Sharingan Napisano Czerwiec 17, 2009 Zgłoś Share Napisano Czerwiec 17, 2009 Mam taki problem wczoraj popołudniu gdy grałem w AoC wywaliło mnie do pulpitu z komunikatem że pamięć podręczna jest za mała dobra odpalam menadżer plików a co tam 220 procesów z których 180 svchost dobra zamykam je sumienie po kolei ale po jakimś czasie gdy grałem w World in Conflict to samo. I tak co jakiś czas moja pamięć jest spamowany przez ten proces ktoś może jakoś pomóc? (dodam że avasta bo wykrył parę trojanów z którymi nie dawał sobie rady wyrzuciłem i załdowałem G Data który właśnie wykonuje gruntowny skan a rejestr też czyściłem jeśli ma to znaczenie) Z góry dziękuje za pomoc i przepraszam jeśli powtórzyłem temat ale przejrzałem z 8 stron i nie widziałem podobnego Link do komentarza Udostępnij na innych stronach More sharing options...
SwisteK Napisano Czerwiec 17, 2009 Zgłoś Share Napisano Czerwiec 17, 2009 (dodam że avasta bo wykrył parę trojanów z którymi nie dawał sobie rady wyrzuciłem i załdowałem G Data który właśnie wykonuje gruntowny skan a rejestr też czyściłem jeśli ma to znaczenie) Daj znać jak już usuniesz wirusy z kompa. Na razie wygląda to na typowy problem z robalami. Link do komentarza Udostępnij na innych stronach More sharing options...
Sharingan Napisano Czerwiec 17, 2009 Autor Zgłoś Share Napisano Czerwiec 17, 2009 Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 18:38:23, on 2009-06-17 Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Tall Emu\Online Armor\OAcat.exe C:\WINDOWS\system32\Ati2evxx.exe C:\Program Files\Tall Emu\Online Armor\oasrv.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\PROGRA~1\MYWEBS~1\bar\2.bin\mwsoemon.exe C:\WINDOWS\RTHDCPL.EXE C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe C:\Program Files\Tall Emu\Online Armor\oaui.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDClock.exe C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDCountdown.exe C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDPop3.exe C:\Program Files\G DATA\AntiVirus\AVKTray\AVKTray.exe C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDMedia.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe D:\Program Files\Gadu-Gadu\gg.exe C:\Program Files\Tall Emu\Online Armor\OAhlp.exe C:\Program Files\Microsoft ActiveSync\wcescomm.exe D:\Program Files\Creative\Creative Media Lite\CTZDetec.exe C:\PROGRA~1\MICROS~2\rapimgr.exe C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe C:\Program Files\Common Files\G DATA\AVKProxy\AVKProxy.exe C:\Program Files\G DATA\AntiVirus\AVK\AVKService.exe C:\Program Files\G DATA\AntiVirus\AVK\AVKWCtl.exe C:\WINDOWS\system32\CTsvcCDA.exe C:\Program Files\Creative\Shared Files\CTDevSrv.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\CyberLink\Shared files\RichVideo.exe C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\G DATA\AntiVirus\AVK\avk.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Softwa 15ac re\Microsoft\Internet Explorer\Main,Search Bar = http://www.crawler.com/search/dispatcher.a...&tbid=66019 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com/?SearchSource=10...;ctid=CT1392740 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=66019 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=66019 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=66019 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=66019 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - (no file) R3 - URLSearchHook: MyPlayCity Toolbar - {4724C5D8-DFA7-417A-A2F5-1EABFEE9B4AC} - C:\Program Files\MyPlayCity\tbMyPl.dll O2 - BHO: G DATA WebFilter Class - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files\G DATA\AntiVirus\Webfilter\AvkWebIE.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\2.bin\MWSBAR.DLL O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - D:\Program Files\BitComet\tools\BitCometBHO_1.2.2.28.dll O2 - BHO: MyPlayCity Toolbar - {4724c5d8-dfa7-417a-a2f5-1eabfee9b4ac} - C:\Program Files\MyPlayCity\tbMyPl.dll O2 - BHO: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL O2 - BHO: Colej_uk Design Toolbar Helper - {A2B725B3-74A8-409c-BF35-5A5A05A9AF07} - C:\Program Files\Colej_uk Design Toolbar\v2.0.0.5\Colej_uk_Design_Toolbar.dll O2 - BHO: e404 helper - {C03FD59D-9104-44B7-929A-9EAA0BA05211} - (no file) O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: MyPlayCity Toolbar - {4724c5d8-dfa7-417a-a2f5-1eabfee9b4ac} - C:\Program Files\MyPlayCity\tbMyPl.dll O3 - Toolbar: My Web Search - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\2.bin\MWSBAR.DLL O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll O3 - Toolbar: Colej_uk Design Toolbar - {EE8D451C-390D-4973-9343-D8C3A5194BE6} - C:\Program Files\Colej_uk Design Toolbar\v2.0.0.5\Colej_uk_Design_Toolbar.dll O3 - Toolbar: G DATA WebFilter - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files\G DATA\AntiVirus\Webfilter\AvkWebIE.dll O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe" O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [MyWebSearch Plugin] rundll32 C:\PROGRA~1\MYWEBS~1\bar\2.bin\M3PLUGIN.DLL,UPF O4 - HKLM\..\Run: [My Web Search Bar] rundll32 C:\PROGRA~1\MYWEBS~1\bar\2.bin\MWSBAR.DLL,S O4 - HKLM\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\2.bin\mwsoemon.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [Launch LCDMon] "C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe" O4 - HKLM\..\Run: [Launch LGDCore] "C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe" /SHOWHIDE O4 - HKLM\..\Run: [MP10_EnsureFileVer] C:\WINDOWS\inf\unregmp2.exe /EnsureFileVersions O4 - HK 15ac LM\..\Run: [amd_dc_opt] C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -scheduler O4 - HKLM\..\Run: [@OnlineArmor GUI] "C:\Program Files\Tall Emu\Online Armor\oaui.exe" O4 - HKLM\..\Run: [G DATA AntiVirus Trayapplication] C:\Program Files\G DATA\AntiVirus\AVKTray\AVKTray.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Gadu-Gadu] "D:\Program Files\Gadu-Gadu\gg.exe" /tray O4 - HKCU\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\2.bin\mwsoemon.exe O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe" O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun O4 - HKCU\..\Run: [CTZDetec.exe] D:\Program Files\Creative\Creative Media Lite\CTZDetec.exe O4 - HKCU\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe" /systray /nologon O4 - HKCU\..\Run: [Steam] "d:\program files\steam\steam.exe" -silent O4 - HKCU\..\Run: [ALLUpdate] "C:\Program Files\ALLPlayer\ALLUpdate.exe" "sleep" O4 - HKCU\..\Run: [Przemo] C:\Documents and Settings\Przemo\Przemo.exe /i O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'USŁUGA LOKALNA') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'USŁUGA SIECIOWA') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Startup: hamachi.lnk = C:\Program Files\Hamachi\hamachi.exe O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present O8 - Extra context menu item: &D&ownload &with BitComet - res://D:\Program Files\BitComet\BitComet.exe/AddLink.htm O8 - Extra context menu item: &D&ownload all video with BitComet - res://D:\Program Files\BitComet\BitComet.exe/AddVideo.htm O8 - Extra context menu item: &D&ownload all with BitComet - res://D:\Program Files\BitComet\BitComet.exe/AddAllLink.htm O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/...html?p=ZNfox000 O8 - Extra context menu item: Add to AMV Convert Tool... - C:\Program Files\MP3 Player Utilities 4.00\AMVConverter\grab.html O8 - Extra context menu item: Add to AMV Converter... - C:\Program Files\MP3 Player Utilities 4.10\AMVConverter\grab.html O8 - Extra context menu item: MediaManager tool grab multimedia file - C:\Program Files\MP3 Player Utilities 4.10\MediaManager\grab.html O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~2\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~2\INetRepl.dll O9 - Extra 'Tools' menuitem: Utwórz Ulubione dla urządzenia przenośnego... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~2\INetRepl.dll O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://D:\Program Files\BitComet\tools\BitCometBHO_1.2.2.28.dll/206 (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll O17 - HKLM\System\CCS\Services\Tcpip\..\{05DBD62B-1C44-4A5B-8B63-307BC390438A}: NameServer = 192.168.0.1 O17 - HKLM\System\CCS\Services\Tcpip\..\{D460C888-5A4C-4953-A7C9-ACBF82C55756}: NameServer = 194.204.159.1 O17 - HKLM\System\CS1\Services\Tcpip\..\{05DBD62B-1C44-4A5B-8B63-307BC390438A}: NameServer = 192.168.0.1 O17 - HKLM\System\CS2\Services\Tcpip\..\{05DBD62B-1C44-4A5B-8B63-307BC390438A}: NameServer = 192.168.0.1 O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe (file d1c missing) O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe (file missing) O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: G DATA AntiVirus Proxy (AVKProxy) - G DATA Software - C:\Program Files\Common Files\G DATA\AVKProxy\AVKProxy.exe O23 - Service: G DATA Scheduler (AVKService) - G DATA Software - C:\Program Files\G DATA\AntiVirus\AVK\AVKService.exe O23 - Service: Strażnik AntiVirus (AVKWCtl) - G DATA Software AG - C:\Program Files\G DATA\AntiVirus\AVK\AVKWCtl.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe O23 - Service: CT Device Query service (CTDevice_Srv) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTDevSrv.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: My Web Search Service (MyWebSearchService) - MyWebSearch.com - C:\PROGRA~1\MYWEBS~1\bar\2.bin\mwssvc.exe O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing) O23 - Service: Online Armor Helper Service (OAcat) - Tall Emu - C:\Program Files\Tall Emu\Online Armor\OAcat.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe O23 - Service: Online Armor (SvcOnlineArmor) - Tall Emu - C:\Program Files\Tall Emu\Online Armor\oasrv.exe -- End of file - 13471 bytes PS. Jak narazie po gruntownym skanie nic groźnego się nie dzieje(kopjujacy sie svchost) byle tak zostało:) Logi wklejamy w znacznikach CODEBOX - GFR Link do komentarza Udostępnij na innych stronach More sharing options...
Converse Napisano Czerwiec 17, 2009 Zgłoś Share Napisano Czerwiec 17, 2009 Instalowałeś sam "MyWebSearch" toolbar? http://search.conduit.com/ to Twoja strona startowa, którą sam ustawiałeś? Jeśli nie to skasuj te wpisy: R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com/?SearchSource=10...;ctid=CT1392740 R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - (no file) O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\2.bin\MWSBAR.DLL O2 - BHO: e404 helper - {C03FD59D-9104-44B7-929A-9EAA0BA05211} - (no file) O3 - Toolbar: My Web Search - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\2.bin\MWSBAR.DLL O4 - HKLM\..\Run: [MyWebSearch Plugin] rundll32 C:\PROGRA~1\MYWEBS~1\bar\2.bin\M3PLUGIN.DLL,UPF O4 - HKLM\..\Run: [My Web Search Bar] rundll32 C:\PROGRA~1\MYWEBS~1\bar\2.bin\MWSBAR.DLL,S O4 - HKLM\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\2.bin\mwsoemon.exe O4 - HKCU\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\2.bin\mwsoemon.exe O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/...html?p=ZNfox000 O23 - Service: My Web Search Service (MyWebSearchService) - MyWebSearch.com - C:\PROGRA~1\MYWEBS~1\bar\2.bin\mwssvc.exe Link do komentarza Udostępnij na innych stronach More sharing options...
Sharingan Napisano Czerwiec 17, 2009 Autor Zgłoś Share Napisano Czerwiec 17, 2009 Sorry za te logi ale pierwszy raz coś takiego wklejałem trochę ze mnie newbie w tych sprawach. A co do tych toolbarów to zasługa innych użytkowników. Dziękuję za pomoc i poświęcony czas Link do komentarza Udostępnij na innych stronach More sharing options...
deejay666 Napisano Sierpień 18, 2009 Zgłoś Share Napisano Sierpień 18, 2009 Cześć, mam problem z tym procesem. Od samego startu zajmuje mi 100% procesora, kiedyś miałem już ten problem i format mi pomógł ale to jest męczące co miesiąc formata robic, proszę o pomoc Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 21:20:16, on 2009-08-18 Platform: Windows XP Dodatek SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe C:\WINDOWS\Explorer.EXE C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe C:\WINDOWS\system32\PnkBstrA.exe C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Logitech\Gaming Software\LWEMon.exe F:\Daniel\Instalki\core temp\Core Temp.exe C:\Program Files\Logitech\SetPoint\SetPoint.exe C:\Program Files\SAGEM WiFi manager\WLANUTL.exe C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe C:\Documents and Settings\DeeJay666\Menu Start\Programy\Autostart\smgr32.exe C:\vghd\vghd.exe C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE C:\Program Files\Logitech\SetPoint\LU\LULnchr.exe C:\Program Files\Logitech\SetPoint\LU\LogitechUpdate.exe C:\Program Files\Opera\opera.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza O2 - BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.3.3.2.dll O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll O2 - BHO: IEPluginBHO - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Documents and Settings\DeeJay666\Dane aplikacji\Nowe Gadu-Gadu\_userdata\ggbho.1.dll O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll O4 - HKLM\..\Run: [start WingMan Profiler] C:\Program Files\Logitech\Gaming Software\LWEMon.exe /noui O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe" O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKCU\..\Run: [Core Temp] "F:\Daniel\Instalki\core temp\Core Temp.exe" O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA LOKALNA') O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'USŁUGA LOKALNA') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA SIECIOWA') O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'USŁUGA SIECIOWA') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user') O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe O4 - Startup: smgr32.exe O4 - Startup: vghd.lnk = C:\vghd\vghd.exe O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe O4 - Global Startup: Program sieciowy dla SAGEM Wi-Fi 11g USB adapter.lnk = ? O8 - Extra context menu item: &Download All with FlashGet - C:\PROGRA~1\FlashGet\jc_all.htm O8 - Extra context menu item: &Download with FlashGet - C:\PROGRA~1\FlashGet\jc_link.htm O8 - Extra context menu item: Dodaj do listy blokowanych banerów - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Pobierz wszystkie VIdeo za pomocą BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm O8 - Extra context menu item: Pobierz wszystko za pomocą BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm O8 - Extra context menu item: Pobierz z &BitSpirit - C:\Program Files\BitSpirit\bsurl.htm O8 - Extra context menu item: Pobierz za pomocą BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm O9 - Extra button: Statystyki ochrony WWW - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\SCIEPlgn.dll O9 - Extra button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.3.3.2.dll/206 (file missing) O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll,C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~1\adialhk.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Usługa iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe O23 - Service: nTune Service (nTuneService) - NVIDIA - C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe -- End of file - 9464 bytes Link do komentarza Udostępnij na innych stronach More sharing options...
Sevard Napisano Sierpień 18, 2009 Zgłoś Share Napisano Sierpień 18, 2009 Daj lepiej log z Combofix-a, bardziej przydatne narzędzie przy takich problemach. Link do komentarza Udostępnij na innych stronach More sharing options...
