michu1436
(Jakus 143)
10 Listopad 2009 17:23
#1
Log
Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 18:12:57, on 2009-11-10 Platform: Windows XP Dodatek SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16762) Boot mode: Normal Prośba Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe E:\Program Files\Alwil Software\Avast4\aswUpdSv.exe E:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe C:\Program Files\Google\Update\1.2.183.13\GoogleCrashHandler.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\WINDOWS\system32\PnkBstrA.exe C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe E:\Program files\Virtual CD v9\System\VC9SecS.exe E:\Program Files\Alwil Software\Avast4\ashMaiSv.exe E:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\Program Files\iPod\bin\iPodService.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\RTHDCPL.EXE C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe C:\Program Files\Nero\Nero 7\InCD\InCD.exe C:\Program Files\Java\jre6\bin\jusched.exe E:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb08.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe E:\Program Files\Virtual CD v9\System\VC9Play.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe E:\Program Files\Virtual CD v9\System\VC9Tray.exe E:\Program files\roketek\RocketDock.exe E:\Program Files\Spybot - Search & Destroy\TeaTimer.exe E:\Program files\Stardock\ObjectDock\ObjectDock.exe E:\Program files\Mozilla Firefox\firefox.exe C:\Program Files\Nowe Gadu-Gadu\gg.exe C:\Program Files\Nowe Gadu-Gadu\spellchecker_gg.exe E:\Program files\Steam\Steam.exe C:\Documents and Settings\Michał-Admin\Documents\Pobieranie\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.theprizeday.com/today.php R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza R3 - URLSearchHook: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net \tbfre0.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - E:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com \GenericAskToolbar.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: Google Gears Helper - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.33.0\gears.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O2 - BHO: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net \tbfre0.dll O2 - BHO: IEPluginBHO - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Documents and Settings\Michał-Admin\Dane aplikacji\Nowe Gadu-Gadu_userdata\ggbho.1.dll O3 - Toolbar: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net \tbfre0.dll O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll O3 - Toolbar: @msdxmLC.dll ,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\Program Files\No1 Video Converter\msdxm.ocx O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com \GenericAskToolbar.dll O4 - HKLM…\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM…\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM…\Run: [AlcWzrd] ALCWZRD.EXE O4 - HKLM…\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM…\Run: [GEST] m‘|\ü O4 - HKLM…\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe O4 - HKLM…\Run: [securDisc] C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe O4 - HKLM…\Run: [inCD] C:\Program Files\Nero\Nero 7\InCD\InCD.exe O4 - HKLM…\Run: [sunJavaUpdateSched] “C:\Program Files\Java\jre6\bin\jusched.exe” O4 - HKLM…\Run: [Adobe Reader Speed Launcher] “C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe” O4 - HKLM…\Run: [avast!] E:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM…\Run: [QuickTime Task] “C:\Program Files\QuickTime\QTTask.exe” -atboottime O4 - HKLM…\Run: [iTunesHelper] “C:\Program Files\iTunes\iTunesHelper.exe” O4 - HKLM…\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe O4 - HKLM…\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb08.exe O4 - HKLM…\Run: [DeviceDiscovery] C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe O4 - HKLM…\Run: [speedTouch USB Diagnostics] “C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe” /icon O4 - HKLM…\Run: [Windows Media Connect 2] “C:\Program Files\Windows Media Connect 2\WMCCFG.exe” /StartQuiet O4 - HKLM…\Run: [VC9Player] E:\Program Files\Virtual CD v9\System\VC9Play.exe O4 - HKLM…\Run: [amd_dc_opt] C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe O4 - HKLM…\Run: [startCCC] “C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe” MSRun O4 - HKCU…\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU…\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden O4 - HKCU…\Run: [Nowe Gadu-Gadu] “C:\Program Files\Nowe Gadu-Gadu\gg.exe” O4 - HKCU…\Run: [AlcoholAutomount] “C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe” /automount O4 - HKCU…\Run: [Komunikator] E:\Program Files\Tlen.pl\tlen.exe O4 - HKCU…\Run: [EA Core] “C:\Program Files\Electronic Arts\EADM\Core.exe” -silent O4 - HKCU…\Run: [RocketDock] “E:\Program files\roketek\RocketDock.exe” O4 - HKCU…\Run: [smileyApp] C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.4.23050\stbapp.exe O4 - HKCU…\Run: [spybotSD TeaTimer] E:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU…\Run: [steam] “E:\Program Files\Steam\Steam.exe” -silent O4 - HKUS\S-1-5-19…\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘USŁUGA LOKALNA’) O4 - HKUS\S-1-5-20…\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘USŁUGA SIECIOWA’) O4 - HKUS\S-1-5-21-1078081533-1606980848-839522115-1003…\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User ‘Michał’) O4 - HKUS\S-1-5-18…\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘SYSTEM’) O4 - HKUS.DEFAULT…\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘Default user’) O4 - S-1-5-21-1078081533-1606980848-839522115-1003 Startup: OpenOffice.ux.pl 3.0.lnk = C:\Program Files\OpenOffice.ux.pl 3\program\quickstart.exe (User ‘Michał’) O4 - S-1-5-21-1078081533-1606980848-839522115-1003 User Startup: OpenOffice.ux.pl 3.0.lnk = C:\Program Files\OpenOffice.ux.pl 3\program\quickstart.exe (User ‘Michał’) O4 - Startup: hamachi.lnk = C:\Program Files\Hamachi\hamachi.exe O4 - Startup: Stardock ObjectDock.lnk = E:\Program files\Stardock\ObjectDock\ObjectDock.exe O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://E:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.33.0\gears.dll O9 - Extra ‘Tools’ menuitem: Ustawienia wtyczki &Gears - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.33.0\gears.dll O9 - Extra button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - E:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra ‘Tools’ menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - E:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra ‘Tools’ menuitem: @xpsp3res.dll ,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra ‘Tools’ menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windows … 9590452609 O17 - HKLM\System\CCS\Services\Tcpip…{0A220526-227D-4A76-BFE5-8B1AE9B8B500}: NameServer = 213.241.79.38,213.241.79.37 O17 - HKLM\System\CCS\Services\Tcpip…{A7B9EE12-2FBD-4165-BE65-3ABF1F680A9D}: NameServer = 83.238.255.76 213.241.79.37 O17 - HKLM\System\CS2\Services\Tcpip…{0A220526-227D-4A76-BFE5-8B1AE9B8B500}: NameServer = 213.241.79.38,213.241.79.37 O17 - HKLM\System\CS3\Services\Tcpip…{0A220526-227D-4A76-BFE5-8B1AE9B8B500}: NameServer = 213.241.79.38,213.241.79.37 O17 - HKLM\System\CS4\Services\Tcpip…{0A220526-227D-4A76-BFE5-8B1AE9B8B500}: NameServer = 213.241.79.38,213.241.79.37 O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - E:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: avast! Antivirus - ALWIL Software - E:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - E:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - E:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Dragon Age: Origins - Content Updater (DAUpdaterSvc) - BioWare - E:\Games\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe O23 - Service: Usługa Google Update (gupdate1c9e544e6f39b12) (gupdate1c9e544e6f39b12) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe O23 - Service: Usługa iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: Nero Registry InCD Service (NeroRegInCDSrv) - Unknown owner - C:\Program Files\Nero\Nero 7\InCD\NBHRegInCDSrv.exe (file missing) O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe O23 - Service: Sukoku Service - Unknown owner - C:\Documents and Settings\All Users\Dane aplikacji\Sukoku\sukoku119.exe (file missing) O23 - Service: Virtual CD v9 Management Service (VC9SecS) - H+H Software GmbH - E:\Program files\Virtual CD v9\System\VC9SecS.exe – End of file - 13745 bytes
Głównie to mi się wiesza co jakiś czas Modern Warfare 2. Raz po 5 minutach gry, raz po 3 godzinach. Też dosyć często mi zwalnia internet. Mam 2MB/s Netia.
Komp
AMD Phenom 9550 Quad-Core 2.21Ghz
4GB ram
ATI Radeon HD 4800 Series
Zacinanie się gier tylko i wyłącznie przez steam. Proszę o pomoc.
ciemnowidz
(Henio Mazurek)
11 Listopad 2009 05:54
#2
Wklej logi z wymienionych niżej narzędzi:
OTL , uruchom program i pod Custom Scans/Fixes wklej
Następnie przestaw Processes i Modules na All, kliknij Run Scan , wklej log który powstanie ( OTL.txt ) + log Extras.txt który powstanie jako drugi.
GMER , zakładka Rootkit/Malware , klikasz Szukaj , po skanie Kopiuj lub Zapisz .
System Repair Engineer , instrukcja w linku.
Logi wklej na wklejto.pl a tutaj tylko link do wklejki.
michu1436
(Jakus 143)
11 Listopad 2009 17:07
#3
ciemnowidz
(Henio Mazurek)
11 Listopad 2009 17:45
#4
Pourywane te logi. Do odinstalowania toolbary Ask + free download i bonjour
http://www.searchengines.pl/Jak-usunac- … 03177.html
W dolne białe okno OTL wklej
Kliknij Run Fix . Pokaż log z usuwania i nowy, robiony z opcji Run Scan .
michu1436
(Jakus 143)
13 Listopad 2009 19:00
#5
Przeinstalowałem system. Zauważyłem, że gry się zacinają po dłuższej grze. Cz może to być spowodowane zasilaczem?.