Problem Z Otworzeniem Menedz. Urządzeń. Klasa Niezarejestrowana Log Spr

[h2o2]

WItam, mam problem, nie moge otworzycz menedz urządzeń. wyskakuje błąd "klasa niezarejstrowana" niżej log

ComboFix 09-05-30.06 - M@tthew 2009-05-31 19:16.1 - NTFSx86

Microsoft Windows XP Professional 5.1.2600.3.1250.48.1045.18.2046.1451 [GMT 2:00]

Uruchomiony z: c:\documents and settings\M@tthew\Pulpit\ComboFix.exe

AV: Kaspersky Internet Security *On-access scanning disabled* (Outdated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}

FW: Kaspersky Internet Security *enabled* {2C4D4BC6-0793-4956-A9F9-E252435469C0}

.

 

((((((((((((((((((((((((((((((((((((((( Usunięto )))))))))))))))))))))))))))))))))))))))))))))))))

.

 

c:\windows\system32\mmcndmgr.dll

.

---- Poprzednie uruchomienie -------

.

c:\windows\IE4 Error Log.txt

c:\windows\system32\__c0026EB6.dat

c:\windows\system32\divx_xx11.dll

c:\windows\system32\GroupPolicy000.dat

c:\windows\system32\mmcndmgr.dll

c:\windows\system32\sysdm.exe

D:\desktop.ini

 

.

((((((((((((((((((((((((( Pliki utworzone od 2009-04-28 do 2009-05-31 )))))))))))))))))))))))))))))))

.

 

2009-05-31 15:15 . 2009-05-31 15:15 -------- d-----w- c:\program files\Common Files\PCSuite

2009-05-31 15:00 . 2008-08-26 08:26 18816 ----a-w- c:\windows\system32\drivers\pccsmcfd.sys

2009-05-31 15:00 . 2009-05-31 15:00 -------- d-----w- c:\program files\PC Connectivity Solution

2009-05-31 15:00 . 2009-05-31 14:59 34443096 ----a-w- c:\documents and settings\All Users\Dane aplikacji\Installations\{AC4E9457-107B-448F-AD89-605E122E8C59}\Nokia_PC_Suite_7_1_26_1_pol_web.exe

2009-05-31 15:00 . 2009-05-31 15:00 8192 ----a-w- c:\documents and settings\All Users\Dane aplikacji\Installations\{AC4E9457-107B-448F-AD89-605E122E8C59}\Installer\CommonCustomActions\UninstCCD.exe

2009-05-31 15:00 . 2009-05-31 15:00 61440 ----a-w- c:\documents and settings\All Users\Dane aplikacji\Installations\{AC4E9457-107B-448F-AD89-605E122E8C59}\Installer\CommonCustomActions\UninstPCSFEMsi.exe

2009-05-31 15:00 . 2009-05-31 15:00 10240 ----a-w- c:\documents and settings\All Users\Dane aplikacji\Installations\{AC4E9457-107B-448F-AD89-605E122E8C59}\Installer\CommonCustomActions\UninstPCS.exe

2009-05-31 14:37 . 2009-03-19 11:48 136704 ----a-w- c:\windows\system32\drivers\nmwcdnsu.sys

2009-05-31 14:37 . 2009-03-19 11:48 8320 ----a-w- c:\windows\system32\drivers\nmwcdnsuc.sys

2009-05-31 14:37 . 2009-02-09 05:37 7808 ----a-w- c:\windows\system32\drivers\usbser_lowerfltj.sys

2009-05-31 14:37 . 2009-02-09 05:37 659968 ----a-w- c:\windows\system32\nmwcdcocls.dll

2009-05-31 14:37 . 2009-02-09 05:37 7808 ----a-w- c:\windows\system32\drivers\usbser_lowerflt.sys

2009-05-31 14:37 . 2009-02-09 05:37 22016 ----a-w- c:\windows\system32\drivers\ccdcmbo.sys

2009-05-31 14:37 . 2009-02-09 05:37 17664 ----a-w- c:\windows\system32\drivers\ccdcmb.sys

2009-05-31 14:37 . 2009-02-09 05:32 1112288 ----a-w- c:\windows\system32\wdfcoinstaller01007.dll

2009-05-31 14:35 . 2009-05-31 14:34 24376008 ----a-w- c:\documents and settings\All Users\Dane aplikacji\Installations\{9F59C3AE-81B0-4EF6-9762-D674BB079705}\NokiaSoftwareUpdaterSetup_1.6.13EN.exe

2009-05-31 14:35 . 2009-05-31 14:35 36864 ----a-w- c:\documents and settings\All Users\Dane aplikacji\Installations\{9F59C3AE-81B0-4EF6-9762-D674BB079705}\Installer\CommonCustomActions\Sleep.exe

2009-05-31 14:35 . 2009-05-31 14:35 3351812 ----a-w- c:\documents and settings\All Users\Dane aplikacji\Installations\{9F59C3AE-81B0-4EF6-9762-D674BB079705}\Installer\CommonCustomActions\msxml6Exec.exe

2009-05-31 14:35 . 2009-05-31 14:35 3181612 ----a-w- c:\documents and settings\All Users\Dane aplikacji\Installations\{9F59C3AE-81B0-4EF6-9762-D674BB079705}\Installer\CommonCustomActions\vcredistExec.exe

2009-05-15 21:22 . 2009-05-15 21:22 -------- d-----w- c:\program files\Common Files\Macrovision Shared

 

.

(((((((((((((((((((((((((((((((((((((((( Sekcja Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2009-05-31 17:20 . 2008-06-28 17:43 8800 --sha-w- c:\windows\system32\drivers\fidbox2.idx

2009-05-31 17:20 . 2008-06-28 17:43 59884 --sha-w- c:\windows\system32\drivers\fidbox.idx

2009-05-31 17:20 . 2008-06-28 17:43 5917216 --sha-w- c:\windows\system32\drivers\fidbox.dat

2009-05-31 17:20 . 2008-06-28 17:43 1032224 --sha-w- c:\windows\system32\drivers\fidbox2.dat

2009-05-31 17:18 . 2001-10-26 16:15 90422 ----a-w- c:\windows\system32\perfc015.dat

2009-05-31 17:18 . 2001-10-26 16:15 504042 ----a-w- c:\windows\system32\perfh015.dat

2009-05-31 17:14 . 2008-06-28 17:43 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\Kaspersky Lab

2009-05-31 15:25 . 2008-04-04 21:03 -------- d-----w- c:\documents and settings\M@tthew\Dane aplikacji\PC Suite

2009-05-31 15:19 . 2008-04-04 21:04 -------- d-----w- c:\documents and settings\M@tthew\Dane aplikacji\Nokia

2009-05-31 15:15 . 2009-01-15 16:55 -------- d-----w- c:\program files\Common Files\Nokia

2009-05-31 15:15 . 2008-10-08 13:23 -------- d-----w- c:\program files\Nokia

2009-05-31 15:00 . 2008-04-04 21:02 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\Installations

2009-05-31 13:33 . 2007-12-14 21:56 66872 ----a-w- c:\windows\system32\PnkBstrA.exe

2009-05-30 10:52 . 2008-07-29 20:54 107888 ----a-w- c:\windows\system32\CmdLineExt.dll

2009-05-30 10:46 . 2007-12-08 23:26 -------- d--h--w- c:\program files\InstallShield Installation Information

2009-05-15 21:30 . 2007-12-09 15:02 -------- d-----w- c:\program files\Common Files\Adobe

2009-05-08 18:02 . 2008-01-05 17:55 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\FLEXnet

2009-05-04 11:35 . 2009-01-22 12:55 664 ----a-w- c:\windows\system32\d3d9caps.dat

2009-04-26 21:24 . 2007-12-09 14:40 -------- d-----w- c:\program files\SpeedFan

2009-04-25 10:24 . 2009-04-25 10:24 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\ATI

2009-04-25 10:22 . 2008-12-11 17:47 -------- d-----w- c:\program files\ATI Technologies

2009-04-25 10:16 . 2008-12-11 17:24 -------- d-----w- c:\program files\AMD

2009-04-24 14:44 . 2007-12-09 14:19 81104 -c--a-w- c:\documents and settings\M@tthew\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT

2009-04-24 14:17 . 2009-04-24 14:01 -------- d-----w- c:\program files\Wise Registry Cleaner

2009-04-24 13:52 . 2009-04-24 13:34 -------- d-----w- c:\program files\Odkurzacz

2009-04-23 19:46 . 2008-01-26 20:04 -------- d-----w- c:\program files\Common Files\element5 Shared

2009-04-23 19:45 . 2007-12-08 23:25 -------- d-----w- c:\program files\Gigabyte

2009-04-23 10:21 . 2009-02-01 19:56 1822440 ----a-w- c:\documents and settings\LocalService\Ustawienia lokalne\Dane aplikacji\FontCache3.0.0.0.dat

2009-04-19 20:29 . 2009-04-19 20:29 -------- d-----w- c:\program files\7-Zip

2009-04-19 09:02 . 2008-01-29 16:29 33808 ----a-w- c:\windows\system32\drivers\klbg.sys

2009-04-19 09:02 . 2009-02-10 13:25 33808 ----a-w- c:\documents and settings\All Users\Dane aplikacji\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.357\klbg.sys

2009-04-19 09:02 . 2008-07-17 13:33 213520 ----a-w- c:\documents and settings\All Users\Dane aplikacji\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.357\XP\klif.sys

2009-04-19 09:02 . 2008-06-28 17:44 89601 ----a-w- c:\windows\system32\drivers\klick.dat

2009-04-19 09:02 . 2008-06-28 17:44 101287 ----a-w- c:\windows\system32\drivers\klin.dat

2009-04-19 09:02 . 2008-07-17 13:33 861448 ----a-w- c:\documents and settings\All Users\Dane aplikacji\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.357\updater.dll

2009-04-13 20:56 . 2009-04-13 20:56 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\Ahead

2009-04-10 08:45 . 2009-04-10 08:45 -------- d-----w- c:\program files\uplink

2009-04-09 21:39 . 2009-04-09 21:39 -------- d-----w- c:\program files\Techland

2009-04-07 21:02 . 2009-04-07 21:02 -------- d-----w- c:\program files\oZone3D

2009-04-02 16:12 . 2009-04-02 16:11 -------- d-----w- c:\program files\RivaTuner v2.24

2009-03-30 15:21 . 2008-12-13 13:06 24944 -c--a-w- c:\windows\system32\drivers\GVTDrv.sys

2009-03-30 14:42 . 2008-12-11 17:23 16608 ----a-w- c:\windows\gdrv.sys

2009-03-17 19:05 . 2009-04-25 10:21 593920 ------w- c:\windows\system32\ati2sgag.exe

2009-03-16 21:33 . 2007-12-09 14:13 3597312 ----a-w- c:\windows\system32\drivers\ati2mtag.sys

2009-03-16 20:27 . 2009-03-16 20:27 442368 ----a-w- c:\windows\system32\ATIDEMGX.dll

2009-03-16 20:26 . 2007-12-09 14:13 328704 ----a-w- c:\windows\system32\ati2dvag.dll

2009-03-16 20:17 . 2009-03-16 20:17 307200 ----a-w- c:\windows\system32\atiiiexx.dll

2009-03-16 20:17 . 2009-03-16 20:17 204800 ----a-w- c:\windows\system32\atipdlxx.dll

2009-03-16 20:16 . 2009-03-16 20:16 155648 ----a-w- c:\windows\system32\Oemdspif.dll

2009-03-16 20:16 . 2009-03-16 20:16 26112 ----a-w- c:\windows\system32\Ati2mdxx.exe

2009-03-16 20:16 . 2009-03-16 20:16 43520 ----a-w- c:\windows\system32\ati2edxx.dll

2009-03-16 20:16 . 2009-03-16 20:16 155648 ----a-w- c:\windows\system32\ati2evxx.dll

2009-03-16 20:15 . 2009-03-16 20:15 602112 ----a-w- c:\windows\system32\ati2evxx.exe

2009-03-16 20:13 . 2009-03-16 20:13 53248 ----a-w- c:\windows\system32\ATIDDC.DLL

2009-03-16 20:06 . 2007-12-09 14:13 3820736 ----a-w- c:\windows\system32\ati3duag.dll

2009-03-16 20:04 . 2009-03-16 20:04 11563008 ----a-w- c:\windows\system32\atioglxx.dll

2009-03-16 19:53 . 2007-12-09 14:13 2675328 ----a-w- c:\windows\system32\ativvaxx.dll

2009-03-16 19:53 . 2009-03-16 19:53 887724 ----a-w- c:\windows\system32\ativva6x.dat

2009-03-16 19:53 . 2009-03-16 19:53 3107788 ----a-w- c:\windows\system32\ativva5x.dat

2009-03-16 19:40 . 2009-03-16 19:40 49664 ----a-w- c:\windows\system32\atimpc32.dll

2009-03-16 19:40 . 2009-03-16 19:40 49664 ----a-w- c:\windows\system32\amdpcom32.dll

2009-03-16 19:36 . 2009-03-16 19:36 475136 ----a-w- c:\windows\system32\atikvmag.dll

2009-03-16 19:35 . 2009-03-16 19:35 303104 ----a-w- c:\windows\system32\atiok3x2.dll

2009-03-16 19:35 . 2009-03-16 19:35 45056 ----a-w- c:\windows\system32\aticalrt.dll

2009-03-16 19:35 . 2009-03-16 19:35 131072 ----a-w- c:\windows\system32\atiadlxx.dll

2009-03-16 19:34 . 2009-03-16 19:34 45056 ----a-w- c:\windows\system32\aticalcl.dll

2009-03-16 19:34 . 2009-03-16 19:34 17408 ----a-w- c:\windows\system32\atitvo32.dll

2009-03-16 19:34 . 2009-03-16 19:34 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll

2009-03-16 19:33 . 2009-03-16 19:33 3264512 ----a-w- c:\windows\system32\aticaldd.dll

2009-03-16 19:28 . 2007-12-09 14:13 630784 ----a-w- c:\windows\system32\ati2cqag.dll

2009-03-03 19:56 . 2009-03-03 19:56 118784 ----a-w- c:\windows\system32\atibtmon.exe

2008-10-08 14:31 . 2008-10-08 14:28 56 --sh--r- c:\windows\system32\30241D729F.sys

2008-10-08 14:31 . 2008-10-08 14:28 10459 --sha-w- c:\windows\system32\KGyGaAvL.sys

.

 

------- Sigcheck -------

 

[-] 2008-04-14 21:51 4921344 A4B47E79FD27C03C9205D82C7C4CA9F1 c:\windows\explorer.exe

[-] 2004-08-03 23:44 4919808 B53AAF7CED89ECEA4FC50ED65F34F9E4 c:\windows\$NtServicePackUninstall$\explorer.exe

[-] 2008-04-14 21:51 4921344 A4B47E79FD27C03C9205D82C7C4CA9F1 c:\windows\ServicePackFiles\i386\explorer.exe

[7] 2008-04-14 21:51 1035264 C791ED9EAC5E76D9525E157B1D7A599A c:\windows\VCP_SAVE\explorer.exe

.

((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane

REGEDIT4

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" [2009-05-18 1312256]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-03-17 61440]

"AVP"="c:\program files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe" [2009-02-10 201992]

"RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.exe [2008-07-03 16876032]

 

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]

BootExecute REG_MULTI_SZ autocheck autochk /k:C *

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

@="Driver"

 

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^Adobe Reader Speed Launch.lnk]

backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup

 

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^Exif Launcher 2.lnk]

backup=c:\windows\pss\Exif Launcher 2.lnkCommon Startup

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DaemonTools_WhenUSaveNow_Installer

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EasyTuneVPro

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Gadu-Gadu

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCSuiteTrayApplication

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Picasa Media Detector

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\REGSHAVE

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RGSC

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WhenUSave

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]

"wuauserv"=2 (0x2)

"wscsvc"=2 (0x2)

"UPS"=3 (0x3)

"TapiSrv"=3 (0x3)

"RemoteRegistry"=2 (0x2)

"RDSessMgr"=3 (0x3)

"PnkBstrA"=2 (0x2)

"PACSPTISVR"=3 (0x3)

"WZCSVC"=2 (0x2)

"lanmanserver"=2 (0x2)

"gusvc"=3 (0x3)

"Dot3svc"=3 (0x3)

 

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]

"DisableMonitoring"=dword:00000001

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"c:\\Program Files\\Nero\\Nero 7\\Nero Home\\NeroHome.exe"=

"c:\\Program Files\\Bit Lord 1.1\\BitLord.exe"=

"c:\\Program Files\\Opera\\Opera.exe"=

"c:\\Program Files\\BearShare\\BearShare.exe"=

"c:\\Program Files\\Windows Media Player\\wmplayer.exe"=

"c:\\Documents and Settings\\All Users\\Dane aplikacji\\Kaspersky Lab Setup Files\\Kaspersky Internet Security 2009\\Polish\\setup.exe"=

"c:\\Program Files\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe"=

"c:\\Program Files\\Common Files\\Nokia\\Service Layer\\A\\nsl_host_process.exe"=

"c:\\WINDOWS\\system32\\PnkBstrA.exe"=

"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

"c:\\Program Files\\Nowe Gadu-Gadu\\gg.exe"=

"e:\\gta4\\Rockstar Games Social Club\\RGSCLauncher.exe"=

"e:\\gta4\\Grand Theft Auto IV\\LaunchGTAIV.exe"=

"e:\\gta4\\Grand Theft Auto IV\\GTAIV.exe"=

"f:\\cod5\\CoDWaWmp.exe"=

"f:\\cod5\\CoDWaW.exe"=

"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=

"c:\\WINDOWS\\Network Diagnostic\\xpnetdiag.exe"=

"f:\\fc2\\Far Cry 2\\bin\\FC2Editor.exe"=

"f:\\fc2\\Far Cry 2\\bin\\FarCry2.exe"=

"f:\\fc2\\Far Cry 2\\bin\\FC2Launcher.exe"=

"c:\\Program Files\\Winamp Remote\\bin\\Orb.exe"=

"c:\\Program Files\\Winamp Remote\\bin\\OrbStreamerClient.exe"=

"c:\\Program Files\\Winamp Remote\\bin\\OrbTray.exe"=

"c:\\WINDOWS\\system32\\PnkBstrB.exe"=

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]

"1723:TCP"= 1723:TCP:@xpsp2res.dll,-22015

"1701:UDP"= 1701:UDP:@xpsp2res.dll,-22016

"500:UDP"= 500:UDP:@xpsp2res.dll,-22017

 

R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [2008-01-29 33808]

R0 SI3112r;Silicon Image SiI 3512 SATARaid Controller;c:\windows\system32\drivers\SI3112r.sys [2007-12-09 89610]

R3 AtiHdmiService;ATI Function Driver for HDMI Service;c:\windows\system32\drivers\AtiHdmi.sys [2008-12-11 93696]

R3 KLFLTDEV;Kaspersky Lab KLFltDev;c:\windows\system32\drivers\klfltdev.sys [2008-03-13 26640]

R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [2008-03-25 24592]

S3 AmdTools;AMD Special Tools Driver;c:\windows\system32\DRIVERS\AmdTools.sys --> c:\windows\system32\DRIVERS\AmdTools.sys [?]

S3 cg;cg;\??\c:\documents and settings\M@tthew\Pulpit\test\CG-NVNF3\cg.sys --> c:\documents and settings\M@tthew\Pulpit\test\CG-NVNF3\cg.sys [?]

S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [2009-05-31 136704]

S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [2009-05-31 8320]

.

Zawartość folderu 'Zaplanowane zadania'

.

- - - - USUNIĘTO PUSTE WPISY - - - -

 

SafeBoot-procexp90.Sys

 

 

.

------- Skan uzupełniający -------

.

uStart Page = about:blank

uInternet Connection Wizard,ShellNext = iexplore

uInternet Settings,ProxyServer = 94.23.90.67:80

uInternet Settings,ProxyOverride = *.local

IE: E&ksport do programu Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab

DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab

.

 

**************************************************************************

 

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2009-05-31 19:22

Windows 5.1.2600 Dodatek Service Pack 3 NTFS

 

skanowanie ukrytych procesów ...

 

skanowanie ukrytych wpisów autostartu ...

 

skanowanie ukrytych plików ...

 

skanowanie pomyślnie ukończone

ukryte pliki: 0

 

**************************************************************************

.

--------------------- Pliki DLL ładowane pod uruchomionymi procesami ---------------------

 

- - - - - - - > 'winlogon.exe'(1192)

c:\windows\system32\Ati2evxx.dll

c:\windows\system32\klogon.dll

 

- - - - - - - > 'explorer.exe'(3424)

c:\windows\system32\WPDShServiceObj.dll

c:\program files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll

c:\program files\Nokia\Nokia PC Suite 7\NGSCM.DLL

c:\program files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_pol.nlr

c:\program files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr

c:\windows\system32\PortableDeviceTypes.dll

c:\windows\system32\PortableDeviceApi.dll

c:\windows\system32\NETSHELL.dll

c:\program files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

c:\program files\Microsoft Office\OFFICE11\msohev.dll

c:\windows\system32\shimgvw.dll

.

------------------------ Pozostałe uruchomione procesy ------------------------

.

c:\windows\system32\ati2evxx.exe

c:\windows\system32\ati2evxx.exe

c:\windows\system32\drivers\CDANTSRV.EXE

c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

c:\program files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

c:\program files\PC Connectivity Solution\ServiceLayer.exe

c:\program files\PC Connectivity Solution\Transports\NclUSBSrv.exe

c:\windows\system32\wscntfy.exe

c:\program files\PC Connectivity Solution\Transports\NclRSSrv.exe

.

**************************************************************************

.

Czas ukończenia: 2009-05-31 19:25 - komputer został uruchomiony ponownie

ComboFix-quarantined-files.txt 2009-05-31 17:25

 

Przed: 1 574 264 832 bajtów wolnych

Po: 1 469 710 336 bajtów wolnych

 

273

[Kolobos]

Pewnie dlatego:

c:\windows\system32\mmcndmgr.dll

 

Przywroc ten plik i zarejestruj.

[h2o2]

Pewnie dlatego:

c:\windows\system32\mmcndmgr.dll

 

Przywroc ten plik i zarejestruj.

ok. jakaś instrukcja? ewentualnie link do jakiegoś tematu Edytowane 1 Czerwca 2009 przez h2o2

[Kolobos]

Jezeli system sam nie przywrocil pliku to zrob to recznie, powinien byc w qoobox, zmien mu nazwe na poprawna i zgraj gdzie trzeba, nastepnie zarejestruj (w razie problemow wpisz w google mmcndmgr.dll).