Komp sam się restartuje, strasznie wolno chodzi

MicHuMP · 1 Czerwiec 2007 19:47

Mam Semproma 2200+ MHz ale nie wiem co się stało i komputer strasznie wolno chodzi. W “Mój komputer>Właściwości>Ogólne” pisze mi że mam Athlona 908Mhz

Proszę o sprawdzenie mojego loga z hijackthis:

Logfile of HijackThis v1.99.1 Scan saved at 21:40:29, on 2007-06-01 Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\System32\nvsvc32.exe C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\system32\WgaTray.exe C:\WINDOWS\Explorer.EXE C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\Program Files\DAEMON Tools\daemon.exe C:\Program Files\Winamp\winampa.exe C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Kaspersky Lab\AntiViral Toolkit Pro\avpm.exe C:\Program Files\Microsoft Office\Office\1045\OLFSNT40.EXE C:\Program Files\Trust\Trust 730S LCD PowerC@M ZOOM\ICON.EXE C:\Program Files\Gadu-Gadu\gg.exe C:\Program Files\Gadu-Gadu\gg.exe C:\PROGRA~1\MOZILL~1\FIREFOX.EXE C:\DOCUME~1\xxx\USTAWI~1\Temp\Rar$EX00.297\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.onet.pl/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O2 - BHO: Alcohol Toolbar Helper - {8126A4A5-BFD3-46FE-BBDF-BFB5CF78E489} - C:\Program Files\Alcohol Toolbar\v3.1.0.0\Alcohol_Toolbar.dll O3 - Toolbar: Alcohol Toolbar - {ED4BD629-C1B6-4399-8A34-02CCAA921DC9} - C:\Program Files\Alcohol Toolbar\v3.1.0.0\Alcohol_Toolbar.dll O4 - HKLM…\Run: [siSUSBRG] C:\WINDOWS\SiSUSBrg.exe O4 - HKLM…\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd O4 - HKLM…\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM…\Run: [nwiz] nwiz.exe /install O4 - HKLM…\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit O4 - HKLM…\Run: [Generic Host Process for Win32 Services] C:\WINDOWS\system32\Drivers\svchost.exe O4 - HKLM…\Run: [RemoteControl] “C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe” O4 - HKLM…\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM…\Run: [DAEMON Tools] “C:\Program Files\DAEMON Tools\daemon.exe” -lang 1033 O4 - HKLM…\Run: [ppmate] C:\Program Files\PPMate\PPMate\ppmate.exe -autoplay O4 - HKLM…\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe O4 - HKLM…\Run: [sunJavaUpdateSched] “C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe” O4 - HKCU…\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU…\Run: [Gadu-Gadu] “C:\Program Files\Gadu-Gadu\gg.exe” /tray O4 - Startup: PowerReg Scheduler.exe O4 - Startup: UniSpiker-2.6.lnk = C:\Program Files\ivo\UniSpiker-2.6\uni_spiker-2.6.exe O4 - Global Startup: AVP Monitor.lnk = C:\Program Files\Kaspersky Lab\AntiViral Toolkit Pro\avpm.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O4 - Global Startup: Symantec Fax Starter Edition Port.lnk = C:\Program Files\Microsoft Office\Office\1045\OLFSNT40.EXE O4 - Global Startup: Trust 730S LCD PowerC@M ZOOM Monitor.lnk = ? O8 - Extra context menu item: Add to AMV Convert Tool… - C:\Program Files\MP3 Player Utilities 4.00\AMVConverter\grab.html O8 - Extra context menu item: MediaManager tool grab multimedia file - C:\Program Files\MP3 Player Utilities 4.00\MediaManager\grab.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra ‘Tools’ menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra button: Ň×Č¤ąşÎď - {DE60714F-AC17-427e-861A-FD60CBDF119A} - http://click2.ad4all.net/url2/urlmanage/url.asp?id=1 (file missing) O9 - Extra ‘Tools’ menuitem: Ň×Č¤ąşÎď - {DE60714F-AC17-427e-861A-FD60CBDF119A} - http://click2.ad4all.net/url2/urlmanage/url.asp?id=1 (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra ‘Tools’ menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - http://www.cult3d.com/download/cult.cab O16 - DPF: {86A88967-7A20-11D2-8EDA-00600818EDB1} (ParallelGraphics Cortona Control) - http://www.parallelgraphics.com/bin/cortvrml.cab O16 - DPF: {8FCDF9D9-A28B-480F-8C3D-581F119A8AB8} (MediaGatewayX) - http://static.zangocash.com/cab/Seekmo/ … e-c569.cab O16 - DPF: {92ECE6FA-AC2E-4042-BFAE-0C8608E52A43} (SignActivX Control) - https://www.bph.pl/pi/components/SignActivX.cab O16 - DPF: {E7544C6C-CFD6-43EA-B4E9-360CEE20BDF7} (MainControl Class) - http://skaner.mks.com.pl/SkanerOnline.cab O16 - DPF: {FDDBE2B8-6602-4AD8-946D-94C5A32FA6C1} (GameDesire Pool 8) - http://67.15.101.3/g_bin/pl/billard8_2_0_0_28.cab O16 - DPF: {FDDBE2B8-6602-4AD8-946D-94C5A32FA6C5} (GameDesire Snooker) - http://67.15.101.3/g_bin/pl/snooker_2_0_0_28.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe

Gutek · 2 Czerwiec 2007 00:02

usuń wpisy HJT, pliki ręcznie

Daj log z Combofix

MicHuMP · 2 Czerwiec 2007 10:57

Pliki usunięte.

Log z ComboFix:

“xxx” - 2007-06-02 12:23:05 Dodatek Service Pack 2 ComboFix 07-05.27.BV - Running from: “C:\Documents and Settings\xxx\Moje dokumenty= MicHať == R˘˝nE =” (((((((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) “C:\WINDOWS\hosts” ((((((((((((((((((((((((((((((( Files Created from 2007-05-02 to 2007-06-02 )))))))))))))))))))))))))))))))))) No new files created in this timespan (((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))) 2007-06-02 10:38:52 -------- d-----w C:\Program Files\eMule 2007-05-31 21:20:35 -------- d-----w C:\Program Files\Winamp 2007-05-31 18:41:35 -------- d-----w C:\DOCUME~1\xxx\DANEAP~1\Skype 2007-05-16 12:20:34 -------- d-----w C:\Program Files\mp3 2007-05-11 17:21:04 -------- d-----w C:\Program Files\Valve 2007-05-05 16:14:08 -------- d—a-w C:\DOCUME~1\xxx\DANEAP~1\SopCast 2007-05-01 18:53:06 -------- d-----w C:\DOCUME~1\xxx\DANEAP~1\ppstream 2007-04-29 19:16:40 -------- d-----w C:\Program Files\podatki.pl 2007-04-29 12:36:50 -------- d-----w C:\Program Files\QuickTime 2007-04-21 20:20:41 3,534 ----a-w C:\WINDOWS\mozver.dat 2007-04-20 18:22:55 -------- d-----w C:\Program Files\SopCast 2007-04-20 15:25:28 -------- d-----w C:\DOCUME~1\xxx\DANEAP~1\Opera 2007-04-20 15:25:06 -------- d-----w C:\Program Files\Opera 2007-04-17 18:49:29 -------- d-----w C:\Program Files\Gadu-Gadu 2007-04-17 18:46:13 -------- d-----w C:\DOCUME~1\xxx\DANEAP~1\Gadu-Gadu 2007-04-15 15:34:11 -------- d-----w C:\Program Files\PPStream 2007-03-25 09:40:23 91,816 ----a-w C:\WINDOWS\system32\perfc015.dat 2007-03-25 09:40:23 528,496 ----a-w C:\WINDOWS\system32\perfh015.dat 2005-11-11 18:40:08 21 --sh–w C:\WINDOWS\prwttrxp.dll 2005-11-11 18:39:48 21 --sh–w C:\WINDOWS\system32\dpwttaxp.dll 2005-11-11 18:39:48 14 --sh–w C:\WINDOWS\system32\mswtpaxp.dll 2005-11-11 18:39:48 14 --sh–w C:\WINDOWS\mswtpdxp.dll 2005-11-11 18:39:37 2 --sh–w C:\WINDOWS\system32\verwttxp.dll (((((((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))) *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects] {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}=C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll [2003-11-03 14:17] {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}=C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll [2007-03-14 03:43] {8126A4A5-BFD3-46FE-BBDF-BFB5CF78E489}=C:\Program Files\Alcohol Toolbar\v3.1.0.0\Alcohol_Toolbar.dll [2006-10-13 20:14] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] “Cmaudio”=“cmicnfg.cpl” [] “nwiz”=“nwiz.exe” [2004-07-15 12:42 C:\WINDOWS\system32\nwiz.exe] “RemoteControl”=“C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe” [2005-01-12 04:01] “DAEMON Tools”=“C:\Program Files\DAEMON Tools\daemon.exe” [2006-09-14 22:09] “ppmate”=“C:\Program Files\PPMate\PPMate\ppmate.exe” [2006-10-27 11:43] “WinampAgent”=“C:\Program Files\Winamp\winampa.exe” [2006-11-21 19:38] “SunJavaUpdateSched”=“C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe” [2007-03-14 03:43] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] “CTFMON.EXE”=“C:\WINDOWS\system32\ctfmon.exe” [2004-08-04 09:44] “Gadu-Gadu”=“C:\Program Files\Gadu-Gadu\gg.exe” [2007-01-30 16:58] HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost *netsvcs* Contents of the ‘Scheduled Tasks’ folder 2007-05-24 12:57:19 C:\WINDOWS\tasks\AppleSoftwareUpdate.job ******************************************************************** catchme 0.3.692 W2K/XP/Vista - userland rootkit detector by Gmer, http://www.gmer.net Rootkit scan 2007-06-02 12:42:13 Windows 5.1.2600 Dodatek Service Pack 2 NTFS scanning hidden processes … scanning hidden autostart entries … scanning hidden files … scan completed successfully hidden files: 0 ******************************************************************** Completion time: 2007-06-02 12:51:47 C:\ComboFix-quarantined-files.txt … 2007-06-02 12:51 — E O F —

Gutek · 2 Czerwiec 2007 15:17

Użyj Pocket Killbox. Zaznaczasz opcję Delete on Reboot oraz All Files i w polu Full Path of File to Delete wklejasz ścieżki

C:\WINDOWS\prwttrxp.dll

C:\WINDOWS\system32\dpwttaxp.dll

C:\WINDOWS\system32\mswtpaxp.dll

C:\WINDOWS\mswtpdxp.dll

C:\WINDOWS\system32\verwttxp.dll

i naciskasz X czerwony. Program poprosi o reset kompa … czyli resetujesz.

Czyszczenie rejestru:

RegCleaner - http://www.dobreprogramy.pl/index.php?dz=2&t=29&id=177

możesz rejestr przelecieć albo

jv16 PowerTools - http://www.dobreprogramy.pl/index.php?dz=2&t=29&id=509

po tym nowy log z Combo

MicHuMP · 2 Czerwiec 2007 17:14

Skasowałem, zresetowałem.

Zrobiłem czyszczenie rejestru jv16 PowerTools 2006 1.5.2.350 i wyszło mi że mam wydajność systemu 1/100 (screen: http://i7.tinypic.com/4vium1w.jpg ) Jak to zmienić?

Log z ComboFixa:

“xxx” - 2007-06-02 18:57:19 Dodatek Service Pack 2 ComboFix 07-05.27.BV - Running from: “C:\Documents and Settings\xxx\Moje dokumenty= MicHať == R˘˝nE =” ((((((((((((((((((((((((((((((( Files Created from 2007-05-02 to 2007-06-02 )))))))))))))))))))))))))))))))))) 2007-06-02 18:34 5 --ahs---- C:\WINDOWS\system32\fbfbec8_s.dll 2007-06-02 18:33 2007-06-02 18:08 2007-06-02 12:51 49,152 --a------ C:\WINDOWS\nircmd.exe (((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))) 2007-06-02 16:06:20 -------- d-----w C:\Program Files\Winamp 2007-06-02 16:05:11 -------- d-----w C:\Program Files\eMule 2007-05-31 18:41:35 -------- d-----w C:\DOCUME~1\xxx\DANEAP~1\Skype 2007-05-16 12:20:34 -------- d-----w C:\Program Files\mp3 2007-05-11 17:21:04 -------- d-----w C:\Program Files\Valve 2007-05-05 16:14:08 -------- d—a-w C:\DOCUME~1\xxx\DANEAP~1\SopCast 2007-05-01 18:53:06 -------- d-----w C:\DOCUME~1\xxx\DANEAP~1\ppstream 2007-04-29 19:16:40 -------- d-----w C:\Program Files\podatki.pl 2007-04-29 12:36:50 -------- d-----w C:\Program Files\QuickTime 2007-04-21 20:20:41 3,534 ----a-w C:\WINDOWS\mozver.dat 2007-04-20 18:22:55 -------- d-----w C:\Program Files\SopCast 2007-04-20 15:25:28 -------- d-----w C:\DOCUME~1\xxx\DANEAP~1\Opera 2007-04-20 15:25:06 -------- d-----w C:\Program Files\Opera 2007-04-17 18:49:29 -------- d-----w C:\Program Files\Gadu-Gadu 2007-04-17 18:46:13 -------- d-----w C:\DOCUME~1\xxx\DANEAP~1\Gadu-Gadu 2007-04-15 15:34:11 -------- d-----w C:\Program Files\PPStream 2007-03-25 09:40:23 91,816 ----a-w C:\WINDOWS\system32\perfc015.dat 2007-03-25 09:40:23 528,496 ----a-w C:\WINDOWS\system32\perfh015.dat 2005-11-11 18:39:48 14 --sh–w C:\WINDOWS\system32\mswtpaxp.dll 2005-11-11 18:39:48 14 --sh–w C:\WINDOWS\mswtpdxp.dll (((((((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))) *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects] {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}=C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll [2003-11-03 14:17] {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}=C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll [2007-03-14 03:43] {8126A4A5-BFD3-46FE-BBDF-BFB5CF78E489}=C:\Program Files\Alcohol Toolbar\v3.1.0.0\Alcohol_Toolbar.dll [2006-10-13 20:14] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] “Cmaudio”=“cmicnfg.cpl” [] “nwiz”=“nwiz.exe” [2004-07-15 12:42 C:\WINDOWS\system32\nwiz.exe] “RemoteControl”=“C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe” [2005-01-12 04:01] “DAEMON Tools”=“C:\Program Files\DAEMON Tools\daemon.exe” [2006-09-14 22:09] “ppmate”=“C:\Program Files\PPMate\PPMate\ppmate.exe” [2006-10-27 11:43] “WinampAgent”=“C:\Program Files\Winamp\winampa.exe” [2006-11-21 19:38] “SunJavaUpdateSched”=“C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe” [2007-03-14 03:43] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] “CTFMON.EXE”=“C:\WINDOWS\system32\ctfmon.exe” [2004-08-04 09:44] “Gadu-Gadu”=“C:\Program Files\Gadu-Gadu\gg.exe” [2007-01-30 16:58] HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost *netsvcs* [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2{88644422-2a34-11db-b147-000b6a717c3e}] AutoRun\command- F:\autorun.exe Contents of the ‘Scheduled Tasks’ folder 2007-05-24 12:57:19 C:\WINDOWS\tasks\AppleSoftwareUpdate.job ******************************************************************** catchme 0.3.692 W2K/XP/Vista - userland rootkit detector by Gmer, http://www.gmer.net Rootkit scan 2007-06-02 19:06:07 Windows 5.1.2600 Dodatek Service Pack 2 NTFS scanning hidden processes … scanning hidden autostart entries … scanning hidden files … ******************************************************************** Completion time: 2007-06-02 19:09:34 C:\ComboFix-quarantined-files.txt … 2007-06-02 19:08 C:\ComboFix2.txt … 2007-06-02 12:51 — E O F —

Gutek · 2 Czerwiec 2007 17:24

Zanzaczasz ptaszkami wpisy po lewej stronie i usuwasz jv16 PowerTools

pliki do usunięcia

MicHuMP · 2 Czerwiec 2007 17:56

Ale gdzie to mam usunąć? Wiem że w jv16 PowerTools ale w jakiej opcji? Sorki ale jestem troche niekumaty więc prosze jaśniej

Gutek · 2 Czerwiec 2007 18:04

Masz screena po lewej stronie masz kwadraty, zaznaczasz kursorem i klikasz usuń

Pocket Killbox usuń

wyżej masz to opisane

MicHuMP · 2 Czerwiec 2007 19:45

Ok, usunąłem.

Coś jeszcze mam zrobić?

Gutek · 2 Czerwiec 2007 21:04

Daj nowy log Combo

MicHuMP · 3 Czerwiec 2007 10:24

Log z ComboFix:

“xxx” - 2007-06-03 12:02:31 Dodatek Service Pack 2 ComboFix 07-05.27.BV - Running from: “C:\Documents and Settings\xxx\Moje dokumenty= MicHať == R˘˝nE =” ((((((((((((((((((((((((((((((( Files Created from 2007-05-03 to 2007-06-03 )))))))))))))))))))))))))))))))))) 2007-06-02 19:32 2007-06-02 19:26 2007-06-02 18:34 5 --ahs---- C:\WINDOWS\system32\fbfbec8_s.dll 2007-06-02 18:33 2007-06-02 18:08 2007-06-02 12:51 49,152 --a------ C:\WINDOWS\nircmd.exe (((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))) 2007-06-02 16:06:20 -------- d-----w C:\Program Files\Winamp 2007-06-02 16:05:11 -------- d-----w C:\Program Files\eMule 2007-05-31 18:41:35 -------- d-----w C:\DOCUME~1\xxx\DANEAP~1\Skype 2007-05-16 12:20:34 -------- d-----w C:\Program Files\mp3 2007-05-11 17:21:04 -------- d-----w C:\Program Files\Valve 2007-05-05 16:14:08 -------- d—a-w C:\DOCUME~1\xxx\DANEAP~1\SopCast 2007-05-01 18:53:06 -------- d-----w C:\DOCUME~1\xxx\DANEAP~1\ppstream 2007-04-29 19:16:40 -------- d-----w C:\Program Files\podatki.pl 2007-04-29 12:36:50 -------- d-----w C:\Program Files\QuickTime 2007-04-21 20:20:41 3,534 ----a-w C:\WINDOWS\mozver.dat 2007-04-20 18:22:55 -------- d-----w C:\Program Files\SopCast 2007-04-20 15:25:28 -------- d-----w C:\DOCUME~1\xxx\DANEAP~1\Opera 2007-04-20 15:25:06 -------- d-----w C:\Program Files\Opera 2007-04-17 18:49:29 -------- d-----w C:\Program Files\Gadu-Gadu 2007-04-17 18:46:13 -------- d-----w C:\DOCUME~1\xxx\DANEAP~1\Gadu-Gadu 2007-04-15 15:34:11 -------- d-----w C:\Program Files\PPStream 2007-03-25 09:40:23 91,816 ----a-w C:\WINDOWS\system32\perfc015.dat 2007-03-25 09:40:23 528,496 ----a-w C:\WINDOWS\system32\perfh015.dat (((((((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))) *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects] {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}=C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll [2003-11-03 14:17] {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}=C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll [2007-03-14 03:43] {8126A4A5-BFD3-46FE-BBDF-BFB5CF78E489}=C:\Program Files\Alcohol Toolbar\v3.1.0.0\Alcohol_Toolbar.dll [2006-10-13 20:14] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] “Cmaudio”=“cmicnfg.cpl” [] “nwiz”=“nwiz.exe” [2004-07-15 12:42 C:\WINDOWS\system32\nwiz.exe] “WinampAgent”=“C:\Program Files\Winamp\winampa.exe” [2006-11-21 19:38] “SunJavaUpdateSched”=“C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe” [2007-03-14 03:43] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] “CTFMON.EXE”=“C:\WINDOWS\system32\ctfmon.exe” [2004-08-04 09:44] “Gadu-Gadu”=“C:\Program Files\Gadu-Gadu\gg.exe” [2007-01-30 16:58] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^Trust 730S LCD PowerC@M ZOOM Monitor.lnk] path=C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Trust 730S LCD PowerC@M ZOOM Monitor.lnk backup=C:\WINDOWS\pss\Trust 730S LCD PowerC@M ZOOM Monitor.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^xxx^Menu Start^Programy^Autostart^UniSpiker-2.6.lnk] path=C:\Documents and Settings\xxx\Menu Start\Programy\Autostart\UniSpiker-2.6.lnk backup=C:\WINDOWS\pss\UniSpiker-2.6.lnkStartup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools] “C:\Program Files\DAEMON Tools\daemon.exe” -lang 1033 [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ppmate] C:\Program Files\PPMate\PPMate\ppmate.exe -autoplay [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl] “C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe” HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost *netsvcs* Contents of the ‘Scheduled Tasks’ folder 2007-05-24 12:57:19 C:\WINDOWS\tasks\AppleSoftwareUpdate.job ******************************************************************** catchme 0.3.692 W2K/XP/Vista - userland rootkit detector by Gmer, http://www.gmer.net Rootkit scan 2007-06-03 12:12:24 Windows 5.1.2600 Dodatek Service Pack 2 NTFS scanning hidden processes … scanning hidden autostart entries … scanning hidden files … ******************************************************************** Completion time: 2007-06-03 12:19:09 C:\ComboFix-quarantined-files.txt … 2007-06-03 12:17 C:\ComboFix2.txt … 2007-06-02 19:09 C:\ComboFix3.txt … 2007-06-02 12:51 — E O F —

Gutek · 3 Czerwiec 2007 17:25

Czyszczenie rejestru:

RegCleaner - http://www.dobreprogramy.pl/index.php?dz=2&t=29&id=177

możesz rejestr przelecieć albo

jv16 PowerTools - http://www.dobreprogramy.pl/index.php?dz=2&t=29&id=509

Już powinno być Ok

MicHuMP · 3 Czerwiec 2007 21:05

Ok, wielkie dzięki

A czy da się coś zrobić z tym, żeby mi procesor chodził jak należy? Mam Semproma 2200MHz a chodzi mi jak 900Mhz Coś się pomieszało i jak włączam kompa to mi pisze że mam Athlona 900Mhz…

Gutek · 3 Czerwiec 2007 21:09

możesz dac screena?