Problem z plikami .exe & mulenie systemu/łącza internetowego

A wiec od pewnego czasu mam problem z windowsem xp oraz aplikacjami ktore probuje zainstalowac.

Mam nesotrade 2mb/s natomiast strasznie ona “muli” chodz nie ma zadnego obciazenia lacza. Tak samo jest z praca na windowsie (straszna lagoza chodz obciazenie procesora praktycznie 0 )

Po zainstalowaniu jakiegokolwiek programu, a potem gdy chce go uruchomic wyskakuje mi cos takiego:

http://img206.imageshack.us/img206/9529/bladnm5.jpg

Wszelkie antywirusy, antyspyware nie dzialaja… poprostu nie moge ich uruchomic.

Prosze o pomoc :frowning:

Daj loga z HijackThis. Specjaliści sprawdzą go.

no ale przeciez sam widzisz, nie moge wlaczyc hijackthis! :smiley: zobacz zdjecie, to sie dzieje po uruchomieniu tego programu

Przecież nie może…

Wejdź w tryb awaryjny i sprawdź czy sie da

a wiec uruchamiam w trybie awaryjnym, wyskakuje ze laduje jakis plik SPTD czy jakos tak, wszystko ladnie, za chwile restart systemu… no i wszystko od nowa

Spróbuj ściągnąć wersję z rozszerzeniem .com i ją uruchomić: http://www.searchengines.pl/index.php?s … entry86757

Link bezpośrednio do pliku: http://www.searchengines.pl/phpbb203/pl … ckthis.com

Logi:

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 15:25:02, on 2008-05-31

Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Boot mode: Normal


Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe

C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe

C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe

C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe

C:\PROGRA~1\NEOSTR~1\CnxMon.exe

C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe

C:\PROGRA~1\NEOSTR~1\TaskbarIcon.exe

C:\Program Files\Skype\Phone\Skype.exe

C:\Program Files\Gadu-Gadu\gg.exe

C:\Program Files\Winamp Remote\bin\OrbTray.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Logitech\SetPoint\SetPoint.exe

C:\Program Files\Common Files\Logitech\KHAL\KHALMNPR.EXE

C:\Program Files\Skype\Plugin Manager\skypePM.exe

C:\PROGRA~1\NEOSTR~1\NeostradaTP.exe

C:\PROGRA~1\NEOSTR~1\ComComp.exe

C:\PROGRA~1\NEOSTR~1\Watch.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Documents and Settings\Piku\Pulpit\hijackthis.com


R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://szukaj.wp.pl

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.neostrada.pl

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Neostrada TP

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza

R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\NEOSTR~1\SEARCH~1.DLL

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll

O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.3.19.dll

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll

O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll

O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"

O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min

O4 - HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\NEOSTR~1\CnxMon.exe

O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon

O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\NEOSTR~1\Watch.exe

O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\NEOSTR~1\TaskbarIcon.exe

O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"

O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent

O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized

O4 - HKCU\..\Run: [EdHTML] C:\Program Files\Binboy\EdHTMLv5.0\EdHTML.exe /none

O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe

O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

O4 - HKCU\..\Run: [Gadu-Gadu] "C:\Program Files\Gadu-Gadu\gg.exe" /tray

O4 - HKCU\..\Run: [Orb] "C:\Program Files\Winamp Remote\bin\OrbTray.exe" /background

O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'USŁUGA LOKALNA')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'USŁUGA SIECIOWA')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')

O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe

O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe

O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe

O8 - Extra context menu item: &Winamp Search - C:\Documents and Settings\All Users\Dane aplikacji\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html

O8 - Extra context menu item: Download all links using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm

O8 - Extra context menu item: Download all videos using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm

O8 - Extra context menu item: Download link using &BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm

O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O9 - Extra button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll

O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll

O17 - HKLM\System\CCS\Services\Tcpip\..\{250D4EC5-47E7-41DE-B4EF-814847040B13}: NameServer = 194.204.152.34 217.98.63.164

O17 - HKLM\System\CS3\Services\Tcpip\..\{250D4EC5-47E7-41DE-B4EF-814847040B13}: NameServer = 194.204.152.34 217.98.63.164

O18 - Protocol: bw+0 - {A94C313B-EAE3-443A-9591-73D06466377F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw+0s - {A94C313B-EAE3-443A-9591-73D06466377F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw-0 - {A94C313B-EAE3-443A-9591-73D06466377F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw-0s - {A94C313B-EAE3-443A-9591-73D06466377F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw00 - {A94C313B-EAE3-443A-9591-73D06466377F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw00s - {A94C313B-EAE3-443A-9591-73D06466377F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw10 - {A94C313B-EAE3-443A-9591-73D06466377F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw10s - {A94C313B-EAE3-443A-9591-73D06466377F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw20 - {A94C313B-EAE3-443A-9591-73D06466377F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw20s - {A94C313B-EAE3-443A-9591-73D06466377F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw30 - {A94C313B-EAE3-443A-9591-73D06466377F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw30s - {A94C313B-EAE3-443A-9591-73D06466377F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw40 - {A94C313B-EAE3-443A-9591-73D06466377F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw40s - {A94C313B-EAE3-443A-9591-73D06466377F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw50 - {A94C313B-EAE3-443A-9591-73D06466377F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw50s - {A94C313B-EAE3-443A-9591-73D06466377F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw60 - {A94C313B-EAE3-443A-9591-73D06466377F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw60s - {A94C313B-EAE3-443A-9591-73D06466377F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw70 - {A94C313B-EAE3-443A-9591-73D06466377F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw70s - {A94C313B-EAE3-443A-9591-73D06466377F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw80 - {A94C313B-EAE3-443A-9591-73D06466377F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw80s - {A94C313B-EAE3-443A-9591-73D06466377F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw90 - {A94C313B-EAE3-443A-9591-73D06466377F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw90s - {A94C313B-EAE3-443A-9591-73D06466377F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwa0 - {A94C313B-EAE3-443A-9591-73D06466377F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwa0s - {A94C313B-EAE3-443A-9591-73D06466377F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwb0 - {A94C313B-EAE3-443A-9591-73D06466377F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwb0s - {A94C313B-EAE3-443A-9591-73D06466377F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwc0 - {A94C313B-EAE3-443A-9591-73D06466377F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwc0s - {A94C313B-EAE3-443A-9591-73D06466377F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwd0 - {A94C313B-EAE3-443A-9591-73D06466377F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwd0s - {A94C313B-EAE3-443A-9591-73D06466377F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwe0 - {A94C313B-EAE3-443A-9591-73D06466377F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwe0s - {A94C313B-EAE3-443A-9591-73D06466377F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwf0 - {A94C313B-EAE3-443A-9591-73D06466377F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwf0s - {A94C313B-EAE3-443A-9591-73D06466377F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll

O18 - Protocol: bwg0 - {A94C313B-EAE3-443A-9591-73D06466377F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwg0s - {A94C313B-EAE3-443A-9591-73D06466377F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwh0 - {A94C313B-EAE3-443A-9591-73D06466377F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwh0s - {A94C313B-EAE3-443A-9591-73D06466377F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwi0 - {A94C313B-EAE3-443A-9591-73D06466377F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwi0s - {A94C313B-EAE3-443A-9591-73D06466377F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwj0 - {A94C313B-EAE3-443A-9591-73D06466377F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwj0s - {A94C313B-EAE3-443A-9591-73D06466377F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwk0 - {A94C313B-EAE3-443A-9591-73D06466377F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwk0s - {A94C313B-EAE3-443A-9591-73D06466377F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwl0 - {A94C313B-EAE3-443A-9591-73D06466377F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwl0s - {A94C313B-EAE3-443A-9591-73D06466377F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwm0 - {A94C313B-EAE3-443A-9591-73D06466377F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwm0s - {A94C313B-EAE3-443A-9591-73D06466377F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwn0 - {A94C313B-EAE3-443A-9591-73D06466377F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwn0s - {A94C313B-EAE3-443A-9591-73D06466377F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwo0 - {A94C313B-EAE3-443A-9591-73D06466377F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwo0s - {A94C313B-EAE3-443A-9591-73D06466377F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwp0 - {A94C313B-EAE3-443A-9591-73D06466377F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwp0s - {A94C313B-EAE3-443A-9591-73D06466377F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwq0 - {A94C313B-EAE3-443A-9591-73D06466377F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwq0s - {A94C313B-EAE3-443A-9591-73D06466377F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwr0 - {A94C313B-EAE3-443A-9591-73D06466377F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwr0s - {A94C313B-EAE3-443A-9591-73D06466377F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bws0 - {A94C313B-EAE3-443A-9591-73D06466377F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bws0s - {A94C313B-EAE3-443A-9591-73D06466377F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwt0 - {A94C313B-EAE3-443A-9591-73D06466377F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwt0s - {A94C313B-EAE3-443A-9591-73D06466377F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwu0 - {A94C313B-EAE3-443A-9591-73D06466377F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwu0s - {A94C313B-EAE3-443A-9591-73D06466377F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwv0 - {A94C313B-EAE3-443A-9591-73D06466377F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwv0s - {A94C313B-EAE3-443A-9591-73D06466377F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bww0 - {A94C313B-EAE3-443A-9591-73D06466377F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bww0s - {A94C313B-EAE3-443A-9591-73D06466377F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwx0 - {A94C313B-EAE3-443A-9591-73D06466377F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwx0s - {A94C313B-EAE3-443A-9591-73D06466377F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwy0 - {A94C313B-EAE3-443A-9591-73D06466377F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwy0s - {A94C313B-EAE3-443A-9591-73D06466377F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwz0 - {A94C313B-EAE3-443A-9591-73D06466377F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwz0s - {A94C313B-EAE3-443A-9591-73D06466377F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: offline-8876480 - {A94C313B-EAE3-443A-9591-73D06466377F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe

O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe

O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe

O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Apache Software Foundation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe

O23 - Service: ForceWare IP service (nSvcIp) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe

O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe

O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe


--

End of file - 19841 bytes

W dniu 31.05.2008 , o godzinie 16:06 został dopisany post przez Piku

pomozcie bo ja juz trace nerwy… z tym pc =/

Log Ok

Piku , przetestuj pamięć za pomocą memtest86.

ja bym wyczyścił rejestr oraz przeskanowała kompa jakimś skanerem online

Oo najlepiej jeszcze przejrzyj system tym …

SysInspector

http://dobreprogramy.pl/index.php?dz=2& … or+1.1.1.0

Czy jesteś w stanie uruchomić notatnik i edytor rejestru (start->uruchom i tam regedit)? Jeżeli, tak to można spróbować naprawy z rejestru.

Piku , Proszę o zmianę tytułu na bardziej konkretny.

Użyj opcji zmien.gif

Pomocne może być zapoznanie się z TYMI informacjami.

Ponadto na forum obowiązuje używanie polskiej pisowni (włączając w to

znaki typu ą, ś, ć, ł, ó itd). Zastosuj się proszę do tej zasady i

popraw błędy. W przeciwnym wypadku temat może zostać usunięty.

chyba wszystkie metody probowalem ktore mi poleciliscie ale zadna nie wypalila… nie wiem co jest =/

Popraw to o co Ciebie Moderator prosił (w tym polskie literki)

Potem odpowiedz mi, czy Masz dostęp do windowsoskiego notatnika? Po drugie, czy możesz wypakowywać pliki?

owszem mam dostep do notatnika/regedit. A pliki moge wypakowac jak sie “systemowi zachce” raz moge, a raz nie ( 5 razy probuje i wyskakuje error za 6 razem juz pojdzie)

<3 Microsoft

Windows Registry Editor Version 5.00


[HKEY_CLASSES_ROOT\.exe]

@="exefile"

"Content Type"="application/x-msdownload"


[HKEY_CLASSES_ROOT\.exe\PersistentHandler]

@="{098f2470-bae0-11cd-b579-08002b30bfeb}"


[HKEY_CLASSES_ROOT\exefile]

@="Application"

"EditFlags"=hex:38,07,00,00

"TileInfo"="prop:FileDescription;Company;FileVersion"

"InfoTip"="prop:FileDescription;Company;FileVersion;Create;Size"


[HKEY_CLASSES_ROOT\exefile\DefaultIcon]

@="%1"


[HKEY_CLASSES_ROOT\exefile\shell]


[HKEY_CLASSES_ROOT\exefile\shell\open]

"EditFlags"=hex:00,00,00,00


[HKEY_CLASSES_ROOT\exefile\shell\open\command]

@="\"%1\" %*"


[HKEY_CLASSES_ROOT\exefile\shell\runas]


[HKEY_CLASSES_ROOT\exefile\shell\runas\command]

@="\"%1\" %*"


[HKEY_CLASSES_ROOT\exefile\shellex]


[HKEY_CLASSES_ROOT\exefile\shellex\DropHandler]

@="{86C86720-42A0-1069-A2E8-08002B30309D}"


[HKEY_CLASSES_ROOT\exefile\shellex\PropertySheetHandlers]


[HKEY_CLASSES_ROOT\exefile\shellex\PropertySheetHandlers\PEAnalyser]

@="{09A63660-16F9-11d0-B1DF-004F56001CA7}"


[HKEY_CLASSES_ROOT\exefile\shellex\PropertySheetHandlers\PifProps]

@="{86F19A00-42A0-1069-A2E9-08002B30309D}"


[HKEY_CLASSES_ROOT\exefile\shellex\PropertySheetHandlers\ShimLayer Property Page]

@="{513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8}"

wklej to do notatnika, zapisz jako fix_exe.reg

Kliknij na tym dwa razy i scal z rejestrem. Uruchom komputer ponownie.

Piku rejestr można naprawić również spod konsoli odzyskiwania lub jest jeszcze inna metoda, przyjemniejsza.

Ściągnij DiskInternals Boot CD, utwórz dysk ratunkowy CD ze środowiskiem WinPE (oprócz tego potrzebna będzie płytka instalacyjna systemu). Po utworzeniu tego pięknie można odzyskać rejestr i dokonać niezbędnych napraw. Łatwo, szybko i przyjemnie, a płytka może okazać się w przyszłości niezwykle przydatna.

Windows Registry Editor Version 5.00


[HKEY_CLASSES_ROOT\.lnk]

@="lnkfile"


[HKEY_CLASSES_ROOT\.lnk\ShellEx]


[HKEY_CLASSES_ROOT\.lnk\ShellEx\{000214EE-0000-0000-C000-000000000046}]

@="{00021401-0000-0000-C000-000000000046}"


[HKEY_CLASSES_ROOT\.lnk\ShellEx\{000214F9-0000-0000-C000-000000000046}]

@="{00021401-0000-0000-C000-000000000046}"


[HKEY_CLASSES_ROOT\.lnk\ShellEx\{00021500-0000-0000-C000-000000000046}]

@="{00021401-0000-0000-C000-000000000046}"


[HKEY_CLASSES_ROOT\.lnk\ShellEx\{BB2E617C-0920-11d1-9A0B-00C04FC2D6C1}]

@="{00021401-0000-0000-C000-000000000046}"


[HKEY_CLASSES_ROOT\.lnk\ShellNew]

"Command"="rundll32.exe appwiz.cpl,NewLinkHere %1"


[HKEY_CLASSES_ROOT\lnkfile]

@="Shortcut"

"EditFlags"=dword:00000001

"IsShortcut"=""

"NeverShowExt"=""


[HKEY_CLASSES_ROOT\lnkfile\CLSID]

@="{00021401-0000-0000-C000-000000000046}"


[HKEY_CLASSES_ROOT\lnkfile\shellex]


[HKEY_CLASSES_ROOT\lnkfile\shellex\ContextMenuHandlers]


[HKEY_CLASSES_ROOT\lnkfile\shellex\ContextMenuHandlers\Offline Files]

@="{750fdf0e-2a26-11d1-a3ea-080036587f03}"


[HKEY_CLASSES_ROOT\lnkfile\shellex\ContextMenuHandlers\{00021401-0000-0000-C000-000000000046}]


[HKEY_CLASSES_ROOT\lnkfile\shellex\DropHandler]

@="{00021401-0000-0000-C000-000000000046}"


[HKEY_CLASSES_ROOT\lnkfile\shellex\IconHandler]

@="{00021401-0000-0000-C000-000000000046}"


[HKEY_CLASSES_ROOT\lnkfile\shellex\PropertySheetHandlers]


[HKEY_CLASSES_ROOT\lnkfile\shellex\PropertySheetHandlers\ShimLayer Property Page]

@="{513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8}"


[HKEY_CLASSES_ROOT\CLSID\{00021401-0000-0000-C000-000000000046}]

@="Shortcut"


[HKEY_CLASSES_ROOT\CLSID\{00021401-0000-0000-C000-000000000046}\InProcServer32]

@="shell32.dll"

"ThreadingModel"="Apartment"


[HKEY_CLASSES_ROOT\CLSID\{00021401-0000-0000-C000-000000000046}\PersistentAddinsRegistered]


[HKEY_CLASSES_ROOT\CLSID\{00021401-0000-0000-C000-000000000046}\PersistentAddinsRegistered\{89BCB740-6119-101A-BCB7-00DD010655AF}]

@="{00021401-0000-0000-C000-000000000046}"


[HKEY_CLASSES_ROOT\CLSID\{00021401-0000-0000-C000-000000000046}\PersistentHandler]

@="{00021401-0000-0000-C000-000000000046}"


[HKEY_CLASSES_ROOT\CLSID\{00021401-0000-0000-C000-000000000046}\ProgID]

@="lnkfile"


[HKEY_CLASSES_ROOT\CLSID\{00021401-0000-0000-C000-000000000046}\shellex]


[HKEY_CLASSES_ROOT\CLSID\{00021401-0000-0000-C000-000000000046}\shellex\MayChangeDefaultMenu]

To samo dla plików z rozszerzeniem LNK: zapisz jako fix_lnk.reg

Jak nie pomoże, spróbuj metody Rokko

W sumie to nie powiedziałeś, czy memtest86 wykazał jakieś błędy? Przeskanowałeś dysk pod kątem bad sektorów?

Wszystkie objawy opisane przez Ciebie wskazują, że masz system zainfekowany rootkitem Bagle.

Pobierz ComboFix w następujący sposób: kliknij na link prawym klawiszem myszy >>> zapisz jako -> i zapisujesz narzędzie pod zmienioną nazwą np. abcd.exe

Uruchamiasz i dajesz log.