Kamputer powoli chodzi, dziwne wpisy w HJT

matty24 · 21 Kwiecień 2007 09:00

Witam! Mam problem. Komputer bardzo wolno chodzi. NIe może się normalnie uruchomić, jedynie w trybie awaryjnym. Do tego zauważyłem dziwne wpisy w logu, np. bar888.dll. Proszę fachowców o sprawdzenie loga:

Logfile of HijackThis v1.99.1 Scan saved at 10:50:24, on 2007-04-21 Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE c:\documents and settings\administrator\pulpit\hijackthis\hijackthis.exe R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://winamp.szu.pl/wp5_21.html R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MegauploadToolbar\megauploadtoolbar.dll (file missing) O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre1.5.0_10\bin\ssv.dll O2 - BHO: Alcohol Toolbar Helper - {8126A4A5-BFD3-46FE-BBDF-BFB5CF78E489} - C:\Program Files\Alcohol Toolbar\v3.2.0.0\Alcohol_Toolbar.dll O2 - BHO: JavaHelperware Class - {8A4CA4E7-82CF-4f9f-93D8-211408D2CF46} - C:\WINDOWS\system32\atd.dll O2 - BHO: Bar888 - {C1B4DEC2-2623-438e-9CA2-C9043AB28508} - C:\PROGRA~1\COMMON~1{3C1813DB-0514-1045-0412-020403020030}\Bar888.dll O3 - Toolbar: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MegauploadToolbar\megauploadtoolbar.dll (file missing) O3 - Toolbar: Alcohol Toolbar - {ED4BD629-C1B6-4399-8A34-02CCAA921DC9} - C:\Program Files\Alcohol Toolbar\v3.2.0.0\Alcohol_Toolbar.dll O3 - Toolbar: Bar888 - {C1B4DEC2-2623-438e-9CA2-C9043AB28508} - C:\PROGRA~1\COMMON~1{3C1813DB-0514-1045-0412-020403020030}\Bar888.dll O4 - HKLM…\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM…\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM…\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM…\Run: [nwiz] nwiz.exe /install O4 - HKLM…\Run: [C-Media Mixer] Mixer.exe /startup O4 - HKLM…\Run: [WooCnxMon] C:\PROGRA~1\Neostrada TP\CnxMon.exe O4 - HKLM…\Run: [WOOWATCH] C:\PROGRA~1\Neostrada TP\Watch.exe O4 - HKLM…\Run: [WOOTASKBARICON] C:\PROGRA~1\Neostrada TP\TaskbarIcon.exe O4 - HKLM…\Run: [iut75] c:\windows\system32\drivers\uzcx.exe O4 - HKLM…\Run: [VaCtrls] v7 O4 - HKLM…\Run: [sunJavaUpdateSched] D:\Program Files\Java\jre1.5.0_10\bin\jusched.exe O4 - HKCU…\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O8 - Extra context menu item: Add to AMV Convert Tool… - C:\Program Files\MP3 Player Utilities 3.74\AMVConverter\grab.html O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:\PROGRA~1\Microsoft Office\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: MediaManager tool grab multimedia file - C:\Program Files\MP3 Player Utilities 3.74\MediaManager\grab.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.5.0_10\bin\ssv.dll O9 - Extra ‘Tools’ menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.5.0_10\bin\ssv.dll O9 - Extra button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\Microsoft Office\OFFICE11\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra ‘Tools’ menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O17 - HKLM\System\CCS\Services\Tcpip…{C60E0913-0B51-4B66-B8DF-ACD6398E24FF}: NameServer = 194.204.159.1 217.98.63.164 O20 - AppInit_DLLs: O20 - Winlogon Notify: winemv32 - C:\WINDOWS\SYSTEM32\winemv32.dll O23 - Service: Microsoft ASPI Manager (aspi113210) - Unknown owner - C:\WINDOWS\system32\aspi139034.exe (file missing) O23 - Service: AVKProxy - G DATA Software AG - C:\Program Files\Common Files\G DATA\AVKProxy\AVKProxy.exe O23 - Service: AVK Service (AVKService) - Unknown owner - C:\Program Files\AntiVirenKit 2006\AVKService.exe O23 - Service: Strażnik AVK (AVKWCtl) - Unknown owner - C:\Program Files\AntiVirenKit 2006\AVKWCtl.exe O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe

Joan · 21 Kwiecień 2007 10:23

start > uruchom > cmd > wklep:

sc stop aspi113210

sc delete aspi113210

O2 - BHO: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MegauploadToolbar\megauploadtoolbar.dll (file missing) O2 - BHO: Bar888 - {C1B4DEC2-2623-438e-9CA2-C9043AB28508} - C:\PROGRA~1\COMMON~1{3C1813DB-0514-1045-0412-020403020030}\Bar888.dll O3 - Toolbar: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MegauploadToolbar\megauploadtoolbar.dll (file missing) O3 - Toolbar: Bar888 - {C1B4DEC2-2623-438e-9CA2-C9043AB28508} - C:\PROGRA~1\COMMON~1{3C1813DB-0514-1045-0412-020403020030}\Bar888.dll O4 - HKLM…\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM…\Run: [iut75] c:\windows\system32\drivers\uzcx.exe O4 - HKLM…\Run: [VaCtrls] v7 > to będzie plik .exe O20 - AppInit_DLLs: O20 - Winlogon Notify: winemv32 - C:\WINDOWS\SYSTEM32\winemv32.dll O23 - Service: Microsoft ASPI Manager (aspi113210) - Unknown owner - C:\WINDOWS\system32\aspi139034.exe (file missing)

wszystko co na czerowno ręcznie z dysku w awaryjnym, wpisy usun w hjt

skan tego pliku na http://virusscan.jotti.org/ i podaj wynik.

Nowe logi > hjt + silentrunners