Moze ktos mi pomoc,ciagle pokazuje mi ze jest trojan PWS.Tanspy.

Logfile of HijackThis v1.99.1 Scan saved at 13:11:01, on 2007-07-05 Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16473) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe C:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program Files\Common Files\Symantec Shared\ccApp.exe C:\Program Files\Roxio\Easy Media Creator 7\Drag to Disc\DrgToDsc.exe C:\Program Files\Spyware Doctor\SDTrayApp.exe C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\Norton AntiVirus\navapsvc.exe C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe C:\Program Files\Spyware Doctor\svcntaux.exe C:\Program Files\Common Files\Teleca Shared\CapabilityManager.exe C:\Program Files\Spyware Doctor\swdsvc.exe C:\Program Files\Gadu-Gadu\gg.exe C:\Program Files\Common Files\Teleca Shared\Generic.exe C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe C:\Program Files\Skype\Plugin Manager\skypePM.exe C:\WINDOWS\System32\alg.exe C:\Program Files\Windows Media Player\wmplayer.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Common Files\Symantec Shared\NMain.exe C:\PROGRA~1\NORTON~1\navw32.exe C:\DOCUME~1\admin1\USTAWI~1\Temp\Katalog tymczasowy 1 dla hijackthis.zip\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.com.pl/0SEPLPL/SAOS01?FORM=TOOLBR R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [SetRefresh] C:\Program Files\Compaq\SetRefresh\SetRefresh.exe O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program Files\Roxio\Easy Media Creator 7\Drag to Disc\DrgToDsc.exe" O4 - HKLM\..\Run: [SDTray] "C:\Program Files\Spyware Doctor\SDTrayApp.exe" O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [Gadu-Gadu] "C:\Program Files\Gadu-Gadu\gg.exe" /tray O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O11 - Options group: [INTERNATIONAL] International* O16 - DPF: {34F12AFD-E9B5-492A-85D2-40FA4535BE83} (AxProdInfoCtl Class) - http://www.symantec.com/techsupp/activedata/nprdtinf.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1182602852671 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1182602716906 O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{2F474B24-FDDB-4D6A-9BC8-ED49FB3F48C1}: NameServer = 212.244.130.1 194.204.152.34 O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe O23 - Service: Harmonogram automatycznej usługi LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe O23 - Service: Spyware Doctor Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\svcntaux.exe O23 - Service: Spyware Doctor Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe

Odpowiedzi: 1

To ciąg dalszy poprzedniego tematu ??
Żółty
Dodano
05.07.2007 16:24:31
  • poranek 05.07.2007 20:00:46

    [quote=Żółty]To ciąg dalszy poprzednieDeckard's System Scanner v20070611.50 Run by admin1 on 2007-07-05 at 14:02:31 Computer is in Normal Mode. -------------------------------------------------------------------------------- Tak ciag dalszy -- System Restore -------------------------------------------------------------- Successfully created a Deckard's System Scanner Restore Point. -- Last 5 Restore Point(s) -- 30: 2007-07-05 12:03:21 UTC - RP30 - Deckard's System Scanner Restore Point 29: 2007-07-03 06:47:30 UTC - RP29 - Punkt kontrolny systemu 28: 2007-06-29 11:36:47 UTC - RP28 - Installed Sony Ericsson PC Suite 1.20.173 27: 2007-06-29 11:32:07 UTC - RP27 - Installed Disc2Phone 26: 2007-06-28 10:48:27 UTC - RP26 - Punkt kontrolny systemu -- First Restore Point -- 1: 2007-06-23 09:10:09 UTC - RP1 - Punkt kontrolny systemu Backed up registry hives. Performed disk cleanup. -- HijackThis (run as admin1.exe) ---------------------------------------------- Logfile of HijackThis v1.99.1 Scan saved at 14:04:45, on 2007-07-05 Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16473) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe C:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program Files\Common Files\Symantec Shared\ccApp.exe C:\Program Files\Roxio\Easy Media Creator 7\Drag to Disc\DrgToDsc.exe C:\Program Files\Spyware Doctor\SDTrayApp.exe C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\Norton AntiVirus\navapsvc.exe C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe C:\Program Files\Spyware Doctor\svcntaux.exe C:\Program Files\Common Files\Teleca Shared\CapabilityManager.exe C:\Program Files\Spyware Doctor\swdsvc.exe C:\Program Files\Gadu-Gadu\gg.exe C:\Program Files\Common Files\Teleca Shared\Generic.exe C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe C:\Program Files\Skype\Plugin Manager\skypePM.exe C:\WINDOWS\System32\alg.exe C:\WINDOWS\system32\svchost.exe C:\Documents and Settings\admin1\Pulpit\dss.exe C:\PROGRA~1\HIJACK~1\admin1.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.com.pl/0SEPLPL/SAOS01?FORM=TOOLBR R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [SetRefresh] C:\Program Files\Compaq\SetRefresh\SetRefresh.exe O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program Files\Roxio\Easy Media Creator 7\Drag to Disc\DrgToDsc.exe" O4 - HKLM\..\Run: [SDTray] "C:\Program Files\Spyware Doctor\SDTrayApp.exe" O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [Gadu-Gadu] "C:\Program Files\Gadu-Gadu\gg.exe" /tray O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O11 - Options group: [INTERNATIONAL] International* O16 - DPF: {34F12AFD-E9B5-492A-85D2-40FA4535BE83} (AxProdInfoCtl Class) - http://www.symantec.com/techsupp/activedata/nprdtinf.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1182602852671 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1182602716906 O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{2F474B24-FDDB-4D6A-9BC8-ED49FB3F48C1}: NameServer = 212.244.130.1 194.204.152.34 O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe O23 - Service: Harmonogram automatycznej usługi LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe O23 - Service: Spyware Doctor Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\svcntaux.exe O23 - Service: Spyware Doctor Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe -- File Associations ----------------------------------------------------------- [COLOR=red].cpl - cplfile - shell\cplopen\command - rundll32.exe shell32.dll,Control_RunDLL "%1",%*[/COLOR] [COLOR=red].cpl - cplfile - shell\runas\command - rundll32.exe shell32.dll,Control_RunDLLAsUser "%1",%*[/COLOR] -- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------- R1 DVDVRRdr_xp - c:\windows\system32\drivers\dvdvrrdr_xp.sys <Not Verified; Windows (R) 2000 DDK provider; Windows (R) 2000 DDK driver> R3 Iviaspi (IVI ASPI Shell) - c:\windows\system32\drivers\iviaspi.sys <Not Verified; InterVideo, Inc.; InterVideo ASPI Shell> R3 Pfc (Padus ASPI Shell) - c:\windows\system32\drivers\pfc.sys <Not Verified; Padus, Inc.; Padus(R) ASPI Shell> S3 catchme - c:\docume~1\admin1\ustawi~1\temp\catchme.sys (file missing) -- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled -------------------- All services whitelisted. -- Scheduled Tasks ------------------------------------------------------------- 2007-06-23 11:22:18 562 --a------ C:\WINDOWS\Tasks\Norton AntiVirus - Skanuj komputer - admin1.job -- Files created between 2007-06-05 and 2007-07-05 ----------------------------- 2007-07-04 22:06:35 0 d-------- C:\Emule pobrane 2007-07-04 21:54:35 0 d-------- C:\Program Files\eMule 2007-07-02 09:46:32 0 d-------- C:\WINDOWS\Sun 2007-06-30 21:21:23 21840 --a-----t C:\WINDOWS\system32\SIntfNT.dll 2007-06-30 21:21:23 17212 --a-----t C:\WINDOWS\system32\SIntf32.dll 2007-06-30 21:21:23 12067 --a-----t C:\WINDOWS\system32\SIntf16.dll 2007-06-30 21:12:59 34150 --a------ C:\WINDOWS\DIIUnin.dat 2007-06-30 21:12:53 2829 --a------ C:\WINDOWS\DIIUnin.pif 2007-06-30 21:12:53 106496 --a------ C:\WINDOWS\DIIUnin.exe <Not Verified; Blizzard Entertainment; Deinstalacja Diablo II> 2007-06-30 20:56:58 0 d-------- C:\Program Files\Diablo II 2007-06-29 13:40:48 0 d-------- C:\Program Files\Common Files\Teleca Shared 2007-06-29 13:40:35 0 d-------- C:\Program Files\Sony Ericsson 2007-06-29 13:37:06 0 d------c- C:\WINDOWS\system32\DRVSTORE 2007-06-29 13:32:13 0 d-------- C:\Program Files\Disc2Phone 2007-06-27 19:18:15 18682 --a------ C:\WINDOWS\DIIDUnin.dat 2007-06-27 19:18:12 2829 --a------ C:\WINDOWS\DIIDUnin.pif 2007-06-27 19:18:12 102400 --a------ C:\WINDOWS\DIIDUnin.exe <Not Verified; Blizzard Entertainment; Diablo II Uninstaller> 2007-06-26 17:11:56 0 d-------- C:\Program Files\DivX 2007-06-25 18:22:04 1156 --a------ C:\WINDOWS\mozver.dat 2007-06-25 18:14:20 0 --a------ C:\WINDOWS\nsreg.dat 2007-06-25 08:07:20 0 d-------- C:\Program Files\Spyware Doctor 2007-06-24 13:27:21 0 d-------- C:\Program Files\Microsoft CAPICOM 2.1.0.2 2007-06-24 13:25:28 0 d-------- C:\Program Files\MSXML 4.0 2007-06-24 12:46:36 0 d-------- C:\Program Files\Windows Media Connect 2 2007-06-24 12:45:38 0 d-------- C:\WINDOWS\system32\LogFiles 2007-06-24 12:45:38 0 d-------- C:\WINDOWS\system32\drivers\UMDF 2007-06-24 12:14:30 0 d-------- C:\WINDOWS\RegisteredPackages 2007-06-24 12:00:32 0 d-------- C:\Program Files\Windows Live Toolbar 2007-06-23 19:41:33 0 d-------- C:\WINDOWS\WinSxS 2007-06-23 19:41:33 0 dr------- C:\WINDOWS\Web 2007-06-23 19:41:33 0 d-------- C:\WINDOWS\twain_32 2007-06-23 19:41:33 0 d---s---- C:\WINDOWS\Tasks 2007-06-23 19:41:33 0 d-------- C:\WINDOWS\system32\xircom 2007-06-23 19:41:33 0 d-------- C:\WINDOWS\system32\wins 2007-06-23 19:41:33 0 d-------- C:\WINDOWS\system32\wbem 2007-06-23 19:41:33 0 d-------- C:\WINDOWS\system32\usmt 2007-06-23 19:41:33 0 d-------- C:\WINDOWS\system32\spool 2007-06-23 19:41:33 0 d-------- C:\WINDOWS\system32\ShellExt 2007-06-23 19:41:32 0 d-------- C:\WINDOWS\system32\Setup 2007-06-23 19:41:32 0 d-------- C:\WINDOWS\system32\Restore 2007-06-23 19:41:32 0 d-------- C:\WINDOWS\system32\ras 2007-06-23 19:41:32 0 d-------- C:\WINDOWS\system32\oobe 2007-06-23 19:41:32 0 d-------- C:\WINDOWS\system32\npp 2007-06-23 19:41:32 0 d-------- C:\WINDOWS\system32\mui 2007-06-23 19:41:32 0 d-------- C:\WINDOWS\system32\MsDtc 2007-06-23 19:41:32 0 d---s---- C:\WINDOWS\system32\Microsoft 2007-06-23 19:41:32 0 d-------- C:\WINDOWS\system32\Macromed 2007-06-23 19:41:32 0 d-------- C:\WINDOWS\system32\inetsrv 2007-06-23 19:41:32 0 d-------- C:\WINDOWS\system32\IME 2007-06-23 19:41:32 0 d-------- C:\WINDOWS\system32\icsxml 2007-06-23 19:41:32 0 d-------- C:\WINDOWS\system32\ias 2007-06-23 19:41:32 0 d-------- C:\WINDOWS\system32\export 2007-06-23 19:41:31 0 d-------- C:\WINDOWS\system32 2007-06-23 19:41:31 0 d-------- C:\WINDOWS\system32\drivers 2007-06-23 19:41:31 0 d-------- C:\WINDOWS\system32\drivers\etc 2007-06-23 19:41:31 0 d-------- C:\WINDOWS\system32\drivers\disdn 2007-06-23 19:41:31 0 dr-hs---- C:\WINDOWS\system32\dllcache 2007-06-23 19:41:31 0 d-------- C:\WINDOWS\system32\DirectX 2007-06-23 19:41:31 0 d-------- C:\WINDOWS\system32\dhcp 2007-06-23 19:41:31 0 d-------- C:\WINDOWS\system32\config 2007-06-23 19:41:31 0 d-------- C:\WINDOWS\system32\Com 2007-06-23 19:41:31 0 d-------- C:\WINDOWS\system32\CatRoot2 2007-06-23 19:41:31 0 d-------- C:\WINDOWS\system32\CatRoot 2007-06-23 19:41:31 0 d-------- C:\WINDOWS\system32\3com_dmi 2007-06-23 19:41:31 0 d-------- C:\WINDOWS\system32\3076 2007-06-23 19:41:31 0 d-------- C:\WINDOWS\system32\2052 2007-06-23 19:41:31 0 d-------- C:\WINDOWS\system32\1054 2007-06-23 19:41:31 0 d-------- C:\WINDOWS\system32\1045 2007-06-23 19:41:31 0 d-------- C:\WINDOWS\system32\1042 2007-06-23 19:41:31 0 d-------- C:\WINDOWS\system32\1041 2007-06-23 19:41:31 0 d-------- C:\WINDOWS\system32\1037 2007-06-23 19:41:31 0 d-------- C:\WINDOWS\system32\1033 2007-06-23 19:41:31 0 d-------- C:\WINDOWS\system32\1031 2007-06-23 19:41:31 0 d-------- C:\WINDOWS\system32\1028 2007-06-23 19:41:31 0 d-------- C:\WINDOWS\system32\1025 2007-06-23 19:41:31 0 d-------- C:\WINDOWS\system 2007-06-23 19:41:31 0 d-------- C:\WINDOWS\srchasst 2007-06-23 19:41:31 0 d-------- C:\WINDOWS\SoftwareDistribution 2007-06-23 19:41:31 0 d-------- C:\WINDOWS\security 2007-06-23 19:41:31 0 d-------- C:\WINDOWS\Resources 2007-06-23 19:41:31 0 d-------- C:\WINDOWS\repair 2007-06-23 19:41:31 0 d-------- C:\WINDOWS\Registration 2007-06-23 19:41:31 0 d-------- C:\WINDOWS\Provisioning 2007-06-23 19:41:31 0 d-------- C:\WINDOWS\Prefetch 2007-06-23 19:41:31 0 d-------- C:\WINDOWS\PeerNet 2007-06-23 19:41:30 0 d-------- C:\WINDOWS\pchealth 2007-06-23 19:41:30 0 dr------- C:\WINDOWS\Offline Web Pages 2007-06-23 19:41:30 0 d-------- C:\WINDOWS\mui 2007-06-23 19:41:30 0 d-------- C:\WINDOWS\msapps 2007-06-23 19:41:30 0 d-------- C:\WINDOWS\msagent 2007-06-23 19:41:30 0 d-------- C:\WINDOWS\Media 2007-06-23 19:41:30 0 d-------- C:\WINDOWS\java 2007-06-23 19:41:30 0 d--hs---- C:\WINDOWS\Installer 2007-06-23 19:41:29 0 d-------- C:\WINDOWS 2007-06-23 19:41:29 0 d--h----- C:\WINDOWS\inf 2007-06-23 19:41:29 0 d-------- C:\WINDOWS\ime 2007-06-23 19:41:29 0 d-------- C:\WINDOWS\Help 2007-06-23 19:41:29 0 dr--s---- C:\WINDOWS\Fonts 2007-06-23 19:41:29 0 d-------- C:\WINDOWS\Driver Cache 2007-06-23 19:41:29 0 d---s---- C:\WINDOWS\Downloaded Program Files 2007-06-23 19:41:29 0 d-------- C:\WINDOWS\Debug 2007-06-23 19:41:29 0 d-------- C:\WINDOWS\Cursors 2007-06-23 19:41:29 0 d-------- C:\WINDOWS\Connection Wizard 2007-06-23 19:41:29 0 d-------- C:\WINDOWS\Config 2007-06-23 19:41:29 0 d-------- C:\WINDOWS\AppPatch 2007-06-23 19:41:29 0 d-------- C:\WINDOWS\addins 2007-06-23 19:41:29 0 d--hs---- C:\System Volume Information 2007-06-23 19:41:29 0 d--h----- C:\Program Files\WindowsUpdate 2007-06-23 19:41:29 0 d-------- C:\Program Files\Windows NT 2007-06-23 19:41:29 0 d-------- C:\Program Files\Usługi online 2007-06-23 19:41:29 0 d-------- C:\Program Files\MSN Gaming Zone 2007-06-23 19:41:29 0 d-------- C:\Program Files\Movie Maker 2007-06-23 19:41:29 0 d-------- C:\Program Files\microsoft frontpage 2007-06-23 19:41:29 0 d-------- C:\Program Files\Messenger 2007-06-23 19:41:29 0 d-------- C:\Program Files\Common Files\SpeechEngines 2007-06-23 19:41:29 0 d-------- C:\Program Files\Common Files\ODBC 2007-06-23 19:41:29 0 d-------- C:\Program Files\Common Files\MSSoap 2007-06-23 19:41:28 0 dr------- C:\Program Files 2007-06-23 19:41:28 0 d-------- C:\Documents and Settings 2007-06-23 19:41:27 0 d-------- C:\Cpqapps 2007-06-23 19:17:45 0 d-------- C:\i386 2007-06-23 19:13:07 0 d-------- C:\Compaq 2007-06-23 19:12:04 0 d--h----- C:\SYSTEM.SAV 2007-06-23 17:15:45 0 d-------- C:\My Downloads 2007-06-23 15:52:45 0 d-------- C:\WINDOWS\system32\pl-pl 2007-06-23 15:49:48 0 d-------- C:\WINDOWS\network diagnostic 2007-06-23 15:09:16 0 d-------- C:\WINDOWS\system32\PreInstall 2007-06-23 15:09:14 0 d--h----- C:\WINDOWS\$hf_mig$ 2007-06-23 14:42:41 0 d-------- C:\WINDOWS\system32\SoftwareDistribution 2007-06-23 12:42:02 0 d-------- C:\Program Files\Gadu-Gadu 2007-06-23 12:28:19 0 d-------- C:\Program Files\BearShare Applications 2007-06-23 12:22:55 0 d-------- C:\Program Files\Google 2007-06-23 12:22:49 0 d-------- C:\Program Files\Skype 2007-06-23 12:22:49 0 d-------- C:\Program Files\Common Files\Skype 2007-06-23 12:15:40 10368 -----n--- C:\WINDOWS\system32\drivers\pfc.sys <Not Verified; Padus, Inc.; Padus(R) ASPI Shell> 2007-06-23 12:15:39 21060 -----n--- C:\WINDOWS\system32\drivers\iviaspi.sys <Not Verified; InterVideo, Inc.; InterVideo ASPI Shell> 2007-06-23 12:14:53 0 d-------- C:\Program Files\Macrovision Corp 2007-06-23 12:01:21 0 d-------- C:\Program Files\Roxio 2007-06-23 12:01:11 0 d-------- C:\Program Files\Common Files\Roxio Shared 2007-06-23 11:56:39 0 d-------- C:\WINDOWS\Profiles 2007-06-23 11:56:26 306688 --a------ C:\WINDOWS\IsUninst.exe <Not Verified; InstallShield Software Corporation; InstallShield® unInstaller> 2007-06-23 11:54:12 0 d-------- C:\Program Files\Common Files\LightScribe 2007-06-23 11:52:35 0 d-------- C:\Program Files\Common Files\Adobe 2007-06-23 11:51:25 0 d-------- C:\WINDOWS\Cache 2007-06-23 11:30:28 0 d-------- C:\Program Files\SymNetDrv 2007-06-23 11:12:54 0 d-------- C:\Program Files\Norton AntiVirus 2007-06-23 11:12:20 0 d-------- C:\Program Files\Symantec 2007-06-23 11:12:18 0 d-------- C:\Program Files\Common Files\Symantec Shared 2007-06-23 11:09:53 0 d-------- C:\Program Files\Skróty programów 2007-06-23 10:58:01 278 --a------ C:\WINDOWS\logonper2.reg 2007-06-23 10:58:01 192 --a------ C:\WINDOWS\logoffper2.reg 2007-06-23 10:56:47 307200 --a------ C:\WINDOWS\IsUn0415.exe <Not Verified; InstallShield Software Corporation; InstallShield® unInstaller> 2007-06-23 10:56:18 0 d-------- C:\Program Files\Compaq 2007-06-23 10:54:46 0 d-------- C:\Program Files\HPQ 2007-06-23 10:54:34 204800 --a------ C:\WINDOWS\system32\IVIresizeW7.dll 2007-06-23 10:54:34 188416 --a------ C:\WINDOWS\system32\IVIresizePX.dll 2007-06-23 10:54:34 192512 --a------ C:\WINDOWS\system32\IVIresizeP6.dll 2007-06-23 10:54:34 192512 --a------ C:\WINDOWS\system32\IVIresizeM6.dll 2007-06-23 10:54:34 200704 --a------ C:\WINDOWS\system32\IVIresizeA6.dll 2007-06-23 10:54:34 20480 --a------ C:\WINDOWS\system32\IVIresize.dll 2007-06-23 10:54:30 0 d-------- C:\Program Files\InterVideo 2007-06-23 10:54:26 0 -rahs---- C:\MSDOS.SYS 2007-06-23 10:54:26 0 -rahs---- C:\IO.SYS 2007-06-23 10:53:55 40448 --a------ C:\WINDOWS\system32\ChCfg.exe 2007-06-23 10:53:55 208896 --a------ C:\WINDOWS\alcupd.exe <Not Verified; Realtek Semiconductor Corp.; Update Application for Realtek AC'97> 2007-06-23 10:53:55 139264 --a------ C:\WINDOWS\alcrmv.exe <Not Verified; Realtek Semiconductor Corp.; Realtek AC'97 Removing Tool> 2007-06-23 10:53:42 0 d-------- C:\Program Files\Broadcom 2007-06-23 10:53:40 0 d-------- C:\WINDOWS\Downloaded Installations 2007-06-23 10:53:25 0 d-------- C:\Program Files\ATI Technologies 2007-06-23 10:52:59 0 d--h----- C:\Program Files\InstallShield Installation Information 2007-06-23 10:52:59 0 d-------- C:\Program Files\AMD 2007-06-23 10:52:57 0 d-------- C:\Program Files\Common Files\InstallShield 2007-06-23 10:52:08 0 d-------- C:\Program Files\Java 2007-06-23 10:52:07 0 d-------- C:\Program Files\Common Files\Java 2007-06-23 10:49:29 0 d-------- C:\WINDOWS\system32\URTTemp 2007-06-23 10:47:58 0 d-------- C:\WINDOWS\system32\ReinstallBackups -- Find3M Report --------------------------------------------------------------- 2007-07-05 13:50:14 0 d-------- C:\Documents and Settings\admin1\Dane aplikacji\Skype 2007-07-05 08:00:14 0 d-------- C:\Documents and Settings\admin1\Dane aplikacji\BearShare 2007-07-02 09:46:32 0 d-------- C:\Documents and Settings\admin1\Dane aplikacji\Sun 2007-06-29 13:42:50 0 d-------- C:\Documents and Settings\admin1\Dane aplikacji\Teleca 2007-06-29 13:24:12 0 d-------- C:\Documents and Settings\admin1\Dane aplikacji\Adobe 2007-06-25 18:14:31 0 d-------- C:\Documents and Settings\admin1\Dane aplikacji\Talkback 2007-06-25 18:14:14 0 d-------- C:\Documents and Settings\admin1\Dane aplikacji\Mozilla 2007-06-25 09:34:40 0 d-------- C:\Documents and Settings\admin1\Dane aplikacji\Macromedia 2007-06-25 08:07:20 0 d-------- C:\Documents and Settings\admin1\Dane aplikacji\PC Tools 2007-06-24 15:43:11 436322 --a------ C:\WINDOWS\system32\perfh015.dat 2007-06-24 15:43:11 67298 --a------ C:\WINDOWS\system32\perfc015.dat 2007-06-24 09:29:12 0 d-------- C:\Documents and Settings\admin1\Dane aplikacji\Gadu-Gadu 2007-06-23 19:49:24 0 d-------- C:\Documents and Settings\admin1\Dane aplikacji\InterVideo 2007-06-23 19:41:28 0 d-------- C:\Documents and Settings\admin1\Dane aplikacji\Identities 2007-06-23 15:42:40 0 d-------- C:\Documents and Settings\admin1\Dane aplikacji\Roxio 2007-06-23 12:37:16 0 d-------- C:\Documents and Settings\admin1\Dane aplikacji\Google 2007-06-23 11:56:37 0 d-------- C:\Documents and Settings\admin1\Dane aplikacji\InterTrust 2007-06-23 11:16:07 0 d-------- C:\Documents and Settings\admin1\Dane aplikacji\Symantec 2007-05-31 08:44:55 823296 --a------ C:\WINDOWS\system32\divx_xx07.dll <Not Verified; DivX, Inc.; DivX®> 2007-05-31 08:44:54 802816 --a------ C:\WINDOWS\system32\divx_xx11.dll <Not Verified; DivX, Inc.; DivX?> 2007-05-31 08:44:54 823296 --a------ C:\WINDOWS\system32\divx_xx0c.dll <Not Verified; DivX, Inc.; DivX®> 2007-05-31 08:44:54 740442 --a------ C:\WINDOWS\system32\DivX.dll <Not Verified; DivX, Inc.; DivX®> 2007-04-23 02:15:29 3596288 --a------ C:\WINDOWS\system32\qt-dx331.dll 2007-04-23 02:02:34 196608 --a------ C:\WINDOWS\system32\dtu100.dll <Not Verified; DivX, Inc.; DivX, Inc. dtu100> 2007-04-23 02:02:34 73728 --a------ C:\WINDOWS\system32\dpl100.dll <Not Verified; DivX, Inc.; DivX, Inc. dpl100> 2007-04-23 02:01:47 12288 --a------ C:\WINDOWS\system32\DivXWMPExtType.dll -- Registry Dump --------------------------------------------------------------- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects] {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx {22BF413B-C6D2-4d91-82A9-A0F997BA588C} C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll {BDF3E430-B101-42AD-A544-FADC6B084872} C:\Program Files\Norton AntiVirus\NavShExt.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run] "ATIPTA"="C:\\Program Files\\ATI Technologies\\ATI Control Panel\\atiptaxx.exe" "SetRefresh"="C:\\Program Files\\Compaq\\SetRefresh\\SetRefresh.exe" "ccApp"="\"C:\\Program Files\\Common Files\\Symantec Shared\\ccApp.exe\"" "Symantec NetDriver Monitor"="C:\\PROGRA~1\\SYMNET~1\\SNDMon.exe /Consumer" "RoxioDragToDisc"="\"C:\\Program Files\\Roxio\\Easy Media Creator 7\\Drag to Disc\\DrgToDsc.exe\"" "SDTray"="\"C:\\Program Files\\Spyware Doctor\\SDTrayApp.exe\"" @="" "Sony Ericsson PC Suite"="\"C:\\Program Files\\Sony Ericsson\\Mobile2\\Application Launcher\\Application Launcher.exe\" /startoptions" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run] "CTFMON.EXE"="C:\\WINDOWS\\system32\\ctfmon.exe" "MSMSGS"="\"C:\\Program Files\\Messenger\\msmsgs.exe\" /background" "Skype"="\"C:\\Program Files\\Skype\\Phone\\Skype.exe\" /nosplash /minimized" "Gadu-Gadu"="\"C:\\Program Files\\Gadu-Gadu\\gg.exe\" /tray" [HKEY_USERS\.default\software\microsoft\windows\currentversion\run] "CTFMON.EXE"="C:\\WINDOWS\\system32\\CTFMON.EXE" HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa Authentication Packages REG_MULTI_SZ msv1_0\0\0 Security Packages REG_MULTI_SZ kerberos\0msv1_0\0schannel\0wdigest\0\0 Notification Packages REG_MULTI_SZ scecli\0\0 HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\sdauxservice HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\sdcoreservice [HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost] HTTPFilter REG_MULTI_SZ HTTPFilter\0\0 LocalService REG_MULTI_SZ Alerter\0WebClient\0LmHosts\0RemoteRegistry\0upnphost\0SSDPSRV\0\0 NetworkService REG_MULTI_SZ DnsCache\0\0 DcomLaunch REG_MULTI_SZ DcomLaunch\0TermService\0\0 rpcss REG_MULTI_SZ RpcSs\0\0 imgsvc REG_MULTI_SZ StiSvc\0\0 termsvcs REG_MULTI_SZ TermService\0\0 WudfServiceGroup REG_MULTI_SZ WUDFSvc\0\0 -- End of Deckard's System Scanner: finished at 2007-07-05 at 14:05:55 --------- go tematu ??[/quote]

poranek
Dodano:
05.07.2007 15:19:54
Komentarzy:
1
Strona 1 / 1