dwa wirusy to 1.Win32:AuCrypt(Crypt)---------2.Win32:Trojan-gen (Other)
Wyłącz I włącz przywracanie systemu na wszystkich dyskach.http://support.microsoft.com/kb/310405/pl
przeskanuj obszar Mój komputer http://www.kaspersky.pl/virusscanner.html pokaż raport stronę uruchomić przez IE
Pobierz Combofix http://www.searchengines.pl/index.php?s … ntry395642
przeskanuj daj log
Wgraj Avirę albo AVG.
Dodatkowo przeskanuj komp za pomocą tych narzędzi: [spyware Doctor Starter Edition] , [Trojan Remover]
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED
.
((((((((((((((((((((((((( Files Created from 2008-06-05 to 2008-07-05 )))))))))))))))))))))))))))))))
.
2008-07-03 18:29 . 2008-07-04 18:30
2008-07-03 18:29 . 2008-07-03 18:29 56 --ah----- C:\WINNT\system32\ezsidmv.dat
2008-07-03 18:26 . 2008-07-03 18:26
2008-07-03 18:26 . 2008-07-03 18:26
2008-07-03 18:26 . 2008-07-04 18:56
2008-07-03 18:26 . 2008-07-03 18:26
2008-06-21 21:23 . 2008-05-15 16:52 51,200 --a------ C:\WINNT\system\vncx.oca
2008-06-21 21:19 . 2008-06-21 21:19 10 --a------ C:\WINNT\system\ver
2008-06-21 21:18 . 2008-06-21 21:18 122 --a------ C:\WINNT\system\scn
2008-06-17 18:43 . 2008-07-03 16:48
2008-06-16 19:17 . 2008-06-16 19:17
2008-06-16 19:16 . 2008-07-03 16:49
2008-06-16 19:16 . 2008-07-03 16:49
2008-06-16 19:16 . 2008-07-03 16:49
2008-06-16 19:12 . 2008-07-03 16:50
2008-06-16 17:43 . 2008-06-16 17:43 74 --a------ C:\WINNT\system\usb
2008-06-16 15:17 . 2008-06-16 15:17
2008-06-16 08:37 . 2008-07-03 16:49
2008-06-13 14:27 . 2008-06-13 14:28
2008-06-13 12:47 . 2008-06-13 12:47
2008-06-13 11:49 . 2008-06-13 11:52
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-05-26 05:20 --------- d-----w C:\Program Files\Gadu-Gadu
2008-05-19 06:31 --------- d–h--w C:\Program Files\InstallShield Installation Information
2008-05-14 21:24 22,328 ----a-w C:\WINNT\system32\drivers\PnkBstrK.sys
2008-05-14 21:24 103,736 -c–a-w C:\WINNT\system32\PnkBstrB.exe
2008-04-24 05:17 98,304 ----a-w C:\WINNT\system32\CmdLineExt.dll
2008-02-29 08:44 22,328 ----a-w C:\Documents and Settings\cita\Dane aplikacji\PnkBstrK.sys
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
“ctfmon.exe”=“C:\WINNT\system32\ctfmon.exe” [2004-08-04 02:44 15360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
“avast!”=“C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe” [2008-05-16 01:19 79224]
“WinFast Schedule”=“C:\Program Files\WinFast\WFTVFM\WFWIZ.exe” [2006-08-12 23:18 348160]
[HKEY_USERS.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
“CTFMON.EXE”=“C:\WINNT\system32\CTFMON.EXE” [2004-08-04 02:44 15360]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
“VIDC.3iv2”= 3ivxVfWCodec.dll
“VIDC.VP31”= vp31vfw.dll
“msacm.l3fhg”= mp3fhg.acm
[HKLM~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
“%windir%\system32\sessmgr.exe”=
“C:\Program Files\Gadu-Gadu\gg.exe”=
“C:\Program Files\Ares\Ares.exe”=
“H:\Medal of Honor Aribone\UnrealEngine3\Binaries\MOHA.exe”=
“C:\WINNT\system32\PnkBstrA.exe”=
“C:\WINNT\system32\PnkBstrB.exe”=
“H:\Call of Duty4\iw3mp.exe”=
“C:\Program Files\Internet Explorer\IEXPLORE.EXE”=
“C:\Program Files\Skype\Phone\Skype.exe”=
[HKLM~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
“18397:TCP”= 18397:TCP:BitComet 18397 TCP
“18397:UDP”= 18397:UDP:BitComet 18397 UDP
R1 aswSP;avast! Self Protection;C:\WINNT\system32\drivers\aswSP.sys [2008-05-16 01:20]
R2 aswFsBlk;aswFsBlk;C:\WINNT\system32\DRIVERS\aswFsBlk.sys [2008-05-16 01:16]
R3 WFIOCTL;WFIOCTL;C:\Program Files\WinFast\WFTVFM\WFIOCTL.SYS [2005-01-06 17:55]
*Newly Created Service* - CATCHME
.
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-07-05 14:15:56
Windows 5.1.2600 Dodatek Service Pack 2 NTFS
scanning hidden processes …
scanning hidden autostart entries …
scanning hidden files …
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2008-07-05 14:16:18
ComboFix-quarantined-files.txt 2008-07-05 12:16:16
Pre-Run: 15,474,556,928 bajtów wolnych
Post-Run: 15,468,834,816 bajtów wolnych
88
Log ok
Przesaknuj kasperskim i daj log na forum
Log czysty
gdzie raport Kasperskiego?
wyłaczyc avasta jak bede skanował kasperskim ??
nie musisz chyba że Kasperski tak zechce