x-kom hosting

problem z otwieraniem dysku

Giosue
utworzono
utworzono

gdy klikam na dysk pojawia sie cos takiego

nowyobrazmapabitowamp3.png

i zeby wejsc na dysk musze kliknac na nim prawym otworz dopiero otwiera chodzi mi o to jak zrobic zebym normalnie mogl wchodzic na dysk poprzez klikniecie 2 przyciskiem myszki na dysku

nie wiedzialem gdzie napisac to napisalem tu poniewaz nie ma tutaj takiego tematu jak PROBLEMY

Gość
komentarz
komentarz

99%,że to infekcja na Pendrivie,dysku przenośnego.

Daj log z -----> ComboFix.

Giosue
komentarz
komentarz

ComboFix 08-08-18.05 - Giosue 2008-08-20 13:05:12.2 - NTFSx86

Microsoft Windows XP Professional 5.1.2600.2.1250.1.1045.18.2363 [GMT 2:00]

Running from: C:\PROGRAMY\ComboFix\ComboFix.exe

* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

C:\Documents and Settings\Giosue\UserData

C:\Documents and Settings\Giosue\UserData\index.dat

F:\Autorun.inf

.

((((((((((((((((((((((((( Files Created from 2008-07-20 to 2008-08-20 )))))))))))))))))))))))))))))))

.

2008-08-20 12:52 . 2008-08-20 12:52 <DIR> d-------- C:\Documents and Settings\Giosue\Dane aplikacji\Grisoft

2008-08-20 12:52 . 2008-08-20 12:52 <DIR> d-------- C:\Documents and Settings\All Users\Dane aplikacji\Grisoft

2008-08-20 12:52 . 2007-05-30 14:10 10,872 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys

2008-08-19 00:42 . 2008-08-19 00:42 <DIR> d-------- C:\Documents and Settings\Giosue\Dane aplikacji\AD ON Multimedia

2008-08-19 00:22 . 2008-08-19 00:22 <DIR> d--h----- C:\WINDOWS\system32\GroupPolicy

2008-08-18 07:37 . 2008-08-18 07:37 <DIR> d-------- C:\Program Files\directx

2008-08-16 20:54 . 2008-08-16 20:54 <DIR> dr-h----- C:\Documents and Settings\Giosue\Dane aplikacji\SecuROM

2008-07-29 01:30 . 2008-07-29 01:55 <DIR> d-------- C:\Documents and Settings\All Users\Dane aplikacji\Spybot - Search & Destroy

2008-07-27 23:48 . 2008-07-27 23:52 <DIR> d-------- C:\Documents and Settings\Giosue\Dane aplikacji\ipla

2008-07-27 23:48 . 2008-07-27 23:48 <DIR> d-------- C:\Documents and Settings\All Users\Dane aplikacji\ipla

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2008-08-20 09:24 66,872 ----a-w C:\WINDOWS\system32\PnkBstrA.exe

2008-08-19 21:26 21,840 ----atw C:\WINDOWS\system32\SIntfNT.dll

2008-08-19 21:26 17,212 ----atw C:\WINDOWS\system32\SIntf32.dll

2008-08-19 21:26 12,067 ----atw C:\WINDOWS\system32\SIntf16.dll

2008-08-19 21:15 --------- d--h--w C:\Program Files\InstallShield Installation Information

2008-08-19 21:14 --------- d-----w C:\Program Files\Common Files\InstallShield

2008-07-30 23:57 136,888 ----a-w C:\WINDOWS\system32\drivers\PnkBstrK.sys

2008-07-30 23:56 111,928 ----a-w C:\WINDOWS\system32\PnkBstrB.exe

2008-07-29 13:22 --------- d-----w C:\Documents and Settings\Giosue\Dane aplikacji\Hamachi

2008-07-01 03:14 --------- d-----w C:\Program Files\toolbar

2008-06-29 15:21 669,184 ----a-w C:\WINDOWS\system32\pbsvc.exe

2008-06-29 15:21 22,328 -c--a-w C:\Documents and Settings\Giosue\Dane aplikacji\PnkBstrK.sys

2008-06-23 21:31 25,280 ----a-w C:\WINDOWS\system32\drivers\hamachi.sys

2008-03-21 22:26 32 -c--a-w C:\Documents and Settings\All Users\Dane aplikacji\ezsid.dat

.

((((((((((((((((((((((((((((( snapshot@2008-05-04_17.35.03.92 )))))))))))))))))))))))))))))))))))))))))

.

- 2008-04-17 12:05:20 53,248 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.AudioVideoPlayback.dll

+ 2008-06-15 21:43:07 53,248 -c--a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.AudioVideoPlayback.dll

- 2008-04-17 12:05:20 12,800 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Diagnostics\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Diagnostics.dll

+ 2008-06-15 21:43:07 12,800 -c--a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Diagnostics\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Diagnostics.dll

- 2008-04-17 12:05:21 473,600 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3D.dll

+ 2008-06-15 21:43:07 473,600 -c--a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3D.dll

- 2008-04-17 12:05:12 2,676,224 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll

+ 2008-06-15 21:42:59 2,676,224 -c--a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll

- 2008-04-17 12:05:14 2,846,720 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2903.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll

+ 2008-06-15 21:43:01 2,846,720 -c--a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2903.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll

- 2008-04-17 12:05:14 563,712 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2904.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll

+ 2008-06-15 21:43:02 563,712 -c--a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2904.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll

- 2008-04-17 12:05:15 567,296 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2905.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll

+ 2008-06-15 21:43:02 567,296 -c--a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2905.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll

- 2008-04-17 12:05:16 576,000 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2906.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll

+ 2008-06-15 21:43:03 576,000 -c--a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2906.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll

- 2008-04-17 12:05:16 577,024 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2907.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll

+ 2008-06-15 21:43:03 577,024 -c--a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2907.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll

- 2008-04-17 12:05:17 577,536 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2908.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll

+ 2008-06-15 21:43:04 577,536 -c--a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2908.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll

- 2008-04-17 12:05:18 577,536 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2909.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll

+ 2008-06-15 21:43:04 577,536 -c--a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2909.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll

- 2008-04-17 12:05:18 578,560 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2910.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll

+ 2008-06-15 21:43:05 578,560 -c--a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2910.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll

- 2008-04-17 12:05:21 578,560 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2911.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll

+ 2008-06-15 21:43:07 578,560 -c--a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2911.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll

- 2008-04-17 12:05:22 145,920 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectDraw.dll

+ 2008-06-15 21:43:08 145,920 -c--a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectDraw.dll

- 2008-04-17 12:05:22 159,232 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectInput.dll

+ 2008-06-15 21:43:08 159,232 -c--a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectInput.dll

- 2008-04-17 12:05:22 364,544 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectPlay.dll

+ 2008-06-15 21:43:08 364,544 -c--a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectPlay.dll

- 2008-04-17 12:05:23 178,176 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectSound.dll

+ 2008-06-15 21:43:09 178,176 -c--a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectSound.dll

- 2008-04-17 12:05:19 223,232 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.dll

+ 2008-06-15 21:43:06 223,232 -c--a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.dll

+ 2008-05-07 17:01:42 13,847 ----a-w C:\WINDOWS\DIIUnin.dat

+ 2008-05-07 17:01:40 94,208 ----a-w C:\WINDOWS\DIIUnin.exe

+ 2008-05-07 17:01:41 2,829 -c--a-w C:\WINDOWS\DIIUnin.pif

- 2000-08-31 06:00:00 73,728 ----a-w C:\WINDOWS\fdsv.exe

+ 2000-08-31 06:00:00 89,504 ----a-w C:\WINDOWS\fdsv.exe

- 2008-04-04 22:01:04 9,662 ----a-r C:\WINDOWS\Installer\{000E79B7-E725-4F01-870A-C12942B7F8E4}\ARPPRODUCTICON.exe

+ 2008-06-29 15:21:17 9,662 -c--a-r C:\WINDOWS\Installer\{000E79B7-E725-4F01-870A-C12942B7F8E4}\ARPPRODUCTICON.exe

- 2008-04-04 22:01:04 10,134 ----a-r C:\WINDOWS\Installer\{000E79B7-E725-4F01-870A-C12942B7F8E4}\checkForUpdatesSC_000E79B7E7254F01870AC12942B7F8E4.exe

+ 2008-06-29 15:21:17 10,134 -c--a-r C:\WINDOWS\Installer\{000E79B7-E725-4F01-870A-C12942B7F8E4}\checkForUpdatesSC_000E79B7E7254F01870AC12942B7F8E4.exe

- 2008-04-04 22:01:04 10,134 ----a-r C:\WINDOWS\Installer\{000E79B7-E725-4F01-870A-C12942B7F8E4}\visitWebsite_000E79B7E7254F01870AC12942B7F8E4.exe

+ 2008-06-29 15:21:17 10,134 -c--a-r C:\WINDOWS\Installer\{000E79B7-E725-4F01-870A-C12942B7F8E4}\visitWebsite_000E79B7E7254F01870AC12942B7F8E4.exe

+ 2008-06-15 21:49:35 10,134 -c--a-r C:\WINDOWS\Installer\{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}\ARPPRODUCTICON.exe

- 2008-05-03 20:25:03 216,358 ----a-r C:\WINDOWS\Installer\{E48469CC-635E-4FD5-A122-1497C286D217}\ARPPRODUCTICON.exe

+ 2008-06-15 21:41:18 216,358 -c--a-r C:\WINDOWS\Installer\{E48469CC-635E-4FD5-A122-1497C286D217}\ARPPRODUCTICON.exe

- 2000-08-31 06:00:00 28,160 ----a-w C:\WINDOWS\Nircmd.exe

+ 2000-08-31 06:00:00 28,672 ----a-w C:\WINDOWS\Nircmd.exe

+ 2008-06-25 12:37:13 262,144 -c-ha-w C:\WINDOWS\system32\config\systemprofile\Ustawienia lokalne\Dane aplikacji\Microsoft\Windows\UsrClass.dat

+ 2001-08-17 20:55:56 6,144 -c--a-w C:\WINDOWS\system32\dllcache\kbd101b.dll

+ 2001-08-17 20:55:56 6,144 -c--a-w C:\WINDOWS\system32\dllcache\kbd101c.dll

+ 2001-08-17 20:55:56 5,632 -c--a-w C:\WINDOWS\system32\dllcache\kbd103.dll

+ 2001-08-17 20:55:56 6,144 -c--a-w C:\WINDOWS\system32\dllcache\kbd106.dll

+ 2001-08-18 04:36:18 8,704 -c--a-w C:\WINDOWS\system32\dllcache\kbdjpn.dll

+ 2001-08-18 04:36:18 8,192 -c--a-w C:\WINDOWS\system32\dllcache\kbdkor.dll

+ 2008-04-29 09:19:50 12,960 ----a-w C:\WINDOWS\system32\drivers\Awrtpd.sys

+ 2008-04-29 09:19:54 15,648 ----a-w C:\WINDOWS\system32\drivers\Awrtrd.sys

+ 2008-04-29 09:20:00 15,648 ----a-w C:\WINDOWS\system32\drivers\NSDriver.sys

- 2008-04-01 16:57:55 95,864 ----a-w C:\WINDOWS\system32\FNTCACHE.DAT

+ 2008-05-10 23:15:53 96,664 ----a-w C:\WINDOWS\system32\FNTCACHE.DAT

+ 2004-07-26 15:16:10 1,568,768 ----a-w C:\WINDOWS\system32\imagX7.dll

+ 2004-07-26 15:16:10 476,320 ----a-w C:\WINDOWS\system32\imagXpr7.dll

+ 2004-07-26 15:16:10 262,144 ----a-w C:\WINDOWS\system32\imagXR7.dll

+ 2004-07-26 15:16:10 471,040 ----a-w C:\WINDOWS\system32\imagXRA7.dll

+ 2001-08-17 20:55:56 6,144 ----a-w C:\WINDOWS\system32\kbd101b.dll

+ 2001-08-17 20:55:56 6,144 ----a-w C:\WINDOWS\system32\kbd101c.dll

+ 2001-08-17 20:55:56 5,632 ----a-w C:\WINDOWS\system32\kbd103.dll

+ 2001-08-17 20:55:56 6,144 ----a-w C:\WINDOWS\system32\kbd106.dll

+ 2001-08-18 04:36:18 8,704 ----a-w C:\WINDOWS\system32\kbdjpn.dll

+ 2001-08-18 04:36:18 8,192 ----a-w C:\WINDOWS\system32\kbdkor.dll

+ 2008-04-21 13:08:54 13,144 ----a-w C:\WINDOWS\system32\lsdelete.exe

+ 2003-03-18 19:12:12 1,047,552 ----a-w C:\WINDOWS\system32\mfc71u.dll

- 2004-08-03 23:44:06 1,392,671 ----a-w C:\WINDOWS\system32\msvbvm60.dll

+ 2004-02-23 19:42:40 1,386,496 ----a-w C:\WINDOWS\system32\msvbvm60.dll

+ 2003-04-18 14:46:22 1,233,920 ----a-w C:\WINDOWS\system32\msxml4.dll

+ 2003-04-18 14:29:26 82,432 ----a-w C:\WINDOWS\system32\msxml4r.dll

+ 2005-01-04 18:43:08 4,682 ----a-w C:\WINDOWS\system32\npptNT2.sys

- 2008-05-04 15:12:17 75,670 ----a-w C:\WINDOWS\system32\perfc009.dat

+ 2008-08-19 23:19:03 172,420 ----a-w C:\WINDOWS\system32\perfc009.dat

- 2008-05-04 15:12:17 95,290 ----a-w C:\WINDOWS\system32\perfc015.dat

+ 2008-08-19 23:19:03 210,100 ----a-w C:\WINDOWS\system32\perfc015.dat

- 2008-05-04 15:12:17 419,576 ----a-w C:\WINDOWS\system32\perfh009.dat

+ 2008-08-19 23:19:03 557,606 ----a-w C:\WINDOWS\system32\perfh009.dat

- 2008-05-04 15:12:17 484,376 ----a-w C:\WINDOWS\system32\perfh015.dat

+ 2008-08-19 23:19:03 681,316 ----a-w C:\WINDOWS\system32\perfh015.dat

+ 2004-07-09 07:43:56 364,544 ----a-w C:\WINDOWS\system32\TwnLib4.dll

+ 2008-08-19 22:59:05 16,384 ----atw C:\WINDOWS\Temp\Perflib_Perfdata_78c.dat

+ 2008-06-19 17:35:21 1,233,920 -c--a-w C:\WINDOWS\WinSxS\x86_Microsoft.MSXML2_6bd6b9abf345378f_4.20.9818.0_x-ww_8ff50c5d\msxml4.dll

+ 2008-06-19 17:35:21 82,432 -c--a-w C:\WINDOWS\WinSxS\x86_Microsoft.MSXML2R_6bd6b9abf345378f_4.1.0.0_x-ww_29c3ad6a\msxml4r.dll

.

-- Snapshot reset to current date --

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\UEAFOverlay]

@="{F2F31467-B1AC-4df0-AE79-FD5FA085E22B}"

[HKEY_CLASSES_ROOT\CLSID\{F2F31467-B1AC-4df0-AE79-FD5FA085E22B}]

2007-03-28 20:59 2953216 --a------ C:\Program Files\Protector Suite QL\farchns.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\UEAFOverlayOpen]

@="{A3E208F7-0E3A-4182-A7A6-B169D5D691AA}"

[HKEY_CLASSES_ROOT\CLSID\{A3E208F7-0E3A-4182-A7A6-B169D5D691AA}]

2007-03-28 20:59 2953216 --a------ C:\Program Files\Protector Suite QL\farchns.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-08-04 01:55 1667584]

"Odkurzacz-MCD"="C:\PROGRAMY\odkurzacz\Odkurzacz\odk_mcd.exe" [2008-08-16 16:01 264704]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-06-26 14:06 8462336]

"!AVG Anti-Spyware"="C:\PROGRAMY\AVG 7.5\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 11:25 6731312]

C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\

Start.lnk - C:\PROGRAMY\kalendarz xp\Kalendarz XP\Start.exe [2008-03-22 02:54:59 30208]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\psfus]

2007-03-28 20:46 90112 C:\WINDOWS\system32\psqlpwd.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]

"VIDC.YV12"= yv12vfw.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]

@=""

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^Giosue.lnk]

path=C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Giosue.lnk

backup=C:\WINDOWS\pss\Giosue.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Gadu-Gadu]

--a------ 2007-04-17 13:12 2113536 C:\PROGRAMY\gadu gadu\Gadu-Gadu\gg.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center]

"AntiVirusDisableNotify"=dword:00000001

"UpdatesDisableNotify"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]

"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"C:\\PROGRAMY\\gadu gadu\\Gadu-Gadu\\gg.exe"=

"C:\\WINDOWS\\system32\\PnkBstrA.exe"=

"C:\\WINDOWS\\system32\\PnkBstrB.exe"=

"C:\\PROGRAMY\\plyta od myszki\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=

"C:\\Program Files\\Skype\\Phone\\Skype.exe"=

"E:\\GRY\\Call of Duty 4\\iw3mp.exe"=

"E:\\GRY\\CRYSIS\\Bin32\\Crysis.exe"=

"E:\\GRY\\CRYSIS\\Bin32\\CrysisDedicatedServer.exe"=

R0 EMSC;COMPAL Embedded System Control;C:\WINDOWS\system32\DRIVERS\EMSC.SYS [2007-03-14 11:16]

R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-03-29 19:31]

R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-03-29 19:35]

R4 ps7agqwb;Loki Synchronization Driver (ps7agqwb);C:\WINDOWS\system32\drivers\ps7agqwb.sys []

S3 CamFilter;CamFilter;C:\WINDOWS\system32\Drivers\CamFilter.sys [2007-05-11 16:56]

S3 NTProcDrv;Process creation detector for NT.;E:\GRY\CABAL Online (Europe)\cabal_eu_bot_v1.05\NtProcDrv.sys []

*Newly Created Service* - AVG_ANTI-SPYWARE_DRIVER

*Newly Created Service* - AVG_ANTI-SPYWARE_GUARD

*Newly Created Service* - CATCHME

*Newly Created Service* - NPPTNT2

.

- - - - ORPHANS REMOVED - - - -

MSConfigStartUp-Real Desktop - C:\PROGRAMY\real desktop\Real Desktop\Real Desktop.exe

**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2008-08-20 13:11:48

Windows 5.1.2600 Dodatek Service Pack 2 NTFS

detected NTDLL code modification:

ZwQuerySystemInformation

scanning hidden processes ...

? [1696]

? [1720]

E:\GRY\CABAL Online (Europe)\cabalmain.exe [1696] 0x860435B0

E:\GRY\CABAL Online (Europe)\GameGuard\GameMon.des [1720] 0x86235020

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully

hidden files: 0

**************************************************************************

.

Completion time: 2008-08-20 13:14:15

ComboFix-quarantined-files.txt 2008-08-20 11:14:10

ComboFix2.txt 2008-05-04 15:35:15

Pre-Run: 15,010,009,088 bajtów wolnych

Post-Run: 15,007,432,704 bajtów wolnych

222

Gość
komentarz
komentarz

Ja nie widzę tu nic szkodliwego,oprócz tego co usunął ComboFix.

Usuń ręcznie folder C:\Qoobox,

Usuń instalkę ComboFix z dysku.

Wykonaj optymalizację autostartu

Przeczyść komputer Ccleanerem

Wyłącz i włącz przywracanie systemu na wszystkich dyskach.Instrukcja

Przeskanuj obszar mojego komputera http://www.kaspersky.pl/virusscanner.html (uruchom przez IE) Daj raport z niego na forum.

lub

Dr.WEB CureIt!.

Mateusz J.
komentarz
komentarz

Wyłączyłeś avasta z autostartu, czy może ComboFix znowu zrobił psikusa?

Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!

Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.

×
×
  • Dodaj nową pozycję...

Powiadomienie o plikach cookie

Strona wykorzystuje pliki cookies w celu prawidłowego świadczenia usług i wygody użytkowników. Warunki przechowywania i dostępu do plików cookies możesz zmienić w ustawieniach przeglądarki.