x-kom hosting

Proszę o sprawdzenie loga.

don
utworzono
utworzono

Witam, już miałem usuniętego wirusa za pomocą właśnie tego forum więc pomyślałem że to samo możecie zrobić z moim pendrivem. Nie wiem co tak dokładnie jest na tym pendrivie ale ponoć jest zawirusowany. Bardzo proszę o sprawdzenie tego loga.

ComboFix 09-01-11.04 - Don 2009-01-15 22:24:26.3 - NTFSx86Microsoft Windows XP Professional  5.1.2600.3.1250.1.1045.18.1022.689 [GMT 1:00]Uruchomiony z: e:\download\ComboFix.exeAV: Kaspersky Internet Security *On-access scanning disabled* (Outdated)FW: Kaspersky Internet Security *disabled*[b]UWAGA - TEN KOMPUTER NIE MA ZAINSTALOWANEJ KONSOLI ODZYSKIWANIA !![/b].(((((((((((((((((((((((((((((((((((((((   Usuniŕto   ))))))))))))))))))))))))))))))))))))))))))))))))).J:\abk.bat.(((((((((((((((((((((((((   Pliki utworzone od 2008-12-15 do 2009-01-15  ))))))))))))))))))))))))))))))).2009-01-15 20:48 . 2009-01-15 20:48	<DIR>	d--------	c:\windows\LastGood2009-01-14 23:46 . 2009-01-14 23:46	<DIR>	d--------	c:\program files\Sports Interactive2009-01-12 20:09 . 2009-01-12 20:09	<DIR>	d--------	c:\program files\Nero2009-01-12 19:46 . 2009-01-12 19:46	290	--a------	C:\FIX.REG2009-01-12 18:43 . 2009-01-12 18:43	<DIR>	d--------	C:\DVR2162009-01-12 16:29 . 2008-06-24 12:45	1,414,440	--a------	c:\windows\system32\ShellManager310E2D762.dll2009-01-12 16:29 . 2008-06-23 16:36	773,120	--a------	c:\windows\system32\NEROINSTAEC43759.DB2009-01-12 16:28 . 2009-01-12 16:28	0	--a------	c:\windows\Irremote.ini2009-01-12 12:41 . 2009-01-12 12:40	410,984	--a------	c:\windows\system32\deploytk.dll2009-01-11 22:13 . 2009-01-11 22:13	<DIR>	d--------	c:\documents and settings\Don\Dane aplikacji\Nero2009-01-11 22:05 . 2009-01-12 20:10	<DIR>	d--------	c:\program files\Common Files\Nero2009-01-11 22:05 . 2009-01-12 20:09	<DIR>	d--------	c:\documents and settings\All Users\Dane aplikacji\Nero2009-01-10 14:34 . 2009-01-10 14:34	<DIR>	d--------	c:\documents and settings\All Users\Dane aplikacji\2DBoy2009-01-04 15:37 . 2009-01-04 15:37	<DIR>	d--------	c:\program files\Tortun2008-12-29 18:37 . 2008-10-10 04:52	4,379,984	--a------	c:\windows\system32\D3DX9_40.dll2008-12-29 18:37 . 2008-10-10 04:52	2,036,576	--a------	c:\windows\system32\D3DCompiler_40.dll2008-12-29 18:37 . 2008-10-27 10:04	514,384	--a------	c:\windows\system32\XAudio2_3.dll2008-12-29 18:37 . 2008-10-10 04:52	452,440	--a------	c:\windows\system32\d3dx10_40.dll2008-12-29 18:37 . 2008-10-27 10:04	235,856	--a------	c:\windows\system32\xactengine3_3.dll2008-12-29 18:37 . 2008-10-27 10:04	70,992	--a------	c:\windows\system32\XAPOFX1_2.dll2008-12-29 18:37 . 2008-10-27 10:04	23,376	--a------	c:\windows\system32\X3DAudio1_5.dll2008-12-29 16:28 . 2008-12-29 16:28	<DIR>	d--h-----	c:\windows\system32\GroupPolicy2008-12-20 22:55 . 2008-07-09 09:05	421,888	--a------	c:\windows\system32\ac3filter.acm2008-12-20 13:31 . 2008-12-20 13:38	96,976	--a------	c:\windows\system32\drivers\klin.dat2008-12-20 13:31 . 2008-12-20 13:38	87,855	--a------	c:\windows\system32\drivers\klick.dat2008-12-20 13:30 . 2009-01-15 12:04	<DIR>	d--------	c:\documents and settings\All Users\Dane aplikacji\Kaspersky Lab2008-12-20 13:30 . 2009-01-15 22:00	5,501,472	--ahs----	c:\windows\system32\drivers\fidbox.dat2008-12-20 13:30 . 2009-01-15 00:22	745,504	--ahs----	c:\windows\system32\drivers\fidbox2.dat2008-12-20 13:30 . 2009-01-15 22:00	46,156	--ahs----	c:\windows\system32\drivers\fidbox.idx2008-12-20 13:30 . 2009-01-15 00:22	5,724	--ahs----	c:\windows\system32\drivers\fidbox2.idx2008-12-20 13:27 . 2008-12-20 13:27	<DIR>	d--------	c:\documents and settings\All Users\Dane aplikacji\Kaspersky Lab Setup Files2008-12-16 19:01 . 2008-12-16 19:01	2,626	--a------	c:\windows\basavr.ini.((((((((((((((((((((((((((((((((((((((((   Sekcja Find3M   )))))))))))))))))))))))))))))))))))))))))))))))))))).2009-01-15 20:47	---------	d-----w	c:\documents and settings\Don\Dane aplikacji\uTorrent2009-01-15 19:46	---------	d-----w	c:\program files\Common Files\Wise Installation Wizard2009-01-15 19:45	---------	d-----w	c:\program files\AGEIA Technologies2009-01-12 16:02	---------	d-----w	c:\documents and settings\All Users\Dane aplikacji\CanonIJPLM2009-01-12 11:40	---------	d-----w	c:\program files\Java2009-01-11 20:35	---------	d-----w	c:\program files\Ahead2009-01-06 19:56	---------	d-----w	c:\program files\CCleaner2009-01-06 19:52	---------	d-----w	c:\documents and settings\Don\Dane aplikacji\Simply Super Software2009-01-03 15:06	---------	d--h--w	c:\program files\InstallShield Installation Information2008-12-29 15:32	---------	d-----w	c:\documents and settings\Don\Dane aplikacji\Winamp2008-12-22 11:50	---------	d-----w	c:\documents and settings\All Users\Dane aplikacji\CanonIJ2008-12-20 21:55	---------	d-----w	c:\program files\AC3Filter2008-12-14 20:14	---------	d-----w	c:\documents and settings\All Users\Dane aplikacji\IM2008-12-14 20:13	---------	d-----w	c:\documents and settings\All Users\Dane aplikacji\IncrediMail2008-12-13 17:26	1,700,352	----a-w	c:\windows\system32\gdiplus.dll2008-12-08 17:30	---------	d-----w	c:\program files\Microsoft Games for Windows - LIVE2008-12-07 22:12	---------	d-----w	c:\program files\DivX2008-12-03 15:30	---------	d-----w	c:\program files\Common Files\Blizzard Entertainment2008-12-02 14:35	---------	d-----w	c:\documents and settings\All Users\Dane aplikacji\Blizzard2008-12-02 09:13	453,152	----a-w	c:\windows\system32\NVUNINST.EXE2008-11-27 11:48	---------	d-----w	c:\documents and settings\Don\Dane aplikacji\Red Alert 32008-11-26 11:20	183,112	----a-w	c:\windows\system32\PnkBstrB.exe2008-11-26 11:20	138,184	----a-w	c:\windows\system32\drivers\PnkBstrK.sys2008-11-21 21:47	524,288	----a-w	c:\windows\system32\DivXsm.exe2008-11-21 21:47	3,596,288	----a-w	c:\windows\system32\qt-dx331.dll2008-11-21 21:46	200,704	----a-w	c:\windows\system32\ssldivx.dll2008-11-21 21:46	1,044,480	----a-w	c:\windows\system32\libdivx.dll2008-11-21 21:44	161,096	----a-w	c:\windows\system32\DivXCodecVersionChecker.exe2008-11-21 21:44	12,288	----a-w	c:\windows\system32\DivXWMPExtType.dll2008-11-17 18:55	---------	d-----w	c:\documents and settings\All Users\Dane aplikacji\Codemasters2008-11-17 18:53	---------	d-----w	c:\documents and settings\All Users\Dane aplikacji\Ubisoft2008-11-15 12:30	---------	d-----w	c:\documents and settings\Don\Dane aplikacji\Sports Interactive2008-11-15 12:01	---------	d-----w	c:\documents and settings\All Users\Dane aplikacji\Sports Interactive2008-10-28 16:41	14,303,392	----a-w	c:\windows\system32\xlive.dll2008-10-28 16:41	13,643,936	----a-w	c:\windows\system32\xlivefnt.dll2008-10-20 12:53	66,872	----a-w	c:\windows\system32\PnkBstrA.exe2008-10-20 12:53	22,328	----a-w	c:\documents and settings\Don\Dane aplikacji\PnkBstrK.sys2008-10-20 12:53	2,250,024	----a-w	c:\windows\system32\pbsvc.exe2008-10-17 08:29	70,936	----a-w	c:\windows\system32\PhysXLoader.dll2008-10-15 08:04	288,024	----a-w	c:\windows\system32\PhysXCplUI.exe2008-10-15 08:04	288,024	----a-w	c:\windows\system32\PhysXCompatCplUI.exe2004-10-01 13:00	40,960	----a-w	c:\program files\Uninstall_CDS.exe.(((((((((((((((((((((((((((((   snapshot@2009-01-12_19.26.07.98   ))))))))))))))))))))))))))))))))))))))))).- 2008-12-20 21:03:09	53,248	----a-w	c:\windows\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.AudioVideoPlayback.dll+ 2009-01-15 19:48:21	53,248	----a-w	c:\windows\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.AudioVideoPlayback.dll- 2008-12-20 21:03:09	12,800	----a-w	c:\windows\assembly\GAC\Microsoft.DirectX.Diagnostics\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Diagnostics.dll+ 2009-01-15 19:48:21	12,800	----a-w	c:\windows\assembly\GAC\Microsoft.DirectX.Diagnostics\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Diagnostics.dll- 2008-12-20 21:03:09	473,600	----a-w	c:\windows\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3D.dll+ 2009-01-15 19:48:21	473,600	----a-w	c:\windows\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3D.dll- 2008-12-20 21:03:05	2,676,224	----a-w	c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll+ 2009-01-15 19:48:15	2,676,224	----a-w	c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll- 2008-12-20 21:03:06	2,846,720	----a-w	c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2903.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll+ 2009-01-15 19:48:17	2,846,720	----a-w	c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2903.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll- 2008-12-20 21:03:06	563,712	----a-w	c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2904.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll+ 2009-01-15 19:48:17	563,712	----a-w	c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2904.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll- 2008-12-20 21:03:06	567,296	----a-w	c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2905.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll+ 2009-01-15 19:48:18	567,296	----a-w	c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2905.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll- 2008-12-20 21:03:07	576,000	----a-w	c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2906.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll+ 2009-01-15 19:48:18	576,000	----a-w	c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2906.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll- 2008-12-20 21:03:07	577,024	----a-w	c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2907.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll+ 2009-01-15 19:48:19	577,024	----a-w	c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2907.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll- 2008-12-20 21:03:07	577,536	----a-w	c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2908.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll+ 2009-01-15 19:48:19	577,536	----a-w	c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2908.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll- 2008-12-20 21:03:08	577,536	----a-w	c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2909.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll+ 2009-01-15 19:48:20	577,536	----a-w	c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2909.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll- 2008-12-20 21:03:08	578,560	----a-w	c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2910.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll+ 2009-01-15 19:48:20	578,560	----a-w	c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2910.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll- 2008-12-20 21:03:09	578,560	----a-w	c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2911.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll+ 2009-01-15 19:48:21	578,560	----a-w	c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2911.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll- 2008-12-20 21:03:10	145,920	----a-w	c:\windows\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectDraw.dll+ 2009-01-15 19:48:21	145,920	----a-w	c:\windows\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectDraw.dll- 2008-12-20 21:03:10	159,232	----a-w	c:\windows\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectInput.dll+ 2009-01-15 19:48:22	159,232	----a-w	c:\windows\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectInput.dll- 2008-12-20 21:03:10	364,544	----a-w	c:\windows\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectPlay.dll+ 2009-01-15 19:48:22	364,544	----a-w	c:\windows\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectPlay.dll- 2008-12-20 21:03:10	178,176	----a-w	c:\windows\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectSound.dll+ 2009-01-15 19:48:22	178,176	----a-w	c:\windows\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectSound.dll- 2008-12-20 21:03:09	223,232	----a-w	c:\windows\assembly\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.dll+ 2009-01-15 19:48:21	223,232	----a-w	c:\windows\assembly\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.dll+ 2009-01-15 20:22:19	302,430	----a-r	c:\windows\Installer\{AEDBD563-24BB-4EE3-8366-A654DAC2D988}\ME_Icon.exe+ 2007-03-12 15:42:30	1,123,696	----a-w	c:\windows\LastGood\system32\D3DCompiler_33.dll+ 2007-05-16 15:45:16	1,124,720	----a-w	c:\windows\LastGood\system32\D3DCompiler_34.dll+ 2007-07-19 17:14:42	1,358,192	----a-w	c:\windows\LastGood\system32\D3DCompiler_35.dll+ 2007-03-15 15:57:58	443,752	----a-w	c:\windows\LastGood\system32\d3dx10_33.dll+ 2007-05-16 15:45:16	443,752	----a-w	c:\windows\LastGood\system32\d3dx10_34.dll+ 2007-07-19 17:14:42	444,776	----a-w	c:\windows\LastGood\system32\d3dx10_35.dll+ 2005-02-05 18:45:26	2,222,800	----a-w	c:\windows\LastGood\system32\d3dx9_24.dll+ 2005-03-18 16:19:58	2,337,488	----a-w	c:\windows\LastGood\system32\d3dx9_25.dll+ 2005-05-26 14:34:52	2,297,552	----a-w	c:\windows\LastGood\system32\d3dx9_26.dll+ 2005-07-22 18:59:04	2,319,568	----a-w	c:\windows\LastGood\system32\d3dx9_27.dll+ 2005-12-05 17:09:18	2,323,664	----a-w	c:\windows\LastGood\system32\d3dx9_28.dll+ 2006-02-03 07:43:16	2,332,368	----a-w	c:\windows\LastGood\system32\d3dx9_29.dll+ 2006-03-31 11:40:58	2,388,176	----a-w	c:\windows\LastGood\system32\d3dx9_30.dll+ 2006-09-28 15:05:20	2,414,360	----a-w	c:\windows\LastGood\system32\d3dx9_31.dll+ 2006-11-29 12:06:18	3,426,072	----a-w	c:\windows\LastGood\system32\d3dx9_32.dll+ 2007-03-12 15:42:30	3,495,784	----a-w	c:\windows\LastGood\system32\d3dx9_33.dll+ 2007-05-16 15:45:16	3,497,832	----a-w	c:\windows\LastGood\system32\d3dx9_34.dll+ 2007-07-19 17:14:42	3,727,720	----a-w	c:\windows\LastGood\system32\d3dx9_35.dll+ 2006-02-03 07:41:26	14,032	----a-w	c:\windows\LastGood\system32\x3daudio1_0.dll+ 2007-03-05 11:42:18	15,128	----a-w	c:\windows\LastGood\system32\x3daudio1_1.dll+ 2007-10-22 02:37:16	17,928	----a-w	c:\windows\LastGood\system32\x3daudio1_2.dll+ 2006-02-03 07:42:06	230,096	----a-w	c:\windows\LastGood\system32\xactengine2_0.dll+ 2006-03-31 11:39:48	229,584	----a-w	c:\windows\LastGood\system32\xactengine2_1.dll+ 2006-05-31 06:24:16	230,168	----a-w	c:\windows\LastGood\system32\xactengine2_2.dll+ 2006-07-28 08:30:32	236,824	----a-w	c:\windows\LastGood\system32\xactengine2_3.dll+ 2006-09-28 15:05:56	237,848	----a-w	c:\windows\LastGood\system32\xactengine2_4.dll+ 2006-12-08 11:02:00	251,672	----a-w	c:\windows\LastGood\system32\xactengine2_5.dll+ 2007-01-24 14:27:30	255,848	----a-w	c:\windows\LastGood\system32\xactengine2_6.dll+ 2007-04-04 17:55:00	261,480	----a-w	c:\windows\LastGood\system32\xactengine2_7.dll+ 2007-06-20 19:46:04	266,088	----a-w	c:\windows\LastGood\system32\xactengine2_8.dll+ 2007-07-19 23:57:12	267,112	----a-w	c:\windows\LastGood\system32\xactengine2_9.dll+ 2006-03-31 11:39:24	62,672	----a-w	c:\windows\LastGood\system32\xinput1_1.dll+ 2006-07-28 08:30:14	62,744	----a-w	c:\windows\LastGood\system32\xinput1_2.dll+ 2007-04-04 17:53:42	81,768	----a-w	c:\windows\LastGood\system32\xinput1_3.dll+ 2005-12-05 17:07:30	61,136	----a-w	c:\windows\LastGood\system32\xinput9_1_0.dll- 2007-07-23 07:03:30	53,248	------w	c:\windows\system32\AgCPanelFrench.dll+ 2008-10-07 08:13:20	58,648	----a-w	c:\windows\system32\AgCPanelFrench.dll- 2007-07-23 07:03:30	53,248	------w	c:\windows\system32\AgCPanelGerman.dll+ 2008-10-07 08:13:20	58,648	----a-w	c:\windows\system32\AgCPanelGerman.dll- 2007-07-23 07:03:30	53,248	------w	c:\windows\system32\AgCPanelJapanese.dll+ 2008-10-07 08:13:20	58,648	----a-w	c:\windows\system32\AgCPanelJapanese.dll- 2007-07-23 07:03:30	53,248	------w	c:\windows\system32\AgCPanelKorean.dll+ 2008-10-07 08:13:20	58,648	----a-w	c:\windows\system32\AgCPanelKorean.dll- 2007-07-23 07:03:30	53,248	------w	c:\windows\system32\AgCPanelPortugese.dll+ 2008-10-07 08:13:20	58,648	----a-w	c:\windows\system32\AgCPanelPortugese.dll- 2007-07-23 07:03:30	53,248	------w	c:\windows\system32\AgCPanelSimplifiedChinese.dll+ 2008-10-07 08:13:20	58,648	----a-w	c:\windows\system32\AgCPanelSimplifiedChinese.dll- 2007-07-23 07:03:32	53,248	------w	c:\windows\system32\AgCPanelSpanish.dll+ 2008-10-07 08:13:20	58,648	----a-w	c:\windows\system32\AgCPanelSpanish.dll- 2007-07-23 07:03:32	53,248	------w	c:\windows\system32\AgCPanelSwedish.dll+ 2008-10-07 08:13:20	58,648	----a-w	c:\windows\system32\AgCPanelSwedish.dll- 2007-07-23 07:03:32	53,248	------w	c:\windows\system32\AgCPanelTraditionalChinese.dll+ 2008-10-07 08:13:22	58,648	----a-w	c:\windows\system32\AgCPanelTraditionalChinese.dll+ 2008-06-08 07:37:46	11,304	----a-w	c:\windows\system32\drivers\imagedrv.sys+ 2008-06-08 07:37:56	132,904	----a-w	c:\windows\system32\drivers\imagesrv.sys+ 2006-03-17 10:45:52	1,757,184	----a-w	c:\windows\system32\imagX7.dll+ 2006-03-17 10:45:54	497,296	----a-w	c:\windows\system32\imagXpr7.dll+ 2006-03-17 10:45:54	258,048	----a-w	c:\windows\system32\imagXR7.dll+ 2006-03-17 10:45:54	802,816	----a-w	c:\windows\system32\imagXRA7.dll+ 2006-12-19 08:30:26	81,920	----a-w	c:\windows\system32\IoctlSvc.exe+ 2008-06-06 12:54:26	95,600	----a-w	c:\windows\system32\NeroCo.dll+ 2008-10-07 08:13:30	197,912	----a-w	c:\windows\system32\physxcudart_20.dll+ 2008-10-07 08:13:28	23,320	----a-w	c:\windows\system32\PhysXDevice.dll+ 2006-03-17 13:49:46	368,640	----a-w	c:\windows\system32\TwnLib4.dll+ 2009-01-15 11:03:55	16,384	----atw	c:\windows\Temp\Perflib_Perfdata_194.dat+ 2009-01-15 11:03:53	16,384	----atw	c:\windows\Temp\Perflib_Perfdata_770.dat+ 2007-03-20 19:22:04	972,336	----a-w	c:\windows\UNNeroBackItUp.exe.-- Migawka wyzerowana --.(((((((((((((((((((((((((((((((((((((   Wpisy startowe rejestru   ))))))))))))))))))))))))))))))))))))))))))))))))))..*Uwaga* puste wpisy oraz domyťlne, prawid-owe wpisy nie s¦ pokazane REGEDIT4[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-03 15360]"Gadu-Gadu"="d:\gadu-gadu\gg.exe" [2008-12-29 2127296]"Steam"="d:\steam\steam.exe" [2008-10-08 1410296][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-12-02 13680640]"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2006-05-08 843776]"RemoteControl"="c:\program files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe" [2004-11-02 32768]"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-01-12 136600]"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-12-02 86016]"AVP"="d:\kaspersky lab\Kaspersky Internet Security 2009\avp.exe" [2008-04-25 201992]"NeroFilterCheck"="c:\program files\Common Files\Nero\Lib\NeroCheck.exe" [2008-11-06 570664]"NBKeyScan"="c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2008-12-02 2221352]"nwiz"="nwiz.exe" [2008-12-02 c:\windows\system32\nwiz.exe][HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-03 15360]c:\documents and settings\All Users\Menu Start\Programy\Autostart\Adobe Reader Speed Launch.lnk - d:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 29696]GammaTray.lnk - c:\program files\MagicTune Premium\GammaTray.exe [2008-04-13 36864]Kalendarz XP.lnk - d:\program files\Kalendarz XP\Kalendarz.exe [2008-04-13 882176]Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\KEM.exe [2008-04-12 581632]NCProTray.lnk - c:\program files\SEC\Natural Color Pro\NCProTray.exe [2008-04-13 49220][HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]"vidc.mjpg"= pvmjpg30.dll"msacm.ac3filter"= ac3filter.acm[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonMyPrinter]--a------ 2008-03-17 17:06 1848648 c:\program files\Canon\MyPrinter\BJMYPRT.EXE[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonSolutionMenu]--a------ 2008-03-10 17:20 689488 c:\program files\Canon\SolutionMenu\CNSLMAIN.EXE[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite]-ra------ 2006-11-24 00:06 487424 d:\sony ericsson\Mobile2\Application Launcher\Application Launcher.exe[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]"DisableMonitoring"=dword:00000001[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]"EnableFirewall"= 0 (0x0)[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]"%windir%\\system32\\sessmgr.exe"="c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"="c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"="c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"="%windir%\\Network Diagnostic\\xpnetdiag.exe"="d:\\Program Files\\IncrediMail\\bin\\ImApp.exe"="d:\\Program Files\\IncrediMail\\bin\\IncMail.exe"="d:\\Program Files\\IncrediMail\\bin\\ImpCnt.exe"="c:\\Program Files\\Bonjour\\mDNSResponder.exe"="c:\\WINDOWS\\system32\\PnkBstrA.exe"="c:\\WINDOWS\\system32\\PnkBstrB.exe"="c:\\Program Files\\uTorrent\\uTorrent.exe"="d:\\Program Files\\SopCast\\SopCast.exe"="d:\\Program Files\\SopCast\\adv\\SopAdver.exe"="d:\\Mass Effect\\Binaries\\MassEffect.exe"="d:\\Mass Effect\\MassEffectLauncher.exe"="c:\\Program Files\\VentSrv\\ventrilo_srv.exe"="d:\\BearShare\\BearShare.exe"="d:\\Program Files\\Pinnacle\\Studio 12\\Programs\\RM.exe"="d:\\Program Files\\Pinnacle\\Studio 12\\Programs\\Studio.exe"="d:\\Program Files\\Pinnacle\\Studio 12\\Programs\\umi.exe"="d:\\Steam\\steamapps\\zel10@wp.pl\\counter-strike\\hl.exe"="d:\\Steam\\steamapps\\zel10@wp.pl\\day of defeat\\hl.exe"="d:\\Steam\\steamapps\\zel10@wp.pl\\half-life\\hl.exe"="c:\\Program Files\\Mozilla Firefox\\firefox.exe"="d:\\Activision\\Call of Duty - World at War\\CoDWaWmp.exe"="d:\\Activision\\Call of Duty - World at War\\CoDWaW.exe"="c:\\Documents and Settings\\All Users\\Dane aplikacji\\Kaspersky Lab Setup Files\\Kaspersky Internet Security 2009\\Polish\\setup.exe"="d:\\Sports Interactive\\Football Manager 2009\\fm.exe"="d:\\EA Games\\Mirror's Edge\\Binaries\\MirrorsEdge.exe"=[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]"10980:TCP"= 10980:TCP:BitComet 10980 TCP"10980:UDP"= 10980:UDP:BitComet 10980 UDPR0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [2008-01-29 32784]R0 pavboot;pavboot;c:\windows\system32\drivers\pavboot.sys [2008-10-26 28544]R3 KLFLTDEV;Kaspersky Lab KLFltDev;c:\windows\system32\drivers\klfltdev.sys [2008-03-13 26640]R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [2008-03-25 24592]R4 ABBYY.Licensing.FineReader.Professional.9.0;Usługa licencjonowania programu ABBYY FineReader 9.0;d:\program files\ABBYY FineReader 9.0\NetworkLicenseServer.exe [2007-09-24 566560]S3 hid8101;hid8101;c:\windows\system32\drivers\system32.sys [2008-10-09 64880]S3 P730C;P730C;c:\windows\system32\drivers\P730C.sys [2008-05-27 25300]S3 P730M;P730M;c:\windows\system32\drivers\P730M.sys [2008-05-27 25300]S3 P730U;P730U;c:\windows\system32\drivers\P730U.sys [2008-05-27 49365]S3 RTLWUSB;Realtek RTL8187 Wireless 802.11g 54Mbps USB 2.0 Network Adapter;c:\windows\system32\drivers\RTL8187.sys [2008-04-13 169472]S4 IOPort;IOPort;\??\c:\windows\system32\DRIVERS\IOPORT.SYS --> c:\windows\system32\DRIVERS\IOPORT.SYS [?]..------- Skan uzupe-niaj¦cy -------.uStart Page = hxxp://mystart.incredimail.com/english/uInternet Settings,ProxyOverride = *.localIE: E&ksportuj do programu Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000c:\windows\system32\SkanerOnlineUninstall.exe - c:\windows\system32\SkanerOnline.dllO16 -: {68282C51-9459-467B-95BF-3C0E89627E55}hxxp://www.mks.com.pl/skaner/SkanerOnline.cabc:\windows\Downloaded Program Files\SkanerOnline.infFF - ProfilePath - c:\documents and settings\Don\Dane aplikacji\Mozilla\Firefox\Profiles\celt609w.default\FF - prefs.js: browser.search.selectedEngine - GoogleFF - prefs.js: browser.startup.homepage - hxxp://www.google.pl/FF - prefs.js: keyword.URL - hxxp://mystart.incredimail.com/?loc=ff_address_bar_fs&search=FF - plugin: d:\program files\Adobe\Acrobat 7.0\Reader\browser\nppdf32.dll.**************************************************************************catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.netRootkit scan 2009-01-15 22:26:47Windows 5.1.2600 Dodatek Service Pack 3 NTFSskanowanie ukrytych procesˇw ... skanowanie ukrytych wpisˇw autostartu ...skanowanie ukrytych plikˇw ... skanowanie pomyťlnie uko˝czoneukryte pliki: 0**************************************************************************.--------------------- ZABLOKOWANE KLUCZE REJESTRU ---------------------[HKEY_USERS\S-1-5-21-1606980848-1532298954-839522115-1003\Software\G*e*n*i*e*"!\FM Genie Scout 2009 XE]"GameDir"="c:\\Documents and Settings\\Don\\Moje dokumenty\\Sports Interactive\\Football Manager 2009\\games""ShortlistDir"="c:\\Documents and Settings\\Don\\Moje dokumenty\\Sports Interactive\\Football Manager 2009\\shortlists""ScreenshotsDir"="c:\\Documents and Settings\\Don\\Moje dokumenty\\Sports Interactive\\Football Manager 2009""SaveDir"="c:\\Documents and Settings\\Don\\Moje dokumenty\\Sports Interactive\\Football Manager 2009\\""HistoryDir"="e:\\Download\\fm_genie_scout_2009_xe\\FM Genie Scout 2009 XE\\History Points""LangDB"="d:\\Sports Interactive\\Football Manager 2009\\data\\updates\\update-910\\db\\910\\lang_db.dat""LastSaveGame"="c:\\Documents and Settings\\Don\\Moje dokumenty\\Sports Interactive\\Football Manager 2009\\games\\roma.fm""Language"="English""LoadLangDB"=dword:00000001"CompressHistoryPoints"=dword:00000000"HighlightedAttributes"=dword:00000000"MinCondition"=dword:00000050"SkinName"="Champions League""LastUpdateCheck"=dword:00000000"HighQualityGUI"=dword:00000001"AutomaticallyUpdateCheck"=dword:00000001"AdvancedGeneration"=dword:00000000"TranslateStaffSkills"=dword:00000001"TranslatePlayerSkills"=dword:00000001"TranslatePositions"=dword:00000001"ShowHistory"=dword:00000001"Version"=dword:00000066"UniqueID"="58-FFC5-2433""UseProxy"=dword:00000000"ProxyHost"="""ProxyPort"="""UseAuthentication"=dword:00000000"UserName"="""UserPassword"="""Currency"=dword:0000003f[HKEY_USERS\S-1-5-21-1606980848-1532298954-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\CLSID]@Denied: (Full) (LocalSystem)[HKEY_USERS\S-1-5-21-1606980848-1532298954-839522115-1003\Software\SecuROM\License information*]"datasecu"=hex:de,12,7b,b7,1a,3b,2f,2b,38,5f,56,85,ef,e0,31,4f,f2,67,d2,b2,78,   f5,e8,f0,97,8d,5f,31,30,07,dd,00,b5,84,49,6e,17,97,ee,99,e6,1d,23,04,a3,96,\"rkeysecu"=hex:b4,7b,d0,07,32,f3,d8,df,15,3d,5a,77,36,64,86,4c[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32*]"ThreadingModel"="Apartment"@="c:\\WINDOWS\\system32\\OLE32.DLL""cd042efbbd7f7af1647644e76e06692b"=hex:e2,63,26,f1,3f,c8,ff,68,54,9d,38,bc,18,   85,5e,1f,c8,28,51,af,b0,29,a3,98,c9,41,16,db,d3,2c,b6,ca,e2,63,26,f1,3f,c8,\[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32*]"ThreadingModel"="Apartment"@="c:\\WINDOWS\\system32\\OLE32.DLL""bca643cdc5c2726b20d2ecedcc62c59b"=hex:6a,9c,d6,61,af,45,84,18,3a,13,47,bf,f0,   a1,4a,87,71,3b,04,66,8b,46,0d,96,ce,11,90,dc,23,cc,e9,58,6a,9c,d6,61,af,45,\[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32*]"ThreadingModel"="Apartment"@="c:\\WINDOWS\\system32\\OLE32.DLL""2c81e34222e8052573023a60d06dd016"=hex:25,da,ec,7e,55,20,c9,26,2d,03,53,f7,19,   a9,0c,4e,25,da,ec,7e,55,20,c9,26,97,39,bf,81,1b,dd,cb,1e,ff,7c,85,e0,43,d4,\[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32*]"ThreadingModel"="Apartment"@="c:\\WINDOWS\\system32\\OLE32.DLL""2582ae41fb52324423be06337561aa48"=hex:3e,1e,9e,e0,57,5a,93,61,d7,de,8a,0e,6b,   eb,f0,93,3e,1e,9e,e0,57,5a,93,61,ea,51,06,2b,0d,0f,1c,d1,86,8c,21,01,be,91,\[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32*]"ThreadingModel"="Apartment"@="c:\\WINDOWS\\system32\\OLE32.DLL""caaeda5fd7a9ed7697d9686d4b818472"=hex:f5,1d,4d,73,a8,13,5c,05,4e,00,53,05,3a,   0c,0f,a3,cd,44,cd,b9,a6,33,6c,cd,46,d7,da,14,3a,37,a8,0a,f5,1d,4d,73,a8,13,\[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32*]"ThreadingModel"="Apartment"@="c:\\WINDOWS\\system32\\OLE32.DLL""a4a1bcf2cc2b8bc3716b74b2b4522f5d"=hex:b0,18,ed,a7,3f,8d,37,a4,21,bf,cb,bd,27,   db,c5,b6,b0,18,ed,a7,3f,8d,37,a4,ac,71,ed,76,68,38,a3,cf,df,20,58,62,78,6b,\[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32*]"ThreadingModel"="Apartment"@="c:\\WINDOWS\\system32\\OLE32.DLL""4d370831d2c43cd13623e232fed27b7b"=hex:fb,a7,78,e6,12,2f,9a,ea,af,c1,31,8e,f5,   7e,48,53,31,77,e1,ba,b1,f8,68,02,0a,43,66,cc,04,16,9f,59,fb,a7,78,e6,12,2f,\[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32*]"ThreadingModel"="Apartment"@="c:\\WINDOWS\\system32\\OLE32.DLL""1d68fe701cdea33e477eb204b76f993d"=hex:01,3a,48,fc,e8,04,4a,f1,84,62,66,f2,ae,   b1,4d,11,83,6c,56,8b,a0,85,96,ab,80,e2,85,e7,56,03,dc,52,01,3a,48,fc,e8,04,\[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32*]"ThreadingModel"="Apartment"@="c:\\WINDOWS\\system32\\OLE32.DLL""1fac81b91d8e3c5aa4b0a51804d844a3"=hex:b2,46,9a,e2,1b,fe,1b,94,1f,4e,1e,47,3e,   a7,7f,ec,51,fa,6e,91,28,9e,14,cc,5a,8a,2f,5a,cc,f1,b8,6e,f6,0f,4e,58,98,5b,\[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32*]"ThreadingModel"="Apartment"@="c:\\WINDOWS\\system32\\OLE32.DLL""f5f62a6129303efb32fbe080bb27835b"=hex:b1,cd,45,5a,a8,c4,f8,b9,ef,3b,c7,ac,19,   18,05,e5,b1,cd,45,5a,a8,c4,f8,b9,b9,36,b6,4e,1a,42,4f,4a,3d,ce,ea,26,2d,45,\[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32*]"ThreadingModel"="Apartment"@="c:\\WINDOWS\\system32\\OLE32.DLL""fd4e2e1a3940b94dceb5a6a021f2e3c6"=hex:2a,b7,cc,b5,b9,7f,41,e7,c0,fc,e2,07,4f,   5a,cb,24,e3,0e,66,d5,eb,bc,2f,6b,ce,ef,a4,15,55,5c,7f,b0,2a,b7,cc,b5,b9,7f,\[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32*]"ThreadingModel"="Apartment"@="c:\\WINDOWS\\system32\\OLE32.DLL""8a8aec57dd6508a385616fbc86791ec2"=hex:6c,43,2d,1e,aa,22,2f,9c,24,37,b3,08,b3,   24,b6,c9,fa,ea,66,7f,d4,3b,6b,70,46,6c,8d,bf,e3,f3,ca,cb,6c,43,2d,1e,aa,22,\.--------------------- Pliki DLL -adowane pod uruchomionymi procesami ---------------------- - - - - - - > 'winlogon.exe'(1104)c:\windows\system32\klogon.dll.Czas uko˝czenia: 2009-01-15 22:29:12ComboFix-quarantined-files.txt  2009-01-15 21:28:31ComboFix2.txt  2009-01-12 18:27:01Przed: 2 180 399 104 bajtów wolnychPo: 3,569,078,272 bajtów wolnych422

Dziękuje z góry i pozdrawiam ;).

Durango24
komentarz
komentarz

jak nie masz tam nic waznego to zrob sobie format...pozbedziesz sie wirusów.

//Daruj sobie takie teksty, bo warn będzie..

//Andziorka

Psycholandia
komentarz
komentarz

Pobierz ten program: http://www.instalki.pl/programy/download/a...Disinfector.php, włóż pendrive i włącz program, on Ci go oczyści z wirusów. A na sprawdzenie logów poczekaj na specjalistów, nie formatuj jak wyżej pisał ;)

Mateusz J.
komentarz
komentarz

widać wirusa pochodzącego z pendrive, ale został on usunięty

proszę wykonać post Andziorki

następnie start => uruchom => cmd => wpisujesz

DIR /A:H => ATTRIB -S -H nazwa pliku, który został wyświetlony (wpisujesz to polecenie dopóki wszystkie pliki ukryte nie zostaną "odkryte")

następnie przechodzisz na pendrive i usuwasz wszystkie te pliki

Jeśli podpinasz pendrive do wielu komputerów takie usuwanie nic nie da, wirusy będą wracać.

don
komentarz
komentarz

Dziękuje Wam za pomoc, ale mam jeszcze pytanie, mianowicie: jest może jakiś sposób aby zabezpieczyć komputer przed wirusami które pochodzą z pendriva? Mam kasperskiego ale nie wiem czy to coś pomoże:| ?

Psycholandia
komentarz
komentarz

Ja mam Noda32 i jak wkładam zawirusowanego Pendrive to jest alert i antywirus usuwa robale. Kaspersky Ci nie wykrywa nic jak wkładasz zawirusowanego Pandrive?

Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!

Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.

×
×
  • Dodaj nową pozycję...

Powiadomienie o plikach cookie

Strona wykorzystuje pliki cookies w celu prawidłowego świadczenia usług i wygody użytkowników. Warunki przechowywania i dostępu do plików cookies możesz zmienić w ustawieniach przeglądarki.