Skocz do zawartości

  2. Przeglądanie profilu: Reputacja: daw24

daw24

Rejestracja: 18 lis 2007
OFFLINE Ostatnio: 14 04 2015 09:19
-----

#173317 [wirus]Wirus z karty pamięci

Napisane przez daw24 w 01 06 2009 - 22:07

Ostatnio podłaczylem telefon kolegi do kompa okazalo sie ze na karcie pamieci byl wirus usunalem go ale chcialbym sie upewnic ze pozbylem sie go na 100% wiec prosze o sprawdzenie loga z gory dzieki!

CODE-BOX
ComboFix 09-05-31.06 - Administrator 2009-06-01 21:53.5 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1250.48.1045.18.2047.1625 [GMT 2:00]
Uruchomiony z: c:\documents and settings\Administrator\Moje dokumenty\Mozilla\ComboFix.exe

UWAGA - TEN KOMPUTER NIE MA ZAINSTALOWANEJ KONSOLI ODZYSKIWANIA Dołączona grafika
.

((((((((((((((((((((((((( Pliki utworzone od 2009-05-01 do 2009-06-01 )))))))))))))))))))))))))))))))
.

2009-06-01 19:48 . 2009-05-24 09:43 2929528 ----a-w- c:\documents and settings\Administrator\Dane aplikacji\Simply Super Software\Trojan Remover\ehlB2.exe
2009-06-01 15:44 . 2008-04-13 22:15 32128 -c--a-w- c:\windows\system32\dllcache\usbccgp.sys
2009-06-01 15:44 . 2008-04-13 22:15 32128 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2009-06-01 13:46 . 2009-06-01 13:46 25512 ----a-w- c:\windows\system32\drivers\ggsemc.sys
2009-06-01 13:46 . 2009-06-01 13:46 13224 ----a-w- c:\windows\system32\drivers\ggflt.sys
2009-06-01 13:41 . 2009-06-01 13:53 -------- d-----w- c:\program files\Sony Ericsson
2009-05-30 07:50 . 2009-05-30 07:50 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\Activision
2009-05-30 07:50 . 2009-05-30 07:50 -------- d-----w- c:\documents and settings\Administrator\Dane aplikacji\Activision
2009-05-28 15:51 . 2009-05-28 15:51 73216 ----a-w- c:\windows\ST6UNST.EXE
2009-05-28 15:51 . 2009-05-28 15:51 249856 ------w- c:\windows\Setup1.exe
2009-05-28 09:23 . 2009-05-28 09:23 42088 ----a-w- c:\documents and settings\Administrator\Dane aplikacji\Nowe Gadu-Gadu\_userdata\ggbho.1.dll
2009-05-28 08:34 . 2009-05-28 08:34 11264 ----a-w- c:\documents and settings\Administrator\Dane aplikacji\Nowe Gadu-Gadu\_userdata\npgg.1.dll
2009-05-27 18:30 . 2009-05-27 18:30 3371383 ----a-w- c:\documents and settings\All Users\Dane aplikacji\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe
2009-05-26 18:29 . 2009-05-26 18:29 -------- d-----w- c:\program files\SAGEM
2009-05-26 13:17 . 2009-05-29 16:33 -------- d-----w- c:\program files\Nowe Gadu-Gadu
2009-05-26 13:10 . 2009-05-28 14:57 -------- d-----w- c:\documents and settings\Administrator\Dane aplikacji\Nowe Gadu-Gadu
2009-05-25 13:10 . 2009-05-25 13:10 -------- d-----w- c:\program files\Topos
2009-05-25 13:10 . 2009-02-11 10:33 787672 ----a-w- c:\windows\system32\drivers\cfosspeed.sys
2009-05-25 13:10 . 2009-02-11 10:33 290008 ----a-w- c:\windows\system32\cfosspeed.dll
2009-05-20 13:33 . 2009-05-20 13:33 -------- d-----w- c:\documents and settings\LocalService\Pulpit
2009-05-20 13:32 . 2009-05-20 13:40 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\Lavasoft
2009-05-20 12:48 . 2009-05-27 18:16 -------- d-----w- c:\program files\Driver Magician
2009-05-17 09:50 . 2009-05-17 09:50 33824 ----a-w- c:\windows\system32\drivers\oreans32.sys
2009-05-16 20:39 . 2009-05-16 20:39 -------- d-----w- c:\windows\system32\wbem\Repository
2009-05-16 20:39 . 2009-05-16 20:39 -------- d-----w- c:\program files\A4Tech
2009-05-16 16:01 . 2009-05-16 16:01 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\wanted
2009-05-16 16:01 . 2009-05-16 16:01 -------- d-----w- c:\documents and settings\Administrator\Ustawienia lokalne\Dane aplikacji\wanted
2009-05-11 17:24 . 2009-05-11 17:24 -------- d-----w- c:\program files\Real Alternative
2009-05-11 12:43 . 2009-05-11 12:43 -------- d-----w- c:\program files\Common Files\PCSuite
2009-05-11 12:43 . 2009-05-11 12:43 -------- d-----w- c:\program files\PC Connectivity Solution
2009-05-11 12:42 . 2009-05-11 12:42 34723736 ----a-w- c:\documents and settings\All Users\Dane aplikacji\Installations\{7694EC32-CB0E-4B35-9088-7B320CB1F4FE}\Nokia_PC_Suite_7_1_26_0_pol.exe
2009-05-11 12:42 . 2009-05-11 12:42 8192 ----a-w- c:\documents and settings\All Users\Dane aplikacji\Installations\{7694EC32-CB0E-4B35-9088-7B320CB1F4FE}\Installer\CommonCustomActions\UninstCCD.exe
2009-05-11 12:42 . 2009-05-11 12:42 61440 ----a-w- c:\documents and settings\All Users\Dane aplikacji\Installations\{7694EC32-CB0E-4B35-9088-7B320CB1F4FE}\Installer\CommonCustomActions\UninstPCSFEMsi.exe
2009-05-11 12:42 . 2009-05-11 12:42 10240 ----a-w- c:\documents and settings\All Users\Dane aplikacji\Installations\{7694EC32-CB0E-4B35-9088-7B320CB1F4FE}\Installer\CommonCustomActions\UninstPCS.exe
2009-05-11 11:38 . 2009-03-19 11:48 136704 ----a-w- c:\windows\system32\drivers\nmwcdnsu.sys
2009-05-11 11:38 . 2009-03-19 11:48 8320 ----a-w- c:\windows\system32\drivers\nmwcdnsuc.sys
2009-05-11 11:38 . 2009-02-09 05:37 7808 ----a-w- c:\windows\system32\drivers\usbser_lowerfltj.sys
2009-05-11 11:38 . 2009-02-09 05:37 659968 ----a-w- c:\windows\system32\nmwcdcocls.dll
2009-05-11 11:38 . 2009-02-09 05:37 7808 ----a-w- c:\windows\system32\drivers\usbser_lowerflt.sys
2009-05-11 11:38 . 2009-02-09 05:37 22016 ----a-w- c:\windows\system32\drivers\ccdcmbo.sys
2009-05-11 11:38 . 2009-02-09 05:37 17664 ----a-w- c:\windows\system32\drivers\ccdcmb.sys
2009-05-11 11:38 . 2009-02-09 05:32 1112288 ----a-w- c:\windows\system32\wdfcoinstaller01007.dll
2009-05-11 11:37 . 2009-05-10 19:36 24486432 ----a-w- c:\documents and settings\All Users\Dane aplikacji\Installations\{7169FA93-66C2-43BD-86E0-CD332A686B29}\NokiaSoftwareUpdaterSetup_pl.exe
2009-05-11 11:37 . 2009-05-11 11:37 36864 ----a-w- c:\documents and settings\All Users\Dane aplikacji\Installations\{7169FA93-66C2-43BD-86E0-CD332A686B29}\Installer\CommonCustomActions\Sleep.exe
2009-05-11 11:37 . 2009-05-11 11:37 3351812 ----a-w- c:\documents and settings\All Users\Dane aplikacji\Installations\{7169FA93-66C2-43BD-86E0-CD332A686B29}\Installer\CommonCustomActions\msxml6Exec.exe
2009-05-11 11:37 . 2009-05-11 11:37 3181612 ----a-w- c:\documents and settings\All Users\Dane aplikacji\Installations\{7169FA93-66C2-43BD-86E0-CD332A686B29}\Installer\CommonCustomActions\vcredistExec.exe
2009-05-10 19:31 . 2009-05-10 19:31 -------- d-----w- c:\documents and settings\LocalService\Ustawienia lokalne\Dane aplikacji\NVIDIA Corporation
2009-05-10 19:31 . 2009-05-10 19:31 -------- d-----w- c:\documents and settings\Administrator\Ustawienia lokalne\Dane aplikacji\NVIDIA Corporation
2009-05-10 19:31 . 2009-05-10 19:32 -------- d-----w- c:\program files\NVIDIA Corporation
2009-05-10 19:16 . 2008-04-13 22:15 26112 -c--a-w- c:\windows\system32\dllcache\usbser.sys
2009-05-10 19:16 . 2008-04-13 22:15 26112 ----a-w- c:\windows\system32\drivers\usbser.sys
2009-05-10 19:16 . 2008-03-21 11:57 14640 ------w- c:\windows\system32\spmsgXP_2k3.dll
2009-05-09 16:38 . 2009-05-09 16:38 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\nView_Profiles
2009-05-07 20:00 . 2009-05-07 20:00 -------- d-----w- c:\windows\Sun
2009-05-07 15:03 . 2009-05-07 15:03 -------- d-----w- c:\documents and settings\Administrator\Dane aplikacji\CyberLink
2009-05-07 12:48 . 2009-05-27 15:18 -------- d-----w- C:\eMule
2009-05-07 07:19 . 2009-06-01 17:12 4992 ----a-w- c:\documents and settings\Administrator\sterownik.sys
2009-05-07 07:07 . 2009-05-07 07:16 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\Spybot - Search & Destroy
2009-05-06 18:43 . 2009-05-06 18:43 -------- d-----w- c:\program files\Szybkie czytanie
2009-05-03 11:32 . 2009-05-03 11:32 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\Apple Computer
2009-05-03 11:19 . 2009-05-03 11:19 -------- d-----w- c:\program files\QuickTime
2009-05-03 11:19 . 2009-05-03 11:19 -------- d-----w- c:\program files\ImTOO
2009-05-03 08:39 . 2009-05-03 08:39 -------- d-----w- c:\windows\ie8updates
2009-05-03 08:39 . 2009-05-12 05:11 102912 -c----w- c:\windows\system32\dllcache\iecompat.dll

.
(((((((((((((((((((((((((((((((((((((((( Sekcja Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-06-01 19:41 . 2009-04-26 11:34 -------- d-----w- c:\documents and settings\Administrator\Dane aplikacji\BitTorrent
2009-06-01 19:33 . 2009-04-24 13:36 -------- d-----w- c:\program files\PeerGuardian2
2009-06-01 17:19 . 2009-04-24 18:51 -------- d-----w- c:\program files\Valve
2009-06-01 17:10 . 2009-04-24 12:22 -------- d---a-w- c:\documents and settings\All Users\Dane aplikacji\TEMP
2009-06-01 13:51 . 2009-06-01 13:51 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_ggsemc_01007.Wdf
2009-05-31 20:19 . 2009-04-24 20:03 1515848 ----a-w- c:\documents and settings\LocalService\Ustawienia lokalne\Dane aplikacji\FontCache3.0.0.0.dat
2009-05-30 08:50 . 2009-04-24 17:27 -------- d-----w- c:\documents and settings\Administrator\Dane aplikacji\Free Download Manager
2009-05-29 17:14 . 2009-03-25 19:58 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-05-27 18:31 . 2009-04-24 12:39 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-05-27 18:15 . 2009-04-24 18:29 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\Microsoft Help
2009-05-26 15:10 . 2009-04-25 10:49 -------- d-----w- c:\program files\English Translator 3
2009-05-26 11:20 . 2009-04-24 12:40 40160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-05-26 11:19 . 2009-04-24 12:40 19096 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-05-25 12:02 . 2009-04-25 15:47 -------- d-----w- c:\documents and settings\Administrator\Dane aplikacji\Microsoft Games
2009-05-20 11:42 . 2009-04-24 13:34 -------- d-----w- c:\program files\Trojan Remover
2009-05-12 12:37 . 2009-04-24 20:54 107888 ----a-w- c:\windows\system32\CmdLineExt.dll
2009-05-11 15:19 . 2009-04-24 13:46 -------- d-----w- c:\documents and settings\Administrator\Dane aplikacji\PC Suite
2009-05-11 12:43 . 2009-04-24 13:45 -------- d-----w- c:\program files\Common Files\Nokia
2009-05-11 12:42 . 2009-04-24 13:44 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\Installations
2009-05-11 11:45 . 2009-04-24 13:46 -------- d-----w- c:\documents and settings\Administrator\Dane aplikacji\Nokia
2009-05-11 11:38 . 2009-04-24 13:45 -------- d-----w- c:\program files\Nokia
2009-05-10 19:18 . 2001-10-26 17:15 83880 ----a-w- c:\windows\system32\perfc015.dat
2009-05-10 19:18 . 2001-10-26 17:15 490628 ----a-w- c:\windows\system32\perfh015.dat
2009-05-10 19:17 . 2009-04-24 13:46 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\PC Suite
2009-05-10 19:16 . 2009-05-10 19:16 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01007.Wdf
2009-05-10 19:16 . 2009-05-10 19:16 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf
2009-05-09 15:25 . 2009-04-24 11:11 67704 ----a-w- c:\documents and settings\Administrator\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT
2009-05-07 16:41 . 2009-04-27 18:18 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\Test Drive Unlimited
2009-05-03 17:13 . 2009-04-24 19:46 -------- d-----w- c:\program files\Rockstar Games
2009-05-02 11:21 . 2009-05-02 11:21 -------- d-----w- c:\documents and settings\Administrator\Dane aplikacji\Ahead
2009-04-30 22:30 . 2009-04-30 22:30 1194528 ----a-w- c:\windows\system32\nvcplui.exe
2009-04-30 20:02 . 2009-04-30 20:02 1579630 ----a-w- c:\windows\system32\nvdata.bin
2009-04-30 20:02 . 2009-04-30 20:02 1314816 ----a-w- c:\windows\system32\nvcuvenc.dll
2009-04-30 20:02 . 2009-03-25 20:01 457248 ----a-w- c:\windows\system32\nvudisp.exe
2009-04-30 20:02 . 2009-03-25 20:01 9994240 ----a-w- c:\windows\system32\nvoglnt.dll
2009-04-30 20:02 . 2009-03-25 20:01 663552 ----a-w- c:\windows\system32\nvcuvid.dll
2009-04-30 20:02 . 2009-03-25 20:01 1720320 ----a-w- c:\windows\system32\nvcuda.dll
2009-04-30 20:02 . 2009-03-25 20:01 806912 ----a-w- c:\windows\system32\nvapi.dll
2009-04-30 20:02 . 2009-03-25 20:01 8055584 ----a-w- c:\windows\system32\drivers\nv4_mini.sys
2009-04-30 20:02 . 2009-03-25 20:01 5896320 ----a-w- c:\windows\system32\nv4_disp.dll
2009-04-30 20:02 . 2009-03-25 20:01 143360 ----a-w- c:\windows\system32\nvcodins.dll
2009-04-30 20:02 . 2009-03-25 20:01 143360 ----a-w- c:\windows\system32\nvcod.dll
2009-04-30 13:40 . 2009-04-30 13:40 -------- d-----w- c:\documents and settings\Administrator\Dane aplikacji\Thinstall
2009-04-30 13:38 . 2009-04-24 18:31 -------- d-----w- c:\program files\Microsoft Works
2009-04-28 20:19 . 2009-04-28 20:17 -------- d-----w- c:\program files\Unlocker
2009-04-27 19:09 . 2009-04-27 19:09 -------- d-----w- c:\program files\Nero
2009-04-27 19:09 . 2009-04-27 19:09 -------- d-----w- c:\program files\Common Files\Ahead
2009-04-27 18:56 . 2009-04-27 18:55 -------- d-----w- c:\documents and settings\Administrator\Dane aplikacji\Nero
2009-04-27 18:45 . 2009-04-27 18:41 -------- d-----w- c:\program files\Common Files\Nero
2009-04-27 18:43 . 2009-04-27 18:41 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\Nero
2009-04-27 16:38 . 2009-04-27 16:20 -------- d-----w- c:\documents and settings\Administrator\Dane aplikacji\InstallShield Installation Information
2009-04-27 16:34 . 2009-04-27 16:34 492032 ------w- c:\documents and settings\Administrator\Dane aplikacji\InstallShield Installation Information\{3E4B349F-10B5-4586-9D99-489A90A8B228}\ISSetup.dll
2009-04-27 16:34 . 2009-04-27 16:34 492032 ------w- c:\documents and settings\Administrator\Dane aplikacji\InstallShield Installation Information\{3E4B349F-10B5-4586-9D99-489A90A8B228}\2.13\ISSetup.dll
2009-04-27 16:34 . 2009-04-27 16:34 456416 ------w- c:\documents and settings\Administrator\Dane aplikacji\InstallShield Installation Information\{3E4B349F-10B5-4586-9D99-489A90A8B228}\2.13\setup.exe
2009-04-27 16:34 . 2009-04-27 16:34 373680 ------w- c:\documents and settings\Administrator\Dane aplikacji\InstallShield Installation Information\{3E4B349F-10B5-4586-9D99-489A90A8B228}\2.13\_Setup.dll
2009-04-27 16:34 . 2009-04-27 16:32 373680 ----a-w- c:\documents and settings\Administrator\Dane aplikacji\InstallShield Installation Information\{3E4B349F-10B5-4586-9D99-489A90A8B228}\_setup.dll
2009-04-27 16:34 . 2009-04-27 16:31 456416 ----a-w- c:\documents and settings\Administrator\Dane aplikacji\InstallShield Installation Information\{3E4B349F-10B5-4586-9D99-489A90A8B228}\setup.exe
2009-04-27 16:33 . 2009-04-27 16:20 121064 ----a-w- c:\documents and settings\Administrator\Dane aplikacji\InstallShield Installation Information\{CFBCE791-2D53-4FCE-B3FB-D6E01F4112E8}\setup.exe
2009-04-27 16:33 . 2009-04-27 16:33 121064 ----a-w- c:\documents and settings\Administrator\Dane aplikacji\InstallShield Installation Information\{CFBCE791-2D53-4FCE-B3FB-D6E01F4112E8}\1.74\setup.exe
2009-04-27 16:29 . 2009-04-27 16:29 121064 ----a-w- c:\documents and settings\Administrator\Dane aplikacji\InstallShield Installation Information\{CFBCE791-2D53-4FCE-B3FB-D6E01F4112E8}\1.61\setup.exe
2009-04-27 16:20 . 2009-04-27 16:22 368640 ----a-w- c:\documents and settings\Administrator\Dane aplikacji\InstallShield Installation Information\{CFBCE791-2D53-4FCE-B3FB-D6E01F4112E8}\_setup.dll
2009-04-27 05:04 . 2009-04-27 05:04 4484 ----a-w- c:\windows\system32\drivers\cpuidlep.sys
2009-04-26 22:42 . 2009-03-25 20:01 457248 ----a-w- c:\windows\system32\NVUNINST.EXE
2009-04-26 19:49 . 2009-04-26 19:49 279712 ----a-w- c:\windows\system32\drivers\atksgt.sys
2009-04-26 19:49 . 2009-04-26 19:49 25888 ----a-w- c:\windows\system32\drivers\lirsgt.sys
2009-04-26 18:42 . 2009-04-24 20:53 -------- d-----w- c:\program files\Microsoft Games for Windows - LIVE
2009-04-26 17:38 . 2009-04-26 17:38 167376 ----a-w- c:\documents and settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\q0xa1sq6.default\FlashGot.exe
2009-04-26 15:08 . 2009-04-26 15:08 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\Codemasters
2009-04-26 14:02 . 2009-04-24 19:30 -------- d-----w- c:\program files\OpenAL
2009-04-26 13:51 . 2009-04-26 13:49 -------- d-----w- c:\documents and settings\Administrator\Dane aplikacji\Bioshock
2009-04-26 11:23 . 2009-04-26 11:20 5632 ----a-w- c:\documents and settings\Administrator\Dane aplikacji\Hyperz\ST-Grabber 1.1\Serialz_Ws.cs.dll
2009-04-26 11:23 . 2009-04-26 11:20 5632 ----a-w- c:\documents and settings\Administrator\Dane aplikacji\Hyperz\ST-Grabber 1.1\SerialNews_Com.cs.dll
2009-04-26 11:23 . 2009-04-26 11:20 5120 ----a-w- c:\documents and settings\Administrator\Dane aplikacji\Hyperz\ST-Grabber 1.1\SeriAll_Com.cs.dll
2009-04-26 11:20 . 2009-04-26 11:20 -------- d-----w- c:\documents and settings\Administrator\Dane aplikacji\Hyperz
2009-04-26 10:37 . 2009-04-24 13:22 -------- d-----w- c:\program files\DAEMON Tools Lite
2009-04-25 18:53 . 2009-04-25 18:51 22328 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2009-04-25 18:53 . 2009-04-25 18:51 103736 ----a-w- c:\windows\system32\PnkBstrB.exe
2009-04-25 18:51 . 2009-04-25 18:51 66872 ----a-w- c:\windows\system32\PnkBstrA.exe
2009-04-25 17:32 . 2009-04-25 17:32 -------- d-----w- c:\documents and settings\Administrator\Dane aplikacji\Touchstone
2009-04-25 16:51 . 2009-04-25 16:51 -------- d-----w- c:\program files\Common Files\DirectX
2009-04-25 16:29 . 2009-04-25 16:29 -------- d--h--r- c:\documents and settings\Administrator\Dane aplikacji\SecuROM
2009-04-25 12:25 . 2009-04-25 12:25 -------- d-----w- c:\documents and settings\Administrator\Dane aplikacji\Leadertech
2009-04-25 10:51 . 2009-04-25 10:51 -------- d-----w- c:\program files\Deutsch Translator 2
2009-04-25 09:51 . 2009-04-25 09:51 -------- d-----w- c:\program files\IrfanView
2009-04-24 20:30 . 2009-04-24 20:30 -------- d-----w- c:\program files\MSXML 4.0
2009-04-24 20:27 . 2009-04-24 20:27 -------- d-----w- c:\documents and settings\Administrator\Dane aplikacji\DivX
2009-04-24 20:02 . 2009-04-24 20:02 -------- d-----w- c:\program files\MSBuild
2009-04-24 20:02 . 2009-04-24 20:02 -------- d-----w- c:\program files\Reference Assemblies
2009-04-24 19:37 . 2009-04-24 19:30 -------- d-----w- c:\program files\Conflict Denied Ops
2009-04-24 19:30 . 2009-04-24 19:30 418480 ----a-w- c:\windows\system32\wrap_oal.dll
2009-04-24 19:30 . 2009-04-24 19:30 115432 ----a-w- c:\windows\system32\OpenAL32.dll
2009-04-24 18:48 . 2009-03-25 20:01 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2009-04-24 18:46 . 2009-03-25 20:00 -------- d-----w- c:\program files\VIA
2009-04-24 18:45 . 2009-03-25 20:01 -------- d-----w- c:\program files\AGEIA Technologies
2009-04-24 18:20 . 2009-04-24 18:20 -------- d-----w- c:\documents and settings\Administrator\Dane aplikacji\Gadu-Gadu
2009-04-24 18:19 . 2009-04-24 18:19 -------- d-----w- c:\program files\Gadu-Gadu
2009-04-24 18:11 . 2009-04-24 18:11 -------- d-----w- c:\program files\Livebox Reconnect 2.0 Pro
2009-04-24 17:54 . 2009-04-24 17:53 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\WinZip
2009-04-24 17:49 . 2009-04-24 17:49 -------- d-----w- c:\documents and settings\Administrator\Dane aplikacji\OpenFM
2009-04-24 17:27 . 2009-04-24 17:27 -------- d-----w- c:\program files\Free Download Manager
.

((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PeerGuardian"="c:\program files\PeerGuardian2\pg2.exe" [2007-01-29 1432064]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"="c:\program files\VIA\VIAudioi\HDADeck\HDeck.exe" [2008-08-15 30003200]
"WheelMouse"="c:\program files\A4Tech\Mouse\Amoumain.exe" [2007-05-15 204800]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-04-30 13750272]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-04-30 86016]
"cFosSpeed"="c:\program files\Topos\cFosSpeed\cFosSpeed.exe" [2009-02-11 876760]
"nwiz"="nwiz.exe" - c:\windows\system32\nwiz.exe [2009-04-30 1657376]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\Administrator\Menu Start\Programy\Autostart\
cFosSpeed Updater.exe [2009-3-22 46450]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"CiSvc"=3 (0x3)
"UPS"=3 (0x3)
"PnkBstrA"=2 (0x2)
"idsvc"=3 (0x3)
"UpdateCenterService"=2 (0x2)
"nTuneService"=2 (0x2)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Common Files\\Nokia\\Service Layer\\A\\nsl_host_process.exe"=
"c:\\Program Files\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe"=
"d:\\Program Files\\Activision\\Call of Duty - World at War\\CoDWaWmp.exe"=
"d:\\Program Files\\Activision\\Call of Duty - World at War\\CoDWaW.exe"=
"d:\\Program Files\\Ubisoft\\Tom Clancy's H.A.W.X\\HAWX.exe"=
"d:\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"=
"c:\\Program Files\\Valve\\hl.exe"=
"c:\\Program Files\\Java\\jre6\\launch4j-tmp\\JDownloader.exe"=
"d:\\Turok\\Binaries\\TurokGame.exe"=
"c:\\Program Files\\Free Download Manager\\fdm.exe"=
"d:\\stare pliki zostawic\\BitTorrent\\bittorrent.exe"=
"d:\\Program Files\\Team JPN\\Race Driver GRID\\GRID.exe"=
"d:\\Program Files\\Rockstar Games\\Grand Theft Auto IV\\LaunchGTAIV.exe"=
"d:\\Program Files\\Rockstar Games\\Grand Theft Auto IV\\GTAIV.exe"=
"c:\\Program Files\\Rockstar Games\\Rockstar Games Social Club\\RGSCLauncher.exe"=
"d:\\Program Files\\THQ\\S.T.A.L.K.E.R. - Shadow of Chernobyl\\bin\\XR_3DA.exe"=
"d:\\Program Files\\THQ\\S.T.A.L.K.E.R. - Shadow of Chernobyl\\bin\\dedicated\\XR_3DA.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"d:\\Program Files\\Firaxis Games\\Sid Meier's Civilization 4\\Beyond the Sword\\Civ4BeyondSword.exe"=
"d:\\Program Files\\Firaxis Games\\Sid Meier's Civilization 4\\Beyond the Sword\\Civ4BeyondSword_PitBoss.exe"=
"d:\\Program Files\\2K Games\\Firaxis Games\\Sid Meier's Civilization IV Colonization\\Colonization.exe"=
"d:\\Legendary\\Binaries\\Legendary.exe"=
"d:\\Program Files\\Team JPN\\Tom Clancy's Rainbow Six Vegas 2\\Binaries\\R6Vegas2_Game.exe"=
"c:\\eMule\\emule.exe"=
"d:\\Program Files\\rFactor\\rFactor.exe"=
"c:\\WINDOWS\\system32\\java.exe"=
"c:\\Program Files\\Gadu-Gadu\\gg.exe"=
"c:\\Program Files\\Nowe Gadu-Gadu\\gg.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\java.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=

R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [2009-03-25 845184]
S3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\drivers\ggflt.sys [2009-06-01 13224]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [2009-05-11 136704]
S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [2009-05-11 8320]
S3 sterownik;sterownik;\??\c:\docume~1\ADMINI~1\USTAWI~1\Temp\IXP000.TMP\sterownik.sys --> c:\docume~1\ADMINI~1\USTAWI~1\Temp\IXP000.TMP\sterownik.sys [?]

--- Inne Usługi/Sterowniki w Pamięci ---

*NewlyCreated* - PGFILTER

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
- - - - USUNIĘTO PUSTE WPISY - - - -

SafeBoot-procexp90.Sys


.
------- Skan uzupełniający -------
.
uStart Page = hxxp://www.google.pl/
uInternet Connection Wizard,ShellNext = iexplore
IE: E&ksportuj do programu Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Pobierz plik wideo we Free Download Manager - file://c:\program files\Free Download Manager\dlfvideo.htm
IE: Pobierz w Free Download Manager - file://c:\program files\Free Download Manager\dllink.htm
IE: Pobierz wszystkie pliki w Free Download Manager - file://c:\program files\Free Download Manager\dlall.htm
IE: Pobierz zaznaczone w Free Download Manager - file://c:\program files\Free Download Manager\dlselected.htm
FF - ProfilePath - c:\documents and settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\q0xa1sq6.default\
FF - prefs.js: browser.startup.homepage - www.google.pl
FF - component: c:\program files\Free Download Manager\Firefox\Extension\components\vmsfdmff.dll
FF - component: c:\program files\Nokia\Nokia PC Suite 7\bkmrksync\components\BkMrkExt.dll
FF - plugin: c:\documents and settings\Administrator\Dane aplikacji\Nowe Gadu-Gadu\_userdata\npgg.1.dll
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-06-01 21:54
Windows 5.1.2600 Dodatek Service Pack 3 NTFS

skanowanie ukrytych procesów ...

skanowanie ukrytych wpisów autostartu ...

HKLM\Software\Microsoft\Windows\CurrentVersion\Run
HDAudDeck = c:\program files\VIA\VIAudioi\HDADeck\HDeck.exe 1????????????????????????????????????????????????

skanowanie ukrytych plików ...

skanowanie pomyślnie ukończone
ukryte pliki: 0

**************************************************************************
.
--------------------- ZABLOKOWANE KLUCZE REJESTRU ---------------------

[HKEY_USERS\S-1-5-21-1708537768-1637723038-1801674531-500\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (Administrator)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,65,4e,c0,8b,18,b5,1e,49,aa,c3,c3,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,65,4e,c0,8b,18,b5,1e,49,aa,c3,c3,\

[HKEY_USERS\S-1-5-21-1708537768-1637723038-1801674531-500\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)

[HKEY_USERS\S-1-5-21-1708537768-1637723038-1801674531-500\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{6AE6B116-1414-B9AD-B699-8E25112CCDAE}*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)

[HKEY_USERS\S-1-5-21-1708537768-1637723038-1801674531-500\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:1a,09,8c,17,87,95,bb,df,16,29,39,34,c0,ba,53,da,29,f1,59,0f,a7,8b,0f,
8e,b7,f0,aa,45,a9,f4,a2,07,bc,cc,46,4d,53,2d,e4,8b,ac,6a,43,2b,d3,1c,80,26,\
"??"=hex:35,fc,c6,3d,c9,02,ad,db,37,1f,61,de,0f,33,8f,50

[HKEY_USERS\S-1-5-21-1708537768-1637723038-1801674531-500\Software\SecuROM\License information*]
"datasecu"=hex:26,47,59,03,c1,e1,69,43,d6,89,be,07,bb,48,e3,89,aa,a6,d1,15,6c,
0f,1d,12,9b,a5,a4,cb,85,b7,73,fd,9a,e1,33,93,9e,90,35,b3,98,3e,3b,8e,30,8d,\
"rkeysecu"=hex:b5,e2,c1,9f,7f,a1,64,54,cc,b8,6b,a0,05,f7,31,05
.
--------------------- Pliki DLL ładowane pod uruchomionymi procesami ---------------------

- - - - - - - > 'explorer.exe'(2356)
c:\windows\system32\msi.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Czas ukończenia: 2009-06-01 21:55
ComboFix-quarantined-files.txt 2009-06-01 19:55

Przed: 30 476 640 256 bajtów wolnych
Po: 30 464 753 664 bajtów wolnych

312

  • -1


  1. Forum Komputerowe Tweaks.pl
  2. Przeglądanie profilu: Reputacja: daw24
  3. Polityka prywatności
  4. Szukaj
  5. Regulamin Forum ·