martitbg
(Marcin126p)
4 Kwiecień 2007 16:52
#1
Witam. Czy ktos mogly mi powiedziec co tez mam z tym zrobic aby komp zaczal szybciej dzialac.Jest troszke mulowaty. Przy odpalaniu GG, IE, i jeszcze paru innych wywala mi blad podczas ladowania biblioteki dll tylko nie wiem jakiej i nie wiem jak sprawdzic.
Logfile of HijackThis v1.99.1 Scan saved at 18:50:53, on 2007/04/04 Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16414) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe l:\Program Files\Alwil Software\Avast4\aswUpdSv.exe l:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\Explorer.EXE C:\Program Files\CyberLink\Shared files\RichVideo.exe C:\WINDOWS\system32\ScsiAccess.EXE C:\WINDOWS\System32\PAStiSvc.exe C:\WINDOWS\System32\svchost.exe L:\Program Files\Alwil Software\Avast4\ashDisp.exe C:\Program Files\Microsoft Hardware\Keyboard\type32.exe L:\Program Files\Ashampoo\Ashampoo FireWall\FireWall.exe C:\WINDOWS\system32\ctfmon.exe L:\PROGRA~1\MyPortal\Speed-X\SpeedX.exe l:\Program Files\Alwil Software\Avast4\ashMaiSv.exe l:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\TC UP\TOTALCMD.EXE L:\Program Files\Opera\Opera.exe L:\Program Files\Internet Download Manager\IEMonitor.exe L:\Program Files\Internet Download Manager\IDMan.exe D:\wirus\Gadu-Gadu\gg.exe C:\DOCUME~1\wirus\USTAWI~1\Temp_tc\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://search.bearshare.com/sidebar.html?src=ssb R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.bearshare.com/sidebar.html?src=ssb R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.bearshare.com/sidebar.html?src=ssb R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.onet.pl/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.windowsxlive.net R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.bearshare.com/sidebar.html?src=ssb R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza F3 - REG:win.ini: run= O2 - BHO: IE7pro - {00011268-E188-40DF-A514-835FCD78B1BF} - C:\Program Files\IE7pro\IE7pro.dll O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - L:\Program Files\Internet Download Manager\IDMIECC.dll O2 - BHO: SS Plugin Class - {1D1B2879-99FF-11E3-8D96-D7ACAC95952A} - (no file) O2 - BHO: (no name) - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - (no file) O2 - BHO: (no name) - {5345A7A1-805A-4923-B505-86B2FEBA3FE0} - (no file) O2 - BHO: (no name) - {683331AC-57DC-4A55-BCED-31BDA4ACB89A} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: (no name) - {AA7BC78C-2AD5-4C6C-8014-B1F5E75CB0F4} - (no file) O2 - BHO: (no name) - {F156768E-81EF-470C-9057-481BA8380DBA} - (no file) O4 - HKLM…\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM…\Run: [nwiz] nwiz.exe /install O4 - HKLM…\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM…\Run: [WinFast2KLoadDefault] rundll32.exe wf2kcpl.dll,DllLoadDefaultSettings O4 - HKLM…\Run: [avast!] “l:\Program Files\Alwil Software\Avast4\ashDisp.exe” O4 - HKLM…\Run: [intelliType] “C:\Program Files\Microsoft Hardware\Keyboard\type32.exe” O4 - HKLM…\Run: [Ashampoo FireWall] “L:\Program Files\Ashampoo\Ashampoo FireWall\FireWall.exe” -TRAY O4 - HKCU…\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU…\Run: [speedX] L:\PROGRA~1\MyPortal\Speed-X\SpeedX.exe O4 - HKCU…\Run: [Yodm3D] L:\Program Files\yodm3D\Yodm3D.exe O8 - Extra context menu item: Download All Links with IDM - L:\Program Files\Internet Download Manager\IEGetAll.htm O8 - Extra context menu item: Download with IDM - L:\Program Files\Internet Download Manager\IEExt.htm O8 - Extra context menu item: Pobierz z &BitSpirit - L:\Program Files\BitSpirit\bsurl.htm O9 - Extra button: IE7pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IE7pro\IE7pro.dll O9 - Extra ‘Tools’ menuitem: IE7pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IE7pro\IE7pro.dll O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll O9 - Extra ‘Tools’ menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll O9 - Extra button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - L:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - L:\PROGRA~1\FLASHGET\flashget.exe (file missing) O9 - Extra ‘Tools’ menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - L:\PROGRA~1\FLASHGET\flashget.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\WINDOWS\System32\shdocvw.dll O9 - Extra ‘Tools’ menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\WINDOWS\System32\shdocvw.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\idmmbc.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\idmmbc.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\idmmbc.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\idmmbc.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\idmmbc.dll O10 - Unknown file in Winsock LSP: l:\program files\ashampoo\ashampoo firewall\spi.dll O10 - Unknown file in Winsock LSP: l:\program files\ashampoo\ashampoo firewall\spi.dll O10 - Unknown file in Winsock LSP: l:\program files\ashampoo\ashampoo firewall\spi.dll O10 - Unknown file in Winsock LSP: l:\program files\ashampoo\ashampoo firewall\spi.dll O10 - Unknown file in Winsock LSP: l:\program files\ashampoo\ashampoo firewall\spi.dll O10 - Unknown file in Winsock LSP: l:\program files\ashampoo\ashampoo firewall\spi.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\idmmbc.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\idmmbc.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\idmmbc.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\idmmbc.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\idmmbc.dll O10 - Unknown file in Winsock LSP: l:\program files\ashampoo\ashampoo firewall\spi.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\idmmbc.dll O11 - Options group: [iNTERNATIONAL] International* O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} - http://messenger.zone.msn.com/binary/ms … b31267.cab O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocache/fu … .0.8-2.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} - http://messenger.zone.msn.com/binary/Me … b31267.cab O16 - DPF: {FDDBE2B8-6602-4AD8-946D-94C5A32FA6C1} - http://67.15.101.3/g_bin/pl/billard8_2_0_0_21.cab O16 - DPF: {FDDBE2B8-6602-4AD8-946D-94C5A32FA6C4} - http://67.15.101.3/g_bin/pl/billardt_2_0_0_21.cab O16 - DPF: {FDDBE2B8-6602-4AD8-946D-94C5A32FA6C5} - http://67.15.101.3/g_bin/pl/snooker_2_0_0_21.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSN Messenger\msgrapp.8.0.0812.00.dll O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSN Messenger\msgrapp.8.0.0812.00.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\Skype4COM.dll O18 - Protocol: wpmsg - {2E0AC5A0-3597-11D6-B3ED-0001021DC1C3} - (no file) O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\ O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - l:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - Unknown owner - l:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - l:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - l:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: ODSP Host Service (ODSP Host) - Unknown owner - l:\Program Files\ODSP\ODSPHost_NT.exe (file missing) O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe O23 - Service: PDAgent - Unknown owner - C:\Program Files\Raxco\PerfectDisk\PDAgent.exe (file missing) O23 - Service: PDEngine - Unknown owner - C:\Program Files\Raxco\PerfectDisk\PDEngine.exe (file missing) O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing) O23 - Service: ScsiAccess - Unknown owner - C:\WINDOWS\system32\ScsiAccess.EXE O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe
adam9870
(adam9870)
4 Kwiecień 2007 18:41
#2
Start => uruchom => wpisz cmd i kliknij OK => w konsoli, która się otworzy wpisz:
Folder usuń ręcznie w trybie awaryjnym natomiast wpisy HijackThis.
Po wykonaniu proszę pokazać nowy log z HijackThis plus z SilentRunners .
martitbg
(Marcin126p)
4 Kwiecień 2007 19:03
#3
To jest log a Silent Runners nie chce mi wystartowac.Pewnie cos zle robie.
Logfile of HijackThis v1.99.1 Scan saved at 20:59:57, on 2007/04/04 Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16414) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe l:\Program Files\Alwil Software\Avast4\aswUpdSv.exe l:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\Explorer.EXE C:\Program Files\CyberLink\Shared files\RichVideo.exe C:\WINDOWS\system32\ScsiAccess.EXE C:\WINDOWS\System32\PAStiSvc.exe C:\WINDOWS\System32\svchost.exe l:\Program Files\Alwil Software\Avast4\ashMaiSv.exe l:\Program Files\Alwil Software\Avast4\ashWebSv.exe L:\Program Files\Alwil Software\Avast4\ashDisp.exe C:\Program Files\Microsoft Hardware\Keyboard\type32.exe L:\Program Files\Ashampoo\Ashampoo FireWall\FireWall.exe C:\WINDOWS\system32\ctfmon.exe L:\PROGRA~1\MyPortal\Speed-X\SpeedX.exe C:\Program Files\TC UP\TOTALCMD.EXE C:\WINDOWS\system32\wuauclt.exe L:\Program Files\CCleaner\ccleaner.exe L:\Program Files\Opera\Opera.exe C:\DOCUME~1\wirus\USTAWI~1\Temp_tc\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.onet.pl/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza F3 - REG:win.ini: run= O2 - BHO: IE7pro - {00011268-E188-40DF-A514-835FCD78B1BF} - C:\Program Files\IE7pro\IE7pro.dll O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - L:\Program Files\Internet Download Manager\IDMIECC.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O4 - HKLM…\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM…\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM…\Run: [WinFast2KLoadDefault] rundll32.exe wf2kcpl.dll,DllLoadDefaultSettings O4 - HKLM…\Run: [avast!] “l:\Program Files\Alwil Software\Avast4\ashDisp.exe” O4 - HKLM…\Run: [intelliType] “C:\Program Files\Microsoft Hardware\Keyboard\type32.exe” O4 - HKLM…\Run: [Ashampoo FireWall] “L:\Program Files\Ashampoo\Ashampoo FireWall\FireWall.exe” -TRAY O4 - HKLM…\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto O4 - HKCU…\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU…\Run: [speedX] L:\PROGRA~1\MyPortal\Speed-X\SpeedX.exe O8 - Extra context menu item: Download All Links with IDM - L:\Program Files\Internet Download Manager\IEGetAll.htm O8 - Extra context menu item: Download with IDM - L:\Program Files\Internet Download Manager\IEExt.htm O8 - Extra context menu item: Pobierz z &BitSpirit - L:\Program Files\BitSpirit\bsurl.htm O9 - Extra button: IE7pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IE7pro\IE7pro.dll O9 - Extra ‘Tools’ menuitem: IE7pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IE7pro\IE7pro.dll O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll O9 - Extra ‘Tools’ menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll O9 - Extra button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - L:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - L:\PROGRA~1\FLASHGET\flashget.exe (file missing) O9 - Extra ‘Tools’ menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - L:\PROGRA~1\FLASHGET\flashget.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\WINDOWS\System32\shdocvw.dll O9 - Extra ‘Tools’ menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\WINDOWS\System32\shdocvw.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\idmmbc.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\idmmbc.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\idmmbc.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\idmmbc.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\idmmbc.dll O10 - Unknown file in Winsock LSP: l:\program files\ashampoo\ashampoo firewall\spi.dll O10 - Unknown file in Winsock LSP: l:\program files\ashampoo\ashampoo firewall\spi.dll O10 - Unknown file in Winsock LSP: l:\program files\ashampoo\ashampoo firewall\spi.dll O10 - Unknown file in Winsock LSP: l:\program files\ashampoo\ashampoo firewall\spi.dll O10 - Unknown file in Winsock LSP: l:\program files\ashampoo\ashampoo firewall\spi.dll O10 - Unknown file in Winsock LSP: l:\program files\ashampoo\ashampoo firewall\spi.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\idmmbc.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\idmmbc.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\idmmbc.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\idmmbc.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\idmmbc.dll O10 - Unknown file in Winsock LSP: l:\program files\ashampoo\ashampoo firewall\spi.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\idmmbc.dll O11 - Options group: [iNTERNATIONAL] International* O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} - http://messenger.zone.msn.com/binary/ms … b31267.cab O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} (MksSkanerOnline Class) - http://www.mks.com.pl/skaner/SkanerOnline.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} - http://messenger.zone.msn.com/binary/Me … b31267.cab O16 - DPF: {FDDBE2B8-6602-4AD8-946D-94C5A32FA6C1} - http://67.15.101.3/g_bin/pl/billard8_2_0_0_21.cab O16 - DPF: {FDDBE2B8-6602-4AD8-946D-94C5A32FA6C4} - http://67.15.101.3/g_bin/pl/billardt_2_0_0_21.cab O16 - DPF: {FDDBE2B8-6602-4AD8-946D-94C5A32FA6C5} - http://67.15.101.3/g_bin/pl/snooker_2_0_0_21.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSN Messenger\msgrapp.8.0.0812.00.dll O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSN Messenger\msgrapp.8.0.0812.00.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\Skype4COM.dll O18 - Protocol: wpmsg - {2E0AC5A0-3597-11D6-B3ED-0001021DC1C3} - (no file) O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - l:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - Unknown owner - l:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - l:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - l:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: ODSP Host Service (ODSP Host) - Unknown owner - l:\Program Files\ODSP\ODSPHost_NT.exe (file missing) O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe O23 - Service: PDAgent - Unknown owner - C:\Program Files\Raxco\PerfectDisk\PDAgent.exe (file missing) O23 - Service: PDEngine - Unknown owner - C:\Program Files\Raxco\PerfectDisk\PDEngine.exe (file missing) O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing) O23 - Service: ScsiAccess - Unknown owner - C:\WINDOWS\system32\ScsiAccess.EXE O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe
adam9870
(adam9870)
4 Kwiecień 2007 19:16
#4
W trybie awaryjnym wybierz start => uruchom => wpisz cmd i kliknij OK => w konsoli, która się otworzy wpisz:
Usuń wpisy HJT.
Jeśli nie masz już FlashGet’a to ciachnij dodatkowo wpisy:
W takim razie zamiast log z Silenta możesz wkleić log z ComboFix . Aby zrobić w nim log należy go uruchomić => nacisnąć klawisz Y => czekać cierpliwie i log powinien być w formie pliku .txt o nazwie combofix na partycji C.
martitbg
(Marcin126p)
5 Kwiecień 2007 07:22
#5
To jest log z HJT. ODSP nie idzie wywalic. Wpis jest ale samego programu juz dawno nie ma.
Logfile of HijackThis v1.99.1 Scan saved at 09:22:47, on 2007/04/05 Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16414) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe l:\Program Files\Alwil Software\Avast4\aswUpdSv.exe l:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\CyberLink\Shared files\RichVideo.exe C:\WINDOWS\system32\ScsiAccess.EXE C:\WINDOWS\Explorer.EXE C:\WINDOWS\System32\PAStiSvc.exe C:\WINDOWS\System32\svchost.exe l:\Program Files\Alwil Software\Avast4\ashMaiSv.exe l:\Program Files\Alwil Software\Avast4\ashWebSv.exe L:\Program Files\Alwil Software\Avast4\ashDisp.exe C:\Program Files\Microsoft Hardware\Keyboard\type32.exe L:\Program Files\Ashampoo\Ashampoo FireWall\FireWall.exe C:\WINDOWS\system32\ctfmon.exe L:\PROGRA~1\MyPortal\Speed-X\SpeedX.exe L:\Program Files\Opera\Opera.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\TC UP\TOTALCMD.EXE C:\DOCUME~1\wirus\USTAWI~1\Temp_tc\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.onet.pl/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza O2 - BHO: IE7pro - {00011268-E188-40DF-A514-835FCD78B1BF} - C:\Program Files\IE7pro\IE7pro.dll O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - L:\Program Files\Internet Download Manager\IDMIECC.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O4 - HKLM…\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM…\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM…\Run: [WinFast2KLoadDefault] rundll32.exe wf2kcpl.dll,DllLoadDefaultSettings O4 - HKLM…\Run: [avast!] “l:\Program Files\Alwil Software\Avast4\ashDisp.exe” O4 - HKLM…\Run: [intelliType] “C:\Program Files\Microsoft Hardware\Keyboard\type32.exe” O4 - HKLM…\Run: [Ashampoo FireWall] “L:\Program Files\Ashampoo\Ashampoo FireWall\FireWall.exe” -TRAY O4 - HKCU…\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU…\Run: [speedX] L:\PROGRA~1\MyPortal\Speed-X\SpeedX.exe O8 - Extra context menu item: Download All Links with IDM - L:\Program Files\Internet Download Manager\IEGetAll.htm O8 - Extra context menu item: Download with IDM - L:\Program Files\Internet Download Manager\IEExt.htm O8 - Extra context menu item: Pobierz z &BitSpirit - L:\Program Files\BitSpirit\bsurl.htm O9 - Extra button: IE7pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IE7pro\IE7pro.dll O9 - Extra ‘Tools’ menuitem: IE7pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IE7pro\IE7pro.dll O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll O9 - Extra ‘Tools’ menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll O9 - Extra button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - L:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\WINDOWS\System32\shdocvw.dll O9 - Extra ‘Tools’ menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\WINDOWS\System32\shdocvw.dll O10 - Unknown file in Winsock LSP: l:\program files\ashampoo\ashampoo firewall\spi.dll O10 - Unknown file in Winsock LSP: l:\program files\ashampoo\ashampoo firewall\spi.dll O10 - Unknown file in Winsock LSP: l:\program files\ashampoo\ashampoo firewall\spi.dll O10 - Unknown file in Winsock LSP: l:\program files\ashampoo\ashampoo firewall\spi.dll O10 - Unknown file in Winsock LSP: l:\program files\ashampoo\ashampoo firewall\spi.dll O10 - Unknown file in Winsock LSP: l:\program files\ashampoo\ashampoo firewall\spi.dll O10 - Unknown file in Winsock LSP: l:\program files\ashampoo\ashampoo firewall\spi.dll O10 - Unknown file in Winsock LSP: l:\program files\ashampoo\ashampoo firewall\spi.dll O10 - Unknown file in Winsock LSP: l:\program files\ashampoo\ashampoo firewall\spi.dll O10 - Unknown file in Winsock LSP: l:\program files\ashampoo\ashampoo firewall\spi.dll O10 - Unknown file in Winsock LSP: l:\program files\ashampoo\ashampoo firewall\spi.dll O10 - Unknown file in Winsock LSP: l:\program files\ashampoo\ashampoo firewall\spi.dll O10 - Unknown file in Winsock LSP: l:\program files\ashampoo\ashampoo firewall\spi.dll O10 - Unknown file in Winsock LSP: l:\program files\ashampoo\ashampoo firewall\spi.dll O10 - Unknown file in Winsock LSP: l:\program files\ashampoo\ashampoo firewall\spi.dll O10 - Unknown file in Winsock LSP: l:\program files\ashampoo\ashampoo firewall\spi.dll O10 - Unknown file in Winsock LSP: l:\program files\ashampoo\ashampoo firewall\spi.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\idmmbc.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\idmmbc.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\idmmbc.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\idmmbc.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\idmmbc.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\idmmbc.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\idmmbc.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\idmmbc.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\idmmbc.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\idmmbc.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\idmmbc.dll O11 - Options group: [iNTERNATIONAL] International* O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} - http://messenger.zone.msn.com/binary/ms … b31267.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} - http://messenger.zone.msn.com/binary/Me … b31267.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSN Messenger\msgrapp.8.0.0812.00.dll O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSN Messenger\msgrapp.8.0.0812.00.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\Skype4COM.dll O18 - Protocol: wpmsg - {2E0AC5A0-3597-11D6-B3ED-0001021DC1C3} - (no file) O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - l:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - Unknown owner - l:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - l:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - l:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: ODSP Host Service (ODSP Host) - Unknown owner - l:\Program Files\ODSP\ODSPHost_NT.exe (file missing) O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing) O23 - Service: ScsiAccess - Unknown owner - C:\WINDOWS\system32\ScsiAccess.EXE O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe
A to jest z ComboFix
C:\WINDOWS\drsmartload2.dat C:\WINDOWS\system32\pthreadVC.dll C:\DOCUME~1\wirus\DANEAP~1.\install.dat C:\WINDOWS\system32\svcp.csv C:\WINDOWS\desktop.html C:\WINDOWS\system32\winsub.xml ((((((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) -------\nm -------\NPF -------\LEGACY_NPF ((((((((((((((((((((((((((((((( Files Created from 2007-03-05 to 2007-04-05 )))))))))))))))))))))))))))))))))) 2007-04-04 19:37 2007-04-04 14:25 9,216 -ra------ C:\WINDOWS\system32\drivers\videX32.sys 2007-04-04 14:24 2007-04-04 11:19 2007-04-01 15:12 2007-04-01 14:54 2007-03-29 10:25 664 --a------ C:\WINDOWS\system32\d3d9caps.dat 2007-03-29 08:31 2007-03-27 20:28 2007-03-23 19:44 2007-03-18 21:52 68,888 --a------ C:\WINDOWS\system32\xinput1_3.dll 2007-03-18 21:52 62,744 --a------ C:\WINDOWS\system32\xinput1_2.dll 2007-03-18 21:52 3,426,072 --a------ C:\WINDOWS\system32\d3dx9_32.dll 2007-03-18 21:52 255,848 --a------ C:\WINDOWS\system32\xactengine2_6.dll 2007-03-18 21:52 251,672 --a------ C:\WINDOWS\system32\xactengine2_5.dll 2007-03-18 21:52 237,848 --a------ C:\WINDOWS\system32\xactengine2_4.dll 2007-03-18 21:52 236,824 --a------ C:\WINDOWS\system32\xactengine2_3.dll 2007-03-18 21:52 2,414,360 --a------ C:\WINDOWS\system32\d3dx9_31.dll 2007-03-18 21:52 15,128 --a------ C:\WINDOWS\system32\x3daudio1_1.dll 2007-03-18 21:26 592 --a------ C:\WINDOWS\chgkey.vbs 2007-03-18 21:20 2007-03-13 12:13 2007-03-10 12:05 6,912 --a------ C:\WINDOWS\system32\drivers\vulfnth.sys 2007-03-10 12:05 45,056 --a------ C:\WINDOWS\system32\vusetup.dll 2007-03-10 12:05 11,264 --a------ C:\WINDOWS\system32\drivers\vulfntr.sys 2007-03-10 11:48 61,056 --a------ C:\WINDOWS\system32\drivers\ohci1394.sys 2007-03-10 11:48 6,400 --a------ C:\WINDOWS\system32\drivers\enum1394.sys 2007-03-10 11:48 53,248 --a------ C:\WINDOWS\system32\drivers\1394bus.sys 2007-03-08 20:03 (((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))) 2007-04-04 14:10 -------- d-------- C:\DOCUME~1\wirus\DANEAP~1\foobar2000 2007-04-04 13:35 -------- d-------- C:\DOCUME~1\wirus\DANEAP~1\skype 2007-04-02 09:58 -------- d-------- C:\Program Files\ie7pro 2007-03-26 19:38 27262976 --a------ C:\VIRTPART.DAT 2007-03-19 14:46 163644 --a------ C:\WINDOWS\system32\drivers\secdrv.sys 2007-03-10 13:46 -------- d-------- C:\Program Files\tc up 2007-03-08 17:38 579072 --a------ C:\WINDOWS\system32\user32.dll 2007-03-08 17:38 40960 --a------ C:\WINDOWS\system32\mf3216.dll 2007-03-08 17:38 281600 --a------ C:\WINDOWS\system32\gdi32.dll 2007-03-08 17:37 1843840 --a------ C:\WINDOWS\system32\win32k.sys 2007-03-01 08:49 0 --a------ C:\WINDOWS\system32\vbsuct32.dll 2007-02-26 17:51 0 --a------ C:\WINDOWS\system32\suupdate.dat 2007-02-26 17:51 0 --a------ C:\WINDOWS\system32\mssurun.dat 2007-02-22 20:18 -------- d-------- C:\Program Files\pc camera 2007-02-22 14:08 24064 --a------ C:\WINDOWS\autoload.exe 2007-02-22 09:20 -------- d–h----- C:\Program Files\installshield installation information 2007-02-21 08:00 545 --a------ C:\WINDOWS\uc.pif 2007-02-21 08:00 545 --a------ C:\WINDOWS\rar.pif 2007-02-21 08:00 545 --a------ C:\WINDOWS\pkzip.pif 2007-02-21 08:00 545 --a------ C:\WINDOWS\pkunzip.pif 2007-02-21 08:00 545 --a------ C:\WINDOWS\lha.pif 2007-02-21 08:00 545 --a------ C:\WINDOWS\arj.pif 2007-02-18 10:10 -------- d-------- C:\DOCUME~1\wirus\DANEAP~1\reallusion 2007-02-17 19:26 -------- d-------- C:\Program Files\msn messenger 2007-02-17 19:13 -------- d-------- C:\Program Files\logitech 2007-02-17 19:03 -------- d-------- C:\Program Files\microsoft hardware 2007-02-07 21:05 269824 --a------ C:\WINDOWS\system32\baksm.dll 2007-01-19 09:40 89088 --a------ C:\WINDOWS\system32\skaneronlineuninstall.exe 2007-01-15 19:32 689280 --a------ C:\WINDOWS\system32\aswboot.exe 2007-01-12 13:18 90112 --a------ C:\WINDOWS\system32\avastss.scr 2007-01-09 19:46 10752 --a------ C:\WINDOWS\system32\ff_vfw.dll 2007-01-08 20:01 17408 --a------ C:\WINDOWS\system32\corpol.dll 2007-01-05 13:50 304160 --a------ C:\StiImg.dat (((((((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))) *Note* empty entries & legit default entries are not shown [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run] “ctfmon.exe”=“C:\WINDOWS\system32\ctfmon.exe” “SpeedX”=“L:\PROGRA~1\MyPortal\Speed-X\SpeedX.exe” [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run] “NvCplDaemon”=“RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup” “NvMediaCenter”=“RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit” “WinFast2KLoadDefault”=“rundll32.exe wf2kcpl.dll,DllLoadDefaultSettings” “avast!”="“l:\Program Files\Alwil Software\Avast4\ashDisp.exe”" “IntelliType”="“C:\Program Files\Microsoft Hardware\Keyboard\type32.exe”" “Ashampoo FireWall”="“L:\Program Files\Ashampoo\Ashampoo FireWall\FireWall.exe” -TRAY" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL] “Installed”=“1” [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI] “Installed”=“1” “NoChange”=“1” [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS] “Installed”=“1” [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^Adobe Gamma Loader.lnk] “backup”=“C:\WINDOWS\pss\Adobe Gamma Loader.lnkCommon Startup” “location”=“Common Startup” “command”=“C:\PROGRA~1\COMMON~1\Adobe\Calibration\Adobe Gamma Loader.exe " “item”=“Adobe Gamma Loader” [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^Ashampoo Magical Defrag.lnk] “path”=“C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Ashampoo Magical Defrag.lnk” “backup”=“C:\WINDOWS\pss\Ashampoo Magical Defrag.lnkCommon Startup” “location”=“Common Startup” “command”=“L:\PROGRA~1\Ashampoo\ASHAMP~3\bin\ADEFRA~1.EXE -startup” “item”=“Ashampoo Magical Defrag” [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^Kodak EasyShare software.lnk] “location”=“Common Startup” “command”=“L:\PROGRA~1\kodak\KODAKE~1\bin\EASYSH~1.EXE -h” “item”=“Kodak EasyShare software” “backup”=“C:\WINDOWS\pss\Kodak EasyShare software.lnkCommon Startup” [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^Kodak software updater.lnk] “backup”=“C:\WINDOWS\pss\KODAK Software Updater.lnkCommon Startup” “location”=“Common Startup” “command”=“C:\PROGRA~1\KODAK\KODAK Software Updater\7288971\Program\backWeb-7288971.exe " “item”=“KODAK Software Updater” [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^wirus^Menu Start^Programy^Autostart^PeerGuardian.lnk] “location”=“Startup” “command”=“L:\PROGRA~1\PEERGU~1\pg2.exe " “item”=“PeerGuardian” [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^wirus^Menu Start^Programy^Autostart^Rozmowa.lnk] “backup”=“C:\WINDOWS\pss\Rozmowa.lnkStartup” “location”=“Startup” “item”=“Rozmowa” [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^wirus^Menu Start^Programy^Autostart^Stardock ObjectDock.lnk] “backup”=“C:\WINDOWS\pss\Stardock ObjectDock.lnkStartup” “location”=“Startup” “command”=“L:\Program Files\BricoPacks\Vista Inspirat\ObjectDock\ObjectDock.exe " “item”=“Stardock ObjectDock” [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^wirus^Menu Start^Programy^Autostart^UniSpiker-2.6.lnk] “backup”=“C:\WINDOWS\pss\UniSpiker-2.6.lnkStartup” “location”=“Startup” “item”=“UniSpiker-2.6” [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^wirus^Menu Start^Programy^Autostart^Vitrite.lnk] “backup”=“C:\WINDOWS\pss\Vitrite.lnkStartup” “location”=“Startup” “command”=“L:\PROGRA~1\TINYUT~1\Vitrite\Vitrite.exe " “item”=“Vitrite” [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^wirus^Menu Start^Programy^Autostart^Y’z ToolBar.lnk] “backup”=“C:\WINDOWS\pss\Y’z ToolBar.lnkStartup” “location”=“Startup” “command”=“L:\PROGRA~1\BRICOP~1\VISTAI~1\YZTOOL~1\YZTOOL~1.EXE " “item”=“Y’z ToolBar” [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg] “key”=“SOFTWARE\Microsoft\Windows\CurrentVersion\Run” “item”=”” “hkey”=“HKLM” “command”=”” “inimapping”=“0” [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AQQ] “key”=“SOFTWARE\Microsoft\Windows\CurrentVersion\Run” “item”=“Akuku” “hkey”=“HKCU” “inimapping”=“0” [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AVG7_CC] “key”=“SOFTWARE\Microsoft\Windows\CurrentVersion\Run” “item”=“avgcc” “hkey”=“HKLM” “command”=“l:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP” “inimapping”=“0” [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] “key”=“SOFTWARE\Microsoft\Windows\CurrentVersion\Run” “item”=“NMBgMonitor” “hkey”=“HKCU” “command”=”“C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe”” “inimapping”=“0” [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Blaero Start Orb] “key”=“SOFTWARE\Microsoft\Windows\CurrentVersion\Run” “item”=“Blaero Start Orb” “hkey”=“HKLM” “inimapping”=“0” [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Campidle] “key”=“SOFTWARE\Microsoft\Windows\CurrentVersion\Run” “item”=“okay army” “hkey”=“HKCU” “inimapping”=“0” [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ccApp] “key”=“SOFTWARE\Microsoft\Windows\CurrentVersion\Run” “item”=“ccApp” “hkey”=“HKLM” “inimapping”=“0” [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CMESys] “key”=“SOFTWARE\Microsoft\Windows\CurrentVersion\Run” “item”=“CMESys” “hkey”=“HKLM” “inimapping”=“0” [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe] “key”=“SOFTWARE\Microsoft\Windows\CurrentVersion\Run” “item”=“ctfmon” “hkey”=“HKCU” “command”=“C:\WINDOWS\system32\ctfmon.exe” “inimapping”=“0” [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Gadu-Gadu] “key”=“SOFTWARE\Microsoft\Windows\CurrentVersion\Run” “item”=“PowerGG” “hkey”=“HKCU” “inimapping”=“0” [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Glass2k] “key”=“SOFTWARE\Microsoft\Windows\CurrentVersion\Run” “item”=“Glass2k” “hkey”=“HKLM” “inimapping”=“0” [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup] “key”=“SOFTWARE\Microsoft\Windows\CurrentVersion\Run” “item”=“ISUSPM” “hkey”=“HKLM” “command”="“C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe” -startup" “inimapping”=“0” [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\kis] “key”=“SOFTWARE\Microsoft\Windows\CurrentVersion\Run” “item”=“avp” “hkey”=“HKLM” “command”="“L:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe”" “inimapping”=“0” [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KomunikatorInteriaPL] “key”=“SOFTWARE\Microsoft\Windows\CurrentVersion\Run” “item”=“Komunikator” “hkey”=“HKCU” “inimapping”=“0” [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LanguageShortcut] “key”=“SOFTWARE\Microsoft\Windows\CurrentVersion\Run” “item”=“Language” “hkey”=“HKLM” “command”="“C:\Program Files\CyberLink\PowerDVD\Language\Language.exe”" “inimapping”=“0” [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LClock] “key”=“SOFTWARE\Microsoft\Windows\CurrentVersion\Run” “item”=“LClock” “hkey”=“HKLM” “inimapping”=“0” [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Longhorn SideBar] “key”=“SOFTWARE\Microsoft\Windows\CurrentVersion\Run” “item”=“SideBar” “hkey”=“HKCU” “inimapping”=“0” [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MessengerPlus3] “key”=“SOFTWARE\Microsoft\Windows\CurrentVersion\Run” “item”=“MsgPlus” “hkey”=“HKLM” “inimapping”=“0” [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS] “key”=“SOFTWARE\Microsoft\Windows\CurrentVersion\Run” “item”=“msmsgs” “hkey”=“HKCU” “inimapping”=“0” [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mspwr] “key”=“SOFTWARE\Microsoft\Windows\CurrentVersion\Run” “item”=“PuXpMan” “hkey”=“HKLM” “command”=“C:\WINDOWS\system32\PuXpMan.exe” “inimapping”=“0” [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] “key”=“SOFTWARE\Microsoft\Windows\CurrentVersion\Run” “item”=“NeroCheck” “hkey”=“HKLM” “inimapping”=“0” [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\New.net Startup] “key”=“SOFTWARE\Microsoft\Windows\CurrentVersion\Run” “item”=“newdotnet6_38” “hkey”=“HKLM” “inimapping”=“0” [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz] “key”=“SOFTWARE\Microsoft\Windows\CurrentVersion\Run” “item”=“nwiz” “hkey”=“HKLM” “command”=“nwiz.exe /install” “inimapping”=“0” [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ODSPConfig] “key”=“SOFTWARE\Microsoft\Windows\CurrentVersion\Run” “item”=“ODSPConfig” “hkey”=“HKLM” “inimapping”=“0” [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PeerGuardian] “key”=“SOFTWARE\Microsoft\Windows\CurrentVersion\Run” “item”=“pg2” “hkey”=“HKCU” “inimapping”=“0” [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Picasa Media Detector] “key”=“SOFTWARE\Microsoft\Windows\CurrentVersion\Run” “item”=“PicasaMediaDetector” “hkey”=“HKLM” “command”=“l:\Program Files\Picasa2\PicasaMediaDetector.exe” “inimapping”=“0” [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] “key”=“SOFTWARE\Microsoft\Windows\CurrentVersion\Run” “item”=“qttask” “hkey”=“HKLM” “inimapping”=“0” “command”="“C:\WINDOWS\system32\QuickTime\qttask.exe” -atboottime" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl] “key”=“SOFTWARE\Microsoft\Windows\CurrentVersion\Run” “item”=“PDVDServ” “hkey”=“HKLM” “inimapping”=“0” “command”="“C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe”" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RSD_HDDThermo] “key”=“SOFTWARE\Microsoft\Windows\CurrentVersion\Run” “item”=“HDD Thermometer” “hkey”=“HKCU” “inimapping”=“0” [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Siemens SmartSync - ScheduleSync] “key”=“SOFTWARE\Microsoft\Windows\CurrentVersion\Run” “item”=“SCHEDU~1” “hkey”=“HKLM” “command”=“L:\PROGRA~1\MOBILE~1\SMARTS~1\SCHEDU~1.EXE” “inimapping”=“0” [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spik] “key”=“SOFTWARE\Microsoft\Windows\CurrentVersion\Run” “item”=“Spik” “hkey”=“HKLM” “command”=“L:\Program Files\Wirtualna Polska\Spik\Spik.exe -autostart” “inimapping”=“0” [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SsAAD.exe] “key”=“SOFTWARE\Microsoft\Windows\CurrentVersion\Run” “item”=“SsAAD” “hkey”=“HKLM” “command”=“L:\PROGRA~1\Sony\SONICS~1\SsAAD.exe” “inimapping”=“0” [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StarSkin] “key”=“SOFTWARE\Microsoft\Windows\CurrentVersion\Run” “item”=“starskin” “hkey”=“HKLM” “inimapping”=“0” [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Styler] “key”=“SOFTWARE\Microsoft\Windows\CurrentVersion\Run” “item”=“Styler” “hkey”=“HKLM” “inimapping”=“0” [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] “key”=“SOFTWARE\Microsoft\Windows\CurrentVersion\Run” “item”=“jusched” “hkey”=“HKLM” “command”=“C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe” “inimapping”=“0” [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Symantec NetDriver Monitor] “key”=“SOFTWARE\Microsoft\Windows\CurrentVersion\Run” “item”=“SNDMon” “hkey”=“HKLM” “inimapping”=“0” [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TopDesk] “key”=“SOFTWARE\Microsoft\Windows\CurrentVersion\Run” “item”=“topdesk” “hkey”=“HKLM” “inimapping”=“0” [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Vista Sidebar] “key”=“SOFTWARE\Microsoft\Windows\CurrentVersion\Run” “item”=“sidebar” “hkey”=“HKLM” “inimapping”=“0” [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VisualTooltip] “key”=“SOFTWARE\Microsoft\Windows\CurrentVersion\Run” “item”=“VisualToolTip” “hkey”=“HKLM” “inimapping”=“0” [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinFoxV2] “key”=“SOFTWARE\Microsoft\Windows\CurrentVersion\Run” “item”=“WF2K” “hkey”=“HKLM” “command”=“C:\WINDOWS\system32\WF2K.EXE” “inimapping”=“0” [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Yodm3D] “key”=“SOFTWARE\Microsoft\Windows\CurrentVersion\Run” “item”=“Yodm3D” “hkey”=“HKCU” “command”=“L:\Program Files\yodm3D\Yodm3D.exe” “inimapping”=“0” [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] “key”=“SOFTWARE\Microsoft\Windows\CurrentVersion\Run” “item”=“gnotify” “hkey”=“HKLM” “command”=“l:\Program Files\Google\Gmail Notifier\gnotify.exe” “inimapping”=“0” [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] “KodakCCS”=dword:00000002 “GhostStartService”=dword:00000002 “AshampooDefragService”=dword:00000002 [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler] “{553858A7-4922-4e7e-B1C1-97140C1C16EF}”=“IE Component Categories cache daemon” [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload] “WPDShServiceObj”="{AAA288BA-9A4C-45B0-95D7-94D524869DB5}" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer] “NoWelcomeScreen”=dword:00000001 “NoSMHelp”=dword:00000001 “NoRemoteRecursiveEvents”=dword:00000001 “NoCDBurning”=dword:00000000 [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer\run] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] “NoLowDiskSpaceChecks”=dword:00000001 “NoRecentDocsMenu”=dword:00000001 “ForceClassicControlPanel”=dword:00000001 “NoCDBurning”=dword:00000001 “NoSaveSettings”=dword:00000000 “NoInstrumentation”=dword:00000001 [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\run] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] “SecurityProviders”=“msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll” HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa Authentication Packages REG_MULTI_SZ msv1_0\0\0 Security Packages REG_MULTI_SZ kerberos\0msv1_0\0schannel\0wdigest\0\0 Notification Packages REG_MULTI_SZ scecli\0\0 [HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost] LocalService REG_MULTI_SZ Alerter\0WebClient\0LmHosts\0RemoteRegistry\0upnphost\0SSDPSRV\0\0 NetworkService REG_MULTI_SZ DnsCache\0\0 rpcss REG_MULTI_SZ RpcSs\0\0 imgsvc REG_MULTI_SZ StiSvc\0\0 termsvcs REG_MULTI_SZ TermService\0\0 HTTPFilter REG_MULTI_SZ HTTPFilter\0\0 DcomLaunch REG_MULTI_SZ DcomLaunch\0TermService\0\0 Usnsvc REG_MULTI_SZ usnsvc\0\0 WudfServiceGroup REG_MULTI_SZ WUDFSvc\0\0 ~ ~ ~ ~ ~ ~ ~ ~ Hijackthis Backups ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ backup-20070405-084813-349 O9 - Extra ‘Tools’ menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - L:\PROGRA~1\FLASHGET\flashget.exe (file missing) backup-20070405-084812-725 O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - L:\PROGRA~1\FLASHGET\flashget.exe (file missing) backup-20070404-212103-947 O23 - Service: ODSP Host Service (ODSP Host) - Unknown owner - l:\Program Files\ODSP\ODSPHost_NT.exe (file missing) backup-20070404-211327-463 O23 - Service: PDEngine - Unknown owner - C:\Program Files\Raxco\PerfectDisk\PDEngine.exe (file missing) backup-20070404-211327-673 O23 - Service: PDAgent - Unknown owner - C:\Program Files\Raxco\PerfectDisk\PDAgent.exe (file missing) backup-20070404-211249-440 O16 - DPF: {FDDBE2B8-6602-4AD8-946D-94C5A32FA6C5} - http://67.15.101.3/g_bin/pl/snooker_2_0_0_21.cab backup-20070404-211249-143 O16 - DPF: {FDDBE2B8-6602-4AD8-946D-94C5A32FA6C4} - http://67.15.101.3/g_bin/pl/billardt_2_0_0_21.cab backup-20070404-211249-744 O16 - DPF: {FDDBE2B8-6602-4AD8-946D-94C5A32FA6C1} - http://67.15.101.3/g_bin/pl/billard8_2_0_0_21.cab backup-20070404-211121-462 O23 - Service: ODSP Host Service (ODSP Host) - Unknown owner - l:\Program Files\ODSP\ODSPHost_NT.exe (file missing) backup-20070404-211107-812 O23 - Service: ODSP Host Service (ODSP Host) - Unknown owner - l:\Program Files\ODSP\ODSPHost_NT.exe (file missing) backup-20070404-211045-609 O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} (MksSkanerOnline Class) - http://www.mks.com.pl/skaner/SkanerOnline.cab backup-20070404-205359-181 O2 - BHO: SS Plugin Class - {1D1B2879-99FF-11E3-8D96-D7ACAC95952A} - (no file) backup-20070404-205344-467 O23 - Service: ODSP Host Service (ODSP Host) - Unknown owner - l:\Program Files\ODSP\ODSPHost_NT.exe (file missing) backup-20070404-205344-744 O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\ backup-20070404-205344-987 O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocache/fu … .0.8-2.cab backup-20070404-200810-167 O2 - BHO: (no name) - {AA7BC78C-2AD5-4C6C-8014-B1F5E75CB0F4} - (no file) backup-20070404-200810-683 O2 - BHO: (no name) - {F156768E-81EF-470C-9057-481BA8380DBA} - (no file) backup-20070404-200810-606 O2 - BHO: (no name) - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - (no file) backup-20070404-200810-772 O2 - BHO: (no name) - {683331AC-57DC-4A55-BCED-31BDA4ACB89A} - (no file) backup-20070404-200810-992 O2 - BHO: (no name) - {5345A7A1-805A-4923-B505-86B2FEBA3FE0} - (no file) backup-20070404-193956-573 O8 - Extra context menu item: Download All Links with IDM - L:\Program Files\Internet Download Manager\IEGetAll.htm backup-20070404-190533-462 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost backup-20070404-190533-374 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = backup-20070404-190533-560 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.windowsxlive.net backup-20070404-190533-165 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 backup-20070404-190533-182 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 backup-20070404-190533-796 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 backup-20070404-190003-658 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.bearshare.com/sidebar.html?src=ssb backup-20070404-185943-214 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://search.bearshare.com/sidebar.html?src=ssb backup-20070404-185943-131 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.bearshare.com/sidebar.html?src=ssb backup-20070404-185943-911 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.bearshare.com/sidebar.html?src=ssb backup-20070404-184604-681 O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file) ******************************************************************** catchme 0.2 W2K/XP/Vista - userland rootkit detector by Gmer, 17 October 2006 http://www.gmer.net scanning hidden processes … scanning hidden services … scanning hidden autostart entries … scanning hidden files … scan completed successfully hidden processes: 0 hidden services: 0 hidden files: 0 ******************************************************************** Completion time: 07-04-05 8:55:08 C:\ComboFix-quarantined-files.txt … 07-04-05 08:55
adam9870
(adam9870)
5 Kwiecień 2007 13:19
#6
Otwórz Notatnik i wklej w nim to:
Plik >>> Zapisz jako >>> Zmień rozszerzenie z TXT na Wszystkie pliki >>> Zapisz pod nazwą FIX.BAT w c:\windows
Uruchom tryb awaryjny z obsługą linii komend. W tym celu po wciśnięciu klawisza F5 lub F8 podczas uruchamia komputera na planszy z wyborem systemu wybierz pozycję tryb awaryjny z obsługą sieci i kliknij Enter. Jak już będziesz w trybie awaryjnym z obsługą sieci to wpisz:
Nastąpi reset, a po resecie otwórz Notatnik i wklej w nim to:
Plik >>> Zapisz jako >>> Zmień rozszerzenie z TXT na Wszystkie pliki >>> Zapisz pod nazwą FIX.REG >>> kliknij dwa razy na utworzony plik FIX.REG i potwierdź dodanie do rejestru >>> restart.
Usuń wpis HJT jeśli będzie.
Po wykonaniu zdaj relacje i wklej nowe logi.
martitbg
(Marcin126p)
5 Kwiecień 2007 16:08
#7
Niestety ale po zrobieniu tego
wywala mi cos takiego
Złączono Posta : 05.04.2007 (Czw) 18:10
Wielkie dzieki za cierpliwosc.
adam9870
(adam9870)
5 Kwiecień 2007 16:19
#8
W takim razie po wejściu do trybu awaryjnego z obsługą linii komend spróbuj sam wydać następujące polecenia:
martitbg
(Marcin126p)
5 Kwiecień 2007 16:46
#9
Po wykonaniu sc stop ODSP Host i sc delete ODSP Host wywala mi takie komunikaty:
a po 2 nastepnych
adam9870
(adam9870)
5 Kwiecień 2007 17:48
#10
Zastosuj trik z FIX.REG, który podałem i wklej nowe logi.