viete niekto na co sluzi subor nv4mini.sys???? Objavil sa na modrej obrazovke, ktora po preinstalovani systemu bez pripojenia vyhadzuje uz ine chyby, nieco z IRQ, nikdy to nestihnem precitat
btw, tu je log z combofixu...ale nebolo to v nudzovom rezime
ComboFix 07-09-27.3 - johnny 2007-09-28 13:44:31.1 - NTFSx86
Syst‚m Microsoft Windows XP Professional 5.1.2600.2.1250.1.1029.18.1588 [GMT 2:00]
Running from: I:\ComboFix.exe
* Created a new restore point
.
((((((((((((((((((((((((( Files Created from 2007-08-28 to 2007-09-28 )))))))))))))))))))))))))))))))
.
2007-09-28 13:43 51,200 --a------ C:\WINDOWS\NirCmd.exe
2007-09-28 13:43 26,496 --a--c--- C:\WINDOWS\system32\dllcache\usbstor.sys
2007-09-27 16:36 10,368 --------- C:\WINDOWS\system32\drivers\pfc.sys
2007-09-27 16:35 82,432 --a------ C:\WINDOWS\system32\msxml4r.dll
2007-09-27 16:35 44,544 --a------ C:\WINDOWS\system32\msxml4a.dll
2007-09-27 16:35 198,144 --------- C:\WINDOWS\system32\_psisdecd.dll
2007-09-27 16:35 1,233,920 --a------ C:\WINDOWS\system32\msxml4.dll
2007-09-27 16:34 89,088 --------- C:\WINDOWS\system32\atl71.dll
2007-09-27 16:34 1,047,552 --------- C:\WINDOWS\system32\MFC71u.dll
2007-09-27 16:34 <DIR> d-------- C:\Program Files\CyberLink
2007-09-27 16:34 <DIR> d-------- C:\MyWorks
2007-09-27 16:31 <DIR> d-------- C:\Program Files\ASUS
2007-09-27 11:59 271,360 --a------ C:\WINDOWS\system32\drivers\atksgt.sys
2007-09-27 11:59 18,048 --a------ C:\WINDOWS\system32\drivers\lirsgt.sys
2007-09-27 11:47 <DIR> d-------- C:\Program Files\D-Tools
2007-09-27 11:15 <DIR> d-------- C:\Program Files\NVIDIA Corporation
2007-09-27 10:34 6,400 --a--c--- C:\WINDOWS\system32\dllcache\splitter.sys
2007-09-27 10:34 6,400 --a------ C:\WINDOWS\system32\drivers\splitter.sys
2007-09-27 10:34 <DIR> d-------- C:\WINDOWS\system32\Lang
2007-09-27 10:32 <DIR> d-------- C:\Program Files\Realtek
2007-09-27 10:28 <DIR> d-------- C:\Program Files\Kerio
2007-09-27 10:24 22,752 --a------ C:\WINDOWS\system32\spupdsvc.exe
2007-09-27 10:24 <DIR> d--h----- C:\WINDOWS\$hf_mig$
2007-09-27 00:47 3,072 --a------ C:\WINDOWS\system32\drivers\audstub.sys
2007-09-27 00:46 58,240 --a------ C:\WINDOWS\system32\drivers\redbook.sys
2007-09-27 00:46 21,504 --a------ C:\WINDOWS\system32\hidserv.dll
2007-09-27 00:45 75,264 --a------ C:\WINDOWS\system32\usbui.dll
2007-09-27 00:44 <DIR> dr-h----- C:\Documents and Settings\Default User\Data aplikacˇ
2007-09-27 00:44 <DIR> dr-h----- C:\Documents and Settings\All Users\Data aplikacˇ
2007-09-27 00:44 <DIR> dr------- C:\Documents and Settings\Default User\Nabˇdka Start
2007-09-27 00:44 <DIR> dr------- C:\Documents and Settings\All Users\Nabˇdka Start
2007-09-27 00:44 <DIR> dr------- C:\Documents and Settings\All Users\Dokumenty
2007-09-27 00:44 <DIR> d--h----- C:\Documents and Settings\Default User\ćablony
2007-09-27 00:44 <DIR> d--h----- C:\Documents and Settings\Default User\Okolnˇ tisk rny
2007-09-27 00:44 <DIR> d--h----- C:\Documents and Settings\Default User\Okolnˇ sˇś
2007-09-27 00:44 <DIR> d--h----- C:\Documents and Settings\All Users\ćablony
2007-09-27 00:44 <DIR> d-------- C:\Documents and Settings\Default User\Plocha
2007-09-27 00:44 <DIR> d-------- C:\Documents and Settings\Default User\Oblˇben‚ polo§ky
2007-09-27 00:44 <DIR> d-------- C:\Documents and Settings\Default User\Dokumenty
2007-09-27 00:44 <DIR> d-------- C:\Documents and Settings\All Users\Plocha
2007-09-27 00:44 <DIR> d-------- C:\Documents and Settings\All Users\Oblˇben‚ polo§ky
2007-09-27 00:42 <DIR> d-------- C:\Program Files\RivaTuner v2.04
2007-09-27 00:19 <DIR> d--h----- C:\Program Files\InstallShield Installation Information
2007-09-27 00:18 737,280 --a------ C:\WINDOWS\iun6002.exe
2007-09-27 00:18 <DIR> d-------- C:\Program Files\ICQ6
2007-09-27 00:18 <DIR> d-------- C:\Program Files\Codec Pack - All In 1
2007-09-27 00:16 20,016 --------- C:\WINDOWS\system32\drivers\pxhelp20.sys
2007-09-27 00:16 <DIR> d-------- C:\Program Files\Winamp
2007-09-27 00:14 <DIR> d-------- C:\Program Files\Webteh
2007-09-26 23:09 35,840 -ra------ C:\WINDOWS\system32\NVCOI.DLL
2007-09-26 23:09 289,792 -ra------ C:\WINDOWS\system32\idecoiins.dll
2007-09-26 23:09 289,792 -ra------ C:\WINDOWS\system32\idecoi.dll
2007-09-26 23:09 208,896 --------- C:\WINDOWS\system32\nvuide.exe
2007-09-26 23:09 100,736 -ra------ C:\WINDOWS\system32\drivers\nvata.sys
2007-09-26 23:07 36,352 -ra------ C:\WINDOWS\system32\drivers\AmdK8.sys
2007-09-26 23:02 <DIR> d-------- C:\Program Files\Alwil Software
2007-09-26 23:00 356,352 --a------ C:\WINDOWS\system32\NVUNINST.EXE
2007-09-26 23:00 356,352 --a------ C:\WINDOWS\system32\nvudisp.exe
2007-09-26 23:00 <DIR> d-------- C:\WINDOWS\nview
2007-09-26 23:00 <DIR> d-------- C:\Program Files\Common Files\InstallShield
2007-09-26 23:00 <DIR> d-------- C:\NVIDIA
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-09-26 22:55 --------- d-------- C:\Program Files\microsoft frontpage
2007-09-06 12:09 801144 --a------ C:\WINDOWS\system32\aswBoot.exe
2007-09-06 12:05 94416 --a------ C:\WINDOWS\system32\drivers\aswmon2.sys
2007-09-06 12:05 92848 --a------ C:\WINDOWS\system32\drivers\aswmon.sys
2007-09-06 12:03 23152 --a------ C:\WINDOWS\system32\drivers\aswRdr.sys
2007-09-06 12:02 42912 --a------ C:\WINDOWS\system32\drivers\aswTdi.sys
2007-09-06 12:00 95608 --a------ C:\WINDOWS\system32\AvastSS.scr
2007-09-06 12:00 26624 --a------ C:\WINDOWS\system32\drivers\aavmker4.sys
2007-07-30 19:19 92504 --a------ C:\WINDOWS\system32\cdm.dll
2007-07-30 19:19 549720 --a------ C:\WINDOWS\system32\wuapi.dll
2007-07-30 19:19 53080 --a------ C:\WINDOWS\system32\wuauclt.exe
2007-07-30 19:19 43352 --a------ C:\WINDOWS\system32\wups2.dll
2007-07-30 19:19 325976 --a------ C:\WINDOWS\system32\wucltui.dll
2007-07-30 19:19 203096 --a------ C:\WINDOWS\system32\wuweb.dll
2007-07-30 19:19 1712984 --a------ C:\WINDOWS\system32\wuaueng.dll
2007-07-30 19:18 33624 --a------ C:\WINDOWS\system32\wups.dll
2007-07-03 12:33 6912 --a------ C:\WINDOWS\nvoclock.sys
2007-07-03 12:32 397312 --a------ C:\WINDOWS\ntuneoem.dll
2007-07-03 12:32 1622016 --a------ C:\WINDOWS\NVBenchMarks.dll
2007-07-03 12:31 28672 --a------ C:\WINDOWS\AutoTuneScript.dll
2007-06-29 00:43 8466432 --a------ C:\WINDOWS\system32\nvcpl.dll
2007-06-29 00:43 81920 --a------ C:\WINDOWS\system32\nvwddi.dll
2007-06-29 00:43 81920 --a------ C:\WINDOWS\system32\nvmctray.dll
2007-06-29 00:43 753664 --a------ C:\WINDOWS\system32\nvcplui.exe
2007-06-29 00:43 6729728 --a------ C:\WINDOWS\system32\nvoglnt.dll
2007-06-29 00:43 6234112 --a------ C:\WINDOWS\system32\nvdisps.dll
2007-06-29 00:43 5690624 --a------ C:\WINDOWS\system32\nv4_disp.dll
2007-06-29 00:43 5455872 --a------ C:\WINDOWS\system32\nvdispsr.dll
2007-06-29 00:43 466944 --a------ C:\WINDOWS\system32\nvshell.dll
2007-06-29 00:43 458752 --a------ C:\WINDOWS\system32\nvmccssr.dll
2007-06-29 00:43 45056 --a------ C:\WINDOWS\system32\nvmccsrs.dll
2007-06-29 00:43 442368 --a------ C:\WINDOWS\system32\nvappbar.exe
2007-06-29 00:43 425984 --a------ C:\WINDOWS\system32\keystone.exe
2007-06-29 00:43 37376 --a------ C:\WINDOWS\system32\nvcodins.dll
2007-06-29 00:43 37376 --a------ C:\WINDOWS\system32\nvcod.dll
2007-06-29 00:43 360448 --a------ C:\WINDOWS\system32\nvapi.dll
2007-06-29 00:43 3600384 --a------ C:\WINDOWS\system32\nvvitvsr.dll
2007-06-29 00:43 3518464 --a------ C:\WINDOWS\system32\nvvitvs.dll
2007-06-29 00:43 335872 --a------ C:\WINDOWS\system32\nvwrses.dll
2007-06-29 00:43 335872 --a------ C:\WINDOWS\system32\nvwrsel.dll
2007-06-29 00:43 3321856 --a------ C:\WINDOWS\system32\nvgames.dll
2007-06-29 00:43 327680 --a------ C:\WINDOWS\system32\nvwrsfr.dll
2007-06-29 00:43 327680 --a------ C:\WINDOWS\system32\nvwrsesm.dll
2007-06-29 00:43 327680 --a------ C:\WINDOWS\system32\nvrshe.dll
2007-06-29 00:43 327680 --a------ C:\WINDOWS\system32\nvrsar.dll
2007-06-29 00:43 323584 --a------ C:\WINDOWS\system32\nvwrspt.dll
2007-06-29 00:43 323584 --a------ C:\WINDOWS\system32\nvwrsit.dll
2007-06-29 00:43 319488 --a------ C:\WINDOWS\system32\nvwrsptb.dll
2007-06-29 00:43 319488 --a------ C:\WINDOWS\system32\nvwrsnl.dll
2007-06-29 00:43 315392 --a------ C:\WINDOWS\system32\nvwrsru.dll
2007-06-29 00:43 315392 --a------ C:\WINDOWS\system32\nvwrshu.dll
2007-06-29 00:43 311296 --a------ C:\WINDOWS\system32\nvwrsde.dll
2007-06-29 00:43 3072000 --a------ C:\WINDOWS\system32\nvgamesr.dll
2007-06-29 00:43 307200 --a------ C:\WINDOWS\system32\nvexpbar.dll
2007-06-29 00:43 303104 --a------ C:\WINDOWS\system32\nvwrstr.dll
2007-06-29 00:43 303104 --a------ C:\WINDOWS\system32\nvwrssl.dll
2007-06-29 00:43 303104 --a------ C:\WINDOWS\system32\nvwrsfi.dll
2007-06-29 00:43 299008 --a------ C:\WINDOWS\system32\nvwrssk.dll
2007-06-29 00:43 299008 --a------ C:\WINDOWS\system32\nvwrsno.dll
2007-06-29 00:43 294912 --a------ C:\WINDOWS\system32\nvwrssv.dll
2007-06-29 00:43 294912 --a------ C:\WINDOWS\system32\nvwrspl.dll
2007-06-29 00:43 294912 --a------ C:\WINDOWS\system32\nvwrsda.dll
2007-06-29 00:43 286720 --a------ C:\WINDOWS\system32\nvwrseng.dll
2007-06-29 00:43 286720 --a------ C:\WINDOWS\system32\nvwrscs.dll
2007-06-29 00:43 286720 --a------ C:\WINDOWS\system32\nvnt4cpl.dll
2007-06-29 00:43 2854912 --a------ C:\WINDOWS\system32\nvmoblsr.dll
2007-06-29 00:43 282624 --a------ C:\WINDOWS\system32\nvwrsar.dll
2007-06-29 00:43 282624 --a------ C:\WINDOWS\system32\nvrsfr.dll
2007-06-29 00:43 282624 --a------ C:\WINDOWS\system32\nvrses.dll
2007-06-29 00:43 282624 --a------ C:\WINDOWS\system32\nvrsel.dll
2007-06-29 00:43 278528 --a------ C:\WINDOWS\system32\nvwrshe.dll
2007-06-29 00:43 278528 --a------ C:\WINDOWS\system32\nvrsit.dll
2007-06-29 00:43 278528 --a------ C:\WINDOWS\system32\nvrsde.dll
2007-06-29 00:43 274432 --a------ C:\WINDOWS\system32\nvrspt.dll
2007-06-29 00:43 274432 --a------ C:\WINDOWS\system32\nvrsnl.dll
2007-06-29 00:43 274432 --a------ C:\WINDOWS\system32\nvrsesm.dll
2007-06-29 00:43 270336 --a------ C:\WINDOWS\system32\nvrsru.dll
2007-06-29 00:43 266240 --a------ C:\WINDOWS\system32\nvrsptb.dll
2007-06-29 00:43 266240 --a------ C:\WINDOWS\system32\nvrsja.dll
2007-06-29 00:43 262144 --a------ C:\WINDOWS\system32\nvrsko.dll
2007-06-29 00:43 258048 --a------ C:\WINDOWS\system32\nvrstr.dll
2007-06-29 00:43 258048 --a------ C:\WINDOWS\system32\nvrssl.dll
2007-06-29 00:43 258048 --a------ C:\WINDOWS\system32\nvrssk.dll
2007-06-29 00:43 258048 --a------ C:\WINDOWS\system32\nvrshu.dll
2007-06-29 00:43 253952 --a------ C:\WINDOWS\system32\nvrssv.dll
2007-06-29 00:43 253952 --a------ C:\WINDOWS\system32\nvrspl.dll
2007-06-29 00:43 253952 --a------ C:\WINDOWS\system32\nvrsno.dll
2007-06-29 00:43 253952 --a------ C:\WINDOWS\system32\nvrsda.dll
2007-06-29 00:43 249856 --a------ C:\WINDOWS\system32\nvrsfi.dll
2007-06-29 00:43 249856 --a------ C:\WINDOWS\system32\nvrscs.dll
2007-06-29 00:43 245760 --a------ C:\WINDOWS\system32\nvrseng.dll
2007-06-29 00:43 2416640 --a------ C:\WINDOWS\system32\nvwssr.dll
2007-06-29 00:43 2330624 --a------ C:\WINDOWS\system32\nvwss.dll
2007-06-29 00:43 229376 --a------ C:\WINDOWS\system32\nvmccs.dll
2007-06-29 00:43 225280 --a------ C:\WINDOWS\system32\nvrszhc.dll
2007-06-29 00:43 212992 --a------ C:\WINDOWS\system32\nvwrsja.dll
2007-06-29 00:43 196608 --a------ C:\WINDOWS\system32\nvwrsko.dll
2007-06-29 00:43 188416 --a------ C:\WINDOWS\system32\nvmccss.dll
2007-06-29 00:43 1703936 --a------ C:\WINDOWS\system32\nvwdmcpl.dll
2007-06-29 00:43 167936 --a------ C:\WINDOWS\system32\nvwrszht.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-06-29 00:43]
"nwiz"="nwiz.exe" [2007-06-29 00:43 C:\WINDOWS\system32\nwiz.exe]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2007-06-29 00:43]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-09-06 12:06]
"RivaTunerStartupDaemon"="C:\Program Files\RivaTuner v2.04\RivaTuner.exe" [2007-09-15 17:40]
"SkyTel"="SkyTel.EXE" [2006-05-16 12:04 C:\WINDOWS\SkyTel.exe]
"RTHDCPL"="RTHDCPL.EXE" [2006-05-18 08:27 C:\WINDOWS\RTHDCPL.EXE]
"DAEMON Tools-1033"="C:\Program Files\D-Tools\daemon.exe" [2003-10-02 02:20]
"RemoteControl"="C:\Program Files\ASUS\ASUS Remote\RemoteControlAppl.exe" [2006-02-14 14:09]
"PCMService"="C:\Program Files\CyberLink\PowerCinema\PCMService.exe" [2006-05-25 17:57]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-17 15:49]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2007-06-18 15:58]
"NVIDIA nTune"="C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe" [2007-07-03 12:32]
R0 pnpshark;pnpshark;C:\WINDOWS\system32\DRIVERS\pnpshark.sys
R0 st3shark;st3shark;C:\WINDOWS\system32\DRIVERS\st3shark.sys
R1 fwdrv;Firewall Driver;C:\WINDOWS\system32\drivers\fwdrv.sys
R3 3xHybrid;3xHybrid service;C:\WINDOWS\system32\DRIVERS\3xHybrid.sys
R3 NVR0Dev;NVR0Dev;\??\C:\WINDOWS\nvoclock.sys
R3 PSched;Plánovač paketů technologie QoS;C:\WINDOWS\system32\DRIVERS\psched.sys
R3 RivaTuner32;RivaTuner32;\??\C:\Program Files\RivaTuner v2.04\RivaTuner32.sys
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB;C:\WINDOWS\system32\DRIVERS\usbccgp.sys
R3 usbohci;Ovladač Miniport otevřeného hostitelského řadiče Microsoft USB;C:\WINDOWS\system32\DRIVERS\usbohci.sys
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
Schedule
*Newly Created Service* - CATCHME
.
**************************************************************************
catchme 0.3.1061 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.net
Rootkit scan 2007-09-28 13:44:51
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2007-09-28 13:45:06
.
--- E O F ---
