Zamula kompa przy odpalaniu flasha


(Przemas Ppp) #1

Mam problem związany z zamułką kompa który przy odpalaniu filmików itp. zużywa znaczną ilośc procka.

Karta Graficzna - ati radeon xpress 1100

Procesor - amd turion 64 Mobile Technology MK-36

Windows XP

Zrzut z hijacka:

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 23:09:57, on 2008-04-23

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe

C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe

C:\PROGRA~1\Grisoft\AVG7\avgemc.exe

c:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe

C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

C:\WINDOWS\eHome\ehRecvr.exe

C:\WINDOWS\eHome\ehSched.exe

C:\WINDOWS\system32\dllhost.exe

C:\Acer\Empowering Technology\ePower\ePower_DMC.exe

C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe

C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

C:\WINDOWS\system32\ctfmon.exe

C:\WINDOWS\system32\wbem\unsecapp.exe

C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe

C:\Program Files\Winamp\winamp.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.onet.pl/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://pl.intl.acer.yahoo.com

R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll

O4 - HKLM..\Run: [ePower_DMC] C:\Acer\Empowering Technology\ePower\ePower_DMC.exe

O4 - HKLM..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"

O4 - HKLM..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime

O4 - HKLM..\Run: [Media Codec Update Service] C:\Program Files\Essentials Codec Pack\update.exe -silent

O4 - HKLM..\Run: [startCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"

O4 - HKCU..\Run: [Gadu-Gadu] "C:\Program Files\Gadu-Gadu\gg.exe" /tray

O4 - HKCU..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKUS\S-1-5-19..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'USŁUGA LOKALNA')

O4 - HKUS\S-1-5-20..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'USŁUGA SIECIOWA')

O4 - HKUS\S-1-5-18..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS.DEFAULT..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm

O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm

O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm

O8 - Extra context menu item: Wyślij do urządzenia &Bluetooth... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} (MksSkanerOnline Class) - http://www.mks.com.pl/skaner/SkanerOnline.cab

O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe

O23 - Service: Autodesk Licensing Service - Autodesk, Inc. - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe

O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe

O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe

O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe

O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - c:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe

O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe

--

End of file - 5142 bytes

Zastanawiają mnie te dwie pozycje

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

Proszę o pomoc i poradę :frowning:


(Kolmar) #2

Log wydaje się być czysty, te dwa wpisy zostaw. Dodatkowo radził bym odchudzić autostart bo pęka w szwach m.in. usługi od ATI np. ccc. W panelu sterowania w Javie wyłącz opcje automatycznych aktualizacji. Polecam program autoruns z pakietu sysinternals.

Zajrzyj też do usług i wyłącz (jeżeli nie używasz) eLock, eSettings są one zbędne. Co do eNet i ePower to decyzja do ciebie należy.


(Przemas Ppp) #3

Zrobiłem to co radziłeś ale nie pomogło. Tzn. szybciej się uruchamia, “co oczywiście też miło zobaczyć jak szybko zamiata” :smiley: ale nie znikł problem obciążenia procesora a w szczególności Firefox zabiera prawie 40% procka a jak już odpalę jakiś filmik, albo grę flash to 80%-95% i skacze #-o


(huber2t) #4

fix w hijackthis

Pokaż Log z Combofix


(Przemas Ppp) #5

ComboFix 08-04-22.5 - Zaklad 2008-04-24 10:47:40.1 - FAT32 x86

Microsoft Windows XP Professional 5.1.2600.2.1250.48.1033.18.106 [GMT 2:00]

Running from: C:\Documents and Settings\Zaklad\Desktop\ComboFix.exe

* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED!!

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

C:\Autorun.inf

C:\Documents and Settings\Zaklad\Local Settings\Temporary Internet Files\sph264.dll

C:\Documents and Settings\Zaklad\Local Settings\Temporary Internet Files\spmpeg4.dll

C:\Documents and Settings\Zaklad\Local Settings\Temporary Internet Files\sptheo.dll

C:\Documents and Settings\Zaklad\Local Settings\Temporary Internet Files\StreamPlug.dll

C:\WINDOWS\system32\copy.exe.exe

C:\WINDOWS\system32\svchost.exe.exe

.

((((((((((((((((((((((((( Files Created from 2008-03-24 to 2008-04-24 )))))))))))))))))))))))))))))))

.

2008-12-22 06:59 . 2008-12-22 06:59 447,200 --a------ C:\WINDOWS\system32\OpenQuicktimeLib.dll

2008-12-22 06:59 . 2008-12-22 06:59 332,512 --a------ C:\WINDOWS\system32\3ivxVfWCodec.dll

2008-12-22 06:59 . 2008-12-22 06:59 25,312 --a------ C:\WINDOWS\system32\SamsungVfWCodec.dll

2008-12-22 06:59 . 2008-12-22 06:59 25,312 --a------ C:\WINDOWS\system32\DivXVfWCodec.dll

2008-12-22 06:58 . 2008-12-22 06:58 1,155,808 --a------ C:\WINDOWS\system32\3ivx.dll

2008-12-22 06:52 . 2008-12-22 06:52 66,272 --a------ C:\WINDOWS\system32\libfaac.dll

2008-04-23 23:04 . 2008-04-23 23:04

2008-04-23 21:49 . 2008-04-23 21:49

2008-04-23 19:53 . 2008-04-23 19:53 354,560 --a------ C:\WINDOWS\system32\TuneUpDefragService.exe

2008-04-23 19:53 . 2008-04-04 14:51 28,416 --a------ C:\WINDOWS\system32\uxtuneup.dll

2008-04-23 19:52 . 2008-04-23 19:52

2008-04-23 19:51 . 2008-04-23 19:51

2008-04-23 01:28 . 2008-04-23 01:28

2008-04-23 01:27 . 2008-04-23 01:27 0 --a------ C:\WINDOWS\ativpsrm.bin

2008-04-23 01:18 . 2008-03-28 21:05 593,920 --------- C:\WINDOWS\system32\ati2sgag.exe

2008-04-23 00:47 . 2008-04-23 00:47

2008-04-23 00:47 . 2006-07-18 21:42 303,104 --a------ C:\WINDOWS\system32\ATIDEMGR.dll

2008-04-23 00:47 . 2007-08-31 15:20 7,167 --a------ C:\WINDOWS\system32\atifglpf.xml

2008-04-16 20:10 . 2008-04-16 20:10 116 --a------ C:\WINDOWS\DelDir.BEN

2008-04-16 18:41 . 2008-04-16 18:41

2008-04-14 18:48 . 2008-04-14 18:48

2008-04-14 17:51 . 2008-04-14 17:51

2008-04-14 14:12 . 2008-04-14 14:12

2008-04-04 01:44 . 2008-04-04 01:44

2008-04-03 17:32 . 2008-04-03 17:32 249 --a------ C:\WINDOWS\Blood Simple. (AC3-2ch) (2of2).ini

2008-04-02 22:56 . 2008-04-02 22:56 38 --a------ C:\WINDOWS\AviSplitter.INI

2008-04-02 17:52 . 2007-07-30 19:19 271,224 --a------ C:\WINDOWS\system32\mucltui.dll

2008-04-02 17:52 . 2007-07-30 19:19 207,736 --a------ C:\WINDOWS\system32\muweb.dll

2008-04-02 17:52 . 2007-07-30 19:19 30,072 --a------ C:\WINDOWS\system32\mucltui.dll.mui

2008-04-02 17:46 . 2008-04-02 17:46

2008-04-01 16:56 . 2008-04-01 16:56

2008-04-01 16:45 . 2008-02-21 04:05 120,056 --------- C:\WINDOWS\system32\pxcpyi64.exe

2008-04-01 16:45 . 2008-02-21 04:05 118,520 --------- C:\WINDOWS\system32\pxinsi64.exe

2008-04-01 14:10 . 2008-04-01 14:10 180 --a------ C:\WINDOWS\04.ini

2008-03-31 23:25 . 2008-03-31 23:25 831,488 --a------ C:\WINDOWS\system32\divx_xx0a.dll

2008-03-31 23:25 . 2008-03-31 23:25 823,296 --a------ C:\WINDOWS\system32\divx_xx0c.dll

2008-03-31 23:25 . 2008-03-31 23:25 823,296 --a------ C:\WINDOWS\system32\divx_xx07.dll

2008-03-31 23:25 . 2008-03-31 23:25 802,816 --a------ C:\WINDOWS\system32\divx_xx11.dll

2008-03-31 23:25 . 2008-03-31 23:25 682,496 --a------ C:\WINDOWS\system32\DivX.dll

2008-03-31 23:25 . 2008-03-31 23:25 161,096 --a------ C:\WINDOWS\system32\DivXCodecVersionChecker.exe

2008-03-29 07:19 . 2008-03-29 07:19 9,801,728 --a------ C:\WINDOWS\system32\atioglx2.dll

2008-03-29 06:40 . 2008-03-29 06:40 167,936 --a------ C:\WINDOWS\system32\atiok3x2.dll

2008-03-29 06:05 . 2008-03-29 06:05 372,736 --a------ C:\WINDOWS\system32\ATIDEMGX.dll

2008-03-29 05:36 . 2008-03-29 05:36 3,107,788 --a------ C:\WINDOWS\system32\ativvaxx.dat

2008-03-29 05:36 . 2008-03-29 05:36 3,107,788 --a------ C:\WINDOWS\system32\ativva5x.dat

2008-03-29 05:36 . 2008-03-29 05:36 887,724 --a------ C:\WINDOWS\system32\ativva6x.dat

2008-03-29 05:24 . 2008-03-29 05:24 46,080 --a------ C:\WINDOWS\system32\amdpcom32.dll

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2008-03-29 06:21 2,873,856 ----a-w C:\WINDOWS\system32\drivers\ati2mtag.sys

2008-03-29 06:21 2,873,856 ----a-w C:\WINDOWS\system32\dllcache\ati2mtag.sys

2008-03-29 04:04 299,008 ----a-w C:\WINDOWS\system32\ati2dvag.dll

2008-03-29 03:56 172,032 ----a-w C:\WINDOWS\system32\atipdlxx.dll

2008-03-29 03:56 126,976 ----a-w C:\WINDOWS\system32\Oemdspif.dll

2008-03-29 03:55 43,520 ----a-w C:\WINDOWS\system32\Ati2edxx.dll

2008-03-29 03:55 26,112 ----a-w C:\WINDOWS\system32\Ati2mdxx.exe

2008-03-29 03:55 126,976 ----a-w C:\WINDOWS\system32\Ati2evxx.dll

2008-03-29 03:54 536,576 ----a-w C:\WINDOWS\system32\Ati2evxx.exe

2008-03-29 03:52 53,248 ----a-w C:\WINDOWS\system32\ATIDDC.DLL

2008-03-29 03:44 3,176,480 ----a-w C:\WINDOWS\system32\ati3duag.dll

2008-03-29 03:39 307,200 ----a-w C:\WINDOWS\system32\atiiiexx.dll

2008-03-29 03:36 1,765,120 ----a-w C:\WINDOWS\system32\ativvaxx.dll

2008-03-29 03:23 5,439,488 ----a-w C:\WINDOWS\system32\atioglxx.dll

2008-03-29 03:21 393,216 ----a-w C:\WINDOWS\system32\atikvmag.dll

2008-03-29 03:19 17,408 ----a-w C:\WINDOWS\system32\atitvo32.dll

2008-03-29 03:18 49,152 ----a-w C:\WINDOWS\system32\drivers\ati2erec.dll

2008-03-29 03:13 520,192 ----a-w C:\WINDOWS\system32\ati2cqag.dll

2008-03-21 20:30 524,288 ----a-w C:\WINDOWS\system32\DivXsm.exe

2008-03-21 20:30 3,596,288 ----a-w C:\WINDOWS\system32\qt-dx331.dll

2008-03-21 20:30 200,704 ----a-w C:\WINDOWS\system32\ssldivx.dll

2008-03-21 20:30 1,044,480 ----a-w C:\WINDOWS\system32\libdivx.dll

2008-03-21 20:28 81,920 ----a-w C:\WINDOWS\system32\dpl100.dll

2008-03-21 20:28 593,920 ----a-w C:\WINDOWS\system32\dpuGUI11.dll

2008-03-21 20:28 57,344 ----a-w C:\WINDOWS\system32\dpv11.dll

2008-03-21 20:28 53,248 ----a-w C:\WINDOWS\system32\dpuGUI10.dll

2008-03-21 20:28 344,064 ----a-w C:\WINDOWS\system32\dpus11.dll

2008-03-21 20:28 294,912 ----a-w C:\WINDOWS\system32\dpu11.dll

2008-03-21 20:28 294,912 ----a-w C:\WINDOWS\system32\dpu10.dll

2008-03-21 20:28 196,608 ----a-w C:\WINDOWS\system32\dtu100.dll

2008-03-21 20:28 12,288 ----a-w C:\WINDOWS\system32\DivXWMPExtType.dll

2008-03-20 13:42 41,013 ----a-w C:\WINDOWS\system32\MFCN42D.DLL

2008-03-19 09:47 1,845,248 ----a-w C:\WINDOWS\system32\win32k.sys

2008-03-19 09:47 1,845,248 ----a-w C:\WINDOWS\system32\dllcache\win32k.sys

2008-03-06 19:58 --------- d-----w C:\Documents and Settings\Zaklad\Application Data\DivX

2008-03-06 19:57 --------- d-----w C:\Program Files\DivX

2008-03-06 19:56 --------- d-----w C:\Program Files\XviD

2008-03-06 18:37 --------- d-----w C:\Program Files\Combined Community Codec Pack

2008-03-06 18:29 737,280 ----a-w C:\WINDOWS\iun6002.exe

2008-03-06 18:29 --------- d-----w C:\Program Files\Codec Pack - All In 1

2008-03-06 16:27 --------- d-----w C:\Program Files\Common Files\Ahead

2008-03-06 16:27 --------- d-----w C:\Program Files\Ahead

2008-03-06 15:22 --------- d-----w C:\Documents and Settings\Zaklad\Application Data\Nero

2008-03-06 15:18 --------- d-----w C:\Program Files\Common Files\Nero

2008-03-06 15:18 --------- d-----w C:\Documents and Settings\All Users\Application Data\Nero

2008-03-06 00:13 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple Computer

2008-03-01 08:39 --------- d-----w C:\Program Files\DomPlayer

2008-02-21 02:05 129,784 ------w C:\WINDOWS\system32\pxafs.dll

2008-02-20 06:51 282,624 ----a-w C:\WINDOWS\system32\gdi32.dll

2008-02-20 06:51 282,624 ----a-w C:\WINDOWS\system32\dllcache\gdi32.dll

2008-02-20 05:32 45,568 ----a-w C:\WINDOWS\system32\dnsrslvr.dll

2008-02-20 05:32 45,568 ----a-w C:\WINDOWS\system32\dllcache\dnsrslvr.dll

2008-02-20 05:32 148,992 ----a-w C:\WINDOWS\system32\dllcache\dnsapi.dll

2008-02-15 09:07 18,432 ----a-w C:\WINDOWS\system32\dllcache\iedw.exe

2008-01-15 23:33 0 ----a-w C:\Documents and Settings\Zaklad\Emails.dat

2007-12-15 07:50 10 ----a-w C:\Documents and Settings\Zaklad\user.dat

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries legit default entries are not shown

REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

“Gadu-Gadu”=“C:\Program Files\Gadu-Gadu\gg.exe” [2007-07-09 09:39 2119104]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

“Media Codec Update Service”=“C:\Program Files\Essentials Codec Pack\update.exe” [2007-04-08 18:44 303104]

“ePower_DMC”=“C:\Acer\Empowering Technology\ePower\ePower_DMC.exe” [2006-05-30 12:11 421888]

[HKEY_USERS.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

“CTFMON.EXE”=“C:\WINDOWS\system32\CTFMON.EXE” [2004-08-10 20:00 15360]

“AVG7_Run”=“C:\PROGRA~1\Grisoft\AVG7\avgw.exe” [2007-10-25 12:45 219136]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

“InstallVisualStyle”= C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles

“InstallTheme”= C:\WINDOWS\Resources\Themes\Royale.theme

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]

“msacm.scg726”= scg726.acm

“msacm.alf2cd”= alf2cd.acm

“vidc.dvsd”= mcdvd_32.dll

“vidc.3IV2”= 3ivxVfWCodec.dll

“vidc.SEDG”= SamsungVfWCodec.dll

“vidc.DX50”= DivXVfWCodec.dll

[HKLM~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Acer Empowering Technology.lnk]

path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Acer Empowering Technology.lnk

backup=C:\WINDOWS\pss\Acer Empowering Technology.lnkCommon Startup

[HKLM~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]

path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk

backup=C:\WINDOWS\pss\Adobe Reader Speed Launch.lnkCommon Startup

[HKLM~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^BTTray.lnk]

path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\BTTray.lnk

backup=C:\WINDOWS\pss\BTTray.lnkCommon Startup

[HKLM~\startupfolder\C:^Documents and Settings^Zaklad^Start Menu^Programs^Startup^DOSprn.lnk]

path=C:\Documents and Settings\Zaklad\Start Menu\Programs\Startup\DOSprn.lnk

backup=C:\WINDOWS\pss\DOSprn.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr]

–a------ 2005-05-02 18:43 69632 C:\WINDOWS\Alcmtr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATICCC]

C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AVG7_CC]

–a------ 2008-04-23 18:42 579584 C:\PROGRA~1\Grisoft\AVG7\avgcc.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AzMixerSel]

--------- 2006-04-14 13:35 53248 C:\Program Files\Realtek\InstallShield\AzMixerSel.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BluetoothAuthenticationAgent]

–a------ 2004-08-10 20:00 110592 C:\WINDOWS\system32\bthprops.cpl

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Boot]

–a------ 2006-03-15 22:12 579584 C:\Acer\Empowering Technology\ePower\Boot.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]

–a------ 2004-08-10 20:00 15360 C:\WINDOWS\system32\ctfmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DownloadAccelerator]

–a------ 2008-01-16 00:59 4576768 C:\Program Files\DAP\DAP.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray]

–a------ 2005-08-05 13:56 64512 C:\WINDOWS\ehome\ehtray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ePower_DMC]

–a------ 2006-05-30 12:11 421888 C:\Acer\Empowering Technology\ePower\ePower_DMC.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Gadu-Gadu]

–a------ 2007-07-09 09:39 2119104 C:\Program Files\Gadu-Gadu\gg.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IMJPMIG8.1]

–a------ 2004-08-10 20:00 208952 C:\WINDOWS\IME\imjp8_1\IMJPMIG.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LaunchApp]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LManager]

C:\PROGRA~1\LAUNCH~1\LManager.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Load]

C:\WINDOWS\svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSPY2002]

–a------ 2004-08-10 20:00 59392 C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ntiMUI]

–a------ 2005-05-11 17:15 45056 C:\Program Files\NewTech Infosystems\NTI CD DVD-Maker 7\ntiMUI.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002A]

–a------ 2004-08-10 20:00 455168 C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002ASync]

–a------ 2004-08-10 20:00 455168 C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]

–a------ 2008-01-31 23:13 385024 C:\Program Files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]

–a------ 2006-06-27 14:54 16248320 C:\WINDOWS\RTHDCPL.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel]

–a------ 2006-05-15 18:04 2879488 C:\WINDOWS\SkyTel.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]

–a------ 2008-01-21 12:17 61440 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]

–a------ 2008-02-22 04:25 144784 C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]

C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]

–a------ 2006-03-03 13:07 761946 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\updateMgr]

-ra------ 2006-03-30 16:45 313472 c:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WarReg_PopUp]

–a------ 2006-09-23 13:08 61440 C:\Acer\WR_PopUp\WarReg_PopUp.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]

“LightScribeService”=2 (0x2)

“Ati HotKey Poller”=2 (0x2)

“AcerMemUsageCheckService”=2 (0x2)

“aawservice”=2 (0x2)

“wuauserv”=2 (0x2)

“Themes”=2 (0x2)

“TapiSrv”=3 (0x3)

“SysmonLog”=3 (0x3)

“SwPrv”=3 (0x3)

“RemoteRegistry”=2 (0x2)

“RDSessMgr”=3 (0x3)

“ERSvc”=2 (0x2)

“gusvc”=3 (0x3)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]

“IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}”=“C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe” ASO-616B5711-6DAE-4795-A05F-39A1E5104020

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]

“NBKeyScan”=“C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe”

“NeroCheck”=C:\WINDOWS\system32\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center]

“AntiVirusOverride”=dword:00000001

“FirewallOverride”=dword:00000001

[HKLM~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

“%windir%\system32\sessmgr.exe”=

“C:\Program Files\Messenger\msmsgs.exe”=

“C:\Program Files\Gadu-Gadu\gg.exe”=

“C:\Program Files\Grisoft\AVG7\avginet.exe”=

“C:\Program Files\Grisoft\AVG7\avgamsvr.exe”=

“C:\Program Files\Grisoft\AVG7\avgcc.exe”=

“C:\Program Files\Grisoft\AVG7\avgemc.exe”=

“%windir%\Network Diagnostic\xpnetdiag.exe”=

“C:\Program Files\uTorrent\uTorrent.exe”=

“C:\Program Files\DAP\DAP.EXE”=

“C:\WINDOWS\System32\usmt\migwiz.exe”=

“C:\Program Files\Ares\Ares.exe”=

S2 eLock2BurnerLockDriver;eLock2BurnerLockDriver;C:\WINDOWS\system32\eLock2BurnerLockDriver.sys []

S2 eLock2FSCTLDriver;eLock2FSCTLDriver;C:\WINDOWS\system32\eLock2FSCTLDriver.sys []

S2 UxTuneUp;TuneUp Theme Extension;C:\WINDOWS\System32\svchost.exe [2004-08-10 22:00]

S3 TuneUp.Defrag;TuneUp Drive Defrag Service;C:\WINDOWS\System32\TuneUpDefragService.exe [2008-04-23 19:53]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs

UxTuneUp

*Newly Created Service* - CATCHME

.

Contents of the ‘Scheduled Tasks’ folder

“2008-04-24 08:36:04 C:\WINDOWS\Tasks\1-Click Maintenance.job”

  • C:\Program Files\TuneUp Utilities 2008\OneClickStarter.exe

.

**************************************************************************

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2008-04-24 10:51:17

Windows 5.1.2600 Service Pack 2 FAT NTAPI

scanning hidden processes …

scanning hidden autostart entries …

scanning hidden files …

scan completed successfully

hidden files: 0

**************************************************************************

.

Completion time: 2008-04-24 10:52:24

ComboFix-quarantined-files.txt 2008-04-24 08:52:18

Pre-Run: 10,265,772,032 bytes free

Post-Run: 10,739,908,608 bytes free

277 — E O F — 2008-04-14 23:04:01


(Kolmar) #6

Zrób kopie zakładek (bookmarks) i spróbuj wyczyścić folder z profilami Firefoxa. Wpierw jednak wyczyść pamięć podręczną (cache) przeglądarki.

Znajdziesz to w C:\Documents and Settings\nazwa_usera\Application Data\Mozilla\Firefox


(Przemas Ppp) #7

dalej kiszka.zrobiłem to co proponowałeś ale bez rezultatu.Firefox wyczyściłem do cna ale nie pomogło… ??? :frowning:


(Kolmar) #8

To w takim razie przeinstaluj wtyczkę flash, pobierz [najnowszą] i zainstaluj. Do deinstalacji flasha użyj programu “Flash Player Uninstaller”.


(Przemas Ppp) #9

Chyba wszystkie te operacje których dokonałem dzięki waszej pomocy troszkę pomogły i już tak strasznie nie muli kompa ale jak macie jeszcze jakieś pomysły to proszę o dalsze porady i instrukcje. Będę wdzięczny za każą pomoc, a za dotychczasową pomoc wielkie dzięki =D>

W dniu 24.04.2008 , o godzinie 22:58 został dopisany post przez Pum

A jak sformatować Windowsa jeżeli nie mam go na płycie tylko wgranego oryginalnie w bebechach ?


(Kolmar) #10

Jeżeli instalujesz go z płytki bądź z partycji recovery to zazwyczaj instalator sam sobie przygotuje partycje ale osobiście nie preferuje tego stylu instalacji. Możesz użyć jakiegoś programu, startujesz kompa z bootowalnej płytki z nagranym na niej programem np. Acronis, gparted, może być linux live CD, płyta narzędziowa np. Hirens, Ultimate Boot CD jest wiele możliwości i formatujesz dysk.