witam,
mój komputer od dłuższego czasu samoistnie, w zasadzie bez przyczyny się wyłącza lub zawiesza. Nie wiem czy to wina jakiegoś wirusa czy sprzętu. Proszę zatem aby ktoś spojrzał na tego loga:
Logfile of Trend Micro HijackThis v2.0.0 (BETA) Scan saved at 09:48:06, on 2007-06-13 Platform: Windows XP (WinNT 5.01.2600) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\System32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\WINDOWS\system32\Ati2evxx.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\SOUNDMAN.EXE C:\WINDOWS\mHotkey.exe C:\WINDOWS\CNYHKey.exe C:\WINDOWS\StopHid.exe C:\Program Files\Creative\Desktop Wireless\mouse_2k.exe C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\DAEMON Tools\daemon.exe C:\Program Files\Winamp\winampa.exe C:\WINDOWS\System32\ctfmon.exe C:\Program Files\Ray Adams\ATI Tray Tools\atitray.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\Program Files\Skype\Phone\Skype.exe C:\WINDOWS\System32\oodag.exe C:\Program Files\Advanced Registry Doctor\RegManServ.exe C:\Program Files\CyberLink\Shared files\RichVideo.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Skype\Plugin Manager\skypePM.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\System32\wuauclt.exe C:\Program Files\Mozilla Thunderbird\thunderbird.exe C:\Program Files\Gadu-Gadu\gg.exe C:\Program Files\Winamp\winamp.exe C:\Program Files\Mozilla Firefox\firefox.exe D:\SYLWICZKA\Adobe Photoshop Pro CS2 v9.0 Full + Keygen\Photoshop.exe C:\DOCUME~1\DAMIEN\USTAWI~1\Temp\Adobelm_Cleanup.0001 C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe C:\DOCUME~1\DAMIEN\USTAWI~1\Temp\Adobelm_Cleanup.0001 D:\SYLWICZKA\HiJackThis_v2\HiJackThis_v2.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.onet.pl R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file) O3 - Toolbar: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL O4 - HKLM…\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM…\Run: [CHotkey] mHotkey.exe O4 - HKLM…\Run: [CNYHKey] CNYHKey.exe O4 - HKLM…\Run: [stopHid] StopHid.exe O4 - HKLM…\Run: [CreativeMouse] C:\Program Files\Creative\Desktop Wireless\mouse_2k.exe O4 - HKLM…\Run: [sunJavaUpdateSched] “C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe” O4 - HKLM…\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM…\Run: [RemoteControl] “C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe” O4 - HKLM…\Run: [LanguageShortcut] “C:\Program Files\CyberLink\PowerDVD\Language\Language.exe” O4 - HKLM…\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM…\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM…\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM…\Run: [DAEMON Tools] “C:\Program Files\DAEMON Tools\daemon.exe” -lang 1033 O4 - HKLM…\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe O4 - HKLM…\Run: [Onet.pl AutoUpdate] “C:\Program Files\Common Files\Onet.pl\NewAutoUpdate.exe” /updateexetsr O4 - HKCU…\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe O4 - HKCU…\Run: [Odkurzacz-MCD] C:\Program Files\Odkurzacz\odk_mcd.exe O4 - HKCU…\Run: [AtiTrayTools] “C:\Program Files\Ray Adams\ATI Tray Tools\atitray.exe” O4 - HKCU…\Run: [Gadu-Gadu] “C:\Program Files\Gadu-Gadu\gg.exe” /tray O4 - HKCU…\Run: [MsnMsgr] “C:\Program Files\MSN Messenger\MsnMsgr.Exe” /background O4 - HKCU…\Run: [skype] “C:\Program Files\Skype\Phone\Skype.exe” /nosplash /minimized O4 - HKUS\S-1-5-19…\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User ‘USŁUGA LOKALNA’) O4 - HKUS\S-1-5-20…\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User ‘USŁUGA SIECIOWA’) O4 - HKUS\S-1-5-18…\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User ‘SYSTEM’) O4 - HKUS.DEFAULT…\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User ‘Default user’) O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O16 - DPF: {5A09E43F-A0A7-4ABF-AF80-11367CF1DC8F} (MainControl Class) - http://mks.com.pl/skaner/SkanerOnline.cab O16 - DPF: {631FF594-EC25-4CFF-B869-402DF294E1D6} (Instalator oprogramowania Onet.pl) - http://slimak.onet.pl/_m/kamerzysta/One … or012s.ocx O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O22 - SharedTaskScheduler: Moduł wstępnego ładowania interfejsu Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll O22 - SharedTaskScheduler: Demon buforu kategorii składników - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\System32\oodag.exe O23 - Service: Registry Management Service (RegManServ) - Unknown owner - C:\Program Files\Advanced Registry Doctor\RegManServ.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe – End of file - 7207 bytes
qrczak13
(qrczak13)
14 Czerwiec 2007 18:52
#2
Usuń w HJT.
Przeskanuj na http://www.virustotal.com/vt/ i wklej raport po skanowaniu.
Po wykonaniu w/w daj log z ComboFix .
ComboFix 07-06-13.3 - C:\Documents and Settings\DAMIEN\Pulpit\ComboFix.exe “DAMIEN” - 2007-06-14 9:39:30 NTFS ((((((((((((((((((((((((( Files Created from 2007-05-14 to 2007-06-14 ))))))))))))))))))))))))))))))) 2007-06-14 09:18 49,152 --a------ C:\WINDOWS\nircmd.exe 2007-06-12 06:40 23,856 --a------ C:\WINDOWS\system32\spupdsvc.exe 2007-06-12 06:38 21,504 --a------ C:\WINDOWS\system32\drivers\motmodem.sys 2007-06-12 06:38 1,419,232 --a------ C:\WINDOWS\system32\wdfcoinstaller01005.dll 2007-06-12 06:38 2007-06-12 06:38 2007-06-12 06:34 2007-06-12 06:33 2007-06-12 06:32 2007-06-12 06:32 2007-06-08 21:42 2007-06-08 21:42 2007-06-08 21:42 2007-06-08 21:42 2007-06-08 21:42 2007-06-07 23:21 2007-06-07 23:21 2007-06-07 23:21 2007-06-07 23:20 2007-05-20 10:48 9,464 --------- C:\WINDOWS\system32\drivers\cdralw2k.sys 2007-05-20 10:48 9,336 --------- C:\WINDOWS\system32\drivers\cdr4_xp.sys 2007-05-20 10:48 129,784 --------- C:\WINDOWS\system32\pxafs.dll 2007-05-18 23:15 (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) 2007-06-13 09:55:14 -------- d-----w C:\DOCUME~1\DAMIEN\DANEAP~1\GanymedeNet 2007-06-13 04:16:24 -------- d-----w C:\Program Files\Mozilla Thunderbird 2007-06-12 04:33:10 -------- d–h--w C:\Program Files\InstallShield Installation Information 2007-06-12 04:15:15 -------- d–h--w C:\Program Files\WindowsUpdate 2007-06-02 20:16:32 -------- d-----w C:\Program Files\OpenOffice.org 2.0.2 2007-06-02 20:13:24 -------- d-----w C:\Program Files\Google 2007-06-01 21:32:39 12,784 ----a-w C:\WINDOWS\mozver.dat 2007-05-28 17:02:32 -------- d-----w C:\DOCUME~1\DAMIEN\DANEAP~1\OpenOffice.org2 2007-05-26 08:44:27 49,492 ----a-w C:\WINDOWS\system32\perfc015.dat 2007-05-26 08:44:27 355,486 ----a-w C:\WINDOWS\system32\perfh015.dat 2007-05-10 16:23:24 -------- d-----w C:\Program Files\Advanced Registry Doctor 2007-05-07 19:21:56 -------- d-----w C:\DOCUME~1\DAMIEN\DANEAP~1\AdobeUM 2007-04-30 15:46:10 745,600 ----a-w C:\WINDOWS\system32\aswBoot.exe 2007-04-30 15:41:55 85,952 ----a-w C:\WINDOWS\system32\drivers\aswmon.sys 2007-04-30 15:41:42 94,552 ----a-w C:\WINDOWS\system32\drivers\aswmon2.sys 2007-04-30 15:39:41 23,416 ----a-w C:\WINDOWS\system32\drivers\aswRdr.sys 2007-04-30 15:38:51 43,176 ----a-w C:\WINDOWS\system32\drivers\aswTdi.sys 2007-04-30 15:37:23 26,888 ----a-w C:\WINDOWS\system32\drivers\aavmker4.sys 2007-04-30 15:35:28 95,872 ----a-w C:\WINDOWS\system32\AVASTSS.scr 2007-03-26 19:37:20 6,653,984 ----a-w C:\Program Files\Firefox Setup 2.0.0.3.exe ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects] {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}=C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2006-01-12 21:38] {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C}=C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL [2006-10-31 08:55] {53707962-6F74-2D53-2644-206D7942484F}=C:\Program Files\Spybot - Search & Destroy\SDHelper.dll [2005-05-31 01:04] {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}=C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll [2007-03-14 03:43] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] “SoundMan”=“SOUNDMAN.EXE” [2004-06-18 10:31 C:\WINDOWS\SOUNDMAN.EXE] “CHotkey”=“mHotkey.exe” [2004-02-23 14:41 C:\WINDOWS\mHotkey.exe] “CNYHKey”=“CNYHKey.exe” [2004-02-23 14:40 C:\WINDOWS\CNYHKey.exe] “StopHid”=“StopHid.exe” [2004-02-23 14:41 C:\WINDOWS\StopHid.exe] “CreativeMouse “=“C:\Program Files\Creative\Desktop Wireless\mouse_2k.exe” [2003-07-31 21:03] “SunJavaUpdateSched”=“C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe” [2007-03-14 03:43] “RemoteControl”=“C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe” [2005-12-07 22:57] “LanguageShortcut”=“C:\Program Files\CyberLink\PowerDVD\Language\Language.exe” [2006-05-18 11:29] “ATIPTA”=“C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe” [2004-06-10 21:10] “avast!”=“C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe” [2007-04-30 17:42] “DAEMON Tools”=“C:\Program Files\DAEMON Tools\daemon.exe” [2006-11-12 12:48] “WinampAgent”=“C:\Program Files\Winamp\winampa.exe” [2007-05-15 00:22] “Onet.pl AutoUpdate”=“C:\Program Files\Common Files\Onet.pl\NewAutoUpdate.exe” [] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] “CTFMON.EXE”=“C:\WINDOWS\System32\ctfmon.exe” [2001-10-30 14:00] “Odkurzacz-MCD”=“C:\Program Files\Odkurzacz\odk_mcd.exe” [2006-07-26 14:23] “AtiTrayTools”=“C:\Program Files\Ray Adams\ATI Tray Tools\atitray.exe” [2004-10-10 19:51] “Gadu-Gadu”=“C:\Program Files\Gadu-Gadu\gg.exe” [2006-11-14 11:12] “MsnMsgr”=“C:\Program Files\MSN Messenger\MsnMsgr.exe” [2006-01-25 06:29] “Skype”=“C:\Program Files\Skype\Phone\Skype.exe” [2007-05-28 14:52] “P2kAutostart”=”” [] ************************************************************************** catchme 0.3.721 W2K/XP/Vista - userland rootkit detector by Gmer, http://www.gmer.net Rootkit scan 2007-06-14 09:39:45 Windows 5.1.2600 NTFS scanning hidden processes … scanning hidden autostart entries … HKCU\Software\Microsoft\Windows\CurrentVersion\Run P2kAutostart = ??? scanning hidden files … scan completed successfully hidden files: 0 ************************************************************************** Completion time: 2007-06-14 9:40:01 C:\ComboFix-quarantined-files.txt … 2007-06-14 09:39 C:\ComboFix2.txt … 2007-06-14 09:19 — E O F —
Złączono Posta : 14.06.2007 (Czw) 21:44
ComboFix 07-06-13.3 - C:\Documents and Settings\DAMIEN\Pulpit\ComboFix.exe “DAMIEN” - 2007-06-14 9:39:30 NTFS ((((((((((((((((((((((((( Files Created from 2007-05-14 to 2007-06-14 ))))))))))))))))))))))))))))))) 2007-06-14 09:18 49,152 --a------ C:\WINDOWS\nircmd.exe 2007-06-12 06:40 23,856 --a------ C:\WINDOWS\system32\spupdsvc.exe 2007-06-12 06:38 21,504 --a------ C:\WINDOWS\system32\drivers\motmodem.sys 2007-06-12 06:38 1,419,232 --a------ C:\WINDOWS\system32\wdfcoinstaller01005.dll 2007-06-12 06:38 2007-06-12 06:38 2007-06-12 06:34 2007-06-12 06:33 2007-06-12 06:32 2007-06-12 06:32 2007-06-08 21:42 2007-06-08 21:42 2007-06-08 21:42 2007-06-08 21:42 2007-06-08 21:42 2007-06-07 23:21 2007-06-07 23:21 2007-06-07 23:21 2007-06-07 23:20 2007-05-20 10:48 9,464 --------- C:\WINDOWS\system32\drivers\cdralw2k.sys 2007-05-20 10:48 9,336 --------- C:\WINDOWS\system32\drivers\cdr4_xp.sys 2007-05-20 10:48 129,784 --------- C:\WINDOWS\system32\pxafs.dll 2007-05-18 23:15 (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) 2007-06-13 09:55:14 -------- d-----w C:\DOCUME~1\DAMIEN\DANEAP~1\GanymedeNet 2007-06-13 04:16:24 -------- d-----w C:\Program Files\Mozilla Thunderbird 2007-06-12 04:33:10 -------- d–h--w C:\Program Files\InstallShield Installation Information 2007-06-12 04:15:15 -------- d–h--w C:\Program Files\WindowsUpdate 2007-06-02 20:16:32 -------- d-----w C:\Program Files\OpenOffice.org 2.0.2 2007-06-02 20:13:24 -------- d-----w C:\Program Files\Google 2007-06-01 21:32:39 12,784 ----a-w C:\WINDOWS\mozver.dat 2007-05-28 17:02:32 -------- d-----w C:\DOCUME~1\DAMIEN\DANEAP~1\OpenOffice.org2 2007-05-26 08:44:27 49,492 ----a-w C:\WINDOWS\system32\perfc015.dat 2007-05-26 08:44:27 355,486 ----a-w C:\WINDOWS\system32\perfh015.dat 2007-05-10 16:23:24 -------- d-----w C:\Program Files\Advanced Registry Doctor 2007-05-07 19:21:56 -------- d-----w C:\DOCUME~1\DAMIEN\DANEAP~1\AdobeUM 2007-04-30 15:46:10 745,600 ----a-w C:\WINDOWS\system32\aswBoot.exe 2007-04-30 15:41:55 85,952 ----a-w C:\WINDOWS\system32\drivers\aswmon.sys 2007-04-30 15:41:42 94,552 ----a-w C:\WINDOWS\system32\drivers\aswmon2.sys 2007-04-30 15:39:41 23,416 ----a-w C:\WINDOWS\system32\drivers\aswRdr.sys 2007-04-30 15:38:51 43,176 ----a-w C:\WINDOWS\system32\drivers\aswTdi.sys 2007-04-30 15:37:23 26,888 ----a-w C:\WINDOWS\system32\drivers\aavmker4.sys 2007-04-30 15:35:28 95,872 ----a-w C:\WINDOWS\system32\AVASTSS.scr 2007-03-26 19:37:20 6,653,984 ----a-w C:\Program Files\Firefox Setup 2.0.0.3.exe ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects] {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}=C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2006-01-12 21:38] {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C}=C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL [2006-10-31 08:55] {53707962-6F74-2D53-2644-206D7942484F}=C:\Program Files\Spybot - Search & Destroy\SDHelper.dll [2005-05-31 01:04] {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}=C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll [2007-03-14 03:43] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] “SoundMan”=“SOUNDMAN.EXE” [2004-06-18 10:31 C:\WINDOWS\SOUNDMAN.EXE] “CHotkey”=“mHotkey.exe” [2004-02-23 14:41 C:\WINDOWS\mHotkey.exe] “CNYHKey”=“CNYHKey.exe” [2004-02-23 14:40 C:\WINDOWS\CNYHKey.exe] “StopHid”=“StopHid.exe” [2004-02-23 14:41 C:\WINDOWS\StopHid.exe] “CreativeMouse “=“C:\Program Files\Creative\Desktop Wireless\mouse_2k.exe” [2003-07-31 21:03] “SunJavaUpdateSched”=“C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe” [2007-03-14 03:43] “RemoteControl”=“C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe” [2005-12-07 22:57] “LanguageShortcut”=“C:\Program Files\CyberLink\PowerDVD\Language\Language.exe” [2006-05-18 11:29] “ATIPTA”=“C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe” [2004-06-10 21:10] “avast!”=“C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe” [2007-04-30 17:42] “DAEMON Tools”=“C:\Program Files\DAEMON Tools\daemon.exe” [2006-11-12 12:48] “WinampAgent”=“C:\Program Files\Winamp\winampa.exe” [2007-05-15 00:22] “Onet.pl AutoUpdate”=“C:\Program Files\Common Files\Onet.pl\NewAutoUpdate.exe” [] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] “CTFMON.EXE”=“C:\WINDOWS\System32\ctfmon.exe” [2001-10-30 14:00] “Odkurzacz-MCD”=“C:\Program Files\Odkurzacz\odk_mcd.exe” [2006-07-26 14:23] “AtiTrayTools”=“C:\Program Files\Ray Adams\ATI Tray Tools\atitray.exe” [2004-10-10 19:51] “Gadu-Gadu”=“C:\Program Files\Gadu-Gadu\gg.exe” [2006-11-14 11:12] “MsnMsgr”=“C:\Program Files\MSN Messenger\MsnMsgr.exe” [2006-01-25 06:29] “Skype”=“C:\Program Files\Skype\Phone\Skype.exe” [2007-05-28 14:52] “P2kAutostart”=”” [] ************************************************************************** catchme 0.3.721 W2K/XP/Vista - userland rootkit detector by Gmer, http://www.gmer.net Rootkit scan 2007-06-14 09:39:45 Windows 5.1.2600 NTFS scanning hidden processes … scanning hidden autostart entries … HKCU\Software\Microsoft\Windows\CurrentVersion\Run P2kAutostart = ??? scanning hidden files … scan completed successfully hidden files: 0 ************************************************************************** Completion time: 2007-06-14 9:40:01 C:\ComboFix-quarantined-files.txt … 2007-06-14 09:39 C:\ComboFix2.txt … 2007-06-14 09:19 — E O F —
qrczak13
(qrczak13)
14 Czerwiec 2007 20:10
#4
Log ok.
Poczytaj o zbędnikach w autostarcie.
Optymalizacja i odchudzanie Windows XP
Jakie masz temperatury, sprawdź Everest Ultimate Edition 3.50 .
Jaki zasilacz i ile Watt?