System alert = zwolniony komp?

anna2204 · 3 Czerwiec 2007 20:43

witam. komp bardzo zwalnia. zainstalowal mi sie “system alert” i za nic nie moge sobie z nim poradzic. zalaczam moj log

Logfile of HijackThis v1.99.1 Scan saved at 22:38:37, on 2007-06-03 Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Video ActiveX Access\iesmn.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\QuickTime\qttask.exe C:\WINDOWS\system32\VTTimer.exe C:\WINDOWS\system32\S3trayp.exe C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\Program Files\Winamp\winampa.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe C:\WINDOWS\system32\ctfmon.exe C:\PROGRA~1\CACHEM~1\CachemanXP.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Canon\CAL\CALMAIN.exe C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\WISPTIS.EXE C:\Program Files\Opera\Opera.exe C:\DOCUME~1\UYT~1\USTAWI~1\Temp\Katalog tymczasowy 2 dla hijackthis.zip\HijackThis.exe C:\Program Files\Gadu-Gadu\gg.exe C:\Program Files\Winamp\winamp.exe C:\DOCUME~1\UYT~1\USTAWI~1\Temp\Katalog tymczasowy 3 dla hijackthis.zip\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mks.com.pl/skaner/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll O2 - BHO: (no name) - {B8C5186E-EC37-4889-9C2E-F73649FFB7BB} - C:\Program Files\Video ActiveX Access\iesplg.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O4 - HKLM…\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM…\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM…\Run: [QuickTime Task] “C:\Program Files\QuickTime\qttask.exe” -atboottime O4 - HKLM…\Run: [VTTimer] VTTimer.exe O4 - HKLM…\Run: [s3Trayp] S3trayp.exe O4 - HKLM…\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM…\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe O4 - HKLM…\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM…\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM…\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe O4 - HKCU…\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU…\Run: [Google Desktop Search] “C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe” /startup O4 - HKCU…\Run: [Gadu-Gadu] “C:\Program Files\Gadu-Gadu\gg.exe” /tray O4 - HKCU…\Run: [Odkurzacz-MCD] C:\Program Files\Odkurzacz\odk_mcd.exe O4 - HKCU…\Run: [internetCalls] “C:\Program Files\InternetCalls.com\InternetCalls\InternetCalls.exe” -nosplash -minimized O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra ‘Tools’ menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra ‘Tools’ menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O12 - Plugin for .WAV: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin.dll O15 - Trusted Zone: http://mks.com.pl O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} (MksSkanerOnline Class) - http://www.mks.com.pl/skaner/SkanerOnline.cab O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: CachemanXP (CachemanXPService) - OuterTechnologies - C:\PROGRA~1\CACHEM~1\CachemanXP.exe O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe

Gutek · 3 Czerwiec 2007 21:04

Użyj SmitFraudFix wybierz opcji nr 2 , oczywiście w trybie awaryjnym i po tym nowe logi z HJT i Silenta

anna2204 · 3 Czerwiec 2007 22:23

zrobilam jak radziles. po SmitFraudFix “system alert” zniknal :). ale komp nadal muli. zalaczam logi z silenta i hjt

“Silent Runners.vbs”, revision R50, http://www.silentrunners.org/ Operating System: Windows XP SP2 Output limited to non-default values, except where indicated by “{++}” Startup items buried in registry: --------------------------------- HKCU\Software\Microsoft\Windows\CurrentVersion\Run\ {++} “CTFMON.EXE” = “C:\WINDOWS\system32\ctfmon.exe” [MS] “Google Desktop Search” = ““C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe” /startup” [null data] “Gadu-Gadu” = ““C:\Program Files\Gadu-Gadu\gg.exe” /tray” [“Gadu-Gadu S.A.”] “Odkurzacz-MCD” = “C:\Program Files\Odkurzacz\odk_mcd.exe” [“Franmo Software”] “InternetCalls” = ““C:\Program Files\InternetCalls.com\InternetCalls\InternetCalls.exe” -nosplash -minimized” [“InternetCalls”] HKLM\Software\Microsoft\Windows\CurrentVersion\Run\ {++} “RTHDCPL” = “RTHDCPL.EXE” [“Realtek Semiconductor Corp.”] “Alcmtr” = “ALCMTR.EXE” [“Realtek Semiconductor Corp.”] “QuickTime Task” = ““C:\Program Files\QuickTime\qttask.exe” -atboottime” [“Apple Computer, Inc.”] “VTTimer” = “VTTimer.exe” [“S3 Graphics, Inc.”] “S3Trayp” = “S3trayp.exe” [“S3 Graphics Co., Ltd.”] “SunJavaUpdateSched” = “C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe” [“Sun Microsystems, Inc.”] “WinampAgent” = “C:\Program Files\Winamp\winampa.exe” [null data] “KernelFaultCheck” = “C:\WINDOWS\system32\dumprep 0 -k” “avast!” = “C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe” [“ALWIL Software”] “HPDJ Taskbar Utility” = “C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe” [“HP”] HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}(Default) = (no title provided) -> {HKLM…CLSID} = “AcroIEHlprObj Class” \InProcServer32(Default) = “C:\Program Files\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll” [“Adobe Systems Incorporated”] {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}(Default) = (no title provided) -> {HKLM…CLSID} = “SSVHelper Class” \InProcServer32(Default) = “C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll” [“Sun Microsystems, Inc.”] {AA58ED58-01DD-4d91-8333-CF10577473F7}(Default) = (no title provided) -> {HKLM…CLSID} = “Google Toolbar Helper” \InProcServer32(Default) = “c:\program files\google\googletoolbar1.dll” [“Google Inc.”] {AE7CD045-E861-484f-8273-0445EE161910}(Default) = (no title provided) -> {HKLM…CLSID} = “AcroIEToolbarHelper Class” \InProcServer32(Default) = “C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll” [null data] HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\ “{42071714-76d4-11d1-8b24-00a0c9068ff3}” = “Rozszerzenie CPL kadrowania wyświetlania” -> {HKLM…CLSID} = “Rozszerzenie CPL kadrowania wyświetlania” \InProcServer32(Default) = “deskpan.dll” [file not found] “{88895560-9AA2-1069-930E-00AA0030EBC8}” = “Rozszerzenie ikony HyperTerminalu” -> {HKLM…CLSID} = “HyperTerminal Icon Ext” \InProcServer32(Default) = “C:\WINDOWS\system32\hticons.dll” [“Hilgraeve, Inc.”] “{00020D75-0000-0000-C000-000000000046}” = “Microsoft Office Outlook Desktop Icon Handler” -> {HKLM…CLSID} = “Microsoft Office Outlook” \InProcServer32(Default) = “C:\PROGRA~1\MICROS~2\OFFICE11\MLSHEXT.DLL” [MS] “{0006F045-0000-0000-C000-000000000046}” = “Microsoft Office Outlook Custom Icon Handler” -> {HKLM…CLSID} = “Rozszerzenie ikon plików programu Outlook” \InProcServer32(Default) = “C:\PROGRA~1\MICROS~2\OFFICE11\OLKFSTUB.DLL” [MS] “{42042206-2D85-11D3-8CFF-005004838597}” = “Microsoft Office HTML Icon Handler” -> {HKLM…CLSID} = (no title provided) \InProcServer32(Default) = “C:\Program Files\Microsoft Office\OFFICE11\msohev.dll” [MS] “{23170F69-40C1-278A-1000-000100020000}” = “7-Zip Shell Extension” -> {HKLM…CLSID} = “7-Zip Shell Extension” \InProcServer32(Default) = “C:\Program Files\7-Zip\7-zip.dll” [“Igor Pavlov”] “{D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802}” = “Adobe.Acrobat.ContextMenu” -> {HKLM…CLSID} = “Acrobat Elements Context Menu” \InProcServer32(Default) = “C:\Program Files\Adobe\Acrobat 6.0\Acrobat Elements\ContextMenu.dll” [“Adobe Systems Inc.”] “{472083B0-C522-11CF-8763-00608CC02F24}” = “avast” -> {HKLM…CLSID} = “avast” \InProcServer32(Default) = “C:\Program Files\Alwil Software\Avast4\ashShell.dll” [“ALWIL Software”] HKLM\Software\Classes\PROTOCOLS\Filter\ <> text/xml\CLSID = “{807553E5-5146-11D5-A672-00B0D022E945}” -> {HKLM…CLSID} = (no title provided) \InProcServer32(Default) = “C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL” [MS] HKLM\Software\Classes*\shellex\ContextMenuHandlers\ 7-Zip(Default) = “{23170F69-40C1-278A-1000-000100020000}” -> {HKLM…CLSID} = “7-Zip Shell Extension” \InProcServer32(Default) = “C:\Program Files\7-Zip\7-zip.dll” [“Igor Pavlov”] Adobe.Acrobat.ContextMenu(Default) = “{D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802}” -> {HKLM…CLSID} = “Acrobat Elements Context Menu” \InProcServer32(Default) = “C:\Program Files\Adobe\Acrobat 6.0\Acrobat Elements\ContextMenu.dll” [“Adobe Systems Inc.”] avast(Default) = “{472083B0-C522-11CF-8763-00608CC02F24}” -> {HKLM…CLSID} = “avast” \InProcServer32(Default) = “C:\Program Files\Alwil Software\Avast4\ashShell.dll” [“ALWIL Software”] HKLM\Software\Classes\Directory\shellex\ContextMenuHandlers\ 7-Zip(Default) = “{23170F69-40C1-278A-1000-000100020000}” -> {HKLM…CLSID} = “7-Zip Shell Extension” \InProcServer32(Default) = “C:\Program Files\7-Zip\7-zip.dll” [“Igor Pavlov”] HKLM\Software\Classes\Folder\shellex\ContextMenuHandlers\ avast(Default) = “{472083B0-C522-11CF-8763-00608CC02F24}” -> {HKLM…CLSID} = “avast” \InProcServer32(Default) = “C:\Program Files\Alwil Software\Avast4\ashShell.dll” [“ALWIL Software”] Group Policies {GPedit.msc branch and setting}: ----------------------------------------------- Note: detected settings may not have any effect. HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System\ “shutdownwithoutlogon” = (REG_DWORD) hex:0x00000001 {Computer Configuration|Windows Settings|Security Settings|Local Policies|Security Options| Shutdown: Allow system to be shut down without having to log on} “undockwithoutlogon” = (REG_DWORD) hex:0x00000001 {Computer Configuration|Windows Settings|Security Settings|Local Policies|Security Options| Devices: Allow undock without having to log on} Active Desktop and Wallpaper: ----------------------------- Active Desktop may be disabled at this entry: HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellState Displayed if Active Desktop enabled and wallpaper not set by Group Policy: HKCU\Software\Microsoft\Internet Explorer\Desktop\General\ “Wallpaper” = “C:\WINDOWS\system32\config\systemprofile\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp” Enabled Screen Saver: --------------------- HKCU\Control Panel\Desktop\ “SCRNSAVE.EXE” = “C:\WINDOWS\System32\logon.scr” [MS] Startup items in “użyt” & “All Users” startup folders: ------------------------------------------------------ C:\Documents and Settings\All Users\Menu Start\Programy\Autostart “Acrobat Assistant” -> shortcut to: “C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe” [“Adobe Systems Inc.”] Winsock2 Service Provider DLLs: ------------------------------- Namespace Service Providers HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries\ {++} 000000000001\LibraryPath = “%SystemRoot%\System32\mswsock.dll” [MS] 000000000002\LibraryPath = “%SystemRoot%\System32\winrnr.dll” [MS] 000000000003\LibraryPath = “%SystemRoot%\System32\mswsock.dll” [MS] Transport Service Providers HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\ {++} 0000000000##\PackedCatalogItem (contains) DLL [Company Name], (at) ## range: %SystemRoot%\system32\mswsock.dll [MS], 01 - 03, 06 - 13 %SystemRoot%\system32\rsvpsp.dll [MS], 04 - 05 Toolbars, Explorer Bars, Extensions: ------------------------------------ Toolbars HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\ “{2318C2B1-4965-11D4-9B18-009027A5CD4F}” -> {HKLM…CLSID} = “&Google” \InProcServer32(Default) = “c:\program files\google\googletoolbar1.dll” [“Google Inc.”] “{47833539-D0C5-4125-9FA8-0819E2EAAC93}” -> {HKLM…CLSID} = “Adobe PDF” \InProcServer32(Default) = “C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll” [null data] HKLM\Software\Microsoft\Internet Explorer\Toolbar\ “{47833539-D0C5-4125-9FA8-0819E2EAAC93}” = (no title provided) -> {HKLM…CLSID} = “Adobe PDF” \InProcServer32(Default) = “C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll” [null data] “{2318C2B1-4965-11D4-9B18-009027A5CD4F}” = (no title provided) -> {HKLM…CLSID} = “&Google” \InProcServer32(Default) = “c:\program files\google\googletoolbar1.dll” [“Google Inc.”] Explorer Bars HKLM\Software\Microsoft\Internet Explorer\Explorer Bars\ {182EC0BE-5110-49C8-A062-BEB1D02A220B}(Default) = (no title provided) -> {HKLM…CLSID} = “Adobe PDF” \InProcServer32(Default) = “C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll” [null data] HKLM\Software\Classes\CLSID{FF059E31-CC5A-4E2E-BF3B-96E929D65503}(Default) = “&Badanie” Implemented Categories{00021493-0000-0000-C000-000000000046}\ [vertical bar] InProcServer32(Default) = “C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL” [MS] Extensions (Tools menu items, main toolbar menu buttons) HKLM\Software\Microsoft\Internet Explorer\Extensions\ {08B0E5C0-4FCB-11CF-AAA5-00401C608501}\ “MenuText” = “Sun Java Console” “CLSIDExtension” = “{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBC}” -> {HKCU…CLSID} = “Java Plug-in” \InProcServer32(Default) = “C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll” [“Sun Microsystems, Inc.”] -> {HKLM…CLSID} = “Java Plug-in 1.5.0_06” \InProcServer32(Default) = “C:\Program Files\Java\jre1.5.0_06\bin\npjpi150_06.dll” [“Sun Microsystems, Inc.”] {92780B25-18CC-41C8-B9BE-3C9C571A8263}\ “ButtonText” = “Badanie” {FB5F1910-F110-11D2-BB9E-00C04F795683}\ “ButtonText” = “Messenger” “MenuText” = “Windows Messenger” “Exec” = “C:\Program Files\Messenger\msmsgs.exe” [MS] Running Services (Display Name, Service Name, Path {Service DLL}): ------------------------------------------------------------------ avast! Antivirus, avast! Antivirus, ““C:\Program Files\Alwil Software\Avast4\ashServ.exe”” [“ALWIL Software”] avast! iAVS4 Control Service, aswUpdSv, ““C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe”” [“ALWIL Software”] avast! Mail Scanner, avast! Mail Scanner, ““C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe” /service” [“ALWIL Software”] avast! Web Scanner, avast! Web Scanner, ““C:\Program Files\Alwil Software\Avast4\ashWebSv.exe” /service” [“ALWIL Software”] CachemanXP, CachemanXPService, “C:\PROGRA~1\CACHEM~1\CachemanXP.exe” [“OuterTechnologies”] Canon Camera Access Library 8, CCALib8, “C:\Program Files\Canon\CAL\CALMAIN.exe” [“Canon Inc.”] Print Monitors: --------------- HKLM\System\CurrentControlSet\Control\Print\Monitors\ Adobe PDF Port\Driver = “C:\WINDOWS\system32\AdobePDF.dll” [“Adobe Systems Incorporated.”] hpzlnt04\Driver = “hpzlnt04.dll” [“HP”] Microsoft Document Imaging Writer Monitor\Driver = “mdimon.dll” [MS] ---------- <>: Suspicious data at a malware launch point. + This report excludes default entries except where indicated. + To see *everywhere* the script checks and *everything* it finds, launch it from a command prompt or a shortcut with the -all parameter. + To search all directories of local fixed drives for DESKTOP.INI DLL launch points, use the -supp parameter or answer “No” at the first message box and “Yes” at the second message box. ---------- (total run time: 59 seconds, including 19 seconds for message boxes)

Logfile of HijackThis v1.99.1 Scan saved at 00:13:19, on 2007-06-04 Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\RTHDCPL.EXE C:\Program Files\QuickTime\qttask.exe C:\WINDOWS\system32\VTTimer.exe C:\WINDOWS\system32\S3trayp.exe C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\Program Files\Winamp\winampa.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Gadu-Gadu\gg.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe C:\PROGRA~1\CACHEM~1\CachemanXP.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Canon\CAL\CALMAIN.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\Winamp\winamp.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\Program Files\Opera\Opera.exe C:\DOCUME~1\UYT~1\USTAWI~1\Temp\Katalog tymczasowy 1 dla hijackthis.zip\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O4 - HKLM…\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM…\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM…\Run: [QuickTime Task] “C:\Program Files\QuickTime\qttask.exe” -atboottime O4 - HKLM…\Run: [VTTimer] VTTimer.exe O4 - HKLM…\Run: [s3Trayp] S3trayp.exe O4 - HKLM…\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM…\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe O4 - HKLM…\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM…\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM…\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe O4 - HKCU…\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU…\Run: [Google Desktop Search] “C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe” /startup O4 - HKCU…\Run: [Gadu-Gadu] “C:\Program Files\Gadu-Gadu\gg.exe” /tray O4 - HKCU…\Run: [Odkurzacz-MCD] C:\Program Files\Odkurzacz\odk_mcd.exe O4 - HKCU…\Run: [internetCalls] “C:\Program Files\InternetCalls.com\InternetCalls\InternetCalls.exe” -nosplash -minimized O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra ‘Tools’ menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra ‘Tools’ menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O12 - Plugin for .WAV: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin.dll O15 - Trusted Zone: http://mks.com.pl O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} (MksSkanerOnline Class) - http://www.mks.com.pl/skaner/SkanerOnline.cab O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: CachemanXP (CachemanXPService) - OuterTechnologies - C:\PROGRA~1\CACHEM~1\CachemanXP.exe O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe

qrczak13 · 3 Czerwiec 2007 22:41

Usuń w HJT.

Daj log z ComboFix.

anna2204 · 3 Czerwiec 2007 23:00

nie mogę pobrac combofix. wyskakuje blad

Gutek · 3 Czerwiec 2007 23:04

Możesz napisać więcej szczegółów co do tego błędu, co wyskakuje?

anna2204 · 3 Czerwiec 2007 23:05

bordowe tło :

404 Not Found

The requested URL ‘/sUBs/combofix.exe’ was not found on this server.

Gutek · 3 Czerwiec 2007 23:09

Pobierz - Combofix

anna2204 · 3 Czerwiec 2007 23:18

juz mi sie udalo:) . oto log

“uľyt” - 2007-06-04 1:11:39 Dodatek Service Pack 2 ComboFix 07-05.27.BV - Running from: “C:\Documents and Settings\uľyt\Pulpit” ((((((((((((((((((((((((((((((( Files Created from 2007-05-03 to 2007-06-03 )))))))))))))))))))))))))))))))))) 2007-06-03 23:38 2007-06-03 23:15 2,656 --a------ C:\WINDOWS\system32\tmp.reg 2007-06-03 23:14 53,248 --a------ C:\WINDOWS\system32\Process.exe 2007-06-03 23:14 51,200 --a------ C:\WINDOWS\system32\dumphive.exe 2007-06-03 23:14 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe 2007-06-01 20:46 2007-06-01 20:45 2007-05-23 19:13 376 --a------ C:\WINDOWS\mozregistry.dat 2007-05-23 19:05 2007-05-23 19:05 2007-05-22 09:39 2007-05-21 20:33 95,872 --a------ C:\WINDOWS\system32\AVASTSS.scr 2007-05-21 20:33 94,552 --a------ C:\WINDOWS\system32\drivers\aswmon2.sys 2007-05-21 20:33 85,952 --a------ C:\WINDOWS\system32\drivers\aswmon.sys 2007-05-21 20:33 745,600 --a------ C:\WINDOWS\system32\aswBoot.exe 2007-05-21 20:33 499,712 --a------ C:\WINDOWS\system32\MSVCP71.dll 2007-05-21 20:33 43,176 --a------ C:\WINDOWS\system32\drivers\aswTdi.sys 2007-05-21 20:33 348,160 --a------ C:\WINDOWS\system32\MSVCR71.dll 2007-05-21 20:33 26,888 --a------ C:\WINDOWS\system32\drivers\aavmker4.sys 2007-05-21 20:33 23,416 --a------ C:\WINDOWS\system32\drivers\aswRdr.sys 2007-05-21 20:33 1,060,864 --a------ C:\WINDOWS\system32\MFC71.dll 2007-05-21 20:32 2007-05-21 20:21 2007-05-21 20:20 2007-05-21 20:20 2007-05-21 20:09 54,784 --a------ C:\WINDOWS\system32\vfwwdm32.dll 2007-05-21 20:09 291,648 -ra------ C:\WINDOWS\system32\drivers\BT848.SYS 2007-05-21 20:06 36,528 --------- C:\WINDOWS\system32\drivers\PxHelp20.sys 2007-05-21 20:06 2,560 --------- C:\WINDOWS\system32\drivers\cdralw2k.sys 2007-05-21 20:06 2,432 --------- C:\WINDOWS\system32\drivers\cdr4_xp.sys 2007-05-21 20:06 129,784 --------- C:\WINDOWS\system32\pxafs.dll 2007-05-21 20:06 115,880 --------- C:\WINDOWS\system32\pxinsi64.exe 2007-05-21 20:05 2007-05-21 20:04 2007-05-21 19:49 2007-05-21 19:46 2007-05-21 19:46 2007-05-21 19:45 2007-05-21 19:44 2007-05-21 18:32 2007-05-21 18:26 2007-05-21 18:20 77,824 --a------ C:\WINDOWS\system32\mplaw7.dll 2007-05-21 18:20 77,824 --a------ C:\WINDOWS\system32\mplaa6.dll 2007-05-21 18:20 761,856 --a------ C:\WINDOWS\system32\xvidcore.dll 2007-05-21 18:20 65,536 --a------ C:\WINDOWS\system32\mplapx.dll 2007-05-21 18:20 65,536 --a------ C:\WINDOWS\system32\mplam6.dll 2007-05-21 18:20 19,968 --a------ C:\WINDOWS\system32\cpuinf32.dll 2007-05-21 18:20 152,064 --a------ C:\WINDOWS\system32\unrar.dll 2007-05-21 18:20 1,650,688 --a------ C:\WINDOWS\system32\mplva6.dll 2007-05-21 18:20 1,581,056 --a------ C:\WINDOWS\system32\mplvw7.dll 2007-05-21 18:20 1,552,384 --a------ C:\WINDOWS\system32\mplvm6.dll 2007-05-21 18:20 1,122,304 --a------ C:\WINDOWS\system32\mplvpx.dll 2007-05-21 18:20 2007-05-21 16:49 2007-05-21 13:23 17,920 --a------ C:\WINDOWS\system32\mdimon.dll 2007-05-21 13:22 2007-05-21 13:21 2007-05-21 13:09 2007-05-21 13:09 2007-05-21 11:22 970,752 -ra------ C:\WINDOWS\system32\S3Chromo.dll 2007-05-21 11:22 792,576 -ra------ C:\WINDOWS\system32\drivers\S3G700m.sys 2007-05-21 11:22 672,768 -ra------ C:\WINDOWS\system32\S3G700.dll 2007-05-21 11:22 6,471,680 -ra------ C:\WINDOWS\system32\s3gogl.dll 2007-05-21 11:22 581,632 -ra------ C:\WINDOWS\system32\S3Disply.dll 2007-05-21 11:22 53,248 -ra------ C:\WINDOWS\system32\VTTimer.exe 2007-05-21 11:22 487,424 -ra------ C:\WINDOWS\system32\S3ovrlay.dll 2007-05-21 11:22 434,176 -ra------ C:\WINDOWS\system32\S3Gamma2.dll 2007-05-21 11:22 368,640 -ra------ C:\WINDOWS\system32\S3Cfg3d.dll 2007-05-21 11:22 319,488 -ra------ C:\WINDOWS\system32\S3Info2.dll 2007-05-21 11:22 2,796,544 -ra------ C:\WINDOWS\system32\s3gcil_inv.dll 2007-05-21 11:22 159,744 -ra------ C:\WINDOWS\system32\S3Trayp.exe 2007-05-21 11:22 1,979,392 -ra------ C:\WINDOWS\system32\s3gcil_csr.dll 2007-05-21 11:12 2007-05-21 00:36 2007-05-21 00:36 2007-05-21 00:36 2007-05-21 00:30 2007-05-21 00:30 2007-05-20 23:37 5,632 --a------ C:\WINDOWS\system32\ptpusb.dll 2007-05-20 23:37 159,232 --a------ C:\WINDOWS\system32\ptpusd.dll 2007-05-20 23:37 15,104 --a------ C:\WINDOWS\system32\drivers\usbscan.sys 2007-05-20 23:33 2007-05-20 23:33 2007-05-20 23:32 86,016 --a------ C:\WINDOWS\unvise32qt.exe 2007-05-20 23:32 2007-05-20 23:32 2007-05-20 23:31 2007-05-20 18:19 664 --a------ C:\WINDOWS\system32\d3d9caps.dat 2007-05-20 17:36 2007-05-20 17:36 2007-05-20 13:13 3,072 --a------ C:\WINDOWS\system32\drivers\audstub.sys 2007-05-20 13:13 25,856 --a------ C:\WINDOWS\system32\drivers\usbprint.sys 2007-05-20 13:12 58,624 --a------ C:\WINDOWS\system32\drivers\redbook.sys 2007-05-20 13:11 77,312 --a------ C:\WINDOWS\system32\usbui.dll 2007-05-20 13:11 46,464 --a------ C:\WINDOWS\system32\drivers\GAGP30KX.SYS 2007-05-20 13:11 27,165 --a------ C:\WINDOWS\system32\drivers\fetnd5.sys 2007-05-20 13:10 2007-05-20 13:10 2007-05-20 13:09 9,936 --a------ C:\WINDOWS\system\LZEXPAND.DLL 2007-05-20 13:09 9,168 --a------ C:\WINDOWS\system\VER.DLL 2007-05-20 13:09 85,532 --a------ C:\WINDOWS\system32\dgsetup.dll 2007-05-20 13:09 83,456 --a------ C:\WINDOWS\system\OLECLI.DLL 2007-05-20 13:09 8,704 --a------ C:\WINDOWS\system32\batt.dll 2007-05-20 13:09 8,192 -ra------ C:\WINDOWS\system32\kbdhept.dll 2007-05-20 13:09 75,776 --a------ C:\WINDOWS\system32\storprop.dll 2007-05-20 13:09 70,144 --a------ C:\WINDOWS\NOTEPAD.EXE 2007-05-20 13:09 70,096 --a------ C:\WINDOWS\system\AVICAP.DLL 2007-05-20 13:09 7,168 --a------ C:\WINDOWS\system32\kbdcz.dll 2007-05-20 13:09 69,552 --a------ C:\WINDOWS\system\MMSYSTEM.DLL 2007-05-20 13:09 6,656 -ra------ C:\WINDOWS\system32\kbdhela3.dll 2007-05-20 13:09 6,656 --a------ C:\WINDOWS\system32\kbdycl.dll 2007-05-20 13:09 6,656 --a------ C:\WINDOWS\system32\kbdsl1.dll 2007-05-20 13:09 6,656 --a------ C:\WINDOWS\system32\kbdsl.dll 2007-05-20 13:09 6,656 --a------ C:\WINDOWS\system32\kbdhu.dll 2007-05-20 13:09 6,656 --a------ C:\WINDOWS\system32\kbdcz2.dll 2007-05-20 13:09 6,656 --a------ C:\WINDOWS\system32\kbdcz1.dll 2007-05-20 13:09 6,656 --a------ C:\WINDOWS\system32\kbdcr.dll 2007-05-20 13:09 6,656 --a------ C:\WINDOWS\system32\KBDAL.DLL 2007-05-20 13:09 6,144 -ra------ C:\WINDOWS\system32\kbdtuq.dll 2007-05-20 13:09 6,144 -ra------ C:\WINDOWS\system32\kbdtuf.dll 2007-05-20 13:09 6,144 -ra------ C:\WINDOWS\system32\kbdlv1.dll 2007-05-20 13:09 6,144 -ra------ C:\WINDOWS\system32\kbdlv.dll 2007-05-20 13:09 6,144 -ra------ C:\WINDOWS\system32\kbdhela2.dll 2007-05-20 13:09 6,144 -ra------ C:\WINDOWS\system32\kbdgkl.dll 2007-05-20 13:09 6,144 -ra------ C:\WINDOWS\system32\kbdest.dll 2007-05-20 13:09 5,632 -ra------ C:\WINDOWS\system32\kbdmon.dll 2007-05-20 13:09 5,632 -ra------ C:\WINDOWS\system32\kbdlt1.dll 2007-05-20 13:09 5,632 -ra------ C:\WINDOWS\system32\kbdlt.dll 2007-05-20 13:09 5,632 -ra------ C:\WINDOWS\system32\kbdkyr.dll 2007-05-20 13:09 5,632 -ra------ C:\WINDOWS\system32\kbdhe319.dll 2007-05-20 13:09 5,632 -ra------ C:\WINDOWS\system32\kbdhe220.dll 2007-05-20 13:09 5,632 -ra------ C:\WINDOWS\system32\kbdhe.dll 2007-05-20 13:09 5,632 -ra------ C:\WINDOWS\system32\kbdazel.dll 2007-05-20 13:09 5,632 --a------ C:\WINDOWS\system32\kbdro.dll 2007-05-20 13:09 5,632 --a------ C:\WINDOWS\system32\kbdhu1.dll 2007-05-20 13:09 5,120 --a------ C:\WINDOWS\system\SHELL.DLL 2007-05-20 13:09 33,376 --a------ C:\WINDOWS\system\COMMDLG.DLL 2007-05-20 13:09 24,661 --a------ C:\WINDOWS\system32\spxcoins.dll 2007-05-20 13:09 24,064 --a------ C:\WINDOWS\system\OLESVR.DLL 2007-05-20 13:09 19,200 --a------ C:\WINDOWS\system\TAPI.DLL 2007-05-20 13:09 176,157 --a------ C:\WINDOWS\system32\dgrpsetu.dll 2007-05-20 13:09 15,360 --a------ C:\WINDOWS\TASKMAN.EXE 2007-05-20 13:09 13,312 --a------ C:\WINDOWS\system32\irclass.dll 2007-05-20 13:09 127,008 --a------ C:\WINDOWS\system\MSVIDEO.DLL 2007-05-20 13:09 11,264 --a------ C:\WINDOWS\system32\drivers\irenum.sys 2007-05-20 13:09 109,488 --a------ C:\WINDOWS\system\AVIFILE.DLL 2007-05-20 13:09 103,424 --a------ C:\WINDOWS\system32\EqnClass.Dll 2007-05-20 13:09 2007-05-20 13:09 2007-05-20 13:09 2007-05-20 13:09 2007-05-20 13:09 2007-05-20 13:09 2007-05-20 13:09 2007-05-20 13:09 2007-05-20 13:09 2007-05-20 13:09 2007-05-20 13:09 2007-05-20 13:09 2007-05-20 13:09 2007-05-20 13:09 2007-05-20 13:09 2007-05-20 13:09 2007-05-20 13:09 2007-05-20 13:08 2007-05-20 13:08 2007-05-20 13:03 2007-05-20 13:03 2007-05-20 13:03 2007-05-20 13:03 2007-05-20 13:03 2007-05-20 13:03 2007-05-20 13:03 2007-05-20 13:03 2007-05-20 13:03 2007-05-20 13:03 2007-05-20 13:03 2007-05-20 13:03 2007-05-20 13:03 2007-05-20 13:03 2007-05-20 13:03 2007-05-20 13:03 2007-05-20 13:03 2007-05-20 13:03 2007-05-20 13:03 2007-05-20 13:03 2007-05-20 13:03 2007-05-20 13:03 2007-05-20 13:03 2007-05-20 13:03 2007-05-20 13:03 2007-05-20 13:03 2007-05-20 13:03 2007-05-20 13:03 2007-05-20 13:03 2007-05-20 13:03 2007-05-20 13:03 2007-05-20 13:03 2007-05-20 13:03 2007-05-20 13:03 2007-05-20 13:03 2007-05-20 13:03 2007-05-20 13:03 2007-05-20 13:03 2007-05-20 13:03 2007-05-20 13:03 2007-05-20 13:03 2007-05-20 13:03 2007-05-20 13:03 2007-05-20 13:03 2007-05-20 13:03 2007-05-20 13:03 2007-05-20 13:03 2007-05-20 13:03 2007-05-20 13:03 2007-05-20 13:03 2007-05-20 13:03 2007-05-20 13:03 2007-05-20 13:03 2007-05-20 13:03 2007-05-20 13:03 2007-05-20 13:03 2007-05-20 13:03 2007-05-20 13:03 2007-05-20 13:03 2007-05-20 13:03 2007-05-20 13:03 2007-05-20 11:58 2007-05-20 11:56 53,693 -ra------ C:\WINDOWS\UNDPX2K.sys 2007-05-20 11:56 15,429 -ra------ C:\WINDOWS\system32\drivers\Sacm2K.sys 2007-05-20 11:56 135,168 -ra------ C:\WINDOWS\UNDPX2K.exe 2007-05-20 11:55 82,944 --a------ C:\WINDOWS\system32\drivers\wdmaud.sys 2007-05-20 11:55 7,552 --a------ C:\WINDOWS\system32\drivers\MSKSSRV.sys 2007-05-20 11:55 60,800 --a------ C:\WINDOWS\system32\drivers\sysaudio.sys 2007-05-20 11:55 6,400 --a------ C:\WINDOWS\system32\drivers\splitter.sys 2007-05-20 11:55 54,272 --a------ C:\WINDOWS\system32\drivers\swmidi.sys 2007-05-20 11:55 52,864 --a------ C:\WINDOWS\system32\drivers\DMusic.sys 2007-05-20 11:55 4,992 --a------ C:\WINDOWS\system32\drivers\MSPQM.sys 2007-05-20 11:55 307,200 --a------ C:\WINDOWS\IsUn0415.exe 2007-05-20 11:55 2,944 --a------ C:\WINDOWS\system32\drivers\drmkaud.sys 2007-05-20 11:55 171,776 --a------ C:\WINDOWS\system32\drivers\kmixer.sys 2007-05-20 11:55 142,464 --a------ C:\WINDOWS\system32\drivers\aec.sys 2007-05-20 11:54 9,712,640 -r------- C:\WINDOWS\RTLCPL.exe 2007-05-20 11:54 86,016 -r------- C:\WINDOWS\SoundMan.exe 2007-05-20 11:54 69,632 -r------- C:\WINDOWS\Alcmtr.exe 2007-05-20 11:54 60,288 --a------ C:\WINDOWS\system32\drivers\drmk.sys 2007-05-20 11:54 5,376 --a------ C:\WINDOWS\system32\drivers\MSPCLOCK.sys 2007-05-20 11:54 40,960 -r------- C:\WINDOWS\system32\ChCfg.exe 2007-05-20 11:54 4,244,480 -r------- C:\WINDOWS\system32\drivers\RtkHDAud.Sys 2007-05-20 11:54 4,096 --a------ C:\WINDOWS\system32\ksuser.dll 2007-05-20 11:54 360,448 -r------- C:\WINDOWS\RtlUpd.exe 2007-05-20 11:54 2,809,856 -r------- C:\WINDOWS\alcwzrd.exe 2007-05-20 11:54 2,158,592 -r------- C:\WINDOWS\MicCal.exe 2007-05-20 11:54 16,006,656 -r------- C:\WINDOWS\RTHDCPL.exe 2007-05-20 11:54 135,168 -r------- C:\WINDOWS\system32\RtlCPAPI.dll 2007-05-20 11:54 2007-05-20 11:53 487,424 -r------- C:\WINDOWS\RtlExUpd.dll 2007-05-20 11:53 22,752 --a------ C:\WINDOWS\system32\spupdsvc.exe 2007-05-20 11:53 2007-05-20 11:51 2007-05-20 11:50 5,824 --a------ C:\WINDOWS\system32\drivers\ASUSHWIO.SYS 2007-05-20 11:50 5,810 -ra------ C:\WINDOWS\system32\drivers\ASACPI.sys 2007-05-20 11:50 43,008 --a------ C:\WINDOWS\system32\drivers\AmdK8.sys 2007-05-20 11:50 2007-05-20 11:50 2007-05-20 11:50 2007-05-20 11:50 2007-05-20 11:50 2007-05-20 11:42 3,145,728 --ah----- C:\Documents and Settings\UYT~1\NTUSER.DAT 2007-05-20 11:42 3,145,728 --ah----- C:\DOCUME~1\UYT~1\NTUSER.DAT 2007-05-20 11:42 2007-05-20 11:42 2007-05-20 11:42 2007-05-20 11:42 2007-05-20 11:42 2007-05-20 11:42 2007-05-20 11:42 2007-05-20 11:42 2007-05-20 11:42 2007-05-20 11:42 2007-05-20 11:42 2007-05-20 11:42 2007-05-20 11:42 2007-05-20 11:42 2007-05-20 11:41 262,144 --ah----- C:\DOCUME~1\NETWOR~1\NTUSER.DAT 2007-05-20 11:41 262,144 --ah----- C:\DOCUME~1\LOCALS~1\NTUSER.DAT 2007-05-20 11:41 2007-05-20 11:41 2007-05-20 11:41 2007-05-20 11:41 2007-05-20 11:41 2007-05-20 11:36 229,376 —h----- C:\DOCUME~1\DEFAUL~1\NTUSER.DAT 2007-05-20 11:36 0 -rahs---- C:\MSDOS.SYS 2007-05-20 11:36 0 -rahs---- C:\IO.SYS 2007-05-20 11:36 0 --a------ C:\CONFIG.SYS 2007-05-20 11:36 0 --a------ C:\AUTOEXEC.BAT 2007-05-20 11:36 2007-05-20 11:36 2007-05-20 11:35 112,128 --a------ C:\WINDOWS\system32\mapi32.dll 2007-05-20 11:34 2007-05-20 11:34 2007-05-20 11:34 2007-05-20 11:34 2007-05-20 11:33 67,584 --a------ C:\WINDOWS\system32\acctres.dll 2007-05-20 11:33 16,384 --a------ C:\WINDOWS\system32\icfgnt5.dll 2007-05-20 11:33 12,288 --a------ C:\WINDOWS\system32\nmevtmsg.dll 2007-05-20 11:33 11,264 --a------ C:\WINDOWS\system32\atrace.dll 2007-05-20 11:33 2007-05-20 11:33 2007-05-20 11:33 2007-05-20 11:33 2007-05-20 11:33 2007-05-20 11:32 86,016 --a------ C:\WINDOWS\system32\isign32.dll 2007-05-20 11:32 81,920 --a------ C:\WINDOWS\system32\ils.dll 2007-05-20 11:32 8,192 --a------ C:\WINDOWS\system32\bitsprx2.dll 2007-05-20 11:32 73,728 --a------ C:\WINDOWS\system32\icwdial.dll 2007-05-20 11:32 73,472 --a------ C:\WINDOWS\system32\drivers\sr.sys 2007-05-20 11:32 7,168 --a------ C:\WINDOWS\system32\bitsprx3.dll 2007-05-20 11:32 69,632 --a------ C:\WINDOWS\system32\msconf.dll 2007-05-20 11:32 678,400 --a------ C:\WINDOWS\system32\inetcomm.dll 2007-05-20 11:32 67,584 --a------ C:\WINDOWS\system32\srclient.dll 2007-05-20 11:32 65,536 --a------ C:\WINDOWS\system32\icwphbk.dll 2007-05-20 11:32 6,656 --a------ C:\WINDOWS\system32\wuauserv.dll 2007-05-20 11:32 49,664 --a------ C:\WINDOWS\system32\inetres.dll 2007-05-20 11:32 45,568 --a------ C:\WINDOWS\system32\safrslv.dll 2007-05-20 11:32 431,616 --a------ C:\WINDOWS\system32\wuapi.dll 2007-05-20 11:32 43,520 --a------ C:\WINDOWS\system32\safrcdlg.dll 2007-05-20 11:32 43,520 --a------ C:\WINDOWS\system32\racpldlg.dll 2007-05-20 11:32 382,464 --a------ C:\WINDOWS\system32\qmgr.dll 2007-05-20 11:32 36,864 --a------ C:\WINDOWS\system32\wups.dll 2007-05-20 11:32 34,560 --a------ C:\WINDOWS\system32\mnmdd.dll 2007-05-20 11:32 32,768 --a------ C:\WINDOWS\system32\mnmsrvc.exe 2007-05-20 11:32 32,768 --a------ C:\WINDOWS\system32\isrdbg32.dll 2007-05-20 11:32 29,696 --a------ C:\WINDOWS\system32\safrdm.dll 2007-05-20 11:32 28,672 --a------ C:\WINDOWS\system32\nmmkcert.dll 2007-05-20 11:32 278,528 --a------ C:\WINDOWS\system32\mstask.dll 2007-05-20 11:32 278,528 --a------ C:\WINDOWS\system32\inetcfg.dll 2007-05-20 11:32 252,928 --a------ C:\WINDOWS\system32\msoeacct.dll 2007-05-20 11:32 240,128 --a------ C:\WINDOWS\system32\srrstr.dll 2007-05-20 11:32 22,528 --a------ C:\WINDOWS\system32\fltMc.exe 2007-05-20 11:32 192,000 --a------ C:\WINDOWS\system32\schedsvc.dll 2007-05-20 11:32 184,320 --a------ C:\WINDOWS\system32\wuaueng1.dll 2007-05-20 11:32 18,944 --a------ C:\WINDOWS\system32\qmgrprxy.dll 2007-05-20 11:32 171,008 --a------ C:\WINDOWS\system32\srsvc.dll 2007-05-20 11:32 168,960 --a------ C:\WINDOWS\system32\wuauclt1.exe 2007-05-20 11:32 16,896 --a------ C:\WINDOWS\system32\fltlib.dll 2007-05-20 11:32 124,800 --a------ C:\WINDOWS\system32\drivers\fltMgr.sys 2007-05-20 11:32 120,320 --a------ C:\WINDOWS\system32\wuweb.dll 2007-05-20 11:32 12,288 --a------ C:\WINDOWS\system32\mstinit.exe 2007-05-20 11:32 113,664 --a------ C:\WINDOWS\system32\wucltui.dll 2007-05-20 11:32 112,128 --a------ C:\WINDOWS\system32\wuauclt.exe 2007-05-20 11:32 105,984 --a------ C:\WINDOWS\system32\msoert2.dll 2007-05-20 11:32 1,134,592 --a------ C:\WINDOWS\system32\wuaueng.dll 2007-05-20 11:32 2007-05-20 11:32 2007-05-20 11:32 2007-05-20 11:31 21,856 --a------ C:\WINDOWS\system32\emptyregdb.dat 2007-05-20 11:31 2007-05-20 11:30 949,248 --a------ C:\WINDOWS\system32\msdtctm.dll 2007-05-20 11:30 94,720 --a------ C:\WINDOWS\system32\tscfgwmi.dll 2007-05-20 11:30 90,112 --a------ C:\WINDOWS\system32\mtxoci.dll 2007-05-20 11:30 9,728 --a------ C:\WINDOWS\system32\reset.exe 2007-05-20 11:30 87,176 --a------ C:\WINDOWS\system32\rdpwsx.dll 2007-05-20 11:30 85,504 --a------ C:\WINDOWS\system32\catsrvps.dll 2007-05-20 11:30 82,432 --a------ C:\WINDOWS\system32\comrepl.dll 2007-05-20 11:30 80,896 --a------ C:\WINDOWS\system32\charmap.exe 2007-05-20 11:30 73,216 --a------ C:\WINDOWS\system32\avwav.dll 2007-05-20 11:30 67,072 --a------ C:\WINDOWS\system32\rdshost.exe 2007-05-20 11:30 655,360 --a------ C:\WINDOWS\system32\mstscax.dll 2007-05-20 11:30 628,224 --a------ C:\WINDOWS\system32\catsrvut.dll 2007-05-20 11:30 62,464 --a------ C:\WINDOWS\system32\rdpclip.exe 2007-05-20 11:30 62,464 --a------ C:\WINDOWS\system32\colbact.dll 2007-05-20 11:30 605,696 --a------ C:\WINDOWS\system32\getuname.dll 2007-05-20 11:30 60,928 --a------ C:\WINDOWS\system32\remotepg.dll 2007-05-20 11:30 6,144 --a------ C:\WINDOWS\system32\msdtc.exe 2007-05-20 11:30 58,880 --a------ C:\WINDOWS\system32\msdtclog.dll 2007-05-20 11:30 58,880 --a------ C:\WINDOWS\system32\licwmi.dll 2007-05-20 11:30 57,344 --a------ C:\WINDOWS\system32\sol.exe 2007-05-20 11:30 56,320 --a------ C:\WINDOWS\system32\servdeps.dll 2007-05-20 11:30 55,808 --a------ C:\WINDOWS\system32\freecell.exe 2007-05-20 11:30 540,160 --a------ C:\WINDOWS\system32\comuid.dll 2007-05-20 11:30 54,272 --a------ C:\WINDOWS\system32\stclient.dll 2007-05-20 11:30 539,136 --a------ C:\WINDOWS\system32\spider.exe 2007-05-20 11:30 501,248 --a------ C:\WINDOWS\system32\clbcatq.dll 2007-05-20 11:30 5,632 --a------ C:\WINDOWS\system32\write.exe 2007-05-20 11:30 5,120 --a------ C:\WINDOWS\system32\dcomcnfg.exe 2007-05-20 11:30 44,544 --a------ C:\WINDOWS\system32\tscupgrd.exe 2007-05-20 11:30 44,544 --a------ C:\WINDOWS\system32\hticons.dll 2007-05-20 11:30 425,472 --a------ C:\WINDOWS\system32\msdtcprx.dll 2007-05-20 11:30 408,576 --a------ C:\WINDOWS\system32\mstsc.exe 2007-05-20 11:30 40,840 --a------ C:\WINDOWS\system32\drivers\termdd.sys 2007-05-20 11:30 4,608 --a------ C:\WINDOWS\system32\rdpcfgex.dll 2007-05-20 11:30 4,096 --a------ C:\WINDOWS\system32\mtxex.dll 2007-05-20 11:30 38,912 --a------ C:\WINDOWS\system32\cfgbkend.dll 2007-05-20 11:30 35,328 --a------ C:\WINDOWS\system32\winchat.exe 2007-05-20 11:30 349,696 --a------ C:\WINDOWS\system32\hypertrm.dll 2007-05-20 11:30 345,088 --a------ C:\WINDOWS\system32\mspaint.exe 2007-05-20 11:30 33,792 --a------ C:\WINDOWS\system32\regini.exe 2007-05-20 11:30 296,448 --a------ C:\WINDOWS\system32\termsrv.dll 2007-05-20 11:30 25,600 --a------ C:\WINDOWS\system32\comaddin.dll 2007-05-20 11:30 25,088 --a------ C:\WINDOWS\system32\mtxlegih.dll 2007-05-20 11:30 231,424 --a------ C:\WINDOWS\system32\avtapi.dll 2007-05-20 11:30 229,888 --a------ C:\WINDOWS\system32\catsrv.dll 2007-05-20 11:30 22,528 --a------ C:\WINDOWS\system32\qwinsta.exe 2007-05-20 11:30 22,528 --a------ C:\WINDOWS\system32\msg.exe 2007-05-20 11:30 21,896 --a------ C:\WINDOWS\system32\drivers\tdtcp.sys 2007-05-20 11:30 20,992 --a------ C:\WINDOWS\system32\qprocess.exe 2007-05-20 11:30 20,480 --a------ C:\WINDOWS\system32\mtxdm.dll 2007-05-20 11:30 196,864 --a------ C:\WINDOWS\system32\drivers\rdpdr.sys 2007-05-20 11:30 19,968 --a------ C:\WINDOWS\system32\rdpsnd.dll 2007-05-20 11:30 187,904 --a------ C:\WINDOWS\system32\cmprops.dll 2007-05-20 11:30 187,904 --a------ C:\WINDOWS\system32\accwiz.exe 2007-05-20 11:30 17,920 --a------ C:\WINDOWS\system32\tsshutdn.exe 2007-05-20 11:30 17,920 --a------ C:\WINDOWS\system32\mmfutil.dll 2007-05-20 11:30 17,408 --a------ C:\WINDOWS\system32\qappsrv.exe 2007-05-20 11:30 161,280 --a------ C:\WINDOWS\system32\msdtcuiu.dll 2007-05-20 11:30 16,384 --a------ C:\WINDOWS\system32\tskill.exe 2007-05-20 11:30 16,384 --a------ C:\WINDOWS\system32\rwinsta.exe 2007-05-20 11:30 16,384 --a------ C:\WINDOWS\system32\avmeter.dll 2007-05-20 11:30 15,872 --a------ C:\WINDOWS\system32\logoff.exe 2007-05-20 11:30 15,872 --a------ C:\WINDOWS\system32\cdmodem.dll 2007-05-20 11:30 15,360 --a------ C:\WINDOWS\system32\tsdiscon.exe 2007-05-20 11:30 15,360 --a------ C:\WINDOWS\system32\tscon.exe 2007-05-20 11:30 15,360 --a------ C:\WINDOWS\system32\shadow.exe 2007-05-20 11:30 147,968 --a------ C:\WINDOWS\system32\rdchost.dll 2007-05-20 11:30 147,456 --a------ C:\WINDOWS\system32\comsnap.dll 2007-05-20 11:30 141,824 --a------ C:\WINDOWS\system32\sessmgr.exe 2007-05-20 11:30 139,400 --a------ C:\WINDOWS\system32\drivers\rdpwd.sys 2007-05-20 11:30 139,264 --a------ C:\WINDOWS\system32\sndvol32.exe 2007-05-20 11:30 132,608 --a------ C:\WINDOWS\system32\sndrec32.exe 2007-05-20 11:30 13,824 --a------ C:\WINDOWS\system32\rdsaddin.exe 2007-05-20 11:30 128,000 --a------ C:\WINDOWS\system32\mshearts.exe 2007-05-20 11:30 124,928 --a------ C:\WINDOWS\system32\mplay32.exe 2007-05-20 11:30 12,040 --a------ C:\WINDOWS\system32\drivers\tdpipe.sys 2007-05-20 11:30 119,808 --a------ C:\WINDOWS\system32\winmine.exe 2007-05-20 11:30 115,200 --a------ C:\WINDOWS\system32\calc.exe 2007-05-20 11:30 110,080 --a------ C:\WINDOWS\system32\clbcatex.dll 2007-05-20 11:30 11,776 --a------ C:\WINDOWS\system32\xolehlp.dll 2007-05-20 11:30 11,264 --a------ C:\WINDOWS\system32\icaapi.dll 2007-05-20 11:30 103,424 --a------ C:\WINDOWS\system32\clipbrd.exe 2007-05-20 11:30 1,251,840 --a------ C:\WINDOWS\system32\comsvcs.dll 2007-05-20 11:30 1,225 --a------ C:\WINDOWS\system32\usrlogon.cmd 2007-05-20 11:30 2007-05-20 11:30 2007-05-20 11:30 2007-05-20 11:30 2007-05-20 11:30 (((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))) 2007-05-26 17:16:07 50,968 ----a-w C:\WINDOWS\system32\perfc015.dat 2007-05-26 17:16:07 359,046 ----a-w C:\WINDOWS\system32\perfh015.dat 2007-05-20 09:33:58 -------- d-----w C:\Program Files\Usługi online 2007-03-15 10:00:36 466,432 ----a-w C:\WINDOWS\system32\SkanerOnline.dll (((((((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))) *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects] {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}=C:\Program Files\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll [2003-05-15 00:47] {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}=C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll [2005-11-10 13:22] {AA58ED58-01DD-4d91-8333-CF10577473F7}=c:\program files\google\googletoolbar1.dll [2006-02-14 20:05] {AE7CD045-E861-484f-8273-0445EE161910}=C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll [2003-05-15 01:03] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] “RTHDCPL”=“RTHDCPL.EXE” [] “QuickTime Task”=“C:\Program Files\QuickTime\qttask.exe” [2007-05-20 23:32] “VTTimer”=“VTTimer.exe” [2005-03-08 21:33 C:\WINDOWS\system32\VTTimer.exe] “S3Trayp”=“S3trayp.exe” [2005-04-05 23:49 C:\WINDOWS\system32\S3Trayp.exe] “SunJavaUpdateSched”=“C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe” [2005-11-10 13:03] “WinampAgent”=“C:\Program Files\Winamp\winampa.exe” [2006-11-21 19:38] “avast!”=“C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe” [2007-04-30 17:42] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] “CTFMON.EXE”=“C:\WINDOWS\system32\ctfmon.exe” [2004-08-04 00:44] “Google Desktop Search”=“C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe” [2007-05-21 00:30] “Gadu-Gadu”=“C:\Program Files\Gadu-Gadu\gg.exe” [2007-05-10 16:36] “Odkurzacz-MCD”=“C:\Program Files\Odkurzacz\odk_mcd.exe” [2007-05-03 10:02] “InternetCalls”=“C:\Program Files\InternetCalls.com\InternetCalls\InternetCalls.exe” [2006-08-25 08:32] HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost *netsvcs* ******************************************************************** catchme 0.3.692 W2K/XP/Vista - userland rootkit detector by Gmer, http://www.gmer.net Rootkit scan 2007-06-04 01:13:09 Windows 5.1.2600 Dodatek Service Pack 2 NTFS scanning hidden processes … scanning hidden autostart entries … scanning hidden files … scan completed successfully hidden files: 0 ******************************************************************** Completion time: 2007-06-04 1:14:21 — E O F —

Gutek · 4 Czerwiec 2007 12:15

Optymalizacja XP: http://forum.dobreprogramy.pl/viewtopic.php?t=76580

anna2204 · 4 Czerwiec 2007 13:59

dzieki za pomoc jest o wiele lepiej