Problem z systemem 100% obciażenia pomocy

robert197648 · 13 Sierpień 2008 15:52

Witam jestem tu nowy i nie wiem czy dobrze pisze tego posta (w dobrym dziale)ale do zeczy moj procek(CPU) ciagle skacze na wysokie obroty czyli 100% i spada do 3% dodam ze jak sie to dzieje to nic nie robie na kompie.skanowalem go kilka razy i żaden antyvir nic nie wylapal.pojawił mi sie jakis nie znany proces o nazwie WLANUTL.EXE ZROBILEM SKAN HIJACKIEM ZAMIESZCZAM PONIŻEJ PROSZE O POMOC BO JESTEM LAIKIEM W TYCH SPRAWACH. Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 17:06:20, on 2008-08-13

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16674)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe

C:\WINDOWS\eHome\ehRecvr.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\eHome\ehSched.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\ehome\ehtray.exe

C:\WINDOWS\system32\RUNDLL32.EXE

C:\WINDOWS\eHome\ehmsas.exe

C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe

C:\WINDOWS\SOUNDMAN.EXE

C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe

C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\SRS Labs\Audio Sandbox\SRSSSC.exe

C:\WINDOWS\system32\dllhost.exe

C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

C:\Program Files\SAGEM WiFi manager\WLANUTL.exe

C:\Program Files\Common Files\Nokia\Tss\Instrument API\bin\root.exe

C:\PROGRA~1\INCRED~1\bin\ImApp.exe

C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe

C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe

C:\Program Files\Internet Explorer\IEXPLORE.EXE

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://mystart.incredimail.com/english/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\ievkbd.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll

O4 - HKLM…\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM…\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM…\Run: [GrooveMonitor] “C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe”

O4 - HKLM…\Run: [soundMan] SOUNDMAN.EXE

O4 - HKLM…\Run: [AVP] “C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe”

O4 - HKLM…\Run: [FLSDeviceControlPanel] C:\WINDOWS\system32\FLSDEVCP.EXE

O4 - HKLM…\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM…\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe

O4 - HKCU…\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU…\Run: [sRS Audio Sandbox] “C:\Program Files\SRS Labs\Audio Sandbox\SRSSSC.exe” /hideme

O4 - HKCU…\Run: [Nowe Gadu-Gadu] “C:\Program Files\Nowe Gadu-Gadu\gg.exe”

O4 - HKCU…\Run: [incrediMail] C:\PROGRA~1\INCRED~1\bin\IncMail.exe /c

O4 - HKCU…\Run: [NETDDE.EXE] NETDDE.EXE

O4 - HKCU…\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

O4 - HKUS\S-1-5-18…\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘SYSTEM’)

O4 - HKUS.DEFAULT…\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘Default user’)

O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

O4 - Global Startup: HP Photosmart Premier - Szybkie uruchomienie.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe

O4 - Global Startup: Program sieciowy dla SAGEM Wi-Fi 11g USB adapter.lnk = ?

O8 - Extra context menu item: &Search - ?p=ZNfox000

O8 - Extra context menu item: Download with Rapget - C:\Documents and Settings\robert i anetka\My Documents\programy\rapget\PROGRAM edek_wietlin\rapget.htm

O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll

O9 - Extra ‘Tools’ menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll

O9 - Extra button: Statystyki ochrony WWW - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\SCIEPlgn.dll

O9 - Extra button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra ‘Tools’ menuitem: Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O9 - Extra ‘Tools’ menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra ‘Tools’ menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra ‘Tools’ menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL

O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll

O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe

O23 - Service: Kaspersky Anti-Virus (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe

O23 - Service: My Web Search Service (MyWebSearchService) - Unknown owner - C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwssvc.exe (file missing)

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

–

End of file - 7122 bytes

AComboFix 08-08-13.02 - robert i anetka 2008-08-14 10:32:53.1 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1250.1.1033.18.162 [GMT 2:00] Running from: C:\Documents and Settings\robert i anetka\Desktop\ComboFix.exe * Created a new restore point [color=red]WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED [/color] . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_MYWEBSEARCHSERVICE -------\Legacy_XPROTECTOR -------\Service_MyWebSearchService -------\Service_XPROTECTOR ((((((((((((((((((((((((( Files Created from 2008-07-14 to 2008-08-14 ))))))))))))))))))))))))))))))) . 2008-08-14 10:05 . 2008-08-14 10:08 1,374 --a------ C:\WINDOWS\imsins.BAK 2008-08-13 17:05 . 2008-08-13 17:05

Gutek · 13 Sierpień 2008 15:57

Temat przeniosłem do właściwego działu.

Zmiana zasad wklejania logów na forum - viewtopic.php?f=16&t=253052

Użyj najpierw automatu - Daj log z ComboFix - viewtopic.php?f=16&t=36654

robert197648 · 14 Sierpień 2008 09:16

Zrobiłem scan combofixem cos mi wywalił i zrobił restart,teraz system skacze w granicach od 4% do 35%,prosze niech ktos kto sie zna zobaczy te raporty bo nie wiem co robic a miesiac temu robiłem reinstalke systemu i mam nowego AV,(podejrzany plik to Service: My Web Search Service (MyWebSearchService) - Unknown owner - C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwssvc.exe (file missing)) przy skanie znalazlo vira wiec wywalilem ale nie chce sie usunac wpis rejestru poza tym to WLANUTL.EXE niewiem Skad sie wziol i do czego słurzy ale on tez złurzywa CPU.

huber2t · 14 Sierpień 2008 09:17

Daj log z combofix na forum

robert197648 · 14 Sierpień 2008 09:19

Już jest to ten na zielono

huber2t · 14 Sierpień 2008 09:20

Daj cały log w nowym poście

robert197648 · 14 Sierpień 2008 09:25

AComboFix 08-08-13.02 - robert i anetka 2008-08-14 10:32:53.1 - NTFSx86

Microsoft Windows XP Professional 5.1.2600.2.1250.1.1033.18.162 [GMT 2:00]

Running from: C:\Documents and Settings\robert i anetka\Desktop\ComboFix.exe

* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

.

-------\Legacy_MYWEBSEARCHSERVICE

-------\Legacy_XPROTECTOR

-------\Service_MyWebSearchService

-------\Service_XPROTECTOR

((((((((((((((((((((((((( Files Created from 2008-07-14 to 2008-08-14 )))))))))))))))))))))))))))))))

.

2008-08-14 10:05 . 2008-08-14 10:08 1,374 --a------ C:\WINDOWS\imsins.BAK

2008-08-13 17:05 . 2008-08-13 17:05

2008-08-13 16:00 . 2008-08-13 16:01

2008-08-13 16:00 . 2008-08-13 16:56

2008-08-13 13:54 . 2008-08-13 13:54

2008-08-13 10:59 . 2008-08-13 11:07

2008-08-13 09:28 . 2008-08-13 09:28

2008-08-12 20:31 . 2008-08-12 20:31

2008-08-12 19:19 . 2008-08-12 21:31

2008-08-12 19:18 . 2008-08-12 19:18

2008-08-12 19:18 . 2006-05-25 15:52 162,304 --a------ C:\WINDOWS\system32\ztvunrar36.dll

2008-08-12 19:18 . 2003-02-02 20:06 153,088 --a------ C:\WINDOWS\system32\UNRAR3.dll

2008-08-12 19:18 . 2005-08-26 01:50 77,312 --a------ C:\WINDOWS\system32\ztvunace26.dll

2008-08-12 19:18 . 2002-03-06 01:00 75,264 --a------ C:\WINDOWS\system32\unacev2.dll

2008-08-12 19:18 . 2006-06-19 13:01 69,632 --a------ C:\WINDOWS\system32\ztvcabinet.dll

2008-08-12 14:56 . 2008-08-12 14:57

2008-08-12 14:19 . 2008-08-12 14:19

2008-08-12 14:17 . 2008-08-12 14:17

2008-08-11 18:54 . 2008-08-11 18:54 2,325,304 --a------ C:\WINDOWS\system32\DK2INST.DLL

2008-08-11 18:54 . 2008-08-11 18:54 76,600 --a------ C:\WINDOWS\system32\dk2cp32.dll

2008-08-11 18:54 . 2008-08-11 18:54 49,720 --a------ C:\WINDOWS\system32\drivers\dk2drv.sys

2008-08-11 18:54 . 2008-08-11 18:54 32,208 --a------ C:\WINDOWS\system32\dk2win16.dll

2008-08-11 18:54 . 2008-08-11 18:54 30,520 --a------ C:\WINDOWS\system32\DK2UInst.exe

2008-08-11 18:54 . 2008-08-11 18:54 24,488 --a------ C:\WINDOWS\system32\dk2vdd.dll

2008-08-11 18:54 . 2008-08-11 18:54 18,360 --a------ C:\WINDOWS\system32\drivers\DK2USB.sys

2008-08-11 18:54 . 2008-08-11 18:54 10,503 --a------ C:\WINDOWS\system32\dk2cp32.hlp

2008-08-11 16:29 . 2008-08-11 16:29 60,216 --a------ C:\WINDOWS\system32\DESkey32.cpl

2008-08-11 16:29 . 2008-08-11 16:29 6,013 --a------ C:\WINDOWS\system32\DESkey32.hlp

2008-08-11 14:21 . 2008-08-11 14:21 92,984 --a------ C:\WINDOWS\system32\dkcpanel.exe

2008-08-11 14:21 . 2008-08-11 14:21 11,576 --a------ C:\WINDOWS\system32\DKCLINST.DLL

2008-08-11 12:33 . 2008-08-11 12:33

2008-08-11 10:53 . 2008-08-11 10:53

2008-08-11 10:35 . 2008-08-12 22:05

2008-08-11 10:31 . 2008-08-12 22:05

2008-08-10 18:50 . 2008-08-10 18:50 92,984 --a------ C:\WINDOWS\system32\DNClnt32.dll

2008-08-10 18:50 . 2008-08-10 18:50 89,400 --a------ C:\WINDOWS\system32\DNCP32.DLL

2008-08-10 18:50 . 2008-08-10 18:50 64,312 --a------ C:\WINDOWS\system32\vercp32.dll

2008-08-10 18:50 . 2008-08-10 18:50 9,227 --a------ C:\WINDOWS\system32\DNCP32.HLP

2008-08-10 17:11 . 2008-08-10 17:11

2008-08-10 15:30 . 2008-08-10 15:30

2008-08-10 10:55 . 2004-01-23 10:00 17,408 --a------ C:\WINDOWS\system32\drivers\hhkusb.sys

2008-08-10 10:54 . 2002-02-04 03:43 44,544 --------- C:\WINDOWS\system32\msxml4a.dll

2008-08-10 09:36 . 2008-08-10 09:36 41,888 --a------ C:\WINDOWS\system32\drivers\Oreans.sys

2008-08-09 20:28 . 2008-08-10 18:50 14,856 --a------ C:\WINDOWS\system32\drivers\dkpccard.sys

2008-08-09 20:28 . 2008-08-11 14:22 64 --a------ C:\WINDOWS\FLS1.INI

2008-08-09 15:17 . 2002-02-24 14:33 50 --a------ C:\SP.DEF

2008-08-09 13:43 . 2008-08-11 18:50

2008-08-09 12:52 . 2008-08-09 12:52 0 --a------ C:\WINDOWS\PPMManager.INI

2008-08-08 15:00 . 2006-08-29 16:56 32,377 --a------ C:\WINDOWS\system32\drivers\prodigy.sys

2008-08-06 21:13 . 2008-08-07 11:01

2008-08-06 18:26 . 2008-08-06 18:26 1,619 --a------ C:\WINDOWS\system32\sdbackup.reg

2008-08-06 10:35 . 2008-08-06 10:35

2008-08-06 10:35 . 2008-08-06 10:35 107,888 --a------ C:\WINDOWS\system32\CmdLineExt.dll

2008-08-05 10:29 . 2008-08-13 05:09

2008-08-05 10:29 . 2008-08-05 10:29 56 --ah----- C:\WINDOWS\system32\ezsidmv.dat

2008-08-05 10:27 . 2008-08-13 07:57

2008-08-02 14:06 . 2008-08-02 14:06 68 --a------ C:\WINDOWS\Awpr.ini

2008-07-31 19:01 . 2008-07-31 19:01

2008-07-31 18:59 . 2008-07-31 19:01

2008-07-31 18:59 . 2008-07-31 18:59

2008-07-31 18:58 . 2006-06-29 13:07 14,048 --------- C:\WINDOWS\system32\spmsg2.dll

2008-07-30 14:37 . 2008-07-30 14:37

2008-07-28 19:47 . 2008-08-04 12:14

2008-07-28 19:10 . 2008-07-28 19:19 203 --a------ C:\WINDOWS\GSdx9.INI

2008-07-28 18:25 . 2008-07-28 18:43 208 --a------ C:\WINDOWS\GSdx9 sse2.INI

2008-07-28 17:25 . 2008-07-28 17:25 46 --a------ C:\PEOPS.WAV

2008-07-25 10:31 . 2008-07-25 11:26

2008-07-24 10:13 . 2008-07-24 10:14 356,352 --a------ C:\WINDOWS\eSellerateEngine.dll

2008-07-22 22:09 . 2008-07-22 22:09

2008-07-22 21:16 . 2008-07-23 15:14

2008-07-22 13:18 . 2008-07-22 13:18

2008-07-22 13:18 . 1997-05-12 17:53 314,368 --a------ C:\WINDOWS\uninst.exe

2008-07-22 12:49 . 2007-07-30 19:19 271,224 --a------ C:\WINDOWS\system32\mucltui.dll

2008-07-22 12:49 . 2007-07-30 19:19 207,736 --a------ C:\WINDOWS\system32\muweb.dll

2008-07-22 12:49 . 2007-07-30 19:19 30,072 --a------ C:\WINDOWS\system32\mucltui.dll.mui

2008-07-22 08:44 . 2008-07-22 08:44 104,320 --a------ C:\WINDOWS\system32\drivers\ztemtusbser.sys

2008-07-21 18:55 . 2008-07-21 18:55

2008-07-21 18:54 . 2008-07-21 18:54

2008-07-21 15:42 . 2008-07-21 15:43 25,992 --a------ C:\WINDOWS\system32\pgdfgsvc.exe

2008-07-20 20:52 . 2008-07-20 20:52

2008-07-20 20:52 . 2000-05-22 22:58 608,448 --a------ C:\WINDOWS\system32\comctl32.ocx

2008-07-19 15:55 . 2008-07-19 15:55

2008-07-19 13:38 . 2008-07-19 13:38

2008-07-19 12:12 . 2008-07-19 12:42

2008-07-19 10:31 . 2008-07-19 10:31

2008-07-19 10:19 . 2006-03-15 14:00 218,624 --------- C:\WINDOWS\system32\uxtheme.backup

2008-07-19 09:55 . 2008-07-19 12:49 4 --a------ C:\WINDOWS\num41.jbd

2008-07-19 09:55 . 2008-07-19 12:49 4 --a------ C:\WINDOWS\info147.sys

2008-07-18 12:46 . 2008-07-18 12:46

2008-07-18 12:29 . 2008-07-18 12:29

2008-07-18 12:13 . 2008-07-25 18:49

2008-07-18 12:01 . 2008-08-13 08:08

2008-07-17 21:03 . 2008-07-20 16:41 65 --a------ C:\WINDOWS\syntalk.INI

2008-07-17 20:51 . 1996-05-01 00:00 18,944 --a------ C:\WINDOWS\system32\browse32.dll

2008-07-17 20:30 . 2008-08-11 17:02

2008-07-17 18:59 . 2008-07-17 18:59

2008-07-17 17:32 . 2008-08-11 13:36 54,156 --ah----- C:\WINDOWS\QTFont.qfn

2008-07-17 17:32 . 2008-07-17 17:32 1,409 --------- C:\WINDOWS\QTFont.for

2008-07-17 16:57 . 2000-05-22 17:58 647,872 --a------ C:\WINDOWS\system32\mscomct2.ocx

2008-07-17 16:57 . 1999-03-26 00:00 101,888 --a------ C:\WINDOWS\system32\vb6stkit.dll

2008-07-17 16:20 . 2003-08-05 14:23 266,240 --a------ C:\WINDOWS\CMIUninstall.exe

2008-07-17 16:20 . 2002-10-18 15:56 28,672 --a------ C:\WINDOWS\CMIRmDriver.dll

2008-07-17 16:20 . 2008-07-17 16:20 92 --a------ C:\WINDOWS\CMISETUP.INI

2008-07-17 16:20 . 2008-07-17 20:59 61 --a------ C:\WINDOWS\Wininit.ini

2008-07-17 16:20 . 2008-07-17 16:20 26 --a------ C:\WINDOWS\CMCDPLAY.INI

2008-07-17 11:59 . 2008-07-22 21:21 151 --a------ C:\WINDOWS\PhotoSnapViewer.INI

2008-07-16 13:34 . 2008-07-16 13:34

2008-07-15 20:41 . 2008-07-28 11:46

2008-07-15 20:37 . 2008-07-15 20:37

2008-07-15 20:37 . 2008-07-15 20:39

2008-07-15 18:03 . 2008-06-23 18:57 6,066,176 -----c— C:\WINDOWS\system32\dllcache\ieframe.dll

2008-07-15 18:03 . 2007-04-17 11:32 2,455,488 -----c— C:\WINDOWS\system32\dllcache\ieapfltr.dat

2008-07-15 18:03 . 2007-03-08 07:10 991,232 -----c— C:\WINDOWS\system32\dllcache\ieframe.dll.mui

2008-07-15 18:03 . 2008-06-23 18:57 459,264 -----c— C:\WINDOWS\system32\dllcache\msfeeds.dll

2008-07-15 18:03 . 2008-06-23 18:57 383,488 -----c— C:\WINDOWS\system32\dllcache\ieapfltr.dll

2008-07-15 18:03 . 2008-06-23 18:57 267,776 -----c— C:\WINDOWS\system32\dllcache\iertutil.dll

2008-07-15 18:03 . 2008-06-23 18:57 63,488 -----c— C:\WINDOWS\system32\dllcache\icardie.dll

2008-07-15 18:03 . 2008-06-23 18:57 52,224 -----c— C:\WINDOWS\system32\dllcache\msfeedsbs.dll

2008-07-15 18:03 . 2008-06-23 11:20 13,824 -----c— C:\WINDOWS\system32\dllcache\ieudinit.exe

2008-07-14 17:36 . 2006-10-26 19:56 32,592 --a------ C:\WINDOWS\system32\msonpmon.dll

2008-07-14 17:34 . 2008-07-14 17:34

2008-07-14 17:33 . 2008-07-31 18:59

2008-07-14 17:32 . 2008-07-14 17:32

2008-07-14 17:29 . 2008-07-14 17:33

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2008-08-14 08:41 778,272 --sha-w C:\WINDOWS\system32\drivers\fidbox2.dat

2008-08-14 08:41 3,740 --sha-w C:\WINDOWS\system32\drivers\fidbox2.idx

2008-08-14 08:39 3,501,600 --sha-w C:\WINDOWS\system32\drivers\fidbox.dat

2008-08-14 08:39 28,436 --sha-w C:\WINDOWS\system32\drivers\fidbox.idx

2008-08-14 08:12 --------- d-----w C:\Documents and Settings\All Users\Application Data\Kaspersky Lab

2008-08-13 10:34 --------- d-----w C:\Documents and Settings\robert i anetka\Application Data\Nowe Gadu-Gadu

2008-08-13 05:54 --------- d–h--w C:\Program Files\InstallShield Installation Information

2008-08-10 08:02 --------- d-----w C:\Documents and Settings\All Users\Application Data\Downloaded Installations

2008-08-09 07:59 --------- d-----w C:\Documents and Settings\All Users\Application Data\Installations

2008-08-09 07:31 --------- d-----w C:\Documents and Settings\robert i anetka\Application Data\DataLayer

2008-08-06 17:22 96,976 ----a-w C:\WINDOWS\system32\drivers\klin.dat

2008-07-24 13:46 87,855 ----a-w C:\WINDOWS\system32\drivers\klick.dat

2008-07-23 16:55 --------- d-----w C:\Program Files\Java

2008-07-21 16:54 --------- d-----w C:\Program Files\Common Files\Real

2008-07-20 18:25 8,972 ----a-w C:\unins000.dat

2008-07-20 15:26 81,920 ----a-w C:\Documents and Settings\robert i anetka\Application Data\ezpinst.exe

2008-07-20 15:26 47,360 ----a-w C:\WINDOWS\system32\drivers\pcouffin.sys

2008-07-20 15:26 47,360 ----a-w C:\Documents and Settings\robert i anetka\Application Data\pcouffin.sys

2008-07-13 18:50 --------- d-----w C:\Documents and Settings\All Users\Application Data\MumboJumbo

2008-07-13 17:48 --------- d-----w C:\Program Files\ACE Mega CoDecS Pack

2008-07-13 16:28 --------- d-----w C:\Program Files\QuickTime Alternative

2008-07-13 16:28 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple Computer

2008-07-13 16:27 --------- d-----w C:\Program Files\Media Player Classic

2008-07-13 15:22 --------- d-----w C:\Documents and Settings\robert i anetka\Application Data\DAEMON Tools

2008-07-13 15:06 715,248 ----a-w C:\WINDOWS\system32\drivers\sptd.sys

2008-07-13 08:30 --------- d-----w C:\Documents and Settings\robert i anetka\Application Data\MozillaControl

2008-07-12 17:53 --------- d-----w C:\Documents and Settings\robert i anetka\Application Data\Media Player Classic

2008-07-12 09:32 --------- d-----w C:\Documents and Settings\robert i anetka\Application Data\Winamp

2008-07-11 19:39 --------- d-----w C:\Program Files\MSXML 4.0

2008-07-11 14:05 --------- d-----w C:\Program Files\RaimaRadioPro

2008-07-11 08:50 0 —h–w C:\WINDOWS\system32\drivers\Msft_Kernel_ccdcmb_01005.Wdf

2008-07-11 08:49 0 —h–w C:\WINDOWS\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf

2008-07-11 08:42 --------- d-----w C:\Documents and Settings\All Users\Application Data\Nokia

2008-07-11 08:38 --------- d-----w C:\Program Files\MSXML 6.0

2008-07-11 08:36 --------- d-----w C:\Program Files\DIFX

2008-07-11 08:36 --------- d-----w C:\Documents and Settings\All Users\Application Data\PC Suite

2008-07-10 19:00 --------- d-----w C:\Documents and Settings\robert i anetka\Application Data\RaimaRadioPro

2008-07-10 14:07 9,472 ----a-w C:\WINDOWS\system32\drivers\lemsgt.sys

2008-07-10 14:07 137,344 ----a-w C:\WINDOWS\system32\drivers\hwpsgt.sys

2008-07-10 13:26 --------- d-----w C:\Documents and Settings\All Users\Application Data\SRS Labs

2008-07-10 13:25 --------- d-----w C:\Program Files\SRS Labs

2008-07-10 11:19 --------- d-----w C:\Documents and Settings\robert i anetka\Application Data\Ahead

2008-07-10 11:11 --------- d-----w C:\Documents and Settings\robert i anetka\Application Data\HP

2008-07-10 11:11 --------- d-----w C:\Documents and Settings\All Users\Application Data\HP

2008-07-10 11:09 --------- d-----w C:\Program Files\Common Files\Sonic Shared

2008-07-10 11:09 --------- d-----w C:\Documents and Settings\All Users\Application Data\Sonic

2008-07-10 11:08 --------- d-----w C:\Program Files\Common Files\HP

2008-07-10 11:06 --------- d-----w C:\Program Files\HP

2008-07-10 11:06 --------- d-----w C:\Program Files\Hewlett-Packard

2008-07-10 11:05 --------- d-----w C:\Program Files\Common Files\Hewlett-Packard

2008-07-10 10:26 --------- d-----w C:\Program Files\Ares

2008-07-10 10:17 --------- d-----w C:\Program Files\Winamp

2008-07-10 10:08 --------- d-----w C:\Program Files\Ahead

2008-07-10 10:04 --------- d-----w C:\Program Files\Common Files\Nero

2008-07-10 10:01 --------- d-----w C:\Documents and Settings\All Users\Application Data\Ahead

2008-07-10 10:00 --------- d-----w C:\Program Files\Common Files\Ahead

2008-07-10 01:38 --------- d-----w C:\Program Files\SAGEM WiFi manager

2008-07-10 01:38 --------- d-----w C:\Program Files\SAGEM

2008-07-10 01:38 --------- d-----w C:\Documents and Settings\robert i anetka\Application Data\InstallShield

2008-07-10 01:37 --------- d-----w C:\Program Files\Common Files\InstallShield

2008-07-10 01:35 724,992 ----a-w C:\WINDOWS\iun6002.exe

2008-07-10 01:31 --------- d-----w C:\Program Files\AvRack

2008-07-10 01:30 --------- d-----w C:\Program Files\Realtek AC97

2008-07-10 01:27 57,344 ----a-w C:\WINDOWS\WNMHINDR.EXE

2008-07-10 01:27 --------- d-----w C:\Program Files\Home Media Networks Limited

2008-07-10 01:14 --------- d-----w C:\Program Files\VIA

2008-07-10 01:05 --------- d-----w C:\Program Files\Windows XP MUI Pack

2008-07-10 00:41 --------- d-----w C:\Program Files\microsoft frontpage

2008-07-10 00:35 --------- d-----w C:\Program Files\Windows Plus

2008-07-09 18:49 --------- d-----w C:\Documents and Settings\robert i anetka\Application Data\Gadu-Gadu

2008-07-09 18:15 --------- d-----w C:\Program Files\Sun

2008-07-09 18:11 --------- d-----w C:\Program Files\Common Files\Java

2008-07-09 17:06 --------- d-----w C:\Program Files\Kaspersky Lab

2008-07-09 17:06 --------- d-----w C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files

2008-06-20 10:45 360,320 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys

2008-06-20 10:44 138,368 ----a-w C:\WINDOWS\system32\drivers\afd.sys

2008-06-20 09:52 225,920 ----a-w C:\WINDOWS\system32\drivers\tcpip6.sys

.

robert197648 · 14 Sierpień 2008 09:26

czy teraz dobrze?

huber2t · 14 Sierpień 2008 09:27

W tej częsci logu nic nie widze

Przesknauj combofxiem ponownie i daj log na wklejto.pl

robert197648 · 14 Sierpień 2008 09:54

Wielkie dzieki huber2t komp juz mi dobrze działa!

Gutek · 14 Sierpień 2008 09:57

Nie pisz posta pod postem

huber2t · 14 Sierpień 2008 19:05

Log wyglada na czysty

usuń ręcznie folder C: \Qoobox , usuń instalkę Combofix z dysku.

Przeczyść komputer Ccleanerem

Wykonaj optymalizację autostartu

Wyłącz i włącz przywracanie systemu na wszystkich dyskach. Instrukcja

Przeskanuj obszar mojego komputera http://www.kaspersky.pl/virusscanner.html (uruchom przez IE) Daj raport z niego na forum

lub

Dr.WEB CureIt!