Pada system, komuter się sam wyłącza


(Alo) #1

Witam Mam ciągle problemy z tym moim kompem robie wszystko zgodnie "Optymalizacja....."a jednak ciągle komp sie zwiesza

Oto moj Code

Logfile of HijackThis v1.99.1

Scan saved at 19:31:12, on 2007-06-02

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16441)


Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Intel\Wireless\Bin\EvtEng.exe

C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe

C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe

C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe

C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe

C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe

C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

C:\WINDOWS\system32\spoolsv.exe

c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe

C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe

C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe

C:\Acer\Empowering Technology\admServ.exe

c:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe

C:\WINDOWS\eHome\ehRecvr.exe

C:\WINDOWS\eHome\ehSched.exe

C:\Program Files\Common Files\LightScribe\LSSrvc.exe

C:\Program Files\Norton AntiVirus\navapsvc.exe

C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\dllhost.exe

C:\WINDOWS\system32\rundll32.exe

C:\WINDOWS\ehome\ehtray.exe

C:\WINDOWS\eHome\ehmsas.exe

C:\Acer\Empowering Technology\eRecovery\Monitor.exe

C:\WINDOWS\RTHDCPL.EXE

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Acer\Empowering Technology\admtray.exe

C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe

C:\Program Files\Common Files\Symantec Shared\ccApp.exe

C:\DOCUME~1\ALEKSA~1\LOCALS~1\Temp\RtkBtMnt.exe

C:\WINDOWS\system32\rundll32.exe

C:\WINDOWS\system32\RUNDLL32.EXE

C:\Acer\Empowering Technology\ePower\ePower_DMC.exe

C:\PROGRA~1\LAUNCH~1\LManager.exe

C:\WINDOWS\system32\LVCOMSX.EXE

C:\WINDOWS\system32\wbem\unsecapp.exe

C:\Program Files\Acer\OrbiCam\CameraAssistant.exe

C:\WINDOWS\system32\ElkCtrl.exe

C:\Program Files\Winamp\winampa.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Program Files\Common Files\Real\Update_OB\realsched.exe

C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe

C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Gadu-Gadu\gg.exe

C:\Program Files\Skype\Phone\Skype.exe

C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe

C:\Program Files\WinZip\WZQKPICK.EXE

C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE

C:\Program Files\Skype\Plugin Manager\skypePM.exe

C:\PROGRA~1\NORTON~1\navw32.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Documents and Settings\Aleksandra Szymanek\Desktop\HijackThis.exe

C:\Program Files\Messenger\msmsgs.exe

C:\Program Files\Symantec\LiveUpdate\AUpdate.exe

C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE

C:\Program Files\Symantec\LiveUpdate\LuCallbackProxy.exe

C:\Program Files\Symantec\LiveUpdate\LuCallbackProxy.exe


R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://uk.rd.yahoo.com/customize/ycomp/defaults/sp/*http://uk.yahoo.com

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://uk.rd.yahoo.com/customize/ycomp/defaults/su/*http://uk.yahoo.com

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/

R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll

O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton AntiVirus\NavShExt.dll

O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll

O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton AntiVirus\NavShExt.dll

O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe

O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe

O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe

O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent

O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe

O4 - HKLM\..\Run: [LaunchApp] Alaunch

O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE

O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE

O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe

O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM\..\Run: [ntiMUI] C:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe

O4 - HKLM\..\Run: [ADMTray.exe] "C:\Acer\Empowering Technology\admtray.exe"

O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe

O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32

O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC

O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC

O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName

O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [ePower_DMC] C:\Acer\Empowering Technology\ePower\ePower_DMC.exe

O4 - HKLM\..\Run: [Acer ePower Management] C:\Acer\Empowering Technology\ePower\Acer ePower Management.exe boot

O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe

O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\Monitor.exe

O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE

O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe /idle

O4 - HKLM\..\Run: [LogitechCameraAssistant] C:\Program Files\Acer\OrbiCam\CameraAssistant.exe

O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Program Files\Acer\OrbiCam\InstallHelper.exe /inspect

O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINDOWS\system32\ElkCtrl.exe /automation

O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"

O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot

O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized

O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [Gadu-Gadu] "C:\Program Files\Gadu-Gadu\gg.exe" /tray

O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized

O4 - HKCU\..\Run: [updateMgr] c:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9

O4 - Startup: ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE

O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe

O4 - Global Startup: BTTray.lnk = ?

O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe

O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE

O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

O8 - Extra context menu item: Wyślij do urządzenia &Bluetooth... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll

O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL

O9 - Extra button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O11 - Options group: [INTERNATIONAL] International*

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1176557520406

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll

O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll

O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll

O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe

O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe

O23 - Service: AdminWorks Agent X6 (AWService) - Avocent Inc. - C:\Acer\Empowering Technology\admServ.exe

O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - c:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe

O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe

O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe

O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe

O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE

O23 - Service: LiveUpdate Notice Service - Unknown owner - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifEng.dll (file missing)

O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech - c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe

O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe

O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe

O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe

O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)

O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe

O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe

O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe

O23 - Service: SPBBCSvc - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe

O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

Z góry dziękuję

Ola

EDIT

Ola , proszę ...wklejane logi zawsze obejmuj znacznikiami

lub


(Heniu133) #2

Log ok.

Poczytaj o zbędnikach w autostarcie.

Możesz dać jeszcze SilentRunners.


(Alo) #3

jejku z trudem wchodzę w system sama już nie wiem co robić naprawa błedów trwa 40 minut a jak już jestem w windows to poprostu mam zawias.


(Gutek) #4

Daj log z Combofix


(Alo) #5

jeśli dobrze to zrobiłam to będzie taki

"Aleksandra Szymanek" - 2007-06-03 19:02:45 Service Pack 2

ComboFix 07-05.27.BV - Running from: "C:\Documents and Settings\ALEKSA~1\Desktop\"

((((((((((((((((((((((((((((((( Files Created from 2007-05-03 to 2007-06-03 ))))))))))))))))))))))))))))))))))

2007-06-03 19:01 49,152 --a------ C:\WINDOWS\nircmd.exe

2007-06-02 20:26

2007-06-02 19:52

2007-05-14 16:54

2007-05-14 16:42 25,992 --a------ C:\WINDOWS\system32\pgdfgsvc.exe

2007-05-14 15:47 3,968 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys

2007-05-14 15:42

2007-05-13 23:26

2007-05-12 22:52

2007-05-11 09:49

2007-05-11 09:49

2007-05-11 09:49

2007-05-11 09:48

2007-05-11 08:00 9,464 --------- C:\WINDOWS\system32\drivers\cdralw2k.sys

2007-05-11 08:00 9,336 --------- C:\WINDOWS\system32\drivers\cdr4_xp.sys

2007-05-11 08:00 129,784 --------- C:\WINDOWS\system32\pxafs.dll

2007-05-11 08:00

2007-05-11 08:00

2007-05-05 08:46 25,856 --a------ C:\WINDOWS\system32\drivers\usbprint.sys

(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))

2007-06-03 16:17:20 -------- d-----w C:\DOCUME~1\ALEKSA~1\APPLIC~1\Skype

2007-06-03 09:33:17 -------- d-----w C:\Program Files\Gadu-Gadu

2007-06-03 08:47:11 -------- d-----w C:\Program Files\Common Files\Symantec Shared

2007-05-25 16:58:04 1,277 ----a-w C:\WINDOWS\mozver.dat

2007-05-02 20:57:06 -------- d-----w C:\DOCUME~1\ALEKSA~1\APPLIC~1\Lavasoft

2007-05-02 20:56:55 -------- d-----w C:\Program Files\Lavasoft

2007-05-02 20:56:21 -------- d-----w C:\Program Files\Common Files\Wise Installation Wizard

2007-05-02 20:49:44 -------- d-----w C:\Program Files\Adware Away

2007-05-02 18:20:59 12 ----a-w C:\WINDOWS\bthservsdp.dat

2007-05-02 17:36:24 -------- d-----w C:\Program Files\Support Tools

2007-04-29 15:59:40 48,776 ----a-w C:\WINDOWS\system32\S32EVNT1.DLL

2007-04-29 15:59:40 115,000 ----a-w C:\WINDOWS\system32\drivers\SYMEVENT.SYS

2007-04-21 19:05:02 -------- d-----w C:\Program Files\Windows Media Connect 2

2007-04-21 18:36:02 -------- d-----w C:\DOCUME~1\ALEKSA~1\APPLIC~1\MSNInstaller

2007-04-21 14:16:16 0 ----a-w C:\WINDOWS\nsreg.dat

2007-04-21 13:11:28 -------- d-----w C:\Program Files\Leksykonia

2007-04-21 12:09:12 -------- d-----w C:\Program Files\Microsoft.NET

2007-04-21 11:19:24 -------- d-----w C:\DOCUME~1\ALEKSA~1\APPLIC~1\Gadu-Gadu

2007-04-20 22:19:34 -------- d-----w C:\DOCUME~1\ALEKSA~1\APPLIC~1\Otto

2007-04-20 21:59:26 -------- d-----w C:\Program Files\MSN Messenger

2007-04-20 21:47:18 -------- d-----w C:\Program Files\Common Files\Skype

2007-04-20 21:47:04 -------- d-----w C:\Program Files\Skype

2007-04-19 07:41:28 -------- d-----w C:\Program Files\XviD

2007-04-19 07:39:48 -------- d-----w C:\Program Files\MarBit

2007-04-19 07:21:52 -------- d-----w C:\DOCUME~1\ALEKSA~1\APPLIC~1\CyberLink

2007-04-18 16:12:23 2,854,400 ----a-w C:\WINDOWS\system32\msi.dll

2007-04-14 14:57:40 -------- d-----w C:\Program Files\MSXML 4.0

2007-04-14 13:26:02 -------- d-----w C:\Program Files\SAGEM

2007-04-14 13:17:38 -------- d-----w C:\Program Files\Yahoo!

2007-04-14 13:16:22 -------- d-----w C:\Program Files\Common Files\Logitech

2007-04-14 13:16:16 -------- d-----w C:\Program Files\Common Files\Acer

2007-04-14 13:16:06 -------- d-----w C:\Program Files\Acer

2007-04-14 13:13:12 -------- d-----w C:\Program Files\WinPCap

2007-04-14 13:12:52 21,275 ----a-w C:\WINDOWS\system32\drivers\AegisP.sys

2007-04-14 13:11:46 -------- d-----w C:\Program Files\Launch Manager

2007-04-14 13:04:42 -------- d-----w C:\Program Files\WIDCOMM

2007-04-14 13:04:36 -------- d-----w C:\DOCUME~1\ALEKSA~1\APPLIC~1\Symantec

2007-04-14 13:03:50 1,003 ----a-w C:\WINDOWS\CLEANUP.CMD

2007-04-14 12:53:20 62 ----a-w C:\WINDOWS\HotFix.bat

2007-03-28 16:51:54 538,256 ----a-w C:\WINDOWS\system32\SymNeti.dll

2007-03-28 16:51:52 161,424 ----a-w C:\WINDOWS\system32\SymRedir.dll

2007-03-17 13:43:02 292,864 ----a-w C:\WINDOWS\system32\winsrv.dll

2007-03-08 15:36:28 577,536 ----a-w C:\WINDOWS\system32\user32.dll

2007-03-08 15:36:28 40,960 ----a-w C:\WINDOWS\system32\mf3216.dll

2007-03-08 15:36:28 281,600 ----a-w C:\WINDOWS\system32\gdi32.dll

2007-03-08 13:47:48 1,843,584 ----a-w C:\WINDOWS\system32\win32k.sys

(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))

*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects]

{02478D38-C3F9-4EFB-9B51-7695ECA05670}=C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2006-09-06 10:09]

{22BF413B-C6D2-4d91-82A9-A0F997BA588C}=C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL [2007-03-30 13:31]

{53707962-6F74-2D53-2644-206D7942484F}=C:\Program Files\Spybot - Search & Destroy\SDHelper.dll [2005-05-31 01:04]

{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}=C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll [2007-03-14 03:43]

{A8F38D8D-E480-4D52-B7A2-731BB6995FDD}=C:\Program Files\Norton AntiVirus\NavShExt.dll [2007-04-02 19:19]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"BluetoothAuthenticationAgent"="bthprops.cpl" [2004-08-04 00:56 C:\WINDOWS\system32\bthprops.cpl]

"LaunchApp"="Alaunch" []

"RTHDCPL"="RTHDCPL.EXE" []

"SkyTel"="SkyTel.EXE" []

"AzMixerSel"="C:\Program Files\Realtek\InstallShield\AzMixerSel.exe" [2005-12-21 15:02]

"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2006-03-03 13:07]

"ntiMUI"="C:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe" [2006-05-15 11:15]

"ADMTray.exe"="C:\Acer\Empowering Technology\admtray.exe" [2005-10-24 16:45]

"eDataSecurity Loader"="C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe" [2005-12-27 15:50]

"ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [2007-01-22 22:19]

"nwiz"="nwiz.exe" [2006-07-19 21:58 C:\WINDOWS\system32\nwiz.exe]

"ePower_DMC"="C:\Acer\Empowering Technology\ePower\ePower_DMC.exe" [2006-08-10 19:29]

"Acer ePower Management"="C:\Acer\Empowering Technology\ePower\Acer ePower Management.exe" [2006-05-22 12:54]

"LManager"="C:\PROGRA~1\LAUNCH~1\LManager.exe" [2006-07-20 22:15]

"eRecoveryService"="C:\Acer\Empowering Technology\eRecovery\Monitor.exe" [2006-01-24 18:00]

"WarReg_PopUp"="C:\Acer\WR_PopUp\WarReg_PopUp.exe" [2006-09-23 13:08]

"LogitechCameraAssistant"="C:\Program Files\Acer\OrbiCam\CameraAssistant.exe" [2006-06-26 15:47]

"LogitechVideo[inspector]"="C:\Program Files\Acer\OrbiCam\InstallHelper.exe" [2006-06-26 15:55]

"Symantec PIF AlertEng"="C:\Program Files\Common Files\Symantec Shared\PIF{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [2007-03-12 18:30]

"WinampAgent"="C:\Program Files\Winamp\winampa.exe" [2007-04-25 17:44]

"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2007-05-11 09:49]

"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2006-10-07 14:20]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-10 20:00]

"Gadu-Gadu"="C:\Program Files\Gadu-Gadu\gg.exe" [2007-04-19 17:43]

"Skype"="C:\Program Files\Skype\Phone\Skype.exe" [2007-03-30 13:47]

"updateMgr"="c:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [2006-03-30 16:45]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runonce]

"combofix"=C:\WINDOWS\system32\cmd.exe /c C:\ComboFix\Combobatch.bat

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles

"InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]

"{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll" [2006-09-28 16:13]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

bthsvcs BthServ

HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost *netsvcs*

Contents of the 'Scheduled Tasks' folder

2007-06-01 18:00:00 C:\WINDOWS\tasks\Norton AntiVirus - Run Full System Scan - Aleksandra Szymanek.job

********************************************************************

catchme 0.3.692 W2K/XP/Vista - userland rootkit detector by Gmer, http://www.gmer.net

Rootkit scan 2007-06-03 19:03:22

Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully

hidden files: 0

********************************************************************

[HKEY_LOCAL_MACHINE\system\ControlSet004\Services\BTHPORT\Parameters\Services{00001000-0000-1000-8000-00805f9b34fb}]

[HKEY_LOCAL_MACHINE\system\ControlSet004\Services\BTHPORT\Parameters\Services{00001115-0000-1000-8000-00805f9b34fb}]

Completion time: 2007-06-03 19:03:55

C:\ComboFix-quarantined-files.txt ... 2007-06-03 19:03

C:\ComboFix2.txt ... 2007-06-03 19:01

--- E O F ---


(Gutek) #6

Czyszczenie rejestru:

RegCleaner - http://www.dobreprogramy.pl/index.php?dz=2&t=29&id=177

możesz rejestr przelecieć albo

jv16 PowerTools - http://www.dobreprogramy.pl/index.php?dz=2&t=29&id=509


(Alo) #7

No zainstalowałam ten pierwszy ale nie za bardzo wiem co z tym zrobić

Gutku pomożesz?


(Gutek) #8

Zobacz - http://www.agavk.p9.pl/strony/progra_regcleaner.php :slight_smile:


(Alo) #9

No zrobiłam

Ale mam pytanie ?dlaczego mi wszystko siada?komputer np działa 3 h a potem zawias. Reanimacja po czymś takim trwa cały dzień bo nie mogę dostać się do systemu ciągle jest niebieski ekran pojawiający się na kilka sekund, komputer włącza sie i wyłącza.


(Darek131) #10

To już może nie być wina systemu. Może coś z podzespołami w jednostce.


(Heniu133) #11

Poczytaj Debugging Tools for Windows i pliki minidump i wklej pliki minidmp. Jak nie będzie tych plików to BlueScreen – wywoływanie i odczytywanie kodu błędu ze strony którą podałem (przepisz kod i opis pod nim).


(Alo) #12

No to piszę z drugiego koma bo do tego nie moge się dziś dostać

na blueScree jest coś takiego prawie po koniec

Technical information

***Stop 0x00000D1(0x0697D006, 0x00000002, 0x00000000, 0xF6C4638D)

***w39n51.sys- Adress F6C4638D base at F6C38000, DateStamp 443247b2

no a przed tym oczywiście długa informacja


(Heniu133) #13

w39n51.sys - to sterownik bezprzewodowej karty sieciowej.

Wejdź do > Konsoli odzyskiwania > daj komendę (po każdym enter):

disable w39n51

chkdsk /r (poczekaj aż sprawdzi)

exit


(Alo) #14

mowi ze nie widzi takiego pliku


(Heniu133) #15

Nie widzi, czy może "nie znaleziono wpisu rejestru dla usługi w39n51"?

To daj komendę listsvc i poszukaj sterownika od wi-fi.

A tą komendę wpisałaś? Jakieś błędy znalazł?

Komp nadal nie może powstać?


(Alo) #16

no moze w ta strone

jak tu czytam to musze utworzyc konsole odzyskiwania z plytka CD a mam tylko jakas backupowa komenda na tworzenia konsoli nie wchodzi .

ta komede na disable w39n51 w normalnym oknie start>uruchom mowi ze nie widzi takiego pliku bo go nie ma albo jest zle wpisany

jesli chodzi o chkdsk /r to czysto

ja nie wiem czy to ma zwiazek ale komp chodzil ladnie i w momencie kiedy sie podlaczylam tu w manchesterze do internetu to pojawila mi sie ikonka blad systemu windows a pozniej cos o niezgodnosc adresow IP

start>uruchom liustsvc nie widzi takiego pliku