| | |
| Stránka: 1 z 1
| [ Príspevkov: 10 ] | |
Autor | Správa |
---|
Registrovaný: 05.01.08 Prihlásený: 22.04.10 Príspevky: 310 Témy: 33 |
Zdravim. Ked zapnem PC, riadne nacita OS. Ked ho nacita, niekedy sa stane, ze mi namiesto uvitacej obrazovky zobrazi iba ciernu obrazovku, a nic sa nedeje. OS: WinXP. Zostava v podpise. V com je asi problem?
Este sa chcem opytat, ci mozem vypnut strankovaci subor ked mam 2Gb RAM.
|
|
Registrovaný: 16.02.07 Prihlásený: 26.11.15 Príspevky: 216 Témy: 25 Bydlisko: Bratislava | Napísal Cruel: 26.07.2008 23:46 | |
|
ako dlho si nemal prainstalovany WIN
|
|
Registrovaný: 10.07.07 Prihlásený: 02.11.17 Príspevky: 1060 Témy: 0 Bydlisko: Bratislava |
CommanderBomber píše: Zdravim. Ked zapnem PC, riadne nacita OS. Ked ho nacita, niekedy sa stane, ze mi namiesto uvitacej obrazovky zobrazi iba ciernu obrazovku, a nic sa nedeje. OS: WinXP. Zostava v podpise. V com je asi problem?
Este sa chcem opytat, ci mozem vypnut strankovaci subor ked mam 2Gb RAM.
Problemov moze byt ozaj vela.. od aplikaci tupu /TRAY, aplikacie po spusteni az po skodlive programy ..., taktiez v procesoch ...vratane HW chyba..
..musis zuzit okruh..
vypni aplikacie po spusteni vratane /TRAY...
a sleduj spravanie PC ..
aposli vypis z hijackthis..
_________________ Nebo je modre, voda je mokra... |
|
Registrovaný: 05.01.08 Prihlásený: 22.04.10 Príspevky: 310 Témy: 33 |
Cruel píše: ako dlho si nemal prainstalovany WIN
Win mam nainstalovany asi tyzden.
Kód: Logfile of HijackThis v1.99.1 Scan saved at 10:04:22, on 27.7.2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\GIGABYTE\EnergySaver\GSvr.exe C:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\Program Files\ClocX\ClocX.exe C:\Program Files\Unlocker\UnlockerAssistant.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\Microcom\ADSL DeskPorte USB\CnxDslTb.exe C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe C:\Program Files\ATI Tray Tools\atitray.exe C:\Program Files\Stardock\CursorFX\CursorFX.exe C:\Program Files\Rainlendar 2\Rainlendar2.exe C:\Program Files\ATI Technologies\ATI HYDRAVISION\HydraDM.exe C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe C:\Program Files\DAEMON Tools Lite\daemon.exe C:\Program Files\GIGABYTE\ET6\GUI.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe C:\Program Files\RBTray\RBTray.exe C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe C:\Program Files\uTorrent\uTorrent.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\HijackThis\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [EasyTuneVI] C:\Program Files\GIGABYTE\ET6\ETcall.exe O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe O4 - HKLM\..\Run: [ClocX] C:\Program Files\ClocX\ClocX.exe O4 - HKLM\..\Run: [LogonStudio] "C:\Program Files\WinCustomize\LogonStudio\logonstudio.exe" /RANDOM O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe" O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [CnxDslTaskBar] "C:\Program Files\Microcom\ADSL DeskPorte USB\CnxDslTb.exe" "Microcom\ADSL DeskPorte USB" O4 - HKLM\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -scheduler O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [AtiTrayTools] "C:\Program Files\ATI Tray Tools\atitray.exe" O4 - HKCU\..\Run: [CursorFX] C:\Program Files\Stardock\CursorFX\CursorFX.exe O4 - HKCU\..\Run: [Rainlendar2] C:\Program Files\Rainlendar 2\Rainlendar2.exe O4 - HKCU\..\Run: [HydraDM] "C:\Program Files\ATI Technologies\ATI HYDRAVISION\HydraDM.exe" O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun O4 - HKCU\..\Run: [Vidalia] "C:\Program Files\Vidalia Bundle\Vidalia\vidalia.exe" O4 - Startup: RBTray.lnk = C:\Program Files\RBTray\RBTray.exe O8 - Extra context menu item: &Download All with FlashGet - C:\Program Files\FlashGet\jc_all.htm O8 - Extra context menu item: &Download with FlashGet - C:\Program Files\FlashGet\jc_link.htm O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Zdroje informácií - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O11 - Options group: [INTERNATIONAL] International* O17 - HKLM\System\CCS\Services\Tcpip\..\{774E7245-2C82-45AE-BEA3-8459F588A557}: NameServer = 195.146.132.58 195.146.128.60 O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O20 - Winlogon Notify: WBSrv - C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbsrv.dll O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: Avira AntiVir Personal – Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: GEST Service for program management. (GEST Service) - Unknown owner - C:\Program Files\GIGABYTE\EnergySaver\GSvr.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
Myslim, ze malware to nebude, pretoze PC som do internetu ani raz nepripojil bez aktivovaneho firewallu (ZoneAlarm). Najpravdepodobnejsia sa mi vidi asi ta chyba v HW. Rozmyslam, ci to nebude teplotami VGA, pretoze ta cierna obrazovka sa zobrazuje hlavne vtedy, ked PC restartujem - grafika je tepla od predchadzajuceho chodu PC a pocas startu si niesom isty, ze sa na nej kruti ventilator (pretoze ked ked otvorim CCC po starte PC, pise ze grafika ma okolo 77°C a za normalnych podmienok ma 50-60°). Ked PC zapinam tak, ze naposledy bol pusteny trebars pred 5 hodinami, vtedy sa to nestava.
|
|
Registrovaný: 10.07.07 Prihlásený: 02.11.17 Príspevky: 1060 Témy: 0 Bydlisko: Bratislava |
Uz si ten problem aj sam zuzil, takze odinstaluj ATI Tray Tools.. ci sa nahodou nejedna o SW chybu TRAY a popis dalsie spravanie...pc
inak log (v ramci moznosti hijackthis) je cisty..
_________________ Nebo je modre, voda je mokra... |
|
Registrovaný: 03.04.08 Prihlásený: 10.12.19 Príspevky: 4667 Témy: 37 Bydlisko: Trnava |
skus iny firewall nepsal ti zone alarm ze sa avirou nemaju radi??
_________________ Hmmm .... Hrošíček ... [Homer] |
|
Registrovaný: 27.03.08 Príspevky: 363 Témy: 57 Bydlisko: Zvolen | Napísal tinozv: 02.08.2008 8:53 | |
|
Odporučil by som LOG s Combofixu ak sa vylúči HW chyba,predsa je to len ťažší kaliber ako HJT.
ATI mávajú s týmto problém a celkovo sú problémovejšie ako NVidie,ja osobne už ATI nechcem ani vidieť.
Skúšal si najnovšie ovládače od ATI prípadne tak ako ti radili odinštaloval si ATI Tools???
_________________ NOTEBOOK:Toshiba Portege Z930/14C |
|
Registrovaný: 05.01.08 Prihlásený: 22.04.10 Príspevky: 310 Témy: 33 |
Roberbo píše: odinstaluj ATI Tray Tools.. OK, odinstalovane. don jebot píše: skus iny firewall nepsal ti zone alarm ze sa avirou nemaju radi?? Firewall si necham, namiesto Aviry dam NOD. tinozv píše: Odporučil by som LOG s Combofixu Kód: ComboFix 08-07-31.06 - CommanderBomber 2008-08-02 10:26:41.1 - NTFSx86 Systém Microsoft Windows XP Professional 5.1.2600.2.1250.1.1033.18.1551 [GMT 2:00] Running from: D:\Download\ComboFix.exe * Created a new restore point
[color=red][b]WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !![/b][/color] .
((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) .
C:\Documents and Settings\CommanderBomber\Local Settings\Application Data\Microsoft\Windows Media\10.0\WMSDKNSD.XML
. ((((((((((((((((((((((((( Files Created from 2008-07-02 to 2008-08-02 ))))))))))))))))))))))))))))))) .
2008-08-01 15:46 . 2008-08-01 15:46 <DIR> d-------- C:\Program Files\Banner Maker Pro 6 2008-08-01 15:46 . 2008-08-01 15:46 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\TEMP 2008-08-01 12:20 . 2008-08-01 12:20 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\ATI 2008-08-01 12:16 . 2008-08-01 12:16 <DIR> d-------- C:\Program Files\ATI 2008-08-01 12:12 . 2008-08-01 12:16 <DIR> d-------- C:\Program Files\Common Files\ATI Technologies 2008-08-01 12:11 . 2008-05-14 21:05 593,920 --------- C:\WINDOWS\system32\ati2sgag.exe 2008-08-01 12:10 . 2008-08-01 12:16 <DIR> d-------- C:\Program Files\ATI Technologies 2008-08-01 12:10 . 2008-05-15 03:37 3,107,788 -ra------ C:\WINDOWS\system32\ativvaxx.dat 2008-08-01 12:10 . 2008-05-15 03:37 3,107,788 -ra------ C:\WINDOWS\system32\ativva5x.dat 2008-08-01 12:10 . 2008-05-15 03:37 887,724 -ra------ C:\WINDOWS\system32\ativva6x.dat 2008-08-01 12:10 . 2008-05-15 04:12 413,696 -ra------ C:\WINDOWS\system32\ATIDEMGX.dll 2008-08-01 12:10 . 2008-05-15 03:57 307,200 -ra------ C:\WINDOWS\system32\atiiiexx.dll 2008-08-01 12:10 . 2008-04-28 23:09 172,033 -ra------ C:\WINDOWS\system32\atiicdxx.dat 2008-08-01 12:10 . 2008-05-06 19:41 12,787 -ra------ C:\WINDOWS\atiogl.xml 2008-08-01 12:10 . 2007-08-31 15:20 7,167 -ra------ C:\WINDOWS\system32\atifglpf.xml 2008-08-01 11:56 . 2008-08-01 11:56 <DIR> d-------- C:\ATI 2008-08-01 09:59 . 2008-08-01 09:59 0 --a------ C:\WINDOWS\WB.ini 2008-08-01 09:06 . 2006-10-30 12:27 2,180,224 -----c--- C:\WINDOWS\system32\dllcache\ntoskrnl.exe 2008-08-01 09:06 . 2006-10-30 12:25 2,136,064 -----c--- C:\WINDOWS\system32\dllcache\ntkrnlmp.exe 2008-08-01 09:06 . 2006-10-30 11:50 2,057,600 -----c--- C:\WINDOWS\system32\dllcache\ntkrnlpa.exe 2008-08-01 09:06 . 2006-10-30 11:50 2,015,744 -----c--- C:\WINDOWS\system32\dllcache\ntkrpamp.exe 2008-07-31 15:18 . 2008-07-31 15:18 <DIR> d-------- C:\Documents and Settings\Administrator 2008-07-30 19:31 . 2008-07-30 19:31 <DIR> d-------- C:\Program Files\OpenAL 2008-07-30 19:31 . 2008-07-30 19:31 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Codemasters 2008-07-30 19:22 . 2008-07-30 19:22 <DIR> d-------- C:\Program Files\Pictomio 2008-07-30 19:22 . 2008-07-30 19:22 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Pictomio 2008-07-30 19:19 . 2008-07-30 19:21 <DIR> d-------- C:\Program Files\CachemanXP 2008-07-30 17:12 . 2004-08-04 00:56 159,232 --a------ C:\WINDOWS\system32\ptpusd.dll 2008-07-30 17:12 . 2004-08-03 22:58 15,104 --a------ C:\WINDOWS\system32\drivers\usbscan.sys 2008-07-30 17:12 . 2004-08-03 22:58 15,104 --a--c--- C:\WINDOWS\system32\dllcache\usbscan.sys 2008-07-30 17:12 . 2001-08-17 22:36 5,632 --a------ C:\WINDOWS\system32\ptpusb.dll 2008-07-30 16:51 . 2008-07-30 16:51 <DIR> d-------- C:\Program Files\LimeWire 2008-07-29 14:37 . 2008-07-29 14:37 <DIR> d-------- C:\Documents and Settings\CommanderBomber\.thumbnails 2008-07-27 16:55 . 2008-07-27 16:56 <DIR> d-------- C:\Program Files\PC Translator 2008-07-27 16:51 . 2008-07-30 21:30 3,735 --a------ C:\WINDOWS\wtran32.INI 2008-07-27 16:47 . 2008-07-27 16:47 <DIR> d-------- C:\Documents and Settings\CommanderBomber\Application Data\LangSoft 2008-07-27 16:47 . 2008-07-27 16:47 0 --a------ C:\WINDOWS\XXLGSC 2008-07-27 11:13 . 2008-07-27 11:13 <DIR> d-------- C:\Program Files\Common Files\Blizzard Entertainment 2008-07-26 17:53 . 2008-07-26 17:57 <DIR> d-------- C:\Program Files\BitLord 2008-07-26 16:47 . 2008-05-15 03:49 3,500,352 --a--c--- C:\WINDOWS\system32\dllcache\ati3duag.dll 2008-07-26 16:47 . 2008-05-15 03:49 3,500,352 --a------ C:\WINDOWS\system32\ati3duag.dll 2008-07-26 16:47 . 2008-05-15 04:48 3,098,112 --a------ C:\WINDOWS\system32\drivers\ati2mtag.sys 2008-07-26 16:47 . 2008-05-15 04:48 3,098,112 --a--c--- C:\WINDOWS\system32\dllcache\ati2mtag.sys 2008-07-26 16:47 . 2008-05-15 03:38 2,102,528 --a--c--- C:\WINDOWS\system32\dllcache\ativvaxx.dll 2008-07-26 16:47 . 2008-05-15 03:38 2,102,528 --a------ C:\WINDOWS\system32\ativvaxx.dll 2008-07-26 16:47 . 2008-05-15 03:12 557,056 --a--c--- C:\WINDOWS\system32\dllcache\ati2cqag.dll 2008-07-26 16:47 . 2008-05-15 03:12 557,056 --a------ C:\WINDOWS\system32\ati2cqag.dll 2008-07-26 16:47 . 2008-05-15 04:11 306,176 --a--c--- C:\WINDOWS\system32\dllcache\ati2dvag.dll 2008-07-26 16:47 . 2008-05-15 04:11 306,176 --a------ C:\WINDOWS\system32\ati2dvag.dll 2008-07-26 10:41 . 2008-07-29 09:02 <DIR> d-------- C:\Documents and Settings\CommanderBomber\Application Data\uTorrent 2008-07-25 21:17 . 2008-07-25 21:17 <DIR> d-------- C:\Documents and Settings\CommanderBomber\Application Data\AdobeUM 2008-07-23 10:17 . 2004-08-04 14:00 1,392,671 --a------ C:\WINDOWS\system32\MSVBVM60.DLL 2008-07-23 10:17 . 2004-08-04 14:00 553,472 --a------ C:\WINDOWS\system32\OLEAUT32.DLL 2008-07-23 10:17 . 2004-08-04 14:00 83,456 --a------ C:\WINDOWS\system32\OLEPRO32.DLL 2008-07-23 10:17 . 2004-08-04 14:00 65,024 --a------ C:\WINDOWS\system32\ASYCFILT.DLL 2008-07-23 10:17 . 2004-08-04 14:00 17,920 --a------ C:\WINDOWS\system32\STDOLE2.TLB 2008-07-23 10:17 . 2004-08-04 14:00 3,584 --a------ C:\WINDOWS\system32\COMCAT.DLL 2008-07-22 20:55 . 2008-07-22 20:55 <DIR> d-------- C:\Program Files\Common Files\Adobe 2008-07-22 13:43 . 2008-07-29 09:04 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Sibelius Software 2008-07-22 13:43 . 2008-07-22 13:43 604 --ah----- C:\WINDOWS\T4 2008-07-22 13:43 . 2008-07-22 13:43 604 --ah----- C:\WINDOWS\system32\T3 2008-07-22 13:41 . 2004-02-25 18:19 69,632 --a------ C:\WINDOWS\system32\NI_DFD_1_2_9.dll 2008-07-22 13:30 . 2008-07-29 09:04 <DIR> d-------- C:\Documents and Settings\CommanderBomber\Application Data\Sibelius Software 2008-07-22 13:22 . 2008-07-22 13:44 <DIR> d-------- C:\Program Files\Native Instruments 2008-07-22 13:22 . 2006-10-26 15:29 393,216 --a------ C:\WINDOWS\system32\NI_IRC_1_2.dll 2008-07-22 13:22 . 2006-10-26 15:29 61,440 --a------ C:\WINDOWS\system32\NI_DFD_1_5.dll 2008-07-22 13:21 . 2008-07-22 13:37 <DIR> d-------- C:\Program Files\Sibelius Software 2008-07-21 14:26 . 2008-07-21 14:26 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Trymedia 2008-07-21 12:31 . 2008-07-21 12:32 <DIR> d-------- C:\Documents and Settings\CommanderBomber\Phone Browser 2008-07-21 12:31 . 2008-07-26 12:39 1,374 --a------ C:\WINDOWS\imsins.BAK 2008-07-21 12:30 . 2008-07-21 12:30 <DIR> d-------- C:\Program Files\PC Connectivity Solution 2008-07-21 12:30 . 2008-07-21 12:30 <DIR> d-------- C:\Program Files\DIFX 2008-07-21 12:30 . 2008-07-21 12:30 <DIR> d-------- C:\Program Files\Common Files\PCSuite 2008-07-21 12:30 . 2008-07-21 12:30 <DIR> d-------- C:\Program Files\Common Files\Nokia 2008-07-21 12:30 . 2008-07-21 12:30 <DIR> d-------- C:\Documents and Settings\CommanderBomber\Application Data\PC Suite 2008-07-21 12:30 . 2008-07-21 12:31 <DIR> d-------- C:\Documents and Settings\CommanderBomber\Application Data\Nokia 2008-07-21 12:30 . 2008-07-21 12:31 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\PC Suite 2008-07-21 12:29 . 2008-07-21 12:30 <DIR> d-------- C:\Program Files\Nokia PC Suite 2008-07-21 12:29 . 2007-02-22 10:15 137,216 --a------ C:\WINDOWS\system32\drivers\nmwcd.sys 2008-07-21 12:29 . 2007-02-22 10:15 90,624 --a------ C:\WINDOWS\system32\nmwcdcls.dll 2008-07-21 12:29 . 2007-02-22 10:15 65,536 --a------ C:\WINDOWS\system32\nmwcdcocls.dll 2008-07-21 12:29 . 2007-02-22 10:15 12,288 --a------ C:\WINDOWS\system32\drivers\nmwcdcm.sys 2008-07-21 12:29 . 2007-02-22 10:15 12,288 --a------ C:\WINDOWS\system32\drivers\nmwcdcj.sys 2008-07-21 12:29 . 2007-02-22 10:15 8,320 --a------ C:\WINDOWS\system32\drivers\nmwcdc.sys 2008-07-21 12:28 . 2008-07-21 12:28 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Installations 2008-07-21 11:55 . 2008-07-22 15:48 102,400 --a------ C:\WINDOWS\DUMP5d52.tmp 2008-07-21 11:55 . 2008-07-25 18:30 102,400 --a------ C:\WINDOWS\DUMP5b4f.tmp 2008-07-21 11:55 . 2008-07-25 18:31 102,400 --a------ C:\WINDOWS\DUMP57b5.tmp 2008-07-21 11:55 . 2008-07-25 18:35 102,400 --a------ C:\WINDOWS\DUMP5738.tmp 2008-07-21 11:55 . 2008-07-29 18:26 102,400 --a------ C:\WINDOWS\DUMP4fc5.tmp 2008-07-21 11:55 . 2008-07-26 18:06 102,400 --a------ C:\WINDOWS\DUMP474a.tmp 2008-07-21 11:55 . 2008-07-26 18:23 102,400 --a------ C:\WINDOWS\DUMP4390.tmp 2008-07-21 11:55 . 2008-07-31 15:10 102,400 --a------ C:\WINDOWS\DUMP3d95.tmp 2008-07-21 11:55 . 2008-07-30 10:17 102,400 --a------ C:\WINDOWS\DUMP349c.tmp 2008-07-21 11:15 . 2004-08-04 14:00 25,088 --a------ C:\WINDOWS\system32\shfolder.dll 2008-07-21 09:12 . 2008-08-01 12:04 10 --a------ C:\WINDOWS\WININIT.INI 2008-07-20 22:42 . 2008-08-01 12:00 <DIR> d-------- C:\WINDOWS\LastGood 2008-07-20 22:42 . 2008-07-21 09:14 <DIR> d-------- C:\Program Files\ATI Demos 2008-07-20 20:18 . 2008-07-20 20:19 <DIR> d-------- C:\Program Files\EVEREST Ultimate Edition 2008-07-20 19:17 . 2008-07-20 19:17 360,320 --a------ C:\WINDOWS\system32\drivers\TCPIP.SYS.ORIGINAL 2008-07-20 16:22 . 2003-06-19 00:31 17,920 --a------ C:\WINDOWS\system32\mdimon.dll 2008-07-20 16:22 . 2008-07-20 16:22 376 --a------ C:\WINDOWS\ODBC.INI 2008-07-20 16:21 . 2008-07-20 16:22 <DIR> d-------- C:\WINDOWS\SHELLNEW 2008-07-20 16:21 . 2008-07-20 16:21 <DIR> d-------- C:\Program Files\Microsoft.NET 2008-07-20 11:38 . 2008-07-20 11:38 <DIR> d--h----- C:\WINDOWS\system32\GroupPolicy 2008-07-20 11:38 . 2008-06-20 12:45 360,320 --a------ C:\WINDOWS\system32\drivers\tcpip.sys.old 2008-07-20 11:23 . 2008-07-20 11:23 <DIR> d-------- C:\WINDOWS\LastGood.Tmp 2008-07-20 11:23 . 2004-06-16 13:57 1,671,168 --a------ C:\WINDOWS\system32\cnxci.dll 2008-07-20 11:23 . 2004-06-16 13:51 60,416 --a------ C:\WINDOWS\system32\drivers\CnxTgNP.sys 2008-07-20 11:03 . 2008-07-20 11:03 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com 2008-07-20 10:23 . 2008-07-31 12:43 <DIR> d-------- C:\Documents and Settings\CommanderBomber\Application Data\gtk-2.0 2008-07-20 09:19 . 2008-07-20 09:19 <DIR> d-------- C:\Program Files\WinXP Manager 2008-07-20 09:19 . 2008-07-26 14:30 <DIR> d-------- C:\Program Files\FlashGet 2008-07-20 09:18 . 2008-07-20 09:18 <DIR> d-------- C:\Program Files\FolderSize 2008-07-20 08:29 . 2008-04-23 06:16 6,066,176 -----c--- C:\WINDOWS\system32\dllcache\ieframe.dll 2008-07-20 08:29 . 2007-04-17 11:32 2,455,488 -----c--- C:\WINDOWS\system32\dllcache\ieapfltr.dat 2008-07-20 08:29 . 2007-03-08 07:10 991,232 -----c--- C:\WINDOWS\system32\dllcache\ieframe.dll.mui 2008-07-20 08:29 . 2008-04-23 06:16 459,264 -----c--- C:\WINDOWS\system32\dllcache\msfeeds.dll 2008-07-20 08:29 . 2008-04-23 06:16 383,488 -----c--- C:\WINDOWS\system32\dllcache\ieapfltr.dll 2008-07-20 08:29 . 2008-04-23 06:16 267,776 -----c--- C:\WINDOWS\system32\dllcache\iertutil.dll 2008-07-20 08:29 . 2008-04-23 06:16 63,488 -----c--- C:\WINDOWS\system32\dllcache\icardie.dll 2008-07-20 08:29 . 2008-04-23 06:16 52,224 -----c--- C:\WINDOWS\system32\dllcache\msfeedsbs.dll 2008-07-20 08:29 . 2008-04-22 09:39 13,824 -----c--- C:\WINDOWS\system32\dllcache\ieudinit.exe 2008-07-20 08:28 . 2008-07-31 15:21 69 --a------ C:\WINDOWS\NeroDigital.ini 2008-07-19 18:05 . 2008-08-01 14:46 <DIR> d-------- C:\Documents and Settings\CommanderBomber\.gimp-2.4
. (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-08-02 08:12 16,608 ----a-w C:\WINDOWS\gdrv.sys 2008-08-01 10:11 --------- d--h--w C:\Program Files\InstallShield Installation Information 2008-08-01 08:50 13,312 ----a-w C:\WINDOWS\Internet Logs\xDBD.tmp 2008-08-01 08:50 1,162,752 ----a-w C:\WINDOWS\Internet Logs\xDBE.tmp 2008-08-01 08:49 19,456 ----a-w C:\WINDOWS\Internet Logs\xDBC.tmp 2008-08-01 08:12 36,864 ----a-w C:\WINDOWS\Internet Logs\xDBB.tmp 2008-07-31 13:11 110,592 ----a-w C:\WINDOWS\Internet Logs\xDBA.tmp 2008-07-31 13:06 1,160,704 ----a-w C:\WINDOWS\Internet Logs\xDB9.tmp 2008-07-30 17:31 444,952 ----a-w C:\WINDOWS\system32\wrap_oal.dll 2008-07-30 17:31 109,080 ----a-w C:\WINDOWS\system32\OpenAL32.dll 2008-07-30 17:31 107,888 ----a-w C:\WINDOWS\system32\CmdLineExt.dll 2008-07-28 11:22 3,087,872 ----a-w C:\WINDOWS\Internet Logs\xDB7.tmp 2008-07-28 11:22 1,148,928 ----a-w C:\WINDOWS\Internet Logs\xDB8.tmp 2008-07-25 18:59 25,600 ----a-w C:\WINDOWS\Internet Logs\xDB3.tmp 2008-07-25 18:59 1,131,008 ----a-w C:\WINDOWS\Internet Logs\xDB4.tmp 2008-07-22 11:43 604 ---ha-w C:\Program Files\STLL Notifier 2008-07-21 10:55 2,920,448 ----a-w C:\WINDOWS\Internet Logs\xDB2.tmp 2008-07-21 08:07 12,528 ----a-w C:\WINDOWS\system32\drivers\secdrv.sys 2008-07-21 07:07 110,592 ----a-w C:\WINDOWS\DUMP3ebe.tmp 2008-07-20 17:17 360,320 ----a-w C:\WINDOWS\system32\drivers\TCPIP.SYS 2008-07-19 09:00 14,336 ----a-w C:\WINDOWS\Internet Logs\xDB1.tmp 2008-07-19 08:53 38,912 ----a-w C:\WINDOWS\Internet Logs\xDB5.tmp 2008-07-19 08:53 1,084,416 ----a-w C:\WINDOWS\Internet Logs\xDB6.tmp 2008-07-18 21:00 --------- d-----w C:\Program Files\GIGABYTE 2008-07-18 21:00 --------- d-----w C:\Program Files\Common Files\InstallShield 2008-07-18 20:58 --------- d-----w C:\Program Files\Realtek 2008-07-18 20:58 --------- d-----w C:\Documents and Settings\CommanderBomber\Application Data\InstallShield 2008-07-18 20:56 315,392 ----a-w C:\WINDOWS\HideWin.exe 2008-07-18 20:55 --------- d-----w C:\Documents and Settings\CommanderBomber\Application Data\ATI 2008-07-18 20:53 --------- d-----w C:\Program Files\Intel 2008-07-18 20:31 --------- d-----w C:\Program Files\microsoft frontpage 2008-06-20 17:41 245,248 ----a-w C:\WINDOWS\system32\mswsock.dll 2008-06-20 10:44 138,368 ----a-w C:\WINDOWS\system32\drivers\afd.sys 2008-06-20 09:52 225,920 ----a-w C:\WINDOWS\system32\drivers\tcpip6.sys 2008-06-04 12:55 53,248 ----a-w C:\WINDOWS\system32\CSVer.dll 2008-05-15 02:02 180,224 ----a-w C:\WINDOWS\system32\atipdlxx.dll 2008-05-15 02:02 139,264 ----a-w C:\WINDOWS\system32\Oemdspif.dll 2008-05-15 02:01 43,520 ----a-w C:\WINDOWS\system32\ati2edxx.dll 2008-05-15 02:01 26,112 ----a-w C:\WINDOWS\system32\Ati2mdxx.exe 2008-05-15 02:01 139,264 ----a-w C:\WINDOWS\system32\ati2evxx.dll 2008-05-15 02:00 544,768 ----a-w C:\WINDOWS\system32\ati2evxx.exe 2008-05-15 01:58 53,248 ----a-w C:\WINDOWS\system32\ATIDDC.DLL 2008-05-15 01:57 10,276,864 ----a-w C:\WINDOWS\system32\atioglx2.dll 2008-05-15 01:24 48,128 ----a-w C:\WINDOWS\system32\amdpcom32.dll 2008-05-15 01:20 348,160 ----a-w C:\WINDOWS\system32\atikvmag.dll 2008-05-15 01:19 23,040 ----a-w C:\WINDOWS\system32\atiadlxx.dll 2008-05-15 01:18 17,408 ----a-w C:\WINDOWS\system32\atitvo32.dll 2008-05-15 01:16 245,760 ----a-w C:\WINDOWS\system32\atiok3x2.dll 2008-05-07 07:39 16,862,208 ------r C:\WINDOWS\RTHDCPL.exe 2008-05-07 05:18 1,287,680 ----a-w C:\WINDOWS\system32\quartz.dll 2007-06-13 13:07 6,276,080 ----a-w C:\Program Files\mozilla firefox\plugins\ScorchPDFWrapper.dll 2006-05-03 09:06 163,328 --sh--r C:\WINDOWS\system32\flvDX.dll 2007-02-21 10:47 31,232 --sh--r C:\WINDOWS\system32\msfDX.dll 2008-03-16 12:30 216,064 --sh--r C:\WINDOWS\system32\nbDX.dll .
((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "HydraDM"="C:\Program Files\ATI Technologies\ATI HYDRAVISION\HydraDM.exe" [2003-09-15 21:00 270336] "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 14:00 15360] "CursorFX"="C:\Program Files\Stardock\CursorFX\CursorFX.exe" [2008-07-07 17:46 416768] "DAEMON Tools Lite"="C:\Program Files\DAEMON Tools Lite\daemon.exe" [2008-04-01 11:39 486856] "LightScribe Control Panel"="C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe" [2007-06-20 12:49 451872] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-07-04 14:01 148776] "Rainlendar2"="C:\Program Files\Rainlendar 2\Rainlendar2.exe" [2007-12-30 12:23 1365504]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-07-04 14:20 161064] "avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-02-12 10:06 262401] "ClocX"="C:\Program Files\ClocX\ClocX.exe" [2007-07-26 17:43 270336] "EasyTuneVI"="C:\Program Files\GIGABYTE\ET6\ETcall.exe" [2007-07-26 15:05 20480] "ISUSPM"="C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" [2006-03-20 16:40 213936] "ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [2006-03-20 16:40 86960] "ISUSPM Startup"="C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe" [2006-03-20 16:40 213936] "CnxDslTaskBar"="C:\Program Files\Microcom\ADSL DeskPorte USB\CnxDslTb.exe" [2004-06-16 13:55 233472] "LogonStudio"="C:\Program Files\WinCustomize\LogonStudio\logonstudio.exe" [2002-09-03 18:38 987187] "UnlockerAssistant"="C:\Program Files\Unlocker\UnlockerAssistant.exe" [2008-05-02 06:15 15872] "Zone Labs Client"="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" [2006-03-16 11:34 755480] "StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-01-21 12:17 61440] "ATICustomerCare"="C:\Program Files\ATI\ATICustomerCare\ATICustomerCare.exe" [2007-10-04 18:38 307200] "RTHDCPL"="RTHDCPL.EXE" [2008-05-07 09:39 16862208 C:\WINDOWS\RTHDCPL.exe]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-04 14:00 15360]
C:\Documents and Settings\CommanderBomber\Start Menu\Programs\Startup\ RBTray.lnk - C:\Program Files\RBTray\RBTray.exe [2007-04-18 14:41:52 57344]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "EditLevel"= 0 (0x0) "NoCommonGroups"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WBSrv] 2008-07-19 10:48 210168 C:\Program Files\Stardock\Object Desktop\WindowBlinds\WbSrv.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=wbsys.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "vidc.I420"= i420vfw.dll "vidc.yv12"= yv12vfw.dll HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Vidalia
[HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusOverride"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall] "DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "D:\\Hry\\The Settlers - Rise of an Empire\\base\\bin\\Settlers6.exe"= "C:\\Program Files\\uTorrent\\uTorrent.exe"= "D:\\Hry\\S.T.A.L.K.E.R. - Shadow of Chernobyl\\bin\\XR_3DA.exe"= "D:\\Hry\\S.T.A.L.K.E.R. - Shadow of Chernobyl\\bin\\dedicated\\XR_3DA.exe"= "D:\\Hry\\Race Driver GRID\\GRID.exe"= "C:\\Program Files\\Skype\\Phone\\Skype.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings] "AllowInboundEchoRequest"= 1 (0x1)
R2 AntiVirScheduler;Avira AntiVir Personal – Free Antivirus Scheduler;C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe [2008-03-07 12:00] R2 GEST Service;GEST Service for program management.;C:\Program Files\GIGABYTE\EnergySaver\GSvr.exe [2008-05-13 18:07] R3 AtiHdmiService;ATI Function Driver for HDMI Service;C:\WINDOWS\system32\drivers\AtiHdmi.sys [2008-05-21 01:53] R3 CnxEtP;Conexant AccessRunner USB ADSL Adapter Filter Driver;C:\WINDOWS\system32\DRIVERS\CnxEtP.sys [2004-06-16 13:51] R3 CnxEtU;Conexant AccessRunner USB ADSL Interface Device Driver;C:\WINDOWS\system32\DRIVERS\CnxEtU.sys [2004-06-16 13:51] R3 CnxTgNP;Conexant AccessRunner ADSL WAN PPPoE Adapter Driver;C:\WINDOWS\system32\DRIVERS\CnxTgNP.sys [2004-06-16 13:51] R3 PSched;QoS Packet Scheduler;C:\WINDOWS\system32\DRIVERS\psched.sys [2004-08-04 14:00]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs UxTuneUp
*Newly Created Service* - CATCHME *Newly Created Service* - PROCEXP90
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}] "C:\Program Files\Common Files\LightScribe\LSRunOnce.exe" . Contents of the 'Scheduled Tasks' folder
2008-07-19 C:\WINDOWS\Tasks\1-Click Maintenance.job - C:\Program Files\TuneUp Utilities 2007\SystemOptimizer.exe [2007-08-02 18:35] . . ------- Supplementary Scan ------- . FireFox -: Profile - C:\Documents and Settings\CommanderBomber\Application Data\Mozilla\Firefox\Profiles\60pl55s0.default\ FireFox -: prefs.js - SEARCH.DEFAULTURL - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q= FireFox -: prefs.js - STARTUP.HOMEPAGE - www.google.sk FF -: plugin - C:\Program Files\Adobe\Acrobat 6.0\Reader\browser\nppdf32.dll
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-08-02 10:27:44 Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully hidden files: 0
************************************************************************** . Completion time: 2008-08-02 10:28:12 ComboFix-quarantined-files.txt 2008-08-02 08:28:11
Pre-Run: 43,832,115,200 bytes free Post-Run: 8 adresárov, 45,508,665,344 voľných bajtov
294 --- E O F --- 2008-07-21 08:00:06 tinozv píše: Skúšal si najnovšie ovládače od ATI
Robilo to aj s najnovsimi ovladacmi.
Prisiel som na to, ze ked mi vyhodi tu ciernu obrazovku a zacnem hybat a klikat mysou a stlacat klavesy na klavesnici, tak po chvili zobrazi niekolko mozaikovitych pasov.
|
|
Registrovaný: 05.01.08 Prihlásený: 22.04.10 Príspevky: 310 Témy: 33 |
Doteraz co som zapinal pc, spustil sa vzdy normalne. Takze problem ocividne vyrieseny. Dik vsetkym za rady.
|
|
Registrovaný: 27.03.08 Príspevky: 363 Témy: 57 Bydlisko: Zvolen | Napísal tinozv: 03.08.2008 17:00 | |
|
Neni zač keď že Combofix našiel a odstránil.Položky v zložke Other Deletions.
Prečisti PC CCleanerom.
_________________ NOTEBOOK:Toshiba Portege Z930/14C |
|
| Stránka: 1 z 1
| [ Príspevkov: 10 ] | |
| Nemôžete zakladať nové témy v tomto fóre Nemôžete odpovedať na témy v tomto fóre Nemôžete upravovať svoje príspevky v tomto fóre Nemôžete mazať svoje príspevky v tomto fóre
|
|