02.08.2008, 14:11
Więc podaję tutaj screen oraz logi.
1. Po usunięciu tym programem , zmienia on nazwę (tylko tą co na czerwono zaznaczone.
2. Logi HiJackThis :
3. logi SilentRunners :
4.WinDBG wykrył, że coś nie tak z :
ati2dvag+2076d
5.Objawy :
Otóż za każdym razem gdy mam uruchomiony komputer, i włączę sobie przeglądarkę (FIREFOX 3) to co pewien czas z bliżej nieznanych powodów , podczas przeglądania obojętnie jakiej strony internetowej w pewnym momencie zawiesza się i strona i cały system (i tutaj jedynie restart i odpalam kompa na nowo). Mam tak z kilkanaście razy w ciągu dnia, a czasem to zawiesi się raz na kilka dni - tutaj nie ma reguły, w którym momencie się zawiesi i kiedy.
========
Proszę uprzejmie o pomoc w rozwiązaniu problemu.
1. Po usunięciu tym programem , zmienia on nazwę (tylko tą co na czerwono zaznaczone.
[Aby zobaczyć linki, zarejestruj się tutaj]
2. Logi HiJackThis :
Cytat: Logfile of HijackThis v1.99.1
Scan saved at 09:14:51, on 2008-08-02
Platform: Windows XP Dodatek SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
Crogram FilesAlwil SoftwareAvast4aswUpdSv.exe
C
C:WINDOWSExplorer.EXE
C:WINDOWSsystem32spoolsv.exe
C
C
C:WINDOWSSOUNDMAN.EXE
C
C:WINDOWSFixCamera.exe
C
C:WINDOWSsystem32Ati2evxx.exe
C:WINDOWSsystem32crypserv.exe
C
C:WINDOWSsystem32HPZipm12.exe
C:WINDOWSsystem32PSIService.exe
C:WINDOWSSystem32svchost.exe
C
C
C
C:WINDOWSsystem32wscntfy.exe
Cocuments and SettingsBasia & KołekPulpitPOBIERALNIAhijackthisHijackThis.exe
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page =[Aby zobaczyć linki, zarejestruj się tutaj]
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Łącza
O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - F
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C
O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - (no file)
O4 - HKLM..Run: [avast!]C
O4 - HKLM..Run: [SunJavaUpdateSched]"C
O4 - HKLM..Run: [SoundMan]SOUNDMAN.EXE
O4 - HKLM..Run: [NeroFilterCheck]C:WINDOWSsystem32NeroCheck.exe
O4 - HKLM..Run: [ATIPTA]C
O4 - HKLM..Run: [HP Software Update]C
O4 - HKLM..Run: [FixCamera]C:WINDOWSFixCamera.exe
O4 - HKLM..Run: [Corel File Shell Monitor]C
O4 - HKLM..Run: [KernelFaultCheck]%systemroot%system32dumprep 0 -k
O4 - HKCU..Run: [NBJ]"C
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C
O4 - Global Startup: HP Image Zone - szybkie uruchamianie.lnk = C
O8 - Extra context menu item: &Ściągnij przy pomocy FlashGet''a - F
O8 - Extra context menu item: &Ściągnij wszystko przy pomocy FlashGet''a - F
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C
O9 - Extra ''Tools'' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - F
O9 - Extra ''Tools'' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - F
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%Network Diagnosticxpnetdiag.exe (file missing)
O9 - Extra ''Tools'' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%Network Diagnosticxpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C
O9 - Extra ''Tools'' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C
O17 - HKLMSystemCCSServicesTcpip..{F50C124F-9084-480A-B10D-4BC7F65D02F8}: NameServer = 194.204.159.1,194.204.152.34
O20 - Winlogon Notify: dimsntfy - %SystemRoot%System32dimsntfy.dll (file missing)
O23 - Service: Adobe LM Service - Adobe Systems - C
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C
O23 - Service: Ati HotKey Poller - Unknown owner - C:WINDOWSsystem32Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:WINDOWSsystem32ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C
O23 - Service: avast! Mail Scanner - Unknown owner - C
O23 - Service: avast! Web Scanner - Unknown owner - C
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C
O23 - Service: Crypkey License - CrypKey (Canada) Ltd. - C:WINDOWSSYSTEM32crypserv.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C
O23 - Service: Pml Driver HPZ12 - HP - C:WINDOWSsystem32HPZipm12.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:WINDOWSsystem32PSIService.exe
3. logi SilentRunners :
Cytat: "Silent Runners.vbs", revision 58,[Aby zobaczyć linki, zarejestruj się tutaj]
Operating System: Windows XP
Output limited to non-default values, except where indicated by "{++}"
Startup items buried in registry:
---------------------------------
HKCUSoftwareMicrosoftWindowsCurrentVersionRun {++}
"NBJ" = ""C
HKLMSOFTWAREMicrosoftWindowsCurrentVersionRun {++}
"avast!" = "C
"SunJavaUpdateSched" = ""C
"SoundMan" = "SOUNDMAN.EXE" ["Realtek Semiconductor Corp."]
"NeroFilterCheck" = "C:WINDOWSsystem32NeroCheck.exe" ["Ahead Software Gmbh"]
"ATIPTA" = "C
"HP Software Update" = "C
"FixCamera" = "C:WINDOWSFixCamera.exe" [empty string]
"Corel File Shell Monitor" = "C
"KernelFaultCheck" = "C:WINDOWSsystem32dumprep 0 -k"
HKLMSOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects
{2F364306-AA45-47B5-9F9D-39A8B94E7EF7}(Default) = "flashget urlcatch"
-> {HKLM...CLSID} = "FGCatchUrl"
InProcServer32(Default) = "F
{53707962-6F74-2D53-2644-206D7942484F}(Default) = (no title provided)
-> {HKLM...CLSID} = (no title provided)
InProcServer32(Default) = "C
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}(Default) = (no title provided)
-> {HKLM...CLSID} = "SSVHelper Class"
InProcServer32(Default) = "C
HKLMSOFTWAREMicrosoftWindowsCurrentVersionShell ExtensionsApproved
"{42071714-76d4-11d1-8b24-00a0c9068ff3}" = "Rozszerzenie CPL kadrowania wyświetlania"
-> {HKLM...CLSID} = "Rozszerzenie CPL kadrowania wyświetlania"
InProcServer32(Default) = "deskpan.dll" [file not found]
"{88895560-9AA2-1069-930E-00AA0030EBC8}" = "Rozszerzenie ikony HyperTerminalu"
-> {HKLM...CLSID} = "HyperTerminal Icon Ext"
InProcServer32(Default) = "C:WINDOWSSystem32hticons.dll" ["Hilgraeve, Inc."]
"{472083B0-C522-11CF-8763-00608CC02F24}" = "avast"
-> {HKLM...CLSID} = "avast"
InProcServer32(Default) = "C
"{23170F69-40C1-278A-1000-000100020000}" = "7-Zip Shell Extension"
-> {HKLM...CLSID} = "7-Zip Shell Extension"
InProcServer32(Default) = "C
"{2C49B5D0-ACE7-4D17-9DF0-A254A6C5A0C5}" = "dBpoweramp Music Converter"
-> {HKLM...CLSID} = "dMCIShell Class"
InProcServer32(Default) = "C
"{B41DB860-8EE4-11D2-9906-E49FADC173CA}" = "WinRAR shell extension"
-> {HKLM...CLSID} = "WinRAR"
InProcServer32(Default) = "F
"{42042206-2D85-11D3-8CFF-005004838597}" = "Microsoft Office HTML Icon Handler"
-> {HKLM...CLSID} = (no title provided)
InProcServer32(Default) = "C
HKLMSOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotify
<<!>> dimsntfyDLLName = "C:WINDOWSSystem32dimsntfy.dll" [MS]
HKLMSOFTWAREClassesFoldershellexColumnHandlers
{FED7043D-346A-414D-ACD7-550D052499A7}(Default) = "dBpoweramp Column Handler"
-> {HKLM...CLSID} = "dBpShell Class"
InProcServer32(Default) = "C
HKLMSOFTWAREClasses*shellexContextMenuHandlers
7-ZIP(Default) = "{23170F69-40C1-278A-1000-000100020000}"
-> {HKLM...CLSID} = "7-Zip Shell Extension"
InProcServer32(Default) = "C
avast(Default) = "{472083B0-C522-11CF-8763-00608CC02F24}"
-> {HKLM...CLSID} = "avast"
InProcServer32(Default) = "C
WinRAR(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"
-> {HKLM...CLSID} = "WinRAR"
InProcServer32(Default) = "F
HKLMSOFTWAREClassesDirectoryshellexContextMenuHandlers
7-ZIP(Default) = "{23170F69-40C1-278A-1000-000100020000}"
-> {HKLM...CLSID} = "7-Zip Shell Extension"
InProcServer32(Default) = "C
WinRAR(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"
-> {HKLM...CLSID} = "WinRAR"
InProcServer32(Default) = "F
HKLMSOFTWAREClassesFoldershellexContextMenuHandlers
avast(Default) = "{472083B0-C522-11CF-8763-00608CC02F24}"
-> {HKLM...CLSID} = "avast"
InProcServer32(Default) = "C
WinRAR(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"
-> {HKLM...CLSID} = "WinRAR"
InProcServer32(Default) = "F
Group Policies {GPedit.msc branch and setting}:
-----------------------------------------------
Note: detected settings may not have any effect.
HKLMSOFTWAREMicrosoftWindowsCurrentVersionPoliciesSystem
"shutdownwithoutlogon" = (REG_DWORD) dword:0x00000001
{Computer Configuration|Windows Settings|Security Settings|Local Policies|Security Options|
Shutdown: Allow system to be shut down without having to log on}
"undockwithoutlogon" = (REG_DWORD) dword:0x00000001
{Computer Configuration|Windows Settings|Security Settings|Local Policies|Security Options|
Devices: Allow undock without having to log on}
Active Desktop and Wallpaper:
-----------------------------
Active Desktop may be disabled at this entry:
HKCUSoftwareMicrosoftWindowsCurrentVersionExplorerShellState
Displayed if Active Desktop enabled and wallpaper not set by Group Policy:
HKCUSoftwareMicrosoftInternet ExplorerDesktopGeneral
"Wallpaper" = "C:WINDOWSsystem32configsystemprofileUstawienia lokalneDane aplikacjiMicrosoftWallpaper1.bmp"
Displayed if Active Desktop disabled and wallpaper not set by Group Policy:
HKCUControl PanelDesktop
"Wallpaper" = "C
Windows Portable Device AutoPlay Handlers
-----------------------------------------
HKLMSOFTWAREMicrosoftWindowsCurrentVersionExplorerAutoplayHandlersHandlers
CanonCW50PicturesOnArrival
"Provider" = "Canon CameraWindow"
"InvokeProgID" = "Cw50.AutoplayHandler"
"InvokeVerb" = "open"
HKLMSOFTWAREClassesCw50.AutoplayHandlershellopencommand(Default) = "F
CanonZB4PicturesOnArrival
"Provider" = "ZoomBrowser EX"
"InvokeProgID" = "Zb.AutoplayHandler"
"InvokeVerb" = "open"
HKLMSOFTWAREClassesZb.AutoplayHandlershellopencommand(Default) = "F
Corel Paint Shop Pro Photo X2ShowPicturesOnArrivalHandler
"Provider" = "Corel Paint Shop Pro Photo X2"
"InvokeProgID" = "PaintShopProPhotoX2.Image"
"InvokeVerb" = "Przejrzyj"
HKLMSOFTWAREClassesPaintShopProPhotoX2.ImageshellPrzejrzyjcommand(Default) = ""C
dMCAudioCDInput
"Provider" = "dBpoweramp CD Ripper"
"InvokeProgID" = "dMC.AudioCD.Autorun"
"InvokeVerb" = "open"
HKLMSOFTWAREClassesdMC.AudioCD.Autorunshellopencommand(Default) = ""C
DVDFabDecrypterOnDVDArrival
"Provider" = "DVDFab Decrypter"
"InvokeProgID" = "DVDFabDecrypterOpen"
"InvokeVerb" = "Open"
HKLMSOFTWAREClassesDVDFabDecrypterOpenshellOpencommand(Default) = "C
HPUnloadAutoplay
"Provider" = "Przesyłanie HP i Szybki wydruk"
"InvokeProgID" = "HpqUnApl.Autoplay"
"InvokeVerb" = "Play"
HKLMSOFTWAREClassesHpqUnApl.AutoplayshellPlayDropTargetCLSID = "{E1A1C814-FD09-4c9d-BB4A-0394B836A1F0}"
-> {HKLM...CLSID} = (no title provided)
LocalServer32(Default) = "C
ImgBurnBluRayBurningOnArrival_BuildImage
"Provider" = "ImgBurn"
"InvokeProgID" = "ImgBurn.AutoPlay.1"
"InvokeVerb" = "HandleBluRayBurningOnArrival_BuildImage"
HKLMSOFTWAREClassesImgBurn.AutoPlay.1shellHandleBluRayBurningOnArrival_BuildImageCommand(Default) = ""C
ImgBurnBluRayBurningOnArrival_BurnImage
"Provider" = "ImgBurn"
"InvokeProgID" = "ImgBurn.AutoPlay.1"
"InvokeVerb" = "HandleBluRayBurningOnArrival_BurnImage"
HKLMSOFTWAREClassesImgBurn.AutoPlay.1shellHandleBluRayBurningOnArrival_BurnImageCommand(Default) = ""C
ImgBurnCDBurningOnArrival_BuildImage
"Provider" = "ImgBurn"
"InvokeProgID" = "ImgBurn.AutoPlay.1"
"InvokeVerb" = "HandleCDBurningOnArrival_BuildImage"
HKLMSOFTWAREClassesImgBurn.AutoPlay.1shellHandleCDBurningOnArrival_BuildImageCommand(Default) = ""C
ImgBurnCDBurningOnArrival_BurnImage
"Provider" = "ImgBurn"
"InvokeProgID" = "ImgBurn.AutoPlay.1"
"InvokeVerb" = "HandleCDBurningOnArrival_BurnImage"
HKLMSOFTWAREClassesImgBurn.AutoPlay.1shellHandleCDBurningOnArrival_BurnImageCommand(Default) = ""C
ImgBurnDVDBurningOnArrival_BuildImage
"Provider" = "ImgBurn"
"InvokeProgID" = "ImgBurn.AutoPlay.1"
"InvokeVerb" = "HandleDVDBurningOnArrival_BuildImage"
HKLMSOFTWAREClassesImgBurn.AutoPlay.1shellHandleDVDBurningOnArrival_BuildImageCommand(Default) = ""C
ImgBurnDVDBurningOnArrival_BurnImage
"Provider" = "ImgBurn"
"InvokeProgID" = "ImgBurn.AutoPlay.1"
"InvokeVerb" = "HandleDVDBurningOnArrival_BurnImage"
HKLMSOFTWAREClassesImgBurn.AutoPlay.1shellHandleDVDBurningOnArrival_BurnImageCommand(Default) = ""C
ImgBurnHDDVDBurningOnArrival_BuildImage
"Provider" = "ImgBurn"
"InvokeProgID" = "ImgBurn.AutoPlay.1"
"InvokeVerb" = "HandleHDDVDBurningOnArrival_BuildImage"
HKLMSOFTWAREClassesImgBurn.AutoPlay.1shellHandleHDDVDBurningOnArrival_BuildImageCommand(Default) = ""C
ImgBurnHDDVDBurningOnArrival_BurnImage
"Provider" = "ImgBurn"
"InvokeProgID" = "ImgBurn.AutoPlay.1"
"InvokeVerb" = "HandleHDDVDBurningOnArrival_BurnImage"
HKLMSOFTWAREClassesImgBurn.AutoPlay.1shellHandleHDDVDBurningOnArrival_BurnImageCommand(Default) = ""C
ImgBurnPlayBluRayOnArrival_ReadDisc
"Provider" = "ImgBurn"
"InvokeProgID" = "ImgBurn.AutoPlay.1"
"InvokeVerb" = "PlayBluRayOnArrival_ReadDisc"
HKLMSOFTWAREClassesImgBurn.AutoPlay.1shellPlayBluRayOnArrival_ReadDiscCommand(Default) = ""C
ImgBurnPlayCDAudioOnArrival_ReadDisc
"Provider" = "ImgBurn"
"InvokeProgID" = "ImgBurn.AutoPlay.1"
"InvokeVerb" = "PlayCDAudioOnArrival_ReadDisc"
HKLMSOFTWAREClassesImgBurn.AutoPlay.1shellPlayCDAudioOnArrival_ReadDiscCommand(Default) = ""C
ImgBurnPlayDVDMovieOnArrival_ReadDisc
"Provider" = "ImgBurn"
"InvokeProgID" = "ImgBurn.AutoPlay.1"
"InvokeVerb" = "PlayDVDMovieOnArrival_ReadDisc"
HKLMSOFTWAREClassesImgBurn.AutoPlay.1shellPlayDVDMovieOnArrival_ReadDiscCommand(Default) = ""C
ImgBurnPlayHDDVDOnArrival_ReadDisc
"Provider" = "ImgBurn"
"InvokeProgID" = "ImgBurn.AutoPlay.1"
"InvokeVerb" = "PlayHDDVDOnArrival_ReadDisc"
HKLMSOFTWAREClassesImgBurn.AutoPlay.1shellPlayHDDVDOnArrival_ReadDiscCommand(Default) = ""C
LightScribeOnArrivalAP
"Provider" = "LightScribe Direct Disc Labeling"
"InvokeProgID" = "LightScribe.AutoPlayHandler"
"InvokeVerb" = "LabelLightScribeDisc"
HKLMSOFTWAREClassesLightScribe.AutoPlayHandlershellLabelLightScribeDisccommand(Default) = "C
NeroAutoPlay2CDAudio
"Provider" = "Nero Express"
"InvokeProgID" = "Nero.AutoPlay2"
"InvokeVerb" = "HandleCDBurningOnArrival_CDAudio"
HKLMSOFTWAREClassesNero.AutoPlay2shellHandleCDBurningOnArrival_CDAudiocommand(Default) = "C
NeroAutoPlay2CopyCD
"Provider" = "Nero Express"
"InvokeProgID" = "Nero.AutoPlay2"
"InvokeVerb" = "PlayCDAudioOnArrival_CopyCD"
HKLMSOFTWAREClassesNero.AutoPlay2shellPlayCDAudioOnArrival_CopyCDcommand(Default) = "C
NeroAutoPlay2DataDisc
"Provider" = "Nero Express"
"InvokeProgID" = "Nero.AutoPlay2"
"InvokeVerb" = "HandleCDBurningOnArrival_DataDisc"
HKLMSOFTWAREClassesNero.AutoPlay2shellHandleCDBurningOnArrival_DataDisccommand(Default) = "C
NeroAutoPlay2LaunchNeroStartSmart
"Provider" = "Nero StartSmart"
"InvokeProgID" = "Nero.AutoPlay2"
"InvokeVerb" = "HandleCDBurningOnArrival_LaunchNeroStartSmart"
HKLMSOFTWAREClassesNero.AutoPlay2shellHandleCDBurningOnArrival_LaunchNeroStartSmartcommand(Default) = "C
Startup items in "Basia & Kołek" & "All Users" startup folders:
---------------------------------------------------------------
C
"HP Digital Imaging Monitor" -> shortcut to: "C
"HP Image Zone - szybkie uruchamianie" -> shortcut to: "C
Enabled Scheduled Tasks:
------------------------
"HPpromotions journeysoftware" -> launches: "C
Winsock2 Service Provider DLLs:
-------------------------------
Namespace Service Providers
HKLMSYSTEMCurrentControlSetServicesWinsock2ParametersNameSpace_Catalog5Catalog_Entries {++}
000000000001LibraryPath = "%SystemRoot%System32mswsock.dll" [MS]
000000000002LibraryPath = "%SystemRoot%System32winrnr.dll" [MS]
000000000003LibraryPath = "%SystemRoot%System32mswsock.dll" [MS]
Transport Service Providers
HKLMSYSTEMCurrentControlSetServicesWinsock2ParametersProtocol_Catalog9Catalog_Entries {++}
0000000000##PackedCatalogItem (contains) DLL [Company Name] , (at) ## range:
%SystemRoot%system32mswsock.dll [MS] , 01 - 03, 06 - 13
%SystemRoot%system32rsvpsp.dll [MS] , 04 - 05
Toolbars, Explorer Bars, Extensions:
------------------------------------
Extensions (Tools menu items, main toolbar menu buttons)
HKLMSOFTWAREMicrosoftInternet ExplorerExtensions
{08B0E5C0-4FCB-11CF-AAA5-00401C608501}
"MenuText" = "Sun Java Console"
"CLSIDExtension" = "{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBC}"
-> {HKCU...CLSID} = "Java Plug-in 1.6.0_05"
InProcServer32(Default) = "C
-> {HKLM...CLSID} = "Java Plug-in 1.6.0_05"
InProcServer32(Default) = "C
{D6E814A0-E0C5-11D4-8D29-0050BA6940E3}
"ButtonText" = "FlashGet"
"MenuText" = "FlashGet"
"Exec" = "F
{E2E2DD38-D088-4134-82B7-F2BA38496583}
"MenuText" = "@xpsp3res.dll,-20001"
"Exec" = "%windir%Network Diagnosticxpnetdiag.exe" [MS]
{FB5F1910-F110-11D2-BB9E-00C04F795683}
"ButtonText" = "Messenger"
"MenuText" = "Windows Messenger"
"Exec" = "C
Running Services (Display Name, Service Name, Path {Service DLL}):
------------------------------------------------------------------
Ati HotKey Poller, Ati HotKey Poller, "C:WINDOWSsystem32Ati2evxx.exe" ["ATI Technologies Inc."]
avast! Antivirus, avast! Antivirus, ""C
avast! iAVS4 Control Service, aswUpdSv, ""C
avast! Mail Scanner, avast! Mail Scanner, ""C
avast! Web Scanner, avast! Web Scanner, ""C
Canon Camera Access Library 8, CCALib8, "C
Crypkey License, Crypkey License, "crypserv.exe" ["CrypKey (Canada) Ltd."]
LightScribeService Direct Disc Labeling Service, LightScribeService, ""C
Pml Driver HPZ12, Pml Driver HPZ12, "C:WINDOWSsystem32HPZipm12.exe" ["HP"]
ProtexisLicensing, ProtexisLicensing, "C:WINDOWSsystem32PSIService.exe" [null data]
Windows User Mode Driver Framework, UMWdf, "C:WINDOWSsystem32wdfmgr.exe" [MS]
Print Monitors:
---------------
HKLMSYSTEMCurrentControlSetControlPrintMonitors
PCL Language MonitorDriver = "hpz3l3xu.dll" ["Hewlett-Packard Company"]
---------- (launch time: 2008-08-02 09:18:31)
<<!>>: Suspicious data at a malware launch point.
+ This report excludes default entries except where indicated.
+ To see *everywhere* the script checks and *everything* it finds,
launch it from a command prompt or a shortcut with the -all parameter.
+ The search for DESKTOP.INI DLL launch points on all local fixed drives
took 15 seconds.
---------- (total run time: 49 seconds)
4.WinDBG wykrył, że coś nie tak z :
ati2dvag+2076d
5.Objawy :
Otóż za każdym razem gdy mam uruchomiony komputer, i włączę sobie przeglądarkę (FIREFOX 3) to co pewien czas z bliżej nieznanych powodów , podczas przeglądania obojętnie jakiej strony internetowej w pewnym momencie zawiesza się i strona i cały system (i tutaj jedynie restart i odpalam kompa na nowo). Mam tak z kilkanaście razy w ciągu dnia, a czasem to zawiesi się raz na kilka dni - tutaj nie ma reguły, w którym momencie się zawiesi i kiedy.
========
Proszę uprzejmie o pomoc w rozwiązaniu problemu.