Mam problem z dźwiękiem.Dotychczas podczas otwierania folderów, stron @ i klikania na zakładki pojawiał się dźwięk.Teraz jest cisza.Panel sterowania/Dźwięk/domyślny dla Windows nie pomaga...Może to problem z myszką...?
Problem z dźwiękiem
Rozpoczęty przez
ptrh
, 14 02 2009 20:21
9 odpowiedzi w tym temacie
#2
Chinka
-
-
- 426 postów
Seal of Approval
Napisano 14 02 2009 - 20:26
Czy wszystko jest dobrze ustawione i odgłoszone??
#4
eunstachy
-
-
- 512 postów
Zaawansowany użytkownik
Napisano 14 02 2009 - 23:51
Dwu klik na ikonę głośnika w prawym dolnym rogu i zobacz, czy masz odznaczone wyciszenie dźwięków systemowych.
#5
Macsch15
-
-
- 3 705 postów
Profesjonalista
Napisano 16 02 2009 - 19:15
Start >> Panel sterowania >> Dźwięki i urządzenia audio >> Zakładka dźwięki >> Schemat dźwiękowy wybierz "Domyślnie dla windows"
I sprawdź to co napisał eunstachy
I sprawdź to co napisał eunstachy
#6
Chinka
-
-
- 426 postów
Seal of Approval
Napisano 16 02 2009 - 19:59
LOL - przecież użytkownik pisał, że to wyżej mu nie pomaga. Może to problem bezpieczeństwa?? Daj logi z HJT i CF
#7
ptrh
-
-
- 12 postów
Początkujący
Napisano 16 02 2009 - 20:47
Chinka niestety aż tak się nie znam na tych skrótach...Trochę czytałem o tych Combo Fix'ach itd. ale kompletnie nic z tego nie rozumiem...
#9
eunstachy
-
-
- 512 postów
Zaawansowany użytkownik
Napisano 16 02 2009 - 20:53
1. Ściągnij ComboFixa.
2. Wyłącz wszystkie programy (antywirusy, gg, emule)
3. Odpal ComboFixa i daj mu pracować -> Nic nigdzie nie klikaj
4. Na koniec program wygeneruje plik tekstowy na Twoim dysku C. Wklej zawartość pliku na forum.
edit: sory macsch15 jak zaczynałem pisać to twojej odpowiedzi jeszcze nie było
2. Wyłącz wszystkie programy (antywirusy, gg, emule)
3. Odpal ComboFixa i daj mu pracować -> Nic nigdzie nie klikaj
4. Na koniec program wygeneruje plik tekstowy na Twoim dysku C. Wklej zawartość pliku na forum.
edit: sory macsch15 jak zaczynałem pisać to twojej odpowiedzi jeszcze nie było
#10
ptrh
-
-
- 12 postów
Początkujący
Napisano 17 02 2009 - 00:56
Czarna magia...ale dzięki,że mi pomagacie.
Raport z CF:
ComboFix 09-02-15.01 - user 2009-02-16 20:20:34.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1250.1.1045.18.1519.1017 [GMT 1:00]
Uruchomiony z: c:\documents and settings\user\Pulpit\ComboFix.exe
AV: ESET NOD32 antivirus system 2.70 *On-access scanning enabled* (Outdated)
AV: Kaspersky Internet Security *On-access scanning disabled* (Updated)
FW: Kaspersky Internet Security *disabled*
* Utworzono nowy punkt przywracania
.
((((((((((((((((((((((((((((((((((((((( Usunięto )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\windows\system32\klogon.dll
c:\windows\system32\mpg4c32.dll
.
((((((((((((((((((((((((( Pliki utworzone od 2009-01-16 do 2009-02-16 )))))))))))))))))))))))))))))))
.
2009-02-14 18:51 . 2002-01-01 03:28 860,211 --a-s---- c:\windows\system32\XSIFtk-3.6.2.1.dll
2009-02-14 18:00 . 2009-02-14 18:00 <DIR> d-------- c:\program files\Kreatives.org
2009-02-12 17:42 . 2005-09-16 14:14 157,184 --a------ c:\windows\system32\RtlCPAPI.dll
2009-02-12 17:42 . 2005-07-15 16:48 40,960 --a------ c:\windows\system32\ChCfg.exe
2009-02-12 17:41 . 2009-02-12 17:41 <DIR> d-------- c:\program files\Realtek
2009-02-12 17:41 . 2005-04-16 22:20 487,424 --a------ c:\windows\RtlExUpd.dll
2009-02-12 00:30 . 2009-02-12 00:30 <DIR> d-------- c:\documents and settings\user\Dane aplikacji\AVS4YOU
2009-02-12 00:21 . 2009-02-12 00:21 <DIR> d-------- c:\documents and settings\All Users\Dane aplikacji\AVS4YOU
2009-02-12 00:17 . 2009-02-12 00:21 <DIR> d-------- c:\program files\Common Files\AVSMedia
2009-02-12 00:17 . 2009-02-12 00:21 <DIR> d-------- c:\program files\AVS4YOU
2009-02-12 00:17 . 2007-09-27 15:22 261,632 --a------ c:\windows\system32\mcdvd_32.dll
2009-02-12 00:17 . 2003-05-22 00:50 156,910 --a------ c:\windows\WMSysPr8.prx
2009-02-12 00:17 . 2003-05-22 00:50 82,944 --a------ c:\windows\system32\vct3216.acm
2009-02-12 00:17 . 2004-09-06 17:06 53,248 --a------ c:\windows\system32\xvid.ax
2009-02-12 00:17 . 2003-05-22 00:50 38,912 --a------ c:\windows\system32\alf2cd.acm
2009-02-12 00:17 . 2000-03-14 21:55 13,239 --a------ c:\windows\system32\Scg726.acm
2009-02-08 17:49 . 2009-02-08 17:49 <DIR> d-------- c:\program files\Combined Community Codec Pack
2009-02-07 23:03 . 2009-02-07 23:06 <DIR> d----c--- C:\Perl
2009-02-07 22:34 . 2009-02-07 22:34 <DIR> d-------- c:\program files\3wPlayer
2009-02-07 20:43 . 2009-02-07 20:43 <DIR> d-------- c:\documents and settings\user\Dane aplikacji\Atari
2009-02-07 20:24 . 2009-02-07 20:24 <DIR> d-------- c:\program files\Atari
2009-02-07 20:24 . 2009-02-07 20:24 <DIR> d-------- c:\documents and settings\user\Dane aplikacji\InstallShield
2009-02-07 13:53 . 2009-02-07 14:22 <DIR> d----c--- C:\My Media Files
2009-02-07 13:53 . 2009-02-07 13:53 43 --a------ c:\windows\Aurora Media Workshop.INI
2009-02-07 13:52 . 2002-05-06 11:01 45,056 --a------ c:\windows\system32\WNASPI32.DLL
2009-02-07 13:52 . 1999-09-10 12:06 45,056 --a------ c:\windows\system32\WNASPI2K.BAK
2009-02-07 13:52 . 1999-09-10 12:06 25,244 --a------ c:\windows\system32\drivers\ASPI2K.BAK
2009-02-07 13:52 . 2002-05-06 11:01 17,005 --a------ c:\windows\system32\drivers\ASPI32.SYS
2009-02-07 13:52 . 2001-04-19 17:34 5,600 --a------ c:\windows\system\WINASPI.DLL
2009-02-07 13:52 . 1999-09-10 12:06 5,600 --a------ c:\windows\system\WINASPI.BAK
2009-02-07 13:52 . 2001-04-19 17:34 4,672 --a------ c:\windows\system\WOWPOST.EXE
2009-02-07 13:52 . 1999-09-10 12:06 4,672 --a------ c:\windows\system\WOWPOST.BAK
2009-02-07 13:51 . 2009-02-07 13:52 <DIR> d-------- c:\program files\Aurora Media Workshop
2009-02-07 13:51 . 2005-11-08 06:32 3,088,384 --a------ c:\windows\system32\erdmpg-4.dll
2009-02-07 13:51 . 2001-08-23 16:00 1,700,352 --a------ c:\windows\system32\gdiplus.dll
2009-02-07 13:51 . 1999-06-03 12:47 142,608 --a------ c:\windows\system32\atl.exe
2009-02-07 13:51 . 2004-10-29 21:46 61,440 --a------ c:\windows\system32\smd.dll
2009-02-05 19:20 . 2009-02-05 19:20 16 --a------ c:\windows\system32\coh.cache
2009-01-19 17:25 . 2009-01-19 17:25 <DIR> d-------- c:\program files\Common Files\PC Tools
.
(((((((((((((((((((((((((((((((((((((((( Sekcja Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-02-16 19:27 77,280,032 --sha-w c:\windows\system32\drivers\fidbox.dat
2009-02-16 19:27 3,271,200 --sha-w c:\windows\system32\drivers\fidbox2.dat
2009-02-16 19:23 310,808 --sha-w c:\windows\system32\drivers\fidbox2.idx
2009-02-16 19:23 1,040,204 --sha-w c:\windows\system32\drivers\fidbox.idx
2009-02-16 19:04 --------- d-----w c:\documents and settings\user\Dane aplikacji\Skype
2009-02-16 18:43 --------- d-----w c:\documents and settings\user\Dane aplikacji\skypePM
2009-02-16 18:42 --------- d-----w c:\documents and settings\All Users\Dane aplikacji\Kaspersky Lab
2009-02-13 12:40 --------- d-----w c:\program files\Gadu-Gadu
2009-02-12 16:41 --------- d--h--w c:\program files\InstallShield Installation Information
2009-02-07 10:35 --------- d-----w c:\program files\Common Files\Symantec Shared
2009-02-05 20:23 --------- d-----w c:\documents and settings\All Users\Dane aplikacji\Symantec
2009-02-05 20:06 --------- d-----w c:\program files\DivX
2009-02-05 20:05 --------- d-----w c:\program files\K-Lite Codec Pack
2009-02-05 16:57 --------- d-----w c:\program files\mks_vir_2007
2009-02-05 16:57 --------- d-----w c:\program files\Common Files\Wise Installation Wizard
2009-02-04 13:08 --------- d-----w c:\program files\eMule
2009-02-03 20:23 89,601 ----a-w c:\windows\system32\drivers\klick.dat
2009-02-03 20:23 101,287 ----a-w c:\windows\system32\drivers\klin.dat
2009-02-02 18:13 --------- d-----w c:\documents and settings\user\Dane aplikacji\Wildfire
2009-02-02 17:57 14 ----a-w c:\documents and settings\user\getfile.dat
2009-01-24 18:00 --------- d-----w c:\program files\Digital Image Recovery
2009-01-20 22:17 --------- d-----w c:\program files\Total Video Converter
2009-01-19 19:48 --------- d-----w c:\documents and settings\user\Dane aplikacji\PC Tools
2009-01-19 19:47 --------- d---a-w c:\documents and settings\All Users\Dane aplikacji\TEMP
2009-01-13 21:03 --------- d-----w c:\program files\Mario Forever
2009-01-13 21:02 --------- d-----w c:\program files\Lalka Klara - Stylistka
2009-01-04 16:51 --------- d-----w c:\documents and settings\Gość\Dane aplikacji\Babylon
2009-01-01 19:00 --------- d-----w c:\program files\EA GAMES
2009-01-01 18:42 --------- d-----w c:\program files\Common Files\DirectX
2008-12-31 17:40 --------- d-----w c:\program files\Microsoft LifeCam
2008-12-29 19:47 --------- d-----w c:\program files\WildWestWendy
2008-12-17 21:03 --------- d-----w c:\program files\Skype
2008-12-17 21:02 --------- d-----w c:\program files\Common Files\Skype
2008-12-16 18:39 --------- d-----w c:\documents and settings\All Users\Dane aplikacji\Skype
2008-11-15 18:13 24,688 ----a-w c:\documents and settings\user\Dane aplikacji\GDIPFONTCACHEV1.DAT
2006-12-13 22:15 49,152 ----a-r c:\documents and settings\user\Dane aplikacji\Odinstaluj.exe
2004-11-12 03:54 2,608 ----a-w c:\program files\readme.txt
2004-11-12 03:50 377,856 ----a-w c:\program files\ooue.exe
2004-11-12 03:50 176,128 ----a-w c:\program files\oouers.dll
2004-11-12 03:48 151,552 ----a-w c:\program files\oouerwrs.dll
2004-11-12 03:47 126,976 ----a-w c:\program files\ooueabrs.dll
2004-11-12 02:07 258,048 ----a-w c:\program files\oorwiz.dll
2004-11-12 02:07 229,376 ----a-w c:\program files\ooabout.dll
2004-11-03 15:20 25,214 ----a-w c:\program files\dfs.ico
2004-11-03 15:20 25,214 ----a-w c:\program files\dfes.ico
2004-11-03 15:20 25,214 ----a-w c:\program files\dfe.ico
2004-11-03 15:20 25,214 ----a-w c:\program files\df.ico
2004-10-22 16:04 25,214 ----a-w c:\program files\dfl.ico
2004-09-28 01:00 26,240 ----a-w c:\windows\inf\RAMDSK.SYS
2004-08-04 19:46 520,192 ----a-w c:\program files\wscma2u.exe
2002-05-18 14:40 421,888 ----a-w c:\program files\mbible.exe
.
((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane
REGEDIT4
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{ecdee021-0d17-467f-a1ff-c7a115230949}"= "c:\program files\free-downloads.net\tbfree.dll" [2008-02-14 1555480]
[HKEY_CLASSES_ROOT\clsid\{ecdee021-0d17-467f-a1ff-c7a115230949}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{ecdee021-0d17-467f-a1ff-c7a115230949}]
2008-02-14 13:54 1555480 --a------ c:\program files\free-downloads.net\tbfree.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{ecdee021-0d17-467f-a1ff-c7a115230949}"= "c:\program files\free-downloads.net\tbfree.dll" [2008-02-14 1555480]
[HKEY_CLASSES_ROOT\clsid\{ecdee021-0d17-467f-a1ff-c7a115230949}]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{ECDEE021-0D17-467F-A1FF-C7A115230949}"= "c:\program files\free-downloads.net\tbfree.dll" [2008-02-14 1555480]
[HKEY_CLASSES_ROOT\clsid\{ecdee021-0d17-467f-a1ff-c7a115230949}]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2004-08-04 15360]
"Gadu-Gadu"="c:\program files\Gadu-Gadu\gg.exe" [2008-03-20 2127296]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"igfxtray"="c:\windows\system32\igfxtray.exe" [2005-07-19 94208]
"igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2005-09-09 77824]
"igfxpers"="c:\windows\system32\igfxpers.exe" [2005-09-09 114688]
"LifeCam"="c:\program files\Microsoft LifeCam\LifeExp.exe" [2007-05-17 279912]
"VX1000"="c:\windows\vVX1000.exe" [2007-04-10 709992]
"Samsung PanelMgr"="c:\windows\Samsung\PanelMgr\SSMMgr.exe" [2008-01-24 512000]
"Skrót do strony właściwości High Definition Audio"="HDAShCut.exe" [2005-01-07 c:\windows\system32\HDAShCut.exe]
"SMSERIAL"="sm56hlpr.exe" [2005-08-12 c:\windows\sm56hlpr.exe]
"SoundMan"="SOUNDMAN.EXE" [2005-09-21 c:\windows\SoundMan.exe]
"AlcWzrd"="ALCWZRD.EXE" [2005-09-21 c:\windows\alcwzrd.exe]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2004-08-04 15360]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\OdysseyClient]
2006-11-04 13:54 106496 c:\windows\system32\odyEvent.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.l3codec"= l3codecp.acm
"vidc.3iv2"= 3ivxVfWCodec.dll
"VIDC.HFYU"= huffyuv.dll
"VIDC.i263"= i263_32.drv
"msacm.imc"= imc32.acm
"VIDC.VP31"= vp31vfw.dll
"VIDC.FFDS"= c:\progra~1\COMBIN~1\Filters\FFDShow\ff_vfw.dll
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk /p \??\J:\0autocheck autochk *
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Gadu-Gadu\\gg.exe"=
"c:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"=
"c:\\Program Files\\Microsoft LifeCam\\LifeCam.exe"=
"c:\\Program Files\\Microsoft LifeCam\\LifeExp.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
R0 AFPAnsi;G-DATA Ukrywacz Ansi;c:\windows\system32\drivers\AFPAnsi.sys [2007-02-24 43904]
R0 FO_PAnt;FotoOffice VirtualDisc Driver;c:\windows\system32\drivers\FO_PAnt.sys [2007-02-24 89216]
S2 SSPORT;SSPORT;\??\c:\windows\system32\Drivers\SSPORT.sys --> c:\windows\system32\Drivers\SSPORT.sys [?]
S3 k510bus;Sony Ericsson K510 Driver driver (WDM);c:\windows\system32\drivers\k510bus.sys [2006-12-23 58288]
S3 k510mdfl;Sony Ericsson K510 USB WMC Modem Filter;c:\windows\system32\drivers\k510mdfl.sys [2006-12-23 8336]
S3 k510mdm;Sony Ericsson K510 USB WMC Modem Driver;c:\windows\system32\drivers\k510mdm.sys [2006-12-23 94064]
S3 k510mgmt;Sony Ericsson K510 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\k510mgmt.sys [2006-12-23 85408]
S3 k510obex;Sony Ericsson K510 USB WMC OBEX Interface;c:\windows\system32\drivers\k510obex.sys [2006-12-23 83344]
S3 KS-959;Kingsun KS-959 USB Infrared Adapter;c:\windows\system32\drivers\KS-959.sys [2006-11-26 19018]
S3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2005-08-02 32512]
S3 SER120;OTI Serial port driver;c:\windows\system32\drivers\ser120.sys [2006-12-04 32910]
S3 XLoader;PLEXTOR EZ-USB FX2 FIRMWARE LOADER (XLoader.sys);c:\windows\system32\drivers\XLoader.sys [2004-01-21 13184]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{00446a67-2d5a-11dc-8778-00166fa7eddf}]
\Shell\AutoRun\command - H:\USBNB.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{024dbf44-1456-11dd-8a8f-9159ff5ea2ab}]
\Shell\AutoRun\command - G:\setup.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{85d1eac0-2d51-11dc-8777-00166fa7eddf}]
\Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe pagefile.sys.vbs
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{aef2ab3a-75a8-11db-b3a5-806d6172696f}]
\Shell\AutoRun\command - E:\setupSNK.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{af5909e2-a836-11dd-bf7c-001167bdd24d}]
\Shell\AutoRun\command - G:\AutoRun.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b55e9bbf-a834-11dd-bf7b-001167bdd24d}]
\Shell\AutoRun\command - G:\AutoRun.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c1a24241-e2ef-11dc-89d6-c6805e65c9ef}]
\Shell\AutoRun\command - E:\setupSNK.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c8747081-d683-11dc-89a6-c3fc947bd355}]
\Shell\AutoRun\command - F:\setupSNK.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{de72b39d-c5e9-11dd-bfd8-00166fa7eddf}]
\Shell\AutoRun\command - G:\AutoRun.exe
.
Zawartość folderu 'Zaplanowane zadania'
2008-07-14 c:\windows\Tasks\Pasjans.job
- c:\windows\system32\sol.exe [2004-08-04 13:00]
2009-02-16 c:\windows\Tasks\Watchtower Library 2007 - wydanie polskie.job
- c:\progra~1\WATCHT~1\WATCHT~1\P\WTLIBR~1.EXE [2007-10-19 13:38]
.
- - - - USUNIĘTO PUSTE WPISY - - - -
HKCU-Run-wsctf.exe - wsctf.exe
.
------- Skan uzupełniający -------
.
uStart Page = https://www.jw.org/index.xjp?option=PBrT&am...wADLFFRmDc#a502
IE: E&ksport do programu Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
DPF: {68282C51-9459-467B-95BF-3C0E89627E55} - hxxp://www.mks.com.pl/skaner/SkanerOnline.cab
FF - ProfilePath - c:\documents and settings\user\Dane aplikacji\Mozilla\Firefox\Profiles\u2rvqwdi.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.babylon.com/web/{searchTerms}?babsrc=browsersearch
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.jw.org/index.html?option=YBTVr1
.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-02-16 20:27:52
Windows 5.1.2600 Dodatek Service Pack 2 NTFS
skanowanie ukrytych procesów ...
skanowanie ukrytych wpisów autostartu ...
skanowanie ukrytych plików ...
skanowanie pomyślnie ukończone
ukryte pliki: 0
**************************************************************************
.
--------------------- ZABLOKOWANE KLUCZE REJESTRU ---------------------
[HKEY_USERS\S-1-5-21-3298081236-2831665942-3950114082-1006\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
--------------------- Pliki DLL ładowane pod uruchomionymi procesami ---------------------
- - - - - - - > 'winlogon.exe'(700)
c:\windows\system32\odyEvent.dll
c:\program files\Kaspersky Lab\Kaspersky Internet Security 6.0\adialhk.dll
c:\windows\system32\msi.dll
.
------------------------ Pozostałe uruchomione procesy ------------------------
.
c:\program files\Fujitsu Siemens Computers\Odyssey Client for Fujitsu Siemens Computers\odClientService.exe
c:\program files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe
c:\program files\Microsoft LifeCam\MSCamS32.exe
c:\windows\system32\snmp.exe
c:\program files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
c:\program files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe
c:\program files\Common Files\Softwin\BitDefender Scan Server\bdss.exe
c:\windows\system32\wscntfy.exe
c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
.
**************************************************************************
.
Czas ukończenia: 2009-02-16 20:31:53 - komputer został uruchomiony ponownie
ComboFix-quarantined-files.txt 2009-02-16 19:31:50
Przed: 8 908 562 432 bajtów wolnych
Po: 9,135,038,464 bajtów wolnych
WindowsXP-KB310994-SP2-Home-BootDisk-PLK.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect
271
Raport z CF:
CODE-BOX
Microsoft Windows XP Home Edition 5.1.2600.2.1250.1.1045.18.1519.1017 [GMT 1:00]
Uruchomiony z: c:\documents and settings\user\Pulpit\ComboFix.exe
AV: ESET NOD32 antivirus system 2.70 *On-access scanning enabled* (Outdated)
AV: Kaspersky Internet Security *On-access scanning disabled* (Updated)
FW: Kaspersky Internet Security *disabled*
* Utworzono nowy punkt przywracania
.
((((((((((((((((((((((((((((((((((((((( Usunięto )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\windows\system32\klogon.dll
c:\windows\system32\mpg4c32.dll
.
((((((((((((((((((((((((( Pliki utworzone od 2009-01-16 do 2009-02-16 )))))))))))))))))))))))))))))))
.
2009-02-14 18:51 . 2002-01-01 03:28 860,211 --a-s---- c:\windows\system32\XSIFtk-3.6.2.1.dll
2009-02-14 18:00 . 2009-02-14 18:00 <DIR> d-------- c:\program files\Kreatives.org
2009-02-12 17:42 . 2005-09-16 14:14 157,184 --a------ c:\windows\system32\RtlCPAPI.dll
2009-02-12 17:42 . 2005-07-15 16:48 40,960 --a------ c:\windows\system32\ChCfg.exe
2009-02-12 17:41 . 2009-02-12 17:41 <DIR> d-------- c:\program files\Realtek
2009-02-12 17:41 . 2005-04-16 22:20 487,424 --a------ c:\windows\RtlExUpd.dll
2009-02-12 00:30 . 2009-02-12 00:30 <DIR> d-------- c:\documents and settings\user\Dane aplikacji\AVS4YOU
2009-02-12 00:21 . 2009-02-12 00:21 <DIR> d-------- c:\documents and settings\All Users\Dane aplikacji\AVS4YOU
2009-02-12 00:17 . 2009-02-12 00:21 <DIR> d-------- c:\program files\Common Files\AVSMedia
2009-02-12 00:17 . 2009-02-12 00:21 <DIR> d-------- c:\program files\AVS4YOU
2009-02-12 00:17 . 2007-09-27 15:22 261,632 --a------ c:\windows\system32\mcdvd_32.dll
2009-02-12 00:17 . 2003-05-22 00:50 156,910 --a------ c:\windows\WMSysPr8.prx
2009-02-12 00:17 . 2003-05-22 00:50 82,944 --a------ c:\windows\system32\vct3216.acm
2009-02-12 00:17 . 2004-09-06 17:06 53,248 --a------ c:\windows\system32\xvid.ax
2009-02-12 00:17 . 2003-05-22 00:50 38,912 --a------ c:\windows\system32\alf2cd.acm
2009-02-12 00:17 . 2000-03-14 21:55 13,239 --a------ c:\windows\system32\Scg726.acm
2009-02-08 17:49 . 2009-02-08 17:49 <DIR> d-------- c:\program files\Combined Community Codec Pack
2009-02-07 23:03 . 2009-02-07 23:06 <DIR> d----c--- C:\Perl
2009-02-07 22:34 . 2009-02-07 22:34 <DIR> d-------- c:\program files\3wPlayer
2009-02-07 20:43 . 2009-02-07 20:43 <DIR> d-------- c:\documents and settings\user\Dane aplikacji\Atari
2009-02-07 20:24 . 2009-02-07 20:24 <DIR> d-------- c:\program files\Atari
2009-02-07 20:24 . 2009-02-07 20:24 <DIR> d-------- c:\documents and settings\user\Dane aplikacji\InstallShield
2009-02-07 13:53 . 2009-02-07 14:22 <DIR> d----c--- C:\My Media Files
2009-02-07 13:53 . 2009-02-07 13:53 43 --a------ c:\windows\Aurora Media Workshop.INI
2009-02-07 13:52 . 2002-05-06 11:01 45,056 --a------ c:\windows\system32\WNASPI32.DLL
2009-02-07 13:52 . 1999-09-10 12:06 45,056 --a------ c:\windows\system32\WNASPI2K.BAK
2009-02-07 13:52 . 1999-09-10 12:06 25,244 --a------ c:\windows\system32\drivers\ASPI2K.BAK
2009-02-07 13:52 . 2002-05-06 11:01 17,005 --a------ c:\windows\system32\drivers\ASPI32.SYS
2009-02-07 13:52 . 2001-04-19 17:34 5,600 --a------ c:\windows\system\WINASPI.DLL
2009-02-07 13:52 . 1999-09-10 12:06 5,600 --a------ c:\windows\system\WINASPI.BAK
2009-02-07 13:52 . 2001-04-19 17:34 4,672 --a------ c:\windows\system\WOWPOST.EXE
2009-02-07 13:52 . 1999-09-10 12:06 4,672 --a------ c:\windows\system\WOWPOST.BAK
2009-02-07 13:51 . 2009-02-07 13:52 <DIR> d-------- c:\program files\Aurora Media Workshop
2009-02-07 13:51 . 2005-11-08 06:32 3,088,384 --a------ c:\windows\system32\erdmpg-4.dll
2009-02-07 13:51 . 2001-08-23 16:00 1,700,352 --a------ c:\windows\system32\gdiplus.dll
2009-02-07 13:51 . 1999-06-03 12:47 142,608 --a------ c:\windows\system32\atl.exe
2009-02-07 13:51 . 2004-10-29 21:46 61,440 --a------ c:\windows\system32\smd.dll
2009-02-05 19:20 . 2009-02-05 19:20 16 --a------ c:\windows\system32\coh.cache
2009-01-19 17:25 . 2009-01-19 17:25 <DIR> d-------- c:\program files\Common Files\PC Tools
.
(((((((((((((((((((((((((((((((((((((((( Sekcja Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-02-16 19:27 77,280,032 --sha-w c:\windows\system32\drivers\fidbox.dat
2009-02-16 19:27 3,271,200 --sha-w c:\windows\system32\drivers\fidbox2.dat
2009-02-16 19:23 310,808 --sha-w c:\windows\system32\drivers\fidbox2.idx
2009-02-16 19:23 1,040,204 --sha-w c:\windows\system32\drivers\fidbox.idx
2009-02-16 19:04 --------- d-----w c:\documents and settings\user\Dane aplikacji\Skype
2009-02-16 18:43 --------- d-----w c:\documents and settings\user\Dane aplikacji\skypePM
2009-02-16 18:42 --------- d-----w c:\documents and settings\All Users\Dane aplikacji\Kaspersky Lab
2009-02-13 12:40 --------- d-----w c:\program files\Gadu-Gadu
2009-02-12 16:41 --------- d--h--w c:\program files\InstallShield Installation Information
2009-02-07 10:35 --------- d-----w c:\program files\Common Files\Symantec Shared
2009-02-05 20:23 --------- d-----w c:\documents and settings\All Users\Dane aplikacji\Symantec
2009-02-05 20:06 --------- d-----w c:\program files\DivX
2009-02-05 20:05 --------- d-----w c:\program files\K-Lite Codec Pack
2009-02-05 16:57 --------- d-----w c:\program files\mks_vir_2007
2009-02-05 16:57 --------- d-----w c:\program files\Common Files\Wise Installation Wizard
2009-02-04 13:08 --------- d-----w c:\program files\eMule
2009-02-03 20:23 89,601 ----a-w c:\windows\system32\drivers\klick.dat
2009-02-03 20:23 101,287 ----a-w c:\windows\system32\drivers\klin.dat
2009-02-02 18:13 --------- d-----w c:\documents and settings\user\Dane aplikacji\Wildfire
2009-02-02 17:57 14 ----a-w c:\documents and settings\user\getfile.dat
2009-01-24 18:00 --------- d-----w c:\program files\Digital Image Recovery
2009-01-20 22:17 --------- d-----w c:\program files\Total Video Converter
2009-01-19 19:48 --------- d-----w c:\documents and settings\user\Dane aplikacji\PC Tools
2009-01-19 19:47 --------- d---a-w c:\documents and settings\All Users\Dane aplikacji\TEMP
2009-01-13 21:03 --------- d-----w c:\program files\Mario Forever
2009-01-13 21:02 --------- d-----w c:\program files\Lalka Klara - Stylistka
2009-01-04 16:51 --------- d-----w c:\documents and settings\Gość\Dane aplikacji\Babylon
2009-01-01 19:00 --------- d-----w c:\program files\EA GAMES
2009-01-01 18:42 --------- d-----w c:\program files\Common Files\DirectX
2008-12-31 17:40 --------- d-----w c:\program files\Microsoft LifeCam
2008-12-29 19:47 --------- d-----w c:\program files\WildWestWendy
2008-12-17 21:03 --------- d-----w c:\program files\Skype
2008-12-17 21:02 --------- d-----w c:\program files\Common Files\Skype
2008-12-16 18:39 --------- d-----w c:\documents and settings\All Users\Dane aplikacji\Skype
2008-11-15 18:13 24,688 ----a-w c:\documents and settings\user\Dane aplikacji\GDIPFONTCACHEV1.DAT
2006-12-13 22:15 49,152 ----a-r c:\documents and settings\user\Dane aplikacji\Odinstaluj.exe
2004-11-12 03:54 2,608 ----a-w c:\program files\readme.txt
2004-11-12 03:50 377,856 ----a-w c:\program files\ooue.exe
2004-11-12 03:50 176,128 ----a-w c:\program files\oouers.dll
2004-11-12 03:48 151,552 ----a-w c:\program files\oouerwrs.dll
2004-11-12 03:47 126,976 ----a-w c:\program files\ooueabrs.dll
2004-11-12 02:07 258,048 ----a-w c:\program files\oorwiz.dll
2004-11-12 02:07 229,376 ----a-w c:\program files\ooabout.dll
2004-11-03 15:20 25,214 ----a-w c:\program files\dfs.ico
2004-11-03 15:20 25,214 ----a-w c:\program files\dfes.ico
2004-11-03 15:20 25,214 ----a-w c:\program files\dfe.ico
2004-11-03 15:20 25,214 ----a-w c:\program files\df.ico
2004-10-22 16:04 25,214 ----a-w c:\program files\dfl.ico
2004-09-28 01:00 26,240 ----a-w c:\windows\inf\RAMDSK.SYS
2004-08-04 19:46 520,192 ----a-w c:\program files\wscma2u.exe
2002-05-18 14:40 421,888 ----a-w c:\program files\mbible.exe
.
((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane
REGEDIT4
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{ecdee021-0d17-467f-a1ff-c7a115230949}"= "c:\program files\free-downloads.net\tbfree.dll" [2008-02-14 1555480]
[HKEY_CLASSES_ROOT\clsid\{ecdee021-0d17-467f-a1ff-c7a115230949}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{ecdee021-0d17-467f-a1ff-c7a115230949}]
2008-02-14 13:54 1555480 --a------ c:\program files\free-downloads.net\tbfree.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{ecdee021-0d17-467f-a1ff-c7a115230949}"= "c:\program files\free-downloads.net\tbfree.dll" [2008-02-14 1555480]
[HKEY_CLASSES_ROOT\clsid\{ecdee021-0d17-467f-a1ff-c7a115230949}]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{ECDEE021-0D17-467F-A1FF-C7A115230949}"= "c:\program files\free-downloads.net\tbfree.dll" [2008-02-14 1555480]
[HKEY_CLASSES_ROOT\clsid\{ecdee021-0d17-467f-a1ff-c7a115230949}]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2004-08-04 15360]
"Gadu-Gadu"="c:\program files\Gadu-Gadu\gg.exe" [2008-03-20 2127296]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"igfxtray"="c:\windows\system32\igfxtray.exe" [2005-07-19 94208]
"igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2005-09-09 77824]
"igfxpers"="c:\windows\system32\igfxpers.exe" [2005-09-09 114688]
"LifeCam"="c:\program files\Microsoft LifeCam\LifeExp.exe" [2007-05-17 279912]
"VX1000"="c:\windows\vVX1000.exe" [2007-04-10 709992]
"Samsung PanelMgr"="c:\windows\Samsung\PanelMgr\SSMMgr.exe" [2008-01-24 512000]
"Skrót do strony właściwości High Definition Audio"="HDAShCut.exe" [2005-01-07 c:\windows\system32\HDAShCut.exe]
"SMSERIAL"="sm56hlpr.exe" [2005-08-12 c:\windows\sm56hlpr.exe]
"SoundMan"="SOUNDMAN.EXE" [2005-09-21 c:\windows\SoundMan.exe]
"AlcWzrd"="ALCWZRD.EXE" [2005-09-21 c:\windows\alcwzrd.exe]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2004-08-04 15360]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\OdysseyClient]
2006-11-04 13:54 106496 c:\windows\system32\odyEvent.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.l3codec"= l3codecp.acm
"vidc.3iv2"= 3ivxVfWCodec.dll
"VIDC.HFYU"= huffyuv.dll
"VIDC.i263"= i263_32.drv
"msacm.imc"= imc32.acm
"VIDC.VP31"= vp31vfw.dll
"VIDC.FFDS"= c:\progra~1\COMBIN~1\Filters\FFDShow\ff_vfw.dll
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk /p \??\J:\0autocheck autochk *
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Gadu-Gadu\\gg.exe"=
"c:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"=
"c:\\Program Files\\Microsoft LifeCam\\LifeCam.exe"=
"c:\\Program Files\\Microsoft LifeCam\\LifeExp.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
R0 AFPAnsi;G-DATA Ukrywacz Ansi;c:\windows\system32\drivers\AFPAnsi.sys [2007-02-24 43904]
R0 FO_PAnt;FotoOffice VirtualDisc Driver;c:\windows\system32\drivers\FO_PAnt.sys [2007-02-24 89216]
S2 SSPORT;SSPORT;\??\c:\windows\system32\Drivers\SSPORT.sys --> c:\windows\system32\Drivers\SSPORT.sys [?]
S3 k510bus;Sony Ericsson K510 Driver driver (WDM);c:\windows\system32\drivers\k510bus.sys [2006-12-23 58288]
S3 k510mdfl;Sony Ericsson K510 USB WMC Modem Filter;c:\windows\system32\drivers\k510mdfl.sys [2006-12-23 8336]
S3 k510mdm;Sony Ericsson K510 USB WMC Modem Driver;c:\windows\system32\drivers\k510mdm.sys [2006-12-23 94064]
S3 k510mgmt;Sony Ericsson K510 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\k510mgmt.sys [2006-12-23 85408]
S3 k510obex;Sony Ericsson K510 USB WMC OBEX Interface;c:\windows\system32\drivers\k510obex.sys [2006-12-23 83344]
S3 KS-959;Kingsun KS-959 USB Infrared Adapter;c:\windows\system32\drivers\KS-959.sys [2006-11-26 19018]
S3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2005-08-02 32512]
S3 SER120;OTI Serial port driver;c:\windows\system32\drivers\ser120.sys [2006-12-04 32910]
S3 XLoader;PLEXTOR EZ-USB FX2 FIRMWARE LOADER (XLoader.sys);c:\windows\system32\drivers\XLoader.sys [2004-01-21 13184]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{00446a67-2d5a-11dc-8778-00166fa7eddf}]
\Shell\AutoRun\command - H:\USBNB.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{024dbf44-1456-11dd-8a8f-9159ff5ea2ab}]
\Shell\AutoRun\command - G:\setup.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{85d1eac0-2d51-11dc-8777-00166fa7eddf}]
\Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe pagefile.sys.vbs
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{aef2ab3a-75a8-11db-b3a5-806d6172696f}]
\Shell\AutoRun\command - E:\setupSNK.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{af5909e2-a836-11dd-bf7c-001167bdd24d}]
\Shell\AutoRun\command - G:\AutoRun.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b55e9bbf-a834-11dd-bf7b-001167bdd24d}]
\Shell\AutoRun\command - G:\AutoRun.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c1a24241-e2ef-11dc-89d6-c6805e65c9ef}]
\Shell\AutoRun\command - E:\setupSNK.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c8747081-d683-11dc-89a6-c3fc947bd355}]
\Shell\AutoRun\command - F:\setupSNK.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{de72b39d-c5e9-11dd-bfd8-00166fa7eddf}]
\Shell\AutoRun\command - G:\AutoRun.exe
.
Zawartość folderu 'Zaplanowane zadania'
2008-07-14 c:\windows\Tasks\Pasjans.job
- c:\windows\system32\sol.exe [2004-08-04 13:00]
2009-02-16 c:\windows\Tasks\Watchtower Library 2007 - wydanie polskie.job
- c:\progra~1\WATCHT~1\WATCHT~1\P\WTLIBR~1.EXE [2007-10-19 13:38]
.
- - - - USUNIĘTO PUSTE WPISY - - - -
HKCU-Run-wsctf.exe - wsctf.exe
.
------- Skan uzupełniający -------
.
uStart Page = https://www.jw.org/index.xjp?option=PBrT&am...wADLFFRmDc#a502
IE: E&ksport do programu Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
DPF: {68282C51-9459-467B-95BF-3C0E89627E55} - hxxp://www.mks.com.pl/skaner/SkanerOnline.cab
FF - ProfilePath - c:\documents and settings\user\Dane aplikacji\Mozilla\Firefox\Profiles\u2rvqwdi.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.babylon.com/web/{searchTerms}?babsrc=browsersearch
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.jw.org/index.html?option=YBTVr1
.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-02-16 20:27:52
Windows 5.1.2600 Dodatek Service Pack 2 NTFS
skanowanie ukrytych procesów ...
skanowanie ukrytych wpisów autostartu ...
skanowanie ukrytych plików ...
skanowanie pomyślnie ukończone
ukryte pliki: 0
**************************************************************************
.
--------------------- ZABLOKOWANE KLUCZE REJESTRU ---------------------
[HKEY_USERS\S-1-5-21-3298081236-2831665942-3950114082-1006\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
--------------------- Pliki DLL ładowane pod uruchomionymi procesami ---------------------
- - - - - - - > 'winlogon.exe'(700)
c:\windows\system32\odyEvent.dll
c:\program files\Kaspersky Lab\Kaspersky Internet Security 6.0\adialhk.dll
c:\windows\system32\msi.dll
.
------------------------ Pozostałe uruchomione procesy ------------------------
.
c:\program files\Fujitsu Siemens Computers\Odyssey Client for Fujitsu Siemens Computers\odClientService.exe
c:\program files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe
c:\program files\Microsoft LifeCam\MSCamS32.exe
c:\windows\system32\snmp.exe
c:\program files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
c:\program files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe
c:\program files\Common Files\Softwin\BitDefender Scan Server\bdss.exe
c:\windows\system32\wscntfy.exe
c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
.
**************************************************************************
.
Czas ukończenia: 2009-02-16 20:31:53 - komputer został uruchomiony ponownie
ComboFix-quarantined-files.txt 2009-02-16 19:31:50
Przed: 8 908 562 432 bajtów wolnych
Po: 9,135,038,464 bajtów wolnych
WindowsXP-KB310994-SP2-Home-BootDisk-PLK.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect
271
i jescze log z HT:
CODE-BOX
Scan saved at 23:56:17, on 2009-02-16
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fujitsu Siemens Computers\Odyssey Client for Fujitsu Siemens Computers\odClientService.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Microsoft LifeCam\MSCamS32.exe
C:\WINDOWS\System32\snmp.exe
C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\sm56hlpr.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.jw.org/index.xjp?option=PBrT&am...wADLFFRmDc#a502
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
R3 - URLSearchHook: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfree.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfree.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfree.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\Program Files\Aurora Media Workshop\msdxm.ocx
O4 - HKLM\..\Run: [Skrót do strony właściwości High Definition Audio] HDAShCut.exe
O4 - HKLM\..\Run: [SMSERIAL] sm56hlpr.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [LifeCam] "C:\Program Files\Microsoft LifeCam\LifeExp.exe"
O4 - HKLM\..\Run: [VX1000] C:\WINDOWS\vVX1000.exe
O4 - HKLM\..\Run: [Samsung PanelMgr] C:\WINDOWS\Samsung\PanelMgr\SSMMgr.exe /autorun
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Gadu-Gadu] "C:\Program Files\Gadu-Gadu\gg.exe" /tray
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: E_SPSU01.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - http://www.cult3d.com/download/cult.cab
O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} (MksSkanerOnline Class) - http://www.mks.com.pl/skaner/SkanerOnline.cab
O16 - DPF: {E7D2588A-7FB5-47DC-8830-832605661009} (Live Collaboration) - http://bok.plusgsm.pl/rnt/rnl/java/RntX.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Kaspersky Internet Security 6.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Odyssey Client for Fujitsu Siemens Computers (odClientService) - Funk Software, Inc. - C:\Program Files\Fujitsu Siemens Computers\Odyssey Client for Fujitsu Siemens Computers\odClientService.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
O23 - Service: BitDefender Communicator (XCOMM) - Softwin - C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe
--
End of file - 6011 bytes
Nie popędzamy innych przy pomaganiu w problemie. Nie piszemy postów pod postem, od tego jest opcja edytuj.
Dostałem info,że nie wolno popędzać.Chcę więc tylko spytać czy jest możliwość rozwiązania w/w problemu?Dziękuje
Już po problemie.Kolega mi pomógł.
Dzięki za chęć pomocy.Może tylko napiszcie czy te logi są ok, skoro już je podałem.Dzięki
