Komputer spowolnił

sebus101_888 · 16 Październik 2008 18:20

Witam wszystkich!

Mam problem tego typu :ostatnio miałem virusa W32/Jeefo-został usunięty.Nastepnie zainstalowalem nod32 oraz ad-aware 2008 pom przeskanowaniu koputera nic nie znalazly.Po usunieciu tego virusa strasznie mi sie internet muli!!!Nie wiem co zrobic!Instalowalem spyware’y,firewall’e i nic tak samo jak bylo.Np. nie moge ogladac filmikow w necie bo zmiast filmiku mam biale tlo przeinstalowalem pare razy flash player’a i tez nic.

O to moj log z hijack’a:

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 19:13:57, on 2008-10-16

Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.5730.0013)

Boot mode: Normal

Running processes:

D:\WINDOWS\System32\smss.exe

D:\WINDOWS\system32\csrss.exe

D:\WINDOWS\system32\winlogon.exe

D:\WINDOWS\system32\services.exe

D:\WINDOWS\system32\lsass.exe

D:\WINDOWS\system32\Ati2evxx.exe

D:\WINDOWS\system32\svchost.exe

D:\WINDOWS\System32\svchost.exe

D:\WINDOWS\system32\svchost.exe

D:\WINDOWS\system32\Ati2evxx.exe

D:\Program Files\Lavasoft\Ad-Aware\aawservice.exe

D:\WINDOWS\system32\spoolsv.exe

D:\WINDOWS\system32\TDSupportApp\cdrom_mon.exe

D:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe

D:\Program Files\Microsoft LifeCam\MSCamS32.exe

D:\Program Files\PC Tools Firewall Plus\FWService.exe

D:\Program Files\Spyware Doctor\pctsAuxs.exe

D:\Program Files\Spyware Doctor\pctsSvc.exe

D:\WINDOWS\system32\svchost.exe

D:\WINDOWS\Explorer.EXE

D:\WINDOWS\RTHDCPL.EXE

D:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe

D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

D:\Program Files\Launch Manager\LaunchAp.exe

D:\Program Files\Launch Manager\HotkeyApp.exe

D:\Program Files\Launch Manager\OSD.exe

D:\Program Files\Launch Manager\OSDCtrl.exe

D:\Program Files\Launch Manager\Wbutton.exe

D:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe

D:\Program Files\Spyware Doctor\pctsTray.exe

D:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe

D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe

D:\Program Files\Java\jre1.6.0_07\bin\jusched.exe

D:\Program Files\Skype\Phone\Skype.exe

D:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe

D:\Program Files\Gadu-Gadu\gg.exe

D:\WINDOWS\system32\ctfmon.exe

C:\Vista Inspirat\ObjectDock\ObjectDock.exe

C:\Vista Inspirat\YzToolbar\YzToolBar.exe

D:\Program Files\Launch Manager\WisLMSvc.exe

D:\WINDOWS\system32\wscntfy.exe

D:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe

D:\WINDOWS\System32\alg.exe

D:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe

D:\Program Files\Skype\Plugin Manager\skypePM.exe

D:\WINDOWS\System32\svchost.exe

D:\Program Files\Winamp\winamp.exe

D:\Documents and Settings\Sebastian\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe

D:\Program Files\Trend Micro\HijackThis\HijackThis.exe

D:\WINDOWS\system32\wbem\wmiprvse.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - D:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre1.6.0_07\bin\ssv.dll

O4 - HKLM…\Run: [RTHDCPL] RTHDCPL.EXE

O4 - HKLM…\Run: [skyTel] SkyTel.EXE

O4 - HKLM…\Run: [Alcmtr] ALCMTR.EXE

O4 - HKLM…\Run: [sMSERIAL] D:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe

O4 - HKLM…\Run: [startCCC] “D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe” MSRun

O4 - HKLM…\Run: [CtrlVol] D:\Program Files\Launch Manager\CtrlVol.exe

O4 - HKLM…\Run: [Adobe Reader Speed Launcher] “D:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe”

O4 - HKLM…\Run: [LaunchAp] D:\Program Files\Launch Manager\LaunchAp.exe

O4 - HKLM…\Run: [HotkeyApp] D:\Program Files\Launch Manager\HotkeyApp.exe

O4 - HKLM…\Run: [LMgrVolOSD] D:\Program Files\Launch Manager\OSD.exe

O4 - HKLM…\Run: [LMgrOSD] D:\Program Files\Launch Manager\OSDCtrl.exe

O4 - HKLM…\Run: [Wbutton] “D:\Program Files\Launch Manager\Wbutton.exe”

O4 - HKLM…\Run: [egui] “D:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe” /hide /waitservice

O4 - HKLM…\Run: [iSTray] “D:\Program Files\Spyware Doctor\pctsTray.exe”

O4 - HKLM…\Run: [00PCTFW] “D:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe” -s

O4 - HKLM…\Run: [sunJavaUpdateSched] “D:\Program Files\Java\jre1.6.0_07\bin\jusched.exe”

O4 - HKLM…\RunOnce: [bCInstall0] “D:\Program Files\Pc Cleaner\pcclean.exe” /REMOVE

O4 - HKCU…\Run: [skype] “D:\Program Files\Skype\Phone\Skype.exe” /nosplash /minimized

O4 - HKCU…\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] “D:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe”

O4 - HKCU…\Run: [Gadu-Gadu] “D:\Program Files\Gadu-Gadu\gg.exe” /tray

O4 - HKCU…\Run: [ares] “D:\Program Files\Ares\Ares.exe” -h

O4 - HKCU…\Run: [ctfmon.exe] D:\WINDOWS\system32\ctfmon.exe

O4 - HKUS\S-1-5-19…\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User ‘USŁUGA LOKALNA’)

O4 - HKUS\S-1-5-19…\RunOnce: [nlpo_01] cmd.exe /c md “%USERPROFILE%\Ustawienia lokalne\Temp” (User ‘USŁUGA LOKALNA’)

O4 - HKUS\S-1-5-19…\RunOnce: [nlpo_03] cmd.exe /c md “%SystemRoot%\System32\dllcache” (User ‘USŁUGA LOKALNA’)

O4 - HKUS\S-1-5-19…\RunOnce: [nlpo_04] cmd.exe /C move /Y “%SystemRoot%\System32\syssetub.dll” “%SystemRoot%\System32\syssetup.dll” (User ‘USŁUGA LOKALNA’)

O4 - HKUS\S-1-5-19…\RunOnce: [nlpo_05] rundll32 advpack.dll,LaunchINFSection nlite.inf,nLiteReg (User ‘USŁUGA LOKALNA’)

O4 - HKUS\S-1-5-19…\RunOnce: [nlpo_06] rundll32 advpack.dll,LaunchINFSection nlite.inf,S (User ‘USŁUGA LOKALNA’)

O4 - HKUS\S-1-5-20…\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User ‘USŁUGA SIECIOWA’)

O4 - HKUS\S-1-5-20…\RunOnce: [nlpo_01] cmd.exe /c md “%USERPROFILE%\Ustawienia lokalne\Temp” (User ‘USŁUGA SIECIOWA’)

O4 - HKUS\S-1-5-18…\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User ‘SYSTEM’)

O4 - HKUS.DEFAULT…\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User ‘Default user’)

O4 - Startup: Stardock ObjectDock.lnk = C:\Vista Inspirat\ObjectDock\ObjectDock.exe

O4 - Startup: Y’z ToolBar.lnk = C:\Vista Inspirat\YzToolbar\YzToolBar.exe

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_07\bin\ssv.dll

O9 - Extra ‘Tools’ menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_07\bin\ssv.dll

O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - D:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O9 - Extra button: eBay - Homepage - {EF79EAC5-3452-4E02-B8BD-BA4C89F1AC7A} - D:\Program Files\IrfanView\Ebay\Ebay.htm

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe

O9 - Extra ‘Tools’ menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://dl8-cdn-01.sun.com/s/ESD44/JSCDL … 586-jc.cab

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - D:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - D:\Program Files\Lavasoft\Ad-Aware\aawservice.exe

O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - D:\Program Files\Ares\chatServer.exe

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - D:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: ATI Smart - Unknown owner - D:\WINDOWS\system32\ati2sgag.exe

O23 - Service: Autorun CDROM Monitor - Unknown owner - D:\WINDOWS\system32\TDSupportApp\cdrom_mon.exe

O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - D:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe

O23 - Service: Eset Service (ekrn) - ESET - D:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe

O23 - Service: NBService - Nero AG - D:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe

O23 - Service: NMIndexingService - Nero AG - D:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe

O23 - Service: PC Tools Firewall Plus (PCToolsFirewallPlus) - PC Tools - D:\Program Files\PC Tools Firewall Plus\FWService.exe

O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - D:\Program Files\Spyware Doctor\pctsAuxs.exe

O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - D:\Program Files\Spyware Doctor\pctsSvc.exe

O23 - Service: WisLMSvc - Wistron Corp. - D:\Program Files\Launch Manager\WisLMSvc.exe

–

End of file - 10128 bytes

Z gory dziekuje za pomoc!

huber2t · 17 Październik 2008 03:20

Podaj log z Combofix

Logi dajesz na http://wklej.eu lub na http://wklej.org a w poście dajesz tylko link

Agaton · 18 Październik 2008 07:49

sebus101_888 ,

Proszę poprawić pisownię w opisie problemu. W celu edycji swojego posta proszę skorzystać z przycisku