RichVideoCodec - nie mogę usunąć

rtm · 14 Listopad 2007 18:02

Witam wszystkich ja też mam problem z RichVideoCodec, poniżej podaję log z combofix.

ComboFix 07-11-08.1 - rtm 2007-11-14 18:44:47.1 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1250.1.1045.18.1011 [GMT 1:00] Running from: F:\programy\antywiry\ComboFix.exe * Created a new restore point . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . C:\Documents and Settings\rtm\Dane aplikacji\inst.exe C:\Documents and Settings\rtm\Ulubione\Error Cleaner.url C:\Documents and Settings\rtm\Ulubione\Privacy Protector.url C:\Documents and Settings\rtm\Ulubione\Spyware&Malware Protection.url C:\WINDOWS\dat.txt C:\WINDOWS\privacy_danger C:\WINDOWS\privacy_danger\images\capt.gif C:\WINDOWS\privacy_danger\images\danger.jpg C:\WINDOWS\privacy_danger\images\down.gif C:\WINDOWS\privacy_danger\images\spacer.gif C:\WINDOWS\privacy_danger\index.htm C:\WINDOWS\rs.txt . ((((((((((((((((((((((((( Files Created from 2007-10-14 to 2007-11-14 ))))))))))))))))))))))))))))))) . 2007-11-14 18:43 51,200 --a------ C:\WINDOWS\NirCmd.exe 2007-11-14 18:28 2007-11-14 18:24 2007-11-13 19:58 344,064 --a------ C:\WINDOWS\nopctrl.dll 2007-11-13 19:58 294,912 --a------ C:\WINDOWS\oprevmqp.dll 2007-11-13 19:58 274,432 --a------ C:\WINDOWS\ddkret.dll 2007-11-13 19:58 188,416 --a------ C:\WINDOWS\bonsws.dll 2007-11-13 19:58 112,640 --a------ C:\WINDOWS\sawkip.exe 2007-11-13 19:55 2007-11-13 19:53 2007-11-09 19:33 2007-11-09 19:29 2007-11-09 19:27 2007-11-09 19:27 2007-11-09 17:52 2007-11-09 09:55 2007-11-08 21:25 2007-11-08 20:02 2007-11-05 19:18 2007-11-05 19:15 2007-11-05 19:15 2007-11-05 18:56 2007-11-05 18:55 2007-11-04 18:44 2007-11-04 18:07 2007-11-04 16:18 56 -r-hs---- C:\WINDOWS\system32\2F25D1C02C.sys 2007-11-04 16:17 2007-11-04 15:56 2007-11-04 15:56 2007-11-04 15:56 217,127 --a------ C:\WINDOWS\system32\drv43260.dll 2007-11-04 15:56 208,935 --a------ C:\WINDOWS\system32\drv33260.dll 2007-11-04 15:56 176,165 --a------ C:\WINDOWS\system32\drv23260.dll 2007-11-04 15:56 47,360 --a------ C:\WINDOWS\system32\drivers\pcouffin.sys 2007-11-04 15:56 47,360 --a------ C:\Documents and Settings\rtm\Dane aplikacji\pcouffin.sys 2007-11-02 15:58 2007-11-02 15:58 2007-11-02 15:58 2007-11-02 15:58 2007-11-02 15:37 2007-11-02 15:37 2007-11-01 09:44 2007-11-01 09:43 2007-11-01 09:42 299 --a------ C:\Program Files\dtprohlp.dll 2007-11-01 09:41 2007-10-31 18:01 12,160 --a------ C:\WINDOWS\system32\drivers\mouhid.sys 2007-10-31 17:55 2007-10-31 17:52 2007-10-31 17:52 2007-10-31 17:52 2007-10-31 17:52 2007-10-31 17:52 2007-10-31 17:52 2007-10-31 17:52 2007-10-31 17:47 9,600 --a------ C:\WINDOWS\system32\drivers\hidusb.sys 2007-10-31 17:47 9,600 --a–c— C:\WINDOWS\system32\dllcache\hidusb.sys 2007-10-30 20:16 2007-10-30 20:16 2007-10-30 20:16 2007-10-30 20:16 177,880 --a------ C:\WINDOWS\system32\Csftpl32.dll 2007-10-30 19:30 2007-10-30 19:27 2007-10-30 19:19 2007-10-28 18:19 2007-10-27 19:34 327,168 --a------ C:\WINDOWS\IsUn0415.exe 2007-10-27 17:11 2007-10-27 17:11 2007-10-27 17:11 2007-10-27 17:11 3,476 --a------ C:\WINDOWS\mozver.dat 2007-10-27 17:11 0 --a------ C:\WINDOWS\nsreg.dat 2007-10-27 16:55 2007-10-27 16:54 2007-10-27 16:15 2007-10-27 16:00 2007-10-27 16:00 2007-10-27 15:57 2007-10-27 15:57 16,384 --a------ C:\WINDOWS\system32\FileOps.exe 2007-10-27 15:54 2007-10-27 15:41 2007-10-27 15:35 2007-10-27 15:26 2007-10-27 15:26 2007-10-27 15:26 2007-10-27 15:26 2007-10-27 15:26 2007-10-27 15:26 2007-10-27 15:26 2,140,160 --a------ C:\WINDOWS\system32\osxboot.exe 2007-10-27 15:18 2007-10-27 15:18 2007-10-27 15:13 685,816 --a------ C:\WINDOWS\system32\drivers\sptd.sys 2007-10-27 15:10 2007-10-27 15:10 2007-10-27 15:09 2007-10-27 15:09 545 --a------ C:\WINDOWS\UC.PIF 2007-10-27 15:09 545 --a------ C:\WINDOWS\RAR.PIF 2007-10-27 15:09 545 --a------ C:\WINDOWS\PKZIP.PIF 2007-10-27 15:09 545 --a------ C:\WINDOWS\PKUNZIP.PIF 2007-10-27 15:09 545 --a------ C:\WINDOWS\NOCLOSE.PIF 2007-10-27 15:09 545 --a------ C:\WINDOWS\LHA.PIF 2007-10-27 15:09 545 --a------ C:\WINDOWS\ARJ.PIF 2007-10-27 15:06 . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2007-11-13 22:00 11,973 ----a-w C:\WINDOWS\system32\drivers\fwdrv.err 2007-11-01 15:03 --------- d–h--w C:\Program Files\InstallShield Installation Information 2007-10-30 18:27 --------- d-----w C:\Program Files\Common Files\Adobe 2007-10-27 15:48 278,984 ----a-w C:\WINDOWS\system32\drivers\atksgt.sys 2007-10-27 15:48 25,416 ----a-w C:\WINDOWS\system32\drivers\lirsgt.sys 2007-10-27 14:51 219,648 ----a-w C:\WINDOWS\system32\uxtheme.dll 2007-10-27 13:55 --------- d-----w C:\Program Files\Common Files\Adobe Systems Shared 2007-10-27 13:11 --------- d-----w C:\Documents and Settings\rtm\Dane aplikacji\Corel 2007-10-27 13:07 --------- d-----w C:\Program Files\Common Files\InstallShield 2007-10-27 13:07 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\InstallShield 2007-10-27 12:43 --------- d-----w C:\Program Files\Opera 2007-10-27 12:36 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\nView_Profiles 2007-10-27 12:36 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\NVIDIA 2007-10-27 12:28 --------- d-----w C:\Documents and Settings\rtm\Dane aplikacji\InstallShield 2007-10-27 12:25 --------- d-----w C:\Program Files\Realtek 2007-10-27 12:20 --------- d-----w C:\Program Files\AMD 2007-10-27 12:14 --------- d-----w C:\Program Files\microsoft frontpage 2007-10-27 12:12 --------- d-----w C:\Program Files\Usługi online 2007-09-04 17:56 164,352 ----a-w C:\WINDOWS\system32\unrar.dll . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE~\Browser Helper Objects{6C7A1C43-D86E-49D4-A66E-8EF0DCFCBB71}] 2007-11-13 18:18 294912 --a------ C:\WINDOWS\oprevmqp.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] “{7BF35567-E7C5-4646-8F65-41898BEF0637}”= C:\WINDOWS\bonsws.dll [2007-11-13 18:18 188416] [HKEY_CLASSES_ROOT\CLSID{7BF35567-E7C5-4646-8F65-41898BEF0637}] [HKEY_CLASSES_ROOT\bonsws.ToolBar.1] [HKEY_CLASSES_ROOT\TypeLib{36575CE4-4ED3-4380-9C06-A0C0591B7351}] [HKEY_CLASSES_ROOT\bonsws.ToolBar] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] “SkyTel”=“SkyTel.EXE” [2006-05-16 11:04 C:\WINDOWS\SkyTel.exe] “RTHDCPL”=“RTHDCPL.EXE” [2006-05-27 03:47 C:\WINDOWS\RTHDCPL.exe] “NvCplDaemon”=“C:\WINDOWS\system32\NvCpl.dll” [2006-10-22 11:22] “nwiz”=“nwiz.exe” [2006-10-22 11:22 C:\WINDOWS\system32\nwiz.exe] “NvMediaCenter”=“NvMCTray.dll” [2006-10-22 11:22 C:\WINDOWS\system32\nvmctray.dll] “ISUSPM Startup”=“C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe” [2005-08-11 15:30] “ISUSScheduler”=“C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe” [2005-08-11 15:30] “APVXDWIN”=“C:\Program Files\Panda Security\Panda Antivirus 2008\APVXDWIN.exe” [2007-07-19 14:23] “System Files Updater”=“C:\WINDOWS\FlyakiteOSX\System Files Updater.exe” [2006-01-15 07:31] “Acrobat Assistant 7.0”=“C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe” [2006-01-12 20:52] “QuickTime Task”=“C:\Program Files\QuickTime\QTTask.exe” [2007-06-29 05:24] “WheelMouse”=“C:\Program Files\A4Tech\Mouse\Amoumain.exe” [2006-12-26 08:08] “iTunesHelper”=“C:\Program Files\iTunes\iTunesHelper.exe” [2007-09-26 14:42] “Flashget”=“C:\Program Files\FlashGet\flashget.exe” [2007-09-25 09:10] “GrooveMonitor”=“C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe” [2006-10-27 00:47] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] “Konnekt”=“C:\Program Files\Konnekt\konnekt.exe” [2005-05-24 22:41] “DAEMON Tools Pro Agent”=“C:\Program Files\DAEMON Tools Pro\DTProAgent.exe” [2007-09-06 14:08] C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\ Adobe Acrobat Speed Launcher.lnk - C:\WINDOWS\Installer{AC76BA86-1033-0000-7760-000000000002}\SC_Acrobat.exe [2007-10-27 15:34:18] [HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\0] Source= file:///C:\WINDOWS\privacy_danger\index.htm FriendlyName= Privacy Protection [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] “ddkret”= {D9E3BF55-4558-4908-8524-32F97705A5F7} - C:\WINDOWS\ddkret.dll [2007-11-13 18:18 274432] “nopctrl”= {6DB81AE8-C45D-40DF-B5D0-7E302BE24FBD} - C:\WINDOWS\nopctrl.dll [2007-11-13 18:18 344064] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avldr] avldr.dll 2007-02-15 19:02 50736 C:\WINDOWS\system32\avldr.dll R1 fwdrv;Firewall Driver;C:\WINDOWS\system32\drivers\fwdrv.sys R1 khips;Kerio HIPS Driver;C:\WINDOWS\system32\drivers\khips.sys S1 AmdPPM;Sterownik procesora AMD HwPState;C:\WINDOWS\system32\DRIVERS\AmdPPM.sys S2 SPF4;Sunbelt Personal Firewall 4;“C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe” *Newly Created Service* - CATCHME . Contents of the ‘Scheduled Tasks’ folder “2007-11-10 18:47:03 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job” . ************************************************************************** catchme 0.3.1250 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2007-11-14 18:48:34 Windows 5.1.2600 Dodatek Service Pack 2 NTFS scanning hidden processes … scanning hidden autostart entries … scanning hidden files … scan completed successfully hidden files: 0 ************************************************************************** . Completion time: 2007-11-14 18:49:50 . — E O F —

Próbowałem użyć programów VundoFix + Trojan.Vundo Removal Tool + VirtumundoBeGone, ale żaden mi nic nie znalazł, a ten ostatni panda wykrywała jako program szpiegujący. Byłbym wdzięczny jakby ktoś mądrzejszy ode mnie rzucił na to okiem.

Gutek · 14 Listopad 2007 18:11

TEMAT wydzielam

Wklej do Notatnika:

>>Plik>>Zapisz jako… >>> CFScript (najwygodniej będzie, jeśli zapiszesz w takiej lokalizacji, by ikonka CFScript.txt znalazła się obok ikonki ComboFix.exe )

Przeciągnij i upuść plik CFScript.txt na plik ComboFix.exe (czyli ikonkę CFScript.txt na ikonkę ComboFix.exe )

– podobnie jak na tym obrazku –>

(jeśli pojawi się pytanie " 1 or 2" - to wpisz 1 i naciśnij ENTER) Ma się rozpocząć usuwanie. (i powstanie log)

Po restarcie usuń ręcznie folder C: ** Qoobox**.

Po tym nowy log z Combo i dodatkowo:

Pobierz program SDFix

rtm · 14 Listopad 2007 18:56

podaję loga po zrobieniu tego co proponował gutek

ComboFix 07-11-08.1 - rtm 2007-11-14 19:49:09.3 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1250.1.1045.18.1002 [GMT 1:00] Running from: F:\programy\antywiry\ComboFix.exe . ((((((((((((((((((((((((( Files Created from 2007-10-14 to 2007-11-14 ))))))))))))))))))))))))))))))) . 2007-11-14 19:29 2007-11-14 19:09 2007-11-14 19:09 2007-11-14 18:43 51,200 --a------ C:\WINDOWS\NirCmd.exe 2007-11-14 18:28 2007-11-14 18:24 2007-11-13 19:53 2007-11-09 19:33 2007-11-09 19:29 2007-11-09 19:27 2007-11-09 19:27 2007-11-09 17:52 2007-11-09 09:55 2007-11-08 21:25 2007-11-08 20:02 2007-11-05 19:18 2007-11-05 19:15 2007-11-05 19:15 2007-11-05 18:56 2007-11-05 18:55 2007-11-04 18:44 2007-11-04 18:07 2007-11-04 16:18 56 -r-hs---- C:\WINDOWS\system32\2F25D1C02C.sys 2007-11-04 16:17 2007-11-04 15:56 2007-11-04 15:56 2007-11-04 15:56 217,127 --a------ C:\WINDOWS\system32\drv43260.dll 2007-11-04 15:56 208,935 --a------ C:\WINDOWS\system32\drv33260.dll 2007-11-04 15:56 176,165 --a------ C:\WINDOWS\system32\drv23260.dll 2007-11-04 15:56 47,360 --a------ C:\WINDOWS\system32\drivers\pcouffin.sys 2007-11-04 15:56 47,360 --a------ C:\Documents and Settings\rtm\Dane aplikacji\pcouffin.sys 2007-11-02 15:58 2007-11-02 15:58 2007-11-02 15:58 2007-11-02 15:58 2007-11-02 15:37 2007-11-02 15:37 2007-11-01 09:44 2007-11-01 09:43 2007-11-01 09:42 299 --a------ C:\Program Files\dtprohlp.dll 2007-11-01 09:41 2007-10-31 18:01 12,160 --a------ C:\WINDOWS\system32\drivers\mouhid.sys 2007-10-31 17:55 2007-10-31 17:52 2007-10-31 17:52 2007-10-31 17:52 2007-10-31 17:52 2007-10-31 17:52 2007-10-31 17:52 2007-10-31 17:52 2007-10-31 17:47 9,600 --a------ C:\WINDOWS\system32\drivers\hidusb.sys 2007-10-31 17:47 9,600 --a–c— C:\WINDOWS\system32\dllcache\hidusb.sys 2007-10-30 20:16 2007-10-30 20:16 2007-10-30 20:16 2007-10-30 20:16 177,880 --a------ C:\WINDOWS\system32\Csftpl32.dll 2007-10-30 19:30 2007-10-30 19:27 2007-10-30 19:19 2007-10-28 18:19 2007-10-27 19:34 327,168 --a------ C:\WINDOWS\IsUn0415.exe 2007-10-27 17:11 2007-10-27 17:11 2007-10-27 17:11 2007-10-27 17:11 3,476 --a------ C:\WINDOWS\mozver.dat 2007-10-27 17:11 0 --a------ C:\WINDOWS\nsreg.dat 2007-10-27 16:55 2007-10-27 16:54 2007-10-27 16:15 2007-10-27 16:00 2007-10-27 16:00 2007-10-27 15:57 2007-10-27 15:57 16,384 --a------ C:\WINDOWS\system32\FileOps.exe 2007-10-27 15:54 2007-10-27 15:41 2007-10-27 15:35 2007-10-27 15:26 2007-10-27 15:26 2007-10-27 15:26 2007-10-27 15:26 2007-10-27 15:26 2007-10-27 15:26 2007-10-27 15:26 2,140,160 --a------ C:\WINDOWS\system32\osxboot.exe 2007-10-27 15:18 2007-10-27 15:18 2007-10-27 15:13 685,816 --a------ C:\WINDOWS\system32\drivers\sptd.sys 2007-10-27 15:10 2007-10-27 15:10 2007-10-27 15:09 2007-10-27 15:09 545 --a------ C:\WINDOWS\UC.PIF 2007-10-27 15:09 545 --a------ C:\WINDOWS\RAR.PIF 2007-10-27 15:09 545 --a------ C:\WINDOWS\PKZIP.PIF 2007-10-27 15:09 545 --a------ C:\WINDOWS\PKUNZIP.PIF 2007-10-27 15:09 545 --a------ C:\WINDOWS\NOCLOSE.PIF 2007-10-27 15:09 545 --a------ C:\WINDOWS\LHA.PIF 2007-10-27 15:09 545 --a------ C:\WINDOWS\ARJ.PIF 2007-10-27 15:06 2007-10-27 15:06 2007-10-27 15:06 2007-10-27 15:06 499,712 --a------ C:\WINDOWS\system32\MSVCP71.DLL . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2007-11-14 18:44 12,438 ----a-w C:\WINDOWS\system32\drivers\fwdrv.err 2007-11-01 15:03 --------- d–h--w C:\Program Files\InstallShield Installation Information 2007-10-30 18:27 --------- d-----w C:\Program Files\Common Files\Adobe 2007-10-27 15:48 278,984 ----a-w C:\WINDOWS\system32\drivers\atksgt.sys 2007-10-27 15:48 25,416 ----a-w C:\WINDOWS\system32\drivers\lirsgt.sys 2007-10-27 14:51 219,648 ----a-w C:\WINDOWS\system32\uxtheme.dll 2007-10-27 13:55 --------- d-----w C:\Program Files\Common Files\Adobe Systems Shared 2007-10-27 13:11 --------- d-----w C:\Documents and Settings\rtm\Dane aplikacji\Corel 2007-10-27 13:07 --------- d-----w C:\Program Files\Common Files\InstallShield 2007-10-27 13:07 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\InstallShield 2007-10-27 12:43 --------- d-----w C:\Program Files\Opera 2007-10-27 12:36 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\nView_Profiles 2007-10-27 12:36 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\NVIDIA 2007-10-27 12:28 --------- d-----w C:\Documents and Settings\rtm\Dane aplikacji\InstallShield 2007-10-27 12:25 --------- d-----w C:\Program Files\Realtek 2007-10-27 12:20 --------- d-----w C:\Program Files\AMD 2007-10-27 12:14 --------- d-----w C:\Program Files\microsoft frontpage 2007-10-27 12:12 --------- d-----w C:\Program Files\Usługi online 2007-09-04 17:56 164,352 ----a-w C:\WINDOWS\system32\unrar.dll . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] “SkyTel”=“SkyTel.EXE” [2006-05-16 11:04 C:\WINDOWS\SkyTel.exe] “RTHDCPL”=“RTHDCPL.EXE” [2006-05-27 03:47 C:\WINDOWS\RTHDCPL.exe] “NvCplDaemon”=“C:\WINDOWS\system32\NvCpl.dll” [2006-10-22 11:22] “nwiz”=“nwiz.exe” [2006-10-22 11:22 C:\WINDOWS\system32\nwiz.exe] “NvMediaCenter”=“NvMCTray.dll” [2006-10-22 11:22 C:\WINDOWS\system32\nvmctray.dll] “ISUSPM Startup”=“C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe” [2005-08-11 15:30] “ISUSScheduler”=“C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe” [2005-08-11 15:30] “APVXDWIN”=“C:\Program Files\Panda Security\Panda Antivirus 2008\APVXDWIN.exe” [2007-07-19 14:23] “System Files Updater”=“C:\WINDOWS\FlyakiteOSX\System Files Updater.exe” [2006-01-15 07:31] “Acrobat Assistant 7.0”=“C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe” [2006-01-12 20:52] “QuickTime Task”=“C:\Program Files\QuickTime\QTTask.exe” [2007-06-29 05:24] “WheelMouse”=“C:\Program Files\A4Tech\Mouse\Amoumain.exe” [2006-12-26 08:08] “iTunesHelper”=“C:\Program Files\iTunes\iTunesHelper.exe” [2007-09-26 14:42] “Flashget”=“C:\Program Files\FlashGet\flashget.exe” [2007-09-25 09:10] “GrooveMonitor”=“C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe” [2006-10-27 00:47] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] “Konnekt”=“C:\Program Files\Konnekt\konnekt.exe” [2005-05-24 22:41] “DAEMON Tools Pro Agent”=“C:\Program Files\DAEMON Tools Pro\DTProAgent.exe” [2007-09-06 14:08] C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\ Adobe Acrobat Speed Launcher.lnk - C:\WINDOWS\Installer{AC76BA86-1033-0000-7760-000000000002}\SC_Acrobat.exe [2007-10-27 15:34:18] [HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\0] Source= file:///C:\WINDOWS\privacy_danger\index.htm FriendlyName= Privacy Protection [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avldr] avldr.dll 2007-02-15 19:02 50736 C:\WINDOWS\system32\avldr.dll R1 fwdrv;Firewall Driver;C:\WINDOWS\system32\drivers\fwdrv.sys R1 khips;Kerio HIPS Driver;C:\WINDOWS\system32\drivers\khips.sys R2 SPF4;Sunbelt Personal Firewall 4;“C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe” S1 AmdPPM;Sterownik procesora AMD HwPState;C:\WINDOWS\system32\DRIVERS\AmdPPM.sys . Contents of the ‘Scheduled Tasks’ folder “2007-11-10 18:47:03 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job” . ************************************************************************** catchme 0.3.1250 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2007-11-14 19:52:27 Windows 5.1.2600 Dodatek Service Pack 2 NTFS scanning hidden processes … scanning hidden autostart entries … scanning hidden files … scan completed successfully hidden files: 0 ************************************************************************** . Completion time: 2007-11-14 19:53:43 C:\ComboFix2.txt … 2007-11-14 19:28 C:\ComboFix3.txt … 2007-11-14 18:49 . — E O F —

mam nadzieję że pomogło

Gutek · 14 Listopad 2007 19:39

Tak, ale dla pewności:

Pobierz program SDFix