kometax
-
Postów
19 -
Dołączył
-
Ostatnia wizyta
Odpowiedzi opublikowane przez kometax
-
-
Podczas skanowania program antywirusowy wykrył kilka infekcji. Chciałabym prosić o pomoc w pozbyciu się ich, obowiązkowe logi w załączniku.
-
CinemaP nie chce mnie opuścić, przy próbie deinstalacji wyskakuje błąd instalatora.
-
Jak w temacie. Komputer ostatnio zaczął bardzo zwalniać, więc mam malutką prośbę o zerknięcie na logi.
-
Log z FRST
-
-
-
Jak w temacie. Mój pc podłapał ostatnio jakieś draństwo i ni stąd ni zowąd wyskakują mi niechciane karty i reklamy, praca maszyny jest również spowolniona. Wyłapane przeze mnie nazwy to: delta holmes i Digihelp. Załączam zestaw logów.
-
Nie wiem jak to się mogło stać. Gdy otwierałam go na kompie był w porządku.
Diagnostic Report (1.9.0027.0):
-----------------------------------------
Windows Validation Data-->
Validation Status: Invalid License
Validation Code: 50
Cached Online Validation Code: 0x0
Windows Product Key: *****-*****-QMT7P-R6DCF-9CDCH
Windows Product Key Hash: CQYFQFuqDuLPd42JfesBA/ouWEs=
Windows Product ID: 89578-OEM-7359864-99678
Windows Product ID Type: 3
Windows License Type: OEM System Builder
Windows OS version: 6.0.6002.2.00010300.2.0.003
ID: {A3E1413E-BA16-41C1-AA66-AFA161606E54}(3)
Is Admin: Yes
TestCab: 0x0
LegitcheckControl ActiveX: N/A, hr = 0x80070002
Signed By: N/A, hr = 0x80070002
Product Name: Windows Vista Home Premium
Architecture: 0x00000000
Build lab: 6002.vistasp2_gdr.130707-1535
TTS Error: M:20110629172554837-
Validation Diagnostic:
Resolution Status: N/A
Vista WgaER Data-->
ThreatID(s): N/A, hr = 0x80070002
Version: N/A, hr = 0x80070002
Windows XP Notifications Data-->
Cached Result: N/A, hr = 0x80070002
File Exists: No
Version: N/A, hr = 0x80070002
WgaTray.exe Signed By: N/A, hr = 0x80070002
WgaLogon.dll Signed By: N/A, hr = 0x80070002
OGA Notifications Data-->
Cached Result: N/A, hr = 0x80070002
Version: N/A, hr = 0x80070002
OGAExec.exe Signed By: N/A, hr = 0x80070002
OGAAddin.dll Signed By: N/A, hr = 0x80070002
OGA Data-->
Office Status: 100 Genuine
Microsoft Office Home and Student 2007 - 100 Genuine
2007 Microsoft Office system - 100 Genuine
OGA Version: N/A, 0x80070002
Signed By: N/A, hr = 0x80070002
Office Diagnostics: 025D1FF3-364-80041010_025D1FF3-229-80041010_025D1FF3-230-1_025D1FF3-517-80040154_025D1FF3-237-80040154_025D1FF3-238-2_025D1FF3-244-80070002_025D1FF3-258-3
Browser Data-->
Proxy settings: N/A
User Agent: Mozilla/4.0 (compatible; MSIE 8.0; Win32)
Default Browser: C:\Program Files\Opera\Opera.exe
Download signed ActiveX controls: Prompt
Download unsigned ActiveX controls: Disabled
Run ActiveX controls and plug-ins: Allowed
Initialize and script ActiveX controls not marked as safe: Disabled
Allow scripting of Internet Explorer Webbrowser control: Disabled
Active scripting: Allowed
Script ActiveX controls marked as safe for scripting: Allowed
File Scan Data-->
Other data-->
Office Details: <GenuineResults><MachineData><UGUID>{A3E1413E-BA16-41C1-AA66-AFA161606E54}</UGUID><Version>1.9.0027.0</Version><OS>6.0.6002.2.00010300.2.0.003</OS><Architecture>x32</Architecture><PKey>*****-*****-*****-*****-9CDCH</PKey><PID>89578-OEM-7359864-99678</PID><PIDType>3</PIDType><SID>S-1-5-21-3459804092-3613601358-3245208384</SID><SYSTEM><Manufacturer>System manufacturer</Manufacturer><Model>P5Q SE</Model></SYSTEM><BIOS><Manufacturer>American Megatrends Inc.</Manufacturer><Version>0502 </Version><SMBIOSVersion major="2" minor="5"/><Date>20080820000000.000000+000</Date></BIOS><HWID>C1320500010000F8</HWID><UserLCID>0415</UserLCID><SystemLCID>0415</SystemLCID><TimeZone>Europa Zachodnia (czas stand.)(GMT+01:00)</TimeZone><iJoin>0</iJoin><SBID><stat>3</stat><msppid></msppid><name></name><model></model></SBID><OEM/><GANotification/></MachineData><Software><Office><Result>100</Result><Products><Product GUID="{91120000-002F-0000-0000-0000000FF1CE}"><LegitResult>100</LegitResult><Name>Microsoft Office Home and Student 2007</Name><Ver>12</Ver><Val>4DB8CDF6BDB9DAE</Val><Hash>C/Mp5MSHeRkdw9ord6AkASFBhLE=</Hash><Pid>81602-OEM-6872732-56232</Pid><PidType>4</PidType></Product><Product GUID="{91120000-0031-0000-0000-0000000FF1CE}"><LegitResult>100</LegitResult><Name>2007 Microsoft Office system</Name><Ver>12</Ver><Val>4F4BA4DB582083A</Val><Hash>ji7nNoCbBzpcDNVA9fVej8AD9I8=</Hash><Pid>89451-OEM-6602966-15899</Pid><PidType>11</PidType></Product></Products><Applications><App Id="15" Version="12" Result="100"/><App Id="16" Version="12" Result="100"/><App Id="18" Version="12" Result="100"/><App Id="19" Version="12" Result="100"/><App Id="1A" Version="12" Result="100"/><App Id="1B" Version="12" Result="100"/><App Id="A1" Version="12" Result="100"/></Applications></Office></Software></GenuineResults>
Spsys.log Content: U1BMRwEAAAAAAQAABAAAAGgLAAAAAAAAYWECAATgSIi/xGnWcDbMARhy9171jCizkdIEkQaJZ65J2TcofWQeS5jhM6jXpnj0JDwIczU6uAtE1BDeiPKyBVF0H9Oh+hJEw7XKSAShRbfjbqIVlSbx7SAFSMREbIPN1mjkjzXhcq94m48ceJqGOPu1UvB7bxiIfUEtgIRGphkOSa+EGUYcOX5/UvkAHnVxypUpTYFJ/5Q9EhdGhJKYTJsbJiscvAYWgzyFZ0z79y0OKm53Bw867hHNE43WvZqUI0Rf1MqA3D5sWfEw7WeNfzOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAw=
Licensing Data-->
Błąd CScript: Nie można znaleźć aparatu skryptów "VBScript" dla skryptu "C:\Windows\system32\slmgr.vbs".
Windows Activation Technologies-->
N/A
HWID Data-->
N/A, hr = 0x8007000d
OEM Activation 1.0 Data-->
N/A
OEM Activation 2.0 Data-->
BIOS valid for OA 2.0: yes, but no SLIC table
Windows marker version: N/A
OEMID and OEMTableID Consistent: N/A
BIOS Information:
ACPI Table Name OEMID Value OEMTableID Value
APIC A_M_I_ OEMAPIC
FACP A_M_I_ OEMFACP
HPET A_M_I_ OEMHPET
MCFG A_M_I_ OEMMCFG
OEMB A_M_I_ AMI_OEM
OSFR A_M_I_ OEMOSFR
SSDT DpgPmm CpuPm
RegBack
-
-
MGA
Diagnostic Report (1.9.0027.0):
-----------------------------------------
Windows Validation Data-->
Validation Status: Invalid License
Validation Code: 50
Cached Online Validation Code: 0x0
Windows Product Key: *****-*****-QMT7P-R6DCF-9CDCH
Windows Product Key Hash: CQYFQFuqDuLPd42JfesBA/ouWEs=
Windows Product ID: 89578-OEM-7359864-99678
Windows Product ID Type: 3
Windows License Type: OEM System Builder
Windows OS version: 6.0.6002.2.00010300.2.0.003
ID: {A3E1413E-BA16-41C1-AA66-AFA161606E54}(3)
Is Admin: Yes
TestCab: 0x0
LegitcheckControl ActiveX: N/A, hr = 0x80070002
Signed By: N/A, hr = 0x80070002
Product Name: Windows Vista Home Premium
Architecture: 0x00000000
Build lab: 6002.vistasp2_gdr.130707-1535
TTS Error: M:20110629172554837-
Validation Diagnostic:
Resolution Status: N/A
Vista WgaER Data-->
ThreatID(s): N/A, hr = 0x80070002
Version: N/A, hr = 0x80070002
Windows XP Notifications Data-->
Cached Result: N/A, hr = 0x80070002
File Exists: No
Version: N/A, hr = 0x80070002
WgaTray.exe Signed By: N/A, hr = 0x80070002
WgaLogon.dll Signed By: N/A, hr = 0x80070002
OGA Notifications Data-->
Cached Result: N/A, hr = 0x80070002
Version: N/A, hr = 0x80070002
OGAExec.exe Signed By: N/A, hr = 0x80070002
OGAAddin.dll Signed By: N/A, hr = 0x80070002
OGA Data-->
Office Status: 100 Genuine
Microsoft Office Home and Student 2007 - 100 Genuine
2007 Microsoft Office system - 100 Genuine
OGA Version: N/A, 0x80070002
Signed By: N/A, hr = 0x80070002
Office Diagnostics: 025D1FF3-364-80041010_025D1FF3-229-80041010_025D1FF3-230-1_025D1FF3-517-80040154_025D1FF3-237-80040154_025D1FF3-238-2_025D1FF3-244-80070002_025D1FF3-258-3
Browser Data-->
Proxy settings: N/A
User Agent: Mozilla/4.0 (compatible; MSIE 8.0; Win32)
Default Browser: C:\Program Files\Opera\Opera.exe
Download signed ActiveX controls: Prompt
Download unsigned ActiveX controls: Disabled
Run ActiveX controls and plug-ins: Allowed
Initialize and script ActiveX controls not marked as safe: Disabled
Allow scripting of Internet Explorer Webbrowser control: Disabled
Active scripting: Allowed
Script ActiveX controls marked as safe for scripting: Allowed
File Scan Data-->
Other data-->
Office Details: <GenuineResults><MachineData><UGUID>{A3E1413E-BA16-41C1-AA66-AFA161606E54}</UGUID><Version>1.9.0027.0</Version><OS>6.0.6002.2.00010300.2.0.003</OS><Architecture>x32</Architecture><PKey>*****-*****-*****-*****-9CDCH</PKey><PID>89578-OEM-7359864-99678</PID><PIDType>3</PIDType><SID>S-1-5-21-3459804092-3613601358-3245208384</SID><SYSTEM><Manufacturer>System manufacturer</Manufacturer><Model>P5Q SE</Model></SYSTEM><BIOS><Manufacturer>American Megatrends Inc.</Manufacturer><Version>0502 </Version><SMBIOSVersion major="2" minor="5"/><Date>20080820000000.000000+000</Date></BIOS><HWID>C1320500010000F8</HWID><UserLCID>0415</UserLCID><SystemLCID>0415</SystemLCID><TimeZone>Europa Zachodnia (czas stand.)(GMT+01:00)</TimeZone><iJoin>0</iJoin><SBID><stat>3</stat><msppid></msppid><name></name><model></model></SBID><OEM/><GANotification/></MachineData><Software><Office><Result>100</Result><Products><Product GUID="{91120000-002F-0000-0000-0000000FF1CE}"><LegitResult>100</LegitResult><Name>Microsoft Office Home and Student 2007</Name><Ver>12</Ver><Val>4DB8CDF6BDB9DAE</Val><Hash>C/Mp5MSHeRkdw9ord6AkASFBhLE=</Hash><Pid>81602-OEM-6872732-56232</Pid><PidType>4</PidType></Product><Product GUID="{91120000-0031-0000-0000-0000000FF1CE}"><LegitResult>100</LegitResult><Name>2007 Microsoft Office system</Name><Ver>12</Ver><Val>4F4BA4DB582083A</Val><Hash>ji7nNoCbBzpcDNVA9fVej8AD9I8=</Hash><Pid>89451-OEM-6602966-15899</Pid><PidType>11</PidType></Product></Products><Applications><App Id="15" Version="12" Result="100"/><App Id="16" Version="12" Result="100"/><App Id="18" Version="12" Result="100"/><App Id="19" Version="12" Result="100"/><App Id="1A" Version="12" Result="100"/><App Id="1B" Version="12" Result="100"/><App Id="A1" Version="12" Result="100"/></Applications></Office></Software></GenuineResults>
Spsys.log Content: U1BMRwEAAAAAAQAABAAAAGgLAAAAAAAAYWECAATgSIi/xGnWcDbMARhy9171jCizkdIEkQaJZ65J2TcofWQeS5jhM6jXpnj0JDwIczU6uAtE1BDeiPKyBVF0H9Oh+hJEw7XKSAShRbfjbqIVlSbx7SAFSMREbIPN1mjkjzXhcq94m48ceJqGOPu1UvB7bxiIfUEtgIRGphkOSa+EGUYcOX5/UvkAHnVxypUpTYFJ/5Q9EhdGhJKYTJsbJiscvAYWgzyFZ0z79y0OKm53Bw867hHNE43WvZqUI0Rf1MqA3D5sWfEw7WeNfzOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAw=
Licensing Data-->
Błąd CScript: Nie można znaleźć aparatu skryptów "VBScript" dla skryptu "C:\Windows\system32\slmgr.vbs".
Windows Activation Technologies-->
N/A
HWID Data-->
N/A, hr = 0x8007000d
OEM Activation 1.0 Data-->
N/A
OEM Activation 2.0 Data-->
BIOS valid for OA 2.0: yes, but no SLIC table
Windows marker version: N/A
OEMID and OEMTableID Consistent: N/A
BIOS Information:
ACPI Table Name OEMID Value OEMTableID Value
APIC A_M_I_ OEMAPIC
FACP A_M_I_ OEMFACP
HPET A_M_I_ OEMHPET
MCFG A_M_I_ OEMMCFG
OEMB A_M_I_ AMI_OEM
OSFR A_M_I_ OEMOSFR
SSDT DpgPmm CpuPm
-
ZeroAccess: niech nie zwiedzie was nazwa tematu, gdyż ZA został wykryty w trakcie.
http://forum.programosy.pl/qov6-pomoc-vt137325.html-sid=c7e2e119f32bd58b38828aebe2ee1f6f
GMER:
GMER 2.1.19163 - http://www.gmer.net
Rootkit quick scan 2013-08-19 18:58:36
Windows 6.0.6002 Service Pack 2 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-2 ST3500320AS rev.SD15 465,76GB
Running: xzpiq6tr.exe; Driver: C:\Users\oem\AppData\Local\Temp\uwldapow.sys
---- System - GMER 2.1 ----
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwCreateProcessEx [0x9235DE00]
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ObInsertObject
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ObMakeTemporaryObject
---- Devices - GMER 2.1 ----
Device \Driver\atapi \Device\Ide\IdeDeviceP2T0L0-2 861321F8
Device \Driver\atapi \Device\Ide\IdeDeviceP2T0L0-2 sfsync02.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \Driver\atapi \Device\Ide\IdePort0 861321F8
Device \Driver\atapi \Device\Ide\IdePort0 sfsync02.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \Driver\atapi \Device\Ide\IdePort1 861321F8
Device \Driver\atapi \Device\Ide\IdePort1 sfsync02.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \Driver\atapi \Device\Ide\IdePort2 861321F8
Device \Driver\atapi \Device\Ide\IdePort2 sfsync02.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \Driver\atapi \Device\Ide\IdePort3 861321F8
Device \Driver\atapi \Device\Ide\IdePort3 sfsync02.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \Driver\atapi \Device\Ide\IdePort4 861321F8
Device \Driver\atapi \Device\Ide\IdePort4 sfsync02.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \Driver\atapi \Device\Ide\IdePort5 861321F8
Device \Driver\atapi \Device\Ide\IdePort5 sfsync02.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \Driver\atapi \Device\Ide\IdeDeviceP3T0L0-3 861321F8
Device \Driver\atapi \Device\Ide\IdeDeviceP3T0L0-3 sfsync02.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \FileSystem\Ntfs \Ntfs aswSP.SYS (avast! self protection module/AVAST Software)
Device \FileSystem\Ntfs \Ntfs 861331F8
AttachedDevice \Driver\tdx \Device\Tcp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)
AttachedDevice \Driver\tdx \Device\Udp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)
---- EOF - GMER 2.1 ----
OTL jest załączony
-
Posiadam ORYGINALNY system Windows Vita Home Premium 32, wgrany na PC w chwili zakupu. Po uruchomieniu przywitał mnie czarny ekran i radosna informacja, że system nie jest oryginalny. Komputer przeszedł infekcję ZeroAcess'em (ten problem został już rozwiązany).
-
Już sobie poradziłam i dziękuję za pomoc
-
Wciąż potrzebuję pomocy z tą zakładką. Brak tego klucza. Załączam log z OTL. Czy wyjdzie na to samo jeśli do usunięcia punktów przywracania użyję Oczyszczania dysku?
-
Zakładki dalej niet. Skan SFC nie wykrył naruszeń integralności.
-
Zakładka Ochrona Systemu zniknęła.
-
Wykonałam powyższe kroki, załączam log OTL.
-
Problem z klawiaturą Win 7
w Hardware
Opublikowano
Witam
Z niewiadomych przyczyn większość klawiszy nagle przestała działać. Działa tylko H, które włącza przeglądarkę oraz klawisze funkcyjne. Funkcja klawisze trwałe jest wyłączona, odinstalowanie klawiatury nie pomogło, wciskanie klawisza Fn też nie. Przypuszczam, że mogłam włączyć jakiś dziwny skrót, ale nie wiem co to może być.