expolrer.exe

[biały 18]

prosze was o pomoc mam problem z plikiem explorer.exe zawiesza sie on kiedy wejde w dysk c wrzucam loga z combofixa pliss pomozcie :


ComboFix 09-01-21.02 - czarny 2009-01-22 12:47:48.1 - NTFSx86
Microsoft® Windows Vista™ Home Premium 6.0.6000.0.1250.1.1045.18.1021.272 [GMT 1:00]
Uruchomiony z: c:\users\czarny\Downloads\ComboFix.exe
* Utworzono nowy punkt przywracania
.

((((((((((((((((((((((((( Pliki utworzone od 2008-12-22 do 2009-01-22 )))))))))))))))))))))))))))))))
.

2009-01-22 12:11 . 2009-01-22 12:11 96,976 --a------ c:\windows\System32\drivers\klin.dat
2009-01-22 12:11 . 2009-01-22 12:11 87,855 --a------ c:\windows\System32\drivers\klick.dat
2009-01-22 12:10 . 2009-01-22 12:10 <DIR> d-------- c:\program files\Kaspersky Lab
2009-01-22 12:10 . 2009-01-22 12:53 122,912 --ahs---- c:\windows\System32\drivers\fidbox2.dat
2009-01-22 12:10 . 2009-01-22 12:53 1,500 --ahs---- c:\windows\System32\drivers\fidbox2.idx
2009-01-22 12:10 . 2009-01-22 12:14 32 --ahs---- c:\windows\System32\drivers\fidbox.idx
2009-01-22 12:10 . 2009-01-22 12:14 32 --ahs---- c:\windows\System32\drivers\fidbox.dat
2009-01-21 23:38 . 2009-01-21 23:38 <DIR> d-------- C:\fifa 09
2009-01-21 23:33 . 2009-01-21 23:33 <DIR> dr------- c:\users\Public\Videos
2009-01-21 23:33 . 2009-01-21 23:33 <DIR> dr------- c:\users\Public\Pictures
2009-01-21 23:33 . 2009-01-21 23:33 <DIR> dr------- c:\users\Public\Music
2009-01-21 23:33 . 2009-01-21 23:33 <DIR> dr------- c:\users\Public\Documents
2009-01-21 23:29 . 2009-01-21 23:29 <DIR> d-------- C:\NVIDIA
2009-01-21 23:05 . 2009-01-21 23:05 <DIR> d-------- c:\program files\Common Files\Apple
2009-01-21 22:16 . 2009-01-21 22:16 <DIR> d-------- c:\users\czarny\AppData\Roaming\Apple Computer
2009-01-21 22:14 . 2009-01-21 22:54 <DIR> d----c--- c:\windows\System32\DRVSTORE
2009-01-21 22:10 . 2009-01-21 22:10 <DIR> d-------- c:\program files\Bonjour
2009-01-21 22:07 . 2009-01-21 22:58 <DIR> d-------- c:\users\All Users\Apple Computer
2009-01-21 22:07 . 2009-01-21 22:58 <DIR> d-------- c:\programdata\Apple Computer
2009-01-21 22:05 . 2009-01-21 22:05 <DIR> d-------- c:\program files\Apple Software Update
2009-01-21 22:01 . 2009-01-21 22:01 <DIR> d-------- c:\users\All Users\Apple
2009-01-21 22:01 . 2009-01-21 22:01 <DIR> d-------- c:\programdata\Apple
2009-01-21 18:27 . 2009-01-21 19:45 <DIR> d-------- C:\rzeczy na admina
2009-01-21 17:24 . 2009-01-21 17:24 47 --a------ c:\windows\WinInit.Ini
2009-01-21 17:06 . 2009-01-21 17:06 <DIR> d-------- c:\program files\Alwil Software
2009-01-21 16:50 . 2009-01-21 16:50 <DIR> d-------- c:\program files\Trend Micro
2009-01-14 23:49 . 2008-12-16 04:14 290,304 --a------ c:\windows\System32\drivers\srv.sys
2009-01-07 17:51 . 2009-01-07 17:51 <DIR> d-------- c:\users\Administrator.Mateusz-PC\AppData\Roaming\COWON
2009-01-03 23:03 . 2009-01-03 23:03 <DIR> d-------- c:\users\czarny\AppData\Roaming\Canneverbe_Limited
2008-12-31 16:14 . 2008-12-31 16:14 <DIR> d-------- c:\users\czarny\AppData\Roaming\HP
2008-12-28 19:03 . 2008-12-28 19:03 <DIR> d-------- c:\users\All Users\Winamp Toolbar
2008-12-28 19:03 . 2008-12-28 19:03 <DIR> d-------- c:\users\All Users\OrbNetworks
2008-12-28 19:03 . 2008-12-28 19:03 <DIR> d-------- c:\programdata\Winamp Toolbar
2008-12-28 19:03 . 2008-12-28 19:03 <DIR> d-------- c:\programdata\OrbNetworks
2008-12-28 19:00 . 2008-12-28 19:05 <DIR> d-------- c:\users\czarny\AppData\Roaming\Winamp
2008-12-24 23:32 . 2008-12-24 23:32 <DIR> d-------- c:\users\czarny\AppData\Roaming\COWON
2008-12-24 23:29 . 2008-12-24 23:29 <DIR> d-------- c:\users\czarny\AppData\Roaming\InstallShield
2008-12-24 23:29 . 2009-01-09 07:21 <DIR> d-------- c:\program files\JetAudio
2008-12-24 23:29 . 2008-12-24 23:30 <DIR> d-------- c:\program files\Common Files\COWON
2008-12-23 19:49 . 2009-01-21 21:45 <DIR> d-------- c:\users\czarny\AppData\Roaming\Skype
2008-12-23 00:28 . 2009-01-21 17:03 <DIR> d-------- c:\users\czarny\AppData\Roaming\Spyware Terminator

.
(((((((((((((((((((((((((((((((((((((((( Sekcja Find3M )))))))))))))))))))))))))))))))))))))))))))))))))) ))
.
2009-01-22 11:18 13,072 ----a-w c:\users\czarny\AppData\Roaming\nvModes.dat
2009-01-22 11:18 --------- d-----w c:\programdata\Kaspersky Lab
2009-01-21 23:15 --------- d-----w c:\programdata\Kaspersky Lab Setup Files
2009-01-21 23:04 13,401 ----a-w c:\users\Administrator.Mateusz-PC\AppData\Roaming\nvModes.dat
2009-01-21 16:34 --------- d--h--w c:\program files\InstallShield Installation Information
2009-01-21 16:32 --------- d-----w c:\programdata\Symantec
2009-01-21 16:32 --------- d-----w c:\program files\Common Files\Symantec Shared
2009-01-21 16:03 --------- d-----w c:\programdata\Spyware Terminator
2009-01-21 16:03 --------- d-----w c:\program files\Spyware Terminator
2009-01-19 20:57 --------- d-----w c:\users\czarny\AppData\Roaming\GanymedeNet
2009-01-15 08:15 --------- d-----w c:\programdata\Microsoft Help
2009-01-15 08:15 --------- d-----w c:\program files\Windows Mail
2009-01-06 15:18 --------- d-----w c:\program files\Ganymede
2008-12-29 13:42 --------- d-----w c:\users\czarny\AppData\Roaming\vlc
2008-12-23 20:58 453,152 ----a-w c:\windows\System32\nvuninst.exe
2008-12-21 18:02 --------- d-----w c:\programdata\TVU Networks
2008-12-18 02:09 174 --sha-w c:\program files\desktop.ini
2008-12-13 22:42 48,396 ----a-w c:\windows\UninstVeetleTVPlayer.exe
2008-12-09 17:10 --------- d-----w c:\users\Administrator.Mateusz-PC\AppData\Roaming\vlc
2008-11-30 04:27 --------- d-----w c:\program files\SopCast
2008-11-28 23:48 --------- d-----w c:\program files\Google
2008-11-28 14:47 --------- d-----w c:\users\czarny\AppData\Roaming\Gadu-Gadu
2008-11-28 14:39 --------- d-----w c:\program files\Common Files\Adobe
2008-11-23 00:44 --------- d-----w c:\programdata\Roxio
2008-11-23 00:44 --------- d-----w c:\program files\Common Files\Roxio Shared
2008-11-23 00:20 --------- d-----w c:\program files\Hewlett-Packard
2008-11-11 19:00 218,376 ----a-w c:\windows\System32\klogon.dll
2008-11-01 03:33 537,600 ----a-w c:\windows\AppPatch\AcLayers.dll
2008-11-01 03:33 52,736 ----a-w c:\windows\AppPatch\iebrshim.dll
2008-11-01 03:33 449,536 ----a-w c:\windows\AppPatch\AcSpecfc.dll
2008-11-01 03:33 28,672 ----a-w c:\windows\System32\Apphlpdm.dll
2008-11-01 03:33 2,144,256 ----a-w c:\windows\AppPatch\AcGenral.dll
2008-11-01 03:33 173,056 ----a-w c:\windows\AppPatch\AcXtrnal.dll
2008-11-01 03:33 1,687,040 ----a-w c:\windows\System32\gameux.dll
2008-10-31 23:38 4,247,552 ----a-w c:\windows\System32\GameUXLegacyGDFs.dll
2008-10-31 23:23 2,560 ----a-w c:\windows\AppPatch\AcRes.dll
2008-10-29 06:20 2,923,520 ----a-w c:\windows\explorer.exe
2008-10-27 09:04 70,992 ----a-w c:\windows\System32\XAPOFX1_2.dll
2008-10-27 09:04 514,384 ----a-w c:\windows\System32\XAudio2_3.dll
2008-10-27 09:04 235,856 ----a-w c:\windows\System32\xactengine3_3.dll
2008-10-27 09:04 23,376 ----a-w c:\windows\System32\X3DAudio1_5.dll
2008-10-22 03:43 95,232 ----a-w c:\windows\System32\PortableDeviceClassExtension.d ll
2008-10-22 03:43 241,152 ----a-w c:\windows\System32\PortableDeviceApi.dll
2008-10-22 03:43 160,768 ----a-w c:\windows\System32\PortableDeviceTypes.dll
2006-05-15 05:54 16,384 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Lo cal\Microsoft\Windows\History\History.IE5\index.da t
2006-05-15 05:54 32,768 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Lo cal\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
2006-05-15 05:54 16,384 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Ro aming\Microsoft\Windows\Cookies\index.dat
2007-08-11 23:32 8 --sh--r c:\windows\System32\97FEAF794D.sys
2007-08-11 22:01 8 --sh--r c:\windows\System32\fgxp9.dll
2008-07-04 09:53 3,766 --sha-w c:\windows\System32\KGyGaAvL.sys
.

((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-06-05 1232896]
"swg"="c:\program files\Google\GoogleToolbarNotifier\1.2.1128.5462\G oogleToolbarNotifier.exe" [2008-11-29 171448]
"Gadu-Gadu"="c:\program files\Gadu-Gadu\gg.exe" [2008-03-20 2127296]
"WindowsWelcomeCenter"="oobefldr.dll" [2006-11-02 c:\windows\System32\oobefldr.dll]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"NvSvc"="c:\windows\system32\nvsvc.dll" [2007-01-14 90191]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-01-14 7766016]
"NvMediaCenter"="c:\windows\system32\NvMcTray. dll" [2007-01-14 81920]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-11-15 815104]
"HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2005-02-16 49152]
"QPService"="c:\program files\HP\QuickPlay\QPService.exe" [2007-01-15 172032]
"QlbCtrl"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2006-11-06 159744]
"HP Health Check Scheduler"="c:\program files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [2006-12-04 46704]
"hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2007-01-10 472776]
"WAWifiMessage"="c:\program files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe" [2007-01-10 317128]
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 132496]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2006-05-16 86960]
"WPCUMI"="c:\windows\system32\WpcUmi.exe" [2006-11-02 176128]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2007-08-24 33648]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
"AVP"="c:\program files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe" [2008-11-11 206088]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=G G

Klucz Trybu Awaryjnego wymaga naprawy. Komputer nie może wejść w Tryb Awaryjny.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\File system]
@="Driver Group"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\vgasave.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\{4D36E967-E325-11CE-BFC1-08002BE10318}]
@="DiskDrive"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\{4D36E96A-E325-11CE-BFC1-08002BE10318}]
@="Hdc"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\{4D36E96B-E325-11CE-BFC1-08002BE10318}]
@="Keyboard"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\{4D36E96F-E325-11CE-BFC1-08002BE10318}]
@="Mouse"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\{4D36E97D-E325-11CE-BFC1-08002BE10318}]
@="System"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\{71A27CDD-812A-11D0-BEC7-08002BE2092F}]
@="Volume"

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UacDisableNotify"=dword:00000001
"InternetSettingsDisableNotify"=dword:00000001
"AutoUpdateDisableNotify"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpo licy\FirewallRules]
"{77961B99-43B8-4400-B42B-1A8B92DE8441}"= UDP:c:\program files\Hp\QuickPlay\QP.exe:QP
"{5056285E-B821-4F12-8B27-25FB4DAF6D70}"= TCP:c:\program files\Hp\QuickPlay\QP.exe:QP
"{67B6F4FC-C871-459C-89FA-52EF9A0E4F3C}"= Disabled:UDP:c:\program files\Skype\Phone\Skype.exe:Skype
"{ABA1B044-8F81-4E06-8B89-5E28D0FBCB3C}"= Disabled:TCP:c:\program files\Skype\Phone\Skype.exe:Skype
"{C1DD0449-B118-414C-B87E-4CA1A4CC183B}"= TCP:6004|c:\program files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook
"{1B5FCBE8-C87B-4AAA-82FC-231E31AC9CFF}"= UDP:c:\program files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove
"{91DD7417-04A1-4295-92FB-6D3C7CEFCCEF}"= TCP:c:\program files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove
"{981BFF32-7D4C-47F8-9F27-AD222BCAAFD5}"= UDP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{452846D5-0E53-467E-894E-5B0CA04F8ECF}"= TCP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{EC1B95B1-6EF2-4E70-8D7B-EC5B1759AACD}"= UDP:c:\windows\System32\lxdicoms.exe:Lexmark Communications System
"{FB9DAD4D-EA14-42AE-9799-8A764B9EE863}"= TCP:c:\windows\System32\lxdicoms.exe:Lexmark Communications System
"{154CAD76-9CE2-4A31-9CAE-2DEBDCE1723B}"= UDP:c:\program files\Lexmark 3500-4500 Series\lxdiamon.exe:Lexmark Device Monitor
"{15B8092B-A217-4FE7-B871-6FD424461C69}"= TCP:c:\program files\Lexmark 3500-4500 Series\lxdiamon.exe:Lexmark Device Monitor
"{EAF19535-2A11-434C-AFF8-9D0AFB7418C1}"= UDP:c:\program files\Lexmark 3500-4500 Series\App4R.exe:Lexmark Imaging Studio
"{1725A350-EB2F-4C3E-887E-2BDD8910A25D}"= TCP:c:\program files\Lexmark 3500-4500 Series\App4R.exe:Lexmark Imaging Studio
"{12DDA046-0AD4-4D6D-B6FF-9F035863B98D}"= UDP:c:\users\Administrator.Mateusz-PC\AppData\Local\Temp\lxdi\wireless\POLISH\lxdiwps s.exe:
"{A110B1E3-67FB-466B-AD51-EEA803974856}"= TCP:c:\users\Administrator.Mateusz-PC\AppData\Local\Temp\lxdi\wireless\POLISH\lxdiwps s.exe:
"{DE47CF17-8CAA-4CE4-B267-CA63C59E7329}"= UDP:c:\users\Administrator.Mateusz-PC\AppData\Local\Temp\lxdi\wireless\POLISH\lxdiwps s.exe:
"{73B15C62-BA59-4E48-ABF6-F164B07D02F9}"= TCP:c:\users\Administrator.Mateusz-PC\AppData\Local\Temp\lxdi\wireless\POLISH\lxdiwps s.exe:
"{3A7DE56C-7441-4873-90C1-164EBB2DBF8D}"= UDP:c:\windows\System32\spool\drivers\w32x86\3\lxd ipswx.exe:
"{E4ECADDA-E84E-42C5-BC43-D978AE2BA4E5}"= TCP:c:\windows\System32\spool\drivers\w32x86\3\lxd ipswx.exe:
"{40010254-F892-4767-B3EE-821C226F71A3}"= UDP:c:\windows\System32\spool\drivers\w32x86\3\lxd ipswx.exe:
"{4EB6A548-5BA1-4BCE-8228-2B250D54E398}"= TCP:c:\windows\System32\spool\drivers\w32x86\3\lxd ipswx.exe:
"{7D2B2580-3975-43F8-8431-43B90C5F23AD}"= UDP:c:\windows\System32\spool\drivers\w32x86\3\lxd ijswx.exe:
"{5C86B3CD-496C-4087-B361-7A2D8309284A}"= TCP:c:\windows\System32\spool\drivers\w32x86\3\lxd ijswx.exe:
"{3D824B5C-2197-4140-BF63-690B784800EB}"= Disabled:UDP:c:\program files\Skype\Phone\Skype.exe:Skype
"{96B8C0DA-1AE4-4058-A737-93DF15B44BDB}"= Disabled:TCP:c:\program files\Skype\Phone\Skype.exe:Skype
"{E5E71B0D-CA4C-4433-A3AF-0565083F3408}"= UDP:c:\program files\Lexmark 3500-4500 Series\lxdimon.exe:
"{69D2B6C4-C123-49AA-9E0F-5695AF106C90}"= TCP:c:\program files\Lexmark 3500-4500 Series\lxdimon.exe:
"{9DEC626D-747E-4FB4-8843-2A2C0543C050}"= UDP:c:\program files\Lexmark 3500-4500 Series\lxdimon.exe:
"{6B544AAD-E7F3-461C-9BD4-CA0178F8E6A6}"= TCP:c:\program files\Lexmark 3500-4500 Series\lxdimon.exe:
"TCP Query User{A55D4F15-25F5-4D24-A84F-CBEC09C37DC0}c:\\program files\\gadu-gadu\\gg.exe"= UDP:c:\program files\gadu-gadu\gg.exe:Gadu-Gadu - program główny
"UDP Query User{8C040B79-6F7E-43FD-A312-6027322034D8}c:\\program files\\gadu-gadu\\gg.exe"= TCP:c:\program files\gadu-gadu\gg.exe:Gadu-Gadu - program główny
"TCP Query User{2952C569-3A3E-4217-8E86-C21596756C5E}c:\\program files\\sopcast\\sopcast.exe"= UDP:c:\program files\sopcast\sopcast.exe:SopCast Main Application
"UDP Query User{9B9DA359-9F5E-492C-A09D-B214376D1816}c:\\program files\\sopcast\\sopcast.exe"= TCP:c:\program files\sopcast\sopcast.exe:SopCast Main Application
"TCP Query User{818AAEC9-01FB-4FED-A321-8DAB1A88EB5A}c:\\program files\\sopcast\\adv\\sopadver.exe"= UDP:c:\program files\sopcast\adv\sopadver.exe:SopCast Adver
"UDP Query User{9D6AB13B-E763-45B9-B38C-37D413513C8D}c:\\program files\\sopcast\\adv\\sopadver.exe"= TCP:c:\program files\sopcast\adv\sopadver.exe:SopCast Adver
"TCP Query User{0B8D9F0A-051E-472C-816C-F35D4C201C75}c:\\program files\\mozilla firefox\\firefox.exe"= UDP:c:\program files\mozilla firefox\firefox.exe:Firefox
"UDP Query User{1D36067C-654D-4494-B556-9A34F0861EBE}c:\\program files\\mozilla firefox\\firefox.exe"= TCP:c:\program files\mozilla firefox\firefox.exe:Firefox
"{4B74EBA3-C659-4328-954E-8FA11C9915C1}"= UDP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"{2B4E2AD7-8B98-4938-8AED-E38BEBF10626}"= TCP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour

[HKLM\~\services\sharedaccess\parameters\firewallpo licy\RestrictedServices\Static\System]
"DFSR-1"= RPort=5722|UDP:%SystemRoot%\system32\svchost.exe|S vc=DFSR:Allow inbound TCP traffic|

R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\System32\drivers\klbg.sys [2008-01-29 32784]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\System32\drivers\klim6.sys [2008-07-09 20496]
R1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\System32\drivers\sp_rsdrv2.sys [2008-08-27 141312]

--- Inne Usługi/Sterowniki w Pamięci ---

*NewlyCreated* - KL1
*NewlyCreated* - KLBG
*Deregistered* - sptd

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ

[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\mountpoints2\{20cf5eb2-b31e-11dd-aa0c-001a6b2afcc3}]
\shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Recycled\ctfmon.exe
\shell\Open(&0)\command - Recycled\ctfmon.exe
.
Zawartość folderu 'Zaplanowane zadania'

2009-01-22 c:\windows\Tasks\User_Feed_Synchronization-{D36E55AA-EC91-43A6-907C-32FA6C5D1691}.job
- c:\windows\system32\msfeedssync.exe [2006-11-02 10:45]
.
- - - - USUNIĘTO PUSTE WPISY - - - -

HKLM-Run-NWEReboot - (no file)


.
------- Skan uzupełniający -------
.
uInternet Settings,ProxyOverride = *.local
IE: E&ksportuj do programu Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: Wyślij obraz do urządzenia &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Wyślij stronę do urządzenia &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
LSP: c:\windows\system32\wpclsp.dll
FF - ProfilePath - c:\users\czarny\AppData\Roaming\Mozilla\Firefox\Pr ofiles\xbmnyg9k.default\
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npganymedenet.dll
.

************************************************** ************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-01-22 12:54:02
Windows 6.0.6000 NTFS

skanowanie ukrytych procesów ...

skanowanie ukrytych wpisów autostartu ...

skanowanie ukrytych plików ...


************************************************** ************************
.
Czas ukończenia: 2009-01-22 12:58:43
ComboFix-quarantined-files.txt 2009-01-22 11:57:20

Przed: 46*798*503*936 bajtów wolnych
Po: 48,017,518,592 bajtów wolnych

248 --- E O F --- 2009-01-15 08:15:50

[Filon by A-men]

Sprawdź RAM. Z tych wpisów nic generalnie nie wynika.

[biały 18]

odkrylem tez ze mam problem z karta graficzna kiedy wlacze jakies zdjecie zaacina mi sie komputer i tylko restart pomaga sterowniki do karty sa dobre a nowszych nie moge zainstalowac bo wyskakuje blad ze mam zlqa karte mam GeForce Go 7400 (laptop)

[Filon by A-men]

I Vistę oczywiście

[biały 18]

no tak viste

[asterix]

to wszystko tłumaczy

[biały 18]

a czy moge cos na to poradzić panowie ?

[asterix]

spróbuj wykonać przywracanie sysa , jak nie pomoże to reinstalka , najlepiej zmień system na xp-ka , kłopoty znikną

[Filon by A-men]

Sprawdź jak się sprawuje komp po odinstalowaniu sterowników karty graficznej.
Jeśli nie będzie się wykładał explorer.exe to znaczy, że wina leży po ich stronie.

[asterix]

pomysł dobry tylko czy ma stery na płytce aby je potem zainstalować , no można też online , ale czy to ma sens jeśli viśta staje koniem przy najnowszych sterach