Opcje internetowe nie działają

wojtekkie · 29 Marzec 2008 12:10

Witam. Mam problem tego typu że nie mogę włączyć Opcji Internetowych. W panelu sterowania jest ikona ale nie jest podpisana jak klikam to nic sie nie dzieje, tak samo w w Internet Explorer kiedy klikam opcje i Opcje internetowe tez nic sie nie dzieje. Dlaczego?? Może ktoś wie???

huber2t · 29 Marzec 2008 20:01

Podaj logi z Hijackthis

wojtekkie · 29 Marzec 2008 21:05

Logfile of Trend Micro HijackThis v2.0.0 (BETA)

Scan saved at 22:02:06, on 29-03-2008

Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

C:\Program Files\Alwil Software\Avast4\ashServ.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\RTHDCPL.EXE

C:\WINDOWS\ALCMTR.EXE

C:\PROGRA~1\NEOSTR~1\CnxMon.exe

C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe

C:\PROGRA~1\NEOSTR~1\TaskbarIcon.exe

C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe

C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe

C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

C:\WINDOWS\zHotkey.exe

C:\Program Files\Common Files\Real\Update_OB\realsched.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe

C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

C:\Program Files\Kalendarz XP\Kalendarz.exe

E:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe

E:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe

C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe

C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe

C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe

C:\Program Files\Neostrada TP\NeostradaTP.exe

C:\Program Files\Neostrada TP\ComComp.exe

C:\Program Files\Neostrada TP\Watch.exe

D:\Program Files\Gadu-Gadu\gg.exe

C:\Program Files\Winamp\winamp.exe

D:\Program Files\Winamp\winampa.exe

C:\Program Files\Mozilla Firefox\firefox.exe

D:\Program Files\Winamp\winamp.exe

C:\DOCUME~1\Komputer\USTAWI~1\Temp\Rar$EX00.766\HiJackThis_v2.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://szukaj.wp.pl

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.neostrada.pl

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Neostrada TP

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza

R3 - URLSearchHook: Winamp Search Class - {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll

R3 - URLSearchHook: AOLTBSearch Class - {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - C:\Program Files\AOL\Pasek narzędzi AOL 5.0\aoltb.dll

R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\NEOSTR~1\SEARCH~1.DLL

R3 - URLSearchHook: (no name) - {0579B4B6-0293-4d73-B02D-5EBB0BA0F0A2} - C:\Program Files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL

O1 - Hosts: 212.150.54.250 dv-networks.com

O2 - BHO: Ask Search Assistant BHO - {0579B4B1-0293-4d73-B02D-5EBB0BA0F0A2} - C:\Program Files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll

O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\Pasek narzędzi AOL 5.0\aoltb.dll

O2 - BHO: Kwyshell MidpX BHO - {EBE9E2B5-B526-48BC-AD46-687263EDCB0E} - C:\Program Files\Kwyshell\MidpX\JadInvoker\MidpInvoker.dll

O2 - BHO: Ask Toolbar BHO - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL

O3 - Toolbar: Kwyshell MidpX - {EBE9E2B5-B526-48BC-AD46-687263EDCB0E} - C:\Program Files\Kwyshell\MidpX\JadInvoker\MidpInvoker.dll

O3 - Toolbar: Ask Toolbar - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL

O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\Pasek narzędzi AOL 5.0\aoltb.dll

O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll

O4 - HKLM…\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM…\Run: [nwiz] nwiz.exe /install

O4 - HKLM…\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM…\Run: [RTHDCPL] RTHDCPL.EXE

O4 - HKLM…\Run: [Alcmtr] ALCMTR.EXE

O4 - HKLM…\Run: [WooCnxMon] C:\PROGRA~1\NEOSTR~1\CnxMon.exe

O4 - HKLM…\Run: [speedTouch USB Diagnostics] “C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe” /icon

O4 - HKLM…\Run: [WOOWATCH] C:\PROGRA~1\NEOSTR~1\Watch.exe

O4 - HKLM…\Run: [WOOTASKBARICON] C:\PROGRA~1\NEOSTR~1\TaskbarIcon.exe

O4 - HKLM…\Run: [sunJavaUpdateSched] “C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe”

O4 - HKLM…\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

O4 - HKLM…\Run: [GrooveMonitor] “C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe”

O4 - HKLM…\Run: [HP Software Update] “c:\Program Files\HP\HP Software Update\HPWuSchd2.exe”

O4 - HKLM…\Run: [sony Ericsson PC Suite] “C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe” /startoptions

O4 - HKLM…\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe

O4 - HKLM…\Run: [WinampAgent] “D:\Program Files\Winamp\winampa.exe”

O4 - HKLM…\Run: [tguard] C:\Program Files\Beniamin\tguard.exe

O4 - HKLM…\Run: [CHotkey] zHotkey.exe

O4 - HKLM…\Run: [showWnd] ShowWnd.exe

O4 - HKLM…\Run: [TkBellExe] “C:\Program Files\Common Files\Real\Update_OB\realsched.exe” -osboot

O4 - HKLM…\Run: [QuickTime Task] “C:\Program Files\QuickTime\QTTask.exe” -atboottime

O4 - HKLM…\Run: [VisualTooltip] C:\Documents and Settings\Komputer\Pulpit\visualtooltip22\VisualToolTip.exe

O4 - HKCU…\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU…\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] “C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe”

O4 - HKCU…\Run: [DWQueuedReporting] “C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe” -t

O4 - HKCU…\Run: [Gadu-Gadu] “D:\Program Files\Gadu-Gadu\gg.exe” /tray

O4 - HKUS\S-1-5-19…\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘USŁUGA LOKALNA’)

O4 - HKUS\S-1-5-20…\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘USŁUGA SIECIOWA’)

O4 - HKUS\S-1-5-18…\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘SYSTEM’)

O4 - HKUS.DEFAULT…\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘Default user’)

O4 - Startup: RocketDock.lnk = E:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe

O4 - Startup: UberIcon.lnk = E:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe

O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe

O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

O4 - Global Startup: HP Image Zone - szybkie uruchamianie.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe

O4 - Global Startup: Kalendarz XP.lnk = C:\Program Files\Kalendarz XP\Kalendarz.exe

O8 - Extra context menu item: &Winamp Search - C:\Documents and Settings\All Users\Dane aplikacji\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html

O8 - Extra context menu item: &Wyszukiwarka na pasku narzędzi AOL - c:\program files\aol\pasek narzędzi aol 5.0\resources\pl-PL\local\search.html

O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

O8 - Extra context menu item: Link to &MidpX - C:\Program Files\Kwyshell\MidpX\JadInvoker\Extent\jad_wrap.htm

O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra ‘Tools’ menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll

O9 - Extra ‘Tools’ menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll

O9 - Extra button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra ‘Tools’ menuitem: Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\Pasek narzędzi AOL 5.0\aoltb.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra ‘Tools’ menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra ‘Tools’ menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {92ECE6FA-AC2E-4042-BFAE-0C8608E52A43} (SignActivX Control) - https://www.bph.pl/sezam/components/SignActivX.cab

O17 - HKLM\System\CCS\Services\Tcpip…{45887903-71AA-4CFE-97C3-BC74476B4AE7}: NameServer = 194.204.159.1 217.98.63.164

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O22 - SharedTaskScheduler: Moduł wstępnego ładowania interfejsu Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll

O22 - SharedTaskScheduler: Demon buforu kategorii składników - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll

O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: Urządzenie mobilne Apple (Apple Mobile Device) - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: Capture Device Service - InterVideo Inc. - C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe

O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe

O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

–

End of file - 12566 bytes

pysiu · 29 Marzec 2008 22:43

taki problem miałem jak zainstalowałem sp 3 en bete może się bawiłeś w to

huber2t · 30 Marzec 2008 03:10

fix w hijackthis

wojtekkie · 30 Marzec 2008 12:18

Nie wiem czy instalowałem sp3 en bete nie pamiętam teraz mam 2, hubert2t czyli o co chodzi?

huber2t · 30 Marzec 2008 12:34

w hijackthis skanujesz i robisz a następnie zaznaczasz je i klikasz fix a wpisy sie usuwają

wojtekkie · 30 Marzec 2008 13:06

No zrobiłem taki dalej nic. Ale jak fix-uje

R3 - URLSearchHook: (no name) - {0579B4B6-0293-4d73-B02D-5EBB0BA0F0A2} - C:\Program Files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL

To po jakimś czasie on wraca tak ma byc?

huber2t · 30 Marzec 2008 13:36

Usuń ten wpis i

Pobierz ComboFix, ale nie uruchamiaj

Wklej do notatnika:

File::

    C:\Program Files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL

    Folder::

    C:\Program Files\AskSBar

Plik -> zapisz jako -> CFScript.txt

Przeciągnij i upuść ikonkę CFScript.txt na ikonkę ComboFix.exe tak jak tu ->

Powinno się rozpocząć usuwanie i powstanie log, daj ten log na forum.

Jeśli wszystko pójdzie dobrze, to po restarcie usuń ręcznie folder C: \Qoobox

wojtekkie · 30 Marzec 2008 13:49

ComboFix 08-03-30.2 - Komputer 2008-03-30 16:00:34.2 - NTFSx86

Microsoft Windows XP Home Edition 5.1.2600.2.1250.1.1045.18.489 [GMT 2:00]

Running from: C:\Documents and Settings\Komputer\Pulpit\ComboFix.exe

Command switches used :: C:\Documents and Settings\Komputer\Pulpit\CFScript.txt

* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED

FILE ::

C:\Program Files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL

.

((((((((((((((((((((((((( Files Created from 2008-02-28 to 2008-03-30 )))))))))))))))))))))))))))))))

.

2008-03-29 20:09 . 2008-03-29 20:09

2008-03-29 20:05 . 2008-03-29 20:20

2008-03-29 16:09 . 2008-03-29 16:09

2008-03-28 12:47 . 2008-03-30 12:54 54,156 --ah----- C:\WINDOWS\QTFont.qfn

2008-03-28 12:47 . 2008-03-28 12:47 1,409 --a------ C:\WINDOWS\QTFont.for

2008-03-27 22:28 . 2008-03-27 22:28

2008-03-27 20:59 . 2008-03-27 21:02

2008-03-27 20:57 . 2008-03-27 20:59 796,672 --a------ C:\WINDOWS\GPInstall.exe

2008-03-25 01:32 . 2008-03-25 01:32

2008-03-10 09:54 . 2008-03-22 23:39

2008-03-08 23:01 . 2008-03-08 23:25 13,030 --a------ C:\PDOXUSRS.NET

2008-03-08 23:00 . 2008-03-08 23:00

2008-03-05 23:51 . 2008-03-05 23:57

2008-03-05 23:50 . 2008-03-05 23:50

2008-03-05 23:49 . 2008-03-05 23:49

2008-03-05 23:47 . 2008-03-27 18:02

2008-03-02 19:16 . 2008-03-20 09:11

2008-03-01 23:13 . 2008-03-01 23:13

2008-03-01 23:12 . 2008-03-01 23:26

2008-03-01 23:12 . 2008-03-01 23:12

2008-02-14 20:52 . 2008-02-14 20:54 1,137 --a------ C:\WINDOWS\GTA-SA_Trn_Settings.ini

2008-02-11 14:59 . 2008-02-11 14:59

2008-02-11 14:58 . 2008-02-11 14:59

2008-02-11 14:57 . 2008-02-11 14:57

2008-02-11 14:56 . 2008-02-11 14:56

2008-02-09 23:47 . 2008-02-09 23:47

2008-02-08 20:46 . 2008-02-08 20:46

2008-02-02 23:40 . 2008-02-02 23:40

2008-02-02 23:40 . 1995-07-31 14:44 212,480 --a------ C:\WINDOWS\pcdlib32.dll

2008-02-01 00:13 . 2008-02-01 00:13 90,112 --a------ C:\WINDOWS\system32\QuickTimeVR.qtx

2008-02-01 00:13 . 2008-02-01 00:13 57,344 --a------ C:\WINDOWS\system32\QuickTime.qts

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2008-03-30 13:54 --------- d-----w C:\Program Files\Neostrada TP

2008-03-30 13:45 --------- d-----w C:\Program Files\Kalendarz XP

2008-03-30 12:16 --------- d-----w C:\Documents and Settings\Komputer\Dane aplikacji\uTorrent

2008-03-29 12:00 --------- d-----w C:\Program Files\VideoLAN

2008-03-27 15:58 --------- d–h--w C:\Program Files\InstallShield Installation Information

2008-03-12 20:21 --------- d-----w C:\Documents and Settings\Komputer\Dane aplikacji\Skype

2008-03-12 19:44 --------- d-----w C:\Documents and Settings\Komputer\Dane aplikacji\skypePM

2008-03-10 10:29 --------- d-----w C:\Program Files\Java

2008-03-07 19:24 --------- d-----w C:\Program Files\Share_Accelerator_MM

2008-03-07 19:20 --------- d-----w C:\Program Files\Cheat Engine

2008-02-25 19:09 --------- d-----w C:\Program Files\Samsung

2008-02-19 20:13 --------- d-----w C:\Program Files\Common Files\Adobe

2008-02-11 13:00 --------- d-----w C:\Documents and Settings\Komputer\Dane aplikacji\Apple Computer

2008-01-30 12:54 --------- d-----w C:\Documents and Settings\Komputer\Dane aplikacji\Emisja

2008-01-16 11:08 32 ----a-w C:\Documents and Settings\All Users\Dane aplikacji\ezsid.dat

2008-01-09 11:18 524,288 ----a-w C:\WINDOWS\system32\DivXsm.exe

2008-01-09 11:18 3,596,288 ----a-w C:\WINDOWS\system32\qt-dx331.dll

2008-01-09 11:18 200,704 ----a-w C:\WINDOWS\system32\ssldivx.dll

2008-01-09 11:18 1,044,480 ----a-w C:\WINDOWS\system32\libdivx.dll

2008-01-09 11:16 823,296 ----a-w C:\WINDOWS\system32\divx_xx0c.dll

2008-01-09 11:16 823,296 ----a-w C:\WINDOWS\system32\divx_xx07.dll

2008-01-09 11:16 81,920 ----a-w C:\WINDOWS\system32\dpl100.dll

2008-01-09 11:16 802,816 ----a-w C:\WINDOWS\system32\divx_xx11.dll

2008-01-09 11:16 682,496 ----a-w C:\WINDOWS\system32\DivX.dll

2008-01-09 11:16 196,608 ----a-w C:\WINDOWS\system32\dtu100.dll

2007-12-28 11:10 72,074 ----a-w C:\WINDOWS\BricoPackUninst.cmd

2007-12-28 11:10 5,423 ----a-w C:\WINDOWS\BricoPackFoldersDelete.cmd

2007-12-28 11:10 219,648 ----a-w C:\WINDOWS\system32\uxtheme.dll

2007-12-11 19:44 593,920 ----a-w C:\WINDOWS\system32\dpuGUI11.dll

2007-12-11 19:44 57,344 ----a-w C:\WINDOWS\system32\dpv11.dll

2007-12-11 19:44 53,248 ----a-w C:\WINDOWS\system32\dpuGUI10.dll

2007-12-11 19:44 344,064 ----a-w C:\WINDOWS\system32\dpus11.dll

2007-12-11 19:44 294,912 ----a-w C:\WINDOWS\system32\dpu11.dll

2007-12-11 19:44 294,912 ----a-w C:\WINDOWS\system32\dpu10.dll

2007-12-11 19:44 156,992 ----a-w C:\WINDOWS\system32\DivXCodecVersionChecker.exe

2007-12-11 19:43 12,288 ----a-w C:\WINDOWS\system32\DivXWMPExtType.dll

2007-12-07 02:14 824,832 ----a-w C:\WINDOWS\system32\wininet.dll

2007-12-04 19:23 47,544 ----a-w C:\Documents and Settings\Komputer\Dane aplikacji\serial2.zip

2007-12-04 19:23 47,544 ----a-w C:\Documents and Settings\Komputer\Dane aplikacji\serial2.dat

2007-12-04 18:42 550,912 ----a-w C:\WINDOWS\system32\oleaut32.dll

2007-12-04 13:04 837,496 ----a-w C:\WINDOWS\system32\aswBoot.exe

2007-12-04 12:54 95,608 ----a-w C:\WINDOWS\system32\AvastSS.scr

2007-11-11 18:41 93 ----a-w C:\Program Files\card_cfg.txt

2007-11-11 18:41 3,192 ----a-w C:\Program Files\cfg.txt

2007-11-11 18:41 297 ----a-w C:\Program Files\interface_cfg.txt

2007-11-11 18:41 1,072 ----a-w C:\Program Files\deb.log

2007-03-31 14:08 5,547 ----a-w C:\Program Files\README.txt

2007-12-16 15:17 32,768 --sha-w C:\WINDOWS\system32\config\systemprofile\Ustawienia lokalne\Historia\History.IE5\MSHist012007121620071217\index.dat

.

------- Sigcheck -------

2007-06-13 15:23 976896 e74ef52c79f3347a0b105b0b92bfed38 C:\WINDOWS\explorer.exe

2007-06-13 15:12 1034752 8db0650b211425b9cdb7d1c4a8f6b482 C:\WINDOWS$hf_mig$\KB938828\SP2QFE\explorer.exe

2006-03-02 14:00 1033728 379098a96e6c165b659de7e4328010ea C:\WINDOWS$NtUninstallKB938828$\explorer.exe

2007-06-13 15:23 976896 e74ef52c79f3347a0b105b0b92bfed38 C:\WINDOWS\ServicePackFiles\i386\explorer.exe

2007-06-13 15:23 976896 e74ef52c79f3347a0b105b0b92bfed38 C:\WINDOWS\system32\dllcache\explorer.exe

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

*Note* empty entries legit default entries are not shown

REGEDIT4

[HKEY_LOCAL_MACHINE~\Browser Helper Objects{25CEE8EC-5730-41bc-8B58-22DDC8AB8C20}]

2008-03-20 00:36 1267040 --a------ C:\Program Files\Winamp Toolbar\winamptb.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

“{F0D4B239-DA4B-4DAF-81E4-DFEE4931A4AA}”= “C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL” []

“{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}”= “C:\Program Files\Winamp Toolbar\winamptb.dll” [2008-03-20 00:36 1267040]

[HKEY_CLASSES_ROOT\clsid{f0d4b239-da4b-4daf-81e4-dfee4931a4aa}]

[HKEY_CLASSES_ROOT\clsid{ebf2ba02-9094-4c5a-858b-bb198f3d8de2}]

[HKEY_CLASSES_ROOT\WINAMPTB.AOLToolBand.1]

[HKEY_CLASSES_ROOT\TypeLib{538CD77C-BFDD-49b0-9562-77419CAB89D1}]

[HKEY_CLASSES_ROOT\WINAMPTB.AOLToolBand]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]

“{F0D4B239-DA4B-4DAF-81E4-DFEE4931A4AA}”= C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL []

“{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}”= C:\Program Files\Winamp Toolbar\winamptb.dll [2008-03-20 00:36 1267040]

[HKEY_CLASSES_ROOT\clsid{f0d4b239-da4b-4daf-81e4-dfee4931a4aa}]

[HKEY_CLASSES_ROOT\clsid{ebf2ba02-9094-4c5a-858b-bb198f3d8de2}]

[HKEY_CLASSES_ROOT\WINAMPTB.AOLToolBand.1]

[HKEY_CLASSES_ROOT\TypeLib{538CD77C-BFDD-49b0-9562-77419CAB89D1}]

[HKEY_CLASSES_ROOT\WINAMPTB.AOLToolBand]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

“CTFMON.EXE”=“C:\WINDOWS\system32\ctfmon.exe” [2006-03-02 14:00 15360]

“BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}”=“C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe” [2007-06-27 19:03 152872]

“DWQueuedReporting”=“C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe” [2006-10-26 19:48 434528]

“Gadu-Gadu”=“D:\Program Files\Gadu-Gadu\gg.exe” [2007-11-14 12:54 2131392]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

“NvCplDaemon”=“C:\WINDOWS\system32\NvCpl.dll” [2005-08-02 10:35 7110656]

“nwiz”=“nwiz.exe” [2005-08-02 10:35 1519616 C:\WINDOWS\system32\nwiz.exe]

“NvMediaCenter”=“C:\WINDOWS\system32\NvMcTray.dll” [2005-08-02 10:35 86016]

“RTHDCPL”=“RTHDCPL.EXE” [2005-04-26 08:16 14370816 C:\WINDOWS\RTHDCPL.EXE]

“WooCnxMon”=“C:\PROGRA~1\NEOSTR~1\CnxMon.exe” [2003-10-16 18:07 24576]

“SpeedTouch USB Diagnostics”=“C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe” [2004-01-26 11:38 866816]

“WOOWATCH”=“C:\PROGRA~1\NEOSTR~1\Watch.exe” [2003-10-16 18:07 20480]

“WOOTASKBARICON”=“C:\PROGRA~1\NEOSTR~1\TaskbarIcon.exe” [2003-10-16 18:07 53248]

“SunJavaUpdateSched”=“C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe” [2008-02-22 05:25 144784]

“avast!”=“C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe” [2007-12-04 15:00 79224]

“GrooveMonitor”=“C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe” [2006-10-27 00:47 31016]

“HP Software Update”=“c:\Program Files\HP\HP Software Update\HPWuSchd2.exe” [2004-09-13 15:49 49152]

“Sony Ericsson PC Suite”=“C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe” [2007-06-13 08:16 528384]

“NeroFilterCheck”=“C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe” [2007-03-01 15:57 153136]

“WinampAgent”=“D:\Program Files\Winamp\winampa.exe” [2008-03-27 08:35 36352]

“tguard”=“C:\Program Files\Beniamin\tguard.exe” []

“CHotkey”=“zHotkey.exe” [2004-12-08 18:57 550912 C:\WINDOWS\zHotkey.exe]

“ShowWnd”=“ShowWnd.exe” [2003-09-18 21:09 36864 C:\WINDOWS\ShowWnd.exe]

“TkBellExe”=“C:\Program Files\Common Files\Real\Update_OB\realsched.exe” [2008-01-05 23:33 151597]

“QuickTime Task”=“C:\Program Files\QuickTime\QTTask.exe” [2008-02-01 00:13 385024]

“VisualTooltip”=“C:\Documents and Settings\Komputer\Pulpit\visualtooltip22\VisualToolTip.exe” []

[HKEY_USERS.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

“CTFMON.EXE”=“C:\WINDOWS\system32\CTFMON.EXE” [2006-03-02 14:00 15360]

C:\Documents and Settings\Komputer\Menu Start\Programy\Autostart\

RocketDock.lnk - E:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe [2007-03-19 00:05:02 630784]

UberIcon.lnk - E:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe [2006-05-21 09:43:08 180224]

C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\

Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-24 07:05:26 29696]

HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2004-11-04 19:28:24 258048]

HP Image Zone - szybkie uruchamianie.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe [2004-11-04 19:50:52 53248]

Kalendarz XP.lnk - C:\Program Files\Kalendarz XP\Kalendarz.exe [2007-12-01 21:45:33 882176]

[HKLM~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

“%windir%\system32\sessmgr.exe”=

“D:\Program Files\Gadu-Gadu\gg.exe”=

“E:\eMule\emule.exe”=

“C:\Program Files\uTorrent\uTorrent.exe”=

“C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE”=

“C:\Program Files\Microsoft Office\Office12\GROOVE.EXE”=

“C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE”=

“C:\Program Files\Opera\Opera.exe”=

“C:\WINDOWS\system32\dxdiag.exe”=

“C:\WINDOWS\system32\dpnsvr.exe”=

“C:\Program Files\Ares\Ares.exe”=

“D:\Program Files\Ares\Ares.exe”=

“%windir%\Network Diagnostic\xpnetdiag.exe”=

“C:\Program Files\Real\RealOne Player\realplay.exe”=

“C:\Program Files\Bonjour\mDNSResponder.exe”=

“E:\Program Files\Codemasters\Worms 4 Totalna Rozwałka\WORMS 4 MAYHEM.EXE”=

“C:\Program Files\IncrediMail\bin\IncMail.exe”=

“C:\Program Files\IncrediMail\bin\ImApp.exe”=

“C:\Program Files\IncrediMail\bin\ImpCnt.exe”=

“C:\Program Files\Skype\Phone\Skype.exe”=

“C:\Documents and Settings\Komputer\Pulpit\Gry\samp022server.win32\samp-server.exe”=

S3 usb2vcom;USB Data Cable;C:\WINDOWS\system32\DRIVERS\usb2vcom.sys [2006-02-19 06:13]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2{8d6b0463-d009-11dc-9a45-000e50b2153d}]

\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Recycled\ctfmon.exe

\Shell\Open(0)\command - Recycled\ctfmon.exe

.

Contents of the ‘Scheduled Tasks’ folder

“2008-03-28 08:22:09 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job”

C:\Program Files\Apple Software Update\SoftwareUpdate.exe

.

**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2008-03-30 16:02:33

Windows 5.1.2600 Dodatek Service Pack 2 NTFS

scanning hidden processes …

scanning hidden autostart entries …

scanning hidden files …

scan completed successfully

hidden files: 0

**************************************************************************

.

--------------------- DLLs Loaded Under Running Processes ---------------------

PROCESS: C:\WINDOWS\explorer.exe

E:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.dll
E:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon.dll

.

Completion time: 2008-03-30 16:03:13

ComboFix-quarantined-files.txt 2008-03-30 14:03:04

ComboFix2.txt 2008-03-30 13:42:47

Pre-Run: 7,390,793,728 bajtów wolnych

Post-Run: 7,380,353,024 bajtów wolnych

.

2008-03-12 21:37:02 — E O F —

wojtekkie · 30 Marzec 2008 13:50

I dalej nie działają…

wojtekkie · 1 Kwiecień 2008 13:14

Pewnie nic więcej juz nie wymyślisz?? Probowałem przeinstalować Explorera ale instalator odinstalowywuje tamtego i robi reset po resecie znowu pisze że odinstalowywuje i znowu reset itd. Więc musze alt ctrl i delete zakączyć i przywrócić system żeby był explorer … :idea:

wojtekkie · 3 Kwiecień 2008 15:40

I co pomożecie czy macie mnie gdzieś??