i na otwieranie stronek. Zaznaczam, że syfu nie mam !
Aktualizacje na programosy.pl:
Samsung Magician • Qimage • Maxthon Cloud Browser • Screencastify • Bandicam • Far Manager • Double Commander Portable • Double Commander • GoodSync
-
- Ogłoszenie:
gra obline my fantasy
27 posty(ów) • Strona 1 z 2 • 1, 2
Gra Obline My Fantasy
przez bartoex 08 Kwi 2007, 19:45
i na otwieranie stronek. Zaznaczam, że syfu nie mam ! - bartoex
- ~user
- Posty: 203
- Dołączenie: 09 Lut 2007, 18:31
- Miejscowość: Elbląg
przez fibi07 08 Kwi 2007, 19:50
masz jakieś programy p2p są włączone? jak tak to wyłącz. napisz jakie masz łącze. coś jeszcze masz odpalone jak w to grasz?
-
fibi07 - ~user
- Posty: 2008
- Dołączenie: 21 Maj 2006, 12:55
- Pochwały: 58
-
przez bartoex 08 Kwi 2007, 19:53
p2p nie wiem o co chodzi Mam Celerona D 3,2 ghz, Fortrona 400 W, 512 ram, Geforca 730 Le 256. Wszysatkie programy wylanczam nawet gg. I w zadne gry nie gram bo karta fraff na to nei pozwala. Neostrada 512 Łącze
Mam Celerona D 3,2 ghz, Fortrona 400 W, 512 ram, Geforca 730 Le 256. Wszysatkie programy wylanczam nawet gg. I w zadne gry nie gram bo karta fraff na to nei pozwala. Neostrada 512 Łącze- bartoex
- ~user
- Posty: 203
- Dołączenie: 09 Lut 2007, 18:31
- Miejscowość: Elbląg
-
przez fibi07 08 Kwi 2007, 19:54
masz router/livebox'a? dzielisz z kimś internet?
p2p - program do wymiany plików czyli ściągania plików czyt. piractwo.
Autor postu otrzymał pochwałę
p2p - program do wymiany plików czyli ściągania plików czyt. piractwo.
Autor postu otrzymał pochwałę
-
fibi07 - ~user
- Posty: 2008
- Dołączenie: 21 Maj 2006, 12:55
- Pochwały: 58
-
przez bartoex 08 Kwi 2007, 19:56
hmm. bo przeczyszczam programami spybot, awido, tune up, cc cleaner. Lacze modemowe z niki go nei dziele 
- bartoex
- ~user
- Posty: 203
- Dołączenie: 09 Lut 2007, 18:31
- Miejscowość: Elbląg
-
przez fibi07 08 Kwi 2007, 19:56
skad ta pewnosc??
w sumie racja.
daj logi z htj i sr czyt, tutaj:
http://forum.programosy.pl/hijackthis-amp-silent-runners-gtobsuga-i-umieszczanie-vt9452.html
i daj w komendach code!
-
fibi07 - ~user
- Posty: 2008
- Dołączenie: 21 Maj 2006, 12:55
- Pochwały: 58
-
przez bartoex 08 Kwi 2007, 19:59
- Kod: Zaznacz wszystko
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\ATKKBService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\oodag.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Spyware Doctor\sdhelp.exe
C:\PROGRA~1\NEOSTR~1\CnxMon.exe
C:\PROGRA~1\NEOSTR~1\TaskbarIcon.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\wscntfy.exe
C:\DOCUME~1\BartoeX\USTAWI~1\Temp\syntalk.exe
C:\Program Files\Neostrada TP\NeostradaTP.exe
C:\Program Files\Neostrada TP\ComComp.exe
C:\Program Files\Neostrada TP\Watch.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Gadu-Gadu\gg.exe
C:\Documents and Settings\BartoeX\Pulpit\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://search.imesh.com/sidebar.html?src=ssb
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.imesh.com/sidebar.html?src=ssb
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.imesh.com/sidebar.html?src=ssb
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.imesh.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Neostrada TP
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\NEOSTR~1\SearchPageURL.dll
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.3.19.dll
O2 - BHO: MEGAUPLOADTOOLBAR - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MegauploadToolbar\megauploadtoolbar.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: MEGAUPLOADTOOLBAR - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MegauploadToolbar\megauploadtoolbar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\NEOSTR~1\CnxMon.exe
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\NEOSTR~1\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\NEOSTR~1\TaskbarIcon.exe
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: Download all links using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: Download all videos using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: Download link using &BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://mks.com.pl
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {FDDBE2B8-6602-4AD8-946D-94C5A32FA6C2} (GameDesire Pool 9) - http://67.15.101.3/g_bin/pl/billard9_2_0_0_30.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{4CDBA188-5452-4365-B595-9AA917D436A8}: NameServer = 194.204.152.34 217.98.63.164
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\Skype4COM.dll
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe
O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools Research Pty Ltd - C:\Program Files\Spyware Doctor\sdhelp.exe
- bartoex
- ~user
- Posty: 203
- Dołączenie: 09 Lut 2007, 18:31
- Miejscowość: Elbląg
-
przez wojtas 08 Kwi 2007, 20:02
wklej naglowek do loga i wklej loga jeszcze z comboscana:
http://www.techsupportforum.com/sectools/Deckard/comboscan.exe
http://www.techsupportforum.com/sectools/Deckard/comboscan.exe
-
wojtas - *mod
- Posty: 18165
- Dołączenie: 13 Sty 2006, 16:00
- Miejscowość: Krzeszyce
- Pochwały: 1656
-
przez bartoex 08 Kwi 2007, 20:04
Logfile of HijackThis v1.99.1
Scan saved at 19:48:14, on 2007-04-08
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
To ten NAGŁÓWEK O KTÓREGO PROSIŁEŚ
[ Dodano: Dzisiaj o 19:07 ]
Combo SCAN
Scan saved at 19:48:14, on 2007-04-08
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
To ten NAGŁÓWEK O KTÓREGO PROSIŁEŚ
[ Dodano: Dzisiaj o 19:07 ]
Combo SCAN
- Kod: Zaznacz wszystko
ComboScan v20070306.20 run by BartoeX on 2007-04-08 at 19:54:11
Computer is in Normal Mode.
--------------------------------------------------------------------------------
-- System Restore --------------------------------------------------------------
Successfully created ComboScan Restore Point.
-- Last 5 Restore Point(s) --
24: 2007-04-08 17:54:20 UTC - RP89 - ComboScan Restore Point
23: 2007-04-06 00:36:17 UTC - RP88 - Installed O&O Defrag Professional Edition
22: 2007-04-05 23:47:59 UTC - RP87 - Installed Optimizer XP
21: 2007-04-05 23:29:09 UTC - RP86 - Zainstalowano Windows Installer KB893803v2.
20: 2007-04-05 23:25:42 UTC - RP85 - Installed Ad-Aware SE Personal
-- First Restore Point --
1: 2007-03-05 15:10:52 UTC - RP66 - Usunięte Sagem XG703 USB 802.11g
Performed disk cleanup.
-- HijackThis (run as BartoeX.exe) ---------------------------------------------
Logfile of HijackThis v1.99.1
Scan saved at 19:54:30, on 2007-04-08
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\ATKKBService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\oodag.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Spyware Doctor\sdhelp.exe
C:\PROGRA~1\NEOSTR~1\CnxMon.exe
C:\PROGRA~1\NEOSTR~1\TaskbarIcon.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\wscntfy.exe
C:\DOCUME~1\BartoeX\USTAWI~1\Temp\syntalk.exe
C:\Program Files\Neostrada TP\NeostradaTP.exe
C:\Program Files\Neostrada TP\ComComp.exe
C:\Program Files\Neostrada TP\Watch.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\BitComet\BitComet.exe
C:\Downloads\comboscan.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\DOCUME~1\BartoeX\Pulpit\BartoeX.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://search.imesh.com/sidebar.html?src=ssb
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.imesh.com/sidebar.html?src=ssb
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.imesh.com/sidebar.html?src=ssb
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.imesh.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Neostrada TP
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\NEOSTR~1\SearchPageURL.dll
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.3.19.dll
O2 - BHO: MEGAUPLOADTOOLBAR - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MegauploadToolbar\megauploadtoolbar.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: MEGAUPLOADTOOLBAR - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MegauploadToolbar\megauploadtoolbar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\NEOSTR~1\CnxMon.exe
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\NEOSTR~1\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\NEOSTR~1\TaskbarIcon.exe
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: Download all links using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: Download all videos using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: Download link using &BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://mks.com.pl
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {FDDBE2B8-6602-4AD8-946D-94C5A32FA6C2} (GameDesire Pool 9) - http://67.15.101.3/g_bin/pl/billard9_2_0_0_30.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{4CDBA188-5452-4365-B595-9AA917D436A8}: NameServer = 194.204.152.34 217.98.63.164
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\Skype4COM.dll
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe
O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools Research Pty Ltd - C:\Program Files\Spyware Doctor\sdhelp.exe
-- File Associations -----------------------------------------------------------
.bat - batfile - "%1" %*
.chm - chm.file - "C:\WINDOWS\hh.exe" %1
.cmd - cmdfile - "%1" %*
.com - comfile - "%1" %*
.exe - exefile - "%1" %*
.hlp - hlpfile - %SystemRoot%\System32\winhlp32.exe %1
.inf - inffile - %SystemRoot%\System32\NOTEPAD.EXE %1
.ini - inifile - %SystemRoot%\System32\NOTEPAD.EXE %1
.js - JSFile - %SystemRoot%\System32\WScript.exe "%1" %*
.lnk - lnkfile - {00021401-0000-0000-C000-000000000046}
.pif - piffile - "%1" %*
.reg - regfile - regedit.exe "%1"
.scr - scrfile - "%1" /S
.txt - txtfile - %SystemRoot%\system32\NOTEPAD.EXE %1
.vbs - VBSFile - %SystemRoot%\System32\WScript.exe "%1" %*
-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------
2S ADILOADER (General Purpose USB Driver (adildr.sys)) - C:\WINDOWS\system32\drivers\adildr.sys
3R adiusbaw (USB ADSL WAN Adapter) - C:\WINDOWS\system32\drivers\adiusbaw.sys
3R ALCXSENS (Service for WDM 3D Audio Driver) - C:\WINDOWS\system32\drivers\ALCXSENS.SYS
3R ALCXWDM (Service for Realtek AC97 Audio (WDM)) - C:\WINDOWS\system32\drivers\ALCXWDM.SYS
3R Arp1394 (Protokół klienta 1394 ARP) - C:\WINDOWS\system32\drivers\arp1394.sys
1R asuskbnt (Enhanced Display Driver Helper Service) - C:\WINDOWS\system32\drivers\atkkbnt.sys
1R AVG Anti-Spyware Driver - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.sys
1R AvgAsCln (AVG Anti-Spyware Clean Driver) - C:\WINDOWS\system32\drivers\AvgAsCln.sys
3S Bridge (Mostek MAC) - C:\WINDOWS\system32\drivers\bridge.sys
3S BridgeMP (Miniport mostka MAC) - C:\WINDOWS\system32\drivers\bridge.sys
2R CDRPDACC (Quinnware CDDA Driver (by InfinaDyne)) - C:\Program Files\Quintessential Player\cdrpdacc.sys
2R EIO - C:\WINDOWS\system32\drivers\EIO.sys
3S ENTECH - C:\WINDOWS\system32\drivers\Entech.sys
3R HidUsb (Sterownik Microsoft klasy HID) - C:\WINDOWS\system32\drivers\hidusb.sys
1R ikhfile (File Security Kernel Anti-Spyware Driver) - C:\WINDOWS\system32\drivers\ikhfile.sys
1R ikhlayer (Kernel Anti-Spyware Driver) - C:\WINDOWS\system32\drivers\ikhlayer.sys
1R intelppm (Sterownik procesora Intel) - C:\WINDOWS\system32\drivers\intelppm.sys
3R mouhid (Sterownik myszy HID) - C:\WINDOWS\system32\drivers\mouhid.sys
3R NIC1394 (Sterownik sieci 1394) - C:\WINDOWS\system32\drivers\nic1394.sys
3R nv - C:\WINDOWS\system32\drivers\nv4_mini.sys
0R ohci1394 (Kontroler hosta IEEE 1394 VIA zgodny z OHCI) - C:\WINDOWS\system32\drivers\ohci1394.sys
0R PxHelp20 - C:\WINDOWS\system32\drivers\PxHelp20.sys
3S ROOTMODEM (Microsoft Legacy Modem Driver) - C:\WINDOWS\system32\drivers\rootmdm.sys
3R SiSGbeXP (SiS191/SiS190 Ethernet Device NDIS 5.1 Driver) - C:\WINDOWS\system32\drivers\SiSGbeXP.sys
0R sptd - C:\WINDOWS\system32\drivers\sptd.sys
3R usbehci (Sterownik Miniport rozszerzonego kontrolera hosta USB 2.0 Microsoft) - C:\WINDOWS\system32\drivers\usbehci.sys
3R usbohci (Sterownik Miniport otwartego kontrolera hosta USB Microsoft) - C:\WINDOWS\system32\drivers\usbohci.sys
3S USBSTOR (Sterownik magazynu masowego USB) - C:\WINDOWS\system32\drivers\USBSTOR.SYS
3S USB_RNDIS (ADI Remote NDIS Network Device Driver) - C:\WINDOWS\system32\drivers\usb8023.sys
3S ZDPSp50 (ZDPSp50 NDIS Protocol Driver) - C:\WINDOWS\system32\Drivers\ZDPSp50.sys (not found)
-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------
2R ATKKeyboardService (ATK Keyboard Service) - C:\WINDOWS\ATKKBService.exe
2R AVG Anti-Spyware Guard - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
3S gusvc (Google Updater Service) - "C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"
2R NVSvc (NVIDIA Display Driver Service) - C:\WINDOWS\system32\nvsvc32.exe
2R O&O Defrag - C:\WINDOWS\system32\oodag.exe
2R SDhelper (PC Tools Spyware Doctor) - C:\Program Files\Spyware Doctor\sdhelp.exe
2R UxTuneUp (TuneUp Design Expansion) - C:\WINDOWS\System32\svchost.exe -k netsvcs
-- Scheduled Tasks -------------------------------------------------------------
2007-04-04 15:52:26 394 --a------ C:\WINDOWS\Tasks\1-Click Maintenance.job
-- Files created between 2007-03-08 and 2007-04-08 -----------------------------
2007-04-06 02:46:41 0 d-------- C:\WINDOWS\system32\oodag
2007-04-06 02:36:19 0 d-------- C:\Program Files\OO Software
2007-04-06 01:48:00 0 d-------- C:\Program Files\Windows X
2007-04-06 01:26:19 3968 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
2007-04-06 01:26:14 0 d-------- C:\Program Files\Grisoft
2007-04-06 01:25:45 0 d-------- C:\Program Files\Lavasoft
2007-04-05 16:58:43 0 d-------- C:\Program Files\FileZilla
2007-04-05 12:25:35 0 d-------- C:\WINDOWS\speech
2007-04-05 12:24:43 0 d-------- C:\Program Files\ivo
2007-04-05 00:11:19 0 d--h----- C:\WINDOWS\Icons
2007-04-05 00:07:44 2322048 --a------ C:\WINDOWS\system32\TUKernel.exe
2007-04-04 15:27:11 24072 --a------ C:\WINDOWS\system32\uxtuneup.dll
2007-04-04 15:26:21 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
2007-04-04 15:25:00 0 d-------- C:\Program Files\TuneUp Utilities 2007
2007-04-04 15:22:35 0 d-------- C:\Instalki
2007-04-04 15:21:18 0 d-------- C:\WINDOWS\system32\appmgmt
2007-04-04 15:04:02 0 d-------- C:\Program Files\Google
2007-04-04 15:03:21 0 d-------- C:\Downloads
2007-04-04 15:02:48 0 d-------- C:\Program Files\BitComet
2007-04-01 18:49:12 0 d-------- C:\Program Files\DAEMON Tools
2007-04-01 16:43:59 0 d-------- C:\Program Files\IrfanView
2007-03-29 13:43:02 0 d-------- C:\Program Files\Common Files\Skype
2007-03-29 13:42:27 0 d-------- C:\Program Files\Skype
2007-03-26 19:19:49 0 d-------- C:\Program Files\Lavalys
2007-03-26 14:59:46 0 d-------- C:\Program Files\HDCleaner
2007-03-26 13:53:26 30592 --a------ C:\WINDOWS\system32\drivers\ikhfile.sys
2007-03-26 13:53:25 51072 --a------ C:\WINDOWS\system32\drivers\ikhlayer.sys
2007-03-26 13:53:10 0 d-------- C:\Program Files\Spyware Doctor
2007-03-26 13:52:56 348160 --a------ C:\WINDOWS\system32\msvcr71.dll
2007-03-26 13:52:56 499712 --a------ C:\WINDOWS\system32\msvcp71.dll
2007-03-25 20:11:34 36624 -----n--- C:\WINDOWS\system32\drivers\PxHelp20.sys
2007-03-25 20:11:34 2560 -----n--- C:\WINDOWS\system32\drivers\cdralw2k.sys
2007-03-25 20:11:34 2432 -----n--- C:\WINDOWS\system32\drivers\cdr4_xp.sys
2007-03-25 20:11:33 118520 -----n--- C:\WINDOWS\system32\pxinsi64.exe
2007-03-25 20:11:33 116472 -----n--- C:\WINDOWS\system32\pxcpyi64.exe
2007-03-25 20:11:33 129784 -----n--- C:\WINDOWS\system32\pxafs.dll
2007-03-25 20:11:17 0 d-------- C:\Program Files\DivX
2007-03-25 15:58:55 0 d-------- C:\Program Files\Gadu-Gadu
2007-03-22 20:42:31 0 d-------- C:\Program Files\Real
2007-03-22 19:35:13 639224 --a------ C:\WINDOWS\system32\drivers\sptd.sys
2007-03-20 16:35:17 0 d-------- C:\Program Files\Trymedia
2007-03-10 00:10:59 0 d-------- C:\Program Files\MegauploadToolbar
2007-03-09 10:18:57 25992 --a------ C:\WINDOWS\system32\pgdfgsvc.exe
-- Find3M Report ---------------------------------------------------------------
2007-04-08 19:09:49 0 d-------- C:\Program Files\Neostrada TP<NEOSTR~1>
2007-04-07 14:48:41 0 d-------- C:\Documents and Settings\BartoeX\Dane aplikacji\iMesh
2007-04-06 01:34:33 0 d-------- C:\Documents and Settings\BartoeX\Dane aplikacji\Lavasoft
2007-04-05 18:48:21 0 d---s---- C:\Documents and Settings\BartoeX\Dane aplikacji\Microsoft<MICROS~1>
2007-04-04 15:31:54 0 d-------- C:\Program Files\RegVac
2007-04-04 15:31:53 0 d-------- C:\Program Files\Mozilla Firefox<MOZILL~1>
2007-04-04 15:08:55 0 d-------- C:\Documents and Settings\BartoeX\Dane aplikacji\Google
2007-04-04 15:03:22 2560 --a------ C:\WINDOWS\system32\BitCometRes.dll
2007-04-04 14:57:20 0 d-------- C:\Documents and Settings\BartoeX\Dane aplikacji\Skype
2007-03-27 15:06:56 0 d-------- C:\Documents and Settings\BartoeX\Dane aplikacji\DivX
2007-03-26 13:53:10 0 d-------- C:\Documents and Settings\BartoeX\Dane aplikacji\PC Tools
2007-03-25 11:07:18 355486 --a------ C:\WINDOWS\system32\perfh015.dat
2007-03-25 11:07:17 49492 --a------ C:\WINDOWS\system32\perfc015.dat
2007-03-24 17:55:17 0 d-------- C:\Documents and Settings\BartoeX\Dane aplikacji\Sports Interactive
2007-03-24 15:55:34 0 d-------- C:\Program Files\Common Files\InstallShield<INSTAL~1>
2007-03-24 01:41:20 0 d-------- C:\Documents and Settings\BartoeX\Dane aplikacji\Help
2007-03-22 20:02:30 0 d-------- C:\Program Files\RegCleaner<REGCLE~1>
2007-03-21 13:53:44 0 d--h----- C:\Program Files\InstallShield Installation Information<INSTAL~1>
2007-03-21 13:52:31 41 --a------ C:\WINDOWS\system32\cfcfec6_s.dll
2007-03-20 16:16:07 0 d-------- C:\Documents and Settings\BartoeX\Dane aplikacji\BitTorrent
2007-03-14 00:48:14 0 d-------- C:\Documents and Settings\BartoeX\Dane aplikacji\MegauploadToolbar
2007-03-08 17:18:24 2935 --a------ C:\WINDOWS\mozver.dat
2007-03-05 12:48:06 0 d-------- C:\Documents and Settings\BartoeX\Dane aplikacji\GanymedeNet<GANYME~1>
2007-03-04 20:23:34 0 d-------- C:\Program Files\SAGEM
2007-03-02 01:01:56 0 d-------- C:\Program Files\iMesh Applications<IMESHA~1>
2007-03-01 21:43:00 5 --ahs---- C:\WINDOWS\system32\cadcfebcceaa7_s.dll<CADCFE~1.DLL>
2007-03-01 21:20:52 0 d-------- C:\Program Files\Yahoo!
2007-03-01 21:20:44 0 d-------- C:\Program Files\CCleaner
2007-02-28 18:12:48 0 d-------- C:\Documents and Settings\BartoeX\Dane aplikacji\Adobe
2007-02-28 16:07:38 0 d-------- C:\Program Files\Common Files\Adobe
2007-02-28 16:07:38 0 d-------- C:\Documents and Settings\BartoeX\Dane aplikacji\InterTrust<INTERT~1>
2007-02-28 15:56:48 0 d-------- C:\Program Files\Testy gimnazjalne 2006<TESTYG~1>
2007-02-27 01:45:32 0 d-------- C:\Program Files\Quintessential Player<QUINTE~1>
2007-02-27 01:05:12 0 d-------- C:\Program Files\AUCTION Creator<AUCTIO~1>
2007-02-26 22:37:06 0 d-------- C:\Program Files\Temp
2007-02-26 22:37:06 0 d-------- C:\Program Files\GinBillard<GINBIL~1>
2007-02-26 22:37:06 0 d-------- C:\Program Files\Common
2007-02-26 21:57:58 0 d-------- C:\Documents and Settings\BartoeX\Dane aplikacji\Macromedia<MACROM~1>
2007-02-26 21:53:00 0 --a------ C:\WINDOWS\nsreg.dat
2007-02-26 21:52:54 0 d-------- C:\Documents and Settings\BartoeX\Dane aplikacji\Mozilla
2007-02-26 21:41:42 0 d-------- C:\Program Files\Java
2007-02-26 21:28:40 0 d-------- C:\Program Files\WinAce
2007-02-26 21:27:52 0 d-------- C:\Documents and Settings\BartoeX\Dane aplikacji\TuneUp Software<TUNEUP~1>
2007-02-26 21:18:48 0 d-------- C:\Program Files\ASUSTeK
2007-02-26 21:01:40 0 d-------- C:\Documents and Settings\BartoeX\Dane aplikacji\Identities<IDENTI~1>
2007-02-26 20:51:08 0 d-------- C:\Program Files\microsoft frontpage<MICROS~1>
2007-02-26 20:50:14 0 -rahs---- C:\MSDOS.SYS
2007-02-26 20:50:14 0 -rahs---- C:\IO.SYS
2007-02-26 20:50:14 0 --a------ C:\CONFIG.SYS
2007-02-26 20:50:14 0 --a------ C:\AUTOEXEC.BAT
2007-02-26 20:47:46 0 d--h----- C:\Program Files\WindowsUpdate<WINDOW~3>
2007-02-26 20:47:40 0 d-------- C:\Program Files\Usługi online<USŁUGI~1>
2007-02-26 20:46:38 0 d-------- C:\Program Files\Common Files\MSSoap
2007-02-26 20:46:24 0 d-------- C:\Program Files\Movie Maker<MOVIEM~1>
2007-02-26 20:44:34 21856 --a------ C:\WINDOWS\system32\emptyregdb.dat<EMPTYR~1.DAT>
2007-02-26 20:43:44 0 d-------- C:\Program Files\Messenger<MESSEN~1>
2007-02-26 20:43:40 0 d-------- C:\Program Files\MSN Gaming Zone<MSNGAM~1>
2007-02-26 20:43:08 0 d-------- C:\Program Files\Windows NT<WINDOW~1>
2007-02-26 20:33:08 0 d-------- C:\Program Files\Common Files\ODBC
2007-02-26 20:33:04 0 d-------- C:\Program Files\Common Files\SpeechEngines<SPEECH~1>
2007-02-26 20:32:30 62 --ahs---- C:\Documents and Settings\BartoeX\Dane aplikacji\desktop.ini
2007-02-23 06:29:58 524288 --a------ C:\WINDOWS\system32\DivXsm.exe
2007-02-23 06:29:56 3596288 --a------ C:\WINDOWS\system32\qt-dx331.dll
2007-02-23 06:29:49 200704 --a------ C:\WINDOWS\system32\ssldivx.dll
2007-02-23 06:29:49 1044480 --a------ C:\WINDOWS\system32\libdivx.dll
2007-02-23 06:25:24 196608 --a------ C:\WINDOWS\system32\dtu100.dll
2007-02-23 06:25:24 73728 --a------ C:\WINDOWS\system32\dpl100.dll
2007-02-23 06:25:23 53248 --a------ C:\WINDOWS\system32\dpuGUI10.dll
2007-02-23 06:25:22 57344 --a------ C:\WINDOWS\system32\dpv11.dll
2007-02-23 06:25:22 344064 --a------ C:\WINDOWS\system32\dpus11.dll
2007-02-23 06:25:22 593920 --a------ C:\WINDOWS\system32\dpuGUI11.dll
2007-02-23 06:25:22 294912 --a------ C:\WINDOWS\system32\dpu11.dll
2007-02-23 06:25:22 294912 --a------ C:\WINDOWS\system32\dpu10.dll
2007-02-23 06:25:19 802816 --a------ C:\WINDOWS\system32\divx_xx11.dll
2007-02-23 06:25:19 823296 --a------ C:\WINDOWS\system32\divx_xx0c.dll
2007-02-23 06:25:19 823296 --a------ C:\WINDOWS\system32\divx_xx07.dll
2007-02-23 06:25:19 639066 --a------ C:\WINDOWS\system32\DivX.dll
2007-02-16 03:40:35 124472 --a------ C:\WINDOWS\system32\DivXCodecUpdateChecker.exe
2007-02-15 13:45:36 707344 --a------ C:\WINDOWS\system32\oodag.exe
2007-02-15 13:34:30 217360 --a------ C:\WINDOWS\system32\oodbs.exe
2007-02-15 13:16:20 11536 --a------ C:\WINDOWS\system32\oodbsrs.dll
2007-02-15 13:16:10 17168 --a------ C:\WINDOWS\system32\oodagrs.dll
2007-02-15 13:15:58 17168 --a------ C:\WINDOWS\system32\oodagmg.dll
2007-02-15 09:44:32 16656 --a------ C:\WINDOWS\system32\ootmapi.dll
-- Registry Dump ---------------------------------------------------------------
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"CTFMON.EXE"="C:\\WINDOWS\\system32\\ctfmon.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"NvCplDaemon"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvCpl.dll,NvStartup"
"NvMediaCenter"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvMcTray.dll,NvTaskbarInit"
"WooCnxMon"="C:\\PROGRA~1\\NEOSTR~1\\CnxMon.exe"
"WOOWATCH"="C:\\PROGRA~1\\NEOSTR~1\\Watch.exe"
"WOOTASKBARICON"="C:\\PROGRA~1\\NEOSTR~1\\TaskbarIcon.exe"
"nwiz"="nwiz.exe /install"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="daemon"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\DAEMON Tools\\daemon.exe\" -lang 1033"
"inimapping"="0"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="SOUNDMAN"
"hkey"="HKLM"
"command"="SOUNDMAN.EXE"
"inimapping"="0"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="GoogleToolbarNotifier"
"hkey"="HKCU"
"command"="C:\\Program Files\\Google\\GoogleToolbarNotifier\\1.2.911.3380\\GoogleToolbarNotifier.exe"
"inimapping"="0"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"FastUserSwitchingCompatibility"=dword:00000003
"ERSvc"=dword:00000002
"WZCSVC"=dword:00000002
"Schedule"=dword:00000002
"wuauserv"=dword:00000002
"WebClient"=dword:00000002
"PolicyAgent"=dword:00000002
"BITS"=dword:00000003
"CiSvc"=dword:00000003
"RSVP"=dword:00000003
"Messenger"=dword:00000002
"helpsvc"=dword:00000002
"mnmsrvc"=dword:00000003
"RDSessMgr"=dword:00000003
"WmiApSrv"=dword:00000003
"SysmonLog"=dword:00000003
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"="AVG Anti-Spyware 7.5"
[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"CTFMON.EXE"="C:\\WINDOWS\\system32\\CTFMON.EXE"
"Spyware Doctor"=""
[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\run]
"CTFMON.EXE"="C:\\WINDOWS\\system32\\CTFMON.EXE"
"Spyware Doctor"=""
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableRegistryTools"=dword:00000000
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoLowDiskSpaceChecks"=dword:00000001
"ClearRecentDocsOnExit"=dword:00000000
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost]
HTTPFilter REG_MULTI_SZ HTTPFilter\0\0
LocalService REG_MULTI_SZ Alerter\0WebClient\0LmHosts\0RemoteRegistry\0upnphost\0SSDPSRV\0\0
NetworkService REG_MULTI_SZ DnsCache\0\0
DcomLaunch REG_MULTI_SZ DcomLaunch\0TermService\0\0
rpcss REG_MULTI_SZ RpcSs\0\0
imgsvc REG_MULTI_SZ StiSvc\0\0
termsvcs REG_MULTI_SZ TermService\0\0
HKLM\software\Microsoft\Windows NT\CurrentVersion\Svchost *netsvcs*
UxTuneUp
[HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ea8eabf6-c5e1-11db-a336-806d6172696f}]
Shell\AutoRun\command E:\start.exe
[HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ec5fa4ae-c5ce-11db-b0c6-806d6172696f}]
Shell\AutoRun\command F:\start.exe
-- End of ComboScan: finished at 2007-04-08 at 19:55:52 ------------------------
- bartoex
- ~user
- Posty: 203
- Dołączenie: 09 Lut 2007, 18:31
- Miejscowość: Elbląg
-
przez wojtas 08 Kwi 2007, 20:13
sciagnij:
ATF_Cleaner
http://www.atribune.org/ccount/click.php?id=1
zaznacz
Windows Temp
Temporary internet files
i wcisnij EMPTY SELECTED
skasuj w hijacku:
ten plik
przeskanuj tymi skanerami
http://virusscan.jotti.org/
http://www.virustotal.com/en/indexf.html
potem dajesz nowego loga z comboscana oraz wynik tychj skanerow
ATF_Cleaner
http://www.atribune.org/ccount/click.php?id=1
zaznacz
Windows Temp
Temporary internet files
i wcisnij EMPTY SELECTED
skasuj w hijacku:
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
ten plik
C:\WINDOWS\system32\cfcfec6_s.dll
przeskanuj tymi skanerami
http://virusscan.jotti.org/
http://www.virustotal.com/en/indexf.html
potem dajesz nowego loga z comboscana oraz wynik tychj skanerow
Ostatnio edytowany przez wojtas, 08 Kwi 2007, 20:16, edytowano w sumie 1 raz
-
wojtas - *mod
- Posty: 18165
- Dołączenie: 13 Sty 2006, 16:00
- Miejscowość: Krzeszyce
- Pochwały: 1656
-
przez fibi07 08 Kwi 2007, 20:13
ja bym Ci poradził co do neostrady zrobienie tak:
wywalenie tego szajsu od neo i sterów od modemu, zainstalowanie samych steró do modemu tj. CD:/drivers/model modemu/setup. masz mniejsze obciążenie procka. często pomaga.
pytanko:
używasz Yahoo! Toolbar?
wywalenie tego szajsu od neo i sterów od modemu, zainstalowanie samych steró do modemu tj. CD:/drivers/model modemu/setup. masz mniejsze obciążenie procka. często pomaga.
pytanko:
używasz Yahoo! Toolbar?
-
fibi07 - ~user
- Posty: 2008
- Dołączenie: 21 Maj 2006, 12:55
- Pochwały: 58
-
Yaho Pocztyprzez fibi07 08 Kwi 2007, 20:22
a chcesz miec ty lepiej czy siostra? wywal to jak wojtas19162 napisał tj. wpis w hjt i później dja nowy log z hjt.
-
fibi07 - ~user
- Posty: 2008
- Dołączenie: 21 Maj 2006, 12:55
- Pochwały: 58
-
przez bartoex 08 Kwi 2007, 20:26
Ten I link
[quote]
[quote]
- Kod: Zaznacz wszystko
Service load:
0% 100%
File: cfcfec6_s.dll
Status:
OK
MD5 b3267754dfe67617da627347576fb449
Packers detected:
-
Scanner results
Scan taken on 08 Apr 2007 18:13:55 (GMT)
AntiVir
Found nothing
ArcaVir
Found nothing
Avast
Found nothing
AVG Antivirus
Found nothing
BitDefender
Found nothing
ClamAV
Found nothing
Dr.Web
Found nothing
F-Prot Antivirus
Found nothing
F-Secure Anti-Virus
Found nothing
Fortinet
Found nothing
Kaspersky Anti-Virus
Found nothing
NOD32
Found nothing
Norman Virus Control
Found nothing
Panda Antivirus
Found nothing
Rising Antivirus
Found nothing
VirusBuster
Found nothing
VBA32
Found nothing
- bartoex
- ~user
- Posty: 203
- Dołączenie: 09 Lut 2007, 18:31
- Miejscowość: Elbląg
-
przez bartoex 08 Kwi 2007, 20:29
II scan
[ Dodano: Dzisiaj o 19:32 ]
Log z Hajacthis
- Kod: Zaznacz wszystko
Antivirus Version Update Result
AhnLab-V3 2007.4.7.0 04.06.2007 no virus found
AntiVir 7.3.1.48 04.08.2007 no virus found
Authentium 4.93.8 04.06.2007 no virus found
Avast 4.7.936.0 04.08.2007 no virus found
AVG 7.5.0.447 04.08.2007 no virus found
BitDefender 7.2 04.08.2007 no virus found
CAT-QuickHeal 9.00 04.06.2007 no virus found
ClamAV devel-20070312 04.08.2007 no virus found
COMBO SCAN
- Kod: Zaznacz wszystko
ComboScan v20070306.20 run by BartoeX on 2007-04-08 at 20:17:36
Computer is in Normal Mode.
--------------------------------------------------------------------------------
-- HijackThis (run as BartoeX.exe) ---------------------------------------------
Logfile of HijackThis v1.99.1
Scan saved at 20:17:39, on 2007-04-08
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\ATKKBService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\oodag.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Spyware Doctor\sdhelp.exe
C:\PROGRA~1\NEOSTR~1\CnxMon.exe
C:\PROGRA~1\NEOSTR~1\TaskbarIcon.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\wscntfy.exe
C:\DOCUME~1\BartoeX\USTAWI~1\Temp\syntalk.exe
C:\Program Files\Neostrada TP\NeostradaTP.exe
C:\Program Files\Neostrada TP\ComComp.exe
C:\Program Files\Neostrada TP\Watch.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Downloads\comboscan.exe
C:\DOCUME~1\BartoeX\Pulpit\BartoeX.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://search.imesh.com/sidebar.html?src=ssb
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.imesh.com/sidebar.html?src=ssb
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.imesh.com/sidebar.html?src=ssb
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.imesh.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Neostrada TP
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\NEOSTR~1\SearchPageURL.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.3.19.dll
O2 - BHO: MEGAUPLOADTOOLBAR - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MegauploadToolbar\megauploadtoolbar.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: MEGAUPLOADTOOLBAR - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MegauploadToolbar\megauploadtoolbar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\NEOSTR~1\CnxMon.exe
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\NEOSTR~1\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\NEOSTR~1\TaskbarIcon.exe
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: Download all links using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: Download all videos using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: Download link using &BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://mks.com.pl
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {FDDBE2B8-6602-4AD8-946D-94C5A32FA6C2} (GameDesire Pool 9) - http://67.15.101.3/g_bin/pl/billard9_2_0_0_30.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{4CDBA188-5452-4365-B595-9AA917D436A8}: NameServer = 194.204.152.34 217.98.63.164
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\Skype4COM.dll
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe
O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools Research Pty Ltd - C:\Program Files\Spyware Doctor\sdhelp.exe
-- Files created between 2007-03-08 and 2007-04-08 -----------------------------
2007-04-06 02:46:41 0 d-------- C:\WINDOWS\system32\oodag
2007-04-06 02:36:19 0 d-------- C:\Program Files\OO Software
2007-04-06 01:48:00 0 d-------- C:\Program Files\Windows X
2007-04-06 01:26:19 3968 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
2007-04-06 01:26:14 0 d-------- C:\Program Files\Grisoft
2007-04-06 01:25:45 0 d-------- C:\Program Files\Lavasoft
2007-04-05 16:58:43 0 d-------- C:\Program Files\FileZilla
2007-04-05 12:25:35 0 d-------- C:\WINDOWS\speech
2007-04-05 12:24:43 0 d-------- C:\Program Files\ivo
2007-04-05 00:11:19 0 d--h----- C:\WINDOWS\Icons
2007-04-05 00:07:44 2322048 --a------ C:\WINDOWS\system32\TUKernel.exe
2007-04-04 15:27:11 24072 --a------ C:\WINDOWS\system32\uxtuneup.dll
2007-04-04 15:26:21 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
2007-04-04 15:25:00 0 d-------- C:\Program Files\TuneUp Utilities 2007
2007-04-04 15:22:35 0 d-------- C:\Instalki
2007-04-04 15:21:18 0 d-------- C:\WINDOWS\system32\appmgmt
2007-04-04 15:04:02 0 d-------- C:\Program Files\Google
2007-04-04 15:03:21 0 d-------- C:\Downloads
2007-04-04 15:02:48 0 d-------- C:\Program Files\BitComet
2007-04-01 18:49:12 0 d-------- C:\Program Files\DAEMON Tools
2007-04-01 16:43:59 0 d-------- C:\Program Files\IrfanView
2007-03-29 13:43:02 0 d-------- C:\Program Files\Common Files\Skype
2007-03-29 13:42:27 0 d-------- C:\Program Files\Skype
2007-03-26 19:19:49 0 d-------- C:\Program Files\Lavalys
2007-03-26 14:59:46 0 d-------- C:\Program Files\HDCleaner
2007-03-26 13:53:26 30592 --a------ C:\WINDOWS\system32\drivers\ikhfile.sys
2007-03-26 13:53:25 51072 --a------ C:\WINDOWS\system32\drivers\ikhlayer.sys
2007-03-26 13:53:10 0 d-------- C:\Program Files\Spyware Doctor
2007-03-26 13:52:56 348160 --a------ C:\WINDOWS\system32\msvcr71.dll
2007-03-26 13:52:56 499712 --a------ C:\WINDOWS\system32\msvcp71.dll
2007-03-25 20:11:34 36624 -----n--- C:\WINDOWS\system32\drivers\PxHelp20.sys
2007-03-25 20:11:34 2560 -----n--- C:\WINDOWS\system32\drivers\cdralw2k.sys
2007-03-25 20:11:34 2432 -----n--- C:\WINDOWS\system32\drivers\cdr4_xp.sys
2007-03-25 20:11:33 118520 -----n--- C:\WINDOWS\system32\pxinsi64.exe
2007-03-25 20:11:33 116472 -----n--- C:\WINDOWS\system32\pxcpyi64.exe
2007-03-25 20:11:33 129784 -----n--- C:\WINDOWS\system32\pxafs.dll
2007-03-25 20:11:17 0 d-------- C:\Program Files\DivX
2007-03-25 15:58:55 0 d-------- C:\Program Files\Gadu-Gadu
2007-03-22 20:42:31 0 d-------- C:\Program Files\Real
2007-03-22 19:35:13 639224 --a------ C:\WINDOWS\system32\drivers\sptd.sys
2007-03-20 16:35:17 0 d-------- C:\Program Files\Trymedia
2007-03-10 00:10:59 0 d-------- C:\Program Files\MegauploadToolbar
2007-03-09 10:18:57 25992 --a------ C:\WINDOWS\system32\pgdfgsvc.exe
-- Find3M Report ---------------------------------------------------------------
2007-04-08 19:09:49 0 d-------- C:\Program Files\Neostrada TP<NEOSTR~1>
2007-04-07 14:48:41 0 d-------- C:\Documents and Settings\BartoeX\Dane aplikacji\iMesh
2007-04-06 01:34:33 0 d-------- C:\Documents and Settings\BartoeX\Dane aplikacji\Lavasoft
2007-04-05 18:48:21 0 d---s---- C:\Documents and Settings\BartoeX\Dane aplikacji\Microsoft<MICROS~1>
2007-04-04 15:31:54 0 d-------- C:\Program Files\RegVac
2007-04-04 15:31:53 0 d-------- C:\Program Files\Mozilla Firefox<MOZILL~1>
2007-04-04 15:08:55 0 d-------- C:\Documents and Settings\BartoeX\Dane aplikacji\Google
2007-04-04 15:03:22 2560 --a------ C:\WINDOWS\system32\BitCometRes.dll
2007-04-04 14:57:20 0 d-------- C:\Documents and Settings\BartoeX\Dane aplikacji\Skype
2007-03-27 15:06:56 0 d-------- C:\Documents and Settings\BartoeX\Dane aplikacji\DivX
2007-03-26 13:53:10 0 d-------- C:\Documents and Settings\BartoeX\Dane aplikacji\PC Tools
2007-03-25 11:07:18 355486 --a------ C:\WINDOWS\system32\perfh015.dat
2007-03-25 11:07:17 49492 --a------ C:\WINDOWS\system32\perfc015.dat
2007-03-24 17:55:17 0 d-------- C:\Documents and Settings\BartoeX\Dane aplikacji\Sports Interactive
2007-03-24 15:55:34 0 d-------- C:\Program Files\Common Files\InstallShield<INSTAL~1>
2007-03-24 01:41:20 0 d-------- C:\Documents and Settings\BartoeX\Dane aplikacji\Help
2007-03-22 20:02:30 0 d-------- C:\Program Files\RegCleaner<REGCLE~1>
2007-03-21 13:53:44 0 d--h----- C:\Program Files\InstallShield Installation Information<INSTAL~1>
2007-03-21 13:52:31 41 --a------ C:\WINDOWS\system32\cfcfec6_s.dll
2007-03-20 16:16:07 0 d-------- C:\Documents and Settings\BartoeX\Dane aplikacji\BitTorrent
2007-03-14 00:48:14 0 d-------- C:\Documents and Settings\BartoeX\Dane aplikacji\MegauploadToolbar
2007-03-08 17:18:24 2935 --a------ C:\WINDOWS\mozver.dat
2007-03-05 12:48:06 0 d-------- C:\Documents and Settings\BartoeX\Dane aplikacji\GanymedeNet<GANYME~1>
2007-03-04 20:23:34 0 d-------- C:\Program Files\SAGEM
2007-03-02 01:01:56 0 d-------- C:\Program Files\iMesh Applications<IMESHA~1>
2007-03-01 21:43:00 5 --ahs---- C:\WINDOWS\system32\cadcfebcceaa7_s.dll<CADCFE~1.DLL>
2007-03-01 21:20:52 0 d-------- C:\Program Files\Yahoo!
2007-03-01 21:20:44 0 d-------- C:\Program Files\CCleaner
2007-02-28 18:12:48 0 d-------- C:\Documents and Settings\BartoeX\Dane aplikacji\Adobe
2007-02-28 16:07:38 0 d-------- C:\Program Files\Common Files\Adobe
2007-02-28 16:07:38 0 d-------- C:\Documents and Settings\BartoeX\Dane aplikacji\InterTrust<INTERT~1>
2007-02-28 15:56:48 0 d-------- C:\Program Files\Testy gimnazjalne 2006<TESTYG~1>
2007-02-27 01:45:32 0 d-------- C:\Program Files\Quintessential Player<QUINTE~1>
2007-02-27 01:05:12 0 d-------- C:\Program Files\AUCTION Creator<AUCTIO~1>
2007-02-26 22:37:06 0 d-------- C:\Program Files\Temp
2007-02-26 22:37:06 0 d-------- C:\Program Files\GinBillard<GINBIL~1>
2007-02-26 22:37:06 0 d-------- C:\Program Files\Common
2007-02-26 21:57:58 0 d-------- C:\Documents and Settings\BartoeX\Dane aplikacji\Macromedia<MACROM~1>
2007-02-26 21:53:00 0 --a------ C:\WINDOWS\nsreg.dat
2007-02-26 21:52:54 0 d-------- C:\Documents and Settings\BartoeX\Dane aplikacji\Mozilla
2007-02-26 21:41:42 0 d-------- C:\Program Files\Java
2007-02-26 21:28:40 0 d-------- C:\Program Files\WinAce
2007-02-26 21:27:52 0 d-------- C:\Documents and Settings\BartoeX\Dane aplikacji\TuneUp Software<TUNEUP~1>
2007-02-26 21:18:48 0 d-------- C:\Program Files\ASUSTeK
2007-02-26 21:01:40 0 d-------- C:\Documents and Settings\BartoeX\Dane aplikacji\Identities<IDENTI~1>
2007-02-26 20:51:08 0 d-------- C:\Program Files\microsoft frontpage<MICROS~1>
2007-02-26 20:50:14 0 -rahs---- C:\MSDOS.SYS
2007-02-26 20:50:14 0 -rahs---- C:\IO.SYS
2007-02-26 20:50:14 0 --a------ C:\CONFIG.SYS
2007-02-26 20:50:14 0 --a------ C:\AUTOEXEC.BAT
2007-02-26 20:47:46 0 d--h----- C:\Program Files\WindowsUpdate<WINDOW~3>
2007-02-26 20:47:40 0 d-------- C:\Program Files\Usługi online<USŁUGI~1>
2007-02-26 20:46:38 0 d-------- C:\Program Files\Common Files\MSSoap
2007-02-26 20:46:24 0 d-------- C:\Program Files\Movie Maker<MOVIEM~1>
2007-02-26 20:44:34 21856 --a------ C:\WINDOWS\system32\emptyregdb.dat<EMPTYR~1.DAT>
2007-02-26 20:43:44 0 d-------- C:\Program Files\Messenger<MESSEN~1>
2007-02-26 20:43:40 0 d-------- C:\Program Files\MSN Gaming Zone<MSNGAM~1>
2007-02-26 20:43:08 0 d-------- C:\Program Files\Windows NT<WINDOW~1>
2007-02-26 20:33:08 0 d-------- C:\Program Files\Common Files\ODBC
2007-02-26 20:33:04 0 d-------- C:\Program Files\Common Files\SpeechEngines<SPEECH~1>
2007-02-26 20:32:30 62 --ahs---- C:\Documents and Settings\BartoeX\Dane aplikacji\desktop.ini
2007-02-23 06:29:58 524288 --a------ C:\WINDOWS\system32\DivXsm.exe
2007-02-23 06:29:56 3596288 --a------ C:\WINDOWS\system32\qt-dx331.dll
2007-02-23 06:29:49 200704 --a------ C:\WINDOWS\system32\ssldivx.dll
2007-02-23 06:29:49 1044480 --a------ C:\WINDOWS\system32\libdivx.dll
2007-02-23 06:25:24 196608 --a------ C:\WINDOWS\system32\dtu100.dll
2007-02-23 06:25:24 73728 --a------ C:\WINDOWS\system32\dpl100.dll
2007-02-23 06:25:23 53248 --a------ C:\WINDOWS\system32\dpuGUI10.dll
2007-02-23 06:25:22 57344 --a------ C:\WINDOWS\system32\dpv11.dll
2007-02-23 06:25:22 344064 --a------ C:\WINDOWS\system32\dpus11.dll
2007-02-23 06:25:22 593920 --a------ C:\WINDOWS\system32\dpuGUI11.dll
2007-02-23 06:25:22 294912 --a------ C:\WINDOWS\system32\dpu11.dll
2007-02-23 06:25:22 294912 --a------ C:\WINDOWS\system32\dpu10.dll
2007-02-23 06:25:19 802816 --a------ C:\WINDOWS\system32\divx_xx11.dll
2007-02-23 06:25:19 823296 --a------ C:\WINDOWS\system32\divx_xx0c.dll
2007-02-23 06:25:19 823296 --a------ C:\WINDOWS\system32\divx_xx07.dll
2007-02-23 06:25:19 639066 --a------ C:\WINDOWS\system32\DivX.dll
2007-02-16 03:40:35 124472 --a------ C:\WINDOWS\system32\DivXCodecUpdateChecker.exe
2007-02-15 13:45:36 707344 --a------ C:\WINDOWS\system32\oodag.exe
2007-02-15 13:34:30 217360 --a------ C:\WINDOWS\system32\oodbs.exe
2007-02-15 13:16:20 11536 --a------ C:\WINDOWS\system32\oodbsrs.dll
2007-02-15 13:16:10 17168 --a------ C:\WINDOWS\system32\oodagrs.dll
2007-02-15 13:15:58 17168 --a------ C:\WINDOWS\system32\oodagmg.dll
2007-02-15 09:44:32 16656 --a------ C:\WINDOWS\system32\ootmapi.dll
-- Registry Dump ---------------------------------------------------------------
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"CTFMON.EXE"="C:\\WINDOWS\\system32\\ctfmon.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"NvCplDaemon"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvCpl.dll,NvStartup"
"NvMediaCenter"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvMcTray.dll,NvTaskbarInit"
"WooCnxMon"="C:\\PROGRA~1\\NEOSTR~1\\CnxMon.exe"
"WOOWATCH"="C:\\PROGRA~1\\NEOSTR~1\\Watch.exe"
"WOOTASKBARICON"="C:\\PROGRA~1\\NEOSTR~1\\TaskbarIcon.exe"
"nwiz"="nwiz.exe /install"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="daemon"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\DAEMON Tools\\daemon.exe\" -lang 1033"
"inimapping"="0"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="SOUNDMAN"
"hkey"="HKLM"
"command"="SOUNDMAN.EXE"
"inimapping"="0"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="GoogleToolbarNotifier"
"hkey"="HKCU"
"command"="C:\\Program Files\\Google\\GoogleToolbarNotifier\\1.2.911.3380\\GoogleToolbarNotifier.exe"
"inimapping"="0"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"FastUserSwitchingCompatibility"=dword:00000003
"ERSvc"=dword:00000002
"WZCSVC"=dword:00000002
"Schedule"=dword:00000002
"wuauserv"=dword:00000002
"WebClient"=dword:00000002
"PolicyAgent"=dword:00000002
"BITS"=dword:00000003
"CiSvc"=dword:00000003
"RSVP"=dword:00000003
"Messenger"=dword:00000002
"helpsvc"=dword:00000002
"mnmsrvc"=dword:00000003
"RDSessMgr"=dword:00000003
"WmiApSrv"=dword:00000003
"SysmonLog"=dword:00000003
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"="AVG Anti-Spyware 7.5"
[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"CTFMON.EXE"="C:\\WINDOWS\\system32\\CTFMON.EXE"
"Spyware Doctor"=""
[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\run]
"CTFMON.EXE"="C:\\WINDOWS\\system32\\CTFMON.EXE"
"Spyware Doctor"=""
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableRegistryTools"=dword:00000000
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoLowDiskSpaceChecks"=dword:00000001
"ClearRecentDocsOnExit"=dword:00000000
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost]
HTTPFilter REG_MULTI_SZ HTTPFilter\0\0
LocalService REG_MULTI_SZ Alerter\0WebClient\0LmHosts\0RemoteRegistry\0upnphost\0SSDPSRV\0\0
NetworkService REG_MULTI_SZ DnsCache\0\0
DcomLaunch REG_MULTI_SZ DcomLaunch\0TermService\0\0
rpcss REG_MULTI_SZ RpcSs\0\0
imgsvc REG_MULTI_SZ StiSvc\0\0
termsvcs REG_MULTI_SZ TermService\0\0
HKLM\software\Microsoft\Windows NT\CurrentVersion\Svchost *netsvcs*
UxTuneUp
[HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ea8eabf6-c5e1-11db-a336-806d6172696f}]
Shell\AutoRun\command E:\start.exe
[HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ec5fa4ae-c5ce-11db-b0c6-806d6172696f}]
Shell\AutoRun\command F:\start.exe
-- End of ComboScan: finished at 2007-04-08 at 20:18:50 ------------------------
[ Dodano: Dzisiaj o 19:32 ]
Log z Hajacthis
- Kod: Zaznacz wszystko
Logfile of HijackThis v1.99.1
Scan saved at 20:21:03, on 2007-04-08
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\ATKKBService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\oodag.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Spyware Doctor\sdhelp.exe
C:\PROGRA~1\NEOSTR~1\CnxMon.exe
C:\PROGRA~1\NEOSTR~1\TaskbarIcon.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\wscntfy.exe
C:\DOCUME~1\BartoeX\USTAWI~1\Temp\syntalk.exe
C:\Program Files\Neostrada TP\NeostradaTP.exe
C:\Program Files\Neostrada TP\ComComp.exe
C:\Program Files\Neostrada TP\Watch.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\BartoeX\Pulpit\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://search.imesh.com/sidebar.html?src=ssb
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.imesh.com/sidebar.html?src=ssb
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.imesh.com/sidebar.html?src=ssb
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.imesh.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Neostrada TP
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\NEOSTR~1\SearchPageURL.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.3.19.dll
O2 - BHO: MEGAUPLOADTOOLBAR - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MegauploadToolbar\megauploadtoolbar.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: MEGAUPLOADTOOLBAR - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MegauploadToolbar\megauploadtoolbar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\NEOSTR~1\CnxMon.exe
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\NEOSTR~1\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\NEOSTR~1\TaskbarIcon.exe
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: Download all links using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: Download all videos using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: Download link using &BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://mks.com.pl
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {FDDBE2B8-6602-4AD8-946D-94C5A32FA6C2} (GameDesire Pool 9) - http://67.15.101.3/g_bin/pl/billard9_2_0_0_30.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{4CDBA188-5452-4365-B595-9AA917D436A8}: NameServer = 194.204.152.34 217.98.63.164
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\Skype4COM.dll
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe
O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools Research Pty Ltd - C:\Program Files\Spyware Doctor\sdhelp.exe
- bartoex
- ~user
- Posty: 203
- Dołączenie: 09 Lut 2007, 18:31
- Miejscowość: Elbląg
-
przez fibi07 08 Kwi 2007, 20:36
coś to mi śmierdzi 
ale nie dam sobie głowy uciąć.
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
ale nie dam sobie głowy uciąć.
-
fibi07 - ~user
- Posty: 2008
- Dołączenie: 21 Maj 2006, 12:55
- Pochwały: 58
-
27 posty(ów) • Strona 1 z 2 • 1, 2
Kto jest na forum
Użytkownicy przeglądający to forum: Brak zarejestrowanych użytkowników oraz 10 gości