Elektroda.pl
Elektroda.pl
X
Proszę, dodaj wyjątek www.elektroda.pl do Adblock.
Dzięki temu, że oglądasz reklamy, wspierasz portal i użytkowników.

mp3 player POmoCY!! odtwarzacz zapewne zewirusowany!!

jerem17 17 Lip 2008 19:47 1365 3
  • #1 17 Lip 2008 19:47
    jerem17
    Poziom 2  

    potrzebuje pomocy.. cos sie nagle stalo z mim odtwarzaczem mp3. prawdopodobnie to wirus , ale to jakis grozny... na pierwszy rzut oka mptrojke jest przez PC odczytywana, ale gdy chce odtworzyc pliki znajdujace sie na tym dysku przenosnym to pisze tak jakby go nie bylo... prosze o pomoc!!!!!! widzialem ze trzeba dostarczyc logi oto i one.





    ComboFix 08-07-15.4 - Administrator 2008-07-17 19:25:17.1 - NTFSx86
    Microsoft Windows XP Professional 5.1.2600.2.1250.1.1045.18.73 [GMT 2:00]
    Running from: C:\Documents and Settings\Administrator\Pulpit\ComboFix.exe

    WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
    .

    ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
    .

    C:\Documents and Settings\All Users\Dane aplikacji\nfo
    C:\Documents and Settings\All Users\Dane aplikacji\nfo\keys.dat
    C:\Documents and Settings\All Users\Dane aplikacji\nfo\mon0104.dbd
    C:\Documents and Settings\All Users\Dane aplikacji\nfo\mon0106.ddx
    C:\Documents and Settings\All Users\Dane aplikacji\nfo\mon0204.ddx
    C:\Documents and Settings\All Users\Dane aplikacji\nfo\mon0315.ddx
    C:\Documents and Settings\All Users\Dane aplikacji\nfo\mon0412.ddx
    C:\Documents and Settings\All Users\Dane aplikacji\nfo\mon0504.ddx
    C:\Documents and Settings\All Users\Dane aplikacji\nfo\mon0904.ddx
    C:\Documents and Settings\All Users\Dane aplikacji\nfo\mon1125.ddx
    C:\Documents and Settings\All Users\Dane aplikacji\nfo\mon1204.ddx
    C:\Documents and Settings\All Users\Dane aplikacji\nfo\mon1215.dbd
    C:\Documents and Settings\All Users\Dane aplikacji\nfo\mon1909.ddx
    C:\Documents and Settings\All Users\Dane aplikacji\nfo\mon1920.dbd
    C:\Documents and Settings\All Users\Dane aplikacji\nfo\mon2007.dbd
    C:\Documents and Settings\All Users\Dane aplikacji\vidmon
    C:\Documents and Settings\All Users\Dane aplikacji\vidmon\vidmon.inf
    C:\Documents and Settings\All Users\Dane aplikacji\vidmon\vidmondir.inf
    C:\Documents and Settings\All Users\Dane aplikacji\vidmon\vidmonsh.inf
    C:\lswmv.ini
    C:\Program Files\Common Files\uninstall information
    C:\Program Files\myglobalsearch
    C:\Program Files\myglobalsearch\bar\1.bin\M9FFXTBR.JAR
    C:\Program Files\myglobalsearch\bar\1.bin\M9FFXTBR.MANIFEST
    C:\Program Files\myglobalsearch\bar\1.bin\M9NTSTBR.JAR
    C:\Program Files\myglobalsearch\bar\1.bin\M9NTSTBR.MANIFEST
    C:\Program Files\myglobalsearch\bar\1.bin\M9PLUGIN.DLL
    C:\Program Files\myglobalsearch\bar\1.bin\MGSBAR.DLL
    C:\Program Files\myglobalsearch\bar\1.bin\NPMYGLSH.DLL
    C:\Program Files\myglobalsearch\bar\Cache\00201858
    C:\Program Files\myglobalsearch\bar\Cache\0068636D.bin
    C:\Program Files\myglobalsearch\bar\Cache\00686557.bin




    C:\Program Files\myglobalsearch\bar\Cache\00686742.bin
    C:\Program Files\myglobalsearch\bar\Cache\files.ini
    C:\Program Files\myglobalsearch\bar\History\search
    C:\Program Files\myglobalsearch\bar\Settings\prevcfg.htm
    C:\Program Files\MyWay
    C:\Program Files\MyWay\myBar\1.bin\MY2NS.EXE
    C:\Program Files\MyWay\myBar\1.bin\MYWAYPLUGINPROXY.CLASS
    C:\Program Files\MyWay\myBar\1.bin\PARTNER.DAT
    C:\Program Files\MyWay\myBar\1.bin\PARTNER2.DAT
    C:\Program Files\MyWay\myBar\Cache\0001836E
    C:\Program Files\MyWay\myBar\Cache\000189F7
    C:\Program Files\MyWay\myBar\Cache\00018BEB.bin
    C:\Program Files\MyWay\myBar\Cache\00018D7C.bin
    C:\Program Files\MyWay\myBar\Cache\00019039.bin
    C:\Program Files\MyWay\myBar\Cache\files.ini
    C:\Program Files\MyWay\myBar\History\search
    C:\Program Files\MyWay\myBar\Settings\prevcfg.htm
    C:\Program Files\MyWay\SrchAstt\1.bin\PARTNER.DAT
    C:\Program Files\MyWay\SrchAstt\1.bin\PARTNER2.DAT
    C:\Program Files\MyWay\SrchAstt\Cache\015E20E8
    C:\Program Files\MyWay\SrchAstt\Cache\files.ini
    C:\WINDOWS\system32\master.dll
    C:\WINDOWS\system32\nfomon
    C:\WINDOWS\system32\nfomon\License.txt
    C:\WINDOWS\system32\uninstall.exe
    C:\WINDOWS\system32\vidmon

    .
    ((((((((((((((((((((((((( Files Created from 2008-06-17 to 2008-07-17 )))))))))))))))))))))))))))))))
    .

    2008-07-16 00:32 . 2008-07-16 00:32 <DIR> d-------- C:\Program Files\Google
    2008-07-16 00:32 . 2006-10-05 04:42 2,560 --------- C:\WINDOWS\system32\drivers\cdralw2k.sys
    2008-07-16 00:32 . 2006-10-05 04:42 2,432 --------- C:\WINDOWS\system32\drivers\cdr4_xp.sys
    2008-07-16 00:28 . 2008-07-16 00:32 <DIR> d-------- C:\Program Files\Picasa2
    2008-07-10 16:29 . 2008-07-10 16:29 <DIR> d-------- C:\Documents and Settings\All Users\Dane aplikacji\Azureus
    2008-07-10 16:28 . 2008-07-11 14:04 <DIR> d-------- C:\Documents and Settings\Administrator\Dane aplikacji\Azureus
    2008-07-10 15:24 . 2004-08-03 23:00 22,016 --a------ C:\WINDOWS\system32\drivers\MSIRCOMM.sys
    2008-07-10 15:21 . 2008-07-10 15:21 <DIR> d-------- C:\Program Files\mks_vir_9
    2008-07-10 15:18 . 2008-07-10 15:18 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
    2008-07-10 02:06 . 2008-07-10 02:06 <DIR> d-------- C:\Documents and Settings\Administrator\Dane aplikacji\Desktopicon
    2008-07-09 21:01 . 2003-03-18 22:20 1,060,864 --a------ C:\WINDOWS\system32\MFC71.dll
    2008-07-04 23:45 . 2008-07-04 23:45 <DIR> d-------- C:\Downloaded
    2008-07-04 09:37 . 2008-07-04 09:37 <DIR> d-------- C:\Documents and Settings\All Users\Dane aplikacji\ipla
    2008-07-04 09:37 . 2008-07-04 09:39 <DIR> d-------- C:\Documents and Settings\Administrator\Dane aplikacji\ipla
    2008-07-04 04:21 . 2008-07-09 17:17 <DIR> d-------- C:\My Downloads
    2008-07-03 01:11 . 2008-07-03 01:11 <DIR> d-------- C:\WINDOWS\Sun
    2008-07-03 00:58 . 2008-07-03 00:58 <DIR> d-------- C:\Program Files\Sun
    2008-07-03 00:58 . 2008-03-25 02:37 69,632 --a------ C:\WINDOWS\system32\javacpl.cpl
    2008-07-03 00:56 . 2008-07-03 00:58 <DIR> d-------- C:\Program Files\Java
    2008-07-03 00:54 . 2008-07-03 00:54 <DIR> d-------- C:\Program Files\Common Files\Java
    2008-06-29 10:03 . 2008-06-29 11:43 <DIR> d-------- C:\Documents and Settings\Administrator\Dane aplikacji\BESTplayer
    2008-06-28 19:15 . 2008-06-28 19:15 49 --a------ C:\plug_in.ini
    2008-06-28 14:21 . 1998-05-20 21:36 254,976 --a------ C:\WINDOWS\system32\xaudio.dll
    2008-06-28 14:20 . 1998-10-01 15:22 299,520 --a------ C:\WINDOWS\uninst.exe
    2008-06-25 13:24 . 2008-07-03 23:57 <DIR> d-------- C:\rssnews
    2008-06-25 13:24 . 2008-07-03 23:51 <DIR> d-------- C:\radio
    2008-06-25 13:23 . 2008-06-25 13:25 <DIR> d-------- C:\Program Files\GG Skin Manager
    2008-06-25 03:18 . 2008-06-25 03:18 <DIR> d-------- C:\Documents and Settings\Administrator\Dane aplikacji\ATI
    2008-06-25 02:52 . 2006-05-03 11:57 520,192 --------- C:\WINDOWS\system32\ati2sgag.exe
    2008-06-25 01:53 . 2008-06-25 01:53 <DIR> d-------- C:\ATI
    2008-06-25 01:41 . 2008-06-25 01:52 <DIR> d-------- C:\Program Files\Driver Cleaner Pro
    2008-06-25 01:09 . 2003-06-25 15:30 136,406 --a------ C:\WINDOWS\atmplkxx.hlp
    2008-06-25 01:09 . 2003-06-25 15:30 43,937 --a------ C:\WINDOWS\attplkxx.hlp
    2008-06-25 01:09 . 2003-06-25 15:30 25,315 --a------ C:\WINDOWS\atfplkxx.hlp
    2008-06-25 01:09 . 2008-06-25 01:10 23,150 --ah----- C:\WINDOWS\ATMplkxx.GID
    2008-06-23 00:06 . 2008-06-23 00:06 <DIR> d-------- C:\Program Files\ACE Mega CoDecS Pack
    2008-06-23 00:06 . 2001-10-31 10:14 1,650,688 --a------ C:\WINDOWS\system32\mplva6.dll
    2008-06-21 16:34 . 2008-07-10 01:45 <DIR> d-------- C:\Program Files\BearShare
    2008-06-21 16:12 . 2008-07-10 22:32 <DIR> d-------- C:\Program Files\GoD
    2008-06-17 20:13 . 2002-07-23 12:17 225,280 --a------ C:\WINDOWS\X70phmgunin.exe
    2008-06-17 20:09 . 2002-07-23 12:17 225,280 -ra------ C:\WINDOWS\G7100phmgunin.exe
    2008-06-17 16:56 . 2002-07-23 12:17 225,280 -ra------ C:\WINDOWS\G5410phmgunin.exe
    2008-06-17 16:54 . 2008-06-17 16:55 <DIR> d-------- C:\Program Files\G5410 Handset Manager
    2008-06-17 16:54 . 2008-06-17 16:54 <DIR> d-------- C:\Documents and Settings\Administrator\Dane aplikacji\MobileAction
    2008-06-17 16:51 . 2008-06-17 16:51 <DIR> d-------- C:\Program Files\Handset Manager

    .
    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2008-07-17 16:25 --------- d-----w C:\Documents and Settings\Administrator\Dane aplikacji\Skype
    2008-07-17 14:05 --------- d-----w C:\Documents and Settings\Administrator\Dane aplikacji\skypePM
    2008-07-09 19:20 --------- d-----w C:\Program Files\Save
    2008-07-09 19:17 --------- d-----w C:\Program Files\eXact
    2008-07-09 19:16 --------- d-----w C:\Program Files\ClockSync
    2008-07-09 19:15 --------- d-----w C:\Program Files\Bargain Buddy
    2008-06-25 01:15 --------- d-----w C:\Program Files\ATI Technologies
    2008-06-25 00:52 --------- d--h--w C:\Program Files\InstallShield Installation Information
    2008-06-24 23:22 --------- d-----w C:\Program Files\AvRack
    2008-06-14 11:46 --------- d-----w C:\Program Files\Common Files\Adobe
    2008-06-13 06:27 --------- d-----w C:\Program Files\PocketRAR
    2008-06-12 06:12 --------- d-----w C:\Program Files\NavExcel
    2008-06-12 06:12 --------- d-----w C:\Program Files\MaxSpeed
    2008-06-12 06:12 --------- d-----w C:\Program Files\EMP3
    2008-06-11 14:26 --------- d-----w C:\Documents and Settings\Administrator\Dane aplikacji\Samsung
    2008-06-11 14:24 5,632 ----a-w C:\WINDOWS\system32\drivers\StarOpen.sys
    2008-06-11 13:47 --------- d-----w C:\Program Files\Samsung
    2008-06-10 21:32 --------- d-----w C:\Program Files\S3
    2008-06-10 06:11 --------- d-----w C:\Documents and Settings\Administrator\Dane aplikacji\Talkback
    2008-06-05 15:21 --------- d-----w C:\Documents and Settings\Administrator\Dane aplikacji\Nero
    2008-06-05 15:20 --------- d-----w C:\Program Files\Common Files\Nero
    2008-06-05 15:18 --------- d-----w C:\Program Files\Nero
    2008-06-05 15:18 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\Nero
    2008-06-03 14:30 --------- d-----w C:\Documents and Settings\Administrator\Dane aplikacji\Winamp
    2008-06-02 15:52 --------- d-----w C:\Documents and Settings\Administrator\Dane aplikacji\Media Player Classic
    2008-06-01 15:35 --------- d-----w C:\Program Files\Image-Line
    2008-05-30 21:18 --------- d-----w C:\Program Files\Skype
    2008-05-30 21:18 --------- d-----w C:\Program Files\Common Files\Skype
    2008-05-30 21:18 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\Skype
    2008-05-30 19:17 --------- d-----w C:\Program Files\PhotoFiltre
    2008-05-30 16:50 --------- d-----w C:\Documents and Settings\Administrator\Dane aplikacji\zweitgeist
    2008-05-30 16:09 --------- d---a-w C:\Documents and Settings\All Users\Dane aplikacji\TEMP
    2008-05-30 15:06 --------- d-----w C:\Program Files\Common Files\PC Tools
    2008-05-30 14:52 --------- d-----w C:\Program Files\Realtek Sound Manager
    2008-05-30 14:48 --------- d-----w C:\Program Files\Common Files\InstallShield
    2008-05-30 14:22 --------- d-----w C:\Documents and Settings\Administrator\Dane aplikacji\Gadu-Gadu
    2008-05-30 13:33 --------- d-----w C:\Program Files\Usługi online
    .

    ------- Sigcheck -------

    2005-01-25 19:46 359040 27a5959c94ee173a063ca06bd14f021a C:\WINDOWS\Driver Cache\i386\tcpip.sys
    2005-01-25 19:46 359040 27a5959c94ee173a063ca06bd14f021a C:\WINDOWS\system32\drivers\tcpip.sys
    .
    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* empty entries & legit default entries are not shown
    REGEDIT4

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 00:44 15360]
    "Gadu-Gadu"="D:\Program Files\Gadu-Gadu\gg.exe" [2007-11-14 12:54 2131392]
    "Skype"="C:\Program Files\Skype\Phone\Skype.exe" [2008-04-23 17:45 22058792]
    "IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" [2008-02-28 18:07 1828136]
    "Picasa Media Detector"="C:\Program Files\Picasa2\PicasaMediaDetector.exe" [2008-02-26 03:23 443968]
    "Klik Online"="d:\Program Files\Klik Online\KlikOnline.exe" [2008-04-22 22:59 928256]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "WinampAgent"="d:\Program Files\Winamp\winampa.exe" [2008-01-16 00:54 37376]
    "NeroFilterCheck"="C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe" [2008-04-28 17:14 570664]
    "NBKeyScan"="C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2008-02-18 17:29 2221352]
    "ATICCC"="C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" [2006-01-02 16:41 45056]
    "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe" [2008-03-25 04:28 144784]
    "avast!"="d:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2008-05-16 01:19 79224]
    "SoundMan"="SOUNDMAN.EXE" [2003-01-07 12:09 46592 C:\WINDOWS\soundman.exe]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-04 00:44 15360]

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe"=
    "D:\\Program Files\\Gadu-Gadu\\gg.exe"=
    "C:\\Program Files\\BearShare\\BearShare.exe"=
    "C:\\WINDOWS\\system32\\dpvsetup.exe"=
    "D:\\Program Files\\VirtualDJ\\virtualdj.exe"=
    "D:\\Program Files\\Vuze\\Azureus.exe"=
    "C:\\Program Files\\Skype\\Phone\\Skype.exe"=

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
    "8461:TCP"= 8461:TCP:GoD High Port
    "8462:TCP"= 8462:TCP:GoD Low Port

    R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-05-16 01:20]
    R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-05-16 01:16]
    S2 MksUpdate;MksUpdate;D:\Program Files\mks_vir_9\bin\mksupdate.exe [2008-04-14 19:54]
    S3 KS-959;Kingsun KS-959 USB Infrared Adapter;C:\WINDOWS\system32\DRIVERS\KS-959.sys [2005-09-05 03:59]
    S3 ss_bus;SAMSUNG Mobile USB Device 1.0 driver (WDM);C:\WINDOWS\system32\DRIVERS\ss_bus.sys [2007-05-02 11:11]
    S3 ss_mdfl;SAMSUNG Mobile USB Modem 1.0 Filter;C:\WINDOWS\system32\DRIVERS\ss_mdfl.sys [2007-05-02 11:11]
    S3 ss_mdm;SAMSUNG Mobile USB Modem 1.0 Drivers;C:\WINDOWS\system32\DRIVERS\ss_mdm.sys [2007-05-02 11:11]

    *Newly Created Service* - CATCHME
    *Newly Created Service* - PROCEXP90
    .
    - - - - ORPHANS REMOVED - - - -

    HKCU-Run-WhenUSave - C:\Program Files\Save\Save.exe
    HKCU-Run-ares - d:\Program Files\Ares\Ares.exe
    HKLM-Run-UnlockerAssistant - d:\Program Files\Unlocker\UnlockerAssistant.exe


    **************************************************************************

    catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-07-17 19:27:15
    Windows 5.1.2600 Dodatek Service Pack 2 NTFS

    scanning hidden processes ...

    scanning hidden autostart entries ...

    scanning hidden files ...

    scan completed successfully
    hidden files: 0

    **************************************************************************
    .
    Completion time: 2008-07-17 19:30:33
    ComboFix-quarantined-files.txt 2008-07-17 17:30:29

    Pre-Run: 837,349,376 bajtów wolnych
    Post-Run: 1,932,607,488 bajtów wolnych

    220

    0 3
  • #2 17 Lip 2008 20:32
    Anonymous
    Użytkownik usunął konto  
  • #3 18 Lip 2008 18:53
    jerem17
    Poziom 2  

    No i chciałbym żeby znowu chodziła . Dane są nie ważne .

    0