Skocz do zawartości


Zdjęcie

stan gotowości i problem z prockiem

Rozpoczęty przez Mysha , 30 05 2008 08:18

  • Zamknięty Temat jest zamknięty
5 odpowiedzi w tym temacie

#1 Mysha

Mysha

    Obserwator

  • 7 postów

Napisano 30 05 2008 - 08:18

witajcie,
moj laptop ma problem z wyjsciem ze stanu gotowości po otworzeniu klapy. Mianowicie zużycie procesora jest na poziomie 50-60% no i nie da sie normalnie pracować. Procesy skaczą więc trudno określić który zjada cpu. CO zrobiłam do tej pory: zainstalowałam poprawke windows na problemy przy wychodzeniu ze stanu gotowości, nowe sterowniki do grafiki, audio i wireless - i nic. Czy moze być to problem sprzętowy? Zdaje sie wszystko dązy do reinstalacji. Komputer jest nowy. Lapek: Icom Intel Core 2 Duo T8100 2.1GHz, GeForce 8600GT 256MB. Wczesniej byl zainstalowany i odinstalowany sp3. Odinstalowałam na wszelki wypadek, nie wiem czy to sp3 generował problem.
Z góry dzięki za "dorady" :)

  • 0

#2 makensis

makensis

    Naczelny

  • 5 036 postów

Napisano 02 06 2008 - 13:57

Log z Hijack this , proszę.

  • 0

#3 Mysha

Mysha

    Obserwator

  • 7 postów

Napisano 03 06 2008 - 20:42

Log z Hijack this , proszę.


od czasu ostatniego posta zrobiłam reinstalacje systemu i testy sprzętu. Odświeżenie systemu nie pomogło, sprzęt jest ok.
oto logi:

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,c:\program files\g data internetsecurity\avkkid\avkcks.exe
O2 - BHO: G DATA WebFilter Class - {0124123D-61B4-456f-AF86-78C53A0790C5} - (no file)
O3 - Toolbar: (no name) - {0124123D-61B4-456f-AF86-78C53A0790C5} - (no file)
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA LOKALNA')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA SIECIOWA')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Wyślij do urządzenia &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe


czemu działa cyberlink? z autostartu wyrzucony był a i tak się załącza
  • 0

#4 wncvirus

wncvirus

    Leń !

  • 851 postów

Napisano 04 06 2008 - 13:47

Odpal hjt i wybierz do a system scan only.Zrobi Ci się log i zaznacz kwadraty obok poniżsyzch wpisów i daj fix

O2 - BHO: G DATA WebFilter Class - {0124123D-61B4-456f-AF86-78C53A0790C5} - (no file)
O3 - Toolbar: (no name) - {0124123D-61B4-456f-AF86-78C53A0790C5} - (no file)


Podan to daj loga z combofixa
  • 0

#5 Mysha

Mysha

    Obserwator

  • 7 postów

Napisano 04 06 2008 - 14:25

zainstalowałam wszystkie poprawki i sp3, jest lepiej, ale nie super. Zużycie spada do 0 nawet ale ciągle skacze. 0-55%. Tzn ze coś z plikami systemowymi skoro mu się poprawiło po aktualizacji. Ale nie naprawiło. nowe logi z hj:

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\RTHDCPL.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA LOKALNA')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA SIECIOWA')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Wyślij do urządzenia &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe




Oraz log z combo:

2008-06-04 13:58 . 2008-06-04 13:58 <DIR> d-------- C:\Program Files\Trend Micro
2008-06-04 12:10 . 2008-05-01 16:35 53,248 --a------ C:\WINDOWS\system32\CSVer.dll
2008-06-04 11:51 . 2008-06-04 11:51 688,128 --a------ C:\WINDOWS\system32\mmamr.ax
2008-06-04 11:50 . 2008-06-04 11:50 2,486,272 --a------ C:\WINDOWS\system32\ffdshow.ax
2008-06-04 11:50 . 2008-06-04 11:50 892,928 --a------ C:\WINDOWS\system32\iconv.dll
2008-06-04 11:50 . 2008-06-04 11:50 577,536 --a------ C:\WINDOWS\system32\ac3filter.ax
2008-06-04 11:50 . 2008-06-04 11:50 404,992 --a------ C:\WINDOWS\system32\libmplayer.dll
2008-06-04 11:50 . 2008-06-04 11:50 348,160 --a------ C:\WINDOWS\system32\CoreVorbis.ax
2008-06-04 11:50 . 2008-06-04 11:50 319,488 --a------ C:\WINDOWS\system32\CoreAAC.ax
2008-06-04 11:50 . 2008-06-04 11:50 301,568 --a------ C:\WINDOWS\system32\l3codecp.acm
2008-06-04 11:50 . 2008-06-04 11:50 126,976 --a------ C:\WINDOWS\system32\libmpeg2_ff.dll
2008-06-04 11:50 . 2008-06-04 11:50 547 --a------ C:\WINDOWS\system32\ffdshow.ax.manifest
2008-06-04 11:48 . 2008-06-04 11:48 630,784 --a------ C:\WINDOWS\system32\divxdec.ax
2008-06-04 11:48 . 2008-06-04 11:48 524,288 --a------ C:\WINDOWS\system32\DivXsm.exe
2008-06-04 11:48 . 2008-06-04 11:48 413,696 --a------ C:\WINDOWS\system32\FLVSplitter.ax
2008-06-04 11:48 . 2008-06-04 11:48 391,168 --a------ C:\WINDOWS\system32\i263_32.drv
2008-06-04 11:48 . 2008-06-04 11:48 352,401 --a------ C:\WINDOWS\system32\DivXMedia.ax
2008-06-04 11:48 . 2008-06-04 11:48 245,760 --a------ C:\WINDOWS\system32\mplvpx.dll
2008-06-04 11:48 . 2008-06-04 11:48 106,496 --a------ C:\WINDOWS\system32\lmpgspl.ax
2008-06-04 11:48 . 2008-06-04 11:48 94,208 --a------ C:\WINDOWS\system32\lmpgvd.ax
2008-06-04 11:48 . 2008-06-04 11:48 86,528 --a------ C:\WINDOWS\system32\DVDVideo.ax
2008-06-04 11:48 . 2008-06-04 11:48 9,216 --a------ C:\WINDOWS\system32\cpuinf32.dll
2008-06-04 11:47 . 2008-06-04 11:47 <DIR> d-------- C:\Program Files\Real Alternative
2008-06-04 11:46 . 2008-06-04 11:46 <DIR> d-------- C:\Program Files\QT Lite
2008-06-04 11:46 . 2008-06-04 11:46 <DIR> d-------- C:\Documents and Settings\All Users\Dane aplikacji\Apple Computer
2008-06-04 11:46 . 2008-03-28 21:07 90,112 --a------ C:\WINDOWS\system32\QuickTimeVR.qtx
2008-06-04 11:46 . 2008-03-28 21:07 57,344 --a------ C:\WINDOWS\system32\QuickTime.qts
2008-06-04 11:43 . 2008-06-04 11:43 <DIR> d-------- C:\Program Files\MarBit
2008-06-04 11:40 . 2008-06-04 11:41 <DIR> d-------- C:\Program Files\Common Files\Adobe
2008-06-04 11:12 . 2008-06-04 11:12 0 --a------ C:\WINDOWS\nsreg.dat
2008-06-04 11:01 . 2008-06-04 11:01 <DIR> d-------- C:\Documents and Settings\Meg\Dane aplikacji\Gadu-Gadu
2008-06-04 10:59 . 2008-06-04 10:59 <DIR> d-------- C:\Program Files\Gadu-Gadu
2008-06-04 10:59 . 2008-06-04 11:01 <DIR> d-------- C:\Documents and Settings\Meg\Gadu-Gadu
2008-06-04 10:49 . 2004-09-04 03:00 90,112 --a------ C:\WINDOWS\system32\snymsico.dll
2008-06-04 10:49 . 2007-01-23 16:40 42,496 --a------ C:\WINDOWS\system32\drivers\rimsptsk.sys
2008-06-04 10:49 . 2007-02-24 14:42 39,936 --a------ C:\WINDOWS\system32\drivers\rimmptsk.sys
2008-06-04 10:43 . 2008-06-04 10:43 0 --ah----- C:\WINDOWS\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
2008-06-04 10:41 . 2008-06-04 10:41 <DIR> d-------- C:\Documents and Settings\All Users\Dane aplikacji\XP32
2008-06-04 10:41 . 2008-06-04 10:41 <DIR> d-------- C:\Documents and Settings\All Users\Dane aplikacji\Vista64
2008-06-04 10:41 . 2008-06-04 10:41 <DIR> d-------- C:\Documents and Settings\All Users\Dane aplikacji\Vista32
2008-06-04 10:41 . 2007-04-17 09:44 266,240 --a------ C:\WINDOWS\system32\EMSC.DLL
2008-06-04 10:41 . 2007-03-14 10:16 9,856 --a------ C:\WINDOWS\system32\drivers\EMSC.sys
2008-06-04 10:40 . 2008-06-04 10:40 <DIR> d-------- C:\Program Files\Compal
2008-06-04 10:39 . 2008-06-04 10:39 <DIR> d-------- C:\WINDOWS\Downloaded Installations
2008-06-04 10:32 . 2008-06-04 10:32 <DIR> d-------- C:\Program Files\Broadcom
2008-06-04 10:32 . 2007-02-16 15:46 160,256 --a------ C:\WINDOWS\system32\drivers\b57xp32.sys
2008-06-04 10:32 . 2007-02-16 15:46 160,256 --a--c--- C:\WINDOWS\system32\dllcache\b57xp32.sys
2008-06-04 10:29 . 2008-04-14 19:20 21,504 --a------ C:\WINDOWS\system32\hidserv.dll
2008-06-04 10:29 . 2008-04-14 19:20 21,504 --a--c--- C:\WINDOWS\system32\dllcache\hidserv.dll
2008-06-04 10:27 . 2008-04-14 18:20 14,720 --a------ C:\WINDOWS\system32\drivers\kbdhid.sys
2008-06-04 10:27 . 2008-04-14 18:20 14,720 --a--c--- C:\WINDOWS\system32\dllcache\kbdhid.sys
2008-06-04 10:22 . 2006-11-28 08:50 863,402 --a------ C:\WINDOWS\system32\drivers\btkrnl.sys
2008-06-04 10:22 . 2006-10-15 08:02 329,901 --a------ C:\WINDOWS\system32\drivers\btaudio.sys
2008-06-04 10:22 . 2006-10-15 08:01 149,123 --a------ C:\WINDOWS\system32\drivers\btwdndis.sys
2008-06-04 10:22 . 2006-10-15 08:04 106,557 --a------ C:\WINDOWS\system32\btw_ci.dll
2008-06-04 10:22 . 2006-10-15 07:59 67,672 --a------ C:\WINDOWS\system32\drivers\btwusb.sys
2008-06-04 10:22 . 2006-11-28 08:48 47,907 --a------ C:\WINDOWS\system32\drivers\btwhid.sys
2008-06-04 10:22 . 2006-10-09 16:00 30,459 --a------ C:\WINDOWS\system32\drivers\btport.sys
2008-06-04 10:21 . 2008-06-04 10:21 <DIR> d-------- C:\Program Files\WIDCOMM
2008-06-04 10:06 . 2008-06-04 10:06 <DIR> d-------- C:\WINDOWS\system32\pl
2008-06-04 10:06 . 2008-06-04 10:06 <DIR> d-------- C:\WINDOWS\system32\bits
2008-06-04 10:06 . 2008-06-04 10:06 <DIR> d-------- C:\WINDOWS\l2schemas
2008-06-04 10:05 . 2008-06-04 10:06 <DIR> d-------- C:\WINDOWS\ServicePackFiles
2008-06-04 10:00 . 2008-06-04 10:00 <DIR> d-------- C:\WINDOWS\EHome
2008-06-04 09:18 . 2008-06-04 09:18 <DIR> d-------- C:\Program Files\CCleaner
2008-06-04 09:16 . 2008-06-04 09:16 <DIR> d-------- C:\Program Files\AIDA32 - Personal System Information
2008-06-04 08:55 . 2008-06-04 08:55 2,422 --a------ C:\WINDOWS\system32\wpa.bak
2008-06-04 08:44 . 2008-06-04 08:44 <DIR> d--hs---- C:\Documents and Settings\Meg\UserData
2008-06-04 08:41 . 2008-06-04 08:41 <DIR> d-------- C:\Program Files\Alwil Software
2008-06-04 08:40 . 2007-01-17 08:38 983,936 -ra------ C:\WINDOWS\system32\drivers\smserial.sys
2008-06-04 08:40 . 2007-01-17 08:34 196,608 -ra------ C:\WINDOWS\system32\sm56co6a.dll
2008-06-04 08:39 . 2008-06-04 08:39 <DIR> d-------- C:\Program Files\Motorola
2008-06-04 08:29 . 2008-06-04 08:29 <DIR> d-------- C:\Program Files\DIFX
2008-06-04 08:29 . 2007-08-08 15:29 2,772,992 --a------ C:\WINDOWS\system32\NETw4r32.dll
2008-06-04 08:29 . 2008-03-13 03:25 2,530,176 --a------ C:\WINDOWS\system32\drivers\NETw4x32.sys
2008-06-04 08:29 . 2007-08-08 15:28 684,032 --a------ C:\WINDOWS\system32\NETw4c32.dll
2008-06-04 08:28 . 2008-06-04 08:28 <DIR> d-------- C:\WINDOWS\system32\Lang
2008-06-04 08:28 . 2008-06-04 08:28 940,794 --a------ C:\WINDOWS\system32\LoopyMusic.wav
2008-06-04 08:28 . 2008-06-04 08:28 146,650 --a------ C:\WINDOWS\system32\BuzzingBee.wav
2008-06-04 08:28 . 2008-04-13 20:45 52,864 --a------ C:\WINDOWS\system32\drivers\dmusic.sys
2008-06-04 08:28 . 2008-04-13 20:45 6,272 --a------ C:\WINDOWS\system32\drivers\splitter.sys
2008-06-04 08:27 . 2008-04-13 21:17 83,072 --a------ C:\WINDOWS\system32\drivers\wdmaud.sys
2008-06-04 08:26 . 2008-04-13 20:45 172,416 --a------ C:\WINDOWS\system32\drivers\kmixer.sys
2008-06-04 08:26 . 2008-04-13 18:39 142,592 --a------ C:\WINDOWS\system32\drivers\aec.sys
2008-06-04 08:26 . 2008-04-13 21:15 60,800 --a------ C:\WINDOWS\system32\drivers\sysaudio.sys
2008-06-04 08:26 . 2008-04-13 20:45 56,576 --a------ C:\WINDOWS\system32\drivers\swmidi.sys
2008-06-04 08:26 . 2006-08-01 15:02 49,152 --a------ C:\WINDOWS\system32\ChCfg.exe
2008-06-04 08:26 . 2008-04-13 20:45 2,944 --a------ C:\WINDOWS\system32\drivers\drmkaud.sys
2008-06-04 08:26 . 2007-11-14 15:18 553 --a------ C:\WINDOWS\USetup.iss
2008-06-04 08:25 . 2008-06-04 08:25 <DIR> d-------- C:\Program Files\Realtek
2008-06-04 08:25 . 2008-06-04 10:49 <DIR> d--h----- C:\Program Files\InstallShield Installation Information
2008-06-04 08:23 . 2008-06-04 08:23 <DIR> d-------- C:\Documents and Settings\All Users\Dane aplikacji\nView_Profiles
2008-06-04 08:22 . 2008-06-04 08:22 <DIR> d-------- C:\WINDOWS\nview
2008-06-04 08:21 . 2008-06-04 10:38 <DIR> d-------- C:\Program Files\Common Files\InstallShield
2008-06-04 08:21 . 2008-06-04 08:21 <DIR> d-------- C:\nVidia Forceware
2008-06-04 08:17 . 2008-06-04 12:27 <DIR> d----c--- C:\WINDOWS\system32\DRVSTORE
2008-06-04 08:17 . 2008-06-04 08:17 <DIR> d-------- C:\Program Files\Intel
2008-06-04 08:17 . 2008-06-04 08:17 <DIR> d-------- C:\Intel
2008-06-04 02:06 . 2008-04-14 18:05 58,880 --a------ C:\WINDOWS\system32\drivers\redbook.sys
2008-06-04 02:06 . 2008-04-13 20:36 14,208 --a------ C:\WINDOWS\system32\drivers\battc.sys
2008-06-04 02:06 . 2008-04-13 20:36 13,952 --a------ C:\WINDOWS\system32\drivers\cmbatt.sys
2008-06-04 02:06 . 2008-04-13 20:36 10,240 --a------ C:\WINDOWS\system32\drivers\compbatt.sys
2008-06-04 02:06 . 2001-08-17 23:46 6,400 --a------ C:\WINDOWS\system32\drivers\enum1394.sys
2008-06-04 02:05 . 2008-04-14 19:20 77,312 --a------ C:\WINDOWS\system32\usbui.dll
2008-06-04 02:05 . 2008-04-13 20:36 8,832 --a------ C:\WINDOWS\system32\drivers\wmiacpi.sys
2008-06-04 02:04 . 2008-06-04 02:04 <DIR> dr-h----- C:\Documents and Settings\Default User\Ustawienia lokalne
2008-06-04 02:04 . 2008-06-04 02:04 <DIR> d-------- C:\Documents and Settings\Default User\Ulubione
2008-06-04 02:04 . 2008-06-04 00:13 <DIR> d--h----- C:\Documents and Settings\Default User\Szablony
2008-06-04 02:04 . 2008-06-04 02:04 <DIR> d-------- C:\Documents and Settings\Default User\Pulpit
2008-06-04 02:04 . 2008-06-04 02:04 <DIR> d-------- C:\Documents and Settings\Default User\Moje dokumenty
2008-06-04 02:04 . 2008-06-04 02:04 <DIR> dr------- C:\Documents and Settings\Default User\Menu Start
2008-06-04 02:04 . 2008-06-04 02:04 <DIR> dr-h----- C:\Documents and Settings\Default User\Dane aplikacji
2008-06-04 02:04 . 2008-06-04 02:04 <DIR> d-------- C:\Documents and Settings\All Users\Ulubione
2008-06-04 02:04 . 2008-06-04 02:04 <DIR> d--h----- C:\Documents and Settings\All Users\Szablony
2008-06-04 02:04 . 2008-06-04 11:52 <DIR> d-------- C:\Documents and Settings\All Users\Pulpit
2008-06-04 02:04 . 2008-06-04 10:25 <DIR> dr------- C:\Documents and Settings\All Users\Menu Start
2008-06-04 02:04 . 2008-06-04 00:14 <DIR> dr------- C:\Documents and Settings\All Users\Dokumenty
2008-06-04 02:04 . 2008-06-04 11:47 <DIR> dr-h----- C:\Documents and Settings\All Users\Dane aplikacji
2008-06-04 02:03 . 2008-06-04 00:16 <DIR> d--h----- C:\Documents and Settings\Default User
2008-06-04 02:03 . 2008-06-04 00:15 <DIR> d-------- C:\Documents and Settings\All Users
2008-06-04 02:03 . 2008-06-04 00:23 <DIR> d-------- C:\Documents and Settings
2008-06-04 02:02 . 2008-06-04 00:20 261 --a------ C:\WINDOWS\system32\$winnt$.inf

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-06-04 09:47 79,360 ----a-w C:\WINDOWS\system32\mkzlib.dll
2008-06-04 09:47 755,027 ----a-w C:\WINDOWS\system32\xvidcore.dll
2008-06-04 09:47 23,552 ----a-w C:\WINDOWS\system32\mkunicode.dll
2008-06-04 09:47 163,840 ----a-w C:\WINDOWS\system32\ts.dll
2008-06-04 09:47 159,744 ----a-w C:\WINDOWS\system32\mmfinfo.dll
2008-06-04 09:47 148,992 ----a-w C:\WINDOWS\system32\mkx.dll
2008-06-04 09:47 141,312 ----a-w C:\WINDOWS\system32\mp4.dll
2008-06-04 09:47 120,832 ----a-w C:\WINDOWS\system32\ogm.dll
2008-06-04 09:47 108,032 ----a-w C:\WINDOWS\system32\avi.dll
2008-06-04 06:25 315,392 ----a-w C:\WINDOWS\HideWin.exe
2008-06-03 22:16 --------- d-----w C:\Program Files\microsoft frontpage
2008-06-03 22:15 --------- d-----w C:\Program Files\Usługi online
2008-05-20 15:53 4,800,000 ----a-w C:\WINDOWS\system32\drivers\RtkHDAud.sys
2008-05-16 12:39 16,862,720 ----a-w C:\WINDOWS\RTHDCPL.exe
2008-04-23 15:19 442,368 ----a-w C:\WINDOWS\system32\NVUNINST.EXE
2008-04-14 20:51 11,264 ----a-w C:\WINDOWS\system32\spnpinst.exe
2008-04-14 20:50 997,888 ----a-w C:\WINDOWS\system32\setupapi.dll
2008-04-14 20:50 424,960 ----a-w C:\WINDOWS\system32\licdll.dll
2008-04-14 17:46 1,804 ----a-w C:\WINDOWS\system32\dcache.bin
2008-04-14 17:26 332,288 ----a-w C:\WINDOWS\system32\netsetup.exe
2008-04-14 17:22 92,424 ----a-w C:\WINDOWS\system32\rdpdd.dll
2008-04-14 17:22 87,176 ----a-w C:\WINDOWS\system32\rdpwsx.dll
2008-04-14 17:22 695,808 ----a-w C:\WINDOWS\system32\drmv2clt.dll
2008-04-14 17:22 40,840 ----a-w C:\WINDOWS\system32\drivers\termdd.sys
2008-04-14 17:22 356,352 ----a-w C:\WINDOWS\system32\msscp.dll
2008-04-14 17:22 299,520 ----a-w C:\WINDOWS\system32\drmclien.dll
2008-04-14 17:22 259,072 ----a-w C:\WINDOWS\system32\msnetobj.dll
2008-04-14 17:22 21,896 ----a-w C:\WINDOWS\system32\drivers\tdtcp.sys
2008-04-14 17:22 139,656 ----a-w C:\WINDOWS\system32\drivers\rdpwd.sys
2008-04-14 17:22 12,168 ----a-w C:\WINDOWS\system32\tsddd.dll
2008-04-14 17:22 12,040 ----a-w C:\WINDOWS\system32\drivers\tdpipe.sys
2008-04-14 17:20 999,936 ----a-w C:\WINDOWS\system32\syssetup.dll
2008-04-14 17:19 98,304 ----a-w C:\WINDOWS\system32\actxprxy.dll
2008-04-14 17:18 5,632 ----a-w C:\WINDOWS\system32\wmi.dll
2008-04-14 17:18 1,449,472 ----a-w C:\WINDOWS\system32\winntbbu.dll
2008-04-14 17:17 57,375 ----a-w C:\WINDOWS\system32\odbcji32.dll
2008-04-14 17:13 4,126 ----a-w C:\WINDOWS\system32\msdxmlc.dll
2008-04-14 17:12 3,584 ----a-w C:\WINDOWS\system32\msafd.dll
2008-04-14 17:06 3,584 ----a-w C:\WINDOWS\system32\icmp.dll
2008-04-14 17:05 9,344 ----a-w C:\WINDOWS\system32\framebuf.dll
2008-04-14 17:03 3,072 ----a-w C:\WINDOWS\system32\dpnlobby.dll
2008-04-14 17:03 3,072 ----a-w C:\WINDOWS\system32\dpnaddr.dll
2008-04-14 17:01 16,896 ----a-w C:\WINDOWS\system32\cfgmgr32.dll
2008-04-14 17:00 285,696 ----a-w C:\WINDOWS\system32\atmfd.dll
2008-04-14 16:34 73,472 ----a-w C:\WINDOWS\system32\drivers\sr.sys
2008-04-14 16:33 80,256 ----a-w C:\WINDOWS\system32\drivers\parport.sys
2008-04-14 16:33 68,608 ----a-w C:\WINDOWS\system32\drivers\pci.sys
2008-04-14 16:33 120,320 ----a-w C:\WINDOWS\system32\drivers\pcmcia.sys
2008-04-14 16:32 46,848 ----a-w C:\WINDOWS\system32\drivers\p3.sys
2008-04-14 16:29 2,146,816 ----a-w C:\WINDOWS\system32\ntoskrnl.exe
2008-04-14 16:29 2,025,472 ----a-w C:\WINDOWS\system32\ntkrnlpa.exe
2008-04-14 16:25 4,096 ----a-w C:\WINDOWS\system32\dsprpres.dll
2008-04-14 16:22 89,600 ------w C:\WINDOWS\system32\msxml6r.dll
2008-04-14 16:22 800,000 ----a-w C:\WINDOWS\system32\drivers\dmboot.sys
2008-04-14 16:22 153,856 ----a-w C:\WINDOWS\system32\drivers\dmio.sys
2008-04-14 16:20 80,896 ------w C:\WINDOWS\system32\msshavmsg.dll
2008-04-14 16:20 24,960 ----a-w C:\WINDOWS\system32\drivers\kbdclass.sys
2008-04-14 16:18 37,632 ----a-w C:\WINDOWS\system32\drivers\isapnp.sys
2008-04-14 16:17 40,832 ----a-w C:\WINDOWS\system32\drivers\crusoe.sys
2008-04-14 16:16 40,448 ----a-w C:\WINDOWS\system32\drivers\intelppm.sys
2008-04-14 16:15 49,664 ----a-w C:\WINDOWS\system32\inetres.dll
2008-04-14 16:15 2,977,792 ----a-w C:\WINDOWS\system32\wmploc.dll
2008-04-14 16:13 563,200 ----a-w C:\WINDOWS\system32\shdoclc.dll
2008-04-14 16:11 65,280 ----a-w C:\WINDOWS\system32\drivers\serial.sys
2008-04-14 16:11 53,248 ----a-w C:\WINDOWS\system32\drivers\i8042prt.sys
2008-04-14 16:09 25,728 ------w C:\WINDOWS\system32\drivers\hidbth.sys
2008-04-14 16:09 190,976 ----a-w C:\WINDOWS\system32\wmerror.dll
2008-04-14 16:07 10,240 ----a-w C:\WINDOWS\system32\gpkrsrc.dll
2008-04-14 16:05 67,584 ----a-w C:\WINDOWS\system32\browselc.dll
2008-04-14 16:05 273,920 ------w C:\WINDOWS\system32\drivers\bthport.sys
2008-04-14 16:05 1,845,888 ----a-w C:\WINDOWS\system32\win32k.sys
2008-04-14 16:03 44,672 ----a-w C:\WINDOWS\system32\drivers\fips.sys
2008-04-14 16:01 52,864 ----a-w C:\WINDOWS\system32\drivers\volsnap.sys
2008-04-14 16:00 39,936 ----a-w C:\WINDOWS\system32\drivers\processr.sys
2008-04-14 15:59 8,192 ----a-w C:\WINDOWS\system32\asferror.dll
2008-04-14 15:59 103,936 ----a-w C:\WINDOWS\system32\dpcdll.dll
2008-04-14 15:58 41,856 ----a-w C:\WINDOWS\system32\drivers\amdk7.sys
2008-04-14 15:58 41,472 ----a-w C:\WINDOWS\system32\drivers\amdk6.sys
2008-04-14 15:55 23,296 ----a-w C:\WINDOWS\system32\drivers\mouclass.sys
2008-04-14 15:54 30,208 ----a-w C:\WINDOWS\system32\drivers\modem.sys
2008-04-14 15:54 188,544 ----a-w C:\WINDOWS\system32\drivers\acpi.sys
2008-04-13 19:28 175,744 ----a-w C:\WINDOWS\system32\drivers\rdbss.sys
2008-04-13 19:21 162,816 ----a-w C:\WINDOWS\system32\drivers\netbt.sys
2008-04-13 19:20 91,520 ----a-w C:\WINDOWS\system32\drivers\ndiswan.sys
2008-04-13 19:20 361,344 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys
2008-04-13 19:20 182,656 ----a-w C:\WINDOWS\system32\drivers\ndis.sys
2008-04-13 19:19 75,264 ----a-w C:\WINDOWS\system32\drivers\ipsec.sys
2008-04-13 19:19 51,328 ----a-w C:\WINDOWS\system32\drivers\rasl2tp.sys
2008-04-13 19:19 48,384 ----a-w C:\WINDOWS\system32\drivers\raspptp.sys
2008-04-13 19:19 146,048 ----a-w C:\WINDOWS\system32\drivers\portcls.sys
2008-04-13 19:19 138,112 ----a-w C:\WINDOWS\system32\drivers\afd.sys
2008-04-13 19:17 456,576 ----a-w C:\WINDOWS\system32\drivers\mrxsmb.sys
2008-04-13 19:17 105,344 ----a-w C:\WINDOWS\system32\drivers\mup.sys
2008-04-13 19:16 49,536 ----a-w C:\WINDOWS\system32\drivers\classpnp.sys
2008-04-13 19:16 141,056 ----a-w C:\WINDOWS\system32\drivers\ks.sys
2008-04-13 19:15 574,976 ----a-w C:\WINDOWS\system32\drivers\ntfs.sys
2008-04-13 19:15 334,848 ----a-w C:\WINDOWS\system32\drivers\srv.sys
2008-04-13 19:14 63,744 ----a-w C:\WINDOWS\system32\drivers\cdfs.sys
2008-04-13 19:14 143,744 ----a-w C:\WINDOWS\system32\drivers\fastfat.sys
2008-04-13 19:00 225,664 ----a-w C:\WINDOWS\system32\drivers\tcpip6.sys
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-14 19:21 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2008-04-25 20:00 13529088]
"nwiz"="nwiz.exe" [2008-04-25 20:00 1630208 C:\WINDOWS\system32\nwiz.exe]
"RTHDCPL"="RTHDCPL.EXE" [2008-05-16 14:39 16862720 C:\WINDOWS\RTHDCPL.exe]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2008-05-16 01:19 79224]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 22:16 39792]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2008-04-14 19:21 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"vidc.I420"= i263_32.drv

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UpdatesDisableNotify"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

R0 EMSC;COMPAL Embedded System Control;C:\WINDOWS\system32\DRIVERS\EMSC.SYS [2007-03-14 10:16]
R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-05-16 01:20]
R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-05-16 01:16]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\F]
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL index.html

*Newly Created Service* - CATCHME
  • 0

#6 wncvirus

wncvirus

    Leń !

  • 851 postów

Napisano 26 06 2008 - 14:16

Log z hjt czysty

Log z combofix : nic nie widzę podejrzanego.

  • 0
Wróć do Bezpieczeństwo (wirusy i trojany)


Użytkownicy przeglądający ten temat: 0

0 użytkowników, 0 gości, 0 anonimowych

  1. Forum Komputerowe Tweaks.pl
  2. Oprogramowanie
  3. Bezpieczeństwo (wirusy i trojany)
  4. Polityka prywatności
  5. Szukaj
  6. Regulamin Forum ·