Witam jestem nowy na forum .Skaner norton znalazł mi trojana horse,ale nie wskazal miejsca gdzie się znajduje.Pobrałem nortona na 15 dni,ale mi już tego nie znalazł.Czy to fałszywy alarm o wirusie.Innne program i skanery go nie znajdują,choc mam trudności z pewną grą na stronie ttp://powersoccer.bbgames.com/?lang=pl.Grałem w tą gre już to było ok.Poprostu piłkarze biegaja i mają jakby skrzydła,wygladają na cmy,Proszę o sprawdzenie loga z combofixa.

Loga zamieszczam poniżej .Sorki że nie na wklej.org ale coś nie mogłem wstawic loga na wklej.org.

ComboFix 09-12-11.05 - toshiba 2009-12-12 21:26:58.1.2 - x86

Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.48.1045.18.3070.1717 [GMT 1:00]

Uruchomiony z: c:\users\toshiba\Downloads\ComboFix.exe

SP: Windows Defender *disabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}

.

((((((((((((((((((((((((( Pliki utworzone od 2009-11-12 do 2009-12-12 )))))))))))))))))))))))))))))))

.

2009-12-12 20:33 . 2009-12-12 20:33 -------- d-----w- c:\users\Default\AppData\Local\temp

2009-12-12 19:19 . 2009-10-28 22:37 811896 ----a-w- c:\programdata\Norton{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\IPSDefs\20091111.001\Scxpx86.dll

2009-12-12 19:19 . 2009-10-28 22:37 329592 ----a-w- c:\programdata\Norton{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\IPSDefs\20091111.001\IDSXpx86.sys

2009-12-12 19:19 . 2009-10-28 22:37 343088 ----a-w- c:\programdata\Norton{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\IPSDefs\20091111.001\IDSvix86.sys

2009-12-12 19:19 . 2009-10-28 22:37 488312 ----a-w- c:\programdata\Norton{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\IPSDefs\20091111.001\IDSxpx86.dll

2009-12-12 19:19 . 2009-10-28 22:37 466992 ----a-w- c:\programdata\Norton{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\IPSDefs\20091111.001\IDSviA64.sys

2009-12-12 19:18 . 2009-12-12 19:18 84912 ----a-w- c:\programdata\Norton{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20091212.004\naveng.sys

2009-12-12 19:18 . 2009-12-12 19:18 1323568 ----a-w- c:\programdata\Norton{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20091212.004\navex15.sys

2009-12-12 19:18 . 2009-12-12 19:18 102448 ----a-w- c:\programdata\Norton{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20091212.004\eraser.sys

2009-12-12 19:18 . 2009-12-12 19:18 371248 ----a-w- c:\programdata\Norton{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20091212.004\eeCtrl.sys

2009-12-12 19:18 . 2009-12-12 19:18 2747440 ----a-w- c:\programdata\Norton{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20091212.004\cceraser.dll

2009-12-12 19:18 . 2009-12-12 19:18 259440 ----a-w- c:\programdata\Norton{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20091212.004\ecmsvr32.dll

2009-12-12 19:18 . 2009-12-12 19:18 177520 ----a-w- c:\programdata\Norton{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20091212.004\naveng32.dll

2009-12-12 19:18 . 2009-12-12 19:18 1647984 ----a-w- c:\programdata\Norton{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20091212.004\navex32a.dll

2009-12-12 19:17 . 2009-12-12 19:17 -------- d-----w- c:\users\toshiba\AppData\Local\Tific

2009-12-12 19:16 . 2009-12-12 19:16 -------- d-----w- c:\users\toshiba\AppData\Roaming\Tific

2009-12-12 19:16 . 2009-12-12 19:16 -------- d-----w- c:\users\toshiba\AppData\Local\Symantec

2009-12-12 19:16 . 2009-08-30 00:16 164216 ----a-r- c:\programdata\Norton{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\IPSFFPlgn\components\IPSFFPl.dll

2009-12-12 19:16 . 2009-08-29 01:24 784752 ----a-r- c:\programdata\Norton{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\coFFPlgn\components\coFFPlgn.dll

2009-12-12 19:16 . 2009-12-12 19:16 124976 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS

2009-12-12 19:16 . 2009-12-12 19:16 -------- d-----w- c:\program files\Symantec

2009-12-12 19:15 . 2009-12-12 19:17 965488 ----a-w- c:\programdata\Norton{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\OCS\hsplayer.dll

2009-12-12 19:15 . 2009-09-01 08:45 892784 ----a-w- c:\programdata\Norton{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\CLT\cltLMSx.dll

2009-12-12 19:15 . 2009-12-12 19:41 -------- d-----w- c:\windows\system32\drivers\NIS

2009-12-12 19:15 . 2009-12-12 19:15 -------- d-----w- c:\program files\Norton Internet Security

2009-12-12 18:49 . 2009-12-12 18:49 55624 ----a-w- c:\windows\system32\drivers\MiniIcpt.sys

2009-12-12 18:49 . 2009-12-12 18:49 47560 ----a-w- c:\windows\system32\drivers\PktIcpt.sys

2009-12-12 18:48 . 2009-12-12 18:48 28616 ----a-w- c:\windows\system32\drivers\GDBehave.sys

2009-12-12 18:48 . 2009-12-12 18:48 40904 ----a-w- c:\windows\system32\drivers\gdwfpcd32.sys

2009-12-12 18:47 . 2009-12-12 19:00 -------- d-----w- c:\programdata\G DATA

2009-12-12 18:47 . 2009-12-12 19:00 -------- d-----w- c:\program files\G Data

2009-12-12 18:47 . 2009-12-12 19:00 -------- d-----w- c:\program files\Common Files\G DATA

2009-12-12 18:11 . 2006-06-19 11:01 69632 ----a-w- c:\windows\system32\ztvcabinet.dll

2009-12-12 18:11 . 2006-05-25 13:52 162304 ----a-w- c:\windows\system32\ztvunrar36.dll

2009-12-12 18:11 . 2005-08-25 23:50 77312 ----a-w- c:\windows\system32\ztvunace26.dll

2009-12-12 18:11 . 2003-02-02 18:06 153088 ----a-w- c:\windows\system32\UNRAR3.dll

2009-12-12 18:11 . 2002-03-05 23:00 75264 ----a-w- c:\windows\system32\unacev2.dll

2009-12-12 18:11 . 2009-12-12 18:11 -------- d-----w- c:\program files\Trojan Remover

2009-12-12 18:11 . 2009-12-12 18:11 -------- d-----w- c:\users\toshiba\AppData\Roaming\Simply Super Software

2009-12-12 18:11 . 2009-12-12 18:11 -------- d-----w- c:\programdata\Simply Super Software

2009-12-12 12:42 . 2009-06-30 08:37 28552 ----a-w- c:\windows\system32\drivers\pavboot.sys

2009-12-12 12:42 . 2009-12-12 12:42 -------- d-----w- c:\program files\Panda Security

2009-12-12 11:19 . 2009-12-03 15:14 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2009-12-12 11:19 . 2009-12-12 11:19 -------- d-----w- c:\program files\Malwarebytes’ Anti-Malware

2009-12-12 11:19 . 2009-12-03 15:13 19160 ----a-w- c:\windows\system32\drivers\mbam.sys

2009-12-11 23:21 . 2009-12-11 23:21 -------- d-----w- c:\users\toshiba\AppData\Local\PowerChallenge

2009-12-11 22:56 . 2009-12-12 19:16 -------- d-----w- c:\program files\Common Files\Symantec Shared

2009-12-11 22:52 . 2009-12-12 19:16 -------- d-----w- c:\programdata\Norton

2009-12-11 22:52 . 2009-12-11 22:52 -------- d-----w- c:\windows\system32\drivers\NSS

2009-12-11 22:52 . 2009-12-11 22:52 -------- d-----w- c:\program files\Norton Security Scan

2009-12-11 22:52 . 2009-12-11 22:55 -------- d-----w- c:\programdata\Symantec

2009-12-11 22:52 . 2009-12-12 19:15 -------- d-----w- c:\program files\NortonInstaller

2009-12-11 22:52 . 2009-12-11 22:52 -------- d-----w- c:\programdata\NortonInstaller

2009-12-11 22:40 . 2009-12-11 22:40 -------- d-----w- c:\windows\system32\Adobe

2009-12-11 21:38 . 2009-12-11 21:38 -------- d-----w- c:\users\toshiba\AppData\Local\P5

2009-12-11 21:38 . 2009-12-11 21:38 -------- d-----w- C:\bwinPoker

2009-12-11 17:36 . 2009-12-11 17:36 -------- d-----w- c:\program files\SopCast

2009-12-11 13:15 . 2009-12-11 13:29 -------- d-----w- c:\program files\RealVNC

2009-12-11 09:00 . 2009-12-11 09:00 2747440 ----a-w- c:\programdata\Symantec\Definitions\SymcData\virusdefs-2.5-e\20091211.002\CCERASER.DLL

2009-12-09 08:26 . 2009-11-09 12:31 24064 ----a-w- c:\windows\system32\nshhttp.dll

2009-12-09 08:26 . 2009-11-09 12:30 30720 ----a-w- c:\windows\system32\httpapi.dll

2009-12-09 08:26 . 2009-11-09 10:36 411648 ----a-w- c:\windows\system32\drivers\http.sys

2009-12-09 08:13 . 2009-08-24 11:36 377344 ----a-w- c:\windows\system32\winhttp.dll

2009-12-09 08:13 . 2009-10-27 14:11 834048 ----a-w- c:\windows\system32\wininet.dll

2009-12-09 08:13 . 2009-10-27 13:16 78336 ----a-w- c:\windows\system32\ieencode.dll

2009-12-09 08:13 . 2009-10-07 11:36 243712 ----a-w- c:\windows\system32\rastls.dll

2009-12-05 22:12 . 2009-12-05 22:12 -------- d-----w- c:\users\toshiba\AppData\Roaming\Malwarebytes

2009-12-05 22:12 . 2009-12-05 22:12 -------- d-----w- c:\programdata\Malwarebytes

2009-12-03 22:02 . 2009-12-03 22:02 -------- d-----w- c:\program files\Microsoft Silverlight

2009-12-01 20:54 . 2009-12-01 20:54 -------- d-----w- c:\users\toshiba\DoctorWeb

2009-11-29 01:25 . 2009-11-29 01:25 -------- d-----w- c:\program files\Windows Portable Devices

2009-11-29 00:42 . 2009-11-02 19:42 195456 ------w- c:\windows\system32\MpSigStub.exe

2009-11-29 00:22 . 2009-09-10 02:00 92672 ----a-w- c:\windows\system32\UIAnimation.dll

2009-11-29 00:22 . 2009-09-10 02:01 3023360 ----a-w- c:\windows\system32\UIRibbon.dll

2009-11-29 00:22 . 2009-09-10 02:00 1164800 ----a-w- c:\windows\system32\UIRibbonRes.dll

2009-11-29 00:20 . 2009-10-08 21:08 555520 ----a-w- c:\windows\system32\UIAutomationCore.dll

2009-11-29 00:20 . 2009-10-08 21:08 234496 ----a-w- c:\windows\system32\oleacc.dll

2009-11-29 00:20 . 2009-10-08 21:07 4096 ----a-w- c:\windows\system32\oleaccrc.dll

2009-11-28 23:50 . 2009-11-28 23:50 -------- d-----w- c:\users\toshiba\AppData\Local\Opera

2009-11-28 23:50 . 2009-11-28 23:50 -------- d-----w- c:\users\toshiba\AppData\Local\ESET

2009-11-28 23:49 . 2009-11-28 23:49 -------- d-----w- c:\program files\Opera

2009-11-28 02:35 . 2009-11-28 02:37 -------- d-----w- c:\windows\system32\ca-ES

2009-11-28 02:35 . 2009-11-28 02:37 -------- d-----w- c:\windows\system32\eu-ES

2009-11-28 02:35 . 2009-11-28 02:36 -------- d-----w- c:\windows\system32\vi-VN

2009-11-27 18:25 . 2009-11-27 18:25 -------- d-----w- c:\windows\system32\EventProviders

2009-11-26 13:29 . 2009-10-29 09:17 2048 ----a-w- c:\windows\system32\tzres.dll

2009-11-25 20:31 . 2009-11-25 20:31 -------- d-----w- c:\windows\system32\TVUAx

2009-11-25 10:26 . 2009-08-11 16:44 1401856 ----a-w- c:\windows\system32\msxml6.dll

2009-11-25 10:26 . 2009-08-11 16:44 1248768 ----a-w- c:\windows\system32\msxml3.dll

2009-11-24 23:13 . 2009-11-27 09:29 -------- d-----w- c:\programdata\OpenFM

2009-11-24 23:13 . 2009-11-24 23:13 -------- d-----w- c:\users\toshiba\AppData\Roaming\OpenFM

2009-11-24 13:08 . 2009-11-29 00:49 -------- d-----w- c:\program files\Everest Poker

2009-11-23 13:55 . 2009-12-12 19:05 -------- d-----w- c:\users\toshiba\AppData\Roaming\ipla

2009-11-23 13:55 . 2009-11-23 13:55 -------- d-----w- c:\programdata\ipla

2009-11-23 13:55 . 2009-11-23 13:55 -------- d-----w- c:\program files\ipla

2009-11-23 13:54 . 2009-11-23 13:54 348160 ----a-w- c:\windows\system32\Msvcr71.dll

2009-11-23 13:54 . 2009-11-23 13:54 1700352 ----a-w- c:\windows\system32\gdiplus.dll

2009-11-23 13:54 . 2009-11-23 13:54 1060864 ----a-w- c:\windows\system32\mfc71.dll

2009-11-23 08:46 . 2008-05-27 04:59 18904 ----a-w- c:\windows\system32\StructuredQuerySchemaTrivial.bin

2009-11-22 14:10 . 2009-04-11 06:28 502272 ----a-w- c:\windows\system32\usp10.dll

2009-11-22 14:09 . 2009-04-11 06:28 83968 ----a-w- c:\windows\system32\wbem\wmiutils.dll

2009-11-22 14:09 . 2009-04-11 06:28 744448 ----a-w- c:\windows\system32\wbem\wbemcore.dll

2009-11-22 14:09 . 2009-04-11 06:28 30208 ----a-w- c:\windows\system32\wbem\wbemprox.dll

2009-11-22 14:09 . 2009-04-11 06:28 265728 ----a-w- c:\windows\system32\wbem\repdrvfs.dll

2009-11-22 14:09 . 2009-04-11 06:28 189440 ----a-w- c:\windows\system32\wbem\mofd.dll

2009-11-22 14:09 . 2009-04-11 06:28 614912 ----a-w- c:\windows\system32\wbem\fastprox.dll

2009-11-22 14:09 . 2009-04-11 06:28 265728 ----a-w- c:\windows\system32\wbem\esscli.dll

2009-11-22 14:09 . 2009-04-11 06:28 705536 ----a-w- c:\windows\system32\SmiEngine.dll

2009-11-22 14:09 . 2009-04-11 06:28 218624 ----a-w- c:\windows\system32\wdscore.dll

2009-11-22 14:09 . 2009-04-11 06:27 130560 ----a-w- c:\windows\system32\PkgMgr.exe

2009-11-22 14:08 . 2009-04-11 06:28 247808 ----a-w- c:\windows\system32\drvstore.dll

2009-11-21 20:10 . 2009-11-21 20:10 -------- d-----w- C:\PerfLogs

2009-11-21 10:17 . 2009-11-21 10:17 -------- d-----w- c:\users\toshiba\AppData\Local\cache

2009-11-21 10:13 . 2009-11-21 10:29 -------- d-----w- c:\users\toshiba\AppData\Roaming\Gadu-Gadu 10

2009-11-21 10:13 . 2009-11-21 10:13 -------- d-----w- c:\program files\Gadu-Gadu 10

2009-11-18 14:52 . 2009-11-18 14:52 37376 ----a-w- c:\users\toshiba\AppData\Roaming\Gadu-Gadu 10_userdata\ggbho.2.dll

2009-11-18 14:52 . 2009-11-18 14:52 11776 ----a-w- c:\users\toshiba\AppData\Roaming\Gadu-Gadu 10_userdata\npgg.2.dll

2009-11-13 15:51 . 2009-11-13 15:51 -------- d-----w- c:\program files\ERA

.

(((((((((((((((((((((((((((((((((((((((( Sekcja Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2009-12-12 19:16 . 2009-12-12 19:16 805 ----a-w- c:\windows\system32\drivers\SYMEVENT.INF

2009-12-12 19:16 . 2009-12-12 19:16 7443 ----a-w- c:\windows\system32\drivers\SYMEVENT.CAT

2009-12-12 19:12 . 2006-12-05 05:22 662056 ----a-w- c:\windows\system32\perfh015.dat

2009-12-12 19:12 . 2006-12-05 05:22 126908 ----a-w- c:\windows\system32\perfc015.dat

2009-12-12 19:05 . 2009-11-11 17:39 -------- d-----w- c:\users\toshiba\AppData\Roaming\Skype

2009-12-12 18:53 . 2009-10-20 22:39 6944 ----a-w- c:\users\toshiba\AppData\Local\d3d9caps.dat

2009-12-12 18:37 . 2009-11-11 17:59 -------- d-----w- c:\users\toshiba\AppData\Roaming\skypePM

2009-12-09 23:32 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail

2009-11-29 01:25 . 2006-11-02 10:25 665600 ----a-w- c:\windows\inf\drvindex.dat

2009-11-29 01:24 . 2009-11-29 01:24 0 —ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_07_00.Wdf

2009-11-28 23:27 . 2008-03-05 11:48 -------- d-----w- c:\programdata\McAfee

2009-11-28 02:37 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Calendar

2009-11-28 02:37 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Sidebar

2009-11-28 02:37 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Collaboration

2009-11-28 02:37 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Journal

2009-11-28 02:37 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Photo Gallery

2009-11-28 02:37 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Defender

2009-11-28 02:34 . 2009-11-28 02:34 0 —ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_00_00.Wdf

2009-11-21 19:58 . 2006-11-02 10:32 101888 ----a-w- c:\windows\system32\ifxcardm.dll

2009-11-21 19:58 . 2006-11-02 10:32 82432 ----a-w- c:\windows\system32\axaltocm.dll

2009-11-11 17:59 . 2009-11-11 17:59 56 —ha-w- c:\programdata\ezsidmv.dat

2009-11-11 17:39 . 2009-11-11 17:39 -------- d-----r- c:\program files\Skype

2009-11-11 17:39 . 2009-11-11 17:39 -------- d-----w- c:\program files\Common Files\Skype

2009-11-11 17:39 . 2009-11-11 17:38 -------- d-----w- c:\programdata\Skype

2009-11-10 21:13 . 2009-11-10 10:47 -------- d-----w- c:\program files\EA Sports

2009-11-10 13:01 . 2009-11-10 13:01 -------- d-----w- c:\program files\KONAMI

2009-11-04 23:50 . 2009-11-04 23:50 201616 ----a-w- c:\programdata\Norton{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\BASHDefs\20091104.001\BHRules.dll

2009-11-04 23:50 . 2009-11-04 23:50 663088 ----a-w- c:\programdata\Norton{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\BASHDefs\20091104.001\BHDrvx64.sys

2009-11-04 23:50 . 2009-11-04 23:50 524848 ----a-w- c:\programdata\Norton{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\BASHDefs\20091104.001\BHDrvx86.sys

2009-11-04 23:50 . 2009-11-04 23:50 1413520 ----a-w- c:\programdata\Norton{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\BASHDefs\20091104.001\BHEngine.dll

2009-11-04 23:50 . 2009-11-04 23:50 610704 ----a-w- c:\programdata\Norton{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\BASHDefs\20091104.001\bbRGen.dll

2009-10-31 19:42 . 2009-10-31 19:42 310784 ----a-w- c:\windows\system32\unregmp2.exe

2009-10-31 19:42 . 2009-10-31 19:42 8147456 ----a-w- c:\windows\system32\wmploc.DLL

2009-10-31 19:41 . 2009-10-31 19:41 7680 ----a-w- c:\windows\system32\spwmp.dll

2009-10-31 19:41 . 2009-10-31 19:41 4096 ----a-w- c:\windows\system32\dxmasf.dll

2009-10-29 04:48 . 2009-10-29 04:48 499712 ----a-w- c:\windows\system32\msvcp71.dll

2009-10-28 22:37 . 2009-10-28 22:37 343088 ----a-w- c:\programdata\Norton{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\IPSDefs\BinHub\IDSvix86.sys

2009-10-28 22:37 . 2009-10-28 22:37 329592 ----a-w- c:\programdata\Norton{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\IPSDefs\BinHub\IDSXpx86.sys

2009-10-28 22:37 . 2009-10-28 22:37 811896 ----a-w- c:\programdata\Norton{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\IPSDefs\BinHub\Scxpx86.dll

2009-10-28 22:37 . 2009-10-28 22:37 488312 ----a-w- c:\programdata\Norton{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\IPSDefs\BinHub\IDSxpx86.dll

2009-10-28 22:37 . 2009-10-28 22:37 466992 ----a-w- c:\programdata\Norton{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\IPSDefs\BinHub\IDSviA64.sys

2009-10-27 15:00 . 2009-10-27 15:00 37888 ----a-w- c:\windows\system32\printcom.dll

2009-10-27 14:55 . 2009-10-27 14:55 53472 ----a-w- c:\windows\system32\wuauclt.exe

2009-10-27 14:55 . 2009-10-27 14:55 44768 ----a-w- c:\windows\system32\wups2.dll

2009-10-27 14:55 . 2009-10-27 14:55 2421760 ----a-w- c:\windows\system32\wucltux.dll

2009-10-27 14:55 . 2009-10-27 14:55 1929952 ----a-w- c:\windows\system32\wuaueng.dll

2009-10-27 14:54 . 2009-10-27 14:54 87552 ----a-w- c:\windows\system32\wudriver.dll

2009-10-27 14:54 . 2009-10-27 14:54 35552 ----a-w- c:\windows\system32\wups.dll

2009-10-27 14:54 . 2009-10-27 14:54 575704 ----a-w- c:\windows\system32\wuapi.dll

2009-10-27 14:53 . 2009-10-27 14:53 33792 ----a-w- c:\windows\system32\wuapp.exe

2009-10-27 14:53 . 2009-10-27 14:53 171608 ----a-w- c:\windows\system32\wuwebv.dll

2009-10-25 21:21 . 2009-10-25 21:21 499712 ----a-w- c:\windows\system32\kerberos.dll

2009-10-25 21:21 . 2009-10-25 21:21 270848 ----a-w- c:\windows\system32\schannel.dll

2009-10-25 14:40 . 2009-10-25 14:40 623616 ----a-w- c:\windows\system32\localspl.dll

2009-10-25 14:40 . 2009-10-25 14:40 91136 ----a-w- c:\windows\system32\avifil32.dll

2009-10-25 14:40 . 2009-10-25 14:40 82944 ----a-w- c:\windows\system32\mciavi32.dll

2009-10-25 14:40 . 2009-10-25 14:40 65024 ----a-w- c:\windows\system32\avicap32.dll

2009-10-25 14:40 . 2009-10-25 14:40 31232 ----a-w- c:\windows\system32\msvidc32.dll

2009-10-25 14:40 . 2009-10-25 14:40 12800 ----a-w- c:\windows\system32\msrle32.dll

2009-10-25 14:40 . 2009-10-25 14:40 123904 ----a-w- c:\windows\system32\msvfw32.dll

2009-10-25 14:38 . 2009-10-25 14:38 1808896 ----a-w- c:\windows\system32\NlsLexicons0046.dll

2009-10-25 14:38 . 2009-10-25 14:38 1793536 ----a-w- c:\windows\system32\NlsLexicons0045.dll

2009-10-25 14:38 . 2009-10-25 14:38 1411072 ----a-w- c:\windows\system32\NlsLexicons0047.dll

2009-10-25 14:38 . 2009-10-25 14:38 1558016 ----a-w- c:\windows\system32\NlsLexicons0049.dll

2009-10-25 14:38 . 2009-10-25 14:38 1236992 ----a-w- c:\windows\system32\NlsLexicons0020.dll

2009-10-25 14:38 . 2009-10-25 14:38 2136064 ----a-w- c:\windows\system32\NlsLexicons0021.dll

2009-10-25 14:38 . 2009-10-25 14:38 1782272 ----a-w- c:\windows\system32\NlsLexicons0039.dll

2009-10-25 14:38 . 2009-10-25 14:37 5499904 ----a-w- c:\windows\system32\NlsLexicons0022.dll

2009-10-25 14:35 . 2009-10-25 14:35 6656 ----a-w- c:\windows\system32\kbd106n.dll

2009-10-25 14:25 . 2009-10-25 14:25 14848 ----a-w- c:\windows\system32\wshrm.dll

2009-10-25 14:25 . 2009-10-25 14:25 313344 ----a-w- c:\windows\system32\wmpdxm.dll

2009-10-23 11:58 . 2009-10-23 11:58 61440 ----a-w- c:\windows\system32\winipsec.dll

2009-10-23 11:58 . 2009-10-23 11:58 272896 ----a-w- c:\windows\system32\polstore.dll

2009-10-23 11:56 . 2009-10-23 11:56 9728 ----a-w- c:\windows\system32\TCPSVCS.EXE

2009-10-23 11:56 . 2009-10-23 11:56 8704 ----a-w- c:\windows\system32\HOSTNAME.EXE

2009-10-23 11:56 . 2009-10-23 11:56 27136 ----a-w- c:\windows\system32\NETSTAT.EXE

2009-10-23 11:56 . 2009-10-23 11:56 17920 ----a-w- c:\windows\system32\netevent.dll

2009-10-23 11:56 . 2009-10-23 11:56 11264 ----a-w- c:\windows\system32\MRINFO.EXE

2009-10-23 11:56 . 2009-10-23 11:56 105984 ----a-w- c:\windows\system32\netiohlp.dll

2009-10-23 11:56 . 2009-10-23 11:56 10240 ----a-w- c:\windows\system32\finger.exe

2009-10-23 11:56 . 2009-10-23 11:56 19968 ----a-w- c:\windows\system32\ARP.EXE

2009-10-23 11:56 . 2009-10-23 11:56 17920 ----a-w- c:\windows\system32\ROUTE.EXE

2009-10-23 11:56 . 2009-10-23 11:56 904776 ----a-w- c:\windows\system32\drivers\tcpip.sys

2009-10-23 11:56 . 2009-10-23 11:56 30720 ----a-w- c:\windows\system32\drivers\tcpipreg.sys

2009-10-23 11:54 . 2009-10-23 11:54 127488 ----a-w- c:\windows\system32\L2SecHC.dll

2009-10-23 11:54 . 2009-10-23 11:54 68096 ----a-w- c:\windows\system32\wlanhlp.dll

2009-10-23 11:54 . 2009-10-23 11:54 65024 ----a-w- c:\windows\system32\wlanapi.dll

2009-10-23 11:54 . 2009-10-23 11:54 513536 ----a-w- c:\windows\system32\wlansvc.dll

2009-10-23 11:54 . 2009-10-23 11:54 302592 ----a-w- c:\windows\system32\wlansec.dll

2009-10-23 11:54 . 2009-10-23 11:54 293376 ----a-w- c:\windows\system32\wlanmsm.dll

2009-10-23 11:54 . 2009-10-23 11:54 15181 ----a-w- c:\windows\system32\gatherWirelessInfo.vbs

2009-10-23 11:52 . 2009-10-23 11:52 72704 ----a-w- c:\windows\system32\fontsub.dll

2009-10-23 11:52 . 2009-10-23 11:52 34304 ----a-w- c:\windows\system32\atmlib.dll

2009-10-23 11:52 . 2009-10-23 11:52 289792 ----a-w- c:\windows\system32\atmfd.dll

2009-10-23 11:52 . 2009-10-23 11:52 23552 ----a-w- c:\windows\system32\lpk.dll

2009-10-23 11:52 . 2009-10-23 11:52 156672 ----a-w- c:\windows\system32\t2embed.dll

2009-10-23 11:52 . 2009-10-23 11:52 10240 ----a-w- c:\windows\system32\dciman32.dll

2009-10-23 11:51 . 2009-10-23 11:51 218624 ----a-w- c:\windows\system32\msv1_0.dll

2009-10-23 11:51 . 2009-10-23 11:51 175104 ----a-w- c:\windows\system32\wdigest.dll

2009-10-23 11:51 . 2009-10-23 11:51 439864 ----a-w- c:\windows\system32\drivers\ksecdd.sys

.

((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane

REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

“Sidebar”=“c:\program files\Windows Sidebar\sidebar.exe” [2009-04-11 1233920]

“TOSCDSPD”=“c:\program files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe” [2007-12-29 430080]

“ehTray.exe”=“c:\windows\ehome\ehTray.exe” [2008-01-19 125952]

“Skype”=“c:\program files\Skype\Phone\Skype.exe” [2009-10-09 25623336]

“IPLA!”=“c:\program files\ipla\ipla.exe” [2009-11-19 6314496]

“WMPNSCFG”=“c:\program files\Windows Media Player\WMPNSCFG.exe” [2008-01-19 202240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

“Windows Defender”=“c:\program files\Windows Defender\MSASCui.exe” [2008-01-19 1008184]

“SunJavaUpdateSched”=“c:\program files\Java\jre1.6.0_03\bin\jusched.exe” [2007-09-25 132496]

“ITSecMng”=“c:\program files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe” [2007-09-28 75136]

“Google Desktop Search”=“c:\program files\Google\Google Desktop Search\GoogleDesktop.exe” [2008-03-05 1836544]

“topi”=“c:\program files\TOSHIBA\Toshiba Online Product Information\topi.exe” [2007-07-10 581632]

“StartCCC”=“c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe” [2006-11-10 90112]

“SynTPEnh”=“c:\program files\Synaptics\SynTP\SynTPEnh.exe” [2007-11-29 1029416]

“Camera Assistant Software”=“c:\program files\Camera Assistant Software for Toshiba\traybar.exe” [2007-10-25 413696]

“TPwrMain”=“c:\program files\TOSHIBA\Power Saver\TPwrMain.EXE” [2008-01-17 431456]

“HSON”=“c:\program files\TOSHIBA\TBS\HSON.exe” [2007-10-31 54608]

“SmoothView”=“c:\program files\Toshiba\SmoothView\SmoothView.exe” [2008-01-25 509816]

“00TCrdMain”=“c:\program files\TOSHIBA\FlashCards\TCrdMain.exe” [2008-01-22 712704]

“Toshiba Registration”=“c:\program files\Toshiba\Registration\ToshibaRegistration.exe” [2007-05-04 571024]

“TrojanScanner”=“c:\program files\Trojan Remover\Trjscan.exe” [2009-10-17 1070984]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe [2006-10-23 40048]

Adobe Reader Synchronizer.lnk - c:\program files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe [2006-10-23 734872]

GlobeTrotter Connect.lnk - c:\program files\ERA\GlobeTrotter Connect\GlobeTrotter Connect.exe [2008-4-21 798720]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

“EnableUIADesktopToggle”= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]

“AppInit_DLLs”=c:\progra~1\Google\GOOGLE~3\GoogleDesktopNetwork3.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]

@=“Service”

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]

“DisableMonitoring”=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]

“VistaSp2”=hex(b):f6,8d,e5,9a,14,70,ca,01

R0 pavboot;pavboot;c:\windows\System32\drivers\pavboot.sys [2009-12-12 28552]

R0 SymDS;Symantec Data Store;c:\windows\System32\drivers\NIS\1100000.088\SymDS.sys [2009-12-12 328752]

R0 SymEFA;Symantec Extended File Attributes;c:\windows\System32\drivers\NIS\1100000.088\SymEFA.sys [2009-12-12 169008]

R1 BHDrvx86;BHDrvx86;c:\programdata\Norton{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\BASHDefs\20091104.001\BHDrvx86.sys [2009-11-05 524848]

R1 ccHP;Symantec Hash Provider;c:\windows\System32\drivers\NIS\1100000.088\ccHPx86.sys [2009-12-12 501888]

R1 IDSVix86;IDSVix86;c:\programdata\Norton{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\IPSDefs\20091111.001\IDSvix86.sys [2009-12-12 343088]

R1 SymIRON;Symantec Iron Driver;c:\windows\System32\drivers\NIS\1100000.088\Ironx86.sys [2009-12-12 114736]

R1 SYMTDIV;Symantec Vista Network Dispatch Driver;c:\windows\System32\drivers\NIS\1100000.088\symtdiv.sys [2009-12-12 338480]

R2 ConfigFree Service;ConfigFree Service;c:\program files\Toshiba\ConfigFree\CFSvcs.exe [2007-12-25 40960]

R2 GtDetectSc;GtDetectSc;c:\program files\ERA\GlobeTrotter Connect\GtDetectSc.exe [2007-12-18 196704]

R2 NIS;Norton Internet Security;c:\program files\Norton Internet Security\Engine\17.0.0.136\ccSvcHst.exe [2009-12-12 126392]

R2 TOSHIBA SMART Log Service;TOSHIBA SMART Log Service;c:\program files\Toshiba\SMARTLogService\TosIPCSrv.exe [2007-12-03 126976]

R3 CnxtHdAudAddService;Microsoft UAA Function Driver for High Definition Audio Service;c:\windows\System32\drivers\CHDART.sys [2008-03-05 187904]

R3 GT72NDISIPXP;GT 72 IP NDIS;c:\windows\System32\drivers\Gt51Ip.sys [2008-02-18 106624]

R3 GT72UBUS;GT 72 U BUS;c:\windows\System32\drivers\gt72ubus.sys [2008-02-08 59648]

R3 NETw5v32;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\System32\drivers\NETw5v32.sys [2008-11-17 3668480]

R3 O2MDRDR;O2MDRDR;c:\windows\System32\drivers\o2media.sys [2008-01-15 48472]

R3 QIOMem;Generic IO & Memory Access;c:\windows\System32\drivers\QIOMem.sys [2007-04-09 8192]

S3 FontCache;Usług systemu Windows buforowania czcionek;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2009-11-09 21504]

— Inne Usługi/Sterowniki w Pamięci —

*NewlyCreated* - BHDRVX86

*NewlyCreated* - CCHP

*NewlyCreated* - ERASERUTILDRVI9

*NewlyCreated* - IDSVIX86

*NewlyCreated* - NAVENG

*NewlyCreated* - NAVEX15

*NewlyCreated* - SRTSP

*NewlyCreated* - SRTSPX

*NewlyCreated* - SYMDS

*NewlyCreated* - SYMEFA

*NewlyCreated* - SYMEVENT

*NewlyCreated* - SYMIRON

*NewlyCreated* - SYMTDIV

*Deregistered* - EraserUtilDrvI9

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache

.

------- Skan uzupełniający -------

.

uStart Page = hxxp://www.google.pl

IE: {{76577871-04EC-495E-A12B-91F7C3600AFA} - http://rover.ebay.com/rover/1/4908-44618-9400-3/4

IE: {{8A918C1D-E123-4E36-B562-5C1519E434CE} - http://www.amazon.co.uk/exec/obidos/red … &site=home

FF - ProfilePath - c:\users\toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\39hobpfi.default\

FF - component: c:\program files\Mozilla Firefox\extensions{B13721C7-F507-4982-B2E5-502A71474FED}\components\NPComponent.dll

FF - component: c:\programdata\Norton{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\coFFPlgn\components\coFFPlgn.dll

FF - component: c:\programdata\Norton{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\IPSFFPlgn\components\IPSFFPl.dll

FF - plugin: c:\users\toshiba\AppData\LocalLow\POWERC~1\nppowerloader.dll

FF - plugin: c:\users\toshiba\AppData\Roaming\Gadu-Gadu 10_userdata\npgg.2.dll

FF - plugin: c:\users\toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\39hobpfi.default\extensions\firefox@tvunetworks.com\plugins\npTVUAx.dll

FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX - SPOSÓB POSTĘPOWANIA ----

c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref(“security.ssl3.rsa_seed_sha”, true);

.

• • • • USUNIĘTO PUSTE WPISY - - - -

SafeBoot-mcmscsvc

SafeBoot-MCODS

AddRemove-Everest Poker - c:\program files\Everest Poker\cstart.exe

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2009-12-12 21:34

Windows 6.0.6002 Service Pack 2 NTFS

skanowanie ukrytych procesów …

skanowanie ukrytych wpisów autostartu …

HKCU\Software\Microsoft\Windows\CurrentVersion\Run

TOSCDSPD = c:\program files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe?/i???`?1h?$???(???h???

skanowanie ukrytych plików …

skanowanie pomyślnie ukończone

ukryte pliki: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\NIS]

“ImagePath”="“c:\program files\Norton Internet Security\Engine\17.0.0.136\ccSvcHst.exe” /s “NIS” /m “c:\program files\Norton Internet Security\Engine\17.0.0.136\diMaster.dll” /prefetch:1"

.

--------------------- ZABLOKOWANE KLUCZE REJESTRU ---------------------

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

“BlindDial”=dword:00000000

.

--------------------- Pliki DLL ładowane pod uruchomionymi procesami ---------------------

• • • • • • • > ‘Explorer.exe’(1160)

c:\program files\Google\Google Desktop Search\GoogleDesktopCommon.dll

.

Czas ukończenia: 2009-12-12 21:37:47

ComboFix-quarantined-files.txt 2009-12-12 20:37

Przed: 63 429 451 776 bajtów wolnych

Po: 65 270 239 232 bajtów wolnych

• • End Of File - - 880E8E80D75EC87CA00975C915FABE8A

Zmiana zasad wklejania logów na forum - viewtopic.php?f=16&t=253052

Combo nie używamy na obecną chwilę!

Pokaż log z: OTL

Przestawiasz w nim Processes i Modules na All oraz wklejasz w dolne białe okienko Custom Scans/Fixes :

Klikasz Run Scan.

Wklejam log z otl http://wklej.org/id/240952/

Uruchom OTL i w oknie Custom Scans/Fixes wklej to:

Kliknij w Run Fix. Zatwierdź restart komputera.

Następnie uruchom OTL ponownie, w OTL kliknij na przycisk CleanUp

Masz Nortona a tutaj widzę:

C:\ProgramData\G DATA

Wykonaj pełny skan Dr. Web CureIt

Dr web nic nie wykryl .Czyli log jest czysty?

Jest Ok

do usunięcia folder

Użyj CCleaner http://www.dobreprogramy.pl/CCleaner,Pr … 13061.html