Problem z komputerem i internetem

**Posty:** 647 · przez **gohan512** 18 Sty 2009, 10:15

A, więc mam problem, komputer muli nawet przy używaniu gimpa, a jeśli chodzi o internet to mam straszne pingi, wstawiam więc log z CF:

Kod: Zaznacz wszystko: ComboFix 09-01-17.03 - Damian 2009-01-18 9:10:18.1 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1250.1.1045.18.2047.1609 [GMT 1:00] Uruchomiony z: c:\documents and settings\Damian\Pulpit\ComboFix.exe AV: avast! antivirus 4.8.1229 [VPS 090117-0] *On-access scanning disabled* (Outdated) * Utworzono nowy punkt przywracania . ((((((((((((((((((((((((( Pliki utworzone od 2008-12-18 do 2009-01-18 ))))))))))))))))))))))))))))))) . 2009-01-12 21:10 . 2009-01-12 21:10 151 --a------ c:\windows\PhotoSnapViewer.INI 2009-01-12 14:26 . 2009-01-12 14:26 <DIR> d-------- c:\program files\Hamachi 2009-01-12 14:26 . 2009-01-12 21:55 <DIR> d-------- c:\documents and settings\Damian\Dane aplikacji\Hamachi 2009-01-12 14:26 . 2009-01-12 14:26 25,280 --a------ c:\windows\system32\drivers\hamachi.sys 2009-01-06 19:06 . 2004-05-25 16:06 417,792 --a------ c:\windows\system32\ac3filter.cpl 2008-12-26 14:20 . 2008-12-26 14:20 <DIR> dr-h----- c:\documents and settings\Damian\Dane aplikacji\SecuROM 2008-12-22 11:44 . 2008-12-22 11:44 <DIR> d-------- c:\documents and settings\All Users\Dane aplikacji\Adobe Systems 2008-12-22 11:44 . 2008-12-22 11:44 54,156 --ah----- c:\windows\QTFont.qfn 2008-12-22 11:44 . 2008-12-22 11:44 1,409 --a------ c:\windows\QTFont.for 2008-12-22 11:42 . 2008-12-22 11:42 <DIR> d-------- c:\program files\Common Files\Adobe Systems Shared 2008-12-21 09:51 . 2008-12-21 09:51 <DIR> d-------- c:\documents and settings\Damian\Dane aplikacji\Ulead Systems 2008-12-21 09:50 . 2008-12-21 09:50 <DIR> d-------- C:\Driver 2008-12-21 09:50 . 2008-12-25 20:13 74 --ah----- c:\windows\syslife.dat 2008-12-21 09:49 . 2008-12-21 09:49 <DIR> d-------- c:\program files\Ulead Systems 2008-12-21 09:49 . 2008-12-21 09:50 <DIR> d-------- c:\program files\Common Files\Ulead Systems 2008-12-21 09:49 . 2008-12-21 09:50 <DIR> d-------- c:\documents and settings\All Users\Dane aplikacji\Ulead Systems . (((((((((((((((((((((((((((((((((((((((( Sekcja Find3M )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-01-18 08:01 --------- d-----w c:\documents and settings\Damian\Dane aplikacji\gtk-2.0 2009-01-18 07:19 --------- d-----w c:\documents and settings\Damian\Dane aplikacji\Skype 2009-01-18 07:18 --------- d-----w c:\documents and settings\Damian\Dane aplikacji\skypePM 2009-01-17 21:15 --------- d-----w c:\documents and settings\Damian\Dane aplikacji\Xfire 2009-01-17 18:53 202,040 ----a-w c:\windows\system32\PnkBstrB.exe 2009-01-17 18:53 137,688 ----a-w c:\windows\system32\drivers\PnkBstrK.sys 2009-01-15 18:15 --------- d-----w c:\program files\Xfire 2008-12-26 13:03 --------- d-----w c:\documents and settings\All Users\Dane aplikacji\Media Center Programs 2008-12-26 12:55 --------- d--h--w c:\program files\InstallShield Installation Information 2008-12-22 10:43 --------- d-----w c:\program files\Common Files\Adobe 2008-12-11 20:37 42,320 ----a-w c:\windows\system32\xfcodec.dll 2008-12-07 09:05 --------- d-----w c:\documents and settings\Damian\Dane aplikacji\Ahead 2008-12-07 09:03 --------- d-----w c:\program files\Common Files\Ahead 2008-12-07 09:02 --------- d-----w c:\program files\Nero 2008-12-06 09:12 --------- d-----w c:\program files\GIMP-2.0 2008-10-27 14:13 66,872 ----a-w c:\windows\system32\PnkBstrA.exe 2008-10-27 14:09 22,328 ----a-w c:\documents and settings\Damian\Dane aplikacji\PnkBstrK.sys 2008-10-26 12:44 2,368 ----a-w c:\windows\system32\SVKP.sys . ((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2004-08-03 15360] "Skype"="c:\program files\Skype\Phone\Skype.exe" [2008-08-12 21741864] "DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" [2008-07-24 490952] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2006-09-13 139264] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "HPDJ Taskbar Utility"="c:\windows\system32\spool\drivers\w32x86\3\hpztsb04.exe" [2001-10-15 196608] "NVIDIA nTune"="c:\program files\NVIDIA Corporation\nTune\\nTune.exe" [2004-12-06 532480] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-05-16 13529088] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-05-16 86016] "GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016] "avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2008-07-19 78008] "SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784] "NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648] "nwiz"="nwiz.exe" [2008-05-16 c:\windows\system32\nwiz.exe] "SoundMan"="SOUNDMAN.EXE" [2005-10-24 c:\windows\soundman.exe] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-03 15360] c:\documents and settings\Damian\Menu Start\Programy\Autostart\ Adobe Gamma.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-03-16 113664] c:\documents and settings\All Users\Menu Start\Programy\Autostart\ Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2004-12-14 29696] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "VIDC.XFR1"= xfcodec.dll "VIDC.3iv2"= 3ivxVfWCodec.dll "VIDC.VP31"= vp31vfw.dll "msacm.l3fhg"= mp3fhg.acm "msacm.dvacm"= c:\progra~1\COMMON~1\ULEADS~1\Vio\Dvacm.acm [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"= "c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"= "e:\\THQ\\Gas Powered Games\\Supreme Commander\\bin\\SupremeCommander.exe"= "e:\\THQ\\Gas Powered Games\\GPGNet\\GPG.Multiplayer.Client.exe"= "e:\\emule\\emule.exe"= "c:\\Program Files\\Xfire\\xfire.exe"= "c:\\WINDOWS\\system32\\PnkBstrA.exe"= "c:\\WINDOWS\\system32\\PnkBstrB.exe"= "e:\\VUGames\\SWAT 4\\ContentExpansion\\System\\Swat4X.exe"= "e:\\VUGames\\SWAT 4\\ContentExpansion\\System\\Swat4XDedicatedServer.exe"= "e:\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"= "d:\\THQ\\Gas Powered Games\\Supreme Commander - Forged Alliance\\bin\\ForgedAlliance.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2008-08-31 78416] R3 V0010bVd;Creative WebCam Vista #2;c:\windows\system32\drivers\V0010bVd.sys [2008-08-31 186551] R4 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2008-08-31 20560] R4 SVKP;SVKP;c:\windows\system32\SVKP.sys [2008-10-26 2368] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{767811b8-9b92-11dd-a3e5-00173117a66a}] \Shell\AutoRun\command - G:\Autoplay.exe . - - - - USUNIĘTO PUSTE WPISY - - - - HKLM-Run-WinampAgent - c:\program files\Winamp\winampa.exe . ------- Skan uzupełniający ------- . IE: E&ksportuj do programu Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 FF - ProfilePath - c:\documents and settings\Damian\Dane aplikacji\Mozilla\Firefox\Profiles\mfom66h2.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.interia.pl/ FF - component: c:\program files\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\components\NPComponent.dll FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll . ************************************************************************** catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-01-18 09:11:05 Windows 5.1.2600 Dodatek Service Pack 2 NTFS skanowanie ukrytych procesów ... skanowanie ukrytych wpisów autostartu ... skanowanie ukrytych plików ... skanowanie pomyślnie ukończone ukryte pliki: 0 ************************************************************************** . Czas ukończenia: 2009-01-18 9:11:54 ComboFix-quarantined-files.txt 2009-01-18 08:11:52 Przed: 711 122 944 bajtów wolnych Po: 2,201,210,880 bajtów wolnych WindowsXP-KB310994-SP2-Pro-BootDisk-PLK.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect /usepmtimer 136

**Posty:** 18165 · przez **wojtas** 18 Sty 2009, 12:23

te plik/i :

c:\windows\syslife.dat

przesaknuj tu

http://virusscan.jotti.org/
http://www.virustotal.com/

i daj raporty ze skanow

1. Ściągnij OTMoveIt i go włacz i odpal go z opcji CleanUp

oraz skasuj folder C:\Qoobox
2. wykonaj optymalizację windowsa
3.sciagnij ATF_Cleaner
zaznacz
Windows Temp
All users Temp
Temporary internet files
Recycle Bin
i wcisnij EMPTY SELECTED
4.Wyłącz przywracanie systemu ( właściwości mój komputer-zakładka przywracanie - wyłącz przywracanie na wszystkich dyskach). Po chwili włącz je powrotem
5.Przeskanuj obszar mojego komputera http://www.kaspersky.pl/virusscanner.html (uruchom przez IE) Daj raport z niego na forum.

i tym:

FixIEDef.

Autor postu otrzymał pochwałę

**Posty:** 647 · przez **gohan512** 18 Sty 2009, 12:44

Kod: Zaznacz wszystko: File: syslife.dat Status: OK MD5: 897ea8d3afff6b98ae0d3d3d29a9dba2 Packers detected: - Scanner results Scan taken on 18 Jan 2009 10:36:44 (GMT) A-Squared Found nothing AntiVir Found nothing ArcaVir Found nothing Avast Found nothing AVG Antivirus Found nothing BitDefender Found nothing ClamAV Found nothing CPsecure Found nothing Dr.Web Found nothing F-Prot Antivirus Found nothing F-Secure Anti-Virus Found nothing G DATA Found nothing Ikarus Found nothing Kaspersky Anti-Virus Found nothing NOD32 Found nothing Norman Virus Control Found nothing Panda Antivirus Found nothing Sophos Antivirus Found nothing VirusBuster Found nothing VBA32 Found nothing

Kod: Zaznacz wszystko: Antywirus Wersja Ostatnia aktualizacja Wynik a-squared 4.0.0.73 2009.01.18 - AhnLab-V3 2009.1.15.0 2009.01.17 - AntiVir 7.9.0.57 2009.01.17 - Authentium 5.1.0.4 2009.01.17 - Avast 4.8.1281.0 2009.01.16 - AVG 8.0.0.229 2009.01.17 - BitDefender 7.2 2009.01.18 - CAT-QuickHeal 10.00 2009.01.17 - ClamAV 0.94.1 2009.01.18 - Comodo 935 2009.01.18 - DrWeb 4.44.0.09170 2009.01.18 - eSafe 7.0.17.0 2009.01.15 - eTrust-Vet 31.6.6312 2009.01.17 - F-Prot 4.4.4.56 2009.01.17 - F-Secure 8.0.14470.0 2009.01.18 - Fortinet 3.117.0.0 2009.01.15 - GData 19 2009.01.18 - Ikarus T3.1.1.45.0 2009.01.18 - K7AntiVirus 7.10.594 2009.01.17 - Kaspersky 7.0.0.125 2009.01.18 - McAfee 5498 2009.01.17 - McAfee+Artemis 5498 2009.01.17 - Microsoft None 2009.01.18 - NOD32 3774 2009.01.17 - Norman 5.93.01 2009.01.16 - nProtect 2009.1.8.0 2009.01.16 - Panda 9.5.1.2 2009.01.17 - PCTools 4.4.2.0 2009.01.17 - Prevx1 V2 2009.01.18 - Rising 21.12.62.00 2009.01.18 - SecureWeb-Gateway 6.7.6 2009.01.17 - Sophos 4.37.0 2009.01.18 - Sunbelt 3.2.1835.2 2009.01.16 - Symantec 10 2009.01.18 - TheHacker 6.3.1.5.222 2009.01.17 - TrendMicro 8.700.0.1004 2009.01.16 - VBA32 3.12.8.10 2009.01.17 - ViRobot 2009.1.17.1563 2009.01.17 - VirusBuster 4.5.11.0 2009.01.17 - Dodatkowe informacje File size: 74 bytes MD5...: 897ea8d3afff6b98ae0d3d3d29a9dba2 SHA1..: e51f6b36ad87d0a9cdab50e0011b976bac68576d SHA256: cc6a8b131642c9ed7abee000e7571cd4f25b6a46d874fbc2724e44125baa9fa8 SHA512: 5a060c978b477e00bae736639834e3172399510282554ee244ef2a0303789322 2aef4975261b6db47f28ed587d8364f4b9d7461b0aa2741e5c298ebfad2349c5 ssdeep: 3:sZ3e1RLrYdU9Qovx6Y6XPvsMFDKRXVzn:O3e1twWxeHsw2zn PEiD..: - TrID..: File type identification Generic INI configuration (100.0%) PEInfo: -

Kod: Zaznacz wszystko: ******************************************************************************** * * * FixIEDef Log * * Version 1.7.22.7268 * * * ******************************************************************************** Created at 11:57:40 on Sunday, January 18, 2009 Time Zone : Logged On User : Damian Operating System : Microsoft Windows XP Professional Dodatek Service Pack 2 OS Architecture : X86 System Langauge : Polish Keyboard Layout : Polish Processor : X64 AMD Athlon(tm) 64 Processor 3000+ System Drive : C:\ Windows Directory : C:\WINDOWS System Directory : C:\WINDOWS\system32 System Drive Type : Fixed System Drive Status : READY System Drive Label : System Drive Size : 40 GB System Drive Free : 3.56 GB Total Physical Memory: 2047 MB Free Physical Memory : 1575 MB Total Page File : 2047 MB Free Page File : 2307 MB Total Virtual Memory : 2048 MB Free Virtual Memory : 1971 MB Boot State : Normal boot -------------------------------------------------------------------------------- !!! userinit.exe is Clean !!! -------------------------------------------------------------------------------- !!! Files that have been deleted !!! No malicious files found -------------------------------------------------------------------------------- !!! Directories that have been removed !!! No malicious directories to be removed -------------------------------------------------------------------------------- !!! Registry entries that have been removed !!! No malicious Registry entries found ================================================================================ All Done :)

nic a nic

**Posty:** 18165 · przez **wojtas** 18 Sty 2009, 21:05

a raport z kaspra?