No wiec zamieszczam nowe logi, dodaje również aktualny log z hijackthis. Ten wcześniejszy log z hijackthis który dałem, był "świeżym" logiem przed usunięciem przeze mnie wszystkich wpisów dotyczących google.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:52:20, on 2008-07-02
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.20733)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\G DATA InternetSecurity\AVK\AVKService.exe
C:\Program Files\G DATA InternetSecurity\AVK\AVKWCtl.exe
C:\Program Files\Executive Software\DiskeeperLite\DKService.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\G DATA\AVKProxy\AVKProxy.exe
C:\Program Files\G DATA InternetSecurity\Firewall\GDFwSvc.exe
C:\Program Files\ASUS\ASUS DH Remote\AsRc.exe
C:\Program Files\lognetmedia.pl\mL-903 ICON\IcMouse.exe
C:\Program Files\ASUS\ASUS DH Remote\AsDhRemote.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe
C:\PROGRA~1\NEOSTR~1\TaskBarIcon.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\G DATA InternetSecurity\AVKTray\AVKTray.exe
C:\Program Files\Multimedia Keyboard\PS2USBKbdDrv.exe
C:\Program Files\ASUS\AI Booster\OverClk.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Gadu-Gadu\gg.exe
C:\Program Files\LClock\lclock.exe
C:\Program Files\TuneUp Utilities 2006\MemOptimizer.exe
C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe
C:\Program Files\G DATA InternetSecurity\Firewall\GDFirewallTray.exe
C:\PROGRA~1\NEOSTR~1\neostradatp.exe
C:\PROGRA~1\NEOSTR~1\ComComp.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\PROGRA~1\NEOSTR~1\Toaster.exe
C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrv.exe
C:\PROGRA~1\NEOSTR~1\Inactivity.exe
C:\PROGRA~1\NEOSTR~1\PollingModule.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\PROGRA~1\NEOSTR~1\Watch.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.interia.pl/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\NEOSTR~1\SEARCH~1.DLL
O2 - BHO: G DATA WebFilter - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files\G DATA InternetSecurity\Webfilter\AvkWebIE.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O3 - Toolbar: G DATA WebFilter - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files\G DATA InternetSecurity\Webfilter\AvkWebIE.dll
O4 - HKLM\..\Run: [Ai Quicker Help] "C:\Program Files\ASUS\ASUS DH Remote\AsRc.exe"
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [mL-903 ICON] C:\Program Files\lognetmedia.pl\mL-903 ICON\IcMouse.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\NEOSTR~1\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\NEOSTR~1\Watch.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [AVKTray] "C:\Program Files\G DATA InternetSecurity\AVKTray\AVKTray.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [WireLessKeyboard ] C:\Program Files\Multimedia Keyboard\PS2USBKbdDrv.exe
O4 - HKLM\..\Run: [Launch Ai Booster] "C:\Program Files\ASUS\AI Booster\OverClk.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Gadu-Gadu] "C:\Program Files\Gadu-Gadu\gg.exe" /tray
O4 - HKCU\..\Run: [LClock] C:\Program Files\LClock\lclock.exe
O4 - HKCU\..\Run: [TuneUp MemOptimizer] "C:\Program Files\TuneUp Utilities 2006\MemOptimizer.exe" autostart
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe" -onlytray
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA LOKALNA')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'USŁUGA LOKALNA')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA SIECIOWA')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'USŁUGA SIECIOWA')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')
O4 - Global Startup: G DATA Firewall Tray.lnk = ?
O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O16 - DPF: {3D8700FB-86A4-4CB4-B738-6F0FC016AC7D} (MainControl Class) - http://slimak.onet.pl/_m/wirusy/ArcaOnline.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{D3E00E0A-A3CF-4139-A861-92148EC93CA3}: NameServer = 194.204.159.1 217.98.63.164
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVKProxy - G DATA Software AG - C:\Program Files\Common Files\G DATA\AVKProxy\AVKProxy.exe
O23 - Service: AVK Service (AVKService) - G DATA Software AG - C:\Program Files\G DATA InternetSecurity\AVK\AVKService.exe
O23 - Service: Strażnik AVK (AVKWCtl) - G DATA Software AG - C:\Program Files\G DATA InternetSecurity\AVK\AVKWCtl.exe
O23 - Service: Indexing Service (CiSvc) - Unknown owner - C:\WINDOWS\system32\cisvc.exe (file missing)
O23 - Service: Diskeeper - Executive Software International, Inc. - C:\Program Files\Executive Software\DiskeeperLite\DKService.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: G DATA Personal Firewall (GDFwSvc) - G DATA Software AG - C:\Program Files\G DATA InternetSecurity\Firewall\GDFwSvc.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: SiSoftware Database Agent Service (SandraDataSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite XII\Win32\RpcDataSrv.exe
O23 - Service: SiSoftware Sandra Agent Service (SandraTheSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite XII\RpcSandraSrv.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
--
End of file - 8364 bytes
ComboFix 07-08-03.4 - "Administrator" 2008-07-02 14:48:05.3 [GMT 2:00] - NTFS
Microsoft Windows XP Professional 5.1.2600.2.1250.1.1045.18.Prawda
((((((((((((((((((((((((( Files Created from 2008-06-02 to 2008-07-02 )))))))))))))))))))))))))))))))
2008-06-25 14:38 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\DANEAP~1\ATI
2008-06-25 14:35 593,920 --------- C:\WINDOWS\system32\ati2sgag.exe
2008-06-25 14:35 <DIR> d-------- C:\Program Files\ATI Technologies
2008-06-24 18:18 12,096 --a------ C:\WINDOWS\system32\drivers\AsInsHelp64.sys
2008-06-24 18:18 10,304 --a------ C:\WINDOWS\system32\drivers\AsInsHelp32.sys
2008-06-23 06:59 <DIR> d-------- C:\Program Files\FlashGet
2008-06-23 01:14 <DIR> d-------- C:\DOCUME~1\ADMINI~1\dwhelper
2008-06-22 11:00 <DIR> d-------- C:\Program Files\NAPI-PROJEKT
2008-06-11 06:30 32,377 --a------ C:\WINDOWS\system32\drivers\prodigy.sys
2008-06-11 06:30 <DIR> d-------- C:\Program Files\NSS
2008-06-10 10:58 <DIR> d-------- C:\Program Files\XP Codec Pack
2008-06-05 09:07 36,734 --a------ C:\WINDOWS\system32\OggDSuninst.exe
2008-06-03 08:20 3,100,160 --a------ C:\WINDOWS\system32\drivers\ati2mtag.sys
2008-06-03 05:46 10,276,864 --a------ C:\WINDOWS\system32\atioglx2.dll
2008-06-03 05:22 413,696 --a------ C:\WINDOWS\system32\ATIDEMGX.dll
2008-06-03 05:11 43,520 --a------ C:\WINDOWS\system32\ati2edxx.dll
2008-06-03 05:11 26,112 --a------ C:\WINDOWS\system32\Ati2mdxx.exe
2008-06-03 05:11 180,224 --a------ C:\WINDOWS\system32\atipdlxx.dll
2008-06-03 05:11 139,264 --a------ C:\WINDOWS\system32\Oemdspif.dll
2008-06-03 05:11 139,264 --a------ C:\WINDOWS\system32\ati2evxx.dll
2008-06-03 05:09 552,960 --a------ C:\WINDOWS\system32\ati2evxx.exe
2008-06-03 05:08 53,248 --a------ C:\WINDOWS\system32\ATIDDC.DLL
2008-06-03 05:04 245,760 --a------ C:\WINDOWS\system32\atiok3x2.dll
2008-06-03 05:02 307,200 --a------ C:\WINDOWS\system32\atiiiexx.dll
2008-06-03 04:47 887,724 --a------ C:\WINDOWS\system32\ativva6x.dat
2008-06-03 04:47 3,107,788 --a------ C:\WINDOWS\system32\ativvaxx.dat
2008-06-03 04:47 3,107,788 --a------ C:\WINDOWS\system32\ativva5x.dat
2008-06-03 04:33 48,128 --a------ C:\WINDOWS\system32\amdpcom32.dll
2008-06-03 04:29 348,160 --a------ C:\WINDOWS\system32\atikvmag.dll
2008-06-03 04:28 23,040 --a------ C:\WINDOWS\system32\atiadlxx.dll
2008-06-03 04:28 17,408 --a------ C:\WINDOWS\system32\atitvo32.dll
2008-06-03 04:27 49,152 --a------ C:\WINDOWS\system32\drivers\ati2erec.dll
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
2008-07-02 14:48 --------- d-------- C:\Program Files\neostrada tp
2008-07-02 10:51 523196 --a------ C:\WINDOWS\system32\perfh015.dat
2008-07-02 10:51 100004 --a------ C:\WINDOWS\system32\perfc015.dat
2008-06-24 18:18 --------- d--h----- C:\Program Files\InstallShield Installation Information
2008-06-24 18:18 --------- d-------- C:\Program Files\ASUS
2008-06-20 11:47 --------- d-------- C:\Program Files\Google
2008-06-15 14:03 --------- d-------- C:\DOCUME~1\ADMINI~1\DANEAP~1\Player
2008-06-15 14:01 --------- d-------- C:\Program Files\TuneUp Utilities 2006
2008-06-11 07:07 --------- d-------- C:\Program Files\Nokia
2008-06-11 07:07 --------- d-------- C:\Program Files\Common Files\Nokia
2008-06-03 05:21 306688 --a------ C:\WINDOWS\system32\ati2dvag.dll
2008-06-03 04:59 3500352 --a------ C:\WINDOWS\system32\ati3duag.dll
2008-06-03 04:48 2120832 --a------ C:\WINDOWS\system32\ativvaxx.dll
2008-06-03 04:21 557056 --a------ C:\WINDOWS\system32\ati2cqag.dll
2008-05-30 07:00 --------- d-------- C:\Program Files\SUPERAntiSpyware
2008-05-23 10:09 --------- d-------- C:\Program Files\Reference Assemblies
2008-05-23 10:09 --------- d-------- C:\Program Files\MSBuild
2008-05-16 23:19 --------- d-------- C:\DOCUME~1\ADMINI~1\DANEAP~1\Bioshock
2008-05-05 22:45 1160 --a------ C:\WINDOWS\mozver.dat
2008-05-03 02:11 --------- d-------- C:\DOCUME~1\ADMINI~1\DANEAP~1\Nokia Multimedia Player
2008-04-28 23:09 172033 --a------ C:\WINDOWS\system32\atiicdxx.dat
2008-04-09 02:00 4694 --a------ C:\WINDOWS\unins001.dat
2006-05-03 10:06:54 163,328 --sh--r C:\WINDOWS\system32\flvDX.dll
2007-02-21 11:47:16 31,744 --sh--r C:\WINDOWS\system32\msfDX.dll
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Ai Quicker Help"="C:\Program Files\ASUS\ASUS DH Remote\AsRc.exe" [2006-11-09 22:29]
"Alcmtr"="ALCMTR.EXE" [2005-05-03 12:43 C:\WINDOWS\Alcmtr.exe]
"mL-903 ICON"="C:\Program Files\lognetmedia.pl\mL-903 ICON\IcMouse.exe" [2007-07-15 21:43]
"RTHDCPL"="RTHDCPL.EXE" [2006-04-17 09:34 C:\WINDOWS\RTHDCPL.exe]
"SpeedTouch USB Diagnostics"="C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" [2004-01-26 12:38]
"WOOTASKBARICON"="C:\PROGRA~1\NEOSTR~1\GestMaj.exe" [2004-10-14 16:55]
"WOOWATCH"="C:\PROGRA~1\NEOSTR~1\Watch.exe" [2004-08-23 14:49]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2004-08-04 02:44 C:\WINDOWS\system32\bthprops.cpl]
"AVKTray"="C:\Program Files\G DATA InternetSecurity\AVKTray\AVKTray.exe" [2007-04-27 16:26]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 23:16]
"WireLessKeyboard "="C:\Program Files\Multimedia Keyboard\PS2USBKbdDrv.exe" [2005-05-14 21:10]
"Launch Ai Booster"="C:\Program Files\ASUS\AI Booster\OverClk.exe" [2006-12-08 15:24]
"StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-01-21 12:17]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 02:44]
"Gadu-Gadu"="C:\Program Files\Gadu-Gadu\gg.exe" [2007-07-09 09:39]
"LClock"="C:\Program Files\LClock\lclock.exe" [2004-09-19 20:27]
"TuneUp MemOptimizer"="C:\Program Files\TuneUp Utilities 2006\MemOptimizer.exe" [2006-10-05 17:09]
"PC Suite Tray"="C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe" [2008-03-28 11:20]
[HKEY_USERS\.default\software\microsoft\windows\currentversion\runonce]
"nltide_2"=regsvr32 /s /n /i:U shell32
"nltide_3"=rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N
C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\
G DATA Firewall Tray.lnk - C:\Program Files\G DATA InternetSecurity\Firewall\GDFirewallTray.exe [2008-02-08 12:39:39]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"DisableStatusMessages"=1 (0x1)
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoSMMyPictures"=1 (0x1)
"NoSMConfigurePrograms"=1 (0x1)
"NoSMHelp"=1 (0x1)
"NoRecentDocsMenu"=1 (0x1)
"NoRecentDocsHistory"=1 (0x1)
"NoStartBanner"=1 (0x1)
"NoLowDiskSpaceChecks"=1 (0x1)
"NoResolveTrack"=1 (0x1)
"LinkResolveIgnoreLinkInfo"=1 (0x1)
"NoResolveSearch"=1 (0x1)
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoSMMyPictures"=1 (0x1)
"NoSMConfigurePrograms"=1 (0x1)
"NoSMHelp"=1 (0x1)
"NoRecentDocsMenu"=1 (0x1)
"NoRecentDocsHistory"=1 (0x1)
"NoStartBanner"=1 (0x1)
"NoLowDiskSpaceChecks"=1 (0x1)
"NoResolveTrack"=1 (0x1)
"LinkResolveIgnoreLinkInfo"=1 (0x1)
"NoResolveSearch"=1 (0x1)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll 2007-04-19 14:41 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"Nokia.PCSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PCSync2.exe" /NoDialog
"PcSync"=C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
"PC Suite Tray"="C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe" -onlytray
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
"DAEMON Tools"="C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
R0 GDNdisIc;GDNdisIc;C:\WINDOWS\system32\drivers\GDNdisIc.sys
R0 Si3112;Si3112;C:\WINDOWS\system32\drivers\Si3112.sys
R1 AsIO;AsIO;C:\WINDOWS\system32\drivers\AsIO.sys
R1 SASDIFSV;SASDIFSV;\??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
R1 SASKUTIL;SASKUTIL;\??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys
R2 AVKProxy;AVKProxy;"C:\Program Files\Common Files\G DATA\AVKProxy\AVKProxy.exe"
R2 AVKService;AVK Service;C:\Program Files\G DATA InternetSecurity\AVK\AVKService.exe
R2 AVKWCtl;Straľnik AVK;C:\Program Files\G DATA InternetSecurity\AVK\AVKWCtl.exe
R2 GDTdiInterceptor;GDTdiInterceptor;\??\C:\WINDOWS\system32\drivers\GDTdiIcpt.sys
R2 rspndr;Responder odnajdywania topologii warstwy Ącza;C:\WINDOWS\system32\DRIVERS\rspndr.sys
R2 UxTuneUp;TuneUp Design Expansion;C:\WINDOWS\System32\svchost.exe -k netsvcs
R3 alcan5wn;SpeedTouch USB ADSL PPP Networking Driver (NDISWAN);C:\WINDOWS\system32\DRIVERS\alcan5wn.sys
R3 GDFwSvc;G DATA Personal Firewall;C:\Program Files\G DATA InternetSecurity\Firewall\GDFwSvc.exe
R3 GDMnIcpt;GDMnIcpt;\??\C:\WINDOWS\system32\drivers\MiniIcpt.sys
R3 HookCentre;HookCentre;\??\C:\WINDOWS\system32\drivers\HookCentre.sys
R3 MTsensor;ATK0110 ACPI UTILITY;C:\WINDOWS\system32\DRIVERS\ASACPI.sys
R3 RTLWUSB;Realtek RTL8187 Wireless 802.11g 54Mbps USB 2.0 Network Adapter;C:\WINDOWS\system32\DRIVERS\RTL8187.sys
R3 USBSTOR;Sterownik magazynu masowego USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
S3 BTHMODEM;Sterownik Bluetooth Serial Communications;C:\WINDOWS\system32\DRIVERS\bthmodem.sys
S3 cpuz129;cpuz129;\??\C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\cpuz_x32.sys
S3 IcMousef;USB ICON Mouse filter driver;C:\WINDOWS\system32\DRIVERS\IcMousef.sys
S3 idsvc;Windows CardSpace;"C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe"
S3 nmwcd;Nokia USB Phone Parent;C:\WINDOWS\system32\drivers\ccdcmb.sys
S3 nmwcdc;Nokia USB Generic;C:\WINDOWS\system32\drivers\ccdcmbo.sys
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;C:\WINDOWS\system32\drivers\nmwcdnsu.sys
S3 nmwcdnsuc;Nokia USB Flashing Generic;C:\WINDOWS\system32\drivers\nmwcdnsuc.sys
S3 PCAMPR5;PCAMPR5 NDIS Protocol Driver;\??\C:\WINDOWS\system32\PCAMPR5.SYS
S3 pccsmcfd;PCCS Mode Change Filter Driver;C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys
S3 PRODIGY;PRODIGY;C:\WINDOWS\system32\Drivers\PRODIGY.SYS
S3 RFCOMM;UrzĄdzenie Bluetooth (Protok˘ TDI RFCOMM);C:\WINDOWS\system32\DRIVERS\rfcomm.sys
S3 SANDRA;SANDRA;\??\C:\Program Files\SiSoftware\SiSoftware Sandra Lite XII\Sandra.sys
S3 SASENUM;SASENUM;\??\C:\Program Files\SUPERAntiSpyware\SASENUM.SYS
S3 SDTHOOK;SDTHOOK;C:\WINDOWS\system32\DRIVERS\SDTHOOK.sys
S3 SjyPkt;SjyPkt;\??\C:\WINDOWS\System32\Drivers\SjyPkt.sys
S3 upperdev;upperdev;C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys
S3 usbser;Nokia USB Serial Port;C:\WINDOWS\system32\DRIVERS\usbser.sys
S3 UsbserFilt;UsbserFilt;C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys
S3 Wdf01000;Wdf01000;C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service;"C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalService WebClient LmHosts upnphost SSDPSRV
bthsvcs BthServ
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
Contents of the 'Scheduled Tasks' folder
2008-06-27 15:15:00 C:\WINDOWS\Tasks\1-Click Maintenance.job - C:\Program Files\TuneUp Utilities 2006\SystemOptimizer.exe
**************************************************************************
catchme 0.3.1061 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-07-02 14:49:18
Windows 5.1.2600 Dodatek Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden registry entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
Completion time: 2008-07-02 14:50:36
--- E O F ---