Skocz do zawartości

  2. Przeglądanie profilu: Posty: keep1

keep1

Rejestracja: 27 sie 2008
OFFLINE Ostatnio: 27 08 2008 14:03
-----

Moje posty

W temacie: [wirus]Vir

27 08 2008 - 12:21

scan z kombofixa
ComboFix 08-08-26.02 - Administrator 2008-08-27 12:09:49.3 - NTFSx86Microsoft Windows XP Professional  5.1.2600.2.1250.1.1045.18.1510 [GMT 2:00]Running from: C:\Documents and Settings\Administrator\Pulpit\ComboFix.exe * Created a new restore point * Resident AV is active<strong class='bbc'>WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED Dołączona grafika</strong>.(((((((((((((((((((((((((   Files Created from 2008-07-27 to 2008-08-27  ))))))))))))))))))))))))))))))).2008-08-27 00:42 . 2008-08-27 00:42	572,984	--ah-----	C:\hosted.0xe2008-08-24 20:54 . 2006-06-26 02:49	1,867,776	--a------	C:\WINDOWS\system32\python24.dll2008-08-23 16:28 . 2008-08-23 16:28	<DIR>	d--------	C:\Documents and Settings\All Users\Dane aplikacji\Yahoo! Companion2008-08-23 16:27 . 2008-08-23 16:27	<DIR>	d--------	C:\Documents and Settings\Administrator\Dane aplikacji\Tibia2008-08-19 11:11 . 2008-08-19 11:11	<DIR>	d--------	C:\Program Files\Bmbn2008-08-19 11:10 . 2008-08-19 11:10	<DIR>	d--------	C:\OrbSecure2008-08-17 17:24 . 2008-08-17 17:24	80,954	--a------	C:\ISO1.nri2008-08-17 15:54 . 2008-08-17 15:58	61,504	--a------	C:\WINDOWS\system32\comglt32a.dll2008-08-16 18:27 . 2008-08-16 18:27	<DIR>	d--------	C:\Program Files\Yahoo!2008-08-16 18:27 . 2008-08-16 18:27	<DIR>	d--------	C:\Program Files\CCleaner2008-08-16 17:25 . 2008-08-16 17:25	<DIR>	d--------	C:\WINDOWS\system32\xircom2008-08-16 17:25 . 2008-08-16 17:25	<DIR>	d--------	C:\WINDOWS\system32\oobe2008-08-16 17:25 . 2008-08-16 17:25	<DIR>	d--------	C:\WINDOWS\srchasst2008-08-16 17:25 . 2008-08-16 17:25	<DIR>	d--------	C:\WINDOWS\msagent2008-08-16 17:25 . 2008-08-16 17:25	<DIR>	d--------	C:\Program Files\microsoft frontpage2008-08-16 17:13 . 2008-08-16 17:13	<DIR>	d--------	C:\Documents and Settings\LocalService\Pulpit2008-08-16 17:00 . 2008-08-16 17:00	<DIR>	d--------	C:\Program Files\Trend Micro2008-08-16 16:41 . 2008-08-16 16:55	<DIR>	d--------	C:\Documents and Settings\Administrator\Dane aplikacji\F-Secure2008-08-16 16:33 . 2008-08-16 16:33	<DIR>	d--------	C:\Documents and Settings\Administrator\Dane aplikacji\vlc2008-08-16 16:31 . 2008-08-16 16:31	<DIR>	d--------	C:\Program Files\VideoLAN2008-08-15 14:54 . 2008-08-15 14:54	249,856	---------	C:\WINDOWS\Setup1.exe2008-08-15 14:54 . 2008-08-15 14:54	73,216	--a------	C:\WINDOWS\ST6UNST.EXE2008-08-15 12:58 . 2008-08-15 12:58	<DIR>	d--------	C:\Program Files\Gadu-Gaduu2008-08-14 15:18 . 2008-08-14 15:18	<DIR>	d--------	C:\Program Files\WebServ2008-08-14 15:18 . 2007-06-19 21:52	419,840	--a------	C:\WINDOWS\system32\ws_edit.lib2008-08-14 15:18 . 2006-08-17 22:37	130,048	--a------	C:\WINDOWS\system32\webserv.cpl2008-08-14 15:18 . 2008-08-14 15:19	40,230	--a------	C:\WINDOWS\php.ini2008-08-14 15:18 . 2008-08-14 15:19	427	--a------	C:\WINDOWS\my.ini2008-08-13 21:41 . 2008-08-16 17:18	<DIR>	d--------	C:\Program Files\Winamp Toolbar2008-08-13 21:41 . 2008-08-13 21:41	<DIR>	d--------	C:\Documents and Settings\All Users\Dane aplikacji\Winamp Toolbar2008-08-13 21:35 . 2008-08-19 11:11	<DIR>	d--------	C:\Program Files\Winamp2008-08-13 21:35 . 2008-08-24 15:31	<DIR>	d--------	C:\Documents and Settings\Administrator\Dane aplikacji\Winamp2008-08-13 21:35 . 2007-03-08 01:51	129,784	---------	C:\WINDOWS\system32\pxafs.dll2008-08-13 15:15 . 2008-08-13 15:15	<DIR>	d--------	C:\Program Files\AMD2008-08-13 15:15 . 2006-06-27 14:24	31,744	--a------	C:\WINDOWS\system32\drivers\AmdTools.sys2008-08-13 15:11 . 2008-08-13 15:13	<DIR>	d--------	C:\Program Files\Counter-Strike 1.62008-08-12 16:09 . 2005-09-08 20:12	<DIR>	dr-------	C:\Sakson's save 100%2008-08-12 16:04 . 2008-08-14 12:59	<DIR>	d--------	C:\GTA San Andreas User Files2008-08-12 15:18 . 2008-08-12 15:18	<DIR>	d--------	C:\Program Files\Hide Folders XP 22008-08-12 15:18 . 2007-01-23 01:26	17,264	--a------	C:\WINDOWS\system32\drivers\hfxp2.sys2008-08-07 21:30 . 2008-08-07 21:30	<DIR>	d--------	C:\Program Files\Lavasoft2008-08-07 21:30 . 2008-08-07 21:30	<DIR>	d--------	C:\Documents and Settings\All Users\Dane aplikacji\Lavasoft2008-08-07 20:06 . 2008-08-07 20:06	65	--a------	C:\WINDOWS\Kit.ini2008-08-06 17:03 . 2008-08-06 17:03	<DIR>	d--------	C:\Program Files\Picasa22008-08-06 17:03 . 2008-08-06 17:03	<DIR>	d--------	C:\Program Files\Google2008-08-06 17:03 . 2006-10-05 04:42	2,560	---------	C:\WINDOWS\system32\drivers\cdralw2k.sys2008-08-06 17:03 . 2006-10-05 04:42	2,432	---------	C:\WINDOWS\system32\drivers\cdr4_xp.sys2008-08-06 14:44 . 2008-08-06 14:44	<DIR>	d--------	C:\Program Files\Valve2008-08-06 11:55 . 2004-08-04 00:44	153,088	--a------	C:\WINDOWS\system32\irftp.exe2008-08-06 11:55 . 2004-08-03 23:00	87,424	--a------	C:\WINDOWS\system32\drivers\irda.sys2008-08-06 11:55 . 2004-08-04 00:44	27,648	--a------	C:\WINDOWS\system32\irmon.dll2008-08-06 11:55 . 2001-08-17 21:49	26,624	--a------	C:\WINDOWS\system32\drivers\irstusb.sys2008-08-06 11:55 . 2001-08-17 21:51	19,584	--a------	C:\WINDOWS\system32\drivers\rasirda.sys2008-08-06 11:55 . 2004-08-04 00:44	8,192	--a------	C:\WINDOWS\system32\wshirda.dll2008-08-05 21:18 . 2008-08-24 19:25	<DIR>	d--------	C:\Program Files\XVideoConverter2008-08-05 21:18 . 2008-08-05 21:30	<DIR>	d-a------	C:\Documents and Settings\All Users\Dane aplikacji\TEMP2008-08-04 13:31 . 2008-08-04 13:31	0	--ah-----	C:\WINDOWS\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf2008-08-04 13:31 . 2008-08-04 13:31	0	--ah-----	C:\WINDOWS\system32\drivers\Msft_Kernel_ggsemc_01005.Wdf2008-08-04 11:54 . 2008-08-04 11:54	<DIR>	d--------	C:\Program Files\Audacity 1.3 Beta (Unicode)2008-08-04 11:54 . 2008-08-04 12:31	<DIR>	d--------	C:\Documents and Settings\Administrator\Dane aplikacji\Audacity2008-08-03 23:37 . 2008-08-03 23:37	<DIR>	d--------	C:\Program Files\Intuwave Ltd2008-08-03 23:00 . 2008-08-03 23:00	<DIR>	d--------	C:\Program Files\Sony Setup2008-08-03 23:00 . 2008-08-03 23:00	<DIR>	d--------	C:\Documents and Settings\Administrator\Dane aplikacji\Sony Setup2008-08-03 22:30 . 2008-08-03 22:30	<DIR>	d----c---	C:\WINDOWS\system32\DRVSTORE2008-08-03 22:30 . 2008-08-03 22:30	1,419,232	--a------	C:\WINDOWS\system32\wdfcoinstaller01005.dll2008-08-03 22:30 . 2008-08-03 22:30	21,672	--a------	C:\WINDOWS\system32\drivers\ggsemc.sys2008-08-03 22:30 . 2008-08-03 22:30	13,352	--a------	C:\WINDOWS\system32\drivers\ggflt.sys2008-08-03 22:28 . 2008-08-03 23:37	<DIR>	d--------	C:\Documents and Settings\All Users\Dane aplikacji\Sony Ericsson2008-08-03 22:27 . 2008-08-03 22:57	<DIR>	d--------	C:\Program Files\Sony Ericsson2008-08-03 12:31 . 2008-08-07 21:30	<DIR>	d--------	C:\Program Files\Common Files\Wise Installation Wizard2008-08-02 15:18 . 2008-08-02 15:18	<DIR>	d--------	C:\Documents and Settings\Administrator\Dane aplikacji\Gadu-Gadu2008-08-01 14:35 . 2008-08-26 21:26	151	--a------	C:\WINDOWS\PhotoSnapViewer.INI2008-07-31 23:45 . 2008-08-24 21:41	69	--a------	C:\WINDOWS\NeroDigital.ini2008-07-31 23:38 . 2008-07-31 23:38	<DIR>	d--------	C:\Documents and Settings\All Users\Dane aplikacji\Ahead2008-07-31 23:38 . 2008-07-31 23:38	<DIR>	d--------	C:\Documents and Settings\Administrator\Dane aplikacji\Ahead2008-07-31 23:35 . 2008-07-31 23:35	<DIR>	d--------	C:\Program Files\Nero2008-07-31 23:35 . 2008-07-31 23:38	<DIR>	d--------	C:\Program Files\Common Files\Ahead2008-07-31 23:35 . 2008-07-31 23:35	<DIR>	d--------	C:\Documents and Settings\All Users\Dane aplikacji\Nero2008-07-31 18:25 . 2008-07-31 18:25	<DIR>	d--------	C:\Program Files\Asprate2008-07-31 14:02 . 2008-07-31 14:02	<DIR>	d--------	C:\WINDOWS\Sun2008-07-31 13:11 . 2008-07-31 13:12	<DIR>	d--------	C:\Program Files\Ares2008-07-31 12:38 . 2004-08-03 23:08	31,616	--a------	C:\WINDOWS\system32\drivers\usbccgp.sys2008-07-31 11:46 . 2004-08-04 02:35	58,624	--a------	C:\WINDOWS\system32\drivers\redbook.sys2008-07-31 11:46 . 2001-08-17 23:59	3,072	--a------	C:\WINDOWS\system32\drivers\audstub.sys2008-07-31 11:45 . 2004-08-04 02:44	77,312	--a------	C:\WINDOWS\system32\usbui.dll2008-07-31 11:44 . 2008-07-31 11:44	<DIR>	dr-h-----	C:\Documents and Settings\Default User\Ustawienia lokalne2008-07-31 11:44 . 2008-07-31 11:44	<DIR>	d--------	C:\Documents and Settings\Default User\Ulubione2008-07-31 11:44 . 2008-07-31 09:47	<DIR>	d--h-----	C:\Documents and Settings\Default User\Szablony2008-07-31 11:44 . 2008-07-31 11:44	<DIR>	d--------	C:\Documents and Settings\Default User\Pulpit2008-07-31 11:44 . 2008-07-31 11:44	<DIR>	d--------	C:\Documents and Settings\Default User\Moje dokumenty2008-07-31 11:44 . 2008-07-31 11:44	<DIR>	dr-------	C:\Documents and Settings\Default User\Menu Start2008-07-31 11:44 . 2008-07-31 09:51	<DIR>	dr-h-----	C:\Documents and Settings\Default User\Dane aplikacji2008-07-31 11:44 . 2008-07-31 11:44	<DIR>	d--------	C:\Documents and Settings\All Users\Ulubione2008-07-31 11:44 . 2008-07-31 11:44	<DIR>	d--h-----	C:\Documents and Settings\All Users\Szablony2008-07-31 11:44 . 2008-08-23 16:27	<DIR>	d--------	C:\Documents and Settings\All Users\Pulpit2008-07-31 11:44 . 2008-07-31 09:50	<DIR>	dr-------	C:\Documents and Settings\All Users\Menu Start2008-07-31 11:44 . 2008-08-19 11:10	<DIR>	dr-------	C:\Documents and Settings\All Users\Dokumenty2008-07-31 11:44 . 2008-08-24 19:24	<DIR>	dr-h-----	C:\Documents and Settings\All Users\Dane aplikacji2008-07-31 11:43 . 2008-07-31 09:54	<DIR>	d--h-----	C:\Documents and Settings\Default User2008-07-31 11:43 . 2008-07-31 09:49	<DIR>	d--------	C:\Documents and Settings\All Users2008-07-31 11:43 . 2008-07-31 09:54	<DIR>	d--------	C:\Documents and Settings.((((((((((((((((((((((((((((((((((((((((   Find3M Report   )))))))))))))))))))))))))))))))))))))))))))))))))))).2008-08-27 10:09	---------	d-----w	C:\Program Files\Neostrada TP2008-08-03 20:56	---------	d--h--w	C:\Program Files\InstallShield Installation Information2008-07-31 08:43	---------	d-----w	C:\Program Files\F-Secure Internet Security2008-07-31 08:41	51,072	----a-w	C:\WINDOWS\system32\drivers\fsdfw.sys2008-07-31 08:41	30,016	----a-w	C:\WINDOWS\system32\drivers\fsndis5.sys2008-07-31 08:38	---------	d-----w	C:\Program Files\Gadu-Gadu2008-07-31 08:30	315,392	----a-w	C:\WINDOWS\HideWin.exe2008-07-31 08:30	---------	d-----w	C:\Program Files\Realtek2008-07-31 08:22	---------	d-----w	C:\Documents and Settings\All Users\Dane aplikacji\F-Secure2008-07-31 08:21	---------	d-----w	C:\Documents and Settings\All Users\Dane aplikacji\fssg2008-07-31 08:13	23	----a-w	C:\WINDOWS\system32\drivers\adidsl.cfg2008-07-31 08:13	---------	d-----w	C:\Program Files\SAGEM2008-07-31 08:13	---------	d-----w	C:\Program Files\Common Files\InstallShield2008-07-31 08:04	---------	d-----w	C:\Program Files\VDOTool2008-07-31 07:51	---------	d-----w	C:\Program Files\<a href="http://www.download.net.pl/107/Real-Alternative/">Real Alternative</a>2008-07-31 07:51	---------	d-----w	C:\Program Files\QuickTime Alternative2008-07-31 07:51	---------	d-----w	C:\Program Files\Java2008-07-31 07:51	---------	d-----w	C:\Program Files\Common Files\Java2008-07-31 07:51	---------	d-----w	C:\Documents and Settings\All Users\Dane aplikacji\Apple Computer2008-07-31 07:48	---------	d-----w	C:\Program Files\Windows Media Connect 2.------- Sigcheck -------2007-07-10 15:06  642560  ce594e18fe0d0af804f1f3694921ce62	C:\WINDOWS\system32\user32.dll2007-07-14 00:56  814592  ce7193c5f7c01b19768e066087c1c919	C:\WINDOWS\system32\wininet.dll2007-07-28 03:15  360576  0fb6743e937c7bb248b2530a5a77abc6	C:\WINDOWS\system32\drivers\tcpip.sys2007-07-26 19:30  2145792  316acc3ac43fc855204ce5e775f66b91	C:\WINDOWS\system32\ntoskrnl.exe2007-07-14 00:42  974848  32f67215c57df2c401bf93b7ee65987f	C:\WINDOWS\explorer.exe.(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))..*Note* empty entries & legit default entries are not shown REGEDIT4[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 02:44 15360]"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-06-01 10:21 153136]"Steam"="c:\program files\valve\steam\steam.exe" [2008-08-06 14:49 1271032][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"Gainward"="C:\Program Files\VDOTool\TBPanel.exe" [2007-11-01 13:25 2165272]"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-09-16 19:07 8491008]"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2007-09-16 19:07 81920]"F-Secure Manager"="C:\Program Files\F-Secure Internet Security\Common\FSM32.EXE" [2007-05-25 15:12 183208]"F-Secure TNB"="C:\Program Files\F-Secure Internet Security\FSGUI\TNBUtil.exe" [2007-05-25 15:11 740208]"NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-01 15:57 153136]"WOOWATCH"="C:\PROGRA~1\NEOSTR~1\Watch.exe" [2003-10-16 18:07 20480]"WOOTASKBARICON"="C:\PROGRA~1\NEOSTR~1\TaskbarIcon.exe" [2003-10-16 18:07 53248]"amd_dc_opt"="C:\Program Files\AMD\amd_dc_opt\amd_dc_opt.exe" [2006-06-28 15:42 106496]"nwiz"="nwiz.exe" [2007-09-16 19:07 1626112 C:\WINDOWS\system32\nwiz.exe]"RTHDCPL"="RTHDCPL.EXE" [2007-05-10 18:08 16342528 C:\WINDOWS\RTHDCPL.exe][HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-04 02:44 15360][HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]"nltide_2"="shell32" [X]C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\DSLMON.lnk - C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe [2008-07-31 10:13:18 966756][HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]"DisableStatusMessages"= 1 (0x1)[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]"NoSMMyPictures"= 1 (0x1)"NoSMConfigurePrograms"= 1 (0x1)"NoSMHelp"= 1 (0x1)"NoResolveTrack"= 1 (0x1)"NoResolveSearch"= 1 (0x1)[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]"NoSMMyPictures"= 1 (0x1)"NoSMConfigurePrograms"= 1 (0x1)"NoSMHelp"= 1 (0x1)"NoResolveTrack"= 1 (0x1)"NoResolveSearch"= 1 (0x1)[HKEY_LOCAL_MACHINE\software\microsoft\security center]"AntiVirusDisableNotify"=dword:00000001"AntiVirusOverride"=dword:00000001[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]"EnableFirewall"= 0 (0x0)[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\system32\\sessmgr.exe"="C:\\WINDOWS\\system32\\winver.exe"=R0 FSFW;F-Secure Firewall Driver;C:\WINDOWS\system32\drivers\fsdfw.sys [2008-07-31 10:41]R0 HFXP2;HFXP2;C:\WINDOWS\system32\DRIVERS\HFXP2.SYS [2007-01-23 01:26]R1 F-Secure HIPS;F-Secure HIPS;C:\Program Files\F-Secure Internet Security\HIPS\fshs.sys [2008-07-31 10:41]R3 AmdTools;AMD Special Tools Driver;C:\WINDOWS\system32\DRIVERS\AmdTools.sys [2006-06-27 14:24]R3 F-Secure Gatekeeper;F-Secure Gatekeeper;C:\Program Files\F-Secure Internet Security\Anti-Virus\minifilter\fsgk.sys [2007-05-25 15:08]S2 AKEProtect;AKEProtect;C:\Program Files\Anti Keylogger Elite\AKEProtect.sys []S3 ggflt;SEMC USB Flash Driver Filter;C:\WINDOWS\system32\DRIVERS\ggflt.sys [2008-08-03 22:30]S3 USBSTOR;Sterownik magazynu masowego USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 23:08]S4 F-Secure Filter;F-Secure File System Filter;C:\Program Files\F-Secure Internet Security\Anti-Virus\Win2K\FSfilter.sys [2007-05-25 15:09]S4 F-Secure Recognizer;F-Secure File System Recognizer;C:\Program Files\F-Secure Internet Security\Anti-Virus\Win2K\FSrec.sys [2007-05-25 15:09].- - - - ORPHANS REMOVED - - - -HKLM-Run-WinampAgent - C:\Program Files\Winamp\winampa.exeHKLM-Run-hosted - C:\Windows\system32\system.exe.------- Supplementary Scan -------.FireFox -: Profile - C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\4dp7lgpr.default\FireFox -: prefs.js - SEARCH.DEFAULTURL - hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&invocationType=tb50ffwinampie7&query=.**************************************************************************catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [url="http://www.gmer.net"]http://www.gmer.net[/url]Rootkit scan 2008-08-27 12:11:24Windows 5.1.2600 Dodatek Service Pack 2 NTFSscanning hidden processes ... scanning hidden autostart entries ...scanning hidden files ... scan completed successfullyhidden files: 0**************************************************************************.Completion time: 2008-08-27 12:12:01ComboFix-quarantined-files.txt  2008-08-27 10:11:57Pre-Run: 219,529,707,520 bajtów wolnychPost-Run: 219,526,979,584 bajtów wolnych228

  1. Forum Komputerowe Tweaks.pl
  2. Przeglądanie profilu: Posty: keep1
  3. Polityka prywatności
  4. Szukaj
  5. Regulamin Forum ·