wirus problem nowy komp

[kepa416]

Problem polega na tym iż programy takie jak avast avg czy zone alarm same mi sie usuwają z kompa albo robią błędy :

Logfile of HijackThis v1.99.1
Scan saved at 16:25:43, on 2007-11-03
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\ATKKBService.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PSIService.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\AutoConnect\AutoConnect.exe
C:\Program Files\Gadu-Gadu\gg.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Mozilla Firefox\firefox.exe
E:\MOJE\Programy\system\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll
O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [AdslTaskBar] rundll32.exe stmctrl.dll,TaskBar
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [AutoConnect] C:\Program Files\AutoConnect\AutoConnect.exe
O4 - HKCU\..\Run: [Gadu-Gadu] "C:\Program Files\Gadu-Gadu\gg.exe" /tray
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: &Ściągnij przy pomocy FlashGet'a - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: &Ściągnij wszystko przy pomocy FlashGet'a - C:\Program Files\FlashGet\jc_all.htm
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{20E0ED49-D8A9-4DE3-9B24-B41D2167D4C0}: NameServer = 194.204.159.1 217.98.63.164
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe (file missing)
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe (file missing)
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - Unknown owner - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Unknown owner - C:\WINDOWS\system32\ZoneLabs\vsmon.exe (file missing)

[Lukesh]

Zastosuj sie do wskazowek z tematu: http://forum.programosy.pl/bad-generic-host-process-for-win32-services-vt79489.html
Zrob skan on-line www.ewido.com
Pokaz log z ComboFix: http://www.programosy.pl/program,combofix.html
na sam koniec wstaw CALE logi wg opisu: http://forum.programosy.pl/hijackthis-amp-silent-runners-gtobsuga-i-umieszczanie-vt9452.html

[kepa416]

Zastosuj sie do wskazowek z tematu: http://forum.programosy.pl/bad-generic-host-process-for-win32-services-vt79489.html

wwd nie zamyka ostatniego portu wywala coś o mesengeru




[ Dodano: Dzisiaj o 16:47 ]

ComboFix 07-11-01.1 - User 2007-11-03 16:43:48.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1250.1.1045.18.1675 [GMT 1:00]
Running from: E:\zassane\ComboFix.exe
* Created a new restore point
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\WINDOWS\exefld
C:\WINDOWS\exefld\2042640.exe
C:\WINDOWS\system32\drivers\hidr.exe
C:\WINDOWS\system32\drivers\srosa.sys
C:\WINDOWS\system32\wintems.exe

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

.
-------\LEGACY_SROSA
-------\srosa


((((((((((((((((((((((((( Files Created from 2007-10-03 to 2007-11-03 )))))))))))))))))))))))))))))))
.

2007-11-03 16:39 51,200 --a------ C:\WINDOWS\NirCmd.exe
2007-11-03 16:21 2,137,600 --a------ C:\WINDOWS\system32\ntoskrnl.exe
2007-11-03 16:21 2,137,600 --a--c--- C:\WINDOWS\system32\dllcache\ntkrnlmp.exe
2007-11-03 15:50 801,144 --a------ C:\WINDOWS\system32\aswBoot.exe
2007-11-03 15:50 95,608 --a------ C:\WINDOWS\system32\AvastSS.scr
2007-11-03 15:50 94,416 --a------ C:\WINDOWS\system32\drivers\aswmon2.sys
2007-11-03 15:50 92,848 --a------ C:\WINDOWS\system32\drivers\aswmon.sys
2007-11-03 15:50 42,912 --a------ C:\WINDOWS\system32\drivers\aswTdi.sys
2007-11-03 15:50 26,624 --a------ C:\WINDOWS\system32\drivers\aavmker4.sys
2007-11-03 15:50 23,152 --a------ C:\WINDOWS\system32\drivers\aswRdr.sys
2007-11-03 14:18 <DIR> d-------- C:\WINDOWS\system32\InsFiles
2007-11-03 14:16 <DIR> d-------- C:\Program Files\ZTE ZXDSL 852
2007-11-03 14:16 684,265 --a------ C:\WINDOWS\system32\drivers\torususb.sys
2007-11-03 14:16 425,984 --a------ C:\WINDOWS\system32\stmcfg32.dll
2007-11-03 14:16 151,552 --a------ C:\WINDOWS\system32\stmctrl.dll
2007-11-03 14:16 102,400 --a------ C:\WINDOWS\stmtrace.exe
2007-11-03 14:16 65,536 --a------ C:\WINDOWS\DSLTest.exe
2007-11-03 14:16 60,255 --a------ C:\WINDOWS\system32\drivers\stmatm.sys
2007-11-03 14:16 36,864 --a------ C:\WINDOWS\system32\stmclean.exe
2007-11-03 13:59 <DIR> d-------- C:\Documents and Settings\User\Dane aplikacji\Corel
2007-11-03 13:59 2,516 --ahs---- C:\WINDOWS\system32\KGyGaAvL.sys
2007-11-03 13:59 8 -r-hs---- C:\WINDOWS\system32\D66AB7E280.sys
2007-11-03 13:58 <DIR> d-------- C:\Program Files\Corel
2007-11-03 13:58 <DIR> d-------- C:\Program Files\Common Files\Corel
2007-11-03 13:58 <DIR> d-------- C:\Documents and Settings\All Users\Dane aplikacji\Corel
2007-11-03 13:56 <DIR> d-------- C:\Program Files\Common Files\Adobe
2007-11-03 02:18 <DIR> d-------- C:\WINDOWS\system32\LogFiles
2007-11-03 02:18 103,736 --a------ C:\WINDOWS\system32\PnkBstrB.exe
2007-11-03 02:18 66,872 --a------ C:\WINDOWS\system32\PnkBstrA.exe
2007-11-03 02:18 22,328 --a------ C:\WINDOWS\system32\drivers\PnkBstrK.sys
2007-11-03 02:07 <DIR> d-------- C:\Documents and Settings\User\Dane aplikacji\InstallShield
2007-11-03 02:00 <DIR> d-------- C:\Program Files\PhotoFiltre
2007-11-03 01:06 <DIR> d-------- C:\Program Files\Common Files\NSV
2007-11-03 00:45 <DIR> d-------- C:\Program Files\Lavalys
2007-11-02 23:48 1,156 --a------ C:\WINDOWS\mozver.dat
2007-11-02 23:41 0 --a------ C:\WINDOWS\nsreg.dat
2007-11-02 23:37 1,226,784 --ahs---- C:\WINDOWS\system32\drivers\fidbox.dat
2007-11-02 23:35 <DIR> d-------- C:\Documents and Settings\All Users\Dane aplikacji\MailFrontier
2007-11-02 23:31 <DIR> d-------- C:\Documents and Settings\All Users\Dane aplikacji\LightScribe
2007-11-02 23:28 1,060,864 --a------ C:\WINDOWS\system32\MFC71.dll
2007-11-02 23:28 499,712 --a------ C:\WINDOWS\system32\MSVCP71.dll
2007-11-02 23:27 <DIR> d-------- C:\Program Files\AutoConnect
2007-11-02 23:27 <DIR> d-------- C:\Program Files\Ashampoo
2007-11-02 23:26 26,496 --a--c--- C:\WINDOWS\system32\dllcache\usbstor.sys
2007-11-02 23:19 12,160 --a------ C:\WINDOWS\system32\drivers\mouhid.sys
2007-11-02 23:19 12,160 --a--c--- C:\WINDOWS\system32\dllcache\mouhid.sys
2007-11-02 23:19 9,600 --a------ C:\WINDOWS\system32\drivers\hidusb.sys
2007-11-02 23:19 9,600 --a--c--- C:\WINDOWS\system32\dllcache\hidusb.sys
2007-11-02 22:51 <DIR> d-------- C:\Documents and Settings\User\Dane aplikacji\Image Zone Express
2007-11-02 22:50 <DIR> d-------- C:\Program Files\K-Lite Codec Pack
2007-11-02 22:36 <DIR> d-------- C:\Documents and Settings\User\Dane aplikacji\HP
2007-11-02 22:36 <DIR> d-------- C:\Documents and Settings\All Users\Dane aplikacji\HP
2007-11-02 22:35 <DIR> d-------- C:\Program Files\Common Files\HP
2007-11-02 22:34 <DIR> d-------- C:\Program Files\Hewlett-Packard
2007-11-02 22:34 <DIR> d-------- C:\Program Files\Common Files\Hewlett-Packard
2007-11-02 22:32 77,824 -ra------ C:\WINDOWS\system32\HPZIDS01.dll
2007-11-02 22:32 49,664 -ra------ C:\WINDOWS\system32\drivers\HPZid412.sys
2007-11-02 22:32 48,128 --a------ C:\WINDOWS\system32\hpzll054.dll
2007-11-02 22:32 16,496 -ra------ C:\WINDOWS\system32\drivers\HPZipr12.sys
2007-11-02 22:32 15,104 --a------ C:\WINDOWS\system32\drivers\usbscan.sys
2007-11-02 22:32 15,104 --a--c--- C:\WINDOWS\system32\dllcache\usbscan.sys
2007-11-02 22:29 <DIR> d-------- C:\Program Files\HP
2007-11-02 22:29 306,688 --a------ C:\WINDOWS\IsUninst.exe
2007-11-02 22:29 282,680 --a------ C:\WINDOWS\system32\HPZidr12.dll
2007-11-02 22:29 204,800 --a------ C:\WINDOWS\system32\HPZipr12.dll
2007-11-02 22:29 94,208 --a------ C:\WINDOWS\system32\HPZipt12.dll
2007-11-02 22:29 73,728 --a------ C:\WINDOWS\system32\HPZipm12.exe
2007-11-02 22:29 65,536 --a------ C:\WINDOWS\system32\HPZinw12.exe
2007-11-02 22:29 57,344 --a------ C:\WINDOWS\system32\HPZisn12.dll
2007-11-02 22:26 31,616 --a------ C:\WINDOWS\system32\drivers\usbccgp.sys
2007-11-02 22:26 31,616 --a--c--- C:\WINDOWS\system32\dllcache\usbccgp.sys
2007-11-02 22:26 25,856 --a------ C:\WINDOWS\system32\drivers\usbprint.sys
2007-11-02 22:26 25,856 --a--c--- C:\WINDOWS\system32\dllcache\usbprint.sys
2007-11-02 22:24 120,253 --a------ C:\WINDOWS\hpoins11.dat
2007-11-02 22:08 <DIR> d-------- C:\Program Files\MSXML 4.0
2007-11-02 18:44 <DIR> d-------- C:\Documents and Settings\All Users\Dane aplikacji\nView_Profiles
2007-11-02 18:16 <DIR> d-------- C:\Program Files\Winamp
2007-11-02 18:05 348,160 --a------ C:\WINDOWS\system32\MSVCR71.dll
2007-11-02 17:40 <DIR> d-------- C:\Documents and Settings\User\Dane aplikacji\Gadu-Gadu
2007-11-02 17:38 <DIR> d-------- C:\Program Files\Gadu-Gadu
2007-11-02 17:38 <DIR> d-------- C:\Documents and Settings\User\Gadu-Gadu
2007-11-02 17:37 <DIR> d-------- C:\Program Files\Uniblue
2007-11-02 17:37 <DIR> d-------- C:\Program Files\Smart PC Solutions
2007-11-02 17:37 <DIR> d-------- C:\Documents and Settings\User\Dane aplikacji\Uniblue
2007-11-02 17:37 642,560 --a------ C:\WINDOWS\system32\drivers\sptd.sys
2007-11-02 17:37 96,256 --a------ C:\WINDOWS\system32\drivers\sptd3005.sys
2007-11-02 17:36 <DIR> d-------- C:\Documents and Settings\All Users\Dane aplikacji\Grisoft
2007-11-02 17:36 10,872 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
2007-11-02 17:33 <DIR> d-------- C:\Program Files\GRETECH
2007-11-02 17:33 <DIR> d-------- C:\Program Files\eMule
2007-11-02 17:16 <DIR> d-------- C:\WINDOWS\pss

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-11-03 15:44 17,516 --sha-w C:\WINDOWS\system32\drivers\fidbox.idx
2007-11-03 13:52 --------- d--h--w C:\Program Files\InstallShield Installation Information
2007-11-03 13:43 --------- d-----w C:\Program Files\FlashGet
2007-11-02 21:49 --------- d-----w C:\Documents and Settings\User\Dane aplikacji\Smart PC Solutions
2007-11-02 20:03 --------- d-----w C:\Program Files\Futuremark
2007-11-02 20:02 --------- d-----w C:\Program Files\Common Files\LightScribe
2007-11-02 20:02 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\Ahead
2007-11-02 20:01 --------- d-----w C:\Program Files\Common Files\Ahead
2007-11-02 19:58 --------- d-----w C:\Program Files\Nero
2007-11-02 19:58 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\Nero
2007-11-02 19:49 --------- d-----w C:\Program Files\My Company Name
2007-11-02 19:46 --------- d-----w C:\Program Files\Common Files\InstallShield
2007-11-02 19:39 315,392 ----a-w C:\WINDOWS\HideWin.exe
2007-11-02 19:39 --------- d-----w C:\Program Files\Realtek
2007-11-02 19:37 --------- d-----w C:\Program Files\Intel
2007-11-02 19:28 --------- d-----w C:\Program Files\microsoft frontpage
2007-11-02 19:27 --------- d-----w C:\Program Files\Usługi online
2007-11-02 19:10 223,128 ----a-w C:\WINDOWS\system32\drivers\dtscsi.sys
2007-11-02 19:10 --------- d-----w C:\Program Files\DAEMON Tools
2007-11-02 19:09 --------- d-----w C:\Documents and Settings\User\Dane aplikacji\Ahead
2007-09-06 15:14 75,248 ----a-w C:\WINDOWS\zllsputility.exe
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2007-04-10 16:28 C:\WINDOWS\RTHDCPL.exe]
"SkyTel"="SkyTel.EXE" [2007-04-04 18:22 C:\WINDOWS\SkyTel.exe]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-05-10 23:03]
"nwiz"="nwiz.exe" [2007-05-10 23:03 C:\WINDOWS\system32\nwiz.exe]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2007-05-10 23:03]
"NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-01 15:57]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2006-02-19 02:41]
"ZoneAlarm Client"="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" []
"AdslTaskBar"="stmctrl.dll" [2006-06-02 11:01 C:\WINDOWS\system32\stmctrl.dll]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" []
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 10:25]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-06-01 10:21]
"AutoConnect"="C:\Program Files\AutoConnect\AutoConnect.exe" [2004-08-28 19:27]
"Gadu-Gadu"="C:\Program Files\Gadu-Gadu\gg.exe" [2007-04-17 12:12]

C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2004-12-14 04:44:06]
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2006-02-19 04:21:22]

SafeBoot registry key needs repairs. This machine cannot enter Safe Mode.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\File system]
@="Driver Group"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vgasave.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E967-E325-11CE-BFC1-08002BE10318}]
@="DiskDrive"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96A-E325-11CE-BFC1-08002BE10318}]
@="Hdc"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96B-E325-11CE-BFC1-08002BE10318}]
@="Keyboard"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96F-E325-11CE-BFC1-08002BE10318}]
@="Mouse"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97D-E325-11CE-BFC1-08002BE10318}]
@="System"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{71A27CDD-812A-11D0-BEC7-08002BE2092F}]
@="Volume"

R3 Stmatm;ATM/ADSL miniport;C:\WINDOWS\system32\DRIVERS\stmatm.sys
R3 TaurusUsb;ADSL Modem USB Service;C:\WINDOWS\system32\DRIVERS\torususb.sys
S3 asusgsb;ASUS Virtual Video Capture Device Driver;C:\WINDOWS\system32\drivers\asusgsb.sys
S3 AtcL001;NDIS Miniport Driver for Atheros L1 Gigabit Ethernet Controller;C:\WINDOWS\system32\DRIVERS\l151x86.sys
S3 Video3D;ASUS Video3D Service;C:\WINDOWS\system32\Drivers\Video3D32.sys


[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
"C:\Program Files\Common Files\LightScribe\LSRunOnce.exe"
.
**************************************************************************

catchme 0.3.1250 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-11-03 16:45:52
Windows 5.1.2600 Dodatek Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2007-11-03 16:46:23 - machine was rebooted
.
--- E O F ---

[wojtas]

poczytaj o Przywracaniu Trybu awaryjnego

[kepa416]

poczytaj o Przywracaniu Trybu awaryjnego

Zrobiłem to , udało mi sie zainstalowac AVG i Avasta narazie działa normalnie.

[wojtas]

udało mi sie zainstalowac AVG i Avasta narazie działa normalnie.

tak bo combofix usunal rookita ktorego miales w kompie

[kepa416]

A jak zrobić żeby :rootkit; nie wracał .. i żeby zablokować to co wykrywa avg

[wojtas]

zabezpieczyles sie w postaci wwdc oraz Seconfig XP

[kepa416]

Seconfig XP

tak

wwdc

ostatniego portu nie chce zamknąć wyskakuje błąd z adresem wpisu rejestru

[ Dodano: Dzisiaj o 2:49 ]
A co mógł bym zrobiż żeby zablokowac ten ostatni port??