Witam.Otóż mam pewien problem…Wczoraj skanuje komputer i patrzę znalazło mi 3 trojany…Znajdują się one mniej więcej w folderze cookie.Zaglądałem tam i nic tam nie ma.Wcześniejsze stronki usunąłem ale to nić nie dało.Próbowałem różnymi programami je usuwać lecz albo się nie dało albo w ogóle ich nie wykrywało.Dlatego zwracam się do Was o pomoc i jeśli macie chęci to mi pomóżcie.
O to logi: (nie jestem pewien czy to to)
ComboFix 09-07-12.03 - ppp 2009-07-13 11:03:38.1.2 - NTFSx86
Microsoft® Windows Vista™ Home Basic 6.0.6002.2.1250.48.1045.18.3036.1747 [GMT 2:00]
Uruchomiony z: C:\Users\ppp\Desktop\ComboFix.exe
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.
((((((((((((((((((((((((((((((((((((((( Usunięto )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\WINDOWS\Installer\21634.msi
C:\Windows\system32\acovcnt.exe
C:\Windows\system32\sqlite3.dll
.
((((((((((((((((((((((((( Pliki utworzone od 2009-06-13 do 2009-07-13 )))))))))))))))))))))))))))))))
.
2009-07-12 16:02:06 . 2009-06-16 10:40:58 89104 ----a-w- C:\ProgramData\Symantec\Definitions\SymcData\virusdefs-2.5-e\20090712.003\NAVENG.SYS
2009-07-12 16:02:06 . 2009-06-16 10:40:58 876144 ----a-w- C:\ProgramData\Symantec\Definitions\SymcData\virusdefs-2.5-e\20090712.003\NAVEX15.SYS
2009-07-12 16:02:06 . 2009-06-16 10:40:58 750 ----a-w- C:\ProgramData\Symantec\Definitions\SymcData\virusdefs-2.5-e\20090712.003\hub.scr
2009-07-12 16:02:06 . 2009-06-16 10:40:58 371248 ----a-w- C:\ProgramData\Symantec\Definitions\SymcData\virusdefs-2.5-e\20090712.003\EECTRL.SYS
2009-07-12 16:02:06 . 2009-06-16 10:40:58 259368 ----a-w- C:\ProgramData\Symantec\Definitions\SymcData\virusdefs-2.5-e\20090712.003\ECMSVR32.DLL
2009-07-12 16:02:06 . 2009-06-16 10:40:58 2414128 ----a-w- C:\ProgramData\Symantec\Definitions\SymcData\virusdefs-2.5-e\20090712.003\CCERASER.DLL
2009-07-12 16:02:06 . 2009-06-16 10:40:58 177520 ----a-w- C:\ProgramData\Symantec\Definitions\SymcData\virusdefs-2.5-e\20090712.003\NAVENG32.DLL
2009-07-12 16:02:06 . 2009-06-16 10:40:58 1181040 ----a-w- C:\ProgramData\Symantec\Definitions\SymcData\virusdefs-2.5-e\20090712.003\NAVEX32A.DLL
2009-07-12 16:02:06 . 2009-06-16 10:40:58 101936 ----a-w- C:\ProgramData\Symantec\Definitions\SymcData\virusdefs-2.5-e\20090712.003\ERASER.SYS
2009-07-07 21:53:24 . 2009-02-09 19:47:12 456192 ----a-w- C:\Windows\system32\drivers\CHDRT32.sys
2009-07-05 23:34:14 . 2009-07-05 23:34:24 0 d-----w- C:\Users\ppp\AppData\Roaming\Replay Explorer
2009-07-05 13:55:48 . 2009-07-05 13:55:38 410984 ----a-w- C:\Windows\system32\deploytk.dll
2009-07-04 16:25:10 . 2009-07-13 08:51:58 0 d-----w- C:\Program Files\Common Files\Symantec Shared
2009-07-04 16:25:07 . 2009-07-13 08:51:48 0 d-----w- C:\Program Files\Norton Security Scan
2009-07-04 12:13:13 . 2009-07-04 12:13:13 0 d-----w- C:\Windows\system32\Adobe
2009-07-02 21:16:50 . 2009-07-02 21:16:53 0 d-----w- C:\ProgramData\LightScribe
2009-07-02 18:19:40 . 2009-07-02 18:39:38 45515 ----a-w- C:\Windows\War3Unin.dat
2009-07-02 18:19:40 . 2009-07-02 18:39:10 2829 ----a-w- C:\Windows\War3Unin.pif
2009-07-02 18:19:39 . 2009-07-02 18:39:10 139264 ----a-w- C:\Windows\War3Unin.exe
2009-07-02 08:20:03 . 2009-07-02 08:20:03 0 d-----w- C:\Users\ppp\AppData\Roaming\OpenFM
2009-07-01 19:36:47 . 2009-07-02 19:48:00 0 d-----w- C:\Users\ppp\AppData\Roaming\Skype
2009-07-01 19:36:14 . 2009-07-01 19:36:19 0 d-----w- C:\ProgramData\Skype
2009-07-01 15:53:04 . 2009-07-01 15:53:04 0 d-----w- C:\Users\Public\CyberLink
2009-07-01 15:52:57 . 2009-07-01 15:52:57 0 d-----w- C:\ProgramData\ASUSTek
2009-07-01 15:43:24 . 2009-07-01 15:45:31 0 d-----w- C:\Users\ppp\AppData\Roaming\Winamp
2009-07-01 15:32:54 . 2009-07-01 16:53:58 0 d-----w- C:\Users\ppp\AppData\Roaming\Nowe Gadu-Gadu
2009-07-01 15:24:50 . 2009-07-01 15:24:50 0 d-----w- C:\ProgramData\ASUS
2009-07-01 15:24:47 . 2009-07-01 15:24:47 0 d-----w- C:\Users\ppp\AppData\Local\ASUS
2009-07-01 15:24:05 . 2009-07-01 15:24:05 0 d-----w- C:\Users\ppp\AppData\Local\SRS Labs
2009-07-01 15:23:29 . 2009-07-01 15:23:56 0 d-----w- C:\Users\ppp\AppData\Local\Adobe
2009-07-01 15:19:59 . 2009-07-01 15:19:59 0 d-----w- C:\Users\ppp\AppData\Local\Mozilla
2009-07-01 15:07:32 . 2009-07-01 15:09:21 0 d-----w- C:\Users\ppp\AppData\Local\Microsoft Games
2009-07-01 15:00:25 . 2009-07-05 17:25:11 0 d-----w- C:\Users\ppp\AppData\Local\Google
2009-07-01 11:21:22 . 2009-07-01 11:21:59 0 d-----w- C:\Windows\system32\ca-ES
2009-07-01 11:21:21 . 2009-07-01 11:21:54 0 d-----w- C:\Windows\system32\eu-ES
2009-07-01 11:21:20 . 2009-07-01 11:21:50 0 d-----w- C:\Windows\system32\vi-VN
2009-07-01 11:09:18 . 2009-07-01 11:09:18 0 d-----w- C:\Windows\system32\EventProviders
2009-07-01 11:06:59 . 2009-04-11 06:32:54 122344 ----a-w- C:\Windows\system32\drivers\Storport.sys
2009-07-01 11:05:24 . 2009-04-11 06:28:18 247808 ----a-w- C:\Windows\system32\drvstore.dll
2009-07-01 10:31:47 . 2009-07-01 10:31:47 0 d-----w- C:\Program Files\Microsoft Silverlight
2009-07-01 10:21:41 . 2009-05-09 05:34:34 71680 ----a-w- C:\Windows\system32\iesetup.dll
2009-07-01 10:21:40 . 2009-05-09 05:50:28 915456 ----a-w- C:\Windows\system32\wininet.dll
2009-07-01 09:47:03 . 2008-07-27 18:03:17 41984 ----a-w- C:\Windows\system32\netfxperf.dll
2009-07-01 09:36:54 . 2009-07-13 09:08:14 56680 ----a-w- C:\Windows\system32\rpcnet.dll
2009-07-01 09:36:54 . 2009-07-11 15:57:26 56680 ----a-w- C:\Windows\system32\rpcnet.exe
2009-07-01 09:30:12 . 2009-04-21 11:39:47 2034688 ----a-w- C:\Windows\system32\win32k.sys
2009-07-01 09:29:24 . 2009-04-23 12:14:10 623616 ----a-w- C:\Windows\system32\localspl.dll
2009-07-01 09:29:23 . 2009-04-23 12:15:07 784896 ----a-w- C:\Windows\system32\rpcrt4.dll
2009-07-01 09:14:42 . 2008-10-16 21:13:38 1809944 ----a-w- C:\Windows\system32\wuaueng.dll
2009-07-01 09:14:42 . 2008-10-16 21:09:43 51224 ----a-w- C:\Windows\system32\wuauclt.exe
2009-07-01 09:14:42 . 2008-10-16 21:09:43 43544 ----a-w- C:\Windows\system32\wups2.dll
2009-07-01 09:14:42 . 2008-10-16 20:56:28 1524736 ----a-w- C:\Windows\system32\wucltux.dll
2009-07-01 09:14:35 . 2008-10-16 21:12:19 561688 ----a-w- C:\Windows\system32\wuapi.dll
2009-07-01 09:14:35 . 2008-10-16 21:08:57 34328 ----a-w- C:\Windows\system32\wups.dll
2009-07-01 09:14:35 . 2008-10-16 20:55:59 83456 ----a-w- C:\Windows\system32\wudriver.dll
2009-07-01 09:14:31 . 2008-10-16 12:08:00 162064 ----a-w- C:\Windows\system32\wuwebv.dll
2009-07-01 09:14:31 . 2008-10-16 11:56:04 31232 ----a-w- C:\Windows\system32\wuapp.exe
2009-07-01 09:05:56 . 2009-07-01 09:05:56 0 d-----w- C:\Users\ppp\Bluetooth Software
2009-07-01 09:05:45 . 2009-07-01 09:05:45 0 d-----w- C:\Users\ppp\AppData\Local\Power2Go
2009-07-01 09:04:23 . 2009-07-02 18:55:22 0 d-----w- C:\Users\ppp\AppData\Local\VirtualStore
2009-07-01 09:01:22 . 2009-07-01 09:01:22 0 dc----w- C:\Windows\system32\DRVSTORE
2009-07-01 09:01:22 . 2008-12-08 15:01:52 55264 ----a-w- C:\Windows\system32\drivers\fssfltr.sys
2009-07-01 09:00:29 . 2006-11-29 11:06:18 3426072 ----a-w- C:\Windows\system32\d3dx9_32.dll
2009-07-01 09:00:12 . 2009-07-01 09:00:12 0 d-----w- C:\Program Files\Microsoft SQL Server Compact Edition
2009-07-01 08:58:53 . 2009-07-01 09:01:30 0 d-----w- C:\Program Files\Microsoft
2009-07-01 08:58:37 . 2009-07-01 08:58:37 0 d-----w- C:\Program Files\Windows Live SkyDrive
2009-07-01 08:58:31 . 2009-07-01 09:01:21 0 d-----w- C:\Program Files\Windows Live
2009-07-01 08:57:34 . 2009-07-01 08:57:34 0 d-----w- C:\Program Files\Common Files\Windows Live
2009-07-01 08:55:54 . 2009-07-02 20:13:57 0 d-----w- C:\Program Files\Common Files\Adobe
.
(((((((((((((((((((((((((((((((((((((((( Sekcja Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-07-13 09:08:16 . 2009-05-09 05:01:19 17408 ----a-w- C:\Windows\system32\rpcnetp.exe
2009-07-13 09:07:15 . 2009-05-09 05:37:10 5092 ----a-w- C:\Windows\bthservsdp.dat
2009-07-13 08:37:19 . 2008-04-17 09:47:57 662056 ----a-w- C:\Windows\system32\perfh015.dat
2009-07-13 08:37:19 . 2008-04-17 09:47:57 126908 ----a-w- C:\Windows\system32\perfc015.dat
2009-07-11 15:54:49 . 2009-05-09 05:03:47 17408 ----a-w- C:\Windows\system32\rpcnetp.dll
2009-07-07 21:56:14 . 2009-05-09 05:38:33 0 d-----w- C:\Program Files\CONEXANT
2009-07-05 16:10:00 . 2009-07-05 16:10:00 0 d-----w- C:\ProgramData\Symantec
2009-07-02 21:14:39 . 2009-05-09 05:26:42 0 d-----w- C:\ProgramData\Norton
2009-07-02 20:13:17 . 2009-05-09 06:27:10 0 d-----w- C:\ProgramData\P4G
2009-07-02 20:13:16 . 2006-11-02 12:35:51 0 d-----w- C:\Program Files\Windows Sidebar
2009-07-02 20:13:16 . 2006-11-02 12:35:51 0 d-----w- C:\Program Files\Windows Photo Gallery
2009-07-02 20:13:16 . 2006-11-02 12:35:51 0 d-----w- C:\Program Files\Windows Defender
2009-07-02 20:13:16 . 2006-11-02 12:35:51 0 d-----w- C:\Program Files\Windows Collaboration
2009-07-02 20:13:16 . 2006-11-02 12:35:51 0 d-----w- C:\Program Files\Windows Calendar
2009-07-02 20:13:16 . 2006-11-02 11:18:33 0 d-----w- C:\Program Files\Windows Mail
2009-07-01 15:52:56 . 2009-05-09 05:25:51 0 d-----w- C:\ProgramData\CyberLink
2009-07-01 11:21:08 . 2006-11-02 10:25:05 665600 ----a-w- C:\Windows\inf\drvindex.dat
2009-07-01 10:45:37 . 2009-05-09 05:13:05 0 d-----w- C:\ProgramData\Microsoft Help
2009-07-01 10:12:18 . 2009-07-01 08:54:21 99864 ----a-w- C:\Users\ppp\AppData\Local\GDIPFONTCACHEV1.DAT
2009-07-01 09:58:51 . 2009-05-09 05:16:24 0 d-----w- C:\Program Files\Microsoft Works
2009-07-01 09:29:55 . 2009-07-01 09:29:55 0 ----a-w- C:\Windows\system32\drivers\1043_ASUSTeK_F52Q.alu
2009-05-28 09:23:14 . 2009-05-28 09:23:14 42088 ----a-w- C:\Users\ppp\AppData\Roaming\Nowe Gadu-Gadu_userdata\ggbho.1.dll
2009-05-28 08:34:30 . 2009-05-28 08:34:30 11264 ----a-w- C:\Users\ppp\AppData\Roaming\Nowe Gadu-Gadu_userdata\npgg.1.dll
2009-05-09 06:31:17 . 2009-05-09 06:31:17 4814371 ----a-w- C:\Windows\ASUS Camera ScreenSaver.exe
2009-05-09 06:31:17 . 2009-05-09 06:31:17 47672 ----a-w- C:\Windows\AsScrProlog.exe
2009-05-09 06:31:17 . 2009-05-09 06:31:17 281144 ----a-w- C:\Windows\ASUS Camera ScreenSaver Uninstaller.exe
2009-05-09 06:31:16 . 2009-05-09 06:31:16 520192 ----a-w- C:\Windows\system32\Asus_Camera_ScreenSaver.scr
2009-05-09 06:27:30 . 2009-05-09 06:27:30 30264 ----a-w- C:\Windows\system32\drivers\AsDsm.sys
2009-05-09 05:38:18 . 2009-05-09 05:38:18 18904 ----a-w- C:\Windows\system32\StructuredQuerySchemaTrivial.bin
2009-05-09 05:30:22 . 2009-05-09 05:30:22 6656 ----a-w- C:\Windows\system32\kbd106n.dll
2009-05-09 05:28:12 . 2009-05-09 05:28:02 157168 ----a-w- C:\ProgramData\Partner\partner.dll
2009-05-09 05:28:12 . 2009-05-09 05:28:02 110576 ----a-w- C:\ProgramData\Partner\partner.exe
2009-05-09 05:25:07 . 2009-05-09 05:25:08 36864 ----a-w- C:\ProgramData\Temp{40BF1E83-20EB-11D8-97C5-0009C5020658}\PostBuild.exe
2009-05-09 05:24:14 . 2009-05-09 05:24:24 53319 ----a-w- C:\ProgramData\Temp{5DB1DF0C-AABC-4362-8A6D-CEFDFB036E41}\PostBuild.exe
2009-04-08 17:31:56 . 2009-04-08 17:31:56 106496 ----a-w- C:\Program Files\Common Files\CPInstallAction.dll
2008-05-22 15:35:54 . 2008-05-22 15:35:54 51962 ----a-w- C:\Program Files\Common Files\banner.jpg
2007-06-12 16:34:50 . 2007-06-12 16:34:50 35822 ----a-w- C:\Program Files\Common Files\ASPG_icon.ico
.
((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane
REGEDIT4
[HKEY_LOCAL_MACHINE~\Browser Helper Objects{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4}]
2009-05-09 05:28:12 157168 ----a-w- C:\ProgramData\Partner\partner.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-02 00:08:18 143360 ----a-w- C:\Program Files\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
“Sidebar”=“C:\Program Files\Windows Sidebar\sidebar.exe” [2009-04-11 06:28:03 1233920]
“LightScribe Control Panel”=“C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe” [2008-06-09 17:16:32 2363392]
“SRS Premium Sound”=“C:\Program Files\SRS Labs\SRS Premium Sound\SRSPremiumSoundBig_Small.exe” [2009-04-02 22:03:18 3405048]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
“Windows Defender”=“C:\Program Files\Windows Defender\MSASCui.exe” [2008-01-21 02:33:00 1008184]
“RemoteControl”=“C:\Program Files\ASUSTek\ASUSDVD\PDVDServ.exe” [2008-12-12 01:06:20 87336]
“LanguageShortcut”=“C:\Program Files\ASUSTek\ASUSDVD\Language\Language.exe” [2008-12-19 18:00:40 62760]
“CLMLServer”=“C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe” [2008-07-19 02:52:16 104936]
“P2Go_Menu”=“C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe” [2008-06-14 01:11:32 210216]
“IgfxTray”=“C:\Windows\system32\igfxtray.exe” [2009-03-05 04:06:21 141848]
“HotKeysCmds”=“C:\Windows\system32\hkcmd.exe” [2009-03-05 04:06:11 173592]
“Persistence”=“C:\Windows\system32\igfxpers.exe” [2009-03-05 04:06:19 150552]
“ETDWare”=“C:\Program Files\Elantech\ETDCtrl.exe” [2009-03-30 04:06:15 424864]
“HControlUser”=“C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe” [2008-08-18 17:56:22 98304]
“ATKOSD2”=“C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe” [2009-03-04 17:26:24 8392704]
“ATKMEDIA”=“C:\Program Files\ASUS\ATK Media\DMedia.exe” [2009-03-27 16:52:28 159744]
“ADSMTray”=“C:\Program Files\ASUS\ASUS Data Security Manager\ADSMTray.exe” [2008-04-01 06:09:30 266240]
“ACMON”=“C:\Program Files\ASUS\Splendid\ACMON.exe” [2008-10-01 06:02:48 851968]
“Wireless Console 3”=“C:\Program Files\ASUS\Wireless Console 3\wcourier.exe” [2009-02-06 23:13:16 1593344]
“ASUS Camera ScreenSaver”=“C:\Windows\AsScrProlog.exe” [2009-05-09 06:31:17 47672]
“Adobe Reader Speed Launcher”=“C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe” [2009-02-27 15:10:28 35696]
“SunJavaUpdateSched”=“D:\Programy\Java\bin\jusched.exe” [2009-07-05 13:55:38 148888]
“SmartAudio”=“C:\Program Files\CONEXANT\SMARTAUDIO\SMAUDIO.EXE” [2009-02-26 09:15:30 2742840]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe [2008-7-30 752168]
FancyStart daemon.lnk - C:\Windows\Installer{F9F20920-313D-4D6F-866B-2737B77E1857}_DC60F4E342E06843E7FCD0.exe [2009-5-9 12862]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
“EnableUIADesktopToggle”= 0 (0x0)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@=“Service”
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
“VistaSp2”=hex(b):8e,44,b3,06,3f,fa,c9,01
[HKLM~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
“{E475629F-F7EF-4F42-8189-04B57875A2B2}”= TCP:6004|C:\Program Files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook
“{A63DB396-3D73-4EC8-9FE4-14DAD0A9089C}”= C:\Program Files\ASUSTek\ASUSDVD\PowerDVD.EXE:CyberLink PowerDVD
“{C22094E9-19F6-4F7B-ABE1-9E73737A6DD8}”= C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:Windows Live Sync
“{2020221C-47E4-4555-B5BC-1CBCE9EEFF95}”= D:\Programy\SKype\Phone\Skype.exe:Skype
“TCP Query User{0A8D555B-C3A2-4608-87C4-11CB4DB8312B}D:\programy\gg\gg.exe”= UDP:D:\programy\gg\gg.exe:Nowe Gadu-Gadu
“UDP Query User{B462CD9B-BACA-40B4-890E-A2C6D0E4D3D3}D:\programy\gg\gg.exe”= TCP:D:\programy\gg\gg.exe:Nowe Gadu-Gadu
“TCP Query User{F852F028-711F-4664-A804-FEFC69570E3C}D:\gry\warcraft iii\war3.exe”= UDP:D:\gry\warcraft iii\war3.exe:Warcraft III
“UDP Query User{61A1497F-1AC7-4FEB-92D6-4CD032813E1C}D:\gry\warcraft iii\war3.exe”= TCP:D:\gry\warcraft iii\war3.exe:Warcraft III
“TCP Query User{7300FA07-4015-4DB0-A0AB-81FF730838DE}D:\programy\java\bin\java.exe”= UDP:D:\programy\java\bin\java.exe:Java Platform SE binary
“UDP Query User{FFCC6B5F-0EE8-4A1B-8CD9-2816AD473544}D:\programy\java\bin\java.exe”= TCP:D:\programy\java\bin\java.exe:Java Platform SE binary
R0 lullaby;lullaby;C:\Windows\System32\drivers\lullaby.sys [2009-05-09 08:24:34 15416]
R3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\System32\drivers\btwl2cap.sys [2009-05-09 08:09:51 29736]
R3 ETD;ELAN PS/2 Port Input Device;C:\Windows\System32\drivers\ETD.sys [2009-03-30 09:33:17 129536]
R3 SRS_PremiumSound_Service;SRS Labs Premium Sound;C:\Windows\System32\drivers\SRS_PremiumSound_i386.sys [2009-05-09 08:23:54 233128]
S3 fssfltr;FssFltr;C:\Windows\System32\drivers\fssfltr.sys [2009-07-01 11:01:22 55264]
S3 fsssvc;Bezpieczeństwo rodzinne usługi Windows Live;C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2008-12-08 17:01:58 533344]
S3 IntcHdmiAddService;Intel® High Definition Audio HDMI;C:\Windows\System32\drivers\IntcHdmi.sys [2008-09-21 23:49:35 112128]
S3 Partner Service;Partner Service;C:\ProgramData\Partner\partner.exe [2009-05-09 07:28:02 110576]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
bthsvcs REG_MULTI_SZ BthServ
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
“C:\Windows\System32\rundll32.exe” “C:\Windows\System32\iedkcs32.dll”,BrandIEActiveSetup SIGNUP
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
“C:\Program Files\Common Files\LightScribe\LSRunOnce.exe”
.
Zawartość folderu ‘Zaplanowane zadania’
2009-07-12 C:\Windows\Tasks\Norton Security Scan for ppp.job
- C:\Program Files\Norton Security Scan\Nss.exe [2009-03-13 03:53:16 . 2009-06-10 15:20:58]
.
-
-
-
- USUNIĘTO PUSTE WPISY - - - -
-
-
HKLM-Run-WinampAgent - D:\Programy\Winamp\winampa.exe
.
------- Skan uzupełniający -------
.
uStart Page = hxxp://www.google.com/ig/redirectdomain … &bmod=ASUS
mStart Page = hxxp://www.google.com/ig/redirectdomain … &bmod=ASUS
IE: Add to Google Photos Screensa&ver - C:\Windows\system32\GPhotos.scr/200
FF - ProfilePath - C:\Users\ppp\AppData\Roaming\Mozilla\Firefox\Profiles\jy04j57w.default\
FF - plugin: C:\Program Files\Google\Picasa3\npPicasa3.dll
FF - plugin: C:\Program Files\Microsoft\Office Live\npOLW.dll
FF - plugin: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\ppp\AppData\Roaming\Nowe Gadu-Gadu_userdata\npgg.1.dll
FF - plugin: D:\Programy\Java\bin\new_plugin\npdeploytk.dll
FF - plugin: D:\Programy\Java\bin\new_plugin\npjp2.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF - HiddenExtension: Java Console: No Registry Reference - D:\Programy\Mozilla\extensions{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-07-13 11:08:57
Windows 6.0.6002 Service Pack 2 NTFS
skanowanie ukrytych procesów …
skanowanie ukrytych wpisów autostartu …