witam komputer dzialal normalnie ale dzis nagle tak samo od siebie avast zaczol wykrywac wszedzie wirusy nawet gadu gadu uznal za wirusa,a to nie mozliwe zeby kazdy plik byl wirusem potem zniknely mi ikony i pasek. zainstalowalem combofixa przeskanowalem i ikony i pasek wrocily ale i tak pewnie mam " kongo z kompem "a i jeszcze nie moge uruchomic menadzera zadan alt ctrl del nie dziala przez pasek jak chce wejsc tez nie dziala nie wiem co jest grane w ogole.prosze o sprawdzenie loga i pomoc.
zamieszczam jeszcze logi z OTL:
a tu log z Combofixa http://wklej.org/id/243532/
ComboFix 09-12-21.04 - xGENZO 2009-12-22 14:42:22.1.1 - x86
Microsoft Windows XP Professional 5.1.2600.3.1250.48.1045.18.1023.470 [GMT 1:00]
Uruchomiony z: c:\documents and settings\xGENZO\Pulpit\ComboFix.exe
AV: avast! antivirus 4.8.1368 [VPS 091222-0] *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
((((((((((((((((((((((((((((((((((((((( Usunięto )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Autorun.inf
c:\windows\system32\Panel sterowania.{21EC2020-3AEA-1069-A2DD-08002B30309D}
c:\windows\system32\settings.dll
G:\explore.exe
I:\explore.exe
J:\explore.exe
K:\explore.exe
.
((((((((((((((((((((((((( Pliki utworzone od 2009-11-22 do 2009-12-22 )))))))))))))))))))))))))))))))
.
2009-12-22 13:48 . 2009-12-22 13:48 -------- d-----w- c:\windows\system32\wbem\snmp
2009-12-22 13:48 . 2009-12-22 13:48 -------- d-----w- c:\windows\system32\xircom
2009-12-22 13:48 . 2009-12-22 13:48 -------- d-----w- c:\windows\srchasst
2009-12-22 13:48 . 2009-12-22 13:48 -------- d-----w- c:\program files\microsoft frontpage
2009-12-21 21:38 . 2009-12-22 12:42 -------- d-----w- c:\documents and settings\Administrator
2009-12-21 20:21 . 2009-12-21 20:22 -------- d-----w- c:\documents and settings\xGENZO\Dane aplikacji\Gadu-Gadu 10
2009-12-21 20:21 . 2009-12-22 12:42 -------- d-----w- c:\program files\Gadu-Gadu 10
2009-12-21 19:31 . 2009-12-21 19:31 -------- d-----w- c:\documents and settings\xGENZO\Dane aplikacji\ArcaVirMicroScan
2009-12-21 19:04 . 2009-12-21 19:04 -------- d--h--w- c:\windows\system32\GroupPolicy
2009-12-21 18:59 . 2009-12-21 18:59 152576 ----a-w- c:\documents and settings\xGENZO\Dane aplikacji\Sun\Java\jre1.6.0_17\lzma.dll
2009-12-21 18:58 . 2009-12-21 18:58 79488 ----a-w- c:\documents and settings\xGENZO\Dane aplikacji\Sun\Java\jre1.6.0_17\gtapi.dll
2009-12-21 18:55 . 2009-10-31 17:38 15880 ----a-w- c:\windows\system32\lsdelete.exe
2009-12-21 13:47 . 2009-12-21 13:47 37376 ----a-w- c:\documents and settings\xGENZO\Dane aplikacji\Gadu-Gadu 10\_userdata\ggbho.2.dll
2009-12-21 13:47 . 2009-12-21 13:47 11776 ----a-w- c:\documents and settings\xGENZO\Dane aplikacji\Gadu-Gadu 10\_userdata\npgg.2.dll
2009-12-11 13:34 . 2009-11-21 16:03 471552 ------w- c:\windows\system32\dllcache\aclayers.dll
2009-12-07 20:36 . 2009-12-07 20:39 5 ----a-w- c:\windows\system32\SySmp3con.dat
2009-12-07 20:36 . 2008-09-24 19:33 484352 ----a-w- c:\windows\system32\lame_enc.dll
2009-12-07 20:36 . 2003-12-15 11:43 1871872 ----a-w- c:\windows\system32\NCTAudioFile2.dll
2009-12-07 20:36 . 2003-12-15 11:24 196608 ----a-w- c:\windows\system32\NCTWMAFile2.dll
2009-12-07 20:36 . 2003-12-08 11:19 425984 ----a-w- c:\windows\system32\NCTAudioTransform2.dll
2009-12-07 20:36 . 2002-01-05 13:37 344064 ----a-w- c:\windows\system32\msvcr70.dll
2009-12-07 09:35 . 2001-10-26 22:29 5632 ----a-w- c:\windows\system32\ptpusb.dll
2009-12-07 09:34 . 2008-04-15 03:50 159232 ----a-w- c:\windows\system32\ptpusd.dll
2009-12-07 09:34 . 2008-04-14 05:15 15104 ----a-w- c:\windows\system32\drivers\usbscan.sys
2009-11-27 19:40 . 2009-11-28 00:01 -------- d-----w- c:\program files\ICeQ
2009-11-25 19:07 . 2009-07-31 04:30 1447424 ------w- c:\windows\system32\dllcache\msxml6.dll
2009-11-25 19:07 . 2009-07-31 04:30 1172480 ------w- c:\windows\system32\dllcache\msxml3.dll
.
(((((((((((((((((((((((((((((((((((((((( Sekcja Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-12-21 19:02 . 2009-10-18 19:53 -------- d-----w- c:\program files\Java
2009-12-19 18:03 . 2009-10-31 17:36 0 ----a-w- c:\documents and settings\All Users\Dane aplikacji\Lavasoft\Ad-Aware\Update\Resources.dll
2009-12-19 17:56 . 2009-10-31 17:36 933120 ----a-w- c:\documents and settings\All Users\Dane aplikacji\Lavasoft\Ad-Aware\Update\CEAPI.dll
2009-12-19 17:54 . 2009-10-31 17:35 816272 ----a-w- c:\documents and settings\All Users\Dane aplikacji\Lavasoft\Ad-Aware\Update\Ad-AwareCommand.exe
2009-12-19 17:52 . 2009-10-31 17:35 822904 ----a-w- c:\documents and settings\All Users\Dane aplikacji\Lavasoft\Ad-Aware\Update\Ad-AwareAdmin.exe
2009-12-19 17:49 . 2009-10-31 17:35 1643272 ----a-w- c:\documents and settings\All Users\Dane aplikacji\Lavasoft\Ad-Aware\Update\Ad-Aware.exe
2009-12-19 17:45 . 2009-10-31 17:35 788880 ----a-w- c:\documents and settings\All Users\Dane aplikacji\Lavasoft\Ad-Aware\Update\AAWTray.exe
2009-12-19 17:43 . 2009-10-31 17:35 1181328 ----a-w- c:\documents and settings\All Users\Dane aplikacji\Lavasoft\Ad-Aware\Update\AAWService.exe
2009-12-19 14:07 . 2009-10-20 10:45 -------- d-----w- c:\documents and settings\xGENZO\Dane aplikacji\BESTplayer
2009-12-11 13:36 . 2008-04-15 11:00 88838 ----a-w- c:\windows\system32\perfc015.dat
2009-12-11 13:36 . 2008-04-15 11:00 500302 ----a-w- c:\windows\system32\perfh015.dat
2009-12-07 20:56 . 2009-12-07 20:56 -------- d-----w- c:\program files\Free Audio Pack
2009-12-05 18:22 . 2009-10-20 12:14 -------- d-----w- c:\documents and settings\xGENZO\Dane aplikacji\Nowe Gadu-Gadu
2009-11-24 23:54 . 2009-10-20 12:20 1280480 ----a-w- c:\windows\system32\aswBoot.exe
2009-11-24 23:51 . 2009-10-20 12:20 93424 ----a-w- c:\windows\system32\drivers\aswmon.sys
2009-11-24 23:49 . 2009-10-20 12:20 48560 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2009-11-24 23:48 . 2009-10-20 12:20 23120 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2009-11-24 23:47 . 2009-10-20 12:20 27408 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2009-11-24 23:47 . 2009-10-20 12:20 97480 ----a-w- c:\windows\system32\AvastSS.scr
2009-11-24 17:43 . 2009-10-31 17:39 862040 ----a-w- c:\documents and settings\All Users\Dane aplikacji\Lavasoft\Ad-Aware\Update\threatwork.exe
2009-11-24 17:43 . 2009-10-31 17:38 206944 ----a-w- c:\documents and settings\All Users\Dane aplikacji\Lavasoft\Ad-Aware\Update\lavamessage.dll
2009-11-24 17:43 . 2009-10-31 17:38 390288 ----a-w- c:\documents and settings\All Users\Dane aplikacji\Lavasoft\Ad-Aware\Update\lavalicense.dll
2009-11-24 17:43 . 2009-10-31 17:38 537576 ----a-w- c:\documents and settings\All Users\Dane aplikacji\Lavasoft\Ad-Aware\Update\aawapi.dll
2009-11-24 17:43 . 2009-10-31 17:38 370744 ----a-w- c:\documents and settings\All Users\Dane aplikacji\Lavasoft\Ad-Aware\Update\UpdateManager.dll
2009-11-24 17:43 . 2009-10-31 17:38 163728 ----a-w- c:\documents and settings\All Users\Dane aplikacji\Lavasoft\Ad-Aware\Update\ShellExt.dll
2009-11-24 17:43 . 2009-10-31 17:38 194104 ----a-w- c:\documents and settings\All Users\Dane aplikacji\Lavasoft\Ad-Aware\Update\Savapibridge.dll
2009-11-24 17:42 . 2009-10-31 17:36 327000 ----a-w- c:\documents and settings\All Users\Dane aplikacji\Lavasoft\Ad-Aware\Update\RPAPI.dll
2009-11-24 17:42 . 2009-10-31 17:36 87496 ----a-w- c:\documents and settings\All Users\Dane aplikacji\Lavasoft\Ad-Aware\Update\PrivacyClean.dll
2009-11-24 17:42 . 2009-10-31 17:36 641632 ----a-w- c:\documents and settings\All Users\Dane aplikacji\Lavasoft\Ad-Aware\Update\AutoLaunch.exe
2009-11-21 16:03 . 2008-04-15 11:00 471552 ----a-w- c:\windows\AppPatch\aclayers.dll
2009-11-17 17:57 . 2009-11-17 17:57 -------- d-----w- c:\documents and settings\xGENZO\Dane aplikacji\Media Player Classic
2009-11-15 16:03 . 2009-10-18 18:48 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\Spybot - Search & Destroy
2009-11-11 06:59 . 2009-10-18 20:05 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-11-08 11:10 . 2009-10-20 13:13 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\OpenFM
2009-11-07 10:19 . 2009-11-07 10:19 98304 ----a-w- c:\windows\system32\CmdLineExt.dll
2009-11-04 21:46 . 2009-11-04 21:41 -------- d-----w- c:\documents and settings\xGENZO\Dane aplikacji\GetRightToGo
2009-11-04 18:31 . 2009-10-18 19:39 -------- d-----w- c:\program files\Unlocker
2009-11-01 13:28 . 2009-11-01 13:28 -------- d-----w- c:\program files\NAPI-PROJEKT
2009-10-31 18:38 . 2009-10-31 18:38 -------- d-----w- c:\program files\Defraggler
2009-10-31 17:39 . 2009-10-31 17:38 554280 ----a-w- c:\documents and settings\All Users\Dane aplikacji\Lavasoft\Ad-Aware\Update\sbap.dll
2009-10-31 17:38 . 2009-10-31 17:38 15880 ----a-w- c:\documents and settings\All Users\Dane aplikacji\Lavasoft\Ad-Aware\Update\lsdelete.exe
2009-10-31 17:38 . 2009-10-31 17:38 212480 ----a-w- c:\documents and settings\All Users\Dane aplikacji\Lavasoft\Ad-Aware\Update\VipreBridge.dll
2009-10-31 17:38 . 2009-10-31 17:38 283944 ----a-w- c:\documents and settings\All Users\Dane aplikacji\Lavasoft\Ad-Aware\Update\Vipre.dll
2009-10-31 17:38 . 2009-10-31 17:38 1223976 ----a-w- c:\documents and settings\All Users\Dane aplikacji\Lavasoft\Ad-Aware\Update\SBTE.dll
2009-10-31 17:38 . 2009-10-31 17:38 242984 ----a-w- c:\documents and settings\All Users\Dane aplikacji\Lavasoft\Ad-Aware\Update\SBRE.dll
2009-10-31 17:09 . 2009-10-31 17:09 -------- dc-h--w- c:\documents and settings\All Users\Dane aplikacji\{CFBD8779-FAAB-4357-84F2-1EC8619FADA6}
2009-10-31 17:09 . 2009-10-31 17:09 -------- d-----w- c:\program files\Lavasoft
2009-10-31 17:09 . 2009-10-20 11:59 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\Lavasoft
2009-10-30 16:09 . 2009-10-30 16:10 93360 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2009-10-29 07:43 . 2009-02-02 15:08 916480 ----a-w- c:\windows\system32\wininet.dll
2009-10-23 14:38 . 2009-10-23 14:38 -------- d-----w- c:\program files\LucasArts
2009-10-23 14:27 . 2009-10-23 14:27 -------- d-----w- c:\documents and settings\xGENZO\Dane aplikacji\DAEMON Tools Pro
2009-10-21 05:40 . 2008-04-15 11:00 75776 ----a-w- c:\windows\system32\strmfilt.dll
2009-10-21 05:40 . 2008-04-15 11:00 25088 ----a-w- c:\windows\system32\httpapi.dll
2009-10-20 16:20 . 2008-04-15 11:00 265728 ----a-w- c:\windows\system32\drivers\http.sys
2009-10-20 12:59 . 2009-10-20 12:17 721904 ----a-w- c:\windows\system32\drivers\sptd.sys
2009-10-20 11:18 . 2009-10-18 19:43 86327 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2009-10-20 11:04 . 2009-10-20 11:04 127034 ------r- c:\windows\bwUnin-8.1.1.50-8876480SL.exe
2009-10-20 11:04 . 2009-10-20 11:04 10134 ----a-r- c:\documents and settings\xGENZO\Dane aplikacji\Microsoft\Installer\{8CC990CD-87C8-475C-AC32-8A7984E2FCFA}\ARPPRODUCTICON.exe
2009-10-20 11:03 . 2009-10-20 11:03 10134 ----a-r- c:\documents and settings\xGENZO\Dane aplikacji\Microsoft\Installer\{C89C8D86-4423-4A58-AA40-DD259ACE07C1}\ARPPRODUCTICON.exe
2009-10-18 20:10 . 2009-10-18 20:10 9158 ----a-r- c:\documents and settings\xGENZO\Dane aplikacji\Microsoft\Installer\{89DE67AD-08B8-4699-A55D-CA5C0AF82BF3}\ARPPRODUCTICON.exe
2009-10-18 20:09 . 2009-10-18 20:09 664 ----a-w- c:\windows\system32\d3d9caps.dat
2009-10-18 20:02 . 2009-10-18 20:02 14792 ----a-w- c:\documents and settings\xGENZO\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT
2009-10-18 19:48 . 2009-10-18 19:48 68608 ----a-w- c:\documents and settings\LocalService\Ustawienia lokalne\Dane aplikacji\FontCache3.0.0.0.dat
2009-10-18 19:41 . 2009-10-18 19:41 21856 ----a-w- c:\windows\system32\emptyregdb.dat
2009-10-18 18:58 . 2009-10-18 18:58 0 ----a-w- c:\windows\nsreg.dat
2009-10-18 18:06 . 2009-10-18 18:06 4608 ----a-w- c:\windows\system32\w95inf32.dll
2009-10-18 18:06 . 2009-10-18 18:06 2272 ----a-w- c:\windows\system32\w95inf16.dll
2009-10-13 18:00 . 2009-10-20 12:03 85504 ----a-w- c:\windows\system32\ff_vfw.dll
2009-10-13 10:34 . 2008-04-15 11:00 271360 ----a-w- c:\windows\system32\oakley.dll
2009-10-12 13:40 . 2008-04-15 11:00 79872 ----a-w- c:\windows\system32\raschap.dll
2009-10-12 13:40 . 2008-04-15 11:00 150016 ----a-w- c:\windows\system32\rastls.dll
2009-10-11 03:17 . 2009-10-18 19:53 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-10-03 08:15 . 2009-10-31 17:09 2924848 -c--a-w- c:\documents and settings\All Users\Dane aplikacji\{CFBD8779-FAAB-4357-84F2-1EC8619FADA6}\Ad-AwareInstallation.exe
.
------- Sigcheck -------
[-] 2009-02-02 . 1F39C7BDBA4C5F3F01C4EABF7EDBF4B3 . 361600 . . [5.1.2600.5625] . . c:\windows\system32\drivers\tcpip.sys
[-] 2009-02-02 . 8E7D194E90785C22A61AEC1F66D5DEA0 . 571904 . . [5.1.2600.5512] . . c:\windows\system32\winlogon.exe
[-] 2009-02-02 . 97E18DDA3AC03D676326C697A5F91375 . 662528 . . [5.82] . . c:\windows\system32\comctl32.dll
[-] 2009-02-02 . D8824DEDA13325504943129EE394F538 . 518144 . . [5.1.2600.5512] . . c:\windows\system32\user32.dll
[-] 2009-01-26 . D2AA6D06CFF82F21A7294448D785C64D . 1891328 . . [6.00.2900.5512] . . c:\windows\explorer.exe
[-] 2009-02-02 01:21 . C51B4A5C05A5475708E3C81C7765B71D . 27136 . . [11.0.5721.5145] . . c:\windows\system32\mspmsnsv.dll
c:\windows\System32\ctfmon.exe ... - brak elementu
.
((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 159744]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-11 149280]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"_nltide_2"="shell32" [X]
"_nltide_3"="advpack.dll" [2009-03-08 128512]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoAutoUpdate"= 1 (0x1)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
@=""
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"AntiVirusOverride"=dword:00000001
"AntiVirusDisableNotify"=dword:00000001
"FirewallDisableNotify"=dword:00000001
"FirewallOverride"=dword:00000001
"UpdatesDisableNotify"=dword:00000001
"UacDisableNotify"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"f:\\Quake3\\quake3.exe"=
"c:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=
"c:\\Program Files\\BitSpirit\\BitSpirit.exe"=
"k:\\Program Files\\Steam\\SteamApps\\kolek0007\\counter-strike source\\hl2.exe"=
"c:\\Program Files\\Gadu-Gadu 10\\gg.exe"=
R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2009-10-31 64288]
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [2009-10-20 721904]
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2009-10-20 114768]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2009-10-20 20560]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [2009-09-24 1184912]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2009-10-20 38224]
.
------- Skan uzupełniający -------
.
uStart Page = hxxp://www.google.com/
Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
FF - ProfilePath - c:\documents and settings\xGENZO\Dane aplikacji\Mozilla\Firefox\Profiles\o2ickdpg.default\
FF - plugin: c:\documents and settings\xGENZO\Dane aplikacji\Gadu-Gadu 10\_userdata\npgg.2.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
.
- - - - USUNIĘTO PUSTE WPISY - - - -
HKCU-Run-wsctf.exe - wsctf.exe
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-12-22 14:48
Windows 5.1.2600 Dodatek Service Pack 3 NTFS
skanowanie ukrytych procesów ...
skanowanie ukrytych wpisów autostartu ...
skanowanie ukrytych plików ...
c:\documents and settings\xGENZO\Dane aplikacji\Mozilla\Firefox\Profiles\o2ickdpg.default\downloads.sqlite
skanowanie pomyślnie ukończone
ukryte pliki: 1
**************************************************************************
Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net
device: opened successfully
user: MBR read successfully
called modules: ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys spkv.sys >>UNKNOWN [0x86F8E938]<<
kernel: MBR read successfully
detected MBR rootkit hooks:
\Driver\Disk -> CLASSPNP.SYS @ 0xf75a7f28
\Driver\ACPI -> ACPI.sys @ 0xf7400cb8
\Driver\atapi -> atapi.sys @ 0xf7395b40
IoDeviceObjectType -> DeleteProcedure -> ntoskrnl.exe @ 0x805a05a9
ParseProcedure -> ntoskrnl.exe @ 0x8056ea15
\Device\Harddisk0\DR0 -> DeleteProcedure -> ntoskrnl.exe @ 0x805a05a9
ParseProcedure -> ntoskrnl.exe @ 0x8056ea15
NDIS: -> SendCompleteHandler -> 0x0
PacketIndicateHandler -> 0x0
SendHandler -> 0x0
user & kernel MBR OK
**************************************************************************
.
--------------------- Pliki DLL ładowane pod uruchomionymi procesami ---------------------
- - - - - - - > 'winlogon.exe'(548)
c:\windows\system32\SETUPAPI.dll
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\cscui.dll
c:\windows\system32\COMRes.dll
- - - - - - - > 'lsass.exe'(604)
c:\windows\system32\scecli.dll
c:\windows\system32\SETUPAPI.dll
- - - - - - - > 'explorer.exe'(2488)
c:\windows\system32\SHDOCVW.dll
c:\windows\system32\WININET.dll
c:\windows\system32\COMRes.dll
c:\windows\System32\cscui.dll
c:\windows\system32\msi.dll
c:\windows\system32\LINKINFO.dll
c:\windows\system32\ntshrui.dll
c:\windows\system32\SETUPAPI.dll
c:\windows\system32\credui.dll
c:\windows\system32\MSVCP60.dll
c:\program files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll
c:\program files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.POL
c:\program files\ATI Technologies\ATI.ACE\Core-Static\atiacmxx.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\wpdshserviceobj.dll
c:\windows\system32\portabledevicetypes.dll
c:\windows\system32\stobject.dll
c:\windows\system32\portabledeviceapi.dll
c:\progra~1\SPYBOT~1\SDHelper.dll
c:\windows\system32\comdlg32.dll
.
------------------------ Pozostałe uruchomione procesy ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\Alwil Software\Avast4\aswUpdSv.exe
c:\program files\Alwil Software\Avast4\ashServ.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\windows\system32\wbem\unsecapp.exe
c:\windows\system32\wbem\wmiapsrv.exe
c:\program files\Lavasoft\Ad-Aware\AAWTray.exe
.
**************************************************************************
.
Czas ukończenia: 2009-12-22 14:52:10 - komputer został uruchomiony ponownie
ComboFix-quarantined-files.txt 2009-12-22 13:52
Przed: 10 205 773 824 bajtów wolnych
Po: 10 177 728 512 bajtów wolnych
WindowsXP-KB310994-SP2-Pro-BootDisk-PLK.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
Current=3 Default=3 Failed=2 LastKnownGood=4 Sets=1,2,3,4
- - End Of File - - ADBFE6347EDE077BB2BC297940CBC4E2
[/code]