:31 --------- d–h--w C:\Program Files\InstallShield Installation Information 2008-02-01 11:35 --------- d-----w C:\Program Files\Gadu-Gadu 2008-01-24 15:49 --------- d-----w C:\Documents and Settings\c\Dane aplikacji\Tlen.pl 2007-10-30 14:21 61 ----a-w C:\Program Files\launcher_mu.ini . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] “Odkurzacz-MCD”=“C:\Program Files\Odkurzacz\odk_mcd.exe” [2006-08-02 23:46 249856] “DoctorTweakXP”=“C:\Program Files\Fic_Products\DoctorTweak XP\DrTweakXP.exe” [2007-10-01 07:04 463360] “ccleaner”=“C:\Program Files\CCleaner\CCleaner.exe” [2007-11-06 08:31 791792] “ctfmon.exe”=“C:\WINDOWS\system32\ctfmon.exe” [2004-08-03 23:44 15360] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] “avast!”=“C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe” [2007-12-04 14:00 79224] “nForce Tray Options”=“sstray.exe” [2003-06-17 10:18 73728 C:\WINDOWS\system32\sstray.exe] “UnlockerAssistant”=“C:\Program Files\Unlocker\UnlockerAssistant.exe” [2006-09-07 18:19 15872] [HKEY_USERS.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] “CTFMON.EXE”=“C:\WINDOWS\System32\CTFMON.EXE” [2004-08-03 23:44 15360] C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\ Kalendarz XP.lnk - C:\Program Files\Kalendarz XP\Kalendarz.exe [2006-10-16 18:01:21 882176] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] “NoInstrumentation”= 0 (0x0) [HKLM~\startupfolder\C:^Documents and Settings^c^Menu Start^Programy^Autostart^BitTorrent.lnk] backup=C:\WINDOWS\pss\BitTorrent.lnkStartup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CamMonitor] --a------ 2002-10-06 23:23 90112 C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CloneCDTray] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eSkiMoS R2] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Komunikator] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Share-to-Web Namespace Daemon] --a------ 2002-04-17 09:42 69632 C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] --a------ 2006-07-26 02:03 49263 C:\Program Files\Java\jre1.5.0_08\bin\jusched.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent] [HKLM~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] “C:\Program Files\eMule\emule.exe”= R0 si3112r;Silicon Image SiI 3112 SATARaid Controller;C:\WINDOWS\system32\drivers\si3112r.sys [2003-02-24 12:21] R0 SiWinAcc;SiWinAcc;C:\WINDOWS\system32\drivers\SiWinAcc.sys [2003-02-12 12:37] S3 KS-959;MA-620 USB Infrared Adapter;C:\WINDOWS\system32\DRIVERS\KS-959.sys [2005-10-22 09:06] S3 SER120;OTI Serial port driver;C:\WINDOWS\system32\DRIVERS\SER120.sys [2004-12-15 10:32] S3 SF-620;Kingsun SF-620 USB Infrared Adapter;C:\WINDOWS\system32\DRIVERS\SF-620.sys [2004-08-12 03:18] . Contents of the ‘Scheduled Tasks’ folder “2008-03-14 16:15:02 C:\WINDOWS\Tasks\1-Click Maintenance.job” - C:\Program Files\TuneUp Utilities 2006\SystemOptimizer.exe . ************************************************************************** catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-03-21 08:32:36 Windows 5.1.2600 Dodatek Service Pack 2 NTFS scanning hidden processes … scanning hidden autostart entries … scanning hidden files … scan completed successfully hidden files: 0 ************************************************************************** . --------------------- DLLs Loaded Under Running Processes --------------------- PROCESS: C:\WINDOWS\explorer.exe - C:\Program Files\Unlocker\UnlockerHook.dll . Completion time: 2008-03-21 8:33:39 . 2008-03-12 22:56:30 — E O F —
ProAgent
21 Marzec 2008 09:24
#2
MagiK19
21 Marzec 2008 14:16
#3
Daj jeszcze loga z HijackThis,
jeszcze takie pytanie: kiedy miałeś format ??
Jak dawno to sie nie dziw…
dawidek11
21 Marzec 2008 14:47
#4
Wklej do notatnika:
>>Plik>>Zapisz jako… >>> CFScript (najwygodniej będzie, jeśli zapiszesz w takiej lokalizacji, by ikonka CFScript.txt znalazła się obok ikonki ComboFix.exe)
Przeciągnij i upuść plik CFScript.txt na plik ComboFix.exe (czyli ikonkę CFScript.txt na ikonkę ComboFix.exe)
Nic innego nie widzę .
Optymalizacja XP: http://forum.dobreprogramy.pl/viewtopic.php?t=76580
Czyszczenie rejestru:
RegCleaner - http://www.dobreprogramy.pl/index.php?dz=2t=29id=177
możesz rejestr przelecieć albo
jv16 PowerTool s - http://www.dobreprogramy.pl/index.php?dz=2t=29id=509
Opis RegCleaner - http://www.agavk.p9.pl/strony/progra_regcleaner.php
Zobacz - Obsługa jv16 PowerTools http://forum.dobreprogramy.pl/viewtopic.php?t=106816highlight=jv16+powertools+++++++195
http://forum.dobreprogramy.pl/viewtopic.php?t=106816highlight=jv16+powertools+++++++195