don utworzono 15 stycznia 2009 utworzono 15 stycznia 2009 Witam, już miałem usuniętego wirusa za pomocą właśnie tego forum więc pomyślałem że to samo możecie zrobić z moim pendrivem. Nie wiem co tak dokładnie jest na tym pendrivie ale ponoć jest zawirusowany. Bardzo proszę o sprawdzenie tego loga. ComboFix 09-01-11.04 - Don 2009-01-15 22:24:26.3 - NTFSx86Microsoft Windows XP Professional 5.1.2600.3.1250.1.1045.18.1022.689 [GMT 1:00]Uruchomiony z: e:\download\ComboFix.exeAV: Kaspersky Internet Security *On-access scanning disabled* (Outdated)FW: Kaspersky Internet Security *disabled*[b]UWAGA - TEN KOMPUTER NIE MA ZAINSTALOWANEJ KONSOLI ODZYSKIWANIA !![/b].((((((((((((((((((((((((((((((((((((((( Usuniŕto ))))))))))))))))))))))))))))))))))))))))))))))))).J:\abk.bat.((((((((((((((((((((((((( Pliki utworzone od 2008-12-15 do 2009-01-15 ))))))))))))))))))))))))))))))).2009-01-15 20:48 . 2009-01-15 20:48 <DIR> d-------- c:\windows\LastGood2009-01-14 23:46 . 2009-01-14 23:46 <DIR> d-------- c:\program files\Sports Interactive2009-01-12 20:09 . 2009-01-12 20:09 <DIR> d-------- c:\program files\Nero2009-01-12 19:46 . 2009-01-12 19:46 290 --a------ C:\FIX.REG2009-01-12 18:43 . 2009-01-12 18:43 <DIR> d-------- C:\DVR2162009-01-12 16:29 . 2008-06-24 12:45 1,414,440 --a------ c:\windows\system32\ShellManager310E2D762.dll2009-01-12 16:29 . 2008-06-23 16:36 773,120 --a------ c:\windows\system32\NEROINSTAEC43759.DB2009-01-12 16:28 . 2009-01-12 16:28 0 --a------ c:\windows\Irremote.ini2009-01-12 12:41 . 2009-01-12 12:40 410,984 --a------ c:\windows\system32\deploytk.dll2009-01-11 22:13 . 2009-01-11 22:13 <DIR> d-------- c:\documents and settings\Don\Dane aplikacji\Nero2009-01-11 22:05 . 2009-01-12 20:10 <DIR> d-------- c:\program files\Common Files\Nero2009-01-11 22:05 . 2009-01-12 20:09 <DIR> d-------- c:\documents and settings\All Users\Dane aplikacji\Nero2009-01-10 14:34 . 2009-01-10 14:34 <DIR> d-------- c:\documents and settings\All Users\Dane aplikacji\2DBoy2009-01-04 15:37 . 2009-01-04 15:37 <DIR> d-------- c:\program files\Tortun2008-12-29 18:37 . 2008-10-10 04:52 4,379,984 --a------ c:\windows\system32\D3DX9_40.dll2008-12-29 18:37 . 2008-10-10 04:52 2,036,576 --a------ c:\windows\system32\D3DCompiler_40.dll2008-12-29 18:37 . 2008-10-27 10:04 514,384 --a------ c:\windows\system32\XAudio2_3.dll2008-12-29 18:37 . 2008-10-10 04:52 452,440 --a------ c:\windows\system32\d3dx10_40.dll2008-12-29 18:37 . 2008-10-27 10:04 235,856 --a------ c:\windows\system32\xactengine3_3.dll2008-12-29 18:37 . 2008-10-27 10:04 70,992 --a------ c:\windows\system32\XAPOFX1_2.dll2008-12-29 18:37 . 2008-10-27 10:04 23,376 --a------ c:\windows\system32\X3DAudio1_5.dll2008-12-29 16:28 . 2008-12-29 16:28 <DIR> d--h----- c:\windows\system32\GroupPolicy2008-12-20 22:55 . 2008-07-09 09:05 421,888 --a------ c:\windows\system32\ac3filter.acm2008-12-20 13:31 . 2008-12-20 13:38 96,976 --a------ c:\windows\system32\drivers\klin.dat2008-12-20 13:31 . 2008-12-20 13:38 87,855 --a------ c:\windows\system32\drivers\klick.dat2008-12-20 13:30 . 2009-01-15 12:04 <DIR> d-------- c:\documents and settings\All Users\Dane aplikacji\Kaspersky Lab2008-12-20 13:30 . 2009-01-15 22:00 5,501,472 --ahs---- c:\windows\system32\drivers\fidbox.dat2008-12-20 13:30 . 2009-01-15 00:22 745,504 --ahs---- c:\windows\system32\drivers\fidbox2.dat2008-12-20 13:30 . 2009-01-15 22:00 46,156 --ahs---- c:\windows\system32\drivers\fidbox.idx2008-12-20 13:30 . 2009-01-15 00:22 5,724 --ahs---- c:\windows\system32\drivers\fidbox2.idx2008-12-20 13:27 . 2008-12-20 13:27 <DIR> d-------- c:\documents and settings\All Users\Dane aplikacji\Kaspersky Lab Setup Files2008-12-16 19:01 . 2008-12-16 19:01 2,626 --a------ c:\windows\basavr.ini.(((((((((((((((((((((((((((((((((((((((( Sekcja Find3M )))))))))))))))))))))))))))))))))))))))))))))))))))).2009-01-15 20:47 --------- d-----w c:\documents and settings\Don\Dane aplikacji\uTorrent2009-01-15 19:46 --------- d-----w c:\program files\Common Files\Wise Installation Wizard2009-01-15 19:45 --------- d-----w c:\program files\AGEIA Technologies2009-01-12 16:02 --------- d-----w c:\documents and settings\All Users\Dane aplikacji\CanonIJPLM2009-01-12 11:40 --------- d-----w c:\program files\Java2009-01-11 20:35 --------- d-----w c:\program files\Ahead2009-01-06 19:56 --------- d-----w c:\program files\CCleaner2009-01-06 19:52 --------- d-----w c:\documents and settings\Don\Dane aplikacji\Simply Super Software2009-01-03 15:06 --------- d--h--w c:\program files\InstallShield Installation Information2008-12-29 15:32 --------- d-----w c:\documents and settings\Don\Dane aplikacji\Winamp2008-12-22 11:50 --------- d-----w c:\documents and settings\All Users\Dane aplikacji\CanonIJ2008-12-20 21:55 --------- d-----w c:\program files\AC3Filter2008-12-14 20:14 --------- d-----w c:\documents and settings\All Users\Dane aplikacji\IM2008-12-14 20:13 --------- d-----w c:\documents and settings\All Users\Dane aplikacji\IncrediMail2008-12-13 17:26 1,700,352 ----a-w c:\windows\system32\gdiplus.dll2008-12-08 17:30 --------- d-----w c:\program files\Microsoft Games for Windows - LIVE2008-12-07 22:12 --------- d-----w c:\program files\DivX2008-12-03 15:30 --------- d-----w c:\program files\Common Files\Blizzard Entertainment2008-12-02 14:35 --------- d-----w c:\documents and settings\All Users\Dane aplikacji\Blizzard2008-12-02 09:13 453,152 ----a-w c:\windows\system32\NVUNINST.EXE2008-11-27 11:48 --------- d-----w c:\documents and settings\Don\Dane aplikacji\Red Alert 32008-11-26 11:20 183,112 ----a-w c:\windows\system32\PnkBstrB.exe2008-11-26 11:20 138,184 ----a-w c:\windows\system32\drivers\PnkBstrK.sys2008-11-21 21:47 524,288 ----a-w c:\windows\system32\DivXsm.exe2008-11-21 21:47 3,596,288 ----a-w c:\windows\system32\qt-dx331.dll2008-11-21 21:46 200,704 ----a-w c:\windows\system32\ssldivx.dll2008-11-21 21:46 1,044,480 ----a-w c:\windows\system32\libdivx.dll2008-11-21 21:44 161,096 ----a-w c:\windows\system32\DivXCodecVersionChecker.exe2008-11-21 21:44 12,288 ----a-w c:\windows\system32\DivXWMPExtType.dll2008-11-17 18:55 --------- d-----w c:\documents and settings\All Users\Dane aplikacji\Codemasters2008-11-17 18:53 --------- d-----w c:\documents and settings\All Users\Dane aplikacji\Ubisoft2008-11-15 12:30 --------- d-----w c:\documents and settings\Don\Dane aplikacji\Sports Interactive2008-11-15 12:01 --------- d-----w c:\documents and settings\All Users\Dane aplikacji\Sports Interactive2008-10-28 16:41 14,303,392 ----a-w c:\windows\system32\xlive.dll2008-10-28 16:41 13,643,936 ----a-w c:\windows\system32\xlivefnt.dll2008-10-20 12:53 66,872 ----a-w c:\windows\system32\PnkBstrA.exe2008-10-20 12:53 22,328 ----a-w c:\documents and settings\Don\Dane aplikacji\PnkBstrK.sys2008-10-20 12:53 2,250,024 ----a-w c:\windows\system32\pbsvc.exe2008-10-17 08:29 70,936 ----a-w c:\windows\system32\PhysXLoader.dll2008-10-15 08:04 288,024 ----a-w c:\windows\system32\PhysXCplUI.exe2008-10-15 08:04 288,024 ----a-w c:\windows\system32\PhysXCompatCplUI.exe2004-10-01 13:00 40,960 ----a-w c:\program files\Uninstall_CDS.exe.((((((((((((((((((((((((((((( snapshot@2009-01-12_19.26.07.98 ))))))))))))))))))))))))))))))))))))))))).- 2008-12-20 21:03:09 53,248 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.AudioVideoPlayback.dll+ 2009-01-15 19:48:21 53,248 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.AudioVideoPlayback.dll- 2008-12-20 21:03:09 12,800 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Diagnostics\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Diagnostics.dll+ 2009-01-15 19:48:21 12,800 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Diagnostics\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Diagnostics.dll- 2008-12-20 21:03:09 473,600 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3D.dll+ 2009-01-15 19:48:21 473,600 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3D.dll- 2008-12-20 21:03:05 2,676,224 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll+ 2009-01-15 19:48:15 2,676,224 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll- 2008-12-20 21:03:06 2,846,720 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2903.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll+ 2009-01-15 19:48:17 2,846,720 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2903.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll- 2008-12-20 21:03:06 563,712 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2904.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll+ 2009-01-15 19:48:17 563,712 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2904.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll- 2008-12-20 21:03:06 567,296 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2905.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll+ 2009-01-15 19:48:18 567,296 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2905.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll- 2008-12-20 21:03:07 576,000 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2906.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll+ 2009-01-15 19:48:18 576,000 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2906.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll- 2008-12-20 21:03:07 577,024 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2907.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll+ 2009-01-15 19:48:19 577,024 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2907.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll- 2008-12-20 21:03:07 577,536 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2908.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll+ 2009-01-15 19:48:19 577,536 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2908.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll- 2008-12-20 21:03:08 577,536 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2909.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll+ 2009-01-15 19:48:20 577,536 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2909.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll- 2008-12-20 21:03:08 578,560 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2910.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll+ 2009-01-15 19:48:20 578,560 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2910.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll- 2008-12-20 21:03:09 578,560 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2911.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll+ 2009-01-15 19:48:21 578,560 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2911.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll- 2008-12-20 21:03:10 145,920 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectDraw.dll+ 2009-01-15 19:48:21 145,920 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectDraw.dll- 2008-12-20 21:03:10 159,232 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectInput.dll+ 2009-01-15 19:48:22 159,232 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectInput.dll- 2008-12-20 21:03:10 364,544 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectPlay.dll+ 2009-01-15 19:48:22 364,544 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectPlay.dll- 2008-12-20 21:03:10 178,176 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectSound.dll+ 2009-01-15 19:48:22 178,176 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectSound.dll- 2008-12-20 21:03:09 223,232 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.dll+ 2009-01-15 19:48:21 223,232 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.dll+ 2009-01-15 20:22:19 302,430 ----a-r c:\windows\Installer\{AEDBD563-24BB-4EE3-8366-A654DAC2D988}\ME_Icon.exe+ 2007-03-12 15:42:30 1,123,696 ----a-w c:\windows\LastGood\system32\D3DCompiler_33.dll+ 2007-05-16 15:45:16 1,124,720 ----a-w c:\windows\LastGood\system32\D3DCompiler_34.dll+ 2007-07-19 17:14:42 1,358,192 ----a-w c:\windows\LastGood\system32\D3DCompiler_35.dll+ 2007-03-15 15:57:58 443,752 ----a-w c:\windows\LastGood\system32\d3dx10_33.dll+ 2007-05-16 15:45:16 443,752 ----a-w c:\windows\LastGood\system32\d3dx10_34.dll+ 2007-07-19 17:14:42 444,776 ----a-w c:\windows\LastGood\system32\d3dx10_35.dll+ 2005-02-05 18:45:26 2,222,800 ----a-w c:\windows\LastGood\system32\d3dx9_24.dll+ 2005-03-18 16:19:58 2,337,488 ----a-w c:\windows\LastGood\system32\d3dx9_25.dll+ 2005-05-26 14:34:52 2,297,552 ----a-w c:\windows\LastGood\system32\d3dx9_26.dll+ 2005-07-22 18:59:04 2,319,568 ----a-w c:\windows\LastGood\system32\d3dx9_27.dll+ 2005-12-05 17:09:18 2,323,664 ----a-w c:\windows\LastGood\system32\d3dx9_28.dll+ 2006-02-03 07:43:16 2,332,368 ----a-w c:\windows\LastGood\system32\d3dx9_29.dll+ 2006-03-31 11:40:58 2,388,176 ----a-w c:\windows\LastGood\system32\d3dx9_30.dll+ 2006-09-28 15:05:20 2,414,360 ----a-w c:\windows\LastGood\system32\d3dx9_31.dll+ 2006-11-29 12:06:18 3,426,072 ----a-w c:\windows\LastGood\system32\d3dx9_32.dll+ 2007-03-12 15:42:30 3,495,784 ----a-w c:\windows\LastGood\system32\d3dx9_33.dll+ 2007-05-16 15:45:16 3,497,832 ----a-w c:\windows\LastGood\system32\d3dx9_34.dll+ 2007-07-19 17:14:42 3,727,720 ----a-w c:\windows\LastGood\system32\d3dx9_35.dll+ 2006-02-03 07:41:26 14,032 ----a-w c:\windows\LastGood\system32\x3daudio1_0.dll+ 2007-03-05 11:42:18 15,128 ----a-w c:\windows\LastGood\system32\x3daudio1_1.dll+ 2007-10-22 02:37:16 17,928 ----a-w c:\windows\LastGood\system32\x3daudio1_2.dll+ 2006-02-03 07:42:06 230,096 ----a-w c:\windows\LastGood\system32\xactengine2_0.dll+ 2006-03-31 11:39:48 229,584 ----a-w c:\windows\LastGood\system32\xactengine2_1.dll+ 2006-05-31 06:24:16 230,168 ----a-w c:\windows\LastGood\system32\xactengine2_2.dll+ 2006-07-28 08:30:32 236,824 ----a-w c:\windows\LastGood\system32\xactengine2_3.dll+ 2006-09-28 15:05:56 237,848 ----a-w c:\windows\LastGood\system32\xactengine2_4.dll+ 2006-12-08 11:02:00 251,672 ----a-w c:\windows\LastGood\system32\xactengine2_5.dll+ 2007-01-24 14:27:30 255,848 ----a-w c:\windows\LastGood\system32\xactengine2_6.dll+ 2007-04-04 17:55:00 261,480 ----a-w c:\windows\LastGood\system32\xactengine2_7.dll+ 2007-06-20 19:46:04 266,088 ----a-w c:\windows\LastGood\system32\xactengine2_8.dll+ 2007-07-19 23:57:12 267,112 ----a-w c:\windows\LastGood\system32\xactengine2_9.dll+ 2006-03-31 11:39:24 62,672 ----a-w c:\windows\LastGood\system32\xinput1_1.dll+ 2006-07-28 08:30:14 62,744 ----a-w c:\windows\LastGood\system32\xinput1_2.dll+ 2007-04-04 17:53:42 81,768 ----a-w c:\windows\LastGood\system32\xinput1_3.dll+ 2005-12-05 17:07:30 61,136 ----a-w c:\windows\LastGood\system32\xinput9_1_0.dll- 2007-07-23 07:03:30 53,248 ------w c:\windows\system32\AgCPanelFrench.dll+ 2008-10-07 08:13:20 58,648 ----a-w c:\windows\system32\AgCPanelFrench.dll- 2007-07-23 07:03:30 53,248 ------w c:\windows\system32\AgCPanelGerman.dll+ 2008-10-07 08:13:20 58,648 ----a-w c:\windows\system32\AgCPanelGerman.dll- 2007-07-23 07:03:30 53,248 ------w c:\windows\system32\AgCPanelJapanese.dll+ 2008-10-07 08:13:20 58,648 ----a-w c:\windows\system32\AgCPanelJapanese.dll- 2007-07-23 07:03:30 53,248 ------w c:\windows\system32\AgCPanelKorean.dll+ 2008-10-07 08:13:20 58,648 ----a-w c:\windows\system32\AgCPanelKorean.dll- 2007-07-23 07:03:30 53,248 ------w c:\windows\system32\AgCPanelPortugese.dll+ 2008-10-07 08:13:20 58,648 ----a-w c:\windows\system32\AgCPanelPortugese.dll- 2007-07-23 07:03:30 53,248 ------w c:\windows\system32\AgCPanelSimplifiedChinese.dll+ 2008-10-07 08:13:20 58,648 ----a-w c:\windows\system32\AgCPanelSimplifiedChinese.dll- 2007-07-23 07:03:32 53,248 ------w c:\windows\system32\AgCPanelSpanish.dll+ 2008-10-07 08:13:20 58,648 ----a-w c:\windows\system32\AgCPanelSpanish.dll- 2007-07-23 07:03:32 53,248 ------w c:\windows\system32\AgCPanelSwedish.dll+ 2008-10-07 08:13:20 58,648 ----a-w c:\windows\system32\AgCPanelSwedish.dll- 2007-07-23 07:03:32 53,248 ------w c:\windows\system32\AgCPanelTraditionalChinese.dll+ 2008-10-07 08:13:22 58,648 ----a-w c:\windows\system32\AgCPanelTraditionalChinese.dll+ 2008-06-08 07:37:46 11,304 ----a-w c:\windows\system32\drivers\imagedrv.sys+ 2008-06-08 07:37:56 132,904 ----a-w c:\windows\system32\drivers\imagesrv.sys+ 2006-03-17 10:45:52 1,757,184 ----a-w c:\windows\system32\imagX7.dll+ 2006-03-17 10:45:54 497,296 ----a-w c:\windows\system32\imagXpr7.dll+ 2006-03-17 10:45:54 258,048 ----a-w c:\windows\system32\imagXR7.dll+ 2006-03-17 10:45:54 802,816 ----a-w c:\windows\system32\imagXRA7.dll+ 2006-12-19 08:30:26 81,920 ----a-w c:\windows\system32\IoctlSvc.exe+ 2008-06-06 12:54:26 95,600 ----a-w c:\windows\system32\NeroCo.dll+ 2008-10-07 08:13:30 197,912 ----a-w c:\windows\system32\physxcudart_20.dll+ 2008-10-07 08:13:28 23,320 ----a-w c:\windows\system32\PhysXDevice.dll+ 2006-03-17 13:49:46 368,640 ----a-w c:\windows\system32\TwnLib4.dll+ 2009-01-15 11:03:55 16,384 ----atw c:\windows\Temp\Perflib_Perfdata_194.dat+ 2009-01-15 11:03:53 16,384 ----atw c:\windows\Temp\Perflib_Perfdata_770.dat+ 2007-03-20 19:22:04 972,336 ----a-w c:\windows\UNNeroBackItUp.exe.-- Migawka wyzerowana --.((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru ))))))))))))))))))))))))))))))))))))))))))))))))))..*Uwaga* puste wpisy oraz domyťlne, prawid-owe wpisy nie s¦ pokazane REGEDIT4[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-03 15360]"Gadu-Gadu"="d:\gadu-gadu\gg.exe" [2008-12-29 2127296]"Steam"="d:\steam\steam.exe" [2008-10-08 1410296][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-12-02 13680640]"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2006-05-08 843776]"RemoteControl"="c:\program files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe" [2004-11-02 32768]"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-01-12 136600]"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-12-02 86016]"AVP"="d:\kaspersky lab\Kaspersky Internet Security 2009\avp.exe" [2008-04-25 201992]"NeroFilterCheck"="c:\program files\Common Files\Nero\Lib\NeroCheck.exe" [2008-11-06 570664]"NBKeyScan"="c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2008-12-02 2221352]"nwiz"="nwiz.exe" [2008-12-02 c:\windows\system32\nwiz.exe][HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-03 15360]c:\documents and settings\All Users\Menu Start\Programy\Autostart\Adobe Reader Speed Launch.lnk - d:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 29696]GammaTray.lnk - c:\program files\MagicTune Premium\GammaTray.exe [2008-04-13 36864]Kalendarz XP.lnk - d:\program files\Kalendarz XP\Kalendarz.exe [2008-04-13 882176]Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\KEM.exe [2008-04-12 581632]NCProTray.lnk - c:\program files\SEC\Natural Color Pro\NCProTray.exe [2008-04-13 49220][HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]"vidc.mjpg"= pvmjpg30.dll"msacm.ac3filter"= ac3filter.acm[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonMyPrinter]--a------ 2008-03-17 17:06 1848648 c:\program files\Canon\MyPrinter\BJMYPRT.EXE[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonSolutionMenu]--a------ 2008-03-10 17:20 689488 c:\program files\Canon\SolutionMenu\CNSLMAIN.EXE[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite]-ra------ 2006-11-24 00:06 487424 d:\sony ericsson\Mobile2\Application Launcher\Application Launcher.exe[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]"DisableMonitoring"=dword:00000001[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]"EnableFirewall"= 0 (0x0)[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]"%windir%\\system32\\sessmgr.exe"="c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"="c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"="c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"="%windir%\\Network Diagnostic\\xpnetdiag.exe"="d:\\Program Files\\IncrediMail\\bin\\ImApp.exe"="d:\\Program Files\\IncrediMail\\bin\\IncMail.exe"="d:\\Program Files\\IncrediMail\\bin\\ImpCnt.exe"="c:\\Program Files\\Bonjour\\mDNSResponder.exe"="c:\\WINDOWS\\system32\\PnkBstrA.exe"="c:\\WINDOWS\\system32\\PnkBstrB.exe"="c:\\Program Files\\uTorrent\\uTorrent.exe"="d:\\Program Files\\SopCast\\SopCast.exe"="d:\\Program Files\\SopCast\\adv\\SopAdver.exe"="d:\\Mass Effect\\Binaries\\MassEffect.exe"="d:\\Mass Effect\\MassEffectLauncher.exe"="c:\\Program Files\\VentSrv\\ventrilo_srv.exe"="d:\\BearShare\\BearShare.exe"="d:\\Program Files\\Pinnacle\\Studio 12\\Programs\\RM.exe"="d:\\Program Files\\Pinnacle\\Studio 12\\Programs\\Studio.exe"="d:\\Program Files\\Pinnacle\\Studio 12\\Programs\\umi.exe"="d:\\Steam\\steamapps\\zel10@wp.pl\\counter-strike\\hl.exe"="d:\\Steam\\steamapps\\zel10@wp.pl\\day of defeat\\hl.exe"="d:\\Steam\\steamapps\\zel10@wp.pl\\half-life\\hl.exe"="c:\\Program Files\\Mozilla Firefox\\firefox.exe"="d:\\Activision\\Call of Duty - World at War\\CoDWaWmp.exe"="d:\\Activision\\Call of Duty - World at War\\CoDWaW.exe"="c:\\Documents and Settings\\All Users\\Dane aplikacji\\Kaspersky Lab Setup Files\\Kaspersky Internet Security 2009\\Polish\\setup.exe"="d:\\Sports Interactive\\Football Manager 2009\\fm.exe"="d:\\EA Games\\Mirror's Edge\\Binaries\\MirrorsEdge.exe"=[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]"10980:TCP"= 10980:TCP:BitComet 10980 TCP"10980:UDP"= 10980:UDP:BitComet 10980 UDPR0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [2008-01-29 32784]R0 pavboot;pavboot;c:\windows\system32\drivers\pavboot.sys [2008-10-26 28544]R3 KLFLTDEV;Kaspersky Lab KLFltDev;c:\windows\system32\drivers\klfltdev.sys [2008-03-13 26640]R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [2008-03-25 24592]R4 ABBYY.Licensing.FineReader.Professional.9.0;Usługa licencjonowania programu ABBYY FineReader 9.0;d:\program files\ABBYY FineReader 9.0\NetworkLicenseServer.exe [2007-09-24 566560]S3 hid8101;hid8101;c:\windows\system32\drivers\system32.sys [2008-10-09 64880]S3 P730C;P730C;c:\windows\system32\drivers\P730C.sys [2008-05-27 25300]S3 P730M;P730M;c:\windows\system32\drivers\P730M.sys [2008-05-27 25300]S3 P730U;P730U;c:\windows\system32\drivers\P730U.sys [2008-05-27 49365]S3 RTLWUSB;Realtek RTL8187 Wireless 802.11g 54Mbps USB 2.0 Network Adapter;c:\windows\system32\drivers\RTL8187.sys [2008-04-13 169472]S4 IOPort;IOPort;\??\c:\windows\system32\DRIVERS\IOPORT.SYS --> c:\windows\system32\DRIVERS\IOPORT.SYS [?]..------- Skan uzupe-niaj¦cy -------.uStart Page = hxxp://mystart.incredimail.com/english/uInternet Settings,ProxyOverride = *.localIE: E&ksportuj do programu Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000c:\windows\system32\SkanerOnlineUninstall.exe - c:\windows\system32\SkanerOnline.dllO16 -: {68282C51-9459-467B-95BF-3C0E89627E55}hxxp://www.mks.com.pl/skaner/SkanerOnline.cabc:\windows\Downloaded Program Files\SkanerOnline.infFF - ProfilePath - c:\documents and settings\Don\Dane aplikacji\Mozilla\Firefox\Profiles\celt609w.default\FF - prefs.js: browser.search.selectedEngine - GoogleFF - prefs.js: browser.startup.homepage - hxxp://www.google.pl/FF - prefs.js: keyword.URL - hxxp://mystart.incredimail.com/?loc=ff_address_bar_fs&search=FF - plugin: d:\program files\Adobe\Acrobat 7.0\Reader\browser\nppdf32.dll.**************************************************************************catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.netRootkit scan 2009-01-15 22:26:47Windows 5.1.2600 Dodatek Service Pack 3 NTFSskanowanie ukrytych procesˇw ... skanowanie ukrytych wpisˇw autostartu ...skanowanie ukrytych plikˇw ... skanowanie pomyťlnie uko˝czoneukryte pliki: 0**************************************************************************.--------------------- ZABLOKOWANE KLUCZE REJESTRU ---------------------[HKEY_USERS\S-1-5-21-1606980848-1532298954-839522115-1003\Software\G*e*n*i*e*"!\FM Genie Scout 2009 XE]"GameDir"="c:\\Documents and Settings\\Don\\Moje dokumenty\\Sports Interactive\\Football Manager 2009\\games""ShortlistDir"="c:\\Documents and Settings\\Don\\Moje dokumenty\\Sports Interactive\\Football Manager 2009\\shortlists""ScreenshotsDir"="c:\\Documents and Settings\\Don\\Moje dokumenty\\Sports Interactive\\Football Manager 2009""SaveDir"="c:\\Documents and Settings\\Don\\Moje dokumenty\\Sports Interactive\\Football Manager 2009\\""HistoryDir"="e:\\Download\\fm_genie_scout_2009_xe\\FM Genie Scout 2009 XE\\History Points""LangDB"="d:\\Sports Interactive\\Football Manager 2009\\data\\updates\\update-910\\db\\910\\lang_db.dat""LastSaveGame"="c:\\Documents and Settings\\Don\\Moje dokumenty\\Sports Interactive\\Football Manager 2009\\games\\roma.fm""Language"="English""LoadLangDB"=dword:00000001"CompressHistoryPoints"=dword:00000000"HighlightedAttributes"=dword:00000000"MinCondition"=dword:00000050"SkinName"="Champions League""LastUpdateCheck"=dword:00000000"HighQualityGUI"=dword:00000001"AutomaticallyUpdateCheck"=dword:00000001"AdvancedGeneration"=dword:00000000"TranslateStaffSkills"=dword:00000001"TranslatePlayerSkills"=dword:00000001"TranslatePositions"=dword:00000001"ShowHistory"=dword:00000001"Version"=dword:00000066"UniqueID"="58-FFC5-2433""UseProxy"=dword:00000000"ProxyHost"="""ProxyPort"="""UseAuthentication"=dword:00000000"UserName"="""UserPassword"="""Currency"=dword:0000003f[HKEY_USERS\S-1-5-21-1606980848-1532298954-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\CLSID]@Denied: (Full) (LocalSystem)[HKEY_USERS\S-1-5-21-1606980848-1532298954-839522115-1003\Software\SecuROM\License information*]"datasecu"=hex:de,12,7b,b7,1a,3b,2f,2b,38,5f,56,85,ef,e0,31,4f,f2,67,d2,b2,78, f5,e8,f0,97,8d,5f,31,30,07,dd,00,b5,84,49,6e,17,97,ee,99,e6,1d,23,04,a3,96,\"rkeysecu"=hex:b4,7b,d0,07,32,f3,d8,df,15,3d,5a,77,36,64,86,4c[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32*]"ThreadingModel"="Apartment"@="c:\\WINDOWS\\system32\\OLE32.DLL""cd042efbbd7f7af1647644e76e06692b"=hex:e2,63,26,f1,3f,c8,ff,68,54,9d,38,bc,18, 85,5e,1f,c8,28,51,af,b0,29,a3,98,c9,41,16,db,d3,2c,b6,ca,e2,63,26,f1,3f,c8,\[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32*]"ThreadingModel"="Apartment"@="c:\\WINDOWS\\system32\\OLE32.DLL""bca643cdc5c2726b20d2ecedcc62c59b"=hex:6a,9c,d6,61,af,45,84,18,3a,13,47,bf,f0, a1,4a,87,71,3b,04,66,8b,46,0d,96,ce,11,90,dc,23,cc,e9,58,6a,9c,d6,61,af,45,\[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32*]"ThreadingModel"="Apartment"@="c:\\WINDOWS\\system32\\OLE32.DLL""2c81e34222e8052573023a60d06dd016"=hex:25,da,ec,7e,55,20,c9,26,2d,03,53,f7,19, a9,0c,4e,25,da,ec,7e,55,20,c9,26,97,39,bf,81,1b,dd,cb,1e,ff,7c,85,e0,43,d4,\[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32*]"ThreadingModel"="Apartment"@="c:\\WINDOWS\\system32\\OLE32.DLL""2582ae41fb52324423be06337561aa48"=hex:3e,1e,9e,e0,57,5a,93,61,d7,de,8a,0e,6b, eb,f0,93,3e,1e,9e,e0,57,5a,93,61,ea,51,06,2b,0d,0f,1c,d1,86,8c,21,01,be,91,\[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32*]"ThreadingModel"="Apartment"@="c:\\WINDOWS\\system32\\OLE32.DLL""caaeda5fd7a9ed7697d9686d4b818472"=hex:f5,1d,4d,73,a8,13,5c,05,4e,00,53,05,3a, 0c,0f,a3,cd,44,cd,b9,a6,33,6c,cd,46,d7,da,14,3a,37,a8,0a,f5,1d,4d,73,a8,13,\[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32*]"ThreadingModel"="Apartment"@="c:\\WINDOWS\\system32\\OLE32.DLL""a4a1bcf2cc2b8bc3716b74b2b4522f5d"=hex:b0,18,ed,a7,3f,8d,37,a4,21,bf,cb,bd,27, db,c5,b6,b0,18,ed,a7,3f,8d,37,a4,ac,71,ed,76,68,38,a3,cf,df,20,58,62,78,6b,\[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32*]"ThreadingModel"="Apartment"@="c:\\WINDOWS\\system32\\OLE32.DLL""4d370831d2c43cd13623e232fed27b7b"=hex:fb,a7,78,e6,12,2f,9a,ea,af,c1,31,8e,f5, 7e,48,53,31,77,e1,ba,b1,f8,68,02,0a,43,66,cc,04,16,9f,59,fb,a7,78,e6,12,2f,\[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32*]"ThreadingModel"="Apartment"@="c:\\WINDOWS\\system32\\OLE32.DLL""1d68fe701cdea33e477eb204b76f993d"=hex:01,3a,48,fc,e8,04,4a,f1,84,62,66,f2,ae, b1,4d,11,83,6c,56,8b,a0,85,96,ab,80,e2,85,e7,56,03,dc,52,01,3a,48,fc,e8,04,\[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32*]"ThreadingModel"="Apartment"@="c:\\WINDOWS\\system32\\OLE32.DLL""1fac81b91d8e3c5aa4b0a51804d844a3"=hex:b2,46,9a,e2,1b,fe,1b,94,1f,4e,1e,47,3e, a7,7f,ec,51,fa,6e,91,28,9e,14,cc,5a,8a,2f,5a,cc,f1,b8,6e,f6,0f,4e,58,98,5b,\[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32*]"ThreadingModel"="Apartment"@="c:\\WINDOWS\\system32\\OLE32.DLL""f5f62a6129303efb32fbe080bb27835b"=hex:b1,cd,45,5a,a8,c4,f8,b9,ef,3b,c7,ac,19, 18,05,e5,b1,cd,45,5a,a8,c4,f8,b9,b9,36,b6,4e,1a,42,4f,4a,3d,ce,ea,26,2d,45,\[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32*]"ThreadingModel"="Apartment"@="c:\\WINDOWS\\system32\\OLE32.DLL""fd4e2e1a3940b94dceb5a6a021f2e3c6"=hex:2a,b7,cc,b5,b9,7f,41,e7,c0,fc,e2,07,4f, 5a,cb,24,e3,0e,66,d5,eb,bc,2f,6b,ce,ef,a4,15,55,5c,7f,b0,2a,b7,cc,b5,b9,7f,\[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32*]"ThreadingModel"="Apartment"@="c:\\WINDOWS\\system32\\OLE32.DLL""8a8aec57dd6508a385616fbc86791ec2"=hex:6c,43,2d,1e,aa,22,2f,9c,24,37,b3,08,b3, 24,b6,c9,fa,ea,66,7f,d4,3b,6b,70,46,6c,8d,bf,e3,f3,ca,cb,6c,43,2d,1e,aa,22,\.--------------------- Pliki DLL -adowane pod uruchomionymi procesami ---------------------- - - - - - - > 'winlogon.exe'(1104)c:\windows\system32\klogon.dll.Czas uko˝czenia: 2009-01-15 22:29:12ComboFix-quarantined-files.txt 2009-01-15 21:28:31ComboFix2.txt 2009-01-12 18:27:01Przed: 2 180 399 104 bajtów wolnychPo: 3,569,078,272 bajtów wolnych422 Dziękuje z góry i pozdrawiam .
Durango24 komentarz 15 stycznia 2009 komentarz 15 stycznia 2009 jak nie masz tam nic waznego to zrob sobie format...pozbedziesz sie wirusów. //Daruj sobie takie teksty, bo warn będzie.. //Andziorka
Psycholandia komentarz 15 stycznia 2009 komentarz 15 stycznia 2009 Pobierz ten program: http://www.instalki.pl/programy/download/a...Disinfector.php, włóż pendrive i włącz program, on Ci go oczyści z wirusów. A na sprawdzenie logów poczekaj na specjalistów, nie formatuj jak wyżej pisał
Mateusz J. komentarz 15 stycznia 2009 komentarz 15 stycznia 2009 widać wirusa pochodzącego z pendrive, ale został on usunięty proszę wykonać post Andziorki następnie start => uruchom => cmd => wpisujesz DIR /A:H => ATTRIB -S -H nazwa pliku, który został wyświetlony (wpisujesz to polecenie dopóki wszystkie pliki ukryte nie zostaną "odkryte") następnie przechodzisz na pendrive i usuwasz wszystkie te pliki Jeśli podpinasz pendrive do wielu komputerów takie usuwanie nic nie da, wirusy będą wracać.
don komentarz 16 stycznia 2009 Autor komentarz 16 stycznia 2009 Dziękuje Wam za pomoc, ale mam jeszcze pytanie, mianowicie: jest może jakiś sposób aby zabezpieczyć komputer przed wirusami które pochodzą z pendriva? Mam kasperskiego ale nie wiem czy to coś pomoże:| ?
Psycholandia komentarz 17 stycznia 2009 komentarz 17 stycznia 2009 Ja mam Noda32 i jak wkładam zawirusowanego Pendrive to jest alert i antywirus usuwa robale. Kaspersky Ci nie wykrywa nic jak wkładasz zawirusowanego Pandrive?
Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!
Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.