po kilku minutach na internecie zwalnia prace dlugie oczekiwania na otwarcie stron czy ktos moze zkontrolowac moje logi

Log czysty.

Możesz dać jeszcze log z ComboFix (na dole tej strony z linku) -

Log wklej na http://wklej.org/, a w poście daj tylko link.(czyli skopiuj adres z paska adresów) .

jessi

ComboFix 07-10-23.2 - pioter 2007-10-27 11.00.56.2 - NTFSx86

Microsoft Windows XP Home Edition 5.1.2600.2.1250.48.1040.18.137 [GMT 2:00]

Running from: C:\Documents and Settings\pioter\Desktop\ComboFix.exe

* Created a new restore point

.

((((((((((((((((((((((((( Files Created from 2007-09-27 to 2007-10-27 )))))))))))))))))))))))))))))))

.

2007-10-24 19:09

2007-10-16 19:43 502,368 --a------ C:\WINDOWS\system32\drivers\amon.sys

2007-10-16 19:43 270,336 --a------ C:\WINDOWS\system32\imon.dll

2007-10-13 19:12

2007-10-13 09:30

2007-10-13 09:20

2007-10-13 09:20

2007-10-13 09:20

2007-10-12 18:48

2007-10-12 15:41 51,200 --a------ C:\WINDOWS\NirCmd.exe

2007-10-12 14:14

2007-10-11 21:55

2007-10-10 12:28 582,656 -----c— C:\WINDOWS\system32\dllcache\rpcrt4.dll

2007-10-09 10:32

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2007-10-26 13:37 --------- d-----w C:\Programmi\Windows Live Safety Center

2007-10-25 19:46 --------- d-----w C:\Programmi\eMule

2007-10-24 17:49 --------- d-----w C:\Documents and Settings\pioter\Dati applicazioni\Skype

2007-10-17 13:55 --------- d-----w C:\Documents and Settings\monika\Dati applicazioni\Canon

2007-10-13 20:22 --------- d-----w C:\Documents and Settings\pioter\Dati applicazioni\Canon

2007-10-12 16:10 --------- d-----w C:\Documents and Settings\pioter\Dati applicazioni\Sony Corporation

2007-10-09 08:34 --------- d-----w C:\Documents and Settings\monika\Dati applicazioni\InsideSend

2007-10-06 20:44 --------- d-----w C:\Programmi\Google

2007-10-06 15:38 --------- d-----w C:\Programmi\a-squared Free

2007-10-05 17:45 --------- d-----w C:\Programmi\BearShare Applications

2007-10-05 17:22 9,344 ----a-w C:\WINDOWS\system32\drivers\NSDriver.sys

2007-10-05 17:22 8,320 ----a-w C:\WINDOWS\system32\drivers\AWRTRD.sys

2007-09-14 18:08 --------- d-----w C:\Documents and Settings\monika\Dati applicazioni\Apple Computer

2007-09-10 17:21 --------- d–h--w C:\Programmi\InstallShield Installation Information

2007-09-10 17:21 --------- d-----w C:\Programmi\TILAB

2007-09-08 17:52 --------- d-----w C:\Documents and Settings\pioter\Dati applicazioni\U3

2007-09-08 12:55 --------- d-----w C:\Documents and Settings\monika\Dati applicazioni\U3

2007-09-04 14:35 --------- d-----w C:\Documents and Settings\monika\Dati applicazioni\Screenshot Sender

2007-09-02 10:56 --------- d-----w C:\Programmi\Lavasoft

2007-09-02 10:55 --------- d-----w C:\Programmi\File comuni\Wise Installation Wizard

2007-09-01 16:57 --------- d-----w C:\Programmi\Desktop XP

2007-09-01 16:57 --------- d-----w C:\Programmi\Adverts

2007-08-30 15:37 --------- d-----w C:\Documents and Settings\pioter\Dati applicazioni\CoSoSys

2007-08-21 06:16 683,520 ----a-w C:\WINDOWS\system32\inetcomm.dll

2007-08-11 18:00 108,144 -c–a-w C:\WINDOWS\system32\CmdLineExt.dll

2007-07-30 17:19 92,504 ----a-w C:\WINDOWS\system32\cdm.dll

2007-07-30 17:19 549,720 ----a-w C:\WINDOWS\system32\wuapi.dll

2007-07-30 17:19 53,080 ----a-w C:\WINDOWS\system32\wuauclt.exe

2007-07-30 17:19 43,352 ----a-w C:\WINDOWS\system32\wups2.dll

2007-07-30 17:19 325,976 ----a-w C:\WINDOWS\system32\wucltui.dll

2007-07-30 17:19 203,096 ----a-w C:\WINDOWS\system32\wuweb.dll

2007-07-30 17:19 1,712,984 ----a-w C:\WINDOWS\system32\wuaueng.dll

2007-07-30 17:18 33,624 ----a-w C:\WINDOWS\system32\wups.dll

2006-11-11 16:20 8,935 ----a-w C:\Documents and Settings\pioter\vwfsbvec.exe

2006-03-02 20:58 471,704 -c–a-w C:\Programmi\sounds.exe

2006-02-25 22:34 9,961,168 ----a-w C:\Programmi\Onet-SkypeSetup.exe

2006-01-24 18:21 77,177,911 -c–a-w C:\Programmi\SOAVMS-00900304-UN.exe

2006-01-22 22:16 4,272,232 -c–a-w C:\Programmi\subedit+codecpack_pl.exe

2006-01-21 23:34 23,649,848 -c–a-w C:\Programmi\AdbeRdr705_ita_full.exe

2006-01-21 23:29 7,226,000 -c–a-w C:\Programmi\psa30se_it_it.exe

2006-01-21 23:27 762,512 -c–a-w C:\Programmi\ytb612_efgsip.exe

2005-11-15 19:39 6,083,440 -c–a-w C:\Programmi\winamp5112_full_emusic-7plus.exe

2004-11-24 08:42 41,887 -c–a-w C:\Programmi\Italian.lng

2004-11-24 08:42 1,665,325 -c–a-w C:\Programmi\agsetup.exe

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

“LgWDskTp”=“C:\Programmi\Wireless Desktop\LgWDskTp.exe” [2003-10-29 02:00]

“Logitech Utility”=“Logi_MwX.Exe” [2003-07-22 19:24 C:\WINDOWS\Logi_MwX.Exe]

“HKSERV.EXE”=“C:\Programmi\Sony\HotKey Utility\HKserv.exe” [2003-08-14 11:00]

“ezShieldProtector for Px”=“C:\WINDOWS\System32\ezSP_Px.exe” [2002-08-20 11:29]

“QuickTime Task”=“C:\Programmi\QuickTime\qttask.exe” [2007-06-29 06:24]

“Drag’n Drop CD+DVD”=“C:\Programmi\drag’n drop cd+dvd\BinFiles\DragDrop.exe” [2003-08-08 19:54]

“BluetoothAuthenticationAgent”=“bthprops.cpl” [2004-08-19 16:39 C:\WINDOWS\system32\bthprops.cpl]

“Adobe Photo Downloader”=“C:\Programmi\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe” [2005-07-07 19:41]

“Omnipage”=“C:\Programmi\ScanSoft\OmniPageSE\opware32.exe” [2002-06-03 12:38]

“WinampAgent”=“C:\Programmi\Winamp\winampa.exe” [2005-11-15 21:31]

“DAEMON Tools”=“C:\Programmi\DAEMON Tools\daemon.exe” [2005-11-09 00:00]

“snpstd”=“C:\WINDOWS\vsnpstd.exe” [2003-12-31 17:39]

“NWEReboot”="" []

“NeroFilterCheck”=“C:\WINDOWS\system32\NeroCheck.exe” [2001-07-09 12:50]

“SsAAD.exe”=“C:\PROGRA~1\sony\SONICS~1\SsAAD.exe” [2005-09-27 06:59]

“SunJavaUpdateSched”=“C:\Programmi\Java\jre1.6.0_02\bin\jusched.exe” [2007-07-12 04:00]

“SiS Tray”="" []

“SiS KHooker”=“C:\WINDOWS\system32\khooker.exe” []

“Onet.pl AutoUpdate”=“C:\Programmi\Common Files\Onet.pl\AutoUpdate.exe” [2005-07-27 11:59]

“PCSuiteTrayApplication”=“C:\Programmi\Nokia\Nokia PC Suite 6\LaunchApplication.exe” [2007-03-23 13:20]

“iTunesHelper”=“C:\Programmi\iTunes\iTunesHelper.exe” [2007-07-10 09:18]

“nod32kui”=“C:\Programmi\Eset\nod32kui.exe” [2007-10-16 19:43]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

“BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}”=“C:\Programmi\File comuni\Ahead\lib\NMBgMonitor.exe” [2005-09-03 16:18]

“updateMgr”=“C:\Programmi\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe” [2006-03-30 17:45]

“swg”=“C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe” [2007-07-09 19:15]

“BitTorrent”=“C:\Programmi\BitTorrent\bittorrent.exe” []

“4 UPLOAD”=“C:\DOCUME~1\pioter\DATIAP~1\INSIDE~1\16 third help.exe” []

“ctfmon.exe”=“C:\WINDOWS\system32\ctfmon.exe” [2004-08-19 16:39]

[HKEY_USERS.default\software\microsoft\windows\currentversion\runonce]

“IETI”=C:\Programmi\Skype\Phone\IEPlugin\unins000.exe /VERYSILENT /SUPPRESSMSGBOXES /NORESTART

[HKEY_USERS.default\software\microsoft\windows\currentversion\run]

“Nokia.PCSync”=C:\Programmi\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog

R3 HSFHWSIS;HSFHWSIS;C:\WINDOWS\system32\DRIVERS\HSFHWSIS.sys

R3 LCcfltr;Logitech USB Filter Driver;C:\WINDOWS\system32\Drivers\LCcFltr.Sys

R3 SMSCMS;SMSC LPC Memory Stick Host Controller;C:\WINDOWS\system32\DRIVERS\SMSCMS.sys

R3 usbscan;Driver scanner USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys

S2 CoachCap;FUJIFILM EX-10/EX-20 PC V1.00;C:\WINDOWS\system32\drivers\CoachCap.sys

S3 naecd;naecd;??\C:\DOCUME~1\pioter\IMPOST~1\Temp\naecd.sys

S3 USBSTOR;Driver archiviazione di massa USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2{3282dccc-5e01-11dc-a0bb-0013c84b11e0}]

AutoRun\command - H:\LaunchU3.exe -a

.

Contents of the ‘Scheduled Tasks’ folder

“2007-10-27 09:00:00 C:\WINDOWS\Tasks\A81FBF7C918837A4.job”

.

**************************************************************************

catchme 0.3.1232 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2007-10-27 11:03:47

Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes …

scanning hidden autostart entries …

scanning hidden files …

**************************************************************************

.

Completion time: 2007-10-27 11.05.09

C:\ComboFix2.txt … 2007-10-12 15:58

.

— E O F —

Nie wiem, co to za folder. Znasz go?

Maszczęść infekcji “LOP”, ale nie widzę pozostałych części - czyżby infekcja była dłużej niż 90 dni?

Wklej do Notatnika :

File::

C:\WINDOWS\Tasks\A81FBF7C918837A4.job

>>Plik>>Zapisz jako… >>> CFScript (najwygodniej będzie, jeśli zapiszesz w takiej lokalizacji, by ikonka CFScript.txt znalazła się obok ikonki ComboFix.exe )

Przeciągnij i upuść plik CFScript.txt na plik ComboFix.exe (czyli ikonkę CFScript.txt na ikonkę ComboFix.exe )

– podobnie jak na tym obrazku –>

(jeśli pojawi się pytanie " 1 or 2" - to wpisz 1 i naciśnij ENTER) Ma się rozpocząć usuwanie. (i powstanie log)

Po restarcie usuń ręcznie folder C: ** Qoobox**.

Daj ten log.

jessi

Powtórz usuwanie, bo przy wklejaniu zgubiłeś jedną literkę.

jessi

przepraszam za moja nie obecnosc juz wysylam

No, teraz usuwanie przebiegło prawidłowo.

Co jest w tym folderze:

2007-10-13 09:20

jessi

to jest chyba za trudne pytanie dla mnie

Złączono Posta : 27.10.2007 (Sob) 22:34

C:\WINDOWS\system32%SystemDrive%\Documents and Settings\pioter\Dati applicazioni\Microsoft\CryptnetUrlCache

A44F4E7CB3133FF765C39A53AD8FCFDD

C:\WINDOWS\system32%SystemDrive%\Documents and Settings\pioter\Dati applicazioni\Microsoft\CryptnetUrlCache

A44F4E7CB3133FF765C39A53AD8FCFDD

Powinno być Ok

Na koniec:

Pobierz program SDFix

Złączono Posta : 28.10.2007 (Nie) 21:42

SDFix nic nie wykrył.

jessi

dziekuje za pomoc

Zbędniki w Autostracie

Optymalizacja XP : http://forum.dobreprogramy.pl/viewtopic.php?t=76580

Optymalizacja i odchudzanie XP

Podstawy optymalizacji systemu windows xp :

http://forum.dobreprogramy.pl/viewtopic … ymalizacja