Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:31:19, on 2007-08-28
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\PROGRA~1\NEOSTR~1\TaskbarIcon.exe
C:\PROGRA~1\NEOSTR~1\CnxMon.exe
C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe
C:\WINDOWS\system32\RunDLL32.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Neostrada TP\NeostradaTP.exe
C:\Program Files\Neostrada TP\ComComp.exe
C:\Program Files\Neostrada TP\Watch.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\explorer.exe
C:\Documents and Settings\Hoti\Pulpit\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\NEOSTR~1\SEARCH~1.DLL
O2 - BHO: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Protection Bar - {F06E2ABE-3A50-4079-BE25-FC100D9EAA25} - C:\Program Files\Video ActiveX Access\iesbpl.dll (file missing)
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\NEOSTR~1\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\NEOSTR~1\TaskbarIcon.exe
O4 - HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\NEOSTR~1\CnxMon.exe
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [AudioDeck] C:\Program Files\VIAudioi\SBADeck\ADeck.exe 1
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'USŁUGA LOKALNA')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'USŁUGA SIECIOWA')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: Registration Driver Parallel Lines.LNK = C:\Documents and Settings\Hoti\Pulpit\Nowy folder (2)\Driver Parallel Lines\Register\RegistrationReminder.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/126bf446ac9ab1874805/netzip/RdxIE601.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1184775147190
O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) - http://driveragent.com/files/driveragent.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{3C841E8B-1B5D-4B9C-A3FE-D3ED13DB1F57}: NameServer = 194.204.152.34 217.98.63.164
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
--
End of file - 6053 bytes
ComboFix 07-08-25.2 - "Hoti" 2007-08-28 13:32:28.3 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1250.1.1045.18.73 [GMT 2:00]
((((((((((((((((((((((((( Files Created from 2007-07-28 to 2007-08-28 )))))))))))))))))))))))))))))))
2007-08-28 13:29 0 --a------ C:\WINDOWS\system32\config\SYSTEM~1\ntuser.dat
2007-08-28 13:15 <DIR> d-------- C:\VundoFix Backups
2007-08-28 13:12 1,886 --a------ C:\WINDOWS\system32\tmp.reg
2007-08-28 12:19 <DIR> d-------- C:\!KillBox
2007-08-27 16:23 2,054 --a------ C:\WINDOWS\system32\sdbackup.reg
2007-08-26 23:14 51,200 --a------ C:\WINDOWS\nircmd.exe
2007-08-26 22:23 10,872 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
2007-08-26 18:58 <DIR> d-------- C:\Program Files\SopCast
2007-08-26 18:58 <DIR> d-------- C:\DOCUME~1\Hoti\DANEAP~1\SopCast
2007-08-25 21:16 524,288 --ah----- C:\DOCUME~1\ADMINI~1\NTUSER.DAT
2007-08-25 21:16 <DIR> dr-h----- C:\DOCUME~1\ADMINI~1\Dane aplikacji
2007-08-25 21:16 <DIR> dr------- C:\DOCUME~1\ADMINI~1\Menu Start
2007-08-25 21:16 <DIR> d--h----- C:\DOCUME~1\ADMINI~1\Ustawienia lokalne
2007-08-25 21:16 <DIR> d--h----- C:\DOCUME~1\ADMINI~1\Szablony
2007-08-25 21:16 <DIR> d-------- C:\DOCUME~1\ADMINI~1\Ulubione
2007-08-25 21:16 <DIR> d-------- C:\DOCUME~1\ADMINI~1\Pulpit
2007-08-25 21:16 <DIR> d-------- C:\DOCUME~1\ADMINI~1\Moje dokumenty
2007-08-25 19:46 5 --a------ C:\WINDOWS\ECF4-AB84-C569-7DC3.dat
2007-08-25 13:41 <DIR> d-------- C:\DOCUME~1\Hoti\DANEAP~1\vlc
2007-08-25 13:40 <DIR> d-------- C:\Program Files\VideoLAN
2007-08-24 16:42 <DIR> d-------- C:\Program Files\Real Alternative
2007-08-24 16:42 <DIR> d-------- C:\Program Files\Media Player Classic
2007-08-24 16:42 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\DANEAP~1\Real
2007-08-24 14:11 <DIR> d-------- C:\WINDOWS\system32\SoftwareDistribution
2007-08-23 10:17 <DIR> d-------- C:\Program Files\Fic_Products
2007-08-22 23:00 <DIR> d-------- C:\WINDOWS\system32\PreInstall
2007-08-22 20:54 <DIR> d--h----- C:\WINDOWS\$hf_mig$
2007-08-22 14:17 <DIR> d-------- C:\WINDOWS\speech
2007-08-22 13:31 <DIR> d-------- C:\Program Files\MarBit
2007-08-22 13:31 <DIR> d-------- C:\Program Files\ivo
2007-08-22 13:08 <DIR> d-------- C:\DOCUME~1\Hoti\DANEAP~1\DivX
2007-08-22 13:08 <DIR> d-------- C:\DOCUME~1\Hoti\DANEAP~1\AVSMedia
2007-08-22 13:08 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\DANEAP~1\AVS4YOU
2007-08-22 13:05 974,848 --a------ C:\WINDOWS\system32\mfc70.dll
2007-08-22 13:05 487,424 --a------ C:\WINDOWS\system32\msvcp70.dll
2007-08-22 13:05 413,760 --a------ C:\WINDOWS\system32\mpg4c32.dll
2007-08-22 13:05 261,632 --a------ C:\WINDOWS\system32\mcdvd_32.dll
2007-08-22 13:05 24,576 --a------ C:\WINDOWS\system32\msxml3a.dll
2007-08-22 13:05 1,700,352 --a------ C:\WINDOWS\system32\GdiPlus.dll
2007-08-22 13:05 <DIR> d-------- C:\Program Files\Common Files\AVSMedia
2007-08-22 13:05 <DIR> d-------- C:\Program Files\AVSMedia
2007-08-22 13:03 892,928 --a------ C:\WINDOWS\system32\iconv.dll
2007-08-22 13:03 77,824 --a------ C:\WINDOWS\system32\vorbisfile.dll
2007-08-22 13:03 73,728 --a------ C:\WINDOWS\system32\dpl100.dll
2007-08-22 13:03 524,288 --a------ C:\WINDOWS\system32\xvidcore.dll
2007-08-22 13:03 524,288 --a------ C:\WINDOWS\system32\divxsm.exe
2007-08-22 13:03 49,152 --a------ C:\WINDOWS\system32\ogg.dll
2007-08-22 13:03 3,596,288 --a------ C:\WINDOWS\system32\qt-dx331.dll
2007-08-22 13:03 196,608 --a------ C:\WINDOWS\system32\dtu100.dll
2007-08-22 13:03 139,264 --a------ C:\WINDOWS\system32\xvidvfw.dll
2007-08-22 13:03 1,200,128 --a------ C:\WINDOWS\system32\vorbis.dll
2007-08-22 13:03 1,044,480 --a------ C:\WINDOWS\system32\libdivx.dll
2007-08-22 13:03 1,015,808 --a------ C:\WINDOWS\system32\vorbisenc.dll
2007-08-22 13:03 <DIR> d-------- C:\Program Files\Codec
2007-08-22 12:55 <DIR> d-------- C:\DOCUME~1\LOCALS~1\Menu Start
2007-08-22 12:53 <DIR> d-------- C:\WINDOWS\Prefetch
2007-08-22 12:38 <DIR> d-------- C:\WINDOWS\provisioning
2007-08-22 12:38 <DIR> d-------- C:\WINDOWS\peernet
2007-08-22 12:34 <DIR> d-------- C:\WINDOWS\ServicePackFiles
2007-08-22 12:27 22,752 --a------ C:\WINDOWS\system32\spupdsvc.exe
2007-08-22 12:22 <DIR> d-------- C:\WINDOWS\EHome
2007-08-22 12:10 4,569 --------- C:\WINDOWS\system32\secupd.dat
2007-08-22 12:10 11,776 --------- C:\WINDOWS\system32\spnpinst.exe
2007-08-22 11:29 <DIR> d-------- C:\DOCUME~1\Hoti\DANEAP~1\Google
2007-08-22 11:20 <DIR> d-------- C:\Program Files\Google
2007-08-22 11:20 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\DANEAP~1\Google
2007-08-21 18:31 27,904 -ra------ C:\WINDOWS\system32\drivers\VIAAGP1.SYS
2007-08-21 18:31 <DIR> d-------- C:\WINDOWS\system32\ReinstallBackups
2007-08-21 18:30 <DIR> d-------- C:\Program Files\VIA
2007-08-21 17:34 60,288 --a------ C:\WINDOWS\system32\drivers\drmk.sys
2007-08-21 17:34 145,792 --a------ C:\WINDOWS\system32\drivers\portcls.sys
2007-08-21 16:50 23,600 --a------ C:\WINDOWS\system32\drivers\TVICHW32.SYS
2007-08-20 20:06 <DIR> d-------- C:\Program Files\MZ Manager 2
2007-08-19 14:54 86,016 --a------ C:\WINDOWS\unvise32.exe
2007-08-19 14:46 <DIR> d-------- C:\Program Files\Postal2STP
2007-08-18 12:00 <DIR> d-------- C:\DOCUME~1\Hoti\DANEAP~1\DialMessenger
2007-08-16 22:39 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\DANEAP~1\ConeXware
2007-08-16 22:38 <DIR> d-------- C:\Program Files\PowerArchiver
2007-08-16 18:48 281 --a------ C:\WINDOWS\EReg176.dat
2007-08-16 18:40 <DIR> d-------- C:\Program Files\PowerISO
2007-08-16 17:13 <DIR> d-------- C:\Program Files\RAR Password Cracker
2007-08-15 12:43 43,520 --a------ C:\WINDOWS\system32\CmdLineExt03.dll
2007-08-15 11:08 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\DANEAP~1\Windows Genuine Advantage
2007-08-12 15:43 <DIR> d-------- C:\Program Files\Real
2007-08-12 15:43 <DIR> d-------- C:\Program Files\Common Files\Real
2007-08-12 15:43 <DIR> d-------- C:\DOCUME~1\Hoti\DANEAP~1\Real
2007-08-12 15:38 <DIR> d-------- C:\My Downloads
2007-08-12 13:51 956,416 --a------ C:\WINDOWS\system32\msdtctm.dll
2007-08-12 13:51 91,136 --a------ C:\WINDOWS\system32\mtxoci.dll
2007-08-12 13:51 77,312 --a------ C:\WINDOWS\system32\browser.dll
2007-08-12 13:51 66,560 --a------ C:\WINDOWS\system32\mtxclu.dll
2007-08-12 13:51 625,152 --a------ C:\WINDOWS\system32\catsrvut.dll
2007-08-12 13:51 614,912 --a------ C:\WINDOWS\system32\h323msp.dll
2007-08-12 13:51 60,416 --a------ C:\WINDOWS\system32\colbact.dll
2007-08-12 13:51 581,120 --a------ C:\WINDOWS\system32\rpcrt4.dll
2007-08-12 13:51 540,160 --a------ C:\WINDOWS\system32\comuid.dll
2007-08-12 13:51 426,496 --a------ C:\WINDOWS\system32\msdtcprx.dll
2007-08-12 13:51 40,960 --a------ C:\WINDOWS\system32\mf3216.dll
2007-08-12 13:51 397,824 --a------ C:\WINDOWS\system32\rpcss.dll
2007-08-12 13:51 331,264 --a------ C:\WINDOWS\system32\ipnathlp.dll
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
2007-08-28 12:46 --------- d-------- C:\Program Files\Neostrada TP
2007-08-28 12:44 --------- d-------- C:\DOCUME~1\Hoti\DANEAP~1\MegauploadToolbar
2007-08-28 12:44 --------- d-------- C:\DOCUME~1\Hoti\DANEAP~1\MegauploadToolbar
2007-08-28 12:17 --------- d-a------ C:\DOCUME~1\ALLUSE~1\DANEAP~1\TEMP
2007-08-27 17:59 --------- d-------- C:\Program Files\Valve
2007-08-24 20:46 --------- d-------- C:\Program Files\Gadu-Gadu
2007-08-22 23:00 --------- d-------- C:\Program Files\Messenger
2007-08-22 18:18 504832 --a------ C:\WINDOWS\system32\winlogon.exe
2007-08-22 12:43 2426 --a------ C:\WINDOWS\pchealth\HELPCTR\PackageStore\SkuStore.bin
2007-08-22 12:40 8972 --a------ C:\WINDOWS\pchealth\HELPCTR\Config\Cntstore.bin
2007-08-22 12:38 --------- d-------- C:\Program Files\Movie Maker
2007-08-22 12:33 --------- d-------- C:\Program Files\Windows NT
2007-08-21 17:25 --------- d-------- C:\Program Files\VIAudioi
2007-08-20 11:26 --------- d-------- C:\Program Files\DAEMON Tools
2007-08-16 11:47 --------- d-------- C:\Program Files\MegauploadToolbar
2007-08-15 12:42 --------- d--h----- C:\Program Files\InstallShield Installation Information
2007-07-30 19:19 92504 --a------ C:\WINDOWS\system32\cdm.dll
2007-07-30 19:19 549720 --a------ C:\WINDOWS\system32\wuapi.dll
2007-07-30 19:19 53080 --a------ C:\WINDOWS\system32\wuauclt.exe
2007-07-30 19:19 43352 --a------ C:\WINDOWS\system32\wups2.dll
2007-07-30 19:19 325976 --a------ C:\WINDOWS\system32\wucltui.dll
2007-07-30 19:19 203096 --a------ C:\WINDOWS\system32\wuweb.dll
2007-07-30 19:19 1712984 --a------ C:\WINDOWS\system32\wuaueng.dll
2007-07-30 19:18 33624 --a------ C:\WINDOWS\system32\wups.dll
2007-07-18 18:13 --------- d--h----- C:\Program Files\WindowsUpdate
2007-07-15 16:08 --------- d-------- C:\Program Files\Common Files\InstallShield
2007-07-14 22:24 --------- d-------- C:\Program Files\Winamp
2007-07-14 21:35 --------- d-------- C:\DOCUME~1\ALLUSE~1\DANEAP~1\nView_Profiles
2007-07-12 12:27 --------- d-------- C:\Program Files\xp-AntiSpy
2007-07-10 15:35 98304 --a------ C:\WINDOWS\system32\CmdLineExt.dll
2007-07-08 21:55 --------- d-------- C:\Program Files\Micro DVD Player
2007-07-05 18:21 --------- d-------- C:\Program Files\CyberLink
2007-07-05 18:21 --------- d-------- C:\DOCUME~1\ALLUSE~1\DANEAP~1\CyberLink
2007-07-05 17:11 --------- d-------- C:\DOCUME~1\ALLUSE~1\DANEAP~1\NVIDIA
2007-07-05 16:00 682232 --a------ C:\WINDOWS\system32\drivers\sptd.sys
2007-07-05 14:53 --------- d-------- C:\Program Files\Common Files\DirectX
2007-07-04 13:48 --------- d-------- C:\DOCUME~1\Hoti\DANEAP~1\GetRightToGo
2007-07-04 13:48 --------- d-------- C:\DOCUME~1\Hoti\DANEAP~1\GetRightToGo
2007-07-04 00:19 --------- d-------- C:\DOCUME~1\Hoti\DANEAP~1\Media Player Classic
2007-07-04 00:19 --------- d-------- C:\DOCUME~1\Hoti\DANEAP~1\Media Player Classic
2007-07-03 13:20 --------- d-------- C:\Program Files\Lavalys
2007-07-03 12:19 --------- d-------- C:\Program Files\DivX
2007-07-02 22:22 --------- d-------- C:\DOCUME~1\Hoti\DANEAP~1\Gadu-Gadu
2007-07-02 22:22 --------- d-------- C:\DOCUME~1\Hoti\DANEAP~1\Gadu-Gadu
2007-07-02 21:30 --------- d-------- C:\Program Files\Thomson
2007-07-02 21:05 --------- d-------- C:\Program Files\Common Files\SpeechEngines
2007-07-02 21:05 --------- d-------- C:\Program Files\Common Files\ODBC
2007-07-02 20:14 0 -rahs---- C:\MSDOS.SYS
2007-07-02 20:14 0 -rahs---- C:\IO.SYS
2007-07-02 20:14 0 --a------ C:\CONFIG.SYS
2007-07-02 20:14 0 --a------ C:\AUTOEXEC.BAT
2007-07-02 20:14 --------- d-------- C:\Program Files\microsoft frontpage
2007-07-02 20:11 --------- d-------- C:\Program Files\Common Files\MSSoap
2007-07-02 20:10 --------- d-------- C:\Program Files\MSN Gaming Zone
2007-06-26 08:10 1104896 --a------ C:\WINDOWS\system32\msxml3.dll
2007-06-19 15:32 282112 --a------ C:\WINDOWS\system32\gdi32.dll
2007-06-13 15:23 1034752 --a------ C:\WINDOWS\explorer.exe
2007-06-11 18:32 56360 --a------ C:\WINDOWS\system32\WBHELP2.DLL
--------- C:\Program Files\Usługi online
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
*Note* empty entries & legit default entries are not shown
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{F06E2ABE-3A50-4079-BE25-FC100D9EAA25}"= C:\Program Files\Video ActiveX Access\iesbpl.dll [ ]
[HKEY_CLASSES_ROOT\CLSID\{F06E2ABE-3A50-4079-BE25-FC100D9EAA25}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\System32\NvCpl.dll" [2006-10-22 12:22]
"WOOWATCH"="C:\PROGRA~1\NEOSTR~1\Watch.exe" [2003-10-16 18:07]
"WOOTASKBARICON"="C:\PROGRA~1\NEOSTR~1\TaskbarIcon.exe" [2003-10-16 18:07]
"WooCnxMon"="C:\PROGRA~1\NEOSTR~1\CnxMon.exe" [2003-10-16 18:07]
"SpeedTouch USB Diagnostics"="C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" [2004-01-26 11:38]
"nwiz"="nwiz.exe" [2006-10-22 12:22 C:\WINDOWS\system32\nwiz.exe]
"NvMediaCenter"="NvMCTray.dll" [2006-10-22 12:22 C:\WINDOWS\system32\nvmctray.dll]
"Symantec PIF AlertEng"="C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [2007-03-12 18:30]
"AudioDeck"="C:\Program Files\VIAudioi\SBADeck\ADeck.exe" []
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 11:25]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 09:44]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"DisableStatusMessages"=1 (0x1)
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Hoti^Menu Start^Programy^Autostart^UniSpiker-2.6.lnk]
path=C:\Documents and Settings\Hoti\Menu Start\Programy\Autostart\UniSpiker-2.6.lnk
backup=C:\WINDOWS\pss\UniSpiker-2.6.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools]
"C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DialMessenger]
"C:\Program Files\DialMessenger\dialmessenger.exe" -background
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Gadu-Gadu]
"C:\Program Files\Gadu-Gadu\gg.exe" /tray
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PowerArchiver Tray]
C:\Program Files\PowerArchiver\PASTARTER.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE]
C:\Program Files\PowerISO\PWRISOVM.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\spol]
http://www.toya.net.pl/~spol/site/index.htm
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
"C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
C:\Program Files\Winamp\winampa.exe
**************************************************************************
catchme 0.3.1061 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-08-28 13:34:05
Windows 5.1.2600 Dodatek Service Pack 2 NTFS
scanning hidden processes ...
C:\WINDOWS\system32\cmd.exe [3996] 0x8157BDA0
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
Completion time: 2007-08-28 13:35:07
C:\ComboFix-quarantined-files.txt ... 2007-08-28 13:34
C:\ComboFix2.txt ... 2007-08-28 12:45
C:\ComboFix3.txt ... 2007-08-26 23:18
--- E O F ---
[ Dodano: Dzisiaj o 9:49 ] Prossze o sprawdzenie loga z combofixa i HJ , osttanio moj komputer strasznie zamula. Z gory dzieki za pomoc.
ComboFix 07-08-25.2 - "Hoti" 2007-09-01 9:30:37.4 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1250.1.1045.18.43 [GMT 2:00]
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
C:\d.exe
C:\Program Files\Common Files\ppatch~1
C:\Program Files\Common Files\ppatch~1\??pPatch\
C:\Program Files\inetget2
C:\Program Files\inetget2\popinstall.exe
C:\Program Files\winpop
C:\Program Files\winpop\UnInstall.exe
C:\Program Files\winpop\winpop.exe
C:\WINDOWS\b122.exe
C:\WINDOWS\retadpu2000352.exe
C:\WINDOWS\system32\jkkhffd.dll
C:\WINDOWS\system32\winipp32.dll
C:\WINDOWS\system32\xpdx.sys
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
-------\xpdx
((((((((((((((((((((((((( Files Created from 2007-08-01 to 2007-09-01 )))))))))))))))))))))))))))))))
2007-08-31 21:38 6,448 ---hs---- C:\WINDOWS\system32\vvyxx.bak1
2007-08-31 21:37 298,080 --a------ C:\WINDOWS\system32\xxyvv.dll.vir
2007-08-31 21:33 27,947 --ah----- C:\wsusupd.exe
2007-08-31 21:32 8,192 --a------ C:\WINDOWS\system32\drivers\changer.sys
2007-08-31 21:32 43,542 --a------ C:\WINDOWS\system32\gebcyvt.dll.vir
2007-08-31 21:31 27,947 --a------ C:\xetdyaal.exe
2007-08-30 20:23 <DIR> d-------- C:\Program Files\Deluxe Ski Jump 3
2007-08-30 19:00 54,784 --a------ C:\WINDOWS\system32\msvci70.dll
2007-08-30 19:00 265,785 --a------ C:\WINDOWS\system32\pixomatic.dll
2007-08-30 19:00 22,016 --a------ C:\WINDOWS\system32\borlndmm.dll
2007-08-30 19:00 188,416 --a------ C:\WINDOWS\system32\eax.dll
2007-08-30 19:00 161,280 --a------ C:\WINDOWS\system32\fmod.dll
2007-08-30 12:02 <DIR> d-------- C:\Program Files\fdrlab
2007-08-29 14:58 <DIR> d-------- C:\Program Files\Project64 1.6
2007-08-29 10:47 <DIR> d-------- C:\Program Files\MSXML 4.0
2007-08-28 18:39 82,432 --a------ C:\WINDOWS\system32\msxml4r.dll
2007-08-28 18:39 442,368 --a------ C:\WINDOWS\system32\vp6vfw.dll
2007-08-28 13:29 0 --a------ C:\WINDOWS\system32\config\SYSTEM~1\ntuser.dat
2007-08-28 13:15 <DIR> d-------- C:\VundoFix Backups
2007-08-28 13:12 2,370 --a------ C:\WINDOWS\system32\tmp.reg
2007-08-28 13:11 <DIR> d-------- C:\SmitfraudFix
2007-08-28 12:19 <DIR> d-------- C:\!KillBox
2007-08-27 16:23 2,054 --a------ C:\WINDOWS\system32\sdbackup.reg
2007-08-26 23:14 51,200 --a------ C:\WINDOWS\nircmd.exe
2007-08-26 22:23 10,872 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
2007-08-26 18:58 <DIR> d-------- C:\Program Files\SopCast
2007-08-26 18:58 <DIR> d-------- C:\DOCUME~1\Hoti\DANEAP~1\SopCast
2007-08-25 21:29 <DIR> d-------- C:\backups
2007-08-25 21:16 524,288 --ah----- C:\DOCUME~1\ADMINI~1\NTUSER.DAT
2007-08-25 21:16 <DIR> dr-h----- C:\DOCUME~1\ADMINI~1\Dane aplikacji
2007-08-25 21:16 <DIR> dr------- C:\DOCUME~1\ADMINI~1\Menu Start
2007-08-25 21:16 <DIR> d--h----- C:\DOCUME~1\ADMINI~1\Ustawienia lokalne
2007-08-25 21:16 <DIR> d--h----- C:\DOCUME~1\ADMINI~1\Szablony
2007-08-25 21:16 <DIR> d-------- C:\DOCUME~1\ADMINI~1\Ulubione
2007-08-25 21:16 <DIR> d-------- C:\DOCUME~1\ADMINI~1\Pulpit
2007-08-25 21:16 <DIR> d-------- C:\DOCUME~1\ADMINI~1\Moje dokumenty
2007-08-25 19:46 5 --a------ C:\WINDOWS\ECF4-AB84-C569-7DC3.dat
2007-08-25 13:41 <DIR> d-------- C:\DOCUME~1\Hoti\DANEAP~1\vlc
2007-08-25 13:40 <DIR> d-------- C:\Program Files\VideoLAN
2007-08-24 16:42 <DIR> d-------- C:\Program Files\Real Alternative
2007-08-24 16:42 <DIR> d-------- C:\Program Files\Media Player Classic
2007-08-24 16:42 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\DANEAP~1\Real
2007-08-24 14:11 <DIR> d-------- C:\WINDOWS\system32\SoftwareDistribution
2007-08-23 10:17 <DIR> d-------- C:\Program Files\Fic_Products
2007-08-22 23:00 <DIR> d-------- C:\WINDOWS\system32\PreInstall
2007-08-22 20:54 <DIR> d--h----- C:\WINDOWS\$hf_mig$
2007-08-22 14:17 <DIR> d-------- C:\WINDOWS\speech
2007-08-22 13:31 <DIR> d-------- C:\Program Files\MarBit
2007-08-22 13:31 <DIR> d-------- C:\Program Files\ivo
2007-08-22 13:08 <DIR> d-------- C:\DOCUME~1\Hoti\DANEAP~1\DivX
2007-08-22 13:08 <DIR> d-------- C:\DOCUME~1\Hoti\DANEAP~1\AVSMedia
2007-08-22 13:08 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\DANEAP~1\AVS4YOU
2007-08-22 13:05 974,848 --a------ C:\WINDOWS\system32\mfc70.dll
2007-08-22 13:05 487,424 --a------ C:\WINDOWS\system32\msvcp70.dll
2007-08-22 13:05 413,760 --a------ C:\WINDOWS\system32\mpg4c32.dll
2007-08-22 13:05 261,632 --a------ C:\WINDOWS\system32\mcdvd_32.dll
2007-08-22 13:05 24,576 --a------ C:\WINDOWS\system32\msxml3a.dll
2007-08-22 13:05 1,700,352 --a------ C:\WINDOWS\system32\GdiPlus.dll
2007-08-22 13:05 <DIR> d-------- C:\Program Files\Common Files\AVSMedia
2007-08-22 13:05 <DIR> d-------- C:\Program Files\AVSMedia
2007-08-22 13:03 892,928 --a------ C:\WINDOWS\system32\iconv.dll
2007-08-22 13:03 77,824 --a------ C:\WINDOWS\system32\vorbisfile.dll
2007-08-22 13:03 73,728 --a------ C:\WINDOWS\system32\dpl100.dll
2007-08-22 13:03 524,288 --a------ C:\WINDOWS\system32\xvidcore.dll
2007-08-22 13:03 524,288 --a------ C:\WINDOWS\system32\divxsm.exe
2007-08-22 13:03 49,152 --a------ C:\WINDOWS\system32\ogg.dll
2007-08-22 13:03 3,596,288 --a------ C:\WINDOWS\system32\qt-dx331.dll
2007-08-22 13:03 196,608 --a------ C:\WINDOWS\system32\dtu100.dll
2007-08-22 13:03 139,264 --a------ C:\WINDOWS\system32\xvidvfw.dll
2007-08-22 13:03 1,200,128 --a------ C:\WINDOWS\system32\vorbis.dll
2007-08-22 13:03 1,044,480 --a------ C:\WINDOWS\system32\libdivx.dll
2007-08-22 13:03 1,015,808 --a------ C:\WINDOWS\system32\vorbisenc.dll
2007-08-22 13:03 <DIR> d-------- C:\Program Files\Codec
2007-08-22 12:55 <DIR> d-------- C:\DOCUME~1\LOCALS~1\Menu Start
2007-08-22 12:53 <DIR> d-------- C:\WINDOWS\Prefetch
2007-08-22 12:38 <DIR> d-------- C:\WINDOWS\provisioning
2007-08-22 12:38 <DIR> d-------- C:\WINDOWS\peernet
2007-08-22 12:34 <DIR> d-------- C:\WINDOWS\ServicePackFiles
2007-08-22 12:27 22,752 --a------ C:\WINDOWS\system32\spupdsvc.exe
2007-08-22 12:22 <DIR> d-------- C:\WINDOWS\EHome
2007-08-22 12:10 4,569 --------- C:\WINDOWS\system32\secupd.dat
2007-08-22 12:10 11,776 --------- C:\WINDOWS\system32\spnpinst.exe
2007-08-22 11:29 <DIR> d-------- C:\DOCUME~1\Hoti\DANEAP~1\Google
2007-08-22 11:20 <DIR> d-------- C:\Program Files\Google
2007-08-22 11:20 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\DANEAP~1\Google
2007-08-21 18:31 27,904 -ra------ C:\WINDOWS\system32\drivers\VIAAGP1.SYS
2007-08-21 18:31 <DIR> d-------- C:\WINDOWS\system32\ReinstallBackups
2007-08-21 18:30 <DIR> d-------- C:\Program Files\VIA
2007-08-21 17:34 60,288 --a------ C:\WINDOWS\system32\drivers\drmk.sys
2007-08-21 17:34 145,792 --a------ C:\WINDOWS\system32\drivers\portcls.sys
2007-08-21 16:50 23,600 --a------ C:\WINDOWS\system32\drivers\TVICHW32.SYS
2007-08-20 20:06 <DIR> d-------- C:\Program Files\MZ Manager 2
2007-08-19 14:54 86,016 --a------ C:\WINDOWS\unvise32.exe
2007-08-19 14:46 <DIR> d-------- C:\Program Files\Postal2STP
2007-08-18 12:00 <DIR> d-------- C:\DOCUME~1\Hoti\DANEAP~1\DialMessenger
2007-08-16 22:39 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\DANEAP~1\ConeXware
2007-08-16 22:38 <DIR> d-------- C:\Program Files\PowerArchiver
2007-08-16 18:48 281 --a------ C:\WINDOWS\EReg176.dat
2007-08-16 18:40 <DIR> d-------- C:\Program Files\PowerISO
2007-08-16 17:13 <DIR> d-------- C:\Program Files\RAR Password Cracker
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
2007-09-01 09:27 --------- d-------- C:\Program Files\Neostrada TP
2007-08-31 21:32 --------- d-------- C:\DOCUME~1\Hoti\DANEAP~1\MegauploadToolbar
2007-08-31 21:32 --------- d-------- C:\DOCUME~1\Hoti\DANEAP~1\MegauploadToolbar
2007-08-30 16:24 --------- d-------- C:\Program Files\Valve
2007-08-28 12:17 --------- d-a------ C:\DOCUME~1\ALLUSE~1\DANEAP~1\TEMP
2007-08-24 20:46 --------- d-------- C:\Program Files\Gadu-Gadu
2007-08-22 23:00 --------- d-------- C:\Program Files\Messenger
2007-08-22 18:18 504832 --a------ C:\WINDOWS\system32\winlogon.exe
2007-08-22 12:43 2426 --a------ C:\WINDOWS\pchealth\HELPCTR\PackageStore\SkuStore.bin
2007-08-22 12:40 8972 --a------ C:\WINDOWS\pchealth\HELPCTR\Config\Cntstore.bin
2007-08-22 12:38 --------- d-------- C:\Program Files\Movie Maker
2007-08-22 12:33 --------- d-------- C:\Program Files\Windows NT
2007-08-21 17:25 --------- d-------- C:\Program Files\VIAudioi
2007-08-20 11:26 --------- d-------- C:\Program Files\DAEMON Tools
2007-08-16 11:47 --------- d-------- C:\Program Files\MegauploadToolbar
2007-08-15 12:42 --------- d--h----- C:\Program Files\InstallShield Installation Information
2007-07-30 19:19 92504 --a------ C:\WINDOWS\system32\cdm.dll
2007-07-30 19:19 549720 --a------ C:\WINDOWS\system32\wuapi.dll
2007-07-30 19:19 53080 --a------ C:\WINDOWS\system32\wuauclt.exe
2007-07-30 19:19 43352 --a------ C:\WINDOWS\system32\wups2.dll
2007-07-30 19:19 325976 --a------ C:\WINDOWS\system32\wucltui.dll
2007-07-30 19:19 203096 --a------ C:\WINDOWS\system32\wuweb.dll
2007-07-30 19:19 1712984 --a------ C:\WINDOWS\system32\wuaueng.dll
2007-07-30 19:18 33624 --a------ C:\WINDOWS\system32\wups.dll
2007-07-18 18:13 --------- d--h----- C:\Program Files\WindowsUpdate
2007-07-15 16:08 --------- d-------- C:\Program Files\Common Files\InstallShield
2007-07-14 22:24 --------- d-------- C:\Program Files\Winamp
2007-07-14 21:35 --------- d-------- C:\DOCUME~1\ALLUSE~1\DANEAP~1\nView_Profiles
2007-07-12 12:27 --------- d-------- C:\Program Files\xp-AntiSpy
2007-07-10 15:35 98304 --a------ C:\WINDOWS\system32\CmdLineExt.dll
2007-07-08 21:55 --------- d-------- C:\Program Files\Micro DVD Player
2007-07-05 18:21 --------- d-------- C:\Program Files\CyberLink
2007-07-05 18:21 --------- d-------- C:\DOCUME~1\ALLUSE~1\DANEAP~1\CyberLink
2007-07-05 17:11 --------- d-------- C:\DOCUME~1\ALLUSE~1\DANEAP~1\NVIDIA
2007-07-05 16:00 682232 --a------ C:\WINDOWS\system32\drivers\sptd.sys
2007-07-05 14:53 --------- d-------- C:\Program Files\Common Files\DirectX
2007-07-04 13:48 --------- d-------- C:\DOCUME~1\Hoti\DANEAP~1\GetRightToGo
2007-07-04 13:48 --------- d-------- C:\DOCUME~1\Hoti\DANEAP~1\GetRightToGo
2007-07-04 00:19 --------- d-------- C:\DOCUME~1\Hoti\DANEAP~1\Media Player Classic
2007-07-04 00:19 --------- d-------- C:\DOCUME~1\Hoti\DANEAP~1\Media Player Classic
2007-07-03 13:20 --------- d-------- C:\Program Files\Lavalys
2007-07-03 12:19 --------- d-------- C:\Program Files\DivX
2007-07-02 22:22 --------- d-------- C:\DOCUME~1\Hoti\DANEAP~1\Gadu-Gadu
2007-07-02 22:22 --------- d-------- C:\DOCUME~1\Hoti\DANEAP~1\Gadu-Gadu
2007-07-02 21:30 --------- d-------- C:\Program Files\Thomson
2007-07-02 21:05 --------- d-------- C:\Program Files\Common Files\SpeechEngines
2007-07-02 21:05 --------- d-------- C:\Program Files\Common Files\ODBC
2007-07-02 20:14 0 -rahs---- C:\MSDOS.SYS
2007-07-02 20:14 0 -rahs---- C:\IO.SYS
2007-07-02 20:14 0 --a------ C:\CONFIG.SYS
2007-07-02 20:14 0 --a------ C:\AUTOEXEC.BAT
2007-07-02 20:14 --------- d-------- C:\Program Files\microsoft frontpage
2007-07-02 20:11 --------- d-------- C:\Program Files\Common Files\MSSoap
2007-07-02 20:10 --------- d-------- C:\Program Files\MSN Gaming Zone
2007-06-26 08:10 1104896 --a------ C:\WINDOWS\system32\msxml3.dll
2007-06-19 15:32 282112 --a------ C:\WINDOWS\system32\gdi32.dll
2007-06-13 15:23 1034752 --a------ C:\WINDOWS\explorer.exe
2007-06-11 18:32 56360 --a------ C:\WINDOWS\system32\WBHELP2.DLL
--------- C:\Program Files\Usługi online
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
*Note* empty entries & legit default entries are not shown
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{F06E2ABE-3A50-4079-BE25-FC100D9EAA25}"= C:\Program Files\Video ActiveX Access\iesbpl.dll [ ]
[HKEY_CLASSES_ROOT\CLSID\{F06E2ABE-3A50-4079-BE25-FC100D9EAA25}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\System32\NvCpl.dll" [2006-10-22 12:22]
"WOOWATCH"="C:\PROGRA~1\NEOSTR~1\Watch.exe" [2003-10-16 18:07]
"WOOTASKBARICON"="C:\PROGRA~1\NEOSTR~1\TaskbarIcon.exe" [2003-10-16 18:07]
"WooCnxMon"="C:\PROGRA~1\NEOSTR~1\CnxMon.exe" [2003-10-16 18:07]
"SpeedTouch USB Diagnostics"="C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" [2004-01-26 11:38]
"nwiz"="nwiz.exe" [2006-10-22 12:22 C:\WINDOWS\system32\nwiz.exe]
"NvMediaCenter"="NvMCTray.dll" [2006-10-22 12:22 C:\WINDOWS\system32\nvmctray.dll]
"Symantec PIF AlertEng"="C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [2007-03-12 18:30]
"AudioDeck"="C:\Program Files\VIAudioi\SBADeck\ADeck.exe" []
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 11:25]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" [2007-07-12 04:00]
"ShareSearcher"="C:\wsusupd.exe" [2007-08-31 21:33]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 09:44]
"Ssoa"="C:\PROGRA~1\COMMON~1\PPATCH~1\smss.exe" []
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"DisableStatusMessages"=1 (0x1)
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableRegistryTools"=0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Hoti^Menu Start^Programy^Autostart^UniSpiker-2.6.lnk]
path=C:\Documents and Settings\Hoti\Menu Start\Programy\Autostart\UniSpiker-2.6.lnk
backup=C:\WINDOWS\pss\UniSpiker-2.6.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools]
"C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DialMessenger]
"C:\Program Files\DialMessenger\dialmessenger.exe" -background
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Gadu-Gadu]
"C:\Program Files\Gadu-Gadu\gg.exe" /tray
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PowerArchiver Tray]
C:\Program Files\PowerArchiver\PASTARTER.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE]
C:\Program Files\PowerISO\PWRISOVM.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\spol]
http://www.toya.net.pl/~spol/site/index.htm
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
"C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
C:\Program Files\Winamp\winampa.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\G]
AutoRun\command- G:\Autorun.exe
**************************************************************************
catchme 0.3.1061 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-09-01 09:40:47
Windows 5.1.2600 Dodatek Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
Completion time: 2007-09-01 9:43:37 - machine was rebooted
C:\ComboFix-quarantined-files.txt ... 2007-09-01 09:43
C:\ComboFix2.txt ... 2007-08-28 13:35
C:\ComboFix3.txt ... 2007-08-28 12:45
--- E O F ---
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 09:46:20, on 2007-09-01
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\PROGRA~1\NEOSTR~1\TaskbarIcon.exe
C:\PROGRA~1\NEOSTR~1\CnxMon.exe
C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe
C:\WINDOWS\system32\RunDLL32.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\wsusupd.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Neostrada TP\NeostradaTP.exe
C:\Program Files\Neostrada TP\ComComp.exe
C:\Program Files\Neostrada TP\Watch.exe
C:\Documents and Settings\Hoti\Pulpit\PROGRAMY ANTY-WIRUSOWE\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\NEOSTR~1\SEARCH~1.DLL
O2 - BHO: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Protection Bar - {F06E2ABE-3A50-4079-BE25-FC100D9EAA25} - C:\Program Files\Video ActiveX Access\iesbpl.dll (file missing)
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\NEOSTR~1\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\NEOSTR~1\TaskbarIcon.exe
O4 - HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\NEOSTR~1\CnxMon.exe
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [AudioDeck] C:\Program Files\VIAudioi\SBADeck\ADeck.exe 1
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [ShareSearcher] C:\wsusupd.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Ssoa] "C:\PROGRA~1\COMMON~1\PPATCH~1\smss.exe" -vt yazb
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'USŁUGA LOKALNA')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'USŁUGA SIECIOWA')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: Registration Driver Parallel Lines.LNK = C:\Documents and Settings\Hoti\Pulpit\Nowy folder (2)\Driver Parallel Lines\Register\RegistrationReminder.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/126bf446ac9ab1874805/netzip/RdxIE601.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1184775147190
O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) - http://driveragent.com/files/driveragent.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{3C841E8B-1B5D-4B9C-A3FE-D3ED13DB1F57}: NameServer = 194.204.152.34 217.98.63.164
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
--
End of file - 6382 bytes
[ Dodano: Dzisiaj o 14:42 ] Tnie sie podczas ogladania filmikow , wolno wszystko sie otwiera gry sie tna. Prosze o pomoc.
