Daję też tutaj bardziej kompletny log z DSS:
Deckard’s System Scanner v20071014.68
Run by Olaf on 2008-05-06 08:19:00
Computer is in Normal Mode.
– HijackThis (run as Olaf.exe) ------------------------------------------------
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 08:19:06, on 2008-05-06
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal
Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\system32\ZoneLabs\vsmon.exe
C:\WINNT\Explorer.EXE
C:\Programy\Alwil Software\Avast4\aswUpdSv.exe
C:\Programy\Alwil Software\Avast4\ashServ.exe
C:\WINNT\system32\spoolsv.exe
C:\Programy\CDBurnerXP\NMSAccessU.exe
C:\Program Files\UPHClean\uphclean.exe
C:\Programy\Alwil Software\Avast4\ashMaiSv.exe
C:\Programy\Alwil Software\Avast4\ashWebSv.exe
C:\Programy\ALWILS~1\Avast4\ashDisp.exe
C:\WINNT\RTHDCPL.EXE
C:\Programy\Spamihilator\spamihilator.exe
C:\Programy\ZoneAlarm\zlclient.exe
C:\Programy\Spybot\TeaTimer.exe
C:\PROGRA~1\Mozilla Firefox\firefox.exe
C:\Programy\dss.exe
C:\Programy\Olaf.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O4 - HKLM…\Run: [avast!] C:\Programy\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM…\Run: [amd_dc_opt] C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe
O4 - HKLM…\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM…\Run: [spamihilator] “C:\Programy\Spamihilator\spamihilator.exe”
O4 - HKLM…\Run: [ZoneAlarm Client] “C:\Programy\ZoneAlarm\zlclient.exe”
O4 - HKCU…\Run: [spybotSD TeaTimer] C:\Programy\Spybot\TeaTimer.exe
O4 - HKUS\S-1-5-19…\Run: [CTFMON.EXE] C:\WINNT\system32\CTFMON.EXE (User ‘USŁUGA LOKALNA’)
O4 - HKUS\S-1-5-19…\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User ‘USŁUGA LOKALNA’)
O4 - HKUS\S-1-5-20…\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User ‘USŁUGA SIECIOWA’)
O4 - HKUS\S-1-5-18…\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User ‘SYSTEM’)
O4 - HKUS.DEFAULT…\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User ‘Default user’)
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra ‘Tools’ menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Programy\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Programy\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Programy\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Programy\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Programy\CDBurnerXP\NMSAccessU.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINNT\system32\ZoneLabs\vsmon.exe
–
End of file - 3800 bytes
– Files created between 2008-04-06 and 2008-05-06 -----------------------------
2008-05-05 21:08:16 0 d-------- C:\WINNT\system32\xircom
2008-05-05 21:08:16 0 d-------- C:\Program Files\msn gaming zone
2008-05-05 21:08:16 0 d-------- C:\Program Files\microsoft frontpage
2008-05-04 09:20:17 1089568 --ahs---- C:\WINNT\system32\drivers\fidbox.dat
2008-05-04 09:17:23 11264 --a------ C:\WINNT\system32\SpOrder.dll
2008-05-04 08:08:16 0 d-------- C:\Program Files\Debugging Tools for Windows (x86)
2008-05-01 12:59:35 0 d-------- C:\Program Files\OpenOffice.ux.pl 2.4.0
2008-05-01 11:37:45 0 d–h----- C:\WINNT$hf_mig$
2008-04-21 19:57:40 665088 --a------ C:\WINNT\system32\spsplib1.dll
– Find3M Report ---------------------------------------------------------------
2008-05-06 08:09:17 0 d-------- C:\Documents and Settings\Olaf.X\Dane aplikacji\Spamihilator
2008-05-05 18:42:32 0 d-------- C:\Documents and Settings\Olaf.X\Dane aplikacji\OpenOffice.ux.pl2
2008-05-04 10:21:48 0 d-------- C:\Documents and Settings\Olaf.X\Dane aplikacji\uTorrent
2008-05-04 09:20:33 4212 —h----- C:\WINNT\system32\zllictbl.dat
2008-05-04 09:14:13 0 d-------- C:\Documents and Settings\Olaf.X\Dane aplikacji\Comodo
2008-05-03 10:11:33 0 d-------- C:\Documents and Settings\Olaf.X\Dane aplikacji\gtk-2.0
2008-05-02 08:04:19 0 d-------- C:\Documents and Settings\Olaf.X\Dane aplikacji\Auslogics
2008-05-01 12:59:25 0 d-------- C:\Program Files\Java
2008-05-01 12:36:53 454522 --a------ C:\WINNT\system32\perfh015.dat
2008-05-01 12:36:53 76428 --a------ C:\WINNT\system32\perfc015.dat
2008-04-01 14:29:37 0 d-------- C:\Documents and Settings\Olaf.X\Dane aplikacji\Tlen.pl
2008-03-31 21:58:09 0 d-------- C:\Documents and Settings\Olaf.X\Dane aplikacji\FileZilla
2008-03-30 15:53:40 0 d-------- C:\Program Files\Windows Media Connect 2
2008-03-30 11:44:24 892928 --a------ C:\WINNT\system32\iconv.dll
2008-03-30 11:44:12 755027 --a------ C:\WINNT\system32\xvidcore.dll
2008-03-29 15:08:48 25992 --a------ C:\WINNT\system32\pgdfgsvc.exe http://www.sysinternals.com; Page File Defragmenter>
2008-03-27 09:51:06 0 d-------- C:\Program Files\GIGABYTE
2008-03-21 10:36:00 0 d-------- C:\Documents and Settings\Olaf.X\Dane aplikacji\DeepBurner
2008-03-18 17:39:57 0 d-------- C:\Documents and Settings\Olaf.X\Dane aplikacji\Real
2008-03-18 17:13:51 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-03-18 16:21:26 0 d-------- C:\Documents and Settings\Olaf.X\Dane aplikacji\Mozilla
2008-03-18 13:34:52 0 d-------- C:\Documents and Settings\Olaf.X\Dane aplikacji\CDBurnerXP_Soft
2008-03-11 18:59:27 0 d-------- C:\Documents and Settings\Olaf.X\Dane aplikacji\KompoZer
2008-03-11 14:26:53 1736 --a------ C:\WINNT\unins001.dat
2008-03-06 18:44:11 0 d-------- C:\Documents and Settings\Olaf.X\Dane aplikacji\Adobe
2008-02-08 14:12:37 3443 --a------ C:\WINNT\unins000.dat
2008-02-08 14:11:59 691545 --a------ C:\WINNT\unins000.exe
– Registry Dump ---------------------------------------------------------------
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
“avast!”=“C:\Programy\ALWILS~1\Avast4\ashDisp.exe” [2008-03-29 19:37]
“amd_dc_opt”=“C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe” [2006-11-17 16:49]
“RTHDCPL”=“RTHDCPL.EXE” [2007-10-16 19:30 C:\WINNT\RTHDCPL.exe]
“Spamihilator”=“C:\Programy\Spamihilator\spamihilator.exe” [2008-04-21 20:00]
“ZoneAlarm Client”=“C:\Programy\ZoneAlarm\zlclient.exe” [2008-04-02 21:07]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
“SpybotSD TeaTimer”=“C:\Programy\Spybot\TeaTimer.exe” [2008-01-28 12:43]
[HKEY_USERS.default\software\microsoft\windows\currentversion\runonce]
“tscuninstall”=%systemroot%\system32\tscupgrd.exe
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@=“Service”
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users.WINNT^Menu Start^Programy^Autostart^Adobe Reader Speed Launch.lnk]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users.WINNT^Menu Start^Programy^Autostart^Microsoft Office.lnk]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Olaf.X^Menu Start^Programy^Autostart^HDDlife.lnk]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 7.0]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr]
ALCMTR.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATICCC]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
C:\WINNT\system32\ctfmon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EasyTuneVPro]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
“C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe” -startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
“C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe” -start
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
%systemroot%\system32\dumprep 0 -k
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\WINNT\system32\NeroCheck.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PowerS]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
“C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe”
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UnlockerAssistant]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\updateMgr]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
“ALG”=3 (0x3)
“Ati HotKey Poller”=2 (0x2)
“ATI Smart”=2 (0x2)
“aawservice”=2 (0x2)
– End of Deckard’s System Scanner: finished at 2008-05-06 08:19:32 ------------
Jest coś tu nie tak?
Czyli jak mam rozumieć nikt nie ma żadnych pomysłów na mój problem? ;-(
Bardzo bym prosił o pomoc…
Jedynym wyjściem jest wtedy ponowne uruchomienie komputera i wtedy wybór użytkownika, bo nie pyta się o żadnego hasło. Wiecie co to może powodować i jak to naprawić?