Witam
Prosiłbym o sprawdzenie loga, komputer wolno chodzi, explorer sie wiesza, obciazenie proca dochodzi do 100%, czasem wszystko(system) sie zatrzymuje na ok 30s, a niechcialbym robic formatu.
ponizej log z HJ-a niestety mam problem z odpaleniem silenta, wyskakuje mi taki error.
Z góry dziekuje za pomoc
Logfile of HijackThis v1.99.1 Scan saved at 15:12:05, on 2007-08-04 Platform: Windows XP (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 (6.00.2600.0000) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe C:\WINDOWS\system32\ZONELABS\vsmon.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\System32\bgsvcgen.exe C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe C:\Program Files\ewido anti-spyware 4.0\guard.exe C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe C:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\WINDOWS\System32\nvsvc32.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Softwin\BitDefender8\bdmcon.exe C:\WINDOWS\System32\devldr32.exe C:\Program Files\Softwin\BitDefender8\bdnagent.exe C:\Program Files\Winamp\winampa.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\Program Files\A4Tech\Mouse\Amoumain.exe C:\Program Files\Internet Explorer\Setup\svchost.exe C:\Program Files\Logitech\iTouch\iTouch.exe C:\Program Files\Nero\Nero 7\InCD\InCD.exe C:\Program Files\USB Disk Win98 Driver\Res.EXE C:\Program Files\LClock\lclock.exe C:\Program Files\SAGEM\SAGEM F@st 800-840\DSLMON.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe C:\Program Files\Last.fm\LastFMHelper.exe C:\WINDOWS\BricoPacks\Vista Inspirat\ObjectDock\ObjectDock.exe C:\WINDOWS\BricoPacks\Vista Inspirat\YzToolbar\YzToolBar.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe C:\Program Files\AutoConnect\AutoConnect.exe C:\Documents and Settings\Start\Moje dokumenty\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://szukaj.wp.pl R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.neostrada.pl R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Neostrada Plus wita Cie w Internecie R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza O2 - BHO: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL O2 - BHO: TGTSoft Explorer Toolbar Changer - {C333CF63-767F-4831-94AC-E683D962C63C} - C:\Program Files\TGTSoft\StyleXP\TGT_BHO.dll O3 - Toolbar: Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL O4 - HKLM…\Run: [bDMCon] “C:\Program Files\Softwin\BitDefender8\bdmcon.exe” O4 - HKLM…\Run: [bDNewsAgent] “C:\Program Files\Softwin\BitDefender8\bdnagent.exe” O4 - HKLM…\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe O4 - HKLM…\Run: [Zone Labs Client] “C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe” O4 - HKLM…\Run: [WheelMouse] C:\Program Files\A4Tech\Mouse\Amoumain.exe O4 - HKLM…\Run: [svchost] C:\Program Files\Internet Explorer\Setup\svchost.exe O4 - HKLM…\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe O4 - HKLM…\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe O4 - HKLM…\Run: [inCD] C:\Program Files\Nero\Nero 7\InCD\InCD.exe O4 - HKLM…\Run: [uSB Storage Toolbox] C:\Program Files\USB Disk Win98 Driver\Res.EXE O4 - HKCU…\Run: [Octoshape Streaming Services] “C:\Program Files\Octoshape Streaming Services\Start\OctoshapeClient.exe” -inv:bootrun O4 - HKCU…\Run: [sTYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide O4 - HKCU…\Run: [LClock] C:\Program Files\LClock\lclock.exe O4 - Startup: Stardock ObjectDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat\ObjectDock\ObjectDock.exe O4 - Startup: Y’z Toolbar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat\YzToolbar\YzToolBar.exe O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\DSLMON.exe O4 - Global Startup: hpoddt01.exe.lnk = ? O4 - Global Startup: hp psc 1000 series.lnk = ? O4 - Global Startup: Last.fm Helper.lnk = C:\Program Files\Last.fm\LastFMHelper.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll O9 - Extra ‘Tools’ menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll O17 - HKLM\System\CCS\Services\Tcpip…{1952674B-DED7-4218-9983-9B7A1BEA130A}: NameServer = 194.204.159.1 217.98.63.164 O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing) O23 - Service: B’s Recorder GOLD Library General Service (bgsvcgen) - B.H.A Corporation - C:\WINDOWS\System32\bgsvcgen.exe O23 - Service: Capture Device Service - InterVideo Inc. - C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZONELABS\vsmon.exe O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing)
jessica
(jessica)
4 Sierpień 2007 14:01
#2
Ten w/w wpis sfiksuj w Hijacku:
>>Hijack>>scan(Do a system scan only)>>zaznacz go >> Fix checked .
Jeśli masz czym usuwać (np.Killbox), to usuwaj przy jego ponocy.
Jeśli nie masz, to ściągnij ComboFix:
http://forum.dobreprogramy.pl/viewtopic.php?t=36654
(na samym dole tej strony z linku).
Wklej do Notatnika :
File::
C:\Program Files\Internet Explorer\Setup\svchost.exe
Folder::
C:\Program Files\Internet Explorer\Setup
>>Plik>>Zapisz jako… >>> ComboFix-Do (najwygodniej będzie,
jeśli zapiszesz w takiej lokalizacji, by ikonka ComboFix-Do znalazła się obok ikonki ComboFix.exe )
Przeciągnij i upuść plik ComboFix-Do.txt na plik ComboFix.exe
(czyli ikonkę ComboFix-Do.txt na ikonkę ComboFix.exe )
– tak jak na tym obrazku -->http://i12.tinypic.com/4l761r5.gif
(jeśli pojawi się pytanie " 1 or 2 " - to wpisz 1 i naciśnij ENTER)
Po restarcie usuń ręcznie folder C: * * Qoobox**.
Potem daj log z ComboFixa.
Log wklej na http://wklej.org/ , a w poście daj tylko link.
.
jessica
(jessica)
5 Sierpień 2007 17:18
#4
Wg tej strony (http://www.siteadvisor.com/sites/leica-geosystems.com/downloads/4781723/ te pliki należą do tej samej grupy, co plik, który został usunięty przez ComboFixa (c:\WINDOWS\system32\charset.dll).
Ale nie mam pojęcia, czy te pozostałe pliki z tej grupy też trzeba usunąć.
U mnie nie ma tych plików.
.
Nic tu więcej podejrzanego nie widzę.
.