x-kom hosting

Prosze o sprawdzenie

nidhogg
utworzono
utworzono

Witam Was. Mam problem, bo cos zaczyna mi komp szwamkować i niebardzo narazie umiem sobie z tym poradzić, więc prosze was o sprawdzenie tego oto tu poniżej, i powiedzenie mi czy jest wszystko w porządku, czy może niebardzo.

ComboFix 08-08-03.05 - Anonymous 2008-08-04 16:53:16.1 - NTFSx86Microsoft Windows XP Home Edition  5.1.2600.2.1250.1.1045.18.1555 [GMT 2:00]Running from: C:\Documents and Settings\Anonymous\Pulpit\ComboFix.exe * Created a new restore point[b]WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !![/b].(((((((((((((((((((((((((((((((((((((((   Other Deletions   ))))))))))))))))))))))))))))))))))))))))))))))))).C:\Documents and Settings\Anonymous\Dane aplikacji\macromedia\Flash Player\#SharedObjects\RF9CS6SC\interclick.comC:\Documents and Settings\Anonymous\Dane aplikacji\macromedia\Flash Player\#SharedObjects\RF9CS6SC\interclick.com\ud.solC:\Documents and Settings\Anonymous\Dane aplikacji\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#interclick.comC:\Documents and Settings\Anonymous\Dane aplikacji\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#interclick.com\settings.solC:\WINDOWS\system32\msvcsv60.dllC:\WINDOWS\system32\systeminfo3.dll.(((((((((((((((((((((((((   Files Created from 2008-07-04 to 2008-08-04  ))))))))))))))))))))))))))))))).2008-08-04 16:40 . 2008-08-04 16:40	<DIR>	d--------	C:\Program Files\Trend Micro2008-08-04 16:27 . 2008-08-04 16:34	<DIR>	d--------	C:\Program Files\Debugging Tools for Windows (x86)2008-07-31 13:23 . 2008-07-31 13:23	<DIR>	d--------	C:\Program Files\Native Instruments2008-07-31 11:25 . 2008-07-31 11:25	<DIR>	d--------	C:\Program Files\ASIO4ALL v22008-07-29 13:32 . 2008-07-29 13:32	<DIR>	d--------	C:\Program Files\Microsoft Silverlight2008-07-27 15:14 . 2008-07-27 15:14	<DIR>	d--------	C:\Program Files\Windows Media Connect 22008-07-27 15:13 . 2008-07-27 15:14	<DIR>	d--------	C:\WINDOWS\system32\drivers\UMDF2008-07-25 11:06 . 2008-07-31 18:41	16	--a------	C:\WINDOWS\system32\w3data.vss2008-07-25 11:06 . 2008-07-31 18:41	16	--a------	C:\WINDOWS\msocreg32.dat2008-07-25 11:04 . 2008-07-25 11:04	<DIR>	d--------	C:\Program Files\DigiDesign2008-07-25 11:04 . 2006-11-27 12:29	189	--a------	C:\WINDOWS\system32\.MySCMServerInfo2008-07-25 11:03 . 2008-07-25 11:03	<DIR>	d--------	C:\Program Files\IK Multimedia2008-07-19 09:28 . 2008-07-19 09:28	<DIR>	d--------	C:\Program Files\Cyanide2008-07-15 20:20 . 2008-07-15 20:20	<DIR>	d--------	C:\Program Files\EarMaster School 52008-07-15 20:20 . 2008-07-15 20:20	<DIR>	d--------	C:\Documents and Settings\All Users\Dane aplikacji\EarMaster2008-07-15 15:57 . 2008-07-15 16:02	<DIR>	d--------	C:\Program Files\Audiotran2008-07-15 15:57 . 2008-07-15 15:57	245,760	---------	C:\WINDOWS\Setup1.exe2008-07-15 15:57 . 2008-07-15 15:57	73,216	--a------	C:\WINDOWS\ST6UNST.EXE2008-07-06 22:55 . 2008-07-06 23:02	486	--a------	C:\WINDOWS\cdplayer.ini2008-07-06 22:54 . 2008-07-06 22:54	<DIR>	d--------	C:\Program Files\FreeRIP32008-07-06 22:54 . 2008-07-06 22:54	<DIR>	d--------	C:\Documents and Settings\All Users\Dane aplikacji\FreeRIP.((((((((((((((((((((((((((((((((((((((((   Find3M Report   )))))))))))))))))))))))))))))))))))))))))))))))))))).2008-08-04 14:35	---------	d-----w	C:\Program Files\neostrada tp2008-08-04 14:20	---------	d-----w	C:\Program Files\SpeedFan2008-08-04 08:56	---------	d-----w	C:\Documents and Settings\Anonymous\Dane aplikacji\foobar20002008-07-31 16:41	---------	d-----w	C:\Program Files\REAPER2008-07-31 11:24	---------	d-----w	C:\Program Files\VstPlugins2008-07-28 22:59	196,608	----a-w	C:\WINDOWS\system32\drivers\nStandard.bin2008-07-25 09:24	---------	d-----w	C:\Documents and Settings\Anonymous\Dane aplikacji\REAPER2008-07-25 09:04	---------	d--h--w	C:\Program Files\InstallShield Installation Information2008-07-23 12:40	22,328	----a-w	C:\WINDOWS\system32\drivers\PnkBstrK.sys2008-07-23 12:40	103,736	----a-w	C:\WINDOWS\system32\PnkBstrB.exe2008-07-23 10:24	---------	d-----w	C:\Program Files\Java2008-07-17 10:10	---------	d-----w	C:\Program Files\Opera2008-07-16 11:16	---------	d-----w	C:\Program Files\Soulseek2008-07-09 09:19	---------	d-----w	C:\Program Files\Gadu-Gadu2008-07-03 11:22	108,144	----a-w	C:\WINDOWS\system32\CmdLineExt.dll2008-07-03 11:22	---------	d--h--r	C:\Documents and Settings\Anonymous\Dane aplikacji\SecuROM2008-07-01 17:20	---------	d-----w	C:\Program Files\Common Files\Adobe2008-07-01 17:19	---------	d-----w	C:\Program Files\Common Files\Adobe Systems Shared2008-07-01 08:20	---------	d-----w	C:\Program Files\Winamp2008-07-01 08:20	---------	d-----w	C:\Documents and Settings\Anonymous\Dane aplikacji\Winamp2008-06-23 09:47	---------	d-----w	C:\Program Files\eMule2008-06-20 17:42	246,784	----a-w	C:\WINDOWS\system32\mswsock.dll2008-06-20 10:45	360,320	----a-w	C:\WINDOWS\system32\drivers\tcpip.sys2008-06-20 10:44	138,368	----a-w	C:\WINDOWS\system32\drivers\afd.sys2008-06-20 09:52	225,920	----a-w	C:\WINDOWS\system32\drivers\tcpip6.sys2008-06-18 09:47	---------	d-----w	C:\Program Files\QuickTime2008-06-18 09:47	---------	d-----w	C:\Documents and Settings\All Users\Dane aplikacji\Apple Computer2008-06-15 20:18	---------	d-----w	C:\Program Files\SBaGen2008-06-15 20:12	---------	d-----w	C:\Program Files\IDoser v42008-06-14 23:06	223,128	----a-w	C:\WINDOWS\system32\drivers\dtscsi.sys2008-06-14 23:06	---------	d-----w	C:\Program Files\DAEMON Tools2008-06-14 22:49	---------	d-----w	C:\Documents and Settings\Anonymous\Dane aplikacji\Xfire2008-06-14 18:01	273,024	------w	C:\WINDOWS\system32\drivers\bthport.sys2008-06-12 16:20	---------	d-----w	C:\Program Files\MSECache2008-06-08 17:33	---------	d-----w	C:\Program Files\BitComet2008-06-07 11:09	2,560	----a-w	C:\WINDOWS\system32\bitcometres.dll2008-06-03 15:59	81,920	----a-w	C:\Documents and Settings\Anonymous\Dane aplikacji\ezpinst.exe2008-06-03 15:59	47,360	----a-w	C:\Documents and Settings\Anonymous\Dane aplikacji\pcouffin.sys2008-05-17 15:24	7,146,273	----a-w	C:\WINDOWS\ssaver2.scr2008-05-17 15:24	2,715,284	----a-w	C:\WINDOWS\ssaver1.scr2008-05-08 14:59	43,520	----a-w	C:\WINDOWS\system32\CmdLineExt03.dll2008-05-07 15:43	21,840	----a-w	C:\WINDOWS\system32\SIntfNT.dll2008-05-07 15:43	17,212	----a-w	C:\WINDOWS\system32\SIntf32.dll2008-05-07 15:43	12,067	----a-w	C:\WINDOWS\system32\SIntf16.dll2008-05-07 15:13	2,829	----a-w	C:\WINDOWS\DIIUnin.pif2008-05-07 15:13	106,496	----a-w	C:\WINDOWS\DIIUnin.exe2008-05-07 05:16	1,291,264	----a-w	C:\WINDOWS\system32\quartz.dll.(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))..*Note* empty entries & legit default entries are not shown REGEDIT4[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2006-03-02 14:00 15360]"RocketDock"="C:\Program Files\RocketDock\RocketDock.exe" [2007-09-02 13:58 495616]"DAEMON Tools Pro Agent"="C:\Program Files\DAEMON Tools Pro\DTProAgent.exe" [2007-09-06 15:08 136136]"AlcoholAutomount"="C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" [2008-03-20 18:46 217544][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-06-28 18:43 8466432]"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2007-06-28 18:43 81920]"ASUSGamerOSD"="C:\Program Files\ASUS\GamerOSD\GamerOSD.exe" [2007-07-12 11:03 380928]"CnxDslTaskBar"="C:\Program Files\ZTE Corporation\ZXDSL852\CnxDslTb.exe" [2006-08-31 16:40 278528]"WOOWATCH"="C:\PROGRA~1\NEOSTR~1\Watch.exe" [2004-08-23 15:49 20480]"avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-07-18 20:20 266497]"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 12:50 155648]"CorelDRAW Graphics Suite 11b"="C:\Program Files\Corel\Corel Graphics 12\Languages\EN\Programs\Registration.exe" [2003-11-25 14:39 729088]"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 04:27 144784]"WOOTASKBARICON"="C:\Program Files\neostrada tp\taskbaricon.exe" [2004-10-05 18:00 61440]"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2004-02-12 13:38 49152]"HP Component Manager"="C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" [2004-05-12 15:18 241664]"DAEMON Tools"="C:\Program Files\DAEMON Tools\daemon.exe" [2005-12-10 16:57 133016]"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2008-05-27 10:50 413696]"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 22:16 39792]"RTHDCPL"="RTHDCPL.EXE" [2007-07-05 10:08 16380416 C:\WINDOWS\RTHDCPL.exe]"nwiz"="nwiz.exe" [2007-06-28 18:43 1626112 C:\WINDOWS\system32\nwiz.exe][HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2006-03-02 14:00 15360]C:\Documents and Settings\Anonymous\Menu Start\Programy\Autostart\Adobe Gamma.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-03-16 19:16:00 113664]C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2004-05-28 22:31:38 241664]HP Image Zone - szybkie uruchamianie.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe [2004-05-28 23:06:36 53248]Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE [1999-02-17 20:05:56 65588][HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]"%windir%\\system32\\sessmgr.exe"="C:\\Program Files\\Gadu-Gadu\\gg.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe"="C:\\Program Files\\eMule\\emule.exe"="C:\\Program Files\\Soulseek\\slsk.exe"="C:\\Program Files\\mIRC\\mirc.exe"="D:\\Guitar Hero III\\GH3.exe"="D:\\Assassin's Creed\\AssassinsCreed_Dx9.exe"="D:\\Assassin's Creed\\AssassinsCreed_Dx10.exe"="D:\\Assassin's Creed\\AssassinsCreed_Launcher.exe"="C:\\Program Files\\BitComet\\BitComet.exe"="C:\\Program Files\\Opera\\Opera.exe"="D:\\Loki__\\Loki.exe"="D:\\Loki__\\Autorun\\AutoRun.exe"=[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]"10087:TCP"= 10087:TCP:BitComet 10087 TCP"10087:UDP"= 10087:UDP:BitComet 10087 UDPR3 asusgsb;ASUS Virtual Video Capture Device Driver;C:\WINDOWS\system32\drivers\asusgsb.sys [2007-07-12 11:03]R3 CnxEtP;ZTE ZXDSL852 Adapter Filter Driver;C:\WINDOWS\system32\DRIVERS\CnxEtP.sys [2006-08-31 16:40]R3 CnxEtU;ZTE ZXDSL852 Interface Device Driver;C:\WINDOWS\system32\DRIVERS\CnxEtU.sys [2006-08-31 16:40]R3 CnxTgNW;ZTE ZXDSL852 WAN PPPoA Adapter Driver;C:\WINDOWS\system32\DRIVERS\CnxTgNW.sys [2006-08-31 16:40]R3 Video3D;ASUS Video3D Service;C:\WINDOWS\system32\Drivers\Video3D32.sys [2007-07-12 11:03][HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{9947bb98-e3b8-11dc-89ec-806d6172696f}]\Shell\AutoRun\command - I:\Run.exe*Newly Created Service* - CATCHME*Newly Created Service* - PROCEXP90.Contents of the 'Scheduled Tasks' folder2008-07-16 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job- C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2008-04-11 17:57].- - - - ORPHANS REMOVED - - - -HKLM-Run-Glass2k - C:\Documents and Settings\Anonymous\Pulpit\glass2k.exeHKLM-Run-WinampAgent - C:\Program Files\Winamp\winampa.exe.------- Supplementary Scan -------.FireFox -: Profile - C:\Documents and Settings\Anonymous\Dane aplikacji\Mozilla\Firefox\Profiles\3t8o8tx0.default\FireFox -: prefs.js - STARTUP.HOMEPAGE - www.google.plFF -: plugin - C:\Program Files\Mozilla Firefox\plugins\npOggX.dll**************************************************************************catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.netRootkit scan 2008-08-04 16:54:15Windows 5.1.2600 Dodatek Service Pack 2 NTFSscanning hidden processes ... scanning hidden autostart entries ...scanning hidden files ... scan completed successfullyhidden files: 0**************************************************************************.Completion time: 2008-08-04 16:54:55ComboFix-quarantined-files.txt  2008-08-04 14:54:45Pre-Run: 28,498,309,120 bajtów wolnychPost-Run: 28,914,659,328 bajtów wolnych181	--- E O F ---	2008-07-28 12:57:11

Gawcio
komentarz
komentarz

Co to znaczy "szwankować"?

Powiedz dokładniej co się dzieje.

nidhogg
komentarz
komentarz

Szwankuje tzn, że coś jest nie tak jak powinno; cos sie "kopie".

Włączając gierki widzialem "niebieski ekran śmierci" na ułamek sekundy i po tym restart. Ale jeżeli uruchomiłem gierke odrazu po włączeniu kompa to chodziła... ale do czasu kiedy jej nie zminimalizowałem i niepróbowalem jej ponownie na full screena zrobić, bo potem znow ekran + restart.

Dodaje jeszcze z windbg:

Microsoft ® Windows Debugger Version 6.9.0003.113 X86Copyright © Microsoft Corporation. All rights reserved.Loading Dump File [C:\WINDOWS\Minidump\Mini080508-02.dmp]Mini Kernel Dump File: Only registers and stack trace are availableSymbol search path is: *** Invalid ******************************************************************************** Symbol loading may be unreliable without a symbol search path.		   ** Use .symfix to have the debugger choose a symbol path.				   ** After setting your symbol path, use .reload to refresh symbol locations. *****************************************************************************Executable search path is: ********************************************************************** Symbols can not be loaded because symbol path is not initialized. **																   ** The Symbol Path can be set by:									**   using the _NT_SYMBOL_PATH environment variable.				 **   using the -y <symbol_path> argument when starting the debugger. **   using .sympath and .sympath+									**********************************************************************Unable to load image ntoskrnl.exe, Win32 error 0n2*** WARNING: Unable to verify timestamp for ntoskrnl.exe*** ERROR: Module load completed but symbols could not be loaded for ntoskrnl.exeWindows XP Kernel Version 2600 (Service Pack 2) MP (2 procs) Free x86 compatibleProduct: WinNt, suite: TerminalServer SingleUserTS PersonalKernel base = 0x804d7000 PsLoadedModuleList = 0x8055c700Debug session time: Tue Aug  5 11:12:44.984 2008 (GMT+2)System Uptime: 0 days 0:01:11.718********************************************************************** Symbols can not be loaded because symbol path is not initialized. **																   ** The Symbol Path can be set by:									**   using the _NT_SYMBOL_PATH environment variable.				 **   using the -y <symbol_path> argument when starting the debugger. **   using .sympath and .sympath+									**********************************************************************Unable to load image ntoskrnl.exe, Win32 error 0n2*** WARNING: Unable to verify timestamp for ntoskrnl.exe*** ERROR: Module load completed but symbols could not be loaded for ntoskrnl.exeLoading Kernel Symbols...............................................................................................................................Loading User SymbolsLoading unloaded module list...........Unable to load image atkosdmini.dll, Win32 error 0n2*** WARNING: Unable to verify timestamp for atkosdmini.dll*** ERROR: Module load completed but symbols could not be loaded for atkosdmini.dll********************************************************************************																			 **						Bugcheck Analysis									**																			 ********************************************************************************Use !analyze -v to get detailed debugging information.BugCheck 1000000A, {49, 1c, 0, 804fa11e}***** Kernel symbols are WRONG. Please fix symbols to do analysis.*** WARNING: Unable to verify timestamp for atkdisp.dll*** ERROR: Module load completed but symbols could not be loaded for atkdisp.dll*** WARNING: Unable to verify timestamp for win32k.sys*** ERROR: Module load completed but symbols could not be loaded for win32k.sys*** WARNING: Unable to verify timestamp for dxg.sys*** ERROR: Module load completed but symbols could not be loaded for dxg.sys****************************************************************************																   ******																   ******	Your debugger is not using the correct symbols				 ******																   ******	In order for this command to work properly, your symbol path   ******	must point to .pdb files that have full type information.	  ******																   ******	Certain .pdb files (such as the public OS symbols) do not	  ******	contain the required information.  Contact the group that	  ******	provided you with these symbols if you need this command to	******	work.														  ******																   ******	Type referenced: nt!_KPRCB									 ******																   ********************************************************************************************************************************************************																   ******																   ******	Your debugger is not using the correct symbols				 ******																   ******	In order for this command to work properly, your symbol path   ******	must point to .pdb files that have full type information.	  ******																   ******	Certain .pdb files (such as the public OS symbols) do not	  ******	contain the required information.  Contact the group that	  ******	provided you with these symbols if you need this command to	******	work.														  ******																   ******	Type referenced: nt!_KPRCB									 ******																   ************************************************************************************************************************************************** Symbols can not be loaded because symbol path is not initialized. **																   ** The Symbol Path can be set by:									**   using the _NT_SYMBOL_PATH environment variable.				 **   using the -y <symbol_path> argument when starting the debugger. **   using .sympath and .sympath+									******************************************************************************************************************************************** Symbols can not be loaded because symbol path is not initialized. **																   ** The Symbol Path can be set by:									**   using the _NT_SYMBOL_PATH environment variable.				 **   using the -y <symbol_path> argument when starting the debugger. **   using .sympath and .sympath+									**********************************************************************Probably caused by : atkosdmini.dll ( atkosdmini+1370 )Followup: MachineOwner---------

Aha... jeszcze wczoraj po włączeniu pokazała mi sie urochomiona na pasku aplikacja o nazwie "%HHeHH(1,"costam)%" gdzieś tam w środku byl "-" jescze, i nic niemogłem z tym zrobic ;/

dodaje jeszzcze loga z hjthis:

Logfile of Trend Micro HijackThis v2.0.2Scan saved at 11:40:06, on 2008-08-05Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.16674)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\spoolsv.exeC:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exeC:\WINDOWS\RTHDCPL.EXEC:\WINDOWS\system32\RUNDLL32.EXEC:\Program Files\ASUS\GamerOSD\GamerOSD.exeC:\Program Files\ZTE Corporation\ZXDSL852\CnxDslTb.exeC:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exeC:\Program Files\Java\jre1.6.0_07\bin\jusched.exeC:\Program Files\neostrada tp\taskbaricon.exeC:\Program Files\HP\HP Software Update\HPWuSchd2.exeC:\Program Files\HP\hpcoretech\hpcmpmgr.exeC:\Program Files\DAEMON Tools\daemon.exeC:\WINDOWS\system32\ctfmon.exeC:\Program Files\RocketDock\RocketDock.exeC:\Program Files\DAEMON Tools Pro\DTProAgent.exeC:\Program Files\HP\Digital Imaging\bin\hpqtra08.exeC:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exeC:\WINDOWS\System32\FTRTSVC.exeC:\Program Files\Common Files\LightScribe\LSSrvc.exeC:\WINDOWS\system32\nvsvc32.exeC:\WINDOWS\system32\PnkBstrA.exeC:\WINDOWS\system32\svchost.exeC:\Program Files\HP\Digital Imaging\bin\hpqgalry.exeC:\WINDOWS\explorer.exeC:\Program Files\neostrada tp\neostradatp.exeC:\Program Files\neostrada tp\ComComp.exeC:\PROGRA~1\NEOSTR~1\Toaster.exeC:\PROGRA~1\NEOSTR~1\Inactivity.exeC:\PROGRA~1\NEOSTR~1\PollingModule.exeC:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXEC:\Program Files\neostrada tp\Watch.exeC:\Program Files\Trend Micro\HijackThis\HijackThis.exeR0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = ŁączaR3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\NEOSTR~1\SEARCH~1.DLLO1 - Hosts: 68.178.151.28 www.google-analytics.comO1 - Hosts: 38.113.170.200 ads1.msn.comO1 - Hosts: 38.113.170.200 ads.sup.comO1 - Hosts: 38.113.170.200 rad.msn.comO1 - Hosts: 38.113.170.200 themis.geocities.yahoo.comO1 - Hosts: 62.129.206.38 http://www.youtube.comO2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dllO2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.2.2.28.dllO2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dllO4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXEO4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartupO4 - HKLM\..\Run: [nwiz] nwiz.exe /installO4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInitO4 - HKLM\..\Run: [ASUSGamerOSD] C:\Program Files\ASUS\GamerOSD\GamerOSD.exeO4 - HKLM\..\Run: [CnxDslTaskBar] "C:\Program Files\ZTE Corporation\ZXDSL852\CnxDslTb.exe" "ZTE Corporation\ZXDSL852"O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\NEOSTR~1\Watch.exeO4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /minO4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exeO4 - HKLM\..\Run: [CorelDRAW Graphics Suite 11b] C:\Program Files\Corel\Corel Graphics 12\Languages\EN\Programs\Registration.exe /title="CorelDRAW Graphics Suite 12" /date=080708 serial=DR12WCF-7001780-VEU lang=ENO4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"O4 - HKLM\..\Run: [WOOTASKBARICON] C:\Program Files\neostrada tp\taskbaricon.exeO4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottimeO4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exeO4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files\DAEMON Tools Pro\DTProAgent.exe"O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automountO4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA LOKALNA')O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA SIECIOWA')O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exeO4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exeO4 - Global Startup: HP Image Zone - szybkie uruchamianie.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exeO4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXEO8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htmO8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htmO8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htmO9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dllO9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dllO9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.2.2.28.dll/206 (file missing)O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exeO9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exeO9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO15 - Trusted Zone: http://www.mks.com.plO16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} (MksSkanerOnline Class) - http://www.mks.com.pl/skaner/SkanerOnline.cabO17 - HKLM\System\CCS\Services\Tcpip\..\{6D2B102F-FE33-4F46-BED1-CB6812B1359E}: NameServer = 194.204.159.1 217.98.63.164O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exeO23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exeO23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exeO23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exeO23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exeO23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exeO23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exeO23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exeO23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exeO23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe--End of file - 9014 bytes
Mateusz J.
komentarz
komentarz
O1 - Hosts: 68.178.151.28 www.google-analytics.comO1 - Hosts: 38.113.170.200 ads1.msn.comO1 - Hosts: 38.113.170.200 ads.sup.comO1 - Hosts: 38.113.170.200 rad.msn.comO1 - Hosts: 38.113.170.200 themis.geocities.yahoo.comO1 - Hosts: 62.129.206.38 http://www.youtube.com

Fxi w Hjt.

Co do blue screen.

Probably caused by : atkosdmini.dll ( atkosdmini+1370 )

Rozwiązanie

nidhogg
komentarz
komentarz

"Fxi w Hjt" mi nic niemówi niestety. jak mam to wykonac?

EDIT: Poszperałem i już zrobiłem.

Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!

Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.

×
×
  • Dodaj nową pozycję...

Powiadomienie o plikach cookie

Strona wykorzystuje pliki cookies w celu prawidłowego świadczenia usług i wygody użytkowników. Warunki przechowywania i dostępu do plików cookies możesz zmienić w ustawieniach przeglądarki.