Co jakiś czas wyskakuje mi taki komunikat jak podał w temacie tego wątku, poniżej zamieszczam opis z programu HijackThis v2.0.2 niewiem co mam dalej zrobić proszę o pomoc :?:

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 13:04:27, on 2008-08-13

Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16674)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

C:\Program Files\Alwil Software\Avast4\ashServ.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\system32\RUNDLL32.EXE

C:\Program Files\ASUS\GamerOSD\GamerOSD.exe

C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

C:\Program Files\Winamp\winampa.exe

C:\WINDOWS\RTHDCPL.EXE

C:\Program Files\ODSP\ODSPConfig.exe

C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe

C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe

C:\Program Files\Messenger\MSMSGS.EXE

C:\Program Files\DAEMON Tools Pro\DTProAgent.exe

C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe

C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

C:\Program Files\Ulead Systems\Ulead Photo Express 3.0 SE\CalCheck.exe

C:\WINDOWS\ATKKBService.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\nvsvc32.exe

C:\Program Files\ODSP\ODSPHost_NT.exe

C:\WINDOWS\system32\PnkBstrA.exe

C:\WINDOWS\system32\PnkBstrB.exe

C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe

C:\WINDOWS\explorer.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\HP\Smart Web Printing\hpswp_clipbook.exe

C:\WINDOWS\System32\msiexec.exe

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.onet.pl/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza

O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Smart Web Printing\hpswp_printenhancer.dll

O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll

O4 - HKLM…\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup

O4 - HKLM…\Run: [nwiz] nwiz.exe /install

O4 - HKLM…\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM…\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

O4 - HKLM…\Run: [WinampAgent] “C:\Program Files\Winamp\winampa.exe”

O4 - HKLM…\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM…\Run: [RTHDCPL] RTHDCPL.EXE

O4 - HKLM…\Run: [Alcmtr] ALCMTR.EXE

O4 - HKLM…\Run: [ODSPConfig] C:\Program Files\ODSP\ODSPConfig.exe

O4 - HKLM…\Run: [sunJavaUpdateSched] “C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe”

O4 - HKLM…\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

O4 - HKLM…\Run: [iSUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup

O4 - HKLM…\Run: [iSUSScheduler] “C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe” -start

O4 - HKLM…\Run: [CorelDRAW Graphics Suite 11b] C:\Program Files\Corel\Corel Graphics 12\Languages\PL\Programs\Registration.exe /title=“CorelDRAW Graphics Suite 12” /date=081808 serial=DR12CNC-8322248-NFT lang=PL

O4 - HKLM…\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k

O4 - HKCU…\Run: [MSMSGS] “C:\Program Files\Messenger\MSMSGS.EXE” /background

O4 - HKCU…\Run: [DAEMON Tools Pro Agent] “C:\Program Files\DAEMON Tools Pro\DTProAgent.exe”

O4 - HKCU…\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU…\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe

O4 - HKUS\S-1-5-19…\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User ‘USŁUGA LOKALNA’)

O4 - HKUS\S-1-5-20…\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User ‘USŁUGA SIECIOWA’)

O4 - HKUS\S-1-5-18…\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User ‘SYSTEM’)

O4 - HKUS.DEFAULT…\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User ‘Default user’)

O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe

O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe

O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE

O4 - Global Startup: Ulead Photo Express 3.0 SE Calendar Checker.lnk = C:\Program Files\Ulead Systems\Ulead Photo Express 3.0 SE\CalCheck.exe

O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll

O9 - Extra ‘Tools’ menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll

O9 - Extra button: Kolekcja wycinków HP - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll

O9 - Extra button: Zaznaczanie HP Smart - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra ‘Tools’ menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windows … 6880107249

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso … 6884037468

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://dl8-cdn-01.sun.com/s/ESD44/JSCDL … 586-jc.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s … wflash.cab

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe

O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe

O23 - Service: ODSP Host Service (ODSP Host) - Unknown owner - C:\Program Files\ODSP\ODSPHost_NT.exe

O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe

O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe

–

End of file - 8719 bytes

Daj log z ComboFix

Zmiana zasad wklejania logów na forum - viewtopic.php?f=16&t=253052

ComboFix 08-08-12.01 - Justyna i Adrian 2008-08-13 20:46:19.1 - NTFSx86

Microsoft Windows XP Home Edition 5.1.2600.2.1250.1.1045.18.1637 [GMT 2:00]

Running from: C:\Documents and Settings\Justyna i Adrian\Pulpit\ComboFix.exe

* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

C:\WINDOWS\system32\AutoRun.inf

.

((((((((((((((((((((((((( Files Created from 2008-07-13 to 2008-08-13 )))))))))))))))))))))))))))))))

.

2008-08-13 15:14 . 2008-08-13 15:14

2008-08-13 12:40 . 2008-08-13 12:40

2008-08-13 12:30 . 2008-08-13 14:24

2008-08-13 12:30 . 2008-08-13 12:30

2008-08-13 12:25 . 2008-08-13 12:25

2008-08-13 11:42 . 2008-08-13 11:42 1,409 --a------ C:\WINDOWS\system32\tmp960E4.FOT

2008-08-13 11:42 . 2008-08-13 11:42 1,409 --a------ C:\WINDOWS\system32\tmp7C0E4.FOT

2008-08-12 14:51 . 1994-12-06 01:00 12,800 --a------ C:\WINDOWS\system32\WING32.DLL

2008-08-12 14:50 . 2008-08-12 14:50

2008-08-12 14:19 . 2008-08-12 14:19

2008-08-12 14:19 . 2008-08-12 14:19 4,096 --a------ C:\WINDOWS\d3dx.dat

2008-08-12 09:00 . 2008-08-12 09:00

2008-08-08 15:39 . 2008-08-08 15:39

2008-08-04 12:04 . 2008-08-04 12:04

2008-08-04 10:00 . 2008-08-04 10:00

2008-08-03 20:39 . 2008-08-04 10:33 103,736 --a------ C:\WINDOWS\system32\PnkBstrB.exe

2008-08-03 20:39 . 2008-08-04 10:33 66,872 --a------ C:\WINDOWS\system32\PnkBstrA.exe

2008-08-03 20:39 . 2008-08-04 10:33 22,328 --a------ C:\WINDOWS\system32\drivers\PnkBstrK.sys

2008-08-03 20:15 . 2008-08-03 20:15

2008-08-03 20:15 . 2008-08-04 10:33 22,328 --a------ C:\Documents and Settings\Justyna i Adrian\Dane aplikacji\PnkBstrK.sys

2008-08-03 20:15 . 2008-08-04 10:32 319 --a------ C:\WINDOWS\game.ini

2008-08-03 20:02 . 2008-08-03 20:02

2008-08-03 19:28 . 2008-08-03 19:28 53,128 --a------ C:\Documents and Settings\Justyna i Adrian\Dane aplikacji\GDIPFONTCACHEV1.DAT

2008-08-03 19:17 . 2008-08-03 19:17 427 --a------ C:\WINDOWS\ODBC.INI

2008-08-03 19:16 . 2008-08-03 19:16

2008-08-03 17:01 . 2008-08-03 17:01

2008-08-03 17:01 . 1996-08-23 20:11 384,512 --a------ C:\WINDOWS\system32\MFCO40.DLL

2008-08-03 17:01 . 1995-05-22 06:37 358,400 --a------ C:\WINDOWS\system32\MFC30.DLL

2008-08-03 17:01 . 1998-10-29 16:45 306,688 --a------ C:\WINDOWS\IsUninst.exe

2008-08-03 17:01 . 1995-05-22 06:37 151,040 --a------ C:\WINDOWS\system32\MFCO30.DLL

2008-08-03 17:01 . 1999-08-17 12:10 28,672 --a------ C:\WINDOWS\Photo Express 3.scr

2008-08-03 17:01 . 2008-08-03 19:43 569 --a------ C:\WINDOWS\ULEAD32.INI

2008-08-03 16:31 . 2008-08-03 16:31

2008-08-03 16:31 . 2008-08-03 16:31 394 --a------ C:\WINDOWS\capture.ini

2008-08-03 16:27 . 2008-08-03 16:27

2008-08-03 16:11 . 2008-08-03 16:11

2008-08-03 16:11 . 2008-08-13 13:46

2008-07-29 21:10 . 2005-03-22 04:03 32,910 -ra------ C:\WINDOWS\system32\drivers\ser120.sys

2008-07-29 20:37 . 2008-07-31 21:44

2008-07-29 20:36 . 2008-07-29 20:36

2008-07-28 23:22 . 2008-07-28 23:22

2008-07-28 23:21 . 2008-07-28 23:21

2008-07-28 23:19 . 2008-07-28 23:19

2008-07-28 23:19 . 2007-03-30 17:11 267,864 -ra------ C:\WINDOWS\system32\hpzids01.dll

2008-07-28 23:19 . 2007-03-28 14:01 117,760 --a------ C:\WINDOWS\system32\hpzll5ha.dll

2008-07-28 23:17 . 2008-07-28 23:48

2008-07-28 23:17 . 2008-07-29 20:51

2008-07-28 23:17 . 2008-07-28 23:17

2008-07-28 23:17 . 2008-07-28 23:17

2008-07-28 23:16 . 2008-07-28 23:16

2008-07-28 23:16 . 2008-07-28 23:17

2008-07-28 23:16 . 2008-07-28 23:16

2008-07-28 23:16 . 2004-08-04 08:08 31,616 --a------ C:\WINDOWS\system32\drivers\usbccgp.sys

2008-07-28 23:16 . 2004-08-04 08:08 31,616 --a–c— C:\WINDOWS\system32\dllcache\usbccgp.sys

2008-07-28 23:15 . 2008-07-28 23:20 149,452 --a------ C:\WINDOWS\HPHins15.dat

2008-07-28 23:15 . 2007-06-07 10:56 2,828 --------- C:\WINDOWS\hphmdl15.dat

2008-07-27 21:02 . 2004-08-04 09:44 221,184 --a------ C:\WINDOWS\system32\wmpns.dll

2008-07-27 20:56 . 2008-07-27 20:56

2008-07-27 20:38 . 2008-07-27 20:38

2008-07-27 20:38 . 2008-07-27 20:38 107,888 --a------ C:\WINDOWS\system32\CmdLineExt.dll

2008-07-27 20:05 . 2008-07-27 20:22

2008-07-26 21:21 . 2001-08-17 22:02 9,600 --a------ C:\WINDOWS\system32\drivers\hidusb.sys

2008-07-26 21:21 . 2001-08-17 22:02 9,600 --a–c— C:\WINDOWS\system32\dllcache\hidusb.sys

2008-07-25 06:03 . 2008-04-23 09:20 6,066,176 -----c— C:\WINDOWS\system32\dllcache\ieframe.dll

2008-07-25 06:03 . 2007-04-17 11:32 2,455,488 -----c— C:\WINDOWS\system32\dllcache\ieapfltr.dat

2008-07-25 06:03 . 2007-03-08 07:11 1,036,288 -----c— C:\WINDOWS\system32\dllcache\ieframe.dll.mui

2008-07-25 06:03 . 2008-04-23 09:20 459,264 -----c— C:\WINDOWS\system32\dllcache\msfeeds.dll

2008-07-25 06:03 . 2008-04-23 09:20 383,488 -----c— C:\WINDOWS\system32\dllcache\ieapfltr.dll

2008-07-25 06:03 . 2008-06-14 20:01 273,024 -----c— C:\WINDOWS\system32\dllcache\bthport.sys

2008-07-25 06:03 . 2008-04-23 09:20 267,776 -----c— C:\WINDOWS\system32\dllcache\iertutil.dll

2008-07-25 06:03 . 2008-04-23 09:20 63,488 -----c— C:\WINDOWS\system32\dllcache\icardie.dll

2008-07-25 06:03 . 2008-04-23 09:20 52,224 -----c— C:\WINDOWS\system32\dllcache\msfeedsbs.dll

2008-07-25 06:03 . 2008-04-22 09:39 13,824 -----c— C:\WINDOWS\system32\dllcache\ieudinit.exe

2008-07-25 06:00 . 2007-07-30 19:19 271,224 --a------ C:\WINDOWS\system32\mucltui.dll

2008-07-25 06:00 . 2007-07-30 19:18 30,072 --a------ C:\WINDOWS\system32\mucltui.dll.mui

2008-07-24 19:14 . 2004-08-04 08:01 25,856 --a------ C:\WINDOWS\system32\drivers\usbprint.sys

2008-07-24 19:14 . 2004-08-04 08:01 25,856 --a–c— C:\WINDOWS\system32\dllcache\usbprint.sys

2008-07-24 18:08 . 2008-07-24 18:08

2008-07-24 18:08 . 2008-07-24 18:08

2008-07-24 18:08 . 2008-07-24 18:08

2008-07-24 18:08 . 2008-06-10 02:32 73,728 --a------ C:\WINDOWS\system32\javacpl.cpl

2008-07-24 18:06 . 2008-07-24 18:06

2008-07-24 17:27 . 2008-08-12 18:14 49 --a------ C:\WINDOWS\NeroDigital.ini

2008-07-24 13:49 . 2008-07-24 13:49

2008-07-24 13:49 . 2008-07-24 13:48 724,992 --a------ C:\WINDOWS\iun6002.exe

2008-07-24 13:49 . 2008-07-24 13:49 37 --a------ C:\WINDOWS\otnsdd32.dat

2008-07-24 13:48 . 2008-07-24 13:50

2008-07-24 12:17 . 2008-01-01 04:13

2008-07-24 11:46 . 2008-08-09 09:29

2008-07-24 10:34 . 2008-07-25 10:01

2008-07-24 10:23 . 2008-07-24 10:23

2008-07-24 10:22 . 2008-07-24 10:23

2008-07-24 10:22 . 2008-07-24 10:22

2008-07-24 10:18 . 2008-08-03 13:49

2008-07-24 10:14 . 2008-07-24 10:14

2008-07-24 10:14 . 2008-07-24 10:17

2008-07-24 10:07 . 2008-07-24 10:18

2008-07-24 10:06 . 2008-07-24 10:06

2008-07-24 10:06 . 2008-07-24 10:06 940,794 --a------ C:\WINDOWS\system32\LoopyMusic.wav

2008-07-24 10:06 . 2008-07-24 10:06 146,650 --a------ C:\WINDOWS\system32\BuzzingBee.wav

2008-07-24 10:04 . 2004-08-04 08:15 60,800 --a------ C:\WINDOWS\system32\drivers\sysaudio.sys

2008-07-24 10:04 . 2004-08-04 08:15 60,800 --a–c— C:\WINDOWS\system32\dllcache\sysaudio.sys

2008-07-24 10:04 . 2004-08-04 08:07 60,288 --a------ C:\WINDOWS\system32\drivers\drmk.sys

2008-07-24 10:04 . 2004-08-04 08:07 60,288 --a–c— C:\WINDOWS\system32\dllcache\drmk.sys

2008-07-24 08:32 . 2008-07-24 08:32

2008-07-24 08:31 . 2005-10-21 00:30 1,092,608 --a------ C:\WINDOWS\system32\esent.dll

2008-07-24 08:28 . 2008-07-24 08:28

2008-07-24 08:28 . 2008-07-24 08:28

2008-07-24 08:28 . 2001-07-06 14:41 569,344 --a------ C:\WINDOWS\system32\imagr5.dll

2008-07-24 08:28 . 2001-07-06 12:44 544,768 --a------ C:\WINDOWS\system32\imagx5.dll

2008-07-24 08:28 . 2001-07-06 18:24 283,920 --a------ C:\WINDOWS\system32\ImagXpr5.dll

2008-07-24 08:28 . 2001-07-09 11:50 155,648 --a------ C:\WINDOWS\system32\NeroCheck.exe

2008-07-24 08:28 . 2004-03-03 21:30 125,184 --a------ C:\WINDOWS\system32\drivers\imagesrv.sys

2008-07-24 08:28 . 2000-06-26 11:45 106,496 --a------ C:\WINDOWS\system32\TwnLib20.dll

2008-07-24 08:28 . 2001-06-26 08:15 38,912 --a------ C:\WINDOWS\system32\picn20.dll

2008-07-24 08:28 . 2004-03-03 21:30 5,504 --a------ C:\WINDOWS\system32\drivers\imagedrv.sys

2008-07-24 08:22 . 2008-07-24 08:22

2008-07-24 08:22 . 2008-07-25 10:01

2008-07-24 08:22 . 2006-09-06 17:43 22,752 --a------ C:\WINDOWS\system32\spupdsvc.exe

2008-07-24 08:21 . 2004-08-04 09:44 351,232 --a------ C:\WINDOWS\system32\winhttp.dll

2008-07-24 08:21 . 2004-08-04 09:44 18,944 --a------ C:\WINDOWS\system32\qmgrprxy.dll

2008-07-24 08:21 . 2004-08-04 09:43 8,192 --------- C:\WINDOWS\system32\bitsprx2.dll

2008-07-24 08:21 . 2004-08-04 09:43 7,168 --------- C:\WINDOWS\system32\bitsprx3.dll

2008-07-24 08:18 . 2001-08-17 22:59 3,072 --a------ C:\WINDOWS\system32\drivers\audstub.sys

2008-07-24 08:17 . 2008-07-24 08:17

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2008-08-13 13:26 --------- d-----w C:\Program Files\DC++

2008-08-12 12:49 --------- d-----w C:\Program Files\Common Files\InstallShield

2008-08-03 18:15 --------- d–h--w C:\Program Files\InstallShield Installation Information

2008-07-30 18:00 163,644 ----a-w C:\WINDOWS\system32\drivers\secdrv.sys

2008-07-24 15:27 --------- d-----w C:\Documents and Settings\Justyna i Adrian\Dane aplikacji\Winamp

2008-07-24 08:39 278,984 ----a-w C:\WINDOWS\system32\drivers\atksgt.sys

2008-07-24 08:39 25,416 ----a-w C:\WINDOWS\system32\drivers\lirsgt.sys

2008-07-24 08:04 15,600 ----a-w C:\WINDOWS\gdrv.sys

2008-07-24 07:48 685,816 ----a-w C:\WINDOWS\system32\drivers\sptd.sys

2008-07-24 05:51 --------- d-----w C:\Program Files\Winamp

2008-07-24 05:49 1,682 --sha-w C:\WINDOWS\system32\KGyGaAvL.sys

2008-07-24 05:49 --------- d-----w C:\Program Files\DivX

2008-07-24 05:49 --------- d-----w C:\Program Files\AC3Filter

2008-07-24 05:48 --------- d-----w C:\Program Files\Gadu-Gadu

2008-07-24 05:37 --------- d-----w C:\Program Files\Alwil Software

2008-07-24 05:33 --------- d-----w C:\Program Files\My Company Name

2008-07-24 05:27 315,392 ----a-w C:\WINDOWS\HideWin.exe

2008-07-24 05:27 --------- d-----w C:\Program Files\Realtek

2008-07-24 05:26 --------- d-----w C:\Documents and Settings\Justyna i Adrian\Dane aplikacji\InstallShield

2008-07-24 05:21 --------- d-----w C:\Program Files\microsoft frontpage

2008-07-24 05:19 --------- d-----w C:\Program Files\Usługi online

2008-06-20 17:42 246,784 ----a-w C:\WINDOWS\system32\mswsock.dll

2008-06-20 10:45 360,320 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys

2008-06-20 10:44 138,368 ----a-w C:\WINDOWS\system32\drivers\afd.sys

2008-06-20 09:52 225,920 ----a-w C:\WINDOWS\system32\drivers\tcpip6.sys

2008-06-14 18:01 273,024 ------w C:\WINDOWS\system32\drivers\bthport.sys

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries legit default entries are not shown

REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

“MSMSGS”=“C:\Program Files\Messenger\MSMSGS.EXE” [2004-08-04 09:44 1667584]

“DAEMON Tools Pro Agent”=“C:\Program Files\DAEMON Tools Pro\DTProAgent.exe” [2007-09-06 15:08 136136]

“ctfmon.exe”=“C:\WINDOWS\system32\ctfmon.exe” [2004-08-04 09:44 15360]

“swg”=“C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe” [2008-01-01 00:02 171448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

“NvCplDaemon”=“C:\WINDOWS\System32\NvCpl.dll” [2007-05-11 00:03 8429568]

“NvMediaCenter”=“C:\WINDOWS\System32\NvMcTray.dll” [2007-05-11 00:03 81920]

“avast!”=“C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe” [2008-07-19 16:38 78008]

“WinampAgent”=“C:\Program Files\Winamp\winampa.exe” [2008-01-16 00:54 37376]

“NeroFilterCheck”=“C:\WINDOWS\system32\NeroCheck.exe” [2001-07-09 11:50 155648]

“ODSPConfig”=“C:\Program Files\ODSP\ODSPConfig.exe” [2003-07-16 14:47 901120]

“SunJavaUpdateSched”=“C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe” [2008-06-10 04:27 144784]

“HP Software Update”=“C:\Program Files\HP\HP Software Update\HPWuSchd2.exe” [2007-03-11 21:34 49152]

“ISUSPM Startup”=“C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe” [2004-06-16 06:03 221184]

“ISUSScheduler”=“C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe” [2004-06-16 06:03 81920]

“UnlockerAssistant”=“C:\Program Files\Unlocker\UnlockerAssistant.exe” [2008-05-02 06:15 15872]

“nwiz”=“nwiz.exe” [2007-05-11 00:03 1626112 C:\WINDOWS\system32\nwiz.exe]

“RTHDCPL”=“RTHDCPL.EXE” [2007-07-05 10:08 16380416 C:\WINDOWS\RTHDCPL.exe]

[HKEY_USERS.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

“CTFMON.EXE”=“C:\WINDOWS\System32\CTFMON.EXE” [2004-08-04 09:44 15360]

C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\

Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe [2006-10-23 02:48:00 42881]

Adobe Reader Synchronizer.lnk - C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe [2006-10-23 01:01:00 737287]

HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2007-03-11 21:26:24 210520]

Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2001-02-13 10:01:04 83360]

Ulead Photo Express 3.0 SE Calendar Checker.lnk - C:\Program Files\Ulead Systems\Ulead Photo Express 3.0 SE\CalCheck.exe [2008-08-03 17:01:44 61440]

[HKLM~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

“%windir%\system32\sessmgr.exe”=

“C:\Program Files\Gadu-Gadu\gg.exe”=

“C:\Program Files\DC++\DCPlusPlus.exe”=

“C:\Program Files\KONAMI\Pro Evolution Soccer 2008\PES2008.exe”=

“C:\WINDOWS\system32\PnkBstrA.exe”=

“C:\WINDOWS\system32\PnkBstrB.exe”=

“C:\Program Files\SopCast\adv\SopAdver.exe”=

“C:\Program Files\SopCast\SopCast.exe”=

“C:\Documents and Settings\All Users\Dane aplikacji\Kaspersky Lab Setup Files\Kaspersky Anti-Virus 7.0.1.325\Polish\setup.exe”=

R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-07-19 16:35]

R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-07-19 16:37]

R2 ODSP Host;ODSP Host Service;C:\Program Files\ODSP\ODSPHost_NT.exe [2003-07-14 11:55]

S3 asusgsb;ASUS Virtual Video Capture Device Driver;C:\WINDOWS\system32\drivers\asusgsb.sys [2007-05-31 14:29]

S3 SER120;OTI Serial port driver;C:\WINDOWS\system32\DRIVERS\SER120.sys [2005-03-22 04:03]

S3 Video3D;ASUS Video3D Service;C:\WINDOWS\system32\Drivers\Video3D32.sys []

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc

*Newly Created Service* - CATCHME

*Newly Created Service* - PROCEXP90

.

.

------- Supplementary Scan -------

.

R0 -: HKCU-Main,Start Page = hxxp://www.onet.pl/

O8 -: Eksport do programu Microsoft Excel - C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000

**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2008-08-13 20:47:25

Windows 5.1.2600 Dodatek Service Pack 2 NTFS

scanning hidden processes …

scanning hidden autostart entries …

scanning hidden files …

scan completed successfully

hidden files: 0

**************************************************************************

.

Completion time: 2008-08-13 20:47:51

ComboFix-quarantined-files.txt 2008-08-13 18:47:49

Pre-Run: 10,774,360,064 bajtów wolnych

Post-Run: 10,940,903,424 bajtów wolnych

240 — E O F — 2008-08-06 07:15:08

Log wyglada na czysty

usuń ręcznie folder C: \Qoobox , usuń instalkę Combofix z dysku.

Przeczyść komputer Ccleanerem

Wykonaj optymalizację autostartu

Wyłącz i włącz przywracanie systemu na wszystkich dyskach. Instrukcja

Przeskanuj obszar mojego komputera http://www.kaspersky.pl/virusscanner.html (uruchom przez IE) Daj raport z niego na forum

lub

Dr.WEB CureIt!

2 razy nie będę powtarzał - Zmiana zasad wklejania logów na forum - viewtopic.php?f=16&t=253052