przymulony strasznie komp

[niktTKIN]

PROSZE O POMOC MAM PROBLEM NAWET Z OGLADANIEM FILMU CZY ROZMOWA PRZEZ SKYPE. COKOLWIEK ROBIE WIESZA SIE WSZYSTKO. ZACHOWUJE SIE BARDZO DZIWNIE NP. CZASAMI ZNIKAJA IKONKI.
TO MOJ LOG Z HIJACKTHIS:

Kod: Zaznacz wszystko

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:11:34, on 19/07/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\a-squared Free\a2service.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\Program Files\Common Files\NMSAccessU.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\TPSMain.exe
C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
C:\Program Files\USB2.0 2MP UVC Camera\Monitor.exe
C:\WINDOWS\system32\TPSBattM.exe
C:\SRNMIC~1\SOLOCFG.EXE
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Mozilla Firefox\nowy\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.antydialer.pl/strona_testowa.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SynTPLpr] "C:\Program Files\Synaptics\SynTP\SynTPLpr.exe"
O4 - HKLM\..\Run: [SynTPEnh] "C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
O4 - HKLM\..\Run: [TPSMain] TPSMain.exe
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [AOLDialer] "C:\Program Files\Common Files\AOL\ACS\AOLDial.exe"
O4 - HKLM\..\Run: [CAMONITOR] "C:\Program Files\USB2.0 2MP UVC Camera\Monitor.exe"
O4 - HKLM\..\Run: [SoloSchedule] C:\SRNMIC~1\SOLOCFG.EXE
O4 - HKLM\..\Run: [SoloSysCheck] C:\SRNMIC~1\SYSCHECK.COM
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe"
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [EPSON Stylus DX4400 Series] "C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICAE.EXE" /FU "C:\WINDOWS\TEMP\E_S267.tmp" /EF "HKCU"
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: AOL 9.0 Tray Icon.lnk = C:\Program Files\ATI Technologies\AOL 9.0\aoltray.exe
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: Dodaj do blokowanych banerów - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\ie_banner_deny.htm
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: Statystyki dla ochrony WWW - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\SCIEPlgn.dll
O9 - Extra button: Oslona programu IE - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Oslona programu IE... - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Kaspersky Internet Security 7.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\Common Files\NMSAccessU.exe
O23 - Service: TOSHIBA Application Service (TAPPSRV) - TOSHIBA Corp. - C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe

--
End of file - 6873 bytes


A TO Z COMBOFIX:

Kod: Zaznacz wszystko

ComboFix 08-07-08.9 - Michal  Lubniewicz 2008-07-19 19:18:50.5 - NTFSx86
Running from: C:\Documents and Settings\Michal  Lubniewicz\Favorites\Desktop\ComboFix.exe
* Resident AV is active


[color=red][b]WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !![/b][/color]
.

(((((((((((((((((((((((((   Files Created from 2008-06-19 to 2008-07-19  )))))))))))))))))))))))))))))))
.

2008-07-10 22:20 . 2008-07-10 22:20   <DIR>   d--------   C:\Program Files\CCleaner
2008-07-09 10:20 . 2008-06-20 18:41   245,248   -----c---   C:\WINDOWS\system32\dllcache\mswsock.dll
2008-07-09 10:20 . 2008-06-20 11:44   138,368   -----c---   C:\WINDOWS\system32\dllcache\afd.sys
2008-06-24 13:38 . 2008-06-24 13:38   <DIR>   d--------   C:\Documents and Settings\Michal  Lubniewicz\Application Data\Simply Super Software
2008-06-19 12:15 . 2008-07-11 15:09   54,156   --ah-----   C:\WINDOWS\QTFont.qfn
2008-06-19 12:15 . 2008-06-19 12:15   1,409   --a------   C:\WINDOWS\QTFont.for

.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-07-19 18:42   30,528,544   --sha-w   C:\WINDOWS\system32\drivers\fidbox.dat
2008-07-19 18:40   191,008   --sha-w   C:\WINDOWS\system32\drivers\fidbox2.dat
2008-07-19 17:07   ---------   d-----w   C:\Program Files\eMule
2008-07-19 13:18   ---------   d-----w   C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2008-07-18 20:45   408,596   --sha-w   C:\WINDOWS\system32\drivers\fidbox.idx
2008-07-18 20:45   18,644   --sha-w   C:\WINDOWS\system32\drivers\fidbox2.idx
2008-07-18 18:37   ---------   d-----w   C:\Documents and Settings\Michal  Lubniewicz\Application Data\Skype
2008-07-18 18:16   ---------   d-----w   C:\Documents and Settings\Michal  Lubniewicz\Application Data\skypePM
2008-07-10 22:01   ---------   d-----w   C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-07-10 21:44   ---------   d-----w   C:\Program Files\Spybot - Search & Destroy
2008-07-10 21:24   ---------   d-----w   C:\Program Files\a-squared Free
2008-07-04 11:14   ---------   d--h--w   C:\Program Files\InstallShield Installation Information
2008-06-24 20:33   ---------   d---a-w   C:\Documents and Settings\All Users\Application Data\TEMP
2008-06-20 17:41   245,248   ----a-w   C:\WINDOWS\system32\mswsock.dll
2008-06-20 14:22   225,920   ----a-w   C:\WINDOWS\system32\drivers\tcpip6.sys
2008-06-20 10:45   360,320   ----a-w   C:\WINDOWS\system32\drivers\tcpip.sys
2008-06-20 10:44   138,368   ----a-w   C:\WINDOWS\system32\drivers\afd.sys
2008-06-18 08:33   ---------   d-----w   C:\Documents and Settings\Michal  Lubniewicz\Application Data\AdobeUM
2008-06-13 13:10   272,128   ------w   C:\WINDOWS\system32\drivers\bthport.sys
2008-06-07 18:11   ---------   d-----w   C:\Documents and Settings\Michal  Lubniewicz\Application Data\Registry Booster
2008-06-01 22:51   112,144   ----a-w   C:\WINDOWS\system32\drivers\kl1.sys
2008-06-01 22:48   96,966   ----a-w   C:\WINDOWS\system32\drivers\klin.dat
2008-06-01 22:48   88,774   ----a-w   C:\WINDOWS\system32\drivers\klick.dat
2008-06-01 22:28   ---------   d-----w   C:\Program Files\Kaspersky Lab
2008-05-07 05:18   1,287,680   ----a-w   C:\WINDOWS\system32\quartz.dll
2008-04-29 10:29   81,984   ----a-w   C:\WINDOWS\system32\bdod.bin
2008-04-21 06:56   666,624   ----a-w   C:\WINDOWS\system32\wininet.dll
2008-03-17 21:09   32   ----a-w   C:\Documents and Settings\All Users\Application Data\ezsid.dat
2007-03-31 10:04   722   ----a-w   C:\Documents and Settings\Michal  Lubniewicz\Application Data\wklnhst.dat
2007-01-25 02:52   65,536   ----a-w   C:\Program Files\Common Files\NMSAccessU.exe
.

(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-03-12 13:49 153136]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 14:00 15360]
"EPSON Stylus DX4400 Series"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICAE.EXE" [2007-03-01 07:01 180736]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPLpr"="C:\Program Files\Synaptics\SynTP\SynTPLpr.exe" [2004-10-14 23:28 98394]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2004-10-14 23:26 688218]
"AOLDialer"="C:\Program Files\Common Files\AOL\ACS\AOLDial.exe" [2004-04-08 09:38 496752]
"CAMONITOR"="C:\Program Files\USB2.0 2MP UVC Camera\Monitor.exe" [2007-10-16 19:32 249856]
"SoloSchedule"="C:\SRNMIC~1\SOLOCFG.EXE" [2007-10-14 12:13 303104]
"SoloSysCheck"="C:\SRNMIC~1\SYSCHECK.COM" [2007-10-14 12:30 237568]
"AVP"="C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe" [2007-06-28 12:51 218376]
"RTHDCPL"="RTHDCPL.EXE" [2005-11-10 19:14 15473664 C:\WINDOWS\RTHDCPL.exe]
"TPSMain"="TPSMain.exe" [2005-08-03 15:26 266240 C:\WINDOWS\system32\TPSMain.exe]
"Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" [2004-06-08 12:31 29696 C:\WINDOWS\KHALMNPR.Exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-04 14:00 15360]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
AOL 9.0 Tray Icon.lnk - C:\Program Files\ATI Technologies\AOL 9.0\aoltray.exe [2006-05-29 13:04:34 156784]
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe [2007-04-01 10:02:38 568176]

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"AntiVirusDisableNotify"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\TOSHIBA\\ConfigFree\\CFXFER.exe"=
"C:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe"=
"C:\\Program Files\\Common Files\\AOL\\ACS\\AOLAcsd.exe"=
"C:\\Program Files\\eMule\\emule.exe"=
"C:\\Program Files\\Winamp\\winamp.exe"=
"C:\\Program Files\\Mozilla Firefox\\nowy\\Mozilla Firefox\\firefox.exe"=
"C:\\SRN Micro\\SOLOCFG.EXE"=
"C:\\Program Files\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"15965:TCP"= 15965:TCP:BitComet 15965 TCP
"15965:UDP"= 15965:UDP:BitComet 15965 UDP
"7308:TCP"= 7308:TCP:BitComet 7308 TCP
"7308:UDP"= 7308:UDP:BitComet 7308 UDP
"26382:TCP"= 26382:TCP:BitComet 26382 TCP
"26382:UDP"= 26382:UDP:BitComet 26382 UDP
"7622:TCP"= 7622:TCP:BitComet 7622 TCP
"7622:UDP"= 7622:UDP:BitComet 7622 UDP
"49500:TCP"= 49500:TCP:BitComet 49500 TCP
"49500:UDP"= 49500:UDP:BitComet 49500 UDP
"22990:TCP"= 22990:TCP:BitComet 22990 TCP
"22990:UDP"= 22990:UDP:BitComet 22990 UDP
"27540:TCP"= 27540:TCP:BitComet 27540 TCP
"27540:UDP"= 27540:UDP:BitComet 27540 UDP

R3 Ca810av;CA810A WebCam Driver;C:\WINDOWS\system32\Drivers\Ca810av.sys [2007-10-16 14:36]
R3 klim5;Kaspersky Anti-Virus NDIS Filter;C:\WINDOWS\system32\DRIVERS\klim5.sys [2007-04-04 14:58]

.
**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-07-19 19:41:07
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

PROCESS: C:\WINDOWS\explorer.exe
-> ?:\WINDOWS\system32\PortableDeviceTypes.dll
.
Completion time: 2008-07-19 19:47:30
ComboFix-quarantined-files.txt  2008-07-19 18:46:38
ComboFix2.txt  2008-07-10 18:45:07

Pre-Run: 31,832,469,504 bytes free
Post-Run: 31,859,986,432 bytes free

125   --- E O F ---   2008-07-09 13:22:14



WIELKIE DZIEKI ZA POMOC :?

[Magik]

PROSZE O POMOC MAM PROBLEM NAWET Z OGLADANIEM FILMU CZY ROZMOWA PRZEZ SKYPE. COKOLWIEK ROBIE WIESZA SIE WSZYSTKO. ZACHOWUJE SIE BARDZO DZIWNIE NP. CZASAMI ZNIKAJA IKONKI.
TO MOJ LOG Z HIJACKTHIS:

Nie pisz capslockiem

Logi wstawiaj w tagi



odpal

Zastosuj SDFix . Po pobraniu uruchom go a rozpakuje się do C:\SDFix. Uruchom komputer w trybie awaryjnym (F8 przy stracie systemu). Będąc w awaryjnym uruchom plik RunThis.bat z folderu SDFixa. Zatwierdź czyszczenie przez Y. Poczekaj aż ukończy i komputer zresetuje

Potem wejdz do folderu C:\SDFix wrzuc zawartość pliku Report.txt

http://forum.programosy.pl/program-szukajacy-trojanow-i-malware-vt97108.html

[niktTKIN]

sorki ale jestem nowicjuszem i nie znam sie za bardzo na zasadach.

Kod: Zaznacz wszystko

[b]SDFix: Version 1.206 [/b]
Run by Michal  Lubniewicz on 19/07/2008 at 20:29

Microsoft Windows XP [Version 5.1.2600]
Running From: C:\SDFix

[b]Checking Services [/b]:


Restoring Default Security Values
Restoring Default Hosts File

Rebooting


[b]Checking Files [/b]:

Trojan Files Found:

C:\Documents and Settings\Michal  Lubniewicz\desktop\Error Cleaner.url - Deleted
C:\Documents and Settings\Michal  Lubniewicz\desktop\Privacy Protector.url - Deleted
C:\Documents and Settings\Michal  Lubniewicz\desktop\Spyware&Malware Protection.url - Deleted





Removing Temp Files

[b]ADS Check [/b]:



                                 [b]Final Check [/b]:

catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-07-19 20:57:21
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden services & system hive ...

scanning hidden registry entries ...

scanning hidden files ...

scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0


[b]Remaining Services [/b]:




Authorized Application Key Export:

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\TOSHIBA\\ConfigFree\\CFXFER.exe"="C:\\Program Files\\TOSHIBA\\ConfigFree\\CFXFER.exe:*:Enabled:ConfigFree SUMMIT Engine"
"C:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe"="C:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe:*:Enabled:AOL"
"C:\\Program Files\\Common Files\\AOL\\ACS\\AOLAcsd.exe"="C:\\Program Files\\Common Files\\AOL\\ACS\\AOLAcsd.exe:*:Enabled:AOL"
"C:\\Program Files\\eMule\\emule.exe"="C:\\Program Files\\eMule\\emule.exe:*:Enabled:eMule"
"C:\\Program Files\\Winamp\\winamp.exe"="C:\\Program Files\\Winamp\\winamp.exe:*:Enabled:Winamp PL"
"C:\\Program Files\\Mozilla Firefox\\nowy\\Mozilla Firefox\\firefox.exe"="C:\\Program Files\\Mozilla Firefox\\nowy\\Mozilla Firefox\\firefox.exe:*:Enabled:firefox"
"C:\\SRN Micro\\SOLOCFG.EXE"="C:\\SRN Micro\\SOLOCFG.EXE:*:Disabled:Solo Scheduler"
"C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\AOL 9.0\\waol.exe"="C:\\Program Files\\AOL 9.0\\waol.exe:*:Enabled:AOL 9.0"
"C:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe"="C:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe:*:Enabled:AOL"
"C:\\Program Files\\Common Files\\AOL\\ACS\\AOLAcsd.exe"="C:\\Program Files\\Common Files\\AOL\\ACS\\AOLAcsd.exe:*:Enabled:AOL"

[b]Remaining Files [/b]:


File Backups: - C:\SDFix\backups\backups.zip

[b]Files with Hidden Attributes [/b]:

Mon 28 Jan 2008     1,404,240 A.SHR --- "C:\Program Files\Spybot - Search & Destroy\SDUpdate.exe"
Mon 28 Jan 2008     5,146,448 A.SHR --- "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe"
Mon 28 Jan 2008     2,097,488 A.SHR --- "C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe"
Fri 29 Feb 2008         4,348 ..SH. --- "C:\Documents and Settings\All Users\DRM\DRMv1.bak"
Thu 12 May 2005        54,384 A..H. --- "C:\Program Files\ATI Technologies\AOL 9.0\aolphx.exe"
Thu 12 May 2005       156,784 A..H. --- "C:\Program Files\ATI Technologies\AOL 9.0\aoltray.exe"
Thu 12 May 2005        31,344 A..H. --- "C:\Program Files\ATI Technologies\AOL 9.0\RBM.exe"
Tue 27 May 2003       102,400 A..H. --- "C:\moje\filmy\New Folder\Slownik Jezyka Polskiego PWN\COMPOBJ.DLL"
Tue 27 May 2003        26,768 A..H. --- "C:\moje\filmy\New Folder\Slownik Jezyka Polskiego PWN\CTL3D.DLL"
Tue 27 May 2003       279,344 A..H. --- "C:\moje\filmy\New Folder\Slownik Jezyka Polskiego PWN\INSTALUJ.EXE"
Tue 27 May 2003       448,288 A..H. --- "C:\moje\filmy\New Folder\Slownik Jezyka Polskiego PWN\KSJP.EXE"
Tue 27 May 2003           333 A..H. --- "C:\moje\filmy\New Folder\Slownik Jezyka Polskiego PWN\KSJP.REG"
Tue 27 May 2003       190,416 A..H. --- "C:\moje\filmy\New Folder\Slownik Jezyka Polskiego PWN\KSJPX.DLL"
Tue 27 May 2003       146,976 A..H. --- "C:\moje\filmy\New Folder\Slownik Jezyka Polskiego PWN\MFCOLEUI.DLL"
Tue 27 May 2003       302,592 A..H. --- "C:\moje\filmy\New Folder\Slownik Jezyka Polskiego PWN\OLE2.DLL"
Tue 27 May 2003        27,023 A..H. --- "C:\moje\filmy\New Folder\Slownik Jezyka Polskiego PWN\OLE2.REG"
Tue 27 May 2003        57,328 A..H. --- "C:\moje\filmy\New Folder\Slownik Jezyka Polskiego PWN\OLE2CONV.DLL"
Tue 27 May 2003       164,832 A..H. --- "C:\moje\filmy\New Folder\Slownik Jezyka Polskiego PWN\OLE2DISP.DLL"
Tue 27 May 2003       150,976 A..H. --- "C:\moje\filmy\New Folder\Slownik Jezyka Polskiego PWN\OLE2NLS.DLL"
Tue 27 May 2003        51,712 A..H. --- "C:\moje\filmy\New Folder\Slownik Jezyka Polskiego PWN\OLE2PROX.DLL"
Tue 27 May 2003        27,023 A..H. --- "C:\moje\filmy\New Folder\Slownik Jezyka Polskiego PWN\OLE2_PL.REG"
Tue 27 May 2003        27,026 A..H. --- "C:\moje\filmy\New Folder\Slownik Jezyka Polskiego PWN\OLE2_USA.REG"
Tue 27 May 2003        82,944 A..H. --- "C:\moje\filmy\New Folder\Slownik Jezyka Polskiego PWN\OLECLI.DLL"
Tue 27 May 2003        24,064 A..H. --- "C:\moje\filmy\New Folder\Slownik Jezyka Polskiego PWN\OLESVR.DLL"
Tue 27 May 2003           342 A..H. --- "C:\moje\filmy\New Folder\Slownik Jezyka Polskiego PWN\PWNKSJP.REG"
Tue 27 May 2003       157,696 A..H. --- "C:\moje\filmy\New Folder\Slownik Jezyka Polskiego PWN\STORAGE.DLL"
Tue  6 May 2003     3,348,015 A..H. --- "C:\moje\filmy\New Folder\LOGICZNE\Atoll\Atollsetup.exe"
Tue  6 May 2003     3,999,750 A..H. --- "C:\moje\filmy\New Folder\LOGICZNE\Passage3XmasEdition\XMAS_P3E.EXE"

[b]Finished![/b]


mam nadzieje ze dobrze

[Magik]

sorki ale jestem nowicjuszem i nie znam sie za bardzo na zasadach.

to przeczytaj reg tego dzialu w tem. przyklejonych i sie zastosuj

mam nadzieje ze dobrze

tak ale po raz kolejny logi stawiamy w tagi 'code'


Rozumiem ze skan FixIEDef z tego linka co podalem wyzej zrobiles

Jedyna rzecz podejrzana, ktora widac to

Kod: Zaznacz wszystko

C:\SRNMIC~1\SOLOCFG.EXE

jak znasz ten proces to ok, jak nie to daj go na Fix w HiJackThis

Mozesz tez myknac to:
1. Ściągnij OTMoveIt i go włacz i odpal go z opcji CleanUp
2. wykonaj optymalizację windowsa
3.sciagnij ATF_Cleaner
zaznacz
Windows Temp
All users Temp
Temporary internet files
Recycle Bin
i wcisnij EMPTY SELECTED
4.Wyłącz przywracanie systemu ( właściwości mój komputer-zakładka przywracanie - wyłącz przywracanie na wszystkich dyskach). Po chwili włącz je powrotem

bo naprawde nic nie widac///

[niktTKIN]

wielkie dzieki za pomoc