Elektroda.pl
Elektroda.pl
X
Proszę, dodaj wyjątek www.elektroda.pl do Adblock.
Dzięki temu, że oglądasz reklamy, wspierasz portal i użytkowników.

Nie mogę uruchomić niektórych EXE'ków.

ViruS181 05 Mar 2011 18:08 1802 9
  • #1 05 Mar 2011 18:08
    ViruS181
    Poziom 8  

    Witam wszystkich, mam nadzieję, że chociaz na tym forum otrzymam pomoc.
    Tak więc mam problem z niektórymi plikami .exe, które najczęściej powiązane są z javą. Przykładem tego jest Minecraft. Odpalam plik minecraft.exe i jedyne co się dzieje, to słychać dźwięk erroru i nic. Nie pojawia się żaden plik, folder, log czy coś. Mam AVG i COMODO. Skanowałem AVG wiele razy i mimo, że wszystko usunęło cały czas to samo.
    Oto wpis z Hijacka:

    Code:
    Logfile of HijackThis v1.99.1
    
    Scan saved at 18:07:26, on 2011-03-05
    Platform: Windows XP Dodatek SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v8.00 (8.00.6001.18702)

    Running processes:
    E:\WINDOWS\System32\smss.exe
    E:\WINDOWS\system32\winlogon.exe
    E:\WINDOWS\system32\services.exe
    E:\WINDOWS\system32\lsass.exe
    E:\WINDOWS\system32\svchost.exe
    E:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
    E:\WINDOWS\system32\svchost.exe
    E:\Program Files\AVG\AVG9\avgchsvx.exe
    E:\Program Files\AVG\AVG9\avgrsx.exe
    E:\WINDOWS\system32\spoolsv.exe
    E:\Program Files\AVG\AVG9\avgcsrvx.exe
    E:\WINDOWS\System32\svchost.exe
    E:\Program Files\AVG\AVG9\avgwdsvc.exe
    E:\Program Files\cFosSpeed\spd.exe
    E:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
    E:\WINDOWS\system32\nvsvc32.exe
    E:\WINDOWS\system32\svchost.exe
    E:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    E:\Program Files\AVG\AVG9\avgemc.exe
    E:\Program Files\AVG\AVG9\avgnsx.exe
    E:\Program Files\AVG\AVG9\avgcsrvx.exe
    E:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    E:\WINDOWS\Explorer.EXE
    E:\WINDOWS\system32\RUNDLL32.EXE
    E:\PROGRA~1\AVG\AVG9\avgtray.exe
    E:\Program Files\cFosSpeed\cFosSpeed.exe
    E:\WINDOWS\RTHDCPL.EXE
    E:\Program Files\Gamevance\gamevance32.exe
    E:\Program Files\WhatPulse\WhatPulse.exe
    E:\Program Files\Messenger\msmsgs.exe
    E:\WINDOWS\system32\wscntfy.exe
    E:\Program Files\802.11 Wireless LAN\PLANET WL-8317 54M Wireless LAN Adapter\WlanCU.exe
    C:\Program Files\RocketDock\RocketDock.exe
    E:\WINDOWS\system32\wuauclt.exe
    E:\Program Files\TeamSpeak 3 Client\ts3client_win32.exe
    E:\WINDOWS\system32\WISPTIS.EXE
    E:\Program Files\Java\jre6\bin\jqs.exe
    E:\WINDOWS\system32\wbem\wmiapsrv.exe
    E:\Program Files\Mozilla Firefox\firefox.exe
    E:\Program Files\Mozilla Firefox\plugin-container.exe
    E:\Program Files\Gadu-Gadu 10\gg.exe
    E:\Program Files\WinRAR\WinRAR.exe
    E:\Program Files\AVG\AVG9\avgscanx.exe
    E:\Program Files\AVG\AVG9\avgcsrvx.exe
    E:\Program Files\COMODO\COMODO Internet Security\cfp.exe
    E:\DOCUME~1\VIUS~1.VIR\USTAWI~1\Temp\cd559.tmp\2009 codebase\installers\cdinstaller16\bin\runtime\build_script\cdinstx.exe




    E:\WINDOWS\system32\msiexec.exe
    E:\Program Files\Common Files\Authentium\AntiVirus5\vsedsps.exe
    E:\Program Files\Common Files\Authentium\AntiVirus5\vseamps.exe
    E:\Program Files\Common Files\Authentium\AntiVirus5\vseqrts.exe
    E:\Program Files\CyberDefender\AntiSpyware\CDLauncherWS.exe
    E:\Documents and Settings\Vi®uS.VIRUS\Moje dokumenty\Pobieranie\HijackThis.exe

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - E:\Program Files\Ask.com\GenericAskToolbar.dll
    R3 - URLSearchHook: ToolbarURLSearchHook Class - {CA3EB689-8F09-4026-AA10-B9534C691CE0} - E:\Program Files\HypreCam Toolbar\tbhelper.dll
    R3 - URLSearchHook: Softonic-Polska Toolbar - {c86eb8a9-ccc2-4b6c-b75d-73576ed591bf} - E:\Program Files\Softonic-Polska\tbSof0.dll
    R3 - URLSearchHook: XfireXO Toolbar - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - E:\Program Files\XfireXO\tbXfi0.dll
    R3 - URLSearchHook: FCToolbarURLSearchHook Class - {f78bf7a8-cf12-4de7-a6da-c463d1b539a7} - E:\Program Files\Dogpile Bundle Toolbar\Helper.dll
    R3 - URLSearchHook: (no name) -  - (no file)
    O2 - BHO: Gamevance - {0ED403E8-470A-4a8a-85A4-D7688CFE39A3} - E:\Program Files\Gamevance\gamevancelib32.dll
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - E:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - E:\Program Files\ConduitEngine\ConduitEngin0.dll
    O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - E:\Program Files\BitComet\tools\BitCometBHO_1.4.1.10.dll
    O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - E:\Program Files\AVG\AVG9\avgssie.dll
    O2 - BHO: XfireXO Toolbar - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - E:\Program Files\XfireXO\tbXfi0.dll
    O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - E:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Megaupload Toolbar - {A057A204-BACC-4D26-C39E-35F1D2A32EC8} - E:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - e:\program files\google\googletoolbar1.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - E:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll
    O2 - BHO: Gamevance Text - {beaC7DC8-E106-4C6A-931E-5A42E7362883} - E:\Program Files\Gamevance\gvtl.dll
    O2 - BHO: FCTBPos00Pos - {BFE4B5CB-63F7-4A51-9266-6167655D5B4F} - E:\Program Files\Dogpile Bundle Toolbar\Toolbar.dll
    O2 - BHO: Softonic-Polska Toolbar - {c86eb8a9-ccc2-4b6c-b75d-73576ed591bf} - E:\Program Files\Softonic-Polska\tbSof0.dll
    O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - E:\Program Files\Ask.com\GenericAskToolbar.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - E:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - E:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O2 - BHO: IEPluginBHO - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - E:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\Gadu-Gadu 10\_userdata\ggbho.2.dll (file missing)
    O2 - BHO: SMTTB2009 - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - E:\Program Files\HypreCam Toolbar\tbcore3.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - e:\program files\google\googletoolbar1.dll
    O3 - Toolbar: HypreCam Toolbar - {338B4DFE-2E2C-4338-9E41-E176D497299E} - E:\Program Files\HypreCam Toolbar\tbcore3.dll
    O3 - Toolbar: Softonic-Polska Toolbar - {c86eb8a9-ccc2-4b6c-b75d-73576ed591bf} - E:\Program Files\Softonic-Polska\tbSof0.dll
    O3 - Toolbar: Megaupload Toolbar - {A057A204-BACC-4D26-C39E-35F1D2A32EC8} - E:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL
    O3 - Toolbar: XfireXO Toolbar - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - E:\Program Files\XfireXO\tbXfi0.dll
    O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - E:\Program Files\ConduitEngine\ConduitEngin0.dll
    O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - E:\Program Files\Ask.com\GenericAskToolbar.dll
    O3 - Toolbar: Dogpile Bundle Toolbar - {C80BDEB2-8735-44C6-BD55-A1CCD555667A} - E:\Program Files\Dogpile Bundle Toolbar\Toolbar.dll
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE E:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE E:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [GEST] E:\Program Files\GIGABYTE\GEST\RUN.e_e
    O4 - HKLM\..\Run: [QuickTime Task] "E:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [AVG9_TRAY] E:\PROGRA~1\AVG\AVG9\avgtray.exe
    O4 - HKLM\..\Run: [HKLM] E:\WINDOWS\Server\server.exe
    O4 - HKLM\..\Run: [cFosSpeed] E:\Program Files\cFosSpeed\cFosSpeed.exe
    O4 - HKLM\..\Run: [COMODO Internet Security] "E:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h
    O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "E:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [Gamevance] E:\Program Files\Gamevance\gamevance32.exe a
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "E:\Program Files\Common Files\Java\Java Update\jusched.exe"
    O4 - HKCU\..\Run: [Software Informer] "E:\Program Files\Software Informer\softinfo.exe" -autorun
    O4 - HKCU\..\Run: [WhatPulse] E:\Program Files\WhatPulse\WhatPulse.exe
    O4 - HKCU\..\Run: [MSMSGS] "E:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [HKCU] E:\WINDOWS\Server\server.exe
    O4 - HKCU\..\Run: [Vidalia] "E:\Program Files\Vidalia Bundle\Vidalia\vidalia.exe"
    O4 - HKCU\..\Run: [RGSC] E:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent
    O4 - HKCU\..\Run: [CyberDefender Early Detection Center] "E:\Program Files\CyberDefender\AntiSpyware\_cdas572.exe" /minimize
    O4 - Startup: Skrót do RocketDock.lnk = C:\Program Files\RocketDock\RocketDock.exe
    O4 - Global Startup: RocketDock.exe
    O4 - Global Startup: WL-8317.lnk = E:\Program Files\802.11 Wireless LAN\PLANET WL-8317 54M Wireless LAN Adapter\WlanCU.exe
    O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://E:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
    O8 - Extra context menu item: Pobierz wszystkie VIdeo za pomocą BitComet - res://E:\Program Files\BitComet\BitComet.exe/AddVideo.htm
    O8 - Extra context menu item: Pobierz wszystko za pomocą BitComet - res://E:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
    O8 - Extra context menu item: Pobierz za pomocą BitComet - res://E:\Program Files\BitComet\BitComet.exe/AddLink.htm
    O9 - Extra button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://E:\Program Files\BitComet\tools\BitCometBHO_1.4.1.10.dll/206 (file missing)
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe
    O10 - Unknown file in Winsock LSP: e:\windows\system32\prxernsp.dll
    O10 - Unknown file in Winsock LSP: e:\windows\system32\prxerdrv.dll
    O10 - Unknown file in Winsock LSP: e:\windows\system32\prxerdrv.dll
    O11 - Options group: [INTERNATIONAL] International
    O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} (MksSkanerOnline Class) - http://www.mks.com.pl/skaner/SkanerOnline.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{51669919-E760-4A3F-8B02-ABD15EEFB081}: NameServer = 156.154.70.25,156.154.71.25
    O17 - HKLM\System\CCS\Services\Tcpip\..\{A94EF5CE-C622-450B-9631-291846603B17}: NameServer = 156.154.70.25,156.154.71.25
    O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - E:\Program Files\AVG\AVG9\avgpp.dll
    O20 - AppInit_DLLs: E:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL E:\WINDOWS\system32\guard32.dll
    O20 - Winlogon Notify: avgrsstarter - E:\WINDOWS\SYSTEM32\avgrsstx.dll
    O20 - Winlogon Notify: dimsntfy - %SystemRoot%\System32\dimsntfy.dll (file missing)
    O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - E:\WINDOWS\system32\WPDShServiceObj.dll
    O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - E:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
    O23 - Service: AVG Free E-mail Scanner (avg9emc) - AVG Technologies CZ, s.r.o. - E:\Program Files\AVG\AVG9\avgemc.exe
    O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - E:\Program Files\AVG\AVG9\avgwdsvc.exe
    O23 - Service: CyberDefender Launcher (CDLauncher) - CyberDefender Corp. - E:\Program Files\CyberDefender\AntiSpyware\CDLauncherWS.exe
    O23 - Service: cFosSpeed System Service (cFosSpeedS) - Unknown owner - E:\Program Files\cFosSpeed\spd.exe" -service (file missing)
    O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - E:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
    O23 - Service: LogMeIn Hamachi 2.0 Tunneling Engine (Hamachi2Svc) - Unknown owner - E:\Program Files\LogMeIn Hamachi\hamachi-2.exe" -s (file missing)
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - E:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Unknown owner - E:\Program Files\Java\jre6\bin\jqs.exe" -service -config "E:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf (file missing)
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - E:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: vseamps - Authentium, Inc - E:\Program Files\Common Files\Authentium\AntiVirus5\vseamps.exe
    O23 - Service: vsedsps - Authentium, Inc - E:\Program Files\Common Files\Authentium\AntiVirus5\vsedsps.exe
    O23 - Service: vseqrts - Authentium, Inc - E:\Program Files\Common Files\Authentium\AntiVirus5\vseqrts.exe


    Pozdrawiam

    0 9
  • Pomocny post
    #2 05 Mar 2011 18:13
    Kolobos
    Spec od komputerów

    Odinstaluj te wszystkie Toolbary, zrob skan przy pomocy mbam.
    Odinstaluj tez na razie comodo oraz antywirusa.

    Daj logi z OTL w zalaczniku.

    Zainstaluj najnowsza wersje javy z www.java.com

    0
  • #3 05 Mar 2011 18:24
    ViruS181
    Poziom 8  

    Co do javy to już aktualizowałem ją, nie pomagało i odinstalowałem i zainstalowałem od nowa co tez nie pomogło.
    Toolbary odinstalowane, comodo i avg rowniez. OTL i MBAM juz skanuja.

    0
  • Pomocny post
    #4 05 Mar 2011 18:25
    Kolobos
    Spec od komputerów

    Odinstaluj jeszcze: Authentium AntiVirus5

    Na przyszlosc nie instaluj wiecej niz jednego antywirusa.

    0
  • #5 05 Mar 2011 18:54
    ViruS181
    Poziom 8  

    Logi z OTL:
    Dodano po 25 [minuty]:

    Fak je. Wszystko działa. Nie mam pojęcia co zrobiłem, ale wiem, że pousuwałem ten cały syf i komp działa 10x szybciej a aplikacje działają.
    Nie wiem jak mogę Ci podziękować, ale naprawdę wielkie wielkie DZIĘKI :).

    0
  • #6 05 Mar 2011 19:08
    Kolobos
    Spec od komputerów

    Nic dziwnego skoro miales 3 antywirusy ale dalej masz ogromny smietnik.

    Zrob skan przy pomocy mbam oraz cureit i usun to co wykryja.

    Odinstaluj: CyberDefender AntiSpyware, Authentium AntiVirus5, Comodo IS, Gamevance, Ask.com, XfireXO, Softonic-Polska, HypreCam Toolbar,Dogpile Bundle Toolbar, Conduit Engine.

    Jak juz odinstalujesz Toolbary itd to wykonaj skrypt w OTL:

    :OTL
    IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - E:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
    IE - HKCU\..\URLSearchHook: {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - E:\Program Files\XfireXO\tbXfi0.dll (Conduit Ltd.)
    IE - HKCU\..\URLSearchHook: {c86eb8a9-ccc2-4b6c-b75d-73576ed591bf} - E:\Program Files\Softonic-Polska\tbSof0.dll (Conduit Ltd.)
    IE - HKCU\..\URLSearchHook: {CA3EB689-8F09-4026-AA10-B9534C691CE0} - E:\Program Files\HypreCam Toolbar\tbhelper.dll ()
    IE - HKCU\..\URLSearchHook: {f78bf7a8-cf12-4de7-a6da-c463d1b539a7} - E:\Program Files\Dogpile Bundle Toolbar\Helper.dll ()
    [2010-09-26 17:43:25 | 000,000,000 | ---D | M] (XfireXO Toolbar) -- E:\Documents and Settings\Vi®uS.VIRUS\Dane aplikacji\Mozilla\Firefox\Profiles\juq7euu9.default\extensions\{5e5ab302-7f65-44cd-8211-c1d4caaccea3}
    [2010-10-27 14:57:52 | 000,000,000 | ---D | M] (Softonic-Polska Toolbar) -- E:\Documents and Settings\Vi®uS.VIRUS\Dane aplikacji\Mozilla\Firefox\Profiles\juq7euu9.default\extensions\{c86eb8a9-ccc2-4b6c-b75d-73576ed591bf}
    [2010-10-22 20:33:56 | 000,000,000 | ---D | M] (Ask Toolbar) -- E:\Documents and Settings\Vi®uS.VIRUS\Dane aplikacji\Mozilla\Firefox\Profiles\juq7euu9.default\extensions\toolbar@ask.com
    O2 - BHO: (Gamevance) - {0ED403E8-470A-4a8a-85A4-D7688CFE39A3} - E:\Program Files\Gamevance\gamevancelib32.dll ()
    O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - E:\Program Files\ConduitEngine\ConduitEngin0.dll (Conduit Ltd.)
    O2 - BHO: (BitComet Helper) - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - E:\Program Files\BitComet\tools\BitCometBHO_1.4.1.10.dll (BitComet)
    O2 - BHO: (XfireXO Toolbar) - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - E:\Program Files\XfireXO\tbXfi0.dll (Conduit Ltd.)
    O2 - BHO: (Gamevance Text) - {beaC7DC8-E106-4C6A-931E-5A42E7362883} - E:\Program Files\Gamevance\gvtl.dll ()
    O2 - BHO: (Dogpile Bundle Toolbar BHO) - {BFE4B5CB-63F7-4A51-9266-6167655D5B4F} - E:\Program Files\Dogpile Bundle Toolbar\Toolbar.dll ()
    O2 - BHO: (Softonic-Polska Toolbar) - {c86eb8a9-ccc2-4b6c-b75d-73576ed591bf} - E:\Program Files\Softonic-Polska\tbSof0.dll (Conduit Ltd.)
    O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - E:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
    O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - File not found
    O2 - BHO: (SMTTB2009 Class) - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - E:\Program Files\HypreCam Toolbar\tbcore3.dll ()
    O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - E:\Program Files\ConduitEngine\ConduitEngin0.dll (Conduit Ltd.)
    O3 - HKLM\..\Toolbar: (HypreCam Toolbar) - {338B4DFE-2E2C-4338-9E41-E176D497299E} - E:\Program Files\HypreCam Toolbar\tbcore3.dll ()
    O3 - HKLM\..\Toolbar: (XfireXO Toolbar) - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - E:\Program Files\XfireXO\tbXfi0.dll (Conduit Ltd.)
    O3 - HKLM\..\Toolbar: (Dogpile Bundle Toolbar) - {C80BDEB2-8735-44C6-BD55-A1CCD555667A} - E:\Program Files\Dogpile Bundle Toolbar\Toolbar.dll ()
    O3 - HKLM\..\Toolbar: (Softonic-Polska Toolbar) - {c86eb8a9-ccc2-4b6c-b75d-73576ed591bf} - E:\Program Files\Softonic-Polska\tbSof0.dll (Conduit Ltd.)
    O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - E:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
    O3 - HKCU\..\Toolbar\WebBrowser: (HypreCam Toolbar) - {338B4DFE-2E2C-4338-9E41-E176D497299E} - E:\Program Files\HypreCam Toolbar\tbcore3.dll ()
    O3 - HKCU\..\Toolbar\WebBrowser: (XfireXO Toolbar) - {5E5AB302-7F65-44CD-8211-C1D4CAACCEA3} - E:\Program Files\XfireXO\tbXfi0.dll (Conduit Ltd.)
    O3 - HKCU\..\Toolbar\WebBrowser: (Dogpile Bundle Toolbar) - {C80BDEB2-8735-44C6-BD55-A1CCD555667A} - E:\Program Files\Dogpile Bundle Toolbar\Toolbar.dll ()
    O3 - HKCU\..\Toolbar\WebBrowser: (Softonic-Polska Toolbar) - {C86EB8A9-CCC2-4B6C-B75D-73576ED591BF} - E:\Program Files\Softonic-Polska\tbSof0.dll (Conduit Ltd.)
    O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - E:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
    O4 - HKLM..\Run: [Gamevance] E:\Program Files\Gamevance\gamevance32.exe ()
    O4 - HKLM..\Run: [GEST] File not found
    O4 - HKLM..\Run: [HKLM] File not found
    O4 - HKCU..\Run: [CyberDefender Early Detection Center] E:\Program Files\CyberDefender\AntiSpyware\_cdas572.exe (CyberDefender Corp.)
    O4 - HKCU..\Run: [HKCU] File not found
    O4 - HKCU..\Run: [NexonEULauncher] File not found
    O4 - HKCU..\Run: [RGSC] File not found
    O4 - HKCU..\Run: [Software Informer] File not found
    O4 - HKCU..\Run: [Vidalia] File not found
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: Windows-Network Component = "E:\Program Files\Common Files\WUDHost.exe"
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: Policies = E:\WINDOWS\Server\server.exe
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisableTaskMgr = 1
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: Policies = E:\WINDOWS\Server\server.exe
    O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} http://www.mks.com.pl/skaner/SkanerOnline.cab (MksSkanerOnline Class)
    O20 - HKLM Winlogon: TaskMan - (F:\EDWARD\stereolove.exe) - File not found
    O20 - HKCU Winlogon: Shell - (F:\EDWARD\stereolove.exe) - File not found
    O33 - MountPoints2\{2ca3156a-7712-11df-ba75-00304f748e5a}\Shell - "" = AutoRun
    O33 - MountPoints2\{2ca3156a-7712-11df-ba75-00304f748e5a}\Shell\AutoRun\command - "" = F:\setup.exe AUTORUN=1
    O33 - MountPoints2\{7ca90388-5f27-11df-ba4b-00304f748e5a}\Shell - "" = AutoRun
    O33 - MountPoints2\{7ca90388-5f27-11df-ba4b-00304f748e5a}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
    O33 - MountPoints2\{e5dfa1b8-8f07-11de-8481-001fd09165e7}\Shell\AutoRun\command - "" = r2g20.exe
    O33 - MountPoints2\{e5dfa1b8-8f07-11de-8481-001fd09165e7}\Shell\open\Command - "" = r2g20.exe
    [2011-03-05 18:00:02 | 000,000,000 | ---D | C] -- E:\Documents and Settings\Vi®uS.VIRUS\Menu Start\Programy\CyberDefender
    [2011-03-05 17:59:44 | 000,096,200 | ---- | C] (CyberDefender Corp.) -- E:\WINDOWS\System32\drivers\CDAVFS.sys
    [2011-03-05 17:58:05 | 000,000,000 | ---D | C] -- E:\Program Files\CyberDefender
    [2011-03-05 17:57:46 | 000,000,000 | ---D | C] -- E:\Program Files\Common Files\Authentium
    [2011-03-05 12:41:55 | 000,000,000 | ---D | C] -- E:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\McAfee
    [2011-03-05 18:01:02 | 000,000,234 | ---- | M] () -- E:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job

    :Commands
    [emptytemp]

    Po wykonaniu daj nowe logi z OTL (razem z extras.txt, nie obcietym jak ostatnio) w ZALACZNIKU po usunieciu wszystkiego.


    PS. To wyglada na jakis keylogger:
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: Windows-Network Component = "E:\Program Files\Common Files\WUDHost.exe"
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: Policies = E:\WINDOWS\Server\server.exe

    0
  • #7 05 Mar 2011 21:02
    ViruS181
    Poziom 8  

    Już wykonałem to wszystko i OTL skanuje. Niestety nie usunąłem wszystkich toolbarów, bo nie mogłem ich znaleźć o.O COMODO też zostawiłem, wiele temu programowi zawdzięczam. Logi zaraz wrzucę.

    0
  • #8 05 Mar 2011 21:09
    Kolobos
    Spec od komputerów

    Mozesz miec Comodo ale wylacz w nim modul antywirusa skoro masz juz AVG.

    0
  • #10 05 Mar 2011 22:58
    Kolobos
    Spec od komputerów

    Wykonaj jeszcze taki skrypt w OTL:

    :OTL
    SRV - File not found [Auto | Stopped] -- -- (vseqrts)
    SRV - File not found [Auto | Stopped] -- -- (vsedsps)
    SRV - File not found [Auto | Stopped] -- -- (vseamps)
    SRV - File not found [Auto | Stopped] -- -- (CDLauncher)
    IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found

    Po wykonaniu wybierz w OTL Sprzatanie. To wszystko.

    0