Problemy z plikami exe


(Andrzejbis1) #1

Nie mogę odtwarzać prawidłowo plików typu Flash . Wiem , że mam problemy z plikami exe . Zainstalowałem HiJackThis.exe. Po uruchomieniu wygenerował mi następującego loga :

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 16:10:36, on 10-09-2008

Platform: Windows XP Dodatek SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16705)

Boot mode: Normal


Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\csrss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Windows Defender\MsMpEng.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe

C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

C:\Program Files\Alwil Software\Avast4\ashServ.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\WINDOWS\System32\FTRTSVC.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Common Files\LightScribe\LSSrvc.exe

C:\Program Files\Common Files\NMSAccessU.exe

C:\WINDOWS\system32\oodag.exe

C:\Program Files\CyberLink\Shared Files\RichVideo.exe

C:\Program Files\Spyware Doctor\pctsAuxs.exe

C:\Program Files\Spyware Doctor\pctsSvc.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\SearchIndexer.exe

C:\Program Files\Windows Media Player\WMPNetwk.exe

C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

C:\WINDOWS\System32\alg.exe

C:\Program Files\Wireless Console 2\wcourier.exe

C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe

C:\Program Files\Windows Defender\MSASCui.exe

C:\Program Files\Google\Gmail Notifier\gnotify.exe

C:\WINDOWS\ATK0100\HControl.exe

C:\Program Files\ASUS\Splendid\ACMON.exe

C:\Program Files\Spyware Doctor\pctsTray.exe

C:\PROGRA~1\NEOSTR~1\TaskBarIcon.exe

C:\WINDOWS\system32\ACEngSvr.exe

C:\WINDOWS\ATK0100\ATKOSD.exe

C:\Program Files\Alwil Software\Avast4\ashDisp.exe

C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

C:\WINDOWS\sm56hlpr.exe

C:\Program Files\Winamp\winampa.exe

C:\Program Files\ClocX\ClocX.exe

c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE

C:\WINDOWS\system32\ASUSTPE.exe

C:\PROGRA~1\MYWEBS~1\bar\2.bin\mwsoemon.exe

C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe

C:\Program Files\Skype\Phone\Skype.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Stardock\CursorFX\CursorFX.exe

C:\Program Files\Software Informer\softinfo.exe

C:\Program Files\Windows Media Player\WMPNSCFG.exe

C:\Program Files\ASUS\Asus MultiFrame\MultiFrame.exe

C:\Program Files\SAGEM WiFi manager\WLANUTL.exe

C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

C:\Program Files\Windows Desktop Search\WindowsSearch.exe

C:\Program Files\Secunia\NSI\nsi.exe

C:\Program Files\Secunia\PSI (RC3)\psi.exe

c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe

C:\Program Files\Skype\Plugin Manager\skypePM.exe

C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe

C:\Program Files\Spyware Doctor\update.exe

C:\WINDOWS\system32\wuauclt.exe

C:\WINDOWS\explorer.exe

C:\PROGRA~1\FREEDO~1\fdm.exe

C:\Program Files\Avant Browser\avant.exe

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

C:\WINDOWS\system32\wbem\wmiprvse.exe


R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.interia.pl/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = 

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = neostrada tp

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza

R3 - URLSearchHook: Winamp Search Class - {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll

R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - (no file)

R3 - URLSearchHook: Freecorder Toolbar - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - (no file)

R3 - URLSearchHook: (no name) - {9CB65206-89C4-402c-BA80-02D8C59F9B1D} - C:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL

R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\NEOSTR~1\SEARCH~1.DLL

R3 - URLSearchHook: (no name) - {0579B4B6-0293-4d73-B02D-5EBB0BA0F0A2} - C:\Program Files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL

R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - (no file)

O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

O2 - BHO: Ask Search Assistant BHO - {0579B4B1-0293-4d73-B02D-5EBB0BA0F0A2} - C:\Program Files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\2.bin\MWSBAR.DLL

O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll

O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll

O2 - BHO: Pomocnik rejestracji usługi Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Ask Search Assistant BHO - {9CB65201-89C4-402c-BA80-02D8C59F9B1D} - C:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.0.1225.9868\swg.dll

O2 - BHO: IeMonitorBho Class - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll

O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll

O2 - BHO: MSN Toolbar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN\Toolbar\3.0.0311.0\msneshellx.dll

O2 - BHO: Ask Toolbar BHO - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL

O2 - BHO: Ask Toolbar BHO - {FE063DB1-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL

O3 - Toolbar: My Web Search - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\2.bin\MWSBAR.DLL

O3 - Toolbar: Ask Toolbar - {FE063DB9-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL

O3 - Toolbar: Ask Toolbar - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll

O3 - Toolbar: MSN Toolbar - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - C:\Program Files\MSN\Toolbar\3.0.0311.0\msneshellx.dll

O3 - Toolbar: Toolbar Interia - {16D5F452-7D61-41EE-BDB4-8EFCFDF3218D} - C:\Program Files\INTERIAPL\Interia_Toolbar\toolbar.dll

O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll

O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

O4 - HKLM\..\Run: [Synchronization Manager] %SystemRoot%\system32\mobsync.exe /logon

O4 - HKLM\..\Run: [Wireless Console 2] C:\Program Files\Wireless Console 2\wcourier.exe

O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"

O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide

O4 - HKLM\..\Run: [ATICCC] C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe

O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\gnotify.exe

O4 - HKLM\..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe

O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE

O4 - HKLM\..\Run: [ACMON] C:\Program Files\ASUS\Splendid\ACMON.exe

O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\NEOSTR~1\Watch.exe

O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\NEOSTR~1\GestMaj.exe TaskBarIcon.exe

O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"

O4 - HKLM\..\Run: [avast!] "C:\Program Files\Alwil Software\Avast4\ashDisp.exe"

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [SMSERIAL] C:\WINDOWS\sm56hlpr.exe

O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"

O4 - HKLM\..\Run: [ClocX] C:\Program Files\ClocX\ClocX.exe

O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"

O4 - HKLM\..\Run: [SW CfgWiz] "C:\Program Files\Common Files\Symantec Shared\OPC\{31011D49-D90C-4da0-878B-78D28AD507AF}\cfgwiz.exe" /GUID {E90B1832-3097-4d1c-93D1-D5332BA287A0} /MODE CfgWiz /CMDLINE "REBOOT"

O4 - HKLM\..\Run: [My Web Search Bar Search Scope Monitor] "C:\PROGRA~1\MYWEBS~1\bar\2.bin\m3SrchMn.exe" /m=2 /w

O4 - HKCU\..\Run: [StartCCC] c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe

O4 - HKCU\..\Run: [ASUSTPE] C:\WINDOWS\system32\ASUSTPE.exe

O4 - HKCU\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\2.bin\mwsoemon.exe

O4 - HKCU\..\Run: [RocketDock] "C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe"

O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [CursorFX] "C:\Program Files\Stardock\CursorFX\CursorFX.exe"

O4 - HKCU\..\Run: [Free Download Manager] "C:\Program Files\Free Download Manager\fdm.exe" -autorun

O4 - HKCU\..\Run: [Software Informer] C:\Program Files\Software Informer\softinfo.exe -autorun

O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA LOKALNA')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA SIECIOWA')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\S-1-5-18\..\RunOnce: [Magnify] Magnify.exe (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - HKUS\.DEFAULT\..\RunOnce: [Magnify] Magnify.exe (User 'Default user')

O4 - .DEFAULT User Startup: CCC.lnk = ? (User 'Default user')

O4 - Startup: AutorunsDisabled

O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe

O4 - Startup: Secunia NSI.lnk = C:\Program Files\Secunia\NSI\nsi.exe

O4 - Startup: Secunia PSI (RC3).lnk = C:\Program Files\Secunia\PSI (RC3)\psi.exe

O4 - Startup: Adobe Media Player.lnk = C:\Program Files\Adobe Media Player\Adobe Media Player.exe

O4 - Global Startup: AutorunsDisabled

O4 - Global Startup: MultiFrame.lnk = ?

O4 - Global Startup: Program sieciowy dla SAGEM Wi-Fi 11g USB adapter.lnk = ?

O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZRfox000

O8 - Extra context menu item: &Winamp Search - C:\Documents and Settings\All Users\Dane aplikacji\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html

O8 - Extra context menu item: Pobierz plik wideo we Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm

O8 - Extra context menu item: Pobierz w Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm

O8 - Extra context menu item: Pobierz wszystkie pliki w Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm

O8 - Extra context menu item: Pobierz za pomocą Mega Manager... - C:\Program Files\Megaupload\Mega Manager\mm_file.htm

O8 - Extra context menu item: Pobierz zaznaczone w Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm

O9 - Extra button: (no name) - AutorunsDisabled - (no file)

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll

O9 - Extra button: Express Cleanup - {5E638779-1818-4754-A595-EF1C63B87A56} - C:\Program Files\Norton SystemWorks\Norton Cleanup\WCQuick.lnk (file missing)

O9 - Extra 'Tools' menuitem: Express Cleanup - {5E638779-1818-4754-A595-EF1C63B87A56} - C:\Program Files\Norton SystemWorks\Norton Cleanup\WCQuick.lnk (file missing)

O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: eBay - Homepage - {EF79EAC5-3452-4E02-B8BD-BA4C89F1AC7A} - C:\Program Files\IrfanView\Ebay\Ebay.htm

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O14 - IERESET.INF: START_PAGE_URL=http://www.asus.com

O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} (asusTek_sysctrl Class) - http://support.asus.com/common/asusTek_sys_ctrl.cab

O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll

O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com/products/acrobat/nos/gp.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{741354FD-91B5-4564-9EEE-CDE5A2870523}: NameServer = 212.87.0.37

O17 - HKLM\System\CCS\Services\Tcpip\..\{79E4EBA0-359A-4F72-9723-80790EC06969}: NameServer = 168.95.1.1

O17 - HKLM\System\CCS\Services\Tcpip\..\{BA645D73-B98B-4AE9-B005-08CDAD71D9D3}: NameServer = 212.87.0.37

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O23 - Service: Urządzenie mobilne Apple (Apple Mobile Device) - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

O23 - Service: Diskeeper - Unknown owner - C:\Program Files\Executive Software\DiskeeperLite\DKService.exe (file missing)

O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: Harmonogram automatycznej usługi LiveUpdate - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe

O23 - Service: LiveUpdate - Unknown owner - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE (file missing)

O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe

O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\Common Files\NMSAccessU.exe

O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe

O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe

O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe

O23 - Service: Speed Disk service - Unknown owner - C:\PROGRA~1\NORTON~2\NORTON~1\SPEEDD~1\NOPDB.EXE (file missing)

O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe


--

End of file - 19879 bytes

Czy mógłbym prosić DOBREGO ZNAWCĘ TEGO TEMATU o pomoc w interpretacji tego loga ? Co jest niezbędne i konieczne do prawidłowego funkcjonowania mojego laptopa (WinXP Home , SP2 , SP 3 )a co należy usunąć , gdyż podejrzewam , że mam coś zainfekowane ? Bardzo proszę o pomoc , bo leżę .


(huber2t) #2

fix w hijackthis

Pobierz ComboFix, ale nie uruchamiaj

Otwórz notatnik i wklej do niego:

Folder::

C:\Program Files\AskSBar

Plik -> zapisz jako -> CFScript.txt.

Przeciągnij i upuść ikonkę CFScript.txt na ikonkę ComboFix.exe tak jak tu->

cfscript10uc2.gif

Rozpocznie się usuwanie i powstanie log, który dasz na forum.

Logi dajesz na http://wklej.eu lub na http://wklej.org a w poście dajesz tylko link


(Andrzejbis1) #3

Jestem "cienki" w tym , więc jeszcze raz spytam :Wymienione pozycje odhaczyć (fix w hijackthis) a potem

zabawa z Combo Fix-em - czy ta kolejność ?


(huber2t) #4

Tak

:slight_smile:


(Andrzejbis1) #5

Zrobiłem wszystko po kolei i wyskoczył mi taki komunikat :

Were you trying to run CFScript ?

The name , CFScript appears to be incorrectly spelt

OK

Co to oznacza i co mam robić dalej ?


(huber2t) #6

Kliknij Tak


(Andrzejbis1) #7

Kliknąłem dwa razy i nic więcej się nie wyświetliło .


(system) #8

W HijackThis istnieje wiele wpisów z Norton SystemWorks. Ten program raczej na 100% odinstalowałeś. Jeżeli tak, to zastosuj Norton Removal Tool, aby usunąć pozostałości po nim.

Przed uruchomieniem ComboFix koniecznie wyłącz ochronę rezydentną Avasta!

Sprawdź to:

  1. Mój komputer >>> Narzędzia >>> Opcje folderów >>> Widok >>> odznacz Ukrywaj rozszerzenia dla znanych typów plików.

  2. Teraz sprawdź czy na pewno plik ma nazwę CFSCript.txt , a nie np. CFScript.txt.txt. Jeśli ma podwójne rozszerzenie to usuń je.

  3. Następnie prawy klik na plik CFSCript.txt i z menu kontekstowego wybierz opcję Otwórz za pomocą. Jako program wskaż ComboFix.exe (ale nie zaznaczaj opcji "Zawsze używaj tego programu do otwierania"!).

Może powiesz coś więcej na ten temat.


(Andrzejbis1) #9

Zrobiłem wszystko w/g Twojej Barnaba instrukcji . Dalej wyskakiwał mi napis :Zrobiłem wszystko po kolei i wyskoczył mi taki komunikat :

Were you trying to run CFScript ?

The name , CFScript appears to be incorrectly spelt

OK

Nazwa pliku się też zgadza . Uruchomiłem Combo Fix i ten wygenerował mi takiego loga :

ComboFix 08-09-10.02 - Janina Gajaszek 2008-09-11 18:12:50.1 - FAT32 x86

Microsoft Windows XP Home Edition 5.1.2600.3.1250.1.1045.18.380 [GMT 2:00]

Running from: C:\Downloads\Software\ComboFix.exe

* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED!!

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

C:\Program Files\FunWebProducts

C:\Program Files\FunWebProducts\ScreenSaver\Cache\00288162.swf

C:\Program Files\FunWebProducts\ScreenSaver\Cache\002ECDEF

C:\Program Files\FunWebProducts\ScreenSaver\Cache\files.ini

C:\Program Files\FunWebProducts\ScreenSaver\Images\000FA55F.urr

C:\Program Files\FunWebProducts\ScreenSaver\Images\00287F6E.urr

C:\Program Files\FunWebProducts\ScreenSaver\Images\0028CA42.dat

C:\Program Files\FunWebProducts\ScreenSaver\Images\002F7088.dat

C:\Program Files\FunWebProducts\ScreenSaver\Images\wrkparam.lst

C:\Program Files\FunWebProducts\Shared\0065B0B7.dat

C:\Program Files\FunWebProducts\Shared\0138EC37.dat

C:\Program Files\FunWebProducts\Shared\Cache\CursorManiaBtn.html

C:\Program Files\FunWebProducts\Shared\Cache\SmileyCentralBtn.html

C:\Program Files\MyWebSearch

C:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE

C:\Program Files\MyWebSearch\bar\1.bin\MWSOESTB.DLL

C:\Program Files\MyWebSearch\bar\2.bin\F3BKGERR.JPG

C:\Program Files\MyWebSearch\bar\2.bin\F3BROVLY.DLL

C:\Program Files\MyWebSearch\bar\2.bin\F3CJPEG.DLL

C:\Program Files\MyWebSearch\bar\2.bin\F3HISTSW.DLL

C:\Program Files\MyWebSearch\bar\2.bin\F3HTMLMU.DLL

C:\Program Files\MyWebSearch\bar\2.bin\F3HTTPCT.DLL

C:\Program Files\MyWebSearch\bar\2.bin\F3IMSTUB.DLL

C:\Program Files\MyWebSearch\bar\2.bin\F3POPSWT.DLL

C:\Program Files\MyWebSearch\bar\2.bin\F3PSSAVR.SCR

C:\Program Files\MyWebSearch\bar\2.bin\F3REPROX.DLL

C:\Program Files\MyWebSearch\bar\2.bin\F3RESTUB.DLL

C:\Program Files\MyWebSearch\bar\2.bin\F3SCHMON.EXE

C:\Program Files\MyWebSearch\bar\2.bin\F3SCRCTR.DLL

C:\Program Files\MyWebSearch\bar\2.bin\F3SHLLVW.DLL

C:\Program Files\MyWebSearch\bar\2.bin\F3SPACER.WMV

C:\Program Files\MyWebSearch\bar\2.bin\F3WALLPP.DAT

C:\Program Files\MyWebSearch\bar\2.bin\F3WPHOOK.DLL

C:\Program Files\MyWebSearch\bar\2.bin\M3FFXTBR.JAR

C:\Program Files\MyWebSearch\bar\2.bin\M3FFXTBR.MANIFEST

C:\Program Files\MyWebSearch\bar\2.bin\M3HTML.DLL

C:\Program Files\MyWebSearch\bar\2.bin\M3IDLE.DLL

C:\Program Files\MyWebSearch\bar\2.bin\M3IMPIPE.EXE

C:\Program Files\MyWebSearch\bar\2.bin\M3MSG.DLL

C:\Program Files\MyWebSearch\bar\2.bin\M3NTSTBR.JAR

C:\Program Files\MyWebSearch\bar\2.bin\M3NTSTBR.MANIFEST

C:\Program Files\MyWebSearch\bar\2.bin\M3OUTLCN.DLL

C:\Program Files\MyWebSearch\bar\2.bin\M3PLUGIN.DLL

C:\Program Files\MyWebSearch\bar\2.bin\M3SKIN.DLL

C:\Program Files\MyWebSearch\bar\2.bin\M3SKPLAY.EXE

C:\Program Files\MyWebSearch\bar\2.bin\M3SLSRCH.EXE

C:\Program Files\MyWebSearch\bar\2.bin\MWSOEMON.EXE

C:\Program Files\MyWebSearch\bar\2.bin\MWSOESTB.DLL

C:\Program Files\MyWebSearch\bar\Avatar\COMMON.F3S

C:\Program Files\MyWebSearch\bar\Cache\000EC63A

C:\Program Files\MyWebSearch\bar\Cache\02A9B0B2.bin

C:\Program Files\MyWebSearch\bar\Cache\02A9BE0F.bin

C:\Program Files\MyWebSearch\bar\Cache\02A9C061.bin

C:\Program Files\MyWebSearch\bar\Cache\02A9C301.bin

C:\Program Files\MyWebSearch\bar\Cache\files.ini

C:\Program Files\MyWebSearch\bar\Game\CHECKERS.F3S

C:\Program Files\MyWebSearch\bar\Game\CHESS.F3S

C:\Program Files\MyWebSearch\bar\Game\REVERSI.F3S

C:\Program Files\MyWebSearch\bar\History\search2

C:\Program Files\MyWebSearch\bar\icons\CM.ICO

C:\Program Files\MyWebSearch\bar\icons\MFC.ICO

C:\Program Files\MyWebSearch\bar\icons\PSS.ICO

C:\Program Files\MyWebSearch\bar\icons\SMILEY.ICO

C:\Program Files\MyWebSearch\bar\icons\WB.ICO

C:\Program Files\MyWebSearch\bar\icons\ZWINKY.ICO

C:\Program Files\MyWebSearch\bar\Message\COMMON.F3S

C:\Program Files\MyWebSearch\bar\Message\COMMON\ask_logo.gif

C:\Program Files\MyWebSearch\bar\Message\COMMON\autoup.gif

C:\Program Files\MyWebSearch\bar\Message\COMMON\autoup.htm

C:\Program Files\MyWebSearch\bar\Message\COMMON\center.htm

C:\Program Files\MyWebSearch\bar\Message\COMMON\index.htm

C:\Program Files\MyWebSearch\bar\Message\COMMON\mid_dots.gif

C:\Program Files\MyWebSearch\bar\Message\COMMON\mws_logo.gif

C:\Program Files\MyWebSearch\bar\Message\COMMON\protect.htm

C:\Program Files\MyWebSearch\bar\Message\COMMON\shocked.gif

C:\Program Files\MyWebSearch\bar\Message\COMMON\stop.gif

C:\Program Files\MyWebSearch\bar\Message\COMMON\systray.htm

C:\Program Files\MyWebSearch\bar\Message\COMMON\systrayp.htm

C:\Program Files\MyWebSearch\bar\Message\COMMON\tp_grad.gif

C:\Program Files\MyWebSearch\bar\Message\COMMON\warn.gif

C:\Program Files\MyWebSearch\bar\Notifier\COMMON.F3S

C:\Program Files\MyWebSearch\bar\Notifier\DOG.F3S

C:\Program Files\MyWebSearch\bar\Notifier\FISH.F3S

C:\Program Files\MyWebSearch\bar\Notifier\KUNGFU.F3S

C:\Program Files\MyWebSearch\bar\Notifier\LIFEGARD.F3S

C:\Program Files\MyWebSearch\bar\Notifier\MAID.F3S

C:\Program Files\MyWebSearch\bar\Notifier\MAILBOX.F3S

C:\Program Files\MyWebSearch\bar\Notifier\OPERA.F3S

C:\Program Files\MyWebSearch\bar\Notifier\ROBOT.F3S

C:\Program Files\MyWebSearch\bar\Notifier\SEDUCT.F3S

C:\Program Files\MyWebSearch\bar\Notifier\SURFER.F3S

C:\Program Files\MyWebSearch\bar\Settings\prevcfg2.htm

C:\Program Files\MyWebSearch\bar\Settings\s_pid.dat

C:\Program Files\MyWebSearch\bar\Settings\setting2.htm

C:\Program Files\MyWebSearch\bar\Settings\settings.dat

C:\Program Files\MyWebSearch\SrchAstt\4.bin\MWSSRCAS.DLL

C:\WINDOWS\system32_000005_.tmp.dll

C:\WINDOWS\system32_000006_.tmp.dll

C:\WINDOWS\system32_000007_.tmp.dll

C:\WINDOWS\system32_000008_.tmp.dll

C:\WINDOWS\system32_000009_.tmp.dll

C:\WINDOWS\system32_000010_.tmp.dll

C:\WINDOWS\system32_000011_.tmp.dll

C:\WINDOWS\system32_000012_.tmp.dll

C:\WINDOWS\system32_000025_.tmp.dll

C:\WINDOWS\system32\f3PSSavr.scr

D:\Autorun.inf

.

((((((((((((((((((((((((( Files Created from 2008-08-11 to 2008-09-11 )))))))))))))))))))))))))))))))

.

2008-09-11 17:55 . 2008-09-11 17:55

2008-09-10 19:13 . 2008-09-10 19:13 1,374 --a------ C:\WINDOWS\imsins.BAK

2008-09-10 15:53 . 2008-09-10 15:53

2008-09-09 08:42 . 2008-09-09 08:42

2008-09-09 08:42 . 2008-09-09 08:42

2008-09-08 21:43 . 2008-09-08 21:43

2008-09-08 21:02 . 2008-09-08 21:02

2008-09-08 20:51 . 2008-09-08 20:51

2008-09-08 20:38 . 2008-09-08 20:38

2008-09-08 19:19 . 2008-09-08 19:20

2008-09-08 19:15 . 2008-09-08 19:15

2008-09-08 19:15 . 2008-09-08 19:15

2008-09-08 17:42 . 2008-09-08 17:42

2008-09-08 17:39 . 2008-09-08 17:39

2008-09-08 17:33 . 2008-09-08 17:33

2008-09-08 14:26 . 2008-09-08 14:26

2008-09-07 07:30 . 2008-09-07 07:30

2008-09-05 17:15 . 2008-09-05 17:15

2008-09-05 17:14 . 2008-09-05 17:14

2008-09-05 17:13 . 2008-09-05 17:13

2008-09-05 17:13 . 2008-09-05 17:14

2008-09-05 17:13 . 2008-09-05 17:13

2008-09-04 18:18 . 2008-09-04 18:18

2008-08-31 19:48 . 2008-08-31 19:48

2008-08-31 17:03 . 2008-08-31 17:03

2008-08-31 14:01 . 2008-08-31 14:01

2008-08-31 13:24 . 2008-08-31 13:24

2008-08-31 12:20 . 2008-08-31 12:20

2008-08-31 11:31 . 2008-08-31 11:31

2008-08-31 11:30 . 2008-08-31 11:30

2008-08-29 12:52 . 2008-08-29 12:52

2008-08-28 17:45 . 2008-08-28 17:45

2008-08-28 17:45 . 2006-08-24 15:37 33,792 --a------ C:\WINDOWS\system32\drivers\AmdTools.sys

2008-08-28 13:21 . 2008-08-28 13:21

2008-08-28 13:03 . 2008-08-28 13:03

2008-08-25 17:04 . 2008-08-25 17:05

2008-08-24 18:01 . 2008-08-24 18:01

2008-08-24 18:01 . 2008-08-24 18:01

2008-08-24 18:01 . 2008-08-24 18:01

2008-08-24 17:56 . 2008-08-24 17:56

2008-08-24 17:56 . 2008-08-24 17:56

2008-08-24 17:07 . 2008-08-24 17:07

2008-08-24 16:37 . 2008-09-08 22:13 23,392 --a------ C:\WINDOWS\system32\nscompat.tlb

2008-08-24 16:37 . 2008-09-08 22:13 16,832 --a------ C:\WINDOWS\system32\amcompat.tlb

2008-08-24 12:08 . 2008-08-24 12:08

2008-08-23 20:41 . 2008-07-22 17:00 1,214,526 --------- C:\WINDOWS\system32\dllcache\sysmain.sdb

2008-08-23 20:41 . 2008-07-22 17:00 790,846 --------- C:\WINDOWS\system32\dllcache\apph_sp.sdb

2008-08-23 20:41 . 2008-07-22 17:00 9,696 --------- C:\WINDOWS\system32\dllcache\drvmain.sdb

2008-08-22 20:48 . 2008-08-22 20:48

2008-08-21 11:04 . 2008-08-21 11:04

2008-08-21 07:46 . 2008-08-29 13:08 112,652 --------- C:\WINDOWS\hpoins07.dat.temp

2008-08-21 07:46 . 2005-05-24 10:22 21,124 --------- C:\WINDOWS\hpomdl07.dat.temp

2008-08-20 19:38 . 2008-08-20 19:38

2008-08-18 14:57 . 2008-08-18 14:57

2008-08-18 10:22 . 2008-08-18 17:28 50 --a------ C:\WINDOWS\MegaManager.INI

2008-08-18 05:20 . 2008-08-18 05:20

2008-08-18 05:19 . 2008-08-18 05:19

2008-08-18 05:19 . 2008-08-18 05:19

2008-08-18 05:19 . 2008-08-18 05:19

2008-08-18 05:19 . 2008-08-18 05:19

2008-08-18 05:19 . 2008-08-18 05:19

2008-08-17 21:05 . 2008-08-17 21:05

2008-08-17 09:23 . 2008-08-17 09:23

2008-08-17 09:23 . 2008-08-17 09:23

2008-08-17 09:23 . 2008-08-17 09:23

2008-08-17 09:23 . 2004-05-27 02:32 102,400 --a------ C:\WINDOWS\system32\unzip32.dll

2008-08-15 13:20 . 2008-08-15 13:20

2008-08-15 13:18 . 2008-08-15 13:18

2008-08-15 07:44 . 2008-08-15 07:44

2008-08-13 05:41 . 2008-05-01 16:37 331,776 --------- C:\WINDOWS\system32\dllcache\msadce.dll

2008-08-13 05:38 . 2008-04-11 21:06 691,712 --------- C:\WINDOWS\system32\dllcache\inetcomm.dll

2008-08-12 08:58 . 2008-08-12 08:58

2008-08-12 08:58 . 2008-08-12 08:58

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2008-08-31 11:52 805 ----a-w C:\WINDOWS\system32\drivers\SYMEVENT.INF

2008-08-31 11:52 10,740 ----a-w C:\WINDOWS\system32\drivers\SYMEVENT.CAT

2008-08-10 13:31 --------- d-----w C:\Program Files\Secunia

2008-08-10 13:00 --------- d-----w C:\Documents and Settings\Janina Gajaszek\Dane aplikacji\Windows Search

2008-08-10 12:58 --------- d-----w C:\Documents and Settings\Janina Gajaszek\Dane aplikacji\Windows Desktop Search

2008-08-10 12:57 --------- d-----w C:\Program Files\Windows Desktop Search

2008-08-07 05:43 --------- d-----w C:\Program Files\Common Files\Skype

2008-07-31 18:06 7,484 ----a-w C:\UserInfo.dat

2008-07-30 13:45 --------- d-----w C:\Program Files\Lavalys

2008-07-28 12:12 --------- d-----w C:\Program Files\Kalendarz XP

2008-07-27 18:39 --------- d-----w C:\Program Files\MarBit

2008-07-25 08:34 81,920 ----a-w C:\WINDOWS\system32\dpl100.dll

2008-07-25 08:34 683,520 ----a-w C:\WINDOWS\system32\divx.dll

2008-07-23 16:50 3,596,288 ----a-w C:\WINDOWS\system32\qt-dx331.dll

2008-07-23 12:46 --------- d-----w C:\Program Files\INTERIAPL

2008-07-22 05:33 --------- d-----w C:\Program Files\GIMP-2.0

2008-07-21 18:45 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\FLEXnet

2008-07-21 18:10 --------- d-----w C:\Program Files\Common Files\Macrovision Shared

2008-07-19 08:58 --------- d-----w C:\Program Files\Loonies

2008-07-19 08:50 --------- d-----w C:\Program Files\CursorXP

2008-07-18 20:10 94,920 ----a-w C:\WINDOWS\system32\dllcache\cdm.dll

2008-07-18 20:10 94,920 ----a-w C:\WINDOWS\system32\cdm.dll

2008-07-18 20:10 53,448 ----a-w C:\WINDOWS\system32\wuauclt.exe

2008-07-18 20:10 53,448 ----a-w C:\WINDOWS\system32\dllcache\wuauclt.exe

2008-07-18 20:10 45,768 ----a-w C:\WINDOWS\system32\wups2.dll

2008-07-18 20:10 36,552 ----a-w C:\WINDOWS\system32\wups.dll

2008-07-18 20:10 36,552 ----a-w C:\WINDOWS\system32\dllcache\wups.dll

2008-07-18 20:09 563,912 ----a-w C:\WINDOWS\system32\wuapi.dll

2008-07-18 20:09 563,912 ----a-w C:\WINDOWS\system32\dllcache\wuapi.dll

2008-07-18 20:09 325,832 ----a-w C:\WINDOWS\system32\wucltui.dll

2008-07-18 20:09 325,832 ----a-w C:\WINDOWS\system32\dllcache\wucltui.dll

2008-07-18 20:09 205,000 ----a-w C:\WINDOWS\system32\wuweb.dll

2008-07-18 20:09 205,000 ----a-w C:\WINDOWS\system32\dllcache\wuweb.dll

2008-07-18 20:09 1,811,656 ----a-w C:\WINDOWS\system32\wuaueng.dll

2008-07-18 20:09 1,811,656 ----a-w C:\WINDOWS\system32\dllcache\wuaueng.dll

2008-07-18 20:07 270,880 ----a-w C:\WINDOWS\system32\mucltui.dll

2008-07-18 20:07 210,976 ----a-w C:\WINDOWS\system32\muweb.dll

2008-07-18 15:19 --------- d-----w C:\Program Files\Common Files\HP

2008-07-16 18:51 2,041,363 ----a-w C:\WINDOWS\system32\x264vfw.dll

2008-07-12 16:26 --------- d-----w C:\Documents and Settings\JĘDREK\Dane aplikacji\ATI

2008-07-12 16:21 --------- d-----w C:\Documents and Settings\Gość\Dane aplikacji\ATI

2008-07-07 20:29 253,952 ----a-w C:\WINDOWS\system32\es.dll

2008-07-07 20:29 253,952 ------w C:\WINDOWS\system32\dllcache\es.dll

2008-06-24 16:46 74,240 ----a-w C:\WINDOWS\system32\mscms.dll

2008-06-24 16:46 74,240 ------w C:\WINDOWS\system32\dllcache\mscms.dll

2008-06-24 16:12 295,936 ------w C:\WINDOWS\system32\wmpeffects.dll

2008-06-24 08:42 3,592,192 ----a-w C:\WINDOWS\system32\dllcache\mshtml.dll

2008-06-23 09:23 70,656 ----a-w C:\WINDOWS\system32\dllcache\ie4uinit.exe

2008-06-23 09:23 625,664 ----a-w C:\WINDOWS\system32\dllcache\iexplore.exe

2008-06-23 09:20 13,824 ------w C:\WINDOWS\system32\dllcache\ieudinit.exe

2008-06-21 05:23 161,792 ----a-w C:\WINDOWS\system32\dllcache\ieakui.dll

2008-06-20 17:48 246,784 ----a-w C:\WINDOWS\system32\mswsock.dll

2008-06-20 17:48 246,784 ------w C:\WINDOWS\system32\dllcache\mswsock.dll

2008-06-20 17:48 147,968 ------w C:\WINDOWS\system32\dllcache\dnsapi.dll

2008-06-20 11:51 361,600 ------w C:\WINDOWS\system32\dllcache\tcpip.sys

2008-06-20 11:40 138,496 ------w C:\WINDOWS\system32\dllcache\afd.sys

2008-06-20 11:08 225,856 ------w C:\WINDOWS\system32\dllcache\tcpip6.sys

2008-06-14 17:36 273,024 ------w C:\WINDOWS\system32\dllcache\bthport.sys

2008-06-12 18:36 7,680 ----a-w C:\WINDOWS\system32\ff_vfw.dll

2008-02-02 15:26 2,293,848 ----a-w C:\Program Files\FLV PlayerFCSetup.exe

2008-02-02 15:25 3,955,352 ----a-w C:\Program Files\FLV PlayerRCATSetup.exe

2008-02-02 15:16 411,248 ----a-w C:\Program Files\FLV PlayerRCSetup.exe

2007-12-27 18:10 32 ----a-w C:\Documents and Settings\All Users\Dane aplikacji\ezsid.dat

2007-10-09 18:30 774,144 ----a-w C:\Program Files\RngInterstitial.dll

2007-01-25 01:52 65,536 ----a-w C:\Program Files\Common Files\NMSAccessU.exe

2007-08-29 18:28 56 --sh--r C:\WINDOWS\system32\CAAB9A63B3.sys

2007-09-03 11:43 6,580 --sha-w C:\WINDOWS\system32\KGyGaAvL.sys

2008-05-28 16:44 32,768 --sha-w C:\WINDOWS\system32\config\systemprofile\Ustawienia lokalne\Historia\History.IE5\MSHist012008052820080529\index.dat

.

------- Sigcheck -------

2008-04-14 19:21 977408 f042e3426d45d86d9bb55f6a79ab441a C:\WINDOWS\explorer.exe

2007-06-13 15:12 1034752 8db0650b211425b9cdb7d1c4a8f6b482 C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe

2006-03-02 14:00 1033728 379098a96e6c165b659de7e4328010ea C:\WINDOWS\$NtUninstallKB938828$\explorer.exe

2007-06-13 15:23 976896 e74ef52c79f3347a0b105b0b92bfed38 C:\WINDOWS\$NtServicePackUninstall$\explorer.exe

2008-04-14 19:21 977408 f042e3426d45d86d9bb55f6a79ab441a C:\WINDOWS\ServicePackFiles\i386\explorer.exe

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries legit default entries are not shown

REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]

"{57BCA5FA-5DBB-45a2-B558-1755C3F6253B}"= "C:\Program Files\Winamp Toolbar\winamptb.dll" [2008-07-16 1266992]

[HKEY_CLASSES_ROOT\clsid{57bca5fa-5dbb-45a2-b558-1755c3f6253b}]

[HKEY_CLASSES_ROOT\WINAMPTB.AOLTBSearch.1]

[HKEY_CLASSES_ROOT\TypeLib{538CD77C-BFDD-49b0-9562-77419CAB89D1}]

[HKEY_CLASSES_ROOT\WINAMPTB.AOLTBSearch]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"StartCCC"="c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 90112]

"ASUSTPE"="C:\WINDOWS\system32\ASUSTPE.exe" [2006-10-14 69632]

"RocketDock"="C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe" [2007-03-19 630784]

"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-10-07 68856]

"Skype"="C:\Program Files\Skype\Phone\Skype.exe" [2008-07-23 21738792]

"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-14 15360]

"CursorFX"="C:\Program Files\Stardock\CursorFX\CursorFX.exe" [2008-07-07 416768]

"Free Download Manager"="C:\Program Files\Free Download Manager\fdm.exe" [2008-05-20 2474031]

"Software Informer"="C:\Program Files\Software Informer\softinfo.exe" [2008-09-04 1339461]

"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2006-12-01 204288]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Synchronization Manager"="C:\WINDOWS\system32\mobsync.exe" [2008-04-14 143872]

"Wireless Console 2"="C:\Program Files\Wireless Console 2\wcourier.exe" [2005-10-17 987136]

"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]

"ATICCC"="C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe" [2006-05-10 90112]

"{0228e555-4f9c-4e35-a3ec-b109a192b4c2}"="C:\Program Files\Google\Gmail Notifier\gnotify.exe" [2005-07-15 479232]

"HControl"="C:\WINDOWS\ATK0100\HControl.exe" [2006-10-14 110592]

"ACMON"="C:\Program Files\ASUS\Splendid\ACMON.exe" [2006-05-30 811008]

"WOOWATCH"="C:\PROGRA~1\NEOSTR~1\Watch.exe" [2004-08-23 20480]

"WOOTASKBARICON"="C:\PROGRA~1\NEOSTR~1\GestMaj.exe" [2004-10-14 32768]

"ISTray"="C:\Program Files\Spyware Doctor\pctsTray.exe" [2008-06-20 1107848]

"avast!"="C:\Program Files\Alwil Software\Avast4\ashDisp.exe" [2008-07-19 78008]

"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]

"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]

"SMSERIAL"="C:\WINDOWS\sm56hlpr.exe" [2006-03-21 544768]

"WinampAgent"="C:\Program Files\Winamp\winampa.exe" [2008-08-04 36352]

"ClocX"="C:\Program Files\ClocX\ClocX.exe" [2007-07-26 270336]

"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2008-05-27 413696]

"SkyTel"="SkyTel.EXE" [2006-05-16 C:\WINDOWS\SkyTel.exe]

[HKEY_USERS.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2008-04-14 15360]

"DWQueuedReporting"="C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-03-13 39264]

C:\Documents and Settings\Go†\Menu Start\Programy\Autostart\

CCC.lnk - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe [2006-09-29 49152]

C:\Documents and Settings\J¨DREK\Menu Start\Programy\Autostart\

CCC.lnk - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe [2006-09-29 49152]

C:\Documents and Settings\Janina Gajaszek\Menu Start\Programy\Autostart\

RocketDock.lnk - C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe [2007-03-19 630784]

Secunia NSI.lnk - C:\Program Files\Secunia\NSI\nsi.exe [2008-06-16 724992]

Secunia PSI (RC3).lnk - C:\Program Files\Secunia\PSI (RC3)\psi.exe [2008-06-16 663552]

C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\

Program sieciowy dla SAGEM Wi-Fi 11g USB adapter.lnk - C:\Program Files\SAGEM WiFi manager\WLANUTL.exe [2008-05-06 925696]

HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2005-05-11 282624]

Windows Search.lnk - C:\Program Files\Windows Desktop Search\WindowsSearch.exe [2008-05-26 123904]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]

"NoLowDiscSpaceChecks"= 000000000000f03f

"NoResolveTrack"= 1 (0x1)

"NoFileAssociate"= 0 (0x0)

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]

"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2008-05-26 304128]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]

"wavemapper"= msacm32.dvr

"msacm.l3fhg"= mp3fhg.acm

"msacm.divxa32"= divxa32.acm

"VIDC.X264"= x264vfw.dll

"VIDC.HFYU"= huffyuv.dll

"vidc.i263"= i263_32.drv

"VIDC.YV12"= yv12vfw.dll

[HKEY_LOCAL_MACHINE\software\microsoft\security center]

"AntiVirusDisableNotify"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]

"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]

"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\system32\sessmgr.exe"=

"%windir%\Network Diagnostic\xpnetdiag.exe"=

"C:\WINDOWS\System32\dpvsetup.exe"=

"C:\Program Files\Common Files\Ahead\Nero Web\SetupX.exe"=

"C:\Program Files\Bonjour\mDNSResponder.exe"=

"C:\WINDOWS\System32\dxdiag.exe"=

"C:\WINDOWS\System32\dpnsvr.exe"=

"C:\Program Files\Free Download Manager\fdmwi.exe"=

"C:\WINDOWS\System32\mmc.exe"=

"C:\Program Files\Video Server E\Video Server E.exe"=

"C:\Program Files\Azureus\Azureus.exe"=

"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"=

"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"=

"C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe"=

"C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe"=

"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"=

"C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe"=

"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"=

"C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe"=

"C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe"=

"C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe"=

"C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe"=

"C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe"=

"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe"=

"C:\Program Files\Winamp Remote\bin\Orb.exe"=

"C:\Program Files\Winamp Remote\bin\OrbTray.exe"=

"C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe"=

"C:\Program Files\Skype\Phone\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]

"8461:TCP"= 8461:TCP:GoD High Port

"8462:TCP"= 8462:TCP:GoD Low Port

"17895:TCP"= 17895:TCP:BitComet 17895 TCP

"17895:UDP"= 17895:UDP:BitComet 17895 UDP

R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-07-19 78416]

R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-07-19 20560]

R2 NMSAccessU;NMSAccessU;C:\Program Files\Common Files\NMSAccessU.exe [2007-01-25 65536]

R3 AmdTools;AMD Special Tools Driver;C:\WINDOWS\system32\DRIVERS\AmdTools.sys [2006-08-24 33792]

R3 ASNDIS5;ASNDIS5 Protocol Driver;C:\WINDOWS\system32\ASNDIS5.SYS [2002-09-09 16269]

R3 AtcL002;NDIS Miniport Driver for Attansic L2 Fast Ethernet Adapter;C:\WINDOWS\system32\DRIVERS\atl02_xp.sys [2006-08-14 27776]

R3 PSI;PSI;C:\WINDOWS\system32\DRIVERS\psi_mf.sys [2008-06-16 7808]

R3 RTSTOR;USB Mass Stroage Device;C:\WINDOWS\system32\drivers\RTSTOR.SYS [2006-06-10 27520]

R3 SynMini;USB2.0 1.3M WebCam;C:\WINDOWS\system32\Drivers\SynMini.sys [2006-08-09 1116544]

R3 SynScan;USB2.0 1.3M WebCam Still Image;C:\WINDOWS\system32\Drivers\SynScan.sys [2006-08-09 7808]

S2 Harmonogram automatycznej usługi LiveUpdate;Harmonogram automatycznej usługi LiveUpdate;C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe []

S2 IKANLOADER2;General Purpose USB Driver (e4ldr.sys);C:\WINDOWS\system32\Drivers\e4ldr.sys []

S3 e4usbaw;USB ADSL2 WAN Adapter;C:\WINDOWS\system32\DRIVERS\e4usbaw.sys []

S3 SG762_XP;SAGEM 802.11g XG762 1211B Driver;C:\WINDOWS\system32\DRIVERS\WlanBZXP.sys [2005-12-22 402432]

S3 usbscan;Sterownik skanera USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]

S3 usbstor;Sterownik magazynu masowego USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]

S3 ZDCndis5;ZDCndis5 Protocol Driver;C:\WINDOWS\system32\ZDCndis5.SYS []

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2{9d3cddd2-b6c7-11dc-a96c-0060b31d7362}]

\Shell\AutoRun\command - G:\EXPLORER.EXE

\Shell\explore\Command - G:\EXPLORER.EXE

\Shell\open\Command - G:\EXPLORER.EXE

*Newly Created Service* - CATCHME

*Newly Created Service* - PROCEXP90

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\ccc-core-static]

msiexec /fums {857D4360-762B-978B-76AD-491AA719E47A} /qb

.

Contents of the 'Scheduled Tasks' folder

.

  • ORPHANS REMOVED - - - -

WebBrowser-{1392B8D2-5C05-419F-A8F6-B9F15A596612} - (no file)

WebBrowser-{604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - (no file)

WebBrowser-{A057A204-BACC-4D26-C39E-35F1D2A32EC8} - (no file)

HKCU-Run-fsm - (no file)

HKLM-Run-My Web Search Bar Search Scope Monitor - C:\PROGRA~1\MYWEBS~1\bar\2.bin\m3SrchMn.exe

.

------- Supplementary Scan -------

.

FireFox -: Profile - C:\Documents and Settings\Janina Gajaszek\Dane aplikacji\Mozilla\Firefox\Profiles\gnm56tcl.default\

FireFox -: prefs.js - SEARCH.DEFAULTURL - hxxp://slirsredirect.search.aol.com/sli ... ie7query=

FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp://google.atcomet.com/b/

.

**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2008-09-11 18:16:47

Windows 5.1.2600 Dodatek Service Pack 3 FAT NTAPI

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully

hidden files: 0

**************************************************************************

.

Completion time: 2008-09-11 18:17:33

ComboFix-quarantined-files.txt 2008-09-11 16:17:30

Pre-Run: 30,208,262,144 bajtów wolnych

Post-Run: 30,320,295,936 bajtów wolnych

436 --- E O F --- 2008-09-10 17:16:11

Co o tym sądzicie ? Co mam dalej według Was Panowie zrobić ?


(huber2t) #10

Do wyleczenia pendrive z wirusów użyj

Perlovg Removal Tool

Flash Disinfector

lub format

Pobierz ComboFix, ale nie uruchamiaj

Otwórz notatnik i wklej do niego:

Driver::

IKANLOADER2

e4usbaw

ZDCndis5


Folder::

C:\FOUND.049

C:\FOUND.048

C:\FOUND.047

C:\FOUND.046

C:\FOUND.045

C:\FOUND.044

C:\FOUND.043

C:\FOUND.042

C:\FOUND.041

C:\FOUND.040

C:\FOUND.039


Registry::

[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{9d3cddd2-b6c7-11dc-a96c-0060b31d7362}]

Plik -> zapisz jako -> CFScript.txt.

Przeciągnij i upuść ikonkę CFScript.txt na ikonkę ComboFix.exe tak jak tu->

cfscript10uc2.gif

Rozpocznie się usuwanie i powstanie log, który dasz na forum.

Logi dajesz na http://wklej.eu lub na http://wklej.org a w poście dajesz tylko link


(Andrzejbis1) #11

Dalej to samo ; postępuje tak jak opisał hubert2t : ComboFix zaczyna działać i wyskakuje mi napis po polsku :

Czy próbowałeś uruchomić CFScript ? Wydaje się , że jest błąd w nazwie CFScript . OK . Klikam na OK i wyświetla się na ComboFix napis "odmowa dostępu" i program się sam zamyka.


(huber2t) #12

Uruchom w trybie awaryjnym lub na koncie Admina


(Andrzejbis1) #13

Nic nie wychodzi - dalej w ComboFix nie zgadza się nazwa jak wcześniej pisałem . Próbowałem w trybie awaryjnym i to samo .


(Andrzejbis1) #14

Po dłuższej walce ComboFix wygenerował takiego loga :

ComboFix 08-09-13.05 - Janina Gajaszek 2008-09-14 19:42:53.1 - FAT32 x86

Microsoft Windows XP Home Edition 5.1.2600.3.1250.1.1045.18.265 [GMT 2:00]

(huber2t) #15

Pobierz ComboFix, ale nie uruchamiaj

Otwórz notatnik i wklej do niego:

Folder::

C:\FOUND.051

C:\FOUND.050


Registry::

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"fsm"=-

Plik -> zapisz jako -> CFScript.txt.

Przeciągnij i upuść ikonkę CFScript.txt na ikonkę ComboFix.exe tak jak tu->

cfscript10uc2.gif

Rozpocznie się usuwanie i powstanie log, który dasz na forum.

Logi dajesz na http://wklej.eu lub na http://wklej.org a w poście dajesz tylko link


(Asterisk) #16

andrzejbis1 - Logi zamieszczamy na serwerach

zewnętrznych np wklejto.Tutaj zamieszczamy tylko linka.

Proszę zastosować się do tego Tematu i edytować własnego posta

w celu zmiany jego tytułu na konkretny .

W przeciwnym razie topic wyląduje w Śmietniku.


(Andrzejbis1) #17

Za nic nie daje to efektu ;robię tak jak mówicie i dalej pojawia się napis :"Czy próbowałeś uruchomić CFScript ? Wydaje się , że jest błąd w nazwie CFScript . OK ." Klikam na OK i wyświetla się na ComboFix napis "odmowa dostępu" i program się sam zamyka.Gdy zrobiłem jak radził Barnaba (Następnie prawy klik na plik CFSCript.txt i z menu kontekstowego wybierz opcję Otwórz za pomocą. Jako program wskaż ComboFix.exe (ale nie zaznaczaj opcji "Zawsze używaj tego programu do otwierania"!) to ComboFix wygenerował mi takiego loga jaki umieściłem wczoraj.


(system) #18

ComboFix usunął, co miał usunąć i możesz zostawić go w spokoju.

Te foldery możesz spokojnie skasować ręcznie z dysku:

Ale pozostaje problem zasadniczy, który pomijasz milczeniem


(Andrzejbis1) #19

Praca laptopa mocno się poprawiła , ale dalej pojawiają się dawne problemy (pliki exe i eksplorer Windows), co

prawda zdecydowanie rzadziej , ale jednak . A może mam coś porąbane ze sterownikami ? Co sądzicie o takim pomyśle ; "wyciąć" wszystkie aktualnie zainstalowane stery i z płyty fabrycznej od ASUS-a zainstalować je od nowa ? Ale sam niezbyt dokładnie wiem co do czego i co usunąć i w jakiej kolejności , a czego nie ruszać .

Tu wkleję wykaz tego co znajduje się na fabrycznej dyskietce :

File list for the included support software for F5R Series notebook Driver CD V1.0

=================================================================================================

File Name Description Version


--AFLASH2

-AFLASH2.EXE -Utility to update the Notebook's flash BIOS. (V2.10)

--ACROBATREADER -Utility for read PDF file for WINXP. (V7.0)

--LIFEFRAME2 -ASUS Lifeframe2 for WinXP. (V2.0.8)

--ATK0100 -ATKACPI Driver for WinXP. (V1043.2.15.65)

--ATK_Media (V1.14)

--AUDIO -Audio driver for WinXP. (V5.10.0.5319)

--CAMERA -Camera driver.

-D-MAX -Camera driver for WINXP. (V5.32.3.6)

-Chicony -Camera driver for WINXP. (V5.7.2.4)

--CDROM -ATAPI CD-ROM driver.

-TOSHIBA -README.TXT for installation Procedure. (V2.24)

-MKE -README.TXT for installation Procedure. (V1.21)

-TEAC -README.TXT for installation Procedure. (V1.27Q)

--HOTFIX -CPU hotfix for WINXP.

-BATTERY -Microsoft Hotfix KB918005 for WinXP Service Pack2 (KB918005)

-CPU -Microsoft Hotfix KB896256/KB923232 for WinXP Service Pack2 (KB896256/KB923232)

-HIBUTTON -Microsoft Hotfix KB893056 for WinXP Service Pack2 (KB893056)

-SIMBOOT -Microsoft Hotfix KB892627 for WinXP Service Pack2 (KB892627)

--ATI -ATI Driver for winXP. (V8.283)

--LAN -lan driver

-WINXP -Driver for WinXP. (V1.1.3790.4)

--LIVEUPDATE -Live Update utility for WinXP . (V2.3)

--MultiFrame (1.0.0005)

--MODEM -modem driver for WinXP. (V6.11.08)

--NIS2006 -Norton Internet Security 2006 for windows WINXP.

--Net4switch -Net4 Switch Utility for Win2000/xp (v1.00.005)

--POWER4 GEAR -Power4 Gear utility for Windows XP (V1.18)

--POWER FOR Phone (V1.0.0.8)

--Realtek -USB CARD READER Controller driver for XP. (V2.0.9.3)

--SSAVER -Screen saver for WinXP.

--Splendid -Color Enhancement for winxp (V1.02.09)

--TOUCHPAD -TouchPad driver for XP.

-Synaptics -TouchPad driver for XP. (V8.3.5.0)

--Touchpad Extra -Touchpad Extra Utility for Windows xp (V1.06.007)

--TPM -TPM Professional Package (1.80.2.0)

--InstantFun (V1.0.0007)

--UAA -Universal Audio Architecture driver for WINXP. (KB888111)

--WALLPAPER -Wallpaper

--WINFLASH -WINDOWS BIOS Flash utility for XP. (V2.18)

--WLAN -Wireless LAN Driver and Application.

-ATHEROS AW-GE-740 (DriverV4.2.2.27Utility V4.2.0.384)

-WL-170G (DriverV4.100.15.5Utility V3.0.1.0)

-Wireless Console2 (V2.0.2)

--Bluetooth -Bluetooth Driver (V4.00.38)

FILELIST.TXT -This file you are now reading.

TECHSUPP.TXT -Use this form in order to fill out relevant informationN

concerning your system when requesting technical support.

Please mail or fax to the nearest ASUS technical support.

Tak na wszelki wypadek podam dane swego sprzętu :

ASUS F5R WinXP home , SP3


(system) #20

Czy tak trudno w kilku słowach opisać, na czym polega ten problem?