Komputer ostatnio sie wiesza

strongmen · 25 Czerwiec 2008 18:35

Witam jak w temacie ostatnio mój komputer zaczął się wieszać

Proszę o to log http://wklej.org/id/384baa3876

Nie chce robić formatu :x

Oczywiście system jest legalny

Pozdrawiam.

huber2t · 25 Czerwiec 2008 18:53

fix w hijackthis

Pokaż log z combofix

paracik · 25 Czerwiec 2008 19:08

Mógłbyś podać jakiego systemu używasz…

Podac konfigurację oraz temperatury podzespołów ( programem Everest )

Oraz otworzyć obudowę i z boku zasilacza jest taka naklejka i podać model oraz moc tego twojego zasilacza.

strongmen · 25 Czerwiec 2008 19:42

Windows Hom XP Dodatek SP3 (WinNT 5.01.2600)

Co do zasilacze mam Zasilacz ATX Chieftec ATX 350W i 450W ale na drugim kompie

Ramu 1GB JEDNA kosc nowa

Pokaż log z combofix nie moge zrobic pisze cos o download wersja nie wiem dlaczego.

paracik · 25 Czerwiec 2008 19:47

strongmen , a gdzie podałeś swoją konfigurację komputera ?

strongmen · 27 Czerwiec 2008 05:42

Nie miałem czasu żeby uzupełnić post bo wybierałem się do pracy na trzecia zmianę.

Ale chyba zrobię format już ze dwa lata nie robiłem przeniosę to co ważne na inna partycje i pojadę z koksem. Bo kiedyś miałem wirusy Trojany i inne programy może to pozostałości po nich :o

Co do konfiguracji komputera to zasilacz nie jest zły i powinien wytrzymać

Ale jak po formacie będzie to samo to zmienię zasilacze i przetestuje.

Jeszcze poczekam na waszą opinie co mam robić. :idea:

:o i co nikt mi nie odpisze ??

Jak narazie po usunieciu tego

komputer narazie sie nie zawiesil oby tak zostalo !

Za wczesnie sie pochwaliłem wlłaśnie się zawiesił

Pozdrawiam.

W dniu 26.06.2008 , o godzinie 21:12 został dopisany post przez strongmen

Przeskanowalem tym programem haxfix.exe i niby wszystko wyszlo OK

Pozniej dss.exe i tez niby OK

Deckard’s System Scanner v20071014.68 Run by Staszek on 2008-06-26 20:58:58 Computer is in Normal Mode. -------------------------------------------------------------------------------- – System Restore -------------------------------------------------------------- Successfully created a Deckard’s System Scanner Restore Point. – Last 5 Restore Point(s) – 14: 2008-06-26 18:59:04 UTC - RP364 - Deckard’s System Scanner Restore Point 13: 2008-06-23 14:41:02 UTC - RP363 - Punkt kontrolny systemu 12: 2008-06-21 15:41:17 UTC - RP362 - Punkt kontrolny systemu 11: 2008-06-20 12:43:05 UTC - RP361 - Software Distribution Service 3.0 10: 2008-06-18 19:15:33 UTC - RP360 - Punkt kontrolny systemu – First Restore Point – 1: 2008-06-02 22:37:23 UTC - RP351 - Software Distribution Service 3.0 Backed up registry hives. Performed disk cleanup. – HijackThis (run as Staszek.exe) --------------------------------------------- Unable to find log (file not found); running clone. – HijackThis Clone ------------------------------------------------------------ Emulating logfile of Trend Micro HijackThis v2.0.2 Scan saved at 2008-06-26 21:01:21 Platform: Windows XP Dodatek Service Pack 3 (5.01.2600) MSIE: Internet Explorer (7.00.6000.16674) Boot mode: Normal Running processes: C:\WINDOWS\system32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\ati2evxx.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\explorer.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe C:\Program Files\DAEMON Tools\daemon.exe C:\Program Files\ESET\ESET Smart Security\egui.exe C:\Program Files\Winamp\winampa.exe C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\ivo\Expressivo\expressivo.exe C:\Program Files\ESET\ESET Smart Security\ekrn.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\WINDOWS\system32\HPZipm12.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe C:\WINDOWS\system32\wscntfy.exe C:\Documents and Settings\Staszek\Pulpit\dss.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/pl/PL/default.aspx R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: Spybot-SD IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search Destroy\SDHelper.dll O2 - BHO: Expressivo - {85F685C3-20D9-4943-95E4-EB4224056C3F} - C:\Program Files\ivo\Expressivo\integr\ih-iexplorer\IH_iexplorer.dll O3 - Toolbar: Expressivo - {85F685C3-20D9-4943-95E4-EB4224056C3F} - C:\Program Files\ivo\Expressivo\integr\ih-iexplorer\IH_iexplorer.dll O4 - HKLM…\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM…\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe O4 - HKLM…\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe O4 - HKLM…\Run: [CloneCDTray] “C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe” /s O4 - HKLM…\Run: [AnyDVD] C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe O4 - HKLM…\Run: [DAEMON Tools] “C:\Program Files\DAEMON Tools\daemon.exe” -lang 1033 O4 - HKLM…\Run: [TrojanScanner] C:\Program Files\Trojan Remover\Trjscan.exe O4 - HKLM…\Run: [egui] “C:\Program Files\ESET\ESET Smart Security\egui.exe” /hide /waitservice O4 - HKLM…\Run: [WinampAgent] “C:\Program Files\Winamp\winampa.exe” O4 - HKLM…\Run: [Ad Muncher] “C:\Program Files\Ad Muncher\AdMunch.exe” /bt O4 - HKLM…\Run: [ATICCC] “C:\Program Files\ATI Technologies\ATI.ACE\cli.exe” runtime -Delay O4 - HKLM…\Run: [NodLogin] C:\Program Files\ESET\ESET Smart Security\nodlogin.exe O4 - HKCU…\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU…\Run: [MSMSGS] “C:\Program Files\Messenger\msmsgs.exe” /background O4 - HKCU…\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search Destroy\TeaTimer.exe O4 - HKCU…\Run: [Gadu-Gadu] “C:\Program Files\Gadu-Gadu\gg.exe” /tray O4 - HKCU…\Run: [Expressivo] “C:\Program Files\ivo\Expressivo\expressivo.exe” -t O4 - HKUS\S-1-5-19…\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘LOCAL SERVICE’) O4 - HKUS\S-1-5-20…\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘NETWORK SERVICE’) O4 - HKUS\S-1-5-18…\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘SYSTEM’) O4 - HKUS.DEFAULT…\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘Default user’) O8 - Extra context menu item: Eksport do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\NPJPI150_02.dll O9 - Extra ‘Tools’ menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\NPJPI150_02.dll O9 - Extra button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - (file missing) O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search Destroy\SDHelper.dll O9 - Extra ‘Tools’ menuitem: Spybot - Search Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search Destroy\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe O9 - Extra ‘Tools’ menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra ‘Tools’ menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://fpdownload.macromedia.com/get/sh … tor/sw.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso … 2489552763 O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload.macromedia.com/get/sh … wflash.cab O18 - Protocol: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL O18 - Protocol: mso-offdap - {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL O18 - Protocol: mso-offdap11 - {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL O18 - Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - \webcheck.dll (file missing) O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe O23 - Service: NBService - Unknown owner - C:\Program Files\Nero\Nero 7\Nero O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe O24 - Desktop Component 0: - file:///C:/DOCUME~1/Staszek/USTAWI~1/Temp/msohtml1/03/clip_image001.jpg – End of file - 7744 bytes – HijackThis Fixed Entries (F:\DARMOW~1\backups) ----------------------------- backup-20080224-133223-595 O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe backup-20080224-133223-815 O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe backup-20080224-133223-993 O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll backup-20080224-134526-589 O2 - BHO: (no name) - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - (no file) backup-20080224-134526-813 F2 - REG:system.ini: Shell=explorer.exe backup-20080224-160954-699 O2 - BHO: (no name) - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - (no file) backup-20080224-194114-259 O20 - Winlogon Notify: klogon - C:\WINDOWS\ backup-20080224-194114-873 O2 - BHO: (no name) - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - (no file) backup-20080404-173953-582 O4 - Startup: UniSpiker-2.6.lnk = ? backup-20080404-173953-745 O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) backup-20080404-173953-803 O4 - HKLM…\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k backup-20080404-173954-370 O9 - Extra ‘Tools’ menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) backup-20080626-080849-680 O20 - Winlogon Notify: dimsntfy - %SystemRoot%\System32\dimsntfy.dll (file missing) – File Associations ----------------------------------------------------------- .cpl - cplfile - shell\cplopen\command - rundll32.exe shell32.dll,Control_RunDLL “%1”,%* .cpl - cplfile - shell\runas\command - rundll32.exe shell32.dll,Control_RunDLLAsUser “%1”,%* .txt - txtfile - shell\open\command - Notepad.exe %1 – Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------- R0 sfdrv01 (StarForce Protection Environment Driver (version 1.x)) - c:\windows\system32\drivers\sfdrv01.sys R0 sfhlp02 (StarForce Protection Helper Driver (version 2.x)) - c:\windows\system32\drivers\sfhlp02.sys R0 sfsync02 (StarForce Protection Synchronization Driver (version 2.x)) - c:\windows\system32\drivers\sfsync02.sys R0 sfvfs02 (StarForce Protection VFS Driver (version 2.x)) - c:\windows\system32\drivers\sfvfs02.sys R1 atitray - c:\program files\radeon omega drivers\v4.8.442\ati tray tools\atitray.sys R2 amdfix - c:\windows\system32\drivers\amdfix.sys R2 xinstall - c:\windows\system32\drivers\xinstall.sys R3 AnyDVD - c:\windows\system32\drivers\anydvd.sys R3 ElbyCDFL - c:\windows\system32\drivers\elbycdfl.sys R3 Pcouffin (Low level access layer for CD devices) - c:\windows\system32\drivers\pcouffin.sys S3 RivaTuner32 - c:\program files\rivatuner v2.0 rc 16.1\rivatuner32.sys – Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled -------------------- S3 NBService - c:\program files\nero\nero 7\nero backitup\nbservice.exe – Device Manager: Disabled ---------------------------------------------------- No disabled devices found. – Scheduled Tasks ------------------------------------------------------------- 2008-06-20 18:15:46 394 --a------ C:\WINDOWS\Tasks\1-Click Maintenance.job – Files created between 2008-05-26 and 2008-06-26 ----------------------------- 2008-06-26 20:54:28 0 d-------- C:\HaxFix 2008-06-26 20:45:36 449462 --a------ C:\HaxFix.exe 2008-06-26 20:37:30 0 d-------- C:\WINDOWS\LastGood 2008-06-16 10:54:31 0 d-------- C:\AudioGraber Mp3 2008-06-12 16:29:01 18289 --a------ C:\WINDOWS\settings 2008-06-08 18:17:01 0 d-------- C:\WINDOWS\system32\Adobe 2008-06-06 10:51:00 0 d-------- C:\Program Files\My ViewPad 2008-06-06 10:46:41 0 d-------- C:\Program Files\Tubeesview 2008-06-03 12:08:52 0 d-------- C:\Program Files\WinUHA 2008-06-02 23:58:55 0 d-------- C:\WINDOWS\Prefetch 2008-06-02 23:47:44 0 d-------- C:\WINDOWS\l2schemas 2008-06-02 23:47:43 0 d-------- C:\WINDOWS\system32\pl 2008-06-02 23:47:42 0 d-------- C:\WINDOWS\system32\bits 2008-06-02 23:43:44 0 d-------- C:\WINDOWS\ServicePackFiles 2008-06-02 23:36:06 0 d-------- C:\WINDOWS\EHome 2008-05-26 17:53:55 0 d-------- C:\Program Files\MarBit – Find3M Report --------------------------------------------------------------- 2008-06-26 20:33:31 0 d-------- C:\Program Files\Trojan Remover 2008-06-25 18:42:11 0 d-------- C:\Program Files\English Translator 3 2008-06-23 14:07:33 0 d-------- C:\Documents and Settings\Staszek\Dane aplikacji\GetRightToGo 2008-06-21 16:08:49 0 d-------- C:\Program Files\NAPI-PROJEKT 2008-06-11 16:18:58 0 d-------- C:\Program Files\HyCam2 2008-06-08 18:18:53 0 d-------- C:\Documents and Settings\Staszek\Dane aplikacji\Adobe 2008-06-08 18:17:07 1797 --a----c- C:\WINDOWS\mozver.dat 2008-06-08 12:48:35 467068 --a------ C:\WINDOWS\system32\perfh015.dat 2008-06-08 12:48:35 82422 --a------ C:\WINDOWS\system32\perfc015.dat 2008-06-02 23:58:33 0 d-------- C:\Program Files\Messenger 2008-06-02 23:47:42 0 d-------- C:\Program Files\Movie Maker 2008-06-02 23:43:19 0 d-------- C:\Program Files\Windows NT 2008-05-26 21:43:53 0 d-------- C:\Program Files\SetEditOctagon 2008-05-26 17:27:22 0 d-------- C:\Program Files\ivo 2008-05-26 17:27:22 0 d-------- C:\Documents and Settings\Staszek\Dane aplikacji\Expressivo 2008-05-21 01:10:50 0 d-------- C:\Documents and Settings\Staszek\Dane aplikacji\ATI 2008-05-21 01:07:48 0 d-------- C:\Program Files\ATI Technologies 2008-05-21 00:51:04 0 d–h----- C:\Program Files\InstallShield Installation Information 2008-05-21 00:42:46 0 d-------- C:\Documents and Settings\Staszek\Dane aplikacji\Wildfire 2008-05-21 00:42:13 664 --a------ C:\WINDOWS\system32\d3d9caps.dat 2008-05-19 20:52:18 552 --a------ C:\WINDOWS\system32\d3d8caps.dat 2008-05-19 20:52:17 0 d-------- C:\Documents and Settings\Staszek\Dane aplikacji\atitray 2008-05-19 20:40:46 0 d-------- C:\Program Files\MultiRes 2008-05-19 20:34:43 0 d-------- C:\Program Files\Radeon Omega Drivers 2008-05-16 20:40:45 0 d-------- C:\Documents and Settings\Staszek\Dane aplikacji\Skype 2008-05-08 14:11:58 0 d-------- C:\Program Files\HHD Software 2008-05-08 14:09:43 0 d-------- C:\Program Files\Common Files 2008-05-08 14:01:10 0 d-------- C:\Program Files\HP 2008-05-07 22:03:53 277634 --a------ C:\Documents and Settings\Staszek\Dane aplikacji\ExpressivoDictionary_pl.xml 2008-05-06 13:14:06 0 d-------- C:\Program Files\Microsoft CAPICOM 2.1.0.2 2008-05-06 13:14:01 0 d-------- C:\Program Files\MSXML 4.0 2008-05-05 17:38:18 0 d-------- C:\Program Files\Common Files\Hewlett-Packard 2008-04-26 16:18:56 0 d-------- C:\Program Files\Ad Muncher 2008-04-10 00:58:50 4608 --a------ C:\WINDOWS\system32\w95inf32.dll 2008-04-10 00:58:50 2272 --a------ C:\WINDOWS\system32\w95inf16.dll 2008-03-29 17:45:56 2552 --a----c- C:\WINDOWS\unins001.dat 2008-03-29 17:23:02 691545 --a------ C:\WINDOWS\unins001.exe – Registry Dump --------------------------------------------------------------- *Note* empty entries legit default entries are not shown [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] “SoundMan”=“SOUNDMAN.EXE” [2003-01-07 12:09 C:\WINDOWS\SOUNDMAN.EXE] “NeroFilterCheck”=“C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe” [2006-01-12 17:40] “SunJavaUpdateSched”=“C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe” [2005-03-04 04:36] “CloneCDTray”=“C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe” [2005-05-19 15:47] “AnyDVD”=“C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe” [2007-12-01 18:51] “DAEMON Tools”=“C:\Program Files\DAEMON Tools\daemon.exe” [2006-09-14 22:09] “TrojanScanner”=“C:\Program Files\Trojan Remover\Trjscan.exe” [2007-11-02 16:18] “egui”=“C:\Program Files\ESET\ESET Smart Security\egui.exe” [2008-02-20 12:06] “WinampAgent”=“C:\Program Files\Winamp\winampa.exe” [2008-03-27 08:35] “Ad Muncher”=“C:\Program Files\Ad Muncher\AdMunch.exe” [2007-11-03 12:48] “ATICCC”=“C:\Program Files\ATI Technologies\ATI.ACE\cli.exe” [2006-01-02 17:41] “NodLogin”=“C:\Program Files\ESET\ESET Smart Security\nodlogin.exe” [2008-06-03 21:12] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] “CTFMON.EXE”=“C:\WINDOWS\system32\ctfmon.exe” [2008-04-14 19:21] “MSMSGS”=“C:\Program Files\Messenger\msmsgs.exe” [2008-04-14 19:21] “SpybotSD TeaTimer”=“C:\Program Files\Spybot - Search Destroy\TeaTimer.exe” [2008-01-28 12:43] “Gadu-Gadu”=“C:\Program Files\Gadu-Gadu\gg.exe” [2007-11-14 12:54] “Expressivo”=“C:\Program Files\ivo\Expressivo\expressivo.exe” [2007-12-07 16:26] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds] @=“Service” [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal{533C5B84-EC70-11D2-9505-00C04F79DEAF}] @=“Volume shadow copy” [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] eapsvcs eaphost dot3svc dot3svc HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs UxTuneUp napagent hkmsvc *Newly Created Service* - CATCHME – Hosts ----------------------------------------------------------------------- 127.0.0.1 http://www.007guard.com 127.0.0.1 007guard.com 127.0.0.1 008i.com 127.0.0.1 http://www.008k.com 127.0.0.1 008k.com 127.0.0.1 http://www.00hq.com 127.0.0.1 00hq.com 127.0.0.1 010402.com 127.0.0.1 http://www.032439.com 127.0.0.1 032439.com 8073 more entries in hosts file. – End of Deckard’s System Scanner: finished at 2008-06-26 21:03:36

A program Combo Fix nadal nie moge uruchomic dlaczego ??

o to fotka i komunikat ComboFix

W dniu 27.06.2008 , o godzinie 7:42 został dopisany post przez strongmen

Jest udało mi się w końcu uruchomić ComboFix.exe o to Log.

ComboFix 08-06-20.4 - Staszek 2008-06-27 7:32:05.3 - NTFSx86 Microsoft Windows XP Home Edition 5.1.2600.3.1250.1.1045.18.644 [GMT 2:00] Running from: C:\Documents and Settings\Staszek\Pulpit\ComboFix.exe * Created a new restore point WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED . /wow section - STAGE 38 pv: No matching processes found Składnia polecenia jest niepoprawna. ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . C:\kmd.exe . ((((((((((((((((((((((((( Files Created from 2008-05-27 to 2008-06-27 ))))))))))))))))))))))))))))))) . 2008-06-26 20:58 . 2008-06-26 20:58 2008-06-26 20:54 . 2008-06-26 20:57 2008-06-26 20:45 . 2008-06-26 20:45 449,462 --a------ C:\HaxFix.exe 2008-06-26 20:40 . 2001-08-17 22:07 55,168 --a–c— C:\WINDOWS\system32\dllcache\aic78u2.sys 2008-06-26 20:40 . 2001-08-17 21:52 12,800 --a–c— C:\WINDOWS\system32\dllcache\aha154x.sys 2008-06-26 20:39 . 2001-10-26 17:30 24,576 --a–c— C:\WINDOWS\system32\dllcache\agcgauge.ax 2008-06-26 20:37 . 2008-04-14 18:29 2,146,816 --a–c— C:\WINDOWS\system32\dllcache\ntkrnlmp.exe 2008-06-26 20:37 . 2001-10-26 17:29 66,048 --a–c— C:\WINDOWS\system32\dllcache\s3legacy.dll 2008-06-23 20:28 . 2008-06-23 20:28 54,156 --ah----- C:\WINDOWS\QTFont.qfn 2008-06-23 20:28 . 2008-06-23 20:28 1,409 --a------ C:\WINDOWS\QTFont.for 2008-06-23 14:07 . 2008-06-23 14:07 2008-06-16 10:54 . 2008-06-16 10:54 2008-06-12 16:29 . 2008-06-12 16:30 18,289 --a------ C:\WINDOWS\settings 2008-06-11 15:44 . 2008-05-08 16:02 203,136 -----c— C:\WINDOWS\system32\dllcache\rmcast.sys 2008-06-11 15:43 . 2008-06-14 19:36 273,024 -----c— C:\WINDOWS\system32\dllcache\bthport.sys 2008-06-08 18:17 . 2008-06-08 18:23 2008-06-06 10:51 . 2008-06-18 11:25 2008-06-06 10:46 . 2008-06-06 10:49 2008-06-04 12:49 . 2004-08-03 22:31 20,992 --a------ C:\WINDOWS\system32\drivers\RTL8139.sys 2008-06-04 12:49 . 2004-08-03 22:31 20,992 --a–c— C:\WINDOWS\system32\dllcache\rtl8139.sys 2008-06-03 12:08 . 2008-06-03 12:08 2008-06-03 00:57 . 2002-12-27 04:41 26,880 --a------ C:\WINDOWS\system32\drivers\VIAAGP1.SYS 2008-06-02 23:47 . 2008-06-02 23:47 2008-06-02 23:47 . 2008-06-02 23:47 2008-06-02 23:47 . 2008-06-02 23:47 2008-06-02 23:43 . 2008-06-02 23:48 2008-06-02 23:36 . 2008-06-02 23:36 2008-06-02 23:23 . 2004-08-04 00:35 327,040 --------- C:\WINDOWS\system32\drivers\ati2mtaa.sys . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-06-27 05:17 --------- d-----w C:\Program Files\Trojan Remover 2008-06-25 16:42 --------- d-----w C:\Program Files\English Translator 3 2008-06-21 14:08 --------- d-----w C:\Program Files\NAPI-PROJEKT 2008-06-14 17:36 273,024 ------w C:\WINDOWS\system32\drivers\bthport.sys 2008-06-11 14:18 --------- d-----w C:\Program Files\HyCam2 2008-05-26 19:43 --------- d-----w C:\Program Files\SetEditOctagon 2008-05-26 15:53 --------- d-----w C:\Program Files\MarBit 2008-05-26 15:27 --------- d-----w C:\Program Files\ivo 2008-05-26 15:27 --------- d-----w C:\Documents and Settings\Staszek\Dane aplikacji\Expressivo 2008-05-24 07:54 --------- d—a-w C:\Documents and Settings\All Users\Dane aplikacji\TEMP 2008-05-20 23:10 --------- d-----w C:\Documents and Settings\Staszek\Dane aplikacji\ATI 2008-05-20 23:07 --------- d-----w C:\Program Files\ATI Technologies 2008-05-20 22:51 --------- d–h--w C:\Program Files\InstallShield Installation Information 2008-05-20 22:42 --------- d-----w C:\Documents and Settings\Staszek\Dane aplikacji\Wildfire 2008-05-19 18:52 --------- d-----w C:\Documents and Settings\Staszek\Dane aplikacji\atitray 2008-05-19 18:40 --------- d-----w C:\Program Files\MultiRes 2008-05-19 18:34 472,576 ----a-w C:\WINDOWS\Radeon Omega Drivers v4.8.442 Uninstall.exe 2008-05-19 18:34 --------- d-----w C:\Program Files\Radeon Omega Drivers 2008-05-16 18:40 --------- d-----w C:\Documents and Settings\Staszek\Dane aplikacji\Skype 2008-05-15 10:38 --------- d-----w C:\Program Files\ESET 2008-05-08 14:02 203,136 ----a-w C:\WINDOWS\system32\drivers\rmcast.sys 2008-05-08 12:11 --------- d-----w C:\Program Files\HHD Software 2008-05-08 12:01 --------- d-----w C:\Program Files\HP 2008-05-07 05:12 1,291,776 ----a-w C:\WINDOWS\system32\quartz.dll 2008-05-06 11:14 --------- d-----w C:\Program Files\MSXML 4.0 2008-05-06 11:14 --------- d-----w C:\Program Files\Microsoft CAPICOM 2.1.0.2 2008-05-05 15:42 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\HP 2008-05-05 15:38 --------- d-----w C:\Program Files\Common Files\Hewlett-Packard 2008-04-23 07:20 826,368 ----a-w C:\WINDOWS\system32\wininet.dll 2008-04-14 20:51 11,264 ----a-w C:\WINDOWS\system32\spnpinst.exe 2008-04-14 20:50 997,888 ----a-w C:\WINDOWS\system32\setupapi.dll 2008-04-14 20:50 424,960 ----a-w C:\WINDOWS\system32\licdll.dll 2008-04-14 17:46 1,804 ----a-w C:\WINDOWS\system32\dcache.bin 2008-04-14 17:26 332,288 ----a-w C:\WINDOWS\system32\netsetup.exe 2008-04-14 17:22 92,424 ----a-w C:\WINDOWS\system32\rdpdd.dll 2008-04-14 17:22 87,176 ----a-w C:\WINDOWS\system32\rdpwsx.dll 2008-04-14 17:22 12,168 ----a-w C:\WINDOWS\system32\tsddd.dll 2008-04-14 17:20 999,936 ----a-w C:\WINDOWS\system32\syssetup.dll 2008-04-14 17:19 98,304 ----a-w C:\WINDOWS\system32\actxprxy.dll 2008-04-14 17:18 5,632 ----a-w C:\WINDOWS\system32\wmi.dll 2008-04-14 17:18 1,449,472 ----a-w C:\WINDOWS\system32\winntbbu.dll 2008-04-14 17:17 57,375 ----a-w C:\WINDOWS\system32\odbcji32.dll 2008-04-14 17:13 4,126 ----a-w C:\WINDOWS\system32\msdxmlc.dll 2008-04-14 17:12 3,584 ----a-w C:\WINDOWS\system32\msafd.dll 2008-04-14 17:06 3,584 ----a-w C:\WINDOWS\system32\icmp.dll 2008-04-14 17:05 9,344 ----a-w C:\WINDOWS\system32\framebuf.dll 2008-04-14 17:03 3,072 ----a-w C:\WINDOWS\system32\dpnlobby.dll 2008-04-14 17:03 3,072 ----a-w C:\WINDOWS\system32\dpnaddr.dll 2008-04-14 17:01 16,896 ----a-w C:\WINDOWS\system32\cfgmgr32.dll 2008-04-14 17:00 285,696 ----a-w C:\WINDOWS\system32\atmfd.dll 2008-04-14 16:30 2,190,336 ----a-w C:\WINDOWS\system32\ntoskrnl.exe 2008-04-14 16:29 2,067,200 ----a-w C:\WINDOWS\system32\ntkrnlpa.exe 2008-04-14 16:25 4,096 ----a-w C:\WINDOWS\system32\dsprpres.dll 2008-04-14 16:22 89,600 ------w C:\WINDOWS\system32\msxml6r.dll 2008-04-14 16:20 80,896 ------w C:\WINDOWS\system32\msshavmsg.dll 2008-04-14 16:15 49,664 ----a-w C:\WINDOWS\system32\inetres.dll 2008-04-14 16:13 563,200 ----a-w C:\WINDOWS\system32\shdoclc.dll 2008-04-14 16:07 10,240 ----a-w C:\WINDOWS\system32\gpkrsrc.dll 2008-04-14 16:05 67,584 ----a-w C:\WINDOWS\system32\browselc.dll 2008-04-14 16:05 1,845,888 ----a-w C:\WINDOWS\system32\win32k.sys 2008-04-14 15:59 103,936 ----a-w C:\WINDOWS\system32\dpcdll.dll 2008-04-13 18:44 17,664 ----a-w C:\WINDOWS\system32\watchdog.sys 2008-04-13 18:40 427,008 ----a-w C:\WINDOWS\system32\xpob2res.dll 2008-04-13 18:37 2,953,216 ----a-w C:\WINDOWS\system32\xpsp2res.dll 2008-04-13 18:35 24,064 ----a-w C:\WINDOWS\system32\pidgen.dll 2008-04-13 18:35 194,560 ----a-w C:\WINDOWS\system32\xpsp1res.dll 2008-04-13 18:31 7,424 ----a-w C:\WINDOWS\system32\kd1394.dll 2008-04-13 18:30 61,440 ----a-w C:\WINDOWS\system32\msvcrt40.dll 2008-04-13 17:37 208,384 ----a-w C:\WINDOWS\system32\rsaenh.dll 2008-04-13 17:37 138,752 ----a-w C:\WINDOWS\system32\dssenh.dll 2008-04-13 17:26 12,288 ----a-w C:\WINDOWS\system32\odbcp32r.dll 2008-04-13 17:26 12,288 ----a-w C:\WINDOWS\system32\mscpx32r.dll 2008-04-13 17:21 733,696 ----a-w C:\WINDOWS\system32\qedwipes.dll 2008-04-13 16:48 1,647,616 ----a-w C:\WINDOWS\system32\winbrand.dll 2008-04-13 16:45 216,064 ----a-w C:\WINDOWS\system32\moricons.dll 2008-04-13 16:23 48,128 ----a-w C:\WINDOWS\system32\msprivs.dll 2008-04-13 15:39 884,736 ----a-w C:\WINDOWS\system32\msimsg.dll 2008-04-09 22:58 4,608 ----a-w C:\WINDOWS\system32\w95inf32.dll 2008-04-09 22:58 2,272 ----a-w C:\WINDOWS\system32\w95inf16.dll 2008-04-03 20:01 66,872 ----a-w C:\WINDOWS\system32\PnkBstrA.exe 2008-03-29 15:23 691,545 ----a-w C:\WINDOWS\unins001.exe 2008-02-20 19:01 22,328 ----a-w C:\Documents and Settings\Staszek\Dane aplikacji\PnkBstrK.sys . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] “CTFMON.EXE”=“C:\WINDOWS\system32\ctfmon.exe” [2008-04-14 19:21 15360] “SpybotSD TeaTimer”=“C:\Program Files\Spybot - Search Destroy\TeaTimer.exe” [2008-01-28 12:43 2097488] “Gadu-Gadu”=“C:\Program Files\Gadu-Gadu\gg.exe” [2007-11-14 12:54 2131392] “Expressivo”=“C:\Program Files\ivo\Expressivo\expressivo.exe” [2007-12-07 16:26 2031616] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] “SoundMan”=“SOUNDMAN.EXE” [2003-01-07 12:09 46592 C:\WINDOWS\SOUNDMAN.EXE] “NeroFilterCheck”=“C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe” [2006-01-12 17:40 155648] “SunJavaUpdateSched”=“C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe” [2005-03-04 04:36 36975] “CloneCDTray”=“C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe” [2005-05-19 15:47 57344] “AnyDVD”=“C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe” [2007-12-01 18:51 469504] “DAEMON Tools”=“C:\Program Files\DAEMON Tools\daemon.exe” [2006-09-14 22:09 157592] “TrojanScanner”=“C:\Program Files\Trojan Remover\Trjscan.exe” [2007-11-02 16:18 524368] “egui”=“C:\Program Files\ESET\ESET Smart Security\egui.exe” [2008-02-20 12:06 1443072] “WinampAgent”=“C:\Program Files\Winamp\winampa.exe” [2008-03-27 08:35 36352] “Ad Muncher”=“C:\Program Files\Ad Muncher\AdMunch.exe” [2007-11-03 12:48 779776] “ATICCC”=“C:\Program Files\ATI Technologies\ATI.ACE\cli.exe” [2006-01-02 17:41 45056] “NodLogin”=“C:\Program Files\ESET\ESET Smart Security\nodlogin.exe” [2008-06-03 21:12 343982] [HKEY_USERS.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] “CTFMON.EXE”=“C:\WINDOWS\system32\CTFMON.EXE” [2008-04-14 19:21 15360] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] “vidc.iv31”= C:\WINDOWS\system32\ir32_32.dll “vidc.iv32”= C:\WINDOWS\system32\ir32_32.dll “VIDC.X264”= x264vfw.dll “VIDC.3iv2”= 3ivxVfWCodec.dll [HKLM~\services\sharedaccess\parameters\firewallpolicy\standardprofile] “EnableFirewall”= 0 (0x0) [HKLM~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] “%windir%\system32\sessmgr.exe”= “%windir%\Network Diagnostic\xpnetdiag.exe”= “C:\Program Files\Gadu-Gadu\gg.exe”= “C:\Documents and Settings\All Users\Dokumenty\SBCL PREMIERE tomek.wysoka\SBCL vPlug1.6.7\SBCL v1.1b.exe”= “C:\totalcmd\TOTALCMD.EXE”= “E:\Program Files\EA GAMES\Need For Speed Underground\Speed.exe”= “C:\WINDOWS\system32\PnkBstrA.exe”= “C:\WINDOWS\system32\PnkBstrB.exe”= “C:\Program Files\Skype\Phone\Skype.exe”= [HKLM~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] “26448:TCP”= 26448:TCP:BitComet 26448 TCP “26448:UDP”= 26448:UDP:BitComet 26448 UDP R1 atitray;atitray;C:\Program Files\Radeon Omega Drivers\v4.8.442\ATI Tray Tools\atitray.sys [2007-11-05 09:55] R2 amdfix;amdfix;C:\WINDOWS\system32\drivers\amdfix.sys [2007-05-22 18:17] R2 UxTuneUp;TuneUp Design Expansion;C:\WINDOWS\System32\svchost.exe [2008-04-14 19:21] R2 xinstall;xinstall;C:\WINDOWS\system32\drivers\xinstall.sys [2007-05-22 18:17] S3 UsbSagCom;Mobile Device Full USB Driver;C:\WINDOWS\system32\DRIVERS\UsbSagCom.sys [2007-06-29 15:20] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs UxTuneUp . Contents of the ‘Scheduled Tasks’ folder “2008-06-20 16:15:46 C:\WINDOWS\Tasks\1-Click Maintenance.job” - C:\Program Files\TuneUp Utilities 2007\SystemOptimizer.exe . ************************************************************************** catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-06-27 07:33:35 Windows 5.1.2600 Dodatek Service Pack 3 NTFS scanning hidden processes … scanning hidden autostart entries … scanning hidden files … scan completed successfully hidden files: 0 ************************************************************************** . Completion time: 2008-06-27 7:34:58 ComboFix-quarantined-files.txt 2008-06-27 05:34:47 Pre-Run: 7,624,339,456 bajtów wolnych Post-Run: 7,646,072,832 bajtów wolnych 201 — E O F — 2008-06-20 12:43:40 Jeśli źle wkleiłem to wybaczcie Pozdrawiam.

huber2t · 27 Czerwiec 2008 06:15

Ja w logach nic nie widzę

strongmen · 27 Czerwiec 2008 06:27

Zmieniłem na stary zasilacz i już prawie godzin siedzę i surfuje po necie i żadnej zwiechy nie spodziewałem się tego po chieftec-u Wygląda na to że zasilacz siadł :x

Pozdrawiam.