po kilku minutach na internecie zwalnia prace dlugie oczekiwania na otwarcie stron czy ktos moze zkontrolowac moje logi
Log czysty.
Możesz dać jeszcze log z ComboFix (na dole tej strony z linku) -
Log wklej na http://wklej.org/, a w poście daj tylko link.(czyli skopiuj adres z paska adresów) .
jessi
ComboFix 07-10-23.2 - pioter 2007-10-27 11.00.56.2 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1250.48.1040.18.137 [GMT 2:00]
Running from: C:\Documents and Settings\pioter\Desktop\ComboFix.exe
* Created a new restore point
.
((((((((((((((((((((((((( Files Created from 2007-09-27 to 2007-10-27 )))))))))))))))))))))))))))))))
.
2007-10-24 19:09
2007-10-16 19:43 502,368 --a------ C:\WINDOWS\system32\drivers\amon.sys
2007-10-16 19:43 270,336 --a------ C:\WINDOWS\system32\imon.dll
2007-10-13 19:12
2007-10-13 09:30
2007-10-13 09:20
2007-10-13 09:20
2007-10-13 09:20
2007-10-12 18:48
2007-10-12 15:41 51,200 --a------ C:\WINDOWS\NirCmd.exe
2007-10-12 14:14
2007-10-11 21:55
2007-10-10 12:28 582,656 -----c— C:\WINDOWS\system32\dllcache\rpcrt4.dll
2007-10-09 10:32
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-10-26 13:37 --------- d-----w C:\Programmi\Windows Live Safety Center
2007-10-25 19:46 --------- d-----w C:\Programmi\eMule
2007-10-24 17:49 --------- d-----w C:\Documents and Settings\pioter\Dati applicazioni\Skype
2007-10-17 13:55 --------- d-----w C:\Documents and Settings\monika\Dati applicazioni\Canon
2007-10-13 20:22 --------- d-----w C:\Documents and Settings\pioter\Dati applicazioni\Canon
2007-10-12 16:10 --------- d-----w C:\Documents and Settings\pioter\Dati applicazioni\Sony Corporation
2007-10-09 08:34 --------- d-----w C:\Documents and Settings\monika\Dati applicazioni\InsideSend
2007-10-06 20:44 --------- d-----w C:\Programmi\Google
2007-10-06 15:38 --------- d-----w C:\Programmi\a-squared Free
2007-10-05 17:45 --------- d-----w C:\Programmi\BearShare Applications
2007-10-05 17:22 9,344 ----a-w C:\WINDOWS\system32\drivers\NSDriver.sys
2007-10-05 17:22 8,320 ----a-w C:\WINDOWS\system32\drivers\AWRTRD.sys
2007-09-14 18:08 --------- d-----w C:\Documents and Settings\monika\Dati applicazioni\Apple Computer
2007-09-10 17:21 --------- d–h--w C:\Programmi\InstallShield Installation Information
2007-09-10 17:21 --------- d-----w C:\Programmi\TILAB
2007-09-08 17:52 --------- d-----w C:\Documents and Settings\pioter\Dati applicazioni\U3
2007-09-08 12:55 --------- d-----w C:\Documents and Settings\monika\Dati applicazioni\U3
2007-09-04 14:35 --------- d-----w C:\Documents and Settings\monika\Dati applicazioni\Screenshot Sender
2007-09-02 10:56 --------- d-----w C:\Programmi\Lavasoft
2007-09-02 10:55 --------- d-----w C:\Programmi\File comuni\Wise Installation Wizard
2007-09-01 16:57 --------- d-----w C:\Programmi\Desktop XP
2007-09-01 16:57 --------- d-----w C:\Programmi\Adverts
2007-08-30 15:37 --------- d-----w C:\Documents and Settings\pioter\Dati applicazioni\CoSoSys
2007-08-21 06:16 683,520 ----a-w C:\WINDOWS\system32\inetcomm.dll
2007-08-11 18:00 108,144 -c–a-w C:\WINDOWS\system32\CmdLineExt.dll
2007-07-30 17:19 92,504 ----a-w C:\WINDOWS\system32\cdm.dll
2007-07-30 17:19 549,720 ----a-w C:\WINDOWS\system32\wuapi.dll
2007-07-30 17:19 53,080 ----a-w C:\WINDOWS\system32\wuauclt.exe
2007-07-30 17:19 43,352 ----a-w C:\WINDOWS\system32\wups2.dll
2007-07-30 17:19 325,976 ----a-w C:\WINDOWS\system32\wucltui.dll
2007-07-30 17:19 203,096 ----a-w C:\WINDOWS\system32\wuweb.dll
2007-07-30 17:19 1,712,984 ----a-w C:\WINDOWS\system32\wuaueng.dll
2007-07-30 17:18 33,624 ----a-w C:\WINDOWS\system32\wups.dll
2006-11-11 16:20 8,935 ----a-w C:\Documents and Settings\pioter\vwfsbvec.exe
2006-03-02 20:58 471,704 -c–a-w C:\Programmi\sounds.exe
2006-02-25 22:34 9,961,168 ----a-w C:\Programmi\Onet-SkypeSetup.exe
2006-01-24 18:21 77,177,911 -c–a-w C:\Programmi\SOAVMS-00900304-UN.exe
2006-01-22 22:16 4,272,232 -c–a-w C:\Programmi\subedit+codecpack_pl.exe
2006-01-21 23:34 23,649,848 -c–a-w C:\Programmi\AdbeRdr705_ita_full.exe
2006-01-21 23:29 7,226,000 -c–a-w C:\Programmi\psa30se_it_it.exe
2006-01-21 23:27 762,512 -c–a-w C:\Programmi\ytb612_efgsip.exe
2005-11-15 19:39 6,083,440 -c–a-w C:\Programmi\winamp5112_full_emusic-7plus.exe
2004-11-24 08:42 41,887 -c–a-w C:\Programmi\Italian.lng
2004-11-24 08:42 1,665,325 -c–a-w C:\Programmi\agsetup.exe
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
“LgWDskTp”=“C:\Programmi\Wireless Desktop\LgWDskTp.exe” [2003-10-29 02:00]
“Logitech Utility”=“Logi_MwX.Exe” [2003-07-22 19:24 C:\WINDOWS\Logi_MwX.Exe]
“HKSERV.EXE”=“C:\Programmi\Sony\HotKey Utility\HKserv.exe” [2003-08-14 11:00]
“ezShieldProtector for Px”=“C:\WINDOWS\System32\ezSP_Px.exe” [2002-08-20 11:29]
“QuickTime Task”=“C:\Programmi\QuickTime\qttask.exe” [2007-06-29 06:24]
“Drag’n Drop CD+DVD”=“C:\Programmi\drag’n drop cd+dvd\BinFiles\DragDrop.exe” [2003-08-08 19:54]
“BluetoothAuthenticationAgent”=“bthprops.cpl” [2004-08-19 16:39 C:\WINDOWS\system32\bthprops.cpl]
“Adobe Photo Downloader”=“C:\Programmi\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe” [2005-07-07 19:41]
“Omnipage”=“C:\Programmi\ScanSoft\OmniPageSE\opware32.exe” [2002-06-03 12:38]
“WinampAgent”=“C:\Programmi\Winamp\winampa.exe” [2005-11-15 21:31]
“DAEMON Tools”=“C:\Programmi\DAEMON Tools\daemon.exe” [2005-11-09 00:00]
“snpstd”=“C:\WINDOWS\vsnpstd.exe” [2003-12-31 17:39]
“NWEReboot”="" []
“NeroFilterCheck”=“C:\WINDOWS\system32\NeroCheck.exe” [2001-07-09 12:50]
“SsAAD.exe”=“C:\PROGRA~1\sony\SONICS~1\SsAAD.exe” [2005-09-27 06:59]
“SunJavaUpdateSched”=“C:\Programmi\Java\jre1.6.0_02\bin\jusched.exe” [2007-07-12 04:00]
“SiS Tray”="" []
“SiS KHooker”=“C:\WINDOWS\system32\khooker.exe” []
“Onet.pl AutoUpdate”=“C:\Programmi\Common Files\Onet.pl\AutoUpdate.exe” [2005-07-27 11:59]
“PCSuiteTrayApplication”=“C:\Programmi\Nokia\Nokia PC Suite 6\LaunchApplication.exe” [2007-03-23 13:20]
“iTunesHelper”=“C:\Programmi\iTunes\iTunesHelper.exe” [2007-07-10 09:18]
“nod32kui”=“C:\Programmi\Eset\nod32kui.exe” [2007-10-16 19:43]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
“BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}”=“C:\Programmi\File comuni\Ahead\lib\NMBgMonitor.exe” [2005-09-03 16:18]
“updateMgr”=“C:\Programmi\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe” [2006-03-30 17:45]
“swg”=“C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe” [2007-07-09 19:15]
“BitTorrent”=“C:\Programmi\BitTorrent\bittorrent.exe” []
“4 UPLOAD”=“C:\DOCUME~1\pioter\DATIAP~1\INSIDE~1\16 third help.exe” []
“ctfmon.exe”=“C:\WINDOWS\system32\ctfmon.exe” [2004-08-19 16:39]
[HKEY_USERS.default\software\microsoft\windows\currentversion\runonce]
“IETI”=C:\Programmi\Skype\Phone\IEPlugin\unins000.exe /VERYSILENT /SUPPRESSMSGBOXES /NORESTART
[HKEY_USERS.default\software\microsoft\windows\currentversion\run]
“Nokia.PCSync”=C:\Programmi\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
R3 HSFHWSIS;HSFHWSIS;C:\WINDOWS\system32\DRIVERS\HSFHWSIS.sys
R3 LCcfltr;Logitech USB Filter Driver;C:\WINDOWS\system32\Drivers\LCcFltr.Sys
R3 SMSCMS;SMSC LPC Memory Stick Host Controller;C:\WINDOWS\system32\DRIVERS\SMSCMS.sys
R3 usbscan;Driver scanner USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys
S2 CoachCap;FUJIFILM EX-10/EX-20 PC V1.00;C:\WINDOWS\system32\drivers\CoachCap.sys
S3 naecd;naecd;??\C:\DOCUME~1\pioter\IMPOST~1\Temp\naecd.sys
S3 USBSTOR;Driver archiviazione di massa USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2{3282dccc-5e01-11dc-a0bb-0013c84b11e0}]
AutoRun\command - H:\LaunchU3.exe -a
.
Contents of the ‘Scheduled Tasks’ folder
“2007-10-27 09:00:00 C:\WINDOWS\Tasks\A81FBF7C918837A4.job”
.
**************************************************************************
catchme 0.3.1232 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-10-27 11:03:47
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes …
scanning hidden autostart entries …
scanning hidden files …
**************************************************************************
.
Completion time: 2007-10-27 11.05.09
C:\ComboFix2.txt … 2007-10-12 15:58
.
— E O F —
Nie wiem, co to za folder. Znasz go?
Maszczęść infekcji “LOP”, ale nie widzę pozostałych części - czyżby infekcja była dłużej niż 90 dni?
Wklej do Notatnika :
File::
C:\WINDOWS\Tasks\A81FBF7C918837A4.job
>>Plik>>Zapisz jako… >>> CFScript (najwygodniej będzie, jeśli zapiszesz w takiej lokalizacji, by ikonka CFScript.txt znalazła się obok ikonki ComboFix.exe )
Przeciągnij i upuść plik CFScript.txt na plik ComboFix.exe (czyli ikonkę CFScript.txt na ikonkę ComboFix.exe )
– podobnie jak na tym obrazku –>
(jeśli pojawi się pytanie " 1 or 2" - to wpisz 1 i naciśnij ENTER) Ma się rozpocząć usuwanie. (i powstanie log)
Po restarcie usuń ręcznie folder C: ** Qoobox**.
Daj ten log.
jessi
Powtórz usuwanie, bo przy wklejaniu zgubiłeś jedną literkę.
jessi
przepraszam za moja nie obecnosc juz wysylam
No, teraz usuwanie przebiegło prawidłowo.
Co jest w tym folderze:
2007-10-13 09:20
jessi
to jest chyba za trudne pytanie dla mnie
Złączono Posta : 27.10.2007 (Sob) 22:34
C:\WINDOWS\system32%SystemDrive%\Documents and Settings\pioter\Dati applicazioni\Microsoft\CryptnetUrlCache
A44F4E7CB3133FF765C39A53AD8FCFDD
C:\WINDOWS\system32%SystemDrive%\Documents and Settings\pioter\Dati applicazioni\Microsoft\CryptnetUrlCache
A44F4E7CB3133FF765C39A53AD8FCFDD
Złączono Posta : 28.10.2007 (Nie) 21:42
SDFix nic nie wykrył.
jessi
dziekuje za pomoc
Optymalizacja XP : http://forum.dobreprogramy.pl/viewtopic.php?t=76580
Optymalizacja i odchudzanie XP
Podstawy optymalizacji systemu windows xp :