Prosze o sprawdzenie LOGA-TrojanDownloader.Win32 /DZ

darek_w · 1 Lipiec 2009 17:47

Witam jak w temacie prosze o sprawdzenie LOGA.

Logfile of Advanced SystemCare 3 Security Analyzer

Scan saved at 19:33:40, on 2009-07-01

Platform: Windows Vista (WinNT 6.0)

MSIE: Internet Explorer v8.0 (8.0.6001.18783)

Boot mode: Normal

Running processes:

C:\Program Files (x86)\ASUS\AASP\1.00.59\aaCenter.exe

C:\Program Files (x86)\PowerArchiver\PASTARTER.EXE

C:\Program Files (x86)\uTorrent\uTorrent.exe

C:\Program Files (x86)\DAEMON Tools Pro\DTProAgent.exe

C:\Program Files (x86)\Skype\Phone\Skype.exe

C:\Program Files (x86)\Nowe Gadu-Gadu\gg.exe

C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe

C:\Program Files (x86)\Google\Gmail Notifier\gnotify.exe

C:\Program Files (x86)\ASUS\AI Suite\AiNap\AiNap.exe

C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe

C:\Program Files (x86)\ASUS\GamerOSD\GamerOSD.exe

C:\Program Files (x86)\ScanSoft\PaperPort\pptd40nt.exe

C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe

C:\Program Files (x86)\Brother\ControlCenter3\brccMCtl.exe

C:\Program Files (x86)\Brother\Brmfcmon\BrMfcmon.exe

C:\Program Files (x86)\Nowe Gadu-Gadu\spellchecker_gg.exe

C:\Program Files (x86)\Skype\Plugin Manager\skypePM.exe

C:\Program Files (x86)\ASUS\SmartDoctor\SmartDoctor.exe

C:\Program Files (x86)\Java\jre6\bin\jusched.exe

C:\Program Files (x86)\Internet Explorer\IELowutil.exe

C:\Program Files (x86)\IObit\Advanced SystemCare 3\Awc.exe

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office12\GRA8E1~1.DLL

O2 - BHO: Groove GFS Browser Helper - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll

O2 - BHO: Groove GFS Browser Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

O2 - BHO: IEPluginBHO - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Users\Darek_w\AppData\Roaming\Nowe Gadu-Gadu_userdata\ggbho.1.dll

O4 - HKCU…\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKCU…\Run: [PowerArchiver Tray] C:\Program Files (x86)\PowerArchiver\PASTARTER.EXE

O4 - HKCU…\Run: [uTorrent] “C:\Program Files (x86)\uTorrent\uTorrent.exe”

O4 - HKCU…\Run: [DAEMON Tools Pro Agent] “C:\Program Files (x86)\DAEMON Tools Pro\DTProAgent.exe”

O4 - HKCU…\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe

O4 - HKCU…\Run: [ALLUpdate] “C:\Program Files (x86)\ALLPlayer\ALLUpdate.exe” “sleep”

O4 - HKCU…\Run: [AeroSnap] C:\Program Files (x86)\AeroSnap\AeroSnap.exe

O4 - HKCU…\Run: [skype] “C:\Program Files (x86)\Skype\Phone\Skype.exe” /nosplash /minimized

O4 - HKCU…\Run: [AlcoholAutomount] “C:\Program Files (x86)\Alcohol Soft\Alcohol 120\axcmd.exe” /automount

O4 - HKCU…\Run: [Nowe Gadu-Gadu] “C:\Program Files (x86)\Nowe Gadu-Gadu\gg.exe”

O4 - HKCU…\Run: [PC Suite Tray] “C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe” -onlytray

O4 - HKCU…\RunOnce: [shockwave Updater] C:\Windows\SysWOW64\Adobe\SHOCKW~1\SWHELP~1.EXE -Update -1103471 -“Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0; WOW64; SLCC1; .NET CLR 2.0.50727; Media Center PC 5.0; InfoPath.2; .NET CLR 3.5.21022; .NET CLR 3.0.30618; .NET CLR 3.5.30729)” -“http://www.cartoonnetwork.pl/games/content/laserchacha/index.jsp”

O4 - HKLM…\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] “C:\Program Files (x86)\Google\Gmail Notifier\gnotify.exe”

O4 - HKLM…\Run: [Ai Nap] “C:\Program Files (x86)\ASUS\AI Suite\AiNap\AiNap.exe”

O4 - HKLM…\Run: [CPU Power Monitor] “C:\Program Files (x86)\ASUS\AI Suite\AiGear3\CpuPowerMonitor.exe”

O4 - HKLM…\Run: [Cpu Level Up help] “C:\Program Files (x86)\ASUS\AI Suite\CpuLevelUpHelp.exe”

O4 - HKLM…\Run: [AVP] “C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe”

O4 - HKLM…\Run: [ASUSGamerOSD] “C:\Program Files (x86)\ASUS\GamerOSD\GamerOSD.exe”

O4 - HKLM…\Run: [sSBkgdUpdate] “C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe” -Embedding -boot

O4 - HKLM…\Run: [PaperPort PTD] “C:\Program Files (x86)\ScanSoft\PaperPort\pptd40nt.exe”

O4 - HKLM…\Run: [indexSearch] “C:\Program Files (x86)\ScanSoft\PaperPort\IndexSearch.exe”

O4 - HKLM…\Run: [PPort11reminder] “C:\Program Files (x86)\ScanSoft\PaperPort\Ereg\Ereg.exe” -r "C:\ProgramData\ScanSoft\PaperPort\11\Config\Ereg\Ereg.ini

O4 - HKLM…\Run: [brMfcWnd] “C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe” /AUTORUN

O4 - HKLM…\Run: [ControlCenter3] “C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe” /autorun

O4 - HKLM…\Run: [ChomikBox] “C:\Program Files (x86)\ChomikBox\ChomikBox.exe” /startup

O4 - HKLM…\Run: [GrooveMonitor] “C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe”

O4 - HKLM…\Run: [Adobe Reader Speed Launcher] “C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe”

O4 - HKLM…\Run: [sunJavaUpdateSched] “C:\Program Files (x86)\Java\jre6\bin\jusched.exe”

O8 - Extra context menu item: Add to AMV Converter… - C:\Program Files (x86)\MP3 Player Utilities 4.15\AMVConverter\grab.html

O8 - Extra context menu item: Dodaj do listy blokowanych banerów - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm

O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000

O8 - Extra context menu item: MediaManager tool grab multimedia file - C:\Program Files (x86)\MP3 Player Utilities 4.15\MediaManager\grab.html

O9 - Extra button: Statystyki ochrony WWW - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2009\SCIEPlgn.dll

O9 - Extra button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} -

O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} -

O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} -

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL

O16 - DPF: {0E8D0700-75DF-11D3-8B4A-0008C7450C4A} (DjVuCtl Class) - http://www.celartem.com/en/download/dat … _en_US.cab

O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shoc … tor/sw.cab

O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab Class) - http://www.nvidia.com/content/DriverDow … eqlab3.cab

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Plug-in 1.6.0_13) - http://java.sun.com/update/1.6.0/jinsta … s-i586.cab

O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - http://fpdownload.macromedia.com/get/fl … rashim.cab

O16 - DPF: {C5E28B9D-0A68-4B50-94E9-E8F6B4697514} (NsvPlayX Control) - http://www.nullsoft.com/nsv/embed/nsvplayx_vp3_mp3.cab

O16 - DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} (Java Plug-in 1.4.2_03) - http://java.sun.com/products/plugin/aut … s-i586.cab

O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} (Java Plug-in 1.6.0_13) - http://java.sun.com/update/1.6.0/jinsta … s-i586.cab

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} (Java Plug-in 1.6.0_13) - http://java.sun.com/update/1.6.0/jinsta … s-i586.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - http://fpdownload2.macromedia.com/get/s … wflash.cab

O23 - Service: ASDR - Unknown - C:\Windows\SysWOW64\ASDR.exe

O23 - Service: Usuga stanu ASP.NET (aspnet_state) - Unknown - C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe

O23 - Service: ATK Fast User Switch Service (ATKFUSService) - ASUSTeK COMPUTER INC. - C:\Windows\system32\ATKFUSService.exe

O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe

O23 - Service: Crypkey License - CrypKey (Canada) Ltd. - crypserv.exe

O23 - Service: Usługa Google Update (gupdate1c9ea9e7e10ecd6) (gupdate1c9ea9e7e10ecd6) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe

O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe

O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe

O23 - Service: PnkBstrA - Unknown - C:\Windows\system32\PnkBstrA.exe

O23 - Service: ServiceLayer - Nokia. - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe

O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe

O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software GmbH - C:\Windows\System32\TuneUpDefragService.exe

O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown - %ProgramFiles%\Windows Media Player\wmpnetwk.exe

Agaton · 1 Lipiec 2009 17:49

darek_w ,

Proszę zapoznać się z tematem Ważny komunikat dotyczący tytułowania tematów i poprawić tytuł na konkretny, mówiący o problemie, w poście dokładnie opisać problem. W celu dokonania zaleconej korekty proszę użyć przycisku Edytuj przy poście otwierającym ten temat.

W związku ze zmianą, jaka obowiązuje przy wklejaniu logów na forum - przeczytaj i zastosuj się do Tematu

Zignorowanie zalecenia będzie skutkowało usunięciem tematu do Kosza.

Gutek · 1 Lipiec 2009 20:08

Oprócz zbędników nic nie widać.

Wykonaj skan Dr. Web CureIt