Żaden program ochronny nie działa

[Kamil636]

Siemka ...
Mam do was wielką prośbę ..
Coś się znowu stało z moim kompem.
Z tego co widać to ciężki przypadek. ; [
Cóż powiedzieć .. "antyvirus" nie działa, żaden program ochronny też nie ...
Mam avasta ... kiedy próbowałem go uruchomić ostatnim razem ... wyskoczyło mi że mam jakiś błąd ...
w prawym dolnym rogu na ikonce był taki czerwony znaczek. zaktualizowałem program i wszystko chwile działało i było ok ... po jakimś czasie w ten sam dzień kiedy uruchomiłem kompa po raz drugi avast wogóle nie działał. Próbowałem skanować wszystkim czym sie da .. i nic nie pomogło .. używałem óżnych programów ..
ale po ich włączeniu nic sie nie działo .. teraz połowa z nich .. a nawet większość jest zablokowana wyskakuje mi taki komunikat:

i tak jest z każdym programem którym próbuje to naprawić ..
tak jakby coś blokowało kompa ..

pamiętam że wszystko zaczeło sie od tego jak chciałem ściągnąć KEY`a do "VirtualDj"
niby normalna instalka a po dwukliku na nią znikneła z pulpitu i od tamtej pory wszystko sie psuje ; [
prosze pomóżcie ..
jedyne logi które uddało mi sie zdobyć to :

"Spyware Terminator v2.3.0.507 Logfile"

Kod: Zaznacz wszystko

Logfile of Spyware Terminator v2.3.0.507 (db:3.001.016.000)
Scan Time: 2009-09-05 00:03:19  length: 72 s
Platform: WXP (5.1.0.2600)
User: Admin
Boot Mode: Safe
Scan type: Fast_Spyware_Scan
Scanned Objects: 53021 (Critical:0)
Filter: No System items, No Safe items, No Invalid items

Internet Settings
R - HKLM\Software\Microsoft\Internet Explorer\Main, Start Page = http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
R - HKLM\Software\Microsoft\Internet Explorer\Search, SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
R - HKLM\Software\Microsoft\Internet Explorer\Search, CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
R - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings, ProxyOverride = *.local
R - HKLM\System\CurrentControlSet\Services\Tcpip\Parameters, Domain =
R - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Telephony, DomainName =

BHO
02 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} -  : C:\Program Files\Free Download Manager\iefdm2.dll
02 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} -  [Sun Microsystems, Inc.] : C:\Program Files\Java\jre6\bin\jp2ssv.dll
02 - BHO: JQSIEStartDetectorImpl Class - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} -  [Sun Microsystems, Inc.] : C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

StartUps
04 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, CTZDetec.exe :  [Creative Technology Ltd.] : C:\Program Files\Creative\Creative Media Lite\CTZDetec.exe
04 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, dtkbqh :  : C:\Documents and Settings\Monika\USTAWIENIA LOKALNE\DANE APLIKACJI\DTKBQH.EXE
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, LogitechCommunicationsManager :  [Logitech Inc.] : C:\Program Files\Common Files\LOGISHRD\LCOMMGR\COMMUNICATIONS_HELPER.EXE
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, amd_dc_opt :  [AMD] : C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe
04 - HKLM\System\CurrentControlSet\Control\Session Manager, BootExecute :  : C:\WINDOWS\system32\lsdelete.exe
04 - Startup: %STARTUPALL%\Belkin Wireless USB Utility.lnk [Belkin] : D:\Program Files\Belkin\USB F5D7050\Wireless Utility\Belkinwcui.exe

Shell Extensions
Desktop Explorer - {1CDB2949-8F65-4355-8456-263E7C208A5D} -  [NVIDIA Corporation] : C:\WINDOWS\system32\nvshell.dll
- {1E9B04FB-F9E5-4718-997B-B8DA88302A47} -  [NVIDIA Corporation] : C:\WINDOWS\system32\nvshell.dll
nView Desktop Context Menu - {1E9B04FB-F9E5-4718-997B-B8DA88302A48} -  [NVIDIA Corporation] : C:\WINDOWS\system32\nvshell.dll
- {C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} -  [Sun Microsystems, Inc.] : C:\Program Files\OpenOffice.ux.pl 2.1.0\program\shlxthdl.dll
- {087B3AE3-E237-4467-B8DB-5A38AB959AC9} -  [Sun Microsystems, Inc.] : C:\Program Files\OpenOffice.ux.pl 2.1.0\program\shlxthdl.dll
- {63542C48-9552-494A-84F7-73AA6A7C99C1} -  [Sun Microsystems, Inc.] : C:\Program Files\OpenOffice.ux.pl 2.1.0\program\shlxthdl.dll
- {3B092F0C-7696-40E3-A80F-68D74DA84210} -  [Sun Microsystems, Inc.] : C:\Program Files\OpenOffice.ux.pl 2.1.0\program\shlxthdl.dll
WinRAR - {B41DB860-8EE4-11D2-9906-E49FADC173CA} -  : C:\Program Files\WinRAR\rarext.dll
Moje foldery udostępniania - {FC9FB64A-1EB2-4CCF-AF5E-1A497A9B5C2D} -  [Microsoft Corporation] : C:\Program Files\Windows Live\Messenger\fsshext.8.5.1302.1018.dll
CLSID_WLMCMimeFilter - {0563DB41-F538-4B37-A92D-4659049B7766} -  [Microsoft Corporation] : C:\Program Files\Windows Live\Mail\mailcomm.dll
- {06A2568A-CED6-4187-BB20-400B8C02BE5A} -  [Microsoft Corporation] : C:\Program Files\Windows Live\Photo Gallery\WLXPhotoAcquireWizard.exe
Windows Live Photo Gallery Import Autoplay Shim - {00F33137-EE26-412F-8D71-F84E4C2C6625} -  [Microsoft Corporation] : C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll
Windows Live Photo Gallery Viewer Shim - {00F346CB-35A4-465B-8B8F-65A29DBAB1F6} -  [Microsoft Corporation] : C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll
Windows Live Photo Gallery Editor Shim - {00F3712A-CA79-45B4-9E4D-D7891E7F8B9D} -  [Microsoft Corporation] : C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll
Windows Live Photo Gallery Viewer Autoplay Shim - {00F30F90-3E96-453B-AFCD-D71989ECC2C7} -  [Microsoft Corporation] : C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll
iTunes - {B9E1D2CB-CCFF-4AA6-9579-D7A4754030EF} -  [Apple Inc.] : D:\Program Files\iTunes\iTunesMiniPlayer.dll

Protocol Handler
BackWeb GA Pluggable Protocol - {9462A756-7B47-47BC-8C80-C34B9B80B32B} -  [Logitech Inc.] : C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
- {828030A1-22C1-4009-854F-8E305202313F} -  [Microsoft Corporation] : C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll
- {828030A1-22C1-4009-854F-8E305202313F} -  [Microsoft Corporation] : C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll
IEProtocolHandler Class - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} -  [Skype Technologies] : C:\Program Files\Common Files\Skype\Skype4COM.dll
Windows Live Mail HTML Asynchronous Pluggable Protocol Handler - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} -  [Microsoft Corporation] : C:\Program Files\Windows Live\Mail\mailcomm.dll

Services
23 - [AMD, Inc.] : C:\WINDOWS\system32\DRIVERS\AmdLLD.sys
23 - [GEAR Software Inc.] : C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
23 - [NVIDIA Corporation] : C:\WINDOWS\system32\DRIVERS\nvata.sys
23 - [NVIDIA Corporation] : C:\WINDOWS\system32\DRIVERS\NVENETFD.sys
23 - [NVIDIA Corporation] : C:\WINDOWS\system32\DRIVERS\nvnetbus.sys
23 - : C:\WINDOWS\system32\Drivers\sptd.sys

Advanced Files Report
%SystemDiskRoot%\?\globalroot\Device\__max++>\0EDBB59A.x86.dll
%PROGRAMFILES%\OpenOffice.ux.pl 2.1.0\program\shlxthdl.dll [Sun Microsystems, Inc.] MD5=35BC8B9CFA8397EDE278BD4A3395141D SIZE=471040
%PROGRAMFILES%\OpenOffice.ux.pl 2.1.0\program\uwinapi.dll [Sun Microsystems, Inc.] MD5=20CCD5CC223EF2C1AA82B97B1D73675C SIZE=102400
%PROGRAMFILES%\OpenOffice.ux.pl 2.1.0\program\stlport_vc7145.dll [STLport Consulting, Inc.] [STLport Standard ANSI C++ Libarary] MD5=78C7F4F500BB809AF44F512D8B148FD2 SIZE=618496
%COMMONFILES%\Adobe\Acrobat\ActiveX\PDFShell.POL [Adobe Systems, Inc.] [Adobe PDF Shell Extension] MD5=2449DA6BA8F354B339F7577ACCC02183 SIZE=311296
%PROGRAMFILES%\WinRAR\rarext.dll MD5=00D368C41351328E08DD350F1C5B9BEF SIZE=129024
%SYSDIR%\CmdLineExt.dll [Sony DADC Austria AG.] MD5=E4DA8F4DCC53E979A25461F63499F712 SIZE=107888
D:\Program Files\Belkin\USB F5D7050\Wireless Utility\Belkinwcui.exe [Belkin] [Belkin Wireless Client Utility] MD5=BAB365CB7ED672D5830D77CA9DB1B207 SIZE=1404928
%SYSDIR%\nvshell.dll [NVIDIA Corporation] [NVIDIA Desktop Explorer, Version 110.49] MD5=E3617AC4165F5F006EFFE355F10722F8 SIZE=466944
%PROGRAMFILES%\Windows Live\Messenger\fsshext.8.5.1302.1018.dll [Microsoft Corporation] [Messenger] MD5=8BDE1F61DFBAAE7A2916170E8B75FE0F SIZE=329240
%PROGRAMFILES%\Windows Live\Mail\mailcomm.dll [Microsoft Corporation] [Messenger] MD5=6A69BEDDD514F21B8A216B85EAF330B5 SIZE=858136
%PROGRAMFILES%\Windows Live\Photo Gallery\WLXPhotoAcquireWizard.exe [Microsoft Corporation] [Windows Live Photo Gallery] MD5=86C67242AC4ADA2C20D0748157E3ED8C SIZE=227456
%PROGRAMFILES%\Windows Live\Photo Gallery\PhotoViewerShim.dll [Microsoft Corporation] [Windows Live Photo Gallery] MD5=024F4D95154039B2292F4B856A52AB7D SIZE=46112
%SYSDIR%\rundll32.exe "C:\Program Files\Windows Live\Photo Gallery\WLXPhotoViewer.dll",PhotoViewerComServer {2BE99FD4-A181-4996-BFA9-58C5FFD11F6C}
%SYSDIR%\rundll32.exe "C:\Program Files\Windows Live\Photo Gallery\WLXPhotoViewer.dll",PhotoViewerComServer {00F30F64-AC33-42F5-8FD1-5DC2D3FDE06C}
%SYSDIR%\rundll32.exe "C:\Program Files\Windows Live\Photo Gallery\WLXPhotoViewer.dll",PhotoViewerComServer {00F374B7-B390-4884-B372-2FC349F2172B}
D:\Program Files\iTunes\iTunesMiniPlayer.dll [Apple Inc.] [iTunes] MD5=E09CFE267EA65AEEAE26B9D76CA1A2C8 SIZE=132392
%SYSDIR%\DRIVERS\AmdLLD.sys [AMD, Inc.] [Low Level Device Driver] MD5=E7314D43CD2BE981D8BC4826B50EAF05 SIZE=33280
%SYSDIR%\svchost.exe -k netsvcs
%SYSDIR%\svchost -k DcomLaunch
%SYSDIR%\svchost.exe -k NetworkService
%SYSDIR%\DRIVERS\GEARAspiWDM.sys [GEAR Software Inc.] [CD DVD Filter] MD5=AB8A6A87D9D7255C3884D5B9541A6E80 SIZE=15464
%SYSDIR%\svchost.exe -k LocalService
%SYSDIR%\DRIVERS\nvata.sys [NVIDIA Corporation] [NVIDIA nForce(TM) IDE Driver] MD5=9ECCD189A9554C30A0D18A429778C7BA SIZE=105088
%SYSDIR%\DRIVERS\NVENETFD.sys [NVIDIA Corporation] [NVENETFD] MD5=4D6F0D3FB17C1BA64942F415C73ADCDB SIZE=57856
%SYSDIR%\DRIVERS\nvnetbus.sys [NVIDIA Corporation] [NVNETBUS] MD5=921E63AA1E1A20302223D016ACAFB52B SIZE=20480
%SYSDIR%\svchost -k rpcss
%SYSDIR%\Drivers\sptd.sys SIZE=717296
%PROGRAMFILES%\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll [Logitech Inc.] [Logitech Desktop Messenger] MD5=8EC5211CEBB1D293B9E6F552F03C0659 SIZE=28711
%PROGRAMFILES%\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll [Microsoft Corporation] [Messenger] MD5=56319E6B4D190A2DEB4463A9CE4D4F74 SIZE=66072
%COMMONFILES%\Skype\Skype4COM.dll [Skype Technologies] [Skype4COM] MD5=BE8FC3EF67D58F8D711EA94F8C17D8F7 SIZE=1942824
%SYSDIR%\MACROMED\SHOCKWAVE 10\GTAPI.DLL MD5=AE5CDA196A69F583DD356E7487AF3B49 SIZE=52288
%SYSDIR%\pxdrv.dll [Sonic Solutions] [Px] MD5=C7FE0B22837423F70251AC63C5310E57 SIZE=510712
%SYSDIR%\pxwave.dll [Sonic Solutions] [PxWave] MD5=B0435AB58FC33FF1190177C6CE466409 SIZE=379640
%WINDIR%\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80ITA.dll [Microsoft Corporation] [Microsoft® Visual Studio® 2005] MD5=CB23B162AC655F24C6711A5F5DF348C6 SIZE=61440
%WINDIR%\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfc80.dll [Microsoft Corporation] [Microsoft® Visual Studio® 2005] MD5=1B7524806D0270B81360C63A2FA047CB SIZE=1101824
%PROGRAMFILES%\Java\jre1.6.0_07\bin\JdbcOdbc.dll [Sun Microsystems, Inc.] [Java(TM) Platform SE 6 U7] MD5=F708430AE09C4102933E24CD6D12780D SIZE=36352
%PROGRAMFILES%\Java\jre1.6.0_07\bin\dcpr.dll [Sun Microsystems, Inc.] [Java(TM) Platform SE 6 U7] MD5=D6E7FFCD38ECDFE4BD8DCE29D8D1A654 SIZE=143360
%PROGRAMFILES%\Java\jre1.6.0_07\bin\ioser12.dll [Sun Microsystems, Inc.] [Java(TM) Platform SE 6 U7] MD5=5CF15BC4493299F6645DB27B51278D2A SIZE=12800
%PROGRAMFILES%\Java\jre1.6.0_07\bin\javacpl.cpl [Sun Microsystems, Inc.] [Java(TM) Platform SE 6 U7] MD5=370716E3CA99E6A4346F272DA56017C1 SIZE=73728
%PROGRAMFILES%\Java\jre1.6.0_07\bin\policytool.exe [Sun Microsystems, Inc.] [Java(TM) Platform SE 6 U7] MD5=1C0C6888952D9EC22A7B5C6FAD0E8160 SIZE=25600
%SYSDIR%\MFC71DEU.DLL [Microsoft Corporation] [Microsoft® Visual Studio .NET] MD5=C94D9D5B96D385586063093BAAD8F206 SIZE=65536
%SYSDIR%\MFC71JPN.DLL [Microsoft Corporation] [Microsoft® Visual Studio .NET] MD5=C3CA0BF342DD90C9012C77BCFFD9D43D SIZE=49152
%SYSDIR%\bdeadmin.cpl [Inprise Corporation] MD5=4BC02BD73338C3A26265F5C64DBEC770 SIZE=183808
%SYSDIR%\drivers\aswFsBlk.sys [ALWIL Software] [avast! Antivirus System] MD5=062287CEE536E8AF6680D33259DE6BD6 SIZE=20560
%SYSDIR%\drivers\aswRdr.sys [ALWIL Software] [avast! Antivirus System] MD5=06B360D8179959798D2BF054437DF923 SIZE=23152
%SYSDIR%\drivers\aswmon2.sys [ALWIL Software] [avast! Antivirus System] MD5=05960396794E51EBBB9507C86B8B009E SIZE=94160
%SYSDIR%\drivers\Awrtpd.sys [Lavasoft AB] [Ad-Watch Beta] MD5=124E75B7C483E5D646F99EF5ACFD61B8 SIZE=12960

End of Report

 
    Usuń proces:
 
  Przygotowywanie struktur
  Usuwanie plików wyłaczone
  Usuń Affiliate tracking cookie
  Usunięty plik: C:\Documents and Settings\Monika\cookies\monika@advertising[1].txt
  Usunięty plik: C:\Documents and Settings\Monika\cookies\monika@simply[1].txt
  Usunięty plik: C:\Documents and Settings\Monika\cookies\monika@zedo[2].txt
  Wykonane


FixIEDef

Kod: Zaznacz wszystko

********************************************************************************
*                                                                              *
*                                 FixIEDef Log                                 *
*                              Version 1.7.20.6860                             *
*                                                                              *
********************************************************************************

Created at 00:06:45 on Saturday, September 05, 2009

Time Zone            :

Logged On User       : Monika

Operating System     : Microsoft Windows XP Home Edition Dodatek Service Pack 3
OS Version           : 5.1.2600
System Langauge      : Polish
Keyboard Layout      : Polish
Processor            : X86 AMD Athlon(tm) 64 Processor 3200+

System Drive         : C:\
Windows Directory    : C:\WINDOWS
System Directory     : C:\WINDOWS\system32

System Drive Type    : Fixed
System Drive Status  : READY
System Drive Label   : Dysk
System Drive Size    : 30 GB
System Drive Free    : 5.46 GB

Total Physical Memory: 2031 MB
Free Physical Memory : 1727 MB
Total Page File      : 2031 MB
Free Page File       : 3240 MB
Total Virtual Memory : 2048 MB
Free Virtual Memory  : 1972 MB

Boot State           : Fail-safe with network boot

--------------------------------------------------------------------------------

!!! userinit.exe is Clean !!!

--------------------------------------------------------------------------------

!!! Files that have been deleted !!!

C:\WINDOWS\system32\actskn45.ocx

--------------------------------------------------------------------------------

!!! Directories that have been removed !!!

No malicious directories to be removed

--------------------------------------------------------------------------------

!!! Registry entries that have been removed !!!

No malicious Registry entries found

================================================================================

All Done :)

ShadowPuterDude

Safe Surfing!!!

I jeszcze jedno .. od tamtego czasu na dysku "C" gdzie wszystkie te programy są zainstalowane ..
pojawia sie notatnik ``Bug`` a w nim takie coś:

Kod: Zaznacz wszystko

PUSHD "C:\32788R22FWJFW\"

IF NOT EXIST C:\WINDOWS\system32\cmd.exe GOTO Not_NT

VER  1>VER00

C:\WINDOWS\system32\FIND.exe "Microsoft Windows [Version 5.2.3790]" VER00  1>NULL

IF NOT ERRORLEVEL 1 GOTO Not_NT

C:\WINDOWS\system32\FIND.exe "Windows XP" VER00  1>NULL

HANDLE  1>temp01

SED -r "/<Non-existant Process> pid: ([0-9]*) .*/!d; s//@Nircmd KillProcess \/\1/" temp01  1>temp00.bat

CALL temp00.bat

PV -o"%i\t%l"  1>temp02

SED "/\t.*\\nircmd\.inf$/!d; s///; s/./@pv -kfi &/" temp02  1>temp01.bat

CALL temp01.bat

DEL /Q temp0?.bat temp0?  2>NULL

=============================================

ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\Monika\Dane aplikacji
CFLDR=32788R22FWJFW
CLASSPATH=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip
CLIENTNAME=Console
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=MONA-F0387C58DA
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\Monika
KMD=CF24611.exe
LANG=pl
LOGONSERVER=\\MONA-F0387C58DA
NUMBER_OF_PROCESSORS=1
OS=Windows_NT
Path=C:\32788R22FWJFW;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\system32\wbem;C:\WINDOWS\SYSTEM32;C:\WINDOWS;C:\WINDOWS\SYSTEM32\WBEM;C:\Program Files\QuickTime\QTSystem\;C:\Program Files\Common Files\GTK\2.0\bin;C:\Program Files\GTK2-Runtime\lib
PATHEXT=.cfexe;.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 15 Model 79 Stepping 2, AuthenticAMD
PROCESSOR_LEVEL=15
PROCESSOR_REVISION=4f02
ProgramFiles=C:\Program Files
PROMPT=$
QTJAVA=C:\Program Files\Java\jre6\lib\ext\QTJava.zip
SAFEBOOT_OPTION=NETWORK
SESSIONNAME=Console
sfxcmd="C:\Documents and Settings\Monika\Pulpit\ComboFix.exe"
sfxname=C:\Documents and Settings\Monika\Pulpit\ComboFix.exe
SYSTEM=C:\WINDOWS\system32
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\Monika\USTAWI~1\Temp
TMP=C:\DOCUME~1\Monika\USTAWI~1\Temp
USERDOMAIN=MONA-F0387C58DA
USERNAME=Monika
USERPROFILE=C:\Documents and Settings\Monika
windir=C:\WINDOWS

=============================================


IF NOT DEFINED sfxname GOTO END


nie wiem o co z tym chodzi .. ale prosze pomóżcie .. jestem zielony w tym ; [ licze na szybką pomoc
naprawde potrzebuje dostępu do komputera pilnie ...
dziękuje z góry

[Okocza]

Kamil636, wejdź na http://www.eset.pl/onlinescan i kliknij scan on-line, daj raport ze skanu.

[Kamil636]

Ok .. już robię skan ..
Skanowałem nim wczoraj i coś tam usunął .. ale gdzieś mi sie log zapodział ..
Jak skończy skanować to go wkleję.
Natomiast robiłem dzisiaj skan Spyware Terminator v2.3.0.507 po raz drugi, ale tym razem na full scan.
Wykrył jakieś virusty.

Oto log.

Kod: Zaznacz wszystko

Logfile of Spyware Terminator v2.3.0.507 (db:3.001.016.000)
Scan Time: 2009-09-05 09:21:48  length: 901 s
Platform: WXP (5.1.0.2600)
User: Admin
Boot Mode: Normal
Scan type: Full_Spyware_Scan
Scanned Objects: 158453 (Critical:3)
Filter: No System items, No Safe items, No Invalid items

Running Processes
LEXBCES.EXE [Lexmark International, Inc.] : C:\WINDOWS\system32\LEXBCES.EXE
LEXPPS.EXE [Lexmark International, Inc.] : C:\WINDOWS\system32\LEXPPS.EXE
LVPrcSrv.exe [Logitech Inc.] : C:\Program Files\Common Files\logishrd\lvmvfm\LVPrcSrv.exe
AppleMobileDeviceService.exe [Apple Inc.] : C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
CTsvcCDA.exe [Creative Technology Ltd] : C:\WINDOWS\system32\CTsvcCDA.exe
CTDevSrv.exe [Creative Technology Ltd] : C:\Program Files\Creative\Shared Files\CTDevSrv.exe
jqs.exe [Sun Microsystems, Inc.] : C:\Program Files\Java\jre6\bin\jqs.exe
nvsvc32.exe [NVIDIA Corporation] : C:\WINDOWS\system32\nvsvc32.exe
PnkBstrA.exe : C:\WINDOWS\system32\PnkBstrA.exe
PnkBstrB.exe : C:\WINDOWS\system32\PnkBstrB.exe
msa.exe : C:\WINDOWS\msa.exe
Communications_Helper.exe [Logitech Inc.] : C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
CTZDetec.exe [Creative Technology Ltd.] : C:\Program Files\Creative\Creative Media Lite\CTZDetec.exe
dtkbqh.exe : C:\Documents and Settings\Monika\ustawienia lokalne\dane aplikacji\dtkbqh.exe
Belkinwcui.exe [Belkin] : D:\Program Files\Belkin\USB F5D7050\Wireless Utility\Belkinwcui.exe

Internet Settings
R - HKLM\Software\Microsoft\Internet Explorer\Main, Start Page = http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
R - HKLM\Software\Microsoft\Internet Explorer\Search, SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
R - HKLM\Software\Microsoft\Internet Explorer\Search, CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
R - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings, ProxyOverride = *.local
R - HKLM\System\CurrentControlSet\Services\Tcpip\Parameters, Domain =
R - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Telephony, DomainName =

BHO
02 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} -  : C:\Program Files\Free Download Manager\iefdm2.dll
02 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} -  [Sun Microsystems, Inc.] : C:\Program Files\Java\jre6\bin\jp2ssv.dll
02 - BHO: JQSIEStartDetectorImpl Class - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} -  [Sun Microsystems, Inc.] : C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

StartUps
04 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, CTZDetec.exe :  [Creative Technology Ltd.] : C:\Program Files\Creative\Creative Media Lite\CTZDetec.exe
04 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, dtkbqh :  : C:\Documents and Settings\Monika\ustawienia lokalne\dane aplikacji\dtkbqh.exe
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, LogitechCommunicationsManager :  [Logitech Inc.] : C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, amd_dc_opt :  [AMD] : C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe
04 - HKLM\System\CurrentControlSet\Control\Session Manager, BootExecute :  : C:\WINDOWS\system32\lsdelete.exe
04 - Startup: %STARTUPALL%\Belkin Wireless USB Utility.lnk [Belkin] : D:\Program Files\Belkin\USB F5D7050\Wireless Utility\Belkinwcui.exe

Shell Extensions
Desktop Explorer - {1CDB2949-8F65-4355-8456-263E7C208A5D} -  [NVIDIA Corporation] : C:\WINDOWS\system32\nvshell.dll
- {1E9B04FB-F9E5-4718-997B-B8DA88302A47} -  [NVIDIA Corporation] : C:\WINDOWS\system32\nvshell.dll
nView Desktop Context Menu - {1E9B04FB-F9E5-4718-997B-B8DA88302A48} -  [NVIDIA Corporation] : C:\WINDOWS\system32\nvshell.dll
- {C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} -  [Sun Microsystems, Inc.] : C:\Program Files\OpenOffice.ux.pl 2.1.0\program\shlxthdl.dll
- {087B3AE3-E237-4467-B8DB-5A38AB959AC9} -  [Sun Microsystems, Inc.] : C:\Program Files\OpenOffice.ux.pl 2.1.0\program\shlxthdl.dll
- {63542C48-9552-494A-84F7-73AA6A7C99C1} -  [Sun Microsystems, Inc.] : C:\Program Files\OpenOffice.ux.pl 2.1.0\program\shlxthdl.dll
- {3B092F0C-7696-40E3-A80F-68D74DA84210} -  [Sun Microsystems, Inc.] : C:\Program Files\OpenOffice.ux.pl 2.1.0\program\shlxthdl.dll
WinRAR - {B41DB860-8EE4-11D2-9906-E49FADC173CA} -  : C:\Program Files\WinRAR\rarext.dll
Moje foldery udostępniania - {FC9FB64A-1EB2-4CCF-AF5E-1A497A9B5C2D} -  [Microsoft Corporation] : C:\Program Files\Windows Live\Messenger\fsshext.8.5.1302.1018.dll
CLSID_WLMCMimeFilter - {0563DB41-F538-4B37-A92D-4659049B7766} -  [Microsoft Corporation] : C:\Program Files\Windows Live\Mail\mailcomm.dll
- {06A2568A-CED6-4187-BB20-400B8C02BE5A} -  [Microsoft Corporation] : C:\Program Files\Windows Live\Photo Gallery\WLXPhotoAcquireWizard.exe
Windows Live Photo Gallery Import Autoplay Shim - {00F33137-EE26-412F-8D71-F84E4C2C6625} -  [Microsoft Corporation] : C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll
Windows Live Photo Gallery Viewer Shim - {00F346CB-35A4-465B-8B8F-65A29DBAB1F6} -  [Microsoft Corporation] : C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll
Windows Live Photo Gallery Editor Shim - {00F3712A-CA79-45B4-9E4D-D7891E7F8B9D} -  [Microsoft Corporation] : C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll
Windows Live Photo Gallery Viewer Autoplay Shim - {00F30F90-3E96-453B-AFCD-D71989ECC2C7} -  [Microsoft Corporation] : C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll
iTunes - {B9E1D2CB-CCFF-4AA6-9579-D7A4754030EF} -  [Apple Inc.] : D:\Program Files\iTunes\iTunesMiniPlayer.dll

Protocol Handler
BackWeb GA Pluggable Protocol - {9462A756-7B47-47BC-8C80-C34B9B80B32B} -  [Logitech Inc.] : C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
- {828030A1-22C1-4009-854F-8E305202313F} -  [Microsoft Corporation] : C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll
- {828030A1-22C1-4009-854F-8E305202313F} -  [Microsoft Corporation] : C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll
IEProtocolHandler Class - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} -  [Skype Technologies] : C:\Program Files\Common Files\Skype\Skype4COM.dll
Windows Live Mail HTML Asynchronous Pluggable Protocol Handler - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} -  [Microsoft Corporation] : C:\Program Files\Windows Live\Mail\mailcomm.dll

Services
23 - [AMD, Inc.] : C:\WINDOWS\system32\DRIVERS\AmdLLD.sys
23 - [Apple Inc.] : C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
23 - [ALWIL Software] : C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys
23 - [Creative Technology Ltd] : C:\WINDOWS\system32\CTsvcCDA.exe
23 - [Creative Technology Ltd] : C:\Program Files\Creative\Shared Files\CTDevSrv.exe
23 - [GEAR Software Inc.] : C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
23 - [Realtek Semiconductor Corp.] : C:\WINDOWS\system32\drivers\RtkHDAud.sys
23 - [Sun Microsystems, Inc.] : C:\Program Files\Java\jre6\bin\jqs.exe
23 - [Lexmark International, Inc.] : C:\WINDOWS\system32\LEXBCES.EXE
23 - [Logitech Inc.] : C:\WINDOWS\system32\DRIVERS\LVPr2Mon.sys
23 - [Logitech Inc.] : C:\Program Files\Common Files\logishrd\lvmvfm\LVPrcSrv.exe
23 - [Logitech Inc.] : C:\WINDOWS\system32\drivers\LVUSBSta.sys
23 - [NVIDIA Corporation] : C:\WINDOWS\system32\DRIVERS\nvata.sys
23 - [NVIDIA Corporation] : C:\WINDOWS\system32\DRIVERS\NVENETFD.sys
23 - [NVIDIA Corporation] : C:\WINDOWS\system32\DRIVERS\nvnetbus.sys
23 - [NVIDIA Corporation] : C:\WINDOWS\system32\nvsvc32.exe
23 - [Logitech Inc.] : C:\WINDOWS\system32\DRIVERS\LV561AV.SYS
23 - : C:\WINDOWS\system32\PnkBstrA.exe
23 - : C:\WINDOWS\system32\PnkBstrB.exe
23 - : C:\WINDOWS\system32\Drivers\sptd.sys

Threat Files
<SPR/Tool.Hide.A> : C:\32788R22FWJFW\hidec.exe
<APPL/PsExec.E> : C:\32788R22FWJFW\psexec.cfexe
<SPR/Tool.PV> : C:\32788R22FWJFW\pv.cfexe

Advanced Files Report
%SystemDiskRoot%\?\globalroot\Device\__max++>\560F166C.x86.dll
%PROGRAMFILES%\Alwil Software\Avast4\Polish\Base.dll [ALWIL Software] [avast! Antivirus] MD5=3BC7FD3CF9A1AE0F6F1B96C7F547E4F8 SIZE=94208
%SYSDIR%\LEXBCES.EXE [Lexmark International, Inc.] [MarkVision for Windows (32 bit)] MD5=A1043645D16915DF12A6F2E049922A18 SIZE=311296
%SYSDIR%\lexp2p32.dll [Lexmark International, Inc.] [MarkVision for Windows (32 bit)] MD5=0C68EEB35113DA49EEB0FE9A4F24C110 SIZE=201216
%SYSDIR%\lex2kusb.dll [Lexmark International, Inc.] [MarkVision for Windows (32 bit)] MD5=3948A46F3CC13AC00D0D50FC18E720AA SIZE=198144
%SYSDIR%\LEXLMPM.DLL [Lexmark International, Inc.] [MarkVision for Windows (32 bit)] MD5=8AAD7665105C48AF3F3343EBE1352FF3 SIZE=200704
%SYSDIR%\LexBce.dll [Lexmark International, Inc.] [MarkVision for Windows (32 bit)] MD5=20996D5C1E3CE9AF6726467F067EF88B SIZE=147456
%SYSDIR%\spool\PRTPROCS\W32X86\LXCZPP5C.dll [Inkjet Printer] MD5=69F2C1AB7CF0CED14BA4FBC4032F1E0F SIZE=78336
%SYSDIR%\spool\PRTPROCS\W32X86\WfxPrint2000.dll [BVRP Software] MD5=00DD2A31FBCB142275A0C725DE372C63 SIZE=11264
%SYSDIR%\LXCZpwr.dll [Lexmark International, Inc.] [Lexmark POR monitor] MD5=9BC5E8DDBE3B32973C5351FDF5050D9A SIZE=73728
%SYSDIR%\LEXPPS.EXE [Lexmark International, Inc.] [MarkVision for Windows (32 bit)] MD5=AF31E60B6BF71BD74B16DDF5C679FBA3 SIZE=174592
%COMMONFILES%\logishrd\lvmvfm\LVPrcSrv.exe [Logitech Inc.] [Logitech QuickCam] MD5=995D0B52870C7A5CAF3EA165FD674A35 SIZE=109344
%COMMONFILES%\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [Apple Inc.] [Apple Mobile Device Service] MD5=A8AA9D47F971570A5162B862B80F87E8 SIZE=132424
%SYSDIR%\CTsvcCDA.exe [Creative Technology Ltd] [Creative Service for CDROM Access] MD5=3C8B6609712F4FF78E521F6DCFC4032B SIZE=44032
%PROGRAMFILES%\Creative\Shared Files\CTDevSrv.exe [Creative Technology Ltd] [CTDevSrv Application] MD5=A5BEA0E5C297F5F3835638A87E512FBA SIZE=61440
%PROGRAMFILES%\Java\jre6\bin\jqs.exe [Sun Microsystems, Inc.] [Java(TM) Platform SE 6 U15] MD5=112325F53AB720CA77825726D427FBDC SIZE=153376
%SYSDIR%\nvsvc32.exe [NVIDIA Corporation] [NVIDIA Driver Helper Service, Version 91.48] MD5=986D6666E076AFD2B60ACAFD5B01A00F SIZE=155715
%SYSDIR%\nvapi.dll [NVIDIA Corporation] [NVIDIA Windows drivers] MD5=8BD6B5CB286EC8829356F5F9E4AEDBAE SIZE=196608
%SYSDIR%\PnkBstrA.exe MD5=831883B107684301F48ACE752C963984 SIZE=66872
%SYSDIR%\PnkBstrB.exe MD5=E24106A5EAECDDFF00B25497049DD65F SIZE=107832
%PROGRAMFILES%\Lexmark 1200 Series\lxczmcro.dll [Lexmark International, Inc.] [WIA Micro Driver DLL] MD5=FDA5DCEE22DB4F06C9DCC7D2F6CA3B8B SIZE=10752
%PROGRAMFILES%\Lexmark 1200 Series\ConvDIB.dll MD5=BDEE9EA16B04617557D9C59F65675A56 SIZE=94208
%PROGRAMFILES%\Lexmark 1200 Series\rtscan.dll [Funai] [scan driver] MD5=A387ABC23095FCC1F504644BC26631EB SIZE=108032
%PROGRAMFILES%\Alwil Software\Avast4\Polish\Lang.dll [ALWIL Software] [avast! Antivirus] MD5=B0CE1BEE2B8D5ACD78E4B1CF5F47BBFE SIZE=2547712
%PROGRAMFILES%\Alwil Software\Avast4\Polish\langmai.dll [ALWIL Software] [avast! Antivirus] MD5=0F6FFFDD7BACE248F0BC5E609FB75B72 SIZE=43520
%WINDIR%\msa.exe MD5=0D24F348323F43EE98D1F516AB67735D SIZE=150016
%COMMONFILES%\Logishrd\LVMVFM\LVPrcInj.dll [Logitech Inc.] [Logitech QuickCam] MD5=6080D9007427E7E464DA6F593FEA1383 SIZE=92960
%SYSDIR%\Macromed\Flash\Flash10a.ocx [Adobe Systems, Inc.] [Shockwave Flash] MD5=466C1355934925768822E380DA6E6E4A SIZE=3789728
%PROGRAMFILES%\Gadu-Gadu\ggwhook.dll [Gadu-Gadu S.A.] [Gadu-Gadu] MD5=EF48E4333E7EB9A71BB1C95E997E8692 SIZE=102400
%COMMONFILES%\Adobe\Acrobat\ActiveX\PDFShell.POL [Adobe Systems, Inc.] [Adobe PDF Shell Extension] MD5=2449DA6BA8F354B339F7577ACCC02183 SIZE=311296
%PROGRAMFILES%\OpenOffice.ux.pl 2.1.0\program\shlxthdl.dll [Sun Microsystems, Inc.] MD5=35BC8B9CFA8397EDE278BD4A3395141D SIZE=471040
%PROGRAMFILES%\OpenOffice.ux.pl 2.1.0\program\uwinapi.dll [Sun Microsystems, Inc.] MD5=20CCD5CC223EF2C1AA82B97B1D73675C SIZE=102400
%PROGRAMFILES%\OpenOffice.ux.pl 2.1.0\program\stlport_vc7145.dll [STLport Consulting, Inc.] [STLport Standard ANSI C++ Libarary] MD5=78C7F4F500BB809AF44F512D8B148FD2 SIZE=618496
%PROGRAMFILES%\WinRAR\rarext.dll MD5=00D368C41351328E08DD350F1C5B9BEF SIZE=129024
%SYSDIR%\CmdLineExt.dll [Sony DADC Austria AG.] MD5=E4DA8F4DCC53E979A25461F63499F712 SIZE=107888
%SYSDIR%\NVRSPL.DLL [NVIDIA Corporation] [NVIDIA Compatible Windows 2000 Display driver, Version 91.48] MD5=DC33923C368EC4CC184E387DBE35BDE7 SIZE=249856
%PROGRAMFILES%\Alwil Software\Avast4\uiAux2.dll [ALWIL Software] [avast! Antivirus] MD5=DB0A4D5CF2E284F59877A82ACC0B595A SIZE=1531240
%PROGRAMFILES%\Gadu-Gadu\Crypto.dll [sms-express.com] [Gadu-Gadu] MD5=91F1B9383B5CB9A1DE65883F99DFF176 SIZE=139264
%PROGRAMFILES%\Gadu-Gadu\LIBEAY32.dll [The OpenSSL Project, http://www.openssl.org/] [The OpenSSL Toolkit] MD5=29B0D8A99C2BD0B6D5093FACE4E5F52C SIZE=1040384
%PROGRAMFILES%\Gadu-Gadu\SSLEAY32.dll [The OpenSSL Project, http://www.openssl.org/] [The OpenSSL Toolkit] MD5=19174858C208FABFA5C79013D0E406CD SIZE=196608
%PROGRAMFILES%\Gadu-Gadu\libcurl.dll MD5=7103E21386C95D3522179040BE41F5A8 SIZE=198656
%PROGRAMFILES%\Gadu-Gadu\libssl32.dll [The OpenSSL Project, http://www.openssl.org/] [The OpenSSL Toolkit] MD5=19174858C208FABFA5C79013D0E406CD SIZE=196608
%PROGRAMFILES%\Gadu-Gadu\Lang.PL.dll [Gadu-Gadu S.A.] [Gadu-Gadu] MD5=10F2F751ABD27D9EF3ECC593F3DA4873 SIZE=2158592
%PROGRAMFILES%\Gadu-Gadu\archives.dll [n0ne] [Archiwum] MD5=FA93E1E2058755490D3E2067D9D6105A SIZE=176128
%PROGRAMFILES%\Gadu-Gadu\GGMedia.dll [Gadu-Gadu S.A.] [Gadu-Gadu] MD5=9FEF41ED7E68D2CB4DA9F0E2F8DEED41 SIZE=516096
%PROGRAMFILES%\Gadu-Gadu\libiax2.dll MD5=08F3C23A8F0D350A86DCC6A929F4FC81 SIZE=106496
%PROGRAMFILES%\Gadu-Gadu\libjb.dll MD5=73F3D3F5077FFCCCEDFEFFB7DF7E5559 SIZE=61440
D:\Program Files\Belkin\USB F5D7050\Wireless Utility\Belkinwcui.exe [Belkin] [Belkin Wireless Client Utility] MD5=BAB365CB7ED672D5830D77CA9DB1B207 SIZE=1404928
D:\Program Files\Belkin\USB F5D7050\Wireless Utility\BelkinwcuiDLL.dll MD5=08E0E4E96758FCB4BEBA5AAC90B0357D SIZE=167936
D:\Program Files\Belkin\USB F5D7050\Wireless Utility\BelkinHWStatus.dll MD5=F5BDFDA1DDB5D7E4F4F668D6B5C31989 SIZE=61440
%SYSDIR%\nvshell.dll [NVIDIA Corporation] [NVIDIA Desktop Explorer, Version 110.49] MD5=E3617AC4165F5F006EFFE355F10722F8 SIZE=466944
%PROGRAMFILES%\Windows Live\Messenger\fsshext.8.5.1302.1018.dll [Microsoft Corporation] [Messenger] MD5=8BDE1F61DFBAAE7A2916170E8B75FE0F SIZE=329240
%PROGRAMFILES%\Windows Live\Mail\mailcomm.dll [Microsoft Corporation] [Messenger] MD5=6A69BEDDD514F21B8A216B85EAF330B5 SIZE=858136
%PROGRAMFILES%\Windows Live\Photo Gallery\WLXPhotoAcquireWizard.exe [Microsoft Corporation] [Windows Live Photo Gallery] MD5=86C67242AC4ADA2C20D0748157E3ED8C SIZE=227456
%PROGRAMFILES%\Windows Live\Photo Gallery\PhotoViewerShim.dll [Microsoft Corporation] [Windows Live Photo Gallery] MD5=024F4D95154039B2292F4B856A52AB7D SIZE=46112
%SYSDIR%\rundll32.exe "C:\Program Files\Windows Live\Photo Gallery\WLXPhotoViewer.dll",PhotoViewerComServer {2BE99FD4-A181-4996-BFA9-58C5FFD11F6C}
%SYSDIR%\rundll32.exe "C:\Program Files\Windows Live\Photo Gallery\WLXPhotoViewer.dll",PhotoViewerComServer {00F30F64-AC33-42F5-8FD1-5DC2D3FDE06C}
%SYSDIR%\rundll32.exe "C:\Program Files\Windows Live\Photo Gallery\WLXPhotoViewer.dll",PhotoViewerComServer {00F374B7-B390-4884-B372-2FC349F2172B}
D:\Program Files\iTunes\iTunesMiniPlayer.dll [Apple Inc.] [iTunes] MD5=E09CFE267EA65AEEAE26B9D76CA1A2C8 SIZE=132392
%SYSDIR%\svchost.exe -k LocalService
%SYSDIR%\DRIVERS\AmdLLD.sys [AMD, Inc.] [Low Level Device Driver] MD5=E7314D43CD2BE981D8BC4826B50EAF05 SIZE=33280
%SYSDIR%\DRIVERS\aswFsBlk.sys [ALWIL Software] [avast! Antivirus System] MD5=062287CEE536E8AF6680D33259DE6BD6 SIZE=20560
%SYSDIR%\svchost.exe -k netsvcs
%SYSDIR%\svchost -k DcomLaunch
%SYSDIR%\svchost.exe -k NetworkService
%SYSDIR%\DRIVERS\GEARAspiWDM.sys [GEAR Software Inc.] [CD DVD Filter] MD5=AB8A6A87D9D7255C3884D5B9541A6E80 SIZE=15464
%SYSDIR%\drivers\RtkHDAud.sys [Realtek Semiconductor Corp.] [Realtek(r) High Definition Audio Function Driver (HRTF data Copyright 1994 by MIT Media Lab)] MD5=3000E98F519CF6FDA669BAE8E47F7B4F SIZE=4284928
%SYSDIR%\DRIVERS\LVPr2Mon.sys [Logitech Inc.] [Logitech QuickCam] MD5=12866641284EBB41E627BB53C04DA959 SIZE=25632
%SYSDIR%\drivers\LVUSBSta.sys [Logitech Inc.] [Logitech QuickCam] MD5=64BC29C3A0388BFC580BB8B1346F7659 SIZE=41504
%SYSDIR%\DRIVERS\nvata.sys [NVIDIA Corporation] [NVIDIA nForce(TM) IDE Driver] MD5=9ECCD189A9554C30A0D18A429778C7BA SIZE=105088
%SYSDIR%\DRIVERS\NVENETFD.sys [NVIDIA Corporation] [NVENETFD] MD5=4D6F0D3FB17C1BA64942F415C73ADCDB SIZE=57856
%SYSDIR%\DRIVERS\nvnetbus.sys [NVIDIA Corporation] [NVNETBUS] MD5=921E63AA1E1A20302223D016ACAFB52B SIZE=20480
%SYSDIR%\DRIVERS\LV561AV.SYS [Logitech Inc.] [Logitech QuickCam] MD5=8A2D1F929D4FD287543663B1BEB7023F SIZE=490784
%SYSDIR%\svchost -k rpcss
%SYSDIR%\Drivers\sptd.sys SIZE=717296
%SYSDIR%\svchost.exe -k imgsvc
%PROGRAMFILES%\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll [Logitech Inc.] [Logitech Desktop Messenger] MD5=8EC5211CEBB1D293B9E6F552F03C0659 SIZE=28711
%PROGRAMFILES%\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll [Microsoft Corporation] [Messenger] MD5=56319E6B4D190A2DEB4463A9CE4D4F74 SIZE=66072
%COMMONFILES%\Skype\Skype4COM.dll [Skype Technologies] [Skype4COM] MD5=BE8FC3EF67D58F8D711EA94F8C17D8F7 SIZE=1942824
%SYSDIR%\MACROMED\SHOCKWAVE 10\GTAPI.DLL MD5=AE5CDA196A69F583DD356E7487AF3B49 SIZE=52288
%SYSDIR%\pxdrv.dll [Sonic Solutions] [Px] MD5=C7FE0B22837423F70251AC63C5310E57 SIZE=510712
%SYSDIR%\pxwave.dll [Sonic Solutions] [PxWave] MD5=B0435AB58FC33FF1190177C6CE466409 SIZE=379640
%WINDIR%\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80ITA.dll [Microsoft Corporation] [Microsoft® Visual Studio® 2005] MD5=CB23B162AC655F24C6711A5F5DF348C6 SIZE=61440
%WINDIR%\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfc80.dll [Microsoft Corporation] [Microsoft® Visual Studio® 2005] MD5=1B7524806D0270B81360C63A2FA047CB SIZE=1101824
%PROGRAMFILES%\Java\jre1.6.0_07\bin\JdbcOdbc.dll [Sun Microsystems, Inc.] [Java(TM) Platform SE 6 U7] MD5=F708430AE09C4102933E24CD6D12780D SIZE=36352
%PROGRAMFILES%\Java\jre1.6.0_07\bin\dcpr.dll [Sun Microsystems, Inc.] [Java(TM) Platform SE 6 U7] MD5=D6E7FFCD38ECDFE4BD8DCE29D8D1A654 SIZE=143360
%PROGRAMFILES%\Java\jre1.6.0_07\bin\ioser12.dll [Sun Microsystems, Inc.] [Java(TM) Platform SE 6 U7] MD5=5CF15BC4493299F6645DB27B51278D2A SIZE=12800
%PROGRAMFILES%\Java\jre1.6.0_07\bin\javacpl.cpl [Sun Microsystems, Inc.] [Java(TM) Platform SE 6 U7] MD5=370716E3CA99E6A4346F272DA56017C1 SIZE=73728
%PROGRAMFILES%\Java\jre1.6.0_07\bin\policytool.exe [Sun Microsystems, Inc.] [Java(TM) Platform SE 6 U7] MD5=1C0C6888952D9EC22A7B5C6FAD0E8160 SIZE=25600
%SYSDIR%\MFC71DEU.DLL [Microsoft Corporation] [Microsoft® Visual Studio .NET] MD5=C94D9D5B96D385586063093BAAD8F206 SIZE=65536
%SYSDIR%\MFC71JPN.DLL [Microsoft Corporation] [Microsoft® Visual Studio .NET] MD5=C3CA0BF342DD90C9012C77BCFFD9D43D SIZE=49152
%SYSDIR%\bdeadmin.cpl [Inprise Corporation] MD5=4BC02BD73338C3A26265F5C64DBEC770 SIZE=183808
%SYSDIR%\drivers\aswRdr.sys [ALWIL Software] [avast! Antivirus System] MD5=06B360D8179959798D2BF054437DF923 SIZE=23152
%SYSDIR%\drivers\aswmon2.sys [ALWIL Software] [avast! Antivirus System] MD5=05960396794E51EBBB9507C86B8B009E SIZE=94160
%SYSDIR%\drivers\Awrtpd.sys [Lavasoft AB] [Ad-Watch Beta] MD5=124E75B7C483E5D646F99EF5ACFD61B8 SIZE=12960

End of Report

 
    Usuń proces:
 
  Przygotowywanie struktur
  Tworzenie punktu przywracania systemu
  Usuń Affiliate tracking cookie
  Usunięty plik: C:\Documents and Settings\Monika\cookies\monika@apmebf[1].txt
  Usunięty plik: C:\Documents and Settings\Monika\cookies\monika@atdmt[1].txt
  Usunięty plik: C:\Documents and Settings\Monika\cookies\monika@atdmt[2].txt
  Usunięty plik: C:\Documents and Settings\Monika\cookies\monika@doubleclick[1].txt
  Usunięty plik: C:\Documents and Settings\Monika\cookies\monika@fastclick[2].txt
  Usunięty plik: C:\Documents and Settings\Monika\cookies\monika@mediaplex[1].txt
  Usuń SPR/Tool.PV
  Usunięty plik: c:\32788R22FWJFW\pv.cfexe
  Usuń SPR/Tool.Hide.A
  Usunięty plik: c:\32788R22FWJFW\hidec.exe
  Usuń APPL/PsExec.E
  Usunięty plik: c:\32788R22FWJFW\psexec.cfexe
  Zamykanie punktu przywracania systemu
  Wykonane


Kiedy log z Online Scannera bd gotowy to go wkleję używając editu

P.S Chciałem jeszcze dodać że antywirus dalej nie działa .. nie moge go włączyć ponieważ mi wyskakuje odmowa dostępu ..
To samo jest kiedy chce coś usunąć ...

[Okocza]

dasz mi wiadomość na PW jak zrobisz skan

[Kamil636]

ok zrobiłem scan tak jak kazałeś i wstawiam go do tematu ;]

Kod: Zaznacz wszystko

C:\Documents and Settings\Monika\Pulpit\ComboFix.exe   probably a variant of Win32/Agent trojan   cleaned by deleting - quarantined
C:\Documents and Settings\Monika\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\mtqsc3mx.default\Cache\76DBD9F5d01   probably a variant of Win32/Agent trojan   cleaned by deleting - quarantined
C:\Documents and Settings\Monika\Ustawienia lokalne\temp\b.exe   a variant of Win32/Kryptik.ADD trojan   cleaned by deleting - quarantined
C:\WINDOWS\msa.exe   a variant of Win32/Kryptik.ADD trojan   cleaned by deleting - quarantined


[Okocza]

spróbuj wygenerować log z RSIT albo z Combofixa...

[Kamil636]

no to będzie problemik .. ponieważ combofix po dwukliku niby sie uruchamia .. a potem nic sie nie dzieje .. kompletnie ..
to samo jest z RSIT .. scanowało i nic sie nie dzieje nic nie wyskoczyło ..
może po prostu wsadzę płytke z windowsem i odpale z opcji napraw ??

[Okocza]

możesz spróbować... chociaż wątpię żeby pomogło..

[Kamil636]

Musimy się jeszcze upewnić, czy w BIOS-ie ustaliliśmy odpowiednią kolejność bootowania: pierwszym napędem,
z którego ma być podejmowana próba uruchomienia systemu, powinien być napęd krążków CD/DVD.

a jak to zrobić P ?

[Okocza]

wchodzisz do biosu, advanced settings - boot priority albo coś takiego i jako pierwszy ustawiasz swój napęd (podpisane cdrom etc)

[Kamil636]

ale jak wejść do samego biosa xd ?

[MichuPower]

Klikasz [Del] przy starcie systemu.

[Kamil636]

wiecie co ..
ja sie na tym nie znam i wole tego nie ruszać bo jeszcze bardziej popsuje P
nie da sie jakoś tego naprawić w inny sposób ??
awast tak jakby nie miał dostawców .. zaktualizowałem program i bazę iAVS i było ok przez 5 inut .. i dalej to samo. ;[

[Okocza]

Kamil636, ja to bym zmienił na Twoim miejscu Avasta na chociażby darmowe AVG... A jeśli chcesz, to na 30 dni możesz spróbować sobie ESET Smart Security i będziesz o wiele bardziej zadowolony niż z tego Avasta...

Bez loga ciężko będzie coś zrobić... Spróbuj zastosować SDFixa...

specjalne-narzedzia-czyszczace-vt96631.html
tu masz sposób użycia go..