Wystąpił problem z aplikacją explorer.exe

system · 22 Grudzień 2007 20:47

Witam

Na kompie kumpla wyskakują komunikaty o następujacej tresci: " wystąpił problem z aplikacją explorer.exe i zostanie on zamknięta" Co prawda po drugiej defragmentacji dysku, ale na wszelki wypadek wklejam logi z Hjts, Sdfix i Combo (kolega lubi ściągać to i owo z netu (z DC++)). Zerknijcie czy czegoś tam nie widać?

Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 21:09:33, on 2007-12-22 Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16574) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Common Files\Symantec Shared\ccApp.exe C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\WINDOWS\RTHDCPL.EXE C:\WINDOWS\system32\ctfmon.exe D:\Program Files\Gadu-Gadu\gg.exe C:\Program Files\Gigabyte\ET5\GUI.exe D:\Program Files\Rainlendar\Rainlendar.exe C:\Program Files\Messenger\msmsgs.exe D:\Program Files\Norton AntiVirus\navapsvc.exe D:\Program Files\Norton AntiVirus\SAVScan.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\system32\wuauclt.exe C:\Documents and Settings\wojtek\Pulpit\HiJackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wp.pl/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.irfanview.net/faq.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - D:\PROGRA~1\FlashGet\jccatch.dll O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - D:\Program Files\Norton AntiVirus\NavShExt.dll O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - D:\Program Files\Norton AntiVirus\NavShExt.dll O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - D:\PROGRA~1\FlashGet\fgiebar.dll O4 - HKLM…\Run: [ccApp] “C:\Program Files\Common Files\Symantec Shared\ccApp.exe” O4 - HKLM…\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM…\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM…\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM…\Run: [skyTel] SkyTel.EXE O4 - HKLM…\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM…\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM…\Run: [EasyTuneV] C:\Program Files\Gigabyte\ET5\ETcall.exe O4 - HKLM…\Run: [Media Codec Update Service] d:\Program Files\Essentials Codec Pack\update.exe -silent O4 - HKLM…\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKCU…\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU…\Run: [Gadu-Gadu] “D:\Program Files\Gadu-Gadu\gg.exe” /tray O4 - HKUS\S-1-5-19…\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘USŁUGA LOKALNA’) O4 - HKUS\S-1-5-20…\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘USŁUGA SIECIOWA’) O4 - HKUS\S-1-5-18…\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘SYSTEM’) O4 - HKUS.DEFAULT…\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘Default user’) O4 - Startup: Rainlendar.lnk = D:\Program Files\Rainlendar\Rainlendar.exe O4 - Global Startup: Microsoft Office.lnk = D:\Program Files\Microsoft Office\Office\OSA9.EXE O8 - Extra context menu item: Download All by FlashGet - D:\PROGRA~1\FlashGet\jc_all.htm O8 - Extra context menu item: Download using FlashGet - D:\PROGRA~1\FlashGet\jc_link.htm O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - D:\PROGRA~1\FlashGet\flashget.exe O9 - Extra ‘Tools’ menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - D:\PROGRA~1\FlashGet\flashget.exe O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra ‘Tools’ menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra ‘Tools’ menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Usługa Auto Protect programu Norton AntiVirus (navapsvc) - Symantec Corporation - D:\Program Files\Norton AntiVirus\navapsvc.exe O23 - Service: SAVScan - Symantec Corporation - D:\Program Files\Norton AntiVirus\SAVScan.exe O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe – End of file - 5657 bytes

Sdfix

SmitFraudFix v2.274 Scan done at 21:24:08,07, 2007-12-22 Run from C:\Documents and Settings\wojtek\Pulpit\SmitfraudFix\SmitfraudFix OS: Microsoft Windows XP [Wersja 5.1.2600] - Windows_NT The filesystem type is NTFS Fix run in safe mode »»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Before SmitFraudFix !Attention, following keys are not inevitably infected! SrchSTS.exe by S!Ri Search SharedTaskScheduler’s .dll »»»»»»»»»»»»»»»»»»»»»»»» Killing process »»»»»»»»»»»»»»»»»»»»»»»» hosts 127.0.0.1 localhost »»»»»»»»»»»»»»»»»»»»»»»» Winsock2 Fix S!Ri’s WS2Fix: LSP not Found. »»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix GenericRenosFix by S!Ri »»»»»»»»»»»»»»»»»»»»»»»» Deleting infected files »»»»»»»»»»»»»»»»»»»»»»»» IEDFix IEDFix.exe by S!Ri »»»»»»»»»»»»»»»»»»»»»»»» DNS HKLM\SYSTEM\CCS\Services\Tcpip…{FA3483E2-5A2A-4F4B-9AB0-9DC3560B78E3}: DhcpNameServer=88.156.65.12 88.156.65.10 88.156.63.9 HKLM\SYSTEM\CS1\Services\Tcpip…{FA3483E2-5A2A-4F4B-9AB0-9DC3560B78E3}: DhcpNameServer=88.156.65.12 88.156.65.10 88.156.63.9 HKLM\SYSTEM\CS2\Services\Tcpip…{FA3483E2-5A2A-4F4B-9AB0-9DC3560B78E3}: DhcpNameServer=88.156.65.12 88.156.65.10 88.156.63.9 HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=88.156.65.12 88.156.65.10 88.156.63.9 HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=88.156.65.12 88.156.65.10 88.156.63.9 HKLM\SYSTEM\CS2\Services\Tcpip\Parameters: DhcpNameServer=88.156.65.12 88.156.65.10 88.156.63.9 »»»»»»»»»»»»»»»»»»»»»»»» Deleting Temp Files »»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System !Attention, following keys are not inevitably infected! [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] “System”="" »»»»»»»»»»»»»»»»»»»»»»»» Registry Cleaning Registry Cleaning done. »»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler After SmitFraudFix !Attention, following keys are not inevitably infected! SrchSTS.exe by S!Ri Search SharedTaskScheduler’s .dll »»»»»»»»»»»»»»»»»»»»»»»» End i Combo ComboFix 07-12-21.4 - wojtek 2007-12-22 21:16:53.1 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1250.1.1045.18.573 [GMT 1:00] Running from: C:\Documents and Settings\wojtek\Pulpit\ComboFix.exe * Created a new restore point . ((((((((((((((((((((((((( Files Created from 2007-11-22 to 2007-12-22 ))))))))))))))))))))))))))))))) . 2007-12-22 19:56 . 2007-12-22 19:56 2007-12-22 19:28 . 2007-12-22 19:28 2007-12-22 19:27 . 2007-07-25 14:24 1,559,040 --a------ C:\WINDOWS\system32\xvidcore.dll 2007-12-22 19:27 . 2006-09-24 16:11 389,120 --a------ C:\WINDOWS\system32\lameACM.acm 2007-12-22 19:27 . 2007-03-10 12:51 282,624 --a------ C:\WINDOWS\system32\xvidvfw.dll 2007-12-22 19:27 . 2004-01-25 17:18 217,088 --a------ C:\WINDOWS\system32\yv12vfw.dll 2007-12-22 19:27 . 2007-09-04 17:56 164,352 --a------ C:\WINDOWS\system32\unrar.dll 2007-12-22 19:27 . 2007-09-21 01:52 118,784 --a------ C:\WINDOWS\system32\ac3acm.acm 2007-12-22 19:27 . 2007-10-03 16:03 414 --a------ C:\WINDOWS\system32\lame_acm.xml 2007-12-22 19:26 . 2007-12-22 19:26 2007-12-22 19:26 . 2007-09-28 17:07 3,596,288 --a------ C:\WINDOWS\system32\qt-dx331.dll 2007-12-22 19:26 . 2007-09-28 17:05 81,920 --a------ C:\WINDOWS\system32\dpl100.dll 2007-12-22 19:26 . 2007-07-29 16:51 7,680 --a------ C:\WINDOWS\system32\ff_vfw.dll 2007-12-22 19:26 . 2007-07-10 17:10 547 --a------ C:\WINDOWS\system32\ff_vfw.dll.manifest 2007-12-21 20:36 . 2007-12-21 20:36 2007-12-21 17:31 . 2007-12-21 17:31 2007-12-20 17:47 . 2007-12-21 16:23 2007-12-20 17:36 . 2007-12-21 16:26 2007-12-20 17:33 . 2007-12-20 17:33 2007-12-20 14:34 . 2007-12-22 19:28 49 --a------ C:\WINDOWS\NeroDigital.ini 2007-12-20 06:39 . 2007-12-21 20:36 2007-12-20 06:39 . 2007-12-21 20:12 2007-12-20 06:38 . 2007-12-21 21:36 2007-12-20 06:38 . 2007-12-20 06:38 2007-12-20 06:38 . 2007-12-20 06:38 774,144 --a------ C:\Program Files\RngInterstitial.dll 2007-12-19 21:18 . 2007-12-19 21:18 2007-12-19 17:37 . 2007-12-19 17:37 2007-12-19 17:37 . 2007-12-19 17:37 917,504 --a------ C:\WINDOWS\system32\FLASH.OCX 2007-12-19 17:06 . 2007-12-19 17:06 2007-12-19 17:05 . 2007-12-19 17:05 2007-12-19 17:05 . 2000-06-23 14:05 136,704 --a------ C:\WINDOWS\system32\iacenc.dll 2007-12-19 17:05 . 2000-06-22 13:09 56,320 --------- C:\WINDOWS\system32\iyvu9_32.dll 2007-12-19 17:04 . 2007-12-19 17:04 737,280 --a------ C:\WINDOWS\iun6002.exe 2007-12-19 17:02 . 2007-12-19 17:02 2007-12-19 17:02 . 2007-12-19 17:02 2007-12-19 17:02 . 2001-07-06 13:41 569,344 --a------ C:\WINDOWS\system32\imagr5.dll 2007-12-19 17:02 . 2001-07-06 11:44 544,768 --a------ C:\WINDOWS\system32\imagx5.dll 2007-12-19 17:02 . 2001-07-06 17:24 283,920 --a------ C:\WINDOWS\system32\ImagXpr5.dll 2007-12-19 17:02 . 2001-07-09 10:50 155,648 --a------ C:\WINDOWS\system32\NeroCheck.exe 2007-12-19 17:02 . 2003-12-19 19:48 89,184 --a------ C:\WINDOWS\system32\drivers\imagedrv.sys 2007-12-19 17:02 . 2003-12-23 15:40 57,344 --a------ C:\WINDOWS\system32\ImageDrive.cpl 2007-12-19 17:02 . 2001-06-26 07:15 38,912 --a------ C:\WINDOWS\system32\picn20.dll 2007-12-19 15:15 . 2007-12-19 15:16 2007-12-19 08:44 . 2007-12-20 06:36 2007-12-19 06:37 . 2007-12-19 06:37 2007-12-19 06:36 . 2006-11-24 14:47 40,136 --a------ C:\WINDOWS\system32\drivers\ET5Drv.sys . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2007-12-22 18:56 --------- d-----w C:\Program Files\XnView 2007-12-19 05:36 --------- d-----w C:\Program Files\Google 2007-12-18 16:50 --------- d-----w C:\Program Files\Windows Media Bonus Pack for Windows XP 2007-12-18 16:47 --------- d–h--w C:\Program Files\InstallShield Installation Information 2007-12-18 16:47 --------- d-----w C:\Program Files\ToniArts 2007-12-18 16:45 --------- d-----w C:\Documents and Settings\wojtek\Dane aplikacji\Rainlendar 2007-12-18 16:42 --------- d-----w C:\Program Files\Winamp 2007-12-18 16:34 --------- d-----w C:\Documents and Settings\wojtek\Dane aplikacji\Lavasoft 2007-12-18 16:28 --------- d-----w C:\Program Files\Gigabyte 2007-12-18 16:27 --------- d-----w C:\Program Files\Common Files\InstallShield 2007-12-18 16:27 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\InstallShield 2007-12-18 16:24 --------- d-----w C:\Program Files\Realtek 2007-12-18 16:23 4,716 ----a-w C:\WINDOWS\gdrv.sys 2007-12-18 16:23 --------- d-----w C:\Documents and Settings\wojtek\Dane aplikacji\InstallShield 2007-12-18 16:12 --------- d-----w C:\Program Files\Intel 2007-12-18 16:08 --------- d-----w C:\Program Files\Symantec 2007-12-18 16:08 --------- d-----w C:\Program Files\Common Files\Symantec Shared 2007-12-18 16:08 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\Symantec 2007-12-18 16:07 --------- d-----w C:\Documents and Settings\wojtek\Dane aplikacji\Symantec 2007-12-18 15:56 --------- d-----w C:\Documents and Settings\wojtek\Dane aplikacji\Microsoft Web Folders 2007-12-18 15:55 --------- d-----w C:\Program Files\microsoft frontpage 2007-12-18 15:41 --------- d-----w C:\Program Files\Usługi online 2007-11-13 10:25 20,480 ----a-w C:\WINDOWS\system32\drivers\secdrv.sys 2007-10-29 22:44 1,291,264 ----a-w C:\WINDOWS\system32\quartz.dll 2007-10-22 02:49 867,848 ----a-w C:\Program Files\NOV2007_d3dx10_36_x64.cab 2007-10-22 02:49 807,132 ----a-w C:\Program Files\NOV2007_d3dx10_36_x86.cab 2007-10-22 02:49 49,392 ----a-w C:\Program Files\NOV2007_X3DAudio_x64.cab 2007-10-22 02:49 44,850 ----a-w C:\Program Files\dxdllreg_x86.cab 2007-10-22 02:49 21,744 ----a-w C:\Program Files\NOV2007_X3DAudio_x86.cab 2007-10-22 02:49 200,010 ----a-w C:\Program Files\NOV2007_XACT_x64.cab 2007-10-22 02:49 151,512 ----a-w C:\Program Files\NOV2007_XACT_x86.cab 2007-10-22 02:49 1,805,306 ----a-w C:\Program Files\NOV2007_d3dx9_36_x64.cab 2007-10-22 02:49 1,712,608 ----a-w C:\Program Files\NOV2007_d3dx9_36_x86.cab 2007-10-22 02:31 976,020 ------w C:\Program Files\BDAXP.cab 2007-10-22 02:31 917,318 ------w C:\Program Files\Apr2006_MDX1_x86.cab 2007-10-22 02:31 88,102 ------w C:\Program Files\AUG2006_xinput_x64.cab 2007-10-22 02:31 87,989 ------w C:\Program Files\Apr2006_xinput_x64.cab 2007-10-22 02:31 86,925 ------w C:\Program Files\Oct2005_xinput_x64.cab 2007-10-22 02:31 86,802 ----a-w C:\Program Files\dxupdate.cab 2007-10-22 02:31 855,886 ------w C:\Program Files\AUG2007_d3dx10_35_x64.cab 2007-10-22 02:31 800,467 ------w C:\Program Files\AUG2007_d3dx10_35_x86.cab 2007-10-22 02:31 76,808 ----a-w C:\Program Files\DSETUP.dll 2007-10-22 02:31 76,808 ----a-w C:\DSETUP.dll 2007-10-22 02:31 702,644 ------w C:\Program Files\JUN2007_d3dx10_34_x64.cab 2007-10-22 02:31 702,212 ------w C:\Program Files\APR2007_d3dx10_33_x64.cab 2007-10-22 02:31 702,072 ------w C:\Program Files\JUN2007_d3dx10_34_x86.cab 2007-10-22 02:31 699,465 ------w C:\Program Files\APR2007_d3dx10_33_x86.cab 2007-10-22 02:31 56,902 ------w C:\Program Files\APR2007_xinput_x86.cab 2007-10-22 02:31 502,792 ----a-w C:\Program Files\DXSETUP.exe 2007-10-22 02:31 502,792 ----a-w C:\DXSETUP.exe 2007-10-22 02:31 47,018 ------w C:\Program Files\AUG2006_xinput_x86.cab 2007-10-22 02:31 46,898 ------w C:\Program Files\Apr2006_xinput_x86.cab 2007-10-22 02:31 46,247 ------w C:\Program Files\Oct2005_xinput_x86.cab 2007-10-22 02:31 4,163,518 ------w C:\Program Files\Apr2006_MDX1_x86_Archive.cab 2007-10-22 02:31 213,767 ------w C:\Program Files\DEC2006_d3dx10_00_x64.cab 2007-10-22 02:31 201,696 ------w C:\Program Files\AUG2007_XACT_x64.cab 2007-10-22 02:31 200,722 ------w C:\Program Files\JUN2007_XACT_x64.cab 2007-10-22 02:31 199,366 ------w C:\Program Files\APR2007_XACT_x64.cab 2007-10-22 02:31 198,275 ------w C:\Program Files\FEB2007_XACT_x64.cab 2007-10-22 02:31 193,435 ------w C:\Program Files\DEC2006_XACT_x64.cab 2007-10-22 02:31 192,680 ------w C:\Program Files\DEC2006_d3dx10_00_x86.cab 2007-10-22 02:31 183,863 ------w C:\Program Files\AUG2006_XACT_x64.cab 2007-10-22 02:31 183,321 ------w C:\Program Files\OCT2006_XACT_x64.cab 2007-10-22 02:31 181,745 ------w C:\Program Files\JUN2006_XACT_x64.cab 2007-10-22 02:31 180,021 ------w C:\Program Files\Apr2006_XACT_x64.cab 2007-10-22 02:31 179,247 ------w C:\Program Files\Feb2006_XACT_x64.cab 2007-10-22 02:31 156,612 ------w C:\Program Files\AUG2007_XACT_x86.cab 2007-10-22 02:31 156,509 ------w C:\Program Files\JUN2007_XACT_x86.cab 2007-10-22 02:31 154,825 ------w C:\Program Files\APR2007_XACT_x86.cab 2007-10-22 02:31 151,583 ------w C:\Program Files\FEB2007_XACT_x86.cab 2007-10-22 02:31 146,559 ------w C:\Program Files\DEC2006_XACT_x86.cab 2007-10-22 02:31 138,977 ------w C:\Program Files\OCT2006_XACT_x86.cab 2007-10-22 02:31 138,195 ------w C:\Program Files\AUG2006_XACT_x86.cab 2007-10-22 02:31 134,631 ------w C:\Program Files\JUN2006_XACT_x86.cab 2007-10-22 02:31 133,991 ------w C:\Program Files\Apr2006_XACT_x86.cab 2007-10-22 02:31 133,297 ------w C:\Program Files\Feb2006_XACT_x86.cab 2007-10-22 02:31 13,265,040 ------w C:\Program Files\dxnt.cab 2007-10-22 02:31 100,417 ------w C:\Program Files\APR2007_xinput_x64.cab 2007-10-22 02:31 1,803,760 ------w C:\Program Files\AUG2007_d3dx9_35_x64.cab 2007-10-22 02:31 1,711,752 ------w C:\Program Files\AUG2007_d3dx9_35_x86.cab 2007-10-22 02:31 1,673,224 ----a-w C:\Program Files\dsetup32.dll 2007-10-22 02:31 1,673,224 ----a-w C:\dsetup32.dll 2007-10-22 02:31 1,611,374 ------w C:\Program Files\JUN2007_d3dx9_34_x64.cab 2007-10-22 02:31 1,610,958 ------w C:\Program Files\APR2007_d3dx9_33_x64.cab 2007-10-22 02:31 1,610,886 ------w C:\Program Files\JUN2007_d3dx9_34_x86.cab 2007-10-22 02:31 1,609,639 ------w C:\Program Files\APR2007_d3dx9_33_x86.cab 2007-10-22 02:31 1,575,336 ------w C:\Program Files\DEC2006_d3dx9_32_x86.cab 2007-10-22 02:31 1,572,114 ------w C:\Program Files\DEC2006_d3dx9_32_x64.cab 2007-10-22 02:31 1,413,862 ------w C:\Program Files\OCT2006_d3dx9_31_x64.cab 2007-10-22 02:31 1,398,718 ------w C:\Program Files\Apr2006_d3dx9_30_x64.cab 2007-10-22 02:31 1,363,684 ------w C:\Program Files\Feb2006_d3dx9_29_x64.cab 2007-10-22 02:31 1,358,864 ------w C:\Program Files\Dec2005_d3dx9_28_x64.cab 2007-10-22 02:31 1,351,430 ------w C:\Program Files\Aug2005_d3dx9_27_x64.cab 2007-10-22 02:31 1,348,242 ------w C:\Program Files\Apr2005_d3dx9_25_x64.cab 2007-10-22 02:31 1,336,890 ------w C:\Program Files\Jun2005_d3dx9_26_x64.cab 2007-10-22 02:31 1,248,387 ------w C:\Program Files\Feb2005_d3dx9_24_x64.cab 2007-10-22 02:31 1,156,363 ------w C:\Program Files\BDANT.cab 2007-10-22 02:31 1,128,177 ------w C:\Program Files\OCT2006_d3dx9_31_x86.cab 2007-10-22 02:31 1,116,109 ------w C:\Program Files\Apr2006_d3dx9_30_x86.cab 2007-10-22 02:31 1,085,608 ------w C:\Program Files\Feb2006_d3dx9_29_x86.cab . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] “CTFMON.EXE”=“C:\WINDOWS\system32\ctfmon.exe” [2004-08-03 23:44] “Gadu-Gadu”=“D:\Program Files\Gadu-Gadu\gg.exe” [2007-07-09 08:39] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] “ccApp”=“C:\Program Files\Common Files\Symantec Shared\ccApp.exe” [2003-08-28 09:09] “igfxtray”=“C:\WINDOWS\system32\igfxtray.exe” [2005-11-28 06:55] “igfxhkcmd”=“C:\WINDOWS\system32\hkcmd.exe” [2005-11-28 06:52] “igfxpers”=“C:\WINDOWS\system32\igfxpers.exe” [2005-11-28 06:55] “SkyTel”=“SkyTel.EXE” [2006-05-16 11:04 C:\WINDOWS\SkyTel.exe] “RTHDCPL”=“RTHDCPL.EXE” [2006-11-14 10:21 C:\WINDOWS\RTHDCPL.exe] “EasyTuneV”=“C:\Program Files\Gigabyte\ET5\ETcall.exe” [2006-12-15 14:13] “Media Codec Update Service”=“d:\Program Files\Essentials Codec Pack\update.exe” [] “NeroFilterCheck”=“C:\WINDOWS\system32\NeroCheck.exe” [2001-07-09 10:50] [HKEY_USERS.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] “CTFMON.EXE”=“C:\WINDOWS\system32\CTFMON.EXE” [2004-08-03 23:44] C:\Documents and Settings\wojtek\Menu Start\Programy\Autostart\ Rainlendar.lnk - D:\Program Files\Rainlendar\Rainlendar.exe [2004-03-20 21:49:15] C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\ Microsoft Office.lnk - D:\Program Files\Microsoft Office\Office\OSA9.EXE [1999-02-17 20:05:56] R3 MarkFun_NT;MarkFun_NT;C:\Program Files\Gigabyte\ET5\markfun.w32 [2006-11-21 20:20] S3 gdrv;gdrv;C:\WINDOWS\gdrv.sys [2007-12-18 17:23] *Newly Created Service* - CATCHME *Newly Created Service* - MARKFUN_NT *Newly Created Service* - PROCEXP90 . Contents of the ‘Scheduled Tasks’ folder “2007-12-21 19:02:16 C:\WINDOWS\Tasks\Norton AntiVirus - Skanuj komputer.job” - D:\PROGRA~1\NORTON~1\Navw32.exef/task: “2007-12-22 20:08:39 C:\WINDOWS\Tasks\Symantec NetDetect.job” - C:\Program Files\Symantec\LiveUpdate\NDETECT.EXE . ************************************************************************** catchme 0.3.1333 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2007-12-22 21:17:59 Windows 5.1.2600 Dodatek Service Pack 2 NTFS scanning hidden processes … scanning hidden autostart entries … scanning hidden files … scan completed successfully hidden files: 0 ************************************************************************** . Completion time: 2007-12-22 21:18:22 . 2007-12-20 16:58:36 — E O F — A i jeszcze pytanie: przy odpalaniu Sdfix-a w okienku wyboru opcji było napisane coś takiego: joedanger is Not involved with Smithfraudfix in any way? U mnie takiego czegoś nie było.

Gutek · 22 Grudzień 2007 22:22

Optymalizacja XP: viewtopic.php?t=76580

Czyszczenie rejestru:

RegCleaner - http://www.dobreprogramy.pl/index.php?dz=2&t=29&id=177

możesz rejestr przelecieć albo

jv16 PowerTools - http://www.dobreprogramy.pl/index.php?dz=2&t=29&id=509

Opis RegCleaner - http://www.agavk.p9.pl/strony/progra_regcleaner.php

Zobacz - Obsługa jv16 PowerTools

system · 24 Grudzień 2007 09:44

dzięki, juz zrobione.

wesołych świąt!

AQX · 26 Grudzień 2007 17:03

Siemka mam podobny problem…moj log z ComboFix

ComboFix 07-12-21.4 - Gonzo 2007-12-25 18:58:02.4 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1250.1.1045.18.1660 [GMT 1:00] Running from: C:\Documents and Settings\Gonzo\Pulpit\ComboFix.exe * Created a new restore point . ((((((((((((((((((((((((( Files Created from 2007-11-25 to 2007-12-25 ))))))))))))))))))))))))))))))) . 2007-12-23 20:25 . 2007-12-23 20:25 2007-12-23 20:25 . 2007-12-23 20:25 2007-12-22 23:48 . 2007-12-22 23:48 2007-12-22 23:46 . 2007-12-22 23:46 2007-12-22 18:19 . 2007-12-22 18:19 2007-12-22 16:46 . 2007-12-22 17:02 225 --a------ C:\WINDOWS\GTA-SA_Trn_Settings.ini 2007-12-18 21:33 . 2007-12-18 21:42 2007-12-18 20:43 . 2007-12-18 20:43 2007-12-18 20:35 . 2007-12-18 20:35 2007-12-18 20:35 . 2007-12-18 20:35 2007-12-18 20:35 . 2007-04-03 13:55 10,251,904 --a------ C:\WINDOWS\system32\drivers\snp325.sys 2007-12-18 20:35 . 2006-10-10 14:11 827,392 --a------ C:\WINDOWS\vsnp325.exe 2007-12-18 20:35 . 2006-10-10 15:49 270,336 --a------ C:\WINDOWS\tsnp325.exe 2007-12-18 20:35 . 2006-04-12 12:11 147,456 --a------ C:\WINDOWS\system32\rsnp325.dll 2007-12-18 20:35 . 2007-03-14 11:21 61,440 --a------ C:\WINDOWS\system32\vsnpx32.dll 2007-12-18 20:35 . 2004-02-27 17:36 15,498 --a------ C:\WINDOWS\snp325.ini 2007-12-18 20:35 . 2004-02-27 17:36 13,023 --a------ C:\WINDOWS\snp325.src 2007-12-18 19:58 . 2007-12-18 20:31 2007-12-18 19:48 . 2007-12-18 19:48 26 --a------ C:\WINDOWS\system32\satsukidecodersettings.ini 2007-12-18 11:32 . 2006-04-18 16:53 135,168 --a------ C:\WINDOWS\amcap.exe 2007-12-18 11:32 . 2007-03-14 11:21 61,440 --a------ C:\WINDOWS\system32\vsnp325.dll 2007-12-18 11:32 . 2005-11-23 13:55 53,248 --a------ C:\WINDOWS\system32\csnp325.dll 2007-12-18 11:32 . 2007-02-12 14:50 20,480 --a------ C:\WINDOWS\FixCamera.exe 2007-12-16 18:52 . 2007-12-22 19:51 2007-12-16 16:14 . 2007-12-16 16:14 2007-12-16 15:59 . 2007-12-16 15:59 2007-12-15 16:39 . 2007-12-15 16:39 2007-12-14 20:57 . 2007-12-14 20:57 2007-12-14 16:19 . 2001-03-02 11:41 634 --a------ C:\WINDOWS\system32\MAPISVC.INF 2007-12-14 15:45 . 2007-12-14 15:45 2007-12-14 15:45 . 2007-07-25 14:24 1,559,040 --a------ C:\WINDOWS\system32\xvidcore.dll 2007-12-14 15:45 . 2007-09-04 17:56 164,352 --a------ C:\WINDOWS\system32\unrar.dll 2007-12-12 15:52 . 2007-12-12 15:52 2007-12-09 18:51 . 2007-12-09 18:51 2007-12-09 18:51 . 2007-12-09 18:51 2007-12-09 18:51 . 2007-12-09 18:51 2007-12-09 18:51 . 2006-06-29 13:07 14,048 --------- C:\WINDOWS\system32\spmsg2.dll 2007-12-09 18:35 . 2007-12-09 18:35 2007-12-07 20:13 . 2007-12-13 19:48 103,736 --a------ C:\WINDOWS\system32\PnkBstrB.exe 2007-12-07 20:13 . 2007-12-14 19:42 66,872 --a------ C:\WINDOWS\system32\PnkBstrA.exe 2007-12-07 20:13 . 2007-12-13 19:48 22,328 --a------ C:\WINDOWS\system32\drivers\PnkBstrK.sys 2007-12-07 20:11 . 2007-12-07 20:11 2007-12-07 20:04 . 2007-05-16 16:45 3,497,832 --a------ C:\WINDOWS\system32\d3dx9_34.dll 2007-12-07 20:04 . 2007-03-12 16:42 3,495,784 --a------ C:\WINDOWS\system32\d3dx9_33.dll 2007-12-07 20:04 . 2007-05-16 16:45 1,124,720 --a------ C:\WINDOWS\system32\D3DCompiler_34.dll 2007-12-07 20:04 . 2007-03-12 16:42 1,123,696 --a------ C:\WINDOWS\system32\D3DCompiler_33.dll 2007-12-07 20:04 . 2007-05-16 16:45 443,752 --a------ C:\WINDOWS\system32\d3dx10_34.dll 2007-12-07 20:04 . 2007-03-15 16:57 443,752 --a------ C:\WINDOWS\system32\d3dx10_33.dll 2007-12-07 20:04 . 2007-06-20 20:46 266,088 --a------ C:\WINDOWS\system32\xactengine2_8.dll 2007-12-07 20:04 . 2007-04-04 18:55 261,480 --a------ C:\WINDOWS\system32\xactengine2_7.dll 2007-12-07 20:04 . 2007-06-20 20:45 18,280 --a------ C:\WINDOWS\system32\x3daudio1_2.dll 2007-12-07 18:29 . 2007-12-07 18:36 81,920 --a------ C:\Documents and Settings\Gonzo\Dane aplikacji\ezpinst.exe 2007-12-07 18:29 . 2007-12-07 18:29 47,360 --a------ C:\WINDOWS\system32\drivers\pcouffin.sys 2007-12-07 18:29 . 2007-12-07 18:36 47,360 --a------ C:\Documents and Settings\Gonzo\Dane aplikacji\pcouffin.sys 2007-12-07 18:29 . 2007-12-07 18:29 14 --a------ C:\WINDOWS\system32\systeminfo3.dll 2007-12-07 17:01 . 2007-12-07 17:01 223,128 --a------ C:\WINDOWS\system32\drivers\dtscsi.sys 2007-12-07 17:00 . 2007-12-07 17:00 664,064 --a------ C:\WINDOWS\system32\drivers\sptd.sys 2007-12-07 17:00 . 2007-12-07 17:00 96,256 --a------ C:\WINDOWS\system32\drivers\sptd4413.sys 2007-12-06 17:29 . 2007-12-06 17:29 2007-12-06 16:10 . 2007-12-06 16:10 2007-12-06 16:10 . 2007-12-06 16:10 2007-12-06 16:10 . 2007-12-21 18:15 2007-12-06 16:10 . 2007-12-06 16:10 2007-12-01 14:02 . 2007-12-01 14:02 2007-11-25 17:03 . 2007-11-25 17:03 . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2007-12-18 19:35 --------- d–h--w C:\Program Files\InstallShield Installation Information 2007-12-16 14:54 --------- d-----w C:\Program Files\Common Files\InstallShield 2007-12-12 19:26 --------- d-----w C:\Documents and Settings\Gonzo\Dane aplikacji\MyPhoneExplorer 2007-12-04 14:56 93,264 ----a-w C:\WINDOWS\system32\drivers\aswmon.sys 2007-12-04 14:55 94,544 ----a-w C:\WINDOWS\system32\drivers\aswmon2.sys 2007-12-04 14:53 23,152 ----a-w C:\WINDOWS\system32\drivers\aswRdr.sys 2007-12-04 14:51 42,912 ----a-w C:\WINDOWS\system32\drivers\aswTdi.sys 2007-12-04 14:49 26,624 ----a-w C:\WINDOWS\system32\drivers\aavmker4.sys 2007-12-04 13:04 837,496 ----a-w C:\WINDOWS\system32\aswBoot.exe 2007-12-04 12:54 95,608 ----a-w C:\WINDOWS\system32\AvastSS.scr 2007-11-26 15:33 163,644 ----a-w C:\WINDOWS\system32\drivers\secdrv.sys 2007-11-23 12:25 --------- d-----w C:\Program Files\NVIDIA 2007-11-22 10:19 --------- d-----w C:\Program Files\MarBit 2007-11-22 07:36 --------- d-----w C:\Program Files\Alcohol Soft 2007-11-21 18:23 81,920 ----a-w C:\WINDOWS\system32\frapsvid.dll 2007-11-16 19:36 --------- d-----w C:\Program Files\Intel 2007-11-16 13:43 --------- d-----w C:\Documents and Settings\Gonzo\Dane aplikacji\Winamp 2007-11-15 16:07 --------- d-----w C:\Program Files\FLV Player 2007-11-13 11:48 --------- d-----w C:\Program Files\Odkurzacz 2007-11-11 12:32 --------- d-----w C:\Program Files\BitComet 2007-11-11 12:31 --------- d-----w C:\Program Files\Common Files\Real 2007-11-11 12:29 --------- d-----w C:\Documents and Settings\Gonzo\Dane aplikacji\OTVREG 2007-11-11 12:26 --------- d-----w C:\Program Files\7-Zip 2007-11-10 19:52 --------- d-----w C:\Program Files\PhotoFiltre 2007-11-10 19:23 --------- d-----w C:\Program Files\Alwil Software 2007-11-10 15:08 --------- d-----w C:\Program Files\MyPhoneExplorer 2007-11-10 14:57 --------- d-----w C:\Program Files\Winamp 2007-11-10 14:50 --------- d-----w C:\Program Files\Common Files\Ahead 2007-11-10 14:50 --------- d-----w C:\Program Files\Ahead 2007-11-10 14:31 --------- d-----w C:\Documents and Settings\Gonzo\Dane aplikacji\Gadu-Gadu 2007-11-10 14:30 --------- d-----w C:\Program Files\Gadu-Gadu 2007-11-10 14:27 15,781 ----a-w C:\WINDOWS\system32\drivers\mdc8021x.sys 2007-11-10 14:27 --------- d-----w C:\Program Files\RALINK 2007-11-10 14:08 --------- d-----w C:\Program Files\VDOTool 2007-11-10 13:27 --------- d-----w C:\Program Files\microsoft frontpage 2007-11-10 13:25 --------- d-----w C:\Program Files\Usługi online 2007-11-06 11:24 60,800 ----a-w C:\WINDOWS\system32\drivers\k310bus.sys 2007-11-06 11:24 5,840 ----a-w C:\WINDOWS\system32\drivers\k310whnt.sys 2007-11-06 11:24 5,840 ----a-w C:\WINDOWS\system32\drivers\k310wh.sys 2007-10-24 00:47 96,760 ----a-w C:\WINDOWS\system32\dfshim.dll 2007-10-24 00:47 84,480 ----a-w C:\WINDOWS\system32\mscories.dll 2007-10-24 00:47 41,984 ----a-w C:\WINDOWS\system32\netfxperf.dll 2007-10-24 00:47 282,112 ----a-w C:\WINDOWS\system32\mscoree.dll 2007-10-24 00:47 158,720 ----a-w C:\WINDOWS\system32\mscorier.dll 2007-10-11 08:55 88,576 ----a-w C:\WINDOWS\system32\infocardapi.dll 2007-10-11 08:55 579,584 ----a-w C:\WINDOWS\system32\icardagt.exe 2007-10-11 08:55 11,776 ----a-w C:\WINDOWS\system32\icardres.dll 2007-10-09 12:03 779,800 ----a-w C:\WINDOWS\system32\PresentationNative_v0300.dll 2007-10-09 12:03 73,752 ----a-w C:\WINDOWS\system32\dxva2.dll 2007-10-09 12:03 493,080 ----a-w C:\WINDOWS\system32\evr.dll 2007-10-09 12:03 350,744 ----a-w C:\WINDOWS\system32\PresentationHost.exe 2007-10-09 12:03 33,304 ----a-w C:\WINDOWS\system32\PresentationHostProxy.dll 2007-10-09 12:03 161,304 ----a-w C:\WINDOWS\system32\UIAutomationCore.dll 2007-10-09 12:03 106,520 ----a-w C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll 2007-10-09 12:03 1,986,072 ----a-w C:\WINDOWS\system32\milcore.dll 2007-10-09 11:58 16,896 ----a-w C:\WINDOWS\system32\tswpfwrp.exe 2007-10-04 16:14 81,920 ----a-w C:\WINDOWS\system32\nvwddi.dll 2007-10-04 16:14 81,920 ----a-w C:\WINDOWS\system32\nvmctray.dll 2007-10-04 16:14 8,491,008 ----a-w C:\WINDOWS\system32\nvcpl.dll 2007-10-04 16:14 753,664 ----a-w C:\WINDOWS\system32\nvcplui.exe 2007-10-04 16:14 6,750,208 ----a-w C:\WINDOWS\system32\nvoglnt.dll 2007-10-04 16:14 6,344,704 ----a-w C:\WINDOWS\system32\nvdisps.dll 2007-10-04 16:14 5,783,424 ----a-w C:\WINDOWS\system32\nv4_disp.dll 2007-10-04 16:14 5,509,120 ----a-w C:\WINDOWS\system32\nvdispsr.dll 2007-10-04 16:14 466,944 ----a-w C:\WINDOWS\system32\nvshell.dll 2007-10-04 16:14 458,752 ----a-w C:\WINDOWS\system32\nvmccssr.dll 2007-10-04 16:14 45,056 ----a-w C:\WINDOWS\system32\nvmccsrs.dll 2007-10-04 16:14 442,368 ----a-w C:\WINDOWS\system32\nvappbar.exe 2007-10-04 16:14 425,984 ----a-w C:\WINDOWS\system32\keystone.exe 2007-10-04 16:14 364,544 ----a-w C:\WINDOWS\system32\nvapi.dll 2007-10-04 16:14 36,864 ----a-w C:\WINDOWS\system32\nvcodins.dll 2007-10-04 16:14 36,864 ----a-w C:\WINDOWS\system32\nvcod.dll 2007-10-04 16:14 335,872 ----a-w C:\WINDOWS\system32\nvwrses.dll 2007-10-04 16:14 335,872 ----a-w C:\WINDOWS\system32\nvwrsel.dll 2007-10-04 16:14 327,680 ----a-w C:\WINDOWS\system32\nvwrsfr.dll 2007-10-04 16:14 327,680 ----a-w C:\WINDOWS\system32\nvwrsesm.dll 2007-10-04 16:14 327,680 ----a-w C:\WINDOWS\system32\nvrshe.dll 2007-10-04 16:14 327,680 ----a-w C:\WINDOWS\system32\nvrsar.dll 2007-10-04 16:14 323,584 ----a-w C:\WINDOWS\system32\nvwrspt.dll 2007-10-04 16:14 323,584 ----a-w C:\WINDOWS\system32\nvwrsit.dll 2007-10-04 16:14 319,488 ----a-w C:\WINDOWS\system32\nvwrsptb.dll 2007-10-04 16:14 319,488 ----a-w C:\WINDOWS\system32\nvwrsnl.dll 2007-10-04 16:14 315,392 ----a-w C:\WINDOWS\system32\nvwrsru.dll 2007-10-04 16:14 315,392 ----a-w C:\WINDOWS\system32\nvwrshu.dll 2007-10-04 16:14 311,296 ----a-w C:\WINDOWS\system32\nvwrsde.dll 2007-10-04 16:14 307,200 ----a-w C:\WINDOWS\system32\nvexpbar.dll 2007-10-04 16:14 303,104 ----a-w C:\WINDOWS\system32\nvwrstr.dll 2007-10-04 16:14 303,104 ----a-w C:\WINDOWS\system32\nvwrssl.dll 2007-10-04 16:14 303,104 ----a-w C:\WINDOWS\system32\nvwrsfi.dll 2007-10-04 16:14 3,629,056 ----a-w C:\WINDOWS\system32\nvvitvsr.dll 2007-10-04 16:14 3,551,232 ----a-w C:\WINDOWS\system32\nvvitvs.dll 2007-10-04 16:14 3,334,144 ----a-w C:\WINDOWS\system32\nvgames.dll 2007-10-04 16:14 3,166,208 ----a-w C:\WINDOWS\system32\nvgamesr.dll 2007-10-04 16:14 299,008 ----a-w C:\WINDOWS\system32\nvwrssk.dll 2007-10-04 16:14 299,008 ----a-w C:\WINDOWS\system32\nvwrsno.dll 2007-10-04 16:14 294,912 ----a-w C:\WINDOWS\system32\nvwrssv.dll 2007-10-04 16:14 294,912 ----a-w C:\WINDOWS\system32\nvwrspl.dll 2007-10-04 16:14 294,912 ----a-w C:\WINDOWS\system32\nvwrsda.dll 2007-10-04 16:14 290,816 ----a-w C:\WINDOWS\system32\nvwrsth.dll 2007-10-04 16:14 286,720 ----a-w C:\WINDOWS\system32\nvwrseng.dll 2004-08-03 23:44 73,728 --sha-w C:\WINDOWS\RegisteredPackages{DD90D410-1823-43EB-9A16-A2331BF08799}$BACKUP$\System\wmplayer.exe . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] “Gainward”=“C:\Program Files\VDOTool\TBPanel.exe” [2007-04-23 19:19] “NvCplDaemon”=“RUNDLL32.exe” [2004-08-04 00:44 C:\WINDOWS\system32\rundll32.exe] “RTHDCPL”=“RTHDCPL.EXE” [2006-11-14 10:21 C:\WINDOWS\RTHDCPL.EXE] “avast!”=“C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe” [2007-12-04 14:00] “NvMediaCenter”=“RUNDLL32.exe” [2004-08-04 00:44 C:\WINDOWS\system32\rundll32.exe] “tsnp325”=“C:\WINDOWS\tsnp325.exe” [2006-10-10 15:49] “snp325”=“C:\WINDOWS\vsnp325.exe” [2006-10-10 14:11] “WinampAgent”=“C:\Program Files\Winamp\winampa.exe” [2007-10-10 06:28] [HKEY_USERS.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] “CTFMON.EXE”=“C:\WINDOWS\System32\CTFMON.EXE” [2004-08-04 00:44] C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\ Raconfig.lnk - C:\Program Files\RALINK\RT2400 Wireless LAN Card\Installer\WINXP\RaConfig.exe [2007-11-10 15:27:05] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FixCamera] 2007-02-12 14:50 20480 --a------ C:\WINDOWS\FixCamera.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS] C:\Program Files\Messenger\msmsgs.exe /background [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] 2006-01-12 16:40 155648 --a------ C:\WINDOWS\system32\NeroCheck.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype] C:\Program Files\Skype\Phone\Skype.exe /nosplash /minimized [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel] SkyTel.EXE [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] “DomainService”=2 (0x2) “PnkBstrA”=2 (0x2) “RichVideo”=2 (0x2) R3 RT2400;RT2400 Wireless Driver;C:\WINDOWS\system32\DRIVERS\RT2400.sys [2004-04-22 10:57] R3 SNP325;USB PC Camera (SNPSTD325);C:\WINDOWS\system32\DRIVERS\snp325.sys [2007-04-03 13:55] S3 k310bus;Sony Ericsson K310 Driver driver (WDM);C:\WINDOWS\system32\DRIVERS\k310bus.sys [2007-11-06 12:24] S3 ntportio;ntportio;C:\Documents and Settings\Gonzo\Pulpit\div82\div8.2hack\ntportio.sys [] S3 RTL8169;Realtek 8169 NT Driver;C:\WINDOWS\system32\DRIVERS\Rtlh86.sys [2006-12-08 08:02] S3 s125mdfl;Sony Ericsson Device 125 USB WMC Modem Filter;C:\WINDOWS\system32\DRIVERS\s125mdfl.sys [2007-04-24 10:33] S3 s125mdm;Sony Ericsson Device 125 USB WMC Modem Driver;C:\WINDOWS\system32\DRIVERS\s125mdm.sys [2007-04-24 10:33] S3 s125obex;Sony Ericsson Device 125 USB WMC OBEX Interface;C:\WINDOWS\system32\DRIVERS\s125obex.sys [2007-04-24 10:33] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2{31510288-8fc1-11dc-9da1-0080c6e8f5d7}] \Shell\AutoRun\command - RavMon.exe . ************************************************************************** catchme 0.3.1333 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2007-12-25 18:58:43 Windows 5.1.2600 Dodatek Service Pack 2 NTFS scanning hidden processes … scanning hidden autostart entries … scanning hidden files … scan completed successfully hidden files: 0 ************************************************************************** . Completion time: 2007-12-25 18:58:55