piachu01 utworzono 14 lipca 2007 utworzono 14 lipca 2007 Niestety nie zadbałem dobrze o mój system i teraz jest strasznie zamulony. Powoli pracuje, procesor przy kilku procesa osiąga 100%przeciążenia, a mam semptrona 2,1ghz. Pomocy. Jak przywrócić systemowi dawną jakość bez formata?
tomq90 komentarz 14 lipca 2007 komentarz 14 lipca 2007 Ściągnij Ccleanera ;P -> http://dobreprogramy.pl/index.php?dz=2&t=88&id=1125
viphouse komentarz 14 lipca 2007 komentarz 14 lipca 2007 Bardziej polecam EasyCleanera A pozatym przeskanuj system programem od spyware'u np Ad-Aware
piachu01 komentarz 14 lipca 2007 Autor komentarz 14 lipca 2007 Bardziej polecam EasyCleanera A pozatym przeskanuj system programem od spyware'u np Ad-Aware To już robię Tylko czekałem na pomoc co jeszcze:) Szukam tego EasyCleanera;)
viphouse komentarz 14 lipca 2007 komentarz 14 lipca 2007 http://www.idg.pl/ftp/pc_6053/EasyCleaner....80.Build.7.html
piachu01 komentarz 14 lipca 2007 Autor komentarz 14 lipca 2007 heh;/ przy sprawdzaniu ad-awarem po około 20%komp mi się restartuje;/ I co teraz?
viphouse komentarz 14 lipca 2007 komentarz 14 lipca 2007 No to wirusik Radzę przeskanować system skanerem online, do wyboru http://www.koba.pl/index.php?option=com_co...9&Itemid=36
oaza_spokoju komentarz 14 lipca 2007 komentarz 14 lipca 2007 Proponowałbym na początku przeskanować kompa na obecność wirusów, najlepiej w trybie awaryjnym bez netu.. Potem skan programami Ad-aware 2007 + AVG + jv16 PowerTools +opcjonalnie System Mechanic 7 Pro.. Jeżeli wszystko zrobisz i pousuwasz wszystkie śmieci które znajdziesz proponowałbym też sprawdzić co uruchamia się wraz ze startem systemu. Opcjonalnie możesz użyć BootVis'a aby przyśpieszyć trochę start systemu.. Defragmentacja oczywiście wskazana ale po wywaleniu wszystkich śmieci. Polecam System Mechanic lub Diskeeper'a.
piachu01 komentarz 14 lipca 2007 Autor komentarz 14 lipca 2007 Tym ad-awarem i resztą też na awaryjnym bez neta?
piachu01 komentarz 15 lipca 2007 Autor komentarz 15 lipca 2007 Ehh:| Zrobiłem wszystko co mówiliście na awaryjnym i dalej przy ad-aware po 20% następuje restart systemu. Mimo usunięcia wszystkich znalezionych śmieci system nadal chodzi wolno;/ Format?
oaza_spokoju komentarz 15 lipca 2007 komentarz 15 lipca 2007 Sprawdź Everestem Ultimate najlepiej jak wygląda sprawa temperatur w kompie i napięć w zasilaczu bo dziwna sprawa.. Ściągnij też Hiren's BootCD masz tam antywirusa + ad-aware itd..Więc możesz zobaczyć co będzie..
CatchMe komentarz 15 lipca 2007 komentarz 15 lipca 2007 Wklej logi z HijackThis i ComboFix - usuniemy cały syf z komputera. (opisy w dziale poradników).
piachu01 komentarz 16 lipca 2007 Autor komentarz 16 lipca 2007 ComboFix: "Adminestrator" - 2007-07-16 10:07:05 - ComboFix 07-07-14.6 NTFS Rootkit driver pe386 is present. ... attempting disinfection pe386 ...... driver unloaded successfully. ADS removed - system32: deleted 77866 bytes in 1 streams. ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) C:WINDOWS17531953.exe ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) -------LEGACY_NEW_DRV -------new_drv ((((((((((((((((((((((((( Files Created from 2007-06-16 to 2007-07-16 ))))))))))))))))))))))))))))))) 2007-07-16 09:59 51,200 --a------ C:WINDOWSnircmd.exe 2007-07-16 09:55 <DIR> d----c--- C:Program FilesTrend Micro 2007-07-15 09:58 23 --ahs---- C:WINDOWSsystem32bebcbbc_r.dll 2007-07-15 00:17 <DIR> d----c--- C:Program Filesjv16 PowerTools 2007 2007-07-14 23:56 <DIR> d----c--- C:DOCUME~1ADMINE~1DANEAP~1Tibia 2007-07-14 17:19 8 -r-hs---- C:WINDOWSsystem32F337819A99.sys 2007-07-14 16:30 <DIR> d----c--- C:Program FilesLavasoft 2007-07-14 16:30 <DIR> d----c--- C:DOCUME~1ALLUSE~1DANEAP~1Lavasoft 2007-07-14 16:27 <DIR> d----c--- C:Program FilesCommon FilesWise Installation Wizard 2007-07-14 12:47 <DIR> d----c--- C:Program FilesToniArts 2007-07-14 11:52 <DIR> d----c--- C:DOCUME~1ALLUSE~1DANEAP~1Google 2007-06-21 21:48 <DIR> d-------- C:WINDOWSsystem32FlashAX 2007-06-21 15:45 <DIR> d----c--- C:Program FilesEverest Poker 2007-06-21 11:33 <DIR> d----c--- C:Program FilesDynamic Gaming Systems 2007-06-20 23:04 <DIR> d----c--- C:Program FilesPantasia 2007-06-20 22:47 <DIR> d----c--- C:Program FilesVegas007 2007-06-18 14:49 <DIR> d----c--- C:Microgaming 2007-06-17 22:29 <DIR> d----c--- C:DOCUME~1ADMINE~1DANEAP~1Microgaming 2007-06-17 22:25 <DIR> d----c--- C:Program FilescrazyvegasMPP (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) 2007-07-16 08:04:41 49,492 ----a-w C:WINDOWSsystem32perfc015.dat 2007-07-16 08:04:41 355,486 ----a-w C:WINDOWSsystem32perfh015.dat 2007-07-15 10:02:03 -------- dc----w C:Program Filesbwin 2007-07-15 09:51:33 -------- dc----w C:Program FilesPokerStars 2007-07-15 09:45:35 -------- dc----w C:Program FilesTibia Auto 2007-07-14 21:57:12 -------- dc----w C:Program FilesTibia 2007-07-14 17:44:38 -------- dc----w C:DOCUME~1ADMINE~1DANEAP~1MEGAUPLOADTOOLBAR 2007-07-14 16:05:23 -------- dc----w C:Program FilesSkanerOnline 2007-07-14 15:19:49 88 --sh--r C:WINDOWSsystem322CBB105450.sys 2007-07-14 15:19:49 1,990 --sha-w C:WINDOWSsystem32KGyGaAvL.sys 2007-07-14 10:46:45 -------- dc-h--w C:Program FilesInstallShield Installation Information 2007-07-13 20:12:38 -------- dc----w C:Program FileseMule 2007-06-22 23:28:17 -------- dc----w C:DOCUME~1ADMINE~1DANEAP~1MyPhoneExplorer 2007-06-09 20:23:01 -------- dc----w C:Program FilesBetsson Poker 2007-06-05 20:07:04 -------- dc----w C:DOCUME~1ADMINE~1DANEAP~1DivX 2007-06-05 20:01:28 -------- dc----w C:DOCUME~1ADMINE~1DANEAP~1AdobeUM 2007-06-05 14:11:29 -------- dc----w C:Program FilesQuickTime 2007-06-04 22:59:09 -------- dc----w C:Program FilesGoogle 2007-06-04 22:58:57 -------- dc----w C:Program FilesDivX 2007-06-04 22:54:59 -------- dc----w C:DOCUME~1ADMINE~1DANEAP~1Apple Computer 2007-06-04 22:51:20 -------- dc----w C:Program FilesApple Software Update 2007-06-04 22:31:35 -------- dc----w C:Program FilesMarBit 2007-06-04 22:25:42 -------- dc----w C:Program FilesThe Playa 2007-06-04 22:25:20 -------- dc----w C:Program FilesDivXCodec 2007-06-04 22:20:58 -------- dc----w C:Program FilesXviD 2007-06-04 13:18:48 9,344 ----a-w C:WINDOWSsystem32driversNSDriver.sys 2007-06-04 13:17:02 8,320 ----a-w C:WINDOWSsystem32driversAWRTRD.sys 2007-06-04 13:14:56 6,272 ----a-w C:WINDOWSsystem32driversAWRTPD.sys 2007-06-01 20:03:17 -------- dc----w C:Program FilesOpera 2007-06-01 15:22:17 -------- dc----w C:DOCUME~1ADMINE~1DANEAP~1Corel 2007-05-31 19:57:47 -------- dc----w C:Program FilesPartyGaming 2007-05-31 19:33:09 -------- dc----w C:Program FilesRayman 3 2007-05-31 06:45:07 524,288 ----a-w C:WINDOWSsystem32DivXsm.exe 2007-05-31 06:44:55 823,296 ----a-w C:WINDOWSsystem32divx_xx07.dll 2007-05-31 06:44:54 823,296 ----a-w C:WINDOWSsystem32divx_xx0c.dll 2007-05-31 06:44:54 802,816 ----a-w C:WINDOWSsystem32divx_xx11.dll 2007-05-31 06:44:54 740,442 ----a-w C:WINDOWSsystem32DivX.dll 2007-05-30 21:06:57 -------- dc----w C:Program FilesMyPhoneExplorer 2007-05-30 20:20:36 56 --sh--r C:WINDOWSsystem32505410BB2C.sys 2007-05-30 12:48:00 -------- dc----w C:DOCUME~1ADMINE~1DANEAP~1Teleca 2007-05-30 12:42:30 -------- dc----w C:Program FilesCommon FilesTeleca Shared 2007-05-30 12:41:50 -------- dc----w C:Program FilesSony Ericsson 2007-05-30 12:38:05 5,744 ----a-w C:WINDOWSsystem32driversk750wh.sys 2007-05-30 12:38:03 6,144 ----a-w C:WINDOWSsystem32driversk750cm.sys 2007-05-30 12:32:52 -------- dc----w C:DOCUME~1ADMINE~1DANEAP~1Sony Ericsson 2007-05-28 21:55:58 -------- dc----w C:Program FilesPlay89 2007-05-27 20:46:47 -------- dc----w C:DOCUME~1ADMINE~1DANEAP~1Sports Interactive 2007-05-25 14:53:38 -------- dc----w C:DOCUME~1ADMINE~1DANEAP~1Opera 2007-05-25 11:30:29 -------- dc----w C:DOCUME~1ADMINE~1DANEAP~1Gadu-Gadu 2007-05-25 11:29:25 -------- dc----w C:Program FilesMessenger 2007-05-22 17:18:07 -------- dc----w C:Program FilesGadu-Gadu 2007-05-19 08:26:06 -------- dc----w C:Program Filesse 2007-04-30 15:46:10 745,600 ----a-w C:WINDOWSsystem32aswBoot.exe 2007-04-30 15:35:28 95,872 -c--a-w C:WINDOWSsystem32AVASTSS.scr 2007-04-23 00:15:29 3,596,288 ----a-w C:WINDOWSsystem32qt-dx331.dll 2007-04-23 00:15:24 129,784 ------w C:WINDOWSsystem32pxafs.dll 2007-04-23 00:15:24 118,520 ------w C:WINDOWSsystem32pxinsi64.exe 2007-04-23 00:15:24 116,472 ------w C:WINDOWSsystem32pxcpyi64.exe 2007-04-23 00:15:18 200,704 ----a-w C:WINDOWSsystem32ssldivx.dll 2007-04-23 00:15:18 1,044,480 ----a-w C:WINDOWSsystem32libdivx.dll 2007-04-23 00:02:34 73,728 ----a-w C:WINDOWSsystem32dpl100.dll 2007-04-23 00:02:34 196,608 ----a-w C:WINDOWSsystem32dtu100.dll 2007-04-23 00:02:33 53,248 ----a-w C:WINDOWSsystem32dpuGUI10.dll 2007-04-23 00:02:31 593,920 ----a-w C:WINDOWSsystem32dpuGUI11.dll 2007-04-23 00:02:31 57,344 ----a-w C:WINDOWSsystem32dpv11.dll 2007-04-23 00:02:31 344,064 ----a-w C:WINDOWSsystem32dpus11.dll 2007-04-23 00:02:31 294,912 ----a-w C:WINDOWSsystem32dpu11.dll 2007-04-23 00:02:31 294,912 ----a-w C:WINDOWSsystem32dpu10.dll 2007-04-23 00:01:47 12,288 ----a-w C:WINDOWSsystem32DivXWMPExtType.dll 2007-04-23 00:01:46 124,472 ----a-w C:WINDOWSsystem32DivXCodecUpdateChecker.exe 2007-04-16 20:47:36 33,624 ----a-w C:WINDOWSsystem32wups.dll 2007-04-16 20:45:54 1,710,936 ----a-w C:WINDOWSsystem32wuaueng.dll 2007-04-16 20:45:48 549,720 ----a-w C:WINDOWSsystem32wuapi.dll 2007-04-16 20:45:42 325,976 ----a-w C:WINDOWSsystem32wucltui.dll 2007-04-16 20:45:36 203,096 ----a-w C:WINDOWSsystem32wuweb.dll 2007-04-16 20:45:28 92,504 ----a-w C:WINDOWSsystem32cdm.dll 2007-04-16 20:45:20 53,080 ----a-w C:WINDOWSsystem32wuauclt.exe 2007-04-16 20:45:20 43,352 ----a-w C:WINDOWSsystem32wups2.dll 2006-08-31 18:15:46 35,123 -c--a-w C:Program FilesINSTALL.LOG 2002-07-26 15:02:06 153,088 -c--a-w C:Program FilesUNWISE.EXE ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE~Browser Helper Objects{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] C:Program FilesAdobeAcrobat 7.0ActiveXAcroIEHelper.dll [HKEY_LOCAL_MACHINE~Browser Helper Objects{4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C}] 2006-10-31 08:55 1803720 --a--c--- C:PROGRA~1MEGAUP~1MEGAUP~1.DLL [HKEY_LOCAL_MACHINE~Browser Helper Objects{53707962-6F74-2D53-2644-206D7942484F}] 2005-05-31 01:04 853672 --a--c--- C:Program FilesSpybot - Search & DestroySDHelper.dll [HKEY_LOCAL_MACHINE~Browser Helper Objects{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] 2006-12-15 04:23 440056 --a--c--- C:Program FilesJavajre1.5.0_11binssv.dll [HKEY_LOCAL_MACHINE~Browser Helper Objects{A5366673-E8CA-11D3-9CD9-0090271D075B}] 2002-01-16 19:12 65536 --a--c--- C:PROGRA~1FlashGetjccatch.dll [HKEY_LOCAL_MACHINE~Browser Helper Objects{E5A1691B-D188-4419-AD02-90002030B8EE}] 2004-07-29 18:39 190616 --a--c--- C:PROGRA~1FlashFXPIEFlash.dll [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun] "avast!"="C:PROGRA~1ALWILS~1Avast4ashDisp.exe" [2007-04-30 17:42] "WinampAgent"="C:Program FilesWinampwinampa.exe" [2006-06-09 02:17] "DAEMON Tools-1033"="C:Program FilesD-Toolsdaemon.exe" [2004-08-22 17:05] "Anti-Blaxx Manager"="C:Program FilesAnti-BlaxxAnti-Blaxx.exe" [2005-10-08 21:08] "{0228e555-4f9c-4e35-a3ec-b109a192b4c2}"="C:Program FilesGoogleGmail Notifiergnotify.exe" [2005-07-15 23:48] "@"="" [] "Google Desktop Search"="C:Program FilesGoogleGoogle Desktop SearchGoogleDesktop.exe" [2007-06-05 00:59] "AVG7_CC"="C:PROGRA~1GrisoftAVG7avgcc.exe" [2007-07-15 00:16] "NvCplDaemon"="C:WINDOWSSystem32NvCpl.dll" [2006-03-09 15:29] [HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRun] "CTFMON.EXE"="C:WINDOWSSystem32ctfmon.exe" [2001-10-26 19:29] "MSMSGS"="C:Program FilesMessengermsmsgs.exe" [2001-08-02 07:14] "Gadu-Gadu"="C:Program FilesGadu-Gadugg.exe" [2007-05-10 16:36] [HKEY_LOCAL_MACHINEsoftwaremicrosoftwindows ntcurrentversionwindows] "appinit_dlls"=C:PROGRA~1GoogleGOOGLE~2GOEC62~1.DLL [HKEY_LOCAL_MACHINEsystemcurrentcontrolsetcontrolsafebootminimalaawservice] [HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupfolderC:^Documents and Settings^Adrian^Menu Start^Programy^Autostart^Registration Brothers In Arms.LNK] path=C:Documents and SettingsAdrianMenu StartProgramyAutostartRegistration Brothers In Arms.LNK backup=C:WINDOWSpssRegistration Brothers In Arms.LNKStartup [HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupfolderC:^Documents and Settings^All Users^Menu Start^Programy^Autostart^Adobe Reader Speed Launch.lnk] path=C:Documents and SettingsAll UsersMenu StartProgramyAutostartAdobe Reader Speed Launch.lnk backup=C:WINDOWSpssAdobe Reader Speed Launch.lnkCommon Startup [HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupfolderC:^Documents and Settings^All Users^Menu Start^Programy^Autostart^Microsoft Office.lnk] path=C:Documents and SettingsAll UsersMenu StartProgramyAutostartMicrosoft Office.lnk backup=C:WINDOWSpssMicrosoft Office.lnkCommon Startup [HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupfolderC:^Documents and Settings^Piachu^Menu Start^Programy^Autostart^Xfire.lnk] path=C:Documents and SettingsPiachuMenu StartProgramyAutostartXfire.lnk backup=C:WINDOWSpssXfire.lnkStartup [HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregBearShare] "C:Program FilesBearShareBearShare.exe" /pause [HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregCTFMON.EXE] C:WINDOWSSystem32ctfmon.exe [HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregEdHTML] C:Program FilesBinboyEdHTMLv5.0EdHTML.exe /none [HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregInternetCalls] "C:program filesinternetcalls.cominternetcallsinternetcalls.exe" -nosplash -minimized [HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregMSMSGS] "C:Program FilesMessengermsmsgs.exe" /background [HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregNvMediaCenter] RUNDLL32.EXE C:WINDOWSSystem32NvMcTray.dll,NvTaskbarInit [HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregnwiz] nwiz.exe /install [HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregSkype] "C:Program FilesSkypePhoneSkype.exe" /nosplash /minimized [HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregSony Ericsson PC Suite] "C:Program FilesSony EricssonMobile2Application LauncherApplication Launcher.exe" /startoptions [HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregSunJavaUpdateSched] "C:Program FilesJavajre1.5.0_11binjusched.exe" [HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregzango] "c:program fileszangozango.exe" HKEY_LOCAL_MACHINEsoftwaremicrosoftactive setupinstalled components{ACC563BC-4266-43f0-B6ED-9D38C4202C7E} rundll32 iesetup.dll,IEAccessUserInst Contents of the 'Scheduled Tasks' folder 2007-07-02 12:27:07 C:WINDOWStasksAppleSoftwareUpdate.job ************************************************************************** catchme 0.3.915 W2K/XP/Vista - rootkit detector by Gmer, http://www.gmer.net Rootkit scan 2007-07-16 10:25:11 Windows 5.1.2600 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** Completion time: 2007-07-16 10:30:53 - machine was rebooted C:ComboFix-quarantined-files.txt ... 2007-07-16 10:30 --- E O F --- HiJackThis: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 14:55:47, on 2007-07-16 Platform: Windows XP (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 (6.00.2600.0000) Boot mode: Normal Running processes: C:WINDOWSSystem32smss.exe C:WINDOWSsystem32winlogon.exe C:WINDOWSsystem32services.exe C:WINDOWSsystem32lsass.exe C:WINDOWSsystem32svchost.exe C:WINDOWSSystem32svchost.exe C:Program FilesAlwil SoftwareAvast4aswUpdSv.exe C:Program FilesAlwil SoftwareAvast4ashServ.exe C:WINDOWSsystem32spoolsv.exe C:Program FilesLavasoftAd-Aware 2007aawservice.exe C:PROGRA~1GrisoftAVG7avgamsvr.exe C:PROGRA~1GrisoftAVG7avgupsvc.exe C:PROGRA~1GrisoftAVG7avgemc.exe C:Program FilesCommon FilesMicrosoft SharedVS7Debugmdm.exe C:WINDOWSSystem32nvsvc32.exe C:Program FilesAlwil SoftwareAvast4ashWebSv.exe C:Program FilesAlwil SoftwareAvast4ashMaiSv.exe C:WINDOWSExplorer.EXE C:WINDOWSSystem32wuauclt.exe C:PROGRA~1ALWILS~1Avast4ashDisp.exe C:Program FilesWinampwinampa.exe C:Program FilesD-Toolsdaemon.exe C:Program FilesAnti-BlaxxAnti-Blaxx.exe C:Program FilesGoogleGmail Notifiergnotify.exe C:PROGRA~1GrisoftAVG7avgcc.exe C:WINDOWSSystem32ctfmon.exe C:Program FilesMessengermsmsgs.exe C:Program FilesMozilla Firefoxfirefox.exe C:Program FilesGadu-Gadugg.exe C:WINDOWSsystem32NOTEPAD.EXE C:Program FilesTrend MicroHijackThisHijackThis.exe R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = about:blank R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Local Page = R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Łącza O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:Program FilesAdobeAcrobat 7.0ActiveXAcroIEHelper.dll (file missing) O2 - BHO: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:PROGRA~1MEGAUP~1MEGAUP~1.DLL O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:Program FilesSpybot - Search & DestroySDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:Program FilesJavajre1.5.0_11binssv.dll O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - C:PROGRA~1FlashGetjccatch.dll O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:PROGRA~1FlashFXPIEFlash.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:WINDOWSSystem32msdxm.ocx O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:PROGRA~1FlashGetfgiebar.dll O3 - Toolbar: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:PROGRA~1MEGAUP~1MEGAUP~1.DLL O4 - HKLM..Run: [avast!] C:PROGRA~1ALWILS~1Avast4ashDisp.exe O4 - HKLM..Run: [WinampAgent] C:Program FilesWinampwinampa.exe O4 - HKLM..Run: [DAEMON Tools-1033] "C:Program FilesD-Toolsdaemon.exe" -lang 1033 O4 - HKLM..Run: [Anti-Blaxx Manager] C:Program FilesAnti-BlaxxAnti-Blaxx.exe O4 - HKLM..Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:Program FilesGoogleGmail Notifiergnotify.exe O4 - HKLM..Run: [Google Desktop Search] "C:Program FilesGoogleGoogle Desktop SearchGoogleDesktop.exe" /startup O4 - HKLM..Run: [AVG7_CC] C:PROGRA~1GrisoftAVG7avgcc.exe /STARTUP O4 - HKCU..Run: [CTFMON.EXE] C:WINDOWSSystem32ctfmon.exe O4 - HKCU..Run: [MSMSGS] "C:Program FilesMessengermsmsgs.exe" /background O4 - HKCU..Run: [Gadu-Gadu] "C:Program FilesGadu-Gadugg.exe" /tray O4 - HKUSS-1-5-19..Run: [CTFMON.EXE] C:WINDOWSSystem32CTFMON.EXE (User 'USŁUGA LOKALNA') O4 - HKUSS-1-5-19..Run: [AVG7_Run] C:PROGRA~1GrisoftAVG7avgw.exe /RUNONCE (User 'USŁUGA LOKALNA') O4 - HKUSS-1-5-20..Run: [CTFMON.EXE] C:WINDOWSSystem32CTFMON.EXE (User 'USŁUGA SIECIOWA') O4 - HKUSS-1-5-18..Run: [CTFMON.EXE] C:WINDOWSSystem32CTFMON.EXE (User 'SYSTEM') O4 - HKUS.DEFAULT..Run: [CTFMON.EXE] C:WINDOWSSystem32CTFMON.EXE (User 'Default user') O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:PROGRA~1MICROS~3Office10EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program FilesJavajre1.5.0_11binssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program FilesJavajre1.5.0_11binssv.dll O9 - Extra button: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:Program FilesTitan Pokercasino.exe O9 - Extra 'Tools' menuitem: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:Program FilesTitan Pokercasino.exe O9 - Extra button: Crazy Poker - {8A8A3162-B5FA-4c54-A862-4E62CBE8A255} - C:Program FilescrazyvegasMPPMPPoker.exe O9 - Extra button: CDPoker - {A68FC757-51CF-4f3c-B13A-BFB8CA69BB99} - C:PokerCDPokercasino.exe O9 - Extra 'Tools' menuitem: CDPoker - {A68FC757-51CF-4f3c-B13A-BFB8CA69BB99} - C:PokerCDPokercasino.exe O9 - Extra button: PartyCasino.com - {B4B52284-A248-4c51-9F7C-F0A0C67FCC9D} - C:Program FilesPartyGamingPartyCasinoRunCasino.exe O9 - Extra 'Tools' menuitem: PartyCasino.com - {B4B52284-A248-4c51-9F7C-F0A0C67FCC9D} - C:Program FilesPartyGamingPartyCasinoRunCasino.exe O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:Program FilesPartyGamingPartyPokerRunApp.exe O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:Program FilesPartyGamingPartyPokerRunApp.exe O9 - Extra button: Unibet Poker - {C53BFCFC-7A54-4627-AEBA-2CD4871FCA97} - C:MicrogamingPokerUnibetpokerMPPMPPoker.exe O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:PROGRA~1FlashGetflashget.exe O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:PROGRA~1FlashGetflashget.exe O9 - Extra button: NordicBet Poker - {E6073F93-9541-4be4-9800-109D378EB99B} - C:MicrogamingPokernordicbetMPPMPPoker.exe O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://download.macromedia.com/pub/shockwa...ash/swflash.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:PROGRA~1COMMON~1SkypeSKYPE4~1.DLL O20 - AppInit_DLLs: C:PROGRA~1GoogleGOOGLE~2GOEC62~1.DLL O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:Program FilesLavasoftAd-Aware 2007aawservice.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:Program FilesAlwil SoftwareAvast4aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:Program FilesAlwil SoftwareAvast4ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:Program FilesAlwil SoftwareAvast4ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:Program FilesAlwil SoftwareAvast4ashWebSv.exe O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:PROGRA~1GrisoftAVG7avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:PROGRA~1GrisoftAVG7avgupsvc.exe O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:PROGRA~1GrisoftAVG7avgemc.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:Program FilesCommon FilesInstallShieldDriver11Intel 32IDriverT.exe O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:WINDOWSsystem32LEXBCES.EXE O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:WINDOWSSystem32nvsvc32.exe -- End of file - 7594 bytes I jak?
CatchMe komentarz 17 lipca 2007 komentarz 17 lipca 2007 Miałeś rootkita - restarty. Pogrubiony folder usuń a wpisy skasuj w HijackThis: O9 - Extra button: PartyCasino.com - {B4B52284-A248-4c51-9F7C-F0A0C67FCC9D} - C:Program FilesPartyGamingPartyCasinoRunCasino.exe O9 - Extra 'Tools' menuitem: PartyCasino.com - {B4B52284-A248-4c51-9F7C-F0A0C67FCC9D} - C:Program FilesPartyGamingPartyCasinoRunCasino.exe Jeżeli tego nie znasz to tak samo usuwasz z dysku a wpisy kasujesz w HijackThis: O9 - Extra button: Unibet Poker - {C53BFCFC-7A54-4627-AEBA-2CD4871FCA97} - C:MicrogamingPokerUnibetpokerMPPMPPoker.exe O9 - Extra button: NordicBet Poker - {E6073F93-9541-4be4-9800-109D378EB99B} - C:MicrogamingPokernordicbetMPPMPPoker.exe - Następnie wklej nowy log z HijackThis
piachu01 komentarz 17 lipca 2007 Autor komentarz 17 lipca 2007 Usunąć? przecież to tylko clienty pokera i kasyna
Sean komentarz 17 lipca 2007 komentarz 17 lipca 2007 no to co...usuń i wklej te logi jak mówi CatchMe
piachu01 komentarz 17 lipca 2007 Autor komentarz 17 lipca 2007 Usunąłem Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 22:01:44, on 2007-07-17 Platform: Windows XP (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 (6.00.2600.0000) Boot mode: Normal Running processes: C:WINDOWSSystem32smss.exe C:WINDOWSsystem32winlogon.exe C:WINDOWSsystem32services.exe C:WINDOWSsystem32lsass.exe C:WINDOWSsystem32svchost.exe C:WINDOWSSystem32svchost.exe C:Program FilesAlwil SoftwareAvast4aswUpdSv.exe C:Program FilesAlwil SoftwareAvast4ashServ.exe C:WINDOWSsystem32LEXBCES.EXE C:WINDOWSsystem32spoolsv.exe C:Program FilesLavasoftAd-Aware 2007aawservice.exe C:PROGRA~1GrisoftAVG7avgamsvr.exe C:PROGRA~1GrisoftAVG7avgupsvc.exe C:PROGRA~1GrisoftAVG7avgemc.exe C:Program FilesCommon FilesMicrosoft SharedVS7Debugmdm.exe C:WINDOWSSystem32nvsvc32.exe C:Program FilesAlwil SoftwareAvast4ashMaiSv.exe C:Program FilesAlwil SoftwareAvast4ashWebSv.exe C:WINDOWSsystem32winlogon.exe C:WINDOWSExplorer.EXE C:PROGRA~1ALWILS~1Avast4ashDisp.exe C:Program FilesWinampwinampa.exe C:Program FilesD-Toolsdaemon.exe C:Program FilesAnti-BlaxxAnti-Blaxx.exe C:Program FilesGoogleGmail Notifiergnotify.exe C:PROGRA~1GrisoftAVG7avgcc.exe C:WINDOWSSystem32lexpps.exe C:WINDOWSSystem32ctfmon.exe C:Program FilesMessengermsmsgs.exe C:Program FilesGadu-Gadugg.exe C:Program FilesMozilla Firefoxfirefox.exe C:Program FilesTrend MicroHijackThisHijackThis.exe R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = about:blank R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Local Page = R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Łącza O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:Program FilesAdobeAcrobat 7.0ActiveXAcroIEHelper.dll (file missing) O2 - BHO: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:PROGRA~1MEGAUP~1MEGAUP~1.DLL O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:Program FilesSpybot - Search & DestroySDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:Program FilesJavajre1.5.0_11binssv.dll O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - C:PROGRA~1FlashGetjccatch.dll O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:PROGRA~1FlashFXPIEFlash.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:WINDOWSSystem32msdxm.ocx O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:PROGRA~1FlashGetfgiebar.dll O3 - Toolbar: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:PROGRA~1MEGAUP~1MEGAUP~1.DLL O4 - HKLM..Run: [avast!] C:PROGRA~1ALWILS~1Avast4ashDisp.exe O4 - HKLM..Run: [WinampAgent] C:Program FilesWinampwinampa.exe O4 - HKLM..Run: [DAEMON Tools-1033] "C:Program FilesD-Toolsdaemon.exe" -lang 1033 O4 - HKLM..Run: [Anti-Blaxx Manager] C:Program FilesAnti-BlaxxAnti-Blaxx.exe O4 - HKLM..Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:Program FilesGoogleGmail Notifiergnotify.exe O4 - HKLM..Run: [Google Desktop Search] "C:Program FilesGoogleGoogle Desktop SearchGoogleDesktop.exe" /startup O4 - HKLM..Run: [AVG7_CC] C:PROGRA~1GrisoftAVG7avgcc.exe /STARTUP O4 - HKLM..Run: [NvCplDaemon] RUNDLL32.EXE C:WINDOWSSystem32NvCpl.dll,NvStartup O4 - HKCU..Run: [CTFMON.EXE] C:WINDOWSSystem32ctfmon.exe O4 - HKCU..Run: [MSMSGS] "C:Program FilesMessengermsmsgs.exe" /background O4 - HKCU..Run: [Gadu-Gadu] "C:Program FilesGadu-Gadugg.exe" /tray O4 - HKUSS-1-5-19..Run: [CTFMON.EXE] C:WINDOWSSystem32CTFMON.EXE (User 'USŁUGA LOKALNA') O4 - HKUSS-1-5-19..Run: [AVG7_Run] C:PROGRA~1GrisoftAVG7avgw.exe /RUNONCE (User 'USŁUGA LOKALNA') O4 - HKUSS-1-5-20..Run: [CTFMON.EXE] C:WINDOWSSystem32CTFMON.EXE (User 'USŁUGA SIECIOWA') O4 - HKUSS-1-5-18..Run: [CTFMON.EXE] C:WINDOWSSystem32CTFMON.EXE (User 'SYSTEM') O4 - HKUS.DEFAULT..Run: [CTFMON.EXE] C:WINDOWSSystem32CTFMON.EXE (User 'Default user') O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:PROGRA~1MICROS~3Office10EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program FilesJavajre1.5.0_11binssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program FilesJavajre1.5.0_11binssv.dll O9 - Extra button: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:Program FilesTitan Pokercasino.exe O9 - Extra 'Tools' menuitem: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:Program FilesTitan Pokercasino.exe O9 - Extra button: Crazy Poker - {8A8A3162-B5FA-4c54-A862-4E62CBE8A255} - C:Program FilescrazyvegasMPPMPPoker.exe O9 - Extra button: CDPoker - {A68FC757-51CF-4f3c-B13A-BFB8CA69BB99} - C:PokerCDPokercasino.exe O9 - Extra 'Tools' menuitem: CDPoker - {A68FC757-51CF-4f3c-B13A-BFB8CA69BB99} - C:PokerCDPokercasino.exe O9 - Extra button: PartyCasino.com - {B4B52284-A248-4c51-9F7C-F0A0C67FCC9D} - C:Program FilesPartyGamingPartyCasinoRunCasino.exe (file missing) O9 - Extra 'Tools' menuitem: PartyCasino.com - {B4B52284-A248-4c51-9F7C-F0A0C67FCC9D} - C:Program FilesPartyGamingPartyCasinoRunCasino.exe (file missing) O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:Program FilesPartyGamingPartyPokerRunApp.exe O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:Program FilesPartyGamingPartyPokerRunApp.exe O9 - Extra button: Unibet Poker - {C53BFCFC-7A54-4627-AEBA-2CD4871FCA97} - C:MicrogamingPokerUnibetpokerMPPMPPoker.exe (file missing) O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:PROGRA~1FlashGetflashget.exe O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:PROGRA~1FlashGetflashget.exe O9 - Extra button: NordicBet Poker - {E6073F93-9541-4be4-9800-109D378EB99B} - C:MicrogamingPokernordicbetMPPMPPoker.exe (file missing) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://download.macromedia.com/pub/shockwa...ash/swflash.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:PROGRA~1COMMON~1SkypeSKYPE4~1.DLL O20 - AppInit_DLLs: C:PROGRA~1GoogleGOOGLE~2GOEC62~1.DLL O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:Program FilesLavasoftAd-Aware 2007aawservice.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:Program FilesAlwil SoftwareAvast4aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:Program FilesAlwil SoftwareAvast4ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:Program FilesAlwil SoftwareAvast4ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:Program FilesAlwil SoftwareAvast4ashWebSv.exe O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:PROGRA~1GrisoftAVG7avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:PROGRA~1GrisoftAVG7avgupsvc.exe O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:PROGRA~1GrisoftAVG7avgemc.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:Program FilesCommon FilesInstallShieldDriver11Intel 32IDriverT.exe O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:WINDOWSsystem32LEXBCES.EXE O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:WINDOWSSystem32nvsvc32.exe -- End of file - 7773 bytes
CatchMe komentarz 18 lipca 2007 komentarz 18 lipca 2007 Kosmetycznie w HijackThis usuń: O9 - Extra button: PartyCasino.com - {B4B52284-A248-4c51-9F7C-F0A0C67FCC9D} - C:Program FilesPartyGamingPartyCasinoRunCasino.exe (file missing) O9 - Extra 'Tools' menuitem: PartyCasino.com - {B4B52284-A248-4c51-9F7C-F0A0C67FCC9D} - C:Program FilesPartyGamingPartyCasinoRunCasino.exe (file missing) O9 - Extra button: Unibet Poker - {C53BFCFC-7A54-4627-AEBA-2CD4871FCA97} - C:MicrogamingPokerUnibetpokerMPPMPPoker.exe (file missing) O9 - Extra button: NordicBet Poker - {E6073F93-9541-4be4-9800-109D378EB99B} - C:MicrogamingPokernordicbetMPPMPPoker.exe (file missing) Poza tym jest już czysto.
oaza_spokoju komentarz 18 lipca 2007 komentarz 18 lipca 2007 Ile masz pamięci i ile zżera zaraz po starcie systemu? Tak samo jak jest z pamięcią wirtualną? Kiedy stawiałeś nowy system? Napisz coś dokładniej o sprzęcie.. Na wszelki wypadek sprawdź temp i napięcia zasilacza, no chyba że już restartów nie miewasz, bo tego nie napisałeś.. Czy po usunięciu z logów możesz normalnie skanować ad-aware ? Masz zaznaczony automatyczny rozruch?
Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!
Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.