Combofix wszystko gra?
ComboFix 09-06-15.04 - trolll 2009-06-16 2:06.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1250.48.1045.18.255.131 [GMT 2:00]
Uruchomiony z: c:\documents and settings\trolll\Pulpit\ComboFix.exe
AV: avast! antivirus 4.8.1335 [VPS 090615-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
((((((((((((((((((((((((((((((((((((((( Usunięto )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\windows\system32\hattric
C:\host.exe
c:\windows\autorun.inf
c:\windows\system32\hattric\1.ep
c:\windows\system32\temp1.exe
c:\windows\system32\temp2.exe
c:\windows\xcopy.exe
E:\Autorun.inf
E:\host.exe
.
((((((((((((((((((((((((( Pliki utworzone od 2009-05-16 do 2009-06-16 )))))))))))))))))))))))))))))))
.
2009-06-15 23:07 . 2009-02-05 20:06 51376 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2009-06-15 23:07 . 2009-02-05 20:06 23152 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2009-06-15 23:07 . 2009-02-05 20:05 26944 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2009-06-15 23:07 . 2009-02-05 20:04 97480 ----a-w- c:\windows\system32\AvastSS.scr
2009-06-15 23:07 . 2009-02-05 20:08 93296 ----a-w- c:\windows\system32\drivers\aswmon.sys
2009-06-15 23:07 . 2009-02-05 20:08 94032 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2009-06-15 23:07 . 2009-02-05 20:07 114768 ----a-w- c:\windows\system32\drivers\aswSP.sys
2009-06-15 23:07 . 2009-02-05 20:07 20560 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2009-06-15 23:07 . 2009-02-05 20:11 1256296 ----a-w- c:\windows\system32\aswBoot.exe
2009-06-15 23:02 . 2009-06-15 23:03 -------- d-----w- c:\program files\Ventrilo
2009-06-15 23:01 . 2009-06-15 23:01 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2009-06-01 15:13 . 2009-06-01 15:13 -------- d-----w- c:\program files\Ganymede
2009-05-31 20:36 . 2009-06-01 12:57 -------- d-----w- c:\program files\VirtualDJ
2009-05-29 18:27 . 2009-06-15 23:30 -------- d-----w- c:\program files\Winamp
2009-05-29 18:27 . 2009-05-31 20:59 -------- d-----w- c:\documents and settings\trolll\Dane aplikacji\Winamp
.
(((((((((((((((((((((((((((((((((((((((( Sekcja Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-06-15 23:01 . 2001-10-26 18:15 64638 ----a-w- c:\windows\system32\perfc015.dat
2009-06-15 23:01 . 2001-10-26 18:15 382894 ----a-w- c:\windows\system32\perfh015.dat
2009-06-15 22:32 . 2009-02-07 22:08 -------- d-----w- c:\documents and settings\trolll\Dane aplikacji\mIRC
2009-06-15 21:19 . 2009-02-24 22:04 10 ----a-w- c:\windows\popcinfo.dat
2009-06-15 20:45 . 2009-02-07 22:08 -------- d-----w- c:\program files\mIRC
2009-06-12 13:18 . 2009-06-12 13:18 54272 ----a-w- c:\documents and settings\trolll\Dane aplikacji\GanymedeNet\Online Games\Common\ielauncher.exe
2009-06-12 13:18 . 2009-06-12 13:18 4 ----a-w- c:\windows\system32\proc-1552669918.bin
2009-06-12 13:18 . 2009-06-01 15:14 -------- d-----w- c:\documents and settings\trolll\Dane aplikacji\GanymedeNet
2009-06-09 09:10 . 2009-04-12 13:13 -------- d---a-w- c:\documents and settings\All Users\Dane aplikacji\TEMP
2009-06-08 21:57 . 2009-06-08 21:54 52770576 ----a-w- c:\documents and settings\trolll\Dane aplikacji\Sony Setup\64993CD0-67D1-4244-A2BC-FD73F4DA5B62\dotnetfx3.exe
2009-06-08 21:54 . 2009-06-08 21:54 -------- d-----w- c:\documents and settings\trolll\Dane aplikacji\Sony Setup
2009-06-08 21:15 . 2009-06-08 21:15 -------- d-----w- c:\documents and settings\trolll\Dane aplikacji\Media Player Classic
2009-05-19 18:14 . 2004-01-01 18:13 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-05-19 13:14 . 2009-02-06 08:13 12720 ----a-w- c:\documents and settings\trolll\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT
2009-05-10 16:16 . 2004-01-01 18:06 -------- d-----w- c:\program files\Alwil Software
.
((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"Steam"="e:\all\steam\steam.exe" [2009-06-10 1217784]
"Gadu-Gadu"="e:\all\Gadu-Gadu\gg.exe" [2008-03-20 2127296]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2004-01-01 136600]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2005-02-24 5537792]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2005-02-24 86016]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2008-11-26 81000]
"SoundMan"="SOUNDMAN.EXE" - c:\windows\soundman.exe [2006-08-03 577536]
"nwiz"="nwiz.exe" - c:\windows\system32\nwiz.exe [2005-02-24 1495040]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"JavaQuickStarterService"=2 (0x2)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"e:\\ALL\\csns\\hl.exe"=
"e:\\ALL\\Steam\\Steam.exe"=
"e:\\ALL\\DC++\\DCPlusPlus.exe"=
"e:\\ALL\\Steam\\SteamApps\\negativ93\\counter-strike\\hl.exe"=
"c:\\Documents and Settings\\trolll\\Pulpit\\azereus.exe"=
"c:\\Program Files\\mIRC\\mirc.exe"=
"c:\\totalcmd\\TOTALCMD.EXE"=
"c:\\Documents and Settings\\trolll\\Application Data\\PowerChallenge\\PowerSoccer\\PowerSoccer.exe"=
"c:\\Documents and Settings\\All Users\\Dane aplikacji\\NexonUS\\NGM\\NGM.exe"=
"c:\\Program Files\\Pando Networks\\Media Booster\\PMB.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\java.exe"=
"e:\\ALL\\Steam\\SteamApps\\przemoj_96\\counter-strike\\hl.exe"=
"e:\\ALL\\Gadu-Gadu\\gg.exe"=
"c:\\Program Files\\VirtualDJ\\virtualdj_trial.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"57310:TCP"= 57310:TCP:Pando Media Booster
"57310:UDP"= 57310:UDP:Pando Media Booster
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2009-06-16 114768]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2009-06-16 20560]
--- Inne Usługi/Sterowniki w Pamięci ---
*NewlyCreated* - APPMGMT
.
.
------- Skan uzupełniający -------
.
uSearchURL,(Default) = hxxp://toolbar.ask.com/toolbarv/askRedirect?o=101699&gct=&gc=1&q=%s
FF - ProfilePath -
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-06-16 02:08
Windows 5.1.2600 Dodatek Service Pack 3 NTFS
skanowanie ukrytych procesów ...
skanowanie ukrytych wpisów autostartu ...
skanowanie ukrytych plików ...
skanowanie pomyślnie ukończone
ukryte pliki: 0
**************************************************************************
.
Czas ukończenia: 2009-06-16 2:09
ComboFix-quarantined-files.txt 2009-06-16 00:09
Przed: 11 324 358 656 bajtów wolnych
Po: 12 258 136 064 bajtów wolnych
WindowsXP-KB310994-SP2-Pro-BootDisk-PLK.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
126
---------------------------------------------------------------------------------------------------------------------------------------------
Może mi ktoś powiedzieć czy wszystko jest dobrze ? bo strasznie komputer "zamula" w sensie nie chodzi tak jak powinien
Odpowiedzi: 0
Strona 0 / 0