Nie można zrobić defragmentacji

[peblo]

witam nie można zrobić defragmantacji dysku c i d mógłby ktoś sprawdzić loga z combofixa

Kod: Zaznacz wszystko

comboFix 08-12-20.05 - Rafał 2008-12-21 16:57:14.1 - NTFSx86
Microsoft Windows XP Home Edition  5.1.2600.2.1250.1.1045.18.503.182 [GMT 1:00]
Uruchomiony z: d:\sciąganie\ComboFix.exe
* Utworzono nowy punkt przywracania
* Resident AV is active

.

(((((((((((((((((((((((((((((((((((((((   Usunięto   )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\system32\_004208_.tmp.dll
c:\windows\system32\_004209_.tmp.dll
c:\windows\system32\_004210_.tmp.dll
c:\windows\system32\_004211_.tmp.dll
c:\windows\system32\_004218_.tmp.dll
c:\windows\system32\_004219_.tmp.dll
c:\windows\system32\_004220_.tmp.dll
c:\windows\system32\_004221_.tmp.dll
c:\windows\system32\_004223_.tmp.dll
c:\windows\system32\_004224_.tmp.dll
c:\windows\system32\_004227_.tmp.dll
c:\windows\system32\_004228_.tmp.dll
c:\windows\system32\_004230_.tmp.dll
c:\windows\system32\_004231_.tmp.dll
c:\windows\system32\_004232_.tmp.dll
c:\windows\system32\_004234_.tmp.dll
c:\windows\system32\_004237_.tmp.dll
c:\windows\system32\_004238_.tmp.dll
c:\windows\system32\_004242_.tmp.dll
c:\windows\system32\_004243_.tmp.dll
c:\windows\system32\_004245_.tmp.dll
c:\windows\system32\_004247_.tmp.dll
c:\windows\system32\_004248_.tmp.dll
c:\windows\system32\_004250_.tmp.dll
c:\windows\system32\_004251_.tmp.dll
c:\windows\system32\_004252_.tmp.dll
c:\windows\system32\_004253_.tmp.dll
c:\windows\system32\_004254_.tmp.dll
c:\windows\system32\_004257_.tmp.dll
c:\windows\system32\_004258_.tmp.dll
c:\windows\system32\_004259_.tmp.dll
c:\windows\system32\_004260_.tmp.dll
c:\windows\system32\_004261_.tmp.dll
c:\windows\system32\_004266_.tmp.dll
c:\windows\system32\_004268_.tmp.dll
H:\install.exe

.
(((((((((((((((((((((((((   Pliki utworzone od 2008-11-21 do 2008-12-21  )))))))))))))))))))))))))))))))
.

2008-12-11 20:15 . 2008-12-11 20:16   <DIR>   d----c---   c:\documents and settings\Rafał\Dane aplikacji\RaimaRadioPro
2008-12-06 09:50 . 2008-12-06 09:50   <DIR>   d----c---   c:\documents and settings\All Users\Dane aplikacji\Hagel Technologies
2008-12-02 00:05 . 2008-12-02 00:05   <DIR>   d--------   c:\program files\Java
2008-12-01 19:03 . 2008-12-01 19:03   <DIR>   d--------   c:\program files\Panda Security
2008-12-01 19:03 . 2008-06-19 17:24   28,544   --a------   c:\windows\system32\drivers\pavboot.sys
2008-11-30 20:11 . 2008-11-30 20:11   <DIR>   d--------   c:\windows\system32\Adobe
2008-11-30 20:11 . 2008-11-30 20:12   <DIR>   d----c---   c:\documents and settings\All Users\Dane aplikacji\INFO-TECH
2008-11-30 20:11 . 1999-06-18 22:49   165,888   --a------   c:\windows\Ckconfig.exe
2008-11-30 20:11 . 1999-07-20 13:16   78,336   --a------   c:\windows\system32\dbjavio6.dll
2008-11-30 20:11 . 1999-07-20 13:10   77,312   --a------   c:\windows\system32\dbauth6.dll
2008-11-30 20:11 . 2004-04-15 23:07   73,728   --a------   c:\windows\system32\Crypserv.exe
2008-11-30 20:11 . 2004-07-30 01:35   31,654   --a------   c:\windows\system32\Ckldrv.sys
2008-11-30 20:11 . 1996-05-03 18:21   27,648   -ra------   c:\windows\Setup_ck.exe
2008-11-30 20:11 . 1996-05-03 16:36   18,432   --a------   c:\windows\Setup_ck.dll
2008-11-30 20:11 . 1997-02-24 14:41   18,321   --a------   c:\windows\system32\odbcinst.hlp
2008-11-30 20:11 . 2003-09-11 22:42   16,384   --a------   c:\windows\system32\FileOps.exe
2008-11-30 20:11 . 1995-07-04 19:33   11,776   --a------   c:\windows\Ckrfresh.exe
2008-11-30 20:11 . 1997-02-24 14:41   544   --a------   c:\windows\system32\odbcinst.cnt
2008-11-30 20:11 . 2008-11-30 20:11   56   --a------   c:\windows\Crypkey.ini
2008-11-27 19:00 . 2008-11-27 19:00   <DIR>   d--------   c:\program files\Xvid
2008-11-27 19:00 . 2008-04-27 10:33   765,952   --a------   c:\windows\system32\xvidcore.dll
2008-11-27 19:00 . 2008-04-27 10:35   180,224   --a------   c:\windows\system32\xvidvfw.dll
2008-11-27 19:00 . 2007-06-28 18:55   77,824   --a------   c:\windows\system32\xvid.ax

.
((((((((((((((((((((((((((((((((((((((((   Sekcja Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-12-21 15:36   ---------   dc----w   c:\documents and settings\Rafał\Dane aplikacji\Skype
2008-12-21 15:00   ---------   dc----w   c:\documents and settings\Rafał\Dane aplikacji\skypePM
2008-12-15 00:04   ---------   dc----w   c:\documents and settings\All Users\Dane aplikacji\Microsoft Help
2008-11-30 19:11   ---------   d-----w   c:\program files\Common Files\Adobe
2008-11-16 19:55   ---------   d--h--w   c:\program files\InstallShield Installation Information
2008-11-16 12:09   ---------   d-----w   c:\program files\Microsoft ActiveSync
2008-11-14 10:40   ---------   d-----w   c:\program files\Defraggler
2008-10-24 11:10   453,632   ----a-w   c:\windows\system32\drivers\mrxsmb.sys
2008-10-23 13:01   283,648   ----a-w   c:\windows\system32\gdi32.dll
2008-10-21 18:17   ---------   d-----w   c:\program files\Microsoft Silverlight
2008-10-16 20:33   826,368   ----a-w   c:\windows\system32\wininet.dll
2008-10-16 13:13   202,776   ----a-w   c:\windows\system32\wuweb.dll
2008-10-16 13:13   1,809,944   ----a-w   c:\windows\system32\wuaueng.dll
2008-10-16 13:12   561,688   ----a-w   c:\windows\system32\wuapi.dll
2008-10-16 13:12   323,608   ----a-w   c:\windows\system32\wucltui.dll
2008-10-16 13:09   92,696   ----a-w   c:\windows\system32\cdm.dll
2008-10-16 13:09   51,224   ----a-w   c:\windows\system32\wuauclt.exe
2008-10-16 13:09   43,544   ----a-w   c:\windows\system32\wups2.dll
2008-10-16 13:08   34,328   ----a-w   c:\windows\system32\wups.dll
2008-10-16 13:06   268,648   ----a-w   c:\windows\system32\mucltui.dll
2008-10-16 13:06   208,744   ----a-w   c:\windows\system32\muweb.dll
2008-10-03 10:17   247,326   ----a-w   c:\windows\system32\strmdll.dll
2008-09-30 15:43   1,286,152   ----a-w   c:\windows\system32\msxml4.dll
2008-06-19 15:39   184   ----a-w   c:\program files\neostrada
2008-06-12 19:31   32,768   --sha-w   c:\windows\system32\config\systemprofile\Ustawienia lokalne\Historia\History.IE5\MSHist012008060220080609\index.dat
2008-06-12 19:31   32,768   --sha-w   c:\windows\system32\config\systemprofile\Ustawienia lokalne\Historia\History.IE5\MSHist012008061220080613\index.dat
.

(((((((((((((((((((((((((((((((((((((   Wpisy startowe rejestru   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-04 15360]
"H/PC Connection Agent"="c:\program files\Microsoft ActiveSync\wcescomm.exe" [2006-11-13 1289000]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-04 15360]

c:\documents and settings\All Users\Menu Start\Programy\Autostart\
GNConfig.lnk - c:\program files\Gigabyte\Gigabyte GN-WI01GS Wireless Mini PCI Adapter\Installer\WINXP\GNConfig.exe [2008-06-03 716800]
HideBUS.exe [2006-04-01 150528]

c:\documents and settings\All Users\Menu Start\Programy\Autostart\AutorunsDisabled
Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2008-07-11 113664]
DSLMON.lnk - c:\program files\SAGEM\SAGEM F@st 800-840\dslmon.exe [2008-06-19 839680]
Wyszukiwanie z pulpitu systemu Windows.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2007-02-05 118784]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2007-02-05 294400]

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^Adobe Gamma Loader.lnk]
path=c:\documents and settings\All Users\Menu Start\Programy\Autostart\Adobe Gamma Loader.lnk
backup=c:\windows\pss\Adobe Gamma Loader.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Creative WebCam Tray]
--------- 2005-10-27 11:00 299008 c:\program files\Creative\Shared Files\CamTray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
--a------ 2004-08-04 13:00 15360 c:\windows\system32\ctfmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
--a----t- 2008-09-04 16:27 133104 c:\documents and settings\Rafał\Ustawienia lokalne\Dane aplikacji\Google\Update\GoogleUpdate.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\H/PC Connection Agent]
--a------ 2006-11-13 13:39 1289000 c:\program files\Microsoft ActiveSync\wcescomm.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mcagent_exe]
--a------ 2007-11-01 18:12 582992 c:\program files\McAfee.com\Agent\mcagent.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2008-06-23 21:42 413696 c:\program files\QuickTime\qttask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AGRSMMSG]
-ra------ 2004-07-22 06:38 88361 c:\windows\AGRSMMSG.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"e:\\Gadu-Gadu\\gg.exe"=
"e:\\Avant browser\\avant.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"d:\\Digital Imaging\\bin\\hpqtra08.exe"=
"d:\\Digital Imaging\\bin\\hpqste08.exe"=
"d:\\Digital Imaging\\bin\\hpofxm08.exe"=
"d:\\Digital Imaging\\bin\\hposfx08.exe"=
"d:\\Digital Imaging\\bin\\hposid01.exe"=
"d:\\Digital Imaging\\bin\\hpqscnvw.exe"=
"d:\\Digital Imaging\\bin\\hpqkygrp.exe"=
"d:\\Digital Imaging\\bin\\hpqCopy.exe"=
"d:\\Digital Imaging\\bin\\hpfccopy.exe"=
"d:\\Digital Imaging\\bin\\hpzwiz01.exe"=
"d:\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"d:\\Digital Imaging\\Unload\\HpqDIA.exe"=
"d:\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Program Files\\Common Files\\McAfee\\MNA\\McNASvc.exe"=
"e:\\blusoell\\BlueSoleil.exe"=
"c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service

R0 pavboot;pavboot;c:\windows\system32\drivers\pavboot.sys [2008-12-01 28544]
R3 V0260VID;Live! Cam Vista IM;c:\windows\system32\DRIVERS\V0260Vid.sys [2008-09-02 178913]
S2 IKANLOADER2;General Purpose USB Driver (e4ldr.sys);c:\windows\system32\Drivers\e4ldr.sys [2008-06-19 64000]
S2 PSTRIP;PSTRIP;\??\c:\windows\system32\DRIVERS\PSTRIP.SYS []
S3 e4usbaw;USB ADSL2 WAN Adapter;c:\windows\system32\DRIVERS\e4usbaw.sys [2008-06-19 116992]
S3 SEMWModem;Sony Ericsson SEMWModem;c:\windows\system32\DRIVERS\GCXX.sys [2008-07-14 114944]
S3 SEMWWNIC;Sony Ericsson SEMWWNIC;c:\windows\system32\DRIVERS\GCXXNet.sys [2008-07-14 53248]
.
Zawartość folderu 'Zaplanowane zadania'

2008-12-21 c:\windows\Tasks\GoogleUpdateTaskUser.job
- c:\documents and settings\RafaB []

2008-12-15 c:\windows\Tasks\McDefragTask.job
- c:\progra~1\mcafee\mqc\QcConsol.exe [2007-12-04 12:32]

2008-06-28 c:\windows\Tasks\McQcTask.job
- c:\progra~1\mcafee\mqc\QcConsol.exe [2007-12-04 12:32]

2008-12-21 c:\windows\Tasks\MSK_ABImport_Daily_Rafał.job
- c:\windows\system32\rundll32.exe [2004-08-04 13:00]
.
- - - - USUNIĘTO PUSTE WPISY - - - -

HKCU-Run-DU Meter - d:\program files\DU Meter\DUMeter.exe
Notify-dimsntfy - (no file)
MSConfigStartUp-DU Meter - d:\program files\DU Meter\DUMeter.exe


.
------- Skan uzupełniający -------
.
uStart Page = hxxp://www.google.pl
uDefault_Search_URL = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: E&ksportuj do programu Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: {359B8245-3864-4198-86B5-0F1106594412} = 208.67.222.222,208.67.220.220
TCP: {AF21FA4B-6F16-4235-AC24-5111274A3E58} = 208.67.222.222,208.67.220.220

c:\windows\Downloaded Program Files\Navy.dll - O16 -: {4B4513E2-4E57-43DF-9496-FCD37E9DFA64}
hxxp://download.gamedesire.com/g_bin/pl/navy_2_0_0_29.cab
c:\windows\Downloaded Program Files\Navy.inf
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-12-21 17:02:03
Windows 5.1.2600 Dodatek Service Pack 2 NTFS

skanowanie ukrytych procesów ...

skanowanie ukrytych wpisów autostartu ...

skanowanie ukrytych plików ...

skanowanie pomyślnie ukończone
ukryte pliki: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ASFWHide]
"ImagePath"="\??\c:\docume~1\RAFA~1\USTAWI~1\Temp\ASFWHide"
.
------------------------ Pozostałe uruchomione procesy ------------------------
.
c:\progra~1\Microsoft ActiveSync\rapimgr.exe
e:\blusoell\BTNtService.exe
c:\windows\system32\Crypserv.exe
c:\progra~1\McAfee\MSC\mcmscsvc.exe
c:\progra~1\COMMON~1\McAfee\MNA\McNASvc.exe
c:\progra~1\COMMON~1\McAfee\McProxy\McProxy.exe
c:\progra~1\McAfee\VirusScan\Mcshield.exe
c:\program files\McAfee\MPF\MpfSrv.exe
c:\program files\McAfee\MSK\msksrver.exe
c:\windows\system32\HPZipm12.exe
c:\windows\system32\snmp.exe
.
**************************************************************************
.
Czas ukończenia: 2008-12-21 17:04:11 - komputer został uruchomiony ponownie
ComboFix-quarantined-files.txt  2008-12-21 16:04:06

Przed: 692 125 696 bajtów wolnych
Po: 918,863,872 bajtów wolnych

WindowsXP-KB310994-SP2-Home-BootDisk-PLK.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect

247   --- E O F ---   2008-12-18 23:04:52

tutaj mam logo z hijackthis

Kod: Zaznacz wszystko

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:34:09, on 2008-12-21
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Program Files\Gigabyte\Gigabyte GN-WI01GS Wireless Mini PCI Adapter\Installer\WINXP\GNConfig.exe
C:\PROGRA~1\Microsoft ActiveSync\rapimgr.exe
E:\blusoell\BTNtService.exe
C:\WINDOWS\system32\crypserv.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\PROGRA~1\McAfee\VirusScan\mcshield.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\Program Files\McAfee\MSK\MskSrver.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\system32\svchost.exe
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\WINDOWS\explorer.exe
C:\PROGRA~1\McAfee\VirusScan\mcsysmon.exe
E:\Mozilla Firefox\firefox.exe
E:\Avant browser\avant.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\WINDOWS\system32\NOTEPAD.EXE
c:\PROGRA~1\mcafee\msc\mcshell.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=74005
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: McAntiPhishingBHO - {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} - c:\PROGRA~1\mcafee\msk\mcapbho.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - E:\Dokument Setings\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: AutorunsDisabled
O4 - Global Startup: GNConfig.lnk = C:\Program Files\Gigabyte\Gigabyte GN-WI01GS Wireless Mini PCI Adapter\Installer\WINXP\GNConfig.exe
O4 - Global Startup: HideBUS.exe
O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Dokument Setings\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Dokument Setings\bin\ssv.dll
O9 - Extra button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\Microsoft ActiveSync\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\Microsoft ActiveSync\INetRepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\Microsoft ActiveSync\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Plugin Control) - http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://www.pandasecurity.com/activescan/cabs/as2stubie.cab
O16 - DPF: {4B4513E2-4E57-43DF-9496-FCD37E9DFA64} (GameDesire Sea Battle) - http://download.gamedesire.com/g_bin/pl/navy_2_0_0_29.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1216976742859
O17 - HKLM\System\CCS\Services\Tcpip\..\{359B8245-3864-4198-86B5-0F1106594412}: NameServer = 208.67.222.222,208.67.220.220
O17 - HKLM\System\CCS\Services\Tcpip\..\{AF21FA4B-6F16-4235-AC24-5111274A3E58}: NameServer = 208.67.222.222,208.67.220.220
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\Skype4COM.dll
O23 - Service: BlueSoleil Hid Service - Unknown owner - E:\blusoell\BTNtService.exe
O23 - Service: Crypkey License - CrypKey (Canada) Ltd. - C:\WINDOWS\SYSTEM32\crypserv.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VirusScan\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VirusScan\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VirusScan\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

--
End of file - 7169 bytes

[wojtas]

daj wiecej informacji..

1. Ściągnij OTMoveIt i go włacz i odpal go z opcji CleanUp oraz skasuj folder C:\Qoobox
2. wykonaj optymalizację windowsa
3.sciagnij ATF_Cleaner
zaznacz
Windows Temp
All users Temp
Temporary internet files
Recycle Bin
i wcisnij EMPTY SELECTED
4.Wyłącz przywracanie systemu ( właściwości mój komputer-zakładka przywracanie - wyłącz przywracanie na wszystkich dyskach). Po chwili włącz je powrotem
5.Przeskanuj obszar mojego komputera http://www.kaspersky.pl/virusscanner.html (uruchom przez IE) Daj raport z niego na forum.

i tym:

FixIEDef.

[peblo]

jest to laptop brata tak więc jak próbuje zrobić defragmentacje z orginalnego narzędzia jakie ma xp pisze ze nie można uruchomić zadania myślałem że po combofix coś sie zmieni ale nic dałem inny program do defragmentacji to dał rade ale nie pokazuje jak jest mocno poszatkowany
Program MMC nie moze otworzyc pliku C:/WINDOWS/system32/dfrg.msc
Byc moze plik nie istnieje,nie jest konsola MMC lub został utworzony przez starsza wersje programu MMC. Moze byc to takze spowodowane brakiem wystarczajacych uprawnien dostepu do pliku
Dodano Dzisiaj, 21:45:
dodaje logi z fixiedef i nadal nie można otworzyć defragmentacji a następny gag jest z zainstalowaniem sp3
po aktualizacji nie można dodać i usunąć programu

Kod: Zaznacz wszystko

*******************************************************************************
*                                                                              *
*                                 FixIEDef Log                                 *
*                              Version 1.7.20.6874                             *
*                                                                              *
********************************************************************************

Created at 21:38:31 on Sunday, December 21, 2008

Time Zone            :

Logged On User       : Rafał

Operating System     : Microsoft Windows XP Home Edition Dodatek Service Pack 2
OS Version           : 5.1.2600
System Langauge      : Polish
Keyboard Layout      : Polish
Processor            : X86 Intel(R) Celeron(R) M processor         1.60GHz

System Drive         : C:\
Windows Directory    : C:\WINDOWS
System Directory     : C:\WINDOWS\system32

System Drive Type    : Fixed
System Drive Status  : READY
System Drive Label   :
System Drive Size    : 12 GB
System Drive Free    : 1 GB

Total Physical Memory: 503 MB
Free Physical Memory : 140 MB
Total Page File      : 503 MB
Free Page File       : 921 MB
Total Virtual Memory : 2048 MB
Free Virtual Memory  : 1972 MB

Boot State           : Normal boot

--------------------------------------------------------------------------------

!!! userinit.exe is Clean !!!

--------------------------------------------------------------------------------

!!! Files that have been deleted !!!

No malicious files found

--------------------------------------------------------------------------------

!!! Directories that have been removed !!!

No malicious directories to be removed

--------------------------------------------------------------------------------

!!! Registry entries that have been removed !!!

No malicious Registry entries found

================================================================================

All Done :)


Kod: Zaznacz wszystko

ShadowPuterDude

Safe Surfing!!!

[wojtas]

zobacz tu:

http://support.microsoft.com/kb/326574/pl

[peblo]

niestety po tym linku nic nie można nadal zrobic