Kontrola kompa

jaguarR · 22 Kwiecień 2008 15:46

witam

chcialbym aby ktos sprawdzil logi kontrolnie gdyz problemow z nim nie mam ale…

w cs1.6 mam laga … ping 80-100 podczas gdy inni maja okolo 40… kumpel twierdzi ze to moja wina…na innych serwach tak sie nie dzialo…

i tylko w tej grze… w sof2 na serwie do 20 osob mam ping jeden z najmniejszych…

kumpel mowi mi ze mam formata zrobic…

Logfile of HijackThis v1.99.1 Scan saved at 17:31:04, on 2008-04-22 Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\System32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\SOUNDMAN.EXE C:\WINDOWS\ALCWZRD.EXE D:\bear\fire\comodo\cfp.exe C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe D:\inne\giegie\Gadu-Gadu\gg.exe D:\bear\fire\comodo\cmdagent.exe C:\WINDOWS\system32\wscntfy.exe D:\HJT\hijackthis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.hstv.pl/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O4 - HKLM…\Run: [skrót do strony właściwości High Definition Audio] HDAudPropShortcut.exe O4 - HKLM…\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM…\Run: [AlcWzrd] ALCWZRD.EXE O4 - HKLM…\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe O4 - HKLM…\Run: [COMODO Firewall Pro] “D:\bear\fire\comodo\cfp.exe” -s O4 - HKCU…\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] “C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe” O4 - HKCU…\Run: [EPSON Stylus Photo R285 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICKE.EXE /FU “C:\WINDOWS\TEMP\E_S95.tmp” /EF “HKCU” O4 - HKCU…\Run: [sMSystemAnalyzer] “D:\programy do kompa\mechanikkc\System Mechanic 6\SMSystemAnalyzer.exe” O4 - HKCU…\Run: [system Mechanic Popup Blocker] “D:\programy do kompa\mechanikkc\System Mechanic 6\PopupBlocker.exe” O4 - HKCU…\Run: [Gadu-Gadu] “D:\inne\giegie\Gadu-Gadu\gg.exe” /tray O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra ‘Tools’ menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O16 - DPF: {0B79F48A-E8D6-11DB-9283-E25056D89593} (F-Secure Online Scanner 3.1) - http://support.f-secure.com/ols/fscax.cab O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.pl/resources/virus … nicode.cab O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://downloads.ewido.net/ewidoOnlineScan.cab O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/Shar … vSniff.cab O16 - DPF: {3D8700FB-86A4-4CB4-B738-6F0FC016AC7D} - http://arcaonline.arcabit.com/ArcaOnline.cab O16 - DPF: {56393399-041A-4650-94C7-13DFCB1F4665} (PSFormX Control) - http://www.ca.com/us/securityadvisor/pe … stscan.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resourc … oscan8.cab O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/Shar … /cabsa.cab O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} (MksSkanerOnline Class) - http://www.mks.com.pl/skaner/SkanerOnline.cab O16 - DPF: {7B297BFD-85E4-4092-B2AF-16A91B2EA103} (WScanCtl Class) - http://www.ca.com/us/securityadvisor/vi … ebscan.cab O16 - DPF: {9D190AE6-C81E-4039-8061-978EBAD10073} (F-Secure Online Scanner 3.0) - http://support.f-secure.com/ols/fscax.cab O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-l … cfscan.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O20 - AppInit_DLLs: C:\WINDOWS\system32\guard32.dll O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll O23 - Service: COMODO Firewall Pro Helper Service (cmdAgent) - COMODO - D:\bear\fire\comodo\cmdagent.exe

za pare minut wkleje loga z CF-a

huber2t · 22 Kwiecień 2008 15:57

Log wygląda na czysty

jaguarR · 22 Kwiecień 2008 16:18

ComboFix 08-04-20.5 - Administrator 2008-04-22 17:58:29.2 - NTFSx86

Microsoft Windows XP Professional 5.1.2600.2.1250.1.1045.18.691 [GMT 2:00]

Running from: D:\CF\ComboFix.exe

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED

.

((((((((((((((((((((((((( Files Created from 2008-03-22 to 2008-04-22 )))))))))))))))))))))))))))))))

.

2008-04-11 18:55 . 2008-04-18 20:30 1,712 --a------ C:\WINDOWS\SysMech6.INI

2008-04-11 18:40 . 2008-04-11 18:40

2008-04-11 18:40 . 2006-12-20 12:39 1,212,416 --a------ C:\WINDOWS\system32\Incinerator.dll

2008-04-11 18:40 . 2006-03-28 01:54 41,472 --a------ C:\WINDOWS\system32\iolobtdfg.exe

2008-04-11 18:40 . 2005-09-12 13:20 25,264 --a------ C:\WINDOWS\system32\smrgdf.exe

2008-04-11 18:40 . 2008-04-11 19:52 406 --a------ C:\WINDOWS\system32\ioloBootDefrag.cfg

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2008-04-16 17:50 --------- d-----w C:\Documents and Settings\Administrator\Dane aplikacji\uTorrent

2008-04-08 17:22 --------- d-----w C:\Program Files\SkanerOnline

2007-07-28 13:53 9,270,048 --sha-w C:\WINDOWS\system32\drivers\fidbox.dat

2007-07-28 13:53 315,936 --sha-w C:\WINDOWS\system32\drivers\fidbox2.dat

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

*Note* empty entries legit default entries are not shown

REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

“BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}”=“C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe” [2006-06-01 13:32 94208]

“EPSON Stylus Photo R285 Series”=“C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICKE.exe” [2007-04-13 08:00 182272]

“SMSystemAnalyzer”=“D:\programy do kompa\mechanikkc\System Mechanic 6\SMSystemAnalyzer.exe” [2006-12-20 12:38 557056]

“System Mechanic Popup Blocker”=“D:\programy do kompa\mechanikkc\System Mechanic 6\PopupBlocker.exe” [2006-12-20 12:38 752128]

“Gadu-Gadu”=“D:\inne\giegie\Gadu-Gadu\gg.exe” [2006-02-17 15:03 2396160]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

“Skrót do strony właściwości High Definition Audio”=“HDAudPropShortcut.exe” [2004-03-17 15:10 61952 C:\WINDOWS\system32\Hdaudpropshortcut.exe]

“SoundMan”=“SOUNDMAN.EXE” [2007-03-29 23:16 77824 C:\WINDOWS\SOUNDMAN.EXE]

“AlcWzrd”=“ALCWZRD.EXE” [2007-03-29 23:16 2559488 C:\WINDOWS\ALCWZRD.EXE]

“NeroFilterCheck”=“C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe” [2006-01-12 16:40 155648]

“COMODO Firewall Pro”=“D:\bear\fire\comodo\cfp.exe” [2008-01-20 17:39 1481984]

[HKEY_USERS.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

“CTFMON.EXE”=“C:\WINDOWS\system32\CTFMON.EXE” [2004-08-04 03:44 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]

“NoResolveSearch”= 1 (0x1)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]

“NoInstrumentation”= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]

“AppInit_DLLs”= C:\WINDOWS\system32\guard32.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]

“msacm.avis”= ff_acm.acm

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]

–a------ 2007-03-30 13:34 25263144 C:\Program Files\Skype\Phone\Skype.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]

–a------ 2006-06-21 19:14 35328 D:\inne\hvo\Winamp\winampa.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center]

“UpdatesDisableNotify”=dword:00000001

[HKLM~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

“D:\inne\giegie\Gadu-Gadu\gg.exe”=

“D:\csik\CSCS\hl.exe”=

“D:\Nowy folder (2)\Soldier of Fortune II - Double Helix MP TEST\SoF2MP-Test.exe”=

“D:\GOLD\SoF2MP.exe”=

“D:\bear\Nowy folder (3)\The All-Seeing Eye\eye.exe”=

“D:\round + mousetrap sprawnySTARSZA WESRSJA\The All-Seeing Eye\eye.exe”=

“D:\RedAlert\game.exe”=

“D:\csik\CSCS\hlds.exe”=

“D:\bear\utorrent\utorrent.exe”=

“D:\programy do kompa\Magic Speed\MagicSpeed.exe”=

R1 cmdGuard;COMODO Firewall Pro Sandbox Driver;C:\WINDOWS\system32\DRIVERS\cmdguard.sys [2008-01-20 17:39]

R1 cmdHlp;COMODO Firewall Pro Helper Driver;C:\WINDOWS\system32\DRIVERS\cmdhlp.sys [2008-01-20 17:39]

.

**************************************************************************

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2008-04-22 18:11:48

Windows 5.1.2600 Dodatek Service Pack 2 NTFS

scanning hidden processes …

scanning hidden autostart entries …

scanning hidden files …

scan completed successfully

hidden files: 0

**************************************************************************

.

--------------------- DLLs Loaded Under Running Processes ---------------------

PROCESS: C:\WINDOWS\System32\winlogon.exe

C:\WINDOWS\system32\guard32.dll

PROCESS: C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\guard32.dll

.

Completion time: 2008-04-22 18:13:48

ComboFix-quarantined-files.txt 2008-04-22 16:13:09

ComboFix2.txt 2008-03-15 12:43:18

Pre-Run: 27,000,426,496 bajtów wolnych

Post-Run: 26,994,384,896 bajtów wolnych

90 — E O F — 2008-01-05 09:53:42

Leon1 · 22 Kwiecień 2008 16:39

Logi czyste

Wyłącz przywracanie systemu na wszystkich dyskach.http://support.microsoft.com/kb/310405/pl

zrób optymalizacje uruchamiania http://cybertrash.netarteria.pl/cyber/index.php/topic,378.0.html

usuń ręcznie folder C: \Qoobox usuń instalkę Combofix z dysku.

przeskanuj obszar Mój komputer http://www.kaspersky.pl/virusscanner.html pokaż raport stronę uruchomić przez IE

włącz przywracanie systemu

Agaton · 22 Kwiecień 2008 17:58

W temacie, który powinieneś znać:

viewtopic.php?f=16&t=36654

Zapoznaj się z tematem Ważny komunikat dotyczący tytułowania tematów i popraw tytuł na konkretny. W celu dokonania zaleconej korekty - proszę użyć przycisku [ przy poście otwierającym ten temat.

Zignorowanie zalecenia będzie skutkowało usunięciem tematu do Kosza.

I uwaga odnośnie wklejanych logów -

W związku ze zmianą, jaka obowiązuje przy wklejaniu logów w tym dziale, przeczytaj i zastosuj się do Tematu

](http://www.fotosik.pl)