dwa wirusy to 1.Win32:AuCrypt(Crypt)---------2.Win32:Trojan-gen (Other)

Wyłącz I włącz przywracanie systemu na wszystkich dyskach.http://support.microsoft.com/kb/310405/pl

przeskanuj obszar Mój komputer http://www.kaspersky.pl/virusscanner.html pokaż raport stronę uruchomić przez IE

Pobierz Combofix http://www.searchengines.pl/index.php?s … ntry395642

przeskanuj daj log

Wgraj Avirę albo AVG.

Dodatkowo przeskanuj komp za pomocą tych narzędzi: [spyware Doctor Starter Edition] , [Trojan Remover]

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED

.

((((((((((((((((((((((((( Files Created from 2008-06-05 to 2008-07-05 )))))))))))))))))))))))))))))))

.

2008-07-03 18:29 . 2008-07-04 18:30

2008-07-03 18:29 . 2008-07-03 18:29 56 --ah----- C:\WINNT\system32\ezsidmv.dat

2008-07-03 18:26 . 2008-07-03 18:26

2008-07-03 18:26 . 2008-07-03 18:26

2008-07-03 18:26 . 2008-07-04 18:56

2008-07-03 18:26 . 2008-07-03 18:26

2008-06-21 21:23 . 2008-05-15 16:52 51,200 --a------ C:\WINNT\system\vncx.oca

2008-06-21 21:19 . 2008-06-21 21:19 10 --a------ C:\WINNT\system\ver

2008-06-21 21:18 . 2008-06-21 21:18 122 --a------ C:\WINNT\system\scn

2008-06-17 18:43 . 2008-07-03 16:48

2008-06-16 19:17 . 2008-06-16 19:17

2008-06-16 19:16 . 2008-07-03 16:49

2008-06-16 19:16 . 2008-07-03 16:49

2008-06-16 19:16 . 2008-07-03 16:49

2008-06-16 19:12 . 2008-07-03 16:50

2008-06-16 17:43 . 2008-06-16 17:43 74 --a------ C:\WINNT\system\usb

2008-06-16 15:17 . 2008-06-16 15:17

2008-06-16 08:37 . 2008-07-03 16:49

2008-06-13 14:27 . 2008-06-13 14:28

2008-06-13 12:47 . 2008-06-13 12:47

2008-06-13 11:49 . 2008-06-13 11:52

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2008-05-26 05:20 --------- d-----w C:\Program Files\Gadu-Gadu

2008-05-19 06:31 --------- d–h--w C:\Program Files\InstallShield Installation Information

2008-05-14 21:24 22,328 ----a-w C:\WINNT\system32\drivers\PnkBstrK.sys

2008-05-14 21:24 103,736 -c–a-w C:\WINNT\system32\PnkBstrB.exe

2008-04-24 05:17 98,304 ----a-w C:\WINNT\system32\CmdLineExt.dll

2008-02-29 08:44 22,328 ----a-w C:\Documents and Settings\cita\Dane aplikacji\PnkBstrK.sys

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries legit default entries are not shown

REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

“ctfmon.exe”=“C:\WINNT\system32\ctfmon.exe” [2004-08-04 02:44 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

“avast!”=“C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe” [2008-05-16 01:19 79224]

“WinFast Schedule”=“C:\Program Files\WinFast\WFTVFM\WFWIZ.exe” [2006-08-12 23:18 348160]

[HKEY_USERS.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

“CTFMON.EXE”=“C:\WINNT\system32\CTFMON.EXE” [2004-08-04 02:44 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]

“VIDC.3iv2”= 3ivxVfWCodec.dll

“VIDC.VP31”= vp31vfw.dll

“msacm.l3fhg”= mp3fhg.acm

[HKLM~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

“%windir%\system32\sessmgr.exe”=

“C:\Program Files\Gadu-Gadu\gg.exe”=

“C:\Program Files\Ares\Ares.exe”=

“H:\Medal of Honor Aribone\UnrealEngine3\Binaries\MOHA.exe”=

“C:\WINNT\system32\PnkBstrA.exe”=

“C:\WINNT\system32\PnkBstrB.exe”=

“H:\Call of Duty4\iw3mp.exe”=

“C:\Program Files\Internet Explorer\IEXPLORE.EXE”=

“C:\Program Files\Skype\Phone\Skype.exe”=

[HKLM~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]

“18397:TCP”= 18397:TCP:BitComet 18397 TCP

“18397:UDP”= 18397:UDP:BitComet 18397 UDP

R1 aswSP;avast! Self Protection;C:\WINNT\system32\drivers\aswSP.sys [2008-05-16 01:20]

R2 aswFsBlk;aswFsBlk;C:\WINNT\system32\DRIVERS\aswFsBlk.sys [2008-05-16 01:16]

R3 WFIOCTL;WFIOCTL;C:\Program Files\WinFast\WFTVFM\WFIOCTL.SYS [2005-01-06 17:55]

*Newly Created Service* - CATCHME

.

**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2008-07-05 14:15:56

Windows 5.1.2600 Dodatek Service Pack 2 NTFS

scanning hidden processes …

scanning hidden autostart entries …

scanning hidden files …

scan completed successfully

hidden files: 0

**************************************************************************

.

Completion time: 2008-07-05 14:16:18

ComboFix-quarantined-files.txt 2008-07-05 12:16:16

Pre-Run: 15,474,556,928 bajtów wolnych

Post-Run: 15,468,834,816 bajtów wolnych

88

Log ok

Przesaknuj kasperskim i daj log na forum

Log czysty

gdzie raport Kasperskiego?

wyłaczyc avasta jak bede skanował kasperskim ??

nie musisz chyba że Kasperski tak zechce

Zmiana zasad wklejania logów na forum - viewtopic.php?f=16&t=253052