system
(system)
30 Grudzień 2009 18:33
#1
Witam ,moj problem polega na minimalizacji sie gier do paska zadań po ok. 5-10 minutach grania.
Reinstalowalem juz sterowniki i directa. Nie wiem co moze byc przyczyna, choc podejrzewam ze to jest cos w stylu wirusa.
Prosze o pomoc i pozdrawiam.
Log z OTL http://wklejto.pl/51996
Nie wiem czemu ale po zainstalowaniu HijackThis klikajac na ikonke nic sie nie otwiera.
Gutek
(Gutek)
31 Grudzień 2009 07:59
#2
Uruchom OTL i w oknie Custom Scans/Fixes wklej to:
:Processes Explorer.EXE :OTL DRV - [2009-12-12 15:39:16 | 00,000,000 | ---- | M] () [Kernel | System | Stopped] – C:\WINDOWS\System32\drivers\8356be73.sys – (8356be73) DRV - [2009-09-04 22:44:55 | 00,093,436 | ---- | M] () [Kernel | System | Running] – C:\WINDOWS\System32\drivers\6eb5b1b.sys – (6eb5b1b) DRV - [2009-09-04 22:44:55 | 00,093,308 | ---- | M] () [Kernel | System | Running] – C:\WINDOWS\System32\drivers\84b8b8be.sys – (84b8b8be) DRV - [2009-08-18 10:57:04 | 00,000,000 | ---- | M] () [Kernel | System | Stopped] – C:\WINDOWS\System32\drivers\c5457a9d.sys – (c5457a9d) DRV - [2009-04-16 20:22:03 | 00,000,000 | ---- | M] () [Kernel | System | Stopped] – C:\WINDOWS\System32\drivers\c1e5e763.sys – (c1e5e763) FF - prefs.js…browser.search.defaultengine: “Ask.com ” FF - prefs.js…browser.search.order.1: “Ask.com ” FF - prefs.js…extensions.enabledItems: toolbar@ask.com:3.4.3.105 FF - prefs.js…extensions.enabledItems: DTToolbar@toolbarnet.com:1.0.8.0552 FF - prefs.js…keyword.URL: “http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&invocationType=tb50ffwinampab&query= ” [2009-09-04 15:34:20 | 00,000,000 | —D | M] – C:\Documents and Settings\user\Dane aplikacji\Mozilla\Firefox\Profiles\j9uixj1p.default\extensions\DTToolbar@toolbarnet.com [2009-09-12 09:02:24 | 00,000,000 | —D | M] – C:\Documents and Settings\user\Dane aplikacji\Mozilla\Firefox\Profiles\j9uixj1p.default\extensions\toolbar@ask.com [2009-09-12 09:02:24 | 00,002,233 | ---- | M] () – C:\Documents and Settings\user\Dane aplikacji\Mozilla\Firefox\Profiles\j9uixj1p.default\searchplugins\askcom.xm O2 - BHO: (Ask Toolbar) - {d4027c7f-154a-4066-a1ad-4243d8127440} - C:\Program Files\Ask.com \GenericAskToolbar.dll (Ask.com ) O3 - HKLM…\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll () O3 - HKLM…\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com \GenericAskToolbar.dll (Ask.com ) O3 - HKCU…\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll () O3 - HKCU…\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com \GenericAskToolbar.dll (Ask.com ) O4 - HKLM…\Run: [services] C:\WINDOWS\services.exe File not found O4 - HKCU…\Run: [97895633859877803540983382788753] C:\Program Files\Antivirus 2009\av2009.exe File not found O20 - Winlogon\Notify\atiextevent: DllName - Reg Error: Value error. - Reg Error: Value error. File not found O27 - HKLM IFEO\a2service.exe: Debugger - ntsd -d (Microsoft Corporation) O27 - HKLM IFEO\ArcaCheck.exe: Debugger - ntsd -d (Microsoft Corporation) O27 - HKLM IFEO\arcavir.exe: Debugger - ntsd -d (Microsoft Corporation) O27 - HKLM IFEO\ashDisp.exe: Debugger - ntsd -d (Microsoft Corporation) O27 - HKLM IFEO\ashEnhcd.exe: Debugger - ntsd -d (Microsoft Corporation) O27 - HKLM IFEO\ashServ.exe: Debugger - ntsd -d (Microsoft Corporation) O27 - HKLM IFEO\ashUpd.exe: Debugger - ntsd -d (Microsoft Corporation) O27 - HKLM IFEO\aswUpdSv.exe: Debugger - ntsd -d (Microsoft Corporation) O27 - HKLM IFEO\autoruns.exe: Debugger - ntsd -d (Microsoft Corporation) O27 - HKLM IFEO\avadmin.exe: Debugger - ntsd -d (Microsoft Corporation) O27 - HKLM IFEO\avcenter.exe: Debugger - ntsd -d (Microsoft Corporation) O27 - HKLM IFEO\avcls.exe: Debugger - ntsd -d (Microsoft Corporation) O27 - HKLM IFEO\avconfig.exe: Debugger - ntsd -d (Microsoft Corporation) O27 - HKLM IFEO\avconsol.exe: Debugger - ntsd -d (Microsoft Corporation) O27 - HKLM IFEO\avgnt.exe: Debugger - ntsd -d (Microsoft Corporation) O27 - HKLM IFEO\avgrssvc.exe: Debugger - ntsd -d (Microsoft Corporation) O27 - HKLM IFEO\avguard.exe: Debugger - ntsd -d (Microsoft Corporation) O27 - HKLM IFEO\AvMonitor.exe: Debugger - ntsd -d (Microsoft Corporation) O27 - HKLM IFEO\avp.com : Debugger - ntsd -d (Microsoft Corporation) O27 - HKLM IFEO\avp.exe: Debugger - ntsd -d (Microsoft Corporation) O27 - HKLM IFEO\AVP32.EXE: Debugger - ntsd -d (Microsoft Corporation) O27 - HKLM IFEO\avscan.exe: Debugger - ntsd -d (Microsoft Corporation) O27 - HKLM IFEO\avz.exe: Debugger - ntsd -d (Microsoft Corporation) O27 - HKLM IFEO\avz_se.exe: Debugger - ntsd -d (Microsoft Corporation) O27 - HKLM IFEO\avz4.exe: Debugger - ntsd -d (Microsoft Corporation) O27 - HKLM IFEO\bdagent.exe: Debugger - ntsd -d (Microsoft Corporation) O27 - HKLM IFEO\bdinit.exe: Debugger - ntsd -d (Microsoft Corporation) O27 - HKLM IFEO\caav.exe: Debugger - ntsd -d (Microsoft Corporation) O27 - HKLM IFEO\caavguiscan.exe: Debugger - ntsd -d (Microsoft Corporation) O27 - HKLM IFEO\casecuritycenter.exe: Debugger - ntsd -d (Microsoft Corporation) O27 - HKLM IFEO\CCenter.exe: Debugger - ntsd -d (Microsoft Corporation) O27 - HKLM IFEO\ccupdate.exe: Debugger - ntsd -d (Microsoft Corporation) O27 - HKLM IFEO\cfp.exe: Debugger - ntsd -d (Microsoft Corporation) O27 - HKLM IFEO\cfpupdat.exe: Debugger - ntsd -d (Microsoft Corporation) O27 - HKLM IFEO\cmdagent.exe: Debugger - ntsd -d (Microsoft Corporation) O27 - HKLM IFEO\drwadins.exe: Debugger - ntsd -d (Microsoft Corporation) O27 - HKLM IFEO\DRWEB32.EXE: Debugger - ntsd -d (Microsoft Corporation) O27 - HKLM IFEO\drwebupw.exe: Debugger - ntsd -d (Microsoft Corporation) O27 - HKLM IFEO\ekrn.exe: Debugger - ntsd -d (Microsoft Corporation) O27 - HKLM IFEO\FAMEH32.EXE: Debugger - ntsd -d (Microsoft Corporation) O27 - HKLM IFEO\filemon.exe: Debugger - ntsd -d (Microsoft Corporation) O27 - HKLM IFEO\FPAVServer.exe: Debugger - ntsd -d (Microsoft Corporation) O27 - HKLM IFEO\fpscan.exe: Debugger - ntsd -d (Microsoft Corporation) O27 - HKLM IFEO\FPWin.exe: Debugger - ntsd -d (Microsoft Corporation) O27 - HKLM IFEO\fsav32.exe: Debugger - ntsd -d (Microsoft Corporation) O27 - HKLM IFEO\fsgk32st.exe: Debugger - ntsd -d (Microsoft Corporation) O27 - HKLM IFEO\FSMA32.EXE: Debugger - ntsd -d (Microsoft Corporation) O27 - HKLM IFEO\GFRing3.exe: Debugger - ntsd -d (Microsoft Corporation) O27 - HKLM IFEO\guardgui.exe: Debugger - ntsd -d (Microsoft Corporation) O27 - HKLM IFEO\guardxservice.exe: Debugger - ntsd -d (Microsoft Corporation) O27 - HKLM IFEO\guardxup.exe: Debugger - ntsd -d (Microsoft Corporation) O27 - HKLM IFEO\HijackThis.exe: Debugger - ntsd -d (Microsoft Corporation) O27 - HKLM IFEO\KASMain.exe: Debugger - ntsd -d (Microsoft Corporation) O27 - HKLM IFEO\KASTask.exe: Debugger - ntsd -d (Microsoft Corporation) O27 - HKLM IFEO\KAV32.exe: Debugger - ntsd -d (Microsoft Corporation) O27 - HKLM IFEO\KAVDX.exe: Debugger - ntsd -d (Microsoft Corporation) O27 - HKLM IFEO\KAVPF.exe: Debugger - ntsd -d (Microsoft Corporation) O27 - HKLM IFEO\KAVPFW.exe: Debugger - ntsd -d (Microsoft Corporation) O27 - HKLM IFEO\KAVStart.exe: Debugger - ntsd -d (Microsoft Corporation) O27 - HKLM IFEO\KPFW32.exe: Debugger - ntsd -d (Microsoft Corporation) O27 - HKLM IFEO\KPFW32X.exe: Debugger - ntsd -d (Microsoft Corporation) O27 - HKLM IFEO\Navapsvc.exe: Debugger - ntsd -d (Microsoft Corporation) O27 - HKLM IFEO\Navapw32.exe: Debugger - ntsd -d (Microsoft Corporation) O27 - HKLM IFEO\navigator.exe: Debugger - ntsd -d (Microsoft Corporation) O27 - HKLM IFEO\NAVNT.EXE: Debugger - ntsd -d (Microsoft Corporation) O27 - HKLM IFEO\NAVSTUB.EXE: Debugger - ntsd -d (Microsoft Corporation) O27 - HKLM IFEO\NAVW32.EXE: Debugger - ntsd -d (Microsoft Corporation) O27 - HKLM IFEO\NAVWNT.EXE: Debugger - ntsd -d (Microsoft Corporation) O27 - HKLM IFEO\niu.exe: Debugger - ntsd -d (Microsoft Corporation) O27 - HKLM IFEO\nod32.exe: Debugger - ntsd -d (Microsoft Corporation) O27 - HKLM IFEO\nod32krn.exe: Debugger - ntsd -d (Microsoft Corporation) O27 - HKLM IFEO\Nvcc.exe: Debugger - ntsd -d (Microsoft Corporation) O27 - HKLM IFEO\OllyDBG.EXE: Debugger - ntsd -d (Microsoft Corporation) O27 - HKLM IFEO\outpost.exe: Debugger - ntsd -d (Microsoft Corporation) O27 - HKLM IFEO\preupd.exe: Debugger - ntsd -d (Microsoft Corporation) O27 - HKLM IFEO\procexp.exe: Debugger - ntsd -d (Microsoft Corporation) O27 - HKLM IFEO\pskdr.exe: Debugger - ntsd -d (Microsoft Corporation) O27 - HKLM IFEO\regedit.exe: Debugger - ntsd -d (Microsoft Corporation) O27 - HKLM IFEO\regmon.exe: Debugger - ntsd -d (Microsoft Corporation) O27 - HKLM IFEO\RegTool.exe: Debugger - ntsd -d (Microsoft Corporation) O27 - HKLM IFEO\scan32.exe: Debugger - ntsd -d (Microsoft Corporation) O27 - HKLM IFEO\SfFnUp.exe: Debugger - ntsd -d (Microsoft Corporation) O27 - HKLM IFEO\Vba32arkit.exe: Debugger - ntsd -d (Microsoft Corporation) O27 - HKLM IFEO\vba32ldr.exe: Debugger - ntsd -d (Microsoft Corporation) O27 - HKLM IFEO\vsserv.exe: Debugger - ntsd -d (Microsoft Corporation) O27 - HKLM IFEO\Zanda.exe: Debugger - ntsd -d (Microsoft Corporation) O27 - HKLM IFEO\zapro.exe: Debugger - ntsd -d (Microsoft Corporation) O27 - HKLM IFEO\Zlh.exe: Debugger - ntsd -d (Microsoft Corporation) O27 - HKLM IFEO\zonealarm.exe: Debugger - ntsd -d (Microsoft Corporation) O27 - HKLM IFEO\zoneband.dll: Debugger - ntsd -d (Microsoft Corporation) O32 - AutoRun File - [2008-07-09 17:44:33 | 00,000,000 | —D | M] - C:\Automap – [NTFS] O32 - AutoRun File - [2008-07-02 17:20:15 | 00,000,000 | —D | M] - E:\Automap – [NTFS] O33 - MountPoints2{0395c272-9960-11de-9501-4d6564696130}\Shell - “” = AutoRun O33 - MountPoints2{0395c272-9960-11de-9501-4d6564696130}\Shell\autorun\command - “” = H:\nba2k9setup.exe – File not found [2009-05-26 08:20:37 | 00,109,376 | ---- | C] () – C:\WINDOWS\System32\drivers\c1106510.sys [2009-05-05 01:29:21 | 00,093,436 | ---- | C] () – C:\WINDOWS\System32\drivers\6eb5b1b.sys [2009-05-03 13:23:05 | 00,000,000 | ---- | C] () – C:\WINDOWS\System32\drivers\8356be73.sys [2009-04-27 10:49:43 | 00,093,308 | ---- | C] () – C:\WINDOWS\System32\drivers\84b8b8be.sys [2009-04-24 13:48:14 | 00,000,000 | ---- | C] () – C:\WINDOWS\System32\drivers\c5457a9d.sys [2009-04-06 22:02:25 | 00,000,000 | ---- | C] () – C:\WINDOWS\System32\drivers\c1e5e763.sys :Files C:\Program Files\Ask.com C:\Program Files\Antivirus 2009 :Services 8356be73 6eb5b1b 84b8b8be c5457a9d c1e5e763 :Commands [emptytemp] [Reboot]
Kliknij w Run Fix . Zatwierdź restart komputera.
Następnie uruchom OTL ponownie, tym razem wywołaj opcję Run Scan.
Pokaż nowy log OTL.txt oraz log z czyszczenia.
system
(system)
31 Grudzień 2009 11:33
#3
Zrobiłem tak jak napisałes.
Nowy log : http://wklejto.pl/52037
Oczyszczanie : http://wklejto.pl/52047
Gutek
(Gutek)
31 Grudzień 2009 16:06
#4
Uruchom OTL i w oknie Custom Scans/Fixes wklej to:
Kliknij w Run Fix . Zatwierdź restart komputera.
Następnie uruchom OTL ponownie, w OTL kliknij na przycisk CleanUp
system
(system)
31 Grudzień 2009 18:22
#5
Po zrobieniu tej operacji w OTl i zrestartowaniu pc wyskoczył mi w avascie virus/robak którego usunelem.
Gutek
(Gutek)
31 Grudzień 2009 18:23
#6
Wykonaj pełny skan Dr. Web CureIt
system
(system)
31 Grudzień 2009 21:17
#7
Wykonałem skanowanie i wykrylo tez virusa ,ktorego usunelem. Gry nadal sie minimalizuja ; /
Log z HijackThis : http://wklejto.pl/52085
A minimalizują się bez niczego czy może co jakiś czas przelatuje okienko jakby od programu na pasku?
system
(system)
31 Grudzień 2009 21:50
#9
Myślę że od niczego. Powoduje to tez odznaczanie okna w ktorym pracuje np. odznacza okno rozmowy gg. Czasami jest to w rownych odstepach czasu a czasami zminimalizuje lub odznaczy 3x pod rzad.