MeFFiu Napisano Lipiec 25, 2010 Zgłoś Share Napisano Lipiec 25, 2010 Witam ! Jestem nowy , więc jak coś źle zrobiłem to mnie poprawiajcie. Wchodząc na stronę ChelseaLondyn ,Avast wykrył mi kilkanaście wirusów Malware-gen. Niby są w kwarantannie , ale kiedy włączam kompa to nic nie mogę robić. I albo sam zaskoczy , albo muszę oczyszczać dysk lub kombinować aż się uda. Wirus niby jest osadzony w C:\Windows\system32\drivers. Proszę o instrukcje co mam zrobić. Wklejam Loga. Logfile of random's system information tool 1.08 (written by random/random) Run by 121 at 2010-07-25 10:19:26 Microsoft Windows XP Professional Dodatek Service Pack 3 System drive C: has 68 GB (91%) free of 75 GB Total RAM: 1023 MB (50% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 10:19:45, on 2010-07-25 Platform: Windows XP Dodatek SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16640) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Alwil Software\Avast5\afwServ.exe C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe C:\Program Files\Alwil Software\Avast5\AvastSvc.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\wbem\unsecapp.exe C:\WINDOWS\System32\alg.exe C:\WINDOWS\system32\wbem\wmiprvse.exe C:\WINDOWS\system32\wscntfy.exe C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\ipla\ipla.exe C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Documents and Settings\121\Moje dokumenty\Pobieranie\RSIT.exe C:\WINDOWS\system32\wbem\wmiprvse.exe C:\Program Files\trend micro\121.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://nl.ask.com?o=15003&l=dis R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O2 - BHO: IEPluginBHO - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Documents and Settings\121\Dane aplikacji\Nowe Gadu-Gadu\_userdata\ggbho.1.dll O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll O3 - Toolbar: Sopcast Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [ALLUpdate] "C:\Program Files\ALLPlayer\ALLUpdate.exe" "sleep" O4 - HKCU\..\Run: [iPLA!] C:\Program Files\ipla\ipla.exe /autorun O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA LOKALNA') O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'USŁUGA LOKALNA') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA SIECIOWA') O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'USŁUGA SIECIOWA') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user') O4 - Startup: srvklw32.exe O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll O17 - HKLM\System\CCS\Services\Tcpip\..\{356BD619-FD8B-414F-83CF-061A3933F577}: NameServer = 62.233.233.233 87.204.204.204 O17 - HKLM\System\CS1\Services\Tcpip\..\{356BD619-FD8B-414F-83CF-061A3933F577}: NameServer = 62.233.233.233 87.204.204.204 O22 - SharedTaskScheduler: Moduł wstępnego ładowania interfejsu Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Demon buforu kategorii składników - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: avast! Firewall - AVAST Software - C:\Program Files\Alwil Software\Avast5\afwServ.exe O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe -- End of file - 7075 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}] Sopcast Ask Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2010-02-04 1197448] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-07-06 41368] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}] JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-07-06 73728] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D}] IEPluginBHO Class - C:\Documents and Settings\121\Dane aplikacji\Nowe Gadu-Gadu\_userdata\ggbho.1.dll [2009-08-31 42088] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll [2010-03-25 968000] {D4027C7F-154A-4066-A1AD-4243D8127440} - Sopcast Ask Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2010-02-04 1197448] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2006-08-11 7630848] "NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648] "avast5"=C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe [2010-06-28 2837864] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360] "ALLUpdate"=C:\Program Files\ALLPlayer\ALLUpdate.exe [2009-11-11 870400] "IPLA!"=C:\Program Files\ipla\ipla.exe [2010-02-02 14252952] "DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2010-04-01 357696] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\daemon.exe -autorun [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IPLA!] [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nowe Gadu-Gadu] [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Odkurzacz-MCD] [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RaidTool] C:\Program Files\VIA\RAID\raid_tool.exe [2005-11-23 1060864] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^DSLMON.lnk] C:\PROGRA~1\SAGEM\SAGEMF~1\dslmon.exe [2007-02-13 1205840] C:\Documents and Settings\All Users\Menu Start\Programy\Autostart DSLMON.lnk - C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe C:\Documents and Settings\121\Menu Start\Programy\Autostart srvklw32.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\wpdshserviceobj.dll [2008-05-02 133632] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa] "authentication packages"=msv1_0 nwprovau [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\Nowe Gadu-Gadu\gg.exe"="C:\Program Files\Nowe Gadu-Gadu\gg.exe:*:Enabled:Nowe Gadu-Gadu" "C:\Program Files\Electronic Arts\EADM\Core.exe"="C:\Program Files\Electronic Arts\EADM\Core.exe:*:Disabled:EA Download Manager" "C:\Program Files\Ubisoft\Tom Clancy's Splinter Cell Double Agent\SCDA-Offline\System\SplinterCell4.exe"="C:\Program Files\Ubisoft\Tom Clancy's Splinter Cell Double Agent\SCDA-Offline\System\SplinterCell4.exe:*:Enabled:SplinterCell4" "C:\Program Files\Java\jre6\bin\javaw.exe"="C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java Platform SE binary" "C:\Program Files\Java\jre6\bin\java.exe"="C:\Program Files\Java\jre6\bin\java.exe:*:Enabled:Java Platform SE binary" "C:\Program Files\Gadu-Gadu 10\gg.exe"="C:\Program Files\Gadu-Gadu 10\gg.exe:*:Enabled:Gadu-Gadu 10" "C:\Program Files\Firefly Studios\Stronghold 2\Stronghold2.exe"="C:\Program Files\Firefly Studios\Stronghold 2\Stronghold2.exe:*:Enabled:Stronghold 2" "C:\Program Files\SopCast\adv\SopAdver.exe"="C:\Program Files\SopCast\adv\SopAdver.exe:*:Enabled:SopCast Adver" "C:\Program Files\SopCast\SopCast.exe"="C:\Program Files\SopCast\SopCast.exe:*:Enabled:SopCast Main Application" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" ======List of files/folders created in the last 1 months====== 2010-07-25 10:19:27 ----D---- C:\Program Files\trend micro 2010-07-25 10:19:26 ----D---- C:\rsit 2010-07-25 09:59:35 ----D---- C:\WINDOWS\LastGood 2010-07-25 09:59:35 ----A---- C:\WINDOWS\Fast800.ini 2010-07-25 09:59:35 ----A---- C:\WINDOWS\adidsl.ini 2010-07-25 09:59:29 ----A---- C:\WINDOWS\adirasx64.exe 2010-07-25 09:59:29 ----A---- C:\WINDOWS\adiras.exe 2010-07-25 09:59:28 ----A---- C:\WINDOWS\system32\IPDETECT.EXE 2010-07-25 09:59:28 ----A---- C:\WINDOWS\system32\adadix32.dll 2010-07-25 09:59:27 ----A---- C:\WINDOWS\system32\drivers\e4usbawx64.sys 2010-07-25 09:59:27 ----A---- C:\WINDOWS\system32\drivers\e4usbaw.sys 2010-07-25 09:59:27 ----A---- C:\WINDOWS\system32\drivers\adiusbawx64.sys 2010-07-25 09:59:27 ----A---- C:\WINDOWS\system32\drivers\adiusbaw.sys 2010-07-25 09:59:25 ----A---- C:\WINDOWS\system32\unaddrv.x64.exe 2010-07-25 09:59:25 ----A---- C:\WINDOWS\system32\unaddrv.exe 2010-07-25 09:59:25 ----A---- C:\WINDOWS\system32\drivers\e4ldrx64.sys 2010-07-25 09:59:25 ----A---- C:\WINDOWS\system32\drivers\e4ldr.sys 2010-07-25 09:59:25 ----A---- C:\WINDOWS\system32\drivers\adildrx64.sys 2010-07-25 09:59:25 ----A---- C:\WINDOWS\system32\drivers\adildr.sys 2010-07-25 09:59:25 ----A---- C:\WINDOWS\system32\coclassfast.dll 2010-07-25 09:59:25 ----A---- C:\WINDOWS\system32\ADADIX2K.DLL 2010-07-25 09:59:25 ----A---- C:\WINDOWS\system32\ADADIX16.DLL 2010-07-25 09:59:25 ----A---- C:\WINDOWS\enddisk32.exe 2010-07-25 09:59:25 ----A---- C:\WINDOWS\autoclk.exe 2010-07-25 09:59:24 ----A---- C:\WINDOWS\system32\drivers\cmvep.txt 2010-07-25 09:59:24 ----A---- C:\WINDOWS\system32\drivers\cmvei.txt 2010-07-25 09:59:24 ----A---- C:\WINDOWS\system32\drivers\cmv9p.txt 2010-07-25 09:59:24 ----A---- C:\WINDOWS\system32\drivers\cmv9i.txt 2010-07-25 09:59:24 ----A---- C:\WINDOWS\system32\drivers\cmv4p.txt 2010-07-25 09:59:24 ----A---- C:\WINDOWS\system32\drivers\cmv4i.txt 2010-07-25 09:59:24 ----A---- C:\WINDOWS\system32\drivers\cmv4.txt 2010-07-25 09:59:24 ----A---- C:\WINDOWS\system32\drivers\CMV3p.txt 2010-07-25 09:59:24 ----A---- C:\WINDOWS\system32\drivers\cmv.txt 2010-07-25 09:59:16 ----D---- C:\Program Files\SAGEM 2010-07-25 09:59:13 ----D---- C:\Documents and Settings\121\Dane aplikacji\InstallShield 2010-07-25 09:55:54 ----D---- C:\WINDOWS\system32\CatRoot2 2010-07-25 08:35:30 ----D---- C:\WINDOWS\system32\Logfiles 2010-07-25 08:35:30 ----D---- C:\Inetpub 2010-07-17 14:10:56 ----A---- C:\WINDOWS\system32\drivers\aswSnx.sys 2010-07-17 14:10:56 ----A---- C:\WINDOWS\system32\drivers\aswFW.sys 2010-07-17 14:10:42 ----A---- C:\WINDOWS\system32\drivers\aswNdis2.sys 2010-07-17 14:10:31 ----A---- C:\WINDOWS\system32\drivers\aswNdis.sys 2010-07-17 14:10:16 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Alwil Software ======List of files/folders modified in the last 1 months====== 2010-07-25 10:19:33 ----D---- C:\WINDOWS\Prefetch 2010-07-25 10:19:27 ----RD---- C:\Program Files 2010-07-25 10:01:39 ----D---- C:\WINDOWS\Temp 2010-07-25 10:01:35 ----D---- C:\WINDOWS\system32\CatRoot 2010-07-25 10:00:46 ----D---- C:\Program Files\Mozilla Firefox 2010-07-25 09:59:35 ----HD---- C:\WINDOWS\inf 2010-07-25 09:59:35 ----D---- C:\WINDOWS\system32\drivers 2010-07-25 09:59:35 ----D---- C:\WINDOWS 2010-07-25 09:59:35 ----A---- C:\WINDOWS\adiras.ini 2010-07-25 09:59:28 ----D---- C:\WINDOWS\system32 2010-07-25 09:59:23 ----HD---- C:\Program Files\InstallShield Installation Information 2010-07-25 09:04:17 ----SD---- C:\WINDOWS\Tasks 2010-07-25 09:03:09 ----D---- C:\Documents and Settings\121\Dane aplikacji\ipla 2010-07-25 08:58:44 ----AC---- C:\WINDOWS\system32\PerfStringBackup.INI 2010-07-25 08:35:30 ----D---- C:\WINDOWS\system32\inetsrv 2010-07-24 22:06:20 ----N---- C:\WINDOWS\SchedLgU.Txt 2010-07-24 21:57:20 ----A---- C:\WINDOWS\NeroDigital.ini 2010-07-17 14:15:08 ----D---- C:\Program Files\Alwil Software 2010-07-17 14:10:37 ----SHD---- C:\WINDOWS\Installer 2010-07-17 14:10:36 ----D---- C:\WINDOWS\WinSxS 2010-06-28 22:57:12 ----A---- C:\WINDOWS\system32\aswBoot.exe ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 aswNdis;avast! Firewall NDIS Filter Service; C:\WINDOWS\system32\DRIVERS\aswNdis.sys [2010-06-28 12112] R0 aswNdis2;avast! Firewall Core Firewall Service; C:\WINDOWS\system32\drivers\aswNdis2.sys [2010-06-28 188168] R0 Lbd;Lbd; C:\WINDOWS\system32\DRIVERS\Lbd.sys [2010-02-04 64288] R0 Si3112;Si3112; C:\WINDOWS\system32\drivers\Si3112.sys [2008-05-02 62208] R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2010-04-02 691696] R0 uagp35;Filtr AGPv3.5 firmy Microsoft; C:\WINDOWS\system32\DRIVERS\uagp35.sys [2008-04-14 44672] R0 viamraid;viamraid; C:\WINDOWS\system32\DRIVERS\viamraid.sys [2005-11-23 92672] R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2008-05-02 77568] R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2010-06-28 28880] R1 aswFW;avast! TDI Firewall driver; C:\WINDOWS\system32\drivers\aswFW.sys [2010-06-28 99280] R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2010-06-28 312912] R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2010-06-28 165456] R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2010-06-28 46672] R1 intelppm;Sterownik procesora Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40448] R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2010-06-28 17744] R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2010-06-28 100176] R2 nvcap;nVidia WDM Video Capture (universal); C:\WINDOWS\system32\DRIVERS\nvcap.sys [2005-02-01 141246] R2 NVXBAR;nVidia WDM A/V Crossbar; C:\WINDOWS\system32\DRIVERS\NVxbar.sys [2005-02-01 16176] R2 NwlnkIpx;Protokół transportowy zgodny z NWLink IPX/SPX/NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys [2008-04-14 88320] R2 NwlnkNb;System NetBIOS NWLink; C:\WINDOWS\system32\DRIVERS\nwlnknb.sys [2001-08-17 63232] R2 NwlnkSpx;Protokół NWLink SPX/SPXII; C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys [2001-08-17 55936] R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2010-06-28 23376] R3 e4usbaw;USB ADSL2 WAN Adapter; C:\WINDOWS\system32\DRIVERS\e4usbaw.sys [2007-01-04 104344] R3 FETNDISB;VIA Rhine Family Fast Ethernet Adapter Driver Service; C:\WINDOWS\system32\DRIVERS\fetnd5b.sys [2003-11-11 41984] R3 HDAudBus;Sterownik magistrali Microsoft UAA dla High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-06-28 4304384] R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2006-08-11 3958496] R3 NWRDR;NetWare Rdr; C:\WINDOWS\system32\DRIVERS\nwrdr.sys [2008-04-14 163584] R3 usbstor;Sterownik magazynu masowego USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368] R3 usbuhci;Sterownik Miniport uniwersalnego kontrolera hosta USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608] S2 E4LOADER;General Purpose USB Driver (e4ldr.sys); C:\WINDOWS\System32\Drivers\e4ldr.sys [2007-01-04 69656] S3 ao4a0m1k;ao4a0m1k; C:\WINDOWS\system32\drivers\ao4a0m1k.sys [] S3 Cardex;Cardex; \??\C:\WINDOWS\system32\drivers\TBPANEL.SYS [] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-06-28 40384] R2 avast! Firewall;avast! Firewall; C:\Program Files\Alwil Software\Avast5\afwServ.exe [2010-06-28 119200] R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-07-06 152984] R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2010-05-02 1285864] R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2005-07-24 53248] R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2006-08-11 155715] R2 NWCWorkstation;Usługa klienta dla systemu NetWare; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336] R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336] R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-06-28 40384] R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-06-28 40384] S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240] S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632] S3 WMPNetworkSvc;Usługa udostępniania w sieci programu Windows Media Player; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-12-01 918016] -----------------EOF----------------- Link do komentarza Udostępnij na innych stronach More sharing options...
adam1415 Napisano Lipiec 25, 2010 Zgłoś Share Napisano Lipiec 25, 2010 Po pierwsze wywal Avasta i zainstaluj cos co jest antywirusem, np pakiet Comodo Internet Security albo Comodo Firewall + Avira i wtedy przeskanuj. Przeskanuj kompa Malwarebytes Antimalware i wynik wrzuc na forum, daj logi z OTL. Oba programiki do sciagniecia z netu. Link do komentarza Udostępnij na innych stronach More sharing options...
Sevard Napisano Lipiec 25, 2010 Zgłoś Share Napisano Lipiec 25, 2010 Przed tym, co wyżej uruchom komputer w trybie awaryjnym, wejdź do katalogu C:\Documents and Settings\121\Menu Start\Programy\Autostart i wywal z niego plik "srvklw32.exe", być może przed tym będziesz musiał "zabić" proces o tej nazwie za pomocą Menedżera zadań. Poza tym wyczyść katalogi z plikami tymczasowymi IE. Link do komentarza Udostępnij na innych stronach More sharing options...