Izulcia
6 Sierpień 2009 16:31
#1
Witam, od kilku dni mam problem z uruchomieniem komputera. Odpalam go i pojawieniu się czarnego obrazu z napisem windows xp nic więcej się nie dzieje. Kilka razy udało mi się wejść w tryb awaryjny i po tym odpalić normalnie komputer. Ale po włączeniu komputera okazało się, że w trakcie uruchamiania Allplayera lub bs playera wyskakuje mi error xvidcore.dll not found. Nie wiem czy jedno z drugim ma coś wspólnego, ale będę wdzięczna za sprawdzenie loga.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:29:48, on 2009-08-06
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\UAService7.exe
C:\Program Files\Dual-Band Wireless A+G PCI Adapter\WLService.exe
C:\Program Files\Dual-Band Wireless A+G PCI Adapter\WMP55AGV2.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\system32\rundll32.exe
C:\PROGRA~1\NEOSTR~1\CnxMon.exe
C:\PROGRA~1\NEOSTR~1\taskbaricon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Neostrada TP\NeostradaTP.exe
C:\Program Files\Neostrada TP\ComComp.exe
C:\Program Files\Neostrada TP\Watch.exe
C:\Program Files\Gadu-Gadu\gg.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.crawler.com/search/dispatcher.aspx?tp=aus&qkw=%s&tbid=66008
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.neostrada.pl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=66008
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=66008
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=66008
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=66008
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Neostrada TP
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\NEOSTR~1\SEARCH~1.DLL
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: ZoneAlarm Spy Blocker BHO - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL
O3 - Toolbar: ZoneAlarm Spy Blocker - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [RemoteControl] C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
O4 - HKLM\..\Run: [Easy-PrintToolBox] C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [Creative WebCam Tray] C:\Program Files\Creative\Shared Files\CAMTRAY.EXE
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\NEOSTR~1\CnxMon.exe
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\NEOSTR~1\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\NEOSTR~1\taskbaricon.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [ALLUpdate] "C:\Program Files\ALLPlayer\ALLUpdate.exe" "sleep"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'USŁUGA LOKALNA')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'USŁUGA SIECIOWA')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.pl/resources/virusscanner/kavwebscan_unicode.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {F09BFD07-20B5-46D8-A6D5-BE4EF22F1F4D} - http://members.driverguide.com/director/dispatch_getfile.php?mode=toolkit_lite
O17 - HKLM\System\CCS\Services\Tcpip\..\{4218C4D1-30B5-4587-B823-BCDF7489C223}: NameServer = 194.204.159.1 217.98.63.164
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Unknown owner - C:\WINDOWS\system32\UAService7.exe
O23 - Service: Creative VF0090 RunApp Service (VF0090Srv) - Creative Technology Ltd. - C:\WINDOWS\system32\V0090Srv.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: WMP55AGSVC - Unknown owner - C:\Program Files\Dual-Band Wireless A+G PCI Network Adapter\WLService.exe (file missing)
O23 - Service: WMP55AGV2 - GEMTEKS - C:\Program Files\Dual-Band Wireless A+G PCI Adapter\WLService.exe
--
End of file - 8162 bytes
Plik xvidcore.dll należy od kodeków do filmów. Zainstaluj kodeki od nowa w trybie awaryjnym. Podaj jeszcze logi z Combofix.
Izulcia
6 Sierpień 2009 17:03
#3
oto log z ComboFix
ComboFix 09-08-04.04 - IZKA 2009-08-06 18:48.6.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1250.48.1045.18.511.275 [GMT 2:00]
Uruchomiony z: c:\documents and settings\IZKA\Pulpit\ComboFix.exe
AV: avast! antivirus 4.7.1098 [VPS 080531-1] *On-access scanning enabled* (Outdated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: ZoneAlarm Firewall *enabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B}
.
((((((((((((((((((((((((((((((((((((((( Usunięto )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\recycled\Recycled
c:\windows\system32\mfc45.dll
c:\windows\system32\zip32.dll
.
((((((((((((((((((((((((((((((((((((((( Sterowniki/Usługi )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Service_AVPsys
((((((((((((((((((((((((( Pliki utworzone od 2009-07-06 do 2009-08-06 )))))))))))))))))))))))))))))))
.
2009-08-06 16:02 . 2008-12-07 18:08 795648 ----a-w- c:\windows\system32\xvidcore.dll
2009-08-06 16:02 . 2007-07-05 02:33 892928 ----a-w- c:\windows\system32\iconv.dll
2009-07-31 14:54 . 2009-07-31 14:54 -------- d-----w- c:\documents and settings\Administrator\Dane aplikacji\iolo
2009-07-31 14:53 . 2009-07-31 15:53 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\Spybot - Search & Destroy
2009-07-31 14:40 . 2009-07-31 14:40 21384 ----a-w- c:\documents and settings\Administrator\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT
2009-07-31 14:38 . 2009-07-31 14:38 -------- d-----w- c:\program files\RegCleaner
2009-07-26 19:50 . 2009-07-26 19:51 -------- d-----w- c:\documents and settings\IZKA\Dane aplikacji\Media Player Classic
2009-07-26 19:50 . 2009-07-26 19:50 -------- d-----w- c:\program files\Real Alternative
2009-07-26 19:50 . 2009-07-26 19:50 -------- d-----w- c:\documents and settings\IZKA\Ustawienia lokalne\Dane aplikacji\Real
2009-07-26 19:44 . 2009-08-06 16:02 -------- d-----w- c:\program files\ALLPlayer
2009-07-26 09:59 . 2009-07-26 09:59 -------- d-----w- c:\program files\uTorrent
2009-07-26 09:58 . 2009-08-06 16:27 -------- d-----w- c:\documents and settings\IZKA\Dane aplikacji\uTorrent
.
(((((((((((((((((((((((((((((((((((((((( Sekcja Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-08-06 16:56 . 2007-11-18 09:10 107483168 --sha-w- c:\windows\system32\drivers\fidbox.dat
2009-08-06 16:53 . 2007-11-18 09:10 1263632 --sha-w- c:\windows\system32\drivers\fidbox.idx
2009-08-06 16:52 . 2007-11-12 17:43 -------- d-----w- c:\program files\Neostrada TP
2009-08-06 16:02 . 2007-11-26 17:04 -------- d-----w- c:\program files\NAPI-PROJEKT
2009-08-05 19:23 . 2007-11-18 12:30 -------- d-----w- c:\documents and settings\IZKA\Dane aplikacji\BSplayer
2009-07-26 16:43 . 2008-01-08 18:49 -------- d-----w- c:\documents and settings\IZKA\Dane aplikacji\OpenOffice.org2
2009-07-26 16:43 . 2008-01-08 18:50 1 ----a-w- c:\documents and settings\IZKA\Dane aplikacji\OpenOffice.org2\user\uno_packages\cache\stamp.sys
2009-07-14 14:49 . 2002-09-28 22:00 74230 ----a-w- c:\windows\system32\perfc015.dat
2009-07-14 14:49 . 2002-09-28 22:00 448004 ----a-w- c:\windows\system32\perfh015.dat
2009-06-22 16:04 . 2008-04-11 15:23 9740482 ----a-w- c:\windows\Internet Logs\tvDebug.zip
2009-06-11 16:16 . 2007-11-12 19:47 -------- d-----w- c:\program files\Gadu-Gadu
2009-05-09 21:56 . 2009-05-10 06:01 4959744 ----a-w- c:\windows\Internet Logs\xDB15.tmp
.
((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ALLUpdate"="c:\program files\ALLPlayer\ALLUpdate.exe" [2009-06-04 869888]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\System32\NvCpl.dll" [2006-10-31 7634944]
"SpeedTouch USB Diagnostics"="c:\program files\Thomson\SpeedTouch USB\Dragdiag.exe" [2004-01-26 866816]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2003-11-30 32768]
"Easy-PrintToolBox"="c:\program files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE" [2004-01-14 409600]
"ZoneAlarm Client"="c:\program files\Zone Labs\ZoneAlarm\zlclient.exe" [2008-07-09 919016]
"Creative WebCam Tray"="c:\program files\Creative\Shared Files\CAMTRAY.EXE" [2004-07-30 245760]
"WooCnxMon"="c:\progra~1\NEOSTR~1\CnxMon.exe" [2003-10-16 24576]
"WOOWATCH"="c:\progra~1\NEOSTR~1\Watch.exe" [2003-10-16 20480]
"WOOTASKBARICON"="c:\progra~1\NEOSTR~1\taskbaricon.exe" [2003-10-16 53248]
"nwiz"="nwiz.exe" - c:\windows\system32\nwiz.exe [2006-10-31 1622016]
"RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.exe [2007-05-10 16342528]
"BluetoothAuthenticationAgent"="bthprops.cpl" - c:\windows\system32\bthprops.cpl [2004-08-03 110592]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2004-08-03 15360]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@="Service"
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
R2 WMP55AGV2;WMP55AGV2;c:\program files\Dual-Band Wireless A+G PCI Adapter\WLService.exe [2007-11-12 41025]
R3 PhTVTune;Philips FM1216 MK3 TV Tuner;c:\windows\system32\drivers\phtvtune.sys [2007-11-21 19904]
S0 laqdqetz;laqdqetz;c:\windows\system32\drivers\fsylpcip.dat --> c:\windows\system32\drivers\fsylpcip.dat [?]
S2 WMP55AGSVC;WMP55AGSVC;"c:\program files\Dual-Band Wireless A+G PCI Network Adapter\WLService.exe" "WMP55AG.exe" --> c:\program files\Dual-Band Wireless A+G PCI Network Adapter\WLService.exe [?]
S3 FlyPCI;FlyPCI;c:\windows\system32\drivers\FlyPCI.sys [2007-11-21 4134]
S3 V0090VID;Creative WebCam Vista Plus;c:\windows\system32\drivers\V0090Vid.sys [2009-03-07 136064]
S3 VF0090Srv;Creative VF0090 RunApp Service;c:\windows\system32\V0090Srv.exe [2009-03-07 20480]
.
Zawartość folderu 'Zaplanowane zadania'
2009-08-03 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2007-08-29 13:57]
.
.
------- Skan uzupełniający -------
.
uStart Page = hxxp://www.neostrada.pl
IE: E&ksport do programu Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Easy-WebPrint Add To Print List - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
IE: Easy-WebPrint High Speed Print - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
IE: Easy-WebPrint Preview - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
IE: Easy-WebPrint Print - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
IE: { - c:\program files\Messenger\msmsgs.exe
DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
DPF: {F09BFD07-20B5-46D8-A6D5-BE4EF22F1F4D} - hxxp://members.driverguide.com/director/dispatch_getfile.php?mode=toolkit_lite
FF - ProfilePath - c:\documents and settings\IZKA\Dane aplikacji\Mozilla\Firefox\Profiles\ov134a58.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - wp.pl
FF - prefs.js: keyword.URL - hxxp://www.crawler.com/search/dispatcher.aspx?tp=aus&tbid=66017&qkw=
FF - component: c:\program files\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\components\NPComponent.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\NPZoneSB.dll
.
.
------- Skojarzenia plików -------
.
JSEFile=NOTEPAD.EXE %1
VBEFile=NOTEPAD.EXE %1
VBSFile=NOTEPAD.EXE %1
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-08-06 18:55
Windows 5.1.2600 Dodatek Service Pack 2 NTFS
skanowanie ukrytych procesów ...
skanowanie ukrytych wpisów autostartu ...
skanowanie ukrytych plików ...
skanowanie pomyślnie ukończone
ukryte pliki: 0
**************************************************************************
[HKEY_LOCAL_MACHINE\System\ControlSet002\Services\laqdqetz]
"ImagePath"="system32\drivers\fsylpcip.dat"
.
--------------------- Pliki DLL ładowane pod uruchomionymi procesami ---------------------
- - - - - - - > 'explorer.exe'(3172)
c:\windows\system32\nview.dll
c:\windows\system32\NVWRSPL.DLL
c:\windows\system32\msi.dll
c:\windows\system32\nvwddi.dll
.
------------------------ Pozostałe uruchomione procesy ------------------------
.
c:\windows\system32\ZoneLabs\vsmon.exe
c:\program files\Lavasoft\Ad-Aware\aawservice.exe
c:\program files\Alwil Software\Avast4\aswUpdSv.exe
c:\program files\Alwil Software\Avast4\ashServ.exe
c:\windows\system32\nvsvc32.exe
c:\windows\system32\wdfmgr.exe
c:\windows\system32\UAService7.exe
c:\program files\Dual-Band Wireless A+G PCI Adapter\WMP55AGv2.exe
c:\windows\system32\rundll32.exe
c:\windows\system32\rundll32.exe
c:\windows\system32\wscntfy.exe
c:\program files\Alwil Software\Avast4\ashWebSv.exe
c:\program files\Alwil Software\Avast4\ashMaiSv.exe
.
**************************************************************************
.
Czas ukończenia: 2009-08-06 18:58 - komputer został uruchomiony ponownie
ComboFix-quarantined-files.txt 2009-08-06 16:58
Przed: 12 398 678 016 bajtów wolnych
Po: 12 331 053 056 bajtów wolnych
WindowsXP-KB310994-SP2-Pro-BootDisk-PLK.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /fastdetect /NoExecute=OptIn
Current=2 Default=2 Failed=3 LastKnownGood=4 Sets=1,2,3,4
168
jasio96
6 Sierpień 2009 17:08
#4
Logi są czyste . Problem nie dotyczy wirusów.
Neostrady na AutoConnect
Zastąp aplikacje Neostrady na