Witam, od wczoraj mój komputer zacząl bardzo wolno chodzic, co chwile sie zawiesza programy otwierają sie po 6-8 min. !

Logi Hijackthis:

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 19:08:32, on 2009-10-30

Platform: Windows Vista SP2 (WinNT 6.00.1906)

MSIE: Internet Explorer v8.00 (8.00.6001.18828)

Boot mode: Normal

Running processes:

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Windows\system32\taskeng.exe

C:\Program Files\Windows Defender\MSASCui.exe

C:\Windows\RtHDVCpl.exe

C:\Windows\BR040286.exe

C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe

C:\Program Files\Apoint2K\Apoint.exe

C:\Windows\System32\rundll32.exe

C:\Windows\System32\rundll32.exe

C:\Program Files\Razer\DeathAdder\razerhid.exe

C:\Windows\ehome\ehtray.exe

C:\Users\Karol\Program Files\DNA\btdna.exe

C:\Windows\System32\mobsync.exe

C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE

C:\Program Files\Apoint2K\ApMsgFwd.exe

C:\Program Files\Razer\DeathAdder\razerofa.exe

C:\Windows\ehome\ehmsas.exe

C:\Program Files\Apoint2K\Apntex.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Users\Karol\AppData\Local\Temp\RtkBtMnt.exe

D:\steam\Steam.exe

C:\Program Files\Nowe Gadu-Gadu\gg.exe

C:\Program Files\Nowe Gadu-Gadu\spellchecker_gg.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Windows\system32\taskeng.exe

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://pl.intl.acer.yahoo.com

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://pl.intl.acer.yahoo.com

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

R3 - URLSearchHook: (no name) - - (no file)

R3 - URLSearchHook: DigitalPowered Toolbar - {b317125e-2f10-4388-bf1f-2c31c6cd89ed} - C:\Program Files\DigitalPowered\tbDigi.dll

O1 - Hosts: ::1 localhost

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll

O2 - BHO: (no name) - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - (no file)

O2 - BHO: DigitalPowered Toolbar - {b317125e-2f10-4388-bf1f-2c31c6cd89ed} - C:\Program Files\DigitalPowered\tbDigi.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)

O3 - Toolbar: DigitalPowered Toolbar - {b317125e-2f10-4388-bf1f-2c31c6cd89ed} - C:\Program Files\DigitalPowered\tbDigi.dll

O4 - HKLM…\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

O4 - HKLM…\Run: [RtHDVCpl] RtHDVCpl.exe

O4 - HKLM…\Run: [Adobe Reader Speed Launcher] “C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe”

O4 - HKLM…\Run: [bisonInst0402] C:\Windows\BR040286.exe

O4 - HKLM…\Run: [PlayMovie] “C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe”

O4 - HKLM…\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe

O4 - HKLM…\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe

O4 - HKLM…\Run: [AdslTaskBar] rundll32.exe stmctrl.dll,TaskBar

O4 - HKLM…\Run: [skytel] Skytel.exe

O4 - HKLM…\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup

O4 - HKLM…\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM…\Run: [DeathAdder] C:\Program Files\Razer\DeathAdder\razerhid.exe

O4 - HKCU…\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKCU…\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe

O4 - HKCU…\Run: [bitTorrent DNA] “C:\Users\Karol\Program Files\DNA\btdna.exe”

O4 - HKUS\S-1-5-19…\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User ‘USŁUGA LOKALNA’)

O4 - HKUS\S-1-5-19…\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User ‘USŁUGA LOKALNA’)

O4 - HKUS\S-1-5-20…\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User ‘USŁUGA SIECIOWA’)

O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe

O4 - Global Startup: Empowering Technology Launcher.lnk = ?

O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O9 - Extra button: Ghost Navigator - {ECC5777A-6E88-BFCE-13CE-81F134789E7B} - (no file)

O9 - Extra ‘Tools’ menuitem: Ghost Navigator - {ECC5777A-6E88-BFCE-13CE-81F134789E7B} - (no file)

O13 - Gopher Prefix:

O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} (ArmHelper Control) - file:///C:/Program%20Files/Hotel%20Solitaire/Images/armhelper.ocx

O17 - HKLM\System\CCS\Services\Tcpip…{6AFB2786-FDE0-400B-9E5B-615E6D2B48E0}: NameServer = 194.204.159.1 217.98.63.164

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O20 - AppInit_DLLs:

O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: Capture Device Service - InterVideo Inc. - C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe

O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe

O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe

O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe

O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe

O23 - Service: McAfee Real-time Scanner (McShield) - Unknown owner - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe (file missing)

O23 - Service: McAfee SystemGuards (McSysmon) - Unknown owner - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe (file missing)

O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe

O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe

O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe

O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

–

End of file - 7410 bytes

Proszę o odpowiedz czy w tych logach jest wszystko ok ! Jeżeli nie to co i jak mam naprawić !

Pozdrawiam

jak na dzisiejsze czasy hijack to za mało doklej z OTL SREng oraz GMER jeżeli nie pojdzie Gmer to RootRepal

Zrobiłem tylko GMER ponieważ nie moge znaleść tego drugiego.

Logi GMER:

GMER 1.0.15.15163 - http://www.gmer.net

Rootkit scan 2009-10-31 02:01:14

Windows 6.0.6002 Service Pack 2

Running: gmer.exe; Driver: C:\Users\Karol\AppData\Local\Temp\uwrcqpog.sys

---- User code sections - GMER 1.0.15 ----

.text C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe[864] kernel32.dll!SetUnhandledExceptionFilter 7661A84F 4 Bytes [C2, 04, 00, 00]

---- User IAT/EAT - GMER 1.0.15 ----

IAT C:\Windows\Explorer.EXE[1832] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusShutdown] [73E57817] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)

IAT C:\Windows\Explorer.EXE[1832] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCloneImage] [73EAA86D] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)

IAT C:\Windows\Explorer.EXE[1832] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDrawImageRectI] [73E5BB22] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)

IAT C:\Windows\Explorer.EXE[1832] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetInterpolationMode] [73E4F695] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)

IAT C:\Windows\Explorer.EXE[1832] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusStartup] [73E575E9] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)

IAT C:\Windows\Explorer.EXE[1832] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateFromHDC] [73E4E7CA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)

IAT C:\Windows\Explorer.EXE[1832] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromStreamICM] [73E88395] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)

IAT C:\Windows\Explorer.EXE[1832] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromStream] [73E5DA60] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)

IAT C:\Windows\Explorer.EXE[1832] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageHeight] [73E4FFFA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)

IAT C:\Windows\Explorer.EXE[1832] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageWidth] [73E4FF61] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)

IAT C:\Windows\Explorer.EXE[1832] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDisposeImage] [73E471CF] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)

IAT C:\Windows\Explorer.EXE[1832] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipLoadImageFromFileICM] [73EDCAE2] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)

IAT C:\Windows\Explorer.EXE[1832] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipLoadImageFromFile] [73E7C8D8] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)

IAT C:\Windows\Explorer.EXE[1832] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDeleteGraphics] [73E4D968] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)

IAT C:\Windows\Explorer.EXE[1832] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipFree] [73E46853] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)

IAT C:\Windows\Explorer.EXE[1832] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipAlloc] [73E4687E] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)

IAT C:\Windows\Explorer.EXE[1832] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetCompositingMode] [73E52AD1] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)

---- Devices - GMER 1.0.15 ----

AttachedDevice \FileSystem\Ntfs \Ntfs eamon.sys (Amon monitor/ESET)

---- Threads - GMER 1.0.15 ----

Thread System [4] 87983930

---- Files - GMER 1.0.15 ----

File C:\Users\Karol\AppData\Local\Temp\fla6DBC.tmp 14780263 bytes

---- EOF - GMER 1.0.15 ----

logi wklejasz na wklejto.pl lub wklej.org