Nie mogę usunąć hggdcbb.dll

gogo123 · 20 Maj 2007 12:14

Logfile of HijackThis v1.99.1 Scan saved at 13:49:53, on 2007-05-20 Platform: Windows XP (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 (6.00.2600.0000) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\System32\RunDll32.exe C:\WINDOWS\System32\RUNDLL32.EXE C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4ss.exe C:\WINDOWS\System32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4gui.exe C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4gui.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\WINDOWS\explorer.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\Program Files\CCleaner\ccleaner.exe C:\Documents and Settings\kamil\Pulpit\hijackthis.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza O2 - BHO: (no name) - {35C4A89B-5CE1-41BB-AEE5-64C7A57C4732} - C:\WINDOWS\System32\vtutu.dll O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll O2 - BHO: (no name) - {9E93A147-E3F9-47AB-BAF0-915CCAAA7034} - C:\WINDOWS\System32\hggdcbb.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O4 - HKLM…\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd O4 - HKLM…\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKCU…\Run: [Gadu-Gadu] “C:\Program Files\Gadu-Gadu\gg.exe” /tray O4 - HKCU…\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NVMCTRAY.DLL,NvTaskbarInit O8 - Extra context menu item: Download all links using BitComet - res://f:\instalki\bitcomet.exe/AddAllLink.htm O8 - Extra context menu item: Download all videos using BitComet - res://f:\instalki\bitcomet.exe/AddVideo.htm O8 - Extra context menu item: Download link using &BitComet - res://f:\instalki\bitcomet.exe/AddLink.htm O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O9 - Extra ‘Tools’ menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file) O17 - HKLM\System\CCS\Services\Tcpip…{1CFDB3A5-13FD-4102-8B5F-26A51F706288}: NameServer = 194.204.159.1,194.204.152.34 O17 - HKLM\System\CCS\Services\Tcpip…{7F332381-B326-4526-9ADC-E6A8F9C62B3A}: NameServer = 85.255.115.30,85.255.112.150 O17 - HKLM\System\CCS\Services\Tcpip…{A5B6F36E-3D89-40B7-A365-E5453FF9214A}: NameServer = 85.255.115.30,85.255.112.150 O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.115.30 85.255.112.150 O17 - HKLM\System\CS1\Services\Tcpip…{1CFDB3A5-13FD-4102-8B5F-26A51F706288}: NameServer = 194.204.159.1,194.204.152.34 O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.115.30 85.255.112.150 O17 - HKLM\System\CS2\Services\Tcpip…{1CFDB3A5-13FD-4102-8B5F-26A51F706288}: NameServer = 194.204.159.1,194.204.152.34 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.115.30 85.255.112.150 O20 - Winlogon Notify: hggdcbb - C:\WINDOWS\SYSTEM32\hggdcbb.dll O20 - Winlogon Notify: mszsrn32 - C:\WINDOWS\system32\mszsrn32.dll O20 - Winlogon Notify: vtutu - C:\WINDOWS\System32\vtutu.dll O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4ss.exe O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe

EDIT

Tytułuj konkretnie tematy …a logi wstawiaj między znaczniki

qrczak13 · 20 Maj 2007 12:25

Pobierz Windows Worms Doors Cleaner, ustaw znaczki na zielono, Netbios może być na żółto.

Po użyciu narzędzia wymagany jest restart.

W awaryjnym użyj VundoFix, FixVundo, VirtmundoBeGone oraz FixWareOut

Po zrobieniu daj log z ComboFix

gogo123 · 20 Maj 2007 13:55

logo z combofix.exe

ComboFix 07-05.20.9.V - Running from: “C:\Documents and Settings\kamil\Pulpit” (((((((((((((((((((((((((((((((((((((((((((((((((( V Log ))))))))))))))))))))))))))))))))))))))))))))))))))))))) C:\WINDOWS\system32\gebyv.dll * * * POST RUN FILES/FOLDERS * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * (((((((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) C:\Program Files\outlook C:\WINDOWS\system32\components C:\Program Files\Common Files{2057B~1 C:\Program Files\Common Files{3057B~1 ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ Purity ~ ~ ~ ~ ~ ~ ~ ~~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ Folders Quarantined: C:\qoobox\purity\C\DOCUME~1 C:\qoobox\purity\C\DOCUME~1\kamil C:\qoobox\purity\C\DOCUME~1\kamil\DANEAP~1 C:\qoobox\purity\C\DOCUME~1\kamil\MOJEDO~1 C:\qoobox\purity\C\DOCUME~1\kamil\DANEAP~1\SSTEM3~1 C:\qoobox\purity\C\DOCUME~1\kamil\MOJEDO~1\ICROSO~1.NET C:\qoobox\purity\C\DOCUME~1\kamil\MOJEDO~1\ICROSO~1.NET?icrosoft.NET C:\qoobox\purity\C\DOCUME~1\kamil\MOJEDO~1\ICROSO~1.NET?icrosoft.NET\ctxad-503.0000 C:\qoobox\purity\C\DOCUME~1\kamil\MOJEDO~1\ICROSO~1.NET?icrosoft.NET\ctxad-509.0000 ((((((((((((((((((((((((((((((( Files Created from 2007-04-05 to 2007-05-20 )))))))))))))))))))))))))))))))))) 2007-05-20 15:05 2007-05-20 15:03 2007-05-20 11:56 182,880 --a------ C:\WINDOWS\system32\iuengine.dll 2007-05-20 11:55 8,704 --a------ C:\WINDOWS\system32\drivers\ggsemc.sys 2007-05-20 11:42 89,872 --a------ C:\WINDOWS\system32\drivers\k750mdm.sys 2007-05-20 11:42 81,728 --a------ C:\WINDOWS\system32\drivers\k750mgmt.sys 2007-05-20 11:42 79,488 --a------ C:\WINDOWS\system32\drivers\k750obex.sys 2007-05-20 11:42 6,576 --a------ C:\WINDOWS\system32\drivers\k750mdfl.sys 2007-05-20 11:42 6,144 --a------ C:\WINDOWS\system32\drivers\k750cmnt.sys 2007-05-20 11:42 6,144 --a------ C:\WINDOWS\system32\drivers\k750cm.sys 2007-05-20 11:42 55,216 --a------ C:\WINDOWS\system32\drivers\k750bus.sys 2007-05-20 11:42 5,744 --a------ C:\WINDOWS\system32\drivers\k750whnt.sys 2007-05-20 11:42 5,744 --a------ C:\WINDOWS\system32\drivers\k750wh.sys 2007-05-19 19:51 2007-05-18 15:00 507 --a------ C:\WINDOWS\eReg.dat 2007-05-17 16:44 2007-05-17 16:39 2007-05-17 16:37 98,304 --a------ C:\WINDOWS\system32\wmpshell.dll 2007-05-17 16:37 7,680 --a------ C:\WINDOWS\system32\asferror.dll 2007-05-17 16:37 358,912 --a------ C:\WINDOWS\system32\msscp.dll 2007-05-17 16:37 27,136 --a------ C:\WINDOWS\system32\wmdmlog.dll 2007-05-17 16:37 245,760 --a------ C:\WINDOWS\system32\mswmdm.dll 2007-05-17 16:37 23,552 --a------ C:\WINDOWS\system32\wmdmps.dll 2007-05-17 16:37 201,728 --a------ C:\WINDOWS\system32\mspmsp.dll 2007-05-17 16:37 20,480 --a------ C:\WINDOWS\system32\wmpui.dll 2007-05-17 16:37 20,480 --a------ C:\WINDOWS\system32\wmpcore.dll 2007-05-17 16:37 20,480 --a------ C:\WINDOWS\system32\wmpcd.dll 2007-05-17 16:37 2,940,928 --a------ C:\WINDOWS\system32\wmploc.dll 2007-05-17 16:37 159,232 --a------ C:\WINDOWS\system32\CEWMDM.dll 2007-05-17 16:36 981,504 --a------ C:\WINDOWS\system32\wmnetmgr.dll 2007-05-17 16:36 82,432 --a------ C:\WINDOWS\system32\drmstor.dll 2007-05-17 16:36 816,264 --a------ C:\WINDOWS\system32\wmvdmod.dll 2007-05-17 16:36 81,408 --a------ C:\WINDOWS\system32\logagent.exe 2007-05-17 16:36 760,968 --a------ C:\WINDOWS\system32\wmsdmod.dll 2007-05-17 16:36 678,912 --a------ C:\WINDOWS\system32\drmv2clt.dll 2007-05-17 16:36 670,208 --a------ C:\WINDOWS\system32\wmadmoe.dll 2007-05-17 16:36 6,656 --a------ C:\WINDOWS\system32\laprxy.dll 2007-05-17 16:36 410,248 --a------ C:\WINDOWS\system32\wmadmod.dll 2007-05-17 16:36 301,712 --a------ C:\WINDOWS\system32\drmclien.dll 2007-05-17 16:36 253,952 --a------ C:\WINDOWS\system32\msnetobj.dll 2007-05-17 16:36 241,664 --a------ C:\WINDOWS\system32\qasf.dll 2007-05-17 16:36 241,664 --a------ C:\WINDOWS\system32\mpg4dmod.dll 2007-05-17 16:36 232,960 --a------ C:\WINDOWS\system32\blackbox.dll 2007-05-17 16:36 218,112 --a------ C:\WINDOWS\system32\wmasf.dll 2007-05-17 16:25 2007-05-08 19:55 23,040 --a------ C:\WINDOWS\system32\mszsrn32.dll 2007-05-01 14:34 46,592 --a------ C:\WINDOWS\system32\dxdllreg.exe 2007-05-01 14:27 86,016 -ra------ C:\WINDOWS\system32\nvwrszht.dll 2007-05-01 14:27 86,016 -ra------ C:\WINDOWS\system32\nvwrszhc.dll 2007-05-01 14:27 852,038 -ra------ C:\WINDOWS\system32\nview.dll 2007-05-01 14:27 73,728 -ra------ C:\WINDOWS\system32\nvsvc32.exe 2007-05-01 14:27 512,000 -ra------ C:\WINDOWS\system32\nviewimg.dll 2007-05-01 14:27 49,152 -ra------ C:\WINDOWS\system32\nvmctray.dll 2007-05-01 14:27 467,016 -ra------ C:\WINDOWS\system32\nvshell.dll 2007-05-01 14:27 4,734,976 -ra------ C:\WINDOWS\system32\nvcpl.dll 2007-05-01 14:27 323,584 -ra------ C:\WINDOWS\system32\nwiz.exe 2007-05-01 14:27 3,837,952 -ra------ C:\WINDOWS\system32\nvoglnt.dll 2007-05-01 14:27 3,432,448 -ra------ C:\WINDOWS\system32\nvrsja.dll 2007-05-01 14:27 3,428,352 -ra------ C:\WINDOWS\system32\nvrsko.dll 2007-05-01 14:27 3,241,131 -ra------ C:\WINDOWS\system32\nv4_disp.dll 2007-05-01 14:27 286,806 -ra------ C:\WINDOWS\system32\keystone.exe 2007-05-01 14:27 278,528 -ra------ C:\WINDOWS\system32\nvrsit.dll 2007-05-01 14:27 278,528 -ra------ C:\WINDOWS\system32\nvrsfr.dll 2007-05-01 14:27 278,528 -ra------ C:\WINDOWS\system32\nvrsesm.dll 2007-05-01 14:27 274,432 -ra------ C:\WINDOWS\system32\nvrsptb.dll 2007-05-01 14:27 274,432 -ra------ C:\WINDOWS\system32\nvrses.dll 2007-05-01 14:27 274,432 -ra------ C:\WINDOWS\system32\nvrsde.dll 2007-05-01 14:27 270,336 -ra------ C:\WINDOWS\system32\nvrstr.dll 2007-05-01 14:27 270,336 -ra------ C:\WINDOWS\system32\nvrssl.dll 2007-05-01 14:27 270,336 -ra------ C:\WINDOWS\system32\nvrsru.dll 2007-05-01 14:27 270,336 -ra------ C:\WINDOWS\system32\nvrsnl.dll 2007-05-01 14:27 270,336 -ra------ C:\WINDOWS\system32\nvrsel.dll 2007-05-01 14:27 266,240 -ra------ C:\WINDOWS\system32\nvrssv.dll 2007-05-01 14:27 266,240 -ra------ C:\WINDOWS\system32\nvrspt.dll 2007-05-01 14:27 266,240 -ra------ C:\WINDOWS\system32\nvrsno.dll 2007-05-01 14:27 266,240 -ra------ C:\WINDOWS\system32\nvrseng.dll 2007-05-01 14:27 266,240 -ra------ C:\WINDOWS\system32\nvrsda.dll 2007-05-01 14:27 262,144 -ra------ C:\WINDOWS\system32\nvrssk.dll 2007-05-01 14:27 262,144 -ra------ C:\WINDOWS\system32\nvrspl.dll 2007-05-01 14:27 262,144 -ra------ C:\WINDOWS\system32\nvrshu.dll 2007-05-01 14:27 262,144 -ra------ C:\WINDOWS\system32\nvrscs.dll 2007-05-01 14:27 258,048 -ra------ C:\WINDOWS\system32\nvrsfi.dll 2007-05-01 14:27 221,184 -ra------ C:\WINDOWS\system32\nvrszht.dll 2007-05-01 14:27 221,184 -ra------ C:\WINDOWS\system32\nvrszhc.dll 2007-05-01 14:27 2,822,144 -ra------ C:\WINDOWS\system32\nvrsar.dll 2007-05-01 14:27 2,813,952 -ra------ C:\WINDOWS\system32\nvrshe.dll 2007-05-01 14:27 184,320 -ra------ C:\WINDOWS\system32\nvwrsel.dll 2007-05-01 14:27 176,128 -ra------ C:\WINDOWS\system32\nvwrsru.dll 2007-05-01 14:27 176,128 -ra------ C:\WINDOWS\system32\nvwrspt.dll 2007-05-01 14:27 176,128 -ra------ C:\WINDOWS\system32\nvwrses.dll 2007-05-01 14:27 176,128 -ra------ C:\WINDOWS\system32\nvwrsde.dll 2007-05-01 14:27 172,032 -ra------ C:\WINDOWS\system32\nvwrsptb.dll 2007-05-01 14:27 172,032 -ra------ C:\WINDOWS\system32\nvwrsit.dll 2007-05-01 14:27 172,032 -ra------ C:\WINDOWS\system32\nvwrsfr.dll 2007-05-01 14:27 167,936 -ra------ C:\WINDOWS\system32\nvwrssk.dll 2007-05-01 14:27 167,936 -ra------ C:\WINDOWS\system32\nvwrsnl.dll 2007-05-01 14:27 167,936 -ra------ C:\WINDOWS\system32\nvwrshu.dll 2007-05-01 14:27 163,840 -ra------ C:\WINDOWS\system32\nvwrstr.dll 2007-05-01 14:27 163,840 -ra------ C:\WINDOWS\system32\nvwrspl.dll 2007-05-01 14:27 163,840 -ra------ C:\WINDOWS\system32\nvwrsfi.dll 2007-05-01 14:27 159,744 -ra------ C:\WINDOWS\system32\nvwrssv.dll 2007-05-01 14:27 159,744 -ra------ C:\WINDOWS\system32\nvwrsno.dll 2007-05-01 14:27 159,744 -ra------ C:\WINDOWS\system32\nvwrsda.dll 2007-05-01 14:27 159,744 -ra------ C:\WINDOWS\system32\nvwrscs.dll 2007-05-01 14:27 155,648 -ra------ C:\WINDOWS\system32\nvwrssl.dll 2007-05-01 14:27 147,456 -ra------ C:\WINDOWS\system32\nvwrsesm.dll 2007-05-01 14:27 147,456 -ra------ C:\WINDOWS\system32\nvwrseng.dll 2007-05-01 14:27 143,360 -ra------ C:\WINDOWS\system32\nvwrsar.dll 2007-05-01 14:27 139,264 -ra------ C:\WINDOWS\system32\nvwrshe.dll 2007-05-01 14:27 126,976 -ra------ C:\WINDOWS\system32\nvinstnt.dll 2007-05-01 14:27 106,496 -ra------ C:\WINDOWS\system32\nvwrsja.dll 2007-05-01 14:27 102,400 -ra------ C:\WINDOWS\system32\nvwrsko.dll 2007-05-01 14:27 1,324,779 -ra------ C:\WINDOWS\system32\drivers\nv4_mini.sys 2007-05-01 14:27 1,323,008 -ra------ C:\WINDOWS\system32\dmcpl.exe 2007-05-01 14:27 2007-05-01 14:27 2007-05-01 14:20 2007-05-01 14:03 23,070 --a------ C:\WINDOWS\system32\drivers\RTL8139.sys 2007-05-01 14:01 24,661 --a------ C:\WINDOWS\system32\spxcoins.dll 2007-05-01 14:01 13,312 --a------ C:\WINDOWS\system32\irclass.dll 2007-04-29 15:56 5 --ahs---- C:\WINDOWS\system32\faffb5_s.dll 2007-04-29 15:56 2007-04-28 13:25 2,560 --a------ C:\WINDOWS\system32\bitcometres.dll 2007-04-27 14:05 2007-04-25 12:52 98,816 --a------ C:\WINDOWS\system32\dmstyle.dll 2007-04-25 12:52 974,848 --a------ C:\WINDOWS\system32\dxdiag.exe 2007-04-25 12:52 83,968 --a------ C:\WINDOWS\system32\drivers\nabtsfec.sys 2007-04-25 12:52 80,896 --a------ C:\WINDOWS\system32\dpvsetup.exe 2007-04-25 12:52 76,800 --a------ C:\WINDOWS\system32\dmscript.dll 2007-04-25 12:52 733,184 --a------ C:\WINDOWS\system32\qedwipes.dll 2007-04-25 12:52 723,968 --a------ C:\WINDOWS\system32\dpnet.dll 2007-04-25 12:52 7,424 --a------ C:\WINDOWS\system32\drivers\mskssrv.sys 2007-04-25 12:52 68,096 --a------ C:\WINDOWS\system32\dpnhupnp.dll 2007-04-25 12:52 667,648 --a------ C:\WINDOWS\system32\dinput8.dll 2007-04-25 12:52 64,512 --a------ C:\WINDOWS\system32\amstream.dll 2007-04-25 12:52 590,336 --a------ C:\WINDOWS\system32\d3dramp.dll 2007-04-25 12:52 58,368 --a------ C:\WINDOWS\system32\dmcompos.dll 2007-04-25 12:52 52,096 --a------ C:\WINDOWS\system32\drivers\msdv.sys 2007-04-25 12:52 5,504 --a------ C:\WINDOWS\system32\drivers\mstee.sys 2007-04-25 12:52 5,248 --a------ C:\WINDOWS\system32\drivers\mspclock.sys 2007-04-25 12:52 491,520 --a------ C:\WINDOWS\system32\dsdmoprp.dll 2007-04-25 12:52 48,512 --a------ C:\WINDOWS\system32\drivers\stream.sys 2007-04-25 12:52 470,528 --a------ C:\WINDOWS\system32\qdvd.dll 2007-04-25 12:52 47,616 --a------ C:\WINDOWS\system32\d3dxof.dll 2007-04-25 12:52 47,104 --a------ C:\WINDOWS\system32\wstdecod.dll 2007-04-25 12:52 467,968 --a------ C:\WINDOWS\system32\diactfrm.dll 2007-04-25 12:52 44,032 --a------ C:\WINDOWS\system32\dimap.dll 2007-04-25 12:52 436,224 --a------ C:\WINDOWS\system32\d3dim.dll 2007-04-25 12:52 4,608 --a------ C:\WINDOWS\system32\drivers\mspqm.sys 2007-04-25 12:52 4,096 --a------ C:\WINDOWS\system32\ksuser.dll 2007-04-25 12:52 4,096 --a------ C:\WINDOWS\system32\drivers\swenum.sys 2007-04-25 12:52 381,952 --a------ C:\WINDOWS\system32\dpvoice.dll 2007-04-25 12:52 354,816 --a------ C:\WINDOWS\system32\psisdecd.dll 2007-04-25 12:52 350,208 --a------ C:\WINDOWS\system32\d3drm.dll 2007-04-25 12:52 34,816 --a------ C:\WINDOWS\system32\d3dpmesh.dll 2007-04-25 12:52 34,304 --a------ C:\WINDOWS\system32\mciqtz32.dll 2007-04-25 12:52 33,280 --a------ C:\WINDOWS\system32\dmloader.dll 2007-04-25 12:52 324,096 --a------ C:\WINDOWS\system32\mswebdvd.dll 2007-04-25 12:52 32,768 --a------ C:\WINDOWS\system32\dpnhpast.dll 2007-04-25 12:52 316,928 --a------ C:\WINDOWS\system32\qdv.dll 2007-04-25 12:52 3,072 --a------ C:\WINDOWS\system32\dpnlobby.dll 2007-04-25 12:52 3,072 --a------ C:\WINDOWS\system32\dpnaddr.dll 2007-04-25 12:52 27,136 --a------ C:\WINDOWS\system32\dmband.dll 2007-04-25 12:52 257,024 --a------ C:\WINDOWS\system32\qcap.dll 2007-04-25 12:52 19,968 --a------ C:\WINDOWS\system32\dpvacm.dll 2007-04-25 12:52 186,880 --a------ C:\WINDOWS\system32\dsdmo.dll 2007-04-25 12:52 181,248 --a------ C:\WINDOWS\system32\dmime.dll 2007-04-25 12:52 18,944 --a------ C:\WINDOWS\system32\encapi.dll 2007-04-25 12:52 18,688 --a------ C:\WINDOWS\system32\drivers\wstcodec.sys 2007-04-25 12:52 18,432 --a------ C:\WINDOWS\system32\dswave.dll 2007-04-25 12:52 16,896 --a------ C:\WINDOWS\system32\msyuv.dll 2007-04-25 12:52 16,896 --a------ C:\WINDOWS\system32\dpnsvr.exe 2007-04-25 12:52 16,384 --a------ C:\WINDOWS\system32\drivers\ccdecode.sys 2007-04-25 12:52 15,104 --a------ C:\WINDOWS\system32\drivers\mpe.sys 2007-04-25 12:52 14,976 --a------ C:\WINDOWS\system32\drivers\streamip.sys 2007-04-25 12:52 132,608 --a------ C:\WINDOWS\system32\devenum.dll 2007-04-25 12:52 130,304 --a------ C:\WINDOWS\system32\drivers\ks.sys 2007-04-25 12:52 13,312 --a------ C:\WINDOWS\system32\msdmo.dll 2007-04-25 12:52 122,880 --a------ C:\WINDOWS\system32\dmusic.dll 2007-04-25 12:52 112,128 --a------ C:\WINDOWS\system32\dpvvox.dll 2007-04-25 12:52 11,392 --a------ C:\WINDOWS\system32\drivers\bdasup.sys 2007-04-25 12:52 100,864 --a------ C:\WINDOWS\system32\dmsynth.dll 2007-04-25 12:52 10,880 --a------ C:\WINDOWS\system32\drivers\slip.sys 2007-04-25 12:52 10,496 --a------ C:\WINDOWS\system32\drivers\dxapi.sys 2007-04-25 12:52 10,112 --a------ C:\WINDOWS\system32\drivers\ndisip.sys 2007-04-25 12:52 1,962,496 --a------ C:\WINDOWS\system32\quartz.dll 2007-04-25 12:52 1,798,144 --a------ C:\WINDOWS\system32\qedit.dll 2007-04-25 12:52 1,230,336 --a------ C:\WINDOWS\system32\msvidctl.dll 2007-04-25 12:52 1,201,152 --a------ C:\WINDOWS\system32\d3d8.dll 2007-04-25 12:52 2007-04-25 12:51 8,192 --a------ C:\WINDOWS\system32\d3d8thk.dll 2007-04-25 12:51 797,184 --a------ C:\WINDOWS\system32\d3dim700.dll 2007-04-25 12:51 79,360 --a------ C:\WINDOWS\system32\dpwsockx.dll 2007-04-25 12:51 77,824 --a------ C:\WINDOWS\system32\dpmodemx.dll 2007-04-25 12:51 648,704 --a------ C:\WINDOWS\system32\dinput.dll 2007-04-25 12:51 602,624 --a------ C:\WINDOWS\system32\dx7vb.dll 2007-04-25 12:51 381,952 --a------ C:\WINDOWS\system32\dsound.dll 2007-04-25 12:51 31,744 --a------ C:\WINDOWS\system32\pid.dll 2007-04-25 12:51 292,864 --a------ C:\WINDOWS\system32\ddraw.dll 2007-04-25 12:51 28,160 --a------ C:\WINDOWS\system32\dplaysvr.exe 2007-04-25 12:51 24,064 --a------ C:\WINDOWS\system32\ddrawex.dll 2007-04-25 12:51 230,400 --a------ C:\WINDOWS\system32\dplayx.dll 2007-04-25 12:51 223,232 --a------ C:\WINDOWS\system32\gcdef.dll 2007-04-25 12:51 1,294,336 --a------ C:\WINDOWS\system32\dsound3d.dll 2007-04-25 12:51 1,189,888 --a------ C:\WINDOWS\system32\dx8vb.dll 2007-04-24 19:21 281,172 --a------ C:\WINDOWS\system32\vtutu.dll.vir 2007-04-24 18:53 10 --a------ C:\WINDOWS\popcinfo.dat 2007-04-24 18:19 26,678 --a------ C:\WINDOWS\system32\hggdcbb.dll.vir 2007-04-22 17:33 2007-04-20 19:18 786,432 --ah----- C:\DOCUME~1\ADMINI~1\NTUSER.DAT 2007-04-20 19:18 2007-04-20 19:18 2007-04-20 19:18 2007-04-20 19:18 2007-04-20 19:18 2007-04-20 19:18 2007-04-20 19:18 (((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))) 2007-05-20 09:39:11 -------- d–h--w C:\Program Files\WindowsUpdate 2007-05-09 15:19:50 -------- d-----w C:\DOCUME~1\kamil\DANEAP~1\Hamachi 2007-05-07 08:23:21 -------- d–h--w C:\Program Files\InstallShield Installation Information 2007-05-01 12:24:39 46,756 ----a-w C:\WINDOWS\system32\perfc015.dat 2007-05-01 12:24:39 349,454 ----a-w C:\WINDOWS\system32\perfh015.dat 2007-05-01 12:07:57 23,040 ----a-w C:\WINDOWS\system32\emptyregdb.dat 2007-04-29 14:25:55 25,992 ----a-w C:\WINDOWS\system32\pgdfgsvc.exe 2007-04-29 13:21:00 -------- d-----w C:\Program Files\BitComet 2007-04-28 17:21:24 -------- d-----w C:\Program Files\Gadu-Gadu 2007-04-22 13:45:32 -------- d-----w C:\Program Files\Hamachi 2007-04-19 19:34:47 249,856 ------w C:\WINDOWS\Setup1.exe 2007-04-19 19:34:46 73,216 ----a-w C:\WINDOWS\ST6UNST.EXE 2007-04-19 19:31:16 29,272 ----a-w C:\WINDOWS\DIIUnin.dat 2007-04-15 11:18:09 26,056 ----a-w C:\WINDOWS\system32\drivers\hamachi.sys 2007-04-15 10:56:54 -------- d-----w C:\Program Files\Movie Maker 2007-04-15 10:54:37 -------- d-----w C:\Program Files\Windows NT 2007-04-13 18:02:57 -------- d-----w C:\Program Files\Sunbelt Software 2007-04-13 17:30:13 -------- d-----w C:\Program Files\CCleaner 2007-04-12 14:05:25 -------- d-----w C:\Program Files\DivX 2007-03-18 20:18:38 21,840 ----atw C:\WINDOWS\system32\SIntfNT.dll 2007-03-18 20:18:38 17,212 ----atw C:\WINDOWS\system32\SIntf32.dll 2007-03-18 20:18:38 12,067 ----atw C:\WINDOWS\system32\SIntf16.dll 2007-03-11 14:54:40 2,829 ----a-w C:\WINDOWS\DIIUnin.pif 2007-03-11 14:54:40 106,496 ----a-w C:\WINDOWS\DIIUnin.exe (((((((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))) *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects] {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60}=C:\Program Files\BitComet\tools\BitCometBHO.dll [2006-11-29 15:52] {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}=C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll [2006-11-09 16:21] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] “Cmaudio”=“cmicnfg.cpl” [] “NvCplDaemon”=“C:\WINDOWS\System32\NvCpl.dll” [2003-07-31 11:22] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] “Gadu-Gadu”=“C:\Program Files\Gadu-Gadu\gg.exe” [2007-01-16 10:41] “NvMediaCenter”=“C:\WINDOWS\System32\NVMCTRAY.DLL,NvTaskbarInit” [] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runonce] “VundoFix”=“C:\Documents and Settings\kamil\Pulpit\vundofix.exe” [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] “DisableStatusMessages”=1 (0x1) [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer] “NoRemoteRecursiveEvents”=1 (0x1) “ClearRecentDocsOnExit”=1 (0x1) [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] “NoSMBalloonTip”=0 (0x0) “NoLowDiskSpaceChecks”=1 (0x1) “NoSaveSettings”=0 (0x0) “ClearRecentDocsOnExit”=1 (0x1) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] “{57B86673-276A-48B2-BAE7-C6DBB3020EB8}”=“C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll” [2006-09-28 16:13] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\mszsrn32] C:\WINDOWS\system32\mszsrn32.dll [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^Microsoft Office.lnk] path=C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Microsoft Office.lnk backup=C:\WINDOWS\pss\Microsoft Office.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^VIA RAID TOOL.lnk] path=C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\VIA RAID TOOL.lnk backup=C:\WINDOWS\pss\VIA RAID TOOL.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg!AVG Anti-Spyware] “C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe” /minimized [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BearShare] “C:\Program Files\BearShare\BearShare.exe” /pause [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitComet] “f:\instalki\bitcomet.exe” [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools-1033] “C:\Program Files\D-Tools\daemon.exe” -lang 1033 [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eSkiMoS R2] “C:\Program Files\eSkiMoS R2\eSkiMoS.exe” tray [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IpWins] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck] %systemroot%\system32\dumprep 0 -k [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS] “C:\Program Files\Messenger\msmsgs.exe” /background [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz] nwiz.exe /install [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Ohyp] C:\Program Files?ystem\n?tepad.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\outlook] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCSuiteTrayApplication] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] “C:\Program Files\QuickTime\qttask.exe” -atboottime [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\STYLEXP] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] “C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe” [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Tuia] “C:\DOCUME~1\kamil\MOJEDO~1\ICROSO~1.NET\tracert.exe” -vt yazb [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent] C:\Program Files\Winamp\winampa.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\winlog] winlog.exe HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost *netsvcs* ******************************************************************** catchme 0.3.660 W2K/XP/Vista - userland rootkit detector by Gmer, http://www.gmer.net Rootkit scan 2007-05-20 15:47:24 Windows 5.1.2600 NTFS scanning hidden processes … cmd.exe [1892] scanning hidden autostart entries … scanning hidden files … C:\WINDOWS\system32\kdirk.exe 65536 bytes scan completed successfully hidden files: 1 ******************************************************************** Completion time: 2007-05-20 15:48:02 C:\ComboFix-quarantined-files.txt … 2007-05-20 15:48 — E O F –

JNJN · 20 Maj 2007 14:03

gogo123

Proszę przeczytać tematy przyklejone w tym dziale i poprawić posta.JNJN

Gutek · 20 Maj 2007 17:29

Pobierz The Avenger. Wypakuj => uruchom => zaznacz opcję Input script manually => kliknij w taką lupkę => w okienku, które się otworzy wklej:

kliknij klawisz Done => teraz kliknij na zielone światełko => powinna pojawić się pewna informacja i kliknij OK (teraz restart).

Po wszystkin nowy log z Combo