ďťż
 
 
 
 

Wštki
Słaby transfer i połowa stron sie nie wyświetla


castrolr1 - Wto Sie 05, 2008 1:39 pm
Witam Jestem w tej chwili na obozie siatkarskim po zamontowaniu kabla (internetu do laptopa) przez pierwszy dzien wszystko dzialalo ok szybki net ok 2mb/s w tej chwili zasysa mi gora z predkoscia 30kb/s .. i polowa stron nie chce sie wyswietlac .. czy mzoe byc to spowodowane z gory dizeki za odpowiedz pozdrawiam



castrolr1 - Śro Sie 06, 2008 10:01 am
dodam ze mam windowsa w wersji angielskiej moze cos nie tak z kodowaniem ???


huber2t - Śro Sie 06, 2008 10:14 am
Podaj log z Combofix do działu bezpieczeństwo


castrolr1 - Śro Sie 06, 2008 11:46 am
ComboFix 08-08-04.09 - Daniel 2008-08-06 13:37:31.1 - NTFSx86
Running from: C:\Documents and Settings\Daniel\Desktop\ComboFix.exe
* Created a new restore point
* Resident AV is active

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Windows Media\10.0\WMSDKNSD.XML

.
((((((((((((((((((((((((( Files Created from 2008-07-06 to 2008-08-06 )))))))))))))))))))))))))))))))
.

2008-08-06 08:47 . 2008-08-06 08:47 <DIR> d-------- C:\Documents and Settings\Daniel\Application Data\Media Player Classic
2008-08-06 08:46 . 2008-08-06 08:46 <DIR> d-------- C:\Program Files\Real Alternative
2008-08-05 22:41 . 2008-08-05 22:41 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\GRETECH
2008-08-05 22:40 . 2008-08-05 22:40 <DIR> d-------- C:\Program Files\GRETECH
2008-08-05 22:40 . 2008-08-05 22:40 <DIR> d-------- C:\Documents and Settings\Daniel\Application Data\GRETECH
2008-08-04 20:39 . 2008-08-04 20:39 <DIR> d-------- C:\Program Files\foobar2000
2008-08-04 20:39 . 2008-08-06 12:49 <DIR> d-------- C:\Documents and Settings\Daniel\Application Data\foobar2000
2008-08-04 18:30 . 2008-08-04 18:30 <DIR> d-------- C:\Program Files\ffdshow
2008-08-04 18:30 . 2008-01-01 00:00 60,273 --a------ C:\WINDOWS\system32\pthreadGC2.dll
2008-08-04 18:30 . 2008-08-01 22:21 7,680 --a------ C:\WINDOWS\system32\ff_vfw.dll
2008-08-04 18:30 . 2008-01-01 00:00 547 --a------ C:\WINDOWS\system32\ff_vfw.dll.manifest
2008-08-04 15:03 . 2008-08-04 15:03 <DIR> d-------- C:\Program Files\MarBit
2008-08-04 12:36 . 2008-08-04 12:38 <DIR> d-------- C:\Program Files\BearShare
2008-08-04 12:36 . 2008-08-04 12:36 <DIR> d-------- C:\My Downloads
2008-08-04 12:25 . 2001-08-17 13:48 12,160 --a------ C:\WINDOWS\system32\drivers\mouhid.sys
2008-08-04 12:25 . 2001-08-17 13:48 12,160 --a--c--- C:\WINDOWS\system32\dllcache\mouhid.sys
2008-08-04 12:25 . 2001-08-17 14:02 9,600 --a------ C:\WINDOWS\system32\drivers\hidusb.sys
2008-08-04 12:25 . 2001-08-17 14:02 9,600 --a--c--- C:\WINDOWS\system32\dllcache\hidusb.sys
2008-08-04 05:18 . 2008-08-04 05:18 <DIR> d-------- C:\Documents and Settings\Daniel\Application Data\Gadu-Gadu
2008-08-04 05:13 . 2008-08-04 05:13 <DIR> d-------- C:\Program Files\Gadu-Gadu
2008-08-04 05:13 . 2008-08-05 18:46 <DIR> d-------- C:\Documents and Settings\Daniel\Gadu-Gadu
2008-08-04 04:56 . 2008-08-06 13:39 <DIR> d-------- C:\Documents and Settings\Daniel\Application Data\Azureus
2008-08-04 04:56 . 2008-08-04 04:56 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Azureus
2008-08-04 04:55 . 2008-06-10 02:32 73,728 --a------ C:\WINDOWS\system32\javacpl.cpl
2008-08-04 04:52 . 2008-08-04 04:52 <DIR> d-------- C:\Program Files\Konnekt
2008-08-04 04:52 . 2008-08-04 04:52 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\stamina
2008-08-04 04:49 . 2008-08-04 04:56 <DIR> d-------- C:\Program Files\Vuze
2008-08-04 04:49 . 2008-08-04 04:49 <DIR> d-------- C:\Program Files\AskSBar
2008-08-04 03:43 . 2008-08-06 09:17 <DIR> d-------- C:\Program Files\eMule
2008-08-02 18:59 . 2005-11-04 20:25 <DIR> d-------- C:\Documents and Settings\Daniel\WINDOWS
2008-08-02 18:59 . 2005-11-04 21:10 <DIR> d-------- C:\Documents and Settings\Daniel\Application Data\You've Got Pictures Screensaver
2008-08-02 18:59 . 2005-11-04 20:39 <DIR> d-------- C:\Documents and Settings\Daniel\Application Data\toshiba
2008-08-02 18:59 . 2005-11-04 21:05 <DIR> d-------- C:\Documents and Settings\Daniel\Application Data\Intuit
2008-08-02 18:59 . 2005-11-29 15:25 <DIR> d-------- C:\Documents and Settings\Daniel\Application Data\ATI
2008-08-02 18:59 . 2005-11-04 21:18 <DIR> d-------- C:\Documents and Settings\Daniel\Application Data\AOL
2008-08-02 18:59 . 2008-08-04 05:13 <DIR> d-------- C:\Documents and Settings\Daniel
2008-08-02 18:59 . 2004-08-04 05:00 221,184 --a------ C:\WINDOWS\system32\wmpns.dll
2008-08-02 18:58 . 2005-11-04 20:25 <DIR> d-------- C:\WINDOWS\system32\config\systemprofile\WINDOWS
2008-08-02 18:58 . 2008-08-02 18:58 <DIR> d-------- C:\Program Files\Atheros
2008-08-02 18:58 . 2005-11-04 20:25 <DIR> d-------- C:\Documents and Settings\Default User\WINDOWS
2008-08-02 18:56 . 2008-08-02 18:56 8,192 --a------ C:\WINDOWS\REGLOCS.OLD
2008-08-02 18:54 . 2008-08-06 11:49 <DIR> d-------- C:\WINDOWS\system32\DLA
2008-08-02 18:54 . 2005-08-01 05:10 94,263 --a------ C:\WINDOWS\DLA.EXE
2008-08-02 18:54 . 2005-07-28 03:30 88,704 --a------ C:\WINDOWS\system32\drivers\DRVMCDB.SYS
2008-08-02 18:54 . 2005-08-01 05:10 61,500 --a------ C:\WINDOWS\system32\DLAAPI_W.DLL
2008-08-02 18:54 . 2005-07-07 05:10 40,544 --a------ C:\WINDOWS\system32\drivers\DRVNDDM.SYS
2008-08-02 18:54 . 2005-07-07 09:02 22,684 --a------ C:\WINDOWS\system32\drivers\DLARTL_N.SYS
2008-08-02 18:54 . 2005-07-07 09:03 5,628 --a------ C:\WINDOWS\system32\drivers\DLACDBHM.SYS
2008-08-02 18:54 . 2008-08-02 18:54 61 --a------ C:\WINDOWS\smscfg.ini
2008-08-02 18:53 . 2004-02-22 18:01 192,512 --a------ C:\WINDOWS\system32\AdavVideoDec.dll
2008-08-02 18:53 . 2003-12-18 09:03 126,976 --a------ C:\WINDOWS\system32\AdavAudioDec.dll
2008-08-02 18:53 . 2004-02-26 10:34 110,592 --a------ C:\WINDOWS\system32\ArcSpl.ax
2008-08-02 18:53 . 2004-02-22 18:01 48,128 --a------ C:\WINDOWS\system32\mpgvideo.ax
2008-08-02 18:53 . 2003-12-18 09:03 47,616 --a------ C:\WINDOWS\system32\mpgaudio.ax
2008-08-02 18:53 . 2003-09-19 15:45 21,248 --a------ C:\WINDOWS\system32\drivers\pfc.sys
2008-08-02 18:51 . 1995-08-01 04:44 212,480 --a------ C:\WINDOWS\PCDLIB32.DLL
2008-08-02 18:51 . 2002-09-29 10:56 139,264 --a------ C:\WINDOWS\system32\PhotoBase Screen Saver.scr
2008-08-02 18:50 . 2008-08-02 18:50 <DIR> d-------- C:\Program Files\ArcSoft

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-08-06 15:45 --------- d-----w C:\Program Files\Common Files\Real
2008-08-04 11:55 --------- d-----w C:\Program Files\Java
2008-08-03 02:06 --------- d-----w C:\Program Files\Sonic
2008-08-03 01:58 17,801 ----a-w C:\WINDOWS\system32\drivers\AegisP.sys
2008-08-03 01:58 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-08-03 01:55 --------- d-----w C:\Program Files\Metamail Inc
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{0579B4B6-0293-4d73-B02D-5EBB0BA0F0A2}"= "C:\Program Files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL" [2008-08-04 04:49 66912]

[HKEY_CLASSES_ROOT\clsid\{0579b4b6-0293-4d73-b02d-5ebb0ba0f0a2}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0579B4B1-0293-4d73-B02D-5EBB0BA0F0A2}]
2008-08-04 04:49 66912 --a------ C:\Program Files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 05:00 15360]
"TOSCDSPD"="C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe" [2004-12-30 01:32 65536]
"Konnekt"="C:\Program Files\Konnekt\konnekt.exe" [2005-05-24 14:41 503808]
"Gadu-Gadu"="C:\Program Files\Gadu-Gadu\gg.exe" [2008-03-20 03:04 2127296]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 09:24 1694208]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MCUpdateExe"="c:\PROGRA~1\mcafee.com\agent\mcupdate.exe" [2005-07-08 18:16 212992]
"MCAgentExe"="c:\PROGRA~1\mcafee.com\agent\mcagent.exe" [2005-07-01 20:22 303104]
"ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-08-05 22:05 344064]
"SynTPLpr"="C:\Program Files\Synaptics\SynTP\SynTPLpr.exe" [2004-10-14 16:28 98394]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2004-10-14 16:26 688218]
"THotkey"="C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe" [2005-11-25 14:07 352256]
"Tvs"="C:\Program Files\Toshiba\Tvs\TvsTray.exe" [2005-11-10 11:24 73728]
"LtMoh"="C:\Program Files\ltmoh\Ltmoh.exe" [2005-05-19 08:57 188416]
"DLA"="C:\WINDOWS\System32\DLA\DLACTRLW.EXE" [2005-08-01 05:10 122940]
"PadTouch"="C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe" [2005-07-15 11:52 1077322]
"SmoothView"="C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe" [2005-04-26 17:13 122880]
"VSOCheckTask"="C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe" [2005-07-08 19:18 151552]
"Pinger"="c:\toshiba\ivp\ism\pinger.exe" [2005-03-17 18:37 151552]
"VirusScan Online"="c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe" [2005-08-10 13:49 163840]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 04:27 144784]
"RTHDCPL"="RTHDCPL.EXE" [2005-11-10 12:14 15473664 C:\WINDOWS\RTHDCPL.exe]
"NDSTray.exe"="NDSTray.exe" [BU]
"AGRSMMSG"="AGRSMMSG.exe" [2005-10-15 07:29 88203 C:\WINDOWS\agrsmmsg.exe]
"TFncKy"="TFncKy.exe" [BU]
"TPSMain"="TPSMain.exe" [2005-05-31 22:00 282624 C:\WINDOWS\system32\TPSMain.exe]
"CFSServ.exe"="CFSServ.exe" [BU]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Metamail Trust Manager.lnk - C:\Program Files\Metamail Inc\Metamail Tray\Metamail Trust Manager.exe [2005-11-29 15:16:47 329472]
RAMASST.lnk - C:\WINDOWS\system32\RAMASST.exe [2005-11-04 20:20:51 155648]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.divxa32"= msaud32_divx.acm

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiVirus]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\TOSHIBA\\ivp\\NetInt\\Netint.exe"=
"C:\\TOSHIBA\\Ivp\\ISM\\pinger.exe"= C:\\TOSHIBA\\IVP\\ISM\\pinger.exe
"C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=
"C:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe"=
"C:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe"=
"C:\\Program Files\\America Online 9.0\\waol.exe"=
"C:\\Program Files\\Common Files\\AOL\\TopSpeed\\2.0\\aoltsmon.exe"=
"C:\\Program Files\\Common Files\\AOL\\TopSpeed\\2.0\\aoltpspd.exe"=
"C:\\Program Files\\Common Files\\AOL\\1131163763\\EE\\AOLServiceHost.exe"=
"C:\\Program Files\\Common Files\\AOL\\System Information\\sinf.exe"=
"C:\\Program Files\\Common Files\\AOL\\AOL Spyware Protection\\AOLSP Scheduler.exe"=
"C:\\Program Files\\Common Files\\AOL\\AOL Spyware Protection\\asp.exe"=
"C:\\Program Files\\Common Files\\AolCoach\\en_en\\player\\AOLNySEV.exe"=
"C:\\Program Files\\eMule\\emule.exe"=
"C:\\Program Files\\Konnekt\\konnekt.exe"=
"C:\\Program Files\\Vuze\\Azureus.exe"=

*Newly Created Service* - CATCHME
*Newly Created Service* - PROCEXP90
.
Contents of the 'Scheduled Tasks' folder

2008-08-03 C:\WINDOWS\Tasks\Registration reminder 1.job
- C:\WINDOWS\system32\OOBE\oobebaln.exe [2004-08-04 05:00]

2008-08-03 C:\WINDOWS\Tasks\Registration reminder 3.job
- C:\WINDOWS\system32\OOBE\oobebaln.exe [2004-08-04 05:00]
.
.
------- Supplementary Scan -------
.
FireFox -: Profile - C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\v3zf0921.default\
FF -: plugin - C:\Program Files\Adobe\Acrobat 7.0\Reader\browser\nppdf32.dll
FF -: plugin - C:\Program Files\Mozilla Firefox\plugins\NPAskSBr.dll
FF -: plugin - C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll

**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-08-06 13:39:40
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2008-08-06 13:40:51
ComboFix-quarantined-files.txt 2008-08-06 20:40:46

Pre-Run: 5,248,745,472 bytes free
Post-Run: 5,242,527,744 bytes free

174



huber2t - Śro Sie 06, 2008 1:44 pm
Pobierz ComboFix, ale nie uruchamiaj
Wklej do notatnika:
Kod: Zaznacz wszystkoFolder::
C:\Program Files\AskSBar

Registry::
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{0579B4B6-0293-4d73-B02D-5EBB0BA0F0A2}"=-
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0579B4B1-0293-4d73-B02D-5EBB0BA0F0A2}]

Plik zapisz jako CFScript.txt (najwygodniej będzie, jeśli zapiszesz w takiej lokalizacji, by ikonka CFScript.txt znalazła się obok ikonki ComboFix.exe)
Przeciągnij i upuść ikonkę CFScript.txt na ikonkę ComboFix.exe tak jak tu

Rozpocznie się usuwanie i powstanie log, daj ten log na forum.

Logi dajesz na http://www.wklejto.pl a w poście dajesz tylko link
  • zanotowane.pl
  • doc.pisz.pl
  • pdf.pisz.pl
  • szpetal.keep.pl
  • zanotowane.pl
  • doc.pisz.pl
  • pdf.pisz.pl
  • funlifepok.htw.pl
    		•
    Sitedesign by AltusUmbrae.