Wolny start i częsty reset

anon96711983 · 3 Sierpień 2007 20:53

Komputer długo się uruchamia. CzęLogfile of HijackThis v1.99.1

Scan saved at 00:03, on 2004-06-17

Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\SYSTEM32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

C:\Program Files\Alwil Software\Avast4\ashServ.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

C:\WINDOWS\system32\wuauclt.exe

D:\HijackThis.exe


R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.allegro.pl/

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = L1cza

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204

O16 - DPF: {474F00F5-3853-492C-AC3A-476512BBC336} (UploadListView Class) - http://picasaweb.google.pl/s/v/22.18/uploader2.cab

O16 - DPF: {512FC5A1-7DE1-43F1-BC0C-371622FCB409} (Installer Class) - http://www.nanoscan.com/as/v1/cabs/ascinstie.cab

O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab

O16 - DPF: {CE1F7381-100B-4ED9-8C41-0B282C18E924} - http://www.getionary.pl/cab/getionaryPL.cab

O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) - http://driveragent.com/files/driveragent.cab

O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll

O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll

O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)

O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe


sty reset.Prosze o sprawdzenie loga.

Joan · 4 Sierpień 2007 00:11

podaj konfigurację, może to wina temperatur > EVEREST Home Edition

Zdejmij reset na rzecz BSOD w Panelu sterowania > System > Zaawansowane > Uruchamianie i odzyskiwanie > odptaszyć Automatycznie uruchom ponownie. Jak system wyświetli BSODa, spiszesz z niego dane (kod błędu z nazwą pliku pod spodem) i wrzucisz je tutaj.

Zmień temat na konkretny, inaczej kosz

anon96711983 · 4 Sierpień 2007 11:20

Sytuacja nie zmienia się a do tego dochodzi jeszcze zbyt dużo błedów w rejestrze. Przeskanowałem kompa programem Error reg i wykazał mi 127 złych wpisów w rejestrze i nie mogę naprawić bo to jest program Demo. :o

LostWorld · 4 Sierpień 2007 11:42

Czyszczenie rejestru:

Opis RegCleaner - http://www.agavk.p9.pl/strony/progra_regcleaner.php

RegCleaner - http://www.dobreprogramy.pl/index.php?dz=2&t=29&id=177

albo

jv16 PowerTools - http://www.dobreprogramy.pl/index.php?dz=2&t=29&id=509

RegSeeker + Opis

Tak nawiasem rzecz mówiąc doinstaluj jakiegoś firewall’a.

anon96711983 · 8 Sierpień 2007 19:48

Nie ma chetego aby sprawdził loga?

Złączono Posta : 08.08.2007 (Sro) 20:49

Nie ma chętnego aby sprawdził loga?

LostWorld · 8 Sierpień 2007 19:56

rencista jest okej.

Kuba11 · 8 Sierpień 2007 20:05

rencista dołącz logi z ComboFix i Silentrunners.

anon96711983 · 8 Sierpień 2007 20:44

“Silent Runners.vbs”, revision R50, http://www.silentrunners.org/ Operating System: Windows XP SP2 Output limited to non-default values, except where indicated by “{++}” Startup items buried in registry: --------------------------------- HKLM\Software\Microsoft\Windows\CurrentVersion\Run\ {++} “00PCTFW” = ““C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe” -s” [“PC Tools”] “PCSuiteTrayApplication” = “C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup” [“Nokia”] HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}(Default) = (no title provided) -> {HKLM…CLSID} = “AcroIEHlprObj Class” \InProcServer32(Default) = “C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll” [“Adobe Systems Incorporated”] {53707962-6F74-2D53-2644-206D7942484F}(Default) = (no title provided) -> {HKLM…CLSID} = (no title provided) \InProcServer32(Default) = “C:\Program Files\Spybot - Search & Destroy\SDHelper.dll” [“Safer Networking Limited”] {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}(Default) = (no title provided) -> {HKLM…CLSID} = “SSVHelper Class” \InProcServer32(Default) = “C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll” [“Sun Microsystems, Inc.”] HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\ “{42071714-76d4-11d1-8b24-00a0c9068ff3}” = “Rozszerzenie CPL kadrowania wyświetlania” -> {HKLM…CLSID} = “Rozszerzenie CPL kadrowania wyświetlania” \InProcServer32(Default) = “deskpan.dll” [file not found] “{88895560-9AA2-1069-930E-00AA0030EBC8}” = “Rozszerzenie ikony HyperTerminalu” -> {HKLM…CLSID} = “HyperTerminal Icon Ext” \InProcServer32(Default) = “C:\WINDOWS\system32\hticons.dll” [“Hilgraeve, Inc.”] “{3028902F-6374-48b2-8DC6-9725E775B926}” = “IE Microsoft AutoComplete” -> {HKLM…CLSID} = “IE Microsoft AutoComplete” \InProcServer32(Default) = “C:\WINDOWS\system32\browseui.dll” [MS] “{EFA24E62-B078-11d0-89E4-00C04FC9E26E}” = “History Band” -> {HKLM…CLSID} = “History Band” \InProcServer32(Default) = “C:\WINDOWS\system32\shdocvw.dll” [MS] “{B41DB860-8EE4-11D2-9906-E49FADC173CA}” = “WinRAR shell extension” -> {HKLM…CLSID} = “WinRAR” \InProcServer32(Default) = “C:\Program Files\WinRAR\rarext.dll” [null data] “{e57ce731-33e8-4c51-8354-bb4de9d215d1}” = “Uniwersalne urządzenia Plug and Play” -> {HKLM…CLSID} = “Uniwersalne urządzenia Plug and Play” \InProcServer32(Default) = “C:\WINDOWS\system32\upnpui.dll” [MS] “{472083B0-C522-11CF-8763-00608CC02F24}” = “avast” -> {HKLM…CLSID} = “avast” \InProcServer32(Default) = “C:\Program Files\Alwil Software\Avast4\ashShell.dll” [“ALWIL Software”] “{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}” = “OpenOffice.org Column Handler” -> {HKLM…CLSID} = (no title provided) \InProcServer32(Default) = ““C:\Program Files\OpenOffice.ux.pl 2.2.0\program\shlxthdl.dll”” [“Sun Microsystems, Inc.”] “{087B3AE3-E237-4467-B8DB-5A38AB959AC9}” = “OpenOffice.org Infotip Handler” -> {HKLM…CLSID} = (no title provided) \InProcServer32(Default) = ““C:\Program Files\OpenOffice.ux.pl 2.2.0\program\shlxthdl.dll”” [“Sun Microsystems, Inc.”] “{3B092F0C-7696-40E3-A80F-68D74DA84210}” = “OpenOffice.org Thumbnail Viewer” -> {HKLM…CLSID} = (no title provided) \InProcServer32(Default) = ““C:\Program Files\OpenOffice.ux.pl 2.2.0\program\shlxthdl.dll”” [“Sun Microsystems, Inc.”] “{416651E4-9C3C-11D9-8BDE-F66BAD1E3F3A}” = “Nokia Phone Browser” -> {HKLM…CLSID} = “Nokia Phone Browser” \InProcServer32(Default) = “C:\Program Files\Nokia\Nokia PC Suite 6\PhoneBrowser.dll” [“Nokia”] “{42042206-2D85-11D3-8CFF-005004838597}” = “Microsoft Office HTML Icon Handler” -> {HKLM…CLSID} = (no title provided) \InProcServer32(Default) = “C:\Program Files\Microsoft Office\OFFICE11\msohev.dll” [MS] HKLM\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\ “WPDShServiceObj” = “{AAA288BA-9A4C-45B0-95D7-94D524869DB5}” -> {HKLM…CLSID} = “WPDShServiceObj Class” \InProcServer32(Default) = “C:\WINDOWS\system32\WPDShServiceObj.dll” [MS] HKLM\Software\Classes\Folder\shellex\ColumnHandlers\ {C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}(Default) = “OpenOffice.org Column Handler” -> {HKLM…CLSID} = (no title provided) \InProcServer32(Default) = ““C:\Program Files\OpenOffice.ux.pl 2.2.0\program\shlxthdl.dll”” [“Sun Microsystems, Inc.”] HKLM\Software\Classes*\shellex\ContextMenuHandlers\ avast(Default) = “{472083B0-C522-11CF-8763-00608CC02F24}” -> {HKLM…CLSID} = “avast” \InProcServer32(Default) = “C:\Program Files\Alwil Software\Avast4\ashShell.dll” [“ALWIL Software”] Picajet Organizer(Default) = “{C916D440-D489-4A79-B306-5FDC1E7932C0}” -> {HKLM…CLSID} = “PicaJet Shell Extension” \InProcServer32(Default) = “C:\PROGRA~1\PicaJet\PJExt.dll” [null data] WinRAR(Default) = “{B41DB860-8EE4-11D2-9906-E49FADC173CA}” -> {HKLM…CLSID} = “WinRAR” \InProcServer32(Default) = “C:\Program Files\WinRAR\rarext.dll” [null data] HKLM\Software\Classes\Directory\shellex\ContextMenuHandlers\ WinRAR(Default) = “{B41DB860-8EE4-11D2-9906-E49FADC173CA}” -> {HKLM…CLSID} = “WinRAR” \InProcServer32(Default) = “C:\Program Files\WinRAR\rarext.dll” [null data] HKLM\Software\Classes\Folder\shellex\ContextMenuHandlers\ avast(Default) = “{472083B0-C522-11CF-8763-00608CC02F24}” -> {HKLM…CLSID} = “avast” \InProcServer32(Default) = “C:\Program Files\Alwil Software\Avast4\ashShell.dll” [“ALWIL Software”] Picajet Organizer(Default) = “{C916D440-D489-4A79-B306-5FDC1E7932C0}” -> {HKLM…CLSID} = “PicaJet Shell Extension” \InProcServer32(Default) = “C:\PROGRA~1\PicaJet\PJExt.dll” [null data] WinRAR(Default) = “{B41DB860-8EE4-11D2-9906-E49FADC173CA}” -> {HKLM…CLSID} = “WinRAR” \InProcServer32(Default) = “C:\Program Files\WinRAR\rarext.dll” [null data] Group Policies {policy setting}: -------------------------------- Note: detected settings may not have any effect. HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\ “NoSaveSettings” = (REG_BINARY) hex:00 00 00 00 {Don’t save settings at exit} “ClearRecentDocsOnExit” = (REG_BINARY) hex:00 00 00 00 00 00 00 00 {unrecognized setting} HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System\ “shutdownwithoutlogon” = (REG_DWORD) hex:0x00000001 {Shutdown: Allow system to be shut down without having to log on} “undockwithoutlogon” = (REG_DWORD) hex:0x00000001 {Devices: Allow undock without having to log on} Active Desktop and Wallpaper: ----------------------------- Active Desktop may be disabled at this entry: HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellState Displayed if Active Desktop enabled and wallpaper not set by Group Policy: HKCU\Software\Microsoft\Internet Explorer\Desktop\General\ “Wallpaper” = “C:\WINDOWS\system32\config\systemprofile\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp” Displayed if Active Desktop disabled and wallpaper not set by Group Policy: HKCU\Control Panel\Desktop\ “Wallpaper” = “C:\Documents and Settings\Ryszard Zieliński\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp” Winsock2 Service Provider DLLs: ------------------------------- Namespace Service Providers HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries\ {++} 000000000001\LibraryPath = “%SystemRoot%\System32\mswsock.dll” [MS] 000000000002\LibraryPath = “%SystemRoot%\System32\winrnr.dll” [MS] 000000000003\LibraryPath = “%SystemRoot%\System32\mswsock.dll” [MS] 000000000004\LibraryPath = “C:\WINDOWS\system32\pnrpnsp.dll” [MS] 000000000005\LibraryPath = “C:\WINDOWS\system32\pnrpnsp.dll” [MS] Transport Service Providers HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\ {++} 0000000000##\PackedCatalogItem (contains) DLL [Company Name], (at) ## range: %SystemRoot%\system32\mswsock.dll [MS], 01 - 03, 06 - 30 %SystemRoot%\system32\rsvpsp.dll [MS], 04 - 05 Toolbars, Explorer Bars, Extensions: ------------------------------------ Extensions (Tools menu items, main toolbar menu buttons) HKLM\Software\Microsoft\Internet Explorer\Extensions\ {08B0E5C0-4FCB-11CF-AAA5-00401C608501}\ “MenuText” = “Sun Java Console” “CLSIDExtension” = “{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBC}” -> {HKCU…CLSID} = “Java Plug-in 1.6.0_01” \InProcServer32(Default) = “C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll” [“Sun Microsystems, Inc.”] -> {HKLM…CLSID} = “Java Plug-in 1.6.0_01” \InProcServer32(Default) = “C:\Program Files\Java\jre1.6.0_01\bin\npjpi160_01.dll” [“Sun Microsystems, Inc.”] Running Services (Display Name, Service Name, Path {Service DLL}): ------------------------------------------------------------------ avast! Antivirus, avast! Antivirus, ““C:\Program Files\Alwil Software\Avast4\ashServ.exe”” [“ALWIL Software”] avast! iAVS4 Control Service, aswUpdSv, ““C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe”” [“ALWIL Software”] avast! Mail Scanner, avast! Mail Scanner, ““C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe” /service” [“ALWIL Software”] avast! Web Scanner, avast! Web Scanner, ““C:\Program Files\Alwil Software\Avast4\ashWebSv.exe” /service” [“ALWIL Software”] PC Tools Firewall Plus, PCToolsFirewallPlus, “C:\Program Files\PC Tools Firewall Plus\FWService.exe” [“PC Tools”] ServiceLayer, ServiceLayer, ““C:\Program Files\PC Connectivity Solution\ServiceLayer.exe”” [“Nokia.”] Usługa Pomocnik IPv6, 6to4, “C:\WINDOWS\system32\svchost.exe -k netsvcs” {“C:\WINDOWS\System32\6to4svc.dll” [MS]} Windows Driver Foundation - User-mode Driver Framework, WudfSvc, “C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup” {“C:\WINDOWS\System32\WUDFSvc.dll” [MS]} Print Monitors: --------------- HKLM\System\CurrentControlSet\Control\Print\Monitors\ Canon BJ Language Monitor PIXMA iP2000\Driver = “CNMLM66.DLL” [“CANON INC.”] ---------- + This report excludes default entries except where indicated. + To see *everywhere* the script checks and *everything* it finds, launch it from a command prompt or a shortcut with the -all parameter. + The search for DESKTOP.INI DLL launch points on all local fixed drives took 57 seconds. ---------- (total run time: 161 seconds)

Kuba11 · 8 Sierpień 2007 20:49

Jest Ok,daj ComboFix.

anon96711983 · 8 Sierpień 2007 20:53

ComboFix 07-06-13.3 - E:\Instalki\ComboFix.exe “Ryszard Zieliäski” - 2004-06-17 0:06:33 - Dodatek Service Pack 2 NTFS ((((((((((((((((((((((((( Files Created from 2004-05-16 to 2004-06-16 ))))))))))))))))))))))))))))))) 2004-06-22 13:45 2004-06-22 13:33 2004-06-20 10:01 2004-06-20 09:06 234 --a------ C:\WINDOWS\system32\WMV9VCM.dll 2004-06-20 09:06 234 --a------ C:\WINDOWS\system32\vorbisenc.dll 2004-06-20 09:06 234 --a------ C:\WINDOWS\system32\vorbis.dll 2004-06-20 09:06 234 --a------ C:\WINDOWS\system32\OggDS.dll 2004-06-20 09:06 234 --a------ C:\WINDOWS\system32\ogg.dll 2004-06-20 09:05 234 --a------ C:\WINDOWS\system32\mplvpx.dll 2004-06-20 09:05 234 --a------ C:\WINDOWS\system32\DivX.dll 2004-06-20 09:05 234 --a------ C:\WINDOWS\system32\cpuinf32.dll 2004-06-19 23:13 2004-06-19 23:13 2004-06-19 23:01 2004-06-19 06:40 2004-06-19 06:40 2004-06-19 04:24 208,384 --a------ C:\WINDOWS\ADS.exe 2004-06-19 04:22 2004-06-18 23:58 2004-06-18 05:17 2004-06-18 04:34 2004-06-18 04:33 545 --a------ C:\WINDOWS\UC.PIF 2004-06-18 04:33 545 --a------ C:\WINDOWS\RAR.PIF 2004-06-18 04:33 545 --a------ C:\WINDOWS\PKZIP.PIF 2004-06-18 04:33 545 --a------ C:\WINDOWS\PKUNZIP.PIF 2004-06-18 04:33 545 --a------ C:\WINDOWS\NOCLOSE.PIF 2004-06-18 04:33 545 --a------ C:\WINDOWS\LHA.PIF 2004-06-18 04:33 545 --a------ C:\WINDOWS\ARJ.PIF 2004-06-18 04:33 2004-06-17 19:15 2004-06-17 18:42 2004-06-17 18:41 1,073,664 --a------ C:\Program Files\drtweakxp1.75.exe 2004-06-17 18:24 48,640 -ra------ C:\WINDOWS\system32\drivers\ser2pl.sys 2004-06-17 17:12 2004-06-17 17:12 2004-06-17 17:12 2004-06-17 15:44 2004-06-17 15:43 0 -rahs---- C:\MSDOS.SYS 2004-06-17 15:43 0 -rahs---- C:\IO.SYS 2004-06-17 15:43 0 --a------ C:\WINDOWS\nsreg.dat 2004-06-17 15:43 0 --a------ C:\CONFIG.SYS 2004-06-17 15:43 0 --a------ C:\AUTOEXEC.BAT 2004-06-17 15:41 55,904 --a------ C:\WINDOWS\system32\drivers\pctfw.sys 2004-06-17 15:41 100,448 --a------ C:\WINDOWS\system32\drivers\pctfw1.sys 2004-06-17 15:41 2004-06-17 15:25 2004-06-17 15:03 2004-06-17 14:39 2004-06-17 10:57 2004-06-17 10:41 831,048 --a------ C:\WINDOWS\system32\WudfUpdate_01005.dll 2004-06-17 10:41 2004-06-17 10:28 2004-06-17 10:28 2004-06-17 10:27 2004-06-17 10:27 2004-06-17 10:26 90,624 --a------ C:\WINDOWS\system32\nmwcdcls.dll 2004-06-17 10:26 2004-06-17 10:25 2004-06-17 09:42 89,728 --a------ C:\WINDOWS\system32\drivers\usbvsp.sys 2004-06-17 09:40 2004-06-17 09:40 2004-06-17 06:52 2004-06-17 03:36 8,704 --a------ C:\WINDOWS\system32\kbdjpn.dll 2004-06-17 03:36 8,192 --a------ C:\WINDOWS\system32\kbdkor.dll 2004-06-17 03:36 6,144 --a------ C:\WINDOWS\system32\kbd106.dll 2004-06-17 03:36 6,144 --a------ C:\WINDOWS\system32\kbd101c.dll 2004-06-17 03:36 6,144 --a------ C:\WINDOWS\system32\kbd101b.dll 2004-06-17 03:36 5,632 --a------ C:\WINDOWS\system32\kbd103.dll 2004-06-17 01:02 73,216 --a------ C:\WINDOWS\ST6UNST.EXE 2004-06-17 01:02 249,856 --------- C:\WINDOWS\Setup1.exe 2004-06-17 00:42 2004-06-17 00:34 2004-06-17 00:33 (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) 2007-07-27 22:07:21 783,224 ----a-w C:\WINDOWS\system32\aswBoot.exe 2007-07-27 22:02:49 92,848 ----a-w C:\WINDOWS\system32\drivers\aswmon.sys 2007-07-27 22:02:34 94,416 ----a-w C:\WINDOWS\system32\drivers\aswmon2.sys 2007-07-27 22:00:39 23,152 ----a-w C:\WINDOWS\system32\drivers\aswRdr.sys 2007-07-27 21:59:57 42,912 ----a-w C:\WINDOWS\system32\drivers\aswTdi.sys 2007-07-27 21:58:36 26,624 ----a-w C:\WINDOWS\system32\drivers\aavmker4.sys 2007-07-27 21:57:49 95,608 ----a-w C:\WINDOWS\system32\AVASTSS.scr 2007-07-02 17:35:02 -------- d-----w C:\DOCUME~1\RYSZAR~1\DANEAP~1\OpenOffice.ux.pl2 2007-06-26 18:20:10 -------- d-----w C:\Program Files\WinASO 2007-06-26 18:11:14 23 --sha-w C:\WINDOWS\system32\cdbcdcdd4_r.dll 2007-06-26 17:27:10 -------- d-----w C:\Program Files\XP Codec Pack 2007-06-26 14:42:34 -------- d-----w C:\Program Files\Futuremark 2007-06-22 13:16:02 -------- d-----w C:\Program Files\RegSeeker 2007-06-22 13:02:20 -------- d-----w C:\DOCUME~1\RYSZAR~1\DANEAP~1\Uniblue 2007-06-22 12:39:17 23,600 ----a-w C:\WINDOWS\system32\drivers\TVICHW32.SYS 2007-06-20 11:28:58 -------- d-----w C:\Program Files\Messenger 2007-06-19 16:52:14 -------- d-----w C:\Program Files\Google 2007-06-14 20:16:27 8,773 ----a-w C:\dnsbak.reg 2007-06-14 15:39:46 -------- d-----w C:\DOCUME~1\RYSZAR~1\DANEAP~1\Draco Organizer 2007-06-07 19:10:48 20,480 ----a-w C:\WINDOWS\system32\ac3config.exe 2007-06-03 16:51:47 -------- d-----w C:\Program Files\Ahead 2007-06-03 16:50:43 -------- d-----w C:\Program Files\LanHelper 2007-06-01 21:24:13 -------- d-----w C:\Program Files\Nsauditor 2007-06-01 21:14:25 -------- d-----w C:\Program Files\Windows Communicator 2007-06-01 19:31:56 -------- d-----w C:\DOCUME~1\RYSZAR~1\DANEAP~1\Windows Communicator 2007-05-29 15:31:19 -------- d-----w C:\DOCUME~1\RYSZAR~1\DANEAP~1\Gadu-Gadu 2007-05-29 15:07:12 -------- d-----w C:\Program Files\Gadu-Gadu 2007-05-16 15:18:58 683,520 ----a-w C:\WINDOWS\system32\inetcomm.dll 2007-05-06 20:16:58 -------- d-----w C:\Program Files\OpenOffice.ux.pl 2.2.0 2007-04-25 14:23:30 144,896 ----a-w C:\WINDOWS\system32\schannel.dll 2007-04-24 13:14:12 -------- d-----w C:\DOCUME~1\RYSZAR~1\DANEAP~1\MusicIP 2007-04-24 13:13:56 -------- d-----w C:\Program Files\Winamp 2007-04-18 16:14:32 2,854,400 ----a-w C:\WINDOWS\system32\msi.dll 2007-04-16 20:47:36 33,624 ----a-w C:\WINDOWS\system32\wups.dll 2007-04-16 20:45:54 1,710,936 ----a-w C:\WINDOWS\system32\wuaueng.dll 2007-04-16 20:45:48 549,720 ----a-w C:\WINDOWS\system32\wuapi.dll 2007-04-16 20:45:42 325,976 ----a-w C:\WINDOWS\system32\wucltui.dll 2007-04-16 20:45:36 203,096 ----a-w C:\WINDOWS\system32\wuweb.dll 2007-04-16 20:45:28 92,504 ----a-w C:\WINDOWS\system32\cdm.dll 2007-04-16 20:45:20 53,080 ----a-w C:\WINDOWS\system32\wuauclt.exe 2007-04-16 20:45:20 43,352 ----a-w C:\WINDOWS\system32\wups2.dll 2007-04-16 19:48:29 -------- d-----w C:\DOCUME~1\RYSZAR~1\DANEAP~1\Google 2007-04-13 01:21:14 271,360 ----a-w C:\WINDOWS\system32\mscoree.dll 2007-04-05 07:53:37 -------- d-----w C:\Program Files\microsoft frontpage 2007-03-29 21:00:40 203,264 ----a-r C:\WINDOWS\system32\CddbCdda.dll 2007-03-27 20:49:25 -------- d-----w C:\Program Files\Windows Media Connect 2 2007-03-18 20:06:01 -------- d-----w C:\Program Files\HT NETWORKS 2007-03-17 13:45:36 293,376 ----a-w C:\WINDOWS\system32\winsrv.dll 2007-03-17 11:22:02 -------- d-----w C:\Program Files\Dictionary 2000 4.0 2007-03-10 20:36:57 41 ----a-w C:\WINDOWS\system32\ddfacaebf9_s.dll 2007-03-10 17:37:15 -------- d-----w C:\DOCUME~1\RYSZAR~1\DANEAP~1\Skype 2007-03-08 15:38:47 579,072 ----a-w C:\WINDOWS\system32\user32.dll 2007-03-08 15:38:47 40,960 ----a-w C:\WINDOWS\system32\mf3216.dll 2007-03-08 15:38:47 281,600 ----a-w C:\WINDOWS\system32\gdi32.dll 2007-03-08 15:37:33 1,843,840 ----a-w C:\WINDOWS\system32\win32k.sys 2007-03-07 23:51:00 43,528 ------w C:\WINDOWS\system32\drivers\pxhelp20.sys 2007-03-07 23:51:00 129,784 ------w C:\WINDOWS\system32\pxafs.dll 2007-03-04 17:18:46 -------- d-----w C:\Program Files\IPSPI 2007-03-04 12:58:36 719 ----a-w C:\WINDOWS\unins000.dat 2007-03-04 07:51:41 -------- d-----w C:\Program Files\Look@LAN 2007-03-03 11:12:10 720,896 ----a-w C:\WINDOWS\iun6002.exe 2007-03-02 08:31:32 -------- d-----w C:\DOCUME~1\RYSZAR~1\DANEAP~1\Opera 2007-03-01 18:33:31 -------- d-----w C:\DOCUME~1\RYSZAR~1\DANEAP~1\Lavasoft 2007-03-01 18:33:16 -------- d-----w C:\Program Files\Lavasoft 2007-03-01 18:32:44 -------- d-----w C:\Program Files\Common Files\Wise Installation Wizard 2007-03-01 08:49:06 -------- d-----w C:\Program Files\Common Files\Panda Software 2007-03-01 08:47:02 -------- d-----w C:\Program Files\Alwil Software 2007-02-28 12:32:47 -------- d-----w C:\Program Files\SiGSOFT 2007-02-27 22:45:37 69,632 ----a-w C:\WINDOWS\uinst001.exe 2007-02-26 18:09:38 1,168 ----a-w C:\WINDOWS\mozver.dat 2007-02-26 15:20:26 -------- d-----w C:\Program Files\Common Files\Onet.pl 2007-02-22 17:06:23 -------- d-----w C:\Program Files\Ares 2007-02-21 17:16:52 639,224 ----a-w C:\WINDOWS\system32\drivers\sptd.sys 2007-02-13 19:48:02 -------- d-----w C:\DOCUME~1\RYSZAR~1\DANEAP~1\Hamachi 2007-02-13 19:37:32 17,480 ----a-w C:\WINDOWS\system32\drivers\hamachi.sys 2007-02-13 19:14:56 -------- d-----w C:\Program Files\GFI 2007-02-13 14:30:28 -------- d-----w C:\DOCUME~1\RYSZAR~1\DANEAP~1\Kamerzysta 2007-02-13 14:30:28 -------- d-----w C:\DOCUME~1\RYSZAR~1\DANEAP~1\AutoUpdate 2007-02-12 17:48:40 -------- d-----w C:\DOCUME~1\RYSZAR~1\DANEAP~1\XnView 2007-02-12 15:27:48 -------- d-----w C:\Program Files\Stacksoft 2007-02-11 16:02:10 -------- d-----w C:\DOCUME~1\RYSZAR~1\DANEAP~1\Microsoft Web Folders 2007-02-10 19:05:27 -------- d-----w C:\Program Files\Common Files\ODBC 2007-02-10 19:05:22 -------- d-----w C:\Program Files\Common Files\SpeechEngines 2007-02-10 18:58:26 -------- d-----w C:\Program Files\VIA Technologies, INC 2007-02-10 18:16:38 -------- d–h--w C:\Program Files\WindowsUpdate 2007-02-10 18:16:32 -------- d-----w C:\Program Files\Usługi online 2007-02-10 18:15:20 -------- d-----w C:\Program Files\Common Files\MSSoap 2007-02-10 18:15:08 -------- d-----w C:\Program Files\Movie Maker 2007-02-10 18:14:31 21,856 ----a-w C:\WINDOWS\system32\emptyregdb.dat 2007-02-10 18:12:52 -------- d-----w C:\Program Files\MSN Gaming Zone 2007-02-10 18:12:39 -------- d-----w C:\Program Files\Windows NT 2007-02-09 11:10:35 574,464 ----a-w C:\WINDOWS\system32\drivers\ntfs.sys 2007-02-05 20:19:48 185,856 ----a-w C:\WINDOWS\system32\upnphost.dll 2006-12-04 13:21:50 414,720 ----a-w C:\WINDOWS\system32\msscp.dll 2006-12-01 10:01:50 8,277,504 ----a-w C:\WINDOWS\system32\wmploc.dll 2006-12-01 09:46:18 99,840 ----a-w C:\WINDOWS\system32\wmpshell.dll 2006-12-01 09:45:42 258,560 ----a-w C:\WINDOWS\system32\wmerror.dll 2006-11-04 19:25:50 1,321,744 ----a-w C:\WINDOWS\system32\msxml6.dll 2006-11-02 15:10:16 80,912 ----a-w C:\WINDOWS\system32\sherlock2.exe 2006-11-02 09:52:52 42,496 ------w C:\WINDOWS\system32\wpdshextres.dll ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects] {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}=C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll [2003-11-04 01:17] {53707962-6F74-2D53-2644-206D7942484F}=C:\Program Files\Spybot - Search & Destroy\SDHelper.dll [2005-05-31 01:04] {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}=C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll [2007-03-14 03:43] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] “00PCTFW”=“C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe” [2007-04-28 08:13] “PCSuiteTrayApplication”=“C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe” [2007-06-18 15:10] [HKEY_USERS.default\software\microsoft\windows\currentversion\run] “Nokia.PCSync”=C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] “NoSaveSettings”=00000000 “ClearRecentDocsOnExit”=0000000000000000 [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] p2psvc p2psvc p2pimsvc p2pgasvc PNRPSvc ************************************************************************** catchme 0.3.721 W2K/XP/Vista - userland rootkit detector by Gmer, http://www.gmer.net Rootkit scan 2004-06-17 00:09:10 Windows 5.1.2600 Dodatek Service Pack 2 NTFS scanning hidden processes … scanning hidden autostart entries … scanning hidden files … scan completed successfully hidden files: 0 ************************************************************************** Completion time: 2004-06-17 0:10:16 C:\ComboFix-quarantined-files.txt … 2004-06-17 00:10 C:\ComboFix2.txt … 2004-06-17 04:56 C:\ComboFix3.txt … 2007-06-20 12:43 — E O F —

Kuba11 · 9 Sierpień 2007 05:57

Start>Panel Sterowania>Opcje Folderów>Widok>usuń zaznaczenie przy Ukryj chronione pliki systemowe >

zaznacz przy Pokaż ukryte pliki >Zastosuj>>OK

Teraz wyłącz przywracanie systemu,wejdź do trybu awaryjnego i usuwasz zaznaczone pliki

Te pliki skanujesz na http://www.virustotal.com i wklejasz raport.

Potym nowy log z ComboFix.

anon96711983 · 9 Sierpień 2007 19:16

ComboFix 07-06-13.3 - E:\Instalki\ComboFix.exe “Ryszard Zieliäski” - 2004-06-17 0:52:11 - Dodatek Service Pack 2 NTFS ((((((((((((((((((((((((( Files Created from 2004-05-16 to 2004-06-16 ))))))))))))))))))))))))))))))) 2004-06-22 13:45 2004-06-22 13:33 2004-06-20 10:01 2004-06-20 09:06 234 --a------ C:\WINDOWS\system32\WMV9VCM.dll 2004-06-20 09:06 234 --a------ C:\WINDOWS\system32\vorbisenc.dll 2004-06-20 09:06 234 --a------ C:\WINDOWS\system32\vorbis.dll 2004-06-20 09:06 234 --a------ C:\WINDOWS\system32\OggDS.dll 2004-06-20 09:06 234 --a------ C:\WINDOWS\system32\ogg.dll 2004-06-20 09:05 234 --a------ C:\WINDOWS\system32\mplvpx.dll 2004-06-20 09:05 234 --a------ C:\WINDOWS\system32\DivX.dll 2004-06-20 09:05 234 --a------ C:\WINDOWS\system32\cpuinf32.dll 2004-06-19 23:13 2004-06-19 23:13 2004-06-19 23:01 2004-06-19 06:40 2004-06-19 06:40 2004-06-19 04:22 2004-06-18 23:58 2004-06-18 05:17 2004-06-18 04:34 2004-06-18 04:33 545 --a------ C:\WINDOWS\UC.PIF 2004-06-18 04:33 545 --a------ C:\WINDOWS\RAR.PIF 2004-06-18 04:33 545 --a------ C:\WINDOWS\PKZIP.PIF 2004-06-18 04:33 545 --a------ C:\WINDOWS\PKUNZIP.PIF 2004-06-18 04:33 545 --a------ C:\WINDOWS\NOCLOSE.PIF 2004-06-18 04:33 545 --a------ C:\WINDOWS\LHA.PIF 2004-06-18 04:33 545 --a------ C:\WINDOWS\ARJ.PIF 2004-06-18 04:33 2004-06-17 19:15 2004-06-17 18:42 2004-06-17 18:41 1,073,664 --a------ C:\Program Files\drtweakxp1.75.exe 2004-06-17 18:24 48,640 -ra------ C:\WINDOWS\system32\drivers\ser2pl.sys 2004-06-17 17:12 2004-06-17 17:12 2004-06-17 17:12 2004-06-17 15:44 2004-06-17 15:43 0 -rahs---- C:\MSDOS.SYS 2004-06-17 15:43 0 -rahs---- C:\IO.SYS 2004-06-17 15:43 0 --a------ C:\WINDOWS\nsreg.dat 2004-06-17 15:43 0 --a------ C:\CONFIG.SYS 2004-06-17 15:43 0 --a------ C:\AUTOEXEC.BAT 2004-06-17 15:41 55,904 --a------ C:\WINDOWS\system32\drivers\pctfw.sys 2004-06-17 15:41 100,448 --a------ C:\WINDOWS\system32\drivers\pctfw1.sys 2004-06-17 15:41 2004-06-17 15:25 2004-06-17 15:03 2004-06-17 14:39 2004-06-17 10:57 2004-06-17 10:41 831,048 --a------ C:\WINDOWS\system32\WudfUpdate_01005.dll 2004-06-17 10:41 2004-06-17 10:28 2004-06-17 10:28 2004-06-17 10:27 2004-06-17 10:27 2004-06-17 10:26 90,624 --a------ C:\WINDOWS\system32\nmwcdcls.dll 2004-06-17 10:26 2004-06-17 10:25 2004-06-17 09:42 89,728 --a------ C:\WINDOWS\system32\drivers\usbvsp.sys 2004-06-17 09:40 2004-06-17 09:40 2004-06-17 06:52 2004-06-17 03:36 8,704 --a------ C:\WINDOWS\system32\kbdjpn.dll 2004-06-17 03:36 8,192 --a------ C:\WINDOWS\system32\kbdkor.dll 2004-06-17 03:36 6,144 --a------ C:\WINDOWS\system32\kbd106.dll 2004-06-17 03:36 6,144 --a------ C:\WINDOWS\system32\kbd101c.dll 2004-06-17 03:36 6,144 --a------ C:\WINDOWS\system32\kbd101b.dll 2004-06-17 03:36 5,632 --a------ C:\WINDOWS\system32\kbd103.dll 2004-06-17 01:02 73,216 --a------ C:\WINDOWS\ST6UNST.EXE 2004-06-17 01:02 249,856 --------- C:\WINDOWS\Setup1.exe 2004-06-17 00:42 2004-06-17 00:34 2004-06-17 00:33 2004-06-17 00:22 2004-06-17 00:22 (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) 2007-07-27 22:07:21 783,224 ----a-w C:\WINDOWS\system32\aswBoot.exe 2007-07-27 22:02:49 92,848 ----a-w C:\WINDOWS\system32\drivers\aswmon.sys 2007-07-27 22:02:34 94,416 ----a-w C:\WINDOWS\system32\drivers\aswmon2.sys 2007-07-27 22:00:39 23,152 ----a-w C:\WINDOWS\system32\drivers\aswRdr.sys 2007-07-27 21:59:57 42,912 ----a-w C:\WINDOWS\system32\drivers\aswTdi.sys 2007-07-27 21:58:36 26,624 ----a-w C:\WINDOWS\system32\drivers\aavmker4.sys 2007-07-27 21:57:49 95,608 ----a-w C:\WINDOWS\system32\AVASTSS.scr 2007-07-02 17:35:02 -------- d-----w C:\DOCUME~1\RYSZAR~1\DANEAP~1\OpenOffice.ux.pl2 2007-06-26 18:20:10 -------- d-----w C:\Program Files\WinASO 2007-06-26 18:11:14 23 --sha-w C:\WINDOWS\system32\cdbcdcdd4_r.dll 2007-06-26 17:27:10 -------- d-----w C:\Program Files\XP Codec Pack 2007-06-26 14:42:34 -------- d-----w C:\Program Files\Futuremark 2007-06-22 13:16:02 -------- d-----w C:\Program Files\RegSeeker 2007-06-22 13:02:20 -------- d-----w C:\DOCUME~1\RYSZAR~1\DANEAP~1\Uniblue 2007-06-22 12:39:17 23,600 ----a-w C:\WINDOWS\system32\drivers\TVICHW32.SYS 2007-06-20 11:28:58 -------- d-----w C:\Program Files\Messenger 2007-06-19 16:52:14 -------- d-----w C:\Program Files\Google 2007-06-14 20:16:27 8,773 ----a-w C:\dnsbak.reg 2007-06-14 15:39:46 -------- d-----w C:\DOCUME~1\RYSZAR~1\DANEAP~1\Draco Organizer 2007-06-07 19:10:48 20,480 ----a-w C:\WINDOWS\system32\ac3config.exe 2007-06-03 16:51:47 -------- d-----w C:\Program Files\Ahead 2007-06-03 16:50:43 -------- d-----w C:\Program Files\LanHelper 2007-06-01 21:24:13 -------- d-----w C:\Program Files\Nsauditor 2007-06-01 21:14:25 -------- d-----w C:\Program Files\Windows Communicator 2007-06-01 19:31:56 -------- d-----w C:\DOCUME~1\RYSZAR~1\DANEAP~1\Windows Communicator 2007-05-29 15:31:19 -------- d-----w C:\DOCUME~1\RYSZAR~1\DANEAP~1\Gadu-Gadu 2007-05-29 15:07:12 -------- d-----w C:\Program Files\Gadu-Gadu 2007-05-16 15:18:58 683,520 ----a-w C:\WINDOWS\system32\inetcomm.dll 2007-05-06 20:16:58 -------- d-----w C:\Program Files\OpenOffice.ux.pl 2.2.0 2007-04-25 14:23:30 144,896 ----a-w C:\WINDOWS\system32\schannel.dll 2007-04-24 13:14:12 -------- d-----w C:\DOCUME~1\RYSZAR~1\DANEAP~1\MusicIP 2007-04-24 13:13:56 -------- d-----w C:\Program Files\Winamp 2007-04-18 16:14:32 2,854,400 ----a-w C:\WINDOWS\system32\msi.dll 2007-04-16 20:47:36 33,624 ----a-w C:\WINDOWS\system32\wups.dll 2007-04-16 20:45:54 1,710,936 ----a-w C:\WINDOWS\system32\wuaueng.dll 2007-04-16 20:45:48 549,720 ----a-w C:\WINDOWS\system32\wuapi.dll 2007-04-16 20:45:42 325,976 ----a-w C:\WINDOWS\system32\wucltui.dll 2007-04-16 20:45:36 203,096 ----a-w C:\WINDOWS\system32\wuweb.dll 2007-04-16 20:45:28 92,504 ----a-w C:\WINDOWS\system32\cdm.dll 2007-04-16 20:45:20 53,080 ----a-w C:\WINDOWS\system32\wuauclt.exe 2007-04-16 20:45:20 43,352 ----a-w C:\WINDOWS\system32\wups2.dll 2007-04-16 19:48:29 -------- d-----w C:\DOCUME~1\RYSZAR~1\DANEAP~1\Google 2007-04-13 01:21:14 271,360 ----a-w C:\WINDOWS\system32\mscoree.dll 2007-04-05 07:53:37 -------- d-----w C:\Program Files\microsoft frontpage 2007-03-29 21:00:40 203,264 ----a-r C:\WINDOWS\system32\CddbCdda.dll 2007-03-27 20:49:25 -------- d-----w C:\Program Files\Windows Media Connect 2 2007-03-18 20:06:01 -------- d-----w C:\Program Files\HT NETWORKS 2007-03-17 13:45:36 293,376 ----a-w C:\WINDOWS\system32\winsrv.dll 2007-03-17 11:22:02 -------- d-----w C:\Program Files\Dictionary 2000 4.0 2007-03-10 20:36:57 41 ----a-w C:\WINDOWS\system32\ddfacaebf9_s.dll 2007-03-10 17:37:15 -------- d-----w C:\DOCUME~1\RYSZAR~1\DANEAP~1\Skype 2007-03-08 15:38:47 579,072 ----a-w C:\WINDOWS\system32\user32.dll 2007-03-08 15:38:47 40,960 ----a-w C:\WINDOWS\system32\mf3216.dll 2007-03-08 15:38:47 281,600 ----a-w C:\WINDOWS\system32\gdi32.dll 2007-03-08 15:37:33 1,843,840 ----a-w C:\WINDOWS\system32\win32k.sys 2007-03-07 23:51:00 43,528 ------w C:\WINDOWS\system32\drivers\pxhelp20.sys 2007-03-07 23:51:00 129,784 ------w C:\WINDOWS\system32\pxafs.dll 2007-03-04 17:18:46 -------- d-----w C:\Program Files\IPSPI 2007-03-04 12:58:36 719 ----a-w C:\WINDOWS\unins000.dat 2007-03-04 07:51:41 -------- d-----w C:\Program Files\Look@LAN 2007-03-03 11:12:10 720,896 ----a-w C:\WINDOWS\iun6002.exe 2007-03-02 08:31:32 -------- d-----w C:\DOCUME~1\RYSZAR~1\DANEAP~1\Opera 2007-03-01 18:33:31 -------- d-----w C:\DOCUME~1\RYSZAR~1\DANEAP~1\Lavasoft 2007-03-01 18:33:16 -------- d-----w C:\Program Files\Lavasoft 2007-03-01 18:32:44 -------- d-----w C:\Program Files\Common Files\Wise Installation Wizard 2007-03-01 08:49:06 -------- d-----w C:\Program Files\Common Files\Panda Software 2007-03-01 08:47:02 -------- d-----w C:\Program Files\Alwil Software 2007-02-28 12:32:47 -------- d-----w C:\Program Files\SiGSOFT 2007-02-27 22:45:37 69,632 ----a-w C:\WINDOWS\uinst001.exe 2007-02-26 18:09:38 1,168 ----a-w C:\WINDOWS\mozver.dat 2007-02-26 15:20:26 -------- d-----w C:\Program Files\Common Files\Onet.pl 2007-02-22 17:06:23 -------- d-----w C:\Program Files\Ares 2007-02-21 17:16:52 639,224 ----a-w C:\WINDOWS\system32\drivers\sptd.sys 2007-02-13 19:48:02 -------- d-----w C:\DOCUME~1\RYSZAR~1\DANEAP~1\Hamachi 2007-02-13 19:37:32 17,480 ----a-w C:\WINDOWS\system32\drivers\hamachi.sys 2007-02-13 19:14:56 -------- d-----w C:\Program Files\GFI 2007-02-13 14:30:28 -------- d-----w C:\DOCUME~1\RYSZAR~1\DANEAP~1\Kamerzysta 2007-02-13 14:30:28 -------- d-----w C:\DOCUME~1\RYSZAR~1\DANEAP~1\AutoUpdate 2007-02-12 17:48:40 -------- d-----w C:\DOCUME~1\RYSZAR~1\DANEAP~1\XnView 2007-02-12 15:27:48 -------- d-----w C:\Program Files\Stacksoft 2007-02-11 16:02:10 -------- d-----w C:\DOCUME~1\RYSZAR~1\DANEAP~1\Microsoft Web Folders 2007-02-10 19:05:27 -------- d-----w C:\Program Files\Common Files\ODBC 2007-02-10 19:05:22 -------- d-----w C:\Program Files\Common Files\SpeechEngines 2007-02-10 18:58:26 -------- d-----w C:\Program Files\VIA Technologies, INC 2007-02-10 18:16:38 -------- d–h--w C:\Program Files\WindowsUpdate 2007-02-10 18:16:32 -------- d-----w C:\Program Files\Usługi online 2007-02-10 18:15:20 -------- d-----w C:\Program Files\Common Files\MSSoap 2007-02-10 18:15:08 -------- d-----w C:\Program Files\Movie Maker 2007-02-10 18:14:31 21,856 ----a-w C:\WINDOWS\system32\emptyregdb.dat 2007-02-10 18:12:52 -------- d-----w C:\Program Files\MSN Gaming Zone 2007-02-10 18:12:39 -------- d-----w C:\Program Files\Windows NT 2007-02-09 11:10:35 574,464 ----a-w C:\WINDOWS\system32\drivers\ntfs.sys 2007-02-05 20:19:48 185,856 ----a-w C:\WINDOWS\system32\upnphost.dll 2006-12-04 13:21:50 414,720 ----a-w C:\WINDOWS\system32\msscp.dll 2006-12-01 10:01:50 8,277,504 ----a-w C:\WINDOWS\system32\wmploc.dll 2006-12-01 09:46:18 99,840 ----a-w C:\WINDOWS\system32\wmpshell.dll 2006-12-01 09:45:42 258,560 ----a-w C:\WINDOWS\system32\wmerror.dll 2006-11-04 19:25:50 1,321,744 ----a-w C:\WINDOWS\system32\msxml6.dll 2006-11-02 09:52:52 42,496 ------w C:\WINDOWS\system32\wpdshextres.dll 2006-11-01 19:19:04 927,504 ----a-w C:\WINDOWS\system32\mfc40u.dll ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects] {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}=C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll [2003-11-04 01:17] {53707962-6F74-2D53-2644-206D7942484F}=C:\Program Files\Spybot - Search & Destroy\SDHelper.dll [2005-05-31 01:04] {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}=C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll [2007-03-14 03:43] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] “00PCTFW”=“C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe” [2007-04-28 08:13] “PCSuiteTrayApplication”=“C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe” [2007-06-18 15:10] [HKEY_USERS.default\software\microsoft\windows\currentversion\run] “Nokia.PCSync”=C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] “NoSaveSettings”=00000000 “ClearRecentDocsOnExit”=0000000000000000 [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] p2psvc p2psvc p2pimsvc p2pgasvc PNRPSvc ************************************************************************** catchme 0.3.721 W2K/XP/Vista - userland rootkit detector by Gmer, http://www.gmer.net Rootkit scan 2004-06-17 00:54:34 Windows 5.1.2600 Dodatek Service Pack 2 NTFS scanning hidden processes … ? [1776] scanning hidden autostart entries … scanning hidden files … scan completed successfully hidden files: 0 ************************************************************************** Completion time: 2004-06-17 0:55:50 C:\ComboFix-quarantined-files.txt … 2004-06-17 00:55 — E O F —

Złączono Posta : 09.08.2007 (Czw) 20:31

Pliki przeskanowałem Virustotal i wynik jest ujemny/nie wiem jak zrobic raport/.Dzieje sie nadal cos dziwnego: po właczeniu kompa mam jeden zwięk z głosnika syst. a nastepnie dwa i niestey komp się zatrzymuje i jest napisane: CMOS SETING WRONG

Pres F1 to Run setup

Pres F2 to load default values am continue. Jeśli wciskam F2 to tylko widać u góry monitora migający myślnik i nic się nie dzieje. a jak F1 to musze ustawiać bios na optimal i wszystko wraca do normy. Ale tak jest już za każdym włączeniem kompa. Ratujcie

qrczak13 · 9 Sierpień 2007 19:52

Użuwałeś do czyszczenia rejestru jv 16 PowerTools?

Wymień baterię w płycie głównej i zobacz co będzie, ale powinno być ok.

anon96711983 · 14 Sierpień 2007 18:25

Wymiana baterii pomogła. Pozdrawiam :lol: