Pomocy __svchelper.exe.

[MaTi]

Coś lecz nie wiem co się zmieniło w moim kompie jak go włączam to pojawia się komunikat w którym widnieje taka nazwa SvcHelper.exe. nie mam pojęcia co to jest nie jestem obytym użytkownikiem komputera więc proszę o pomoc dokładne tłumaczenie jak postępować i odpowiedź o ile ktoś mi potrafi pomóc w internecie nic po polsku na ten temat nie znalazłem a z angielskim u mnie cieniutko dziękuję z góry za pomoc ....posiadam antywirus AVG.....

Kod: Zaznacz wszystko

ComboFix 08-11-04.02 - Bartek 2008-11-05 12:51:31.1 - NTFSx86
Microsoft Windows XP Home Edition  5.1.2600.3.1250.1.1045.18.2583 [GMT 1:00]
Uruchomiony z: f:\documents and settings\Bartek\Pulpit\ComboFix.exe
* Utworzono nowy punkt przywracania
.
[i] ADS - WINDOWS: deleted 24 bytes in 1 streams. [/i]

(((((((((((((((((((((((((((((((((((((((   Usunięto   )))))))))))))))))))))))))))))))))))))))))))))))))
.

f:\documents and settings\Bartek\Dane aplikacji\inst.exe
f:\windows\system32\AutoRun.inf

.
(((((((((((((((((((((((((   Pliki utworzone od 2008-10-05 do 2008-11-05  )))))))))))))))))))))))))))))))
.

2008-11-05 00:02 . 2008-11-05 00:02   <DIR>   d--h-----   F:\$AVG8.VAULT$
2008-11-04 23:26 . 2008-11-05 10:09   <DIR>   d--------   f:\windows\system32\drivers\Avg
2008-11-04 23:26 . 2008-11-04 23:26   <DIR>   d--------   f:\documents and settings\Bartek\Dane aplikacji\AVGTOOLBAR
2008-11-04 23:26 . 2008-11-05 12:09   98,440   --a------   f:\windows\system32\drivers\avgldx86.sys
2008-11-04 23:26 . 2008-11-05 12:09   90,632   --a------   f:\windows\system32\drivers\avgtdix.sys
2008-11-04 23:26 . 2008-11-04 23:26   12,936   --a------   f:\windows\system32\drivers\avgrkx86.sys
2008-11-04 23:26 . 2008-11-04 23:26   10,520   --a------   f:\windows\system32\avgrsstx.dll
2008-11-04 23:25 . 2008-11-04 23:25   <DIR>   d--------   f:\program files\AVG
2008-11-04 23:25 . 2008-11-04 23:25   <DIR>   d--------   f:\documents and settings\All Users\Dane aplikacji\avg8
2008-11-04 22:56 . 2008-11-05 12:09   50,968   --a------   f:\windows\system32\avgfwdx.dll
2008-11-04 22:56 . 2008-11-05 12:09   29,208   --a------   f:\windows\system32\drivers\avgfwdx.sys
2008-10-23 21:34 . 2008-10-15 17:36   337,408   -----c---   f:\windows\system32\dllcache\netapi32.dll
2008-10-16 06:32 . 2008-08-14 14:26   2,190,464   -----c---   f:\windows\system32\dllcache\ntoskrnl.exe
2008-10-16 06:32 . 2008-08-14 14:26   2,146,816   -----c---   f:\windows\system32\dllcache\ntkrnlmp.exe
2008-10-16 06:32 . 2008-08-14 14:26   2,067,328   -----c---   f:\windows\system32\dllcache\ntkrnlpa.exe
2008-10-16 06:32 . 2008-08-14 14:26   2,025,472   -----c---   f:\windows\system32\dllcache\ntkrpamp.exe
2008-10-16 06:32 . 2008-09-15 16:27   1,846,656   -----c---   f:\windows\system32\dllcache\win32k.sys
2008-10-16 06:32 . 2008-09-08 11:41   333,824   -----c---   f:\windows\system32\dllcache\srv.sys
2008-10-06 09:12 . 2008-10-06 09:12   <DIR>   d--------   f:\documents and settings\Bartek\Dane aplikacji\Corel
2008-10-06 09:12 . 2008-10-30 20:57   88   -r-hs----   f:\windows\system32\[u]0[/u]68FE7AAEC.sys
2008-10-06 09:11 . 2008-10-06 09:11   <DIR>   d--------   f:\program files\Common Files\Corel
2008-10-06 09:09 . 2008-10-06 09:09   <DIR>   d--------   f:\program files\Corel
2008-10-06 09:09 . 2008-10-06 09:09   <DIR>   d--------   f:\documents and settings\All Users\Dane aplikacji\Corel
2008-10-06 09:05 . 2008-10-30 20:57   2,516   --ahs----   f:\windows\system32\KGyGaAvL.sys
2008-10-05 11:48 . 2008-10-05 11:48   <DIR>   d--------   f:\program files\Sony

.
((((((((((((((((((((((((((((((((((((((((   Sekcja Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-11-05 11:48   ---------   d-----w   f:\program files\lg_fwupdate
2008-11-05 11:07   ---------   d-----w   f:\documents and settings\Bartek\Dane aplikacji\OpenOffice.org2
2008-11-05 09:15   ---------   d-----w   f:\documents and settings\Bartek\Dane aplikacji\uTorrent
2008-11-04 21:52   ---------   d-----w   f:\documents and settings\All Users\Dane aplikacji\FRISK Software
2008-10-16 12:47   ---------   d-----w   f:\documents and settings\All Users\Dane aplikacji\Microsoft Help
2008-09-22 07:44   ---------   d-----w   f:\documents and settings\All Users\Dane aplikacji\NOS
2008-09-21 22:13   ---------   d-----w   f:\program files\Common Files\Adobe AIR
2008-09-21 22:12   ---------   d-----w   f:\program files\Common Files\Adobe
2008-09-15 15:27   1,846,656   ----a-w   f:\windows\system32\win32k.sys
2008-09-09 21:20   ---------   d-----w   f:\documents and settings\All Users\Dane aplikacji\SlySoft
2008-09-09 21:16   ---------   d-----w   f:\program files\SlySoft
2008-09-08 10:41   333,824   ----a-w   f:\windows\system32\drivers\srv.sys
2008-09-05 17:06   ---------   d-----w   f:\program files\MSBuild
2008-09-05 17:06   ---------   d-----w   f:\program files\Microsoft Works
2008-09-05 17:05   ---------   d-----w   f:\program files\Microsoft.NET
2008-08-28 15:51   47,360   ----a-w   f:\documents and settings\Bartek\Dane aplikacji\pcouffin.sys
2008-08-26 08:27   826,368   ----a-w   f:\windows\system32\wininet.dll
2008-08-23 18:01   98,304   ----a-w   f:\windows\system32\qttask.exe
2008-08-23 09:44   14,656   ----a-w   f:\windows\gdrv.sys
2008-08-22 22:17   70,969   ----a-w   f:\windows\BricoPackUninst.cmd
2008-08-22 22:17   5,466   ----a-w   f:\windows\BricoPackFoldersDelete.cmd
2008-08-22 22:17   219,648   ----a-w   f:\windows\system32\uxtheme.dll
2008-08-14 13:26   2,146,816   ----a-w   f:\windows\system32\ntoskrnl.exe
2008-08-14 13:26   2,025,472   ----a-w   f:\windows\system32\ntkrnlpa.exe
2004-10-01 13:00   40,960   ----a-w   f:\program files\Uninstall_CDS.exe
.

------- Sigcheck -------

2008-04-14 18:21  977408  f042e3426d45d86d9bb55f6a79ab441a   f:\windows\explorer.exe
2006-03-02 13:00  975872  196c130d31317fe53de984220b5e13b9   f:\windows\$NtServicePackUninstall$\explorer.exe
2008-04-14 18:21  977408  f042e3426d45d86d9bb55f6a79ab441a   f:\windows\ServicePackFiles\i386\explorer.exe

2008-07-18 21:10  68808  136896c2cdc3f689876e0d44485153ea   f:\windows\ServicePackFiles\i386\wuauclt.exe
2008-07-18 21:10  68808  136896c2cdc3f689876e0d44485153ea   f:\windows\system32\wuauclt.exe
2008-07-18 21:10  68808  136896c2cdc3f689876e0d44485153ea   f:\windows\system32\dllcache\wuauclt.exe
.
(((((((((((((((((((((((((((((((((((((   Wpisy startowe rejestru   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="f:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"DAEMON Tools Lite"="f:\programy bartek\damon tools\DAEMON Tools Lite\daemon.exe" [2008-08-08 490952]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"JMB36X IDE Setup"="f:\windows\JM\JMInsIDE.exe" [2006-10-31 36864]
"36X Raid Configurer"="f:\windows\system32\JMRaidSetup.exe" [2006-11-17 1953792]
"NvCplDaemon"="f:\windows\system32\NvCpl.dll" [2006-08-11 7630848]
"NvMediaCenter"="f:\windows\system32\NvMcTray.dll" [2006-08-11 86016]
"WinFast Schedule"="f:\program files\WinFast\WFTVFM\WFWIZ.exe" [2006-07-07 348160]
"HotKey"="f:\program files\HotKey\hotkey.exe" [2006-11-03 81920]
"NeroFilterCheck"="f:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"LGODDFU"="f:\program files\lg_fwupdate\fwupdate.exe" [2005-04-12 229376]
"HP Software Update"="f:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-03-11 49152]
"EasyTuneV"="f:\program files\Gigabyte\ET5\ETcall.exe" [2007-01-04 24576]
"SunJavaUpdateSched"="f:\program files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
"GrooveMonitor"="f:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2007-08-24 33648]
"Adobe Reader Speed Launcher"="f:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]
"AVG8_TRAY"="e:\avg\ANTYWI~1\avgtray.exe" [2008-11-05 1235736]
"Corel Photo Downloader"="f:\program files\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe" [2007-12-14 531784]
"SkyTel"="SkyTel.EXE" [2006-12-12 f:\windows\SkyTel.exe]
"RTHDCPL"="RTHDCPL.EXE" [2006-12-12 f:\windows\RTHDCPL.EXE]
"nwiz"="nwiz.exe" [2006-08-11 f:\windows\system32\nwiz.exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="f:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

f:\documents and settings\Bartek\Menu Start\Programy\Autostart\
RocketDock.lnk - f:\windows\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe [2007-03-18 630784]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveTrack"= 1 (0x1)
"NoFileAssociate"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=avgrsstx.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.iac2"= f:\progra~2\ACEMEG~1\SystemS\Intel\iac25_32.ax
"vidc.avrn"= f:\progra~2\ACEMEG~1\SystemS\AVIDAV~1.DLL
"vidc.advj"= f:\progra~2\ACEMEG~1\SystemS\AVIDAV~1.DLL
"vidc.mszh"= f:\progra~2\ACEMEG~1\SystemS\avimszh.dll
"vidc.zlib"= f:\progra~2\ACEMEG~1\SystemS\avizlib.dll
"vidc.cscd"= f:\progra~2\ACEMEG~1\SystemS\camcodec.dll
"vidc.cvid"= f:\progra~2\ACEMEG~1\SystemS\iccvid.dll
"msacm.trspch"= f:\progra~2\ACEMEG~1\SystemS\tssoft32.acm
"vidc.em2v"= f:\progra~2\ACEMEG~1\SystemS\etxcodec.dll
"vidc.mkvc"= f:\progra~2\ACEMEG~1\SystemS\kmvidc32.dll
"vidc.hfyu"= f:\progra~2\ACEMEG~1\SystemS\huffyuv.dll
"msacm.lameacm"= f:\progra~2\ACEMEG~1\SystemS\lameacm.acm
"msacm.lhacm"= f:\progra~2\ACEMEG~1\SystemS\lhacm.acm
"msacm.l3acm"= f:\progra~2\ACEMEG~1\SystemS\l3codecp.acm
"vidc.sjpg"= f:\progra~2\ACEMEG~1\SystemS\pmjpeg32.dll
"vidc.dmb2"= f:\progra~2\ACEMEG~1\SystemS\pmjpeg32.dll
"vidc.gepj"= f:\progra~2\ACEMEG~1\SystemS\pmjpeg32.dll
"vidc.qpeg"= f:\progra~2\ACEMEG~1\SystemS\Qpeg32.dll
"vidc.q1.0"= f:\progra~2\ACEMEG~1\SystemS\Qpeg32.dll
"msacm.sl_anet"= f:\progra~2\ACEMEG~1\SystemS\sl_anet.acm
"vidc.tscc"= f:\progra~2\ACEMEG~1\SystemS\tsccvid.dll
"vidc.vifp"= f:\progra~2\ACEMEG~1\SystemS\vfcodec.dll
"vidc.wrpr"= f:\progra~2\ACEMEG~1\SystemS\aviwrap.dll
"vidc.wnv1"= f:\progra~2\ACEMEG~1\SystemS\wnvplay1.dll
"vidc.3ivx"= f:\progra~2\ACEMEG~1\SystemS\3ivx\3IVXVF~1.DLL
"vidc.3iv0"= f:\progra~2\ACEMEG~1\SystemS\3ivx\3IVXVF~1.DLL
"vidc.3iv1"= f:\progra~2\ACEMEG~1\SystemS\3ivx\3IVXVF~1.DLL
"vidc.3iv2"= f:\progra~2\ACEMEG~1\SystemS\3ivx\3IVXVF~1.DLL
"vidc.3ivd"= f:\progra~2\ACEMEG~1\SystemS\3ivx\3IVXVF~1.DLL
"vidc.advs"= f:\progra~2\ACEMEG~1\SystemS\Adaptec\Dvc.dll
"vidc.aflc"= f:\progra~2\ACEMEG~1\SystemS\Autodesk\FLCCOD~1.DLL
"vidc.afli"= f:\progra~2\ACEMEG~1\SystemS\Autodesk\FLCCOD~1.DLL
"vidc.aasc"= f:\progra~2\ACEMEG~1\SystemS\Autodesk\Aasc32.dll
"vidc.aas4"= f:\progra~2\ACEMEG~1\SystemS\Autodesk\Aasc32.dll
"vidc.asv1"= f:\progra~2\ACEMEG~1\SystemS\ASUS\asusasv1.dll
"vidc.asv2"= f:\progra~2\ACEMEG~1\SystemS\ASUS\asusasv2.dll
"vidc.asvx"= f:\progra~2\ACEMEG~1\SystemS\ASUS\asusasv2.dll
"vidc.vcr1"= f:\progra~2\ACEMEG~1\SystemS\ATI\ativcr1.dll
"vidc.vcr2"= f:\progra~2\ACEMEG~1\SystemS\ATI\ativcr2.dll
"vidc.yv12"= f:\progra~2\ACEMEG~1\SystemS\ATI\atiyuv12.DLL
"vidc.mwv1"= f:\progra~2\ACEMEG~1\SystemS\Aware\icmw_32.dll
"vidc.bt20"= f:\progra~2\ACEMEG~1\SystemS\BROOKT~1\btvvc32.drv
"vidc.y41p"= f:\progra~2\ACEMEG~1\SystemS\BROOKT~1\btvvc32.drv
"msacm.pcdv"= f:\progra~2\ACEMEG~1\SystemS\Canopus\pcdv.acm
"vidc.cdvc"= f:\progra~2\ACEMEG~1\SystemS\Canopus\CSCCDVC.DLL
"vidc.ddvc"= f:\progra~2\ACEMEG~1\SystemS\Canopus\CSCdvsd.DLL
"vidc.png1"= f:\progra~2\ACEMEG~1\SystemS\Core\COREPN~1.DLL
"msacm.CoreFLAC_ACM"= f:\progra~2\ACEMEG~1\SystemS\Core\COREFL~1.ACM
"vidc.davc"= f:\progra~2\ACEMEG~1\SystemS\dicas\davcvfw.dll
"vidc.div3"= f:\progra~2\ACEMEG~1\SystemS\DivX\DivXc32.dll
"vidc.div5"= f:\progra~2\ACEMEG~1\SystemS\DivX\DivXc32.dll
"vidc.mpg3"= f:\progra~2\ACEMEG~1\SystemS\DivX\DivXc32.dll
"vidc.div4"= f:\progra~2\ACEMEG~1\SystemS\DivX\DivXc32f.dll
"vidc.div6"= f:\progra~2\ACEMEG~1\SystemS\DivX\DivXc32f.dll
"vidc.ap41"= f:\progra~2\ACEMEG~1\SystemS\DivX\DivXc32f.dll
"vidc.dvx4"= f:\progra~2\ACEMEG~1\SystemS\DivX\divx4.dll
"vidc.divx"= f:\progra~2\ACEMEG~1\SystemS\DivX\DivX520.dll
"msacm.divxa32"= msaud32_divx.acm
"vidc.frwd"= f:\progra~2\ACEMEG~1\SystemS\Forward\frwd.dll
"vidc.frwt"= f:\progra~2\ACEMEG~1\SystemS\Forward\frwd.dll
"vidc.frwa"= f:\progra~2\ACEMEG~1\SystemS\Forward\frwt.dll
"vidc.frwu"= f:\progra~2\ACEMEG~1\SystemS\Forward\frwu.dll
"vidc.glzw"= f:\progra~2\ACEMEG~1\SystemS\Gabest\GLZW.dll
"vidc.gpeg"= f:\progra~2\ACEMEG~1\SystemS\Gabest\GPEG.dll
"vidc.i263"= f:\progra~2\ACEMEG~1\SystemS\Intel\i263_32.drv
"vidc.iv30"= f:\progra~2\ACEMEG~1\SystemS\Intel\ir32_32.dll
"vidc.iv31"= f:\progra~2\ACEMEG~1\SystemS\Intel\ir32_32.dll
"vidc.iv32"= f:\progra~2\ACEMEG~1\SystemS\Intel\ir32_32.dll
"vidc.iv33"= f:\progra~2\ACEMEG~1\SystemS\Intel\ir32_32.dll
"vidc.iv34"= f:\progra~2\ACEMEG~1\SystemS\Intel\ir32_32.dll
"vidc.iv35"= f:\progra~2\ACEMEG~1\SystemS\Intel\ir32_32.dll
"vidc.iv36"= f:\progra~2\ACEMEG~1\SystemS\Intel\ir32_32.dll
"vidc.iv37"= f:\progra~2\ACEMEG~1\SystemS\Intel\ir32_32.dll
"vidc.iv38"= f:\progra~2\ACEMEG~1\SystemS\Intel\ir32_32.dll
"vidc.iv39"= f:\progra~2\ACEMEG~1\SystemS\Intel\ir32_32.dll
"vidc.iv40"= f:\progra~2\ACEMEG~1\SystemS\Intel\ir41_32.dll
"vidc.iv41"= f:\progra~2\ACEMEG~1\SystemS\Intel\ir41_32.dll
"vidc.iv42"= f:\progra~2\ACEMEG~1\SystemS\Intel\ir41_32.dll
"vidc.iv43"= f:\progra~2\ACEMEG~1\SystemS\Intel\ir41_32.dll
"vidc.iv44"= f:\progra~2\ACEMEG~1\SystemS\Intel\ir41_32.dll
"vidc.iv45"= f:\progra~2\ACEMEG~1\SystemS\Intel\ir41_32.dll
"vidc.iv46"= f:\progra~2\ACEMEG~1\SystemS\Intel\ir41_32.dll
"vidc.iv47"= f:\progra~2\ACEMEG~1\SystemS\Intel\ir41_32.dll
"vidc.iv48"= f:\progra~2\ACEMEG~1\SystemS\Intel\ir41_32.dll
"vidc.iv49"= f:\progra~2\ACEMEG~1\SystemS\Intel\ir41_32.dll
"vidc.iv50"= f:\progra~2\ACEMEG~1\SystemS\Intel\ir50_32.dll
"vidc.iyuv"= f:\progra~2\ACEMEG~1\SystemS\Intel\iyuv_32.dll
"vidc.yvu9"= f:\progra~2\ACEMEG~1\SystemS\Intel\Iyvu9_32.dll
"vidc.ir21"= f:\progra~2\ACEMEG~1\SystemS\Intel\IR21_R.DLL
"vidc.rt21"= f:\progra~2\ACEMEG~1\SystemS\Intel\IR21_R.DLL
"msacm.imc"= f:\progra~2\ACEMEG~1\SystemS\Intel\IMC32.ACM
"vidc.lead"= f:\progra~2\ACEMEG~1\SystemS\LEAD\LCODCCMP.DLL
"vidc.dvsd"= f:\progra~2\ACEMEG~1\SystemS\MAINCO~1\MCDVD_32.DLL
"vidc.dvc"= f:\progra~2\ACEMEG~1\SystemS\MAINCO~1\MCDVD_32.DLL
"vidc.dvcs"= f:\progra~2\ACEMEG~1\SystemS\MAINCO~1\MCDVD_32.DLL
"vidc.dcmj"= f:\progra~2\ACEMEG~1\SystemS\MAINCO~1\MCMJPG32.DLL
"vidc.avi1"= f:\progra~2\ACEMEG~1\SystemS\MAINCO~1\MCMJPG32.DLL
"vidc.avi2"= f:\progra~2\ACEMEG~1\SystemS\MAINCO~1\MCMJPG32.DLL
"vidc.dv25"= f:\progra~2\ACEMEG~1\SystemS\Matrox\DigiVCap.dll
"vidc.dv50"= f:\progra~2\ACEMEG~1\SystemS\Matrox\DigiVCap.dll
"vidc.msmc"= f:\progra~2\ACEMEG~1\SystemS\Matrox\DigiVCap.dll
"vidc.mmjp"= f:\progra~2\ACEMEG~1\SystemS\Matrox\DigiVCap.dll
"vidc.mtx1"= f:\progra~2\ACEMEG~1\SystemS\Matrox\DigiVCap.dll
"vidc.mtx2"= f:\progra~2\ACEMEG~1\SystemS\Matrox\DigiVCap.dll
"vidc.mtx3"= f:\progra~2\ACEMEG~1\SystemS\Matrox\DigiVCap.dll
"vidc.mtx4"= f:\progra~2\ACEMEG~1\SystemS\Matrox\DigiVCap.dll
"vidc.mtx5"= f:\progra~2\ACEMEG~1\SystemS\Matrox\DigiVCap.dll
"vidc.mtx6"= f:\progra~2\ACEMEG~1\SystemS\Matrox\DigiVCap.dll
"vidc.mtx7"= f:\progra~2\ACEMEG~1\SystemS\Matrox\DigiVCap.dll
"vidc.mtx8"= f:\progra~2\ACEMEG~1\SystemS\Matrox\DigiVCap.dll
"vidc.mtx9"= f:\progra~2\ACEMEG~1\SystemS\Matrox\DigiVCap.dll
"vidc.mmes"= f:\progra~2\ACEMEG~1\SystemS\Matrox\DigiVCap.dll
"msacm.msadpcm"= f:\progra~2\ACEMEG~1\SystemS\MICROS~1\msadp32.acm
"msacm.imaadpcm"= f:\progra~2\ACEMEG~1\SystemS\MICROS~1\imaadp32.acm
"msacm.msg711"= f:\progra~2\ACEMEG~1\SystemS\MICROS~1\msg711.acm
"msacm.msg723"= f:\progra~2\ACEMEG~1\SystemS\MICROS~1\msg723.acm
"msacm.msgsm610"= f:\progra~2\ACEMEG~1\SystemS\MICROS~1\msgsm32.acm
"vidc.m261"= f:\progra~2\ACEMEG~1\SystemS\MICROS~1\msh261.drv
"vidc.m263"= f:\progra~2\ACEMEG~1\SystemS\MICROS~1\msh263.drv
"vidc.i420"= f:\progra~2\ACEMEG~1\SystemS\MICROS~1\msh263.drv
"vidc.mrle"= f:\progra~2\ACEMEG~1\SystemS\MICROS~1\msrle32.dll
"vidc.uyvy"= f:\progra~2\ACEMEG~1\SystemS\MICROS~1\msyuv.dll
"vidc.yvyu"= f:\progra~2\ACEMEG~1\SystemS\MICROS~1\msyuv.dll
"vidc.msvc"= f:\progra~2\ACEMEG~1\SystemS\MICROS~1\msvidc32.dll
"vidc.cram"= f:\progra~2\ACEMEG~1\SystemS\MICROS~1\msvidc32.dll
"vidc.mpg4"= f:\progra~2\ACEMEG~1\SystemS\MICROS~1\mpg4c32.dll
"vidc.mp41"= f:\progra~2\ACEMEG~1\SystemS\MICROS~1\mpg4c32.dll
"vidc.mp42"= f:\progra~2\ACEMEG~1\SystemS\MICROS~1\mpg4c32.dll
"vidc.mp43"= f:\progra~2\ACEMEG~1\SystemS\MICROS~1\mpg4c32.dll
"vidc.mp4s"= f:\progra~2\ACEMEG~1\SystemS\MICROS~1\mpg4c32.dll
"vidc.mp4v"= f:\progra~2\ACEMEG~1\SystemS\MICROS~1\mpg4c32.dll
"vidc.wmv3"= f:\progra~2\ACEMEG~1\SystemS\MICROS~1\WMV9VCM.dll
"msacm.msaudio1"= f:\progra~2\ACEMEG~1\SystemS\MICROS~1\msaud32.acm
"vidc.vixl"= f:\progra~2\ACEMEG~1\SystemS\Miro\miroxl32.dll
"vidc.nt00"= f:\progra~2\ACEMEG~1\SystemS\Newtek\ntcodec.dll
"msacm.vorbis"= f:\progra~2\ACEMEG~1\SystemS\OGG\vorbis.acm
"vidc.vp30"= f:\progra~2\ACEMEG~1\SystemS\ON2TEC~1\vp31vfw.dll
"vidc.vp31"= f:\progra~2\ACEMEG~1\SystemS\ON2TEC~1\vp31vfw.dll
"vidc.vp60"= f:\progra~2\ACEMEG~1\SystemS\ON2TEC~1\vp6vfw.dll
"vidc.vp61"= f:\progra~2\ACEMEG~1\SystemS\ON2TEC~1\vp6vfw.dll
"vidc.pdvc"= f:\progra~2\ACEMEG~1\SystemS\PANASO~1\idvcodec.dll
"vidc.ipdv"= f:\progra~2\ACEMEG~1\SystemS\PANASO~1\idvcodec.dll
"vidc.pvw2"= f:\progra~2\ACEMEG~1\SystemS\Pegasus\pvwv220.dll
"vidc.pimj"= f:\progra~2\ACEMEG~1\SystemS\Pegasus\pvljpg20.dll
"vidc.mjpx"= f:\progra~2\ACEMEG~1\SystemS\Pegasus\pvmjpg21.dll
"vidc.miro"= f:\progra~2\ACEMEG~1\SystemS\Pinnacle\MIRODV~1.DLL
"vidc.dcap"= f:\progra~2\ACEMEG~1\SystemS\Pinnacle\MIRODV~1.DLL
"vidc.mjpa"= f:\progra~2\ACEMEG~1\SystemS\Pinnacle\RTMJPG~1.DLL
"vidc.gpjm"= f:\progra~2\ACEMEG~1\SystemS\Pinnacle\RTMJPG~1.DLL
"vidc.pim1"= f:\progra~2\ACEMEG~1\SystemS\Pinnacle\pclepim1.dll
"msacm.qmpeg"= f:\progra~2\ACEMEG~1\SystemS\QDesign\qmpeg.acm
"vidc.rmp4"= f:\progra~2\ACEMEG~1\SystemS\REALMA~1\rmp4.dll
"vidc.rud0"= f:\progra~2\ACEMEG~1\SystemS\Rududu\rududu.dll
"msacm.at3"= f:\progra~2\ACEMEG~1\SystemS\SONY\atrac3.acm
"vidc.sony"= f:\progra~2\ACEMEG~1\SystemS\SONY\sonydv.dll
"vidc.dvcp"= f:\progra~2\ACEMEG~1\SystemS\SONY\sonydv.dll
"vidc.s422"= f:\progra~2\ACEMEG~1\SystemS\Tekram\tekyuv.dll
"vidc.t420"= f:\progra~2\ACEMEG~1\SystemS\Toshiba\tsbyuv.dll
"vidc.y411"= f:\progra~2\ACEMEG~1\SystemS\Toshiba\tsbyuv.dll
"vidc.vssv"= f:\progra~2\ACEMEG~1\SystemS\VANGUA~1\vsscodec.dll
"msacm.voxacm160"= f:\progra~2\ACEMEG~1\SystemS\VoxWare\vct3216.acm
"vidc.xvid"= f:\progra~2\ACEMEG~1\SystemS\XviD\xvidvfw.dll

[HKLM\~\startupfolder\F:^Documents and Settings^All Users^Menu Start^Programy^Autostart^HP Digital Imaging Monitor.lnk]
path=f:\documents and settings\All Users\Menu Start\Programy\Autostart\HP Digital Imaging Monitor.lnk
backup=f:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup

[HKLM\~\startupfolder\F:^Documents and Settings^Bartek^Menu Start^Programy^Autostart^OpenOffice.org 2.4.lnk]
path=f:\documents and settings\Bartek\Menu Start\Programy\Autostart\OpenOffice.org 2.4.lnk
backup=f:\windows\pss\OpenOffice.org 2.4.lnkStartup

[HKLM\~\startupfolder\F:^Documents and Settings^Bartek^Menu Start^Programy^Autostart^Picture Motion Browser Media Check Tool.lnk]
path=f:\documents and settings\Bartek\Menu Start\Programy\Autostart\Picture Motion Browser Media Check Tool.lnk
backup=f:\windows\pss\Picture Motion Browser Media Check Tool.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AnyDVD]
--a------ 2008-08-22 15:56 2173888 f:\program files\SlySoft\AnyDVD\AnyDVDtray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier]
--a------ 2008-07-22 19:42 116040 f:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Corel File Shell Monitor]
-ra------ 2008-01-15 14:18 16200 f:\program files\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Corel Photo Downloader]
-ra------ 2007-12-14 12:35 531784 f:\program files\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InCD]
--------- 2006-11-02 07:55 1397760 f:\program files\Ahead\InCD\InCD.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
--a------ 2008-07-30 09:47 289064 f:\program files\iTunes\iTunesHelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2008-05-27 09:50 413696 f:\program files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
--a------ 2004-11-02 19:24 32768 f:\programy bartek\PowerDVD\PDVDServ.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
-rahs---- 2008-08-18 17:41 1832272 f:\program files\Spybot - Search & Destroy\TeaTimer.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"f:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"f:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"f:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"f:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"f:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"f:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"f:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"f:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"f:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"f:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=
"c:\\emule\\emule.exe"=
"c:\\torrenty\\uTorrent.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"f:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"f:\\Program Files\\iTunes\\iTunes.exe"=
"f:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"f:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"f:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"e:\\avg\\antywirusowe\\avgupd.exe"=
"e:\\avg\\antywirusowe\\avgnsx.exe"=

R0 AvgRkx86;avgrkx86.sys;f:\windows\system32\Drivers\avgrkx86.sys [2008-11-04 12936]
R1 AvgLdx86;AVG AVI Loader Driver x86;f:\windows\system32\Drivers\avgldx86.sys [2008-11-05 98440]
R1 AvgTdiX;AVG8 Network Redirector;f:\windows\system32\Drivers\avgtdix.sys [2008-11-05 90632]
R2 avg8wd;AVG8 WatchDog;e:\avg\ANTYWI~1\avgwdsvc.exe [2008-11-04 231704]
R2 avgfws8;AVG8 Firewall;e:\avg\ANTYWI~1\avgfws8.exe [2008-11-05 1224984]
R3 Avgfwdx;Avgfwdx;f:\windows\system32\DRIVERS\avgfwdx.sys [2008-11-05 29208]
R3 WFIOCTL;WFIOCTL;f:\program files\WinFast\WFTVFM\WFIOCTL.SYS [2005-01-06 9446]
S3 Avgfwfd;AVG network filter service;f:\windows\system32\DRIVERS\avgfwdx.sys [2008-11-05 29208]
S3 PSI;PSI;f:\windows\system32\DRIVERS\psi_mf.sys [2008-06-16 7808]
S3 SunkFilt6;Alcor Micro Corp - 6360;f:\windows\System32\Drivers\sunkfilt6.sys [ ]
S3 SunkFilt62;Alcor Micro Corp - 6362;f:\windows\System32\Drivers\sunkfilt62.sys [ ]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12   REG_MULTI_SZ      Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt   REG_MULTI_SZ      hpqcxs08 hpqddsvc

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{88e51e8b-6ef0-11dd-8970-806d6172696f}]
\Shell\AutoRun\command - K:\Run.exe

*Newly Created Service* - PROCEXP90
.
Zawartość folderu 'Zaplanowane zadania'

2008-08-31 f:\windows\Tasks\AppleSoftwareUpdate.job
- f:\program files\Apple Software Update\SoftwareUpdate.exe [2008-04-11 16:57]
.
.
------- Skan uzupełniający -------
.
FireFox -: Profile - f:\documents and settings\Bartek\Dane aplikacji\Mozilla\Firefox\Profiles\5kllfmfa.default\
FF -: plugin - f:\program files\iTunes\Mozilla Plugins\npitunes.dll
FF -: plugin - f:\program files\Mozilla Firefox\plugins\npqtplugin8.dll
FF -: plugin - f:\program files\QuickTime\Plugins\npqtplugin8.dll
FF -: plugin - f:\programy bartek\ACE Mega CoDecS Pack\SystemS\RealMedia\Browser\plugins\nppl3260.dll
FF -: plugin - f:\programy bartek\ACE Mega CoDecS Pack\SystemS\RealMedia\Browser\plugins\nprpjplug.dll
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-11-05 12:52:33
Windows 5.1.2600 Dodatek Service Pack 3 NTFS

skanowanie ukrytych procesów ...

skanowanie ukrytych wpisów autostartu ...

skanowanie ukrytych plików ...

skanowanie pomyślnie ukończone
ukryte pliki: 0

**************************************************************************
.
Czas ukończenia: 2008-11-05 12:53:07
ComboFix-quarantined-files.txt  2008-11-05 11:53:05

Przed: 24 503 541 760 bajtów wolnych
Po: 25,985,421,312 bajtów wolnych

WindowsXP-KB310994-SP2-Home-BootDisk-PLK.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(4)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(4)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect

379   --- E O F ---   2008-10-23 21:00:25

[Magik]

posiadam antywirus AVG.....

badziew, ale mila odskocznia od Avasta

wklej do notatnika

Kod: Zaznacz wszystko

Windows REgistry Editor Version 5.00

[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{88e51e8b-6ef0-11dd-8970-806d6172696f}]

zapisz jako fix.reg i odpal

pojawia się komunikat w którym widnieje taka nazwa SvcHelper.exe. nie mam pojęcia co to jest

ja tym bardziej bo wrozka nie jestem//moglbys byc tak laskaw wkleic cala jego tresc albo screen


przeskanuj kompa http://www.kaspersky.pl/virusscanner.html i wklej raport na forum

do tego

Zastosuj SDFix . Po pobraniu uruchom go a rozpakuje się do C:\SDFix. Uruchom komputer w trybie awaryjnym (F8 przy stracie systemu). Będšc w awaryjnym uruchom plik RunThis.bat z folderu SDFixa. ZatwierdŸ czyszczenie przez Y. Poczekaj aż ukończy i komputer zresetuje



Potem wejdz do folderu C:\SDFix wrzuc zawartoœć pliku Report.txt + log z hijacka


firewalla tez zadnego w tym kompie nie widac

[bartosz121]

Wkleiłem do notatnika i choć nie chciało przyjąć zmian do rejestru to nie wiem czemu problemu już nie mam, komunikat nie wyskakuje a ponad tydzień mnie męczył .Firewalla mam ale nie wiedzieć czemu sam się wyłączył a był także z AVG, dziękuję w każdym razie za zainteresowanie moim postem i pomoc następnym razem dokładnie zapiszę komunikat .Widzę że to forum jest super od razu pomoc a myślałem że będę czekał :-} narazie....