Witam…
Moja sytuacja jest dość zła. przy każdej próbie uruchomienia antywirusa automatycznie się wyłącza. programy anty spyware’owe nic nie wykrywają…
nie mogę wykonać nic w systemie… nie mogę przywrócić systemu, scan discu itd itd. błagam o pomoc.
niżej zamieszczam log z hijacka
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:24:33, on 2009-02-20
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\SYSTEM32\Ati2evxx.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\ATK0100\HControl.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\cFosSpeed\spd.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\cFosSpeed\cFosSpeed.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\WeFi\WeFi.exe
C:\WINDOWS\ATK0100\ATKOSD.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\Program Files\Spyware Doctor\pctsSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Documents and Settings\Aleksander\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Aleksander\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Aleksander\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Aleksander\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Aleksander\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Program Files\Nowe Gadu-Gadu\gg.exe
C:\Documents and Settings\Aleksander\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Program Files\Nowe Gadu-Gadu\spellchecker_gg.exe
C:\DOCUME~1\ALEKSA~1\LOCALS~1\Temp\Temporary Directory 2 for HiJackThis.zip\HijackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R3 - URLSearchHook: SrchHook Class - {F4F10C1D-87C7-404A-B4B3-000000000000} - C:\PROGRA~1\DAP\SBSearch.dll
R3 - URLSearchHook: WeFiBar Toolbar - {0b876028-b388-4f6d-922f-f52faec8535f} - C:\Program Files\WeFiBar\tbWeF1.dll
O2 - BHO: WeFiBar Toolbar - {0b876028-b388-4f6d-922f-f52faec8535f} - C:\Program Files\WeFiBar\tbWeF1.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: ORBta - {ADA8C222-95D2-47B5-950B-AEBC0A508839} - (no file)
O3 - Toolbar: WeFiBar Toolbar - {0b876028-b388-4f6d-922f-f52faec8535f} - C:\Program Files\WeFiBar\tbWeF1.dll
O4 - HKLM\..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [cFosSpeed] C:\Program Files\cFosSpeed\cFosSpeed.exe
O4 - HKLM\..\Run: [TkBellExe] ; "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] ; "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [AppleSyncNotifier] ; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
O4 - HKLM\..\Run: [iTunesHelper] ; "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [PWRISOVM.EXE] ; C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [QuickTime Task] ; "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [ZangoSA] ;
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [wefi] C:\Program Files\WeFi\WeFi.exe
O4 - HKCU\..\Run: [DownloadAccelerator] ; "C:\Program Files\DAP\DAP.EXE" /STARTUP
O4 - HKCU\..\Run: [ALLUpdate] ; "C:\Program Files\ALLPlayer\ALLUpdate.exe" "sleep"
O4 - HKCU\..\Run: [EA Core] ; C:\Program Files\Electronic Arts\EADM\Core.exe -silent
O4 - HKCU\..\Run: [Gadu-Gadu] ; "C:\Program Files\Gadu-Gadu\gg.exe" /tray
O4 - HKCU\..\Run: [Google Update] ; "C:\Documents and Settings\Aleksander\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [IPLA!] ; C:\Program Files\IPLA\IPLA.exe /autorun
O4 - HKCU\..\Run: [KeyTurion] ; C:\Program Files\Datpol\KeyTurion.exe
O4 - HKCU\..\Run: [MSMSGS] ; "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Nowe Gadu-Gadu] ; "C:\Program Files\Nowe Gadu-Gadu\gg.exe"
O4 - HKCU\..\Run: [PeerGuardian] ; C:\Program Files\PeerGuardian2\pg2.exe
O4 - HKCU\..\Run: [WeatherDPA] ;
O4 - HKCU\..\Run: [Wru] ; C:\Program Files\Wru\Wru.exe
O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm
O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm
O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: SurfLite Toolbar - {6226BA26-C017-4007-928C-DE9715C6FA68} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: SurfLite Toolbar - {6226BA26-C017-4007-928C-DE9715C6FA68} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.2.8.7.dll/206 (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program Files\PokerStars.NET\PokerStarsUpdate.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {1E53EA77-34F2-474E-9046-B2B0C86F1821} (OggX Control) - http://www.eska.pl/streamplayers/OggX.ocx
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O20 - Winlogon Notify: aacddacfbfbcb - C:\WINDOWS\system32\aacddacfbfbcb.dll
O21 - SSODL: oledll - {59945B67-9234-9234-D929-7F84D923BC79} - C:\WINDOWS\system32\wm16tokl.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: BitDefender Arrakis Server (Arrakis3) - Unknown owner - C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\Arrakis3.exe (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: cFosSpeed System Service (cFosSpeedS) - cFos Software GmbH - C:\Program Files\cFosSpeed\spd.exe
O23 - Service: Google Update Service (gupdate1c9856564366f90) (gupdate1c9856564366f90) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Usługa iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe (file missing)
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: DiRT Drivers Auto Removal (pr2ah4nb) (pr2ah4nb) - CODEMASTERS - C:\WINDOWS\system32\pr2ah4nb.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
--
End of file - 11055 bytes
proszę o pomoc