Prosze sprawdzenie loga

[fugas761]

Prosze o sprawdzenie loga poniewaz komputer zawiesza mi sie , ekran wylacza , a przy przewijaniu stron robia sie fale .Czy moge wstawic log i jaki ?

[pp3088]

Fugas wstawiaj tak jak zawsze. Robiłes to już pełno razy

[fugas761]

Kod: Zaznacz wszystko

Logfile of HijackThis v1.99.1
Scan saved at 01:04:52, on 2007-05-21
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16441)

Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32Ati2evxx.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32Ati2evxx.exe
C:Program FilesAlwil SoftwareAvast4aswUpdSv.exe
C:Program FilesAlwil SoftwareAvast4ashServ.exe
C:WINDOWSExplorer.EXE
C:WINDOWSsystem32spoolsv.exe
C:Program FilesMultimedia Combo SetMouseDrv.exe
C:Program FilesMultimedia Combo SetPS2USBKbdDrv.exe
C:PROGRA~1ALWILS~1Avast4ashDisp.exe
C:Program FilesClocXClocX.exe
C:Program FilesCommon FilesAheadLibNMBgMonitor.exe
C:Program FilesAresAres.exe
C:WINDOWSsystem32ctfmon.exe
C:Program FilesGoogleGoogleToolbarNotifier1.2.1128.5462GoogleToolbarNotifier.exe
C:Program FilesVista Start MenuVistaStartMenu.exe
C:Program FilesuTorrentutorrent.exe
C:Program FilesAlwil SoftwareAvast4ashMaiSv.exe
C:Program FilesAlwil SoftwareAvast4ashWebSv.exe
C:Program FilesCommon FilesAheadLibNMIndexStoreSvr.exe
C:Program FilesNetPanelNetPanel.exe
C:WINDOWSsystem32wisptis.exe
C:Program FilesVSD SoftwareDzieńdobry!ddsched.exe
C:Program FilesOutlook Expressmsimn.exe
C:Program FilesInternet ExplorerIEXPLORE.EXE
C:Documents and SettingsTomekPulpithijackthisHijackThis.exe

R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.google.pl/
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Łącza
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:Program FilesAdobeAcrobat 6.0 CEReaderActiveXAcroIEHelper.dll
O2 - BHO: SkypeIEHelper - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:PROGRA~1Skype   oolbarsSKYPEF~1SKYPE_~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:Program FilesJavajre1.6.0_01inssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:program filesgooglegoogletoolbar3.dll
O2 - BHO: IEHlprObj Class - {CE7C3CF0-4B15-11D1-ABED-709549C10000} - C:Program FilesNetPanelIEHelper.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:program filesgooglegoogletoolbar3.dll
O3 - Toolbar: Skype Toolbar for Internet Explorer - {B13721C7-F507-4982-B2E5-502A71474FED} - C:Program FilesSkype   oolbarsSkype for Internet Explorerskype_toolbar.dll
O4 - HKLM..Run: [WireLessMouse ] C:Program FilesMultimedia Combo SetMouseDrv.exe
O4 - HKLM..Run: [WireLessKeyboard ] C:Program FilesMultimedia Combo SetPS2USBKbdDrv.exe
O4 - HKLM..Run: [avast!] C:PROGRA~1ALWILS~1Avast4ashDisp.exe
O4 - HKLM..Run: [ISUSPM] "C:Program FilesCommon FilesInstallShieldUpdateServiceISUSPM.exe" -scheduler
O4 - HKLM..Run: [ClocX] C:Program FilesClocXClocX.exe
O4 - HKLM..Run: [AtiPTA] atiptaxx.exe
O4 - HKLM..Run: [NetPanel] "C:Program FilesNetPanelStarter.exe" /path="C:Program FilesNetPanel"
O4 - HKLM..Run: [MSConfig] C:WINDOWSPCHealthHelpCtrBinariesMSConfig.exe /auto
O4 - HKCU..Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:Program FilesCommon FilesAheadLibNMBgMonitor.exe"
O4 - HKCU..Run: [ares] "C:Program FilesAresAres.exe" -h
O4 - HKCU..Run: [ctfmon.exe] C:WINDOWSsystem32ctfmon.exe
O4 - HKCU..Run: [swg] C:Program FilesGoogleGoogleToolbarNotifier1.2.1128.5462GoogleToolbarNotifier.exe
O4 - HKCU..Run: [Dzieńdobry!] C:Program FilesVSD SoftwareDzieńdobry!ddsched.exe /t=09:00
O4 - HKCU..Run: [VistaStartMenu] "C:Program FilesVista Start MenuVistaStartMenu.exe"
O4 - HKCU..Run: [µTorrent] "C:Program FilesuTorrentutorrent.exe"
O8 - Extra context menu item: Pobierz z &BitSpirit - C:Program FilesBitSpiritsurl.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program FilesJavajre1.6.0_01inssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program FilesJavajre1.6.0_01inssv.dll
O9 - Extra button: Skype Toolbar for Internet Explorer - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:PROGRA~1Skype   oolbarsSKYPEF~1EASYHI~1.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%Network Diagnosticxpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%Network Diagnosticxpnetdiag.exe (file missing)
O9 - Extra button: @C:Program FilesMessengerMsgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe
O9 - Extra 'Tools' menuitem: @C:Program FilesMessengerMsgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.pl/resources/virusscanner/kavwebscan_unicode.cab
O16 - DPF: {65D72393-E210-4A2A-B8E0-10AC45986770} (GWebInstallControl Object) - http://megapanel.gem.pl/WebInstaller.dll
O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} (MksSkanerOnline Class) - http://www.mks.com.pl/skaner/SkanerOnline.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1178743307343
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game04.zylom.com/activex/zylomgamesplayer.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:Program FilesSkype   oolbarsSharedSkype4ComAPI.dll
O20 - Winlogon Notify: WgaLogon - C:WINDOWSSYSTEM32WgaLogon.dll
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:Program FilesAreschatServer.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:Program FilesAlwil SoftwareAvast4aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:WINDOWSsystem32Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:WINDOWSsystem32ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:Program FilesAlwil SoftwareAvast4ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:Program FilesAlwil SoftwareAvast4ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:Program FilesAlwil SoftwareAvast4ashWebSv.exe" /service (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:Program FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:Program FilesCommon FilesInstallShieldDriver11Intel 32IDriverT.exe
O23 - Service: NBService - Nero AG - C:Program FilesNeroNero 7Nero BackItUpNBService.exe


[pp3088]

Kod: Zaznacz wszystko

O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game04.zylom.com/activex/zylomgamesplayer.cab


Z tego loga tylko to. Dodaj Silenta i Combofixa.

[fugas761]

"Silent Runners.vbs", revision 49, http://www.silentrunners.org/
Operating System: Windows XP SP2
Output limited to non-default values, except where indicated by "{++}"


Startup items buried in registry:
---------------------------------

HKCUSoftwareMicrosoftWindowsCurrentVersionRun {++}
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}" = ""C:Program FilesCommon FilesAheadLibNMBgMonitor.exe"" ["Nero AG"]
"ares" = ""C:Program FilesAresAres.exe" -h" ["Ares Development Group"]
"ctfmon.exe" = "C:WINDOWSsystem32ctfmon.exe" [MS]
"swg" = "C:Program FilesGoogleGoogleToolbarNotifier1.2.1128.5462GoogleToolbarNotifier.exe" ["Google Inc."]
"Dzieńdobry!" = "C:Program FilesVSD SoftwareDzieńdobry!ddsched.exe /t=09:00" ["VSD Software"]
"VistaStartMenu" = ""C:Program FilesVista Start MenuVistaStartMenu.exe"" ["OrdinarySoft"]
"µTorrent" = ""C:Program FilesuTorrentutorrent.exe"" [null data]

HKLMSoftwareMicrosoftWindowsCurrentVersionRun {++}
"WireLessMouse " = "C:Program FilesMultimedia Combo SetMouseDrv.exe" [empty string]
"WireLessKeyboard " = "C:Program FilesMultimedia Combo SetPS2USBKbdDrv.exe" [empty string]
"avast!" = "C:PROGRA~1ALWILS~1Avast4ashDisp.exe" ["ALWIL Software"]
"ISUSPM" = ""C:Program FilesCommon FilesInstallShieldUpdateServiceISUSPM.exe" -scheduler" [file not found]
"ClocX" = "C:Program FilesClocXClocX.exe" ["BonSoft"]
"AtiPTA" = "atiptaxx.exe" ["ATI Technologies, Inc."]
"NetPanel" = ""C:Program FilesNetPanelStarter.exe" /path="C:Program FilesNetPanel"" [null data]

HKLMSoftwareMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}(Default) = (no title provided)
{HKLM...CLSID} = "AcroIEHlprObj Class"
InProcServer32(Default) = "C:Program FilesAdobeAcrobat 6.0 CEReaderActiveXAcroIEHelper.dll" ["Adobe Systems Incorporated"]
{22BF413B-C6D2-4d91-82A9-A0F997BA588C}(Default) = "SkypeIEHelper"
{HKLM...CLSID} = "SkypeIEHelper Class"
InProcServer32(Default) = "C:PROGRA~1Skype oolbarsSKYPEF~1SKYPE_~1.DLL" ["Skype Technologies S.A."]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}(Default) = (no title provided)
{HKLM...CLSID} = "SSVHelper Class"
InProcServer32(Default) = "C:Program FilesJavajre1.6.0_01inssv.dll" ["Sun Microsystems, Inc."]
{AA58ED58-01DD-4d91-8333-CF10577473F7}(Default) = (no title provided)
{HKLM...CLSID} = "Google Toolbar Helper"
InProcServer32(Default) = "c:program filesgooglegoogletoolbar3.dll" ["Google Inc."]
{CE7C3CF0-4B15-11D1-ABED-709549C10000}(Default) = (no title provided)
{HKLM...CLSID} = "IEHlprObj Class"
InProcServer32(Default) = "C:Program FilesNetPanelIEHelper.dll" [null data]

HKLMSoftwareMicrosoftWindowsCurrentVersionShell ExtensionsApproved
"{42071714-76d4-11d1-8b24-00a0c9068ff3}" = "Rozszerzenie CPL kadrowania wyświetlania"
{HKLM...CLSID} = "Rozszerzenie CPL kadrowania wyświetlania"
InProcServer32(Default) = "deskpan.dll" [file not found]
"{88895560-9AA2-1069-930E-00AA0030EBC8}" = "Rozszerzenie ikony HyperTerminalu"
{HKLM...CLSID} = "HyperTerminal Icon Ext"
InProcServer32(Default) = "C:WINDOWSsystem32hticons.dll" ["Hilgraeve, Inc."]
"{EFA24E62-B078-11d0-89E4-00C04FC9E26E}" = "History Band"
{HKLM...CLSID} = "History Band"
InProcServer32(Default) = "C:WINDOWSsystem32shdocvw.dll" [MS]
"{cc86590a-b60a-48e6-996b-41d25ed39a1e}" = "Portable Media Devices Menu"
{HKLM...CLSID} = "Portable Media Devices Menu"
InProcServer32(Default) = "C:WINDOWSsystem32Audiodev.dll" [MS]
"{B41DB860-8EE4-11D2-9906-E49FADC173CA}" = "WinRAR shell extension"
{HKLM...CLSID} = "WinRAR"
InProcServer32(Default) = "C:Program FilesWinRAR arext.dll" [null data]
"{B327765E-D724-4347-8B16-78AE18552FC3}" = "NeroDigitalIconHandler"
{HKLM...CLSID} = "NeroDigitalIconHandler Class"
InProcServer32(Default) = "C:Program FilesCommon FilesAheadLibNeroDigitalExt.dll" ["Nero AG"]
"{7F1CF152-04F8-453A-B34C-E609530A9DC8}" = "NeroDigitalPropSheetHandler"
{HKLM...CLSID} = "NeroDigitalPropSheetHandler Class"
InProcServer32(Default) = "C:Program FilesCommon FilesAheadLibNeroDigitalExt.dll" ["Nero AG"]
"{472083B0-C522-11CF-8763-00608CC02F24}" = "avast"
{HKLM...CLSID} = "avast"
InProcServer32(Default) = "C:Program FilesAlwil SoftwareAvast4ashShell.dll" ["ALWIL Software"]
"{DB83BC37-4AC3-49D9-B397-2E46D166B6D0}" = "Quick Uninstall Start Menu Extension"
{HKLM...CLSID} = "Quick Uninstall Start Menu Extension"
InProcServer32(Default) = "C:Program FilesVista Start MenuqUninstall.dll" ["SprigSoft"]
"{32020A01-506E-484D-A2A8-BE3CF17601C3}" = "AlcoholShellEx"
{HKLM...CLSID} = "AlcoholShellEx"
InProcServer32(Default) = "C:PROGRA~1ALCOHO~1ALCOHO~1AXShlEx.dll" ["Alcohol Soft Development Team"]

HKLMSoftwareMicrosoftWindows NTCurrentVersionWinlogonNotify
<<!>> AtiExtEventDLLName = "Ati2evxx.dll" ["ATI Technologies Inc."]

HKLMSoftwareClassesFoldershellexColumnHandlers
{7D4D6379-F301-4311-BEBA-E26EB0561882}(Default) = "NeroDigitalExt.NeroDigitalColumnHandler"
{HKLM...CLSID} = "NeroDigitalColumnHandler Class"
InProcServer32(Default) = "C:Program FilesCommon FilesAheadLibNeroDigitalExt.dll" ["Nero AG"]

HKLMSoftwareClasses*shellexContextMenuHandlers
AIMPClassic(Default) = "{1F77B17B-F531-44DB-ACA4-76ABB5010A28}"
{HKLM...CLSID} = "AIMP Classic Shell"
InProcServer32(Default) = "D:PROGRA~1PORTAB~1.75(SystemAIMP_S~1.DLL" ["Artem Izmaylov"]
avast(Default) = "{472083B0-C522-11CF-8763-00608CC02F24}"
{HKLM...CLSID} = "avast"
InProcServer32(Default) = "C:Program FilesAlwil SoftwareAvast4ashShell.dll" ["ALWIL Software"]
WinRAR(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"
{HKLM...CLSID} = "WinRAR"
InProcServer32(Default) = "C:Program FilesWinRAR arext.dll" [null data]

HKLMSoftwareClassesDirectoryshellexContextMenuHandlers
AIMPClassic(Default) = "{1F77B17B-F531-44DB-ACA4-76ABB5010A28}"
{HKLM...CLSID} = "AIMP Classic Shell"
InProcServer32(Default) = "D:PROGRA~1PORTAB~1.75(SystemAIMP_S~1.DLL" ["Artem Izmaylov"]
WinRAR(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"
{HKLM...CLSID} = "WinRAR"
InProcServer32(Default) = "C:Program FilesWinRAR arext.dll" [null data]

HKLMSoftwareClassesFoldershellexContextMenuHandlers
avast(Default) = "{472083B0-C522-11CF-8763-00608CC02F24}"
{HKLM...CLSID} = "avast"
InProcServer32(Default) = "C:Program FilesAlwil SoftwareAvast4ashShell.dll" ["ALWIL Software"]
WinRAR(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"
{HKLM...CLSID} = "WinRAR"
InProcServer32(Default) = "C:Program FilesWinRAR arext.dll" [null data]


Group Policies {policy setting}:
--------------------------------

Note: detected settings may not have any effect.

HKCUSoftwareMicrosoftWindowsCurrentVersionPoliciesExplorer

"_NoDriveTypeAutoRun" = (REG_DWORD) hex:0x00000091
{unrecognized setting}

HKLMSoftwareMicrosoftWindowsCurrentVersionPoliciesSystem

"shutdownwithoutlogon" = (REG_DWORD) hex:0x00000001
{Shutdown: Allow system to be shut down without having to log on}

"undockwithoutlogon" = (REG_DWORD) hex:0x00000001
{Devices: Allow undock without having to log on}


Active Desktop and Wallpaper:
-----------------------------

Active Desktop may be disabled at this entry:
HKCUSoftwareMicrosoftWindowsCurrentVersionExplorerShellState

Displayed if Active Desktop enabled and wallpaper not set by Group Policy:
HKCUSoftwareMicrosoftInternet ExplorerDesktopGeneral
"Wallpaper" = "C:WINDOWSsystem32configsystemprofileUstawienia lokalneDane aplikacjiMicrosoftWallpaper1.bmp"

Displayed if Active Desktop disabled and wallpaper not set by Group Policy:
HKCUControl PanelDesktop
"Wallpaper" = "C:Documents and SettingsTomekUstawienia lokalneDane aplikacjiMicrosoftWallpaper1.bmp"


Winsock2 Service Provider DLLs:
-------------------------------

Namespace Service Providers

HKLMSystemCurrentControlSetServicesWinsock2ParametersNameSpace_Catalog5Catalog_Entries {++}
000000000001LibraryPath = "%SystemRoot%System32mswsock.dll" [MS]
000000000002LibraryPath = "%SystemRoot%System32winrnr.dll" [MS]
000000000003LibraryPath = "%SystemRoot%System32mswsock.dll" [MS]

Transport Service Providers

HKLMSystemCurrentControlSetServicesWinsock2ParametersProtocol_Catalog9Catalog_Entries {++}
0000000000##PackedCatalogItem (contains) DLL [Company Name], (at) ## range:
%SystemRoot%system32mswsock.dll [MS], 01 - 03, 06 - 19
%SystemRoot%system32 svpsp.dll [MS], 04 - 05


Toolbars, Explorer Bars, Extensions:
------------------------------------

Toolbars

HKCUSoftwareMicrosoftInternet ExplorerToolbarWebBrowser
"{2318C2B1-4965-11D4-9B18-009027A5CD4F}"
{HKLM...CLSID} = "&Google"
InProcServer32(Default) = "c:program filesgooglegoogletoolbar3.dll" ["Google Inc."]
"{F2CF5485-4E02-4F68-819C-B92DE9277049}"
{HKLM...CLSID} = "&Links"
InProcServer32(Default) = "C:WINDOWSsystem32ieframe.dll" [MS]
"{B13721C7-F507-4982-B2E5-502A71474FED}"
{HKLM...CLSID} = "Skype Toolbar for Internet Explorer"
InProcServer32(Default) = "C:Program FilesSkype oolbarsSkype for Internet Explorerskype_toolbar.dll" ["Skype Technologies S.A."]

HKLMSoftwareMicrosoftInternet ExplorerToolbar
"{2318C2B1-4965-11D4-9B18-009027A5CD4F}" = (no title provided)
{HKLM...CLSID} = "&Google"
InProcServer32(Default) = "c:program filesgooglegoogletoolbar3.dll" ["Google Inc."]
"{B13721C7-F507-4982-B2E5-502A71474FED}" = (no title provided)
{HKLM...CLSID} = "Skype Toolbar for Internet Explorer"
InProcServer32(Default) = "C:Program FilesSkype oolbarsSkype for Internet Explorerskype_toolbar.dll" ["Skype Technologies S.A."]

Explorer Bars

HKLMSoftwareMicrosoftInternet ExplorerExplorer Bars
{029F4681-0900-4227-A3CB-52F1ED4A8529}(Default) = (no title provided)
{HKLM...CLSID} = "My Skype™ Contacts"
InProcServer32(Default) = "C:PROGRA~1Skype oolbarsSKYPEF~1SKYPE_~1.DLL" ["Skype Technologies S.A."]

Extensions (Tools menu items, main toolbar menu buttons)

HKLMSoftwareMicrosoftInternet ExplorerExtensions
{08B0E5C0-4FCB-11CF-AAA5-00401C608501}
"MenuText" = "Sun Java Console"
"CLSIDExtension" = "{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBC}"
{HKCU...CLSID} = "Java Plug-in 1.6.0_01"
InProcServer32(Default) = "C:Program FilesJavajre1.6.0_01inssv.dll" ["Sun Microsystems, Inc."]
{HKLM...CLSID} = "Java Plug-in 1.6.0_01"
InProcServer32(Default) = "C:Program FilesJavajre1.6.0_01in
pjpi160_01.dll" ["Sun Microsystems, Inc."]

{77BF5300-1474-4EC7-9980-D32B190E9B07}
"ButtonText" = "Skype Toolbar for Internet Explorer"
"CLSIDExtension" = "{77BF5300-1474-4EC7-9980-D32B190E9B07}"
{HKLM...CLSID} = "EasyHideBtn Class"
InProcServer32(Default) = "C:PROGRA~1Skype oolbarsSKYPEF~1EASYHI~1.DLL" ["Skype Technologies S.A."]

{E2E2DD38-D088-4134-82B7-F2BA38496583}
"MenuText" = "@xpsp3res.dll,-20001"
"Exec" = "%windir%Network Diagnosticxpnetdiag.exe" [MS]

{FB5F1910-F110-11D2-BB9E-00C04F795683}
"ButtonText" = "@C:Program FilesMessengerMsgslang.dll,-61144"
"MenuText" = "@C:Program FilesMessengerMsgslang.dll,-61144"
"Exec" = "C:Program FilesMessengermsmsgs.exe" [MS]


Running Services (Display Name, Service Name, Path {Service DLL}):
------------------------------------------------------------------

Ati HotKey Poller, Ati HotKey Poller, "C:WINDOWSsystem32Ati2evxx.exe" ["ATI Technologies Inc."]
avast! Antivirus, avast! Antivirus, ""C:Program FilesAlwil SoftwareAvast4ashServ.exe"" ["ALWIL Software"]
avast! iAVS4 Control Service, aswUpdSv, ""C:Program FilesAlwil SoftwareAvast4aswUpdSv.exe"" ["ALWIL Software"]
avast! Mail Scanner, avast! Mail Scanner, ""C:Program FilesAlwil SoftwareAvast4ashMaiSv.exe" /service" ["ALWIL Software"]
avast! Web Scanner, avast! Web Scanner, ""C:Program FilesAlwil SoftwareAvast4ashWebSv.exe" /service" ["ALWIL Software"]
Windows User Mode Driver Framework, UMWdf, "C:WINDOWSsystem32wdfmgr.exe" [MS]


----------
<<!>>: Suspicious data at a malware launch point.

+ This report excludes default entries except where indicated.
+ To see *everywhere* the script checks and *everything* it finds,
launch it from a command prompt or a shortcut with the -all parameter.
+ To search all directories of local fixed drives for DESKTOP.INI
DLL launch points, use the -supp parameter or answer "No" at the
first message box and "Yes" at the second message box.
---------- (total run time: 65 seconds, including 6 seconds for message boxes)

[fugas761]

Kod: Zaznacz wszystko

"Tomek" - 2007-05-21 21:30:06    Dodatek Service Pack 2 
ComboFix 07-05.21.6.V - Running from: "C:Documents and SettingsTomekPulpit"


((((((((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))


C:DOCUME~1TomekPulpit.internet explorer.lnk


(((((((((((((((((((((((((((((((   Files Created from 2007-04-05 to 2007-05-21  ))))))))))))))))))))))))))))))))))


2007-05-20 22:01   53,248   --a------   C:WINDOWSsystem32Process.exe
2007-05-20 22:01   51,200   --a------   C:WINDOWSsystem32dumphive.exe
2007-05-20 22:01   288,417   --a------   C:WINDOWSsystem32SrchSTS.exe
2007-05-19 23:52   <DIR>   d--------   C:Program FilesNetPanel
2007-05-18 19:43   516,096   ---------   C:WINDOWSsystem32ati2sgag.exe
2007-05-18 19:41   <DIR>   d--------   C:Program FilesMultiRes
2007-05-18 19:40   451,072   --a------   C:WINDOWSRadeon Omega Drivers v3.8.330 Uninstall.exe
2007-05-18 19:40   <DIR>   d--------   C:Program FilesRadeon Omega Drivers
2007-05-17 14:47   5,248   --a------   C:WINDOWSsystem32driversa347scsi.sys
2007-05-17 14:47   160,640   --a------   C:WINDOWSsystem32driversa347bus.sys
2007-05-17 14:47   <DIR>   d--------   C:Program FilesAlcohol Soft
2007-05-16 15:47   <DIR>   d--------   C:DOCUME~1TomekDANEAP~1IE7pro
2007-05-12 16:28   <DIR>   d--------   C:Program FilesuTorrent
2007-05-12 16:28   <DIR>   d--------   C:DOCUME~1TomekDANEAP~1uTorrent
2007-05-12 00:53   49,664   --a------   C:WINDOWSunvise32.exe
2007-05-10 11:43   128,232   --a------   C:WINDOWSsystem32mucltui.dll
2007-05-09 21:59   <DIR>   d--h-----   C:WINDOWS$hf_mig$
2007-05-08 22:46   <DIR>   d--------   C:DOCUME~1TomekDANEAP~1IDM
2007-05-08 22:46   <DIR>   d--------   C:DOCUME~1TomekDANEAP~1DMCache
2007-05-08 11:28   <DIR>   d--------   C:DOCUME~1TomekDANEAP~1Real
2007-05-07 21:52   <DIR>   d--------   C:WINDOWSsystem32Kaspersky Lab
2007-05-07 12:40   <DIR>   d--------   C:Program FilesClocX
2007-05-07 12:21   <DIR>   d--------   C:Program FilesAres
2007-05-06 13:02   <DIR>   d--------   C:Program FilesCommon FilesNSV
2007-05-06 12:52   <DIR>   d--------   C:DOCUME~1TomekDANEAP~1ATI
2007-05-05 22:16   <DIR>   d--------   C:Program FilesOdkurzacz
2007-05-02 13:53   73,728   --a------   C:WINDOWSsystem32dpl100.dll
2007-05-02 13:53   3,596,288   --a------   C:WINDOWSsystem32qt-dx331.dll
2007-05-02 13:53   217,088   --a------   C:WINDOWSsystem32yv12vfw.dll
2007-05-02 13:53   200,704   --a------   C:WINDOWSsystem32ssldivx.dll
2007-05-02 13:53   196,608   --a------   C:WINDOWSsystem32dtu100.dll
2007-05-02 13:53   180,224   --a------   C:WINDOWSsystem32xvidvfw.dll
2007-05-02 13:53   10,752   --a------   C:WINDOWSsystem32ff_vfw.dll
2007-05-02 13:53   1,044,480   --a------   C:WINDOWSsystem32libdivx.dll
2007-05-02 13:53   <DIR>   d--------   C:Program FilesK-Lite Codec Pack
2007-05-01 22:14   <DIR>   d--------   C:Program FilesCommon FilesUlead
2007-05-01 22:13   <DIR>   d--------   C:DOCUME~1ALLUSE~1DANEAP~1InstallShield
2007-04-29 19:18   1,504   --a------   C:WINDOWSsystem32   mp.reg
2007-04-26 20:40   101,888   ---------   C:WINDOWSsystem32VB6STKIT.DLL
2007-04-26 17:29   <DIR>   d--------   C:Program FilesPITy2006
2007-04-26 12:47   <DIR>   d--------   C:DOCUME~1TomekDANEAP~1Gadu-Gadu


((((((((((((((((((((((((((((((((((((((((((((((((   Find3M Report   )))))))))))))))))))))))))))))))))))))))))))))))))))))

2007-05-21 18:18:20   --------   d-----w   C:Program FilesJewel Quest 2
2007-05-21 12:52:43   10   ---ha-w   C:WINDOWSpopcinfo.dat
2007-05-18 19:39:41   --------   d-----w   C:Program FilesLuxor
2007-05-18 17:26:16   --------   d-----w   C:DOCUME~1TomekDANEAP~1Skype
2007-05-17 13:41:38   --------   d-----w   C:Program FilesGameJack4
2007-05-05 20:29:51   --------   d-----w   C:Program FilesQuickTime
2007-05-04 21:03:41   --------   d--h--w   C:Program FilesInstallShield Installation Information
2007-05-01 20:45:23   --------   d-----w   C:Program FilesInterVideo
2007-05-01 20:12:25   --------   d-----w   C:Program FilesCommon FilesInstallShield
2007-05-01 08:52:09   --------   d-----w   C:Program FilesGoogle
2007-05-01 08:44:28   --------   d-----w   C:DOCUME~1TomekDANEAP~1Google
2007-04-30 15:46:10   745,600   ----a-w   C:WINDOWSsystem32aswBoot.exe
2007-04-30 15:41:55   85,952   ----a-w   C:WINDOWSsystem32driversaswmon.sys
2007-04-30 15:41:42   94,552   ----a-w   C:WINDOWSsystem32driversaswmon2.sys
2007-04-30 15:39:41   23,416   ----a-w   C:WINDOWSsystem32driversaswRdr.sys
2007-04-30 15:38:51   43,176   ----a-w   C:WINDOWSsystem32driversaswTdi.sys
2007-04-30 15:37:23   26,888   ----a-w   C:WINDOWSsystem32driversaavmker4.sys
2007-04-30 15:35:28   95,872   ----a-w   C:WINDOWSsystem32AVASTSS.scr
2007-04-27 19:10:44   --------   d-----w   C:Program FilesJewel Quest
2007-04-26 10:36:58   --------   d-----w   C:Program FilesGadu-Gadu
2007-04-15 13:26:15   --------   d-----w   C:Program FilesMarBit
2007-04-15 13:17:36   464   ----a-w   C:WINDOWSsystem32vorbisenc.dll
2007-04-15 13:17:36   464   ----a-w   C:WINDOWSsystem32OggDS.dll
2007-04-15 13:17:35   464   ----a-w   C:WINDOWSsystem32WMV9VCM.dll
2007-04-15 13:17:35   464   ----a-w   C:WINDOWSsystem32vorbis.dll
2007-04-15 13:17:35   464   ----a-w   C:WINDOWSsystem32ogg.dll
2007-04-15 13:17:35   464   ----a-w   C:WINDOWSsystem32mplvpx.dll
2007-04-15 13:17:34   464   ----a-w   C:WINDOWSsystem32cpuinf32.dll
2007-04-14 17:09:30   921   ----a-w   C:WINDOWSQSFVExit.bat
2007-04-07 11:41:12   74,210   ----a-w   C:WINDOWSsystem32perfc015.dat
2007-04-07 11:41:12   448,268   ----a-w   C:WINDOWSsystem32perfh015.dat
2007-03-31 13:32:13   --------   d-----w   C:Program FilesMSI
2007-03-31 10:34:01   --------   d-----w   C:Program FilesINSTALKI.pl
2007-03-31 10:01:10   --------   d-----w   C:Program FilesSetup Files
2007-03-28 09:49:50   --------   d-----w   C:Program FilesWinamp
2007-03-23 12:28:30   --------   d-----w   C:Program FilesKaraFun
2007-03-22 19:48:16   --------   d-----w   C:DOCUME~1TomekDANEAP~1iWin
2007-03-19 15:23:09   --------   d-----w   C:Program FilesSkanerOnline
2007-03-17 13:45:36   293,376   ----a-w   C:WINDOWSsystem32winsrv.dll
2007-03-14 21:16:27   --------   d-----w   C:Program FilesCommon FilesWise Installation Wizard
2007-03-08 15:38:47   579,072   ----a-w   C:WINDOWSsystem32user32.dll
2007-03-08 15:38:47   40,960   ----a-w   C:WINDOWSsystem32mf3216.dll
2007-03-08 15:38:47   281,600   ----a-w   C:WINDOWSsystem32gdi32.dll
2007-03-08 15:37:33   1,843,840   ----a-w   C:WINDOWSsystem32win32k.sys
2007-02-22 16:48:08   552   ----a-w   C:WINDOWSsystem32d3d8caps.dat
2007-02-05 20:19:48   185,856   ----a-w   C:WINDOWSsystem32upnphost.dll


((((((((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))
 
 
*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects]
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}=C:Program FilesAdobeAcrobat 6.0 CEReaderActiveXAcroIEHelper.dll [2003-11-04 01:17]
{22BF413B-C6D2-4d91-82A9-A0F997BA588C}=C:PROGRA~1Skype   oolbarsSKYPEF~1SKYPE_~1.DLL [2007-03-13 18:30]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}=C:Program FilesJavajre1.6.0_01inssv.dll [2007-03-14 03:43]
{AA58ED58-01DD-4d91-8333-CF10577473F7}=c:program filesgooglegoogletoolbar3.dll [2007-01-20 00:55]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun]
"WireLessMouse "="C:Program FilesMultimedia Combo SetMouseDrv.exe" [2004-06-27 16:38]
"WireLessKeyboard "="C:Program FilesMultimedia Combo SetPS2USBKbdDrv.exe" [2005-08-02 23:45]
"avast!"="C:PROGRA~1ALWILS~1Avast4ashDisp.exe" [2007-04-30 17:42]
"ISUSPM"="C:Program FilesCommon FilesInstallShieldUpdateServiceISUSPM.exe" []
"ClocX"="C:Program FilesClocXClocX.exe" [2004-05-16 13:38]
"AtiPTA"="atiptaxx.exe" [2006-02-22 02:05 C:WINDOWSsystem32atiptaxx.exe]
"NetPanel"="C:Program FilesNetPanelStarter.exe" [2007-05-19 23:52]

[HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRun]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:Program FilesCommon FilesAheadLibNMBgMonitor.exe" [2006-08-30 16:05]
"ares"="C:Program FilesAresAres.exe" [2007-05-04 02:32]
"ctfmon.exe"="C:WINDOWSsystem32ctfmon.exe" [2006-03-02 14:00]
"swg"="C:Program FilesGoogleGoogleToolbarNotifier1.2.1128.5462GoogleToolbarNotifier.exe" [2007-02-01 17:57]
"Dzieńdobry!"="C:Program FilesVSD SoftwareDzieńdobry!ddsched.exe" []
"VistaStartMenu"="C:Program FilesVista Start MenuVistaStartMenu.exe" [2006-12-20 20:35]
"&micro;Torrent"="C:Program FilesuTorrentutorrent.exe" [2007-05-12 16:29]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupfolderC:^Documents and Settings^All Users^Menu Start^Programy^Autostart^BlueSoleil VoIP Plugin.lnk]
path=C:Documents and SettingsAll UsersMenu StartProgramyAutostartBlueSoleil VoIP Plugin.lnk
backup=C:WINDOWSpssBlueSoleil VoIP Plugin.lnkCommon Startup

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupfolderC:^Documents and Settings^All Users^Menu Start^Programy^Autostart^BlueSoleil.lnk]
path=C:Documents and SettingsAll UsersMenu StartProgramyAutostartBlueSoleil.lnk
backup=C:WINDOWSpssBlueSoleil.lnkCommon Startup

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupfolderC:^Documents and Settings^All Users^Menu Start^Programy^Autostart^InterVideo WinCinema Manager.lnk]
path=C:Documents and SettingsAll UsersMenu StartProgramyAutostartInterVideo WinCinema Manager.lnk
backup=C:WINDOWSpssInterVideo WinCinema Manager.lnkCommon Startup

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupfolderC:^Documents and Settings^All Users^Menu Start^Programy^Autostart^PC Alert 4.lnk]
path=C:Documents and SettingsAll UsersMenu StartProgramyAutostartPC Alert 4.lnk
backup=C:WINDOWSpssPC Alert 4.lnkCommon Startup

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupfolderC:^Documents and Settings^Tomek^Menu Start^Programy^Autostart^UniSpiker-2.6.lnk]
path=C:Documents and SettingsTomekMenu StartProgramyAutostartUniSpiker-2.6.lnk
backup=C:WINDOWSpssUniSpiker-2.6.lnkStartup

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregares]
"C:Program FilesAresAres.exe" -h

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregCBitSpirit]
"C:Program FilesBitSpiritBitSpirit.exe" /start

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregClocX]
C:Program FilesClocXClocX.exe

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregDAEMON Tools]
"D:Daemon Toolsdaemon.exe" -lang 1045

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregDAEMON Tools-1033]
"D:Toolsdaemon.exe" -lang 1033 -noicon

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregDzieńdobry!]
C:Program FilesVSD SoftwareDzieńdobry!dziendobry.exe /auto

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregInstalkiLite]
C:Program FilesINSTALKI.plInstalkiLiteInstalkiLite.exe

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregLiveMonitor]
C:Program FilesMSILive Update 3LMonitor.exe

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregMSMSGS]
"C:Program FilesMessengermsmsgs.exe" /background

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregNeroFilterCheck]
C:Program FilesCommon FilesAheadLibNeroCheck.exe

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregOdkurzacz-MCD]
C:Program FilesOdkurzaczodk_mcd.exe

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregQuickTime Task]
"C:Program FilesQuickTimeqttask.exe" -atboottime

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregSunJavaUpdateSched]
"C:Program FilesJavajre1.6.0_01injusched.exe"

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregswg]
C:Program FilesGoogleGoogleToolbarNotifier1.2.1128.5462GoogleToolbarNotifier.exe

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregWinampAgent]
C:Program FilesWinampwinampa.exe
   
*Newly Created Service* -PROCEXP90


~ ~ ~ ~ ~ ~ ~ ~ Hijackthis Backups ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~

backup-20070521-205428-871
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game04.zylom.com/activex/zylomgamesplayer.cab

backup-20061201-204540-340
O16 - DPF: {A93B47FD-9BF6-4DA8-97FC-9270B9D64A6C} (VaPgCtrl Class) - http://83.18.237.172/plugin/h263ctrl.cab


backup-20061020-225448-955
O16 - DPF: {A93B47FD-9BF6-4DA8-97FC-9270B9D64A6C} (VaPgCtrl Class) - http://83.18.237.172/plugin/h263ctrl.cab


backup-20061020-225449-677
O20 - Winlogon Notify: wintfj32 - wintfj32.dll (file missing)

?Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINESoftwareMicrosoftWindows NTCurrentVersionWinlogonNotifywintfj32]
"Asynchronous"=dword:00000001
"DllName"="wintfj32.dll"
"Impersonate"=dword:00000000
"Startup"="EvtStartup"
"Shutdown"="EvtShutdown"



backup-20061020-225448-717
O3 - Toolbar: (no name) - {C004DEC2-2623-438e-9CA2-C9043AB28508} - (no file)

backup-20061020-225448-559
O4 - HKLM..Run: [PVModule] C:PROGRA~1PRINTV~1pvmodule.exe

backup-20061020-215823-648
O2 - BHO: ToolBar888 - {C004DEC2-2623-438e-9CA2-C9043AB28508} - C:Program FilesCommon Files{3CFCEBC0-0A6B-1045-0804-040406090030}MyToolBar.dll (file missing)

backup-20061020-215823-823
O3 - Toolbar: ToolBar888 - {C004DEC2-2623-438e-9CA2-C9043AB28508} - C:Program FilesCommon Files{3CFCEBC0-0A6B-1045-0804-040406090030}MyToolBar.dll (file missing)

backup-20061020-215823-428
O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)

backup-20061020-215823-574
O2 - BHO: My Global Search Bar BHO - {37B85A21-692B-4205-9CAD-2626E4993404} - C:Program FilesMyGlobalSearchar1.binMGSBAR.DLL (file missing)

backup-20061020-161934-705
O2 - BHO: PrintViewBHO Class - {D4E0C464-30CE-4075-9A10-71FD106C2847} - C:PROGRA~1PRINTV~1PRINTH~1.DLL

backup-20061020-161934-287
O4 - HKLM..Run: [IpWins] C:Program Filesipwinsipwins.exe

backup-20061020-161934-174
O3 - Toolbar: My Global Search Bar - {37B85A29-692B-4205-9CAD-2626E4993404} - C:Program FilesMyGlobalSearchar1.binMGSBAR.DLL

backup-20061020-161934-101
O4 - HKCU..Run: [Etop] "C:WINDOWSsystem32MBOLS~1   racert.exe" -vt yazb

backup-20061020-161934-892
O3 - Toolbar: ToolBar888 - {C004DEC2-2623-438e-9CA2-C9043AB28508} - C:Program FilesCommon Files{3CFCEBC0-0A6B-1045-0804-040406090030}MyToolBar.dll
********************************************************************

catchme 0.3.660 W2K/XP/Vista - userland rootkit detector by Gmer, http://www.gmer.net
Rootkit scan 2007-05-21 21:31:38
Windows 5.1.2600 Dodatek Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0


********************************************************************

Completion time: 2007-05-21 21:32:21
C:ComboFix-quarantined-files.txt ... 2007-05-21 21:32

   --- E O F ---

[fugas761]

Kod: Zaznacz wszystko

Logfile of HijackThis v1.99.1
Scan saved at 21:06:43, on 2007-05-21
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16441)

Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32Ati2evxx.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32Ati2evxx.exe
C:Program FilesAlwil SoftwareAvast4aswUpdSv.exe
C:Program FilesAlwil SoftwareAvast4ashServ.exe
C:WINDOWSExplorer.EXE
C:WINDOWSsystem32spoolsv.exe
C:Program FilesMultimedia Combo SetMouseDrv.exe
C:Program FilesMultimedia Combo SetPS2USBKbdDrv.exe
C:PROGRA~1ALWILS~1Avast4ashDisp.exe
C:Program FilesClocXClocX.exe
C:Program FilesCommon FilesAheadLibNMBgMonitor.exe
C:Program FilesAresAres.exe
C:WINDOWSsystem32ctfmon.exe
C:Program FilesGoogleGoogleToolbarNotifier1.2.1128.5462GoogleToolbarNotifier.exe
C:Program FilesVista Start MenuVistaStartMenu.exe
C:Program FilesuTorrentutorrent.exe
C:Program FilesAlwil SoftwareAvast4ashMaiSv.exe
C:Program FilesAlwil SoftwareAvast4ashWebSv.exe
C:Program FilesCommon FilesAheadLibNMIndexStoreSvr.exe
C:Program FilesNetPanelNetPanel.exe
C:Program FilesVSD SoftwareDzieńdobry!ddsched.exe
C:WINDOWSsystem32wuauclt.exe
C:Documents and SettingsTomekPulpithijackthisHijackThis.exe

R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.google.pl/
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Łącza
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:Program FilesAdobeAcrobat 6.0 CEReaderActiveXAcroIEHelper.dll
O2 - BHO: SkypeIEHelper - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:PROGRA~1Skype   oolbarsSKYPEF~1SKYPE_~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:Program FilesJavajre1.6.0_01inssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:program filesgooglegoogletoolbar3.dll
O2 - BHO: IEHlprObj Class - {CE7C3CF0-4B15-11D1-ABED-709549C10000} - C:Program FilesNetPanelIEHelper.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:program filesgooglegoogletoolbar3.dll
O3 - Toolbar: Skype Toolbar for Internet Explorer - {B13721C7-F507-4982-B2E5-502A71474FED} - C:Program FilesSkype   oolbarsSkype for Internet Explorerskype_toolbar.dll
O4 - HKLM..Run: [WireLessMouse ] C:Program FilesMultimedia Combo SetMouseDrv.exe
O4 - HKLM..Run: [WireLessKeyboard ] C:Program FilesMultimedia Combo SetPS2USBKbdDrv.exe
O4 - HKLM..Run: [avast!] C:PROGRA~1ALWILS~1Avast4ashDisp.exe
O4 - HKLM..Run: [ISUSPM] "C:Program FilesCommon FilesInstallShieldUpdateServiceISUSPM.exe" -scheduler
O4 - HKLM..Run: [ClocX] C:Program FilesClocXClocX.exe
O4 - HKLM..Run: [AtiPTA] atiptaxx.exe
O4 - HKLM..Run: [NetPanel] "C:Program FilesNetPanelStarter.exe" /path="C:Program FilesNetPanel"
O4 - HKCU..Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:Program FilesCommon FilesAheadLibNMBgMonitor.exe"
O4 - HKCU..Run: [ares] "C:Program FilesAresAres.exe" -h
O4 - HKCU..Run: [ctfmon.exe] C:WINDOWSsystem32ctfmon.exe
O4 - HKCU..Run: [swg] C:Program FilesGoogleGoogleToolbarNotifier1.2.1128.5462GoogleToolbarNotifier.exe
O4 - HKCU..Run: [Dzieńdobry!] C:Program FilesVSD SoftwareDzieńdobry!ddsched.exe /t=09:00
O4 - HKCU..Run: [VistaStartMenu] "C:Program FilesVista Start MenuVistaStartMenu.exe"
O4 - HKCU..Run: [µTorrent] "C:Program FilesuTorrentutorrent.exe"
O8 - Extra context menu item: Pobierz z &BitSpirit - C:Program FilesBitSpiritsurl.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program FilesJavajre1.6.0_01inssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program FilesJavajre1.6.0_01inssv.dll
O9 - Extra button: Skype Toolbar for Internet Explorer - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:PROGRA~1Skype   oolbarsSKYPEF~1EASYHI~1.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%Network Diagnosticxpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%Network Diagnosticxpnetdiag.exe (file missing)
O9 - Extra button: @C:Program FilesMessengerMsgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe
O9 - Extra 'Tools' menuitem: @C:Program FilesMessengerMsgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.pl/resources/virusscanner/kavwebscan_unicode.cab
O16 - DPF: {65D72393-E210-4A2A-B8E0-10AC45986770} (GWebInstallControl Object) - http://megapanel.gem.pl/WebInstaller.dll
O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} (MksSkanerOnline Class) - http://www.mks.com.pl/skaner/SkanerOnline.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1178743307343
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:Program FilesSkype   oolbarsSharedSkype4ComAPI.dll
O20 - Winlogon Notify: WgaLogon - C:WINDOWSSYSTEM32WgaLogon.dll
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:Program FilesAreschatServer.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:Program FilesAlwil SoftwareAvast4aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:WINDOWSsystem32Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:WINDOWSsystem32ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:Program FilesAlwil SoftwareAvast4ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:Program FilesAlwil SoftwareAvast4ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:Program FilesAlwil SoftwareAvast4ashWebSv.exe" /service (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:Program FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:Program FilesCommon FilesInstallShieldDriver11Intel 32IDriverT.exe
O23 - Service: NBService - Nero AG - C:Program FilesNeroNero 7Nero BackItUpNBService.exe



[fugas761]

nie moglem tego skopiowac , caly czas ekran mi sie rozmazywal i monitor sie wylaczal. Musialem resetowac komputer a ustawienia ekranu zmniejszylem z 32 bitow na 16 . Nie wiem o co w tym wszystkim chodzi !

[pp3088]

Nic nie ma w logach. Być może problem sprzętowy.

[fugas761]

no moze fakt, chyba karta graficzna ,ale kolega mi mowil ze byc moze akcelator 3D