Net wolno chodzi

konrad0787 · 22 Sierpień 2007 19:42

Od kilkunastu dni bardzo wolno otwierają sie strony,a dokładnie zbyt późno po kliknięciu na odpowiedni link,czy jaką kolwiek kategorie na stronie zaczyna pobierać.Wygląda na to jakby coś blokowało a po kilku sek.sie odblokowuje i pobiera normalnie-taką szybkością jak ma być.

Złączono Posta : 22.08.2007 (Sro) 20:49

Logfile of HijackThis v1.99.1

Scan saved at 21:48:59, on 2007-08-22

Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe

C:\Program Files\Common Files\LightScribe\LSSrvc.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\system32\wscntfy.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe

C:\WINDOWS\system32\Rundll32.exe

C:\WINDOWS\system32\RUNDLL32.EXE

C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe

E:\Power DVD\PDVDServ.exe

C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe

C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe

E:\AutoConnect\AutoConnect.exe

C:\WINDOWS\system32\ctfmon.exe

E:\Gadu-Gadu\gg.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\WINDOWS\system32\wuauclt.exe

E:\Hijack\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.bearshare.com/pl/

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.windowsxlive.net

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza

R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - (no file)

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - E:\FlashGet\jccatch.dll

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - E:\SPYBOT~1\SDHelper.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll

O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - E:\FlashGet\getflash.dll

O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - E:\FlashGet\fgiebar.dll

O4 - HKLM…\Run: [updReg] C:\WINDOWS\UpdReg.EXE

O4 - HKLM…\Run: [speedTouch USB Diagnostics] “C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe” /icon

O4 - HKLM…\Run: [P17Helper] Rundll32 P17.dll,P17Helper

O4 - HKLM…\Run: [nwiz] nwiz.exe /install

O4 - HKLM…\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM…\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM…\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe /r

O4 - HKLM…\Run: [RemoteControl] “E:\Power DVD\PDVDServ.exe”

O4 - HKLM…\Run: [DeviceDiscovery] C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe

O4 - HKLM…\Run: [kis] “C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe”

O4 - HKCU…\Run: [AutoConnect] E:\AutoConnect\AutoConnect.exe

O4 - HKCU…\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - Global Startup: Adobe Reader Synchronizer.lnk = E:\Acrobat\Reader\AdobeCollabSync.exe

O8 - Extra context menu item: &Ściągnij przy pomocy FlashGet’a - E:\FlashGet\jc_link.htm

O8 - Extra context menu item: &Ściągnij wszystko przy pomocy FlashGet’a - E:\FlashGet\jc_all.htm

O8 - Extra context menu item: Dodaj do Kaspersky Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\ie_banner_deny.htm

O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll

O9 - Extra ‘Tools’ menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll

O9 - Extra button: Ochrona WWW - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\scieplugin.dll

O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - E:\FlashGet\FlashGet.exe

O9 - Extra ‘Tools’ menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - E:\FlashGet\FlashGet.exe

O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.pl/resources/virus … nicode.cab

O17 - HKLM\System\CCS\Services\Tcpip…{F8A552AF-BE59-4467-B02E-CCBF60ABB248}: NameServer = 194.204.152.34 217.98.63.164

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O20 - AppInit_DLLs: wbsys.dll,C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll

O20 - Winlogon Notify: klogon - C:\WINDOWS\system32\klogon.dll

O20 - Winlogon Notify: WBSrv - E:\Stardock\OBJECT~1\WINDOW~1\wbsrv.dll

O23 - Service: Kaspersky Internet Security 6.0 (AVP) - Unknown owner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe" -r (file missing)

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

Agaton · 22 Sierpień 2007 20:08

konrad0787

A co ma do tego dział Linux ??

Zapoznaj się z tematem Ważny komunikat dotyczący tytułowania tematów

i popraw loga stosownie do zaleceń zawartych w podanym temacie, obejmując go tagami

Gutek · 22 Sierpień 2007 20:18

usuń HJT i daj log z ComboFix

konrad0787 · 22 Sierpień 2007 20:39

ComboFix 07-08-17.2 - “Konrad” 2007-08-22 22:37:03.2 - NTFSx86

Microsoft Windows XP Professional 5.1.2600.2.1250.1.1045.18.258 [GMT 2:00]

((((((((((((((((((((((((( Files Created from 2007-07-22 to 2007-08-22 )))))))))))))))))))))))))))))))

2007-08-22 22:34 51,200 --a------ C:\WINDOWS\nircmd.exe

2007-08-16 22:35

2007-08-04 18:52

2007-08-04 18:49

2007-08-03 14:28

2007-08-03 13:52 24,072 --a------ C:\WINDOWS\system32\uxtuneup.dll

2007-08-03 13:51

2007-08-03 13:44 23 --ahs---- C:\WINDOWS\system32\dabcdaee5_r.dll

2007-08-01 11:34

2007-07-27 16:17 7,895,584 --ahs---- C:\WINDOWS\system32\drivers\fidbox.dat

2007-07-27 16:17 204,320 --ahs---- C:\WINDOWS\system32\drivers\fidbox2.dat

2007-07-27 16:17

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

2007-08-22 21:51 25136 --ahs---- C:\WINDOWS\system32\drivers\fidbox2.idx

2007-08-22 21:51 118688 --ahs---- C:\WINDOWS\system32\drivers\fidbox.idx

2007-08-20 16:50 --------- d-------- C:\Program Files\Winamp

2007-08-16 21:56 --------- d-------- C:\DOCUME~1\Konrad\DANEAP~1\BearShare

2007-08-01 11:34 --------- d-------- C:\Program Files\Picasa2

2007-07-25 17:20 --------- d-------- C:\DOCUME~1\Konrad\DANEAP~1\Skype

2007-07-16 22:50 --------- d-------- C:\Program Files\BearShare applications

2007-07-11 13:39 --------- d-------- C:\DOCUME~1\Konrad\DANEAP~1\CyberLink

2007-07-07 11:56 --------- d-------- C:\DOCUME~1\Konrad\DANEAP~1\Gadu-Gadu

2007-07-03 12:00 --------- d-------- C:\Program Files\Skype

2007-07-03 12:00 --------- d-------- C:\Program Files\Common Files\Skype

2007-07-02 19:39 --------- d–h----- C:\Program Files\InstallShield Installation Information

2007-07-02 19:39 --------- d-------- C:\Program Files\CyberLink

2007-07-02 13:29 --------- d-------- C:\Program Files\Microsoft.NET

2007-07-01 17:08 --------- d-------- C:\Program Files\Common Files\LightScribe

2007-06-30 10:04 --------- d-------- C:\Program Files\microsoft frontpage

2007-06-29 19:11 --------- d-------- C:\DOCUME~1\Konrad\DANEAP~1\Styler

2007-06-29 19:08 --------- d-------- C:\DOCUME~1\Konrad\DANEAP~1\Stardock

2007-06-29 18:33 --------- d-------- C:\Program Files\Movie Maker

2007-06-28 20:55 62024 --a------ C:\WINDOWS\BricoPackUninst.cmd

2007-06-28 20:55 5396 --a------ C:\WINDOWS\BricoPackFoldersDelete.cmd

2007-06-28 20:48 --------- d-------- C:\Program Files\Common Files\Nero

2007-06-28 20:46 --------- d-------- C:\Program Files\Common Files\Ahead

2007-06-28 20:46 --------- d-------- C:\Program Files\Ahead

2007-06-28 20:35 82380 --a------ C:\WINDOWS\system32\drivers\AFS2K.SYS

2007-06-28 20:35 --------- d-------- C:\Program Files\Hewlett-Packard

2007-06-28 20:33 --------- d-------- C:\Program Files\HP

2007-06-28 19:08 --------- d-------- C:\Program Files\Common Files\SpeechEngines

2007-06-28 19:08 --------- d-------- C:\Program Files\Common Files\ODBC

2007-06-28 18:40 --------- d-------- C:\DOCUME~1\Konrad\DANEAP~1\Talkback

2007-06-28 18:25 --------- d-------- C:\DOCUME~1\Konrad\DANEAP~1\TuneUp Software

2007-06-28 18:20 --------- d-------- C:\Program Files\Creative

2007-06-28 18:01 --------- d-------- C:\Program Files\Messenger

2007-06-28 17:49 --------- d-------- C:\Program Files\Thomson

2007-06-28 17:49 --------- d-------- C:\Program Files\Common Files\InstallShield

2007-06-28 17:27 2426 --a------ C:\WINDOWS\pchealth\helpctr\PackageStore\SkuStore.bin

2007-06-28 17:26 8972 --a------ C:\WINDOWS\pchealth\helpctr\Config\Cntstore.bin

2007-06-28 17:17 0 -rahs---- C:\MSDOS.SYS

2007-06-28 17:17 0 -rahs---- C:\IO.SYS

2007-06-28 17:17 0 --a------ C:\CONFIG.SYS

2007-06-28 17:17 0 --a------ C:\AUTOEXEC.BAT

2007-06-28 17:15 --------- d-------- C:\Program Files\Common Files\MSSoap

2007-06-28 17:13 --------- d-------- C:\Program Files\Windows NT

2007-06-28 17:13 --------- d-------- C:\Program Files\MSN Gaming Zone

2007-06-07 21:10 20480 --a------ C:\WINDOWS\system32\ac3config.exe

--------- C:\Program Files\Usługi online

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

“UpdReg”=“C:\WINDOWS\UpdReg.EXE” [2000-05-11 01:00]

“SpeedTouch USB Diagnostics”=“C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe” [2004-01-26 11:38]

“P17Helper”=“P17.dll” [2005-05-03 13:38 C:\WINDOWS\system32\P17.dll]

“nwiz”=“nwiz.exe” [2006-06-01 17:22 C:\WINDOWS\system32\nwiz.exe]

“NvMediaCenter”=“C:\WINDOWS\system32\NvMcTray.dll” [2006-06-01 17:22]

“NvCplDaemon”=“C:\WINDOWS\system32\NvCpl.dll” [2006-06-01 17:22]

“CTSysVol”=“C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe” [2005-02-15 16:10]

“RemoteControl”=“E:\Power DVD\PDVDServ.exe” [2005-01-12 03:01]

“DeviceDiscovery”=“C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe” [2003-05-21 18:37]

“kis”=“C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe” [2006-03-24 19:09]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

“AutoConnect”=“E:\AutoConnect\AutoConnect.exe” [2004-08-28 20:27]

“ctfmon.exe”=“C:\WINDOWS\system32\ctfmon.exe” [2004-08-04 00:44]

C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\

Adobe Reader Synchronizer.lnk - E:\Acrobat\Reader\AdobeCollabSync.exe [2006-10-23 01:01:00]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WBSrv]

E:\Stardock\OBJECT~1\WINDOW~1\wbsrv.dll 2007-03-05 16:36 140976 E:\Stardock\OBJECT~1\WINDOW~1\WbSrv.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]

“appinit_dlls”=wbsys.dll,C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]

“HP Component Manager”=“C:\Program Files\HP\hpcoretech\hpcmpmgr.exe”

“HPDJ Taskbar Utility”=C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe

“NeroFilterCheck”=C:\WINDOWS\system32\NeroCheck.exe

“HP Software Update”=“C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe”

R2 UxTuneUp;TuneUp Design Expansion;C:\WINDOWS\System32\svchost.exe -k netsvcs

R3 P17;Sound Blaster Audigy;C:\WINDOWS\system32\drivers\P17.sys

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs

UxTuneUp

Contents of the ‘Scheduled Tasks’ folder

2007-08-03 11:52:17 C:\WINDOWS\Tasks\1-Click Maintenance.job - E:\Tune up\SystemOptimizer.exe

**************************************************************************

catchme 0.3.1061 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2007-08-22 22:38:25

Windows 5.1.2600 Dodatek Service Pack 2 NTFS

scanning hidden processes …

scanning hidden autostart entries …

scanning hidden files …

scan completed successfully

hidden files: 0

**************************************************************************

Completion time: 2007-08-22 22:39:40

— E O F —

qrczak13 · 22 Sierpień 2007 21:31

Usuń folder.

Skan AVG AntySpyware 7.5 po update, wklej raport ze skanowania.

Kosmetyka:

Start > uruchom > msconfig > zakładka uruchamianie > możesz odznaczyć w\w.

Jeśli nie korzystasz z zaawansowanych usług tekstowych to je wyłącz:

Start > panel sterowania > opcje regionalne > języki > szczegóły > zaawansowane > zaptasz wyłącz zaawansowane usługi tekstowe.

Start > wszystkie programy > autostart > skasuj z prawokliku.

Możesz spróbować przeinstalować soft od netu.