Video add-on

bazarek · 5 Listopad 2007 18:07

Mam problem komp mi muli strasznie bo dzis sciagnal mi sie jakis syf wyskakuje mi okienko ze jakies rojany i takie tam jakis sam sie nawet anty wir sciagnal…i nie moge usunac jednego pliku Video Add-on podaje log i prosze o szybka pomoc co i jak po kolei bo ja zielony jestem i nie weim co mam dalej robic

Logfile of HijackThis v1.99.1 Scan saved at 18:53, on 2007-11-05 Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Video Add-on\isfmntr.exe C:\Program Files\Java\jre1.5.0_07\bin\jusched.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\Analog Devices\Core\smax4pnp.exe C:\Program Files\Analog Devices\SoundMAX\Smax4.exe C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\PROGRA~1\NEOSTR~1\TaskBarIcon.exe C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe C:\Program Files\Video Add-on\isfmm.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\DAEMON Tools\daemon.exe C:\Program Files\Multimedia Keyboard Driver\PS2USBKbdDrv.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\WINDOWS\ATKKBService.exe C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe C:\WINDOWS\System32\FTRTSVC.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\neostrada tp\neostradatp.exe C:\Program Files\neostrada tp\ComComp.exe C:\PROGRA~1\NEOSTR~1\Toaster.exe C:\PROGRA~1\NEOSTR~1\Inactivity.exe C:\PROGRA~1\NEOSTR~1\PollingModule.exe C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE C:\Program Files\neostrada tp\Watch.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Internet Explorer\iexplore.exe C:\WINDOWS\system32\wuauclt.exe E:\BitComet\BitComet.exe C:\DOCUME~1\Domeq\USTAWI~1\Temp\Rar$EX00.188\HijackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.pcf.pl/ R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.pcf.pl/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\NEOSTR~1\SEARCH~1.DLL O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - E:\BitComet\tools\BitCometBHO_1.1.9.24.dll O2 - BHO: (no name) - {43BF8E0C-886D-4103-8DDB-2DFE0E8A0168} - C:\Program Files\Video Add-on\isfmdl.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll O3 - Toolbar: IE Custom Tools - {6CA49FDD-4AEB-4F08-A394-C0A1F82CAA16} - C:\Program Files\Video Add-on\ictmdl.dll (file missing) O4 - HKLM…\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_07\bin\jusched.exe O4 - HKLM…\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM…\Run: [nwiz] nwiz.exe /install O4 - HKLM…\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM…\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe O4 - HKLM…\Run: [soundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe O4 - HKLM…\Run: [soundMAX] “C:\Program Files\Analog Devices\SoundMAX\Smax4.exe” /tray O4 - HKLM…\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM…\Run: [RemoteControl] “C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe” O4 - HKLM…\Run: [WOOWATCH] C:\PROGRA~1\NEOSTR~1\Watch.exe O4 - HKLM…\Run: [WOOTASKBARICON] C:\PROGRA~1\NEOSTR~1\GestMaj.exe TaskBarIcon.exe O4 - HKLM…\Run: [WireLessKeyboard] C:\Program Files\Multimedia Keyboard Driver\StartAutorun.exe PS2USBKbdDrv.exe O4 - HKLM…\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM…\Run: [WinampAgent] “C:\Program Files\Winamp\winampa.exe” O4 - HKLM…\Run: [AVP] “C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe” O4 - HKCU…\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU…\Run: [Komunikator] C:\Program Files\Tlen.pl\tlen.exe O4 - HKCU…\Run: [DAEMON Tools] “C:\Program Files\DAEMON Tools\daemon.exe” -lang 1033 O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O8 - Extra context menu item: &D&ownload &with BitComet - res://E:\BitComet\BitComet.exe/AddLink.htm O8 - Extra context menu item: &D&ownload all video with BitComet - res://E:\BitComet\BitComet.exe/AddVideo.htm O8 - Extra context menu item: &D&ownload all with BitComet - res://E:\BitComet\BitComet.exe/AddAllLink.htm O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra ‘Tools’ menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll O9 - Extra ‘Tools’ menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll O9 - Extra button: Statystyki dla ochrony WWW - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\SCIEPlgn.dll O9 - Extra button: BitComet Search - {461CC20B-FB6E-4f16-8FE8-C29359DB100E} - E:\BitComet\tools\BitCometBHO_1.1.9.24.dll O14 - IERESET.INF: START_PAGE_URL=http://www.pcf.pl/ O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windows … 2373954140 O16 - DPF: {FDDBE2B8-6602-4AD8-946D-94C5A32FA6C5} (GameDesire Snooker) - http://67.15.101.33/g_bin/pl/snooker_2_0_0_35.cab O17 - HKLM\System\CCS\Services\Tcpip…{F272F3C1-BC53-4FE0-9514-888D77C02106}: NameServer = 194.204.159.1 217.98.63.164 O20 - Winlogon Notify: klogon - C:\WINDOWS\system32\klogon.dll O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe O23 - Service: Kaspersky Anti-Virus 7.0 (AVP) - Unknown owner - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe" -r (file missing) O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

Złączono Posta : 05.11.2007 (Pon) 20:08

???

Krzychuu · 5 Listopad 2007 19:18

Użyj SmitFraudFix z opcji 2. Potem daj nowe logi z HJT i CF + raport z SmitFraudFix.

bazarek · 5 Listopad 2007 19:38

wydaje mi sie ze jest lepiej ale czy napewno??? i co jeszcze moge poprawic sprawdz dzieki za wszystko

SmitFraudFix v2.249 Scan done at 20:25:22.34, 2007-11-05 Run from C:\Documents and Settings\Domeq\Pulpit\SmitfraudFix OS: Microsoft Windows XP [Wersja 5.1.2600] - Windows_NT The filesystem type is NTFS Fix run in normal mode »»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Before SmitFraudFix !Attention, following keys are not inevitably infected! SrchSTS.exe by S!Ri Search SharedTaskScheduler’s .dll »»»»»»»»»»»»»»»»»»»»»»»» Killing process »»»»»»»»»»»»»»»»»»»»»»»» hosts 127.0.0.1 localhost »»»»»»»»»»»»»»»»»»»»»»»» Winsock2 Fix S!Ri’s WS2Fix: LSP not Found. »»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix GenericRenosFix by S!Ri »»»»»»»»»»»»»»»»»»»»»»»» Deleting infected files C:\DOCUME~1\ALLUSE~1\MENUST~1\Online Security Guide.url Deleted C:\DOCUME~1\ALLUSE~1\MENUST~1\Security Troubleshooting.url Deleted Problem while deleting C:\Program Files\Video Add-on\ »»»»»»»»»»»»»»»»»»»»»»»» DNS Description: WAN (PPP/SLIP) Interface DNS Server Search Order: 194.204.159.1 DNS Server Search Order: 217.98.63.164 HKLM\SYSTEM\CCS\Services\Tcpip…{F272F3C1-BC53-4FE0-9514-888D77C02106}: NameServer=194.204.159.1 217.98.63.164 HKLM\SYSTEM\CS1\Services\Tcpip…{F272F3C1-BC53-4FE0-9514-888D77C02106}: NameServer=194.204.159.1 217.98.63.164 HKLM\SYSTEM\CS2\Services\Tcpip…{F272F3C1-BC53-4FE0-9514-888D77C02106}: NameServer=194.204.159.1 217.98.63.164 »»»»»»»»»»»»»»»»»»»»»»»» Deleting Temp Files »»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System !Attention, following keys are not inevitably infected! [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] “System”="" »»»»»»»»»»»»»»»»»»»»»»»» Registry Cleaning Registry Cleaning done. »»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler After SmitFraudFix !Attention, following keys are not inevitably infected! SrchSTS.exe by S!Ri Search SharedTaskScheduler’s .dll »»»»»»»»»»»»»»»»»»»»»»»» Reboot Logfile of HijackThis v1.99.1 Scan saved at 20:36, on 2007-11-05 Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Java\jre1.5.0_07\bin\jusched.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\Analog Devices\Core\smax4pnp.exe C:\Program Files\Analog Devices\SoundMAX\Smax4.exe C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\WINDOWS\system32\ctfmon.exe C:\PROGRA~1\NEOSTR~1\TaskBarIcon.exe C:\Program Files\DAEMON Tools\daemon.exe C:\WINDOWS\ATKKBService.exe C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\WINDOWS\System32\FTRTSVC.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Multimedia Keyboard Driver\PS2USBKbdDrv.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE C:\Program Files\neostrada tp\neostradatp.exe C:\Program Files\neostrada tp\ComComp.exe C:\Program Files\neostrada tp\Watch.exe C:\Program Files\Internet Explorer\iexplore.exe E:\BitComet\BitComet.exe C:\Program Files\WinRAR\WinRAR.exe C:\DOCUME~1\Domeq\USTAWI~1\Temp\Rar$EX00.750\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.fotka.pl/ R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.pcf.pl/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\NEOSTR~1\SEARCH~1.DLL O2 - BHO: My Global Search Bar BHO - {37B85A21-692B-4205-9CAD-2626E4993404} - C:\Program Files\MyGlobalSearch\bar\1.bin\MGSBAR.DLL O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - E:\BitComet\tools\BitCometBHO_1.1.9.24.dll O2 - BHO: (no name) - {43BF8E0C-886D-4103-8DDB-2DFE0E8A0168} - C:\Program Files\Video Add-on\isfmdl.dll (file missing) O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll O3 - Toolbar: My Global Search Bar - {37B85A29-692B-4205-9CAD-2626E4993404} - C:\Program Files\MyGlobalSearch\bar\1.bin\MGSBAR.DLL O4 - HKLM…\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_07\bin\jusched.exe O4 - HKLM…\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM…\Run: [nwiz] nwiz.exe /install O4 - HKLM…\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM…\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe O4 - HKLM…\Run: [soundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe O4 - HKLM…\Run: [soundMAX] “C:\Program Files\Analog Devices\SoundMAX\Smax4.exe” /tray O4 - HKLM…\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM…\Run: [RemoteControl] “C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe” O4 - HKLM…\Run: [WOOWATCH] C:\PROGRA~1\NEOSTR~1\Watch.exe O4 - HKLM…\Run: [WOOTASKBARICON] C:\PROGRA~1\NEOSTR~1\GestMaj.exe TaskBarIcon.exe O4 - HKLM…\Run: [WireLessKeyboard] C:\Program Files\Multimedia Keyboard Driver\StartAutorun.exe PS2USBKbdDrv.exe O4 - HKLM…\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM…\Run: [WinampAgent] “C:\Program Files\Winamp\winampa.exe” O4 - HKLM…\Run: [AVP] “C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe” O4 - HKCU…\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU…\Run: [Komunikator] C:\Program Files\Tlen.pl\tlen.exe O4 - HKCU…\Run: [DAEMON Tools] “C:\Program Files\DAEMON Tools\daemon.exe” -lang 1033 O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O8 - Extra context menu item: Download with BitComet - res://E:\BitComet\BitComet.exe/AddLink.htm O8 - Extra context menu item: Download all video with BitComet - res://E:\BitComet\BitComet.exe/AddVideo.htm O8 - Extra context menu item: Download all with BitComet - res://E:\BitComet\BitComet.exe/AddAllLink.htm O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra ‘Tools’ menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll O9 - Extra ‘Tools’ menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll O9 - Extra button: Statystyki dla ochrony WWW - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\SCIEPlgn.dll O9 - Extra button: BitComet Search - {461CC20B-FB6E-4f16-8FE8-C29359DB100E} - E:\BitComet\tools\BitCometBHO_1.1.9.24.dll O14 - IERESET.INF: START_PAGE_URL=http://www.pcf.pl/ O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windows … 2373954140 O16 - DPF: {FDDBE2B8-6602-4AD8-946D-94C5A32FA6C5} (GameDesire Snooker) - http://67.15.101.33/g_bin/pl/snooker_2_0_0_35.cab O17 - HKLM\System\CCS\Services\Tcpip…{F272F3C1-BC53-4FE0-9514-888D77C02106}: NameServer = 194.204.159.1 217.98.63.164 O20 - Winlogon Notify: klogon - C:\WINDOWS\system32\klogon.dll O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe O23 - Service: Kaspersky Anti-Virus 7.0 (AVP) - Unknown owner - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe" -r (file missing) O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

jessica · 5 Listopad 2007 19:58

>>Hijack>>scan(Do a system scan only)>>zaznacz je >> Fix checked.

Miałeś jeszcze dać log z ComboFix .

jessi

Xaros · 5 Listopad 2007 20:01

To co jest up to wywal, reszta raczej good.

bazarek · 5 Listopad 2007 20:28

zrobilem test combo fixem ale nie wiem co dalej gdzie on sie znajduje?? zeby go dac na forum?? ponoc jak sie zrobi tego scana to trzeba cos usunac prosze o jakies wskazowki bo pod podanym linkiem nie ma tego

jessica · 5 Listopad 2007 20:32

Log z ComboFixa powinien być na *C:*

jessi

bazarek · 5 Listopad 2007 20:44

Sorki …za 1 razem jak robilem to go nie bylo teraz juz jest…no to podaje go…czy to wszytsko czy jeszcze cos moge zrobic

ComboFix 07-11-05.2 - Domeq 2007-11-05 21:31:11.3 - NTFSx86 Microsoft Windows XP Home Edition 5.1.2600.2.1250.1.1045.18.147 [GMT 1:00] Running from: C:\Downloads\ComboFix.exe . ((((((((((((((((((((((((( Files Created from 2007-10-05 to 2007-11-05 ))))))))))))))))))))))))))))))) . 2007-11-05 20:24 289,144 --a------ C:\WINDOWS\system32\VCCLSID.exe 2007-11-05 20:24 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe 2007-11-05 20:24 53,248 --a------ C:\WINDOWS\system32\Process.exe 2007-11-05 20:24 51,200 --a------ C:\WINDOWS\system32\dumphive.exe 2007-11-05 20:24 25,600 --a------ C:\WINDOWS\system32\WS2Fix.exe 2007-11-05 20:24 2,322 --a------ C:\WINDOWS\system32\tmp.reg 2007-11-05 19:12 2007-11-05 18:29 51,200 --a------ C:\WINDOWS\NirCmd.exe 2007-11-05 18:01 2007-11-05 18:01 2007-11-05 18:01 525,088 --ahs---- C:\WINDOWS\system32\drivers\fidbox.dat 2007-11-05 18:01 82,061 --a------ C:\WINDOWS\system32\drivers\klick.dat 2007-11-05 18:01 81,549 --a------ C:\WINDOWS\system32\drivers\klin.dat 2007-11-05 18:01 6,944 --ahs---- C:\WINDOWS\system32\drivers\fidbox2.dat 2007-11-05 18:00 2007-11-05 17:39 2007-11-03 12:47 2007-10-30 15:22 2007-10-30 15:21 685,816 --a------ C:\WINDOWS\system32\drivers\sptd.sys 2007-10-28 16:47 2007-10-28 16:47 2,560 --a------ C:\WINDOWS\system32\bitcometres.dll 2007-10-28 16:32 2007-10-28 16:32 2007-10-23 19:25 2007-10-23 19:25 107,888 --a------ C:\WINDOWS\system32\CmdLineExt.dll 2007-10-23 15:06 2007-10-17 12:22 2007-10-17 12:22 4 --a------ C:\WINDOWS\system32\proc625010911.bin 2007-10-13 16:49 3,497,832 --a------ C:\WINDOWS\system32\d3dx9_34.dll 2007-10-13 16:49 3,426,072 --a------ C:\WINDOWS\system32\d3dx9_32.dll 2007-10-13 16:49 1,124,720 --a------ C:\WINDOWS\system32\D3DCompiler_34.dll 2007-10-13 16:49 443,752 --a------ C:\WINDOWS\system32\d3dx10_34.dll 2007-10-13 16:49 266,088 --a------ C:\WINDOWS\system32\xactengine2_8.dll 2007-10-13 16:49 255,848 --a------ C:\WINDOWS\system32\xactengine2_6.dll 2007-10-13 16:49 251,672 --a------ C:\WINDOWS\system32\xactengine2_5.dll 2007-10-13 16:49 237,848 --a------ C:\WINDOWS\system32\xactengine2_4.dll 2007-10-13 16:49 18,280 --a------ C:\WINDOWS\system32\x3daudio1_2.dll 2007-10-13 10:30 2007-10-13 10:15 2007-10-13 10:15 2007-10-13 10:15 25,544 --a------ C:\WINDOWS\system32\drivers\hamachi.sys 2007-10-12 14:12 2007-10-10 17:50 4,682 --a------ C:\WINDOWS\system32\npptNT2.sys 2007-10-10 17:13 2007-10-09 17:51 2007-10-09 17:51 2007-10-09 17:51 2007-10-09 17:49 2007-10-09 17:49 77,824 -ra------ C:\WINDOWS\system32\HPZIDS01.dll 2007-10-09 17:49 49,664 -ra------ C:\WINDOWS\system32\drivers\HPZid412.sys 2007-10-09 17:49 16,496 -ra------ C:\WINDOWS\system32\drivers\HPZipr12.sys 2007-10-09 17:48 48,128 --a------ C:\WINDOWS\system32\hpzll054.dll 2007-10-09 17:48 15,104 --a------ C:\WINDOWS\system32\drivers\usbscan.sys 2007-10-09 17:48 15,104 --a–c— C:\WINDOWS\system32\dllcache\usbscan.sys 2007-10-09 17:44 306,688 --a------ C:\WINDOWS\IsUninst.exe 2007-10-09 17:44 282,680 --a------ C:\WINDOWS\system32\HPZidr12.dll 2007-10-09 17:44 204,800 --a------ C:\WINDOWS\system32\HPZipr12.dll 2007-10-09 17:44 94,208 --a------ C:\WINDOWS\system32\HPZipt12.dll 2007-10-09 17:44 69,632 --a------ C:\WINDOWS\system32\HPZipm12.exe 2007-10-09 17:44 65,536 --a------ C:\WINDOWS\system32\HPZinw12.exe 2007-10-09 17:44 57,344 --a------ C:\WINDOWS\system32\HPZisn12.dll 2007-10-09 17:43 2007-10-09 17:41 120,279 --a------ C:\WINDOWS\hpoins11.dat 2007-10-09 17:40 25,856 --a------ C:\WINDOWS\system32\drivers\usbprint.sys 2007-10-09 17:40 25,856 --a–c— C:\WINDOWS\system32\dllcache\usbprint.sys 2007-10-08 19:01 2007-10-08 18:20 2007-10-08 18:19 2007-10-08 18:04 2007-10-08 16:46 3,495,784 --a------ C:\WINDOWS\system32\d3dx9_33.dll 2007-10-08 16:46 1,123,696 --a------ C:\WINDOWS\system32\D3DCompiler_33.dll 2007-10-08 16:46 443,752 --a------ C:\WINDOWS\system32\d3dx10_33.dll 2007-10-08 16:46 261,480 --a------ C:\WINDOWS\system32\xactengine2_7.dll 2007-10-08 16:46 81,768 --a------ C:\WINDOWS\system32\xinput1_3.dll 2007-10-08 16:46 15,128 --a------ C:\WINDOWS\system32\x3daudio1_1.dll 2007-10-08 13:46 26,496 --a–c— C:\WINDOWS\system32\dllcache\usbstor.sys 2007-10-07 20:27 21,504 --a------ C:\WINDOWS\system32\hidserv.dll 2007-10-07 20:27 3,072 --a------ C:\WINDOWS\system32\drivers\audstub.sys 2007-10-07 20:26 77,312 --a------ C:\WINDOWS\system32\usbui.dll 2007-10-07 20:26 58,624 --a------ C:\WINDOWS\system32\drivers\redbook.sys 2007-10-07 20:26 44,672 --a------ C:\WINDOWS\system32\drivers\UAGP35.SYS 2007-10-07 20:26 27,165 --a------ C:\WINDOWS\system32\drivers\fetnd5.sys 2007-10-07 20:25 2007-10-07 20:25 2007-10-07 20:25 2007-10-07 20:25 2007-10-07 20:25 2007-10-07 20:25 2007-10-07 20:25 2007-10-07 20:25 2007-10-07 20:25 2007-10-07 20:25 2007-10-07 20:25 2007-10-07 20:25 2007-10-07 20:24 2007-10-07 20:24 2007-10-07 20:24 2007-10-07 20:24 2007-10-07 20:24 2007-10-07 20:17 . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2007-11-05 20:18 --------- d-----w C:\Program Files\neostrada tp 2007-11-05 17:01 32 --sha-w C:\WINDOWS\system32\drivers\fidbox2.idx 2007-11-05 17:01 32 --sha-w C:\WINDOWS\system32\drivers\fidbox.idx 2007-10-30 14:41 --------- d–h--w C:\Program Files\InstallShield Installation Information 2007-10-19 19:21 --------- d-----w C:\Program Files\Gadu-Gadu 2007-10-08 16:29 33 ----a-w C:\WINDOWS\system32\drivers\adidsl.cfg 2007-10-08 16:29 --------- d-----w C:\Program Files\SAGEM 2007-10-08 16:25 --------- d-----w C:\Program Files\CyberLink 2007-10-08 16:25 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\CyberLink 2007-10-08 16:24 --------- d-----w C:\Program Files\Common Files\InstallShield 2007-10-08 16:23 --------- d-----w C:\Program Files\Common Files\Nero 2007-10-08 16:23 --------- d-----w C:\Program Files\Common Files\Ahead 2007-10-08 16:23 --------- d-----w C:\Program Files\Ahead 2007-10-08 16:15 --------- d-----w C:\Program Files\VIA 2007-10-08 16:13 --------- d-----w C:\Program Files\Analog Devices 2007-10-08 16:09 --------- d-----w C:\Program Files\ASUSTeK 2007-08-21 06:18 683,520 ----a-w C:\WINDOWS\system32\inetcomm.dll . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] “SunJavaUpdateSched”=“C:\Program Files\Java\jre1.5.0_07\bin\jusched.exe” [2006-05-03 01:56] “NvCplDaemon”=“C:\WINDOWS\system32\NvCpl.dll” [2006-03-09 08:29] “nwiz”=“nwiz.exe” [2006-03-09 08:29 C:\WINDOWS\system32\nwiz.exe] “NvMediaCenter”=“C:\WINDOWS\system32\NvMcTray.dll” [2006-03-09 08:29] “High Definition Audio Property Page Shortcut”=“HDAShCut.exe” [2004-10-27 14:21 C:\WINDOWS\system32\HdAShCut.exe] “SoundMAXPnP”=“C:\Program Files\Analog Devices\Core\smax4pnp.exe” [2005-05-20 10:11] “SoundMAX”=“C:\Program Files\Analog Devices\SoundMAX\Smax4.exe” [2005-09-07 14:35] “NeroFilterCheck”=“C:\WINDOWS\system32\NeroCheck.exe” [2001-07-09 09:50] “RemoteControl”=“C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe” [2005-01-12 02:01] “WOOWATCH”=“C:\PROGRA~1\NEOSTR~1\Watch.exe” [2004-08-23 13:49] “WOOTASKBARICON”=“C:\PROGRA~1\NEOSTR~1\GestMaj.exe” [2004-10-14 15:55] “WireLessKeyboard”=“C:\Program Files\Multimedia Keyboard Driver\StartAutorun.exe” [2005-11-30 11:48] “HP Software Update”=“C:\Program Files\HP\HP Software Update\HPWuSchd2.exe” [2006-02-19 01:41] “WinampAgent”=“C:\Program Files\Winamp\winampa.exe” [] “AVP”=“C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe” [2007-06-28 12:51] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] “CTFMON.EXE”=“C:\WINDOWS\system32\ctfmon.exe” [2006-03-02 13:00] “Komunikator”=“C:\Program Files\Tlen.pl\tlen.exe” [2007-10-05 14:20] “DAEMON Tools”=“C:\Program Files\DAEMON Tools\daemon.exe” [2007-08-29 16:09] C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\ HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2006-02-19 03:21:22] R3 AEAudioService;AEAudio Service;C:\WINDOWS\system32\drivers\AEAudio.sys R3 e4usbaw;USB ADSL2 WAN Adapter;C:\WINDOWS\system32\DRIVERS\e4usbaw.sys R3 klim5;Kaspersky Anti-Virus NDIS Filter;C:\WINDOWS\system32\DRIVERS\klim5.sys S0 viamraid;viamraid;C:\WINDOWS\system32\drivers\viamraid.sys S2 IKANLOADER2;General Purpose USB Driver (e4ldr.sys);C:\WINDOWS\system32\Drivers\e4ldr.sys . ************************************************************************** catchme 0.3.1250 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2007-11-05 21:39:26 Windows 5.1.2600 Dodatek Service Pack 2 NTFS scanning hidden processes … scanning hidden autostart entries … scanning hidden files … scan completed successfully hidden files: 0 ************************************************************************** . Completion time: 2007-11-05 21:40:45 . — E O F —

jessica · 5 Listopad 2007 20:51

Wygląda na to, że jest czysto.

jessi

bazarek · 5 Listopad 2007 21:10

no to dzieki jakby ktos cosik znalazl to niech pisze