przez Kenji 27 Lip 2008, 00:09
przez Okocza 27 Lip 2008, 09:03
przez Kenji 27 Lip 2008, 09:50
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:19:41, on 2008-07-27
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Avira\Avira Premium Security Suite\avesvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\Executive Software\DiskeeperLite\DKService.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\lxczcoms.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\Spyware Doctor\sdhelp.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\UAService7.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\COMMON~1\PCSuite\DATALA~1\DATALA~1.EXE
C:\WINDOWS\system32\LVCOMSX.EXE
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Lexmark 1200 Series\lxczbmgr.exe
C:\Program Files\Lexmark 1200 Series\lxczbmon.exe
C:\PROGRA~1\COMMON~1\PCSuite\Services\SERVIC~1.EXE
C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\Skype\Plugins\Plugins\1163D2B46CC742E5A3CC9E4157887751\TalkAndWrite.exe
C:\Program Files\VDOTool\TBPanel.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Vista Drive Icon\DrvIcon.exe
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
C:\PROGRA~1\WapSter\WAPSTE~1\AQQ.exe
C:\Program Files\DNA\btdna.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\MyPortal\Speed-X\SpeedX.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Common Files\Teleca Shared\Generic.exe
C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
C:\Program Files\Intuwave\Shared\mRouterRuntime\mRouterRuntime.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\Program Files\STEAM\Steam.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.eu.microsoft.com/poland/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=61005
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=61005
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
R3 - URLSearchHook: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll
O2 - BHO: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~2\MEGAUP~1.DLL
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: MegaIEMn - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll
O3 - Toolbar: &Crawler Toolbar - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O3 - Toolbar: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~2\MEGAUP~1.DLL
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [DataLayer] C:\PROGRA~1\COMMON~1\PCSuite\DATALA~1\DATALA~1.EXE
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\TRAYAP~1.EXE
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [lxczbmgr.exe] "C:\Program Files\Lexmark 1200 Series\lxczbmgr.exe"
O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [TalkAndWrite] C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\Skype\Plugins\Plugins\1163D2B46CC742E5A3CC9E4157887751\TalkAndWrite.exe /run
O4 - HKLM\..\Run: [Gainward] C:\Program Files\VDOTool\TBPanel.exe /A
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -scheduler
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [DrvIcon] C:\Program Files\Vista Drive Icon\DrvIcon.exe
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\Avira Premium Security Suite\avgnt.exe" /min
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\RunOnce: [aswAhAScr.dll] C:\PROGRA~1\ALWILS~1\Avast4\ASWREG~1.EXE "C:\Program Files\Alwil Software\Avast4\AhAScr.dll"
O4 - HKCU\..\Run: [UberIcon] "C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe"
O4 - HKCU\..\Run: [AQQ] C:\PROGRA~1\WapSter\WAPSTE~1\AQQ.exe
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpeedX] C:\PROGRA~1\MyPortal\Speed-X\SpeedX.exe
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [CTSyncU.exe] "C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe"
O4 - HKCU\..\Run: [Odkurzacz-MCD] C:\Program Files\Odkurzacz\odk_mcd.exe
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [GoD] "C:\Documents and Settings\Hubert Ziom.HUBI\Moje dokumenty\GoD\GoD.exe" /tray
O4 - HKCU\..\Run: [Steam] "C:\Program Files\STEAM\Steam.exe" -silent
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA LOKALNA')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA SIECIOWA')
O4 - HKUS\S-1-5-18\..\Run: [Spyware Doctor] (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Spyware Doctor] (User 'Default user')
O4 - Startup: TransBar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe
O4 - Startup: UberIcon.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
O4 - Startup: Y'z Shadow.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Ściągnij przy pomocy FlashGet'a - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: &Ściągnij wszystko przy pomocy FlashGet'a - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: xfire_lsp_9028.dll
O10 - Unknown file in Winsock LSP: xfire_lsp_9028.dll
O15 - Trusted Zone: http://www.mks.com.pl
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {27527D31-447B-11D5-A46E-0001023B4289} (CoGSManager Class) - http://gamingzone.ubisoft.com/dev/packages/GSManager.cab
O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} (MksSkanerOnline Class) - http://www.mks.com.pl/skaner/SkanerOnline.cab
O16 - DPF: {69EF49E5-FE46-4B92-B5FA-2193AB7A6B8A} (GameLauncher Control) - http://www.acclaim.com/cabs/acclaim_v4.cab
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab
O16 - DPF: {D1E7CBDA-E60E-4970-A01C-37301EF7BF98} (Futuremark Measurement Services Client) - http://www.yougamers.com/systeminfo/MSC3.cab
O16 - DPF: {E7544C6C-CFD6-43EA-B4E9-360CEE20BDF7} (MainControl Class) - http://www.mks.com.pl/skaner/SkanerOnline.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/softwareupdate/su2/ocx/15035/CTPID.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Avira Premium Security Suite Firewall (AntiVirFirewallService) - Avira GmbH - C:\Program Files\Avira\Avira Premium Security Suite\avfwsvc.exe
O23 - Service: Avira Premium Security Suite MailGuard (AntiVirMailService) - Avira GmbH - C:\Program Files\Avira\Avira Premium Security Suite\avmailc.exe
O23 - Service: Avira Premium Security Suite Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\Avira Premium Security Suite\sched.exe
O23 - Service: Avira Premium Security Suite Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\Avira Premium Security Suite\avguard.exe
O23 - Service: Avira Premium Security Suite WebGuard (antivirwebservice) - Avira GmbH - C:\Program Files\Avira\Avira Premium Security Suite\AVWEBGRD.EXE
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: Ares Chatroom server (AresChatServer) - Unknown owner - C:\Program Files\Ares\chatServer.exe (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Avira Premium Security Suite MailGuard helper service (AVEService) - Avira GmbH - C:\Program Files\Avira\Avira Premium Security Suite\avesvc.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: Diskeeper - Executive Software International, Inc. - C:\Program Files\Executive Software\DiskeeperLite\DKService.exe
O23 - Service: FLEXnet Licensing Service - Unknown owner - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Unknown owner - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: lxcz_device - - C:\WINDOWS\system32\lxczcoms.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools Research Pty Ltd - C:\Program Files\Spyware Doctor\sdhelp.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Sony DADC Austria AG. - C:\WINDOWS\system32\UAService7.exe
--
End of file - 15494 bytes
ComboFix 08-07-26.1 - Hubert Ziom 2008-07-27 10:24:02.3 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1250.1.1045.18.1448 [GMT 2:00]
Running from: C:\Documents and Settings\Hubert Ziom.HUBI\Pulpit\instalki tym\ComboFix.exe
* Created a new restore point
[color=red][b]WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !![/b][/color]
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\WINDOWS\system32\btfunc.dll
.
((((((((((((((((((((((((( Files Created from 2008-06-27 to 2008-07-27 )))))))))))))))))))))))))))))))
.
2008-07-27 09:36 . 2008-07-27 10:07 <DIR> d-------- C:\Program Files\STEAM
2008-07-27 00:26 . 2008-07-27 00:26 <DIR> d-------- C:\Program Files\Alwil Software
2008-07-25 20:38 . 2008-07-25 20:38 <DIR> d-------- C:\Documents and Settings\Hubert Ziom.HUBI\Dane aplikacji\Megaupload
2008-07-25 20:37 . 2008-07-25 20:37 <DIR> d-------- C:\Program Files\MegauploadToolbar
2008-07-25 20:37 . 2008-07-25 20:37 <DIR> d-------- C:\Program Files\Megaupload
2008-07-25 20:37 . 2008-07-25 20:37 <DIR> d-------- C:\Documents and Settings\Hubert Ziom.HUBI\Dane aplikacji\MegauploadToolbar
2008-07-11 15:02 . 2008-07-24 16:44 <DIR> d-------- C:\Program Files\GameShadow
2008-07-10 15:54 . 2008-07-10 16:29 <DIR> d-------- C:\Documents and Settings\Hubert Ziom.HUBI\Dane aplikacji\Any Video Converter
2008-07-10 15:48 . 2008-07-10 15:48 <DIR> d-------- C:\Program Files\Easy RealMedia Tools
2008-07-10 15:37 . 2008-07-10 15:37 <DIR> d-------- C:\Documents and Settings\Hubert Ziom.HUBI\Dane aplikacji\Ahead
2008-07-10 00:39 . 2008-07-10 00:39 <DIR> d-------- C:\Documents and Settings\Hubert Ziom.HUBI\Dane aplikacji\BESTplayer
2008-07-09 23:55 . 2008-07-09 23:58 <DIR> d-------- C:\Program Files\SecondLife
2008-07-09 23:17 . 2006-08-16 13:59 100,352 -----c--- C:\WINDOWS\system32\dllcache\6to4svc.dll
2008-07-06 11:32 . 2008-07-06 11:32 0 --ah----- C:\WINDOWS\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
2008-07-06 11:32 . 2008-07-06 11:32 0 --ah----- C:\WINDOWS\system32\drivers\Msft_Kernel_ggsemc_01005.Wdf
2008-07-06 01:49 . 2008-07-06 01:49 1,419,232 --a------ C:\WINDOWS\system32\wdfcoinstaller01005.dll
2008-07-06 01:49 . 2008-07-06 01:49 13,352 --a------ C:\WINDOWS\system32\drivers\ggflt.sys
2008-07-06 01:46 . 2008-07-06 01:46 0 --a------ C:\WINDOWS\mngui.INI
2008-07-06 00:35 . 2006-11-30 15:11 90,800 -ra------ C:\WINDOWS\system32\drivers\se46unic.sys
2008-07-06 00:35 . 2006-11-30 15:11 88,624 -ra------ C:\WINDOWS\system32\drivers\se46mgmt.sys
2008-07-06 00:35 . 2006-11-30 15:11 18,704 -ra------ C:\WINDOWS\system32\drivers\se46nd5.sys
2008-07-06 00:35 . 2006-11-30 15:11 4,128 -ra------ C:\WINDOWS\system32\drivers\se46cr.sys
2008-07-06 00:34 . 2006-11-30 15:11 97,088 -ra------ C:\WINDOWS\system32\drivers\se46mdm.sys
2008-07-06 00:34 . 2006-11-30 15:11 86,432 -ra------ C:\WINDOWS\system32\drivers\se46obex.sys
2008-07-06 00:34 . 2006-11-30 15:11 61,536 -ra------ C:\WINDOWS\system32\drivers\se46bus.sys
2008-07-06 00:34 . 2006-11-30 15:11 9,360 -ra------ C:\WINDOWS\system32\drivers\se46mdfl.sys
2008-07-06 00:34 . 2006-11-30 15:11 6,240 -ra------ C:\WINDOWS\system32\drivers\se46cmnt.sys
2008-07-06 00:34 . 2006-11-30 15:11 6,240 -ra------ C:\WINDOWS\system32\drivers\se46cm.sys
2008-07-06 00:34 . 2006-11-30 15:11 5,872 -ra------ C:\WINDOWS\system32\drivers\se46whnt.sys
2008-07-06 00:34 . 2006-11-30 15:11 5,872 -ra------ C:\WINDOWS\system32\drivers\se46wh.sys
2008-07-05 22:25 . 2008-07-05 22:25 <DIR> d-------- C:\Program Files\MyPhoneExplorer
2008-07-05 22:25 . 2008-07-05 22:29 <DIR> d-------- C:\Documents and Settings\Hubert Ziom.HUBI\Dane aplikacji\MyPhoneExplorer
2008-07-05 20:25 . 2008-07-05 21:48 <DIR> d-------- C:\Documents and Settings\Hubert Ziom.HUBI\Dane aplikacji\Teleca
2008-07-05 20:17 . 2008-07-05 20:17 <DIR> d-------- C:\Documents and Settings\Hubert Ziom.HUBI\Dane aplikacji\Sony Ericsson
2008-07-05 20:14 . 2008-07-06 01:48 <DIR> d-------- C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\Sony Ericsson
2008-07-05 20:13 . 2008-07-05 20:13 <DIR> d-------- C:\Program Files\Common Files\Sony Ericsson Shared
2008-07-05 20:12 . 2008-07-05 20:12 <DIR> d-------- C:\Program Files\Sony Ericsson
2008-07-05 20:12 . 2008-07-05 20:14 <DIR> d-------- C:\Program Files\Common Files\Teleca Shared
2008-07-05 20:12 . 2008-07-05 20:14 <DIR> d-------- C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\Teleca
2008-07-05 20:07 . 2004-08-03 23:08 31,616 --a------ C:\WINDOWS\system32\drivers\usbccgp.sys
2008-07-05 20:07 . 2004-08-03 23:08 31,616 --a--c--- C:\WINDOWS\system32\dllcache\usbccgp.sys
2008-07-05 18:22 . 2004-08-04 00:38 14,848 --a------ C:\WINDOWS\system32\drivers\kbdhid.sys
2008-07-05 18:22 . 2004-08-04 00:38 14,848 --a--c--- C:\WINDOWS\system32\dllcache\kbdhid.sys
2008-07-05 18:21 . 2004-08-04 00:35 25,728 --a------ C:\WINDOWS\system32\drivers\hidbth.sys
2008-07-05 18:21 . 2004-08-04 00:35 25,728 --a--c--- C:\WINDOWS\system32\dllcache\hidbth.sys
2008-07-03 23:45 . 2008-07-03 23:45 <DIR> d-------- C:\Program Files\OpenAL
2008-07-03 23:45 . 2008-07-11 14:47 <DIR> d-------- C:\Program Files\Eidos
2008-07-03 23:45 . 2008-07-03 23:45 115,432 --a------ C:\WINDOWS\system32\OpenAL32.dll
2008-07-03 21:16 . 2008-07-04 14:39 <DIR> d-------- C:\Program Files\Snikers
2008-07-03 21:07 . 2008-07-06 22:32 <DIR> d-------- C:\Program Files\IDoser v4
2008-07-02 21:44 . 2008-07-13 14:50 <DIR> d-------- C:\Program Files\Warsow
2008-07-02 21:44 . 2008-07-02 21:44 <DIR> d-------- C:\Documents and Settings\Hubert Ziom.HUBI\Dane aplikacji\Warsow
2008-07-02 20:05 . 2008-07-23 18:29 <DIR> dr------- C:\Sakson's save 100%
2008-07-02 17:52 . 2008-07-02 17:52 <DIR> d-------- C:\Program Files\RocketDock
2008-07-01 17:07 . 2008-07-01 17:07 <DIR> d-------- C:\Program Files\NovaTech Network
2008-07-01 15:49 . 2008-07-01 15:49 <DIR> d-------- C:\Documents and Settings\Hubert Ziom.HUBI\Dane aplikacji\Avira
2008-06-29 23:40 . 2008-05-08 14:28 202,752 -----c--- C:\WINDOWS\system32\dllcache\rmcast.sys
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-07-27 08:26 --------- d-----w C:\Documents and Settings\Hubert Ziom.HUBI\Dane aplikacji\DNA
2008-07-26 21:52 --------- d-----w C:\Program Files\Common Files\LightScribe
2008-07-26 21:51 --------- d-----w C:\Program Files\Common Files\InstallShield
2008-07-26 21:51 --------- d-----w C:\Program Files\Common Files\aol
2008-07-26 21:50 --------- d-----w C:\Program Files\Ahead
2008-07-26 21:50 --------- d-----w C:\Program Files\AC3Filter
2008-07-26 21:50 --------- d-----w C:\Program Files\7-Zip
2008-07-26 09:39 22,328 ----a-w C:\WINDOWS\system32\drivers\PnkBstrK.sys
2008-07-26 09:39 107,832 ----a-w C:\WINDOWS\system32\PnkBstrB.exe
2008-07-26 09:10 --------- d-----w C:\Program Files\Mozilla Thunderbird
2008-07-25 18:37 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-07-25 10:33 --------- d-----w C:\Program Files\FlashGet
2008-07-23 16:43 --------- d-----w C:\Program Files\Teamspeak2_RC2
2008-07-23 16:43 --------- d-----w C:\Documents and Settings\Hubert Ziom.HUBI\Dane aplikacji\teamspeak2
2008-07-23 16:29 --------- d-----w C:\Program Files\Odkurzacz
2008-07-23 16:29 --------- d-----w C:\Documents and Settings\Mama.HAPY2\Dane aplikacji\skypePM
2008-07-10 13:15 --------- d-----w C:\Documents and Settings\Hubert Ziom.HUBI\Dane aplikacji\Skype
2008-07-10 12:08 --------- d-----w C:\Documents and Settings\Hubert Ziom.HUBI\Dane aplikacji\skypePM
2008-07-09 21:58 --------- d-----w C:\Documents and Settings\Hubert Ziom.HUBI\Dane aplikacji\SecondLife
2008-07-09 09:26 --------- d-----w C:\Program Files\Ubisoft
2008-07-06 14:37 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\TrackMania
2008-07-05 23:49 21,672 ----a-w C:\WINDOWS\system32\drivers\ggsemc.sys
2008-07-03 21:45 418,480 ----a-w C:\WINDOWS\system32\wrap_oal.dll
2008-07-02 15:54 --------- d-----w C:\Program Files\Thoosje Sidebar V2.3
2008-07-01 21:27 --------- d-----w C:\Program Files\HyCam2
2008-06-29 21:22 --------- d-----w C:\Program Files\SUPERAntiSpyware
2008-06-29 21:03 --------- d-----w C:\Program Files\DynDNS Updater
2008-06-29 16:35 --------- d-----w C:\Program Files\ESET
2008-06-26 22:00 71,592 ----a-w C:\WINDOWS\system32\drivers\avfwot.sys
2008-06-26 22:00 71,464 ----a-w C:\WINDOWS\system32\drivers\avfwim.sys
2008-06-26 21:50 --------- d-----w C:\Program Files\Avira
2008-06-26 21:50 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\Avira
2008-06-26 16:15 --------- d-----w C:\Program Files\SpeedFan
2008-06-26 16:15 --------- d-----w C:\Program Files\QuickTime
2008-06-26 16:15 --------- d-----w C:\Program Files\Moleskinsoft Clone Remover 2.9
2008-06-26 16:15 --------- d-----w C:\Program Files\Hide IP Platinum
2008-06-26 14:18 --------- d-----w C:\Program Files\Driver Cleaner
2008-06-25 23:59 184,320 ----a-w C:\WINDOWS\system32\miccyhook.dll
2008-06-25 23:44 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\AOL
2008-06-25 23:38 --------- d-----w C:\Documents and Settings\Hubert Ziom.HUBI\Dane aplikacji\AOL
2008-06-25 23:37 --------- d-----w C:\Program Files\Viewpoint
2008-06-25 23:37 --------- d-----w C:\Program Files\Common Files\Nullsoft
2008-06-25 23:37 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\Viewpoint
2008-06-25 23:32 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\AOL Downloads
2008-06-24 16:18 107,888 ----a-w C:\WINDOWS\system32\CmdLineExt.dll
2008-06-20 17:42 246,784 ----a-w C:\WINDOWS\system32\mswsock.dll
2008-06-20 10:45 360,320 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys
2008-06-20 10:44 138,368 ----a-w C:\WINDOWS\system32\drivers\afd.sys
2008-06-20 09:52 225,920 ----a-w C:\WINDOWS\system32\drivers\tcpip6.sys
2008-06-17 16:19 --------- d-----w C:\Documents and Settings\Hubert Ziom.HUBI\Dane aplikacji\Creative
2008-06-17 15:43 --------- d-----w C:\Program Files\Creative
2008-06-17 15:42 --------- d--h--w C:\Program Files\Creative Installation Information
2008-06-17 15:42 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\Creative
2008-06-17 06:11 --------- d-----w C:\Program Files\Satellite TV for PC
2008-06-16 21:40 --------- d-----w C:\Program Files\TVUPlayer
2008-06-16 21:40 --------- d-----w C:\Documents and Settings\Hubert Ziom.HUBI\Dane aplikacji\TVU Networks
2008-06-16 21:17 --------- d-----w C:\Program Files\Real
2008-06-16 21:17 --------- d-----w C:\Program Files\Common Files\xing shared
2008-06-16 21:17 --------- d-----w C:\Program Files\Common Files\Real
2008-06-16 21:09 --------- d-----w C:\Program Files\TVAnts
2008-06-16 20:53 --------- d-----w C:\Program Files\Spyware Doctor
2008-06-16 20:53 --------- d-----w C:\Program Files\PC Tools Firewall Plus
2008-06-14 18:01 273,024 ----a-w C:\WINDOWS\system32\drivers\bthport.sys
2008-06-11 17:04 22,328 ----a-w C:\Documents and Settings\Hubert Ziom.HUBI\Dane aplikacji\PnkBstrK.sys
2008-06-11 17:03 674,600 ----a-w C:\WINDOWS\system32\pbsvc.exe
2008-06-11 17:03 66,872 ----a-w C:\WINDOWS\system32\PnkBstrA.exe
2008-06-06 10:09 --------- d-----w C:\Program Files\SystemRequirementsLab
2008-06-06 07:48 --------- d-----w C:\Documents and Settings\Hubert Ziom.HUBI\Dane aplikacji\Apple Computer
2008-06-06 07:43 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\Apple Computer
2008-05-30 22:53 --------- d-----w C:\Documents and Settings\Mama.HAPY2\Dane aplikacji\Skype
2008-05-29 20:59 --------- d-----w C:\Program Files\Stardock
2008-05-29 19:02 --------- d-----w C:\Program Files\MTA San Andreas
2008-05-29 10:33 27,672 ----a-r C:\WINDOWS\system32\drivers\Entech.sys
2008-05-27 18:38 --------- d-----w C:\Program Files\WapSter
2008-05-27 13:44 --------- d-----w C:\Program Files\Fraps
2008-05-26 20:17 306,432 ----a-w C:\WINDOWS\system32\TuneUpDefragService.exe
2008-05-16 09:58 12,632 ----a-w C:\WINDOWS\system32\lsdelete.exe
2008-05-07 05:16 1,291,264 ----a-w C:\WINDOWS\system32\quartz.dll
2008-05-01 14:37 46,936 ----a-w C:\Documents and Settings\Hubert Ziom.HUBI\Dane aplikacji\GDIPFONTCACHEV1.DAT
2008-03-30 21:24 81,920 ----a-w C:\Documents and Settings\Hubert Ziom.HUBI\Dane aplikacji\ezpinst.exe
2008-03-30 21:24 47,360 ----a-w C:\Documents and Settings\Hubert Ziom.HUBI\Dane aplikacji\pcouffin.sys
2008-03-22 10:25 1 ----a-w C:\Documents and Settings\Hubert Ziom.HUBI\SI.bin
2008-02-24 20:46 32 ----a-w C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\ezsid.dat
2006-02-24 17:22 17,144 ----a-w C:\Documents and Settings\Mama.HAPY2\Dane aplikacji\GDIPFONTCACHEV1.DAT
2001-11-23 04:08 712,704 ----a-w C:\WINDOWS\inf\OTHER\AUDIO3D.DLL
.
------- Sigcheck -------
2007-06-13 15:23 976896 e74ef52c79f3347a0b105b0b92bfed38 C:\WINDOWS\explorer.exe
2007-06-13 15:12 1034752 8db0650b211425b9cdb7d1c4a8f6b482 C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
2004-08-04 00:44 975872 196c130d31317fe53de984220b5e13b9 C:\WINDOWS\$NtUninstallKB938828$\explorer.exe
2007-06-13 15:23 976896 e74ef52c79f3347a0b105b0b92bfed38 C:\WINDOWS\system32\dllcache\explorer.exe
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"UberIcon"="C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe" [2006-05-21 09:43 180224]
"AQQ"="C:\PROGRA~1\WapSter\WAPSTE~1\AQQ.exe" [2008-07-10 11:11 1597936]
"BitTorrent DNA"="C:\Program Files\DNA\btdna.exe" [2008-05-08 08:13 289088]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 00:44 15360]
"SpeedX"="C:\PROGRA~1\MyPortal\Speed-X\SpeedX.exe" [2006-06-27 14:11 46718]
"DAEMON Tools Lite"="C:\Program Files\DAEMON Tools Lite\daemon.exe" [2008-04-01 11:39 486856]
"CTSyncU.exe"="C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe" [2007-07-17 11:03 868352]
"Odkurzacz-MCD"="C:\Program Files\Odkurzacz\odk_mcd.exe" [2008-03-03 14:44 266240]
"GoD"="C:\Documents and Settings\Hubert Ziom.HUBI\Moje dokumenty\GoD\GoD.exe" [2008-07-21 00:48 2456576]
"Steam"="C:\Program Files\STEAM\Steam.exe" [2008-07-27 09:37 1271032]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DataLayer"="C:\PROGRA~1\COMMON~1\PCSuite\DATALA~1\DATALA~1.EXE" [2004-08-24 14:30 986624]
"PCSuiteTrayApplication"="C:\PROGRA~1\Nokia\NOKIAP~1\TRAYAP~1.EXE" [2004-08-17 17:04 148992]
"LVCOMSX"="C:\WINDOWS\system32\LVCOMSX.EXE" [2004-10-08 12:52 221184]
"LogitechVideoRepair"="C:\Program Files\Logitech\Video\ISStart.exe" [2004-10-08 13:31 458752]
"lxczbmgr.exe"="C:\Program Files\Lexmark 1200 Series\lxczbmgr.exe" [2007-02-09 00:55 74672]
"FaxCenterServer"="C:\Program Files\Lexmark Fax Solutions\fm3032.exe" [2007-02-09 00:56 295856]
"ISUSPM Startup"="C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe" [2006-05-16 12:58 213936]
"TalkAndWrite"="C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\Skype\Plugins\Plugins\1163D2B46CC742E5A3CC9E4157887751\TalkAndWrite.exe" [2008-02-11 20:45 3042816]
"Gainward"="C:\Program Files\VDOTool\TBPanel.exe" [2007-10-02 13:19 2165272]
"ISUSPM"="C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" [2006-05-16 12:58 213936]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-12-05 02:41 8523776]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2007-12-05 02:41 81920]
"DrvIcon"="C:\Program Files\Vista Drive Icon\DrvIcon.exe" [2008-04-13 14:39 49152]
"PWRISOVM.EXE"="C:\Program Files\PowerISO\PWRISOVM.EXE" [2007-04-09 14:23 200704]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-06-29 06:24 286720]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2008-06-16 23:17 185896]
"avgnt"="C:\Program Files\Avira\Avira Premium Security Suite\avgnt.exe" [2008-07-23 18:15 266497]
"Sony Ericsson PC Suite"="C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" [2006-11-24 01:06 487424]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2006-09-25 17:42 108160]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2004-08-04 00:44 110592 C:\WINDOWS\system32\bthprops.cpl]
"RTHDCPL"="RTHDCPL.EXE" [2007-10-12 10:33 16384512 C:\WINDOWS\RTHDCPL.exe]
C:\Documents and Settings\Mama.HAPY2\Menu Start\Programy\Autostart\
Last.fm Helper.lnk - C:\Program Files\Last.fm\LastFMHelper.exe [2007-09-16 16:12:25 106496]
C:\Documents and Settings\Hubert Ziom.HUBI\Menu Start\Programy\Autostart\
TransBar.lnk - C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe [2005-06-01 21:41:18 65536]
UberIcon.lnk - C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe [2006-05-21 09:43:08 180224]
Y'z Shadow.lnk - C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe [2006-05-21 09:43:14 155648]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"SynchronousMachineGroupPolicy"= 1 (0x1)
"SynchronousUserGroupPolicy"= 1 (0x1)
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoStrCmpLogical"= 0 (0x0)
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"DisableRegistryTools"= 1 (0x1)
"NoSMBalloonTip"= 0 (0x0)
"MemCheckBoxInRunDlg"= 0 (0x0)
"NoAutoTrayNotify"= 0 (0x0)
"NoResolveTrack"= 0 (0x0)
"NoResolveSearch"= 0 (0x0)
"NoWelcomeScreen"= 0 (0x0)
"NoRecentDocsNetHood"= 0 (0x0)
"ForceClassicControlPanel"= 0 (0x0)
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "C:\Program Files\SUPERAntiSpyware\SASSEH.DLL" [2006-12-20 13:55 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2007-04-19 13:41 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"vidc.yv12"= yv12vfw.dll
"VIDC.HFYU"= huffyuv.dll
[HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Menu Start^Programy^Autostart^PalTalk.lnk]
backup=C:\WINDOWS\pss\PalTalk.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^Hubert Ziom.HUBI^Menu Start^Programy^Autostart^Last.fm Helper.lnk]
backup=C:\WINDOWS\pss\Last.fm Helper.lnkStartup
[HKLM\~\startupfolder\C:^Documents and Settings^Hubert Ziom.HUBI^Menu Start^Programy^Autostart^RocketDock.lnk]
backup=C:\WINDOWS\pss\RocketDock.lnkStartup
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AOL Fast Start
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Make A Voozie
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
--a------ 2008-04-01 11:39 486856 C:\Program Files\DAEMON Tools Lite\daemon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
--a------ 2001-07-09 12:50 155648 C:\WINDOWS\system32\NeroCheck.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
--a------ 2007-12-05 02:41 1626112 C:\WINDOWS\system32\nwiz.exe
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"FirewallOverride"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"C:\\Program Files\\Gadu-Gadu\\gg.exe"=
"C:\\Program Files\\FlashGet\\flashget.exe"=
"C:\\Program Files\\Metin2_UK\\metin2.bin"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"C:\\Program Files\\WapSter\\AQQ\\AQQ.exe"=
"C:\\PROGRA~1\\WapSter\\AQQ\\AQQ.exe"=
"C:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"C:\\WINDOWS\\system32\\dpvsetup.exe"=
"C:\\Program Files\\Last.fm\\LastFM.exe"=
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"C:\\Program Files\\MSN Messenger\\livecall.exe"=
"C:\\WINDOWS\\system32\\lxczcoms.exe"=
"C:\\Program Files\\uTorrent\\uTorrent.exe"=
"C:\\totalcmd\\TOTALCMD.EXE"=
"C:\\Program Files\\Tlen.pl\\tlen.exe"=
"C:\\Program Files\\Xfire\\Xfire.exe"=
"C:\\Program Files\\Intuwave\\Shared\\mRouterRuntime\\mRouterRuntime.exe"=
"C:\\Program Files\\SHOUTcast\\sc_serv.exe"=
"C:\\Program Files\\Teamspeak2_RC2\\server_windows.exe"=
"C:\\Documents and Settings\\All Users.WINDOWS\\Dane aplikacji\\Skype\\Plugins\\Plugins\\289650C9E52C40FE91D947C6D0EB72DA\\rcviewer.exe"=
"C:\\Documents and Settings\\All Users.WINDOWS\\Dane aplikacji\\Skype\\Plugins\\Plugins\\289650C9E52C40FE91D947C6D0EB72DA\\remotex.exe"=
"C:\\Program Files\\DNA\\btdna.exe"=
"C:\\WINDOWS\\system32\\PnkBstrA.exe"=
"C:\\WINDOWS\\system32\\PnkBstrB.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\Common Files\\aol\\acs\\AOLacsd.exe"=
"C:\\Program Files\\WapSter\\WapSter AQQ\\AQQ.exe"=
"C:\\Program Files\\Eidos\\Conflict Denied Ops Demo\\ConflictDeniedOps.exe"=
"C:\\Program Files\\Skype\\Phone\\Skype.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"8461:TCP"= 8461:TCP:GoD High Port
"8462:TCP"= 8462:TCP:GoD Low Port
R1 avfwot;avfwot;C:\WINDOWS\system32\DRIVERS\avfwot.sys [2008-06-27 00:00]
R1 VRVD302;VRVD302;C:\WINDOWS\system32\DRIVERS\VRVD302.sys [2008-02-24 21:07]
R2 AVEService;Avira Premium Security Suite MailGuard helper service;C:\Program Files\Avira\Avira Premium Security Suite\avesvc.exe [2008-07-23 18:15]
R2 lxcz_device;lxcz_device;C:\WINDOWS\system32\lxczcoms.exe [2007-02-09 00:50]
R3 avfwim;AvFw Packet Filter Miniport;C:\WINDOWS\system32\DRIVERS\avfwim.sys [2008-06-27 00:00]
R3 dfmirage;dfmirage;C:\WINDOWS\system32\DRIVERS\dfmirage.sys [2005-11-25 18:43]
R3 EuMusDesignVirtualAudioCableWdm_sdh;Sandhills Audio Cable;C:\WINDOWS\system32\DRIVERS\vacsdhkd.sys [2008-02-24 22:40]
R3 USBSTOR;Sterownik magazynu masowego USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-04 00:08]
S2 AntiVirFirewallService;Avira Premium Security Suite Firewall;C:\Program Files\Avira\Avira Premium Security Suite\avfwsvc.exe [2008-07-23 18:15]
S2 AntiVirMailService;Avira Premium Security Suite MailGuard;C:\Program Files\Avira\Avira Premium Security Suite\avmailc.exe [2008-07-23 18:15]
S2 antivirwebservice;Avira Premium Security Suite WebGuard;C:\Program Files\Avira\Avira Premium Security Suite\AVWEBGRD.EXE [2008-07-23 18:15]
S3 AvFlt;Antivirus Filter Driver;C:\WINDOWS\system32\drivers\av5flt.sys []
S3 ggflt;SEMC USB Flash Driver Filter;C:\WINDOWS\system32\DRIVERS\ggflt.sys [2008-07-06 01:49]
S3 hamachi_oem;PlayLinc Adapter;C:\WINDOWS\system32\DRIVERS\gan_adapter.sys [2006-08-29 00:54]
S3 se46bus;Sony Ericsson Device 070 driver (WDM);C:\WINDOWS\system32\DRIVERS\se46bus.sys [2006-11-30 15:11]
S3 se46mdfl;Sony Ericsson Device 070 USB WMC Modem Filter;C:\WINDOWS\system32\DRIVERS\se46mdfl.sys [2006-11-30 15:11]
S3 se46mdm;Sony Ericsson Device 070 USB WMC Modem Driver;C:\WINDOWS\system32\DRIVERS\se46mdm.sys [2006-11-30 15:11]
S3 se46mgmt;Sony Ericsson Device 070 USB WMC Device Management Drivers (WDM);C:\WINDOWS\system32\DRIVERS\se46mgmt.sys [2006-11-30 15:11]
S3 se46nd5;Sony Ericsson Device 070 USB Ethernet Emulation SEMC46 (NDIS);C:\WINDOWS\system32\DRIVERS\se46nd5.sys [2006-11-30 15:11]
S3 se46obex;Sony Ericsson Device 070 USB WMC OBEX Interface;C:\WINDOWS\system32\DRIVERS\se46obex.sys [2006-11-30 15:11]
S3 se46unic;Sony Ericsson Device 070 USB Ethernet Emulation SEMC46 (WDM);C:\WINDOWS\system32\DRIVERS\se46unic.sys [2006-11-30 15:11]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service;C:\WINDOWS\System32\TuneUpDefragService.exe [2008-05-26 22:17]
S3 usbscan;Sterownik skanera USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 22:58]
S4 Boonty Games;Boonty Games;C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe []
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5c0eccdc-4ab0-11dd-a5a7-00038a000015}]
\Shell\AutoRun\command - I:\h6o0re.cmd
\Shell\explore\Command - I:\h6o0re.cmd
\Shell\open\Command - I:\h6o0re.cmd
*Newly Created Service* - ASWUPDSV
*Newly Created Service* - AVAST!_ANTIVIRUS
*Newly Created Service* - AVAST!_MAIL_SCANNER
*Newly Created Service* - AVAST!_WEB_SCANNER
*Newly Created Service* - CATCHME
.
- - - - ORPHANS REMOVED - - - -
HKCU-Run-updateMgr - C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe
HKCU-Run-NBJ - C:\Program Files\Ahead\Nero BackItUp\NBJ.exe
HKLM-Run-ISUSScheduler - C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
HKLM-Run-Cmaudio - cmicnfg.cpl
HKU-Default-Run-Spyware Doctor - (no file)
Notify-WgaLogon - (no file)
MSConfigStartUp-HostManager - C:\Program Files\Common Files\AOL\1214436988\ee\AOLSoftware.exe
.
------- Supplementary Scan -------
.
R0 -: HKCU-Main,SearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
R1 -: HKCU-Internet Connection Wizard,ShellNext = iexplore
R1 -: HKCU-Internet Settings,ProxyOverride = localhost
R1 -: HKCU-SearchURL,(Default) = hxxp://www.google.com/keyword/%s
O8 -: &Ściągnij przy pomocy FlashGet'a - C:\Program Files\FlashGet\jc_link.htm
O8 -: &Ściągnij wszystko przy pomocy FlashGet'a - C:\Program Files\FlashGet\jc_all.htm
O8 -: Crawler Search - tbr:iemenu
O8 -: E&ksport do programu Microsoft Excel - C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O18 -: Handler: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O16 -: Microsoft XML Parser for Java - C:\WINDOWS\Downloaded Program Files\Microsoft XML Parser for Java.osd
O16 -: {68282C51-9459-467B-95BF-3C0E89627E55} - hxxp://www.mks.com.pl/skaner/SkanerOnline.cab
C:\WINDOWS\Downloaded Program Files\SkanerOnline.inf
C:\WINDOWS\system32\SkanerOnlineUninstall.exe
C:\WINDOWS\system32\SkanerOnline.dll
O16 -: {E7544C6C-CFD6-43EA-B4E9-360CEE20BDF7} - hxxp://www.mks.com.pl/skaner/SkanerOnline.cab
C:\WINDOWS\Downloaded Program Files\SkanerOnline.inf
C:\WINDOWS\system32\SkanerOnlineUninstall.exe
C:\WINDOWS\system32\SkanerOnline.dll
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-07-27 10:29:43
Windows 5.1.2600 Dodatek Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\mchInjDrv]
"ImagePath"="\??\C:\WINDOWS\TEMP\mc21.tmp"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
PROCESS: C:\WINDOWS\system32\lsass.exe
-> C:\WINDOWS\system32\xfire_lsp_9028.dll
.
Completion time: 2008-07-27 10:33:08
ComboFix-quarantined-files.txt 2008-07-27 08:32:26
Pre-Run: 23,411,240,960 bajtów wolnych
Post-Run: 23,494,492,160 bajtów wolnych
365 --- E O F --- 2008-07-10 00:16:57
przez Okocza 27 Lip 2008, 13:28
Windows Registry Editor Version 5.00
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5c0eccdc-4ab0-11dd-a5a7-00038a000015}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avgnt"=-
C:\Program Files\Avira\Avira Premium Security Suite\avesvc.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\Avira Premium Security Suite\avgnt.exe" /min
O23 - Service: Avira Premium Security Suite Firewall (AntiVirFirewallService) - Avira GmbH - C:\Program Files\Avira\Avira Premium Security Suite\avfwsvc.exe
O23 - Service: Avira Premium Security Suite MailGuard (AntiVirMailService) - Avira GmbH - C:\Program Files\Avira\Avira Premium Security Suite\avmailc.exe
O23 - Service: Avira Premium Security Suite Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\Avira Premium Security Suite\sched.exe
O23 - Service: Avira Premium Security Suite Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\Avira Premium Security Suite\avguard.exe
O23 - Service: Avira Premium Security Suite WebGuard (antivirwebservice) - Avira GmbH - C:\Program Files\Avira\Avira Premium Security Suite\AVWEBGRD.EXE
O23 - Service: Avira Premium Security Suite MailGuard helper service (AVEService) - Avira GmbH - C:\Program Files\Avira\Avira Premium Security Suite\avesvc.exe Folder::
C:\Documents and Settings\Hubert Ziom.HUBI\Dane aplikacji\Avira
C:\Program Files\Avira
C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\Avira
przez Kenji 27 Lip 2008, 13:59
ComboFix 08-07-26.1 - Hubert Ziom 2008-07-27 13:41:29.4 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1250.1.1045.18.1541 [GMT 2:00]
Running from: C:\Documents and Settings\Hubert Ziom.HUBI\Pulpit\instalki tym\ComboFix.exe
Command switches used :: C:\Documents and Settings\Hubert Ziom.HUBI\Pulpit\CFScript.txt
* Created a new restore point
[color=red][b]WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !![/b][/color]
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\Avira
C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\Avira\Avira Premium Security Suite\addr_file.html
C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\Avira\Avira Premium Security Suite\AVWIN.INI
C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\Avira\Avira Premium Security Suite\AVWIN.INIhbedv.key
C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\Avira\Avira Premium Security Suite\BACKUP\FAILSAFE\aecore.dll
C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\Avira\Avira Premium Security Suite\BACKUP\FAILSAFE\aeemu.dll
C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\Avira\Avira Premium Security Suite\BACKUP\FAILSAFE\aegen.dll
C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\Avira\Avira Premium Security Suite\BACKUP\FAILSAFE\aehelp.dll
C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\Avira\Avira Premium Security Suite\BACKUP\FAILSAFE\aeheur.dll
C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\Avira\Avira Premium Security Suite\BACKUP\FAILSAFE\aeoffice.dll
C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\Avira\Avira Premium Security Suite\BACKUP\FAILSAFE\aepack.dll
C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\Avira\Avira Premium Security Suite\BACKUP\FAILSAFE\aerdl.dll
C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\Avira\Avira Premium Security Suite\BACKUP\FAILSAFE\aescn.dll
C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\Avira\Avira Premium Security Suite\BACKUP\FAILSAFE\aescript.dll
C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\Avira\Avira Premium Security Suite\BACKUP\FAILSAFE\aeset.dat
C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\Avira\Avira Premium Security Suite\BACKUP\FAILSAFE\aevdf.dll
C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\Avira\Avira Premium Security Suite\BACKUP\FAILSAFE\antivir0.vdf
C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\Avira\Avira Premium Security Suite\BACKUP\FAILSAFE\antivir1.vdf
C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\Avira\Avira Premium Security Suite\BACKUP\FAILSAFE\antivir2.vdf
C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\Avira\Avira Premium Security Suite\BACKUP\FAILSAFE\antivir3.vdf
C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\Avira\Avira Premium Security Suite\EVENTDB\avevtdb.dbe
C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\Avira\Avira Premium Security Suite\EVENTDB\usettings.db
C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\Avira\Avira Premium Security Suite\IDX\isec-nt-en.info
C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\Avira\Avira Premium Security Suite\IDX\master.idx
C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\Avira\Avira Premium Security Suite\IMCfg.bin
C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\Avira\Avira Premium Security Suite\IMCfg.xml
C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\Avira\Avira Premium Security Suite\JOBS\produpd.avj
C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\Avira\Avira Premium Security Suite\JOBS\scanjob.avj
C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\Avira\Avira Premium Security Suite\JOBS\startupd.avj
C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\Avira\Avira Premium Security Suite\JOBS\updjob.avj
C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\Avira\Avira Premium Security Suite\LOGFILES\FirewallInstall.log
C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\Avira\Avira Premium Security Suite\LOGFILES\setup.log
C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\Avira\Avira Premium Security Suite\md5db.bin
C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\Avira\Avira Premium Security Suite\OTCfg.bin
C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\Avira\Avira Premium Security Suite\PROFILES\folder.avb
C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\Avira\Avira Premium Security Suite\PROFILES\folder.avp
C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\Avira\Avira Premium Security Suite\PROFILES\mydocs.avb
C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\Avira\Avira Premium Security Suite\PROFILES\mymusic.avb
C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\Avira\Avira Premium Security Suite\PROFILES\mypics.avb
C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\Avira\Avira Premium Security Suite\PROFILES\rootkit.avp
C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\Avira\Avira Premium Security Suite\REPORTS\[u]0[/u]08e1649.avl
C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\Avira\Avira Premium Security Suite\REPORTS\[u]0[/u]2ac9bd1.avl
C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\Avira\Avira Premium Security Suite\REPORTS\[u]0[/u]8ee0aba.avl
C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\Avira\Avira Premium Security Suite\REPORTS\2dc349ad.avl
C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\Avira\Avira Premium Security Suite\REPORTS\34ee7cdd.avl
C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\Avira\Avira Premium Security Suite\REPORTS\46203a79.avl
C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\Avira\Avira Premium Security Suite\REPORTS\4a5c5843.avl
C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\Avira\Avira Premium Security Suite\REPORTS\5852d566.avl
C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\Avira\Avira Premium Security Suite\REPORTS\5a7645aa.avl
C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\Avira\Avira Premium Security Suite\REPORTS\6258bc5a.avl
C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\Avira\Avira Premium Security Suite\REPORTS\63db7547.avl
C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\Avira\Avira Premium Security Suite\REPORTS\6ddcab09.avl
C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\Avira\Avira Premium Security Suite\REPORTS\85eb5b35.avl
C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\Avira\Avira Premium Security Suite\REPORTS\86d66bac.avl
C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\Avira\Avira Premium Security Suite\REPORTS\8e1d8d6c.avl
C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\Avira\Avira Premium Security Suite\REPORTS\977a45cc.avl
C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\Avira\Avira Premium Security Suite\REPORTS\b228a2ba.avl
C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\Avira\Avira Premium Security Suite\REPORTS\be369957.avl
C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\Avira\Avira Premium Security Suite\REPORTS\c25388b3.avl
C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\Avira\Avira Premium Security Suite\REPORTS\c7d1eb98.avl
C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\Avira\Avira Premium Security Suite\REPORTS\d378dd00.avl
C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\Avira\Avira Premium Security Suite\REPORTS\dc722bca.avl
C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\Avira\Avira Premium Security Suite\REPORTS\de6a66db.avl
C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\Avira\Avira Premium Security Suite\svconfig.bin
C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\Avira\firstlsp.reg.dat
C:\Documents and Settings\Hubert Ziom.HUBI\Dane aplikacji\Avira
C:\Documents and Settings\Hubert Ziom.HUBI\Dane aplikacji\Avira\Avira Premium Security Suite\MCACHE\[u]0[/u]JJAQTX93HA3T2KQ9MOIOQSWR0Q3
C:\Documents and Settings\Hubert Ziom.HUBI\Dane aplikacji\Avira\Avira Premium Security Suite\MCACHE\[u]0[/u]K6820VQGBDIFIFBJV5A
C:\Documents and Settings\Hubert Ziom.HUBI\Dane aplikacji\Avira\Avira Premium Security Suite\MCACHE\102XA3N38BI38RMH7R0
C:\Documents and Settings\Hubert Ziom.HUBI\Dane aplikacji\Avira\Avira Premium Security Suite\MCACHE\16YKFZ9JI3H6CY4HVBYGBG
C:\Documents and Settings\Hubert Ziom.HUBI\Dane aplikacji\Avira\Avira Premium Security Suite\MCACHE\1IB2ZR6BBVIYK9XIEKIEGB6Q83SE4
C:\Documents and Settings\Hubert Ziom.HUBI\Dane aplikacji\Avira\Avira Premium Security Suite\MCACHE\1KLQENDYQ6WU8ERGJSDOOU3JNCPH
C:\Documents and Settings\Hubert Ziom.HUBI\Dane aplikacji\Avira\Avira Premium Security Suite\MCACHE\5L9C56ETKG4AOFP4V15IV9XKCBQW
C:\Documents and Settings\Hubert Ziom.HUBI\Dane aplikacji\Avira\Avira Premium Security Suite\MCACHE\6E1MP6D3X4FY8WOZW0E2HQINQ
C:\Documents and Settings\Hubert Ziom.HUBI\Dane aplikacji\Avira\Avira Premium Security Suite\MCACHE\7B4OD7FMT9SEAQN18CBBSL7D
C:\Documents and Settings\Hubert Ziom.HUBI\Dane aplikacji\Avira\Avira Premium Security Suite\MCACHE\7Z5PEUZYBSU5SMQ1NWZ
C:\Documents and Settings\Hubert Ziom.HUBI\Dane aplikacji\Avira\Avira Premium Security Suite\MCACHE\A0GRQUHK9GQL70NX6W676
C:\Documents and Settings\Hubert Ziom.HUBI\Dane aplikacji\Avira\Avira Premium Security Suite\MCACHE\BYURS1GF782QZEPWAHHE0YRDLQPL4
C:\Documents and Settings\Hubert Ziom.HUBI\Dane aplikacji\Avira\Avira Premium Security Suite\MCACHE\D2BTIAX41S3OZ986G2D7
C:\Documents and Settings\Hubert Ziom.HUBI\Dane aplikacji\Avira\Avira Premium Security Suite\MCACHE\F6GA62CKOJKBXRCZ553E304ZIBLY
C:\Documents and Settings\Hubert Ziom.HUBI\Dane aplikacji\Avira\Avira Premium Security Suite\MCACHE\FBQWBGAHJ6EONCSX
C:\Documents and Settings\Hubert Ziom.HUBI\Dane aplikacji\Avira\Avira Premium Security Suite\MCACHE\G4WD09OD9IJ3ADKP75TAAR6U6V
C:\Documents and Settings\Hubert Ziom.HUBI\Dane aplikacji\Avira\Avira Premium Security Suite\MCACHE\GVKAGI1FWWLNQ6HROU8SC3HEGHXN
C:\Documents and Settings\Hubert Ziom.HUBI\Dane aplikacji\Avira\Avira Premium Security Suite\MCACHE\IX347C7CF4U7BACAD6OXDIN6F
C:\Documents and Settings\Hubert Ziom.HUBI\Dane aplikacji\Avira\Avira Premium Security Suite\MCACHE\K3V005TPW1F9FBK
C:\Documents and Settings\Hubert Ziom.HUBI\Dane aplikacji\Avira\Avira Premium Security Suite\MCACHE\MCPM1QJEQ72QK60365FVFQ
C:\Documents and Settings\Hubert Ziom.HUBI\Dane aplikacji\Avira\Avira Premium Security Suite\MCACHE\MRD1GPPAJZ6IAOQKTYF
C:\Documents and Settings\Hubert Ziom.HUBI\Dane aplikacji\Avira\Avira Premium Security Suite\MCACHE\NR76YOUIBYRKJZBVD2I8
C:\Documents and Settings\Hubert Ziom.HUBI\Dane aplikacji\Avira\Avira Premium Security Suite\MCACHE\Q1TH4MEGX3WZQHXXVAJ8HA
C:\Documents and Settings\Hubert Ziom.HUBI\Dane aplikacji\Avira\Avira Premium Security Suite\MCACHE\T0DM2H8BP84RCFTGGDCW
C:\Documents and Settings\Hubert Ziom.HUBI\Dane aplikacji\Avira\Avira Premium Security Suite\MCACHE\T4EKDSQDNKWR8CR1J
C:\Documents and Settings\Hubert Ziom.HUBI\Dane aplikacji\Avira\Avira Premium Security Suite\MCACHE\U3WMKRIL6W07ZWMSW7MCDTQYR
C:\Documents and Settings\Hubert Ziom.HUBI\Dane aplikacji\Avira\Avira Premium Security Suite\MCACHE\V48VR0I3DVJQT0EMM4BR
C:\Documents and Settings\Hubert Ziom.HUBI\Dane aplikacji\Avira\Avira Premium Security Suite\MCACHE\W5Y11WYTZ4XW4Q7PU
C:\Documents and Settings\Hubert Ziom.HUBI\Dane aplikacji\Avira\Avira Premium Security Suite\MCACHE\Z0CKI1S3LLWD4387
C:\Documents and Settings\Hubert Ziom.HUBI\Dane aplikacji\Avira\Avira Premium Security Suite\MCACHE\ZSPNT03PS91BSF7QZ9AZI6KY5W
C:\Documents and Settings\Hubert Ziom.HUBI\Dane aplikacji\Avira\Avira Premium Security Suite\MCACHEDB\avmgcch.db
C:\Documents and Settings\Hubert Ziom.HUBI\Dane aplikacji\Avira\Avira Premium Security Suite\MCACHEDB\user_words.db
.
((((((((((((((((((((((((( Files Created from 2008-06-27 to 2008-07-27 )))))))))))))))))))))))))))))))
.
2008-07-27 12:40 . 2008-07-27 12:40 <DIR> d-------- C:\Program Files\VS Revo Group
2008-07-27 12:38 . 2008-07-27 12:38 <DIR> d-------- C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\Ashampoo
2008-07-27 10:53 . 2008-07-27 11:34 <DIR> d-------- C:\!KillBox
2008-07-27 09:36 . 2008-07-27 12:59 <DIR> d-------- C:\Program Files\STEAM
2008-07-27 00:26 . 2008-07-27 00:26 <DIR> d-------- C:\Program Files\Alwil Software
2008-07-25 20:38 . 2008-07-25 20:38 <DIR> d-------- C:\Documents and Settings\Hubert Ziom.HUBI\Dane aplikacji\Megaupload
2008-07-25 20:37 . 2008-07-25 20:37 <DIR> d-------- C:\Program Files\MegauploadToolbar
2008-07-25 20:37 . 2008-07-25 20:37 <DIR> d-------- C:\Program Files\Megaupload
2008-07-25 20:37 . 2008-07-25 20:37 <DIR> d-------- C:\Documents and Settings\Hubert Ziom.HUBI\Dane aplikacji\MegauploadToolbar
2008-07-11 15:02 . 2008-07-24 16:44 <DIR> d-------- C:\Program Files\GameShadow
2008-07-10 15:54 . 2008-07-27 11:15 <DIR> d-------- C:\Documents and Settings\Hubert Ziom.HUBI\Dane aplikacji\Any Video Converter
2008-07-10 15:48 . 2008-07-10 15:48 <DIR> d-------- C:\Program Files\Easy RealMedia Tools
2008-07-10 15:37 . 2008-07-10 15:37 <DIR> d-------- C:\Documents and Settings\Hubert Ziom.HUBI\Dane aplikacji\Ahead
2008-07-10 00:39 . 2008-07-10 00:39 <DIR> d-------- C:\Documents and Settings\Hubert Ziom.HUBI\Dane aplikacji\BESTplayer
2008-07-09 23:55 . 2008-07-09 23:58 <DIR> d-------- C:\Program Files\SecondLife
2008-07-09 23:17 . 2006-08-16 13:59 100,352 -----c--- C:\WINDOWS\system32\dllcache\6to4svc.dll
2008-07-06 11:32 . 2008-07-06 11:32 0 --ah----- C:\WINDOWS\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
2008-07-06 11:32 . 2008-07-06 11:32 0 --ah----- C:\WINDOWS\system32\drivers\Msft_Kernel_ggsemc_01005.Wdf
2008-07-06 01:49 . 2008-07-06 01:49 1,419,232 --a------ C:\WINDOWS\system32\wdfcoinstaller01005.dll
2008-07-06 01:49 . 2008-07-06 01:49 13,352 --a------ C:\WINDOWS\system32\drivers\ggflt.sys
2008-07-06 01:46 . 2008-07-06 01:46 0 --a------ C:\WINDOWS\mngui.INI
2008-07-06 00:35 . 2006-11-30 15:11 90,800 -ra------ C:\WINDOWS\system32\drivers\se46unic.sys
2008-07-06 00:35 . 2006-11-30 15:11 88,624 -ra------ C:\WINDOWS\system32\drivers\se46mgmt.sys
2008-07-06 00:35 . 2006-11-30 15:11 18,704 -ra------ C:\WINDOWS\system32\drivers\se46nd5.sys
2008-07-06 00:35 . 2006-11-30 15:11 4,128 -ra------ C:\WINDOWS\system32\drivers\se46cr.sys
2008-07-06 00:34 . 2006-11-30 15:11 97,088 -ra------ C:\WINDOWS\system32\drivers\se46mdm.sys
2008-07-06 00:34 . 2006-11-30 15:11 86,432 -ra------ C:\WINDOWS\system32\drivers\se46obex.sys
2008-07-06 00:34 . 2006-11-30 15:11 61,536 -ra------ C:\WINDOWS\system32\drivers\se46bus.sys
2008-07-06 00:34 . 2006-11-30 15:11 9,360 -ra------ C:\WINDOWS\system32\drivers\se46mdfl.sys
2008-07-06 00:34 . 2006-11-30 15:11 6,240 -ra------ C:\WINDOWS\system32\drivers\se46cmnt.sys
2008-07-06 00:34 . 2006-11-30 15:11 6,240 -ra------ C:\WINDOWS\system32\drivers\se46cm.sys
2008-07-06 00:34 . 2006-11-30 15:11 5,872 -ra------ C:\WINDOWS\system32\drivers\se46whnt.sys
2008-07-06 00:34 . 2006-11-30 15:11 5,872 -ra------ C:\WINDOWS\system32\drivers\se46wh.sys
2008-07-05 22:25 . 2008-07-05 22:25 <DIR> d-------- C:\Program Files\MyPhoneExplorer
2008-07-05 22:25 . 2008-07-05 22:29 <DIR> d-------- C:\Documents and Settings\Hubert Ziom.HUBI\Dane aplikacji\MyPhoneExplorer
2008-07-05 20:25 . 2008-07-05 21:48 <DIR> d-------- C:\Documents and Settings\Hubert Ziom.HUBI\Dane aplikacji\Teleca
2008-07-05 20:17 . 2008-07-05 20:17 <DIR> d-------- C:\Documents and Settings\Hubert Ziom.HUBI\Dane aplikacji\Sony Ericsson
2008-07-05 20:14 . 2008-07-06 01:48 <DIR> d-------- C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\Sony Ericsson
2008-07-05 20:13 . 2008-07-05 20:13 <DIR> d-------- C:\Program Files\Common Files\Sony Ericsson Shared
2008-07-05 20:12 . 2008-07-05 20:12 <DIR> d-------- C:\Program Files\Sony Ericsson
2008-07-05 20:12 . 2008-07-05 20:14 <DIR> d-------- C:\Program Files\Common Files\Teleca Shared
2008-07-05 20:12 . 2008-07-05 20:14 <DIR> d-------- C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\Teleca
2008-07-05 20:07 . 2004-08-03 23:08 31,616 --a------ C:\WINDOWS\system32\drivers\usbccgp.sys
2008-07-05 20:07 . 2004-08-03 23:08 31,616 --a--c--- C:\WINDOWS\system32\dllcache\usbccgp.sys
2008-07-05 18:22 . 2004-08-04 00:38 14,848 --a------ C:\WINDOWS\system32\drivers\kbdhid.sys
2008-07-05 18:22 . 2004-08-04 00:38 14,848 --a--c--- C:\WINDOWS\system32\dllcache\kbdhid.sys
2008-07-05 18:21 . 2004-08-04 00:35 25,728 --a------ C:\WINDOWS\system32\drivers\hidbth.sys
2008-07-05 18:21 . 2004-08-04 00:35 25,728 --a--c--- C:\WINDOWS\system32\dllcache\hidbth.sys
2008-07-03 23:45 . 2008-07-03 23:45 <DIR> d-------- C:\Program Files\OpenAL
2008-07-03 23:45 . 2008-07-27 12:44 <DIR> d-------- C:\Program Files\Eidos
2008-07-03 23:45 . 2008-07-03 23:45 115,432 --a------ C:\WINDOWS\system32\OpenAL32.dll
2008-07-03 21:16 . 2008-07-04 14:39 <DIR> d-------- C:\Program Files\Snikers
2008-07-03 21:07 . 2008-07-06 22:32 <DIR> d-------- C:\Program Files\IDoser v4
2008-07-02 21:44 . 2008-07-13 14:50 <DIR> d-------- C:\Program Files\Warsow
2008-07-02 21:44 . 2008-07-02 21:44 <DIR> d-------- C:\Documents and Settings\Hubert Ziom.HUBI\Dane aplikacji\Warsow
2008-07-02 20:05 . 2008-07-23 18:29 <DIR> dr------- C:\Sakson's save 100%
2008-07-02 17:52 . 2008-07-02 17:52 <DIR> d-------- C:\Program Files\RocketDock
2008-07-01 17:07 . 2008-07-01 17:07 <DIR> d-------- C:\Program Files\NovaTech Network
2008-06-29 23:40 . 2008-05-08 14:28 202,752 -----c--- C:\WINDOWS\system32\dllcache\rmcast.sys
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-07-27 11:46 262,144 ----a-w C:\Documents and Settings\NetworkService.ZARZąDZANIE NT\NTUSER.DAT
2008-07-27 11:46 262,144 ----a-w C:\Documents and Settings\NetworkService.ZARZąDZANIE NT\NTUSER.DAT
2008-07-27 11:46 253,952 ----a-w C:\Documents and Settings\LocalService.ZARZąDZANIE NT\NTUSER.DAT
2008-07-27 11:46 253,952 ----a-w C:\Documents and Settings\LocalService.ZARZąDZANIE NT\NTUSER.DAT
2008-07-27 11:45 --------- d-----w C:\Documents and Settings\Hubert Ziom.HUBI\Dane aplikacji\DNA
2008-07-27 10:09 22,328 ----a-w C:\WINDOWS\system32\drivers\PnkBstrK.sys
2008-07-27 09:15 --------- d-----w C:\Program Files\Thoosje Sidebar V2.3
2008-07-27 09:15 --------- d-----w C:\Program Files\Teamspeak2_RC2
2008-07-27 09:15 --------- d-----w C:\Program Files\PowerISO
2008-07-27 09:15 --------- d-----w C:\Documents and Settings\Hubert Ziom.HUBI\Dane aplikacji\fretsonfire
2008-07-26 21:52 --------- d-----w C:\Program Files\Common Files\LightScribe
2008-07-26 21:51 --------- d-----w C:\Program Files\Common Files\InstallShield
2008-07-26 21:51 --------- d-----w C:\Program Files\Common Files\aol
2008-07-26 21:50 --------- d-----w C:\Program Files\Ahead
2008-07-26 21:50 --------- d-----w C:\Program Files\AC3Filter
2008-07-26 21:50 --------- d-----w C:\Program Files\7-Zip
2008-07-26 09:10 --------- d-----w C:\Program Files\Mozilla Thunderbird
2008-07-25 18:37 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-07-25 10:33 --------- d-----w C:\Program Files\FlashGet
2008-07-23 16:43 --------- d-----w C:\Documents and Settings\Hubert Ziom.HUBI\Dane aplikacji\teamspeak2
2008-07-23 16:29 --------- d-----w C:\Program Files\Odkurzacz
2008-07-23 16:29 --------- d-----w C:\Documents and Settings\Mama.HAPY2\Dane aplikacji\skypePM
2008-07-10 13:15 --------- d-----w C:\Documents and Settings\Hubert Ziom.HUBI\Dane aplikacji\Skype
2008-07-10 12:08 --------- d-----w C:\Documents and Settings\Hubert Ziom.HUBI\Dane aplikacji\skypePM
2008-07-09 21:58 --------- d-----w C:\Documents and Settings\Hubert Ziom.HUBI\Dane aplikacji\SecondLife
2008-07-09 09:26 --------- d-----w C:\Program Files\Ubisoft
2008-07-06 14:37 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\TrackMania
2008-07-05 23:49 21,672 ----a-w C:\WINDOWS\system32\drivers\ggsemc.sys
2008-07-01 21:27 --------- d-----w C:\Program Files\HyCam2
2008-06-29 21:22 --------- d-----w C:\Program Files\SUPERAntiSpyware
2008-06-29 21:03 --------- d-----w C:\Program Files\DynDNS Updater
2008-06-29 16:35 --------- d-----w C:\Program Files\ESET
2008-06-26 22:00 71,592 ----a-w C:\WINDOWS\system32\drivers\avfwot.sys
2008-06-26 22:00 71,464 ----a-w C:\WINDOWS\system32\drivers\avfwim.sys
2008-06-26 16:15 --------- d-----w C:\Program Files\SpeedFan
2008-06-26 16:15 --------- d-----w C:\Program Files\QuickTime
2008-06-26 16:15 --------- d-----w C:\Program Files\Moleskinsoft Clone Remover 2.9
2008-06-26 16:15 --------- d-----w C:\Program Files\Hide IP Platinum
2008-06-26 14:18 --------- d-----w C:\Program Files\Driver Cleaner
2008-06-25 23:44 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\AOL
2008-06-25 23:38 --------- d-----w C:\Documents and Settings\Hubert Ziom.HUBI\Dane aplikacji\AOL
2008-06-25 23:37 --------- d-----w C:\Program Files\Viewpoint
2008-06-25 23:37 --------- d-----w C:\Program Files\Common Files\Nullsoft
2008-06-25 23:37 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\Viewpoint
2008-06-25 23:32 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\AOL Downloads
2008-06-20 10:45 360,320 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys
2008-06-20 10:44 138,368 ----a-w C:\WINDOWS\system32\drivers\afd.sys
2008-06-20 09:52 225,920 ----a-w C:\WINDOWS\system32\drivers\tcpip6.sys
2008-06-17 16:19 --------- d-----w C:\Documents and Settings\Hubert Ziom.HUBI\Dane aplikacji\Creative
2008-06-17 15:43 --------- d-----w C:\Program Files\Creative
2008-06-17 15:42 --------- d--h--w C:\Program Files\Creative Installation Information
2008-06-17 15:42 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\Creative
2008-06-17 06:11 --------- d-----w C:\Program Files\Satellite TV for PC
2008-06-16 21:40 --------- d-----w C:\Program Files\TVUPlayer
2008-06-16 21:40 --------- d-----w C:\Documents and Settings\Hubert Ziom.HUBI\Dane aplikacji\TVU Networks
2008-06-16 21:17 --------- d-----w C:\Program Files\Real
2008-06-16 21:17 --------- d-----w C:\Program Files\Common Files\xing shared
2008-06-16 21:17 --------- d-----w C:\Program Files\Common Files\Real
2008-06-16 21:09 --------- d-----w C:\Program Files\TVAnts
2008-06-16 20:53 --------- d-----w C:\Program Files\Spyware Doctor
2008-06-16 20:53 --------- d-----w C:\Program Files\PC Tools Firewall Plus
2008-06-14 18:01 273,024 ----a-w C:\WINDOWS\system32\drivers\bthport.sys
2008-06-11 17:04 22,328 ----a-w C:\Documents and Settings\Hubert Ziom.HUBI\Dane aplikacji\PnkBstrK.sys
2008-06-06 10:09 --------- d-----w C:\Program Files\SystemRequirementsLab
2008-06-06 07:48 --------- d-----w C:\Documents and Settings\Hubert Ziom.HUBI\Dane aplikacji\Apple Computer
2008-06-06 07:43 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\Apple Computer
2008-05-30 22:53 --------- d-----w C:\Documents and Settings\Mama.HAPY2\Dane aplikacji\Skype
2008-05-29 20:59 --------- d-----w C:\Program Files\Stardock
2008-05-29 19:02 --------- d-----w C:\Program Files\MTA San Andreas
2008-05-29 10:33 27,672 ----a-r C:\WINDOWS\system32\drivers\Entech.sys
2008-05-27 18:38 --------- d-----w C:\Program Files\WapSter
2008-05-27 13:44 --------- d-----w C:\Program Files\Fraps
2008-05-01 14:37 46,936 ----a-w C:\Documents and Settings\Hubert Ziom.HUBI\Dane aplikacji\GDIPFONTCACHEV1.DAT
2008-03-30 21:24 81,920 ----a-w C:\Documents and Settings\Hubert Ziom.HUBI\Dane aplikacji\ezpinst.exe
2008-03-30 21:24 47,360 ----a-w C:\Documents and Settings\Hubert Ziom.HUBI\Dane aplikacji\pcouffin.sys
2008-03-22 10:25 1 ----a-w C:\Documents and Settings\Hubert Ziom.HUBI\SI.bin
2008-02-24 20:46 32 ----a-w C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\ezsid.dat
2006-02-24 17:22 17,144 ----a-w C:\Documents and Settings\Mama.HAPY2\Dane aplikacji\GDIPFONTCACHEV1.DAT
2001-11-23 04:08 712,704 ----a-w C:\WINDOWS\inf\OTHER\AUDIO3D.DLL
.
------- Sigcheck -------
2007-06-13 15:23 976896 e74ef52c79f3347a0b105b0b92bfed38 C:\WINDOWS\explorer.exe
2007-06-13 15:12 1034752 8db0650b211425b9cdb7d1c4a8f6b482 C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
2004-08-04 00:44 975872 196c130d31317fe53de984220b5e13b9 C:\WINDOWS\$NtUninstallKB938828$\explorer.exe
2007-06-13 15:23 976896 e74ef52c79f3347a0b105b0b92bfed38 C:\WINDOWS\system32\dllcache\explorer.exe
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"UberIcon"="C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe" [2006-05-21 09:43 180224]
"AQQ"="C:\PROGRA~1\WapSter\WAPSTE~1\AQQ.exe" [2008-07-10 11:11 1597936]
"BitTorrent DNA"="C:\Program Files\DNA\btdna.exe" [2008-05-08 08:13 289088]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 00:44 15360]
"SpeedX"="C:\PROGRA~1\MyPortal\Speed-X\SpeedX.exe" [2006-06-27 14:11 46718]
"DAEMON Tools Lite"="C:\Program Files\DAEMON Tools Lite\daemon.exe" [2008-04-01 11:39 486856]
"CTSyncU.exe"="C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe" [2007-07-17 11:03 868352]
"Odkurzacz-MCD"="C:\Program Files\Odkurzacz\odk_mcd.exe" [2008-03-03 14:44 266240]
"Steam"="C:\Program Files\STEAM\Steam.exe" [2008-07-27 09:37 1271032]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PCSuiteTrayApplication"="C:\PROGRA~1\Nokia\NOKIAP~1\TRAYAP~1.EXE" [2004-08-17 17:04 148992]
"LVCOMSX"="C:\WINDOWS\system32\LVCOMSX.EXE" [2004-10-08 12:52 221184]
"LogitechVideoRepair"="C:\Program Files\Logitech\Video\ISStart.exe" [2004-10-08 13:31 458752]
"lxczbmgr.exe"="C:\Program Files\Lexmark 1200 Series\lxczbmgr.exe" [2007-02-09 00:55 74672]
"FaxCenterServer"="C:\Program Files\Lexmark Fax Solutions\fm3032.exe" [2007-02-09 00:56 295856]
"ISUSPM Startup"="C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe" [2006-05-16 12:58 213936]
"Gainward"="C:\Program Files\VDOTool\TBPanel.exe" [2007-10-02 13:19 2165272]
"ISUSPM"="C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" [2006-05-16 12:58 213936]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-12-05 02:41 8523776]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2007-12-05 02:41 81920]
"DrvIcon"="C:\Program Files\Vista Drive Icon\DrvIcon.exe" [2008-04-13 14:39 49152]
"PWRISOVM.EXE"="C:\Program Files\PowerISO\PWRISOVM.EXE" [2007-04-09 14:23 200704]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-06-29 06:24 286720]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2008-06-16 23:17 185896]
"Sony Ericsson PC Suite"="C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" [2006-11-24 01:06 487424]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2004-08-04 00:44 110592 C:\WINDOWS\system32\bthprops.cpl]
"RTHDCPL"="RTHDCPL.EXE" [2007-10-12 10:33 16384512 C:\WINDOWS\RTHDCPL.exe]
C:\Documents and Settings\Mama.HAPY2\Menu Start\Programy\Autostart\
Last.fm Helper.lnk - C:\Program Files\Last.fm\LastFMHelper.exe [2007-09-16 16:12:25 106496]
C:\Documents and Settings\Hubert Ziom.HUBI\Menu Start\Programy\Autostart\
TransBar.lnk - C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe [2005-06-01 21:41:18 65536]
UberIcon.lnk - C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe [2006-05-21 09:43:08 180224]
Y'z Shadow.lnk - C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe [2006-05-21 09:43:14 155648]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"SynchronousMachineGroupPolicy"= 1 (0x1)
"SynchronousUserGroupPolicy"= 1 (0x1)
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoStrCmpLogical"= 0 (0x0)
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"DisableRegistryTools"= 1 (0x1)
"NoSMBalloonTip"= 0 (0x0)
"MemCheckBoxInRunDlg"= 0 (0x0)
"NoAutoTrayNotify"= 0 (0x0)
"NoResolveTrack"= 0 (0x0)
"NoResolveSearch"= 0 (0x0)
"NoWelcomeScreen"= 0 (0x0)
"NoRecentDocsNetHood"= 0 (0x0)
"ForceClassicControlPanel"= 0 (0x0)
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "C:\Program Files\SUPERAntiSpyware\SASSEH.DLL" [2006-12-20 13:55 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2007-04-19 13:41 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"vidc.yv12"= yv12vfw.dll
"VIDC.HFYU"= huffyuv.dll
[HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Menu Start^Programy^Autostart^PalTalk.lnk]
backup=C:\WINDOWS\pss\PalTalk.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^Hubert Ziom.HUBI^Menu Start^Programy^Autostart^Last.fm Helper.lnk]
backup=C:\WINDOWS\pss\Last.fm Helper.lnkStartup
[HKLM\~\startupfolder\C:^Documents and Settings^Hubert Ziom.HUBI^Menu Start^Programy^Autostart^RocketDock.lnk]
backup=C:\WINDOWS\pss\RocketDock.lnkStartup
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AOL Fast Start
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Make A Voozie
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
--a------ 2008-04-01 11:39 486856 C:\Program Files\DAEMON Tools Lite\daemon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
--a------ 2001-07-09 12:50 155648 C:\WINDOWS\system32\NeroCheck.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
--a------ 2007-12-05 02:41 1626112 C:\WINDOWS\system32\nwiz.exe
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"C:\\Program Files\\Gadu-Gadu\\gg.exe"=
"C:\\Program Files\\FlashGet\\flashget.exe"=
"C:\\Program Files\\Metin2_UK\\metin2.bin"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"C:\\Program Files\\WapSter\\AQQ\\AQQ.exe"=
"C:\\PROGRA~1\\WapSter\\AQQ\\AQQ.exe"=
"C:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"C:\\WINDOWS\\system32\\dpvsetup.exe"=
"C:\\Program Files\\Last.fm\\LastFM.exe"=
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"C:\\Program Files\\MSN Messenger\\livecall.exe"=
"C:\\WINDOWS\\system32\\lxczcoms.exe"=
"C:\\Program Files\\uTorrent\\uTorrent.exe"=
"C:\\totalcmd\\TOTALCMD.EXE"=
"C:\\Program Files\\Tlen.pl\\tlen.exe"=
"C:\\Program Files\\Xfire\\Xfire.exe"=
"C:\\Program Files\\Intuwave\\Shared\\mRouterRuntime\\mRouterRuntime.exe"=
"C:\\Program Files\\SHOUTcast\\sc_serv.exe"=
"C:\\Program Files\\Teamspeak2_RC2\\server_windows.exe"=
"C:\\Documents and Settings\\All Users.WINDOWS\\Dane aplikacji\\Skype\\Plugins\\Plugins\\289650C9E52C40FE91D947C6D0EB72DA\\rcviewer.exe"=
"C:\\Documents and Settings\\All Users.WINDOWS\\Dane aplikacji\\Skype\\Plugins\\Plugins\\289650C9E52C40FE91D947C6D0EB72DA\\remotex.exe"=
"C:\\Program Files\\DNA\\btdna.exe"=
"C:\\WINDOWS\\system32\\PnkBstrA.exe"=
"C:\\WINDOWS\\system32\\PnkBstrB.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\Common Files\\aol\\acs\\AOLacsd.exe"=
"C:\\Program Files\\WapSter\\WapSter AQQ\\AQQ.exe"=
"C:\\Program Files\\Skype\\Phone\\Skype.exe"=
"C:\\Program Files\\STEAM\\Steam.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"8461:TCP"= 8461:TCP:GoD High Port
"8462:TCP"= 8462:TCP:GoD Low Port
R1 avfwot;avfwot;C:\WINDOWS\system32\DRIVERS\avfwot.sys [2008-06-27 00:00]
R1 VRVD302;VRVD302;C:\WINDOWS\system32\DRIVERS\VRVD302.sys [2008-02-24 21:07]
R2 lxcz_device;lxcz_device;C:\WINDOWS\system32\lxczcoms.exe [2007-02-09 00:50]
R3 avfwim;AvFw Packet Filter Miniport;C:\WINDOWS\system32\DRIVERS\avfwim.sys [2008-06-27 00:00]
R3 dfmirage;dfmirage;C:\WINDOWS\system32\DRIVERS\dfmirage.sys [2005-11-25 18:43]
R3 EuMusDesignVirtualAudioCableWdm_sdh;Sandhills Audio Cable;C:\WINDOWS\system32\DRIVERS\vacsdhkd.sys [2008-02-24 22:40]
R3 USBSTOR;Sterownik magazynu masowego USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-04 00:08]
S2 AntiVirFirewallService;Avira Premium Security Suite Firewall;C:\Program Files\Avira\Avira Premium Security Suite\avfwsvc.exe []
S2 AntiVirMailService;Avira Premium Security Suite MailGuard;C:\Program Files\Avira\Avira Premium Security Suite\avmailc.exe []
S2 antivirwebservice;Avira Premium Security Suite WebGuard;C:\Program Files\Avira\Avira Premium Security Suite\AVWEBGRD.EXE []
S2 AVEService;Avira Premium Security Suite MailGuard helper service;C:\Program Files\Avira\Avira Premium Security Suite\avesvc.exe []
S3 AvFlt;Antivirus Filter Driver;C:\WINDOWS\system32\drivers\av5flt.sys []
S3 ggflt;SEMC USB Flash Driver Filter;C:\WINDOWS\system32\DRIVERS\ggflt.sys [2008-07-06 01:49]
S3 hamachi_oem;PlayLinc Adapter;C:\WINDOWS\system32\DRIVERS\gan_adapter.sys [2006-08-29 00:54]
S3 se46bus;Sony Ericsson Device 070 driver (WDM);C:\WINDOWS\system32\DRIVERS\se46bus.sys [2006-11-30 15:11]
S3 se46mdfl;Sony Ericsson Device 070 USB WMC Modem Filter;C:\WINDOWS\system32\DRIVERS\se46mdfl.sys [2006-11-30 15:11]
S3 se46mdm;Sony Ericsson Device 070 USB WMC Modem Driver;C:\WINDOWS\system32\DRIVERS\se46mdm.sys [2006-11-30 15:11]
S3 se46mgmt;Sony Ericsson Device 070 USB WMC Device Management Drivers (WDM);C:\WINDOWS\system32\DRIVERS\se46mgmt.sys [2006-11-30 15:11]
S3 se46nd5;Sony Ericsson Device 070 USB Ethernet Emulation SEMC46 (NDIS);C:\WINDOWS\system32\DRIVERS\se46nd5.sys [2006-11-30 15:11]
S3 se46obex;Sony Ericsson Device 070 USB WMC OBEX Interface;C:\WINDOWS\system32\DRIVERS\se46obex.sys [2006-11-30 15:11]
S3 se46unic;Sony Ericsson Device 070 USB Ethernet Emulation SEMC46 (WDM);C:\WINDOWS\system32\DRIVERS\se46unic.sys [2006-11-30 15:11]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service;C:\WINDOWS\System32\TuneUpDefragService.exe [2008-05-26 22:17]
S3 usbscan;Sterownik skanera USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 22:58]
S4 Boonty Games;Boonty Games;C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe []
.
- - - - ORPHANS REMOVED - - - -
HKCU-Run-UIWatcher - C:\Program Files\Ashampoo\Ashampoo UnInstaller 3\UIWatcher.exe
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-07-27 13:47:29
Windows 5.1.2600 Dodatek Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\mchInjDrv]
"ImagePath"="\??\C:\WINDOWS\TEMP\mc22.tmp"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
PROCESS: C:\WINDOWS\system32\lsass.exe
-> C:\WINDOWS\system32\xfire_lsp_9028.dll
PROCESS: C:\WINDOWS\explorer.exe
-> C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon.dll
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\Program Files\Common Files\aol\acs\AOLacsd.exe
C:\WINDOWS\system32\CTSVCCDA.EXE
C:\Program Files\Executive Software\DiskeeperLite\DKService.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\Spyware Doctor\sdhelp.exe
C:\WINDOWS\system32\UAService7.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Lexmark 1200 Series\LXCZbmon.exe
C:\WINDOWS\system32\rundll32.exe
.
**************************************************************************
.
Completion time: 2008-07-27 13:56:15 - machine was rebooted
ComboFix-quarantined-files.txt 2008-07-27 11:56:11
ComboFix2.txt 2008-07-27 08:33:09
Pre-Run: 24,273,317,888 bajtów wolnych
Post-Run: 24,282,279,936 bajt˘w wolnych
434 --- E O F --- 2008-07-10 00:16:57
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:58:15, on 2008-07-27
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\Executive Software\DiskeeperLite\DKService.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\lxczcoms.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\Spyware Doctor\sdhelp.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\UAService7.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Lexmark 1200 Series\lxczbmgr.exe
C:\Program Files\VDOTool\TBPanel.exe
C:\Program Files\Lexmark 1200 Series\lxczbmon.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Vista Drive Icon\DrvIcon.exe
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
C:\PROGRA~1\WapSter\WAPSTE~1\AQQ.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\DNA\btdna.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\MyPortal\Speed-X\SpeedX.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe
C:\Program Files\STEAM\Steam.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.eu.microsoft.com/poland/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=61005
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=61005
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
R3 - URLSearchHook: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll
O2 - BHO: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~2\MEGAUP~1.DLL
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: MegaIEMn - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll
O3 - Toolbar: &Crawler Toolbar - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O3 - Toolbar: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~2\MEGAUP~1.DLL
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\TRAYAP~1.EXE
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [lxczbmgr.exe] "C:\Program Files\Lexmark 1200 Series\lxczbmgr.exe"
O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKLM\..\Run: [Gainward] C:\Program Files\VDOTool\TBPanel.exe /A
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -scheduler
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [DrvIcon] C:\Program Files\Vista Drive Icon\DrvIcon.exe
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKCU\..\Run: [UberIcon] "C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe"
O4 - HKCU\..\Run: [AQQ] C:\PROGRA~1\WapSter\WAPSTE~1\AQQ.exe
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpeedX] C:\PROGRA~1\MyPortal\Speed-X\SpeedX.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [CTSyncU.exe] "C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe"
O4 - HKCU\..\Run: [Odkurzacz-MCD] C:\Program Files\Odkurzacz\odk_mcd.exe
O4 - HKCU\..\Run: [Steam] "C:\Program Files\STEAM\Steam.exe" -silent
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA LOKALNA')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA SIECIOWA')
O4 - Startup: TransBar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe
O4 - Startup: UberIcon.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
O4 - Startup: Y'z Shadow.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Ściągnij przy pomocy FlashGet'a - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: &Ściągnij wszystko przy pomocy FlashGet'a - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: xfire_lsp_9028.dll
O10 - Unknown file in Winsock LSP: xfire_lsp_9028.dll
O15 - Trusted Zone: http://www.mks.com.pl
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {27527D31-447B-11D5-A46E-0001023B4289} (CoGSManager Class) - http://gamingzone.ubisoft.com/dev/packages/GSManager.cab
O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} (MksSkanerOnline Class) - http://www.mks.com.pl/skaner/SkanerOnline.cab
O16 - DPF: {69EF49E5-FE46-4B92-B5FA-2193AB7A6B8A} (GameLauncher Control) - http://www.acclaim.com/cabs/acclaim_v4.cab
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab
O16 - DPF: {D1E7CBDA-E60E-4970-A01C-37301EF7BF98} (Futuremark Measurement Services Client) - http://www.yougamers.com/systeminfo/MSC3.cab
O16 - DPF: {E7544C6C-CFD6-43EA-B4E9-360CEE20BDF7} (MainControl Class) - http://www.mks.com.pl/skaner/SkanerOnline.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/softwareupdate/su2/ocx/15035/CTPID.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Avira Premium Security Suite Firewall (AntiVirFirewallService) - Unknown owner - C:\Program Files\Avira\Avira Premium Security Suite\avfwsvc.exe (file missing)
O23 - Service: Avira Premium Security Suite MailGuard (AntiVirMailService) - Unknown owner - C:\Program Files\Avira\Avira Premium Security Suite\avmailc.exe (file missing)
O23 - Service: Avira Premium Security Suite Scheduler (AntiVirScheduler) - Unknown owner - C:\Program Files\Avira\Avira Premium Security Suite\sched.exe (file missing)
O23 - Service: Avira Premium Security Suite Guard (AntiVirService) - Unknown owner - C:\Program Files\Avira\Avira Premium Security Suite\avguard.exe (file missing)
O23 - Service: Avira Premium Security Suite WebGuard (antivirwebservice) - Unknown owner - C:\Program Files\Avira\Avira Premium Security Suite\AVWEBGRD.EXE (file missing)
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: Ares Chatroom server (AresChatServer) - Unknown owner - C:\Program Files\Ares\chatServer.exe (file missing)
O23 - Service: Avira Premium Security Suite MailGuard helper service (AVEService) - Unknown owner - C:\Program Files\Avira\Avira Premium Security Suite\avesvc.exe (file missing)
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: Diskeeper - Executive Software International, Inc. - C:\Program Files\Executive Software\DiskeeperLite\DKService.exe
O23 - Service: FLEXnet Licensing Service - Unknown owner - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Unknown owner - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: lxcz_device - - C:\WINDOWS\system32\lxczcoms.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools Research Pty Ltd - C:\Program Files\Spyware Doctor\sdhelp.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Sony DADC Austria AG. - C:\WINDOWS\system32\UAService7.exe
--
End of file - 13266 bytes
przez Okocza 27 Lip 2008, 14:07
przez Kenji 27 Lip 2008, 15:00
gry działają Całuję rączki 
Użytkownicy przeglądający to forum: Brak zarejestrowanych użytkowników oraz 2 gości