Zamulony komp

system · 15 Czerwiec 2007 10:25

Logfile of HijackThis v1.99.1 Scan saved at 12:17:32, on 2007-06-15 Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.5730.0011) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\Lexmark 6200 Series\lxbumon.exe C:\Program Files\Lexmark 6200 Series\ezprint.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\WINDOWS\system32\nvsvc32.exe D:\Programy\New Folder\Office12\GrooveMonitor.exe C:\WINDOWS\system32\svchost.exe D:\Programy\GG\Gadu-Gadu\gg.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\TaskSwitchXP\TaskSwitchXP.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\system32\lxbucoms.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\eMule\emule.exe C:\WINDOWS\system32\wuauclt.exe C:\DOCUME~1\Gilberss\USTAWI~1\Temp\ose00000.exe D:\Programy\Winamp\winamp.exe D:\Programy\DAP\DAP.EXE D:\Programy\convert\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://google.dospop.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.onet.pl/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Programy\New Folder\ActiveX\AcroIEHelper.dll O2 - BHO: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - (no file) O2 - BHO: TBSB09293 - {57F9FEF0-6EAE-4030-A68A-30FDC38B1B13} - (no file) O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\Programy\NEWFOL~1\Office12\GRA8E1~1.DLL O2 - BHO: QuickSearch SearchBar - {82315A18-6CFB-44a7-BDFD-90E36537C252} - C:\Program Files\QuickSearch\QuickSearchBar3_28.dll (file missing) O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: DosPop Toolbar - {BFB5F154-9212-46F3-B547-AC6106030A54} - C:\Program Files\DosPop Toolbar\dospop.dll (file missing) O3 - Toolbar: QuickSearch SearchBar - {82315A18-6CFB-44a7-BDFD-90E36537C252} - C:\Program Files\QuickSearch\QuickSearchBar3_28.dll (file missing) O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - (no file) O4 - HKLM…\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM…\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM…\Run: [nwiz] nwiz.exe /install O4 - HKLM…\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM…\Run: [lxbumon.exe] “C:\Program Files\Lexmark 6200 Series\lxbumon.exe” O4 - HKLM…\Run: [EzPrint] “C:\Program Files\Lexmark 6200 Series\ezprint.exe” O4 - HKLM…\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM…\Run: [LXBUCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXBUtime.dll,_RunDLLEntry@16 O4 - HKLM…\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM…\Run: [DownloadAccelerator] “D:\Programy\DAP\DAP.EXE” /STARTUP O4 - HKLM…\Run: [iSUSPM] “C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe” -scheduler O4 - HKLM…\Run: [GrooveMonitor] “D:\Programy\New Folder\Office12\GrooveMonitor.exe” O4 - HKCU…\Run: [Gadu-Gadu] “D:\Programy\GG\Gadu-Gadu\gg.exe” /tray O4 - HKCU…\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU…\Run: [TaskSwitchXP] C:\Program Files\TaskSwitchXP\TaskSwitchXP.exe O4 - HKCU…\Run: [AdobeUpdater] C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe O4 - Global Startup: Adobe Reader Speed Launch.lnk = D:\Programy\New Folder\Reader\reader_sl.exe O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O8 - Extra context menu item: &Clean Traces - D:\Programy\DAP\Privacy Package\dapcleanerie.htm O8 - Extra context menu item: &Download with &DAP - D:\Programy\DAP\dapextie.htm O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredi … xmk142YYPL O8 - Extra context menu item: Download &all with DAP - D:\Programy\DAP\dapextie2.htm O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Programy\NEWFOL~1\Office12\ONBttnIE.dll O9 - Extra ‘Tools’ menuitem: Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Programy\NEWFOL~1\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\Programy\NEWFOL~1\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra ‘Tools’ menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing) O9 - Extra ‘Tools’ menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing) O11 - Options group: [iNTERNATIONAL] International* O16 - DPF: {112857FE-03FF-11D5-9A3F-0080C8D85044} (GameDesire Solitaires) - http://67.15.101.3/g_bin/pl/solitaire_2_0_0_26.cab O16 - DPF: {1A781DED-C22D-4153-3213-A3211E29DF13} (GameDesire Card Games) - http://67.15.101.3/g_bin/pl/cards_2_0_0_74.cab O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocach … 0.15-3.cab O16 - DPF: {83AFB5CA-ED35-11D4-A452-0080C8D85045} (GameDesire Poker Games) - http://67.15.101.3/g_bin/pl/poker_2_0_0_46.cab O16 - DPF: {E23FABEE-12E3-33DA-DA12-195DAC123984} (GameDesire Mahjong) - http://67.15.101.3/g_bin/pl/mahjong_2_0_0_28.cab O16 - DPF: {FDDBE2B8-6602-4AD8-946D-94C5A32FA6C5} (GameDesire Snooker) - http://67.15.101.3/g_bin/pl/snooker_2_0_0_34.cab O17 - HKLM\System\CCS\Services\Tcpip…{24F18096-A021-4F76-8D51-C327FD404690}: NameServer = 213.227.72.1,213.227.75.1 O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - D:\Programy\NEWFOL~1\Office12\GR99D3~1.DLL O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL O20 - Winlogon Notify: rpcc - C:\WINDOWS\ O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Unknown owner - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe (file missing) O23 - Service: lxbu_device - Lexmark International, Inc. - C:\WINDOWS\system32\lxbucoms.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

sdar · 15 Czerwiec 2007 10:31

Proszę zastosować się do zaleceń zawartych w TYM temacie. W przeciwnym wypadku temat zostanie usunięty.

Gutek · 15 Czerwiec 2007 22:29

C:\DOCUME~1\Gilberss\USTAWI~1\Temp\ose00000.exe O2 - BHO: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - (no file) O2 - BHO: TBSB09293 - {57F9FEF0-6EAE-4030-A68A-30FDC38B1B13} - (no file) O2 - BHO: QuickSearch SearchBar - {82315A18-6CFB-44a7-BDFD-90E36537C252} - C:\Program Files\QuickSearch\QuickSearchBar3_28.dll (file missing) O3 - Toolbar: DosPop Toolbar - {BFB5F154-9212-46F3-B547-AC6106030A54} - C:\Program Files\DosPop Toolbar\dospop.dll (file missing) O3 - Toolbar: QuickSearch SearchBar - {82315A18-6CFB-44a7-BDFD-90E36537C252} - C:\Program Files\QuickSearch\QuickSearchBar3_28.dll (file missing) O3 - Toolbar: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - (no file) O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredi … xmk142YYPL O20 - Winlogon Notify: rpcc - C:\WINDOWS\

usuń wpisy HJT

Czyszczenie rejestru:

RegCleaner - http://www.dobreprogramy.pl/index.php?dz=2&t=29&id=177

możesz rejestr przelecieć albo

jv16 PowerTools - http://www.dobreprogramy.pl/index.php?dz=2&t=29&id=509

Daj log z Combofix

system · 16 Czerwiec 2007 14:37

spoko zrobiłem tak jak trzeba tylko log z combofix mi nie daje rady zrobic lub jestem bardzo niecierpliwy bo po uruchómieniu nic się nie dzieje

crazy2211 · 16 Czerwiec 2007 14:58

Ja przed chwilą robiłem log tym programem. Włącz go, poczekaj chwilę na bank sie zrobi, a plik będziesz miał na C:/ o nazwie ComboFix.

system · 16 Czerwiec 2007 15:34

ComboFix 07-06-13.3 - D:\Programy\convert\ComboFix.exe “Gilberss” - 2007-06-16 17:31:18 - Dodatek Service Pack 2 NTFS ((((((((((((((((((((((((( Files Created from 2007-05-16 to 2007-06-16 ))))))))))))))))))))))))))))))) ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) C:\WINDOWS\system32\koos.exe C:\WINDOWS\system32\kprof C:\WINDOWS\system32\poof ((((((((((((((((((((((((( Files Created from 2007-05-16 to 2007-06-16 ))))))))))))))))))))))))))))))) 2007-06-16 16:16 49,152 --a------ C:\WINDOWS\nircmd.exe 2007-06-16 16:16 49,152 --a------ C:\WINDOWS\nircmd.exe 2007-06-15 15:48 2007-06-15 15:48 2007-06-15 15:48 2007-06-15 15:48 2007-06-15 06:26 2007-06-15 06:26 2007-06-15 06:22 2007-06-13 12:55 2007-06-13 12:30 2007-06-13 12:30 2007-06-12 21:59 2007-06-11 16:13 2007-06-03 12:51 2007-05-26 11:56 2007-05-26 11:44 2007-05-26 11:42 81,768 --a------ C:\WINDOWS\system32\xinput1_3.dll 2007-05-26 11:42 81,768 --a------ C:\WINDOWS\system32\xinput1_3.dll 2007-05-26 11:41 62,744 --a------ C:\WINDOWS\system32\xinput1_2.dll 2007-05-26 11:41 62,744 --a------ C:\WINDOWS\system32\xinput1_2.dll 2007-05-26 11:41 443,752 --a------ C:\WINDOWS\system32\d3dx10_33.dll 2007-05-26 11:41 443,752 --a------ C:\WINDOWS\system32\d3dx10_33.dll 2007-05-26 11:41 3,495,784 --a------ C:\WINDOWS\system32\d3dx9_33.dll 2007-05-26 11:41 3,495,784 --a------ C:\WINDOWS\system32\d3dx9_33.dll 2007-05-26 11:41 3,426,072 --a------ C:\WINDOWS\system32\d3dx9_32.dll 2007-05-26 11:41 3,426,072 --a------ C:\WINDOWS\system32\d3dx9_32.dll 2007-05-26 11:41 261,480 --a------ C:\WINDOWS\system32\xactengine2_7.dll 2007-05-26 11:41 261,480 --a------ C:\WINDOWS\system32\xactengine2_7.dll 2007-05-26 11:41 255,848 --a------ C:\WINDOWS\system32\xactengine2_6.dll 2007-05-26 11:41 255,848 --a------ C:\WINDOWS\system32\xactengine2_6.dll 2007-05-26 11:41 251,672 --a------ C:\WINDOWS\system32\xactengine2_5.dll 2007-05-26 11:41 251,672 --a------ C:\WINDOWS\system32\xactengine2_5.dll 2007-05-26 11:41 237,848 --a------ C:\WINDOWS\system32\xactengine2_4.dll 2007-05-26 11:41 237,848 --a------ C:\WINDOWS\system32\xactengine2_4.dll 2007-05-26 11:41 236,824 --a------ C:\WINDOWS\system32\xactengine2_3.dll 2007-05-26 11:41 236,824 --a------ C:\WINDOWS\system32\xactengine2_3.dll 2007-05-26 11:41 2,414,360 --a------ C:\WINDOWS\system32\d3dx9_31.dll 2007-05-26 11:41 2,414,360 --a------ C:\WINDOWS\system32\d3dx9_31.dll 2007-05-26 11:41 2,297,552 --a------ C:\WINDOWS\system32\d3dx9_26.dll 2007-05-26 11:41 2,297,552 --a------ C:\WINDOWS\system32\d3dx9_26.dll 2007-05-26 11:41 15,128 --a------ C:\WINDOWS\system32\x3daudio1_1.dll 2007-05-26 11:41 15,128 --a------ C:\WINDOWS\system32\x3daudio1_1.dll 2007-05-26 11:41 1,123,696 --a------ C:\WINDOWS\system32\D3DCompiler_33.dll 2007-05-26 11:41 1,123,696 --a------ C:\WINDOWS\system32\D3DCompiler_33.dll 2007-05-22 11:53 2007-05-18 13:39 2007-05-16 18:17 737,280 --a------ C:\WINDOWS\iun6002.exe 2007-05-16 18:17 737,280 --a------ C:\WINDOWS\iun6002.exe 2007-05-16 18:17 135,168 --a------ C:\WINDOWS\system32\DSKernel2.dll 2007-05-16 18:17 135,168 --a------ C:\WINDOWS\system32\DSKernel2.dll 2007-05-16 18:17 1,936,528 --a------ C:\WINDOWS\system32\ltmm15.dll 2007-05-16 18:17 1,936,528 --a------ C:\WINDOWS\system32\ltmm15.dll 2007-05-16 17:57 2007-05-16 16:58 50,688 --a------ C:\WINDOWS\system32\wbhelp2.dll 2007-05-16 16:58 50,688 --a------ C:\WINDOWS\system32\wbhelp2.dll 2007-05-16 08:45 102,400 --a------ C:\WINDOWS\system32\unzip32.dll 2007-05-16 08:45 102,400 --a------ C:\WINDOWS\system32\unzip32.dll (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) 2007-06-16 14:45:15 -------- d-----w C:\Program Files\eMule 2007-06-16 14:22:29 -------- d-----w C:\Program Files\Google 2007-06-15 17:29:45 -------- d-----w C:\Program Files\Lx_cats 2007-06-15 07:59:43 50,748 ----a-w C:\WINDOWS\system32\perfc015.dat 2007-06-15 07:59:43 358,834 ----a-w C:\WINDOWS\system32\perfh015.dat 2007-06-15 04:04:22 -------- d-----w C:\Program Files\Windows Media Connect 2 2007-06-13 04:37:01 -------- d-----w C:\DOCUME~1\Gilberss\DANEAP~1\OpenOffice.ux.pl2 2007-05-23 19:50:36 -------- d-----w C:\Program Files\Common Files\Art Plus Uninstall 2007-05-16 15:18:58 683,520 ----a-w C:\WINDOWS\system32\inetcomm.dll 2007-05-12 13:05:17 -------- d-----w C:\DOCUME~1\Gilberss\DANEAP~1\Serif 2007-04-30 15:46:10 745,600 ----a-w C:\WINDOWS\system32\aswBoot.exe 2007-04-30 15:41:55 85,952 ----a-w C:\WINDOWS\system32\drivers\aswmon.sys 2007-04-30 15:41:42 94,552 ----a-w C:\WINDOWS\system32\drivers\aswmon2.sys 2007-04-30 15:39:41 23,416 ----a-w C:\WINDOWS\system32\drivers\aswRdr.sys 2007-04-30 15:38:51 43,176 ----a-w C:\WINDOWS\system32\drivers\aswTdi.sys 2007-04-30 15:37:23 26,888 ----a-w C:\WINDOWS\system32\drivers\aavmker4.sys 2007-04-30 15:35:28 95,872 ----a-w C:\WINDOWS\system32\AVASTSS.scr 2007-04-25 15:27:59 -------- d-----w C:\Program Files\USB Vibration Joystick 2007-04-25 14:23:30 144,896 ----a-w C:\WINDOWS\system32\schannel.dll 2007-04-25 09:11:47 -------- d-----w C:\Program Files\Ahead 2007-04-25 09:07:07 -------- d-----w C:\Program Files\Common Files\Ahead 2007-04-18 16:14:32 2,854,400 ----a-w C:\WINDOWS\system32\msi.dll 2007-04-16 20:47:36 33,624 ----a-w C:\WINDOWS\system32\wups.dll 2007-04-16 20:45:54 1,710,936 ----a-w C:\WINDOWS\system32\wuaueng.dll 2007-04-16 20:45:48 549,720 ----a-w C:\WINDOWS\system32\wuapi.dll 2007-04-16 20:45:42 325,976 ----a-w C:\WINDOWS\system32\wucltui.dll 2007-04-16 20:45:36 203,096 ----a-w C:\WINDOWS\system32\wuweb.dll 2007-04-16 20:45:28 92,504 ----a-w C:\WINDOWS\system32\cdm.dll 2007-04-16 20:45:20 53,080 ----a-w C:\WINDOWS\system32\wuauclt.exe 2007-04-16 20:45:20 43,352 ----a-w C:\WINDOWS\system32\wups2.dll 2007-04-13 16:42:20 200 -c–a-w C:\WINDOWS\AUDC70UI.dat 2007-04-13 16:12:47 245,760 -c----w C:\WINDOWS\Setup1.exe 2007-04-13 16:12:45 73,216 -c–a-w C:\WINDOWS\ST6UNST.EXE 2007-04-08 07:34:02 3,350 -csha-w C:\WINDOWS\system32\KGyGaAvL.sys 2007-04-01 15:02:03 219,648 ----a-w C:\WINDOWS\system32\uxtheme.dll 2007-04-01 08:49:08 8,464 -c–a-w C:\WINDOWS\system32\sporder.dll 2007-03-20 17:51:40 2,478,080 ----a-w C:\WINDOWS\system32\Sharon Stone.scr 2007-03-17 13:45:36 293,376 ----a-w C:\WINDOWS\system32\winsrv.dll ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects] {72853161-30C5-4D22-B7F9-0BBC1D38A37E}=D:\Programy\NEWFOL~1\Office12\GRA8E1~1.DLL [2006-10-27 00:48] {AA58ED58-01DD-4d91-8333-CF10577473F7}=c:\program files\google\googletoolbar3.dll [2007-01-29 05:59] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] “SoundMan”=“SOUNDMAN.EXE” [2005-08-17 12:39 C:\WINDOWS\SOUNDMAN.EXE] “nwiz”=“nwiz.exe” [2005-08-02 10:35 C:\WINDOWS\system32\nwiz.exe] “lxbumon.exe”=“C:\Program Files\Lexmark 6200 Series\lxbumon.exe” [2005-01-18 16:39] “@”="" [] “EzPrint”=“C:\Program Files\Lexmark 6200 Series\ezprint.exe” [2004-09-17 19:24] “avast!”=“C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe” [2007-04-30 17:42] “AT-Watch”="" [] “DownloadAccelerator”=“D:\Programy\DAP\DAP.exe” [2007-05-16 16:58] “ISUSPM”=“C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe” [] “GrooveMonitor”=“D:\Programy\New Folder\Office12\GrooveMonitor.exe” [2006-10-27 00:47] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] “odk_mcd”="" [] “Gadu-Gadu”=“D:\Programy\GG\Gadu-Gadu\gg.exe” [2006-11-14 11:12] “ctfmon.exe”=“C:\WINDOWS\system32\ctfmon.exe” [2006-03-02 14:00] “TaskSwitchXP”=“C:\Program Files\TaskSwitchXP\TaskSwitchXP.exe” [2006-08-05 00:29] “AdobeUpdater”=“C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe” [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] “{B5A7F190-DDA6-4420-B3BA-52453494E6CD}”=“D:\Programy\NEWFOL~1\Office12\GRA8E1~1.DLL” [2006-10-27 00:48] ************************************************************************** catchme 0.3.721 W2K/XP/Vista - userland rootkit detector by Gmer, http://www.gmer.net Rootkit scan 2007-06-16 17:33:14 Windows 5.1.2600 Dodatek Service Pack 2 NTFS scanning hidden processes … cmd.exe [3604] scanning hidden autostart entries … scanning hidden files … scan completed successfully hidden files: 0 ************************************************************************** Completion time: 2007-06-16 17:33:39 — E O F —

Joan · 16 Czerwiec 2007 17:29

jest czysto