djdzidzias utworzono 6 stycznia 2009 utworzono 6 stycznia 2009 Witam! Mam taki problem co jakies 4 minuty lapek mi przycina na jakies 3 sekundy- nic się nie dzieje wszystko stoi mogę tylko i wyłącznie poruszać myszką przez te 3 sekundy.Jak np. Nagrywam płytę to jest masakra, płyta do wyrzucenia. Może ktoś wie czym to może być spowodowane? Może coś logi powiedzą Z góry dziękuję. Pozdrawiam. HijackThis Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 03:35:22, on 2009-01-06 Platform: Windows XP Dodatek SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16705) Boot mode: Normal Running processes: D:\WINDOWS\System32\smss.exe D:\WINDOWS\system32\winlogon.exe D:\WINDOWS\system32\services.exe D:\WINDOWS\system32\lsass.exe D:\WINDOWS\System32\svchost.exe D:\WINDOWS\system32\Ati2evxx.exe D:\WINDOWS\system32\svchost.exe D:\WINDOWS\System32\svchost.exe D:\WINDOWS\system32\vfsFPService.exe D:\WINDOWS\system32\Ati2evxx.exe D:\WINDOWS\system32\spoolsv.exe C:\Program Files\AlienGUIse\wbload.exe D:\WINDOWS\system32\STacSV.exe D:\WINDOWS\Explorer.EXE D:\WINDOWS\sttray.exe D:\Program Files\Hp\HP Software Update\HPWuSchd2.exe D:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe D:\Program Files\Java\jre1.6.0_05\bin\jusched.exe C:\Program Files\Adobe\Reader\Reader_sl.exe D:\Program Files\AMD\RAIDXpert\jetty\extra\win32\Wrapper.exe D:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe D:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe D:\Program Files\AMD\RAIDXpert\_jvm\bin\java.exe D:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe D:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe D:\WINDOWS\system32\PnkBstrA.exe D:\WINDOWS\system32\svchost.exe C:\Program Files\VMware\vmware-authd.exe D:\Program Files\Gadu-Gadu\gg.exe C:\Program Files\ALLPlayer\ALLUpdate.exe D:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vmount2.exe D:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe D:\WINDOWS\system32\vmnat.exe D:\WINDOWS\system32\vmnetdhcp.exe D:\WINDOWS\system32\wuauclt.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O2 - BHO: VeriSoft Access Manager - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - D:\Program Files\Bioscrypt\VeriSoft\Bin\ItIEAddIn.dll O3 - Toolbar: QT Breadcrumbs Address Bar - {af83e43c-dd2b-4787-826b-31b17dee52ed} - mscoree.dll (file missing) O3 - Toolbar: QT TabBar - {d2bf470e-ed1c-487f-a333-2bd8835eb6ce} - mscoree.dll (file missing) O3 - Toolbar: QT Tab Standard Buttons - {D2BF470E-ED1C-487F-A666-2BD8835EB6CE} - mscoree.dll (file missing) O4 - HKLM\..\Run: [iDTSysTrayApp] sttray.exe O4 - HKLM\..\Run: [synTPEnh] D:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [HP Software Update] D:\Program Files\Hp\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [OnScreenDisplay] D:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe O4 - HKLM\..\Run: [hpWirelessAssistant] D:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "D:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [CognizanceTS] rundll32.exe D:\PROGRA~1\Bioscrypt\VeriSoft\Bin\ASTSVCC.dll,RegisterModule O4 - HKLM\..\Run: [VirtualCloneDrive] "D:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s O4 - HKLM\..\Run: [AVP] "D:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe" O4 - HKLM\..\Run: [NeroFilterCheck] D:\WINDOWS\system32\NeroCheck.exe O4 - HKCU\..\Run: [Gadu-Gadu] "D:\Program Files\Gadu-Gadu\gg.exe" /tray O4 - HKCU\..\Run: [ALLUpdate] "C:\Program Files\ALLPlayer\ALLUpdate.exe" "sleep" O4 - HKUS\S-1-5-18\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user') O4 - Global Startup: BTTray.lnk = ? O8 - Extra context menu item: Add to &Teleport - C:\Program Files\Teleport Pro\teleport.htm O8 - Extra context menu item: Dodaj do blokowanych banerów - D:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\ie_banner_deny.htm O8 - Extra context menu item: Wyślij do interfejsu &Bluetooth - D:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra button: Statystyki dla ochrony WWW - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - D:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\SCIEPlgn.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe O17 - HKLM\System\CCS\Services\Tcpip\..\{990888C3-9839-4C2F-AA56-90D304244055}: NameServer = 213.92.190.130,213.92.190.135 O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - D:\PROGRA~1\COMMON~1\Skype\Skype4COM.dll O20 - Winlogon Notify: OneCard - D:\Program Files\Bioscrypt\VeriSoft\Bin\ASWLNPkg.dll O23 - Service: AMD RAIDXpert (AMDRAIDXpert) - Unknown owner - D:\Program Files\AMD\RAIDXpert\jetty\extra\win32\Wrapper.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - D:\WINDOWS\system32\Ati2evxx.exe O23 - Service: Kaspersky Internet Security 7.0 (AVP) - Kaspersky Lab - D:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - D:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe O23 - Service: Indexing Service (CiSvc) - Unknown owner - D:\WINDOWS\system32\cisvc.exe (file missing) O23 - Service: hpqwmiex - Unknown owner - D:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe (file missing) O23 - Service: MSSQLServerADHelper - Unknown owner - D:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe (file missing) O23 - Service: PnkBstrA - Unknown owner - D:\WINDOWS\system32\PnkBstrA.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - D:\Program Files\CyberLink\Shared files\RichVideo.exe (file missing) O23 - Service: Audio Service (STacSV) - IDT, Inc. - D:\WINDOWS\system32\STacSV.exe O23 - Service: Validity Fingerprint Service (vfsFPService) - Validity Sensors, Inc. - D:\WINDOWS\system32\vfsFPService.exe O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - C:\Program Files\VMware\vmware-authd.exe O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - D:\WINDOWS\system32\vmnetdhcp.exe O23 - Service: VMware Virtual Mount Manager Extended (vmount2) - VMware, Inc. - D:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vmount2.exe O23 - Service: VMware NAT Service - VMware, Inc. - D:\WINDOWS\system32\vmnat.exe -- End of file - 7645 bytes ComboFix ComboFix 09-01-05.03 - Administrator 2009-01-06 3:46:51.2 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.3.1250.1.1045.18.3070.2487 [GMT 1:00] Uruchomiony z: d:\documents and settings\Administrator\Pulpit\ComboFix.exe * Utworzono nowy punkt przywracania [b]UWAGA - TEN KOMPUTER NIE MA ZAINSTALOWANEJ KONSOLI ODZYSKIWANIA !![/b] . [i] ADS - WINDOWS: deleted 24 bytes in 1 streams. [/i] ((((((((((((((((((((((((((((((((((((((( Usunięto ))))))))))))))))))))))))))))))))))))))))))))))))) . d:\windows\system32\mpg4c32.dll . ((((((((((((((((((((((((( Pliki utworzone od 2008-12-06 do 2009-01-06 ))))))))))))))))))))))))))))))) . 2009-01-05 21:39 . 2009-01-05 21:39 <DIR> d-------- d:\documents and settings\Administrator\Dane aplikacji\RaimaRadioPro 2009-01-05 00:13 . 2008-07-12 08:18 3,851,784 --a------ d:\windows\system32\D3DX9_39.dll 2009-01-05 00:13 . 2008-07-12 08:18 1,493,528 --a------ d:\windows\system32\D3DCompiler_39.dll 2009-01-05 00:13 . 2008-07-31 10:40 509,448 --a------ d:\windows\system32\XAudio2_2.dll 2009-01-05 00:13 . 2008-07-12 08:18 467,984 --a------ d:\windows\system32\d3dx10_39.dll 2009-01-05 00:13 . 2008-07-31 10:41 238,088 --a------ d:\windows\system32\xactengine3_2.dll 2009-01-05 00:13 . 2008-07-31 10:41 68,616 --a------ d:\windows\system32\XAPOFX1_1.dll 2009-01-02 20:51 . 2009-01-02 20:53 43,698 --a------ d:\windows\system32\xvid-uninstall.exe 2009-01-02 20:50 . 2009-01-02 20:50 <DIR> d-------- d:\program files\Gabest 2009-01-02 17:05 . 2009-01-02 17:06 <DIR> d-------- d:\program files\Common Files\AVSMedia 2009-01-02 17:05 . 2009-01-02 17:05 <DIR> d-------- d:\program files\AVSMedia 2009-01-02 17:05 . 2003-05-21 23:50 1,700,352 --a------ d:\windows\system32\GdiPlus.dll 2009-01-02 17:05 . 2002-01-05 15:48 974,848 --a------ d:\windows\system32\mfc70.dll 2009-01-02 17:05 . 2003-05-22 12:26 638,976 --a------ d:\windows\system32\divx.dll 2009-01-02 17:05 . 2002-01-05 14:40 487,424 --a------ d:\windows\system32\msvcp70.dll 2009-01-02 17:05 . 2003-05-21 23:50 261,632 --a------ d:\windows\system32\mcdvd_32.dll 2009-01-02 17:05 . 2003-05-22 12:26 221,215 --a------ d:\windows\system32\divxdec.ax 2009-01-02 17:05 . 2003-05-21 23:50 156,910 --a------ d:\windows\WMSysPr8.prx 2009-01-02 17:05 . 2003-05-21 23:50 82,944 --a------ d:\windows\system32\vct3216.acm 2009-01-02 17:05 . 2004-02-04 21:11 81,920 --a------ d:\windows\system32\AC3ACM.acm 2009-01-02 17:05 . 2003-05-21 23:50 38,912 --a------ d:\windows\system32\alf2cd.acm 2009-01-02 17:05 . 2003-05-21 12:50 24,576 --a------ d:\windows\system32\msxml3a.dll 2009-01-02 17:05 . 2000-03-14 20:55 13,239 --a------ d:\windows\system32\Scg726.acm 2009-01-02 16:47 . 2009-01-02 16:50 <DIR> d-------- d:\documents and settings\Administrator\Dane aplikacji\CyberLink 2009-01-02 16:31 . 2009-01-02 16:31 <DIR> d-------- d:\documents and settings\Administrator\.dvdcss 2009-01-02 15:54 . 2009-01-02 15:54 <DIR> d-------- d:\windows\Sun 2008-12-31 00:35 . 2008-12-31 00:35 <DIR> d-------- d:\documents and settings\Administrator\Dane aplikacji\HEXelon 2008-12-29 16:54 . 2008-12-29 16:54 40,230 --a------ d:\windows\php.ini 2008-12-29 16:54 . 2008-12-29 16:54 427 --a------ d:\windows\my.ini 2008-12-28 20:56 . 2000-08-06 01:50 36,939 --a------ d:\windows\system32\insrepim.exe 2008-12-28 18:27 . 2008-12-28 18:27 18,428 --a------ D:\hahahah1.JPG 2008-12-28 15:51 . 2008-12-28 20:57 1,744 --a------ d:\windows\sql.mif 2008-12-28 15:50 . 1997-07-19 17:01 376,592 --a------ d:\windows\system32\msrdo20.dll 2008-12-28 15:50 . 2000-08-06 01:51 274,489 --a------ d:\windows\system32\ntwdblib.dll 2008-12-28 15:50 . 2000-08-06 01:51 192,569 --a------ d:\windows\system32\msrpjt40.dll 2008-12-28 15:50 . 1997-01-13 10:49 97,552 --a------ d:\windows\system32\rdocurs.dll 2008-12-28 15:50 . 2000-07-07 12:20 81,920 --a------ d:\windows\system32\mdt2fw95.dll 2008-12-28 15:50 . 2000-08-06 01:51 32,830 --a------ d:\windows\system32\dbmsshrn.dll 2008-12-28 15:50 . 2000-08-06 01:51 28,734 --a------ d:\windows\system32\dbmslpcn.dll 2008-12-28 15:47 . 2008-12-28 20:57 1,273 --a------ d:\windows\setup.iss 2008-12-27 17:09 . 2009-01-06 03:54 <DIR> d-------- d:\documents and settings\LocalService\Dane aplikacji\VMware 2008-12-27 17:09 . 2008-12-30 21:52 <DIR> d-------- d:\documents and settings\Administrator\Dane aplikacji\VMware 2008-12-27 17:08 . 2009-01-06 03:55 <DIR> d-------- d:\documents and settings\All Users\Dane aplikacji\VMware 2008-12-27 17:08 . 2005-11-18 14:08 135,168 --a------ d:\windows\system32\vmnat.exe 2008-12-27 17:08 . 2005-11-18 14:08 106,496 --a------ d:\windows\system32\vmnetdhcp.exe 2008-12-27 17:08 . 2005-11-18 14:08 15,616 --a------ d:\windows\system32\drivers\vmnetuserif.sys 2008-12-27 17:08 . 2005-11-18 14:08 10,240 -ra------ d:\windows\system32\drivers\vmnet.sys 2008-12-27 17:08 . 2005-11-18 14:08 9,600 -ra------ d:\windows\system32\drivers\vmnetadapter.sys 2008-12-27 17:08 . 2005-11-18 14:08 5,120 -ra------ d:\windows\system32\vnetinst.dll 2008-12-27 17:07 . 2005-11-18 14:08 385,024 --a------ d:\windows\system32\vnetlib.dll 2008-12-27 17:02 . 2008-12-27 17:02 <DIR> d-------- d:\program files\Common Files\VMware 2008-12-26 00:36 . 2008-12-26 00:36 <DIR> d-------- d:\documents and settings\All Users\Dane aplikacji\Tiger Install 2008-12-26 00:12 . 2008-12-26 00:12 <DIR> d-------- d:\program files\Common Files\Wise Installation Wizard 2008-12-26 00:12 . 2008-12-26 00:13 <DIR> d-------- d:\documents and settings\Administrator\Dane aplikacji\Ventrilo 2008-12-26 00:12 . 2008-12-26 00:12 262 --a------ d:\windows\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini 2008-12-26 00:04 . 2008-12-26 00:06 <DIR> d-------- d:\documents and settings\Administrator\Dane aplikacji\GanymedeNet 2008-12-23 15:59 . 2008-12-29 21:39 <DIR> d-------- d:\documents and settings\Administrator\Dane aplikacji\Kadu 2008-12-22 15:41 . 2009-01-06 03:23 <DIR> d-------- d:\program files\nLite 2008-12-22 12:38 . 2008-12-22 12:43 <DIR> d-------- d:\documents and settings\Administrator\Dane aplikacji\BESTplayer 2008-12-21 23:02 . 2008-12-29 17:04 <DIR> d-------- d:\documents and settings\Administrator\Dane aplikacji\gtk-2.0 2008-12-21 23:02 . 2008-12-21 23:02 <DIR> d-------- d:\documents and settings\Administrator\.thumbnails 2008-12-21 23:00 . 2008-12-29 17:07 <DIR> d-------- d:\documents and settings\Administrator\.gimp-2.6 2008-12-21 23:00 . 2008-12-21 23:00 <DIR> d-------- d:\documents and settings\Administrator\.gegl-0.0 2008-12-21 04:08 . 2008-12-21 04:08 <DIR> d--h----- d:\windows\system32\GroupPolicy 2008-12-20 01:35 . 2009-01-04 16:25 69 --a------ d:\windows\NeroDigital.ini 2008-12-20 00:10 . 2008-12-20 00:10 <DIR> d-------- d:\program files\Common Files\Ahead 2008-12-20 00:10 . 2004-07-26 17:16 1,568,768 --------- d:\windows\system32\ImagX7.dll 2008-12-20 00:10 . 2004-07-26 17:16 476,320 --------- d:\windows\system32\ImagXpr7.dll 2008-12-20 00:10 . 2004-07-26 17:16 471,040 --------- d:\windows\system32\ImagXRA7.dll 2008-12-20 00:10 . 2004-07-26 17:16 262,144 --------- d:\windows\system32\ImagXR7.dll 2008-12-20 00:10 . 2001-07-09 11:50 155,648 --a------ d:\windows\system32\NeroCheck.exe 2008-12-20 00:10 . 2004-03-02 17:37 125,184 --------- d:\windows\system32\drivers\imagesrv.sys 2008-12-20 00:10 . 2000-06-26 11:45 106,496 --a------ d:\windows\system32\TwnLib20.dll 2008-12-20 00:10 . 2004-03-02 17:37 5,504 --------- d:\windows\system32\drivers\imagedrv.sys 2008-12-19 12:04 . 2008-12-31 00:33 1,808 --a------ d:\windows\system32\SpeedCrunch.ini 2008-12-18 12:12 . 2008-12-18 12:12 62,510 --a------ D:\hahahaha.JPG 2008-12-18 00:15 . 2009-01-02 16:47 <DIR> d-------- d:\documents and settings\All Users\Dane aplikacji\CyberLink 2008-12-17 23:41 . 2009-01-04 11:30 <DIR> d-------- d:\program files\CyberLink 2008-12-17 20:18 . 2008-12-17 20:18 3,932,214 --a------ d:\windows\InvaderDark1280.bmp 2008-12-17 20:17 . 2008-12-17 20:19 3,932,214 --a------ d:\windows\AW_XenoMorph1280.bmp 2008-12-17 20:15 . 2008-12-17 20:15 <DIR> d-------- d:\program files\Common Files\Stardock 2008-12-17 20:15 . 2003-02-26 22:27 36,864 --a------ d:\windows\system32\wbsys.dll 2008-12-17 20:15 . 2008-12-17 20:15 56 --a------ d:\windows\wb.ini 2008-12-17 16:01 . 2008-12-17 16:01 <DIR> d-------- d:\documents and settings\Administrator\Dane aplikacji\Ashampoo 2008-12-17 12:52 . 2006-10-22 15:06 208,896 --a------ d:\windows\system32\NVUNINST.EXE 2008-12-17 11:49 . 2008-12-17 11:49 <DIR> d-------- d:\program files\Lavalys 2008-12-17 11:38 . 2001-05-16 09:30 54,584 -ra------ d:\windows\system32\drivers\OxSer.sys 2008-12-17 11:38 . 2001-05-16 09:27 13,608 -ra------ d:\windows\system32\drivers\parxport.sys 2008-12-16 16:03 . 2008-12-16 16:03 <DIR> d-------- d:\program files\Common Files\INCA Shared 2008-12-16 16:03 . 2003-07-21 04:17 5,174 --a------ d:\windows\system32\nppt9x.vxd 2008-12-16 16:03 . 2005-01-04 19:43 4,682 --a------ d:\windows\system32\npptNT2.sys 2008-12-16 14:51 . 2008-12-16 14:51 <DIR> d-------- d:\documents and settings\Administrator\DoctorWeb 2008-12-16 14:08 . 2008-12-16 14:08 <DIR> d-------- d:\windows\system32\xircom 2008-12-16 14:08 . 2008-12-16 14:08 <DIR> d-------- d:\windows\system32\oobe 2008-12-16 14:08 . 2008-12-16 14:08 <DIR> d-------- d:\windows\srchasst 2008-12-16 14:08 . 2008-12-16 14:08 <DIR> d-------- d:\windows\msagent 2008-12-16 14:08 . 2008-12-16 14:08 <DIR> d-------- d:\program files\microsoft frontpage 2008-12-15 20:02 . 2009-01-03 14:25 <DIR> d-------- d:\documents and settings\Administrator\Dane aplikacji\OpenOffice.org2 2008-12-15 20:01 . 2008-12-15 20:01 <DIR> d-------- d:\program files\OpenOffice.org 2.4 2008-12-15 18:45 . 2008-12-15 18:45 <DIR> d-------- d:\windows\SOFTDISK 2008-12-15 18:45 . 2008-12-15 18:45 245,760 --a------ d:\windows\Happy Holidays 2000.scr 2008-12-15 18:43 . 2008-12-15 18:43 54 --a------ d:\windows\mmates.ini 2008-12-15 18:34 . 2008-12-15 18:34 1,020,416 --a------ d:\windows\Dancing Twins.scr 2008-12-15 18:34 . 2008-12-15 18:34 36,118 --a------ d:\windows\twins1.mid 2008-12-15 16:44 . 2008-12-27 01:04 <DIR> d-------- d:\documents and settings\Administrator\Dane aplikacji\skypePM 2008-12-15 16:44 . 2008-12-15 16:44 56 --ah----- d:\windows\system32\ezsidmv.dat 2008-12-15 16:42 . 2008-12-15 16:42 <DIR> d-------- d:\program files\Skype 2008-12-15 16:42 . 2008-12-15 16:42 <DIR> d-------- d:\program files\Common Files\Skype 2008-12-15 16:42 . 2008-12-15 16:42 <DIR> d-------- d:\documents and settings\All Users\Dane aplikacji\Skype 2008-12-15 16:42 . 2008-12-27 02:05 <DIR> d-------- d:\documents and settings\Administrator\Dane aplikacji\Skype 2008-12-15 04:36 . 2008-12-15 04:36 <DIR> d-------- d:\documents and settings\Administrator\Dane aplikacji\Media Player Classic 2008-12-15 03:08 . 2008-12-15 03:09 <DIR> d-a------ d:\documents and settings\All Users\Dane aplikacji\TEMP 2008-12-15 03:07 . 2008-12-15 03:08 <DIR> d-------- D:\Fraps 2008-12-14 19:40 . 2009-01-05 18:20 <DIR> d-------- d:\documents and settings\Administrator\Dane aplikacji\FileZilla 2008-12-14 17:10 . 2008-07-09 10:05 421,888 --a------ d:\windows\system32\ac3filter.acm 2008-12-14 17:04 . 2009-01-01 22:05 <DIR> d-------- d:\program files\NAPI-PROJEKT 2008-12-14 16:44 . 2008-12-16 17:28 <DIR> d-------- d:\program files\Gadu-Gadu 2008-12-13 02:31 . 2008-12-13 02:31 <DIR> d-------- d:\windows\system32\LogFiles 2008-12-13 02:31 . 2008-12-13 02:31 183,112 --a------ d:\windows\system32\PnkBstrB.exe 2008-12-13 02:31 . 2008-12-13 02:31 66,872 --a------ d:\windows\system32\PnkBstrA.exe 2008-12-13 01:02 . 2009-01-05 15:02 539 --a------ d:\windows\wcx_ftp.ini 2008-12-13 01:00 . 2009-01-05 15:14 2,867 --a------ d:\windows\WINCMD.INI 2008-12-13 00:24 . 2008-12-13 01:47 <DIR> d-------- d:\program files\uTorrent 2008-12-13 00:24 . 2009-01-06 02:05 <DIR> d-------- d:\documents and settings\Administrator\Dane aplikacji\uTorrent 2008-12-12 22:28 . 2008-12-12 22:28 <DIR> d-------- d:\documents and settings\Administrator\Dane aplikacji\Gadu-Gadu . (((((((((((((((((((((((((((((((((((((((( Sekcja Find3M )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-01-05 23:54 --------- d--h--w d:\program files\InstallShield Installation Information 2009-01-04 10:29 --------- d-----w d:\program files\Hewlett-Packard 2008-12-17 09:42 --------- d-----w d:\program files\Quizo 2008-12-13 13:13 --------- d-----w d:\documents and settings\Administrator\Dane aplikacji\Winamp 2008-12-12 21:39 112,144 ----a-w d:\windows\system32\drivers\kl1.sys 2008-12-12 16:53 --------- d-----w d:\program files\Common Files\InstallShield 2008-12-11 21:52 --------- d-----w d:\program files\ATI Technologies 2008-12-11 17:01 --------- d-----w d:\program files\Hp 2008-12-11 16:55 --------- d-----w d:\program files\AMD 2008-12-11 16:46 0 ---ha-w d:\windows\system32\drivers\MsftWdf_Kernel_01000_Coinstaller_Critical.Wdf 2008-12-11 16:46 0 ---ha-w d:\windows\system32\drivers\Msft_Kernel_SynTP_01000.Wdf 2008-12-11 16:46 --------- d-----w d:\program files\Synaptics 2008-12-11 16:42 --------- d-----w d:\program files\Validity Sensors, Inc 2008-12-11 16:42 --------- d-----w d:\documents and settings\LocalService\Dane aplikacji\Validity 2008-12-11 16:40 --------- d-----w d:\program files\Atheros 2008-12-11 16:40 --------- d-----w d:\documents and settings\All Users\Dane aplikacji\Atheros 2008-12-11 16:40 --------- d-----w d:\documents and settings\Administrator\Dane aplikacji\InstallShield 2008-12-11 16:34 --------- d-----w d:\program files\IDT 2008-12-11 16:13 --------- d-----w d:\documents and settings\Administrator\Dane aplikacji\Finder Bar 2008-12-11 16:08 --------- d-----w d:\program files\Finder Bar 2008-12-11 16:08 --------- d-----w d:\program files\Command Prompt Explorer Bar 2008-12-11 16:06 --------- d-----w d:\program files\WindowZ 2008-12-11 15:58 --------- d-----w d:\program files\Windows Media Connect 2 2008-11-29 20:26 991,232 ----a-w d:\windows\system32\VSFilter.dll 2008-11-24 18:53 143,872 ----a-w d:\windows\system32\drivers\usbport.sys 2008-11-24 17:04 8,192 ----a-w d:\windows\system32\tsbyuv.dll 2008-11-24 17:03 3,526,464 ----a-w d:\windows\system32\drivers\RtHDMI.sys 2008-11-24 17:03 1,191,936 ----a-w d:\windows\RtkUpd.exe 2008-11-24 16:55 62,208 ----a-w d:\windows\system32\drivers\si3112.sys 2008-11-24 16:53 361,600 ----a-w d:\windows\system32\drivers\tcpip.sys 2008-11-24 16:53 219,648 ----a-w d:\windows\system32\uxtheme.dll 2008-11-24 16:53 140,800 ----a-w d:\windows\system32\sfc_os.dll 2008-11-24 16:51 730,112 ----a-w d:\windows\system32\lsasrv.dll 2008-11-24 16:50 78,336 ----a-w d:\windows\system32\ieencode.dll 2008-11-24 16:50 71,680 ----a-w d:\windows\system32\admparse.dll 2008-11-24 16:50 55,296 ----a-w d:\windows\system32\iesetup.dll 2008-11-24 16:50 48,128 ----a-w d:\windows\system32\mshtmler.dll 2008-11-24 16:50 45,568 ----a-w d:\windows\system32\mshta.exe 2008-11-24 16:50 40,960 ----a-w d:\windows\system32\licmgr10.dll 2008-11-24 16:50 36,352 ----a-w d:\windows\system32\imgutil.dll 2008-11-24 16:50 26,112 ----a-w d:\windows\system32\idndl.dll 2008-11-24 16:50 24,576 ----a-w d:\windows\system32\nlsdl.dll 2008-11-24 16:50 23,552 ----a-w d:\windows\system32\normaliz.dll 2008-11-24 16:50 17,408 ----a-w d:\windows\system32\corpol.dll 2008-11-24 16:50 156,160 ----a-w d:\windows\system32\msls31.dll 2008-11-24 16:50 1,344,102 ----a-w d:\windows\system32\windowz.exe 2008-11-24 16:44 99,840 ----a-w d:\windows\system32\wmpshell.dll 2008-11-24 16:44 603,648 ----a-w d:\windows\system32\wmspdmod.dll 2008-11-24 16:44 4,096 ----a-w d:\windows\system32\wmvdmoe2.dll 2008-11-24 16:44 4,096 ----a-w d:\windows\system32\wmvdmod.dll 2008-11-24 16:44 4,096 ----a-w d:\windows\system32\wmsdmoe2.dll 2008-11-24 16:44 4,096 ----a-w d:\windows\system32\wmsdmod.dll 2008-11-24 16:44 1,329,152 ----a-w d:\windows\system32\wmspdmoe.dll 2008-11-22 22:09 423,936 ----a-w d:\windows\system32\newdev.dll 2008-11-22 22:07 3,824,640 ----a-w d:\windows\system32\cscui.dll 2008-11-22 22:06 465,920 ----a-w d:\windows\system32\hnetwiz.dll 2008-11-22 22:02 3,400,704 ----a-w d:\windows\system32\winntbbu.dll 2008-11-21 15:02 3,791,360 ----a-w d:\windows\system32\wiadefui.dll 2008-11-21 14:41 183,296 ----a-w d:\windows\system32\tapiui.dll 2008-11-21 14:33 549,376 ----a-w d:\windows\system32\srrstr.dll 2008-11-21 14:30 314,368 ----a-w d:\windows\system32\photowiz.dll 2008-11-21 14:28 2,147,840 ----a-w d:\windows\system32\ntoskrnl.exe 2008-11-21 14:26 589,824 ----a-w d:\windows\system32\notepad.exe 2008-11-21 14:26 589,824 ----a-w d:\windows\NOTEPAD.EXE 2008-11-21 14:23 2,617,344 ----a-w d:\windows\system32\netshell.dll 2008-11-21 14:20 175,616 ----a-w d:\windows\system32\mdminst.dll 2008-11-21 14:19 248,832 ----a-w d:\windows\system32\keymgr.dll 2008-11-21 14:18 432,640 ----a-w d:\windows\system32\inetcplc.dll 2008-11-21 14:15 406,016 ----a-w d:\windows\system32\fontext.dll 2008-11-21 14:14 1,622,528 ----a-w d:\windows\explorer.exe 2008-11-21 14:07 399,872 ----a-w d:\windows\system32\devmgr.dll 2008-11-21 13:58 279,552 ----a-w d:\windows\system32\comdlg32.dll 2008-11-14 14:28 357,376 ----a-w d:\windows\system32\netid.dll 2008-11-12 01:37 332,800 ----a-w d:\windows\system32\taskmgr.exe 2008-11-07 21:25 31,232 ----a-w d:\windows\system32\fstoggle.exe 2008-11-04 10:00 6,160,384 ----a-w d:\windows\system32\calc.exe 2008-10-29 16:13 1,328,640 ----a-w d:\windows\system32\msgina.dll 2008-10-28 16:41 14,303,392 ----a-w d:\windows\system32\xlive.dll 2008-10-28 16:41 13,643,936 ----a-w d:\windows\system32\xlivefnt.dll 2008-10-27 22:45 442,368 ----a-w d:\windows\system32\mspaint.exe 2008-10-25 23:41 6,231,040 ----a-w d:\windows\system32\logonui.exe 2008-10-10 16:14 67,584 ----a-w d:\windows\system32\browselc.dll 2008-10-10 16:13 710,656 ----a-w d:\windows\system32\user32.dll 2008-10-09 14:00 196,096 ----a-w d:\windows\system32\mycomput.dll 2008-10-09 13:59 449,024 ----a-w d:\windows\system32\themeui.dll . ------- Sigcheck ------- 2008-10-10 17:13 710656 60558c2f26973526efe658721ca018a9 d:\windows\system32\user32.dll 2008-11-24 17:53 361600 df70435f3d17c40d5cb15e6dc918342e d:\windows\system32\drivers\tcpip.sys 2008-11-21 15:28 2147840 9491a17ed524674a56c8ee3807508e25 d:\windows\system32\ntoskrnl.exe 2008-11-21 15:14 1622528 3a5bf7bc7a9ce706fcceee56c12116a2 d:\windows\explorer.exe . ((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Gadu-Gadu"="d:\program files\Gadu-Gadu\gg.exe" [2008-03-20 2127296] "ALLUpdate"="c:\program files\ALLPlayer\ALLUpdate.exe" [2008-11-24 869888] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SynTPEnh"="d:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-01-17 1033512] "HP Software Update"="d:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840] "OnScreenDisplay"="d:\program files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe" [2007-11-01 554288] "hpWirelessAssistant"="d:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2007-11-20 488752] "SunJavaUpdateSched"="d:\program files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 144784] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader\Reader_sl.exe" [2008-01-11 39792] "CognizanceTS"="d:\progra~1\Bioscrypt\VeriSoft\Bin\ASTSVCC.dll" [2003-12-22 17920] "VirtualCloneDrive"="d:\program files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" [2008-06-29 52168] "NeroFilterCheck"="d:\windows\system32\NeroCheck.exe" [2001-07-09 155648] "IDTSysTrayApp"="sttray.exe" [2008-02-26 d:\windows\sttray.exe] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "_nltide_2"="shell32" [X] "_nltide_3"="advpack.dll" [2008-06-23 d:\windows\system32\advpack.dll] d:\documents and settings\All Users\Menu Start\Programy\Autostart\ BTTray.lnk - d:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2006-05-12 581693] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "DisableStatusMessages"= 1 (0x1) [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer] "NoStartMenuEjectPC"= 1 (0x1) [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "NoSMHelp"= 1 (0x1) "NoSMMyPictures"= 1 (0x1) "NoSMConfigurePrograms"= 1 (0x1) "NoResolveTrack"= 1 (0x1) [HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer] "NoSMHelp"= 1 (0x1) "NoSMMyPictures"= 1 (0x1) "NoSMConfigurePrograms"= 1 (0x1) "NoResolveTrack"= 1 (0x1) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\OneCard] 2006-10-09 20:38 69120 d:\program files\Bioscrypt\VeriSoft\Bin\ASWLNPkg.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WB] 2001-12-20 23:34 24576 c:\program files\AlienGUIse\fastload.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=wbsys.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "msacm.divxa32"= divxa32.acm "VIDC.FFDS"= ffdshow.ax "msacm.ac3filter"= ac3filter.acm "msacm.l3codecp"= l3codecp.acm [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Notification Packages REG_MULTI_SZ scecli ASWLNPkg [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusDisableNotify"=dword:00000001 "AntiVirusOverride"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) "DisableUnicastResponsesToMulticastBroadcast"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\GTA4\\Rockstar Games Social Club\\RGSCLauncher.exe"= "c:\\Program Files\\Rockstar Games\\Grand Theft Auto IV\\LaunchGTAIV.exe"= "d:\\Program Files\\uTorrent\\uTorrent.exe"= "c:\\Program Files\\Kadu\\kadu.exe"= "c:\\Program Files\\Ventrilo\\Ventrilo.exe"= "d:\\Program Files\\Skype\\Phone\\Skype.exe"= "c:\\Users\\Avans\\Desktop\\instalki\\utorrent.exe"= "c:\\Gry\\Ubisoft\\Prince of Persia\\Prince of Persia.exe"= "c:\\Gry\\Ubisoft\\Prince of Persia\\PrinceOfPersia_Launcher.exe"= R0 ahcix86;ahcix86;d:\windows\system32\drivers\ahcix86.sys [2008-11-24 174600] R0 ub1394;Unibrain 1394 Class Driver;d:\windows\system32\drivers\UB1394.sys [2004-11-22 115328] R0 ubsbm;Unibrain 1394 SBM Driver;d:\windows\system32\drivers\UBSBM.sys [2004-11-22 11776] R3 JMCR;JMCR;d:\windows\system32\drivers\jmcr.sys [2008-04-01 81296] R3 klim5;Kaspersky Anti-Virus NDIS Filter;d:\windows\system32\drivers\klim5.sys [2007-04-04 24344] R3 ubsbp2;Unibrain SBP2 Bus Driver;d:\windows\system32\drivers\ubsbp2.sys [2004-11-22 32768] R3 vfs101x;vfs101x;d:\windows\system32\drivers\vfs101x.sys [2008-12-11 40752] R3 WSIMD;wsimd Service;d:\windows\system32\drivers\wsimd.sys [2008-12-11 57408] R4 AMDRAIDXpert;AMD RAIDXpert;d:\program files\AMD\RAIDXpert\jetty\extra\win32\Wrapper.exe [2003-09-29 110592] R4 ASBroker;Logon Session Broker;d:\windows\System32\svchost.exe -k Cognizance [2008-04-14 14336] R4 ASChannel;Local Communication Channel;d:\windows\System32\svchost.exe -k Cognizance [2008-04-14 14336] R4 ubumapi;Unibrain 1394 FireAPI Driver;d:\windows\system32\drivers\UBUMAPI.sys [2004-11-22 29568] R4 vfsFPService;Validity Fingerprint Service;d:\windows\system32\vfsFPService.exe [2008-03-26 595248] S3 autorun;autorun;\??\d:\huadio.tmp --> d:\huadio.tmp [?] S3 iscFlash;iscFlash;c:\swsetup\SP41253\iscflash.sys [2008-02-15 12288] S3 ubohci;Unibrain 1394 OHCI Driver;d:\windows\system32\drivers\ubohci.sys [2004-11-22 72832] S4 OxSer;PCI Serial Driver;d:\windows\system32\drivers\OxSer.sys [2008-12-17 54584] S4 PARXPORT;PCI Parallel Driver;d:\windows\system32\drivers\parxport.sys [2008-12-17 13608] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] Cognizance REG_MULTI_SZ ASBroker ASChannel . . ------- Skan uzupełniający ------- . uStart Page = hxxp://www.google.com/ IE: Add to &Teleport - c:\program files\Teleport Pro\teleport.htm IE: Wyślij do interfejsu &Bluetooth - d:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm TCP: {990888C3-9839-4C2F-AA56-90D304244055} = 213.92.190.130,213.92.190.135 . ************************************************************************** catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-01-06 03:56:08 Windows 5.1.2600 Dodatek Service Pack 3 NTFS skanowanie ukrytych procesów ... skanowanie ukrytych wpisów autostartu ... skanowanie ukrytych plików ... skanowanie pomyślnie ukończone ukryte pliki: 0 ************************************************************************** [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\autorun] "ImagePath"="\??\D:\huadio.tmp" . --------------------- Pliki DLL ładowane pod uruchomionymi procesami --------------------- - - - - - - - > 'winlogon.exe'(952) d:\program files\Kaspersky Lab\Kaspersky Internet Security 7.0\miscr3.dll d:\windows\system32\Ati2evxx.dll d:\windows\system32\klogon.dll d:\program files\Bioscrypt\VeriSoft\Bin\ASWLNPkg.dll d:\program files\Bioscrypt\VeriSoft\bin\ItMsg.dll c:\program files\AlienGUIse\fastload.dll d:\windows\system32\cscui.dll d:\windows\system32\msi.dll - - - - - - - > 'lsass.exe'(1424) d:\program files\Kaspersky Lab\Kaspersky Internet Security 7.0\dnsq.dll d:\windows\system32\scecli.dll d:\program files\Bioscrypt\VeriSoft\bin\ASWLNPkg.dll d:\program files\Bioscrypt\VeriSoft\bin\ItMsg.dll d:\program files\Kaspersky Lab\Kaspersky Internet Security 7.0\miscr3.dll d:\program files\Bioscrypt\VeriSoft\bin\brand.dll - - - - - - - > 'explorer.exe'(3044) d:\windows\System32\cscui.dll d:\program files\Kaspersky Lab\Kaspersky Internet Security 7.0\miscr3.dll d:\program files\Kaspersky Lab\Kaspersky Internet Security 7.0\scrchpg.dll d:\windows\system32\ntshrui.dll . ------------------------ Pozostałe uruchomione procesy ------------------------ . d:\windows\system32\ati2evxx.exe d:\windows\system32\ati2evxx.exe d:\windows\system32\dllhost.exe d:\windows\system32\stacsv.exe d:\program files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe d:\program files\WIDCOMM\Bluetooth Software\bin\btwdins.exe d:\windows\system32\PnkBstrA.exe c:\program files\VMware\vmware-authd.exe d:\program files\Common Files\VMware\VMware Virtual Image Editing\vmount2.exe d:\windows\system32\vmnat.exe d:\windows\system32\vmnetdhcp.exe d:\program files\AMD\RAIDXpert\_jvm\bin\java.exe . ************************************************************************** . Czas ukończenia: 2009-01-06 3:59:18 - komputer został uruchomiony ponownie ComboFix-quarantined-files.txt 2009-01-06 02:59:12 ComboFix2.txt 2008-12-16 13:13:15 Przed: 1 014 177 792 bajtów wolnych Po: 1,128,382,464 bajtów wolnych 391
cusek komentarz 7 stycznia 2009 komentarz 7 stycznia 2009 Log, comofix wydaję mi się "brudny", tylko że ja nigdy nie umiem tworzyć logów do usuwania, poczekaj może ktoś odpisze.
Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!
Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.