Spowolnione działanie PC i zacinanie się - log

X-tinka · 8 Październik 2007 09:01

Od ponad 5 miesięcy albo nawet więcej PC mi się kompletnie zacina… Słychać tylko taki jakby zgrzyt i nic nie działa, nic się nie rusza, PC nie reaguje, jedynym wyjściem jest restart systemu. Strasznie to przeszkadza np., gdy oglądam film bądz pobieram większy plik.

I od niedawna zauważyłam spowolnione działanie PC… bardzo mozolnie się system zalącza,a także wyłącza…

Log z ComboFix :

ComboFix 07-10-07.2 - Izu 2007-10-08 10:43:29.2 - NTFSx86 Microsoft Windows XP Home Edition 5.1.2600.2.1250.1.1045.18.330 [GMT 2:00] Running from: C:\Documents and Settings\Izu\Pulpit\ComboFix.exe . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . C:\Documents and Settings\pasti\Dane aplikacji\ShoppingReport C:\Documents and Settings\pasti\Dane aplikacji\ShoppingReport\cs\Config.xml C:\Documents and Settings\pasti\Dane aplikacji\ShoppingReport\cs\db\Aliases.dbs C:\Documents and Settings\pasti\Dane aplikacji\ShoppingReport\cs\db\Sites.dbs C:\Documents and Settings\pasti\Dane aplikacji\ShoppingReport\cs\dwld\WhiteList.xip C:\Documents and Settings\pasti\Dane aplikacji\ShoppingReport\cs\report\aggr_storage.xml C:\Documents and Settings\pasti\Dane aplikacji\ShoppingReport\cs\report\send_storage.xml C:\Documents and Settings\pasti\Dane aplikacji\ShoppingReport\cs\res1\WhiteList.dbs C:\Program Files\internet explorer\msimg32.dll C:\Program Files\myglobalsearch C:\Program Files\myglobalsearch\bar\1.bin\M9FFXTBR.JAR C:\Program Files\myglobalsearch\bar\1.bin\M9FFXTBR.MANIFEST C:\Program Files\myglobalsearch\bar\1.bin\M9NTSTBR.JAR C:\Program Files\myglobalsearch\bar\1.bin\M9NTSTBR.MANIFEST C:\Program Files\myglobalsearch\bar\1.bin\M9PLUGIN.DLL C:\Program Files\myglobalsearch\bar\1.bin\MGSBAR.DLL C:\Program Files\myglobalsearch\bar\1.bin\NPMYGLSH.DLL C:\Program Files\myglobalsearch\bar\Cache\000F7C89 C:\Program Files\myglobalsearch\bar\Cache\00110E93.bin C:\Program Files\myglobalsearch\bar\Cache\00113C3B.bin C:\Program Files\myglobalsearch\bar\Cache\0011562B.bin C:\Program Files\myglobalsearch\bar\Cache\files.ini C:\Program Files\myglobalsearch\bar\History\search C:\Program Files\myglobalsearch\bar\Settings\prevcfg.htm C:\Program Files\MyWebSearch C:\Program Files\MyWebSearch\bar\1.bin\F3BKGERR.JPG C:\Program Files\MyWebSearch\bar\1.bin\F3BROVLY.DLL C:\Program Files\MyWebSearch\bar\1.bin\F3CJPEG.DLL C:\Program Files\MyWebSearch\bar\1.bin\F3DTACTL.DLL C:\Program Files\MyWebSearch\bar\1.bin\F3HISTSW.DLL C:\Program Files\MyWebSearch\bar\1.bin\F3HTMLMU.DLL C:\Program Files\MyWebSearch\bar\1.bin\F3HTTPCT.DLL C:\Program Files\MyWebSearch\bar\1.bin\F3IMSTUB.DLL C:\Program Files\MyWebSearch\bar\1.bin\F3POPSWT.DLL C:\Program Files\MyWebSearch\bar\1.bin\F3PSSAVR.SCR C:\Program Files\MyWebSearch\bar\1.bin\F3REPROX.DLL C:\Program Files\MyWebSearch\bar\1.bin\F3RESTUB.DLL C:\Program Files\MyWebSearch\bar\1.bin\F3SCHMON.EXE C:\Program Files\MyWebSearch\bar\1.bin\F3SCRCTR.DLL C:\Program Files\MyWebSearch\bar\1.bin\F3SHLLVW.DLL C:\Program Files\MyWebSearch\bar\1.bin\F3SPACER.WMV C:\Program Files\MyWebSearch\bar\1.bin\F3WALLPP.DAT C:\Program Files\MyWebSearch\bar\1.bin\F3WPHOOK.DLL C:\Program Files\MyWebSearch\bar\1.bin\M3FFXTBR.JAR C:\Program Files\MyWebSearch\bar\1.bin\M3FFXTBR.MANIFEST C:\Program Files\MyWebSearch\bar\1.bin\M3HTML.DLL C:\Program Files\MyWebSearch\bar\1.bin\M3IDLE.DLL C:\Program Files\MyWebSearch\bar\1.bin\M3IMPIPE.EXE C:\Program Files\MyWebSearch\bar\1.bin\M3MSG.DLL C:\Program Files\MyWebSearch\bar\1.bin\M3NTSTBR.JAR C:\Program Files\MyWebSearch\bar\1.bin\M3NTSTBR.MANIFEST C:\Program Files\MyWebSearch\bar\1.bin\M3OUTLCN.DLL C:\Program Files\MyWebSearch\bar\1.bin\M3PLUGIN.DLL C:\Program Files\MyWebSearch\bar\1.bin\M3SKIN.DLL C:\Program Files\MyWebSearch\bar\1.bin\M3SKPLAY.EXE C:\Program Files\MyWebSearch\bar\1.bin\M3SLSRCH.EXE C:\Program Files\MyWebSearch\bar\1.bin\M3SRCHMN.EXE C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL C:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE C:\Program Files\MyWebSearch\bar\1.bin\MWSOEPLG.DLL C:\Program Files\MyWebSearch\bar\1.bin\MWSOESTB.DLL C:\Program Files\MyWebSearch\bar\1.bin\NPMYWEBS.DLL C:\Program Files\MyWebSearch\bar\Avatar\COMMON.F3S C:\Program Files\MyWebSearch\bar\Cache\0018DB19 C:\Program Files\MyWebSearch\bar\Cache\0018FE8F C:\Program Files\MyWebSearch\bar\Cache\0019019C.bin C:\Program Files\MyWebSearch\bar\Cache\00190574.bin C:\Program Files\MyWebSearch\bar\Cache\001916E9.bin C:\Program Files\MyWebSearch\bar\Cache\00191B4E.bin C:\Program Files\MyWebSearch\bar\Cache\0050BB2C.bin C:\Program Files\MyWebSearch\bar\Cache\0050BD9D.bin C:\Program Files\MyWebSearch\bar\Cache\0050BF34.bin C:\Program Files\MyWebSearch\bar\Cache\0050C0AB.bin C:\Program Files\MyWebSearch\bar\Cache\files.ini C:\Program Files\MyWebSearch\bar\Game\CHECKERS.F3S C:\Program Files\MyWebSearch\bar\Game\CHESS.F3S C:\Program Files\MyWebSearch\bar\Game\REVERSI.F3S C:\Program Files\MyWebSearch\bar\History\search2 C:\Program Files\MyWebSearch\bar\Message\COMMON.F3S C:\Program Files\MyWebSearch\bar\Notifier\COMMON.F3S C:\Program Files\MyWebSearch\bar\Notifier\DOG.F3S C:\Program Files\MyWebSearch\bar\Notifier\FISH.F3S C:\Program Files\MyWebSearch\bar\Notifier\KUNGFU.F3S C:\Program Files\MyWebSearch\bar\Notifier\LIFEGARD.F3S C:\Program Files\MyWebSearch\bar\Notifier\MAID.F3S C:\Program Files\MyWebSearch\bar\Notifier\MAILBOX.F3S C:\Program Files\MyWebSearch\bar\Notifier\OPERA.F3S C:\Program Files\MyWebSearch\bar\Notifier\ROBOT.F3S C:\Program Files\MyWebSearch\bar\Notifier\SEDUCT.F3S C:\Program Files\MyWebSearch\bar\Notifier\SURFER.F3S C:\Program Files\MyWebSearch\bar\Settings\prevcfg2.htm C:\Program Files\MyWebSearch\bar\Settings\s_pid.dat C:\Program Files\MyWebSearch\bar\Settings\setting2.htm C:\Program Files\MyWebSearch\bar\Settings\settings.dat C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL C:\WINDOWS\system32\f3PSSavr.scr . ((((((((((((((((((((((((( Files Created from 2007-09-08 to 2007-10-08 ))))))))))))))))))))))))))))))) . 2007-10-08 10:40 51,200 --a------ C:\WINDOWS\NirCmd.exe 2007-10-07 14:10 2007-10-06 23:14 2007-10-05 16:23 996 --a------ C:\WINDOWS\desctemp.dat 2007-09-25 23:02 2007-09-10 13:03 2007-09-10 13:02 31,616 --a–c— C:\WINDOWS\system32\dllcache\usbccgp.sys 2007-09-10 13:02 31,616 --a------ C:\WINDOWS\system32\drivers\usbccgp.sys 2007-09-10 13:02 21,504 --a–c— C:\WINDOWS\system32\dllcache\hidserv.dll 2007-09-10 13:02 21,504 --a------ C:\WINDOWS\system32\hidserv.dll 2007-09-10 13:02 14,848 --a–c— C:\WINDOWS\system32\dllcache\kbdhid.sys 2007-09-10 13:02 14,848 --a------ C:\WINDOWS\system32\drivers\kbdhid.sys . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2007-10-08 08:08 --------- d-------- C:\Documents and Settings\pasti\Dane aplikacji\MEGAUPLOADTOOLBAR 2007-10-07 14:50 --------- d-------- C:\Program Files\FlashGet 2007-10-07 04:44 --------- d-------- C:\Program Files\NAPI-PROJEKT 2007-10-04 22:04 --------- d-------- C:\Program Files\Gadu-Gadu 2007-09-26 16:09 --------- d-------- C:\Program Files\Winamp 2007-09-26 15:55 --------- d-------- C:\Program Files\EA GAMES 2007-08-31 12:09 --------- d-------- C:\Program Files\ReflexiveArcade 2007-08-20 18:46 --------- d-------- C:\Program Files\American Conquest 2007-08-15 19:09 --------- d-------- C:\Program Files\DivX 2007-08-14 22:03 --------- d-------- C:\Program Files\Google 2007-08-12 09:27 --------- d-------- C:\Program Files\MegauploadToolbar 2007-08-01 09:06 3766 --ahs---- C:\WINDOWS\system32\KGyGaAvL.sys 2007-07-30 19:19 92504 --a------ C:\WINDOWS\system32\cdm.dll 2007-07-30 19:19 549720 --a------ C:\WINDOWS\system32\wuapi.dll 2007-07-30 19:19 53080 --a------ C:\WINDOWS\system32\wuauclt.exe 2007-07-30 19:19 43352 --a------ C:\WINDOWS\system32\wups2.dll 2007-07-30 19:19 325976 --a------ C:\WINDOWS\system32\wucltui.dll 2007-07-30 19:19 203096 --a------ C:\WINDOWS\system32\wuweb.dll 2007-07-30 19:19 1712984 --a------ C:\WINDOWS\system32\wuaueng.dll 2007-07-30 19:18 33624 --a------ C:\WINDOWS\system32\wups.dll 2007-07-27 01:06 129784 --------- C:\WINDOWS\system32\pxafs.dll 2007-07-27 01:06 120056 --------- C:\WINDOWS\system32\pxcpyi64.exe 2007-07-27 01:06 118520 --------- C:\WINDOWS\system32\pxinsi64.exe . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] “NvCplDaemon”=“C:\WINDOWS\system32\NvCpl.dll” [2006-08-11 22:43] “NvMediaCenter”=“NvMCTray.dll” [2006-08-11 22:43 C:\WINDOWS\system32\nvmctray.dll] “NeroFilterCheck”=“C:\WINDOWS\system32\NeroCheck.exe” [2001-07-09 11:50] “BearShare”=“C:\Program Files\BearShare\BearShare.exe” [2006-08-01 18:04] “QuickTime Task”=“C:\Program Files\QuickTime\qttask.exe” [2007-06-24 14:40] “TkBellExe”=“C:\Program Files\Common Files\Real\Update_OB\realsched.exe” [2007-07-04 00:11] “My Web Search Bar Search Scope Monitor”=“C:\PROGRA~1\MYWEBS~1\bar\1.bin\m3SrchMn.exe” [] “WinampAgent”=“C:\Program Files\Winamp\winampa.exe” [2007-05-15 00:22] “SunJavaUpdateSched”=“C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe” [2007-03-14 03:43] “SoundMan”=“SOUNDMAN.EXE” [2006-03-01 10:22 C:\WINDOWS\soundman.exe] “PCSuiteTrayApplication”=“C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe” [2007-03-23 13:20] “nwiz”=“nwiz.exe” [2006-08-11 22:43 C:\WINDOWS\system32\nwiz.exe] “NWEReboot”="" [] “InCD”=“C:\Program Files\Ahead\InCD\InCD.exe” [2005-07-25 12:01] “BearFlix”=“C:\Program Files\BearFlix\BearFlix.exe” [] “AVG7_CC”=“C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe” [2007-09-26 13:10] “Adobe Reader Speed Launcher”=“C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe” [2007-05-11 03:06] “Adobe Photo Downloader”=“C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe” [2005-06-07 00:46] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] “CTFMON.EXE”=“C:\WINDOWS\system32\ctfmon.exe” [2006-03-02 14:00] “Gadu-Gadu”=“C:\Program Files\Gadu-Gadu\gg.exe” [2007-04-19 17:43] [HKEY_USERS.default\software\microsoft\windows\currentversion\run] “Nokia.PCSync”=C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog C:\Documents and Settings\pasti\Menu Start\Programy\Autostart\ Tapeta online.lnk - C:\Program Files\Tapety online\tapeta.exe [2007-07-30 21:14:54] C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\ Adobe Gamma Loader.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2007-01-30 18:59:00] Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe [2007-05-11 03:06:32] Adobe Reader Synchronizer.lnk - C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe [2007-05-11 00:29:22] BlueSoleil.lnk - C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe [2007-03-12 18:03:16] Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE [1999-02-17 21:05:56] R0 videX32;videX32;C:\WINDOWS\system32\DRIVERS\videX32.sys R0 xfilt;VIA SATA IDE Hot-plug Driver;C:\WINDOWS\system32\DRIVERS\xfilt.sys S2 InCDsrvR;InCD Helper (read only);C:\Program Files\Ahead\InCD\InCDsrv.exe -r S3 BTNetFilter;Bluetooth Network Filter;??\C:\WINDOWS\system32\drivers\BTNetFilter.sys S3 GVCplDrv;GVCplDrv;C:\WINDOWS\system32\drivers\GVCplDrv.sys S3 SER120;OTI Serial port driver;C:\WINDOWS\system32\DRIVERS\SER120.sys . Contents of the ‘Scheduled Tasks’ folder “2007-06-19 07:00:00 C:\WINDOWS\Tasks\rpc.job” - C:\Program Files\Winferno\RegistryPowerCleaner\RegPowerClean.exe . ************************************************************************** catchme 0.3.1169 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2007-10-08 10:50:38 Windows 5.1.2600 Dodatek Service Pack 2 NTFS scanning hidden processes … scanning hidden autostart entries … scanning hidden files … ************************************************************************** . Completion time: 2007-10-08 10:53:17 - machine was rebooted C:\ComboFix-quarantined-files.txt … 2007-10-08 10:52 . — E O F —

Jest tu coś ?

jessica · 8 Październik 2007 10:25

Owszem, jest coś.

Infekcja “LOP”.

Nie widzę innych elementów tej infekcji, więc być może wystarczy usunąć ręcznie ten zaznaczony na czerwono folder.

Szkodliwy program, udający dobrą działalność.

Spróbuj usunąć ręcznie te zaznaczone na czerwono.

Użyj -->SDFix

Uwaga: Da się go uruchomić tylko w Trybie Awaryjnym.

Pokaż Report.txt znajdujący się w folderze SDFix.

jessi