jak usunąć amvo.exe

przez **pykoo** » 15 Maj 2008, 17:53

oto log
chyba dobrze poszło
co to są za pliki tak w ogóle??

Kod: Zaznacz wszystko: Logfile of The Avenger Version 2.0, (c) by Swandog46 http://swandog46.geekstogo.com Platform: Windows XP ******************* Script file opened successfully. Script file read successfully. Backups directory opened successfully at C:\Avenger ******************* Beginning to process script file: Rootkit scan active. No rootkits found! File "C:\Documents and Settings\pykoo\Ustawienia lokalne\Temp\Av-test.txt" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP173\A0132234.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP173\A0132275.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP174\A0132300.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP174\A0132316.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP174\A0132318.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP174\A0132322.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP174\A0132323.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP174\A0132324.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP174\A0132325.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP174\A0132326.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP174\A0132327.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP174\A0132328.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP174\A0132329.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP174\A0132337.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP174\A0132338.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP174\A0132339.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP174\A0132346.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP175\A0133378.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP176\A0134437.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP176\A0134438.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP177\A0135570.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP177\A0135573.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP177\A0136535.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP177\A0137540.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP177\A0137569.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP178\A0138671.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP178\A0139638.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP178\A0139641.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP178\A0139644.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP178\A0139645.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP178\A0139676.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP179\A0139679.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP179\A0139699.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP179\A0139726.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP179\A0139730.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP179\A0139778.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP179\A0139780.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP179\A0139785.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP179\A0139786.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP180\A0139792.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP180\A0141782.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP180\A0141810.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP180\A0141811.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP180\A0141813.EXE" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP180\A0141857.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP181\A0141861.com" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP181\A0141865.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP181\A0141866.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP181\A0142803.com" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP181\A0142806.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP181\A0142835.com" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP181\A0142842.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP182\A0142845.com" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP182\A0142870.com" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP182\A0143871.com" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP182\A0143880.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP182\A0143900.com" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP182\A0143924.com" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP182\A0143956.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP182\A0143973.com" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP182\A0143984.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP183\A0143990.com" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP183\A0144973.com" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP183\A0144977.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP183\A0144981.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP183\A0145975.com" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP183\A0145992.com" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP183\A0145999.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP184\A0146002.com" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP184\A0146023.com" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP184\A0146027.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP184\A0146028.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP185\A0146037.com" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP185\A0146060.com" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP185\A0146078.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP185\A0146081.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP185\A0147059.com" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP185\A0147065.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP185\A0147084.com" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP185\A0147112.com" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP186\A0147121.com" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP186\A0148112.com" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP186\A0148134.com" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP186\A0148153.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP186\A0148154.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP186\A0148155.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP186\A0148156.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP186\A0148157.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP186\A0148158.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP186\A0148159.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP186\A0148160.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP186\A0148161.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP186\A0148162.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP186\A0148163.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP186\A0148164.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP186\A0148165.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP186\A0148166.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP186\A0148167.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP186\A0148168.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP186\A0148169.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP186\A0148170.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP186\A0148171.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP186\A0148172.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP186\A0148173.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP186\A0148174.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP186\A0148175.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP186\A0148176.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP186\A0148177.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP186\A0148178.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP186\A0148179.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP186\A0148180.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP186\A0148181.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP186\A0148182.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP186\A0148183.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP186\A0148184.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP186\A0148185.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP186\A0148186.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP186\A0148187.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP186\A0148188.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP186\A0148189.EXE" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP186\A0148190.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP186\A0148191.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP186\A0148192.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP186\A0148193.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP186\A0148194.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP186\A0148195.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP186\A0148196.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP186\A0148197.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP186\A0148198.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP186\A0148199.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP186\A0148200.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP186\A0148201.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP186\A0148202.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP186\A0148203.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP186\A0148204.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP186\A0148205.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP186\A0148206.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP186\A0148207.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP186\A0148208.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP186\A0148209.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP186\A0148210.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP186\A0148211.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP186\A0148212.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP186\A0148213.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP186\A0148214.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP186\A0148215.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP186\A0148216.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP186\A0148217.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP186\A0148218.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP186\A0148219.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP186\A0148220.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP186\A0148221.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP186\A0148222.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP186\A0148223.EXE" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP186\A0148224.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP186\A0148225.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP186\A0148226.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP186\A0148227.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP186\A0148228.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP186\A0148229.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP186\A0148230.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP186\A0148231.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP186\A0148232.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP186\A0148233.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP186\A0148234.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP186\A0148235.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP186\A0148236.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP186\A0148237.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP186\A0148238.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP186\A0148239.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP186\A0148240.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP186\A0148241.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP186\A0148242.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP186\A0148243.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP186\A0148244.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP186\A0148245.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP186\A0148246.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP186\A0148247.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP186\A0148248.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP186\A0148249.EXE" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP186\A0148250.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP186\A0148251.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP186\A0148252.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP186\A0148253.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP186\A0148254.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP186\A0148255.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP186\A0148256.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP186\A0148258.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP186\A0148259.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP186\A0148260.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP186\A0148261.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP186\A0148262.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP186\A0148263.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP186\A0148264.EXE" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP186\A0148265.EXE" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP186\A0148266.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP186\A0148267.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP186\A0148268.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP186\A0148269.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP186\A0148270.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP186\A0148271.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP186\A0148272.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP186\A0148273.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP186\A0148274.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP186\A0148275.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP186\A0148276.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP186\A0148277.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP186\A0148278.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP186\A0148279.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP186\A0148280.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP186\A0148281.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP186\A0148282.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP186\A0148283.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP186\A0148284.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP186\A0148285.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP186\A0148286.EXE" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP186\A0148287.EXE" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP186\A0148288.EXE" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP186\A0148289.EXE" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP186\A0148290.EXE" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP186\A0148291.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP186\A0148292.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP186\A0148293.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP186\A0148294.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP186\A0148295.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP186\A0148296.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP186\A0148297.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP186\A0148298.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP186\A0148299.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP186\A0148300.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP186\A0148301.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP186\A0148302.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP186\A0148303.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP186\A0148304.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP186\A0148305.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP186\A0148306.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP186\A0148307.exe" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP187\A0148313.com" deleted successfully. File "D:\System Volume Information\_restore{1A9329ED-F4C5-46E8-9787-65721D0542DD}\RP187\A0150136.com" deleted successfully. Completed script processing. ******************* Finished! Terminate.

przez **huber2t** » 15 Maj 2008, 18:10

Pliki wirusa, powinno być ok ale przeskanuj ponownie Kasperskim i daj log na forum

przez **pykoo** » 15 Maj 2008, 19:17

no nie poszło tak dobrze jak sie spodziewałem

Kod: Zaznacz wszystko: ------------------------------------------------------------------------------- KASPERSKY ONLINE SCANNER REPORT 15 maj 2008 19:14:20 System operacyjny: Microsoft Windows XP Professional, Dodatek Service Pack 2 (Build 2600) Kaspersky Online Scanner wersja: 5.0.98.0 Ostatnia aktualizacja Kaspersky Anti-Virus15/05/2008 Liczba wpisów w bazie danych Kaspersky Anti-Virus775174 ------------------------------------------------------------------------------- Ustawienia skanowania: Skanowanie przy użyciu następujących baz danych: rozszerzone Skanuj archiwa: tak Skanuj pocztowe bazy danych: tak Obszar skanowania - Foldery: C:\ D:\ Statystyki skanowania: Liczba skanowanych obiektów: 43238 Liczba wykrytych wirusów: 2 Liczba zainfekowanych obiektów: 142 Liczba podejrzanych obiektów: 0 Czas trwania skanowania: 01:00:08 Nazwa zainfekowanego obiektu / Nazwa wirusa / Ostatnie działanie C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked pominięty C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked pominięty C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked pominięty C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Microsoft\Windows\UsrClass.dat Object is locked pominięty C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Microsoft\Windows\UsrClass.dat.LOG Object is locked pominięty C:\Documents and Settings\LocalService\Ustawienia lokalne\Historia\History.IE5\index.dat Object is locked pominięty C:\Documents and Settings\LocalService\Ustawienia lokalne\Temporary Internet Files\Content.IE5\index.dat Object is locked pominięty C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked pominięty C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked pominięty C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Microsoft\Windows\UsrClass.dat Object is locked pominięty C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Microsoft\Windows\UsrClass.dat.LOG Object is locked pominięty C:\Documents and Settings\pykoo\Cookies\index.dat Object is locked pominięty C:\Documents and Settings\pykoo\NTUSER.DAT Object is locked pominięty C:\Documents and Settings\pykoo\ntuser.dat.LOG Object is locked pominięty C:\Documents and Settings\pykoo\Ustawienia lokalne\Dane aplikacji\Microsoft\Windows\UsrClass.dat Object is locked pominięty C:\Documents and Settings\pykoo\Ustawienia lokalne\Dane aplikacji\Microsoft\Windows\UsrClass.dat.LOG Object is locked pominięty C:\Documents and Settings\pykoo\Ustawienia lokalne\Historia\History.IE5\index.dat Object is locked pominięty C:\Documents and Settings\pykoo\Ustawienia lokalne\Historia\History.IE5\MSHist012008051520080516\index.dat Object is locked pominięty C:\Documents and Settings\pykoo\Ustawienia lokalne\Temporary Internet Files\Content.IE5\index.dat Object is locked pominięty C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\logs\starwind.2008-05-15.17-56-24.log Object is locked pominięty C:\Program Files\KonnektPlus\data\log\konnekt_live_08-05-15[01].log Object is locked pominięty C:\Program Files\Softwin\BitDefender9\asdict.dat Object is locked pominięty C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked pominięty C:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\change.log Object is locked pominięty C:\WINDOWS\CSC\00000001 Object is locked pominięty C:\WINDOWS\Debug\PASSWD.LOG Object is locked pominięty C:\WINDOWS\SchedLgU.Txt Object is locked pominięty C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked pominięty C:\WINDOWS\system32\config\AppEvent.Evt Object is locked pominięty C:\WINDOWS\system32\config\default Object is locked pominięty C:\WINDOWS\system32\config\default.LOG Object is locked pominięty C:\WINDOWS\system32\config\SAM Object is locked pominięty C:\WINDOWS\system32\config\SAM.LOG Object is locked pominięty C:\WINDOWS\system32\config\SecEvent.Evt Object is locked pominięty C:\WINDOWS\system32\config\SECURITY Object is locked pominięty C:\WINDOWS\system32\config\SECURITY.LOG Object is locked pominięty C:\WINDOWS\system32\config\software Object is locked pominięty C:\WINDOWS\system32\config\software.LOG Object is locked pominięty C:\WINDOWS\system32\config\SysEvent.Evt Object is locked pominięty C:\WINDOWS\system32\config\system Object is locked pominięty C:\WINDOWS\system32\config\system.LOG Object is locked pominięty C:\WINDOWS\system32\drivers\sptd.sys Object is locked pominięty C:\WINDOWS\system32\h323log.txt Object is locked pominięty C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked pominięty C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked pominięty C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked pominięty C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked pominięty C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked pominięty C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked pominięty C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked pominięty C:\WINDOWS\Temp\tmp000007db\tmp00000000 Object is locked pominięty C:\WINDOWS\WindowsUpdate.log Object is locked pominięty D:\Avenger\A0132234.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\Avenger\A0132275.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\Avenger\A0132300.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\Avenger\A0132316.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\Avenger\A0132318.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\Avenger\A0132322.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\Avenger\A0132323.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\Avenger\A0132324.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\Avenger\A0132325.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\Avenger\A0132326.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\Avenger\A0132328.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\Avenger\A0132329.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\Avenger\A0132346.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\Avenger\A0134438.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\Avenger\A0135573.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\Avenger\A0137540.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\Avenger\A0138671.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\Avenger\A0139638.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\Avenger\A0139645.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\Avenger\A0139676.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\Avenger\A0139679.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\Avenger\A0139778.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\Avenger\A0139792.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\Avenger\A0141813.EXE Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\Avenger\A0141861.com Zainfekowanych: Trojan-PSW.Win32.OnLineGames.too pominięty D:\Avenger\A0141866.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\Avenger\A0142803.com Zainfekowanych: Trojan-PSW.Win32.OnLineGames.too pominięty D:\Avenger\A0142835.com Zainfekowanych: Trojan-PSW.Win32.OnLineGames.too pominięty D:\Avenger\A0142845.com Zainfekowanych: Trojan-PSW.Win32.OnLineGames.too pominięty D:\Avenger\A0142870.com Zainfekowanych: Trojan-PSW.Win32.OnLineGames.too pominięty D:\Avenger\A0143871.com Zainfekowanych: Trojan-PSW.Win32.OnLineGames.too pominięty D:\Avenger\A0143880.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\Avenger\A0143900.com Zainfekowanych: Trojan-PSW.Win32.OnLineGames.too pominięty D:\Avenger\A0143924.com Zainfekowanych: Trojan-PSW.Win32.OnLineGames.too pominięty D:\Avenger\A0143956.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\Avenger\A0143973.com Zainfekowanych: Trojan-PSW.Win32.OnLineGames.too pominięty D:\Avenger\A0143990.com Zainfekowanych: Trojan-PSW.Win32.OnLineGames.too pominięty D:\Avenger\A0144973.com Zainfekowanych: Trojan-PSW.Win32.OnLineGames.too pominięty D:\Avenger\A0144977.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\Avenger\A0145975.com Zainfekowanych: Trojan-PSW.Win32.OnLineGames.too pominięty D:\Avenger\A0145992.com Zainfekowanych: Trojan-PSW.Win32.OnLineGames.too pominięty D:\Avenger\A0146002.com Zainfekowanych: Trojan-PSW.Win32.OnLineGames.too pominięty D:\Avenger\A0146023.com Zainfekowanych: Trojan-PSW.Win32.OnLineGames.too pominięty D:\Avenger\A0146027.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\Avenger\A0146037.com Zainfekowanych: Trojan-PSW.Win32.OnLineGames.too pominięty D:\Avenger\A0146060.com Zainfekowanych: Trojan-PSW.Win32.OnLineGames.too pominięty D:\Avenger\A0146078.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\Avenger\A0147059.com Zainfekowanych: Trojan-PSW.Win32.OnLineGames.too pominięty D:\Avenger\A0147065.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\Avenger\A0147084.com Zainfekowanych: Trojan-PSW.Win32.OnLineGames.too pominięty D:\Avenger\A0147112.com Zainfekowanych: Trojan-PSW.Win32.OnLineGames.too pominięty D:\Avenger\A0147121.com Zainfekowanych: Trojan-PSW.Win32.OnLineGames.too pominięty D:\Avenger\A0148112.com Zainfekowanych: Trojan-PSW.Win32.OnLineGames.too pominięty D:\Avenger\A0148134.com Zainfekowanych: Trojan-PSW.Win32.OnLineGames.too pominięty D:\Avenger\A0148155.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\Avenger\A0148176.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\Avenger\A0148177.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\Avenger\A0148195.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\Avenger\A0148199.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\Avenger\A0148201.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\Avenger\A0148202.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\Avenger\A0148203.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\Avenger\A0148204.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\Avenger\A0148205.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\Avenger\A0148206.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\Avenger\A0148209.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\Avenger\A0148219.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\Avenger\A0148228.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\Avenger\A0148235.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\Avenger\A0148236.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\Avenger\A0148237.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\Avenger\A0148238.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\Avenger\A0148239.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\Avenger\A0148240.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\Avenger\A0148241.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\Avenger\A0148242.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\Avenger\A0148243.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\Avenger\A0148244.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\Avenger\A0148245.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\Avenger\A0148246.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\Avenger\A0148247.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\Avenger\A0148248.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\Avenger\A0148249.EXE Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\Avenger\A0148250.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\Avenger\A0148251.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\Avenger\A0148252.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\Avenger\A0148253.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\Avenger\A0148254.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\Avenger\A0148255.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\Avenger\A0148256.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\Avenger\A0148258.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\Avenger\A0148259.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\Avenger\A0148260.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\Avenger\A0148261.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\Avenger\A0148262.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\Avenger\A0148263.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\Avenger\A0148264.EXE Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\Avenger\A0148265.EXE Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\Avenger\A0148266.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\Avenger\A0148267.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\Avenger\A0148268.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\Avenger\A0148269.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\Avenger\A0148270.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\Avenger\A0148271.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\Avenger\A0148272.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\Avenger\A0148273.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\Avenger\A0148274.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\Avenger\A0148275.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\Avenger\A0148276.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\Avenger\A0148277.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\Avenger\A0148278.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\Avenger\A0148279.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\Avenger\A0148280.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\Avenger\A0148281.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\Avenger\A0148282.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\Avenger\A0148283.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\Avenger\A0148284.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\Avenger\A0148285.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\Avenger\A0148286.EXE Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\Avenger\A0148287.EXE Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\Avenger\A0148288.EXE Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\Avenger\A0148289.EXE Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\Avenger\A0148290.EXE Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\Avenger\A0148291.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\Avenger\A0148292.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\Avenger\A0148293.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\Avenger\A0148294.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\Avenger\A0148295.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\Avenger\A0148296.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\Avenger\A0148297.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\Avenger\A0148298.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\Avenger\A0148299.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\Avenger\A0148300.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\Avenger\A0148301.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\Avenger\A0148302.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\Avenger\A0148303.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\Avenger\A0148304.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\Avenger\A0148305.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\Avenger\A0148306.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\Avenger\A0148307.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\Avenger\A0148313.com Zainfekowanych: Trojan-PSW.Win32.OnLineGames.too pominięty D:\Avenger\A0150136.com Zainfekowanych: Trojan-PSW.Win32.OnLineGames.too pominięty D:\GRY\World of Warcraft\World of Warcraft\Logs\gx.log Object is locked pominięty D:\GRY\World of Warcraft\World of Warcraft\Logs\SESound.log Object is locked pominięty D:\System Volume Information\MountPointManagerRemoteDatabase Object is locked pominięty Proces skanowania został zakończony.

przez **huber2t** » 15 Maj 2008, 19:54

Usuń ten folder:
D:\Avenger

i powinno być ok

przez **pykoo** » 15 Maj 2008, 21:07

już mi wszystko jedno za każdym razem wykrywa coś na D
Trojan-PSW.Win32.OnLineGames.too co to jest?? może to przez to ze gram w mmo po sieci??
zostawię już to chyba tak jak jest, żadne błędy mi nie wyskakują jak narazie, dzięki za pomoc

Kod: Zaznacz wszystko: ------------------------------------------------------------------------------- KASPERSKY ONLINE SCANNER REPORT 15 maj 2008 20:58:39 System operacyjny: Microsoft Windows XP Professional, Dodatek Service Pack 2 (Build 2600) Kaspersky Online Scanner wersja: 5.0.98.0 Ostatnia aktualizacja Kaspersky Anti-Virus15/05/2008 Liczba wpisów w bazie danych Kaspersky Anti-Virus775447 ------------------------------------------------------------------------------- Ustawienia skanowania: Skanowanie przy użyciu następujących baz danych: rozszerzone Skanuj archiwa: tak Skanuj pocztowe bazy danych: tak Obszar skanowania - Foldery: C:\ D:\ Statystyki skanowania: Liczba skanowanych obiektów: 43302 Liczba wykrytych wirusów: 2 Liczba zainfekowanych obiektów: 142 Liczba podejrzanych obiektów: 0 Czas trwania skanowania: 00:53:20 Nazwa zainfekowanego obiektu / Nazwa wirusa / Ostatnie działanie C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked pominięty C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked pominięty C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked pominięty C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Microsoft\Windows\UsrClass.dat Object is locked pominięty C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Microsoft\Windows\UsrClass.dat.LOG Object is locked pominięty C:\Documents and Settings\LocalService\Ustawienia lokalne\Historia\History.IE5\index.dat Object is locked pominięty C:\Documents and Settings\LocalService\Ustawienia lokalne\Temporary Internet Files\Content.IE5\index.dat Object is locked pominięty C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked pominięty C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked pominięty C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Microsoft\Windows\UsrClass.dat Object is locked pominięty C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Microsoft\Windows\UsrClass.dat.LOG Object is locked pominięty C:\Documents and Settings\pykoo\Cookies\index.dat Object is locked pominięty C:\Documents and Settings\pykoo\NTUSER.DAT Object is locked pominięty C:\Documents and Settings\pykoo\ntuser.dat.LOG Object is locked pominięty C:\Documents and Settings\pykoo\Ustawienia lokalne\Dane aplikacji\Microsoft\Windows\UsrClass.dat Object is locked pominięty C:\Documents and Settings\pykoo\Ustawienia lokalne\Dane aplikacji\Microsoft\Windows\UsrClass.dat.LOG Object is locked pominięty C:\Documents and Settings\pykoo\Ustawienia lokalne\Historia\History.IE5\index.dat Object is locked pominięty C:\Documents and Settings\pykoo\Ustawienia lokalne\Historia\History.IE5\MSHist012008051520080516\index.dat Object is locked pominięty C:\Documents and Settings\pykoo\Ustawienia lokalne\Temporary Internet Files\Content.IE5\index.dat Object is locked pominięty C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\logs\starwind.2008-05-15.17-56-24.log Object is locked pominięty C:\Program Files\KonnektPlus\data\log\konnekt_live_08-05-15[01].log Object is locked pominięty C:\Program Files\Softwin\BitDefender9\asdict.dat Object is locked pominięty C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked pominięty C:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\change.log Object is locked pominięty C:\WINDOWS\CSC\00000001 Object is locked pominięty C:\WINDOWS\Debug\PASSWD.LOG Object is locked pominięty C:\WINDOWS\SchedLgU.Txt Object is locked pominięty C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked pominięty C:\WINDOWS\system32\config\AppEvent.Evt Object is locked pominięty C:\WINDOWS\system32\config\default Object is locked pominięty C:\WINDOWS\system32\config\default.LOG Object is locked pominięty C:\WINDOWS\system32\config\SAM Object is locked pominięty C:\WINDOWS\system32\config\SAM.LOG Object is locked pominięty C:\WINDOWS\system32\config\SecEvent.Evt Object is locked pominięty C:\WINDOWS\system32\config\SECURITY Object is locked pominięty C:\WINDOWS\system32\config\SECURITY.LOG Object is locked pominięty C:\WINDOWS\system32\config\software Object is locked pominięty C:\WINDOWS\system32\config\software.LOG Object is locked pominięty C:\WINDOWS\system32\config\SysEvent.Evt Object is locked pominięty C:\WINDOWS\system32\config\system Object is locked pominięty C:\WINDOWS\system32\config\system.LOG Object is locked pominięty C:\WINDOWS\system32\drivers\sptd.sys Object is locked pominięty C:\WINDOWS\system32\h323log.txt Object is locked pominięty C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked pominięty C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked pominięty C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked pominięty C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked pominięty C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked pominięty C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked pominięty C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked pominięty C:\WINDOWS\Temp\tmp000007db\tmp00000000 Object is locked pominięty C:\WINDOWS\WindowsUpdate.log Object is locked pominięty D:\System Volume Information\MountPointManagerRemoteDatabase Object is locked pominięty D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007686.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007687.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007688.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007689.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007690.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007691.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007692.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007693.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007694.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007695.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007697.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007698.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007702.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007705.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007707.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007709.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007711.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007712.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007715.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007716.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007717.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007720.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007723.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007727.EXE Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007729.com Zainfekowanych: Trojan-PSW.Win32.OnLineGames.too pominięty D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007731.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007732.com Zainfekowanych: Trojan-PSW.Win32.OnLineGames.too pominięty D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007734.com Zainfekowanych: Trojan-PSW.Win32.OnLineGames.too pominięty D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007736.com Zainfekowanych: Trojan-PSW.Win32.OnLineGames.too pominięty D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007737.com Zainfekowanych: Trojan-PSW.Win32.OnLineGames.too pominięty D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007738.com Zainfekowanych: Trojan-PSW.Win32.OnLineGames.too pominięty D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007739.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007740.com Zainfekowanych: Trojan-PSW.Win32.OnLineGames.too pominięty D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007741.com Zainfekowanych: Trojan-PSW.Win32.OnLineGames.too pominięty D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007742.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007743.com Zainfekowanych: Trojan-PSW.Win32.OnLineGames.too pominięty D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007745.com Zainfekowanych: Trojan-PSW.Win32.OnLineGames.too pominięty D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007746.com Zainfekowanych: Trojan-PSW.Win32.OnLineGames.too pominięty D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007747.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007749.com Zainfekowanych: Trojan-PSW.Win32.OnLineGames.too pominięty D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007750.com Zainfekowanych: Trojan-PSW.Win32.OnLineGames.too pominięty D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007752.com Zainfekowanych: Trojan-PSW.Win32.OnLineGames.too pominięty D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007753.com Zainfekowanych: Trojan-PSW.Win32.OnLineGames.too pominięty D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007754.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007756.com Zainfekowanych: Trojan-PSW.Win32.OnLineGames.too pominięty D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007757.com Zainfekowanych: Trojan-PSW.Win32.OnLineGames.too pominięty D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007758.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007760.com Zainfekowanych: Trojan-PSW.Win32.OnLineGames.too pominięty D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007761.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007762.com Zainfekowanych: Trojan-PSW.Win32.OnLineGames.too pominięty D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007763.com Zainfekowanych: Trojan-PSW.Win32.OnLineGames.too pominięty D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007764.com Zainfekowanych: Trojan-PSW.Win32.OnLineGames.too pominięty D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007765.com Zainfekowanych: Trojan-PSW.Win32.OnLineGames.too pominięty D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007766.com Zainfekowanych: Trojan-PSW.Win32.OnLineGames.too pominięty D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007769.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007788.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007789.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007807.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007811.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007813.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007814.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007815.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007816.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007817.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007818.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007821.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007831.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007840.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007847.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007848.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007849.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007850.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007851.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007852.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007853.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007854.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007855.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007856.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007857.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007858.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007859.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007860.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007861.EXE Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007862.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007863.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007864.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007865.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007866.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007867.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007868.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007869.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007870.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007871.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007872.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007873.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007874.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007875.EXE Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007876.EXE Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007877.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007878.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007879.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007880.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007881.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007882.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007883.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007884.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007885.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007886.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007887.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007888.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007889.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007890.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007891.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007892.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007893.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007894.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007895.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007896.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007897.EXE Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007898.EXE Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007899.EXE Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007900.EXE Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007901.EXE Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007902.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007903.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007904.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007905.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007906.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007907.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007908.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007909.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007910.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007911.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007912.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007913.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007914.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007915.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007916.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007917.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007918.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007919.com Zainfekowanych: Trojan-PSW.Win32.OnLineGames.too pominięty D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007920.com Zainfekowanych: Trojan-PSW.Win32.OnLineGames.too pominięty D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\change.log Object is locked pominięty Proces skanowania został zakończony.

przez **huber2t** » 15 Maj 2008, 21:53

Pobierz Avenger

wklej do niego ten tekst:

Kod: Zaznacz wszystko: Files to delete: D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007686.exe D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007687.exe D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007688.exe D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007689.exe D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007690.exe D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007691.exe D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007692.exe D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007693.exe D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007694.exe D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007695.exe D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007697.exe D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007698.exe D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007702.exe D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007705.exe D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007707.exe D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007709.exe D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007711.exe D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007712.exe D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007715.exe D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007716.exe D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007717.exe D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007720.exe D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007723.exe D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007727.EXE D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007729.com D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007731.exe D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007732.com D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007734.com D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007736.com D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007737.com D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007738.com D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007739.exe D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007740.com D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007741.com D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007742.exe D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007743.com D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007745.com D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007746.com D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007747.exe D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007749.com D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007750.com D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007752.com D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007753.com D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007754.exe D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007756.com D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007757.com D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007758.exe D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007760.com D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007761.exe D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007762.com D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007763.com D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007764.com D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007765.com D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007766.com D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007769.exe D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007788.exe D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007789.exe D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007807.exe Zainfekowanych: Virus.Win32.Hidrag.a pominięty D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007811.exe D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007813.exe D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007814.exe D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007815.exe D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007816.exe D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007817.exe D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007818.exe D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007821.exe D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007831.exe D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007840.exe D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007847.exe D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007848.exe D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007849.exe D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007850.exe D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007851.exe D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007852.exe D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007853.exe D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007854.exe D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007855.exe D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007856.exe D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007857.exe D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007858.exe D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007859.exe D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007860.exe D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007861.EXE D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007862.exe D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007863.exe D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007864.exe D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007865.exe D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007866.exe D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007867.exe D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007868.exe D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007869.exe D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007870.exe D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007871.exe D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007872.exe D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007873.exe D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007874.exe D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007875.EXE D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007876.EXE D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007877.exe D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007878.exe D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007879.exe D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007880.exe D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007881.exe D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007882.exe D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007883.exe D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007884.exe D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007885.exe D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007886.exe D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007887.exe D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007888.exe D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007889.exe D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007890.exe D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007891.exe D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007892.exe D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007893.exe D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007894.exe D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007895.exe D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007896.exe D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007897.EXE D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007898.EXE D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007899.EXE D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007900.EXE D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007901.EXE D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007902.exe D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007903.exe D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007904.exe D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007905.exe D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007906.exe D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007907.exe D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007908.exe D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007909.exe D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007910.exe D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007911.exe D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007912.exe D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007913.exe D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007914.exe D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007915.exe D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007916.exe D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007917.exe D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007918.exe D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007919.com D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007920.com

kopiuj to i klikasz na Paste Script from Clipboard wybierasz Execute oraz Potwierdzasz i zgadzasz się na restart klikając OK.
Kasujesz ręcznie z dysku plik: C:\Avenger\backup.zip i wklejasz na forum raport: C:\avenger.txt

przez **pykoo** » 15 Maj 2008, 22:14

oto log

Kod: Zaznacz wszystko: Logfile of The Avenger Version 2.0, (c) by Swandog46 http://swandog46.geekstogo.com Platform: Windows XP ******************* Script file opened successfully. Script file read successfully. Backups directory opened successfully at C:\Avenger ******************* Beginning to process script file: Rootkit scan active. No rootkits found! File "D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007686.exe" deleted successfully. File "D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007687.exe" deleted successfully. File "D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007688.exe" deleted successfully. File "D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007689.exe" deleted successfully. File "D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007690.exe" deleted successfully. File "D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007691.exe" deleted successfully. File "D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007692.exe" deleted successfully. File "D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007693.exe" deleted successfully. File "D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007694.exe" deleted successfully. File "D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007695.exe" deleted successfully. File "D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007697.exe" deleted successfully. File "D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007698.exe" deleted successfully. File "D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007702.exe" deleted successfully. File "D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007705.exe" deleted successfully. File "D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007707.exe" deleted successfully. File "D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007709.exe" deleted successfully. File "D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007711.exe" deleted successfully. File "D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007712.exe" deleted successfully. File "D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007715.exe" deleted successfully. File "D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007716.exe" deleted successfully. File "D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007717.exe" deleted successfully. File "D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007720.exe" deleted successfully. File "D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007723.exe" deleted successfully. File "D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007727.EXE" deleted successfully. File "D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007729.com" deleted successfully. File "D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007731.exe" deleted successfully. File "D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007732.com" deleted successfully. File "D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007734.com" deleted successfully. File "D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007736.com" deleted successfully. File "D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007737.com" deleted successfully. File "D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007738.com" deleted successfully. File "D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007739.exe" deleted successfully. File "D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007740.com" deleted successfully. File "D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007741.com" deleted successfully. File "D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007742.exe" deleted successfully. File "D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007743.com" deleted successfully. File "D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007745.com" deleted successfully. File "D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007746.com" deleted successfully. File "D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007747.exe" deleted successfully. File "D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007749.com" deleted successfully. File "D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007750.com" deleted successfully. File "D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007752.com" deleted successfully. File "D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007753.com" deleted successfully. File "D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007754.exe" deleted successfully. File "D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007756.com" deleted successfully. File "D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007757.com" deleted successfully. File "D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007758.exe" deleted successfully. File "D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007760.com" deleted successfully. File "D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007761.exe" deleted successfully. File "D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007762.com" deleted successfully. File "D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007763.com" deleted successfully. File "D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007764.com" deleted successfully. File "D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007765.com" deleted successfully. File "D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007766.com" deleted successfully. File "D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007769.exe" deleted successfully. File "D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007788.exe" deleted successfully. File "D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007789.exe" deleted successfully. File "D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007807.exe" deleted successfully. File "D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007811.exe" deleted successfully. File "D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007813.exe" deleted successfully. File "D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007814.exe" deleted successfully. File "D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007815.exe" deleted successfully. File "D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007816.exe" deleted successfully. File "D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007817.exe" deleted successfully. File "D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007818.exe" deleted successfully. File "D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007821.exe" deleted successfully. File "D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007831.exe" deleted successfully. File "D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007840.exe" deleted successfully. File "D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007847.exe" deleted successfully. File "D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007848.exe" deleted successfully. File "D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007849.exe" deleted successfully. File "D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007850.exe" deleted successfully. File "D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007851.exe" deleted successfully. File "D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007852.exe" deleted successfully. File "D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007853.exe" deleted successfully. File "D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007854.exe" deleted successfully. File "D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007855.exe" deleted successfully. File "D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007856.exe" deleted successfully. File "D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007857.exe" deleted successfully. File "D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007858.exe" deleted successfully. File "D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007859.exe" deleted successfully. File "D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007860.exe" deleted successfully. File "D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007861.EXE" deleted successfully. File "D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007862.exe" deleted successfully. File "D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007863.exe" deleted successfully. File "D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007864.exe" deleted successfully. File "D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007865.exe" deleted successfully. File "D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007866.exe" deleted successfully. File "D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007867.exe" deleted successfully. File "D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007868.exe" deleted successfully. File "D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007869.exe" deleted successfully. File "D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007870.exe" deleted successfully. File "D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007871.exe" deleted successfully. File "D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007872.exe" deleted successfully. File "D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007873.exe" deleted successfully. File "D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007874.exe" deleted successfully. File "D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007875.EXE" deleted successfully. File "D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007876.EXE" deleted successfully. File "D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007877.exe" deleted successfully. File "D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007878.exe" deleted successfully. File "D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007879.exe" deleted successfully. File "D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007880.exe" deleted successfully. File "D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007881.exe" deleted successfully. File "D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007882.exe" deleted successfully. File "D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007883.exe" deleted successfully. File "D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007884.exe" deleted successfully. File "D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007885.exe" deleted successfully. File "D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007886.exe" deleted successfully. File "D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007887.exe" deleted successfully. File "D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007888.exe" deleted successfully. File "D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007889.exe" deleted successfully. File "D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007890.exe" deleted successfully. File "D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007891.exe" deleted successfully. File "D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007892.exe" deleted successfully. File "D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007893.exe" deleted successfully. File "D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007894.exe" deleted successfully. File "D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007895.exe" deleted successfully. File "D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007896.exe" deleted successfully. File "D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007897.EXE" deleted successfully. File "D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007898.EXE" deleted successfully. File "D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007899.EXE" deleted successfully. File "D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007900.EXE" deleted successfully. File "D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007901.EXE" deleted successfully. File "D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007902.exe" deleted successfully. File "D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007903.exe" deleted successfully. File "D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007904.exe" deleted successfully. File "D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007905.exe" deleted successfully. File "D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007906.exe" deleted successfully. File "D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007907.exe" deleted successfully. File "D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007908.exe" deleted successfully. File "D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007909.exe" deleted successfully. File "D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007910.exe" deleted successfully. File "D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007911.exe" deleted successfully. File "D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007912.exe" deleted successfully. File "D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007913.exe" deleted successfully. File "D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007914.exe" deleted successfully. File "D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007915.exe" deleted successfully. File "D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007916.exe" deleted successfully. File "D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007917.exe" deleted successfully. File "D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007918.exe" deleted successfully. File "D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007919.com" deleted successfully. File "D:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP27\A0007920.com" deleted successfully. Completed script processing. ******************* Finished! Terminate.

przez **huber2t** » 15 Maj 2008, 22:18

Pliki sie usuneły, przeskanuj ponownie Kasperskim i daj log na forum

przez **pykoo** » 15 Maj 2008, 23:11

wielkie dziki Kasperski nic nie wykrył oto log

Kod: Zaznacz wszystko: ------------------------------------------------------------------------------- KASPERSKY ONLINE SCANNER REPORT 15 maj 2008 23:08:18 System operacyjny: Microsoft Windows XP Professional, Dodatek Service Pack 2 (Build 2600) Kaspersky Online Scanner wersja: 5.0.98.0 Ostatnia aktualizacja Kaspersky Anti-Virus15/05/2008 Liczba wpisów w bazie danych Kaspersky Anti-Virus775984 ------------------------------------------------------------------------------- Ustawienia skanowania: Skanowanie przy użyciu następujących baz danych: rozszerzone Skanuj archiwa: tak Skanuj pocztowe bazy danych: tak Obszar skanowania - Foldery: C:\ D:\ Statystyki skanowania: Liczba skanowanych obiektów: 42954 Liczba wykrytych wirusów: 0 Liczba zainfekowanych obiektów: 0 Liczba podejrzanych obiektów: 0 Czas trwania skanowania: 00:47:31 Nazwa zainfekowanego obiektu / Nazwa wirusa / Ostatnie działanie C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked pominięty C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked pominięty C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked pominięty C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Microsoft\Windows\UsrClass.dat Object is locked pominięty C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Microsoft\Windows\UsrClass.dat.LOG Object is locked pominięty C:\Documents and Settings\LocalService\Ustawienia lokalne\Historia\History.IE5\index.dat Object is locked pominięty C:\Documents and Settings\LocalService\Ustawienia lokalne\Temporary Internet Files\Content.IE5\index.dat Object is locked pominięty C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked pominięty C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked pominięty C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Microsoft\Windows\UsrClass.dat Object is locked pominięty C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Microsoft\Windows\UsrClass.dat.LOG Object is locked pominięty C:\Documents and Settings\pykoo\Cookies\index.dat Object is locked pominięty C:\Documents and Settings\pykoo\NTUSER.DAT Object is locked pominięty C:\Documents and Settings\pykoo\ntuser.dat.LOG Object is locked pominięty C:\Documents and Settings\pykoo\Ustawienia lokalne\Dane aplikacji\Microsoft\Windows\UsrClass.dat Object is locked pominięty C:\Documents and Settings\pykoo\Ustawienia lokalne\Dane aplikacji\Microsoft\Windows\UsrClass.dat.LOG Object is locked pominięty C:\Documents and Settings\pykoo\Ustawienia lokalne\Historia\History.IE5\index.dat Object is locked pominięty C:\Documents and Settings\pykoo\Ustawienia lokalne\Historia\History.IE5\MSHist012008051520080516\index.dat Object is locked pominięty C:\Documents and Settings\pykoo\Ustawienia lokalne\Temporary Internet Files\Content.IE5\index.dat Object is locked pominięty C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\logs\starwind.2008-05-15.22-08-46.log Object is locked pominięty C:\Program Files\Softwin\BitDefender9\asdict.dat Object is locked pominięty C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked pominięty C:\System Volume Information\_restore{937938D1-ADBA-4AFB-9029-0FB557D46A16}\RP28\change.log Object is locked pominięty C:\WINDOWS\CSC\00000001 Object is locked pominięty C:\WINDOWS\Debug\PASSWD.LOG Object is locked pominięty C:\WINDOWS\SchedLgU.Txt Object is locked pominięty C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked pominięty C:\WINDOWS\system32\config\AppEvent.Evt Object is locked pominięty C:\WINDOWS\system32\config\default Object is locked pominięty C:\WINDOWS\system32\config\default.LOG Object is locked pominięty C:\WINDOWS\system32\config\SAM Object is locked pominięty C:\WINDOWS\system32\config\SAM.LOG Object is locked pominięty C:\WINDOWS\system32\config\SecEvent.Evt Object is locked pominięty C:\WINDOWS\system32\config\SECURITY Object is locked pominięty C:\WINDOWS\system32\config\SECURITY.LOG Object is locked pominięty C:\WINDOWS\system32\config\software Object is locked pominięty C:\WINDOWS\system32\config\software.LOG Object is locked pominięty C:\WINDOWS\system32\config\SysEvent.Evt Object is locked pominięty C:\WINDOWS\system32\config\system Object is locked pominięty C:\WINDOWS\system32\config\system.LOG Object is locked pominięty C:\WINDOWS\system32\drivers\sptd.sys Object is locked pominięty C:\WINDOWS\system32\h323log.txt Object is locked pominięty C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked pominięty C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked pominięty C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked pominięty C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked pominięty C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked pominięty C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked pominięty C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked pominięty C:\WINDOWS\Temp\tmp000048ff\tmp00000000 Object is locked pominięty C:\WINDOWS\WindowsUpdate.log Object is locked pominięty D:\System Volume Information\MountPointManagerRemoteDatabase Object is locked pominięty Proces skanowania został zakończony.

przez **huber2t** » 16 Maj 2008, 05:29

Też się cieszę bo trochę czasu spędziełem przy pisaniu skryptu

przez **pykoo** » 17 Maj 2008, 15:55

witam log z combofixa
laptop brata sie zainfekowal ;]

Kod: Zaznacz wszystko: ComboFix 08-05-15.3 - RaJieru 2008-05-17 15:48:53.1 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1250.1.1033.18.739 [GMT 2:00] Running from: C:\Documents and Settings\RaJieru\Desktop\ComboFix.exe * Created a new restore point [color=red][b]WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !![/b][/color] . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . C:\Autorun.inf C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Windows Media\10.0\WMSDKNSD.XML C:\WINDOWS\system32\amvo.exe C:\WINDOWS\system32\amvo0.dll C:\WINDOWS\system32\h@tkeysh@@k.dll D:\Autorun.inf . ((((((((((((((((((((((((( Files Created from 2008-04-17 to 2008-05-17 ))))))))))))))))))))))))))))))) . 2008-05-11 11:23 . 2008-05-11 11:33 <DIR> d-------- C:\Documents and Settings\RaJieru\Application Data\eXPert PDF Editor 2008-05-11 11:17 . 2008-05-11 11:17 <DIR> d-------- C:\Program Files\Visagesoft 2008-05-11 11:16 . 2008-05-11 11:16 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard 2008-05-08 22:31 . 2008-05-11 22:19 <DIR> d-a------ C:\Documents and Settings\All Users\Application Data\TEMP 2008-05-08 22:29 . 2008-05-08 22:30 <DIR> d-------- C:\Program Files\FlashFXP 2008-05-08 22:29 . 2008-05-08 22:29 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\FlashFXP 2008-05-01 17:27 . 2008-03-21 13:13 102,536 -r-hs---- C:\v.com 2008-04-27 17:36 . 2008-04-27 17:36 <DIR> d-------- C:\Program Files\Hamachi 2008-04-27 17:36 . 2008-05-13 20:03 <DIR> d-------- C:\Documents and Settings\RaJieru\Application Data\Hamachi 2008-04-27 17:36 . 2008-04-27 17:36 25,280 --a------ C:\WINDOWS\system32\drivers\hamachi.sys 2008-04-27 17:19 . 1999-12-17 10:13 86,016 --a------ C:\WINDOWS\unvise32.exe 2008-04-26 17:39 . 2008-04-26 17:39 <DIR> d-------- C:\Program Files\Microsoft Silverlight 2008-04-19 14:00 . 2008-04-26 17:39 <DIR> d-------- C:\TEMP 2008-04-17 20:04 . 2008-04-17 20:04 6,688 --a------ C:\WINDOWS\movexe.exe . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-05-17 13:51 --------- d-----w C:\Documents and Settings\RaJieru\Application Data\Skype 2008-05-17 13:47 --------- d-----w C:\Documents and Settings\RaJieru\Application Data\foobar2000 2008-05-17 13:46 81,984 ----a-w C:\WINDOWS\system32\bdod.bin 2008-05-17 11:28 --------- d-----w C:\Documents and Settings\RaJieru\Application Data\skypePM 2008-05-15 23:34 --------- d-----w C:\Documents and Settings\RaJieru\Application Data\X-Chat 2 2008-05-13 14:34 --------- d-----w C:\Documents and Settings\RaJieru\Application Data\WTablet 2008-05-12 05:13 --------- d-----w C:\Documents and Settings\RaJieru\Application Data\AdobeUM 2008-04-15 17:09 --------- d-----w C:\Program Files\Tablet 2008-04-14 11:57 --------- d-----w C:\Documents and Settings\NetworkService\Application Data\WTablet 2008-04-13 23:07 --------- d-----w C:\Documents and Settings\RaJieru\Application Data\MySQL 2008-04-11 09:09 --------- d--h--w C:\Program Files\InstallShield Installation Information 2008-04-11 09:07 --------- d-----w C:\Program Files\FlashGet 2008-04-03 13:21 --------- d-----w C:\Documents and Settings\RaJieru\Application Data\StoneLoops 2008-04-03 13:11 --------- d-----w C:\Documents and Settings\All Users\Application Data\StoneLoops! 2008-03-25 14:11 --------- d-----w C:\Program Files\Common Files\Blizzard Entertainment 2008-03-25 12:45 --------- d-----w C:\Program Files\Microsoft SQL Server 2008-03-25 12:43 --------- d-----w C:\Documents and Settings\All Users\Application Data\Microsoft Help 2008-03-24 19:25 --------- d-----w C:\Program Files\Opera 2008-03-19 08:20 32 ----a-w C:\Documents and Settings\All Users\Application Data\ezsid.dat 2008-03-19 08:20 --------- d-----w C:\Program Files\Common Files\Skype 2008-03-18 16:26 --------- d-----w C:\Program Files\Ateksoft 2007-03-03 13:41 461 ----a-w C:\Program Files\INSTALL.LOG 2002-07-01 14:13 243 --sha-w C:\Documents and Settings\All Users\Application Data\system16driver.dat 2007-03-03 15:10 56 --sh--r C:\WINDOWS\system32\D0E7B49BA7.sys 2007-03-03 15:10 1,682 --sha-w C:\WINDOWS\system32\KGyGaAvL.sys . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-08-04 02:06 1667584] "H/PC Connection Agent"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe" [2005-11-15 22:02 1204224] "updateMgr"="C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [2006-03-30 17:45 313472] "WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2006-12-01 12:46 204288] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 14:00 15360] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "TabletWizard"="C:\WINDOWS\help\SplshWrp.exe" [2004-08-04 14:00 16384] "TabletTip"="C:\Program Files\Common Files\microsoft shared\ink\tabtip.exe" [2004-08-04 14:00 271872] "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-06-01 07:22 7618560] "nwiz"="nwiz.exe" [2006-06-01 17:22 1519616 C:\WINDOWS\system32\nwiz.exe] "SoundMAXPnP"="C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe" [2004-10-14 10:11 1388544] "00THotkey"="C:\WINDOWS\system32\[u]0[/u]0THotkey.exe" [2005-02-02 16:01 270336] "CrossMenu"="C:\Program Files\Toshiba\CrossMenu\CrossMenu.exe" [2005-04-04 13:07 798720] "000StTHK"="000StTHK.exe" [2001-06-23 21:28 24576 C:\WINDOWS\system32\[u]0[/u]00StTHK.exe] "Apoint"="C:\Program Files\Apoint2K\Apoint.exe" [2004-03-23 22:40 196608] "TFNF5"="TFNF5.exe" [2004-06-28 10:16 73728 C:\WINDOWS\system32\TFNF5.exe] "SmoothView"="C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe" [2005-04-04 12:40 118784] "TosRotation"="C:\Program Files\TOSHIBA\TOSHIBA Rotation Utility\TRot.exe" [2005-04-04 16:18 266240] "TPSMain"="TPSMain.exe" [2005-04-06 12:24 266240 C:\WINDOWS\system32\TPSMain.exe] "TPSODDCtl"="TPSODDCtl.exe" [2005-04-06 12:24 102400 C:\WINDOWS\system32\TPSODDCtl.exe] "TMESRV.EXE"="C:\Program Files\TOSHIBA\TME3\TMESRV31.exe" [2005-04-05 09:35 118784] "TMERzCtl.EXE"="C:\Program Files\TOSHIBA\TME3\TMERzCtl.exe" [2005-04-05 09:34 77824] "TMESBS.EXE"="C:\Program Files\TOSHIBA\TME3\TMESBS32.exe" [2003-10-28 15:38 77824] "TFncKy"="TFncKy.exe" [] "TAcelMgr"="C:\Program Files\TOSHIBA\Acceleration Utilities\TAcelMgr\TAcelMgr.exe" [2005-04-04 17:18 86016] "TSkrMain"="C:\Program Files\TOSHIBA\Acceleration Utilities\Shaker\TSkrMain.exe" [2005-04-04 17:18 45056] "DpUtil"="C:\Program Files\TOSHIBA\DualPointUtility\TEDTray.exe" [2003-12-19 13:10 155648] "NDSTray.exe"="NDSTray.exe" [] "TosHKCW.exe"="C:\Program Files\TOSHIBA\Wireless Hotkey\TosHKCW.exe" [2002-09-09 16:07 49152] "TAudEffect"="C:\Program Files\TOSHIBA\TAudEffect\TAudEff.exe" [2005-01-14 12:40 340032] "SpeedTouch USB Diagnostics"="C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" [2004-01-26 12:38 866816] "BDMCon"="C:\PROGRA~1\Softwin\BITDEF~1\bdmcon.exe" [2007-03-03 15:40 372736] "BDOESRV"="C:\Program Files\Softwin\BitDefender9\bdoesrv.exe" [2005-03-11 18:53 90112] "BDNewsAgent"="C:\PROGRA~1\Softwin\BITDEF~1\bdnagent.exe" [2005-06-09 11:28 9728] "BDSwitchAgent"="C:\PROGRA~1\Softwin\BITDEF~1\bdswitch.exe" [2005-04-06 14:09 33280] "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-03-04 14:15 155648] "NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 12:50 155648] "NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2006-06-01 07:22 86016] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "TabletWizard"="%windir%\help\wizard.hta" [ ] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-04 14:00 15360] C:\Documents and Settings\All Users\Start Menu\Programs\Startup\ Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 23:05:26 29696] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon] "UIHost"="C:\\WINDOWS\\system32\\logonui.exe" [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\loginkey] C:\Program Files\Common Files\Microsoft Shared\Ink\loginkey.dll 2004-08-04 14:00 47104 C:\Program Files\Common Files\Microsoft Shared\Ink\LoginKey.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\TabBtnWL] TabBtnWL.dll 2002-08-29 04:41 11776 C:\WINDOWS\system32\tabbtnwl.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\tpgwlnotify] tpgwlnot.dll 2004-08-04 14:00 30208 C:\WINDOWS\system32\tpgwlnot.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=sockspy.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "VIDC.YV12"= yv12vfw.dll [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "D:\\Program Files\\Konnekt\\konnekt.exe"= "C:\Program Files\Microsoft ActiveSync\rapimgr.exe"= C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"= C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager "C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"= C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application "C:\\Program Files\\eMule\\eMule.exe"= "C:\\Program Files\\BitComet\\BitComet.exe"= "D:\\Program Files\\xchat\\xchat.exe"= "C:\\Program Files\\Macromedia\\Dreamweaver 8\\Dreamweaver.exe"= "C:\\Program Files\\Zend\\ZendStudio-5.5.0\\jre\\bin\\javaw.exe"= "D:\\GRY\\Quake3\\quake3.exe"= "C:\\Program Files\\Ateksoft\\WebCamera Plus\\camviewer.exe"= "C:\\WINDOWS\\system32\\dpvsetup.exe"= "D:\\GRY\\World of Warcraft\\WoW-2.3.0.7561-to-2.3.2.7741-enUS-downloader.exe"= "C:\\Program Files\\Opera\\Opera.exe"= "C:\\Program Files\\FlashFXP\\FlashFXP.exe"= "C:\\Program Files\\Skype\\Phone\\Skype.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service "9405:TCP"= 9405:TCP:BitComet 9405 TCP "9405:UDP"= 9405:UDP:BitComet 9405 UDP "3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009 "3724:TCP"= 3724:TCP:Blizzard Downloader: 3724 R0 Thpdrv;TOSHIBA HDD Protection Driver;C:\WINDOWS\system32\DRIVERS\thpdrv.sys [2004-12-28 00:31] R0 Thpevm;TOSHIBA HDD Protection - Shock Sensor Driver;C:\WINDOWS\system32\DRIVERS\Thpevm.SYS [2004-11-13 13:24] R1 TMEI3E;TMEI3E;C:\WINDOWS\system32\Drivers\TMEI3E.SYS [2004-06-16 12:08] R2 Tmesbs;Tmesbs32;"C:\Program Files\TOSHIBA\TME3\Tmesbs32.exe" /Service [] R3 IFXTPM;IFXTPM;C:\WINDOWS\system32\DRIVERS\IFXTPM.SYS [2004-05-13 11:58] R3 TBtnKey;TOSHIBA Tablet PC Buttons Type N HID Driver;C:\WINDOWS\system32\DRIVERS\TBtnKey.sys [2002-09-12 23:48] R3 TEchoCan;Toshiba Audio Effect;C:\WINDOWS\system32\DRIVERS\TEchoCan.sys [2005-01-13 11:58] R3 TMicAry;Toshiba Audio Effect with MicArray;C:\WINDOWS\system32\DRIVERS\TMicAry.sys [2004-02-04 11:27] R3 tosrfec;Bluetooth ACPI from TOSHIBA;C:\WINDOWS\system32\DRIVERS\tosrfec.sys [2004-05-17 16:18] R3 WacomISDPen;Wacom Penabled HID MiniDriver;C:\WINDOWS\system32\DRIVERS\wacomisdpen.sys [2006-04-27 10:36] S3 AteksoftAudio;WebCamera Plus Audio;C:\WINDOWS\system32\drivers\ateksoftaudio.sys [2007-12-25 12:06] S3 VSPerfDrv;Performance Tools Driver;C:\Program Files\Microsoft Visual Studio 8\Team Tools\Performance Tools\VSPerfDrv.sys [2005-09-23 03:42] S3 WacomPen;Wacom Serial Pen HID Driver;C:\WINDOWS\system32\DRIVERS\wacompen.sys [2004-08-04 01:04] S4 msvsmon80;Visual Studio 2005 Remote Debugger;"C:\Program Files\Microsoft Visual Studio 8\Common7\IDE\Remote Debugger\x86\msvsmon.exe" /service msvsmon80 [] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{151b6b37-8c3f-11dc-88de-000e7b1593e0}] \Shell\AutoRun\command - H:\USBNB.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2a37dd3a-8bbd-11dc-88db-806d6172696f}] \Shell\AutoRun\command - D:\v.com \Shell\explore\Command - D:\v.com \Shell\open\Command - D:\v.com [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{54667386-c968-11db-a587-00166f893d46}] \Shell\AutoRun\command - G:\v.com \Shell\explore\Command - G:\v.com \Shell\open\Command - G:\v.com [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a19442a0-fd88-11dc-88f2-000e7b1593e0}] \Shell\AutoRun\command - G:\v.com \Shell\explore\Command - G:\v.com \Shell\open\Command - G:\v.com [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b6368e7c-c966-11db-a586-806d6172696f}] \Shell\AutoRun\command - C:\v.com \Shell\explore\Command - C:\v.com \Shell\open\Command - C:\v.com *Newly Created Service* - CATCHME . Contents of the 'Scheduled Tasks' folder "2007-03-03 09:14:36 C:\WINDOWS\Tasks\Registration reminder 1.job" - C:\WINDOWS\system32\OOBE\oobebaln.exe "2007-03-03 09:14:37 C:\WINDOWS\Tasks\Registration reminder 2.job" - C:\WINDOWS\system32\OOBE\oobebaln.exe "2007-03-03 09:14:37 C:\WINDOWS\Tasks\Registration reminder 3.job" - C:\WINDOWS\system32\OOBE\oobebaln.exe . ************************************************************************** catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-05-17 15:51:27 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . Completion time: 2008-05-17 15:52:40 ComboFix-quarantined-files.txt 2008-05-17 13:52:08 Pre-Run: 3,168,763,904 bytes free Post-Run: 4,085,198,848 bytes free 202

[/code]

przez **huber2t** » 17 Maj 2008, 16:08

Do wyleczenia pendrive z wirusów użyj
Perlovga Removal Tool
Flash Disinfector
lub format

Po tym nie odłaczaj pendrive i wykonaj to:

Pobierz ComboFix, ale nie uruchamiaj
Wklej do notatnika:

Kod: Zaznacz wszystko: File:: C:\v.com D:\v.com G:\v.com Registry:: [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "MSMSGS"=- "H/PC Connection Agent"=- "updateMgr"=- "WMPNSCFG"=- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "TFncKy"=- "QuickTime Task"=- "NeroFilterCheck"=- [-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2]

Plik

zapisz jako

CFScript.txt (najwygodniej będzie, jeśli zapiszesz w takiej lokalizacji, by ikonka CFScript.txt znalazła się obok ikonki ComboFix.exe)
Przeciągnij i upuść ikonkę CFScript.txt na ikonkę ComboFix.exe tak jak tu

Rozpocznie się usuwanie i powstanie log, daj ten log na forum.

przez **pykoo** » 17 Maj 2008, 16:27

log

Kod: Zaznacz wszystko: ComboFix 08-05-15.3 - RaJieru 2008-05-17 16:20:27.2 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1250.1.1033.18.689 [GMT 2:00] Running from: C:\Documents and Settings\RaJieru\Desktop\ComboFix.exe Command switches used :: C:\Documents and Settings\RaJieru\Desktop\CFScript.txt * Created a new restore point [color=red][b]WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !![/b][/color] FILE :: C:\v.com D:\v.com G:\v.com . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . C:\v.com D:\v.com G:\v.com . ((((((((((((((((((((((((( Files Created from 2008-04-17 to 2008-05-17 ))))))))))))))))))))))))))))))) . 2008-05-11 11:23 . 2008-05-11 11:33 <DIR> d-------- C:\Documents and Settings\RaJieru\Application Data\eXPert PDF Editor 2008-05-11 11:17 . 2008-05-11 11:17 <DIR> d-------- C:\Program Files\Visagesoft 2008-05-11 11:16 . 2008-05-11 11:16 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard 2008-05-08 22:31 . 2008-05-11 22:19 <DIR> d-a------ C:\Documents and Settings\All Users\Application Data\TEMP 2008-05-08 22:29 . 2008-05-08 22:30 <DIR> d-------- C:\Program Files\FlashFXP 2008-05-08 22:29 . 2008-05-08 22:29 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\FlashFXP 2008-04-27 17:36 . 2008-04-27 17:36 <DIR> d-------- C:\Program Files\Hamachi 2008-04-27 17:36 . 2008-05-13 20:03 <DIR> d-------- C:\Documents and Settings\RaJieru\Application Data\Hamachi 2008-04-27 17:36 . 2008-04-27 17:36 25,280 --a------ C:\WINDOWS\system32\drivers\hamachi.sys 2008-04-27 17:19 . 1999-12-17 10:13 86,016 --a------ C:\WINDOWS\unvise32.exe 2008-04-26 17:39 . 2008-04-26 17:39 <DIR> d-------- C:\Program Files\Microsoft Silverlight 2008-04-19 14:00 . 2008-04-26 17:39 <DIR> d-------- C:\TEMP 2008-04-17 20:04 . 2008-04-17 20:04 6,688 --a------ C:\WINDOWS\movexe.exe . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-05-17 14:16 81,984 ----a-w C:\WINDOWS\system32\bdod.bin 2008-05-17 14:08 --------- d-----w C:\Documents and Settings\RaJieru\Application Data\skypePM 2008-05-17 13:51 --------- d-----w C:\Documents and Settings\RaJieru\Application Data\Skype 2008-05-17 13:47 --------- d-----w C:\Documents and Settings\RaJieru\Application Data\foobar2000 2008-05-15 23:34 --------- d-----w C:\Documents and Settings\RaJieru\Application Data\X-Chat 2 2008-05-13 14:34 --------- d-----w C:\Documents and Settings\RaJieru\Application Data\WTablet 2008-05-12 05:13 --------- d-----w C:\Documents and Settings\RaJieru\Application Data\AdobeUM 2008-04-15 17:09 --------- d-----w C:\Program Files\Tablet 2008-04-14 11:57 --------- d-----w C:\Documents and Settings\NetworkService\Application Data\WTablet 2008-04-13 23:07 --------- d-----w C:\Documents and Settings\RaJieru\Application Data\MySQL 2008-04-11 09:09 --------- d--h--w C:\Program Files\InstallShield Installation Information 2008-04-11 09:07 --------- d-----w C:\Program Files\FlashGet 2008-04-03 13:21 --------- d-----w C:\Documents and Settings\RaJieru\Application Data\StoneLoops 2008-04-03 13:11 --------- d-----w C:\Documents and Settings\All Users\Application Data\StoneLoops! 2008-03-25 14:11 --------- d-----w C:\Program Files\Common Files\Blizzard Entertainment 2008-03-25 12:45 --------- d-----w C:\Program Files\Microsoft SQL Server 2008-03-25 12:43 --------- d-----w C:\Documents and Settings\All Users\Application Data\Microsoft Help 2008-03-24 19:25 --------- d-----w C:\Program Files\Opera 2008-03-19 08:20 32 ----a-w C:\Documents and Settings\All Users\Application Data\ezsid.dat 2008-03-19 08:20 --------- d-----w C:\Program Files\Common Files\Skype 2008-03-18 16:26 --------- d-----w C:\Program Files\Ateksoft 2007-03-03 13:41 461 ----a-w C:\Program Files\INSTALL.LOG 2002-07-01 14:13 243 --sha-w C:\Documents and Settings\All Users\Application Data\system16driver.dat 2007-03-03 15:10 56 --sh--r C:\WINDOWS\system32\D0E7B49BA7.sys 2007-03-03 15:10 1,682 --sha-w C:\WINDOWS\system32\KGyGaAvL.sys . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 14:00 15360] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "TabletWizard"="C:\WINDOWS\help\SplshWrp.exe" [2004-08-04 14:00 16384] "TabletTip"="C:\Program Files\Common Files\microsoft shared\ink\tabtip.exe" [2004-08-04 14:00 271872] "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-06-01 07:22 7618560] "nwiz"="nwiz.exe" [2006-06-01 17:22 1519616 C:\WINDOWS\system32\nwiz.exe] "SoundMAXPnP"="C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe" [2004-10-14 10:11 1388544] "00THotkey"="C:\WINDOWS\system32\[u]0[/u]0THotkey.exe" [2005-02-02 16:01 270336] "CrossMenu"="C:\Program Files\Toshiba\CrossMenu\CrossMenu.exe" [2005-04-04 13:07 798720] "000StTHK"="000StTHK.exe" [2001-06-23 21:28 24576 C:\WINDOWS\system32\[u]0[/u]00StTHK.exe] "Apoint"="C:\Program Files\Apoint2K\Apoint.exe" [2004-03-23 22:40 196608] "TFNF5"="TFNF5.exe" [2004-06-28 10:16 73728 C:\WINDOWS\system32\TFNF5.exe] "SmoothView"="C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe" [2005-04-04 12:40 118784] "TosRotation"="C:\Program Files\TOSHIBA\TOSHIBA Rotation Utility\TRot.exe" [2005-04-04 16:18 266240] "TPSMain"="TPSMain.exe" [2005-04-06 12:24 266240 C:\WINDOWS\system32\TPSMain.exe] "TPSODDCtl"="TPSODDCtl.exe" [2005-04-06 12:24 102400 C:\WINDOWS\system32\TPSODDCtl.exe] "TMESRV.EXE"="C:\Program Files\TOSHIBA\TME3\TMESRV31.exe" [2005-04-05 09:35 118784] "TMERzCtl.EXE"="C:\Program Files\TOSHIBA\TME3\TMERzCtl.exe" [2005-04-05 09:34 77824] "TMESBS.EXE"="C:\Program Files\TOSHIBA\TME3\TMESBS32.exe" [2003-10-28 15:38 77824] "TAcelMgr"="C:\Program Files\TOSHIBA\Acceleration Utilities\TAcelMgr\TAcelMgr.exe" [2005-04-04 17:18 86016] "TSkrMain"="C:\Program Files\TOSHIBA\Acceleration Utilities\Shaker\TSkrMain.exe" [2005-04-04 17:18 45056] "DpUtil"="C:\Program Files\TOSHIBA\DualPointUtility\TEDTray.exe" [2003-12-19 13:10 155648] "NDSTray.exe"="NDSTray.exe" [] "TosHKCW.exe"="C:\Program Files\TOSHIBA\Wireless Hotkey\TosHKCW.exe" [2002-09-09 16:07 49152] "TAudEffect"="C:\Program Files\TOSHIBA\TAudEffect\TAudEff.exe" [2005-01-14 12:40 340032] "SpeedTouch USB Diagnostics"="C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" [2004-01-26 12:38 866816] "BDMCon"="C:\PROGRA~1\Softwin\BITDEF~1\bdmcon.exe" [2007-03-03 15:40 372736] "BDOESRV"="C:\Program Files\Softwin\BitDefender9\bdoesrv.exe" [2005-03-11 18:53 90112] "BDNewsAgent"="C:\PROGRA~1\Softwin\BITDEF~1\bdnagent.exe" [2005-06-09 11:28 9728] "BDSwitchAgent"="C:\PROGRA~1\Softwin\BITDEF~1\bdswitch.exe" [2005-04-06 14:09 33280] "NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2006-06-01 07:22 86016] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "TabletWizard"="%windir%\help\wizard.hta" [ ] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-04 14:00 15360] C:\Documents and Settings\All Users\Start Menu\Programs\Startup\ Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 23:05:26 29696] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon] "UIHost"="C:\\WINDOWS\\system32\\logonui.exe" [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\loginkey] C:\Program Files\Common Files\Microsoft Shared\Ink\loginkey.dll 2004-08-04 14:00 47104 C:\Program Files\Common Files\Microsoft Shared\Ink\LoginKey.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\TabBtnWL] TabBtnWL.dll 2002-08-29 04:41 11776 C:\WINDOWS\system32\tabbtnwl.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\tpgwlnotify] tpgwlnot.dll 2004-08-04 14:00 30208 C:\WINDOWS\system32\tpgwlnot.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=sockspy.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "VIDC.YV12"= yv12vfw.dll [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "D:\\Program Files\\Konnekt\\konnekt.exe"= "C:\Program Files\Microsoft ActiveSync\rapimgr.exe"= C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"= C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager "C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"= C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application "C:\\Program Files\\eMule\\eMule.exe"= "C:\\Program Files\\BitComet\\BitComet.exe"= "D:\\Program Files\\xchat\\xchat.exe"= "C:\\Program Files\\Macromedia\\Dreamweaver 8\\Dreamweaver.exe"= "C:\\Program Files\\Zend\\ZendStudio-5.5.0\\jre\\bin\\javaw.exe"= "D:\\GRY\\Quake3\\quake3.exe"= "C:\\Program Files\\Ateksoft\\WebCamera Plus\\camviewer.exe"= "C:\\WINDOWS\\system32\\dpvsetup.exe"= "D:\\GRY\\World of Warcraft\\WoW-2.3.0.7561-to-2.3.2.7741-enUS-downloader.exe"= "C:\\Program Files\\Opera\\Opera.exe"= "C:\\Program Files\\FlashFXP\\FlashFXP.exe"= "C:\\Program Files\\Skype\\Phone\\Skype.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service "9405:TCP"= 9405:TCP:BitComet 9405 TCP "9405:UDP"= 9405:UDP:BitComet 9405 UDP "3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009 "3724:TCP"= 3724:TCP:Blizzard Downloader: 3724 R0 Thpdrv;TOSHIBA HDD Protection Driver;C:\WINDOWS\system32\DRIVERS\thpdrv.sys [2004-12-28 00:31] R0 Thpevm;TOSHIBA HDD Protection - Shock Sensor Driver;C:\WINDOWS\system32\DRIVERS\Thpevm.SYS [2004-11-13 13:24] R1 TMEI3E;TMEI3E;C:\WINDOWS\system32\Drivers\TMEI3E.SYS [2004-06-16 12:08] R2 Tmesbs;Tmesbs32;"C:\Program Files\TOSHIBA\TME3\Tmesbs32.exe" /Service [] R3 IFXTPM;IFXTPM;C:\WINDOWS\system32\DRIVERS\IFXTPM.SYS [2004-05-13 11:58] R3 TBtnKey;TOSHIBA Tablet PC Buttons Type N HID Driver;C:\WINDOWS\system32\DRIVERS\TBtnKey.sys [2002-09-12 23:48] R3 TEchoCan;Toshiba Audio Effect;C:\WINDOWS\system32\DRIVERS\TEchoCan.sys [2005-01-13 11:58] R3 TMicAry;Toshiba Audio Effect with MicArray;C:\WINDOWS\system32\DRIVERS\TMicAry.sys [2004-02-04 11:27] R3 tosrfec;Bluetooth ACPI from TOSHIBA;C:\WINDOWS\system32\DRIVERS\tosrfec.sys [2004-05-17 16:18] R3 WacomISDPen;Wacom Penabled HID MiniDriver;C:\WINDOWS\system32\DRIVERS\wacomisdpen.sys [2006-04-27 10:36] S3 AteksoftAudio;WebCamera Plus Audio;C:\WINDOWS\system32\drivers\ateksoftaudio.sys [2007-12-25 12:06] S3 VSPerfDrv;Performance Tools Driver;C:\Program Files\Microsoft Visual Studio 8\Team Tools\Performance Tools\VSPerfDrv.sys [2005-09-23 03:42] S3 WacomPen;Wacom Serial Pen HID Driver;C:\WINDOWS\system32\DRIVERS\wacompen.sys [2004-08-04 01:04] S4 msvsmon80;Visual Studio 2005 Remote Debugger;"C:\Program Files\Microsoft Visual Studio 8\Common7\IDE\Remote Debugger\x86\msvsmon.exe" /service msvsmon80 [] *Newly Created Service* - CATCHME . Contents of the 'Scheduled Tasks' folder "2007-03-03 09:14:36 C:\WINDOWS\Tasks\Registration reminder 1.job" - C:\WINDOWS\system32\OOBE\oobebaln.exe "2007-03-03 09:14:37 C:\WINDOWS\Tasks\Registration reminder 2.job" - C:\WINDOWS\system32\OOBE\oobebaln.exe "2007-03-03 09:14:37 C:\WINDOWS\Tasks\Registration reminder 3.job" - C:\WINDOWS\system32\OOBE\oobebaln.exe . ************************************************************************** catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-05-17 16:21:32 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . Completion time: 2008-05-17 16:22:04 ComboFix-quarantined-files.txt 2008-05-17 14:22:00 ComboFix2.txt 2008-05-17 13:52:41 Pre-Run: 4,063,334,400 bytes free Post-Run: 4,051,910,656 bytes free 179

przez **huber2t** » 17 Maj 2008, 16:33

Log wyglada na czysty

Usuń ręcznie folder C:\Qoobox,usuń instalkę Combofix z dysku

Przeczyść komputer Ccleanerem

Przeczyść programy uruchamiane w autostarcie

Wyłącz przywracanie systemu na wszystkich dyskach. Instrukcja

Przeskanuj komputer tym (uruchom przez IE) http://www.kaspersky.pl/virusscanner.html Daj raport z niego na forum

Włącz przywracanie systemu.

przez **pykoo** » 17 Maj 2008, 22:12

oto log

Kod: Zaznacz wszystko: ------------------------------------------------------------------------------- KASPERSKY ONLINE SCANNER REPORT 17 maj 2008 22:09:56 System operacyjny: Microsoft Windows XP Professional, Service Pack 2 (Build 2600) Kaspersky Online Scanner wersja: 5.0.98.0 Ostatnia aktualizacja Kaspersky Anti-Virus17/05/2008 Liczba wpisów w bazie danych Kaspersky Anti-Virus781037 ------------------------------------------------------------------------------- Ustawienia skanowania: Skanowanie przy użyciu następujących baz danych: rozszerzone Skanuj archiwa: tak Skanuj pocztowe bazy danych: tak Obszar skanowania - Mój komputer: C:\ D:\ E:\ F:\ G:\ Statystyki skanowania: Liczba skanowanych obiektów: 134681 Liczba wykrytych wirusów: 1 Liczba zainfekowanych obiektów: 6 Liczba podejrzanych obiektów: 0 Czas trwania skanowania: 01:53:43 Nazwa zainfekowanego obiektu / Nazwa wirusa / Ostatnie działanie C:\Documents and Settings\All Users\DRM\drmstore.hds Object is locked pominięty C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked pominięty C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked pominięty C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked pominięty C:\Documents and Settings\LocalService\Local Settings\History\History.IE5\index.dat Object is locked pominięty C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked pominięty C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked pominięty C:\Documents and Settings\LocalService\NTUSER.DAT.LOG Object is locked pominięty C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked pominięty C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked pominięty C:\Documents and Settings\NetworkService\Local Settings\Temp\Perflib_Perfdata_7f4.dat Object is locked pominięty C:\Documents and Settings\NetworkService\Local Settings\Temp\Perflib_Perfdata_8b0.dat Object is locked pominięty C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked pominięty C:\Documents and Settings\NetworkService\NTUSER.DAT.LOG Object is locked pominięty C:\Documents and Settings\RaJieru\Cookies\index.dat Object is locked pominięty C:\Documents and Settings\RaJieru\Local Settings\Application Data\ApplicationHistory\TCServer.exe.7c11743d.ini.inuse Object is locked pominięty C:\Documents and Settings\RaJieru\Local Settings\Application Data\Microsoft\Media Player\CurrentDatabase_360.wmdb Object is locked pominięty C:\Documents and Settings\RaJieru\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked pominięty C:\Documents and Settings\RaJieru\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked pominięty C:\Documents and Settings\RaJieru\Local Settings\History\History.IE5\index.dat Object is locked pominięty C:\Documents and Settings\RaJieru\Local Settings\History\History.IE5\MSHist012008051720080518\index.dat Object is locked pominięty C:\Documents and Settings\RaJieru\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked pominięty C:\Documents and Settings\RaJieru\NTUSER.DAT Object is locked pominięty C:\Documents and Settings\RaJieru\NTUSER.DAT.LOG Object is locked pominięty C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\logs\starwind.2008-05-17.17-15-34.log Object is locked pominięty C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Data\master.mdf Object is locked pominięty C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Data\mastlog.ldf Object is locked pominięty C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Data\model.mdf Object is locked pominięty C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Data\modellog.ldf Object is locked pominięty C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Data\msdbdata.mdf Object is locked pominięty C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Data\msdblog.ldf Object is locked pominięty C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Data\tempdb.mdf Object is locked pominięty C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Data\templog.ldf Object is locked pominięty C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\LOG\ERRORLOG Object is locked pominięty C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\LOG\log_22.trc Object is locked pominięty C:\Program Files\Microsoft SQL Server\MSSQL.2\MSSQL\Data\master.mdf Object is locked pominięty C:\Program Files\Microsoft SQL Server\MSSQL.2\MSSQL\Data\mastlog.ldf Object is locked pominięty C:\Program Files\Microsoft SQL Server\MSSQL.2\MSSQL\Data\model.mdf Object is locked pominięty C:\Program Files\Microsoft SQL Server\MSSQL.2\MSSQL\Data\modellog.ldf Object is locked pominięty C:\Program Files\Microsoft SQL Server\MSSQL.2\MSSQL\Data\msdbdata.mdf Object is locked pominięty C:\Program Files\Microsoft SQL Server\MSSQL.2\MSSQL\Data\msdblog.ldf Object is locked pominięty C:\Program Files\Microsoft SQL Server\MSSQL.2\MSSQL\Data\tempdb.mdf Object is locked pominięty C:\Program Files\Microsoft SQL Server\MSSQL.2\MSSQL\Data\templog.ldf Object is locked pominięty C:\Program Files\Microsoft SQL Server\MSSQL.2\MSSQL\LOG\ERRORLOG Object is locked pominięty C:\Program Files\Microsoft SQL Server\MSSQL.2\MSSQL\LOG\log_19.trc Object is locked pominięty C:\Program Files\Softwin\BitDefender9\asdict.dat Object is locked pominięty C:\Program Files\Softwin\BitDefender9\aspdict.dat Object is locked pominięty C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked pominięty C:\System Volume Information\_restore{41FA940C-7BCA-4A18-BE9D-4C22F669B17D}\RP1\change.log Object is locked pominięty C:\WINDOWS\Debug\PASSWD.LOG Object is locked pominięty C:\WINDOWS\SchedLgU.Txt Object is locked pominięty C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked pominięty C:\WINDOWS\system32\CatRoot2\edb.log Object is locked pominięty C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked pominięty C:\WINDOWS\system32\config\AppEvent.Evt Object is locked pominięty C:\WINDOWS\system32\config\default Object is locked pominięty C:\WINDOWS\system32\config\default.LOG Object is locked pominięty C:\WINDOWS\system32\config\SAM Object is locked pominięty C:\WINDOWS\system32\config\SAM.LOG Object is locked pominięty C:\WINDOWS\system32\config\SecEvent.Evt Object is locked pominięty C:\WINDOWS\system32\config\SECURITY Object is locked pominięty C:\WINDOWS\system32\config\SECURITY.LOG Object is locked pominięty C:\WINDOWS\system32\config\software Object is locked pominięty C:\WINDOWS\system32\config\software.LOG Object is locked pominięty C:\WINDOWS\system32\config\SysEvent.Evt Object is locked pominięty C:\WINDOWS\system32\config\system Object is locked pominięty C:\WINDOWS\system32\config\system.LOG Object is locked pominięty C:\WINDOWS\system32\drivers\sptd.sys Object is locked pominięty C:\WINDOWS\system32\h323log.txt Object is locked pominięty C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked pominięty C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked pominięty C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked pominięty C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked pominięty C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked pominięty C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked pominięty C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked pominięty C:\WINDOWS\Temp\tmp00000526\tmp00000000 Object is locked pominięty C:\WINDOWS\WindowsUpdate.log Object is locked pominięty D:\INSTALKI\INTERNET\mirc63.exe/stream/data0001/stream/data0014 Zainfekowanych: not-a-virus:Client-IRC.Win32.mIRC.63 pominięty D:\INSTALKI\INTERNET\mirc63.exe/stream/data0001/stream Zainfekowanych: not-a-virus:Client-IRC.Win32.mIRC.63 pominięty D:\INSTALKI\INTERNET\mirc63.exe/stream/data0001 Zainfekowanych: not-a-virus:Client-IRC.Win32.mIRC.63 pominięty D:\INSTALKI\INTERNET\mirc63.exe/stream Zainfekowanych: not-a-virus:Client-IRC.Win32.mIRC.63 pominięty D:\INSTALKI\INTERNET\mirc63.exe NSIS: zainfekowany - 4 pominięty D:\Program Files\mIRC\mirc.exe Zainfekowanych: not-a-virus:Client-IRC.Win32.mIRC.63 pominięty D:\System Volume Information\MountPointManagerRemoteDatabase Object is locked pominięty Proces skanowania został zakończony.

jak usunąć amvo.exe

Kto jest na forum