Zwolnione dzialanie systemu windows

**Posty:** 1451 · przez **eisu** 08 Paź 2011, 12:06

hej mam problem od jakiegos czasu ydajnosc mojego eee PC 1001px znacznie spadla choc i tak do szybkich nie nalezy.chodzi o to ze system uruchamia sie okolo 2 minut a na otwarcie kazdej aplikacji trzeba czekac okolo minuty i wiecej i albo zadziala albo sie zawiesi ,tak tez jest z logami z otl i gmer nie da rady ich wygenerowac ,zadzialal tylko combofix

Kod: Zaznacz wszystko: ComboFix 11-10-07.04 - aaaaa 2011-10-08 10:21:59.3.2 - x86 Microsoft Windows XP Professional 5.1.2600.3.1250.48.1045.18.1014.370 [GMT 1:00] Uruchomiony z: c:\documents and settings\aaaaa\Pulpit\ComboFix.exe AV: Norton Internet Security *Disabled/Updated* {E10A9785-9598-4754-B552-92431C1C35F8} FW: Norton Internet Security *Enabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220} . . ((((((((((((((((((((((((((((((((((((((( Usunięto ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\docume~1\aaaaa\USTAWI~1\Temp\3dcf2df1-2a83-477c-a7dd-858967792357\CliSecureRT.dll c:\documents and settings\aaaaa\Ustawienia lokalne\Temp\3dcf2df1-2a83-477c-a7dd-858967792357\CliSecureRT.dll . . ((((((((((((((((((((((((( Pliki utworzone od 2011-09-08 do 2011-10-08 ))))))))))))))))))))))))))))))) . . 2011-10-06 22:52 . 2011-10-06 22:52 428088 ----a-w- c:\windows\system32\drivers\sptd.sys 2011-10-06 21:41 . 2011-10-08 09:46 -------- d-sh--w- c:\documents and settings\All Users\Dane aplikacji\.beniamin 2011-10-06 21:41 . 2011-07-21 00:51 1179648 ----a-w- c:\windows\system32\BnmnSrv.exe 2011-10-06 21:41 . 2011-07-21 00:51 1253376 ----a-w- c:\windows\system32\bnmndrv.dll 2011-10-06 21:41 . 2011-07-21 00:51 1028096 ----a-w- c:\windows\system32\alpf.dll 2011-10-06 21:41 . 2011-10-06 21:41 -------- d-----w- c:\program files\Beniamin 2011-10-06 21:34 . 2011-10-06 21:42 -------- d-----w- c:\program files\Common Files\Symantec Shared 2011-10-06 21:34 . 2011-10-06 21:39 -------- d-----w- c:\program files\Symantec 2011-10-06 21:34 . 2011-10-06 21:39 60872 ----a-w- c:\windows\system32\S32EVNT1.DLL 2011-10-06 21:34 . 2011-10-06 21:39 126584 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS 2011-10-06 21:33 . 2011-10-06 22:54 -------- d-----w- c:\windows\system32\drivers\NIS 2011-10-06 21:33 . 2011-10-06 21:33 -------- d-----w- c:\program files\Norton Internet Security 2011-10-06 21:33 . 2011-10-06 21:33 -------- d-----w- c:\program files\NortonInstaller 2011-09-18 18:36 . 2011-09-18 18:36 -------- d-----w- c:\documents and settings\aaaaa\Ustawienia lokalne\Dane aplikacji\Temp 2011-09-18 18:36 . 2011-09-18 18:36 -------- d-----w- c:\documents and settings\aaaaa\Ustawienia lokalne\Dane aplikacji\Adobe 2011-09-18 18:34 . 2011-09-18 18:35 -------- d-----w- c:\program files\Common Files\Adobe 2011-09-12 05:09 . 2011-09-12 05:09 -------- d-----w- c:\program files\Gadu-Gadu 10 2011-09-11 14:57 . 2008-03-21 11:57 14640 ------w- c:\windows\system32\spmsgXP_2k3.dll 2011-09-10 17:18 . 2011-09-10 17:18 -------- d-----w- c:\program files\ConvertHelper 2011-09-10 17:14 . 2011-09-10 17:14 -------- d-----w- c:\program files\MyFree Codec 2011-09-10 14:54 . 2011-09-10 14:54 -------- d-----w- c:\documents and settings\aaaaa\Ustawienia lokalne\Dane aplikacji\KSafe 2011-09-10 14:51 . 2011-09-10 14:51 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\KRSHistory 2011-09-10 14:49 . 2011-01-15 06:15 38400 ----a-w- c:\windows\system32\pchsvc.dll 2011-09-10 14:48 . 2011-09-10 14:48 -------- d-----w- C:\KRSHistory 2011-09-10 14:48 . 2011-09-10 14:48 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\Kingsoft 2011-09-10 14:47 . 2011-09-10 17:36 -------- d-----w- c:\program files\Kingsoft 2011-09-10 11:52 . 2011-09-10 11:52 -------- d-----w- C:\Temp . . . (((((((((((((((((((((((((((((((((((((((( Sekcja Find3M )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-09-27 05:50 . 2011-08-07 18:35 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2011-09-09 09:12 . 2011-01-15 08:15 602624 ----a-w- c:\windows\system32\crypt32.dll 2011-09-06 21:35 . 2011-09-04 20:26 30728 ----a-w- C:\napis.zip 2011-08-07 19:01 . 2011-08-07 19:07 1002008 ----a-w- c:\windows\system32\igxpun.exe 2011-08-07 19:01 . 2011-08-07 19:07 57344 ----a-w- c:\windows\system32\igxprd32.dll 2011-08-07 19:01 . 2011-08-07 19:07 6301696 ----a-w- c:\windows\system32\drivers\igxpmp32.sys 2011-08-07 19:01 . 2011-08-07 19:07 282624 ----a-w- c:\windows\system32\igfxrsve.lrc 2011-08-07 19:01 . 2011-08-07 19:07 279040 ----a-w- c:\windows\system32\igfxrtrk.lrc 2011-08-07 19:01 . 2011-08-07 19:07 141336 ----a-w- c:\windows\system32\igfxtray.exe 2011-08-07 19:01 . 2011-08-07 19:07 51712 ----a-w- c:\windows\system32\igfxsrvc.dll 2011-08-07 19:01 . 2011-08-07 19:07 294912 ----a-w- c:\windows\system32\igldev32.dll 2011-08-07 19:01 . 2011-08-07 19:07 2685920 ----a-w- c:\windows\system32\igxpdv32.dll 2011-08-07 19:01 . 2011-08-07 19:07 262656 ----a-w- c:\windows\system32\igfxrtha.lrc 2011-08-07 19:01 . 2011-08-07 19:07 250392 ----a-w- c:\windows\system32\igfxsrvc.exe 2011-08-07 19:01 . 2011-08-07 19:07 185856 ----a-w- c:\windows\system32\igxpgd32.dll 2011-08-07 19:01 . 2011-08-07 19:07 3773952 ----a-w- c:\windows\system32\igxpdx32.dll 2011-08-07 19:01 . 2011-08-07 19:07 277504 ----a-w- c:\windows\system32\igfxrslv.lrc 2011-08-07 19:01 . 2011-08-07 19:07 2342912 ----a-w- c:\windows\system32\iglicd32.dll 2011-08-07 19:01 . 2011-08-07 19:07 155648 ----a-w- c:\windows\system32\igfxCoIn_v5134.dll 2011-08-07 19:01 . 2011-08-07 19:07 304640 ----a-w- c:\windows\system32\igfxrita.lrc 2011-08-07 19:01 . 2011-08-07 19:07 280576 ----a-w- c:\windows\system32\igfxrdan.lrc 2011-08-07 19:01 . 2011-08-07 19:07 249856 ----a-w- c:\windows\system32\igfxrheb.lrc 2011-08-07 19:01 . 2011-08-07 19:07 206848 ----a-w- c:\windows\system32\igfxrjpn.lrc 2011-08-07 19:01 . 2011-08-07 19:07 205312 ----a-w- c:\windows\system32\igfxrkor.lrc 2011-08-07 19:01 . 2011-08-07 19:07 303104 ----a-w- c:\windows\system32\igfxrfra.lrc 2011-08-07 19:01 . 2011-08-07 19:07 294912 ----a-w- c:\windows\system32\igfxrptg.lrc 2011-08-07 19:01 . 2011-08-07 19:07 282624 ----a-w- c:\windows\system32\igfxrcsy.lrc 2011-08-07 19:01 . 2011-08-07 19:07 279552 ----a-w- c:\windows\system32\igfxrnor.lrc 2011-08-07 19:01 . 2011-08-07 19:07 310784 ----a-w- c:\windows\system32\igfxrell.lrc 2011-08-07 19:01 . 2011-08-07 19:07 303616 ----a-w- c:\windows\system32\igfxrdeu.lrc 2011-08-07 19:01 . 2011-08-07 19:07 303104 ----a-w- c:\windows\system32\igfxresp.lrc 2011-08-07 19:01 . 2011-08-07 19:07 299008 ----a-w- c:\windows\system32\igfxrnld.lrc 2011-08-07 19:01 . 2011-08-07 19:07 291328 ----a-w- c:\windows\system32\igfxrrus.lrc 2011-08-07 19:01 . 2011-08-07 19:07 289280 ----a-w- c:\windows\system32\igfxrptb.lrc 2011-08-07 19:01 . 2011-08-07 19:07 288256 ----a-w- c:\windows\system32\igfxrhun.lrc 2011-08-07 19:01 . 2011-08-07 19:07 287744 ----a-w- c:\windows\system32\igfxrplk.lrc 2011-08-07 19:01 . 2011-08-07 19:07 282624 ----a-w- c:\windows\system32\igfxrsky.lrc 2011-08-07 19:01 . 2011-08-07 19:07 281088 ----a-w- c:\windows\system32\igfxrfin.lrc 2011-08-07 19:01 . 2011-08-07 19:07 275968 ----a-w- c:\windows\system32\igfxrenu.lrc 2011-08-07 19:01 . 2011-08-07 19:07 179712 ----a-w- c:\windows\system32\igfxrcht.lrc 2011-08-07 19:01 . 2011-08-07 19:07 5702656 ----a-w- c:\windows\system32\igfxress.dll 2011-08-07 19:01 . 2011-08-07 19:07 23552 ----a-w- c:\windows\system32\igfxexps.dll 2011-08-07 19:01 . 2011-08-07 19:07 141336 ----a-w- c:\windows\system32\igfxpers.exe 2011-08-07 19:01 . 2011-08-07 19:07 652312 ----a-w- c:\windows\system32\igfxcfg.exe 2011-08-07 19:01 . 2011-08-07 19:07 252416 ----a-w- c:\windows\system32\igfxrara.lrc 2011-08-07 19:01 . 2011-08-07 19:07 172056 ----a-w- c:\windows\system32\igfxext.exe 2011-08-07 19:01 . 2011-08-07 19:07 205312 ----a-w- c:\windows\system32\igfxdev.dll 2011-08-07 19:01 . 2011-08-07 19:07 199168 ----a-w- c:\windows\system32\igfxpph.dll 2011-08-07 19:01 . 2011-08-07 19:07 178176 ----a-w- c:\windows\system32\igfxrchs.lrc 2011-08-07 19:01 . 2011-08-07 19:07 130048 ----a-w- c:\windows\system32\igfxdo.dll 2011-08-07 19:01 . 2011-08-07 19:07 119296 ----a-w- c:\windows\system32\igfxcpl.cpl 2011-08-07 19:01 . 2011-08-07 19:07 93696 ----a-w- c:\windows\system32\hccutils.dll 2011-08-07 19:01 . 2011-08-07 19:07 173592 ----a-w- c:\windows\system32\hkcmd.exe 2011-08-07 18:39 . 2008-11-03 13:03 13880 ----a-w- c:\windows\system32\drivers\kbfiltr.sys 2011-08-07 18:39 . 2011-08-07 18:40 53248 ----a-w- c:\windows\system32\CSVer.dll 2011-08-07 18:29 . 2011-08-07 18:30 891496 ----a-w- c:\windows\system32\RTSndMgr.CPL 2011-08-07 18:29 . 2011-08-07 18:30 84584 ----a-w- c:\windows\SOUNDMAN.EXE 2011-08-07 18:29 . 2011-08-07 18:30 359016 ----a-w- c:\windows\vncutil.exe 2011-08-07 18:29 . 2011-08-07 18:30 1833576 ----a-w- c:\windows\SkyTel.exe 2011-08-07 18:29 . 2011-08-07 18:30 9721960 ----a-w- c:\windows\RTLCPL.EXE 2011-08-07 18:29 . 2011-08-07 18:30 6412904 ----a-w- c:\windows\system32\drivers\RtkHDAud.sys 2011-08-07 18:29 . 2011-08-07 18:30 1489512 ----a-w- c:\windows\RtlUpd.exe 2011-08-07 18:29 . 2011-08-07 18:30 59496 ----a-w- c:\windows\system32\RtkCoInstXP.dll 2011-08-07 18:29 . 2011-08-07 18:30 129640 ----a-w- c:\windows\RtkAudioService.exe 2011-08-07 18:29 . 2011-08-07 18:30 20053608 ----a-w- c:\windows\RTHDCPL.EXE 2011-08-07 18:29 . 2011-08-07 18:30 2180712 ----a-w- c:\windows\MicCal.exe 2011-08-07 18:29 . 2011-08-07 18:30 1395800 ----a-w- c:\windows\system32\drivers\Monfilt.sys 2011-08-07 18:29 . 2011-08-07 18:30 285288 ----a-w- c:\windows\system32\ALSNDMGR.CPL 2011-08-07 18:29 . 2011-08-07 18:30 1691480 ----a-w- c:\windows\system32\drivers\Ambfilt.sys 2011-08-07 18:29 . 2011-08-07 18:30 64104 ----a-w- c:\windows\ALCMTR.EXE 2011-08-07 18:29 . 2011-08-07 18:30 2815592 ----a-w- c:\windows\ALCWZRD.EXE 2011-08-07 18:29 . 2011-08-07 18:29 1284712 ----a-w- c:\windows\RtlExUpd.dll 2011-08-07 18:28 . 2011-08-07 18:28 4544392 ----a-w- c:\windows\system32\ETDUI.cpl 2011-08-07 18:28 . 2011-08-07 18:28 102912 ----a-w- c:\windows\system32\drivers\ETD.sys 2011-07-26 15:26 . 2011-08-13 12:11 4659712 ----a-w- c:\windows\system32\Redemption.dll 2011-07-26 15:26 . 2011-07-26 15:26 90112 ----a-w- c:\windows\MAMCityDownload.ocx 2011-07-26 15:26 . 2011-07-26 15:26 325552 ----a-w- c:\windows\MASetupCaller.dll 2011-07-26 15:26 . 2011-07-26 15:26 30568 ----a-w- c:\windows\MusiccityDownload.exe 2011-07-26 15:26 . 2011-07-26 15:26 974848 ----a-w- c:\windows\system32\cis-2.4.dll 2011-07-26 15:26 . 2011-07-26 15:26 81920 ----a-w- c:\windows\system32\issacapi_bs-2.3.dll 2011-07-26 15:26 . 2011-07-26 15:26 65536 ----a-w- c:\windows\system32\issacapi_pe-2.3.dll 2011-07-26 15:26 . 2011-07-26 15:26 57344 ----a-w- c:\windows\system32\MTXSYNCICON.dll 2011-07-26 15:26 . 2011-07-26 15:26 57344 ----a-w- c:\windows\system32\MK_Lyric.dll 2011-07-26 15:26 . 2011-07-26 15:26 57344 ----a-w- c:\windows\system32\issacapi_se-2.3.dll 2011-07-26 15:26 . 2011-07-26 15:26 569344 ----a-w- c:\windows\system32\muzdecode.ax 2011-07-26 15:26 . 2011-07-26 15:26 491520 ----a-w- c:\windows\system32\muzapp.dll 2011-07-26 15:26 . 2011-07-26 15:26 49152 ----a-w- c:\windows\system32\MaJGUILib.dll 2011-07-26 15:26 . 2011-07-26 15:26 45056 ----a-w- c:\windows\system32\MaXMLProto.dll 2011-07-26 15:26 . 2011-07-26 15:26 45056 ----a-w- c:\windows\system32\MACXMLProto.dll 2011-07-26 15:26 . 2011-07-26 15:26 40960 ----a-w- c:\windows\system32\MTTELECHIP.dll 2011-07-26 15:26 . 2011-07-26 15:26 40960 ----a-w- c:\windows\system32\MAMACExtract.dll 2011-07-26 15:26 . 2011-07-26 15:26 352256 ----a-w- c:\windows\system32\MSLUR71.dll 2011-07-26 15:26 . 2011-07-26 15:26 258048 ----a-w- c:\windows\system32\muzoggsp.ax 2011-07-26 15:26 . 2011-07-26 15:26 245760 ----a-w- c:\windows\system32\MSCLib.dll 2011-07-26 15:26 . 2011-07-26 15:26 24576 ----a-w- c:\windows\system32\MASetupCleaner.exe 2011-07-26 15:26 . 2011-07-26 15:26 200704 ----a-w- c:\windows\system32\muzwmts.dll 2011-07-26 15:26 . 2011-07-26 15:26 172032 ----a-w- c:\windows\system32\muzapp.exe 2011-07-26 15:26 . 2011-07-26 15:26 155648 ----a-w- c:\windows\system32\MSFLib.dll 2011-07-26 15:26 . 2011-07-26 15:26 143360 ----a-w- c:\windows\system32\3DAudio.ax 2011-07-26 15:26 . 2011-07-26 15:26 14336 ----a-w- c:\windows\system32\avrt.dll 2011-08-17 11:45 . 2011-08-07 18:18 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ------- Sigcheck ------- Note: Unsigned files aren't necessarily malware. . [-] 2011-01-15 . C8BDAD4065118558B3DC360FC96D81DB . 1571840 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll . ((((((((((((((((((((((((((((( SnapShot@2011-10-07_21.10.18 ))))))))))))))))))))))))))))))))))))))))) . + 2011-10-08 09:46 . 2011-10-08 09:46 16384 c:\windows\Temp\Perflib_Perfdata_240.dat + 2011-10-08 09:07 . 2011-10-08 09:07 16384 c:\windows\Temp\Perflib_Perfdata_228.dat + 2011-10-08 09:44 . 2011-10-08 09:44 16384 c:\windows\Temp\Perflib_Perfdata_204.dat + 2011-10-08 09:06 . 2011-10-08 09:06 16384 c:\windows\Temp\Perflib_Perfdata_1f0.dat . ((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Skype"="c:\program files\Skype\Phone\Skype.exe" [2011-09-12 17351304] "KiesHelper"="c:\program files\Samsung\Kies\KiesHelper.exe" [2011-07-26 958352] "KiesTrayAgent"="c:\program files\Samsung\Kies\KiesTrayAgent.exe" [2011-07-26 3507088] "KiesPDLR"="c:\program files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" [2011-07-26 20880] "Gadu-Gadu 10"="c:\program files\Gadu-Gadu 10\gg.exe" [2011-07-04 13374048] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ETDWare"="c:\program files\Elantech\ETDCtrl.exe" [2011-08-07 548744] "RTHDCPL"="RTHDCPL.EXE" [2011-08-07 20053608] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-08-07 141336] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-08-07 173592] "Persistence"="c:\windows\system32\igfxpers.exe" [2011-08-07 141336] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920] "WLConfig"="c:\program files\Beniamin\WLConfigNM.exe" [2011-07-21 1581056] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2011-01-15 15360] . c:\documents and settings\All Users\Menu Start\Programy\Autostart\ SuperHybridEngine.lnk - c:\program files\ASUS\EeePC\Super Hybrid Engine\SuperHybridEngine.exe [2011-8-7 385024] . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\WINDOWS\\system32\\muzapp.exe"= "c:\\Program Files\\Java\\jre6\\bin\\java.exe"= "c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"= "c:\\Program Files\\Gadu-Gadu 10\\gg.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= . R0 Si3124;Si3124;c:\windows\system32\drivers\si3124.sys [2011-01-15 69248] R0 Si3531;Si3531;c:\windows\system32\drivers\Si3531.sys [2011-01-15 210736] R0 sptd;sptd;\SystemRoot\\SystemRoot\System32\Drivers\sptd.sys --> \SystemRoot\\SystemRoot\System32\Drivers\sptd.sys [?] R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NIS\1206000.01D\symds.sys [2011-10-06 340088] R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NIS\1206000.01D\symefa.sys [2011-10-06 744568] R1 BHDrvx86;BHDrvx86;c:\documents and settings\All Users\Dane aplikacji\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\BASHDefs\20110929.001\BHDrvx86.sys [2011-09-29 816760] R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NIS\1206000.01D\ironx86.sys [2011-10-06 136312] R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2011-10-06 105592] R3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\drivers\ETD.sys [2011-08-07 102912] R3 IDSxpx86;IDSxpx86;c:\documents and settings\All Users\Dane aplikacji\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\IPSDefs\20111006.030\IDSXpx86.sys [2011-10-07 356280] R3 L1c;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\drivers\l1c51x86.sys [2010-05-10 61040] S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [2011-08-07 1691480] S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\drivers\ssudbus.sys [2011-08-13 77624] S3 FlashUSB;FlashUSB;c:\windows\system32\drivers\FlashUSB.sys [2011-08-13 16896] S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\drivers\ssudmdm.sys [2011-08-13 181432] . . ------- Skan uzupełniający ------- . LSP: %SYSTEMROOT%\system32\bnmndrv.dll TCP: DhcpNameServer = 192.168.1.1 FF - ProfilePath - . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2011-10-08 10:45 Windows 5.1.2600 Dodatek Service Pack 3 NTFS . skanowanie ukrytych procesów ... . skanowanie ukrytych wpisów autostartu ... . skanowanie ukrytych plików ... . skanowanie pomyślnie ukończone ukryte pliki: 0 . ************************************************************************** . [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NIS] "ImagePath"="\"c:\program files\Norton Internet Security\Engine\18.6.0.29\ccSvcHst.exe\" /s \"NIS\" /m \"c:\program files\Norton Internet Security\Engine\18.6.0.29\diMaster.dll\" /prefetch:1" . --------------------- Pliki DLL ładowane pod uruchomionymi procesami --------------------- . - - - - - - - > 'lsass.exe'(820) c:\windows\system32\bnmndrv.dll . - - - - - - - > 'explorer.exe'(868) c:\windows\system32\WININET.dll c:\progra~1\WINDOW~2\wmpband.dll c:\windows\system32\webcheck.dll c:\windows\system32\wpdshserviceobj.dll c:\windows\system32\portabledevicetypes.dll c:\windows\system32\portabledeviceapi.dll c:\program files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_d08d0375\MSVCP90.dll c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_d08d0375\MSVCR90.dll c:\program files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.POL . ------------------------ Pozostałe uruchomione procesy ------------------------ . c:\windows\system32\BnmnSrv.exe c:\program files\Java\jre6\bin\jqs.exe c:\program files\Norton Internet Security\Engine\18.6.0.29\ccSvcHst.exe c:\windows\system32\wbem\wmiapsrv.exe c:\windows\system32\wscntfy.exe c:\program files\Elantech\ETDCtrlHelper.exe c:\program files\Norton Internet Security\Engine\18.6.0.29\ccSvcHst.exe c:\windows\RTHDCPL.EXE c:\windows\system32\igfxsrvc.exe . ************************************************************************** . Czas ukończenia: 2011-10-08 10:52:05 - komputer został uruchomiony ponownie ComboFix-quarantined-files.txt 2011-10-08 09:52 ComboFix2.txt 2011-10-07 21:15 . Przed: 68 182 908 928 bajtów wolnych Po: 68 171 005 952 bajtów wolnych . - - End Of File - - 2B9919B238C4E5893BD2F7FBFD5A3C05

Kod: Zaznacz wszystko: DDS (Ver_2011-08-26.01) - NTFSx86 Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_26 Run by aaaaa at 11:23:31 on 2011-10-08 Microsoft Windows XP Professional 5.1.2600.3.1250.48.1045.18.1014.394 [GMT 1:00] . AV: Norton Internet Security *Disabled/Updated* {E10A9785-9598-4754-B552-92431C1C35F8} FW: Norton Internet Security *Enabled* . ============== Running Processes =============== . C:\WINDOWS\system32\svchost.exe -k DcomLaunch svchost.exe C:\WINDOWS\System32\svchost.exe -k netsvcs C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup svchost.exe svchost.exe C:\WINDOWS\system32\spoolsv.exe svchost.exe C:\WINDOWS\system32\BnmnSrv.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Norton Internet Security\Engine\18.6.0.29\ccSvcHst.exe C:\WINDOWS\system32\svchost.exe -k imgsvc C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\Elantech\ETDCtrlHelper.exe C:\Program Files\Norton Internet Security\Engine\18.6.0.29\ccSvcHst.exe C:\WINDOWS\RTHDCPL.EXE C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxsrvc.exe C:\WINDOWS\system32\igfxpers.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\WINDOWS\explorer.exe C:\WINDOWS\system32\notepad.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\WINDOWS\system32\dumprep.exe C:\Documents and Settings\aaaaa\Pulpit\OTL.scr C:\WINDOWS\system32\dumprep.exe . ============== Pseudo HJT Report =============== . BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: Symantec NCO BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - c:\program files\norton internet security\engine\18.6.0.29\coIEPlg.dll BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - c:\program files\norton internet security\engine\18.6.0.29\ips\IPSBHO.DLL BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - c:\program files\norton internet security\engine\18.6.0.29\coIEPlg.dll uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /nosplash /minimized uRun: [KiesHelper] c:\program files\samsung\kies\KiesHelper.exe /s uRun: [KiesTrayAgent] c:\program files\samsung\kies\KiesTrayAgent.exe uRun: [KiesPDLR] c:\program files\samsung\kies\external\firmwareupdate\KiesPDLR.exe uRun: [Gadu-Gadu 10] "c:\program files\gadu-gadu 10\gg.exe" mRun: [ETDWare] %ProgramFiles%\Elantech\ETDCtrl.exe mRun: [RTHDCPL] RTHDCPL.EXE mRun: [IgfxTray] c:\windows\system32\igfxtray.exe mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe mRun: [Persistence] c:\windows\system32\igfxpers.exe mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe" mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe" mRun: [WLConfig] c:\program files\beniamin\WLConfigNM.exe /check dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE StartupFolder: c:\docume~1\alluse~1\menust~1\programy\autost~1\superh~1.lnk - c:\program files\asus\eeepc\super hybrid engine\SuperHybridEngine.exe IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe LSP: %SYSTEMROOT%\system32\bnmndrv.dll DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab TCP: DhcpNameServer = 192.168.1.1 TCP: Interfaces\{FFD3CA36-5DD9-4323-A5C8-7CC8E0F11035} : DhcpNameServer = 192.168.1.1 Notify: igfxcui - igfxdev.dll SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\wpdshserviceobj.dll . ================= FIREFOX =================== . FF - ProfilePath - c:\documents and settings\aaaaa\dane aplikacji\mozilla\firefox\profiles\ls9vy0i3.default\ FF - prefs.js: browser.startup.homepage - www.google.pl FF - prefs.js: network.proxy.type - 0 FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll FF - plugin: c:\program files\startpage24\plugin\version_723\firefox\plugins\nplink64.dll . ============= SERVICES / DRIVERS =============== . R0 Si3124;Si3124;c:\windows\system32\drivers\si3124.sys [2011-1-15 69248] R0 Si3531;Si3531;c:\windows\system32\drivers\Si3531.sys [2011-1-15 210736] R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\nis\1206000.01d\symds.sys [2011-10-6 340088] R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\nis\1206000.01d\symefa.sys [2011-10-6 744568] R1 BHDrvx86;BHDrvx86;c:\documents and settings\all users\dane aplikacji\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_18.1.0.37\definitions\bashdefs\20110929.001\BHDrvx86.sys [2011-9-29 816760] R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\nis\1206000.01d\ironx86.sys [2011-10-6 136312] R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2011-10-6 105592] R3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\drivers\ETD.sys [2011-8-7 102912] R3 IDSxpx86;IDSxpx86;c:\documents and settings\all users\dane aplikacji\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_18.1.0.37\definitions\ipsdefs\20111007.030\IDSXpx86.sys [2011-10-8 356280] R3 L1c;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\drivers\l1c51x86.sys [2010-5-10 61040] S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [2011-8-7 1691480] S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\drivers\ssudbus.sys [2011-8-13 77624] S3 FlashUSB;FlashUSB;c:\windows\system32\drivers\FlashUSB.sys [2011-8-13 16896] S3 NAVENG;NAVENG;c:\documents and settings\all users\dane aplikacji\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_18.1.0.37\definitions\virusdefs\20111007.019\NAVENG.SYS [2011-10-8 86136] S3 NAVEX15;NAVEX15;c:\documents and settings\all users\dane aplikacji\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_18.1.0.37\definitions\virusdefs\20111007.019\NAVEX15.SYS [2011-10-8 1576312] S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\drivers\ssudmdm.sys [2011-8-13 181432] . =============== Created Last 30 ================ . 2011-10-08 09:18:15 -------- d-----w- C:\ComboFix 2011-10-07 20:15:47 -------- d-sha-r- C:\cmdcons 2011-10-07 20:10:47 98816 ----a-w- c:\windows\sed.exe 2011-10-07 20:10:47 518144 ----a-w- c:\windows\SWREG.exe 2011-10-07 20:10:47 256000 ----a-w- c:\windows\PEV.exe 2011-10-07 20:10:47 208896 ----a-w- c:\windows\MBR.exe 2011-10-06 22:52:23 428088 ----a-w- c:\windows\system32\drivers\sptd.sys 2011-10-06 21:41:58 -------- d-sh--w- c:\documents and settings\all users\dane aplikacji\.beniamin 2011-10-06 21:41:53 1253376 ----a-w- c:\windows\system32\bnmndrv.dll 2011-10-06 21:41:53 1179648 ----a-w- c:\windows\system32\BnmnSrv.exe 2011-10-06 21:41:53 1028096 ----a-w- c:\windows\system32\alpf.dll 2011-10-06 21:41:32 -------- d-----w- c:\program files\Beniamin 2011-10-06 21:39:51 369784 ----a-w- c:\windows\system32\drivers\nis\1206000.01d\symtdi.sys 2011-10-06 21:39:51 331384 ----a-w- c:\windows\system32\drivers\nis\1206000.01d\symtdiv.sys 2011-10-06 21:39:51 296568 ----a-w- c:\windows\system32\drivers\nis\1206000.01d\symnets.sys 2011-10-06 21:39:50 744568 ----a-w- c:\windows\system32\drivers\nis\1206000.01d\symefa.sys 2011-10-06 21:39:50 516216 ----a-w- c:\windows\system32\drivers\nis\1206000.01d\srtsp.sys 2011-10-06 21:39:50 50168 ----a-w- c:\windows\system32\drivers\nis\1206000.01d\srtspx.sys 2011-10-06 21:39:50 340088 ----a-w- c:\windows\system32\drivers\nis\1206000.01d\symds.sys 2011-10-06 21:39:50 136312 ----a-w- c:\windows\system32\drivers\nis\1206000.01d\ironx86.sys 2011-10-06 21:39:16 -------- d-----w- c:\windows\system32\drivers\nis\1206000.01D 2011-10-06 21:34:36 60872 ----a-w- c:\windows\system32\S32EVNT1.DLL 2011-10-06 21:34:36 126584 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS 2011-10-06 21:34:36 -------- d-----w- c:\program files\Symantec 2011-10-06 21:34:36 -------- d-----w- c:\program files\common files\Symantec Shared 2011-10-06 21:33:40 -------- d-----w- c:\windows\system32\drivers\NIS 2011-10-06 21:33:33 -------- d-----w- c:\program files\Norton Internet Security 2011-10-06 21:33:19 -------- d-----w- c:\program files\NortonInstaller 2011-09-27 13:35:17 -------- d-----w- c:\documents and settings\aaaaa\dane aplikacji\Tific 2011-09-18 18:36:03 -------- d-----w- c:\documents and settings\aaaaa\ustawienia lokalne\dane aplikacji\Temp 2011-09-18 18:36:03 -------- d-----w- c:\documents and settings\aaaaa\ustawienia lokalne\dane aplikacji\Adobe 2011-09-12 05:09:36 -------- d-----w- c:\program files\Gadu-Gadu 10 2011-09-11 14:57:17 14640 ------w- c:\windows\system32\spmsgXP_2k3.dll 2011-09-10 17:18:47 -------- d-----w- c:\program files\ConvertHelper 2011-09-10 17:14:51 -------- d-----w- c:\program files\MyFree Codec 2011-09-10 14:54:10 -------- d-----w- c:\documents and settings\aaaaa\ustawienia lokalne\dane aplikacji\KSafe 2011-09-10 14:52:21 -------- d-----w- c:\documents and settings\aaaaa\dane aplikacji\kingsoft 2011-09-10 14:51:48 -------- d-----w- c:\documents and settings\all users\dane aplikacji\KRSHistory 2011-09-10 14:49:07 38400 ----a-w- c:\windows\system32\pchsvc.dll 2011-09-10 14:48:36 -------- d-----w- C:\KRSHistory 2011-09-10 14:48:31 -------- d-----w- c:\documents and settings\all users\dane aplikacji\Kingsoft 2011-09-10 14:47:38 -------- d-----w- c:\program files\Kingsoft 2011-09-10 11:52:26 -------- d-----w- C:\Temp . ==================== Find3M ==================== . 2011-09-27 05:50:16 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2011-09-09 09:12:03 602624 ----a-w- c:\windows\system32\crypt32.dll 2011-08-07 18:39:23 13880 ----a-w- c:\windows\system32\drivers\kbfiltr.sys 2011-08-07 18:39:01 53248 ----a-w- c:\windows\system32\CSVer.dll 2011-08-07 18:28:12 4544392 ----a-w- c:\windows\system32\ETDUI.cpl 2011-08-07 18:28:11 102912 ----a-w- c:\windows\system32\drivers\ETD.sys 2011-07-20 07:46:04 77624 ----a-w- c:\windows\system32\drivers\ssudbus.sys 2011-07-20 07:46:04 581192 ----a-w- c:\windows\system32\WinUSBCoInstaller.dll 2011-07-20 07:46:04 181432 ----a-w- c:\windows\system32\drivers\ssudmdm.sys 2011-07-20 07:46:04 1112288 ----a-w- c:\windows\system32\WdfCoInstaller01007.dll 2011-07-20 07:45:54 16896 ----a-w- c:\windows\system32\drivers\FlashUSB.sys 2011-07-15 13:29:35 457856 ----a-w- c:\windows\system32\drivers\mrxsmb.sys . ============= FINISH: 11:28:34,26 ===============

Kod: Zaznacz wszystko: UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2011-08-26.01) . Microsoft Windows XP Professional Boot Device: \Device\HarddiskVolume1 Install Date: 2011-08-07 18:45:42 System Uptime: 2011-10-08 10:42:57 (1 hours ago) . Motherboard: ASUSTeK Computer INC. | | 1001PX Processor: Intel(R) Atom(TM) CPU N450 @ 1.66GHz | CPU 1 | 1666/167mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 98 GiB total, 63,51 GiB free. E: is FIXED (NTFS) - 51 GiB total, 34,579 GiB free. . ==== Disabled Device Manager Items ============= . Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318} Description: Device ID: ACPI\ASUS010\1010100 Manufacturer: Name: PNP Device ID: ACPI\ASUS010\1010100 Service: . ==== System Restore Points =================== . RP1: 2011-08-07 18:48:55 - Punkt kontrolny systemu RP2: 2011-08-07 18:58:49 - Zainstalowane Atheros Communications Inc.(R) AR81Family Gigabit/ RP3: 2011-08-07 18:59:52 - Installed Ralink Wireless LAN RP4: 2011-08-07 19:00:41 - Zainstalowane REALTEK PCIE Wireless LAN Driver RP5: 2011-08-07 19:21:43 - Installed USB Camera RP6: 2011-08-07 19:23:19 - Installed Super Hybrid Engine RP7: 2011-08-07 19:24:00 - Configured Super Hybrid Engine RP8: 2011-08-07 19:30:13 - Zainstalowane Realtek High Definition Audio Driver RP9: 2011-08-08 22:48:10 - Punkt kontrolny systemu RP10: 2011-08-09 20:13:46 - Software Distribution Service 3.0 RP11: 2011-08-11 08:18:07 - Punkt kontrolny systemu RP12: 2011-08-11 08:20:22 - Software Distribution Service 3.0 RP13: 2011-08-11 21:14:50 - Software Distribution Service 3.0 RP14: 2011-08-12 21:25:31 - Punkt kontrolny systemu RP15: 2011-08-13 13:08:57 - Installed Samsung Kies RP16: 2011-08-14 16:27:37 - Software Distribution Service 3.0 RP17: 2011-08-16 08:10:43 - Punkt kontrolny systemu RP18: 2011-08-17 22:40:47 - Punkt kontrolny systemu RP19: 2011-08-19 10:02:30 - Punkt kontrolny systemu RP20: 2011-08-20 11:40:07 - Punkt kontrolny systemu RP21: 2011-08-21 17:33:23 - Punkt kontrolny systemu RP22: 2011-08-23 11:42:42 - Punkt kontrolny systemu RP23: 2011-08-24 18:14:00 - Software Distribution Service 3.0 RP24: 2011-08-25 19:36:18 - Punkt kontrolny systemu RP25: 2011-09-29 17:15:25 - Punkt kontrolny systemu RP26: 2011-08-30 21:20:23 - Punkt kontrolny systemu RP27: 2011-09-03 12:19:39 - Punkt kontrolny systemu RP28: 2011-09-04 13:24:12 - Installed Java(TM) 6 Update 22 RP29: 2011-09-04 21:20:29 - Installed Java(TM) 6 Update 26 RP30: 2011-09-05 22:47:45 - Punkt kontrolny systemu RP31: 2011-09-06 23:34:44 - Punkt kontrolny systemu RP32: 2011-09-07 18:50:00 - Software Distribution Service 3.0 RP33: 2011-09-08 22:37:14 - Punkt kontrolny systemu RP34: 2011-09-10 16:17:51 - Punkt kontrolny systemu RP35: 2011-09-11 15:57:17 - Installed Windows XP Wdf01007. RP36: 2011-09-11 15:58:12 - Installed Windows XP winusb0100. RP37: 2011-09-12 16:02:22 - Punkt kontrolny systemu RP38: 2011-09-14 16:05:17 - Punkt kontrolny systemu RP39: 2011-09-14 23:25:21 - Software Distribution Service 3.0 RP40: 2011-09-16 15:13:38 - Punkt kontrolny systemu RP41: 2011-09-16 22:05:40 - Software Distribution Service 3.0 RP42: 2011-09-18 09:29:55 - Punkt kontrolny systemu RP43: 2011-09-18 19:34:55 - Installed Adobe Reader X (10.1.0) - Polish. RP44: 2011-09-19 20:42:15 - Punkt kontrolny systemu RP45: 2011-09-21 09:33:41 - Punkt kontrolny systemu RP46: 2011-09-22 19:18:14 - Punkt kontrolny systemu RP47: 2011-09-24 11:58:42 - Punkt kontrolny systemu RP48: 2011-09-25 17:37:44 - Punkt kontrolny systemu RP49: 2011-09-27 18:43:02 - Punkt kontrolny systemu RP50: 2011-09-28 22:00:06 - Software Distribution Service 3.0 RP51: 2011-10-02 21:34:51 - Punkt kontrolny systemu RP52: 2011-10-04 18:24:33 - Punkt kontrolny systemu RP53: 2011-10-06 23:52:23 - SPTD setup V1.79 RP54: 2011-10-07 20:36:00 - Operacja przywracania RP55: 2011-10-07 20:42:35 - Operacja przywracania RP56: 2011-10-07 20:47:43 - Operacja przywracania . ==== Installed Programs ====================== . Adobe Flash Player 10 Plugin Adobe Reader X (10.1.1) - Polish Aktualizacja dla systemu Windows XP (KB2467659) Aktualizacja dla systemu Windows XP (KB2541763) Aktualizacja dla systemu Windows XP (KB2607712) Aktualizacja dla systemu Windows XP (KB2616676) Aktualizacja dla systemu Windows XP (KB898461) Aktualizacja dla systemu Windows XP (KB955704) Aktualizacja dla systemu Windows XP (KB971029) Aktualizacja systemu Microsoft Windows (KB971513) Aktualizacja zabezpieczeń dla programu Windows Media Player (KB975558) Aktualizacja zabezpieczeń dla systemu Windows Internet Explorer 8 (KB2510531) Aktualizacja zabezpieczeń dla systemu Windows Internet Explorer 8 (KB2544521) Aktualizacja zabezpieczeń dla systemu Windows Internet Explorer 8 (KB2559049) Aktualizacja zabezpieczeń dla systemu Windows XP (KB2393802) Aktualizacja zabezpieczeń dla systemu Windows XP (KB2412687) Aktualizacja zabezpieczeń dla systemu Windows XP (KB2476490) Aktualizacja zabezpieczeń dla systemu Windows XP (KB2478960) Aktualizacja zabezpieczeń dla systemu Windows XP (KB2478971) Aktualizacja zabezpieczeń dla systemu Windows XP (KB2479943) Aktualizacja zabezpieczeń dla systemu Windows XP (KB2483185) Aktualizacja zabezpieczeń dla systemu Windows XP (KB2485663) Aktualizacja zabezpieczeń dla systemu Windows XP (KB2503665) Aktualizacja zabezpieczeń dla systemu Windows XP (KB2506212) Aktualizacja zabezpieczeń dla systemu Windows XP (KB2507618) Aktualizacja zabezpieczeń dla systemu Windows XP (KB2507938) Aktualizacja zabezpieczeń dla systemu Windows XP (KB2508272) Aktualizacja zabezpieczeń dla systemu Windows XP (KB2508429) Aktualizacja zabezpieczeń dla systemu Windows XP (KB2509553) Aktualizacja zabezpieczeń dla systemu Windows XP (KB2524375) Aktualizacja zabezpieczeń dla systemu Windows XP (KB2535512) Aktualizacja zabezpieczeń dla systemu Windows XP (KB2536276-v2) Aktualizacja zabezpieczeń dla systemu Windows XP (KB2544893) Aktualizacja zabezpieczeń dla systemu Windows XP (KB2555917) Aktualizacja zabezpieczeń dla systemu Windows XP (KB2562937) Aktualizacja zabezpieczeń dla systemu Windows XP (KB2566454) Aktualizacja zabezpieczeń dla systemu Windows XP (KB2567680) Aktualizacja zabezpieczeń dla systemu Windows XP (KB2570222) Aktualizacja zabezpieczeń dla systemu Windows XP (KB2570947) Aktualizacja zabezpieczeń dla systemu Windows XP (KB923561) Aktualizacja zabezpieczeń dla systemu Windows XP (KB980195) Atheros Client Installation Program Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver Beniamin 3.0 ConvertHelper 2.2 Dziobas Rar Player 0.009.52 ETDWare PS/2-x86 7.0.5.13_WHQL Gadu-Gadu 10 Hotfix for Microsoft .NET Framework 4 Client Profile (KB2461678) Hotfix for Windows XP (KB976002-v5) Intel(R) Graphics Media Accelerator Driver Java Auto Updater Java(TM) 6 Update 26 JDownloader JPEGCrops 0.7.5 beta Microsoft .NET Framework 4 Client Profile Microsoft Kernel-Mode Driver Framework Feature Pack 1.7 Microsoft Visual C++ 2005 Redistributable Microsoft WinUsb 1.0 Mozilla Firefox 6.0 (x86 pl) MyFreeCodec Norton Internet Security PhotoScape Poprawka dla systemu Windows XP (KB2443685) Poprawka dla systemu Windows XP (KB2570791) Ralink RT2860 Wireless LAN Card Realtek High Definition Audio Driver REALTEK Wireless LAN Driver Samsung Kies SAMSUNG USB Driver for Mobile Phones Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Skype™ 5.5 Startpage24 Super Hybrid Engine USB Camera WebFldrs XP WinRAR 4.01 (32-bitowy) . ==== End Of File ===========================

oto i nastepny log udalo sie

Kod: Zaznacz wszystko: OTL logfile created on: 2011-10-08 11:45:08 - Run 1 OTL by OldTimer - Version 3.2.29.1 Folder = C:\Documents and Settings\aaaaa\Pulpit Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 1014,11 Mb Total Physical Memory | 561,77 Mb Available Physical Memory | 55,40% Memory free 2,38 Gb Paging File | 2,02 Gb Available in Paging File | 85,00% Paging File free Paging file location(s): C:\pagefile.sys 1524 3048 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 97,77 Gb Total Space | 63,52 Gb Free Space | 64,97% Space Free | Partition Type: NTFS Drive E: | 51,26 Gb Total Space | 34,58 Gb Free Space | 67,45% Space Free | Partition Type: NTFS Computer Name: EISU-B8EF988BB8 | User Name: aaaaa | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2011-10-08 11:19:42 | 000,582,656 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\aaaaa\Pulpit\OTL.scr PRC - [2011-08-07 19:28:11 | 001,599,880 | ---- | M] (ELAN Microelectronic Corp.) -- C:\Program Files\Elantech\ETDCtrlHelper.exe PRC - [2011-07-21 01:51:46 | 001,179,648 | ---- | M] () -- C:\WINDOWS\system32\BnmnSrv.exe PRC - [2011-04-17 01:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Internet Security\Engine\18.6.0.29\ccsvchst.exe PRC - [2011-01-15 09:15:02 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2011-09-05 18:05:04 | 000,300,544 | ---- | M] () -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.POL MOD - [2011-07-21 01:51:46 | 001,179,648 | ---- | M] () -- C:\WINDOWS\system32\BnmnSrv.exe MOD - [2011-07-21 01:51:18 | 001,253,376 | ---- | M] () -- C:\WINDOWS\system32\bnmndrv.dll MOD - [2011-01-15 09:15:02 | 000,015,360 | ---- | M] () -- C:\WINDOWS\system32\tsd32.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - File not found [Disabled | Stopped] -- -- (HidServ) SRV - [2011-07-21 01:51:46 | 001,179,648 | ---- | M] () [Auto | Running] -- C:\WINDOWS\system32\BnmnSrv.exe -- (BnmnService) SRV - [2011-04-17 01:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) [Unknown | Running] -- C:\Program Files\Norton Internet Security\Engine\18.6.0.29\ccSvcHst.exe -- (NIS) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand | Running] -- -- (catchme) DRV - [2011-10-06 23:52:24 | 000,428,088 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd) DRV - [2011-10-06 22:39:53 | 000,126,584 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS -- (SymEvent) DRV - [2011-10-06 22:39:03 | 001,576,312 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Documents and Settings\All Users\Dane aplikacji\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\VirusDefs\20111007.019\NAVEX15.SYS -- (NAVEX15) DRV - [2011-10-06 22:39:03 | 000,105,592 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv) DRV - [2011-10-06 22:39:03 | 000,086,136 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Documents and Settings\All Users\Dane aplikacji\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\VirusDefs\20111007.019\NAVENG.SYS -- (NAVENG) DRV - [2011-10-06 22:39:02 | 000,374,392 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl) DRV - [2011-10-05 15:31:30 | 000,356,280 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Dane aplikacji\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\IPSDefs\20111007.030\IDSXpx86.sys -- (IDSxpx86) DRV - [2011-09-29 21:38:50 | 000,816,760 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Documents and Settings\All Users\Dane aplikacji\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\BASHDefs\20110929.001\BHDrvx86.sys -- (BHDrvx86) DRV - [2011-08-07 19:39:23 | 000,013,880 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\kbfiltr.sys -- (kbfiltr) DRV - [2011-08-07 19:29:35 | 006,412,904 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM) DRV - [2011-08-07 19:29:33 | 001,395,800 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt) DRV - [2011-08-07 19:29:31 | 001,691,480 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt) DRV - [2011-07-20 08:46:04 | 000,181,432 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssudmdm.sys -- (ssudmdm) SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.) DRV - [2011-07-20 08:46:04 | 000,077,624 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssudbus.sys -- (dg_ssudbus) SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.) DRV - [2011-07-20 08:45:54 | 000,016,896 | ---- | M] (Danish Wireless Design A/S) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\FlashUSB.sys -- (FlashUSB) DRV - [2011-03-31 04:00:09 | 000,516,216 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\NIS\1206000.01D\SRTSP.SYS -- (SRTSP) DRV - [2011-03-31 04:00:09 | 000,050,168 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\NIS\1206000.01D\SRTSPX.SYS -- (SRTSPX) Symantec Real Time Storage Protection (PEL) DRV - [2011-03-22 01:39:49 | 000,369,784 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\NIS\1206000.01D\SYMTDI.SYS -- (SYMTDI) DRV - [2011-03-15 03:31:23 | 000,744,568 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\NIS\1206000.01D\SYMEFA.SYS -- (SymEFA) DRV - [2011-01-27 07:47:10 | 000,340,088 | ---- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\NIS\1206000.01D\SYMDS.SYS -- (SymDS) DRV - [2011-01-27 06:07:05 | 000,136,312 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\NIS\1206000.01D\Ironx86.SYS -- (SymIRON) DRV - [2011-01-15 09:15:02 | 000,217,128 | ---- | M] (Silicon Image, Inc) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\Si3132r5.sys -- (Si3132r5) DRV - [2011-01-15 09:15:02 | 000,211,496 | ---- | M] (Silicon Image, Inc) [Kernel | Boot | Stopped] -- C:\WINDOWS\System32\drivers\Si3114r5.sys -- (Si3114r5) DRV - [2011-01-15 09:15:02 | 000,210,736 | ---- | M] (Silicon Image, Inc) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\Si3531.sys -- (Si3531) DRV - [2011-01-15 09:15:02 | 000,080,424 | ---- | M] (Silicon Image, Inc) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\si3132.sys -- (Si3132) DRV - [2011-01-15 09:15:02 | 000,069,248 | ---- | M] (Silicon Image, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\si3124.sys -- (Si3124) DRV - [2011-01-15 09:15:02 | 000,069,168 | ---- | M] (Silicon Image, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\si3112.sys -- (Si3112) DRV - [2010-05-10 16:28:04 | 000,061,040 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\l1c51x86.sys -- (L1c) DRV - [2009-08-11 15:04:30 | 001,582,624 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\athw.sys -- (AR5416) DRV - [2006-11-02 06:00:08 | 000,039,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\winusb.sys -- (WinUSB) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@startpage24.com/npLin64;Version=4: C:\Program Files\Startpage24\Plugin\Version_723\firefox\plugins\nplink64.dll (Link64 GmbH) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\ffext@startpage24: C:\Program Files\Startpage24\Plugin\Version_723\firefox [2011-09-04 03:13:16 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\Documents and Settings\All Users\Dane aplikacji\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\IPSFFPlgn\ [2011-10-07 20:36:21 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\Documents and Settings\All Users\Dane aplikacji\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\coFFPlgn_2011_7_1_3 [2011-10-08 10:45:06 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011-08-17 12:45:03 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011-09-04 21:21:21 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2011-09-04 13:24:33 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} [2011-09-04 21:21:21 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} [2011-08-17 12:45:02 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2010-01-01 09:00:00 | 000,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml [2010-01-01 09:00:00 | 000,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml [2010-01-01 09:00:00 | 000,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml [2010-01-01 09:00:00 | 000,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml [2010-01-01 09:00:00 | 000,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml [2010-01-01 09:00:00 | 000,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml O1 HOSTS File: ([2011-10-08 10:44:46 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\18.6.0.29\coieplg.dll (Symantec Corporation) O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\18.6.0.29\ips\ipsbho.dll (Symantec Corporation) O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\18.6.0.29\coieplg.dll (Symantec Corporation) O4 - HKLM..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronic Corp.) O4 - HKLM..\Run: [WLConfig] C:\Program Files\Beniamin\WLConfigNM.exe () O4 - HKCU..\Run: [Gadu-Gadu 10] C:\Program Files\Gadu-Gadu 10\gg.exe (GG Network S.A.) O4 - HKCU..\Run: [KiesHelper] C:\Program Files\Samsung\Kies\KiesHelper.exe (Samsung) O4 - HKCU..\Run: [KiesPDLR] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe () O4 - HKCU..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.) O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\SuperHybridEngine.lnk = C:\Program Files\ASUS\EeePC\Super Hybrid Engine\SuperHybridEngine.exe (ASUSTeK Computer Inc.) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\system32\bnmndrv.dll () O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\system32\bnmndrv.dll () O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\WINDOWS\system32\bnmndrv.dll () O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FFD3CA36-5DD9-4323-A5C8-7CC8E0F11035}: DhcpNameServer = 192.168.1.1 O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O24 - Desktop WallPaper: C:\Documents and Settings\aaaaa\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\aaaaa\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2011-08-07 18:41:25 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2011-10-08 10:18:15 | 000,000,000 | ---D | C] -- C:\ComboFix [2011-10-07 21:15:47 | 000,000,000 | RHSD | C] -- C:\cmdcons [2011-10-07 21:10:47 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe [2011-10-07 21:10:47 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe [2011-10-07 21:10:47 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe [2011-10-07 21:10:47 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe [2011-10-07 21:09:00 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT [2011-10-07 21:06:57 | 000,000,000 | ---D | C] -- C:\Qoobox [2011-10-07 21:06:47 | 000,000,000 | R--D | C] -- C:\Documents and Settings\aaaaa\Menu Start\Programy\Narzędzia administracyjne [2011-10-06 22:41:58 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\Dane aplikacji\.beniamin [2011-10-06 22:41:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Beniamin [2011-10-06 22:41:53 | 001,028,096 | ---- | C] (alpf.dll) -- C:\WINDOWS\System32\alpf.dll [2011-10-06 22:41:32 | 000,000,000 | ---D | C] -- C:\Program Files\Beniamin [2011-10-06 22:39:51 | 000,369,784 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1206000.01D\symtdi.sys [2011-10-06 22:39:51 | 000,331,384 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1206000.01D\symtdiv.sys [2011-10-06 22:39:51 | 000,296,568 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1206000.01D\symnets.sys [2011-10-06 22:39:50 | 000,744,568 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1206000.01D\symefa.sys [2011-10-06 22:39:50 | 000,516,216 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1206000.01D\srtsp.sys [2011-10-06 22:39:50 | 000,340,088 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1206000.01D\symds.sys [2011-10-06 22:39:50 | 000,136,312 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1206000.01D\ironx86.sys [2011-10-06 22:39:50 | 000,050,168 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1206000.01D\srtspx.sys [2011-10-06 22:39:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\NIS\1206000.01D [2011-10-06 22:34:36 | 000,126,584 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\SYMEVENT.SYS [2011-10-06 22:34:36 | 000,060,872 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\S32EVNT1.DLL [2011-10-06 22:34:36 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared [2011-10-06 22:34:36 | 000,000,000 | ---D | C] -- C:\Program Files\Symantec [2011-10-06 22:33:40 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\NIS [2011-10-06 22:33:33 | 000,000,000 | ---D | C] -- C:\Program Files\Norton Internet Security [2011-10-06 22:33:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Norton Internet Security [2011-10-06 22:33:19 | 000,000,000 | ---D | C] -- C:\Program Files\NortonInstaller [2011-09-29 13:31:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dokumenty\Norton [2011-09-29 13:31:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\aaaaa\Menu Start\Programy\Norton [2011-09-18 19:36:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\aaaaa\Ustawienia lokalne\Dane aplikacji\Temp [2011-09-18 19:36:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\aaaaa\Ustawienia lokalne\Dane aplikacji\Adobe [2011-09-18 19:34:59 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe [2011-09-18 19:34:59 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe [2011-09-18 19:34:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Adobe [2011-09-12 06:09:36 | 000,000,000 | ---D | C] -- C:\Program Files\Gadu-Gadu 10 [2011-09-11 15:57:17 | 000,014,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsgXP_2k3.dll [2011-09-10 18:38:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\aaaaa\Moje dokumenty\SelfMV [2011-09-10 18:18:47 | 000,000,000 | ---D | C] -- C:\Program Files\ConvertHelper [2011-09-10 18:14:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\MyFree Codec [2011-09-10 18:14:51 | 000,000,000 | ---D | C] -- C:\Program Files\MyFree Codec [2011-09-10 15:54:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\aaaaa\Ustawienia lokalne\Dane aplikacji\KSafe [2011-09-10 15:51:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\KRSHistory [2011-09-10 15:48:36 | 000,000,000 | ---D | C] -- C:\KRSHistory [2011-09-10 15:48:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Kingsoft [2011-09-10 15:47:38 | 000,000,000 | ---D | C] -- C:\Program Files\Kingsoft [2011-09-10 12:52:26 | 000,000,000 | ---D | C] -- C:\Temp [2011-09-10 12:03:03 | 000,000,000 | R--D | C] -- C:\Documents and Settings\aaaaa\Moje dokumenty\Moje wideo [2011-09-10 11:50:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\WinRAR [2011-09-10 11:50:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\aaaaa\Menu Start\Programy\WinRAR [2011-09-10 11:50:22 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR [2008-11-03 14:03:28 | 000,013,880 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\kbfiltr.sys [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2011-10-08 10:44:46 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts [2011-10-08 10:44:22 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2011-10-07 21:15:59 | 000,000,313 | RHS- | M] () -- C:\boot.ini [2011-10-07 20:51:18 | 000,460,402 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat [2011-10-07 20:51:18 | 000,068,120 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat [2011-10-07 20:51:17 | 000,405,346 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2011-10-07 20:51:17 | 000,054,690 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2011-10-06 23:54:12 | 000,001,973 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Norton Internet Security.LNK [2011-10-06 23:53:33 | 000,585,306 | ---- | M] () -- C:\WINDOWS\System32\drivers\NIS\1206000.01D\Cat.DB [2011-10-06 22:39:53 | 000,126,584 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\SYMEVENT.SYS [2011-10-06 22:39:53 | 000,060,872 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\S32EVNT1.DLL [2011-10-06 22:39:53 | 000,007,468 | ---- | M] () -- C:\WINDOWS\System32\drivers\SYMEVENT.CAT [2011-10-06 22:39:53 | 000,000,806 | ---- | M] () -- C:\WINDOWS\System32\drivers\SYMEVENT.INF [2011-10-06 11:06:02 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2011-10-02 17:10:49 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat [2011-09-27 06:50:16 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl [2011-09-24 17:29:49 | 000,015,556 | ---- | M] () -- C:\Documents and Settings\aaaaa\Menu Start.rar [2011-09-18 19:35:10 | 000,001,734 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Adobe Reader X.lnk [2011-09-18 17:59:32 | 000,002,267 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Skype.lnk [2011-09-14 23:25:39 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2011-09-12 06:09:55 | 000,000,791 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\OpenFM.lnk [2011-09-12 06:09:55 | 000,000,762 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Gadu-Gadu 10.lnk [2011-09-11 19:07:15 | 000,028,160 | ---- | M] () -- C:\Documents and Settings\aaaaa\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011-09-11 15:58:18 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_WinUSB_01007.Wdf [2011-09-11 15:57:25 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf [2011-09-09 10:12:03 | 000,602,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\crypt32.dll [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2011-10-07 21:15:58 | 000,000,197 | ---- | C] () -- C:\Boot.bak [2011-10-07 21:15:51 | 000,262,400 | RHS- | C] () -- C:\cmldr [2011-10-07 21:10:47 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe [2011-10-07 21:10:47 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe [2011-10-07 21:10:47 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe [2011-10-07 21:10:47 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe [2011-10-07 21:10:47 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe [2011-10-06 23:53:05 | 000,585,306 | ---- | C] () -- C:\WINDOWS\System32\drivers\NIS\1206000.01D\Cat.DB [2011-10-06 22:41:53 | 001,253,376 | ---- | C] () -- C:\WINDOWS\System32\bnmndrv.dll [2011-10-06 22:41:53 | 001,179,648 | ---- | C] () -- C:\WINDOWS\System32\BnmnSrv.exe [2011-10-06 22:39:51 | 000,007,877 | ---- | C] () -- C:\WINDOWS\System32\drivers\NIS\1206000.01D\symnetv.cat [2011-10-06 22:39:51 | 000,007,458 | ---- | C] () -- C:\WINDOWS\System32\drivers\NIS\1206000.01D\symnet.cat [2011-10-06 22:39:51 | 000,001,474 | ---- | C] () -- C:\WINDOWS\System32\drivers\NIS\1206000.01D\symnetv.inf [2011-10-06 22:39:51 | 000,001,446 | ---- | C] () -- C:\WINDOWS\System32\drivers\NIS\1206000.01D\symnet.inf [2011-10-06 22:39:50 | 000,007,528 | ---- | C] () -- C:\WINDOWS\System32\drivers\NIS\1206000.01D\iron.cat [2011-10-06 22:39:50 | 000,007,456 | ---- | C] () -- C:\WINDOWS\System32\drivers\NIS\1206000.01D\symefa.cat [2011-10-06 22:39:50 | 000,007,454 | ---- | C] () -- C:\WINDOWS\System32\drivers\NIS\1206000.01D\srtspx.cat [2011-10-06 22:39:50 | 000,007,450 | ---- | C] () -- C:\WINDOWS\System32\drivers\NIS\1206000.01D\srtsp.cat [2011-10-06 22:39:50 | 000,003,373 | ---- | C] () -- C:\WINDOWS\System32\drivers\NIS\1206000.01D\symefa.inf [2011-10-06 22:39:50 | 000,002,792 | ---- | C] () -- C:\WINDOWS\System32\drivers\NIS\1206000.01D\symds.inf [2011-10-06 22:39:50 | 000,001,389 | ---- | C] () -- C:\WINDOWS\System32\drivers\NIS\1206000.01D\srtspx.inf [2011-10-06 22:39:50 | 000,001,383 | ---- | C] () -- C:\WINDOWS\System32\drivers\NIS\1206000.01D\srtsp.inf [2011-10-06 22:39:50 | 000,000,742 | ---- | C] () -- C:\WINDOWS\System32\drivers\NIS\1206000.01D\iron.inf [2011-10-06 22:39:23 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\drivers\NIS\1206000.01D\symds.cat [2011-10-06 22:39:16 | 000,000,172 | ---- | C] () -- C:\WINDOWS\System32\drivers\NIS\1206000.01D\isolate.ini [2011-10-06 22:34:36 | 000,007,468 | ---- | C] () -- C:\WINDOWS\System32\drivers\SYMEVENT.CAT [2011-10-06 22:34:36 | 000,000,806 | ---- | C] () -- C:\WINDOWS\System32\drivers\SYMEVENT.INF [2011-10-06 22:34:26 | 000,001,973 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Norton Internet Security.LNK [2011-09-24 17:29:49 | 000,015,556 | ---- | C] () -- C:\Documents and Settings\aaaaa\Menu Start.rar [2011-09-18 19:35:10 | 000,002,347 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Adobe Reader X.lnk [2011-09-18 19:35:10 | 000,001,734 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Adobe Reader X.lnk [2011-09-12 06:09:55 | 000,000,791 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\OpenFM.lnk [2011-09-12 06:09:55 | 000,000,762 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Gadu-Gadu 10.lnk [2011-09-12 06:09:42 | 000,000,680 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Gadu-Gadu 10.lnk [2011-09-11 15:58:18 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_WinUSB_01007.Wdf [2011-09-11 15:57:25 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf [2011-09-11 15:57:22 | 000,001,374 | ---- | C] () -- C:\WINDOWS\imsins.BAK [2011-08-13 13:26:19 | 000,647,880 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\WPFFontCache_v0400-S-1-5-21-1993962763-448539723-1614895754-1003-0.dat [2011-08-13 13:21:35 | 000,080,138 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\WPFFontCache_v0400-System.dat [2011-08-07 20:59:17 | 000,028,160 | ---- | C] () -- C:\Documents and Settings\aaaaa\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011-08-07 20:30:07 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2011-08-07 20:10:53 | 000,093,480 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2011-08-07 19:50:14 | 000,001,324 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat [2011-08-07 19:30:20 | 000,004,692 | ---- | C] () -- C:\WINDOWS\System32\drivers\SamSfPa.dat [2011-08-07 19:30:20 | 000,000,008 | ---- | C] () -- C:\WINDOWS\System32\drivers\rtkhdaud.dat [2011-08-07 19:18:44 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat [2011-08-07 19:00:41 | 000,451,072 | ---- | C] () -- C:\WINDOWS\System32\ISSRemoveSP.exe [2011-08-07 19:00:29 | 000,001,769 | ---- | C] () -- C:\WINDOWS\Language_trs.ini [2011-08-07 18:59:53 | 000,013,931 | ---- | C] () -- C:\WINDOWS\System32\RaCoInst.dat [2011-08-07 18:45:51 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2011-08-07 18:37:55 | 000,021,856 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat [2011-07-26 16:26:48 | 000,030,568 | ---- | C] () -- C:\WINDOWS\MusiccityDownload.exe [2011-07-26 16:26:46 | 000,974,848 | ---- | C] () -- C:\WINDOWS\System32\cis-2.4.dll [2011-07-26 16:26:46 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\issacapi_bs-2.3.dll [2011-07-26 16:26:46 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\issacapi_pe-2.3.dll [2011-07-26 16:26:46 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\issacapi_se-2.3.dll [2011-01-15 09:15:02 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin [2011-01-15 09:15:02 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat [2011-01-15 09:15:02 | 000,460,402 | ---- | C] () -- C:\WINDOWS\System32\perfh015.dat [2011-01-15 09:15:02 | 000,405,346 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat [2011-01-15 09:15:02 | 000,313,828 | ---- | C] () -- C:\WINDOWS\System32\perfi015.dat [2011-01-15 09:15:02 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat [2011-01-15 09:15:02 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat [2011-01-15 09:15:02 | 000,068,120 | ---- | C] () -- C:\WINDOWS\System32\perfc015.dat [2011-01-15 09:15:02 | 000,054,690 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat [2011-01-15 09:15:02 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin [2011-01-15 09:15:02 | 000,034,990 | ---- | C] () -- C:\WINDOWS\System32\perfd015.dat [2011-01-15 09:15:02 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat [2011-01-15 09:15:02 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat [2011-01-15 09:15:02 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat [2011-01-15 09:15:02 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin [2011-01-15 09:15:02 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat [2009-10-06 08:16:00 | 000,819,200 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll [color=#E56717]========== LOP Check ==========[/color] [2011-10-08 11:47:00 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Dane aplikacji\.beniamin [2011-09-07 12:40:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10 [2011-09-10 15:48:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Kingsoft [2011-09-10 15:51:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\KRSHistory [2011-09-30 12:11:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\OpenFM [2011-08-07 18:59:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Ralink Driver [2011-08-13 13:12:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Samsung [color=#E56717]========== Purity Check ==========[/color] < End of report >

**Posty:** 18165 · przez **wojtas** 08 Paź 2011, 15:41

nie usunięty sptd.sys do Combofixa i Gmera więc to powoduje problem

zrób pełny skan Malwarebytes Anti-Malware (zaktualizuj, usuń co znajdzie )
i daj nowe logi ( OTL + Gmer )