kajtek666
(Kajtek666)
19 Lipiec 2006 07:28
#1
Witam ponownie
Mam ogromny problem z komputerem w pracy przez co uniemożliwia mi on praktycznie wykonywanie moich zajęć. System operacyjny Win98.
Problemy:
Za każdym razem gdy włączam komputer pokazuje się komunikat:
Na jednym lub kilku dyskach mogły pojawić się złe sektory. Naciśnij dowolny klawisz aby uruchomić program ScanDisc a analizą powierzchni.
Nie można skanowania pominąć gdyż komp się zawiesza. Zaznaczam przy tym, że za każdym razem zamykam komputer jak trzeba czyli przez Start-Zamknij. Taka sytuacja trwa już około 2 miesięcy.
Komputer chodzi bardzo wolno strony otwierają mi się nawet do kilku minut
Często jak próbuję otworzyć jaką stronę lub program to wyskakuje informacja, że program wykonał niepoprawną operację i nastąpi jego zamknięcie.
Wrzucam logi abyście mogli go sprawdzić.
Log z HijackThis
Logfile of HijackThis v1.99.1 Scan saved at 09:08:58, on 19.07.06 Platform: Windows 98 Gold (Win9x 4.10.1998) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\SYSTEM\KERNEL32.DLL C:\WINDOWS\SYSTEM\MSGSRV32.EXE C:\WINDOWS\SYSTEM\MPREXE.EXE C:\WINDOWS\SYSTEM\mmtask.tsk C:\WINDOWS\SYSTEM\MSTASK.EXE C:\WINDOWS\SYSTEM\KB891711\KB891711.EXE C:\PROGRAM FILES\F-SECURE\COMMON\FSMA32.EXE C:\PROGRAM FILES\F-SECURE\COMMON\FSMB32.EXE C:\PROGRAM FILES\F-SECURE\COMMON\FCH32.EXE C:\WINDOWS\EXPLORER.EXE C:\PROGRAM FILES\F-SECURE\COMMON\FNRB32.EXE C:\PROGRAM FILES\F-SECURE\COMMON\FAMEH32.EXE C:\PROGRAM FILES\F-SECURE\ANTI-VIRUS\FSGK32.EXE C:\PROGRAM FILES\F-SECURE\COMMON\FIH32.EXE C:\PROGRAM FILES\F-SECURE\ANTI-VIRUS\FSSM32.EXE C:\PROGRAM FILES\F-SECURE\ANTI-VIRUS\FSAV32.EXE C:\WINDOWS\TASKMON.EXE C:\WINDOWS\SYSTEM\INTERNAT.EXE C:\WINDOWS\SYSTEM\SYSTRAY.EXE C:\WINDOWS\SYSTEM\ATITASK.EXE C:\WINDOWS\SYSTEM\ATICWD32.EXE C:\WINDOWS\STARTER.EXE C:\PROGRAM FILES\F-SECURE\COMMON\FSM32.EXE C:\PROGRAM FILES\WINAMP\WINAMPA.EXE C:\PROGRAM FILES\GADU-GADU\GG.EXE C:\PROGRAM FILES\F-SECURE\BACKWEB\7681197\PROGRAM\BACKWEB-7681197.EXE C:\ATI\ATIDESK\ATISCHED.EXE C:\PROGRAM FILES\SONY CORPORATION\PICTURE PACKAGE\PICTURE PACKAGE APPLICATIONS\RESIDENCE.EXE C:\PROGRAM FILES\SONY CORPORATION\PICTURE PACKAGE\PICTURE PACKAGE MENU\SONYTRAY.EXE C:\WINDOWS\SYSTEM\DDHELP.EXE C:\WINDOWS\SYSTEM\RNAAPP.EXE C:\WINDOWS\SYSTEM\TAPISRV.EXE C:\WINDOWS\SYSTEM\WBEM\WINMGMT.EXE C:\WINDOWS\PULPIT\PRO\HIJACKTHIS\HIJACKTHIS.EXE R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/ R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHELPER.DLL O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAM FILES\ADOBE\ACROBAT 5.0 CE\READER\ACTIVEX\ACROIEHELPER.OCX O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O3 - Toolbar: Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX O4 - HKLM…\Run: [scanRegistry] C:\WINDOWS\scanregw.exe /autorun O4 - HKLM…\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe O4 - HKLM…\Run: [internat.exe] internat.exe O4 - HKLM…\Run: [systemTray] SysTray.Exe O4 - HKLM…\Run: [Atikey] Atitask.exe O4 - HKLM…\Run: [AtiCwd32] Aticwd32.exe O4 - HKLM…\Run: [EnsoniqMixer] starter.exe O4 - HKLM…\Run: [TCASUTIEXE] TCAUDIAG.EXE -off O4 - HKLM…\Run: [mdac_runonce] C:\WINDOWS\SYSTEM\runonce.exe O4 - HKLM…\Run: [F-Secure Manager] “C:\Program Files\F-Secure\Common\FSM32.EXE” /splash O4 - HKLM…\Run: [Zasobnik systemowy] SysTray.Exe O4 - HKLM…\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe O4 - HKLM…\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme O4 - HKLM…\RunServices: [schedulingAgent] mstask.exe O4 - HKLM…\RunServices: [KB891711] C:\WINDOWS\SYSTEM\KB891711\KB891711.EXE O4 - HKLM…\RunServices: [fsaa] C:\Program Files\F-Secure\Common\fsaa.exe O4 - HKLM…\RunServices: [F-Secure Management Agent] C:\Program Files\F-Secure\Common\FSMA32.EXE O4 - HKCU…\Run: [Gadu-Gadu] “C:\PROGRAM FILES\GADU-GADU\GG.EXE” /tray O4 - HKCU…\Run: [Dzieńdobry!] C:\PROGRAM FILES\VSD SOFTWARE\DZIEńDOBRY!\DZIENDOBRY.EXE /auto O4 - Startup: ATI Scheduler.lnk = C:\ati\atidesk\atisched.exe O4 - Startup: Microsoft Office.lnk = C:\WINDOWS\Dane aplikacji\Microsoft\Installer{00000415-78E1-11D2-B60F-006097C998E7}\misc.exe O4 - Startup: Picture Package VCD Maker.lnk = C:\Program Files\Sony Corporation\Picture Package\Picture Package Applications\Residence.exe O4 - Startup: Picture Package Menu.lnk = C:\Program Files\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe O4 - Global Startup: F-Secure BackWeb.lnk = C:\Program Files\F-Secure\BackWeb\7681197\6.1.4.55-7681197L\Program\backweb.dll O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\npjpi150_06.dll O9 - Extra ‘Tools’ menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\npjpi150_06.dll
Log z Silent Runner
“Silent Runners.vbs”, revision 46, http://www.silentrunners.org/ Operating System: Windows 98 Output limited to non-default values, except where indicated by “{++}” Startup items buried in registry: --------------------------------- HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ {++} “Gadu-Gadu” = ““C:\PROGRAM FILES\GADU-GADU\GG.EXE” /tray” [“Gadu-Gadu Sp. z oo”] “Dzieńdobry!” = “C:\PROGRAM FILES\VSD SOFTWARE\DZIEńDOBRY!\DZIENDOBRY.EXE /auto” [“VSD Software”] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ {++} “ScanRegistry” = “C:\WINDOWS\scanregw.exe /autorun” [MS] “TaskMonitor” = “C:\WINDOWS\taskmon.exe” [MS] “internat.exe” = “internat.exe” [MS] “SystemTray” = “SysTray.Exe” [MS] “Atikey” = “Atitask.exe” [“ATI Technologies, Inc.”] “AtiCwd32” = “Aticwd32.exe” [“ATI Technologies Inc.”] “EnsoniqMixer” = “starter.exe” [“ENSONIQ Corp.”] “TCASUTIEXE” = “TCAUDIAG.EXE -off” [“3Com Corporation”] “mdac_runonce” = “C:\WINDOWS\SYSTEM\runonce.exe” [MS] “F-Secure Manager” = ““C:\Program Files\F-Secure\Common\FSM32.EXE” /splash” [“F-Secure Corporation”] “Zasobnik systemowy” = “SysTray.Exe” [MS] “WinampAgent” = “C:\Program Files\Winamp\winampa.exe” [null data] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices\ {++} “LoadPowerProfile” = “Rundll32.exe powrprof.dll,LoadCurrentPwrScheme” [MS] “SchedulingAgent” = “mstask.exe” [MS] “KB891711” = “C:\WINDOWS\SYSTEM\KB891711\KB891711.EXE” [MS] “fsaa” = “C:\Program Files\F-Secure\Common\fsaa.exe” [“F-Secure Corporation. All Rights Reserved.”] “F-Secure Management Agent” = “C:\Program Files\F-Secure\Common\FSMA32.EXE” [“F-Secure Corporation”] HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ {53707962-6F74-2D53-2644-206D7942484F}(Default) = (no title provided) - {HKLM…CLSID} = (no title provided) \InProcServer32(Default) = “C:\PROGRA~1\SPYBOT~1\SDHELPER.DLL” [“Safer Networking Limited”] {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}(Default) = (no title provided) - {HKLM…CLSID} = “AcroIEHlprObj Class” \InProcServer32(Default) = “C:\PROGRAM FILES\ADOBE\ACROBAT 5.0 CE\READER\ACTIVEX\ACROIEHELPER.OCX” ["("] {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}(Default) = (no title provided) - {HKLM…CLSID} = “SSVHelper Class” \InProcServer32(Default) = “C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll” [“Sun Microsystems, Inc.”] HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\ “{00020D75-0000-0000-C000-000000000046}” = “Microsoft Exchange” - {HKLM…CLSID} = “Microsoft Outlook” \InProcServer32(Default) = “C:\PROGRA~1\MICROS~1\OFFICE\MLSHEXT.DLL” [MS] “{0006F045-0000-0000-C000-000000000046}” = “Microsoft Outlook Custom Icon Handler” - {HKLM…CLSID} = “Rozszerzenie ikon plików programu Outlook” \InProcServer32(Default) = “C:\PROGRA~1\MICROS~1\OFFICE\OLKFSTUB.DLL” [MS] “{B41DB860-8EE4-11D2-9906-E49FADC173CA}” = “WinRAR shell extension” - {HKLM…CLSID} = “WinRAR” \InProcServer32(Default) = “C:\PROGRAM FILES\WINRAR\rarext.dll” [null data] HKLM\Software\Classes*\shellex\ContextMenuHandlers\ WinRAR(Default) = “{B41DB860-8EE4-11D2-9906-E49FADC173CA}” - {HKLM…CLSID} = “WinRAR” \InProcServer32(Default) = “C:\PROGRAM FILES\WINRAR\rarext.dll” [null data] HKLM\Software\Classes\Directory\shellex\ContextMenuHandlers\ WinRAR(Default) = “{B41DB860-8EE4-11D2-9906-E49FADC173CA}” - {HKLM…CLSID} = “WinRAR” \InProcServer32(Default) = “C:\PROGRAM FILES\WINRAR\rarext.dll” [null data] HKLM\Software\Classes\Folder\shellex\ContextMenuHandlers\ WinRAR(Default) = “{B41DB860-8EE4-11D2-9906-E49FADC173CA}” - {HKLM…CLSID} = “WinRAR” \InProcServer32(Default) = “C:\PROGRAM FILES\WINRAR\rarext.dll” [null data] Active Desktop and Wallpaper: ----------------------------- Active Desktop is disabled at this entry: HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellState HKCU\Control Panel\Desktop\ “Wallpaper” = “C:\WINDOWS\Profiles\wojtek\Dane aplikacji\IrfanView\IrfanView_Wallpaper.bmp” WIN.INI SYSTEM.INI launch points: ----------------------------------- SYSTEM.INI [boot] “SCRNSAVE.EXE=C:\WINDOWS\SYSTEM\TEKST3~1.SCR” (Tekst 3W.scr) [MS] Startup items in “Startup” “All Users…Startup” folders: ----------------------------------------------------------- C:\WINDOWS\Menu Start\Programy\Autostart “ATI Scheduler” - shortcut to: “C:\ati\atidesk\atisched.exe” [“ATI Technologies Inc.”] “Microsoft Office” - shortcut to: “C:\Program Files\Microsoft Office\Office\OSA9.EXE -b -l” [MS] “Picture Package VCD Maker” - shortcut to: “C:\Program Files\Sony Corporation\Picture Package\Picture Package Applications\Residence.exe -h” [“Sony Corporation.”] “Picture Package Menu” - shortcut to: “C:\Program Files\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe” [“Sony Corporation”] C:\WINDOWS\All Users\Menu Start\Programy\Autostart “F-Secure BackWeb” - shortcut to: “C:\Program Files\F-Secure\BackWeb\7681197\Program\backweb-7681197.exe -startup” [null data] Enabled Scheduled Tasks: ------------------------ “Uruchomienie aplikacji dostrajania” - launches: “walign” [MS] “Spybot - Search Destroy - Scheduled Task” - launches: “C:\PROGRAM FILES\SPYBOT - SEARCH DESTROY\SpybotSD.exe /AUTOCHECK /AUTOFIX /AUTOCLOSE” [“Safer Networking Limited”] Winsock2 Service Provider DLLs: ------------------------------- Namespace Service Providers HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries\ {++} 000000000001\LibraryPath = “C:\WINDOWS\SYSTEM\rnr20.dll” [MS] Transport Service Providers HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\ {++} 00000000000#\PackedCatalogItem (contains) DLL [Company Name], (at) # range: C:\WINDOWS\SYSTEM\mswsosp.dll [MS], 1 C:\WINDOWS\SYSTEM\msafd.dll [MS], 2 - 4 C:\WINDOWS\SYSTEM\rsvpsp.dll [MS], 5 - 6 Toolbars, Explorer Bars, Extensions: ------------------------------------ Extensions (Tools menu items, main toolbar menu buttons) HKLM\Software\Microsoft\Internet Explorer\Extensions\ {08B0E5C0-4FCB-11CF-AAA5-00401C608501}\ “MenuText” = “Sun Java Console” “CLSIDExtension” = “{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBC}” - {HKLM…CLSID} = “Java Plug-in 1.5.0_06” \InProcServer32(Default) = “C:\Program Files\Java\jre1.5.0_06\bin\npjpi150_06.dll” [“Sun Microsystems, Inc.”] Miscellaneous IE Hijack Points ------------------------------ HKLM\Software\Microsoft\Internet Explorer\Version = (invalid data) The Internet Explorer version cannot be found! C:\WINDOWS\INF\IERESET.INF (used to “Reset Web Settings”) The contents of IERESET.INF cannot be reliably checked! Added lines (compared with English-language version): [strings]: START_PAGE_URL=“http://www.microsoft.com/isapi/redir.dll?prd=iepver=6ar=msnhome ” [strings]: MS_START_PAGE_URL=“http://www.microsoft.com/isapi/redir.dll?prd=iepver=6ar=msnhome ” Missing lines (compared with English-language version): [strings]: 2 lines Print Monitors: --------------- HKLM\System\CurrentControlSet\Control\Print\Monitors\ HPLanguageMonitor\Driver = “HPFLMN04.DLL” [MS] HP Master Monitor\Driver = “HPBMMON.DLL” [“Hewlett-Packard”] HP Standard TCP/IP Port\Driver = “hptcpmon.dll” [“Hewlett Packard”] PDFCreator\Driver = “pdfcmn95.dll” [null data] ---------- + This report excludes default entries except where indicated. + To see *everywhere* the script checks and *everything* it finds, launch it from a command prompt or a shortcut with the -all parameter. + The search for DESKTOP.INI DLL launch points on all local fixed drives took 36 seconds. + The search for all Registry CLSIDs containing dormant Explorer Bars took 16 seconds. ---------- (total run time: 103 seconds)
Musicie mi pomóc bo oszaleję z nim.
squeet
(squeet)
19 Lipiec 2006 08:53
#2
Wygląda na to, że takie porady to ostateczność. Są logi - czemu nie sprawdziłeś tylko od razu wydajesz wyrok? Post kosz.