Alertu nie mam
Mam tylko logi z antywira
2007-03-19 03:40:46 SYSTEM 1752 Sign of "Win32:Trojan-gen. {UPX!}" has been found in "C:\Program Files\Common Files\Microsoft Shared\IME\IMTC65\Phonetic\TINTLCFG.EXE" file.
2007-03-19 15:08:40 SYSTEM 1836 Sign of "Win32:Trojan-gen. {UPX!}" has been found in "C:\Program Files\Common Files\Microsoft Shared\IME\IMTC65\ChangJie\CINTLCFG.EXE" file.
2007-03-19 15:10:13 SYSTEM 1836 Sign of "Win32:Trojan-gen. {UPX!}" has been found in "C:\Program Files\Common Files\Microsoft Shared\IME\IMTC65\ChangJie\CINTLCFG.EXE" file.
2007-03-19 15:12:06 SYSTEM 1836 Sign of "Win32:Trojan-gen. {UPX!}" has been found in "C:\Program Files\Common Files\Microsoft Shared\IME\IMTC65\ChangJie\CINTLCFG.EXE" file.
2007-03-19 20:51:58 SYSTEM 1836 Sign of "Win32:Trojan-gen. {UPX!}" has been found in "C:\Program Files\Common Files\Microsoft Shared\IME\IMTC65\ChangJie\CINTLCFG.EXE" file.
2007-03-19 21:12:23 SYSTEM 1836 Sign of "Win32:Trojan-gen. {UPX!}" has been found in "C:\Program Files\Common Files\Microsoft Shared\IME\IMTC65\ChangJie\CINTLCFG.EXE" file.
2007-03-19 21:14:20 SYSTEM 1836 Sign of "Win32:Trojan-gen. {UPX!}" has been found in "C:\Program Files\Common Files\Microsoft Shared\IME\IMTC65\ChangJie\CINTLCFG.EXE" file.
2007-03-20 12:57:44 SYSTEM 536 Sign of "Win32:Trojan-gen. {UPX!}" has been found in "C:\WINDOWS\system32\NeroCheck.exe" file.
2007-03-20 19:00:39 SYSTEM 536 Sign of "Win32:Trojan-gen. {UPX!}" has been found in "C:\WINDOWS\system32\NeroCheck.exe" file.
2007-03-20 20:51:31 SYSTEM 536 Sign of "Win32:Trojan-gen. {UPX!}" has been found in "C:\program files\hp\hp software update\hpwuschd2.exe" file.
- Kod: Zaznacz wszystko
Windows Internal Firewall is disabled.
-- Environment Variables -------------------------------------------------------
ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\Ailish\Dane aplikacji
CLIENTNAME=Console
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=AGA
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\Ailish
LOGONSERVER=\\AGA
NUMBER_OF_PROCESSORS=1
OS=Windows_NT
Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\Program Files\Common Files\Adobe\AGL
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 15 Model 4 Stepping 1, GenuineIntel
PROCESSOR_LEVEL=15
PROCESSOR_REVISION=0401
ProgramFiles=C:\Program Files
PROMPT=$P$G
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\Ailish\USTAWI~1\Temp
TMP=C:\DOCUME~1\Ailish\USTAWI~1\Temp
USERDOMAIN=AGA
USERNAME=Ailish
USERPROFILE=C:\Documents and Settings\Ailish
windir=C:\WINDOWS
-- User Profiles ---------------------------------------------------------------
Ailish [I](admin)[/I]
Administrator [I](new local, admin, profile directory not found)[/I]
-- Add/Remove Programs ---------------------------------------------------------
--> "C:\Program Files\ViaVoice\Bin\vunUK.exe" ProdRunControl Dc En_UK 'IBM ViaVoice™ Command and Control Runtime' C:\WINDOWS\IsUninst.exe -f"C:\Program Files\ViaVoice\RtCmnd_UK.isu"
--> C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL
--> C:\WINDOWS\UNNeroVision.exe /UNINSTALL
--> C:\WINDOWS\UNNMP.exe /UNINSTALL
--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
"SubEdit-Player" --> C:\Program Files\SubEdit-Player\Odinstaluj.exe
???????? 2003 --> MsiExec.exe /I{98E671D8-7340-4322-86AF-4CB4C627BE89}
???????? 2003 --> MsiExec.exe /I{AFC35DCD-900C-46F4-998B-9D36F3031B9D}
???????? 2003 --> MsiExec.exe /I{F282D708-D8A3-48B4-ACF3-77B3C33D0DE7}
ACDSee 6.0 Standard Trial --> MsiExec.exe /I{E60EF56C-C330-4575-8463-921E70D1458B}
Ad-Aware SE Personal --> C:\PROGRA~1\Lavasoft\AD-AWA~1\UNWISE.EXE C:\PROGRA~1\Lavasoft\AD-AWA~1\INSTALL.LOG
Adobe Bridge 1.0 --> MsiExec.exe /I{B74D4E10-1033-0000-0000-000000000001}
Adobe Common File Installer --> MsiExec.exe /I{8EDBA74D-0686-4C99-BFDD-F894678E5B39}
Adobe Flash Player 9 ActiveX --> C:\WINDOWS\System32\Macromed\Flash\FlashUtil9b.exe -uninstallDelete
Adobe Help Center 1.0 --> MsiExec.exe /I{E9787678-1033-0000-8E67-000000000001}
Adobe Photoshop 6.0.1 CE --> C:\WINDOWS\ISUN0415.EXE -f"C:\Program Files\Adobe\Photoshop 6.0.1 CE\Uninst.isu" -c"C:\Program Files\Adobe\Photoshop 6.0.1 CE\Uninst.dll"
Adobe Photoshop CS2 --> msiexec /I {236BB7C4-4419-42FD-0409-1E257A25E34D}
Adobe Reader 8 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A80000000002}
Adobe Stock Photos 1.0 --> MsiExec.exe /I{786C5747-1033-0000-B58E-000000000001}
Adobe SVG Viewer --> C:\WINDOWS\IsUninst.exe -f"C:\WINDOWS\System32\Adobe\SVG Viewer\Uninst.isu"
Akademia Szybkiego Czytania - Złota Edycja --> C:\Program Files\ASCZE\Uninstall.exe "C:\Program Files\ASCZE\install.log"
Archiwizator WinRAR --> C:\Program Files\WinRAR\uninstall.exe
avast! Antivirus --> rundll32 C:\PROGRA~1\ALWILS~1\Avast4\Setup\setiface.dll,RunSetup
Ballance --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{42E0783D-3BA4-454B-B58A-BF26E49EB7DE}\setup.exe"
BrainWave Generator --> C:\WINDOWS\IsUninst.exe -fC:\Bwgen\Uninst.isu
CD'n'Go! Suite 2.00 --> "C:\Program Files\CD'n'Go! Suite\unins000.exe"
Civilization III --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0AD84416-63A4-4CF3-BDDF-8FA866711FB0}\Setup.exe"
DAEMON Tools --> MsiExec.exe /I{3DED3A72-61A8-4B87-98A5-EF0BC8038AA0}
Data Access Objects (DAO) 3.5 --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Common Files\Microsoft Shared\DAO\Uninst.isu"
eMule --> "C:\Program Files\eMule\Uninstall.exe"
EuroPlus+ REWARD --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F1A029E7-0C8C-4170-8308-D25F54FAB617}\setup.exe" -uninst
Gadu-Gadu 7.1 --> C:\Program Files\Gadu-Gadu\Setup.exe
GetRight --> C:\Program Files\GetRight\GETRIGHT.EXE /UNINSTALL
Global MU Online --> C:\Program Files\InstallShield Installation Information\{4F763B06-A014-481B-951A-11AFCD667010}\setup.exe -runfromtemp -l0x0009 -removeonly
HijackThis 1.99.1 --> D:\Instal !!!!\Do nagrania\HijackThis.exe /uninstall
HP Deskjet 5900 series --> C:\Program Files\HP\Digital Imaging\{79546A5F-AE7C-4693-8670-A3401B43ABD2}\setup\hpzscr01.exe -datfile hpfscr05.dat
HP Image Zone Express --> MsiExec.exe /X{FE64AE29-0883-4C70-8388-DC026019C900}
HP Imaging Device Functions 5.0 --> C:\Program Files\HP\Digital Imaging\DigitalImagingMonitor\hpzscr01.exe -datfile hpqbud01.dat
HP Software Update --> MsiExec.exe /X{15EE79F4-4ED1-4267-9B0F-351009325D7D}
HP Solution Center & Imaging Support Tools 5.0 --> C:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat
IBM ViaVoice Command and Control Runtime 7.0 - UK English --> "C:\Program Files\ViaVoice\Bin\vunUK.exe" ProdRunControl Dc En_UK 'IBM ViaVoice™ Command and Control Runtime' C:\WINDOWS\IsUninst.exe -f"C:\Program Files\ViaVoice\RtCmnd_UK.isu"
Jupiter 2006 Standard --> C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{15D3622A-ACAA-45E1-8652-D2C915CE94ED}
K-Lite Codec Pack 2.27 Full --> "C:\Program Files\K-Lite Codec Pack\unins000.exe"
Maxthon Browser (remove only) --> C:\Program Files\Maxthon\MaxthonUINST.exe
Microsoft Compression Client Pack 1.0 for Windows XP --> "C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Office 2003 Desktop Language Settings --> MsiExec.exe /I{ADFBC522-0E15-4E35-B932-8CE2EE0DDEA3}
Microsoft Office Professional Edition 2003 --> MsiExec.exe /I{90110415-6000-11D3-8CFE-0150048383C9}
Microsoft User-Mode Driver Framework Feature Pack 1.0 --> "C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Mozilla Firefox (1.5.0.10) --> C:\Program Files\Mozilla Firefox\uninstall\uninstall.exe /ua "1.5.0.10 (pl)"
MP3 Player Utilities 4.00 --> MsiExec.exe /I{7784A172-61F1-445E-8368-601607E0DD22}
Nero Suite --> C:\Program Files\Common Files\Nero\Uninstall\Setupx.exe /uninstall ExtraUninstallID=""
NVIDIA Drivers --> C:\WINDOWS\system32\nvudisp.exe UninstallGUI
Polska wersja językowa dla GetRight 5.2b --> C:\WINDOWS\unvise32.exe C:\Program Files\GetRight\gr_pl.log
Rapidown 5.9 SE - http://www.rapidown.com --> C:\Program Files\Rapidown\rapidown.exe rapcmd.uninstall
Realtek AC'97 Audio --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FB08F381-6533-4108-B7DD-039E11FBC27E}\setup.exe" REMOVE
Realtek RTL8139/810x Fast Ethernet NIC Driver Setup --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{97AA0C55-AFAD-4126-B21C-F1318FB6DADA}\Setup.exe" -l0x15 REMOVE
Skuteczne Uwodzenie 2 --> "C:\Program Files\Intercube\Skuteczne Uwodzenie 2\unins000.exe"
Sygate Personal Firewall Pro --> MsiExec.exe /X{91C69142-2158-4B46-AC85-FEC80CAE973D}
Twierdza Krzyżowiec --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8C3727F2-8E37-49E4-820C-03B1677F53B6}\setup.exe" -l0x15
VirtualDubMod 1.5.10.2 PL --> C:\Program Files\VirtualDubMod\Odinstaluj.exe
Winamp (remove only) --> "C:\Program Files\Winamp\UninstWA.exe"
Windows Media Format 11 runtime --> "C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
-- End of ComboScan: finished at 2007-03-20 at 22:01:44 ------------------------
- Kod: Zaznacz wszystko
ComboScan v20070306.20 run by Ailish on 2007-03-20 at 22:00:09
Computer is in Normal Mode.
--------------------------------------------------------------------------------
-- System Restore --------------------------------------------------------------
System Restore is disabled; attempting to re-enable...success.
-- Last 1 Restore Point(s) --
1: 2007-03-20 21:00:18 UTC - RP1 - Punkt kontrolny systemu
Performed disk cleanup.
-- HijackThis (run as Ailish.exe) ----------------------------------------------
Logfile of HijackThis v1.99.1
Scan saved at 22:00:50, on 2007-03-20
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Unable to get Internet Explorer version!
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Sygate\SPF\smc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\NeroCheck.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\D-Tools\daemon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Gadu-Gadu\gg.exe
C:\Program Files\Maxthon\Maxthon.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\HPZipm12.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\Program Files\Common Files\YDP\UserAccessManager\useraccess.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Gadu-Gadu\gg.exe
C:\Program Files\Winamp\winamp.exe
C:\Documents and Settings\Ailish\Pulpit\comboscan.exe
C:\DOCUME~1\Ailish\Pulpit\Ailish.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
O1 - Hosts: 83.149.119.142 bt.anfo.pl
O1 - Hosts: 83.149.119.142 beta.bt.anfo.pl
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: bho2gr Class - {31FF080D-12A3-439A-A2EF-4BA95A3148E8} - C:\Program Files\GetRight\xx2gr.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Gadu-Gadu] "C:\Program Files\Gadu-Gadu\gg.exe" /tray
O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: Sygate Personal Firewall Pro (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\smc.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: Securom User Access for Windows 2000 and Windows XP a technology by Sony DADC (UserAccess) - Unknown owner - C:\Program Files\Common Files\YDP\UserAccessManager\useraccess.exe
-- File Associations -----------------------------------------------------------
.bat - batfile - "%1" %*
.chm - chm.file - "C:\WINDOWS\hh.exe" %1
.cmd - cmdfile - "%1" %*
.com - comfile - "%1" %*
.exe - exefile - "%1" %*
.hlp - hlpfile - %SystemRoot%\System32\winhlp32.exe %1
.inf - inffile - %SystemRoot%\System32\NOTEPAD.EXE %1
.ini - inifile - %SystemRoot%\System32\NOTEPAD.EXE %1
.js - JSFile - %SystemRoot%\System32\WScript.exe "%1" %*
.lnk - lnkfile - {00021401-0000-0000-C000-000000000046}
.pif - piffile - "%1" %*
.reg - regfile - regedit.exe "%1"
.scr - scrfile - "%1" /S
.txt - txtfile - %SystemRoot%\system32\NOTEPAD.EXE %1
.vbs - VBSFile - %SystemRoot%\System32\WScript.exe "%1" %*
-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------
1R Aavmker4 (avast! Asynchronous Virus Monitor) - C:\WINDOWS\system32\drivers\aavmker4.sys
3R ALCXSENS (Service for WDM 3D Audio Driver) - C:\WINDOWS\system32\drivers\ALCXSENS.SYS
3R ALCXWDM (Service for Realtek AC97 Audio (WDM)) - C:\WINDOWS\system32\drivers\ALCXWDM.SYS
2R aswMon2 (avast! Standard Shield Support) - C:\WINDOWS\system32\drivers\aswmon2.sys
3R aswRdr - C:\WINDOWS\system32\drivers\aswRdr.sys
1R aswTdi (avast! Network Shield Support) - C:\WINDOWS\system32\drivers\aswTdi.sys
0R d347bus - C:\WINDOWS\system32\drivers\d347bus.sys
0R d347prt - C:\WINDOWS\system32\drivers\d347prt.sys
3S HPZid412 (IEEE-1284.4 Driver HPZid412) - C:\WINDOWS\system32\drivers\HPZid412.sys
3S HPZipr12 (Print Class Driver for IEEE-1284.4 HPZipr12) - C:\WINDOWS\system32\drivers\HPZipr12.sys
3S HPZius12 (USB to IEEE-1284.4 Translation Driver HPZius12) - C:\WINDOWS\system32\drivers\HPZius12.sys
1R intelppm (Sterownik procesora Intel) - C:\WINDOWS\system32\drivers\intelppm.sys
3R nv - C:\WINDOWS\system32\drivers\nv4_mini.sys
3R pfc (Padus ASPI Shell) - C:\WINDOWS\system32\drivers\pfc.sys
1R prodrv06 (StarForce Protection Environment Driver v6) - C:\WINDOWS\system32\drivers\prodrv06.sys
0R prohlp02 (StarForce Protection Helper Driver v2) - C:\WINDOWS\system32\drivers\prohlp02.sys
0R prosync1 (StarForce Protection Synchronization Driver v1) - C:\WINDOWS\system32\drivers\prosync1.sys
0R PxHelp20 - C:\WINDOWS\system32\drivers\PxHelp20.sys
3R rtl8139 (Realtek RTL8139/810x Family Fast Ethernet NIC NT Driver) - C:\WINDOWS\system32\drivers\R8139n51.sys
0R sfhlp01 (StarForce Protection Helper Driver) - C:\WINDOWS\system32\drivers\sfhlp01.sys
0R sptd - C:\WINDOWS\system32\drivers\sptd.sys
0R Teefer (Teefer for NT) - C:\WINDOWS\system32\drivers\Teefer.sys
3S usbccgp (Rodzajowy sterownik nadrzędny USB Microsoft) - C:\WINDOWS\system32\drivers\usbccgp.sys
3R usbehci (Sterownik Miniport rozszerzonego kontrolera hosta USB 2.0 Microsoft) - C:\WINDOWS\system32\drivers\usbehci.sys
3S usbprint (Klasa PRINTER USB Microsoft) - C:\WINDOWS\system32\drivers\usbprint.sys
3R USBSTOR (Sterownik magazynu masowego USB) - C:\WINDOWS\system32\drivers\usbstor.sys
2R wg3n (SyGate for NT, wg3n) - C:\WINDOWS\system32\drivers\wg3n.sys
2R wg4n (SyGate for NT, wg4n) - C:\WINDOWS\system32\drivers\wg4n.sys
2R wg5n (SyGate for NT, wg5n) - C:\WINDOWS\system32\drivers\wg5n.sys
2R wg6n (SyGate for NT, wg6n) - C:\WINDOWS\system32\drivers\wg6n.sys
1R wpsdrvnt - C:\WINDOWS\system32\drivers\wpsdrvnt.sys
3S WudfPf (Windows Driver Foundation - User-mode Driver Framework Platform Driver) - C:\WINDOWS\system32\drivers\WudfPf.sys
3S WudfRd (Windows Driver Foundation - User-mode Driver Framework Reflector) - C:\WINDOWS\system32\drivers\WudfRd.sys
-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------
3S Adobe LM Service - "C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe"
2R aswUpdSv (avast! iAVS4 Control Service) - "C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe"
2R avast! Antivirus - "C:\Program Files\Alwil Software\Avast4\ashServ.exe"
3R avast! Mail Scanner - "C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service
3R avast! Web Scanner - "C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service
2R LightScribeService (LightScribeService Direct Disc Labeling Service) - "C:\Program Files\Common Files\LightScribe\LSSrvc.exe"
2R NVSvc (NVIDIA Display Driver Service) - C:\WINDOWS\system32\nvsvc32.exe
3S ose (Office Source Engine) - "C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE"
2R Pml Driver HPZ12 - C:\WINDOWS\System32\HPZipm12.exe
2R SmcService (Sygate Personal Firewall Pro) - C:\Program Files\Sygate\SPF\smc.exe
2R StarWindService (StarWind iSCSI Service) - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
2R UserAccess (Securom User Access for Windows 2000 and Windows XP a technology by Sony DADC) - C:\Program Files\Common Files\YDP\UserAccessManager\useraccess.exe
-- Scheduled Tasks -------------------------------------------------------------
2007-03-20 20:00:01 368 --a------ C:\WINDOWS\Tasks\HPpromotions journeysoftware.job<HPPROM~1.JOB>
-- Files created between 2007-02-20 and 2007-03-20 -----------------------------
2007-03-17 16:31:32 0 d-------- C:\Program Files\Alcohol Soft<ALCOHO~1>
2007-03-17 16:23:30 639224 --a------ C:\WINDOWS\system32\drivers\sptd.sys
2007-03-16 19:11:03 0 d-------- C:\Program Files\ASCZE
2007-03-13 06:24:46 0 d-------- C:\Program Files\VirtualDubMod<VIRTUA~1>
2007-03-13 00:11:30 0 d-------- C:\Program Files\Lavasoft
2007-03-13 00:10:24 14320 --a------ C:\WINDOWS\system32\drivers\wg3n.sys
2007-03-13 00:10:23 59472 --a------ C:\WINDOWS\system32\drivers\Teefer.sys
2007-03-13 00:10:22 21075 --a------ C:\WINDOWS\system32\drivers\wpsdrvnt.sys
2007-03-13 00:10:15 83096 --a------ C:\WINDOWS\system32\SSSensor.dll
2007-03-13 00:10:10 0 d-------- C:\Program Files\Sygate
2007-03-12 23:56:14 0 d-------- C:\WINDOWS\CSC
2007-03-12 01:02:22 0 d-------- C:\Program Files\CD'n'Go! Suite<CD'N'G~1>
2007-03-10 13:05:25 0 d-------- C:\Program Files\Intercube<INTERC~1>
2007-03-10 11:39:47 37058 --a------ C:\WINDOWS\system32\lsasss.exe
2007-03-09 14:14:34 0 d-------- C:\Program Files\MP3 Player Utilities 4.00<MP3PLA~1.00>
2007-03-07 13:29:17 0 d-------- C:\Program Files\Common Files\Adobe Systems Shared<ADOBES~1>
2007-03-06 22:14:46 0 d-------- C:\Downloads<DOWNLO~1>
2007-03-02 21:19:27 1496064 -----n--- C:\WINDOWS\system32\Cc3250mt.dll
2007-03-02 21:19:15 0 d-------- C:\Program Files\Common Files\GraphBoard 2.00<GRAPHB~1.00>
2007-03-02 21:19:14 0 d-------- C:\Program Files\Common Files\YDP
2007-03-02 21:19:13 909824 -----n--- C:\WINDOWS\system32\Cp3245mt.dll
2007-03-02 21:19:13 24064 -----n--- C:\WINDOWS\system32\Borlndmm.dll
2007-03-02 21:19:11 0 d-------- C:\Program Files\EuroPlus+ REWARD<EUROPL~1>
2007-03-02 21:18:43 18944 --a------ C:\WINDOWS\system32\VVRtkReg.dll
2007-03-02 21:18:43 49152 --a------ C:\WINDOWS\system32\vvrtkclients.dll<VVRTKC~1.DLL>
2007-03-02 21:18:43 421888 --a------ C:\WINDOWS\system32\setresuk.dll
2007-03-02 21:18:43 317952 --a------ C:\WINDOWS\system32\roboex32.dll
2007-03-02 21:18:42 0 d-------- C:\Program Files\ViaVoice
2007-03-02 21:18:37 245520 --a------ C:\WINDOWS\system32\MSRD2X32.DLL
2007-03-02 21:18:37 965904 --a------ C:\WINDOWS\system32\msjt3032.dll
2007-03-02 21:18:37 1056768 --a------ C:\WINDOWS\system32\msjet35.dll
2007-03-02 21:18:36 368912 --a------ C:\WINDOWS\system32\vbar332.dll
2007-03-02 21:18:36 24848 --a------ C:\WINDOWS\system32\msjter35.dll
2007-03-02 21:18:36 123664 --a------ C:\WINDOWS\system32\msjint35.dll
2007-03-02 21:18:36 182784 -----n--- C:\WINDOWS\system32\ddao35.dll
2007-03-02 21:17:17 38160 --a------ C:\WINDOWS\system32\LMRTREND.dll
2007-03-02 21:17:13 182032 --a------ C:\WINDOWS\system32\dxtmsft3.dll
2007-03-02 21:17:07 63488 --a------ C:\WINDOWS\system32\unam4ie.exe
2007-03-02 21:17:02 10240 --a------ C:\WINDOWS\system32\vidx16.dll
2007-03-02 21:17:00 194320 --a------ C:\WINDOWS\system32\qcut.dll
2007-03-02 21:16:56 4608 --a------ C:\WINDOWS\system32\w95inf32.dll
2007-03-02 21:16:56 2272 --a------ C:\WINDOWS\system32\w95inf16.dll
2007-03-02 17:43:35 0 d-------- C:\Program Files\Elfin
2007-02-26 06:13:00 0 d-------- C:\Program Files\Webzen
2007-02-24 13:01:34 0 d-------- C:\WINDOWS\system32\LogFiles
2007-02-24 13:01:34 0 d-------- C:\WINDOWS\system32\drivers\UMDF
2007-02-22 11:47:33 208896 --a------ C:\WINDOWS\system32\nvudisp.exe
2007-02-22 11:47:33 0 d-------- C:\WINDOWS\nview
2007-02-22 11:46:57 208896 --a------ C:\WINDOWS\system32\NVUNINST.EXE
2007-02-22 11:46:13 0 d-------- C:\NVIDIA
2007-02-21 10:37:02 0 d-------- C:\Program Files\Microsoft.NET<MICROS~1.NET>
2007-02-21 10:36:12 0 d-------- C:\WINDOWS\SHELLNEW
2007-02-21 10:32:38 0 dr-h----- C:\MSOCache
2007-02-20 13:17:29 0 d-------- C:\Program Files\Ballance
2007-02-20 11:36:02 0 d-------- C:\Documents and Settings\Ailish\WINDOWS
-- Find3M Report ---------------------------------------------------------------
2007-03-20 21:29:42 0 d-------- C:\Program Files\Mozilla Firefox<MOZILL~1>
2007-03-20 02:24:13 0 d-------- C:\Program Files\GetRight
2007-03-19 23:45:19 0 d-------- C:\Program Files\eMule
2007-03-13 00:11:36 0 d-------- C:\Documents and Settings\Ailish\Dane aplikacji\Lavasoft
2007-03-10 19:42:58 0 d-------- C:\Program Files\Gadu-Gadu<GADU-G~1>
2007-03-10 13:01:12 0 d-------- C:\Program Files\D-Tools
2007-03-10 03:03:32 0 d-------- C:\Documents and Settings\Ailish\Dane aplikacji\SecondLife<SECOND~1>
2007-03-07 16:54:40 94192 --a------ C:\WINDOWS\system32\GDIPFONTCACHEV1.DAT<GDIPFO~1.DAT>
2007-03-07 13:38:48 0 d-------- C:\Documents and Settings\Ailish\Dane aplikacji\Adobe
2007-03-07 13:31:53 0 d-------- C:\Program Files\Common Files\Adobe
2007-03-03 17:31:19 0 d-------- C:\Documents and Settings\Ailish\Dane aplikacji\InstallShield<INSTAL~1>
2007-03-02 21:19:11 0 d--h----- C:\Program Files\InstallShield Installation Information<INSTAL~1>
2007-02-26 23:52:41 0 d-------- C:\Documents and Settings\Ailish\Dane aplikacji\HP
2007-02-26 23:52:23 0 d-------- C:\Documents and Settings\Ailish\Dane aplikacji\Image Zone Express<IMAGEZ~1>
2007-02-26 21:23:03 0 d-------- C:\Program Files\Maxthon
2007-02-22 17:38:12 0 d---s---- C:\Documents and Settings\Ailish\Dane aplikacji\Microsoft<MICROS~1>
2007-02-21 21:38:07 2946 --a------ C:\WINDOWS\mozver.dat
2007-02-21 10:40:14 358702 --a------ C:\WINDOWS\system32\perfh015.dat
2007-02-21 10:40:14 50748 --a------ C:\WINDOWS\system32\perfc015.dat
2007-02-18 20:43:41 0 d-------- C:\Program Files\Firefly Studios<FIREFL~1>
2007-02-18 20:43:20 0 d-------- C:\Program Files\Common Files\InstallShield<INSTAL~1>
2007-02-17 07:43:12 0 d-------- C:\Program Files\Messenger<MESSEN~1>
2007-02-17 07:42:44 0 d-------- C:\Program Files\Movie Maker<MOVIEM~1>
2007-02-17 07:39:24 0 d-------- C:\Program Files\Windows NT<WINDOW~1>
2007-02-15 18:23:01 0 d-------- C:\Program Files\SubEdit-Player<SUBEDI~1>
2007-02-11 22:09:48 0 d-------- C:\Program Files\Monte Cristo<MONTEC~1>
2007-02-08 05:41:56 0 d-------- C:\Documents and Settings\Ailish\Dane aplikacji\Media Player Classic<MEDIAP~1>
2007-02-07 22:09:44 0 d-------- C:\Program Files\Alwil Software<ALWILS~1>
2007-02-07 17:16:29 81557 --a------ C:\WINDOWS\hpfins05.dat
2007-02-07 17:10:35 0 d-------- C:\Program Files\Common Files\HP
2007-02-07 17:10:33 0 d-------- C:\Program Files\HP
2007-02-06 23:17:08 0 --a------ C:\WINDOWS\PowerReg.dat
2007-02-06 23:08:14 0 d-------- C:\Program Files\Infogrames Interactive<INFOGR~1>
2007-02-06 19:25:52 0 d-------- C:\Documents and Settings\Ailish\Dane aplikacji\ACD Systems<ACDSYS~1>
2007-02-06 19:25:26 0 d-------- C:\Program Files\Common Files\ACD Systems<ACDSYS~1>
2007-02-06 19:02:36 0 d-------- C:\Program Files\K-Lite Codec Pack<K-LITE~1>
2007-02-06 18:15:05 0 d-------- C:\Documents and Settings\Ailish\Dane aplikacji\Macromedia<MACROM~1>
2007-02-06 18:08:22 0 d-------- C:\Program Files\ACD Systems<ACDSYS~1>
2007-02-06 17:23:42 0 d-------- C:\Program Files\Ahead
2007-02-06 17:23:15 0 d-------- C:\Program Files\Common Files\LightScribe<LIGHTS~1>
2007-02-06 17:20:44 0 d-------- C:\Program Files\Common Files\Nero
2007-02-06 17:15:57 0 d-------- C:\Program Files\Common Files\Ahead
2007-02-06 10:15:04 0 d-------- C:\Program Files\Winamp
2007-02-06 10:09:18 0 d-------- C:\Documents and Settings\Ailish\Dane aplikacji\Mozilla
2007-02-06 10:02:43 107134 --a------ C:\WINDOWS\UninstallFirefox.exe<UNINST~1.EXE>
2007-02-06 10:01:35 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard<WISEIN~1>
2007-02-06 00:41:32 0 d-------- C:\Program Files\Realtek Sound Manager<REALTE~1>
2007-02-06 00:41:31 0 d-------- C:\Program Files\AvRack
2007-02-06 00:39:39 0 d-------- C:\Program Files\Intel
2007-02-06 00:36:51 0 d-------- C:\Documents and Settings\Ailish\Dane aplikacji\Identities<IDENTI~1>
2007-02-06 00:31:48 0 d-------- C:\Program Files\microsoft frontpage<MICROS~1>
2007-02-06 00:31:25 0 -rahs---- C:\MSDOS.SYS
2007-02-06 00:31:25 0 -rahs---- C:\IO.SYS
2007-02-06 00:31:25 0 --a------ C:\CONFIG.SYS
2007-02-06 00:31:25 0 --a------ C:\AUTOEXEC.BAT
2007-02-06 00:29:56 0 d-------- C:\Program Files\Usługi online<USUGIO~1>
2007-02-06 00:28:56 0 d-------- C:\Program Files\Common Files\MSSoap
2007-02-06 00:28:03 21856 --a------ C:\WINDOWS\system32\emptyregdb.dat<EMPTYR~1.DAT>
2007-02-06 00:27:40 0 d--h----- C:\Program Files\WindowsUpdate<WINDOW~3>
2007-02-06 00:27:29 0 d-------- C:\Program Files\MSN Gaming Zone<MSNGAM~1>
2007-02-06 00:21:38 0 d-------- C:\Program Files\Common Files\ODBC
2007-02-06 00:21:35 0 d-------- C:\Program Files\Common Files\SpeechEngines<SPEECH~1>
2007-02-06 00:21:11 62 --ahs---- C:\Documents and Settings\Ailish\Dane aplikacji\desktop.ini
2007-01-15 18:32:07 689280 --a------ C:\WINDOWS\system32\aswBoot.exe
2007-01-15 18:23:20 90112 --a------ C:\WINDOWS\system32\AVASTSS.scr
-- Registry Dump ---------------------------------------------------------------
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"CTFMON.EXE"="C:\\WINDOWS\\system32\\ctfmon.exe"
"Gadu-Gadu"="\"C:\\Program Files\\Gadu-Gadu\\gg.exe\" /tray"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"SoundMan"="SOUNDMAN.EXE"
"avast!"="C:\\PROGRA~1\\ALWILS~1\\Avast4\\ashDisp.exe"
"DAEMON Tools-1033"="\"C:\\Program Files\\D-Tools\\daemon.exe\" -lang 1033"
"NvCplDaemon"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvCpl.dll,NvStartup"
"nwiz"="nwiz.exe /install"
"NvMediaCenter"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvMcTray.dll,NvTaskbarInit"
"SmcService"="C:\\PROGRA~1\\Sygate\\SPF\\smc.exe -startgui"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL]
"Installed"="1"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI]
"Installed"="1"
"NoChange"="1"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS]
"Installed"="1"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{77AEB171-8F86-4669-B664-69B8DB553683}"=""
[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"CTFMON.EXE"="C:\\WINDOWS\\System32\\CTFMON.EXE"
[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\run]
"CTFMON.EXE"="C:\\WINDOWS\\System32\\CTFMON.EXE"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost]
LocalService REG_MULTI_SZ Alerter\0WebClient\0LmHosts\0RemoteRegistry\0upnphost\0SSDPSRV\0\0
NetworkService REG_MULTI_SZ DnsCache\0\0
rpcss REG_MULTI_SZ RpcSs\0\0
imgsvc REG_MULTI_SZ StiSvc\0\0
termsvcs REG_MULTI_SZ TermService\0\0
HTTPFilter REG_MULTI_SZ HTTPFilter\0\0
DcomLaunch REG_MULTI_SZ DcomLaunch\0TermService\0\0
WudfServiceGroup REG_MULTI_SZ WUDFSvc\0\0
-- Hosts -----------------------------------------------------------------------
83.149.119.142 bt.anfo.pl
83.149.119.142 beta.bt.anfo.pl
-- End of ComboScan: finished at 2007-03-20 at 22:01:44 ------------------------
- Kod: Zaznacz wszystko
O1 - Hosts: 83.149.119.142 bt.anfo.pl
O1 - Hosts: 83.149.119.142 beta.bt.anfo.pl
Znam
