Aktualizacje na programosy.pl: Grammarly for ChromeGoogle Maps DownloaderOperaSwitch Sound File ConverterCamtasia StudioEventSentryFarbar Recovery Scan ToolO&O ShutUp10W10Privacy  

  • Ogłoszenie:

mam problem dyski lokalne sie nie otwieraja

Wszystko odnośnie systemów z rodziny Microsoft
Wyślij odpowiedź

Mam problem dyski lokalne sie nie otwieraja

Postprzez Raivar 15 Cze 2008, 21:36

reklama
Dyski lokalne sie nie otwieraja normalni, pokazuje sie okno do wyboru programu, ktorym moge otworzyc dysk lokaly.

Zamieszczam log z ComboFixa
ComboFix 08-06-15.1 - Emilian 2008-06-15 21:27:06.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1250.1.1045.18.145 [GMT 2:00]
Running from: C:\Documents and Settings\Emilian\Pulpit\ComboFix.exe
* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\autorun.inf
C:\Program Files\myglobalsearch
C:\Program Files\myglobalsearch\bar\2.bin\M9FFXTBR.JAR
C:\Program Files\myglobalsearch\bar\2.bin\M9FFXTBR.MANIFEST
C:\Program Files\myglobalsearch\bar\2.bin\M9NTSTBR.JAR
C:\Program Files\myglobalsearch\bar\2.bin\M9NTSTBR.MANIFEST
C:\Program Files\myglobalsearch\bar\2.bin\M9PLUGIN.DLL
C:\Program Files\myglobalsearch\bar\2.bin\MGSBAR.DLL
C:\Program Files\myglobalsearch\bar\2.bin\NPMYGLSH.DLL
C:\Program Files\myglobalsearch\bar\Cache\001709F9
C:\Program Files\myglobalsearch\bar\Cache\00170CFC
C:\Program Files\myglobalsearch\bar\Cache\00170E46.bin
C:\Program Files\myglobalsearch\bar\Cache\0017109F.bin
C:\Program Files\myglobalsearch\bar\Cache\001711D5.bin
C:\Program Files\myglobalsearch\bar\Cache\files.ini
C:\Program Files\myglobalsearch\bar\History\search
C:\Program Files\myglobalsearch\bar\Settings\prevcfg.htm
D:\Autorun.inf
E:\Autorun.inf

.
((((((((((((((((((((((((( Files Created from 2008-05-15 to 2008-06-15 )))))))))))))))))))))))))))))))
.

2008-06-15 20:13 . 2008-06-15 20:13 <DIR> d-------- C:\WINDOWS\system32\ZoneLabs
2008-06-15 20:13 . 2008-06-15 20:13 <DIR> d-------- C:\Program Files\Zone Labs
2008-06-15 20:12 . 2008-06-15 20:13 <DIR> d-------- C:\WINDOWS\Internet Logs
2008-06-15 18:13 . 2008-06-15 18:13 <DIR> d-------- C:\Documents and Settings\Andrzej\.jagex_cache_32
2008-06-15 15:54 . 2008-06-15 15:54 <DIR> d-------- C:\Documents and Settings\All Users\Dati applicazioni
2008-06-15 15:44 . 2008-06-15 15:44 13,312 --a------ C:\WINDOWS\system32\taplso.dll
2008-06-15 15:44 . 2008-06-15 15:44 13,312 --a------ C:\WINDOWS\system32\pusdgo.dll
2008-06-15 15:44 . 2008-06-15 15:44 13,312 --a------ C:\WINDOWS\system32\bopdfan.dll
2008-06-15 15:43 . 2008-06-15 15:43 13,312 --a------ C:\WINDOWS\system32\popdfim.dll
2008-06-15 15:40 . 2008-06-15 15:41 <DIR> d-------- C:\Documents and Settings\All Users\Dane aplikacji\Lavasoft
2008-06-15 15:39 . 2008-06-15 15:39 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-06-15 14:47 . 2008-06-15 14:47 <DIR> d--h----- C:\WINDOWS\system32\GroupPolicy
2008-06-15 11:15 . 2008-06-15 18:04 <DIR> d-------- C:\Documents and Settings\Administrator\Dane aplikacji\Teleca
2008-06-15 11:07 . 2008-06-15 11:10 <DIR> d-------- C:\Documents and Settings\Andrzej\Dane aplikacji\Teleca
2008-06-15 10:26 . 2008-06-15 10:26 <DIR> d-------- C:\Documents and Settings\Mateusz\Dane aplikacji\Winamp
2008-06-15 10:14 . 2008-06-15 10:18 <DIR> d-------- C:\Documents and Settings\Mateusz\Dane aplikacji\Teleca
2008-06-15 09:32 . 2008-06-15 11:19 <DIR> d-------- C:\Documents and Settings\Emilian\Dane aplikacji\Teleca
2008-06-15 09:31 . 2008-06-15 09:31 <DIR> d-------- C:\Documents and Settings\All Users\Documents
2008-06-15 09:31 . 2008-06-15 09:31 <DIR> d-------- C:\Documents and Settings\All Users\Dane aplikacji\Sony Ericsson
2008-06-15 09:30 . 2008-06-15 09:30 <DIR> d-------- C:\Program Files\Sony Ericsson
2008-06-15 09:30 . 2008-06-15 09:31 <DIR> d-------- C:\Program Files\Common Files\Teleca Shared
2008-06-15 09:30 . 2008-06-15 09:30 <DIR> d-------- C:\Documents and Settings\All Users\Dane aplikacji\Teleca
2008-06-15 09:29 . 2004-08-03 23:08 26,496 --a--c--- C:\WINDOWS\system32\dllcache\usbstor.sys
2008-06-15 09:25 . 2008-06-15 09:28 <DIR> d----c--- C:\WINDOWS\system32\DRVSTORE
2008-06-15 09:23 . 2008-06-15 09:23 89,872 --a------ C:\WINDOWS\system32\drivers\k750mdm.sys
2008-06-15 09:23 . 2008-06-15 09:23 81,728 --a------ C:\WINDOWS\system32\drivers\k750mgmt.sys
2008-06-15 09:23 . 2008-06-15 09:23 79,488 --a------ C:\WINDOWS\system32\drivers\k750obex.sys
2008-06-15 09:23 . 2008-06-15 09:23 55,216 --a------ C:\WINDOWS\system32\drivers\k750bus.sys
2008-06-15 09:23 . 2008-06-15 09:23 6,576 --a------ C:\WINDOWS\system32\drivers\k750mdfl.sys
2008-06-15 09:23 . 2008-06-15 09:23 6,144 --a------ C:\WINDOWS\system32\drivers\k750cmnt.sys
2008-06-15 09:23 . 2008-06-15 09:23 6,144 --a------ C:\WINDOWS\system32\drivers\k750cm.sys
2008-06-15 09:23 . 2008-06-15 09:23 5,744 --a------ C:\WINDOWS\system32\drivers\k750whnt.sys
2008-06-15 09:23 . 2008-06-15 09:23 5,744 --a------ C:\WINDOWS\system32\drivers\k750wh.sys
2008-06-15 09:20 . 2008-06-15 09:24 <DIR> d-------- C:\WINDOWS\Downloaded Installations
2008-06-13 13:39 . 2008-06-13 13:40 <DIR> d-------- C:\Documents and Settings\Mateusz\Dane aplikacji\Tibia
2008-06-13 13:09 . 2008-06-13 13:09 <DIR> d-------- C:\.jagex_cache_32
2008-06-13 13:06 . 2008-06-13 13:06 <DIR> d-------- C:\Documents and Settings\Administrator\Dane aplikacji\Agnitum
2008-06-13 13:05 . 2008-06-15 21:28 <DIR> d--h----- C:\Documents and Settings\Administrator\Ustawienia lokalne
2008-06-13 13:05 . 2008-06-13 13:05 <DIR> dr------- C:\Documents and Settings\Administrator\Ulubione
2008-06-13 13:05 . 2008-06-11 13:24 <DIR> d--h----- C:\Documents and Settings\Administrator\Szablony
2008-06-13 13:05 . 2008-06-15 18:05 <DIR> d-------- C:\Documents and Settings\Administrator\Pulpit
2008-06-13 13:05 . 2008-06-13 13:05 <DIR> dr------- C:\Documents and Settings\Administrator\Moje dokumenty
2008-06-13 13:05 . 2008-06-11 15:07 <DIR> dr------- C:\Documents and Settings\Administrator\Menu Start
2008-06-13 13:05 . 2008-06-15 11:16 <DIR> dr-h----- C:\Documents and Settings\Administrator\Dane aplikacji
2008-06-13 13:05 . 2008-06-15 18:04 <DIR> d-------- C:\Documents and Settings\Administrator
2008-06-13 13:01 . 2008-06-13 13:01 <DIR> d-------- C:\Documents and Settings\Mateusz\Dane aplikacji\Agnitum
2008-06-13 13:00 . 2008-06-15 21:28 <DIR> d--h----- C:\Documents and Settings\Mateusz\Ustawienia lokalne
2008-06-13 13:00 . 2008-06-13 13:01 <DIR> dr------- C:\Documents and Settings\Mateusz\Ulubione
2008-06-13 13:00 . 2008-06-11 13:24 <DIR> d--h----- C:\Documents and Settings\Mateusz\Szablony
2008-06-13 13:00 . 2008-06-15 17:17 <DIR> d-------- C:\Documents and Settings\Mateusz\Pulpit
2008-06-13 13:00 . 2008-06-13 13:01 <DIR> dr------- C:\Documents and Settings\Mateusz\Moje dokumenty
2008-06-13 13:00 . 2008-06-11 15:07 <DIR> dr------- C:\Documents and Settings\Mateusz\Menu Start
2008-06-13 13:00 . 2008-06-15 10:26 <DIR> dr-h----- C:\Documents and Settings\Mateusz\Dane aplikacji
2008-06-13 13:00 . 2008-06-15 16:56 <DIR> d-------- C:\Documents and Settings\Mateusz
2008-06-13 09:10 . 2005-04-12 23:53 372,736 -ra------ C:\WINDOWS\system32\hpzidi01.dll
2008-06-13 09:10 . 2005-03-29 00:14 77,824 -ra------ C:\WINDOWS\system32\hpzids01.dll
2008-06-13 09:10 . 2005-09-01 14:35 37,376 --a------ C:\WINDOWS\system32\hpz3l40m.dll
2008-06-12 20:30 . 2008-06-12 21:38 60,972 --------- C:\WINDOWS\hpwins03.dat.temp
2008-06-12 20:30 . 2005-09-19 22:13 1,238 --------- C:\WINDOWS\hpwmdl03.dat.temp
2008-06-12 19:20 . 2008-06-12 19:21 69 --a------ C:\WINDOWS\NeroDigital.ini
2008-06-12 19:00 . 2008-06-12 19:00 <DIR> d-------- C:\Documents and Settings\Andrzej\Dane aplikacji\Agnitum
2008-06-11 21:43 . 2008-06-15 19:44 36 --a------ C:\WINDOWS\plugSpk.INI
2008-06-11 19:57 . 2008-06-11 19:57 427 --a------ C:\WINDOWS\ODBC.INI
2008-06-11 19:48 . 2008-06-11 19:48 <DIR> d-------- C:\WINDOWS\ShellNew
2008-06-11 19:44 . 2008-06-11 19:44 <DIR> d-------- C:\Documents and Settings\Emilian\Dane aplikacji\Microsoft Web Folders
2008-06-11 19:23 . 2008-06-11 19:23 <DIR> d-------- C:\Documents and Settings\Emilian\Dane aplikacji\PCToolsFirewallPlus
2008-06-11 14:56 . 2008-06-11 14:56 <DIR> d-------- C:\Program Files\Sun
2008-06-11 14:55 . 2008-06-11 14:54 69,632 --a------ C:\WINDOWS\system32\javacpl.cpl
2008-06-11 14:54 . 2008-06-11 14:54 <DIR> d-------- C:\Program Files\Java
2008-06-11 14:54 . 2008-06-11 14:54 <DIR> d-------- C:\Program Files\Common Files\Java
2008-06-11 14:42 . 2008-06-11 14:49 <DIR> d-------- C:\Documents and Settings\Emilian\Dane aplikacji\Winamp
2008-06-11 14:36 . 2008-06-11 14:36 <DIR> d-------- C:\Documents and Settings\Emilian\Dane aplikacji\Thunderbird
2008-06-11 14:36 . 2008-06-11 14:36 0 --a------ C:\WINDOWS\nsreg.dat
2008-06-11 14:29 . 2008-06-11 14:29 <DIR> d-------- C:\Documents and Settings\Emilian\Dane aplikacji\Gadu-Gadu
2008-06-11 14:22 . 2008-06-15 19:01 20,680 --a------ C:\WINDOWS\system32\PAVSRV.CFG
2008-06-11 14:22 . 2008-06-15 19:01 256 --a------ C:\WINDOWS\system32\PYarrow.rnd
2008-06-11 14:22 . 2008-06-15 19:01 20 --a------ C:\WINDOWS\system32\PAVSRV.XCL
2008-06-11 14:21 . 2008-06-11 14:29 <DIR> d-------- C:\Documents and Settings\Emilian\Gadu-Gadu
2008-06-11 14:20 . 2008-06-11 14:20 <DIR> d-------- C:\Program Files\Mozilla Thunderbird
2008-06-11 14:20 . 2008-06-11 14:21 <DIR> d-------- C:\Program Files\Gadu-Gadu
2008-06-11 14:19 . 2008-06-12 15:45 <DIR> d-------- C:\Program Files\Spybot - Search & Destroy
2008-06-11 14:19 . 2008-06-11 21:24 <DIR> d-------- C:\Documents and Settings\All Users\Dane aplikacji\Spybot - Search & Destroy
2008-06-11 14:18 . 2008-06-11 14:18 <DIR> d-------- C:\Program Files\Opera
2008-06-11 14:11 . 2008-06-15 20:23 1,255 --a------ C:\WINDOWS\unins000.dat
2008-06-11 14:10 . 2008-06-11 14:10 <DIR> d-------- C:\WINDOWS\system32\Adobe
2008-06-11 14:10 . 2008-06-11 14:10 <DIR> d-------- C:\WINDOWS\Profiles
2008-06-11 14:10 . 2008-06-15 15:25 <DIR> d-------- C:\Program Files\Common Files\Adobe
2008-06-11 14:10 . 2008-06-11 14:10 <DIR> d-------- C:\Documents and Settings\Emilian\Dane aplikacji\InterTrust
2008-06-11 14:08 . 2004-07-26 17:16 1,568,768 --------- C:\WINDOWS\system32\ImagX7.dll
2008-06-11 14:08 . 2004-07-26 17:16 476,320 --------- C:\WINDOWS\system32\ImagXpr7.dll
2008-06-11 14:08 . 2004-07-26 17:16 471,040 --------- C:\WINDOWS\system32\ImagXRA7.dll
2008-06-11 14:08 . 2004-07-26 17:16 262,144 --------- C:\WINDOWS\system32\ImagXR7.dll
2008-06-11 14:08 . 2001-07-09 11:50 155,648 --a------ C:\WINDOWS\system32\NeroCheck.exe
2008-06-11 14:08 . 2000-06-26 11:45 106,496 --a------ C:\WINDOWS\system32\TwnLib20.dll
2008-06-11 14:07 . 2008-06-11 14:07 <DIR> d-------- C:\WINDOWS\InCD
2008-06-11 14:07 . 2008-06-11 14:08 <DIR> d-------- C:\Program Files\Common Files\Ahead
2008-06-11 14:07 . 2008-06-11 14:08 <DIR> d-------- C:\Program Files\Ahead
2008-06-11 14:07 . 2008-06-11 14:07 <DIR> d-------- C:\Documents and Settings\All Users\Dane aplikacji\CyberLink
2008-06-11 14:07 . 2005-07-12 18:06 2,973,696 --------- C:\WINDOWS\NuNinst.exe
2008-06-11 14:07 . 2005-07-08 17:17 99,584 --------- C:\WINDOWS\system32\drivers\InCDfs.sys
2008-06-11 14:07 . 2005-08-15 18:32 59,483 --------- C:\WINDOWS\NuNinst.cfg
2008-06-11 14:07 . 2005-07-08 17:17 29,696 --------- C:\WINDOWS\system32\drivers\InCDpass.sys
2008-06-11 14:07 . 2005-07-08 16:17 28,672 --------- C:\WINDOWS\system32\drivers\InCDrm.sys
2008-06-11 14:07 . 2003-12-05 11:46 10,368 --------- C:\WINDOWS\system32\drivers\pfc.sys
2008-06-11 14:07 . 2005-07-08 17:17 8,704 --------- C:\WINDOWS\system32\drivers\InCDrec.sys
2008-06-11 14:06 . 2008-06-11 14:07 <DIR> d-------- C:\Program Files\CyberLink DVD Solution
2008-06-11 14:06 . 2008-06-11 14:06 <DIR> d-------- C:\Program Files\CyberLink
2008-06-11 14:06 . 2004-10-01 15:00 40,960 --a------ C:\Program Files\Uninstall_CDS.exe

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-06-15 07:20 --------- d-----w C:\Program Files\Common Files\InstallShield
2008-06-11 19:16 --------- d---a-w C:\Documents and Settings\All Users\Dane aplikacji\TEMP
2008-06-11 17:43 --------- d-----w C:\Program Files\microsoft frontpage
2008-06-11 12:07 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-06-11 12:04 --------- d-----w C:\Program Files\HP
2008-06-11 11:53 --------- d-----w C:\Program Files\Creative
2008-06-11 11:44 --------- d-----w C:\Program Files\Panda Software
2008-06-11 11:43 --------- d-----w C:\Program Files\directx
2008-06-11 11:28 --------- d-----w C:\Program Files\Usługi online
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{5F920865-38C9-40DA-8FCF-D9DC83F84EC5}]
2008-06-15 15:44 13312 --a------ C:\WINDOWS\system32\pusdgo.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 00:44 15360]
"Gadu-Gadu"="C:\Program Files\Gadu-Gadu\gg.exe" [2007-07-09 09:39 2119104]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"APVXDWIN"="C:\Program Files\Panda Software\Panda Antivirus Titanium\APVXDWIN.exe" [2001-12-12 13:42 98304]
"Disc Detector"="C:\Program Files\Creative\ShareDLL\CtNotify.exe" [1999-08-30 01:55 189952]
"UpdReg"="C:\WINDOWS\Updreg.exe" [2000-05-11 01:00 90112]
"AHQInit"="C:\Program Files\Creative\SBLive\Program\AHQInit.exe" [2001-05-10 18:49 102400]
"AudioHQ"="C:\Program Files\Creative\SBLive\AudioHQ\AHQTB.EXE" [2001-08-17 17:01 180224]
"HPWUTOOLBOX"="C:\Program Files\HP\HP Officejet Pro K550 Series\Toolbox\HPWUTBX.exe" [2005-09-19 11:31 352256]
"RemoteControl"="C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe" [2003-12-08 17:35 32768]
"InCD"="C:\Program Files\Ahead\InCD\InCD.exe" [2005-07-08 16:25 1397760]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 11:50 155648]
"WinampAgent"="D:\Programy\Winamp\winampa.exe" [2007-12-20 17:16 37376]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0\bin\jusched.exe" [2008-06-11 14:54 77824]
"BearShare"="D:\Programy\BearShare.exe" [2006-08-01 17:04 3313664]
"Sony Ericsson PC Suite"="C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" [2005-10-26 16:17 159744]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 22:16 39792]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-04 00:44 15360]

C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE [1999-02-17 20:05:56 65588]
Microtek Scanner Finder.lnk - C:\WINDOWS\twain_32\ScanWiz5\SDII.exe [2008-06-11 13:54:25 315392]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoDesktopCleanupWizard"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.ctmp3"= C:\WINDOWS\system32\ctmp3.acm
"aux"= ctwdm32.dll

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Gadu-Gadu\\gg.exe"=


*Newly Created Service* - CATCHME
*Newly Created Service* - VSDATANT
.
**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-06-15 21:28:50
Windows 5.1.2600 Dodatek Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

HKLM\Software\Microsoft\Windows\CurrentVersion\Run
Disc Detector = C:\Program Files\Creative\ShareDLL\CtNotify.exe?X???????????????? C?????Disc Detector?B???A???????A?0 ????B???@?$?@?? C?????U?@?????????@?B???A???????A?? ????B???@?????P???$?@?@ ??????k??w??????????@???????????????????B?????? ????????????????????????????B

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2008-06-15 21:30:23
ComboFix-quarantined-files.txt 2008-06-15 19:30:01

Pre-Run: 12,924,084,224 bajtów wolnych
Post-Run: 12,937,662,464 bajtów wolnych

211


[ Dodano: Dzisiaj o 21:42 ]
Raivar napisał(a):Dyski lokalne sie nie otwieraja normalni, pokazuje sie okno do wyboru programu, ktorym moge otworzyc dysk lokaly.

Zamieszczam log z ComboFixa
ComboFix 08-06-15.1 - Emilian 2008-06-15 21:27:06.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1250.1.1045.18.145 [GMT 2:00]
Running from: C:\Documents and Settings\Emilian\Pulpit\ComboFix.exe
* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\autorun.inf
C:\Program Files\myglobalsearch
C:\Program Files\myglobalsearch\bar\2.bin\M9FFXTBR.JAR
C:\Program Files\myglobalsearch\bar\2.bin\M9FFXTBR.MANIFEST
C:\Program Files\myglobalsearch\bar\2.bin\M9NTSTBR.JAR
C:\Program Files\myglobalsearch\bar\2.bin\M9NTSTBR.MANIFEST
C:\Program Files\myglobalsearch\bar\2.bin\M9PLUGIN.DLL
C:\Program Files\myglobalsearch\bar\2.bin\MGSBAR.DLL
C:\Program Files\myglobalsearch\bar\2.bin\NPMYGLSH.DLL
C:\Program Files\myglobalsearch\bar\Cache\001709F9
C:\Program Files\myglobalsearch\bar\Cache\00170CFC
C:\Program Files\myglobalsearch\bar\Cache\00170E46.bin
C:\Program Files\myglobalsearch\bar\Cache\0017109F.bin
C:\Program Files\myglobalsearch\bar\Cache\001711D5.bin
C:\Program Files\myglobalsearch\bar\Cache\files.ini
C:\Program Files\myglobalsearch\bar\History\search
C:\Program Files\myglobalsearch\bar\Settings\prevcfg.htm
D:\Autorun.inf
E:\Autorun.inf

.
((((((((((((((((((((((((( Files Created from 2008-05-15 to 2008-06-15 )))))))))))))))))))))))))))))))
.

2008-06-15 20:13 . 2008-06-15 20:13 <DIR> d-------- C:\WINDOWS\system32\ZoneLabs
2008-06-15 20:13 . 2008-06-15 20:13 <DIR> d-------- C:\Program Files\Zone Labs
2008-06-15 20:12 . 2008-06-15 20:13 <DIR> d-------- C:\WINDOWS\Internet Logs
2008-06-15 18:13 . 2008-06-15 18:13 <DIR> d-------- C:\Documents and Settings\Andrzej\.jagex_cache_32
2008-06-15 15:54 . 2008-06-15 15:54 <DIR> d-------- C:\Documents and Settings\All Users\Dati applicazioni
2008-06-15 15:44 . 2008-06-15 15:44 13,312 --a------ C:\WINDOWS\system32\taplso.dll
2008-06-15 15:44 . 2008-06-15 15:44 13,312 --a------ C:\WINDOWS\system32\pusdgo.dll
2008-06-15 15:44 . 2008-06-15 15:44 13,312 --a------ C:\WINDOWS\system32\bopdfan.dll
2008-06-15 15:43 . 2008-06-15 15:43 13,312 --a------ C:\WINDOWS\system32\popdfim.dll
2008-06-15 15:40 . 2008-06-15 15:41 <DIR> d-------- C:\Documents and Settings\All Users\Dane aplikacji\Lavasoft
2008-06-15 15:39 . 2008-06-15 15:39 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-06-15 14:47 . 2008-06-15 14:47 <DIR> d--h----- C:\WINDOWS\system32\GroupPolicy
2008-06-15 11:15 . 2008-06-15 18:04 <DIR> d-------- C:\Documents and Settings\Administrator\Dane aplikacji\Teleca
2008-06-15 11:07 . 2008-06-15 11:10 <DIR> d-------- C:\Documents and Settings\Andrzej\Dane aplikacji\Teleca
2008-06-15 10:26 . 2008-06-15 10:26 <DIR> d-------- C:\Documents and Settings\Mateusz\Dane aplikacji\Winamp
2008-06-15 10:14 . 2008-06-15 10:18 <DIR> d-------- C:\Documents and Settings\Mateusz\Dane aplikacji\Teleca
2008-06-15 09:32 . 2008-06-15 11:19 <DIR> d-------- C:\Documents and Settings\Emilian\Dane aplikacji\Teleca
2008-06-15 09:31 . 2008-06-15 09:31 <DIR> d-------- C:\Documents and Settings\All Users\Documents
2008-06-15 09:31 . 2008-06-15 09:31 <DIR> d-------- C:\Documents and Settings\All Users\Dane aplikacji\Sony Ericsson
2008-06-15 09:30 . 2008-06-15 09:30 <DIR> d-------- C:\Program Files\Sony Ericsson
2008-06-15 09:30 . 2008-06-15 09:31 <DIR> d-------- C:\Program Files\Common Files\Teleca Shared
2008-06-15 09:30 . 2008-06-15 09:30 <DIR> d-------- C:\Documents and Settings\All Users\Dane aplikacji\Teleca
2008-06-15 09:29 . 2004-08-03 23:08 26,496 --a--c--- C:\WINDOWS\system32\dllcache\usbstor.sys
2008-06-15 09:25 . 2008-06-15 09:28 <DIR> d----c--- C:\WINDOWS\system32\DRVSTORE
2008-06-15 09:23 . 2008-06-15 09:23 89,872 --a------ C:\WINDOWS\system32\drivers\k750mdm.sys
2008-06-15 09:23 . 2008-06-15 09:23 81,728 --a------ C:\WINDOWS\system32\drivers\k750mgmt.sys
2008-06-15 09:23 . 2008-06-15 09:23 79,488 --a------ C:\WINDOWS\system32\drivers\k750obex.sys
2008-06-15 09:23 . 2008-06-15 09:23 55,216 --a------ C:\WINDOWS\system32\drivers\k750bus.sys
2008-06-15 09:23 . 2008-06-15 09:23 6,576 --a------ C:\WINDOWS\system32\drivers\k750mdfl.sys
2008-06-15 09:23 . 2008-06-15 09:23 6,144 --a------ C:\WINDOWS\system32\drivers\k750cmnt.sys
2008-06-15 09:23 . 2008-06-15 09:23 6,144 --a------ C:\WINDOWS\system32\drivers\k750cm.sys
2008-06-15 09:23 . 2008-06-15 09:23 5,744 --a------ C:\WINDOWS\system32\drivers\k750whnt.sys
2008-06-15 09:23 . 2008-06-15 09:23 5,744 --a------ C:\WINDOWS\system32\drivers\k750wh.sys
2008-06-15 09:20 . 2008-06-15 09:24 <DIR> d-------- C:\WINDOWS\Downloaded Installations
2008-06-13 13:39 . 2008-06-13 13:40 <DIR> d-------- C:\Documents and Settings\Mateusz\Dane aplikacji\Tibia
2008-06-13 13:09 . 2008-06-13 13:09 <DIR> d-------- C:\.jagex_cache_32
2008-06-13 13:06 . 2008-06-13 13:06 <DIR> d-------- C:\Documents and Settings\Administrator\Dane aplikacji\Agnitum
2008-06-13 13:05 . 2008-06-15 21:28 <DIR> d--h----- C:\Documents and Settings\Administrator\Ustawienia lokalne
2008-06-13 13:05 . 2008-06-13 13:05 <DIR> dr------- C:\Documents and Settings\Administrator\Ulubione
2008-06-13 13:05 . 2008-06-11 13:24 <DIR> d--h----- C:\Documents and Settings\Administrator\Szablony
2008-06-13 13:05 . 2008-06-15 18:05 <DIR> d-------- C:\Documents and Settings\Administrator\Pulpit
2008-06-13 13:05 . 2008-06-13 13:05 <DIR> dr------- C:\Documents and Settings\Administrator\Moje dokumenty
2008-06-13 13:05 . 2008-06-11 15:07 <DIR> dr------- C:\Documents and Settings\Administrator\Menu Start
2008-06-13 13:05 . 2008-06-15 11:16 <DIR> dr-h----- C:\Documents and Settings\Administrator\Dane aplikacji
2008-06-13 13:05 . 2008-06-15 18:04 <DIR> d-------- C:\Documents and Settings\Administrator
2008-06-13 13:01 . 2008-06-13 13:01 <DIR> d-------- C:\Documents and Settings\Mateusz\Dane aplikacji\Agnitum
2008-06-13 13:00 . 2008-06-15 21:28 <DIR> d--h----- C:\Documents and Settings\Mateusz\Ustawienia lokalne
2008-06-13 13:00 . 2008-06-13 13:01 <DIR> dr------- C:\Documents and Settings\Mateusz\Ulubione
2008-06-13 13:00 . 2008-06-11 13:24 <DIR> d--h----- C:\Documents and Settings\Mateusz\Szablony
2008-06-13 13:00 . 2008-06-15 17:17 <DIR> d-------- C:\Documents and Settings\Mateusz\Pulpit
2008-06-13 13:00 . 2008-06-13 13:01 <DIR> dr------- C:\Documents and Settings\Mateusz\Moje dokumenty
2008-06-13 13:00 . 2008-06-11 15:07 <DIR> dr------- C:\Documents and Settings\Mateusz\Menu Start
2008-06-13 13:00 . 2008-06-15 10:26 <DIR> dr-h----- C:\Documents and Settings\Mateusz\Dane aplikacji
2008-06-13 13:00 . 2008-06-15 16:56 <DIR> d-------- C:\Documents and Settings\Mateusz
2008-06-13 09:10 . 2005-04-12 23:53 372,736 -ra------ C:\WINDOWS\system32\hpzidi01.dll
2008-06-13 09:10 . 2005-03-29 00:14 77,824 -ra------ C:\WINDOWS\system32\hpzids01.dll
2008-06-13 09:10 . 2005-09-01 14:35 37,376 --a------ C:\WINDOWS\system32\hpz3l40m.dll
2008-06-12 20:30 . 2008-06-12 21:38 60,972 --------- C:\WINDOWS\hpwins03.dat.temp
2008-06-12 20:30 . 2005-09-19 22:13 1,238 --------- C:\WINDOWS\hpwmdl03.dat.temp
2008-06-12 19:20 . 2008-06-12 19:21 69 --a------ C:\WINDOWS\NeroDigital.ini
2008-06-12 19:00 . 2008-06-12 19:00 <DIR> d-------- C:\Documents and Settings\Andrzej\Dane aplikacji\Agnitum
2008-06-11 21:43 . 2008-06-15 19:44 36 --a------ C:\WINDOWS\plugSpk.INI
2008-06-11 19:57 . 2008-06-11 19:57 427 --a------ C:\WINDOWS\ODBC.INI
2008-06-11 19:48 . 2008-06-11 19:48 <DIR> d-------- C:\WINDOWS\ShellNew
2008-06-11 19:44 . 2008-06-11 19:44 <DIR> d-------- C:\Documents and Settings\Emilian\Dane aplikacji\Microsoft Web Folders
2008-06-11 19:23 . 2008-06-11 19:23 <DIR> d-------- C:\Documents and Settings\Emilian\Dane aplikacji\PCToolsFirewallPlus
2008-06-11 14:56 . 2008-06-11 14:56 <DIR> d-------- C:\Program Files\Sun
2008-06-11 14:55 . 2008-06-11 14:54 69,632 --a------ C:\WINDOWS\system32\javacpl.cpl
2008-06-11 14:54 . 2008-06-11 14:54 <DIR> d-------- C:\Program Files\Java
2008-06-11 14:54 . 2008-06-11 14:54 <DIR> d-------- C:\Program Files\Common Files\Java
2008-06-11 14:42 . 2008-06-11 14:49 <DIR> d-------- C:\Documents and Settings\Emilian\Dane aplikacji\Winamp
2008-06-11 14:36 . 2008-06-11 14:36 <DIR> d-------- C:\Documents and Settings\Emilian\Dane aplikacji\Thunderbird
2008-06-11 14:36 . 2008-06-11 14:36 0 --a------ C:\WINDOWS\nsreg.dat
2008-06-11 14:29 . 2008-06-11 14:29 <DIR> d-------- C:\Documents and Settings\Emilian\Dane aplikacji\Gadu-Gadu
2008-06-11 14:22 . 2008-06-15 19:01 20,680 --a------ C:\WINDOWS\system32\PAVSRV.CFG
2008-06-11 14:22 . 2008-06-15 19:01 256 --a------ C:\WINDOWS\system32\PYarrow.rnd
2008-06-11 14:22 . 2008-06-15 19:01 20 --a------ C:\WINDOWS\system32\PAVSRV.XCL
2008-06-11 14:21 . 2008-06-11 14:29 <DIR> d-------- C:\Documents and Settings\Emilian\Gadu-Gadu
2008-06-11 14:20 . 2008-06-11 14:20 <DIR> d-------- C:\Program Files\Mozilla Thunderbird
2008-06-11 14:20 . 2008-06-11 14:21 <DIR> d-------- C:\Program Files\Gadu-Gadu
2008-06-11 14:19 . 2008-06-12 15:45 <DIR> d-------- C:\Program Files\Spybot - Search & Destroy
2008-06-11 14:19 . 2008-06-11 21:24 <DIR> d-------- C:\Documents and Settings\All Users\Dane aplikacji\Spybot - Search & Destroy
2008-06-11 14:18 . 2008-06-11 14:18 <DIR> d-------- C:\Program Files\Opera
2008-06-11 14:11 . 2008-06-15 20:23 1,255 --a------ C:\WINDOWS\unins000.dat
2008-06-11 14:10 . 2008-06-11 14:10 <DIR> d-------- C:\WINDOWS\system32\Adobe
2008-06-11 14:10 . 2008-06-11 14:10 <DIR> d-------- C:\WINDOWS\Profiles
2008-06-11 14:10 . 2008-06-15 15:25 <DIR> d-------- C:\Program Files\Common Files\Adobe
2008-06-11 14:10 . 2008-06-11 14:10 <DIR> d-------- C:\Documents and Settings\Emilian\Dane aplikacji\InterTrust
2008-06-11 14:08 . 2004-07-26 17:16 1,568,768 --------- C:\WINDOWS\system32\ImagX7.dll
2008-06-11 14:08 . 2004-07-26 17:16 476,320 --------- C:\WINDOWS\system32\ImagXpr7.dll
2008-06-11 14:08 . 2004-07-26 17:16 471,040 --------- C:\WINDOWS\system32\ImagXRA7.dll
2008-06-11 14:08 . 2004-07-26 17:16 262,144 --------- C:\WINDOWS\system32\ImagXR7.dll
2008-06-11 14:08 . 2001-07-09 11:50 155,648 --a------ C:\WINDOWS\system32\NeroCheck.exe
2008-06-11 14:08 . 2000-06-26 11:45 106,496 --a------ C:\WINDOWS\system32\TwnLib20.dll
2008-06-11 14:07 . 2008-06-11 14:07 <DIR> d-------- C:\WINDOWS\InCD
2008-06-11 14:07 . 2008-06-11 14:08 <DIR> d-------- C:\Program Files\Common Files\Ahead
2008-06-11 14:07 . 2008-06-11 14:08 <DIR> d-------- C:\Program Files\Ahead
2008-06-11 14:07 . 2008-06-11 14:07 <DIR> d-------- C:\Documents and Settings\All Users\Dane aplikacji\CyberLink
2008-06-11 14:07 . 2005-07-12 18:06 2,973,696 --------- C:\WINDOWS\NuNinst.exe
2008-06-11 14:07 . 2005-07-08 17:17 99,584 --------- C:\WINDOWS\system32\drivers\InCDfs.sys
2008-06-11 14:07 . 2005-08-15 18:32 59,483 --------- C:\WINDOWS\NuNinst.cfg
2008-06-11 14:07 . 2005-07-08 17:17 29,696 --------- C:\WINDOWS\system32\drivers\InCDpass.sys
2008-06-11 14:07 . 2005-07-08 16:17 28,672 --------- C:\WINDOWS\system32\drivers\InCDrm.sys
2008-06-11 14:07 . 2003-12-05 11:46 10,368 --------- C:\WINDOWS\system32\drivers\pfc.sys
2008-06-11 14:07 . 2005-07-08 17:17 8,704 --------- C:\WINDOWS\system32\drivers\InCDrec.sys
2008-06-11 14:06 . 2008-06-11 14:07 <DIR> d-------- C:\Program Files\CyberLink DVD Solution
2008-06-11 14:06 . 2008-06-11 14:06 <DIR> d-------- C:\Program Files\CyberLink
2008-06-11 14:06 . 2004-10-01 15:00 40,960 --a------ C:\Program Files\Uninstall_CDS.exe

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-06-15 07:20 --------- d-----w C:\Program Files\Common Files\InstallShield
2008-06-11 19:16 --------- d---a-w C:\Documents and Settings\All Users\Dane aplikacji\TEMP
2008-06-11 17:43 --------- d-----w C:\Program Files\microsoft frontpage
2008-06-11 12:07 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-06-11 12:04 --------- d-----w C:\Program Files\HP
2008-06-11 11:53 --------- d-----w C:\Program Files\Creative
2008-06-11 11:44 --------- d-----w C:\Program Files\Panda Software
2008-06-11 11:43 --------- d-----w C:\Program Files\directx
2008-06-11 11:28 --------- d-----w C:\Program Files\Usługi online
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{5F920865-38C9-40DA-8FCF-D9DC83F84EC5}]
2008-06-15 15:44 13312 --a------ C:\WINDOWS\system32\pusdgo.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 00:44 15360]
"Gadu-Gadu"="C:\Program Files\Gadu-Gadu\gg.exe" [2007-07-09 09:39 2119104]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"APVXDWIN"="C:\Program Files\Panda Software\Panda Antivirus Titanium\APVXDWIN.exe" [2001-12-12 13:42 98304]
"Disc Detector"="C:\Program Files\Creative\ShareDLL\CtNotify.exe" [1999-08-30 01:55 189952]
"UpdReg"="C:\WINDOWS\Updreg.exe" [2000-05-11 01:00 90112]
"AHQInit"="C:\Program Files\Creative\SBLive\Program\AHQInit.exe" [2001-05-10 18:49 102400]
"AudioHQ"="C:\Program Files\Creative\SBLive\AudioHQ\AHQTB.EXE" [2001-08-17 17:01 180224]
"HPWUTOOLBOX"="C:\Program Files\HP\HP Officejet Pro K550 Series\Toolbox\HPWUTBX.exe" [2005-09-19 11:31 352256]
"RemoteControl"="C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe" [2003-12-08 17:35 32768]
"InCD"="C:\Program Files\Ahead\InCD\InCD.exe" [2005-07-08 16:25 1397760]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 11:50 155648]
"WinampAgent"="D:\Programy\Winamp\winampa.exe" [2007-12-20 17:16 37376]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0\bin\jusched.exe" [2008-06-11 14:54 77824]
"BearShare"="D:\Programy\BearShare.exe" [2006-08-01 17:04 3313664]
"Sony Ericsson PC Suite"="C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" [2005-10-26 16:17 159744]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 22:16 39792]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-04 00:44 15360]

C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE [1999-02-17 20:05:56 65588]
Microtek Scanner Finder.lnk - C:\WINDOWS\twain_32\ScanWiz5\SDII.exe [2008-06-11 13:54:25 315392]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoDesktopCleanupWizard"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.ctmp3"= C:\WINDOWS\system32\ctmp3.acm
"aux"= ctwdm32.dll

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Gadu-Gadu\\gg.exe"=


*Newly Created Service* - CATCHME
*Newly Created Service* - VSDATANT
.
**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-06-15 21:28:50
Windows 5.1.2600 Dodatek Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

HKLM\Software\Microsoft\Windows\CurrentVersion\Run
Disc Detector = C:\Program Files\Creative\ShareDLL\CtNotify.exe?X???????????????? C?????Disc Detector?B???A???????A?0 ????B???@?$?@?? C?????U?@?????????@?B???A???????A?? ????B???@?????P???$?@?@ ??????k??w??????????@???????????????????B?????? ????????????????????????????B

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2008-06-15 21:30:23
ComboFix-quarantined-files.txt 2008-06-15 19:30:01

Pre-Run: 12,924,084,224 bajtów wolnych
Post-Run: 12,937,662,464 bajtów wolnych

211

Prosze o szybka pomoc
Raivar
~user
 
Posty: 7
Dołączenie: 15 Cze 2008, 21:33


Góra

Postprzez oklahoma 15 Cze 2008, 21:51

To jak juz cie poprosi o podanie programu to wybierz explorer i odznacz żeby zawsze używało tego programu

Lub wpisz w Start -> Uruchom : regsvr32 /i shell32 i potwierdź Enter,powinno pomóc.
Ostatnio edytowany przez oklahoma, 15 Cze 2008, 21:53, edytowano w sumie 1 raz
Ostatnio edytowany przez oklahoma , Dzisiaj o 10:22:27, edytowano w sumie 100 razy
Image
Awatar użytkownika
oklahoma
~user
 
Posty: 671
Dołączenie: 06 Lis 2005, 15:18
Miejscowość: Sztum
Pochwały: 43

Góra

Postprzez Raivar 15 Cze 2008, 21:52

i to wystarczy?
Raivar
~user
 
Posty: 7
Dołączenie: 15 Cze 2008, 21:33


Góra

Postprzez Magik 16 Cze 2008, 01:58

Raivar napisał(a):D:\Autorun.inf
E:\Autorun.inf


te pliki to wirus, ktore zostaly usuniete autoamtycznie przez combofix'a


i to wystarczy?


teraz jest juz w zupelnosci oki........log masz czysty, wiec "explorer" juz polatany :wink:
Image Image
Awatar użytkownika
Magik
~user
 
Posty: 7956
Dołączenie: 08 Maj 2004, 09:17
Miejscowość: Głogów
Pochwały: 886

Góra
Wyślij odpowiedź

Powróć do System Windows

Kto jest na forum

Użytkownicy przeglądający to forum: Brak zarejestrowanych użytkowników oraz 5 gości

Powered by phpBB © Group
Forum Programosy.pl