kiedy wchodzę do jakiegokolwiek folderu na komputerze wyskakuje mi błąd i włącza sie strona która “skanuje” mój dysk
drugi problem to program który nazywa się “Antyvirus” włączyłem menadżer zadań bo nie działał wyłączyłem już “Antyvirus” dzięki niemu i w msconfig by się nie włanczał ale chciał bym usunąć wszystkie te wirusy i dialery…
dodaje logi HijackThis
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:20:31, on 2008-11-17
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)
Boot mode: Normal
Running processes:
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\wdfmgr.exe
c:\windows\system32\svchost.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRAM FILES\FRAPS\FRAPS.EXE
C:\resycled\boot.com
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\TEMP\tempo-281.tmp
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\TEMP\tempo-493.tmp
C:\WINDOWS\explorer.exe
C:\Program Files\Winamp\winamp.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.interia.pl/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\secpol.exe,
O1 - Hosts: 216.107.242.199 l2authd.lineage2.com
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: offersfortoday - {099e5230-dad3-a535-dbd2-e218fdcb992e} - C:\WINDOWS\system32\nsc2BC.dll
O2 - BHO: WinIss - {17d562a6-da3d-4f87-b659-86cd06473ab5} - C:\WINDOWS\system32\psguax.dll
O2 - BHO: (no name) - {27a193d6-6010-4c68-a78d-21b660062221} - C:\WINDOWS\system32\CddbLangPT_B.dll
O2 - BHO: BitComet ClickCapture - {39f7e362-828a-4b5a-bcaf-5b79bfdfea60} - C:\Program Files\BitComet\tools\BitCometBHO_1.2.2.28.dll
O2 - BHO: XML module - {500bca15-57a7-4eaf-8143-8c619470b13d} - C:\WINDOWS\system32\msxml71.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - C:\PROGRA~1\FlashGet\jccatch.dll
O2 - BHO: offersfortoday browser enhancer - {d84397bc-f80c-a80a-1e78-03525d3f08c6} - C:\WINDOWS\system32\qhlamgpeqdghezuwl.dll
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\fgiebar.dll
O4 - HKLM…\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM…\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM…\Run: [Gainward] C:\WINDOWS\TBPanel.exe /A
O4 - HKLM…\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM…\Run: [nwiz] nwiz.exe /install
O4 - HKLM…\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM…\Run: [amd_dc_opt] “C:\Program Files\AMD\amd_dc_opt\amd_dc_opt.exe”
O4 - HKLM…\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM…\Run: [sunJavaUpdateSched] “C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe”
O4 - HKLM…\Run: [TkBellExe] “C:\Program Files\Common Files\Real\Update_OB\realsched.exe” -osboot
O4 - HKLM…\Run: [C] C:\WINDOWS\system32\kdosq.exe
O4 - HKLM…\Run: [dswgtqxuzgxpefhu] C:\WINDOWS\System32\regsvr32.exe /s “C:\WINDOWS\system32\qhlamgpeqdghezuwl.dll”
O4 - HKCU…\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU…\Run: [Fraps] C:\PROGRAM FILES\FRAPS\FRAPS.EXE
O4 - HKCU…\Run: [Gadu-Gadu] “C:\Program Files\Gadu-Gadu\gg.exe” /tray
O4 - HKCU…\Run: [DAEMON Tools Lite] “C:\Program Files\DAEMON Tools Lite\daemon.exe” -autorun
O4 - HKCU…\Run: [MSFox] C:\DOCUME~1\Kamil\USTAWI~1\Temp\xxx1373.exe
O4 - HKUS.DEFAULT…\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘Default user’)
O8 - Extra context menu item: &d&ownload &with bitcomet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &d&ownload all video with bitcomet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &d&ownload all with bitcomet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: Ściągnij przy pomocy FlashGet’a - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: Ściągnij wszystko przy pomocy FlashGet’a - C:\Program Files\FlashGet\jc_all.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra ‘Tools’ menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.2.2.28.dll/206 (file missing)
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra ‘Tools’ menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O17 - HKLM\System\CCS\Services\Tcpip…{4A4B16FB-9A21-4066-83C2-E0D6CDABD520}: NameServer = 85.255.112.182;85.255.112.197
O17 - HKLM\System\CCS\Services\Tcpip…{51D714EE-F55D-4610-AA32-3E91B0CDADFF}: NameServer = 195.136.118.2,195.136.250.200
O17 - HKLM\System\CCS\Services\Tcpip…{8EFC973F-23C5-471B-8579-B625C75C68AC}: NameServer = 195.136.118.2,195.136.250.200
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\WINDOWS\system32\Skype4COM.dll
O20 - Winlogon Notify: fsmgmt - C:\WINDOWS\SYSTEM32\fsmgmt.dll
O21 - SSODL: cZnMZRwWHFOrx - {A49FC125-0E35-6B8F-033C-BA5A9BE5E364} - C:\WINDOWS\System32\fuw.dll
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
–
End of file - 6480 bytes