Wróć   polish:Elite:board > hard- i software > windows > Windows XP
Windows XP problemy, dyskusja, pomoc >>Poradnik Komputerowy<<

Odpowiedz
 
LinkBack Narzędzia wątku Przeszukaj ten temat Wygląd

  #1 (permalink)  
Stare 18.05.2013, 00:32
Junior Member
 
Zarejestrowany: May 2013
Postów: 1
Postów w giełdzie: 0
Domyślnie Problem z częstym zawieszaniem komputer i nieznanym errorem

Ostatnio zaczęło mi mulić kompa, pojawiły się różne problemy, przy włączaniu prawym przyciskiem w folderze przeważnie obrazu pojawia mi się takie coś, :

Kod:
http://zapodaj.net/4567f44755334.bmp.html
Nie wiem czy to wirus czy co.. Mogłem złapać jakiś syf. Daje logi z ComboFix i hijack this, mogłe

Kod:
ComboFix 13-05-16.02 - serek 2013-05-17  23:43:19.1.2 - x86
Microsoft Windows XP Professional  5.1.2600.3.1250.48.1045.18.3070.2424 [GMT 2:00]
Uruchomiony z: l:\uuuuu\ComboFix.exe
AV: Bitdefender Antywirus *Disabled/Updated* {6C4BB89C-B0ED-4F41-A29C-4373888923BB}
FW: Bitdefender Zapora Sieciowa *Disabled* {4055920F-2E99-48A8-A270-4243D2B8F242}
.
 ADS - WINDOWS: deleted 24 bytes in 1 streams. 
.
(((((((((((((((((((((((((((((((((((((((   Usunięto   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
h:\documents and settings\All Users\Dane aplikacji\1345758518.82548.bin
h:\documents and settings\All Users\Dane aplikacji\1345758518.83252.bin
h:\documents and settings\All Users\Dane aplikacji\1345758518.88568.bin
h:\documents and settings\All Users\Dane aplikacji\1345758518.91012.bin
h:\documents and settings\All Users\Dane aplikacji\1345758518.94008.bin
h:\documents and settings\All Users\Dane aplikacji\1345758518.95736.bin
h:\documents and settings\All Users\Dane aplikacji\1345758518.96128.bin
h:\documents and settings\All Users\Dane aplikacji\1345758518.96764.bin
h:\documents and settings\All Users\Dane aplikacji\1345758518.97332.bin
h:\documents and settings\All Users\Dane aplikacji\1345758518.97848.bin
h:\documents and settings\All Users\Dane aplikacji\1345760075.1704.bin
h:\documents and settings\All Users\Dane aplikacji\1345760075.188.bin
h:\documents and settings\All Users\Dane aplikacji\1345760075.1992.bin
h:\documents and settings\All Users\Dane aplikacji\1345760075.204.bin
h:\documents and settings\All Users\Dane aplikacji\1345760075.2248.bin
h:\documents and settings\All Users\Dane aplikacji\1345760075.2648.bin
h:\documents and settings\All Users\Dane aplikacji\1345760075.3960.bin
h:\documents and settings\All Users\Dane aplikacji\1345760075.664.bin
h:\documents and settings\All Users\Dane aplikacji\1345760075.692.bin
h:\documents and settings\All Users\Dane aplikacji\1345760075.720.bin
h:\documents and settings\All Users\Dane aplikacji\1345760075.840.bin
h:\documents and settings\All Users\Dane aplikacji\1360943039.bdinstall.bin
h:\documents and settings\All Users\Dane aplikacji\1360961887.bdinstall.bin
h:\documents and settings\All Users\Dane aplikacji\1368799737.bdinstall.bin
h:\documents and settings\All Users\Dane aplikacji\TEMP
h:\program files\Internet Explorer\dmlconf.dat
h:\windows\IsUn0415.exe
h:\windows\pkunzip.pif
h:\windows\pkzip.pif
h:\windows\system32\Config.cfg
h:\windows\system32\dllcache\wmpvis.dll
h:\windows\system32\frapsvid.dll
h:\windows\system32\roboot.exe
h:\windows\system32\tmp2F4.tmp
h:\windows\system32\tmp2F5.tmp
h:\windows\system32\tmp6DA.tmp
h:\windows\system32\tmp77A.tmp
h:\windows\system32\tmp77B.tmp
h:\windows\system32\URTTemp
h:\windows\system32\URTTemp\fusion.dll
h:\windows\system32\URTTemp\mscoree.dll
h:\windows\system32\URTTemp\mscoree.dll.local
h:\windows\system32\URTTemp\mscorsn.dll
h:\windows\system32\URTTemp\mscorwks.dll
h:\windows\system32\URTTemp\msvcr71.dll
h:\windows\tmp
h:\windows\tmp\0.bmp
h:\windows\tmp\1.bmp
h:\windows\tmp\2.bmp
h:\windows\tmp\3.bmp
h:\windows\tmp\4.bmp
h:\windows\tmp\5.bmp
h:\windows\tmp\6.bmp
h:\windows\tmp\7.bmp
h:\windows\tmp\childform.fsk
h:\windows\tmp\cpbackground.gif
h:\windows\tmp\displaylogo.gif
h:\windows\tmp\displaymain.fsk
h:\windows\tmp\playmain.fsk
h:\windows\tmp\popform.fsk
h:\windows\tmp\preview.gif
h:\windows\tmp\skininf.ini
h:\windows\UA000088.DLL
J:\Setup.exe
.
.
(((((((((((((((((((((((((((((((((((((((   Sterowniki/Usługi   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_AMSINT32
-------\Service_amsint32
.
.
(((((((((((((((((((((((((   Pliki utworzone od 2013-04-17 do 2013-05-17  )))))))))))))))))))))))))))))))
.
.
2013-05-17 21:28 . 2013-05-17 21:28	--------	d-----w-	h:\documents and settings\All Users\Dane aplikacji\PMB Files
2013-05-17 21:28 . 2013-05-17 21:28	--------	d-----w-	h:\documents and settings\serek\.swt
2013-05-17 21:04 . 2013-05-17 21:51	--------	d-----w-	h:\documents and settings\serek\Ustawienia lokalne\Dane aplikacji\PMB Files
2013-05-17 21:04 . 2013-05-17 21:04	--------	d-----w-	h:\program files\Pando Networks
2013-05-17 20:50 . 2013-05-17 20:50	--------	d-----w-	h:\documents and settings\serek\Dane aplikacji\Malwarebytes
2013-05-17 20:50 . 2013-05-17 20:50	--------	d-----w-	h:\documents and settings\All Users\Dane aplikacji\Malwarebytes
2013-05-17 20:49 . 2013-05-17 20:50	--------	d-----w-	h:\program files\Malwarebytes' Anti-Malware
2013-05-17 20:49 . 2013-04-04 12:50	22856	----a-w-	h:\windows\system32\drivers\mbam.sys
2013-05-17 20:36 . 2013-05-17 20:36	--------	d-----w-	h:\documents and settings\serek\Ustawienia lokalne\Dane aplikacji\Google
2013-05-17 20:27 . 2013-05-17 20:27	--------	d-----w-	h:\windows\system32\searchplugins
2013-05-17 20:27 . 2013-05-17 20:27	--------	d-----w-	h:\windows\system32\Extensions
2013-05-17 14:15 . 2013-05-17 14:15	--------	d-----w-	h:\documents and settings\UpdatusUser\Dane aplikacji\QuickScan
2013-05-17 14:14 . 2012-11-12 16:11	66392	----a-w-	h:\windows\system32\drivers\bdsandbox.sys
2013-05-17 14:14 . 2012-11-02 12:17	242504	----a-w-	h:\windows\system32\drivers\avchv.sys
2013-05-17 14:14 . 2013-01-11 19:29	482928	----a-w-	h:\windows\system32\drivers\avckf.sys
2013-05-17 14:14 . 2013-01-11 19:29	625128	----a-w-	h:\windows\system32\drivers\avc3.sys
2013-05-17 14:11 . 2013-05-17 14:11	--------	d-----w-	h:\documents and settings\serek\Dane aplikacji\Bitdefender
2013-05-17 14:11 . 2013-05-17 20:26	--------	d-----w-	h:\documents and settings\All Users\Dane aplikacji\Bitdefender
2013-05-17 14:09 . 2013-05-17 14:09	--------	d-----w-	h:\documents and settings\serek\Dane aplikacji\QuickScan
2013-05-17 14:09 . 2012-10-04 12:30	162976	----a-w-	h:\windows\system32\drivers\gzflt.sys
2013-05-17 14:09 . 2013-05-17 14:09	--------	d-----w-	h:\program files\Bitdefender
2013-05-17 14:09 . 2012-10-31 11:13	343456	----a-w-	h:\windows\system32\drivers\trufos.sys
2013-05-17 13:06 . 2013-05-17 13:06	--------	d-----w-	h:\program files\Common Files\Java
2013-05-17 13:06 . 2013-05-17 13:06	94112	----a-w-	h:\windows\system32\WindowsAccessBridge.dll
2013-05-16 21:46 . 2013-05-16 21:47	--------	d-----w-	h:\documents and settings\serek\Dane aplikacji\ESTSoft
2013-05-16 16:34 . 2013-05-16 16:34	--------	d-----w-	h:\documents and settings\All Users\Dane aplikacji\RoboForm
2013-05-16 16:33 . 2013-05-09 08:59	368944	------w-	h:\windows\system32\drivers\aswSP.sys
2013-05-16 16:33 . 2013-05-09 08:59	29816	------w-	h:\windows\system32\drivers\aswFsBlk.sys
2013-05-16 16:33 . 2013-05-09 08:59	49760	----a-w-	h:\windows\system32\drivers\aswRdr.sys
2013-05-16 16:33 . 2013-05-09 08:59	56080	----a-w-	h:\windows\system32\drivers\aswTdi.sys
2013-05-16 16:33 . 2013-05-09 08:59	66336	----a-w-	h:\windows\system32\drivers\aswMonFlt.sys
2013-05-16 16:32 . 2013-05-09 08:58	41664	------w-	h:\windows\avastSS.scr
2013-05-16 15:02 . 2013-05-16 16:46	--------	d-----w-	h:\documents and settings\serek\Dane aplikacji\The Creative Assembly
2013-05-16 14:20 . 2013-05-17 20:30	--------	d-----w-	h:\documents and settings\serek\Dane aplikacji\DAEMON Tools Lite
2013-05-12 09:46 . 2013-05-17 21:50	--------	d-----w-	h:\documents and settings\serek\Dane aplikacji\Skype
2013-05-12 09:45 . 2013-05-12 09:45	--------	d-----w-	h:\documents and settings\serek\Dane aplikacji\LolClient
2013-05-12 00:41 . 2013-05-12 00:41	--------	d-----w-	h:\documents and settings\serek\Dane aplikacji\DivX
2013-05-12 00:41 . 2013-05-17 21:04	--------	d-----w-	h:\documents and settings\serek\Dane aplikacji\NVIDIA
2013-05-12 00:39 . 2013-05-12 00:39	--------	d-----w-	h:\documents and settings\All Users\Dane aplikacji\ABBYY
2013-05-08 12:33 . 2001-09-05 03:18	225280	----a-w-	h:\program files\Common Files\InstallShield\IScript\iscript.dll
2013-05-08 12:33 . 2001-09-05 03:18	77824	----a-w-	h:\program files\Common Files\InstallShield\Engine\6\Intel 32\ctor.dll
2013-05-08 12:33 . 2001-09-05 03:14	176128	----a-w-	h:\program files\Common Files\InstallShield\Engine\6\Intel 32\iuser.dll
2013-05-02 23:25 . 2013-05-02 23:25	--------	d-----w-	h:\documents and settings\serek\Ustawienia lokalne\Dane aplikacji\EA Games
2013-05-02 16:50 . 2013-05-02 16:50	--------	d-----w-	h:\documents and settings\serek\Dane aplikacji\OpenCandy
2013-04-26 22:13 . 2013-04-26 22:16	--------	d-----w-	h:\program files\TeamSpeak 3 Client
2013-04-25 20:31 . 2013-04-25 20:31	69632	----a-r-	h:\documents and settings\serek\Dane aplikacji\Microsoft\Installer\{84178AE8-C22D-48CB-A6BA-D116FD3FE469}\ARPPRODUCTICON.exe
2013-04-25 20:31 . 2013-04-25 20:31	49152	----a-r-	h:\documents and settings\serek\Dane aplikacji\Microsoft\Installer\{84178AE8-C22D-48CB-A6BA-D116FD3FE469}\UNINST_Uninstall_Q_336D8C9DB2424DE5BC518E574B25652F.exe
2013-04-24 19:14 . 2013-05-01 23:34	21576	----a-w-	h:\windows\system32\drivers\aswKbd.sys
.
.
.
((((((((((((((((((((((((((((((((((((((((   Sekcja Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-05-17 13:06 . 2012-10-07 15:20	866720	----a-w-	h:\windows\system32\npDeployJava1.dll
2013-05-17 13:06 . 2012-04-09 21:28	144896	----a-w-	h:\windows\system32\javacpl.cpl
2013-05-17 13:06 . 2010-07-21 17:00	788896	----a-w-	h:\windows\system32\deployJava1.dll
2013-05-15 01:08 . 2012-08-25 10:03	71048	----a-w-	h:\windows\system32\FlashPlayerCPLApp.cpl
2013-05-15 01:08 . 2012-08-25 10:03	692104	----a-w-	h:\windows\system32\FlashPlayerApp.exe
2013-05-09 08:58 . 2013-03-25 19:07	229648	------w-	h:\windows\system32\aswBoot.exe
2013-04-07 20:00 . 2013-04-07 20:00	519680	----a-w-	h:\windows\system32\d3d11.dll
2013-04-07 15:11 . 2009-01-11 08:34	466008	----a-w-	h:\windows\system32\drivers\sptd.sys
2013-03-30 13:39 . 2010-11-07 19:21	108144	----a-w-	h:\windows\system32\CmdLineExt.dll
2013-03-15 05:47 . 2013-04-06 20:57	65536	----a-w-	h:\windows\system32\OpenCL.dll
2013-03-15 05:47 . 2013-04-06 20:57	892704	----a-w-	h:\windows\system32\nvdispgenco3231422.dll
2013-03-15 05:47 . 2013-04-06 20:57	6074368	----a-w-	h:\windows\system32\nvopencl.dll
2013-03-15 05:47 . 2013-04-06 20:57	2733344	----a-w-	h:\windows\system32\nvcuvid.dll
2013-03-15 05:47 . 2013-04-06 20:57	1995552	----a-w-	h:\windows\system32\nvcuvenc.dll
2013-03-15 05:47 . 2013-04-06 20:57	1012512	----a-w-	h:\windows\system32\nvdispco3231422.dll
2013-03-15 05:47 . 2013-04-06 20:57	17551360	----a-w-	h:\windows\system32\nvcompiler.dll
2013-03-15 05:47 . 2009-01-11 00:05	7745536	----a-w-	h:\windows\system32\nvcuda.dll
2013-03-15 05:47 . 2009-01-11 00:05	19689472	----a-w-	h:\windows\system32\nvoglnt.dll
2013-03-15 05:47 . 2009-01-11 00:05	2490368	----a-w-	h:\windows\system32\nvapi.dll
2013-03-15 05:47 . 2009-01-10 23:31	10713024	----a-w-	h:\windows\system32\drivers\nv4_mini.sys
2013-03-15 05:47 . 2009-01-10 23:31	4079104	----a-w-	h:\windows\system32\nv4_disp.dll
2013-03-15 02:59 . 2009-01-11 00:05	229376	-c--a-w-	h:\windows\system32\nvrszhc.dll
2013-03-15 02:59 . 2009-01-11 00:05	126976	-c--a-w-	h:\windows\system32\nvrszht.dll
2013-03-15 02:59 . 2009-01-11 00:05	258048	-c--a-w-	h:\windows\system32\nvrstr.dll
2013-03-15 02:59 . 2009-01-11 00:05	253952	-c--a-w-	h:\windows\system32\nvrsth.dll
2013-03-15 02:59 . 2009-01-11 00:05	274432	-c--a-w-	h:\windows\system32\nvrspt.dll
2013-03-15 02:59 . 2009-01-11 00:05	270336	-c--a-w-	h:\windows\system32\nvrsru.dll
2013-03-15 02:59 . 2009-01-11 00:05	270336	----a-w-	h:\windows\system32\nvrsptb.dll
2013-03-15 02:59 . 2009-01-11 00:05	258048	-c--a-w-	h:\windows\system32\nvrssl.dll
2013-03-15 02:59 . 2009-01-11 00:05	258048	-c--a-w-	h:\windows\system32\nvrssk.dll
2013-03-15 02:59 . 2009-01-11 00:05	253952	-c--a-w-	h:\windows\system32\nvrssv.dll
2013-03-15 02:59 . 2009-01-11 00:05	335872	-c--a-w-	h:\windows\system32\nvrshe.dll
2013-03-15 02:59 . 2009-01-11 00:05	282624	-c--a-w-	h:\windows\system32\nvrsit.dll
2013-03-15 02:59 . 2009-01-11 00:05	274432	-c--a-w-	h:\windows\system32\nvrsnl.dll
2013-03-15 02:59 . 2009-01-11 00:05	274432	-c--a-w-	h:\windows\system32\nvrsja.dll
2013-03-15 02:59 . 2009-01-11 00:05	266240	-c--a-w-	h:\windows\system32\nvrsko.dll
2013-03-15 02:59 . 2009-01-11 00:05	262144	-c--a-w-	h:\windows\system32\nvrshu.dll
2013-03-15 02:59 . 2009-01-11 00:05	258048	----a-w-	h:\windows\system32\nvrspl.dll
2013-03-15 02:59 . 2009-01-11 00:05	253952	-c--a-w-	h:\windows\system32\nvrsno.dll
2013-03-15 02:59 . 2009-01-11 00:05	286720	-c--a-w-	h:\windows\system32\nvrsfr.dll
2013-03-15 02:59 . 2009-01-11 00:05	282624	-c--a-w-	h:\windows\system32\nvrses.dll
2013-03-15 02:59 . 2009-01-11 00:05	282624	-c--a-w-	h:\windows\system32\nvrsel.dll
2013-03-15 02:59 . 2009-01-11 00:05	278528	-c--a-w-	h:\windows\system32\nvrsde.dll
2013-03-15 02:59 . 2009-01-11 00:05	274432	-c--a-w-	h:\windows\system32\nvrsesm.dll
2013-03-15 02:59 . 2009-01-11 00:05	253952	-c--a-w-	h:\windows\system32\nvrsda.dll
2013-03-15 02:59 . 2009-01-11 00:05	249856	-c--a-w-	h:\windows\system32\nvrsfi.dll
2013-03-15 02:59 . 2009-01-11 00:05	249856	-c--a-w-	h:\windows\system32\nvrseng.dll
2013-03-15 02:59 . 2009-01-11 00:05	335872	-c--a-w-	h:\windows\system32\nvrsar.dll
2013-03-15 02:59 . 2009-01-11 00:05	249856	-c--a-w-	h:\windows\system32\nvrscs.dll
2013-03-15 02:57 . 2009-01-11 00:05	54272	----a-w-	h:\windows\system32\nvwddi.dll
2013-03-15 02:57 . 2009-01-11 00:05	156960	----a-w-	h:\windows\system32\nvsvc32.exe
2013-03-15 02:57 . 2009-01-11 00:05	223008	----a-w-	h:\windows\system32\nvmctray.dll
2013-03-15 02:57 . 2009-01-11 00:05	15668512	----a-w-	h:\windows\system32\nvcpl.dll
2013-03-15 02:57 . 2009-01-11 00:05	144160	-c--a-w-	h:\windows\system32\nvcolor.exe
2013-01-05 03:44 . 2013-05-17 20:42	262704	----a-w-	h:\program files\mozilla firefox\components\browsercomps.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . h:\windows\SoftwareDistribution\Download\4d5f85a767fd0ef4a4c9d6e5c8079aaf\sp3qfe\tcpip.sys
[-] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . h:\windows\SoftwareDistribution\Download\4d5f85a767fd0ef4a4c9d6e5c8079aaf\sp3gdr\tcpip.sys
[7] 2008-04-13 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . h:\windows\ServicePackFiles\i386\tcpip.sys
[-] 2008-04-13 . 99BD46C2C790E52363DD1021DDCA3E8F . 361344 . . [5.1.2600.5512] . . h:\windows\system32\drivers\tcpip.sys
[7] 2004-08-03 . 9F4B36614A0FC234525BA224957DE55C . 359040 . . [5.1.2600.2180] . . h:\windows\$NtServicePackUninstall$\tcpip.sys
.
(((((((((((((((((((((((((((((((((((((   Wpisy startowe rejestru   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane  
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
2010-10-18 11:26	3908192	----a-w-	h:\program files\ConduitEngine\ConduitEngine.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "h:\program files\ConduitEngine\ConduitEngine.dll" [2010-10-18 3908192]
.
[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "h:\program files\ConduitEngine\ConduitEngine.dll" [2010-10-18 3908192]
.
[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ALLUpdate"="h:\program files\ALLPlayer\ALLUpdate.exe" [2011-08-16 1379840]
"DAEMON Tools Lite"="h:\program files\DAEMON Tools Lite\DTLite.exe" [2012-08-28 3671904]
"Skype"="h:\program files\Skype\Phone\Skype.exe" [2013-02-28 18642024]
"Pando Media Booster"="h:\program files\Pando Networks\Media Booster\PMB.exe" [2013-05-17 4284976]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PAC7302_Monitor"="h:\windows\PixArt\PAC7302\Monitor.exe" [2006-11-03 319488]
"EEventManager"="h:\program files\Epson Software\Event Manager\EEventManager.exe" [2009-12-03 976320]
"DivXUpdate"="h:\program files\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]
"Adobe ARM"="h:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"BCSSync"="h:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"NvMediaCenter"="NvMCTray.dll" [2013-03-15 223008]
"NvCplDaemon"="h:\windows\system32\NvCpl.dll" [2013-03-15 15668512]
"nwiz"="h:\program files\NVIDIA Corporation\nview\nwiz.exe" [2013-03-15 1982312]
"SunJavaUpdateSched"="h:\program files\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
"Bdagent"="h:\program files\Bitdefender\Bitdefender 2013\bdagent.exe" [2013-03-26 1617440]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="h:\windows\System32\CTFMON.EXE" [2008-04-14 15360]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute	REG_MULTI_SZ   	autocheck autochk /p \??\q:\0autocheck autochk *\0aswBoot.exe /M:15a187d8526a
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\startupfolder\H:^Documents and Settings^serek^Menu Start^Programy^Autostart^RazossUpdater.lnk]
path=h:\documents and settings\serek\Menu Start\Programy\Autostart\RazossUpdater.lnk
backup=h:\windows\pss\RazossUpdater.lnkStartup
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KGShareApp
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RGSC
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2013-02-28 16:50	18642024	----a-r-	h:\program files\Skype\Phone\Skype.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony PC Companion]
2013-02-04 14:39	447152	----a-w-	h:\program files\Sony\Sony PC Companion\PCCompanion.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"AntiVirusOverride"=dword:00000001
"AntiVirusDisableNotify"=dword:00000001
"FirewallDisableNotify"=dword:00000001
"FirewallOverride"=dword:00000001
"UpdatesDisableNotify"=dword:00000001
"UacDisableNotify"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"DisableNotifications"= 1 (0x1)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"h:\\WINDOWS\\system32\\PnkBstrA.exe"=
"h:\\WINDOWS\\system32\\PnkBstrB.exe"=
"h:\\WINDOWS\\system32\\dpvsetup.exe"=
"h:\\Program Files\\Java\\jre6\\bin\\java.exe"=
"h:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"h:\\Program Files\\Epson Software\\Event Manager\\EEventManager.exe"=
"h:\\WINDOWS\\system32\\msiexec.exe"=
"h:\\WINDOWS\\PixArt\\PAC7302\\Monitor.exe"=
"h:\\Program Files\\CCleaner\\ccleaner.exe"=
"h:\\Program Files\\DivX\\DivX Update\\DivXUpdate.exe"=
"h:\\Program Files\\Microsoft Office\\Office14\\GROOVE.EXE"=
"h:\\Program Files\\Microsoft Office\\Office14\\ONENOTE.EXE"=
"h:\\Program Files\\Microsoft Office\\Office14\\OUTLOOK.EXE"=
"h:\\Program Files\\NVIDIA Corporation\\NVIDIA Update Core\\daemonu.exe"=
"h:\\Program Files\\Skype\\Phone\\Skype.exe"=
"h:\\Program Files\\Pando Networks\\Media Booster\\PMB.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"8461:TCP"= 8461:TCP:GoD High Port
"8462:TCP"= 8462:TCP:GoD Low Port
"5353:UDP"= 5353:UDP:Bonjour Port 5353
"57601:TCP"= 57601:TCP:Pando Media Booster
"57601:UDP"= 57601:UDP:Pando Media Booster
"58759:TCP"= 58759:TCP:Pando Media Booster
"58759:UDP"= 58759:UDP:Pando Media Booster
.
R0 aswKbd;aswKbd;h:\windows\system32\drivers\aswKbd.sys [2013-04-24 21576]
R0 avc3;avc3;h:\windows\system32\drivers\avc3.sys [2013-05-17 625128]
R0 gzflt;gzflt;h:\windows\system32\drivers\gzflt.sys [2013-05-17 162976]
R0 sptd;sptd;\SystemRoot\\SystemRoot\System32\Drivers\sptd.sys --> \SystemRoot\\SystemRoot\System32\Drivers\sptd.sys [?]
R1 aswSP;aswSP;h:\windows\system32\drivers\aswSP.sys [2013-05-16 368944]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;h:\windows\system32\drivers\dtsoftbus01.sys [2012-10-07 242240]
R2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service;h:\program files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [2009-05-14 759048]
R2 acedrv11;acedrv11;h:\windows\system32\drivers\acedrv11.sys [2008-07-30 277736]
R2 aswFsBlk;aswFsBlk;h:\windows\system32\drivers\aswFsBlk.sys [2013-05-16 29816]
R2 BrowserProtect;BrowserProtect;h:\documents and settings\All Users\Dane aplikacji\BrowserProtect\2.6.1249.132\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe [2013-04-23 2787280]
R2 OMSI download service;Sony Ericsson OMSI download service;h:\program files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [2011-01-14 90112]
R2 Skype C2C Service;Skype C2C Service;h:\documents and settings\All Users\Dane aplikacji\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-10-02 3064000]
R2 UPDATESRV;Bitdefender Desktop Update Service;h:\program files\Bitdefender\Bitdefender 2013\updatesrv.exe [2013-05-17 55984]
R3 avchv;avchv Function Driver;h:\windows\system32\drivers\avchv.sys [2013-05-17 242504]
R3 avckf;avckf;h:\windows\system32\drivers\avckf.sys [2013-05-17 482928]
R3 pcouffin;VSO Software pcouffin;h:\windows\system32\drivers\pcouffin.sys [2009-02-12 47360]
S2 SkypeUpdate;Skype Updater;h:\program files\Skype\Updater\Updater.exe [2013-02-28 161384]
S3 Ambfilt;Ambfilt;h:\windows\system32\drivers\Ambfilt.sys [2009-06-06 1684736]
S3 BDSandBox;BDSandBox;h:\windows\system32\drivers\bdsandbox.sys [2013-05-17 66392]
S3 EagleXNt;EagleXNt;\??\h:\windows\system32\drivers\EagleXNt.sys --> h:\windows\system32\drivers\EagleXNt.sys [?]
S3 FsUsbExDisk;FsUsbExDisk;h:\windows\system32\FsUsbExDisk.Sys [2011-07-06 36608]
S3 FXDrv32;FXDrv32;\??\g:\fxdrv32.sys --> g:\FXDrv32.sys [?]
S3 ggflt;SEMC USB Flash Driver Filter;h:\windows\system32\drivers\ggflt.sys [2009-07-13 13224]
S3 s0016bus;Sony Ericsson Device 0016 driver (WDM);h:\windows\system32\drivers\s0016bus.sys [2009-09-27 89256]
S3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter;h:\windows\system32\drivers\s0016mdfl.sys [2009-09-27 15016]
S3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver;h:\windows\system32\drivers\s0016mdm.sys [2009-09-27 120744]
S3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM);h:\windows\system32\drivers\s0016mgmt.sys [2009-09-27 114216]
S3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS);h:\windows\system32\drivers\s0016nd5.sys [2009-09-27 25512]
S3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface;h:\windows\system32\drivers\s0016obex.sys [2009-09-27 110632]
S3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM);h:\windows\system32\drivers\s0016unic.sys [2009-09-27 115752]
S3 s0017bus;Sony Ericsson Device 0017 driver (WDM);h:\windows\system32\drivers\s0017bus.sys [2009-09-27 86824]
S3 s0017mdfl;Sony Ericsson Device 0017 USB WMC Modem Filter;h:\windows\system32\drivers\s0017mdfl.sys [2009-09-27 15016]
S3 s0017mdm;Sony Ericsson Device 0017 USB WMC Modem Driver;h:\windows\system32\drivers\s0017mdm.sys [2009-09-27 114600]
S3 s0017mgmt;Sony Ericsson Device 0017 USB WMC Device Management Drivers (WDM);h:\windows\system32\drivers\s0017mgmt.sys [2009-09-27 108328]
S3 s0017nd5;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (NDIS);h:\windows\system32\drivers\s0017nd5.sys [2009-09-27 26024]
S3 s0017obex;Sony Ericsson Device 0017 USB WMC OBEX Interface;h:\windows\system32\drivers\s0017obex.sys [2009-09-27 104616]
S3 s0017unic;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (WDM);h:\windows\system32\drivers\s0017unic.sys [2009-09-27 109736]
S3 seehcri;Sony Ericsson seehcri Device Driver;h:\windows\system32\drivers\seehcri.sys [2009-09-27 27632]
S3 Sony PC Companion;Sony PC Companion;h:\program files\Sony\Sony PC Companion\PCCService.exe [2012-12-13 155824]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM);h:\windows\system32\drivers\ss_bbus.sys [2011-07-06 90112]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);h:\windows\system32\drivers\ss_bmdfl.sys [2011-07-06 14976]
S3 ss_bmdm;SAMSUNG USB Mobile Modem;h:\windows\system32\drivers\ss_bmdm.sys [2011-07-06 121856]
.
Zawartość folderu 'Zaplanowane zadania'
.
2013-05-17 h:\windows\Tasks\Adobe Flash Player Updater.job
- h:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-25 01:08]
.
2013-05-17 h:\windows\Tasks\avast! Emergency Update.job
- h:\program files\AVAST Software\Avast\AvastEmUpdate.exe [2013-05-16 08:58]
.
.
------- Skan uzupełniający -------
.
uStart Page = hxxp://www.holasearch.com/?affID=121962&babsrc=HP_ss&mntrId=D8EE001FE2515F0C
mStart Page = hxxp://home.sweetim.com/?crg=3.1010000&barid={D265271D-9187-47EE-8163-B1BF5CCA21CA}
uInternet Connection Wizard,ShellNext = iexplore
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: E&ksportuj do programu Microsoft Excel - h:\progra~1\MICROS~4\Office14\EXCEL.EXE/3000
IE: Search the Web - h:\program files\SweetIM\Toolbars\Internet Explorer\resources\menuext.html
IE: Wyślij &do programu OneNote - h:\progra~1\MICROS~4\Office14\ONBttnIE.dll/105
IE: { - h:\program files\Messenger\msmsgs.exe
IE: {{d9288080-1baa-4bc4-9cf8-a92d743db949} - h:\documents and settings\serek\Menu Start\Programy\IMVU\Run IMVU.lnk
TCP: DhcpNameServer = 192.168.1.1 192.168.1.1
TCP: Interfaces\{0D706C4C-8DCD-4CA5-B7D6-D4AF5CAA1AEB}: NameServer = 8.26.56.26,156.154.70.22
FF - ProfilePath - h:\documents and settings\serek\Dane aplikacji\Mozilla\Firefox\Profiles\zi7n7x1u.default\
FF - prefs.js: browser.search.selectedEngine - 
FF - ExtSQL: 2013-04-12 04:05; {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}; h:\program files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
.
- - - - USUNIĘTO PUSTE WPISY - - - -
.
Toolbar-{d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0} - (no file)
WebBrowser-{D40B90B4-D3B1-4D6B-A5D7-DC041C1B76C0} - (no file)
ShellIconOverlayIdentifiers-{E68D0A50-3C40-4712-B90D-DCFA93FF2534} - (no file)
ShellIconOverlayIdentifiers-{E68D0A51-3C40-4712-B90D-DCFA93FF2534} - (no file)
ShellIconOverlayIdentifiers-{E68D0A52-3C40-4712-B90D-DCFA93FF2534} - (no file)
ShellIconOverlayIdentifiers-{E68D0A53-3C40-4712-B90D-DCFA93FF2534} - (no file)
HKLM-Run-avast - h:\program files\AVAST Software\Avast\avastUI.exe
SafeBoot-25943985.sys
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-05-17 23:50
Windows 5.1.2600 Dodatek Service Pack 3 NTFS
.
skanowanie ukrytych procesów ...  
.
skanowanie ukrytych wpisów autostartu ... 
.
skanowanie ukrytych plików ...  
.
skanowanie pomyślnie ukończone
ukryte pliki: 0
.
**************************************************************************
.
--------------------- ZABLOKOWANE KLUCZE REJESTRU ---------------------
.
[HKEY_USERS\S-1-5-21-2025429265-287218729-725345543-1003\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:7c,b2,e3,7b,3a,d9,89,ab,15,78,51,af,f1,01,d3,52,92,1f,e8,c9,eb,1a,6e,
   a2,c5,8b,b3,1f,41,cd,a1,f5,86,cb,4b,68,68,c3,2b,39,33,f8,67,6f,18,2b,49,16,\
"??"=hex:07,11,d8,41,77,75,ce,3b,36,6e,7f,8c,59,0c,d1,54
.
[HKEY_USERS\S-1-5-21-2025429265-287218729-725345543-1003\Software\SecuROM\License information*]
"datasecu"=hex:dd,3c,c4,b4,91,c8,ed,3e,cf,7e,d5,21,40,ba,be,0b,6d,9c,b1,d1,f2,
   4b,c1,99,5c,ae,e7,27,0f,66,c3,b5,cf,f0,5e,6e,bc,3c,03,a3,1a,ba,2c,f0,05,b0,\
"rkeysecu"=hex:29,23,be,84,e1,6c,d6,ae,52,90,49,f1,f1,bb,e9,eb
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@h:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="h:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- Pliki DLL ładowane pod uruchomionymi procesami ---------------------
.
- - - - - - - > 'explorer.exe'(2560)
h:\progra~1\COMMON~1\MICROS~1\OFFICE14\Cultures\office.odf
h:\progra~1\MICROS~4\Office14\1045\GrooveIntlResource.dll
h:\windows\system32\msi.dll
h:\windows\system32\WPDShServiceObj.dll
h:\windows\system32\PortableDeviceTypes.dll
h:\windows\system32\PortableDeviceApi.dll
.
------------------------ Pozostałe uruchomione procesy ------------------------
.
h:\program files\Bitdefender\Bitdefender 2013\vsserv.exe
h:\program files\Java\jre7\bin\jqs.exe
h:\windows\system32\nvsvc32.exe
h:\program files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
h:\windows\system32\PnkBstrA.exe
h:\windows\system32\RunDLL32.exe
h:\windows\system32\wscntfy.exe
h:\windows\System32\wbem\wmiapsrv.exe
.
**************************************************************************
.
Czas ukończenia: 2013-05-17  23:54:21 - komputer został uruchomiony ponownie
ComboFix-quarantined-files.txt  2013-05-17 21:54
.
Przed: 4*891*848*704 bajtów wolnych
Po: 4*489*150*464 bajtów wolnych
.
WindowsXP-KB310994-SP2-Pro-BootDisk-PLK.exe
[Boot Loader]
Timeout=2
Default=c:\$win_nt$.~bt\BOOTSECT.DAT
[Operating Systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /fastdetect /NoExecute=OptIn
c:\$win_nt$.~bt\BOOTSECT.DAT="Instalator systemu Microsoft Windows XP Professional"
.
- - End Of File - - 967F7BBFE0EADD8E768BE5632BE4BBD9
Kod:
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:57:23, on 2013-05-17
Platform: Windows XP Dodatek SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
H:\WINDOWS\System32\smss.exe
H:\WINDOWS\system32\winlogon.exe
H:\WINDOWS\system32\services.exe
H:\WINDOWS\system32\lsass.exe
H:\Program Files\Bitdefender\Bitdefender 2013\vsserv.exe
H:\WINDOWS\system32\svchost.exe
H:\WINDOWS\System32\svchost.exe
H:\WINDOWS\system32\svchost.exe
H:\WINDOWS\system32\spoolsv.exe
H:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
H:\Documents and Settings\All Users\Dane aplikacji\BrowserProtect\2.6.1249.132\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe
H:\Documents and Settings\All Users\Dane aplikacji\BrowserProtect\2.6.1249.132\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe
H:\Program Files\Java\jre7\bin\jqs.exe
H:\WINDOWS\system32\nvsvc32.exe
H:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
H:\WINDOWS\system32\PnkBstrA.exe
H:\Documents and Settings\All Users\Dane aplikacji\Skype\Toolbars\Skype C2C Service\c2c_service.exe
H:\WINDOWS\System32\svchost.exe
H:\Program Files\Bitdefender\Bitdefender 2013\updatesrv.exe
H:\WINDOWS\PixArt\PAC7302\Monitor.exe
H:\WINDOWS\system32\RunDLL32.exe
H:\Program Files\Common Files\Java\Java Update\jusched.exe
H:\Program Files\Bitdefender\Bitdefender 2013\bdagent.exe
H:\Program Files\Pando Networks\Media Booster\PMB.exe
H:\WINDOWS\system32\wscntfy.exe
H:\WINDOWS\system32\svchost.exe
H:\WINDOWS\System32\wbem\wmiapsrv.exe
H:\WINDOWS\explorer.exe
H:\WINDOWS\system32\ctfmon.exe
H:\WINDOWS\system32\wuauclt.exe
H:\WINDOWS\system32\msiexec.exe
H:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.holasearch.com/?affID=121962&babsrc=HP_ss&mntrId=D8EE001FE2515F0C
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com/?crg=3.1010000&barid={D265271D-9187-47EE-8163-B1BF5CCA21CA}
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://feed.helperbar.com/?publisher=OPENCANDY&dpid=OPENCANDYAPRIL&co=PL&userid=e29f5cd3-581f-4a12-be23-36311caaa387&affid=111583&searchtype=ds&babsrc=lnkry&q={searchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - H:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - H:\Program Files\ConduitEngine\ConduitEngine.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - H:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - H:\PROGRA~1\MICROS~4\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - H:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - H:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - H:\PROGRA~1\MICROS~4\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - H:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: IplexToALLPlayer - {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} - H:\PROGRA~1\ALLPLA~1\Iplex\IPLEXT~1.DLL
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - H:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - H:\Program Files\ConduitEngine\ConduitEngine.dll
O3 - Toolbar: (no name) - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - (no file)
O3 - Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - (no file)
O4 - HKLM\..\Run: [PAC7302_Monitor] H:\WINDOWS\PixArt\PAC7302\Monitor.exe
O4 - HKLM\..\Run: [EEventManager] "H:\Program Files\Epson Software\Event Manager\EEventManager.exe"
O4 - HKLM\..\Run: [DivXUpdate] "H:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [Adobe ARM] "H:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [BCSSync] "H:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE H:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] H:\Program Files\NVIDIA Corporation\nview\nwiz.exe /installquiet
O4 - HKLM\..\Run: [avast] "H:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [SunJavaUpdateSched] "H:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Bdagent] H:\Program Files\Bitdefender\Bitdefender 2013\bdagent.exe
O4 - HKCU\..\Run: [ALLUpdate] "H:\Program Files\ALLPlayer\ALLUpdate.exe" "sleep"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "H:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Skype] "H:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Pando Media Booster] H:\Program Files\Pando Networks\Media Booster\PMB.exe
O4 - HKCU\..\Run: [ctfmon.exe] H:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-21-2025429265-287218729-725345543-1006\..\Run: [CTFMON.EXE] H:\WINDOWS\System32\CTFMON.EXE (User 'UpdatusUser')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] H:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] H:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://H:\PROGRA~1\MICROS~4\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Search the Web - H:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\menuext.html
O8 - Extra context menu item: Wyślij &do programu OneNote - res://H:\PROGRA~1\MICROS~4\Office14\ONBttnIE.dll/105
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - H:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - H:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Notatki połączone programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - H:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Notatki połączone programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - H:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - H:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - H:\Documents and Settings\serek\Menu Start\Programy\IMVU\Run IMVU.lnk (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - H:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - H:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{0D706C4C-8DCD-4CA5-B7D6-D4AF5CAA1AEB}: NameServer = 8.26.56.26,156.154.70.22
O17 - HKLM\System\CS1\Services\Tcpip\..\{0D706C4C-8DCD-4CA5-B7D6-D4AF5CAA1AEB}: NameServer = 8.26.56.26,156.154.70.22
O17 - HKLM\System\CS2\Services\Tcpip\..\{0D706C4C-8DCD-4CA5-B7D6-D4AF5CAA1AEB}: NameServer = 8.26.56.26,156.154.70.22
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - H:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - H:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - H:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O22 - SharedTaskScheduler: Moduł wstępnego ładowania interfejsu Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - H:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Demon buforu kategorii składników - {8C7461EF-2B13-11d2-BE35-3078302C2030} - H:\WINDOWS\System32\browseui.dll
O23 - Service: ABBYY FineReader 9.0 Sprint Licensing Service (ABBYY.Licensing.FineReader.Sprint.9.0) - ABBYY - H:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - H:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: avast! Antivirus - AVAST Software - H:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: BrowserProtect - Unknown owner - H:\Documents and Settings\All Users\Dane aplikacji\BrowserProtect\2.6.1249.132\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - H:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - H:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - H:\WINDOWS\system32\nvsvc32.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - H:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: Sony Ericsson OMSI download service (OMSI download service) - Unknown owner - H:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
O23 - Service: PnkBstrA - Unknown owner - H:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Skype C2C Service - Skype Technologies S.A. - H:\Documents and Settings\All Users\Dane aplikacji\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - H:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Sony PC Companion - Avanquest Software - H:\Program Files\Sony\Sony PC Companion\PCCService.exe
O23 - Service: Bitdefender Desktop Update Service (UPDATESRV) - Bitdefender - H:\Program Files\Bitdefender\Bitdefender 2013\updatesrv.exe
O23 - Service: Bitdefender Virus Shield (VSSERV) - Bitdefender - H:\Program Files\Bitdefender\Bitdefender 2013\vsserv.exe

--
End of file - 11329 bytes

Proszę o pomoc !!

  #2 (permalink)  
Stare 29.05.2013, 20:12
Avatar sebciu0
Ekspert
 
Zarejestrowany: Aug 2008
Skąd: ziemia
Postów: 4 941
Postów w giełdzie: 1
Domyślnie Odp: Problem z częstym zawieszaniem komputer i nieznanym errorem

nie za dużo masz tych antywirusów? Nie widzę aby były jakieś wirusy. Przeskanuj kompa Spybotem (Search & Destroy). Obrazka brak. Jakie masz temperatury?
__________________
AMD Phenom II 4 955 Black Edition;Scythe Mugen 2 Rev. B SCMG-2100;AsRock 970 Extreme 4;Asus HD 7770 DC2 1GD5 v2;WD Caviar Black 1TB;4 GB ram;Samsung 37";Logitech MX5500;Logitech Z-5500 Digital; RaidMax Ninja, Lenovo Y580

  #3 (permalink)  
Stare 30.05.2013, 07:45
Avatar Barabasz99
Ekspert - Windows, Sprzęt
 
Zarejestrowany: Jan 2009
Postów: 2 382
Postów w giełdzie: 0
Domyślnie Odp: Problem z częstym zawieszaniem komputer i nieznanym errorem

Jak kolega wyżej-za dużo antywirów/zabezpieczeń(pozostałości po Avast?)-zdecyduj się na 1,po co ci np.BrowserProtect?.Zainstalowałeś dodatek do FF czy osobny program?
Błąd który otrzymujesz prawdopodobnie spowodowany przez ABBYY fine reader który modyfikuje pewne pliki.Ściągnij ShellExView,uruchom,znajdź wpis Sprint.ExplorerIntegration.9 class Identifier
kliknij go prawym i ustaw na Disabled.Zrestartuj komputer.

Nie używa się Combofiksa ot tak,bo coś się dzieje!!!!!

  #4 (permalink)  
Stare 30.05.2013, 10:33
Senior Member
 
Zarejestrowany: Aug 2012
Skąd: C:\Windows\
Postów: 2 022
Postów w giełdzie: 0
Domyślnie Odp: Problem z częstym zawieszaniem komputer i nieznanym errorem

Tu jest wirus Sality infekujący pliki wykonywalne:
Kod:
-------\Legacy_AMSINT32
-------\Service_amsint32
Daj logi do działu "Logi do sprawdzenia"
Odpowiedz

Szybka odpowiedź
Antispam, complete the task: 
 
Wiadomość:
Opcje

Narzędzia wątku Przeszukaj ten temat
Przeszukaj ten temat:

Zaawansowane wyszukiwanie
Wygląd

Zasady postowania
Nie możesz zakładać nowych tematów
Nie możesz pisać wiadomości
Nie możesz dodawać załączników
Nie możesz edytować swoich postów

BBCode jest Włączony
EmotikonyWłączony
[IMG] kod jest Włączony
HTML kod jest Wyłączony
Trackbacks are Wyłączony
Pingbacks are Wyłączony
Refbacks are Wyłączony


Podobne wątki
Temat Autor wątku Forum Odpowiedzi Ostatni post/autor
Problem z zawieszaniem skipz archiwum forum sprzęt 5 22.12.2011 18:54
problem z nieznanym przekierowaniem kulomen bezpieczeństwo i anonimowość 0 03.04.2011 11:10
ROZWIĄZANE ba.exe. Problem z częstym zawieszaniem gruby0688 Logi do sprawdzenia 10 05.07.2010 11:06
NvCpLUI.exe Jak uporac sie z tym errorem ?? holrim archiwum forum windows 4 26.12.2009 03:38
Problem z zawieszaniem sie :/ Riddick_pl archiwum forum sprzęt 7 27.06.2009 14:37


Wszystkie czasy w strefie GMT +2. Teraz jest 02:17.

Powered by vBulletin® Version 3.8.8 Beta 3
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Search Engine Friendly URLs by vBSEO 3.5.2
Tłumaczenie: vBHELP.pl - Polskie wsparcie vBulletin
1406161026

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 266 267 268 269 270 271 272 273 274 275 276 277 278 279 280 281 282 283 284 285 286 287 288 289 290 291 292 293 294 295 296 297 298 299 300 301 302 303 304 305 306 307 308 309 310 311 312 313 314 315 316 317 318 319 320 321 322 323 324 325 326 327 328 329 330 331 332 333 334 335 336 337 338 339 340 341 342 343 344 345