piotrale utworzono 31 lipca 2010 utworzono 31 lipca 2010 (edytowane) witam mam problem z otwieraniem dysków. Przy próbie otwarcie z Mojego Komputera wyskakuje mi taki komunikat pa39xth.cmd Czy ktoś ma może pomysł w czym problem? Poniżej log z Combofix Pozdrawiam [log]ComboFix 10-07-30.04 - Piotr 2010-07-31 14:25:01.1.2 - x86 Microsoft Windows XP Professional 5.1.2600.2.1250.48.1045.18.1790.1343 [GMT 2:00] Uruchomiony z: c:\documents and settings\Piotr\Pulpit\ComboFix.exe . ((((((((((((((((((((((((((((((((((((((( Usunięto ))))))))))))))))))))))))))))))))))))))))))))))))) . C:\autorun.inf C:\pa39xth.cmd c:\windows\system32\amvo.exe c:\windows\system32\amvo0.dll c:\windows\system32\Config.ini E:\Autorun.inf E:\pa39xth.cmd F:\Autorun.inf F:\pa39xth.cmd K:\autorun.inf K:\pa39xth.cmd . ((((((((((((((((((((((((( Pliki utworzone od 2010-06-28 do 2010-07-31 ))))))))))))))))))))))))))))))) . 2010-07-30 21:25 . 2010-07-30 21:25 -------- d-----w- c:\program files\XviD 2010-07-30 21:25 . 2010-07-30 21:25 -------- d-----w- c:\program files\AC3Filter 2010-07-30 21:25 . 2010-07-30 21:25 -------- d-----w- c:\program files\ffdshow 2010-07-30 08:47 . 2010-07-31 12:22 -------- d-----w- c:\documents and settings\Piotr\Dane aplikacji\BitTorrent 2010-07-30 08:47 . 2010-07-30 08:47 -------- d-----w- c:\program files\BitTorrent 2010-07-26 16:47 . 2004-08-03 22:44 21504 -c--a-w- c:\windows\system32\dllcache\hidserv.dll 2010-07-26 16:47 . 2004-08-03 22:44 21504 ----a-w- c:\windows\system32\hidserv.dll 2010-07-26 16:46 . 2004-08-03 22:38 14848 -c--a-w- c:\windows\system32\dllcache\kbdhid.sys 2010-07-26 16:46 . 2004-08-03 22:38 14848 ----a-w- c:\windows\system32\drivers\kbdhid.sys 2010-07-26 16:46 . 2004-08-03 21:08 31616 -c--a-w- c:\windows\system32\dllcache\usbccgp.sys 2010-07-26 16:46 . 2004-08-03 21:08 31616 ----a-w- c:\windows\system32\drivers\usbccgp.sys 2010-07-22 11:52 . 2010-07-22 11:52 -------- d-----w- c:\windows\Sun 2010-07-22 11:52 . 2010-07-22 11:52 -------- d-----w- c:\program files\Common Files\Java 2010-07-22 11:50 . 2010-07-22 11:50 503808 ----a-w- c:\documents and settings\Piotr\Dane aplikacji\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-771984f6-n\msvcp71.dll 2010-07-22 11:50 . 2010-07-22 11:50 499712 ----a-w- c:\documents and settings\Piotr\Dane aplikacji\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-771984f6-n\jmc.dll 2010-07-22 11:50 . 2010-07-22 11:50 348160 ----a-w- c:\documents and settings\Piotr\Dane aplikacji\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-771984f6-n\msvcr71.dll 2010-07-22 11:50 . 2010-07-22 11:50 61440 ----a-w- c:\documents and settings\Piotr\Dane aplikacji\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-502cb127-n\decora-sse.dll 2010-07-22 11:50 . 2010-07-22 11:50 12800 ----a-w- c:\documents and settings\Piotr\Dane aplikacji\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-502cb127-n\decora-d3d.dll 2010-07-22 11:50 . 2010-07-22 11:50 411368 ----a-w- c:\windows\system32\deployJava1.dll 2010-07-22 11:50 . 2010-07-22 11:50 -------- d-----w- c:\program files\Java 2010-07-21 15:41 . 2010-07-21 15:41 -------- d-----w- C:\WCH 2010-07-21 15:37 . 2010-07-21 15:37 -------- d-----w- C:\WCH.CN 2010-07-21 15:37 . 2006-01-11 22:00 19392 ----a-w- c:\windows\system32\drivers\CH341WDM.SYS 2010-07-21 15:37 . 2005-09-18 22:00 25264 ----a-w- c:\windows\system32\CH341DLL.DLL 2010-07-21 15:02 . 2010-07-21 15:02 -------- d-----w- C:\lj1100 2010-07-21 14:44 . 2010-07-21 14:44 -------- d-----w- c:\documents and settings\Default User\Ustawienia lokalne\Dane aplikacji\Adobe 2010-07-21 14:44 . 2010-07-21 14:44 -------- d-----w- c:\program files\Common Files\Adobe 2010-07-21 14:35 . 2010-07-21 14:35 77184 ----a-w- c:\documents and settings\All Users\Dane aplikacji\NOS\Adobe_Downloads\arh.exe 2010-07-21 14:30 . 2010-07-21 14:30 -------- d-----w- c:\program files\e-Deklaracje 2010-07-21 13:12 . 2010-07-21 13:12 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\McAfee Security Scan 2010-07-21 13:12 . 2010-07-21 13:12 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\McAfee 2010-07-21 13:12 . 2010-07-21 13:12 -------- d-----w- c:\program files\McAfee Security Scan 2010-07-21 13:11 . 2010-07-21 13:12 2568656 ----a-w- c:\documents and settings\All Users\Dane aplikacji\NOS\Adobe_Downloads\install_flash_player.exe 2010-07-21 13:11 . 2010-07-21 13:12 1025992 ----a-w- c:\documents and settings\All Users\Dane aplikacji\NOS\Adobe_Downloads\SecurityScan_Release.exe 2010-07-21 13:11 . 2010-07-21 15:26 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\NOS 2010-07-21 10:35 . 2010-02-22 18:26 32768 ----a-w- c:\windows\system32\ParallelMP.exe 2010-07-21 10:35 . 2010-02-22 18:26 253952 ----a-w- c:\windows\system32\SerialMP.exe 2010-07-21 10:35 . 2010-02-22 18:26 204800 ----a-w- c:\windows\system32\MosUsbPrintConfig.exe 2010-07-21 10:35 . 2010-02-22 18:26 18240 ----a-w- c:\windows\system32\drivers\DbgMsg.sys 2010-07-21 10:35 . 2010-07-21 10:35 -------- d-----w- c:\program files\MosUPPSP 2010-07-21 10:10 . 2010-07-21 10:10 -------- d-----w- c:\documents and settings\Piotr\Dane aplikacji\e-Deklaracje.A1909296681C7ACEFE45687D3A64758C8659BF46.1 2010-07-21 10:10 . 2010-07-21 10:08 53632 ----a-w- c:\documents and settings\Piotr\Dane aplikacji\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe 2010-07-21 10:10 . 2010-07-21 10:08 53632 ----a-w- c:\documents and settings\Default User\Dane aplikacji\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe 2010-07-21 10:10 . 2010-07-21 10:10 -------- d-----w- c:\program files\Common Files\Adobe AIR 2010-07-21 10:00 . 2010-07-21 10:00 -------- d-----w- c:\documents and settings\Piotr\Dane aplikacji\AdobeUM 2010-07-21 09:59 . 2010-07-21 14:35 -------- d-----w- c:\documents and settings\Piotr\Ustawienia lokalne\Dane aplikacji\Adobe 2010-07-21 07:56 . 2006-10-26 17:56 33104 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\msonpppr.dll 2010-07-21 07:56 . 2006-10-26 17:56 32592 ----a-w- c:\windows\system32\msonpmon.dll 2010-07-21 07:56 . 2010-07-21 07:56 -------- d-----w- c:\program files\Microsoft Works 2010-07-21 07:55 . 2010-07-21 07:55 -------- d-----w- c:\program files\Microsoft.NET 2010-07-21 07:54 . 2010-07-21 07:54 -------- d-----w- c:\program files\Microsoft Visual Studio 8 2010-07-21 07:54 . 2010-07-21 07:55 -------- d-----w- c:\windows\SHELLNEW 2010-07-21 07:54 . 2010-07-21 07:54 -------- d-----w- c:\documents and settings\Piotr\Ustawienia lokalne\Dane aplikacji\Microsoft Help 2010-07-21 07:53 . 2010-07-21 08:20 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\Microsoft Help 2010-07-21 07:53 . 2010-07-21 07:53 -------- d-----r- C:\MSOCache 2010-07-21 07:52 . 2010-07-21 07:52 -------- d-----w- c:\program files\DAEMON Tools 2010-07-21 07:52 . 2010-07-21 07:52 223128 ----a-w- c:\windows\system32\drivers\dtscsi.sys 2010-07-21 07:51 . 2010-07-21 07:51 96256 ----a-w- c:\windows\system32\drivers\sptd0941.sys 2010-07-21 07:51 . 2010-07-21 07:51 642560 ----a-w- c:\windows\system32\drivers\sptd.sys 2010-07-19 17:21 . 2004-08-03 21:01 25856 -c--a-w- c:\windows\system32\dllcache\usbprint.sys 2010-07-19 17:21 . 2004-08-03 21:01 25856 ----a-w- c:\windows\system32\drivers\usbprint.sys 2010-07-19 10:22 . 2010-07-19 10:23 -------- d-----w- c:\documents and settings\Piotr\Ustawienia lokalne\Dane aplikacji\Google 2010-07-19 10:22 . 2010-07-19 10:22 -------- d-----w- c:\program files\Google 2010-07-19 10:19 . 2004-08-03 21:08 26496 -c--a-w- c:\windows\system32\dllcache\usbstor.sys 2010-07-18 19:57 . 2010-07-18 19:57 -------- d-----w- c:\documents and settings\Piotr\Ustawienia lokalne\Dane aplikacji\cache 2010-07-18 17:38 . 2001-10-26 16:57 12160 ----a-w- c:\windows\system32\drivers\mouhid.sys 2010-07-18 17:38 . 2004-08-04 00:34 23296 ----a-w- c:\windows\system32\drivers\mouclass.sys 2010-07-18 17:38 . 2001-08-17 22:02 9600 ----a-w- c:\windows\system32\drivers\hidusb.sys 2010-07-18 17:08 . 2001-08-17 21:59 3072 ----a-w- c:\windows\system32\drivers\audstub.sys 2010-07-18 17:07 . 2004-08-04 00:35 58624 ----a-w- c:\windows\system32\drivers\redbook.sys 2010-07-18 17:06 . 2004-08-04 00:44 77312 ----a-w- c:\windows\system32\usbui.dll 2010-07-18 17:06 . 2004-08-03 23:07 8832 ----a-w- c:\windows\system32\drivers\wmiacpi.sys 2010-07-18 17:04 . 2010-07-31 12:26 -------- d--h--r- c:\documents and settings\Default User\Ustawienia lokalne 2010-07-18 17:02 . 2010-07-31 12:24 -------- d-----w- c:\windows\system32\CatRoot2 2010-07-18 17:02 . 2010-07-18 17:02 -------- d-----w- c:\windows\system32\CatRoot 2010-07-18 17:02 . 2010-07-22 11:52 -------- d--h--r- c:\documents and settings\All Users\Dane aplikacji 2010-07-18 17:02 . 2010-07-21 10:10 -------- d--h--r- c:\documents and settings\Default User\Dane aplikacji 2010-07-18 17:02 . 2010-07-19 10:22 -------- d--h--w- c:\documents and settings\Default User 2010-07-18 17:02 . 2010-07-18 09:54 -------- d-----w- C:\Documents and Settings 2010-07-18 17:02 . 2010-07-18 09:48 -------- d-----w- c:\documents and settings\All Users . (((((((((((((((((((((((((((((((((((((((( Sekcja Find3M )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-07-22 11:47 . 2001-10-26 14:15 85120 ----a-w- c:\windows\system32\perfc015.dat 2010-07-22 11:47 . 2001-10-26 14:15 493962 ----a-w- c:\windows\system32\perfh015.dat 2010-07-21 15:35 . 2010-07-18 10:03 -------- d--h--w- c:\program files\InstallShield Installation Information 2010-07-21 15:35 . 2010-07-18 10:16 -------- d-----w- c:\program files\Common Files\InstallShield 2010-07-21 10:05 . 2010-07-18 10:25 68456 ----a-w- c:\documents and settings\Piotr\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT 2010-07-21 07:56 . 2010-07-18 10:02 -------- d-----w- c:\program files\MSBuild 2010-07-20 18:13 . 2010-07-18 09:48 86327 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat 2010-07-18 19:57 . 2010-07-18 11:32 -------- d-----w- c:\documents and settings\Piotr\Dane aplikacji\Gadu-Gadu 10 2010-07-18 11:34 . 2010-07-18 11:34 348160 ----a-w- c:\windows\system32\Msvcr71.dll 2010-07-18 11:34 . 2010-07-18 11:34 1060864 ----a-w- c:\windows\system32\mfc71.dll 2010-07-18 11:34 . 2010-07-18 11:34 1700352 ----a-w- c:\windows\system32\gdiplus.dll 2010-07-18 11:25 . 2010-07-18 11:25 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\Gadu-Gadu 10 2010-07-18 11:25 . 2010-07-18 11:25 -------- d-----w- c:\program files\Gadu-Gadu 10 2010-07-18 11:24 . 2010-07-18 11:24 -------- d-----w- c:\program files\Microsoft Silverlight 2010-07-18 10:54 . 2010-07-18 10:54 0 ----a-w- c:\windows\nsreg.dat 2010-07-18 10:25 . 2010-07-18 10:25 -------- d-----w- c:\documents and settings\Piotr\Dane aplikacji\ATI 2010-07-18 10:25 . 2010-07-18 10:25 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\ATI 2010-07-18 10:24 . 2010-07-18 10:23 -------- d-----w- c:\program files\ATI Technologies 2010-07-18 10:24 . 2010-07-18 10:24 0 ----a-w- c:\windows\ativpsrm.bin 2010-07-18 10:24 . 2010-07-18 10:24 10134 ----a-r- c:\documents and settings\Piotr\Dane aplikacji\Microsoft\Installer\{A778A787-08A4-4089-CB68-02A9737DE532}\ARPPRODUCTICON.exe 2010-07-18 10:23 . 2010-07-18 10:23 -------- d-----w- c:\program files\ATI 2010-07-18 10:19 . 2010-07-18 10:19 -------- d-----w- c:\program files\Gigabyte 2010-07-18 10:19 . 2010-07-18 10:19 -------- d-----w- c:\program files\AMD 2010-07-18 10:19 . 2010-07-18 10:19 -------- d-----w- c:\documents and settings\Piotr\Dane aplikacji\InstallShield 2010-07-18 10:18 . 2010-07-18 10:16 -------- d-----w- c:\program files\Realtek 2010-07-18 10:03 . 2010-07-18 10:03 -------- d--h--w- c:\program files\DeviceVM 2010-07-18 10:02 . 2010-07-18 10:02 64200 ----a-w- c:\documents and settings\LocalService\Ustawienia lokalne\Dane aplikacji\FontCache3.0.0.0.dat 2010-07-18 10:02 . 2010-07-18 10:02 -------- d-----w- c:\program files\Reference Assemblies 2010-07-18 10:01 . 2010-07-18 10:01 -------- d-----w- c:\program files\MSXML 6.0 2010-07-18 09:49 . 2010-07-18 09:49 -------- d-----w- c:\program files\microsoft frontpage 2010-07-18 09:48 . 2010-07-18 09:48 -------- d-----w- c:\program files\Usługi online 2010-07-18 09:46 . 2010-07-18 09:46 21856 ----a-w- c:\windows\system32\emptyregdb.dat 2010-07-07 08:46 . 2010-07-07 08:46 393216 ----a-w- c:\documents and settings\All Users\Dane aplikacji\Gadu-Gadu 10\_userdata\ggbho.3.dll 2010-07-07 08:46 . 2010-07-07 08:46 364544 ----a-w- c:\documents and settings\All Users\Dane aplikacji\Gadu-Gadu 10\_userdata\npgg.3.dll 2010-06-03 02:41 . 2010-06-03 02:41 3600384 ----a-w- c:\windows\system32\GPhotos.scr . ((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Gadu-Gadu 10"="c:\program files\Gadu-Gadu 10\gg.exe" [2010-07-07 12382816] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "BCU"="c:\program files\DeviceVM\Browser Configuration Utility\BCU.exe" [2009-08-04 346320] "RTHDCPL"="RTHDCPL.EXE" [2009-12-08 18789920] "StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-11-24 98304] "DAEMON Tools"="c:\program files\DAEMON Tools\daemon.exe" [2005-12-10 133016] "GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-06-20 35760] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-06-09 976832] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-03 15360] c:\documents and settings\All Users\Menu Start\Programy\Autostart\ McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\2.0.181\SSScheduler.exe [2010-1-15 255536] [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Gadu-Gadu 10\\gg.exe"= "c:\\Program Files\\BitTorrent\\bittorrent.exe"= R2 BCUService;Browser Configuration Utility Service;c:\program files\DeviceVM\Browser Configuration Utility\BCUService.exe [2010-07-18 219360] S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [2010-07-18 1691480] S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232] S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [2010-07-21 642560] . . ------- Skan uzupełniający ------- . IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: E&ksportuj do programu Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000 FF - ProfilePath - c:\documents and settings\Piotr\Dane aplikacji\Mozilla\Firefox\Profiles\2dmpwfon.default\ FF - prefs.js: browser.startup.homepage - www.wp.pl FF - plugin: c:\documents and settings\All Users\Dane aplikacji\Gadu-Gadu 10\_userdata\npgg.3.dll FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll FF - plugin: c:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll ---- FIREFOX - SPOSÓB POSTĘPOWANIA ---- c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.proxy.type", 5); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.buffer.cache.count", 24); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.buffer.cache.size", 4096); c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45); c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false); c:\program files\Mozilla Firefox\greprefs\all.js - pref("accelerometer.enabled", true); c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true); c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", ""); c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false); c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties"); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties"); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false); . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [url="http://www.gmer.net"]http://www.gmer.net[/url] Rootkit scan 2010-07-31 14:26 Windows 5.1.2600 Dodatek Service Pack 2 NTFS skanowanie ukrytych procesów ... skanowanie ukrytych wpisów autostartu ... skanowanie ukrytych plików ... skanowanie pomyślnie ukończone ukryte pliki: 0 ************************************************************************** . --------------------- Pliki DLL ładowane pod uruchomionymi procesami --------------------- - - - - - - - > 'winlogon.exe'(728) c:\windows\system32\Ati2evxx.dll . Czas ukończenia: 2010-07-31 14:27:07 ComboFix-quarantined-files.txt 2010-07-31 12:27 Przed: 96 977 031 168 bajtów wolnych Po: 97 008 558 080 bajtów wolnych WindowsXP-KB310994-SP2-Pro-BootDisk-PLK.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect /usepmtimer - - End Of File - - 4242AABF4D392D49F5B5DF75FA60A0BE[/log] [color="#ff0000"] //przenoszę do logów do sprawdzenia //dan[/color]
Sohei komentarz 1 sierpnia 2010 komentarz 1 sierpnia 2010 podepnij do komputera wszystkie pamięci przenośne po czym użyj narzędzia flash desinfector. Potem daj loga z OTL. Nie używaj więcej combofix na własna rękę !
Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!
Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.