Problem z Wirusem!

Witam! !!

Mam problem gdy podłączam Pendrive, pojawia mi się komunikat dotyczący pliku svchost.exe i exploler ze mam wirusa i przy każdym razie gdy usuwam go z niego pojawia się ten komunikat i nie mogę usunąc. udała mi się usunąć z pendrive wirusa lecz na innym komputerze.Co się dzieje z moim komputerem proszę o pomoc.

Pozdrawiam Tomek

tomek0110 , popraw tytuł tematu, używając przycisku ac7a4cd89050aa6e.gif

Podaj log z HijackThis i ComboFix.

Instrukcja i download

viewtopic.php?t=36654

Logi wklejasz na www.wklej.org lub www.wklej.eu a w poście tylko link do nich.

Podczas pobierania i skanu ComboFixem wyłącz wszelkie zapory i antywirusy.

ComboFix 09-03-29.04 - Tomek 2009-04-02 19:07:13.1 - NTFSx86

Microsoft Windows XP Professional 5.1.2600.3.1250.1.1045.18.1535.816 [GMT 2:00]

Uruchomiony z: H:\ComboFix.exe

AV: ESET NOD32 Antivirus 4.0 *On-access scanning enabled* (Updated)

* Utworzono nowy punkt przywracania

* Resident AV is active

.

((((((((((((((((((((((((((((((((((((((( Usunięto )))))))))))))))))))))))))))))))))))))))))))))))))

.

c:\recycler\S-1-5-21-1482476501-1644491937-682003330-1013

c:\recycler\S-1-5-21-1482476501-1644491937-682003330-1013\Desktop.ini

c:\recycler\S-1-5-21-1482476501-1644491937-682003330-1013\windows32.exe

c:\windows\system32\pthreadGC2.dll

.

((((((((((((((((((((((((( Pliki utworzone od 2009-03-02 do 2009-04-02 )))))))))))))))))))))))))))))))

.

2009-04-02 18:57 . 2006-05-25 14:52 162,304 --a------ c:\windows\system32\ztvunrar36.dll

2009-04-02 18:57 . 2003-02-02 19:06 153,088 --a------ c:\windows\system32\UNRAR3.dll

2009-04-02 18:57 . 2005-08-26 00:50 77,312 --a------ c:\windows\system32\ztvunace26.dll

2009-04-02 18:57 . 2006-06-19 12:01 69,632 --a------ c:\windows\system32\ztvcabinet.dll

2009-04-02 18:56 . 2009-04-02 18:59

2009-04-02 18:56 . 2009-04-02 18:56

2009-04-02 18:56 . 2009-04-02 18:56

2009-03-30 21:21 . 2009-03-30 21:21

2009-03-30 20:57 . 2009-04-02 19:11 3,375,681 --a------ c:\windows{00000002-00000000-0000000B-00001102-00000002-80661102}.BAK

2009-03-30 20:18 . 2009-03-30 20:48

2009-03-30 11:41 . 2009-03-30 11:41

2009-03-29 14:48 . 2009-03-29 14:49

2009-03-29 00:12 . 2009-03-29 00:12

2009-03-28 23:56 . 2009-03-28 23:57 30,714,880 --a------ c:\windows\EAV_NT32_ENU.MSI

2009-03-28 23:56 . 2009-03-28 23:57 871,556 --a------ c:\windows\CRACK.EXE

2009-03-28 23:56 . 2009-03-28 23:57 26,112 --a------ c:\windows\NOD.EXE

2009-03-28 22:04 . 2009-03-28 22:05

2009-03-28 22:02 . 2009-03-09 16:27 4,178,264 --a------ c:\windows\system32\D3DX9_41.dll

2009-03-28 22:02 . 2009-03-09 16:27 1,846,632 --a------ c:\windows\system32\D3DCompiler_41.dll

2009-03-28 22:02 . 2009-03-16 15:18 517,448 --a------ c:\windows\system32\XAudio2_4.dll

2009-03-28 22:02 . 2009-03-09 16:27 453,456 --a------ c:\windows\system32\d3dx10_41.dll

2009-03-28 22:02 . 2009-03-16 15:18 235,352 --a------ c:\windows\system32\xactengine3_4.dll

2009-03-28 22:02 . 2009-03-16 15:18 69,448 --a------ c:\windows\system32\XAPOFX1_3.dll

2009-03-28 22:02 . 2009-03-16 15:18 22,360 --a------ c:\windows\system32\X3DAudio1_6.dll

2009-03-28 21:12 . 2009-03-28 21:13

2009-03-28 21:11 . 2009-03-28 21:11

2009-03-28 21:11 . 2002-05-23 21:40 110,080 --a------ c:\windows\system32\nLame.dll

2009-03-28 21:11 . 2001-06-23 22:20 23,040 --a------ c:\windows\system32\auth.dll

2009-03-19 21:15 . 2009-03-19 21:15

2009-03-19 21:15 . 2009-03-19 21:15

2009-03-19 21:15 . 2009-03-19 21:15

2009-03-19 21:15 . 2009-03-19 21:15

2009-03-19 21:15 . 2009-03-19 21:15

2009-03-19 21:15 . 2009-03-19 21:15

2009-03-19 21:15 . 2009-03-19 21:15

2009-03-19 21:15 . 2009-03-19 21:15

2009-03-19 21:14 . 2009-03-19 21:14

2009-03-19 20:55 . 2009-03-19 20:55

2009-03-19 20:55 . 2009-03-19 20:55

2009-03-19 20:51 . 2009-03-19 20:51

2009-03-19 20:48 . 2009-03-19 20:49

2009-03-19 20:47 . 2009-02-28 06:55 105,984 -----c— c:\windows\system32\dllcache\iecompat.dll

2009-03-15 21:25 . 2009-03-15 21:25

2009-03-15 20:17 . 2009-03-28 23:48

2009-03-15 19:45 . 2009-03-15 20:01 3,072 --a------ C:\DVDSample.bmk

2009-03-14 18:13 . 2009-03-15 20:07

2009-03-14 18:12 . 2009-03-28 23:48

2009-03-13 23:29 . 2009-03-13 23:29

2009-03-13 00:28 . 2009-03-13 01:38

2009-03-12 23:02 . 2009-03-08 05:39 11,063,808 --a–c— c:\windows\system32\dllcache\ieframe.dll

2009-03-12 23:02 . 2009-02-06 22:07 3,698,584 --a–c— c:\windows\system32\dllcache\ieapfltr.dat

2009-03-12 23:02 . 2009-03-08 05:32 1,985,024 --a–c— c:\windows\system32\dllcache\iertutil.dll

2009-03-12 23:02 . 2009-03-08 15:15 1,294,336 --a–c— c:\windows\system32\dllcache\ieframe.dll.mui

2009-03-12 23:02 . 2009-03-08 05:32 594,432 --a–c— c:\windows\system32\dllcache\msfeeds.dll

2009-03-12 23:02 . 2009-03-08 05:11 445,952 --a–c— c:\windows\system32\dllcache\ieapfltr.dll

2009-03-12 23:02 . 2009-03-08 05:31 59,904 --a–c— c:\windows\system32\dllcache\icardie.dll

2009-03-12 23:02 . 2009-03-08 05:31 55,296 --a–c— c:\windows\system32\dllcache\msfeedsbs.dll

2009-03-12 23:02 . 2008-12-19 11:10 13,824 -----c— c:\windows\system32\dllcache\ieudinit.exe

2009-03-12 22:35 . 2009-01-09 21:19 1,089,883 -----c— c:\windows\system32\dllcache\ntprint.cat

2009-03-12 18:49 . 2006-06-29 14:07 14,048 --------- c:\windows\system32\spmsg2.dll

2009-03-12 18:44 . 2009-03-12 18:44

2009-03-12 18:44 . 2009-03-12 18:44

2009-03-12 18:43 . 2009-03-12 19:21

2009-03-12 18:43 . 2009-03-12 18:44

2009-03-12 18:43 . 2008-07-06 14:06 1,676,288 --------- c:\windows\system32\xpssvcs.dll

2009-03-12 18:43 . 2008-07-06 14:06 1,676,288 -----c— c:\windows\system32\dllcache\xpssvcs.dll

2009-03-12 18:43 . 2008-07-06 12:50 597,504 -----c— c:\windows\system32\dllcache\printfilterpipelinesvc.exe

2009-03-12 18:43 . 2008-07-06 14:06 575,488 --------- c:\windows\system32\xpsshhdr.dll

2009-03-12 18:43 . 2008-07-06 14:06 575,488 -----c— c:\windows\system32\dllcache\xpsshhdr.dll

2009-03-12 18:43 . 2008-07-06 14:06 117,760 --------- c:\windows\system32\prntvpt.dll

2009-03-12 18:43 . 2008-07-06 14:06 89,088 -----c— c:\windows\system32\dllcache\filterpipelineprintproc.dll

2009-03-12 01:16 . 2009-03-12 01:16

2009-03-12 01:16 . 2009-03-12 01:32

2009-03-11 00:21 . 2009-03-11 00:21 103,744 --a------ c:\windows\system32\drivers\AnyDVD.sys

2009-03-08 15:14 . 2009-03-08 15:14 53,248 --------- c:\windows\system32\msrating.dll.mui

2009-03-08 15:14 . 2009-03-08 15:14 2,560 --------- c:\windows\system32\mshta.exe.mui

2009-03-08 15:13 . 2009-03-08 15:13 4,096 --------- c:\windows\system32\ie4uinit.exe.mui

2009-03-08 15:12 . 2009-03-08 15:12 81,920 --------- c:\windows\system32\iedkcs32.dll.mui

.

(((((((((((((((((((((((((((((((((((((((( Sekcja Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2009-03-30 18:18 720,896 ----a-w c:\windows\iun6002.exe

2009-03-15 18:41 --------- d-----w c:\documents and settings\Tomek\Dane aplikacji\CyberLink

2009-03-15 18:41 --------- d-----w c:\documents and settings\All Users\Dane aplikacji\CyberLink

2009-03-15 18:31 --------- d–h--w c:\program files\InstallShield Installation Information

2009-03-15 18:31 --------- d-----w c:\program files\Common Files\CyberLink

2009-03-15 18:29 --------- d-----w c:\program files\CyberLink

2009-03-15 18:28 29,480 ----a-w c:\windows\system32\msxml3a.dll

2009-03-15 18:28 --------- d-----w c:\documents and settings\All Users\Dane aplikacji\TEMP

2009-03-14 15:52 --------- d-----w c:\program files\English Translator 3

2009-03-13 23:44 --------- d-----w c:\program files\Common Files\Adobe

2009-03-12 15:56 --------- d-----w c:\documents and settings\All Users\Dane aplikacji\SlySoft

2009-03-08 03:39 11,063,808 ----a-w c:\windows\system32\ieframe(2)(2).dll

2009-03-08 03:34 914,944 ----a-w c:\windows\system32\wininet.dll

2009-03-08 03:34 914,944 ----a-w c:\windows\system32\wininet(2)(2).dll

2009-03-08 03:34 43,008 ----a-w c:\windows\system32\licmgr10.dll

2009-03-08 03:34 105,984 ----a-w c:\windows\system32\url(2)(2).dll

2009-03-08 03:34 1,206,784 ----a-w c:\windows\system32\urlmon(2)(2).dll

2009-03-08 03:33 420,352 ----a-w c:\windows\system32\vbscript.dll

2009-03-08 03:33 18,944 ----a-w c:\windows\system32\corpol.dll

2009-03-08 03:32 72,704 ----a-w c:\windows\system32\admparse.dll

2009-03-08 03:32 71,680 ----a-w c:\windows\system32\iesetup.dll

2009-03-08 03:32 1,985,024 ----a-w c:\windows\system32\iertutil(2)(2).dll

2009-03-08 03:31 48,128 ----a-w c:\windows\system32\mshtmler.dll

2009-03-08 03:31 45,568 ----a-w c:\windows\system32\mshta.exe

2009-03-08 03:31 34,816 ----a-w c:\windows\system32\imgutil.dll

2009-03-08 03:22 156,160 ----a-w c:\windows\system32\msls31.dll

2009-03-05 18:51 64,160 ----a-w c:\windows\system32\drivers\Lbd.sys

2009-03-05 18:51 15,688 ----a-w c:\windows\system32\lsdelete.exe

2009-03-02 18:10 67,584 ----a-w c:\windows\system32\ff_vfw.dll

2009-03-01 19:38 --------- d-----w c:\program files\Gieroteka

2009-03-01 17:09 --------- d-----w c:\program files\Alcohol Soft

2009-03-01 13:54 --------- d-----w c:\program files\Best player

2009-02-28 14:39 --------- d-----w c:\program files\Power DVD Rip Studio

2009-02-22 19:04 --------- d-----w c:\program files\NAPI-PROJEKT

2009-02-22 19:04 --------- d-----w c:\program files\ALLPlayer

2009-02-22 17:55 --------- d-----w c:\program files\Mistrz Klawiatury II

2009-02-22 17:55 --------- d-----w c:\documents and settings\All Users\Dane aplikacji\Mistrz Klawiatury II Data

2009-02-22 16:39 --------- d-----w c:\program files\KeePass Password Safe

2009-02-22 16:29 --------- d-----w c:\documents and settings\Tomek\Dane aplikacji\KeePass

2009-02-17 19:49 --------- d-----w c:\program files\ABBYY PDF Transformer 2.0

2009-02-17 19:22 88 --sh–r c:\documents and settings\All Users\Dane aplikacji\995570D2A4.sys

2009-02-17 19:22 2,828 --sha-w c:\documents and settings\All Users\Dane aplikacji\KGyGaAvL.sys

2009-02-17 17:11 24,232 ----a-w c:\windows\system32\drivers\ElbyCDIO.sys

2009-02-17 13:33 89,256 ----a-w c:\windows\system32\ElbyCDIO.dll

2009-02-16 19:36 --------- d-----w c:\program files\VeryPDF PDF2Word v3.0

2009-02-16 19:15 --------- d-----w c:\documents and settings\Tomek\Dane aplikacji\Nitro PDF

2009-02-16 15:27 --------- d-----w c:\program files\WlatcyMoch

2009-02-12 19:15 --------- d-----w c:\program files\Nowe Gadu-Gadu

2009-02-09 14:07 1,847,040 ----a-w c:\windows\system32\win32k.sys

2009-02-08 14:20 410,984 ----a-w c:\windows\system32\deploytk.dll

2009-02-08 14:20 --------- d-----w c:\program files\Java

2009-02-07 13:17 --------- dc-h–w c:\documents and settings\All Users\Dane aplikacji{83C91755-2546-441D-AC40-9A6B4B860800}

2009-02-07 13:17 --------- d-----w c:\program files\Lavasoft

2009-02-06 13:24 93,336 ----a-w c:\windows\system32\drivers\epfwtdir.sys

2009-02-06 13:23 106,208 ----a-w c:\windows\system32\drivers\ehdrv.sys

2009-02-06 13:19 113,448 ----a-w c:\windows\system32\drivers\eamon.sys

2009-01-07 17:21 26,144 ----a-w c:\windows\system32\spupdsvc.exe

2009-01-07 17:20 265,720 ----a-w c:\windows\system32\msdbg2.dll

2009-01-07 17:20 26,112 ----a-w c:\windows\system32\idndl.dll

2009-01-07 17:20 24,576 ----a-w c:\windows\system32\nlsdl.dll

2009-01-07 17:20 23,552 ----a-w c:\windows\system32\normaliz.dll

2009-01-07 17:20 23,552 ----a-w c:\windows\system32\normaliz(2)(2).dll

2008-12-20 19:15 81,920 ----a-w c:\documents and settings\Tomek\Dane aplikacji\ezpinst.exe

2008-12-20 19:15 47,360 ----a-w c:\documents and settings\Tomek\Dane aplikacji\pcouffin.sys

2008-04-07 21:30 952 --sha-w c:\windows\system32\KGyGaAvL.sys

.

((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane

REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

“CTFMON.EXE”=“c:\windows\system32\ctfmon.exe” [2008-04-14 15360]

“AlcoholAutomount”=“c:\program files\Alcohol Soft\Alcohol 120\axcmd.exe” [2009-02-24 203928]

“AnyDVD”=“c:\progra~1\SlySoft\AnyDVD_AnyDVDtray.exe” [2009-03-12 2587584]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

“Jet Detection”=“c:\program files\Creative\SBLive\PROGRAM\ADGJDet.exe” [2001-11-29 28672]

“NeroFilterCheck”=“c:\windows\system32\NeroCheck.exe” [2001-07-09 155648]

“NvCplDaemon”=“c:\windows\system32\NvCpl.dll” [2008-05-03 13529088]

“ISUSPM Startup”=“c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe” [2005-08-11 249856]

“ISUSScheduler”=“c:\program files\Common Files\InstallShield\UpdateService\issch.exe” [2005-08-11 81920]

“RemoteControl8”=“c:\program files\CyberLink\PowerDVD8\PDVD8Serv.exe” [2008-03-20 83240]

“PDVD8LanguageShortcut”=“c:\program files\CyberLink\PowerDVD8\Language\Language.exe” [2007-12-14 50472]

“BDRegion”=“c:\program files\Cyberlink\Shared Files\brs.exe” [2009-02-28 75048]

“NvMediaCenter”=“c:\windows\system32\NvMcTray.dll” [2008-05-03 86016]

“SunJavaUpdateSched”=“c:\program files\Java\jre6\bin\jusched.exe” [2009-02-08 148888]

“Adobe Reader Speed Launcher”=“c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe” [2009-02-27 35696]

“RemoteControl9”=“c:\program files\CyberLink\PowerDVD9\PDVD9Serv.exe” [2009-02-16 87336]

“PDVD9LanguageShortcut”=“c:\program files\CyberLink\PowerDVD9\Language\Language.exe” [2008-10-13 50472]

“egui”=“c:\program files\ESET\ESET NOD32 Antivirus\egui.exe” [2009-02-06 2021400]

“TrojanScanner”=“c:\program files\Trojan Remover\Trjscan.exe” [2009-04-02 1213320]

“CTHelper”=“CTHELPER.EXE” [2003-08-28 c:\windows\system32\CTHELPER.EXE]

“nwiz”=“nwiz.exe” [2008-05-03 c:\windows\system32\nwiz.exe]

[HKEY_USERS.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

“CTFMON.EXE”=“c:\windows\System32\CTFMON.EXE” [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]

“VIDC.ACDV”= ACDV.dll

“vidc.i420”= i420vfw.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

@=“Service”

[HKLM~\startupfolder\C:^Documents and Settings^Tomek^Menu Start^Programy^Autostart^Tworzenie wycinków ekranu i uruchamianie programu OneNote 2007.lnk]

path=c:\documents and settings\Tomek\Menu Start\Programy\Autostart\Tworzenie wycinków ekranu i uruchamianie programu OneNote 2007.lnk

backup=c:\windows\pss\Tworzenie wycinków ekranu i uruchamianie programu OneNote 2007.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]

–a------ 2006-10-27 01:47 31016 c:\program files\Microsoft Office\Office12\GrooveMonitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]

–a------ 2008-04-14 22:51 1695232 c:\program files\Messenger\msmsgs.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdReg]

--------- 2000-05-11 02:00 90112 c:\windows\Updreg.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\security center]

“AntiVirusOverride”=dword:00000001

[HKLM~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

“%windir%\system32\sessmgr.exe”=

“c:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE”=

“c:\Program Files\Microsoft Office\Office12\GROOVE.EXE”=

“c:\Program Files\Microsoft Office\Office12\ONENOTE.EXE”=

“%windir%\Network Diagnostic\xpnetdiag.exe”=

“c:\Program Files\Nowe Gadu-Gadu\gg.exe”=

“c:\Program Files\eMule\emule.exe”=

“c:\WINDOWS\system32\dpvsetup.exe”=

R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2009-02-07 64160]

R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [2009-02-06 106208]

R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [2009-02-06 93336]

R2 {B154377D-700F-42cc-9474-23858FBDF4BD};Power Control [2009/03/15 19:31:24];c:\program files\CyberLink\PowerDVD9\000.fcl [2009-02-28 20:40:18 87536]

R2 {FE4C91E7-22C2-4D0C-9F6B-82F1B7742054};{FE4C91E7-22C2-4D0C-9F6B-82F1B7742054};c:\program files\CyberLink\PowerDVD8\000.fcl [2008-05-15 12:07:00 61424]

R2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [2009-02-06 727720]

S3 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [2009-01-18 951632]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2{5dda8850-cdf1-11dc-bca1-000ea663cf8d}]

\Shell\AutoRun\command - H:\Launcher.exe

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]

“c:\windows\system32\rundll32.exe” “c:\windows\system32\iedkcs32.dll”,BrandIEActiveSetup SIGNUP

.

Zawartość folderu ‘Zaplanowane zadania’

2009-03-30 c:\windows\Tasks\Ad-Aware Update (Weekly).job

  • c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-03-05 20:51]

2009-04-02 c:\windows\Tasks\User_Feed_Synchronization-{D002090F-F02A-4E4C-A05C-7B5A677EF0AC}.job

  • c:\windows\system32\msfeedssync.exe [2009-03-08 05:31]

.

.

------- Skan uzupełniający -------

.

uStart Page = hxxp://www.wp.pl/

IE: E&ksportuj do programu Microsoft Excel - c:\progra~1\Microsoft Office\Office12\EXCEL.EXE/3000

FF - ProfilePath - c:\documents and settings\Tomek\Dane aplikacji\Mozilla\Firefox\Profiles\q73s2sfx.default\

FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.as … ource=3&q=

FF - prefs.js: browser.search.selectedEngine - Wikipedia (pl)

FF - prefs.js: browser.startup.homepage - WWW.ONET.PL

FF - plugin: c:\documents and settings\Tomek\Ustawienia lokalne\Dane aplikacji\Google\Update\1.2.141.5\npGoogleOneClick7.dll

FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll

FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll

FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll

FF - plugin: c:\program files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll

.

**************************************************************************

catchme 0.3.1375 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2009-04-02 19:11:56

Windows 5.1.2600 Dodatek Service Pack 3 NTFS

skanowanie ukrytych procesów …

skanowanie ukrytych wpisów autostartu …

skanowanie ukrytych plików …

skanowanie pomyślnie ukończone

ukryte pliki: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services{B154377D-700F-42cc-9474-23858FBDF4BD}]

“ImagePath”="??\c:\program files\CyberLink\PowerDVD9\000.fcl"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services{FE4C91E7-22C2-4D0C-9F6B-82F1B7742054}]

“ImagePath”="??\c:\program files\CyberLink\PowerDVD8\000.fcl"

.

------------------------ Pozostałe uruchomione procesy ------------------------

.

c:\program files\Java\jre6\bin\jqs.exe

c:\windows\system32\nvsvc32.exe

c:\program files\Common Files\Protexis\License Service\PsiService_2.exe

c:\windows\system32\rundll32.exe

c:\program files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe

.

**************************************************************************

.

Czas ukończenia: 2009-04-02 19:14:17 - komputer został uruchomiony ponownie

ComboFix-quarantined-files.txt 2009-04-02 17:14:13

Przed: 202 846 208 000 bajtów wolnych

Po: 202,811,822,080 bajtów wolnych

WindowsXP-KB310994-SP2-Pro-BootDisk-PLK.exe

[boot loader]

timeout=2

default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS

[operating systems]

c:\cmdcons\BOOTSECT.DAT=“Microsoft Windows Recovery Console” /cmdcons

multi(0)disk(0)rdisk(0)partition(1)\WINDOWS=“Microsoft Windows XP Professional” /fastdetect

Current=1 Default=1 Failed=0 LastKnownGood=5 Sets=1,2,3,4,5

287 — E O F — 2009-03-13 08:26:33

tak wygląda moj log zrobiony combo fixem tylko nie działa mi autostart przy włozeniu pendriva (pojawiała isie info o wirusie)

tomek0110 ,

W związku ze zmianą, jaka obowiązuje przy wklejaniu logów na forum - przeczytaj i zastosuj się do Tematu

: http://www.wklejto.pl/30403

Link loga proszę o pomoc