Dziwny problem z xp + LOG


(Sienkol91) #1

Mam windowsa xp z sp2 i wszystko jest wporzadku (dzialaja wszystkie programy) jednak kiedy otworze jakis folder, a potem otworze jeszcze z 2 to wszystko sie zamyka i widac tylko pulpit. Po paru sekundach wszystko wraca do normy, jednak folder sie zamyka, a wszystkie programy prawidlowo dzialaja i kiedy znow proboje otworzyc folder jest tak samo :confused: Jest to uciazliwe, wiec prosze o szybka pomoc :slight_smile:


(Foxas) #2

mam to samo jak przegladam niektore foldery w sieci.

i chetnie sie dowiem jak tego sie pozbyc.


(Mayster X) #3

a jak z wirusami ... ?? komp chodzi bez problemow oprocz tego ''ma艂ego problemu'' tzn. obciazenie procesora itp. ... ?? ... :slight_smile:


(Sienkol91) #4

Ciezko mi odpowiedziec :slight_smile: U mnie to trwa chwile moze z 2-3 sekundy, wiesz jak to naprawic?


(Mayster X) #5

hmmmm ... jesli mialbys podejrzenia zawirusowania to trzeba by bylo dac loga ...

cos krotko ... myslalem ze dluzej ... narazie nie mam innego pomyslu ... 8) czym moze to byc spowodowane ... :slight_smile:


(Sam Fisher) #6

mnie to wygl膮da na syf ...... :?

zamie艣膰 loga ...

mo偶esz skorzysta膰 ze skaner贸w internetowych

http://forum.dobreprogramy.pl/viewtopic.php?t=8175


(Sienkol91) #7

co to jest log i jak to zamiescic ? :slight_smile: jestem troche lamer w tych sprawach ;p


(sniper00) #8

wejd藕 w ustawienia folder贸w i kliknij opcje "uruchom okna w osobnych procesach..." i sprawd藕 czy to pomo偶e....


(Asterisk) #9

Tutaj masz wszystko opisane

BTW.

Prosz臋 zmieni膰 tytu艂 na konkretny, bo temat zostanie skasowany


(Sienkol91) #10

to moj log:

Logfile of HijackThis v1.99.1

Scan saved at 20:55:24, on 2006-02-24

Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)


Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\Program Files\Common Files\Symantec Shared\ccApp.exe

D:\Program Files\D-Tools\daemon.exe

C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe

C:\Program Files\Ahead\InCD\InCD.exe

C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe

C:\WINDOWS\SOUNDMAN.EXE

C:\WINDOWS\system32\rundll32.exe

C:\windows\winsysban.exe

C:\Program Files\QuickTime\qttask.exe

C:\Program Files\Winamp\winampa.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Messenger\msmsgs.exe

C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe

C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe

C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe

C:\WINDOWS\dlhost.exe

C:\Program Files\Norton AntiVirus\navapsvc.exe

C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe

C:\Program Files\Network Monitor\netmon.exe

C:\Program Files\Norton Internet Security\NISUM.EXE

C:\WINDOWS\shost.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\WIBUKEY\Server\WkSvW32.exe

C:\Program Files\Norton Internet Security\ccPxySvc.exe

C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe

C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe

C:\WINDOWS\system32\wuauclt.exe

D:\Programy\Opera\Opera.exe

C:\WINDOWS\explorer.exe

C:\Documents and Settings\Sienkol\Pulpit\HijackThis.exe


R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://searchbar.findthewebsiteyouneed.com

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://searchbar.findthewebsiteyouneed.com

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://searchbar.findthewebsiteyouneed.com

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.findthewebsiteyouneed.com

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://searchbar.findthewebsiteyouneed.com

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://searchbar.findthewebsiteyouneed.com

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 艁膮cza

O2 - BHO: ATLDistrib Object - {3FE36807-69ED-45D1-B9BE-85C0E3F75B6A} - C:\WINDOWS\System32\mljge.dll

O2 - BHO: (no name) - {EA32FB3B-21C9-42cc-B8EF-01A9B28EDB0D} - C:\WINDOWS\System32\vtutt.dll

O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll

O4 - HKLM\..\Run: [Services] c:\winapi64.exe

O4 - HKLM\..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe

O4 - HKLM\..\Run: [ccRegVfy] C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe

O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer

O4 - HKLM\..\Run: [DAEMON Tools-1033] "D:\Program Files\D-Tools\daemon.exe" -lang 1033

O4 - HKLM\..\Run: [AtiPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe

O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe

O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe

O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE

O4 - HKLM\..\Run: [WinDLL (vdm32.dll)] rundll32.exe C:\WINDOWS\System32\vdm32.dll,start

O4 - HKLM\..\Run: [winsysupd] C:\windows\winsysupd.exe

O4 - HKLM\..\Run: [winsysban] C:\windows\winsysban.exe

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background

O4 - HKCU\..\Run: [Komunikator] D:\Programy\Tlen.pl\tlen.exe

O4 - Global Startup: hp psc 1000 series.lnk = ?

O4 - Global Startup: hpoddt01.exe.lnk = ?

O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE

O8 - Extra context menu item: Pobierz u偶ywaj膮c Download &Express'a - C:\Program Files\Download Express\Add_Url.htm

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1134067361389

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1134067281405

O16 - DPF: {83AFB5CA-ED35-11D4-A452-0080C8D85045} (GameDesire Poker Games) - http://67.15.101.3/g_bin/pl/poker_2_0_0_39.cab

O16 - DPF: {BFA1F11D-3121-AFE1-4112-894323212DAC} (GameDesire Word Games) - http://67.15.101.3/g_bin/pl/words_2_0_0_38.cab

O16 - DPF: {FDDBE2B8-6602-4AD8-946D-94C5A32FA6C1} (GameDesire Pool 8) - http://67.15.101.3/g_bin/pl/billard8_2_0_0_24.cab

O16 - DPF: {FDDBE2B8-6602-4AD8-946D-94C5A32FA6C5} (GameDesire Snooker) - http://67.15.101.3/g_bin/pl/snooker_2_0_0_24.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{9ED57BA6-78F4-4B31-8A97-457776B5F0D5}: NameServer = 217.30.129.149,217.30.137.200

O20 - Winlogon Notify: mljge - C:\WINDOWS\System32\mljge.dll

O20 - Winlogon Notify: vtutt - C:\WINDOWS\SYSTEM32\vtutt.dll

O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe

O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe

O23 - Service: Symantec Password Validation Service (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe

O23 - Service: Symantec Proxy Service (ccPxySvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\ccPxySvc.exe

O23 - Service: DynamicHost (DLHOST) - Unknown owner - C:\WINDOWS\dlhost.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe

O23 - Service: Network Monitor - Unknown owner - C:\Program Files\Network Monitor\netmon.exe

O23 - Service: Norton Internet Security Accounts Manager (NISUM) - Symantec Corporation - C:\Program Files\Norton Internet Security\NISUM.EXE

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe

O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe

O23 - Service: Service Hosts (ServiceHost) - Unknown owner - C:\WINDOWS\shost.exe

O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe

O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe

O23 - Service: WIBU-KEY Server (WkSvW32) - WIBU-SYSTEMS AG - C:\Program Files\WIBUKEY\Server\WkSvW32.exe

(Asterisk) #11

A tytu艂 :o

Tym razem Ci daruj臋 - temat zostaje

przeniesiony stosownie do tre艣ci


(Gutek) #12

Start >>> Uruchom >>> services.msc >>> zatrzymaj i wy艂膮cz Network Monitor, Service Hosts i DynamicHost

  1. Wy艂膮czy膰 Przywracanie systemu w XP

  2. Zastartowa膰 do trybu awaryjnego bez internetu.

  3. Zaznaczy膰 wskazane wpisy w Hijacku i klikn膮膰 Fix checked. Wpisy zostan膮 usuni臋te.

  4. Skasowa膰 z dysku pliki i foldery, kt贸re podkre艣li艂em na czerwono

  5. Doko艅czy膰 skanerami online - Scanery do wyboru

  6. Pokaza膰 nowy log :stuck_out_tongue:

U偶yj http://www.atribune.org/ccount/click.php?id=4 tryb awaryjny kliknij Scan for Vundo a po tym Remove Vundo po tym scanery online