Giosue utworzono 20 sierpnia 2008 utworzono 20 sierpnia 2008 gdy klikam na dysk pojawia sie cos takiego i zeby wejsc na dysk musze kliknac na nim prawym otworz dopiero otwiera chodzi mi o to jak zrobic zebym normalnie mogl wchodzic na dysk poprzez klikniecie 2 przyciskiem myszki na dysku nie wiedzialem gdzie napisac to napisalem tu poniewaz nie ma tutaj takiego tematu jak PROBLEMY
Gość komentarz 20 sierpnia 2008 komentarz 20 sierpnia 2008 99%,że to infekcja na Pendrivie,dysku przenośnego. Daj log z -----> ComboFix.
Giosue komentarz 20 sierpnia 2008 Autor komentarz 20 sierpnia 2008 ComboFix 08-08-18.05 - Giosue 2008-08-20 13:05:12.2 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1250.1.1045.18.2363 [GMT 2:00] Running from: C:\PROGRAMY\ComboFix\ComboFix.exe * Created a new restore point WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . C:\Documents and Settings\Giosue\UserData C:\Documents and Settings\Giosue\UserData\index.dat F:\Autorun.inf . ((((((((((((((((((((((((( Files Created from 2008-07-20 to 2008-08-20 ))))))))))))))))))))))))))))))) . 2008-08-20 12:52 . 2008-08-20 12:52 <DIR> d-------- C:\Documents and Settings\Giosue\Dane aplikacji\Grisoft 2008-08-20 12:52 . 2008-08-20 12:52 <DIR> d-------- C:\Documents and Settings\All Users\Dane aplikacji\Grisoft 2008-08-20 12:52 . 2007-05-30 14:10 10,872 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys 2008-08-19 00:42 . 2008-08-19 00:42 <DIR> d-------- C:\Documents and Settings\Giosue\Dane aplikacji\AD ON Multimedia 2008-08-19 00:22 . 2008-08-19 00:22 <DIR> d--h----- C:\WINDOWS\system32\GroupPolicy 2008-08-18 07:37 . 2008-08-18 07:37 <DIR> d-------- C:\Program Files\directx 2008-08-16 20:54 . 2008-08-16 20:54 <DIR> dr-h----- C:\Documents and Settings\Giosue\Dane aplikacji\SecuROM 2008-07-29 01:30 . 2008-07-29 01:55 <DIR> d-------- C:\Documents and Settings\All Users\Dane aplikacji\Spybot - Search & Destroy 2008-07-27 23:48 . 2008-07-27 23:52 <DIR> d-------- C:\Documents and Settings\Giosue\Dane aplikacji\ipla 2008-07-27 23:48 . 2008-07-27 23:48 <DIR> d-------- C:\Documents and Settings\All Users\Dane aplikacji\ipla . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-08-20 09:24 66,872 ----a-w C:\WINDOWS\system32\PnkBstrA.exe 2008-08-19 21:26 21,840 ----atw C:\WINDOWS\system32\SIntfNT.dll 2008-08-19 21:26 17,212 ----atw C:\WINDOWS\system32\SIntf32.dll 2008-08-19 21:26 12,067 ----atw C:\WINDOWS\system32\SIntf16.dll 2008-08-19 21:15 --------- d--h--w C:\Program Files\InstallShield Installation Information 2008-08-19 21:14 --------- d-----w C:\Program Files\Common Files\InstallShield 2008-07-30 23:57 136,888 ----a-w C:\WINDOWS\system32\drivers\PnkBstrK.sys 2008-07-30 23:56 111,928 ----a-w C:\WINDOWS\system32\PnkBstrB.exe 2008-07-29 13:22 --------- d-----w C:\Documents and Settings\Giosue\Dane aplikacji\Hamachi 2008-07-01 03:14 --------- d-----w C:\Program Files\toolbar 2008-06-29 15:21 669,184 ----a-w C:\WINDOWS\system32\pbsvc.exe 2008-06-29 15:21 22,328 -c--a-w C:\Documents and Settings\Giosue\Dane aplikacji\PnkBstrK.sys 2008-06-23 21:31 25,280 ----a-w C:\WINDOWS\system32\drivers\hamachi.sys 2008-03-21 22:26 32 -c--a-w C:\Documents and Settings\All Users\Dane aplikacji\ezsid.dat . ((((((((((((((((((((((((((((( snapshot@2008-05-04_17.35.03.92 ))))))))))))))))))))))))))))))))))))))))) . - 2008-04-17 12:05:20 53,248 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.AudioVideoPlayback.dll + 2008-06-15 21:43:07 53,248 -c--a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.AudioVideoPlayback.dll - 2008-04-17 12:05:20 12,800 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Diagnostics\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Diagnostics.dll + 2008-06-15 21:43:07 12,800 -c--a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Diagnostics\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Diagnostics.dll - 2008-04-17 12:05:21 473,600 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3D.dll + 2008-06-15 21:43:07 473,600 -c--a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3D.dll - 2008-04-17 12:05:12 2,676,224 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll + 2008-06-15 21:42:59 2,676,224 -c--a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll - 2008-04-17 12:05:14 2,846,720 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2903.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll + 2008-06-15 21:43:01 2,846,720 -c--a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2903.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll - 2008-04-17 12:05:14 563,712 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2904.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll + 2008-06-15 21:43:02 563,712 -c--a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2904.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll - 2008-04-17 12:05:15 567,296 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2905.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll + 2008-06-15 21:43:02 567,296 -c--a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2905.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll - 2008-04-17 12:05:16 576,000 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2906.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll + 2008-06-15 21:43:03 576,000 -c--a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2906.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll - 2008-04-17 12:05:16 577,024 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2907.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll + 2008-06-15 21:43:03 577,024 -c--a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2907.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll - 2008-04-17 12:05:17 577,536 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2908.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll + 2008-06-15 21:43:04 577,536 -c--a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2908.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll - 2008-04-17 12:05:18 577,536 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2909.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll + 2008-06-15 21:43:04 577,536 -c--a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2909.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll - 2008-04-17 12:05:18 578,560 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2910.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll + 2008-06-15 21:43:05 578,560 -c--a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2910.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll - 2008-04-17 12:05:21 578,560 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2911.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll + 2008-06-15 21:43:07 578,560 -c--a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2911.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll - 2008-04-17 12:05:22 145,920 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectDraw.dll + 2008-06-15 21:43:08 145,920 -c--a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectDraw.dll - 2008-04-17 12:05:22 159,232 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectInput.dll + 2008-06-15 21:43:08 159,232 -c--a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectInput.dll - 2008-04-17 12:05:22 364,544 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectPlay.dll + 2008-06-15 21:43:08 364,544 -c--a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectPlay.dll - 2008-04-17 12:05:23 178,176 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectSound.dll + 2008-06-15 21:43:09 178,176 -c--a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectSound.dll - 2008-04-17 12:05:19 223,232 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.dll + 2008-06-15 21:43:06 223,232 -c--a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.dll + 2008-05-07 17:01:42 13,847 ----a-w C:\WINDOWS\DIIUnin.dat + 2008-05-07 17:01:40 94,208 ----a-w C:\WINDOWS\DIIUnin.exe + 2008-05-07 17:01:41 2,829 -c--a-w C:\WINDOWS\DIIUnin.pif - 2000-08-31 06:00:00 73,728 ----a-w C:\WINDOWS\fdsv.exe + 2000-08-31 06:00:00 89,504 ----a-w C:\WINDOWS\fdsv.exe - 2008-04-04 22:01:04 9,662 ----a-r C:\WINDOWS\Installer\{000E79B7-E725-4F01-870A-C12942B7F8E4}\ARPPRODUCTICON.exe + 2008-06-29 15:21:17 9,662 -c--a-r C:\WINDOWS\Installer\{000E79B7-E725-4F01-870A-C12942B7F8E4}\ARPPRODUCTICON.exe - 2008-04-04 22:01:04 10,134 ----a-r C:\WINDOWS\Installer\{000E79B7-E725-4F01-870A-C12942B7F8E4}\checkForUpdatesSC_000E79B7E7254F01870AC12942B7F8E4.exe + 2008-06-29 15:21:17 10,134 -c--a-r C:\WINDOWS\Installer\{000E79B7-E725-4F01-870A-C12942B7F8E4}\checkForUpdatesSC_000E79B7E7254F01870AC12942B7F8E4.exe - 2008-04-04 22:01:04 10,134 ----a-r C:\WINDOWS\Installer\{000E79B7-E725-4F01-870A-C12942B7F8E4}\visitWebsite_000E79B7E7254F01870AC12942B7F8E4.exe + 2008-06-29 15:21:17 10,134 -c--a-r C:\WINDOWS\Installer\{000E79B7-E725-4F01-870A-C12942B7F8E4}\visitWebsite_000E79B7E7254F01870AC12942B7F8E4.exe + 2008-06-15 21:49:35 10,134 -c--a-r C:\WINDOWS\Installer\{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}\ARPPRODUCTICON.exe - 2008-05-03 20:25:03 216,358 ----a-r C:\WINDOWS\Installer\{E48469CC-635E-4FD5-A122-1497C286D217}\ARPPRODUCTICON.exe + 2008-06-15 21:41:18 216,358 -c--a-r C:\WINDOWS\Installer\{E48469CC-635E-4FD5-A122-1497C286D217}\ARPPRODUCTICON.exe - 2000-08-31 06:00:00 28,160 ----a-w C:\WINDOWS\Nircmd.exe + 2000-08-31 06:00:00 28,672 ----a-w C:\WINDOWS\Nircmd.exe + 2008-06-25 12:37:13 262,144 -c-ha-w C:\WINDOWS\system32\config\systemprofile\Ustawienia lokalne\Dane aplikacji\Microsoft\Windows\UsrClass.dat + 2001-08-17 20:55:56 6,144 -c--a-w C:\WINDOWS\system32\dllcache\kbd101b.dll + 2001-08-17 20:55:56 6,144 -c--a-w C:\WINDOWS\system32\dllcache\kbd101c.dll + 2001-08-17 20:55:56 5,632 -c--a-w C:\WINDOWS\system32\dllcache\kbd103.dll + 2001-08-17 20:55:56 6,144 -c--a-w C:\WINDOWS\system32\dllcache\kbd106.dll + 2001-08-18 04:36:18 8,704 -c--a-w C:\WINDOWS\system32\dllcache\kbdjpn.dll + 2001-08-18 04:36:18 8,192 -c--a-w C:\WINDOWS\system32\dllcache\kbdkor.dll + 2008-04-29 09:19:50 12,960 ----a-w C:\WINDOWS\system32\drivers\Awrtpd.sys + 2008-04-29 09:19:54 15,648 ----a-w C:\WINDOWS\system32\drivers\Awrtrd.sys + 2008-04-29 09:20:00 15,648 ----a-w C:\WINDOWS\system32\drivers\NSDriver.sys - 2008-04-01 16:57:55 95,864 ----a-w C:\WINDOWS\system32\FNTCACHE.DAT + 2008-05-10 23:15:53 96,664 ----a-w C:\WINDOWS\system32\FNTCACHE.DAT + 2004-07-26 15:16:10 1,568,768 ----a-w C:\WINDOWS\system32\imagX7.dll + 2004-07-26 15:16:10 476,320 ----a-w C:\WINDOWS\system32\imagXpr7.dll + 2004-07-26 15:16:10 262,144 ----a-w C:\WINDOWS\system32\imagXR7.dll + 2004-07-26 15:16:10 471,040 ----a-w C:\WINDOWS\system32\imagXRA7.dll + 2001-08-17 20:55:56 6,144 ----a-w C:\WINDOWS\system32\kbd101b.dll + 2001-08-17 20:55:56 6,144 ----a-w C:\WINDOWS\system32\kbd101c.dll + 2001-08-17 20:55:56 5,632 ----a-w C:\WINDOWS\system32\kbd103.dll + 2001-08-17 20:55:56 6,144 ----a-w C:\WINDOWS\system32\kbd106.dll + 2001-08-18 04:36:18 8,704 ----a-w C:\WINDOWS\system32\kbdjpn.dll + 2001-08-18 04:36:18 8,192 ----a-w C:\WINDOWS\system32\kbdkor.dll + 2008-04-21 13:08:54 13,144 ----a-w C:\WINDOWS\system32\lsdelete.exe + 2003-03-18 19:12:12 1,047,552 ----a-w C:\WINDOWS\system32\mfc71u.dll - 2004-08-03 23:44:06 1,392,671 ----a-w C:\WINDOWS\system32\msvbvm60.dll + 2004-02-23 19:42:40 1,386,496 ----a-w C:\WINDOWS\system32\msvbvm60.dll + 2003-04-18 14:46:22 1,233,920 ----a-w C:\WINDOWS\system32\msxml4.dll + 2003-04-18 14:29:26 82,432 ----a-w C:\WINDOWS\system32\msxml4r.dll + 2005-01-04 18:43:08 4,682 ----a-w C:\WINDOWS\system32\npptNT2.sys - 2008-05-04 15:12:17 75,670 ----a-w C:\WINDOWS\system32\perfc009.dat + 2008-08-19 23:19:03 172,420 ----a-w C:\WINDOWS\system32\perfc009.dat - 2008-05-04 15:12:17 95,290 ----a-w C:\WINDOWS\system32\perfc015.dat + 2008-08-19 23:19:03 210,100 ----a-w C:\WINDOWS\system32\perfc015.dat - 2008-05-04 15:12:17 419,576 ----a-w C:\WINDOWS\system32\perfh009.dat + 2008-08-19 23:19:03 557,606 ----a-w C:\WINDOWS\system32\perfh009.dat - 2008-05-04 15:12:17 484,376 ----a-w C:\WINDOWS\system32\perfh015.dat + 2008-08-19 23:19:03 681,316 ----a-w C:\WINDOWS\system32\perfh015.dat + 2004-07-09 07:43:56 364,544 ----a-w C:\WINDOWS\system32\TwnLib4.dll + 2008-08-19 22:59:05 16,384 ----atw C:\WINDOWS\Temp\Perflib_Perfdata_78c.dat + 2008-06-19 17:35:21 1,233,920 -c--a-w C:\WINDOWS\WinSxS\x86_Microsoft.MSXML2_6bd6b9abf345378f_4.20.9818.0_x-ww_8ff50c5d\msxml4.dll + 2008-06-19 17:35:21 82,432 -c--a-w C:\WINDOWS\WinSxS\x86_Microsoft.MSXML2R_6bd6b9abf345378f_4.1.0.0_x-ww_29c3ad6a\msxml4r.dll . -- Snapshot reset to current date -- . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\UEAFOverlay] @="{F2F31467-B1AC-4df0-AE79-FD5FA085E22B}" [HKEY_CLASSES_ROOT\CLSID\{F2F31467-B1AC-4df0-AE79-FD5FA085E22B}] 2007-03-28 20:59 2953216 --a------ C:\Program Files\Protector Suite QL\farchns.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\UEAFOverlayOpen] @="{A3E208F7-0E3A-4182-A7A6-B169D5D691AA}" [HKEY_CLASSES_ROOT\CLSID\{A3E208F7-0E3A-4182-A7A6-B169D5D691AA}] 2007-03-28 20:59 2953216 --a------ C:\Program Files\Protector Suite QL\farchns.dll [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-08-04 01:55 1667584] "Odkurzacz-MCD"="C:\PROGRAMY\odkurzacz\Odkurzacz\odk_mcd.exe" [2008-08-16 16:01 264704] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-06-26 14:06 8462336] "!AVG Anti-Spyware"="C:\PROGRAMY\AVG 7.5\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 11:25 6731312] C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\ Start.lnk - C:\PROGRAMY\kalendarz xp\Kalendarz XP\Start.exe [2008-03-22 02:54:59 30208] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\psfus] 2007-03-28 20:46 90112 C:\WINDOWS\system32\psqlpwd.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "VIDC.YV12"= yv12vfw.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup] @="" [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^Giosue.lnk] path=C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Giosue.lnk backup=C:\WINDOWS\pss\Giosue.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Gadu-Gadu] --a------ 2007-04-17 13:12 2113536 C:\PROGRAMY\gadu gadu\Gadu-Gadu\gg.exe [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusDisableNotify"=dword:00000001 "UpdatesDisableNotify"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "C:\\PROGRAMY\\gadu gadu\\Gadu-Gadu\\gg.exe"= "C:\\WINDOWS\\system32\\PnkBstrA.exe"= "C:\\WINDOWS\\system32\\PnkBstrB.exe"= "C:\\PROGRAMY\\plyta od myszki\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"= "C:\\Program Files\\Skype\\Phone\\Skype.exe"= "E:\\GRY\\Call of Duty 4\\iw3mp.exe"= "E:\\GRY\\CRYSIS\\Bin32\\Crysis.exe"= "E:\\GRY\\CRYSIS\\Bin32\\CrysisDedicatedServer.exe"= R0 EMSC;COMPAL Embedded System Control;C:\WINDOWS\system32\DRIVERS\EMSC.SYS [2007-03-14 11:16] R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-03-29 19:31] R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-03-29 19:35] R4 ps7agqwb;Loki Synchronization Driver (ps7agqwb);C:\WINDOWS\system32\drivers\ps7agqwb.sys [] S3 CamFilter;CamFilter;C:\WINDOWS\system32\Drivers\CamFilter.sys [2007-05-11 16:56] S3 NTProcDrv;Process creation detector for NT.;E:\GRY\CABAL Online (Europe)\cabal_eu_bot_v1.05\NtProcDrv.sys [] *Newly Created Service* - AVG_ANTI-SPYWARE_DRIVER *Newly Created Service* - AVG_ANTI-SPYWARE_GUARD *Newly Created Service* - CATCHME *Newly Created Service* - NPPTNT2 . - - - - ORPHANS REMOVED - - - - MSConfigStartUp-Real Desktop - C:\PROGRAMY\real desktop\Real Desktop\Real Desktop.exe ************************************************************************** catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-08-20 13:11:48 Windows 5.1.2600 Dodatek Service Pack 2 NTFS detected NTDLL code modification: ZwQuerySystemInformation scanning hidden processes ... ? [1696] ? [1720] E:\GRY\CABAL Online (Europe)\cabalmain.exe [1696] 0x860435B0 E:\GRY\CABAL Online (Europe)\GameGuard\GameMon.des [1720] 0x86235020 scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . Completion time: 2008-08-20 13:14:15 ComboFix-quarantined-files.txt 2008-08-20 11:14:10 ComboFix2.txt 2008-05-04 15:35:15 Pre-Run: 15,010,009,088 bajtów wolnych Post-Run: 15,007,432,704 bajtów wolnych 222
Gość komentarz 20 sierpnia 2008 komentarz 20 sierpnia 2008 Ja nie widzę tu nic szkodliwego,oprócz tego co usunął ComboFix. Usuń ręcznie folder C:\Qoobox, Usuń instalkę ComboFix z dysku. Wykonaj optymalizację autostartu Przeczyść komputer Ccleanerem Wyłącz i włącz przywracanie systemu na wszystkich dyskach.Instrukcja Przeskanuj obszar mojego komputera http://www.kaspersky.pl/virusscanner.html (uruchom przez IE) Daj raport z niego na forum. lub Dr.WEB CureIt!.
Mateusz J. komentarz 20 sierpnia 2008 komentarz 20 sierpnia 2008 Wyłączyłeś avasta z autostartu, czy może ComboFix znowu zrobił psikusa?
Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!
Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.