combo nadal nie działa, log z dssa
sorry, że tak późno, ale miałem mało czasu
Deckard's System Scanner v20071014.68
Run by Administrator on 2008-03-28 15:05:12
Computer is in Normal Mode.
--------------------------------------------------------------------------------
-- System Restore --------------------------------------------------------------
Successfully created a Deckard's System Scanner Restore Point.
-- Last 5 Restore Point(s) --
13: 2008-03-28 14:05:22 UTC - RP13 - Deckard's System Scanner Restore Point
12: 2008-03-28 09:47:16 UTC - RP12 - Punkt kontrolny systemu
11: 2008-03-25 09:43:03 UTC - RP11 - Punkt kontrolny systemu
10: 2008-03-23 22:48:00 UTC - RP10 - Software Distribution Service 3.0
9: 2008-03-23 18:42:48 UTC - RP9 - Punkt kontrolny systemu
-- First Restore Point --
1: 2008-03-18 17:44:03 UTC - RP1 - Punkt kontrolny systemu
Backed up registry hives.
Performed disk cleanup.
-- HijackThis Clone ------------------------------------------------------------
Emulating logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2008-03-28 15:07:03
Platform: Windows XP Dodatek Service Pack 2 (5.01.2600)
MSIE: Internet Explorer (7.00.6000.16608)
Boot mode: Normal
Running processes:
C:\WINDOWS\system32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\brsvc01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\brss01a.exe
C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcSrv.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe
C:\WINDOWS\soundman.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\USB Disk Win98 Driver\Res.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Last.fm\LastFMHelper.exe
C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Gadu-Gadu\gg.exe
C:\Program Files\Opera\Opera.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\Rar$EX00.750\HijackThis.exe
C:\Documents and Settings\Administrator\Dane aplikacji\Opera\Opera\profile\cache4\temporary_download\dss.exe
C:\WINDOWS\system32\notepad.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.gazetawyborcza.pl/0,0.html?p=4
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [PRONoMgr.exe] C:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\issch.exe" -start
O4 - HKLM\..\Run: [USB Storage Toolbox] C:\Program Files\USB Disk Win98 Driver\Res.EXE
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [nLite] %systemroot%\inf\nlite.cmd (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [nLite] %systemroot%\inf\nlite.cmd (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: Last.fm Helper.lnk = C:\Program Files\Last.fm\LastFMHelper.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Cisco Systems VPN Client.lnk = ?
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: AMV convert tool grab multimedia file - C:\Program Files\MP3 Player Utilities 5.02\AMVConverter\grab.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\npjpi160_01.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\npjpi160_01.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {1A781DED-C22D-4153-3213-A3211E29DF13} (GameDesire Card Games) - http://67.15.101.33/g_bin/pl/cards_2_0_0_77.cab
O16 - DPF: {2B6A3140-7073-11D5-8F79-0080C8D7EC11} (GameDesire Proxy) - http://gryonline.wp.pl/g_bin/ginuser_pl_2_0_0_3.cab
O16 - DPF: {41ACD49D-1974-791A-0981-AA9872721044} (Ganymede Board Games) - http://67.15.101.33/g_bin/pl/boards_2_0_0_35.cab
O16 - DPF: {70B410C0-BADA-11D4-8308-0080C8D7ED4A} (GameDesire Bridge) - http://67.15.101.33/g_bin/pl/bridge_2_0_0_24.cab
O16 - DPF: {AC120B1D-9411-4111-AF52-118052D85D45} (GameDesire Darts Games) - http://67.15.101.33/g_bin/pl/darts_2_0_0_42.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O17 - HKLM\SYSTEM\CCS\Services\Tcpip\..\{AB3A6E4E-C0E8-4483-B49A-81AE0D7F2A5B}: NameServer = 194.204.159.1,194.204.152.34
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll
O23 - Service: Abel - Unknown owner - C:\Program Files\Cain\Abel.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktopManager.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Process Monitor (LVPrcSrv) - Unknown owner - C:\Program Files\Common
O23 - Service: LVSrvLauncher - Unknown owner - C:\Program Files\Common
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\NCS\Sync\NetSvc.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\svcntaux.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
--
End of file - 9638 bytes
-- File Associations -----------------------------------------------------------
.cpl - cplfile - shell\cplopen\command - rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.cpl - cplfile - shell\runas\command - rundll32.exe shell32.dll,Control_RunDLLAsUser "%1",%*
-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------
R1 atitray - c:\program files\radeon omega drivers\v3.8.360\ati tray tools\atitray.sys
R1 ISODrive (ISO DVD/CD-ROM Device Driver) - c:\program files\ultraiso\drivers\isodrive.sys <Not Verified; EZB Systems, Inc.; ISODrive>
R2 ACEDRV07 - c:\windows\system32\drivers\acedrv07.sys <Not Verified; Protect Software GmbH; >
R2 atksgt - c:\windows\system32\drivers\atksgt.sys
R2 cpqdfw (Diagnostics Driver) - c:\windows\system32\drivers\cpqdfw.sys
R2 cq_mem (Diagnostics Memory Driver) - c:\windows\system32\drivers\cq_mem.sys <Not Verified; Microsoft Corporation; Microsoft(R) Windows NT(TM) Operating System>
R2 cqcpu (Diagnostics CPU Driver) - c:\windows\system32\drivers\cqcpu.sys <Not Verified; Microsoft Corporation; Microsoft(R) Windows NT(TM) Operating System>
R2 lirsgt - c:\windows\system32\drivers\lirsgt.sys
S3 ASPI (Advanced SCSI Programming Interface Driver) - c:\windows\system32\drivers\aspi32.sys <Not Verified; Adaptec; Adaptec's ASPI Layer>
S3 FTDIBUS (USB Serial Converter Driver) - c:\windows\system32\drivers\ftdibus.sys <Not Verified; FTDI Ltd.; FT8U232AX>
S3 FTSER2K (USB Serial Port Driver) - c:\windows\system32\drivers\ftser2k.sys <Not Verified; FTDI Ltd.; FT8U232AX>
S3 NPF (NetGroup Packet Filter Driver) - c:\windows\system32\drivers\npf.sys <Not Verified; CACE Technologies; WinPcap Netgroup Packet Filter Driver>
S3 SE2Ebus (Sony Ericsson Device 046 Driver driver (WDM)) - c:\windows\system32\drivers\se2ebus.sys <Not Verified; MCCI; Sony Ericsson Device 046 Driver>
S3 SE2Emdfl (Sony Ericsson Device 046 USB WMC Modem Filter) - c:\windows\system32\drivers\se2emdfl.sys <Not Verified; MCCI; Sony Ericsson Device 046 USB WMC Modem Filter Driver>
S3 SE2Emdm (Sony Ericsson Device 046 USB WMC Modem Driver) - c:\windows\system32\drivers\se2emdm.sys <Not Verified; MCCI; Sony Ericsson Device 046 USB WMC Data Modem>
S3 SE2Emgmt (Sony Ericsson Device 046 USB WMC Device Management Drivers (WDM)) - c:\windows\system32\drivers\se2emgmt.sys <Not Verified; MCCI; Sony Ericsson Device 046 USB WMC Device Management>
S3 se2End5 (Sony Ericsson Device 046 USB Ethernet Emulation SEMC46 (NDIS)) - c:\windows\system32\drivers\se2end5.sys <Not Verified; MCCI; Sony Ericsson Device 046 USB Ethernet Emulation>
S3 SE2Eobex (Sony Ericsson Device 046 USB WMC OBEX Interface) - c:\windows\system32\drivers\se2eobex.sys <Not Verified; MCCI; Sony Ericsson Device 046 USB WMC OBEX Interface>
S3 se2Eunic (Sony Ericsson Device 046 USB Ethernet Emulation SEMC46 (WDM)) - c:\windows\system32\drivers\se2eunic.sys <Not Verified; MCCI; Sony Ericsson Device 046 USB Ethernet Emulation>
-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------
S2 Abel - c:\program files\cain\abel.exe (file missing)
S3 rpcapd (Remote Packet Capture Protocol v.0 (experimental)) - "c:\program files\winpcap\rpcapd.exe" -d -f "c:\program files\winpcap\rpcapd.ini" <Not Verified; CACE Technologies; Remote Packet Capture Daemon>
S3 ServiceLayer - "c:\program files\common files\pcsuite\services\servicelayer.exe" <Not Verified; Nokia.; PC Connectivity Solution>
-- Device Manager: Disabled ----------------------------------------------------
Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Description: Kontroler PCI Simple Communications
Device ID: PCI\VEN_11D4&DEV_1805&SUBSYS_180511D4&REV_00\4&1F7DBC9F&0&10F0
Manufacturer:
Name: Kontroler PCI Simple Communications
PNP Device ID: PCI\VEN_11D4&DEV_1805&SUBSYS_180511D4&REV_00\4&1F7DBC9F&0&10F0
Service:
Class GUID: {4D36E970-E325-11CE-BFC1-08002BE10318}
Description: M-Systems DiskOnChip 2000
Device ID: ROOT\MTD\0000
Manufacturer: M-Systems Flash Disk Pioneers
Name: M-Systems DiskOnChip 2000
PNP Device ID: ROOT\MTD\0000
Service: tffsport
Class GUID: {4D36E970-E325-11CE-BFC1-08002BE10318}
Description: M-Systems DiskOnChip 2000
Device ID: ROOT\MTD\0001
Manufacturer: M-Systems Flash Disk Pioneers
Name: M-Systems DiskOnChip 2000
PNP Device ID: ROOT\MTD\0001
Service: tffsport
Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: Cisco Systems VPN Adapter
Device ID: ROOT\NET\0001
Manufacturer: Cisco Systems
Name: Cisco Systems VPN Adapter
PNP Device ID: ROOT\NET\0001
Service: CVirtA
Class GUID: {4D36E978-E325-11CE-BFC1-08002BE10318}
Description: Port komunikacyjny
Device ID: ROOT\PORTS\0000
Manufacturer: (Standardowe typy portów)
Name: Port komunikacyjny (COM12)
PNP Device ID: ROOT\PORTS\0000
Service: Serial
-- Scheduled Tasks -------------------------------------------------------------
2008-03-26 20:51:03 424 --a------ C:\WINDOWS\Tasks\Norton Security Scan.job
2008-03-21 21:00:52 406 --a------ C:\WINDOWS\Tasks\1-Click Maintenance.job
-- Files created between 2008-02-28 and 2008-03-28 -----------------------------
2008-03-21 11:32:31 0 d-------- C:\Program Files\MP4TOOL
2008-03-21 11:19:56 0 d-------- C:\Program Files\AVIConverter
2008-03-20 11:57:37 0 d-------- C:\Program Files\MP3 Player Utilities 5.02
2008-03-20 11:50:33 0 d-------- C:\Program Files\USB Disk Win98 Driver
2008-03-19 19:32:40 0 d-------- C:\Program Files\PITy
2008-03-19 19:25:20 0 d-------- C:\Program Files\PITy2007
2008-02-29 15:08:53 0 d-------- C:\Program Files\Common Files\Symantec Shared
-- Find3M Report ---------------------------------------------------------------
2008-03-28 14:57:12 0 d-------- C:\Documents and Settings\Administrator\Dane aplikacji\foobar2000
2008-03-28 09:01:54 421378 --a------ C:\WINDOWS\system32\perfh015.dat
2008-03-28 09:01:54 58886 --a------ C:\WINDOWS\system32\perfc015.dat
2008-03-26 18:00:01 0 d-------- C:\Program Files\Norton Security Scan
2008-03-20 11:50:35 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-03-09 12:06:52 0 d-------- C:\Program Files\Gadu-Gadu <GADU-G~1>
2008-02-29 15:08:53 0 d-------- C:\Program Files\Common Files
2008-02-20 19:00:47 0 d-------- C:\Program Files\eMule
2008-02-19 12:15:56 0 d-------- C:\Documents and Settings\Administrator\Dane aplikacji\temp
2008-02-17 02:32:29 3450 --a------ C:\WINDOWS\unins001.dat
2008-02-17 02:30:59 691545 --a------ C:\WINDOWS\unins001.exe
2008-02-16 00:02:31 0 d-------- C:\Documents and Settings\Administrator\Dane aplikacji\Hamachi
2008-02-15 16:16:39 0 d-------- C:\Program Files\Winamp
2008-02-15 16:16:17 0 d-------- C:\Program Files\Last.fm
2008-02-15 13:14:39 0 d-------- C:\Program Files\Hamachi
2008-02-13 12:36:58 0 d-------- C:\Program Files\TacView
2008-02-12 11:02:51 0 d-------- C:\Documents and Settings\Administrator\Dane aplikacji\teamspeak2
2008-02-12 11:02:49 0 d-------- C:\Program Files\Teamspeak2_RC2
2008-02-09 19:57:11 0 d-------- C:\Program Files\Ganymede
2008-02-01 16:17:49 0 d-------- C:\Documents and Settings\Administrator\Dane aplikacji\Skype
-- Registry Dump ---------------------------------------------------------------
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-12-04 14:00]
"PRONoMgr.exe"="C:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe" [2003-03-11 16:24]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 11:50]
"SoundMan"="SOUNDMAN.EXE" [2007-04-16 15:28 C:\WINDOWS\soundman.exe]
"ISUSPM Startup"="C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-06-16 05:03]
"ISUSScheduler"="C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\issch.exe" [2004-06-16 05:03]
"USB Storage Toolbox"="C:\Program Files\USB Disk Win98 Driver\Res.EXE" [2005-09-14 20:44]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LDM"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [2007-07-27 09:48]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2002-12-31 13:00]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-01-28 11:43]
[HKEY_USERS\.default\software\microsoft\windows\currentversion\runonce]
"tscuninstall"=%systemroot%\system32\tscupgrd.exe
C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\
Adobe Gamma.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2007-01-26 13:32:28]
Last.fm Helper.lnk - C:\Program Files\Last.fm\LastFMHelper.exe [2007-10-10 18:29:19]
C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\
Adobe Gamma Loader.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2007-01-26 13:32:28]
Cisco Systems VPN Client.lnk - C:\Program Files\Cisco Systems\VPN Client\vpngui.exe [2007-07-24 20:36:48]
Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [2007-07-27 09:48:40]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE [1999-02-17 20:05:56]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"NoDispBackgroundPage"=0 (0x0)
"DisableRegistryTools"=0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"ForceClassicControlPanel"=1 (0x1)
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoSMBalloonTip"=1 (0x1)
"NoRecentDocsHistory"=1 (0x1)
"NoLowDiskSpaceChecks"=1 (0x1)
"MemCheckBoxInRunDlg"=0 (0x0)
"NoAutoTrayNotify"=0 (0x0)
"NoResolveTrack"=0 (0x0)
"NoResolveSearch"=1 (0x1)
"LinkResolveIgnoreLinkInfo"=1 (0x1)
"NoStartBanner"=01000000
"NoWelcomeScreen"=1 (0x1)
"NoRecentDocsNetHood"=1 (0x1)
"NoDesktopCleanupWizard"=1 (0x1)
"NoSharedDocuments"=1 (0x1)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Catcher]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ControlCenter2.0]
C:\Program Files\Brother\ControlCenter2\brctrcen.exe /autorun
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
%systemroot%\system32\dumprep 0 -k
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\WINDOWS\system32\NeroCheck.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PowerBar]
"C:\Program Files\CyberLink DVD Solution\Multimedia Launcher\PowerBar.exe" /AtBootTime
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
"C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
"c:\program files\valve\steam\steam.exe" -silent
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\sXe Injected]
C:\Program Files\sXe Injected\sXe Injected.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3fb8808a-89fb-11dc-b9f4-0016e6d31761}]
AutoRun\command- C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL copy.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d7bc9128-8922-11dc-b9f0-0016e6d31761}]
AutoRun\command- C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe MS32DLL.dll.vbs
-- End of Deckard's System Scanner: finished at 2008-03-28 15:07:42 ------------
