Problem przy uruchomieniu kompa


(Izabela Szostak) #1

Witam, od kilku dni mam problem z uruchomieniem komputera. Odpalam go i pojawieniu się czarnego obrazu z napisem windows xp nic więcej się nie dzieje. Kilka razy udało mi się wejść w tryb awaryjny i po tym odpalić normalnie komputer. Ale po włączeniu komputera okazało się, że w trakcie uruchamiania Allplayera lub bs playera wyskakuje mi error xvidcore.dll not found. Nie wiem czy jedno z drugim ma coś wspólnego, ale będę wdzięczna za sprawdzenie loga.

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 18:29:48, on 2009-08-06

Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Boot mode: Normal


Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\ZoneLabs\vsmon.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe

C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

C:\Program Files\Alwil Software\Avast4\ashServ.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\System32\nvsvc32.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\UAService7.exe

C:\Program Files\Dual-Band Wireless A+G PCI Adapter\WLService.exe

C:\Program Files\Dual-Band Wireless A+G PCI Adapter\WMP55AGV2.exe

C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

C:\WINDOWS\system32\wscntfy.exe

C:\WINDOWS\RTHDCPL.EXE

C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe

C:\WINDOWS\system32\rundll32.exe

C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe

C:\WINDOWS\system32\rundll32.exe

C:\PROGRA~1\NEOSTR~1\CnxMon.exe

C:\PROGRA~1\NEOSTR~1\taskbaricon.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Neostrada TP\NeostradaTP.exe

C:\Program Files\Neostrada TP\ComComp.exe

C:\Program Files\Neostrada TP\Watch.exe

C:\Program Files\Gadu-Gadu\gg.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe


R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.crawler.com/search/dispatcher.aspx?tp=aus&qkw=%s&tbid=66008

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.neostrada.pl

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=66008

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=66008

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=66008

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=66008

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = 

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Neostrada TP

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza

R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\NEOSTR~1\SEARCH~1.DLL

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll

O2 - BHO: ZoneAlarm Spy Blocker BHO - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL

O3 - Toolbar: ZoneAlarm Spy Blocker - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect

O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE

O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon

O4 - HKLM\..\Run: [RemoteControl] C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe

O4 - HKLM\..\Run: [Easy-PrintToolBox] C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon

O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent

O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"

O4 - HKLM\..\Run: [Creative WebCam Tray] C:\Program Files\Creative\Shared Files\CAMTRAY.EXE

O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k

O4 - HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\NEOSTR~1\CnxMon.exe

O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\NEOSTR~1\Watch.exe

O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\NEOSTR~1\taskbaricon.exe

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [ALLUpdate] "C:\Program Files\ALLPlayer\ALLUpdate.exe" "sleep"

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'USŁUGA LOKALNA')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'USŁUGA SIECIOWA')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')

O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html

O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html

O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html

O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html

O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll

O9 - Extra button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.pl/resources/virusscanner/kavwebscan_unicode.cab

O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab

O16 - DPF: {F09BFD07-20B5-46D8-A6D5-BE4EF22F1F4D} - http://members.driverguide.com/director/dispatch_getfile.php?mode=toolkit_lite

O17 - HKLM\System\CCS\Services\Tcpip\..\{4218C4D1-30B5-4587-B823-BCDF7489C223}: NameServer = 194.204.159.1 217.98.63.164

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe

O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Unknown owner - C:\WINDOWS\system32\UAService7.exe

O23 - Service: Creative VF0090 RunApp Service (VF0090Srv) - Creative Technology Ltd. - C:\WINDOWS\system32\V0090Srv.exe

O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

O23 - Service: WMP55AGSVC - Unknown owner - C:\Program Files\Dual-Band Wireless A+G PCI Network Adapter\WLService.exe (file missing)

O23 - Service: WMP55AGV2 - GEMTEKS - C:\Program Files\Dual-Band Wireless A+G PCI Adapter\WLService.exe


--

End of file - 8162 bytes

(Mrylec) #2

Plik xvidcore.dll należy od kodeków do filmów. Zainstaluj kodeki od nowa w trybie awaryjnym. Podaj jeszcze logi z Combofix.


(Izabela Szostak) #3

oto log z ComboFix

ComboFix 09-08-04.04 - IZKA 2009-08-06 18:48.6.2 - NTFSx86

Microsoft Windows XP Professional 5.1.2600.2.1250.48.1045.18.511.275 [GMT 2:00]

Uruchomiony z: c:\documents and settings\IZKA\Pulpit\ComboFix.exe

AV: avast! antivirus 4.7.1098 [VPS 080531-1] *On-access scanning enabled* (Outdated) {7591DB91-41F0-48A3-B128-1A293FD8233D}

FW: ZoneAlarm Firewall *enabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B}

.


((((((((((((((((((((((((((((((((((((((( Usunięto )))))))))))))))))))))))))))))))))))))))))))))))))

.


c:\recycled\Recycled

c:\windows\system32\mfc45.dll

c:\windows\system32\zip32.dll


.

((((((((((((((((((((((((((((((((((((((( Sterowniki/Usługi )))))))))))))))))))))))))))))))))))))))))))))))))

.


-------\Service_AVPsys



((((((((((((((((((((((((( Pliki utworzone od 2009-07-06 do 2009-08-06 )))))))))))))))))))))))))))))))

.


2009-08-06 16:02 . 2008-12-07 18:08 795648	----a-w-	c:\windows\system32\xvidcore.dll

2009-08-06 16:02 . 2007-07-05 02:33 892928	----a-w-	c:\windows\system32\iconv.dll

2009-07-31 14:54 . 2009-07-31 14:54	--------	d-----w-	c:\documents and settings\Administrator\Dane aplikacji\iolo

2009-07-31 14:53 . 2009-07-31 15:53	--------	d-----w-	c:\documents and settings\All Users\Dane aplikacji\Spybot - Search & Destroy

2009-07-31 14:40 . 2009-07-31 14:40	21384	----a-w-	c:\documents and settings\Administrator\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT

2009-07-31 14:38 . 2009-07-31 14:38	--------	d-----w-	c:\program files\RegCleaner

2009-07-26 19:50 . 2009-07-26 19:51	--------	d-----w-	c:\documents and settings\IZKA\Dane aplikacji\Media Player Classic

2009-07-26 19:50 . 2009-07-26 19:50	--------	d-----w-	c:\program files\Real Alternative

2009-07-26 19:50 . 2009-07-26 19:50	--------	d-----w-	c:\documents and settings\IZKA\Ustawienia lokalne\Dane aplikacji\Real

2009-07-26 19:44 . 2009-08-06 16:02	--------	d-----w-	c:\program files\ALLPlayer

2009-07-26 09:59 . 2009-07-26 09:59	--------	d-----w-	c:\program files\uTorrent

2009-07-26 09:58 . 2009-08-06 16:27	--------	d-----w-	c:\documents and settings\IZKA\Dane aplikacji\uTorrent


.

(((((((((((((((((((((((((((((((((((((((( Sekcja Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2009-08-06 16:56 . 2007-11-18 09:10	107483168	--sha-w-	c:\windows\system32\drivers\fidbox.dat

2009-08-06 16:53 . 2007-11-18 09:10	1263632	--sha-w-	c:\windows\system32\drivers\fidbox.idx

2009-08-06 16:52 . 2007-11-12 17:43	--------	d-----w-	c:\program files\Neostrada TP

2009-08-06 16:02 . 2007-11-26 17:04	--------	d-----w-	c:\program files\NAPI-PROJEKT

2009-08-05 19:23 . 2007-11-18 12:30	--------	d-----w-	c:\documents and settings\IZKA\Dane aplikacji\BSplayer

2009-07-26 16:43 . 2008-01-08 18:49	--------	d-----w-	c:\documents and settings\IZKA\Dane aplikacji\OpenOffice.org2

2009-07-26 16:43 . 2008-01-08 18:50	1	----a-w-	c:\documents and settings\IZKA\Dane aplikacji\OpenOffice.org2\user\uno_packages\cache\stamp.sys

2009-07-14 14:49 . 2002-09-28 22:00	74230	----a-w-	c:\windows\system32\perfc015.dat

2009-07-14 14:49 . 2002-09-28 22:00	448004	----a-w-	c:\windows\system32\perfh015.dat

2009-06-22 16:04 . 2008-04-11 15:23 9740482	----a-w-	c:\windows\Internet Logs\tvDebug.zip

2009-06-11 16:16 . 2007-11-12 19:47	--------	d-----w-	c:\program files\Gadu-Gadu

2009-05-09 21:56 . 2009-05-10 06:01 4959744	----a-w-	c:\windows\Internet Logs\xDB15.tmp

.


((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane  

REGEDIT4


[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"ALLUpdate"="c:\program files\ALLPlayer\ALLUpdate.exe" [2009-06-04 869888]


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"NvCplDaemon"="c:\windows\System32\NvCpl.dll" [2006-10-31 7634944]

"SpeedTouch USB Diagnostics"="c:\program files\Thomson\SpeedTouch USB\Dragdiag.exe" [2004-01-26 866816]

"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2003-11-30 32768]

"Easy-PrintToolBox"="c:\program files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE" [2004-01-14 409600]

"ZoneAlarm Client"="c:\program files\Zone Labs\ZoneAlarm\zlclient.exe" [2008-07-09 919016]

"Creative WebCam Tray"="c:\program files\Creative\Shared Files\CAMTRAY.EXE" [2004-07-30 245760]

"WooCnxMon"="c:\progra~1\NEOSTR~1\CnxMon.exe" [2003-10-16 24576]

"WOOWATCH"="c:\progra~1\NEOSTR~1\Watch.exe" [2003-10-16 20480]

"WOOTASKBARICON"="c:\progra~1\NEOSTR~1\taskbaricon.exe" [2003-10-16 53248]

"nwiz"="nwiz.exe" - c:\windows\system32\nwiz.exe [2006-10-31 1622016]

"RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.exe [2007-05-10 16342528]

"BluetoothAuthenticationAgent"="bthprops.cpl" - c:\windows\system32\bthprops.cpl [2004-08-03 110592]


[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2004-08-03 15360]


[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]

BootExecute	REG_MULTI_SZ autocheck


[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]

@="Service"


[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]

"DisableMonitoring"=dword:00000001


[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]

"EnableFirewall"= 0 (0x0)


[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

"c:\\Program Files\\uTorrent\\uTorrent.exe"=


R2 WMP55AGV2;WMP55AGV2;c:\program files\Dual-Band Wireless A+G PCI Adapter\WLService.exe [2007-11-12 41025]

R3 PhTVTune;Philips FM1216 MK3 TV Tuner;c:\windows\system32\drivers\phtvtune.sys [2007-11-21 19904]

S0 laqdqetz;laqdqetz;c:\windows\system32\drivers\fsylpcip.dat --> c:\windows\system32\drivers\fsylpcip.dat [?]

S2 WMP55AGSVC;WMP55AGSVC;"c:\program files\Dual-Band Wireless A+G PCI Network Adapter\WLService.exe" "WMP55AG.exe" --> c:\program files\Dual-Band Wireless A+G PCI Network Adapter\WLService.exe [?]

S3 FlyPCI;FlyPCI;c:\windows\system32\drivers\FlyPCI.sys [2007-11-21 4134]

S3 V0090VID;Creative WebCam Vista Plus;c:\windows\system32\drivers\V0090Vid.sys [2009-03-07 136064]

S3 VF0090Srv;Creative VF0090 RunApp Service;c:\windows\system32\V0090Srv.exe [2009-03-07 20480]

.

Zawartość folderu 'Zaplanowane zadania'


2009-08-03 c:\windows\Tasks\AppleSoftwareUpdate.job

- c:\program files\Apple Software Update\SoftwareUpdate.exe [2007-08-29 13:57]

.

.

------- Skan uzupełniający -------

.

uStart Page = hxxp://www.neostrada.pl

IE: E&ksport do programu Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

IE: Easy-WebPrint Add To Print List - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html

IE: Easy-WebPrint High Speed Print - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html

IE: Easy-WebPrint Preview - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html

IE: Easy-WebPrint Print - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html

IE: { - c:\program files\Messenger\msmsgs.exe

DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab

DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab

DPF: {F09BFD07-20B5-46D8-A6D5-BE4EF22F1F4D} - hxxp://members.driverguide.com/director/dispatch_getfile.php?mode=toolkit_lite

FF - ProfilePath - c:\documents and settings\IZKA\Dane aplikacji\Mozilla\Firefox\Profiles\ov134a58.default\

FF - prefs.js: browser.search.selectedEngine - Google

FF - prefs.js: browser.startup.homepage - wp.pl

FF - prefs.js: keyword.URL - hxxp://www.crawler.com/search/dispatcher.aspx?tp=aus&tbid=66017&qkw=

FF - component: c:\program files\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\components\NPComponent.dll

FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll

FF - plugin: c:\program files\Mozilla Firefox\plugins\NPZoneSB.dll

.

.

------- Skojarzenia plików -------

.

JSEFile=NOTEPAD.EXE %1

VBEFile=NOTEPAD.EXE %1

VBSFile=NOTEPAD.EXE %1

.


**************************************************************************


catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2009-08-06 18:55

Windows 5.1.2600 Dodatek Service Pack 2 NTFS


skanowanie ukrytych procesów ...  


skanowanie ukrytych wpisów autostartu ... 


skanowanie ukrytych plików ...  


skanowanie pomyślnie ukończone

ukryte pliki: 0


**************************************************************************


[HKEY_LOCAL_MACHINE\System\ControlSet002\Services\laqdqetz]

"ImagePath"="system32\drivers\fsylpcip.dat"

.

--------------------- Pliki DLL ładowane pod uruchomionymi procesami ---------------------


- - - - - - - > 'explorer.exe'(3172)

c:\windows\system32\nview.dll

c:\windows\system32\NVWRSPL.DLL

c:\windows\system32\msi.dll

c:\windows\system32\nvwddi.dll

.

------------------------ Pozostałe uruchomione procesy ------------------------

.

c:\windows\system32\ZoneLabs\vsmon.exe

c:\program files\Lavasoft\Ad-Aware\aawservice.exe

c:\program files\Alwil Software\Avast4\aswUpdSv.exe

c:\program files\Alwil Software\Avast4\ashServ.exe

c:\windows\system32\nvsvc32.exe

c:\windows\system32\wdfmgr.exe

c:\windows\system32\UAService7.exe

c:\program files\Dual-Band Wireless A+G PCI Adapter\WMP55AGv2.exe

c:\windows\system32\rundll32.exe

c:\windows\system32\rundll32.exe

c:\windows\system32\wscntfy.exe

c:\program files\Alwil Software\Avast4\ashWebSv.exe

c:\program files\Alwil Software\Avast4\ashMaiSv.exe

.

**************************************************************************

.

Czas ukończenia: 2009-08-06 18:58 - komputer został uruchomiony ponownie

ComboFix-quarantined-files.txt 2009-08-06 16:58


Przed: 12 398 678 016 bajtów wolnych

Po: 12 331 053 056 bajtów wolnych


WindowsXP-KB310994-SP2-Pro-BootDisk-PLK.exe

[boot loader]

timeout=2

default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS

[operating systems]

c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons

multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /fastdetect /NoExecute=OptIn


Current=2 Default=2 Failed=3 LastKnownGood=4 Sets=1,2,3,4

168

(96jasio96) #4

Logi są czyste . Problem nie dotyczy wirusów.

:arrow: Zastąp aplikacje Neostrady na AutoConnect