Podczas odtwarzania filmów w jakimkolwiek programie, po dłuzszej lub krótszej chwili zawiesza mi się komputer. Zdarza sie równiez , że sam sie resetuje choc duzo rzadziej.Oczywiscie tez tylko w czasie odtwarzania filmow. Nie dzieje sie to podczas jakichkolwiek innych czynności wykonywanych na komputerze. Zanim sprawdzę czy to wina sprzętu chcę wykluczyc istnienie jakiegos robactwa lub innego syfu. Program antywirusowy nic jak do tej pory nie wykrył…Podaje logi z combofix’a i Hijack’a. Bardzo proszę o sprawdzenie.
HijackThis:
Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 23:55:35, on 2007-11-24 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\AOL\Active Virus Shield\avp.exe C:\WINDOWS\System32\FTRTSVC.exe C:\WINDOWS\system32\drivers\KodakCCS.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\system32\RunDLL32.exe C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe C:\Program Files\AOL\Active Virus Shield\avp.exe C:\Program Files\Winamp\winampa.exe C:\WINDOWS\RTHDCPL.EXE C:\PROGRA~1\NEOSTR~1\TaskBarIcon.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\Lexmark 3300 Series\lxccmon.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Kodak EasyShare software\bin\EasyShare.exe C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe C:\WINDOWS\system32\lxcccoms.exe C:\WINDOWS\explorer.exe C:\Program Files\uTorrent\utorrent.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/ R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\NEOSTR~1\SEARCH~1.DLL O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: XBTP06568 - {311F9DE8-6126-4EEE-B15F-65CBB3B4F9F6} - C:\Program Files\AOL Security Toolbar\AOL_security_toolbar.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll O3 - Toolbar: AOL Security Toolbar - {3BB63FD4-3C00-44D7-94A9-5DE211900DEF} - C:\Program Files\AOL Security Toolbar\AOL_security_toolbar.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O4 - HKLM…\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM…\Run: [nwiz] nwiz.exe /install O4 - HKLM…\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit O4 - HKLM…\Run: [speedTouch USB Diagnostics] “C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe” /icon O4 - HKLM…\Run: [WOOWATCH] C:\PROGRA~1\NEOSTR~1\Watch.exe O4 - HKLM…\Run: [WOOTASKBARICON] C:\PROGRA~1\NEOSTR~1\GestMaj.exe TaskBarIcon.exe O4 - HKLM…\Run: [aol] “C:\Program Files\AOL\Active Virus Shield\avp.exe” O4 - HKLM…\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe O4 - HKLM…\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM…\Run: [skyTel] SkyTel.EXE O4 - HKLM…\Run: [QuickTime Task] “C:\Program Files\QuickTime\qttask.exe” -atboottime O4 - HKLM…\Run: [LXCCCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCCtime.dll,_RunDLLEntry@16 O4 - HKLM…\Run: [lxccmon.exe] “C:\Program Files\Lexmark 3300 Series\lxccmon.exe” O4 - HKLM…\Run: [FaxCenterServer] “C:\Program Files\Lexmark Fax Solutions\fm3032.exe” /s O4 - HKLM…\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKCU…\Run: [Komunikator] C:\Program Files\Tlen.pl\tlen.exe O4 - HKCU…\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU…\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU…\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] “C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe” O4 - HKCU…\Run: [MSMSGS] “C:\Program Files\Messenger\msmsgs.exe” /background O4 - HKCU…\Run: [EdHTML] C:\Program Files\Binboy\EdHTMLv5.0\EdHTML.exe /none O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak EasyShare software\bin\EasyShare.exe O4 - Global Startup: Kodak software updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: Active Virus Shield (AVP) - AOL - C:\Program Files\AOL\Active Virus Shield\avp.exe O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe O23 - Service: lxcc_device - Lexmark International, Inc. - C:\WINDOWS\system32\lxcccoms.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe – End of file - 5330 bytes
Log z Combo:
ComboFix 07-11-19.3 - Paula 2007-11-24 20:50:53.2 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.262 [GMT 1:00] Running from: C:\Documents and Settings\Paula\Desktop\ComboFix.exe . ((((((((((((((((((((((((( Files Created from 2007-10-24 to 2007-11-24 ))))))))))))))))))))))))))))))) . 2007-11-22 15:03 2007-11-14 01:27 2007-11-14 00:51 2007-11-13 16:01 2007-11-13 15:59 10,321,006 --a------ C:\Program Files\xcodecpack220482.exe . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2007-11-24 19:52 888,096 --sha-w C:\WINDOWS\system32\drivers\fidbox2.dat 2007-11-24 19:52 44,800,032 --sha-w C:\WINDOWS\system32\drivers\fidbox.dat 2007-11-24 19:50 --------- d-----w C:\Program Files\neostrada tp 2007-11-24 19:48 --------- d-----w C:\Documents and Settings\Paula\Application Data\Skype 2007-11-24 17:53 --------- d-----w C:\Program Files\Lx_cats 2007-11-24 01:00 85,376 --sha-w C:\WINDOWS\system32\drivers\fidbox2.idx 2007-11-24 01:00 597,416 --sha-w C:\WINDOWS\system32\drivers\fidbox.idx 2007-11-23 02:28 --------- d-----w C:\Documents and Settings\Paula\Application Data\uTorrent 2007-11-20 10:43 --------- d-----w C:\Documents and Settings\Paula\Application Data\Tlen.pl 2007-11-19 01:39 --------- d-----w C:\Documents and Settings\Paula\Application Data\dvdcss 2007-11-13 15:30 --------- d-----w C:\Program Files\Common Files\Adobe 2007-11-13 14:40 --------- d-----w C:\Program Files\Windows Media Connect 2 2007-11-09 14:50 --------- d–h--w C:\Program Files\InstallShield Installation Information 2007-11-05 16:31 --------- d-----w C:\Program Files\Soulseek 2007-10-13 18:40 --------- d-----w C:\Program Files\Winamp 2007-10-13 18:40 --------- d-----w C:\Program Files\Tlen.pl 2007-10-13 18:40 --------- d-----w C:\Program Files\QuickTime 2007-10-13 18:38 --------- d-----w C:\Program Files\Lexmark 3300 Series 2007-10-13 18:38 --------- d-----w C:\Program Files\Google 2007-10-13 18:35 --------- d-----w C:\Program Files\AOL Security Toolbar 2007-10-02 16:07 --------- d-----w C:\Documents and Settings\All Users\Application Data\FLEXnet 2007-09-25 21:06 --------- d-----w C:\Program Files\Lavasoft 2007-09-25 21:06 --------- d-----w C:\Documents and Settings\Paula\Application Data\Lavasoft 2007-09-25 21:00 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy 2007-09-25 20:00 --------- d-----w C:\Program Files\Last.fm 2007-09-17 20:08 60,273 ----a-w C:\WINDOWS\system32\pthreadGC2.dll 2007-09-10 18:17 10,752 ----a-w C:\WINDOWS\system32\ff_vfw.dll . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] “Komunikator”=“C:\Program Files\Tlen.pl\tlen.exe” [2007-02-12 11:01] “swg”=“C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe” [2007-06-10 23:05] “ctfmon.exe”=“C:\WINDOWS\system32\ctfmon.exe” [2004-08-03 23:56] “BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}”=“C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe” [2005-10-28 15:25] “MSMSGS”=“C:\Program Files\Messenger\msmsgs.exe” [2006-10-15 16:41] “EdHTML”=“C:\Program Files\Binboy\EdHTMLv5.0\EdHTML.exe” [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] “NvCplDaemon”=“RUNDLL32.exe” [2004-08-03 23:56 C:\WINDOWS\system32\rundll32.exe] “nwiz”=“nwiz.exe” [2006-06-01 10:22 C:\WINDOWS\system32\nwiz.exe] “NvMediaCenter”=“RunDLL32.exe” [2004-08-03 23:56 C:\WINDOWS\system32\rundll32.exe] “SpeedTouch USB Diagnostics”=“C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe” [2004-01-26 10:38] “WOOWATCH”=“C:\PROGRA~1\NEOSTR~1\Watch.exe” [2004-08-23 13:49] “WOOTASKBARICON”=“C:\PROGRA~1\NEOSTR~1\GestMaj.exe” [2004-10-14 15:55] “aol”=“C:\Program Files\AOL\Active Virus Shield\avp.exe” [2006-05-30 10:13] “WinampAgent”=“C:\Program Files\Winamp\winampa.exe” [2007-05-14 23:22] “RTHDCPL”=“RTHDCPL.EXE” [2006-06-28 07:54 C:\WINDOWS\RTHDCPL.exe] “SkyTel”=“SkyTel.EXE” [2006-05-16 11:04 C:\WINDOWS\SkyTel.exe] “QuickTime Task”=“C:\Program Files\QuickTime\qttask.exe” [2007-06-02 16:23] “LXCCCATS”=“C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCCtime.dll” [2005-07-20 14:44] “lxccmon.exe”=“C:\Program Files\Lexmark 3300 Series\lxccmon.exe” [2005-07-21 01:16] “FaxCenterServer”=“C:\Program Files\Lexmark Fax Solutions\fm3032.exe” [2005-07-12 10:36] “NeroFilterCheck”=“C:\WINDOWS\system32\NeroCheck.exe” [2001-07-09 09:50] C:\Documents and Settings\All Users\Start Menu\Programs\Startup\ Kodak EasyShare software.lnk - C:\Program Files\Kodak EasyShare software\bin\EasyShare.exe [2005-03-10 08:40:30] Kodak software updater.lnk - C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe [2004-02-13 13:12:08] C:\WINDOWS\system32\klogon.dll 2006-03-24 17:08 28778 C:\WINDOWS\system32\klogon.dll [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Last.fm Helper.lnk] path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Last.fm Helper.lnk backup=C:\WINDOWS\pss\Last.fm Helper.lnkCommon Startup S3 GVCplDrv;GVCplDrv;C:\WINDOWS\system32\drivers\GVCplDrv.sys S3 SetupNTGLM7X;SetupNTGLM7X;??\E:\NTGLM7X.sys [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2{d3113542-7f11-11dc-a7ea-000e50f0c67a}] \Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe pagefile.sys.vbs . ************************************************************************** catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2007-11-24 20:52:31 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes … scanning hidden autostart entries … HKLM\Software\Microsoft\Windows\CurrentVersion\Run LXCCCATS = rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCCtime.dll,_RunDLLEntry@16??? scanning hidden files … scan completed successfully hidden files: 0 ************************************************************************** . Completion time: 2007-11-24 20:53:18 . — E O F —
Gutek
(Gutek)
24 Listopad 2007 23:30
#2
Otwórz Notatnik i wklej w nim to:
Plik >>> Zapisz jako >>> Zmień rozszerzenie z TXT na Wszystkie pliki >>> Zapisz pod nazwą FIX.REG >>> kliknij dwa razy na utworzony plik FIX.REG i potwierdź dodanie do rejestru >>> restart.
Optymalizacja XP: http://forum.dobreprogramy.pl/viewtopic.php?t=76580 + optymalizacja Autostartu
Czyszczenie rejestru:
RegCleaner - http://www.dobreprogramy.pl/index.php?dz=2&t=29&id=177
możesz rejestr przelecieć albo
jv16 PowerTools - http://www.dobreprogramy.pl/index.php?dz=2&t=29&id=509
Opis RegCleaner - http://www.agavk.p9.pl/strony/progra_regcleaner.php
Zobacz - Obsługa jv16 PowerTools