Dołaczam LOGA do sprawdzenia
Czy to jest to z tego COmboFixa bo pierwszraz go użyłem
ComboFix 07-12-19.2 - jacek 2007-12-18 22:44:00.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1250.1.1045.18.1567 [GMT 1:00]
Running from: C:\Downloads\Software\ComboFix.exe
* Created a new restore point
.
((((((((((((((((((((((((( Files Created from 2007-11-19 to 2007-12-19 )))))))))))))))))))))))))))))))
.
2007-12-18 21:56 . 2007-12-18 21:56
2007-12-18 21:44 . 2007-12-18 21:44
2007-12-17 23:22 . 2007-12-17 23:22
2007-12-17 22:58 . 2007-12-17 22:58
2007-12-17 22:30 . 2007-12-17 23:26
2007-12-17 17:37 . 2007-12-17 17:37
2007-12-17 14:10 . 2007-12-17 14:10 47,312 --a------ C:\WINDOWS\system32\drivers\MiniIcpt.sys
2007-12-17 14:06 . 2007-12-17 17:28
2007-12-17 06:27 . 2007-12-17 08:17
2007-12-16 22:37 . 2007-12-16 22:37
2007-12-16 22:09 . 2007-12-16 22:09
2007-12-16 22:02 . 2007-12-16 22:02
2007-12-16 21:59 . 2007-12-16 21:59
2007-12-16 21:59 . 2007-12-16 21:59
2007-12-16 21:56 . 2007-12-16 21:56
2007-12-16 21:52 . 2007-12-16 21:52
2007-12-16 21:52 . 2003-08-29 23:51 156,160 --a------ C:\WINDOWS\system32\unrar3.dll
2007-12-16 21:52 . 2003-08-29 23:52 75,264 --a------ C:\WINDOWS\system32\unacev2.dll
2007-12-16 21:30 . 2007-12-16 21:30
2007-12-16 21:30 . 2007-12-16 21:30 0 --a------ C:\Documents and Settings\jacek\Dane aplikacji\wklnhst.dat
2007-12-16 21:08 . 2007-12-16 21:08
2007-12-16 21:06 . 2007-12-16 21:06
2007-12-16 20:46 . 2007-12-16 20:46
2007-12-16 20:42 . 2007-12-16 20:45
2007-12-16 20:39 . 2007-12-16 20:39
2007-12-16 20:32 . 2007-12-16 20:32 150,176 --a------ C:\Documents and Settings\All Users\Dane aplikacji\firstlsp.reg.dat
2007-12-16 20:29 . 2007-12-16 20:29
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-12-18 21:03 --------- d-----w C:\Documents and Settings\jacek\Dane aplikacji\The Bat!
2007-12-18 20:56 --------- d-----w C:\Documents and Settings\jacek\Dane aplikacji\Free Download Manager
2007-12-18 18:18 --------- d-----w C:\Documents and Settings\jacek\Dane aplikacji\Skype
2007-12-17 22:28 --------- d-----w C:\Program Files\eMule
2007-12-17 21:44 --------- d–h--w C:\Program Files\InstallShield Installation Information
2007-12-17 17:02 --------- d—a-w C:\Documents and Settings\All Users\Dane aplikacji\TEMP
2007-12-16 21:00 685,816 ----a-w C:\WINDOWS\system32\drivers\sptd.sys
2007-12-16 18:50 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
2007-12-16 18:35 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\Microsoft Help
2007-12-07 15:22 --------- d-----w C:\Program Files\English Translator 3
2007-11-14 15:11 --------- d-----w C:\Program Files\Szkola podstawowa klasa 4 - Tajemnice przyrody
2007-11-04 19:28 --------- d-----w C:\Documents and Settings\jacek\Dane aplikacji\Wildfire
2007-10-26 21:02 2,277,376 ----a-w C:\WINDOWS\system32\TUKernel.exe
2007-10-24 18:28 --------- d-----w C:\Program Files\Cartall
2007-10-23 21:30 --------- d-----w C:\Program Files\Gadu-Gadu
2007-10-21 20:09 81,920 ----a-w C:\Documents and Settings\jacek\Dane aplikacji\ezpinst.exe
2007-10-21 20:09 47,360 ----a-w C:\Documents and Settings\jacek\Dane aplikacji\pcouffin.sys
2007-10-21 20:09 --------- d-----w C:\Documents and Settings\jacek\Dane aplikacji\Vso
2007-10-21 19:21 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\DVD Shrink
2007-10-21 19:18 --------- d-----w C:\Documents and Settings\jacek\Dane aplikacji\RipIt4Me
2007-10-21 19:04 47,360 ----a-w C:\WINDOWS\system32\drivers\pcouffin.sys
2007-10-21 11:29 --------- d-----w C:\Program Files\AGEIA Technologies
2007-10-19 20:26 --------- d-----w C:\Documents and Settings\jacek\Dane aplikacji\Media Player Classic
2007-10-19 16:33 --------- d-----w C:\Program Files\Windows Media Connect 2
2007-10-19 16:14 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\nabocorp
2007-08-12 11:57 774,144 ----a-w C:\Program Files\RngInterstitial.dll
2007-04-12 06:49 94,080 ----a-w C:\Documents and Settings\jacek\Dane aplikacji\ezplay.sys
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
“ctfmon.exe”=“C:\WINDOWS\system32\ctfmon.exe” [2004-08-03 23:44]
“Gadu-Gadu”=“C:\Program Files\Gadu-Gadu\gg.exe” [2007-01-30 15:58]
“Skype”=“C:\Program Files\Skype\Phone\Skype.exe” [2007-08-17 02:45]
“AlcoholAutomount”=“C:\Program Files\Alcohol Soft\Alcohol 52\axcmd.exe” [2007-07-02 11:22]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
“NeroFilterCheck”=“C:\WINDOWS\system32\NeroCheck.exe” [2006-01-12 14:40]
“EPSON Stylus DX3800 Series”=“C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.exe” [2005-02-08 05:00]
“SkyTel”=“SkyTel.EXE” [2006-05-16 11:04 C:\WINDOWS\SkyTel.exe]
“NvCplDaemon”=“RUNDLL32.exe” [2004-08-03 23:44 C:\WINDOWS\system32\rundll32.exe]
“NvMediaCenter”=“RUNDLL32.exe” [2004-08-03 23:44 C:\WINDOWS\system32\rundll32.exe]
“RTHDCPL”=“RTHDCPL.EXE” [2006-05-27 03:47 C:\WINDOWS\RTHDCPL.EXE]
[HKEY_USERS.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
“CTFMON.EXE”=“C:\WINDOWS\System32\CTFMON.EXE” [2004-08-03 23:44]
“PcSync”=“C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe” [2006-11-09 16:15]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
“MaxRecentDocs”= 15 (0xf)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
“UIHost”=“C:\WINDOWS\system32\logonui.exe”
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\voicesub32]
voicesub32.dll
R0 sfdrv01a;StarForce Protection Environment Driver (version 1.x.a);C:\WINDOWS\system32\drivers\sfdrv01a.sys [2006-07-05 13:46]
R3 USBSTOR;Sterownik magazynu masowego USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 22:08]
S2 CX23880;KWorld TV88X Video Capture;C:\WINDOWS\system32\drivers\cx88vid.sys [2005-01-18 11:57]
S2 CX88XBAR;KWorld TV88X Crossbar;C:\WINDOWS\system32\drivers\CX88XBAR.sys [2005-01-18 11:58]
S2 CXTUNE;KWorld TV88X Tuner;C:\WINDOWS\system32\drivers\CX88TUNE.sys [2005-01-18 11:58]
S3 Boonty Games;Boonty Games;“C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe” [2007-08-11 23:42]
S3 BTNetFilter;Bluetooth Network Filter;C:\WINDOWS\system32\drivers\BTNetFilter.sys [2004-12-16 15:32]
S3 s125bus;Sony Ericsson Device 125 driver (WDM);C:\WINDOWS\system32\DRIVERS\s125bus.sys [2007-04-24 10:33]
S3 s125mdfl;Sony Ericsson Device 125 USB WMC Modem Filter;C:\WINDOWS\system32\DRIVERS\s125mdfl.sys [2007-04-24 10:33]
S3 s125mdm;Sony Ericsson Device 125 USB WMC Modem Driver;C:\WINDOWS\system32\DRIVERS\s125mdm.sys [2007-04-24 10:33]
S3 s125mgmt;Sony Ericsson Device 125 USB WMC Device Management Drivers (WDM);C:\WINDOWS\system32\DRIVERS\s125mgmt.sys [2007-04-24 10:33]
S3 s125obex;Sony Ericsson Device 125 USB WMC OBEX Interface;C:\WINDOWS\system32\DRIVERS\s125obex.sys [2007-04-24 10:33]
S3 usbscan;Sterownik skanera USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 21:58]
*Newly Created Service* - CATCHME
*Newly Created Service* - PROCEXP90
.
Contents of the ‘Scheduled Tasks’ folder
“2007-10-26 15:15:41 C:\WINDOWS\Tasks\1-Click Maintenance.job”
“2007-12-16 21:37:58 C:\WINDOWS\Tasks\SmartDefrag.job”
- C:\Program Files\IObit\IObit SmartDefrag\schedule.exe
.
jacek69
Popraw tytuł na konkretny i posta z logiem.