Prosze o sprawdzenie loga komp strasznie zwolnil
Proszę o sprawdzenie hijackthis. Wszystkie programy ślamazarnie pracują, nasila sie to jak odpali kilka programów jednocześnie i prowadzi to do zablokowania kursora myszki skacze jak zajac lub nastepuje zwiecha kompa. Wirus? Dzieki za pomoc.
Logfile of HijackThis v1.97.7
Scan saved at 11:03:21, on 2005–05–27
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ATKKBService.exe
C:\Program Files\AVPersonal\AVWUPSRV.EXE
C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe
C:\WINDOWS\system32\CTHELPER.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe
C:\Program Files\GigaByte\VGA Utility Manager\G–VGA.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\Program Files\AVPersonal\AVGNT.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe
C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe
C:\Program Files\Gadu–Gadu\gg.exe
C:\WINDOWS\system32\taskmgr.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\D–Tools\daemon.exe
M:\setup.exe
C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\1050\INTEL3~1\IDriver.exe
C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
C:\WINDOWS\system32\MsiExec.exe
C:\WINDOWS\system32\MsiExec.exe
C:\Program Files\totalcmd\TOTALCMD.EXE
D:\Uzytki\Zapora Kerio\Hijack\HijackThis.exe
R0 – HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
O2 – BHO: (no name) – {06849E9F–C8D7–4D59–B87D–784B7D6BE0B3} – C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 – BHO: (no name) – {AE7CD045–E861–484f–8273–0445EE161910} – C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 – Toolbar: Adobe PDF – {47833539–D0C5–4125–9FA8–0819E2EAAC93} – C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O4 – HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 – HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 – HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 – HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"
O4 – HKLM\..\Run: [VGAUtil] C:\Program Files\GigaByte\VGA Utility Manager\G–VGA.exe
O4 – HKLM\..\Run: [DAEMON Tools–1033] "C:\Program Files\D–Tools\daemon.exe" –lang 1033
O4 – HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 – Global Startup: Adobe Acrobat Speed Launcher.lnk = ?
O8 – Extra context menu item: Convert link target to Adobe PDF – res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 – Extra context menu item: Convert link target to existing PDF – res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 – Extra context menu item: Convert selected links to Adobe PDF – res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 – Extra context menu item: Convert selected links to existing PDF – res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 – Extra context menu item: Convert selection to Adobe PDF – res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 – Extra context menu item: Convert selection to existing PDF – res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 – Extra context menu item: Convert to Adobe PDF – res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 – Extra context menu item: Convert to existing PDF – res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 – Extra context menu item: E&ksport do programu Microsoft Excel – res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 – Extra button: Badanie (HKLM)
O16 – DPF: {6414512B–B978–451D–A0D8–FCFDF33E833C} (WUWebControl Class) – http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1116594300468
O17 – HKLM\System\CCS\Services\Tcpip\..\{B878D063–3FF0–4A71–94C4–7761469B0B63}: NameServer = 194.204.152.34 217.98.63.164
Logfile of HijackThis v1.97.7
Scan saved at 11:03:21, on 2005–05–27
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ATKKBService.exe
C:\Program Files\AVPersonal\AVWUPSRV.EXE
C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe
C:\WINDOWS\system32\CTHELPER.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe
C:\Program Files\GigaByte\VGA Utility Manager\G–VGA.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\Program Files\AVPersonal\AVGNT.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe
C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe
C:\Program Files\Gadu–Gadu\gg.exe
C:\WINDOWS\system32\taskmgr.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\D–Tools\daemon.exe
M:\setup.exe
C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\1050\INTEL3~1\IDriver.exe
C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
C:\WINDOWS\system32\MsiExec.exe
C:\WINDOWS\system32\MsiExec.exe
C:\Program Files\totalcmd\TOTALCMD.EXE
D:\Uzytki\Zapora Kerio\Hijack\HijackThis.exe
R0 – HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
O2 – BHO: (no name) – {06849E9F–C8D7–4D59–B87D–784B7D6BE0B3} – C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 – BHO: (no name) – {AE7CD045–E861–484f–8273–0445EE161910} – C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 – Toolbar: Adobe PDF – {47833539–D0C5–4125–9FA8–0819E2EAAC93} – C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O4 – HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 – HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 – HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 – HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"
O4 – HKLM\..\Run: [VGAUtil] C:\Program Files\GigaByte\VGA Utility Manager\G–VGA.exe
O4 – HKLM\..\Run: [DAEMON Tools–1033] "C:\Program Files\D–Tools\daemon.exe" –lang 1033
O4 – HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 – Global Startup: Adobe Acrobat Speed Launcher.lnk = ?
O8 – Extra context menu item: Convert link target to Adobe PDF – res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 – Extra context menu item: Convert link target to existing PDF – res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 – Extra context menu item: Convert selected links to Adobe PDF – res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 – Extra context menu item: Convert selected links to existing PDF – res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 – Extra context menu item: Convert selection to Adobe PDF – res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 – Extra context menu item: Convert selection to existing PDF – res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 – Extra context menu item: Convert to Adobe PDF – res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 – Extra context menu item: Convert to existing PDF – res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 – Extra context menu item: E&ksport do programu Microsoft Excel – res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 – Extra button: Badanie (HKLM)
O16 – DPF: {6414512B–B978–451D–A0D8–FCFDF33E833C} (WUWebControl Class) – http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1116594300468
O17 – HKLM\System\CCS\Services\Tcpip\..\{B878D063–3FF0–4A71–94C4–7761469B0B63}: NameServer = 194.204.152.34 217.98.63.164
Odpowiedzi: 4
no tak nie zauwazylem ze tam pisze InstallShield
Nie, te pliki nie pochodza od intela. To pliki instalatora.Demik:
jak wskazują foldery to te pliki pochodzą od Intela
jak wskazują foldery to te pliki pochodzą od Intela
Nic nie widac, to nie wina wirusa.
Zastanawiajace sa jedynie te mnogie procesy instalacyjne – msiexec, IDriver, IDriverT.exe.
Zastanawiajace sa jedynie te mnogie procesy instalacyjne – msiexec, IDriver, IDriverT.exe.
Strona 1 / 1