Trojan.generic / Vista

Dla specjalistów Bezpieczeństwo
#1

Witam.Otóż mam pewien problem…Wczoraj skanuje komputer i patrzę znalazło mi 3 trojany…Znajdują się one mniej więcej w folderze cookie.Zaglądałem tam i nic tam nie ma.Wcześniejsze stronki usunąłem ale to nić nie dało.Próbowałem różnymi programami je usuwać lecz albo się nie dało albo w ogóle ich nie wykrywało.Dlatego zwracam się do Was o pomoc i jeśli macie chęci to mi pomóżcie.

O to logi: (nie jestem pewien czy to to)

ComboFix 09-07-12.03 - ppp 2009-07-13 11:03:38.1.2 - NTFSx86

Microsoft® Windows Vista™ Home Basic 6.0.6002.2.1250.48.1045.18.3036.1747 [GMT 2:00]

Uruchomiony z: C:\Users\ppp\Desktop\ComboFix.exe

SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}

.

((((((((((((((((((((((((((((((((((((((( Usunięto )))))))))))))))))))))))))))))))))))))))))))))))))

.

C:\WINDOWS\Installer\21634.msi

C:\Windows\system32\acovcnt.exe

C:\Windows\system32\sqlite3.dll

.

((((((((((((((((((((((((( Pliki utworzone od 2009-06-13 do 2009-07-13 )))))))))))))))))))))))))))))))

.

2009-07-12 16:02:06 . 2009-06-16 10:40:58 89104 ----a-w- C:\ProgramData\Symantec\Definitions\SymcData\virusdefs-2.5-e\20090712.003\NAVENG.SYS

2009-07-12 16:02:06 . 2009-06-16 10:40:58 876144 ----a-w- C:\ProgramData\Symantec\Definitions\SymcData\virusdefs-2.5-e\20090712.003\NAVEX15.SYS

2009-07-12 16:02:06 . 2009-06-16 10:40:58 750 ----a-w- C:\ProgramData\Symantec\Definitions\SymcData\virusdefs-2.5-e\20090712.003\hub.scr

2009-07-12 16:02:06 . 2009-06-16 10:40:58 371248 ----a-w- C:\ProgramData\Symantec\Definitions\SymcData\virusdefs-2.5-e\20090712.003\EECTRL.SYS

2009-07-12 16:02:06 . 2009-06-16 10:40:58 259368 ----a-w- C:\ProgramData\Symantec\Definitions\SymcData\virusdefs-2.5-e\20090712.003\ECMSVR32.DLL

2009-07-12 16:02:06 . 2009-06-16 10:40:58 2414128 ----a-w- C:\ProgramData\Symantec\Definitions\SymcData\virusdefs-2.5-e\20090712.003\CCERASER.DLL

2009-07-12 16:02:06 . 2009-06-16 10:40:58 177520 ----a-w- C:\ProgramData\Symantec\Definitions\SymcData\virusdefs-2.5-e\20090712.003\NAVENG32.DLL

2009-07-12 16:02:06 . 2009-06-16 10:40:58 1181040 ----a-w- C:\ProgramData\Symantec\Definitions\SymcData\virusdefs-2.5-e\20090712.003\NAVEX32A.DLL

2009-07-12 16:02:06 . 2009-06-16 10:40:58 101936 ----a-w- C:\ProgramData\Symantec\Definitions\SymcData\virusdefs-2.5-e\20090712.003\ERASER.SYS

2009-07-07 21:53:24 . 2009-02-09 19:47:12 456192 ----a-w- C:\Windows\system32\drivers\CHDRT32.sys

2009-07-05 23:34:14 . 2009-07-05 23:34:24 0 d-----w- C:\Users\ppp\AppData\Roaming\Replay Explorer

2009-07-05 13:55:48 . 2009-07-05 13:55:38 410984 ----a-w- C:\Windows\system32\deploytk.dll

2009-07-04 16:25:10 . 2009-07-13 08:51:58 0 d-----w- C:\Program Files\Common Files\Symantec Shared

2009-07-04 16:25:07 . 2009-07-13 08:51:48 0 d-----w- C:\Program Files\Norton Security Scan

2009-07-04 12:13:13 . 2009-07-04 12:13:13 0 d-----w- C:\Windows\system32\Adobe

2009-07-02 21:16:50 . 2009-07-02 21:16:53 0 d-----w- C:\ProgramData\LightScribe

2009-07-02 18:19:40 . 2009-07-02 18:39:38 45515 ----a-w- C:\Windows\War3Unin.dat

2009-07-02 18:19:40 . 2009-07-02 18:39:10 2829 ----a-w- C:\Windows\War3Unin.pif

2009-07-02 18:19:39 . 2009-07-02 18:39:10 139264 ----a-w- C:\Windows\War3Unin.exe

2009-07-02 08:20:03 . 2009-07-02 08:20:03 0 d-----w- C:\Users\ppp\AppData\Roaming\OpenFM

2009-07-01 19:36:47 . 2009-07-02 19:48:00 0 d-----w- C:\Users\ppp\AppData\Roaming\Skype

2009-07-01 19:36:14 . 2009-07-01 19:36:19 0 d-----w- C:\ProgramData\Skype

2009-07-01 15:53:04 . 2009-07-01 15:53:04 0 d-----w- C:\Users\Public\CyberLink

2009-07-01 15:52:57 . 2009-07-01 15:52:57 0 d-----w- C:\ProgramData\ASUSTek

2009-07-01 15:43:24 . 2009-07-01 15:45:31 0 d-----w- C:\Users\ppp\AppData\Roaming\Winamp

2009-07-01 15:32:54 . 2009-07-01 16:53:58 0 d-----w- C:\Users\ppp\AppData\Roaming\Nowe Gadu-Gadu

2009-07-01 15:24:50 . 2009-07-01 15:24:50 0 d-----w- C:\ProgramData\ASUS

2009-07-01 15:24:47 . 2009-07-01 15:24:47 0 d-----w- C:\Users\ppp\AppData\Local\ASUS

2009-07-01 15:24:05 . 2009-07-01 15:24:05 0 d-----w- C:\Users\ppp\AppData\Local\SRS Labs

2009-07-01 15:23:29 . 2009-07-01 15:23:56 0 d-----w- C:\Users\ppp\AppData\Local\Adobe

2009-07-01 15:19:59 . 2009-07-01 15:19:59 0 d-----w- C:\Users\ppp\AppData\Local\Mozilla

2009-07-01 15:07:32 . 2009-07-01 15:09:21 0 d-----w- C:\Users\ppp\AppData\Local\Microsoft Games

2009-07-01 15:00:25 . 2009-07-05 17:25:11 0 d-----w- C:\Users\ppp\AppData\Local\Google

2009-07-01 11:21:22 . 2009-07-01 11:21:59 0 d-----w- C:\Windows\system32\ca-ES

2009-07-01 11:21:21 . 2009-07-01 11:21:54 0 d-----w- C:\Windows\system32\eu-ES

2009-07-01 11:21:20 . 2009-07-01 11:21:50 0 d-----w- C:\Windows\system32\vi-VN

2009-07-01 11:09:18 . 2009-07-01 11:09:18 0 d-----w- C:\Windows\system32\EventProviders

2009-07-01 11:06:59 . 2009-04-11 06:32:54 122344 ----a-w- C:\Windows\system32\drivers\Storport.sys

2009-07-01 11:05:24 . 2009-04-11 06:28:18 247808 ----a-w- C:\Windows\system32\drvstore.dll

2009-07-01 10:31:47 . 2009-07-01 10:31:47 0 d-----w- C:\Program Files\Microsoft Silverlight

2009-07-01 10:21:41 . 2009-05-09 05:34:34 71680 ----a-w- C:\Windows\system32\iesetup.dll

2009-07-01 10:21:40 . 2009-05-09 05:50:28 915456 ----a-w- C:\Windows\system32\wininet.dll

2009-07-01 09:47:03 . 2008-07-27 18:03:17 41984 ----a-w- C:\Windows\system32\netfxperf.dll

2009-07-01 09:36:54 . 2009-07-13 09:08:14 56680 ----a-w- C:\Windows\system32\rpcnet.dll

2009-07-01 09:36:54 . 2009-07-11 15:57:26 56680 ----a-w- C:\Windows\system32\rpcnet.exe

2009-07-01 09:30:12 . 2009-04-21 11:39:47 2034688 ----a-w- C:\Windows\system32\win32k.sys

2009-07-01 09:29:24 . 2009-04-23 12:14:10 623616 ----a-w- C:\Windows\system32\localspl.dll

2009-07-01 09:29:23 . 2009-04-23 12:15:07 784896 ----a-w- C:\Windows\system32\rpcrt4.dll

2009-07-01 09:14:42 . 2008-10-16 21:13:38 1809944 ----a-w- C:\Windows\system32\wuaueng.dll

2009-07-01 09:14:42 . 2008-10-16 21:09:43 51224 ----a-w- C:\Windows\system32\wuauclt.exe

2009-07-01 09:14:42 . 2008-10-16 21:09:43 43544 ----a-w- C:\Windows\system32\wups2.dll

2009-07-01 09:14:42 . 2008-10-16 20:56:28 1524736 ----a-w- C:\Windows\system32\wucltux.dll

2009-07-01 09:14:35 . 2008-10-16 21:12:19 561688 ----a-w- C:\Windows\system32\wuapi.dll

2009-07-01 09:14:35 . 2008-10-16 21:08:57 34328 ----a-w- C:\Windows\system32\wups.dll

2009-07-01 09:14:35 . 2008-10-16 20:55:59 83456 ----a-w- C:\Windows\system32\wudriver.dll

2009-07-01 09:14:31 . 2008-10-16 12:08:00 162064 ----a-w- C:\Windows\system32\wuwebv.dll

2009-07-01 09:14:31 . 2008-10-16 11:56:04 31232 ----a-w- C:\Windows\system32\wuapp.exe

2009-07-01 09:05:56 . 2009-07-01 09:05:56 0 d-----w- C:\Users\ppp\Bluetooth Software

2009-07-01 09:05:45 . 2009-07-01 09:05:45 0 d-----w- C:\Users\ppp\AppData\Local\Power2Go

2009-07-01 09:04:23 . 2009-07-02 18:55:22 0 d-----w- C:\Users\ppp\AppData\Local\VirtualStore

2009-07-01 09:01:22 . 2009-07-01 09:01:22 0 dc----w- C:\Windows\system32\DRVSTORE

2009-07-01 09:01:22 . 2008-12-08 15:01:52 55264 ----a-w- C:\Windows\system32\drivers\fssfltr.sys

2009-07-01 09:00:29 . 2006-11-29 11:06:18 3426072 ----a-w- C:\Windows\system32\d3dx9_32.dll

2009-07-01 09:00:12 . 2009-07-01 09:00:12 0 d-----w- C:\Program Files\Microsoft SQL Server Compact Edition

2009-07-01 08:58:53 . 2009-07-01 09:01:30 0 d-----w- C:\Program Files\Microsoft

2009-07-01 08:58:37 . 2009-07-01 08:58:37 0 d-----w- C:\Program Files\Windows Live SkyDrive

2009-07-01 08:58:31 . 2009-07-01 09:01:21 0 d-----w- C:\Program Files\Windows Live

2009-07-01 08:57:34 . 2009-07-01 08:57:34 0 d-----w- C:\Program Files\Common Files\Windows Live

2009-07-01 08:55:54 . 2009-07-02 20:13:57 0 d-----w- C:\Program Files\Common Files\Adobe

.

(((((((((((((((((((((((((((((((((((((((( Sekcja Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2009-07-13 09:08:16 . 2009-05-09 05:01:19 17408 ----a-w- C:\Windows\system32\rpcnetp.exe

2009-07-13 09:07:15 . 2009-05-09 05:37:10 5092 ----a-w- C:\Windows\bthservsdp.dat

2009-07-13 08:37:19 . 2008-04-17 09:47:57 662056 ----a-w- C:\Windows\system32\perfh015.dat

2009-07-13 08:37:19 . 2008-04-17 09:47:57 126908 ----a-w- C:\Windows\system32\perfc015.dat

2009-07-11 15:54:49 . 2009-05-09 05:03:47 17408 ----a-w- C:\Windows\system32\rpcnetp.dll

2009-07-07 21:56:14 . 2009-05-09 05:38:33 0 d-----w- C:\Program Files\CONEXANT

2009-07-05 16:10:00 . 2009-07-05 16:10:00 0 d-----w- C:\ProgramData\Symantec

2009-07-02 21:14:39 . 2009-05-09 05:26:42 0 d-----w- C:\ProgramData\Norton

2009-07-02 20:13:17 . 2009-05-09 06:27:10 0 d-----w- C:\ProgramData\P4G

2009-07-02 20:13:16 . 2006-11-02 12:35:51 0 d-----w- C:\Program Files\Windows Sidebar

2009-07-02 20:13:16 . 2006-11-02 12:35:51 0 d-----w- C:\Program Files\Windows Photo Gallery

2009-07-02 20:13:16 . 2006-11-02 12:35:51 0 d-----w- C:\Program Files\Windows Defender

2009-07-02 20:13:16 . 2006-11-02 12:35:51 0 d-----w- C:\Program Files\Windows Collaboration

2009-07-02 20:13:16 . 2006-11-02 12:35:51 0 d-----w- C:\Program Files\Windows Calendar

2009-07-02 20:13:16 . 2006-11-02 11:18:33 0 d-----w- C:\Program Files\Windows Mail

2009-07-01 15:52:56 . 2009-05-09 05:25:51 0 d-----w- C:\ProgramData\CyberLink

2009-07-01 11:21:08 . 2006-11-02 10:25:05 665600 ----a-w- C:\Windows\inf\drvindex.dat

2009-07-01 10:45:37 . 2009-05-09 05:13:05 0 d-----w- C:\ProgramData\Microsoft Help

2009-07-01 10:12:18 . 2009-07-01 08:54:21 99864 ----a-w- C:\Users\ppp\AppData\Local\GDIPFONTCACHEV1.DAT

2009-07-01 09:58:51 . 2009-05-09 05:16:24 0 d-----w- C:\Program Files\Microsoft Works

2009-07-01 09:29:55 . 2009-07-01 09:29:55 0 ----a-w- C:\Windows\system32\drivers\1043_ASUSTeK_F52Q.alu

2009-05-28 09:23:14 . 2009-05-28 09:23:14 42088 ----a-w- C:\Users\ppp\AppData\Roaming\Nowe Gadu-Gadu_userdata\ggbho.1.dll

2009-05-28 08:34:30 . 2009-05-28 08:34:30 11264 ----a-w- C:\Users\ppp\AppData\Roaming\Nowe Gadu-Gadu_userdata\npgg.1.dll

2009-05-09 06:31:17 . 2009-05-09 06:31:17 4814371 ----a-w- C:\Windows\ASUS Camera ScreenSaver.exe

2009-05-09 06:31:17 . 2009-05-09 06:31:17 47672 ----a-w- C:\Windows\AsScrProlog.exe

2009-05-09 06:31:17 . 2009-05-09 06:31:17 281144 ----a-w- C:\Windows\ASUS Camera ScreenSaver Uninstaller.exe

2009-05-09 06:31:16 . 2009-05-09 06:31:16 520192 ----a-w- C:\Windows\system32\Asus_Camera_ScreenSaver.scr

2009-05-09 06:27:30 . 2009-05-09 06:27:30 30264 ----a-w- C:\Windows\system32\drivers\AsDsm.sys

2009-05-09 05:38:18 . 2009-05-09 05:38:18 18904 ----a-w- C:\Windows\system32\StructuredQuerySchemaTrivial.bin

2009-05-09 05:30:22 . 2009-05-09 05:30:22 6656 ----a-w- C:\Windows\system32\kbd106n.dll

2009-05-09 05:28:12 . 2009-05-09 05:28:02 157168 ----a-w- C:\ProgramData\Partner\partner.dll

2009-05-09 05:28:12 . 2009-05-09 05:28:02 110576 ----a-w- C:\ProgramData\Partner\partner.exe

2009-05-09 05:25:07 . 2009-05-09 05:25:08 36864 ----a-w- C:\ProgramData\Temp{40BF1E83-20EB-11D8-97C5-0009C5020658}\PostBuild.exe

2009-05-09 05:24:14 . 2009-05-09 05:24:24 53319 ----a-w- C:\ProgramData\Temp{5DB1DF0C-AABC-4362-8A6D-CEFDFB036E41}\PostBuild.exe

2009-04-08 17:31:56 . 2009-04-08 17:31:56 106496 ----a-w- C:\Program Files\Common Files\CPInstallAction.dll

2008-05-22 15:35:54 . 2008-05-22 15:35:54 51962 ----a-w- C:\Program Files\Common Files\banner.jpg

2007-06-12 16:34:50 . 2007-06-12 16:34:50 35822 ----a-w- C:\Program Files\Common Files\ASPG_icon.ico

.

((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane

REGEDIT4

[HKEY_LOCAL_MACHINE~\Browser Helper Objects{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4}]

2009-05-09 05:28:12 157168 ----a-w- C:\ProgramData\Partner\partner.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]

@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"

[HKEY_CLASSES_ROOT\CLSID{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]

2007-06-02 00:08:18 143360 ----a-w- C:\Program Files\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

“Sidebar”=“C:\Program Files\Windows Sidebar\sidebar.exe” [2009-04-11 06:28:03 1233920]

“LightScribe Control Panel”=“C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe” [2008-06-09 17:16:32 2363392]

“SRS Premium Sound”=“C:\Program Files\SRS Labs\SRS Premium Sound\SRSPremiumSoundBig_Small.exe” [2009-04-02 22:03:18 3405048]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

“Windows Defender”=“C:\Program Files\Windows Defender\MSASCui.exe” [2008-01-21 02:33:00 1008184]

“RemoteControl”=“C:\Program Files\ASUSTek\ASUSDVD\PDVDServ.exe” [2008-12-12 01:06:20 87336]

“LanguageShortcut”=“C:\Program Files\ASUSTek\ASUSDVD\Language\Language.exe” [2008-12-19 18:00:40 62760]

“CLMLServer”=“C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe” [2008-07-19 02:52:16 104936]

“P2Go_Menu”=“C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe” [2008-06-14 01:11:32 210216]

“IgfxTray”=“C:\Windows\system32\igfxtray.exe” [2009-03-05 04:06:21 141848]

“HotKeysCmds”=“C:\Windows\system32\hkcmd.exe” [2009-03-05 04:06:11 173592]

“Persistence”=“C:\Windows\system32\igfxpers.exe” [2009-03-05 04:06:19 150552]

“ETDWare”=“C:\Program Files\Elantech\ETDCtrl.exe” [2009-03-30 04:06:15 424864]

“HControlUser”=“C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe” [2008-08-18 17:56:22 98304]

“ATKOSD2”=“C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe” [2009-03-04 17:26:24 8392704]

“ATKMEDIA”=“C:\Program Files\ASUS\ATK Media\DMedia.exe” [2009-03-27 16:52:28 159744]

“ADSMTray”=“C:\Program Files\ASUS\ASUS Data Security Manager\ADSMTray.exe” [2008-04-01 06:09:30 266240]

“ACMON”=“C:\Program Files\ASUS\Splendid\ACMON.exe” [2008-10-01 06:02:48 851968]

“Wireless Console 3”=“C:\Program Files\ASUS\Wireless Console 3\wcourier.exe” [2009-02-06 23:13:16 1593344]

“ASUS Camera ScreenSaver”=“C:\Windows\AsScrProlog.exe” [2009-05-09 06:31:17 47672]

“Adobe Reader Speed Launcher”=“C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe” [2009-02-27 15:10:28 35696]

“SunJavaUpdateSched”=“D:\Programy\Java\bin\jusched.exe” [2009-07-05 13:55:38 148888]

“SmartAudio”=“C:\Program Files\CONEXANT\SMARTAUDIO\SMAUDIO.EXE” [2009-02-26 09:15:30 2742840]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\

Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe [2008-7-30 752168]

FancyStart daemon.lnk - C:\Windows\Installer{F9F20920-313D-4D6F-866B-2737B77E1857}_DC60F4E342E06843E7FCD0.exe [2009-5-9 12862]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

“EnableUIADesktopToggle”= 0 (0x0)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]

@=“Service”

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]

“VistaSp2”=hex(b):8e,44,b3,06,3f,fa,c9,01

[HKLM~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]

“{E475629F-F7EF-4F42-8189-04B57875A2B2}”= TCP:6004|C:\Program Files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook

“{A63DB396-3D73-4EC8-9FE4-14DAD0A9089C}”= C:\Program Files\ASUSTek\ASUSDVD\PowerDVD.EXE:CyberLink PowerDVD

“{C22094E9-19F6-4F7B-ABE1-9E73737A6DD8}”= C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:Windows Live Sync

“{2020221C-47E4-4555-B5BC-1CBCE9EEFF95}”= D:\Programy\SKype\Phone\Skype.exe:Skype

“TCP Query User{0A8D555B-C3A2-4608-87C4-11CB4DB8312B}D:\programy\gg\gg.exe”= UDP:D:\programy\gg\gg.exe:Nowe Gadu-Gadu

“UDP Query User{B462CD9B-BACA-40B4-890E-A2C6D0E4D3D3}D:\programy\gg\gg.exe”= TCP:D:\programy\gg\gg.exe:Nowe Gadu-Gadu

“TCP Query User{F852F028-711F-4664-A804-FEFC69570E3C}D:\gry\warcraft iii\war3.exe”= UDP:D:\gry\warcraft iii\war3.exe:Warcraft III

“UDP Query User{61A1497F-1AC7-4FEB-92D6-4CD032813E1C}D:\gry\warcraft iii\war3.exe”= TCP:D:\gry\warcraft iii\war3.exe:Warcraft III

“TCP Query User{7300FA07-4015-4DB0-A0AB-81FF730838DE}D:\programy\java\bin\java.exe”= UDP:D:\programy\java\bin\java.exe:Java Platform SE binary

“UDP Query User{FFCC6B5F-0EE8-4A1B-8CD9-2816AD473544}D:\programy\java\bin\java.exe”= TCP:D:\programy\java\bin\java.exe:Java Platform SE binary

R0 lullaby;lullaby;C:\Windows\System32\drivers\lullaby.sys [2009-05-09 08:24:34 15416]

R3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\System32\drivers\btwl2cap.sys [2009-05-09 08:09:51 29736]

R3 ETD;ELAN PS/2 Port Input Device;C:\Windows\System32\drivers\ETD.sys [2009-03-30 09:33:17 129536]

R3 SRS_PremiumSound_Service;SRS Labs Premium Sound;C:\Windows\System32\drivers\SRS_PremiumSound_i386.sys [2009-05-09 08:23:54 233128]

S3 fssfltr;FssFltr;C:\Windows\System32\drivers\fssfltr.sys [2009-07-01 11:01:22 55264]

S3 fsssvc;Bezpieczeństwo rodzinne usługi Windows Live;C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2008-12-08 17:01:58 533344]

S3 IntcHdmiAddService;Intel® High Definition Audio HDMI;C:\Windows\System32\drivers\IntcHdmi.sys [2008-09-21 23:49:35 112128]

S3 Partner Service;Partner Service;C:\ProgramData\Partner\partner.exe [2009-05-09 07:28:02 110576]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc

bthsvcs REG_MULTI_SZ BthServ

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]

“C:\Windows\System32\rundll32.exe” “C:\Windows\System32\iedkcs32.dll”,BrandIEActiveSetup SIGNUP

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components{10880D85-AAD9-4558-ABDC-2AB1552D831F}]

“C:\Program Files\Common Files\LightScribe\LSRunOnce.exe”

.

Zawartość folderu ‘Zaplanowane zadania’

2009-07-12 C:\Windows\Tasks\Norton Security Scan for ppp.job

  • C:\Program Files\Norton Security Scan\Nss.exe [2009-03-13 03:53:16 . 2009-06-10 15:20:58]

.

        • USUNIĘTO PUSTE WPISY - - - -

HKLM-Run-WinampAgent - D:\Programy\Winamp\winampa.exe

.

------- Skan uzupełniający -------

.

uStart Page = hxxp://www.google.com/ig/redirectdomain … &bmod=ASUS

mStart Page = hxxp://www.google.com/ig/redirectdomain … &bmod=ASUS

IE: Add to Google Photos Screensa&ver - C:\Windows\system32\GPhotos.scr/200

FF - ProfilePath - C:\Users\ppp\AppData\Roaming\Mozilla\Firefox\Profiles\jy04j57w.default\

FF - plugin: C:\Program Files\Google\Picasa3\npPicasa3.dll

FF - plugin: C:\Program Files\Microsoft\Office Live\npOLW.dll

FF - plugin: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

FF - plugin: C:\Users\ppp\AppData\Roaming\Nowe Gadu-Gadu_userdata\npgg.1.dll

FF - plugin: D:\Programy\Java\bin\new_plugin\npdeploytk.dll

FF - plugin: D:\Programy\Java\bin\new_plugin\npjp2.dll

FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

FF - HiddenExtension: Java Console: No Registry Reference - D:\Programy\Mozilla\extensions{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}

.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2009-07-13 11:08:57

Windows 6.0.6002 Service Pack 2 NTFS

skanowanie ukrytych procesów …

skanowanie ukrytych wpisów autostartu …

#2

Przeskanuj ten plik: C:\Windows\AsScrProlog.exe oraz C:\Windows\system32\kbd106n.dll na http://www.virustotal.com/pl/

Przeskanuj komputer MBAM.

Pokaż loga z HiJack This oraz OTL.

#3

A więc na tej stronie co mi podałeś przeskanowałem oba pliki ale nic nie wykazały więc nic Ci tu nie wkleję (chyba to było 0/32).

Przeskanowałem komputer MBAM i nie wykryło nic.

Logi z HiJack This:

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 14:57:19, on 2009-07-13

Platform: Windows Vista SP2 (WinNT 6.00.1906)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Boot mode: Normal

Running processes:

C:\Windows\system32\taskeng.exe

C:\Windows\system32\Dwm.exe

C:\Windows\system32\taskeng.exe

C:\Windows\Explorer.EXE

C:\Program Files\ASUS\SmartLogon\sensorsrv.exe

C:\Program Files\ASUS\ASUS Live Update\ALU.exe

C:\Program files\P4G\BatteryLife.exe

C:\Program Files\ASUS\ASUS CopyProtect\aspg.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files\Windows Defender\MSASCui.exe

C:\Program Files\ASUSTek\ASUSDVD\PDVDServ.exe

C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe

C:\Windows\System32\igfxtray.exe

C:\Windows\System32\hkcmd.exe

C:\Windows\system32\igfxsrvc.exe

C:\Windows\System32\igfxpers.exe

C:\Program Files\Elantech\ETDCtrl.exe

C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe

C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe

C:\Program Files\ASUS\ATK Media\DMedia.exe

C:\Program Files\ASUS\ASUS Data Security Manager\ADSMTray.exe

D:\Programy\Java\bin\jusched.exe

C:\Program Files\CONEXANT\SmartAudio\SmAudio.exe

C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe

C:\Program Files\SRS Labs\SRS Premium Sound\SRSPremiumSoundBig_Small.exe

C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe

D:\Programy\GG\gg.exe

D:\Programy\GG\spellchecker_gg.exe

D:\Programy\Mozilla\firefox.exe

D:\Programy\Malwarebytes’ Anti-Malware\mbam.exe

D:\Programy\Winamp\winamp.exe

C:\Windows\system32\NOTEPAD.EXE

C:\Windows\system32\SearchFilterHost.exe

D:\Programy\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Partner BHO Class - {83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} - C:\ProgramData\Partner\partner.dll

O2 - BHO: Pomocnik rejestracji usługi Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.1852\swg.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Programy\Java\bin\jp2ssv.dll

O2 - BHO: IEPluginBHO - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Users\ppp\AppData\Roaming\Nowe Gadu-Gadu_userdata\ggbho.1.dll

O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll

O4 - HKLM…\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

O4 - HKLM…\Run: [RemoteControl] “C:\Program Files\ASUSTek\ASUSDVD\PDVDServ.exe”

O4 - HKLM…\Run: [LanguageShortcut] “C:\Program Files\ASUSTek\ASUSDVD\Language\Language.exe”

O4 - HKLM…\Run: [CLMLServer] “C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe”

O4 - HKLM…\Run: [P2Go_Menu] “C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe” “C:\Program Files\CyberLink\Power2Go” UpdateWithCreateOnce “SOFTWARE\CyberLink\Power2Go\6.0”

O4 - HKLM…\Run: [igfxTray] C:\Windows\system32\igfxtray.exe

O4 - HKLM…\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe

O4 - HKLM…\Run: [Persistence] C:\Windows\system32\igfxpers.exe

O4 - HKLM…\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe

O4 - HKLM…\Run: [HControlUser] C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe

O4 - HKLM…\Run: [ATKOSD2] C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe

O4 - HKLM…\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMedia.exe

O4 - HKLM…\Run: [ADSMTray] C:\Program Files\ASUS\ASUS Data Security Manager\ADSMTray.exe

O4 - HKLM…\Run: [ACMON] C:\Program Files\ASUS\Splendid\ACMON.exe

O4 - HKLM…\Run: [Wireless Console 3] C:\Program Files\ASUS\Wireless Console 3\wcourier.exe

O4 - HKLM…\Run: [ASUS Camera ScreenSaver] C:\Windows\AsScrProlog.exe

O4 - HKLM…\Run: [WinampAgent] D:\Programy\Winamp\winampa.exe

O4 - HKLM…\Run: [Adobe Reader Speed Launcher] “C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe”

O4 - HKLM…\Run: [sunJavaUpdateSched] “D:\Programy\Java\bin\jusched.exe”

O4 - HKLM…\Run: [smartAudio] C:\Program Files\CONEXANT\SMARTAUDIO\SMAUDIO.EXE /c

O4 - HKLM…\RunOnce: [Malwarebytes’ Anti-Malware] D:\Programy\Malwarebytes’ Anti-Malware\mbamgui.exe /install /silent

O4 - HKCU…\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKCU…\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden

O4 - HKCU…\Run: [sRS Premium Sound] “C:\Program Files\SRS Labs\SRS Premium Sound\SRSPremiumSoundBig_Small.exe” /hideme

O4 - Global Startup: Bluetooth.lnk = ?

O4 - Global Startup: FancyStart daemon.lnk = ?

O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200

O9 - Extra button: Wpis w blogu - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra ‘Tools’ menuitem: &Wpis w blogu w Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL

O13 - Gopher Prefix:

O23 - Service: ADSM Service (ADSMService) - ASUSTek Computer Inc. - C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe

O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ASUS\ATK Hotkey\ASLDRSrv.exe

O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe

O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe

O23 - Service: Partner Service - Google Inc. - C:\ProgramData\Partner\partner.exe

O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe

O23 - Service: Remote Procedure Call (RPC) Net (rpcnet) - Absolute Software Corp. - C:\Windows\system32\rpcnet.exe

End of file - 7141 bytes

Z OTL zrobiły mi się dwa pliki: (jeszcze OTL ale za dużo znajduję się tam znaków i nie mogę zmieścić w poście a nie wiem jak wstawić dokument tekstowy tutaj)

Extras:

OTL Extras logfile created on: 2009-07-13 15:06:43 - Run 1

OTL by OldTimer - Version 3.0.7.1 Folder = C:\Users\ppp\Desktop

Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18783)

Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

2,00 Gb Total Physical Memory | 1,72 Gb Available Physical Memory | 85,89% Memory free

4,00 Gb Paging File | 4,00 Gb Available in Paging File | 100,00% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 116,44 Gb Total Space | 79,37 Gb Free Space | 68,16% Space Free | Partition Type: NTFS

Drive D: | 104,73 Gb Total Space | 103,12 Gb Free Space | 98,47% Space Free | Partition Type: NTFS

E: Drive not present or media not loaded

F: Drive not present or media not loaded

G: Drive not present or media not loaded

H: Drive not present or media not loaded

I: Drive not present or media not loaded

Computer Name: PPP-PC

Current User Name: ppp

Logged in as Administrator.

Current Boot Mode: Normal

Scan Mode: All users

Company Name Whitelist: Off

Skip Microsoft Files: Off

File Age = 30 Days

Output = Standard

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes]

.hlp [@ = hlpfile] – C:\Windows\winhlp32.exe (Microsoft Corporation)

.html [@ = htmlfile] – C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes]

.html [@ = FirefoxHTML] – D:\Programy\Mozilla\firefox.exe (Mozilla Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

“cval” = 1

“FirewallDisableNotify” = 0

“AntiVirusDisableNotify” = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

“AntiVirusOverride” = 0

“AntiSpywareOverride” = 0

“FirewallOverride” = 0

File not found – Reg Error: Unknown registry data type

File not found – Reg Error: Unknown registry data type

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

“EnableFirewall” = 1

“DisableNotifications” = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

“EnableFirewall” = 1

“DisableNotifications” = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

“{03D1988F-469F-4843-8E6E-E5FE9D17889D}” = WIDCOMM Bluetooth Software

“{06585B02-F20D-4AB2-9A64-86EF2AE0F8F0}” = ASUS AI Recovery

“{0969AF05-4FF6-4C00-9406-43599238DE0D}” = ASUS Splendid Video Enhancement Technology

“{0B63BF75-9F0A-4E93-A69D-BDCC6A26C4B1}” = Podstawowe programy Windows Live

“{0E7DBD52-B097-4F2B-A7C7-F105B0D20FDB}” = LightScribe System Software 1.14.17.1

“{18455581-E099-4BA8-BC6B-F34B2F06600C}” = Google Toolbar for Internet Explorer

“{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}” = ASUS LifeFrame3

“{205C6BDD-7B73-42DE-8505-9A093F35A238}” = Narzędzie do przekazywania usługi Windows Live

“{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}” = Wireless Console 3

“{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}” = MSVCRT

“{2318C2B1-4965-11d4-9B18-009027A5CD4F}” = Google Toolbar for Internet Explorer

“{24D753CA-6AE9-4E30-8F5F-EFC93E08BF3D}” = Skype™ 4.0

“{26A24AE4-039D-4CA4-87B4-2F83216014FF}” = Java 6 Update 14

“{28006915-2739-4EBE-B5E8-49B25D32EB33}” = Atheros Client Installation Program

“{2A5FBE73-76DA-4A31-BD86-1B0E01DC33F8}” = Windows Live Messenger

“{3856DA80-86D2-4EBF-B33E-9F2C54BC9AC4}” = Bezpieczeństwo rodzinne usługi Windows Live

“{3B05F2FB-745B-4012-ADF2-439F36B2E70B}” = ATKOSD2

“{3F4BA3A2-7BE0-48EA-B4BC-CA4D842A409A}” = Cisco EAP-FAST Module

“{40BF1E83-20EB-11D8-97C5-0009C5020658}” = CyberLink Power2Go

“{40CC0CC6-C1BA-476D-98CF-5430DA439B4F}” = Galeria fotografii usługi Windows Live

“{4AB8B41B-3AF1-46BE-99B0-0ACD3B300C0A}” = Junk Mail filter update

“{4B6B024F-F6D4-4A7B-8ADA-F9F8370320CC}” = SRS Premium Sound

“{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}” = Microsoft Office Live Add-in 1.3

“{64452561-169F-4A36-A2FF-B5E118EC65F5}” = ASUS SmartLogon

“{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}” = Activation Assistant for the 2007 Microsoft Office suites

“{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}” = ASUSDVD

“{6B77A7F6-DD63-4F13-A6FF-83137A5AC354}” = ASUS CopyProtect

“{6FF543AB-99B3-4120-902C-70A38314ABD8}” = Norton Security Scan

“{7299052b-02a4-4627-81f2-1818da5d550d}” = Microsoft Visual C++ 2005 Redistributable

“{74CC5B4D-CBB5-46F1-82B0-3169977B1D36}” = Asystent rejestracji usługi Windows Live

“{7C05592D-424B-46CB-B505-E0013E8E75C9}” = ATK Hotkey

“{8833FFB6-5B0C-4764-81AA-06DFEED9A476}” = Realtek 8136 8168 8169 Ethernet Driver

“{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}” = Microsoft Silverlight

“{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}” = Choice Guard

“{90120000-0015-0409-0000-0000000FF1CE}” = Microsoft Office Access MUI (English) 2007

“{90120000-0015-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}” = Microsoft Office 2007 Service Pack 2 (SP2)

“{90120000-0015-0415-0000-0000000FF1CE}” = Microsoft Office Access MUI (Polish) 2007

“{90120000-0015-0415-0000-0000000FF1CE}_PROHYBRIDR_{79EB535E-76E4-4356-8146-A24EE55AB69D}” = Microsoft Office 2007 Service Pack 2 (SP2)

“{90120000-0016-0409-0000-0000000FF1CE}” = Microsoft Office Excel MUI (English) 2007

“{90120000-0016-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}” = Microsoft Office 2007 Service Pack 2 (SP2)

“{90120000-0016-0415-0000-0000000FF1CE}” = Microsoft Office Excel MUI (Polish) 2007

“{90120000-0016-0415-0000-0000000FF1CE}_PROHYBRIDR_{79EB535E-76E4-4356-8146-A24EE55AB69D}” = Microsoft Office 2007 Service Pack 2 (SP2)

“{90120000-0018-0409-0000-0000000FF1CE}” = Microsoft Office PowerPoint MUI (English) 2007

“{90120000-0018-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}” = Microsoft Office 2007 Service Pack 2 (SP2)

“{90120000-0018-0415-0000-0000000FF1CE}” = Microsoft Office PowerPoint MUI (Polish) 2007

“{90120000-0018-0415-0000-0000000FF1CE}_PROHYBRIDR_{79EB535E-76E4-4356-8146-A24EE55AB69D}” = Microsoft Office 2007 Service Pack 2 (SP2)

“{90120000-0019-0409-0000-0000000FF1CE}” = Microsoft Office Publisher MUI (English) 2007

“{90120000-0019-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}” = Microsoft Office 2007 Service Pack 2 (SP2)

“{90120000-0019-0415-0000-0000000FF1CE}” = Microsoft Office Publisher MUI (Polish) 2007

“{90120000-0019-0415-0000-0000000FF1CE}_PROHYBRIDR_{79EB535E-76E4-4356-8146-A24EE55AB69D}” = Microsoft Office 2007 Service Pack 2 (SP2)

“{90120000-001A-0409-0000-0000000FF1CE}” = Microsoft Office Outlook MUI (English) 2007

“{90120000-001A-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}” = Microsoft Office 2007 Service Pack 2 (SP2)

“{90120000-001A-0415-0000-0000000FF1CE}” = Microsoft Office Outlook MUI (Polish) 2007

“{90120000-001A-0415-0000-0000000FF1CE}_PROHYBRIDR_{79EB535E-76E4-4356-8146-A24EE55AB69D}” = Microsoft Office 2007 Service Pack 2 (SP2)

“{90120000-001B-0409-0000-0000000FF1CE}” = Microsoft Office Word MUI (English) 2007

“{90120000-001B-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}” = Microsoft Office 2007 Service Pack 2 (SP2)

“{90120000-001B-0415-0000-0000000FF1CE}” = Microsoft Office Word MUI (Polish) 2007

“{90120000-001B-0415-0000-0000000FF1CE}_PROHYBRIDR_{79EB535E-76E4-4356-8146-A24EE55AB69D}” = Microsoft Office 2007 Service Pack 2 (SP2)

“{90120000-001F-0407-0000-0000000FF1CE}” = Microsoft Office Proof (German) 2007

“{90120000-001F-0407-0000-0000000FF1CE}_PROHYBRIDR_{A0516415-ED61-419A-981D-93596DA74165}” = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

“{90120000-001F-0409-0000-0000000FF1CE}” = Microsoft Office Proof (English) 2007

“{90120000-001F-0409-0000-0000000FF1CE}_PROHYBRIDR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}” = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

“{90120000-001F-040C-0000-0000000FF1CE}” = Microsoft Office Proof (French) 2007

“{90120000-001F-040C-0000-0000000FF1CE}_PROHYBRIDR_{F580DDD5-8D37-4998-968E-EBB76BB86787}” = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

“{90120000-001F-0415-0000-0000000FF1CE}” = Microsoft Office Proof (Polish) 2007

“{90120000-001F-0415-0000-0000000FF1CE}_PROHYBRIDR_{E9EA2604-8AC9-47D2-8F4B-6BF60787A357}” = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

“{90120000-001F-0C0A-0000-0000000FF1CE}” = Microsoft Office Proof (Spanish) 2007

“{90120000-001F-0C0A-0000-0000000FF1CE}_PROHYBRIDR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}” = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

“{90120000-002C-0409-0000-0000000FF1CE}” = Microsoft Office Proofing (English) 2007

“{90120000-002C-0415-0000-0000000FF1CE}” = Microsoft Office Proofing (Polish) 2007

“{90120000-006E-0409-0000-0000000FF1CE}” = Microsoft Office Shared MUI (English) 2007

“{90120000-006E-0409-0000-0000000FF1CE}_PROHYBRIDR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}” = Microsoft Office 2007 Service Pack 2 (SP2)

“{90120000-006E-0415-0000-0000000FF1CE}” = Microsoft Office Shared MUI (Polish) 2007

“{90120000-006E-0415-0000-0000000FF1CE}_PROHYBRIDR_{D45F91DE-F0FC-4D5F-9A0C-FDE5B251AAC6}” = Microsoft Office 2007 Service Pack 2 (SP2)

“{90120000-0115-0409-0000-0000000FF1CE}” = Microsoft Office Shared Setup Metadata MUI (English) 2007

“{90120000-0115-0409-0000-0000000FF1CE}_PROHYBRIDR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}” = Microsoft Office 2007 Service Pack 2 (SP2)

“{90120000-0117-0409-0000-0000000FF1CE}” = Microsoft Office Access Setup Metadata MUI (English) 2007

“{90120000-0117-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}” = Microsoft Office 2007 Service Pack 2 (SP2)

“{91120000-0031-0000-0000-0000000FF1CE}” = Microsoft Office Professional Hybrid 2007

“{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}” = Microsoft Office 2007 Service Pack 2 (SP2)

“{934B3B19-8193-467A-B356-E73F82647D38}” = Cisco LEAP Module

“{95120000-00B9-0409-0000-0000000FF1CE}” = Microsoft Application Error Reporting

“{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}” = ASUS Power4Gear Hybrid

“{9D48531D-2135-49FC-BC29-ACCDA5396A76}” = ASUS MultiFrame

“{9EFDFBA8-9174-3C61-8645-28376C5CA994}” = Microsoft .NET Framework 3.5 Language Pack SP1 - plk

“{AC76BA86-7AD7-1045-7B44-A91000000001}” = Adobe Reader 9.1 - Polish

“{AC76BA86-7AD7-5464-3428-900000000004}” = Spelling Dictionaries Support For Adobe Reader 9

“{BAD1449B-DF0C-4118-B76D-68C54009576C}” = Cisco PEAP Module

“{C08F4C18-EBC5-47F4-A760-A2DF3C39CA20}” = Windows Live Movie Maker Beta

“{C3335EFB-008F-44DB-A87A-9EC8EE53D045}” = Windows Live Sync

“{C59C179C-668D-49A9-B6EA-0121CCFC1243}” = CyberLink LabelPrint

“{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}” = Microsoft .NET Framework 3.5 SP1

“{D1E5870E-E3E5-4475-98A6-ADD614524ADF}” = ATK Media

“{D3D54F3E-C5C3-443D-978F-87A72E5616E8}” = ATK Generic Function Service

“{DB4690C5-9015-401D-A96C-A49909B7C372}” = Poczta usługi Windows Live

“{DC24971E-1946-445D-8A82-CE685433FA7D}” = Realtek USB 2.0 Card Reader

“{DD49053A-0140-44EF-AE75-C4BC1FDB8286}” = Windows Live Writer

“{DE10AB76-4756-4913-BE25-55D1C1051F9A}” = WinFlash

“{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}” = ASUS Live Update

“{E8CC51B4-F039-4A13-8C23-57661C5A90AC}” = Express Gate

“{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}” = ASUS Virtual Camera

“{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}” = Microsoft SQL Server 2005 Compact Edition [ENU]

“{F2AD071E-2E86-4E8A-AA66-E8E222F84CDE}_is1” = Replay Explorer 3.0.2

“{F69E83CF-B440-43F8-89E6-6EA80712109B}” = Windows Live Communications Platform

“{F9F20920-313D-4D6F-866B-2737B77E1857}” = ASUS FancyStart

“{FA2092C5-7979-412D-A962-6485274AE1EE}” = ASUS Data Security Manager

“Activation Assistant for the 2007 Microsoft Office suites” = Activation Assistant for the 2007 Microsoft Office suites

“Adobe Flash Player Plugin” = Adobe Flash Player 10 Plugin

“Adobe Shockwave Player” = Adobe Shockwave Player 11.5

“Asus_Camera_ScreenSaver” = Asus_Camera_ScreenSaver

“CNXT_AUDIO_HDA” = Conexant HD Audio

“Elantech” = ETDWare PS/2-x86 7.0.5.2 WHQL

“HDMI” = Intel® Graphics Media Accelerator Driver

“HijackThis” = HijackThis 2.0.2

“InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}” = CyberLink Power2Go

“Malwarebytes’ Anti-Malware_is1” = Malwarebytes’ Anti-Malware

“Microsoft .NET Framework 3.5 Language Pack SP1 - plk” = Pakiet językowy programu Microsoft .NET Framework 3.5 z dodatkiem SP1 — PLK

“Microsoft .NET Framework 3.5 SP1” = Microsoft .NET Framework 3.5 SP1

“Mozilla Firefox (3.0.11)” = Mozilla Firefox (3.0.11)

“Nowe Gadu-Gadu” = Nowe Gadu-Gadu

“NSSSetup.{6FF543AB-99B3-4120-902C-70A38314ABD8}” = Norton Security Scan (Symantec Corporation)

“Picasa 3” = Picasa 3

“PROHYBRIDR” = 2007 Microsoft Office system

“ShockwaveFlash” = Adobe Flash Player 9 ActiveX

“TVWiz” = Intel® TV Wizard

“USB 2.0 1.3M UVC WebCam” = USB 2.0 1.3M UVC WebCam

“Warcraft III” = Warcraft III

“Winamp” = Winamp

“WinLiveSuite_Wave3” = Podstawowe programy Windows Live

“WinRAR archiver” = Archiwizator WinRAR

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

“Warcraft III” = Warcraft III: wszystkie elementy

========== Last 10 Event Log Errors ==========

[Application Events]

Error - 2009-07-07 15:08:20 | Computer Name = ppp-PC | Source = Windows Search Service | ID = 3013

Description =

Error - 2009-07-07 17:42:15 | Computer Name = ppp-PC | Source = WinMgmt | ID = 10

Description =

Error - 2009-07-07 18:01:37 | Computer Name = ppp-PC | Source = WinMgmt | ID = 10

Description =

Error - 2009-07-08 03:00:12 | Computer Name = ppp-PC | Source = WinMgmt | ID = 10

Description =

Error - 2009-07-08 08:54:15 | Computer Name = ppp-PC | Source = WinMgmt | ID = 10

Description =

Error - 2009-07-08 14:09:19 | Computer Name = ppp-PC | Source = WinMgmt | ID = 10

Description =

Error - 2009-07-08 15:46:46 | Computer Name = ppp-PC | Source = WinMgmt | ID = 10

Description =

Error - 2009-07-09 04:03:31 | Computer Name = ppp-PC | Source = WinMgmt | ID = 10

Description =

Error - 2009-07-09 06:22:13 | Computer Name = ppp-PC | Source = WinMgmt | ID = 10

Description =

Error - 2009-07-09 07:18:56 | Computer Name = ppp-PC | Source = WinMgmt | ID = 10

Description =

[System Events]

Error - 2009-07-05 15:40:30 | Computer Name = ppp-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001

Description =

Error - 2009-07-06 05:17:16 | Computer Name = ppp-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001

Description =

Error - 2009-07-06 07:27:55 | Computer Name = ppp-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001

Description =

Error - 2009-07-06 13:50:00 | Computer Name = ppp-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001

Description =

Error - 2009-07-06 16:09:55 | Computer Name = ppp-PC | Source = Dhcp | ID = 1002

Description = Serwer DHCP 192.168.1.1 odmówił dzierżawy adresu IP 192.168.1.102

dla karty sieciowej o adresie 0022439597A7. (Serwer DHCP wysłał komunikat DHCPNACK).

Error - 2009-07-07 04:17:17 | Computer Name = ppp-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001

Description =

Error - 2009-07-07 08:08:14 | Computer Name = ppp-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001

Description =

Error - 2009-07-07 11:38:29 | Computer Name = ppp-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001

Description =

Error - 2009-07-07 14:58:52 | Computer Name = ppp-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001

Description =

Error - 2009-07-07 15:07:14 | Computer Name = ppp-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001

Description =

< End of report >