Dodam jeszcze że wcześniej użytkowałem program przez dłuższy czas i nie miałem takich problemó.
Aktualizacje na programosy.pl:
Fab's AutoBackup Pro • WinMerge • DesktopOK • J. River Media Center • reaConverter Lite • EmEditor Professional • GetWindowText • PotPlayer • Far Manager
-
- Ogłoszenie:
bearshare
11 posty(ów) • Strona 1 z 1
bearshare
przez ironmisiek 03 Maj 2007, 12:08
Dodam jeszcze że wcześniej użytkowałem program przez dłuższy czas i nie miałem takich problemó.
- ironmisiek
- ~user
- Posty: 186
- Dołączenie: 04 Sty 2006, 22:54
- Miejscowość: Lublin
- Pochwały: 1
przez lisu221 03 Maj 2007, 12:21
Ja bym spróbował ściągnąć nowszą wersję (nie wiem jakiej używasz).
"Mówiąc jaka jest dzisiejsza młodzież, zastanówcie się, jacy są Ci, co ją wychowali"
-
lisu221 - ~user
- Posty: 559
- Dołączenie: 27 Gru 2005, 16:23
- Miejscowość: Łowicz
- Pochwały: 2
przez lisu221 03 Maj 2007, 12:40
A skanowałeś kompa w poszukiwaniu "insektów" 
Może jest zasyfiony
Może jest zasyfiony "Mówiąc jaka jest dzisiejsza młodzież, zastanówcie się, jacy są Ci, co ją wychowali"
-
lisu221 - ~user
- Posty: 559
- Dołączenie: 27 Gru 2005, 16:23
- Miejscowość: Łowicz
- Pochwały: 2
-
przez lisu221 03 Maj 2007, 19:52
Zeskanuj jeszcze Ad-Aware-m. To wykrywa takie "małe robaki". Mi często pomaga 
"Mówiąc jaka jest dzisiejsza młodzież, zastanówcie się, jacy są Ci, co ją wychowali"
-
lisu221 - ~user
- Posty: 559
- Dołączenie: 27 Gru 2005, 16:23
- Miejscowość: Łowicz
- Pochwały: 2
przez ironmisiek 03 Maj 2007, 21:38
Przeskanowałem, usunełem, zainstalowałem od nowa bearshara i dalej to samo. Ma ktoś jeszcze jakieś pomysły co może być przyczną?
- ironmisiek
- ~user
- Posty: 186
- Dołączenie: 04 Sty 2006, 22:54
- Miejscowość: Lublin
- Pochwały: 1
-
przez wojtas 03 Maj 2007, 21:46
daj loga z hijack this oraz silent runners
http://forum.programosy.pl/hijackthis-amp-silent-runners-gtobsuga-i-umieszczanie-vt9452.html
http://forum.programosy.pl/hijackthis-amp-silent-runners-gtobsuga-i-umieszczanie-vt9452.html
-
wojtas - *mod
- Posty: 18165
- Dołączenie: 13 Sty 2006, 16:00
- Miejscowość: Krzeszyce
- Pochwały: 1656
przez ironmisiek 03 Maj 2007, 21:58
- Kod: Zaznacz wszystko
Logfile of HijackThis v1.99.1
Scan saved at 21:39:41, on 2007-05-03
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\ALCWZRD.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Beniamin\tguard.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Gadu-Gadu\gg.exe
C:\Program Files\Common Files\Teleca Shared\CapabilityManager.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Teleca Shared\Generic.exe
C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Opera\Opera.exe
C:\Documents and Settings\Misio\Pulpit\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.3.28.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [tguard] C:\Program Files\Beniamin\tguard.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Gadu-Gadu] "C:\Program Files\Gadu-Gadu\gg.exe" /tray
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: Download all links using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: Download all videos using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: Download link using &BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\bnmndrv.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bnmndrv.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bnmndrv.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bnmndrv.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bnmndrv.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bnmndrv.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bnmndrv.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bnmndrv.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bnmndrv.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bnmndrv.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bnmndrv.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bnmndrv.dll
O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} (MksSkanerOnline Class) - http://www.mks.com.pl/skaner/SkanerOnline.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{EDF7E41F-5AE9-4CE7-9A45-7FCED6AF70A6}: NameServer = 62.233.190.1,62.233.189.10
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
- Kod: Zaznacz wszystko
"Silent Runners.vbs", revision R50, http://www.silentrunners.org/
Operating System: Windows XP SP2
Output limited to non-default values, except where indicated by "{++}"
Startup items buried in registry:
---------------------------------
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\ {++}
"CTFMON.EXE" = "C:\WINDOWS\system32\ctfmon.exe" [MS]
"Gadu-Gadu" = ""C:\Program Files\Gadu-Gadu\gg.exe" /tray" ["Gadu-Gadu S.A."]
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\ {++}
"NvCplDaemon" = "RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup" [MS]
"nwiz" = "nwiz.exe /install" ["NVIDIA Corporation"]
"NvMediaCenter" = "RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit" [MS]
"High Definition Audio Property Page Shortcut" = "HDAShCut.exe" ["Windows (R) Server 2003 DDK provider"]
"SkyTel" = "SkyTel.EXE" ["Realtek Semiconductor Corp."]
"SoundMan" = "SOUNDMAN.EXE" ["Realtek Semiconductor Corp."]
"AlcWzrd" = "ALCWZRD.EXE" ["RealTek Semicoductor Corp."]
"Alcmtr" = "ALCMTR.EXE" ["Realtek Semiconductor Corp."]
"avast!" = "C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" ["ALWIL Software"]
"WinampAgent" = "C:\Program Files\Winamp\winampa.exe" [null data]
"NeroFilterCheck" = "C:\WINDOWS\system32\NeroCheck.exe" ["Ahead Software Gmbh"]
"tguard" = "C:\Program Files\Beniamin\tguard.exe" ["AKKORP"]
"HP Component Manager" = ""C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"" ["Hewlett-Packard Company"]
"HPDJ Taskbar Utility" = "C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe" ["HP"]
"HP Software Update" = ""C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe"" ["Hewlett-Packard Company"]
"(Default)" = "(empty string)" [file not found]
"Sony Ericsson PC Suite" = ""C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions" ["Sony Ericsson Mobile Communications AB"]
"SunJavaUpdateSched" = ""C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"" ["Sun Microsystems, Inc."]
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}\(Default) = (no title provided)
-> {HKLM...CLSID} = "AcroIEHlprObj Class"
\InProcServer32\(Default) = "C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll" ["Adobe Systems Incorporated"]
{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60}\(Default) = "BitComet ClickCapture"
-> {HKLM...CLSID} = "BitComet Helper"
\InProcServer32\(Default) = "C:\Program Files\BitComet\tools\BitCometBHO_1.1.3.28.dll" ["BitComet"]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\(Default) = (no title provided)
-> {HKLM...CLSID} = "SSVHelper Class"
\InProcServer32\(Default) = "C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll" ["Sun Microsystems, Inc."]
HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\
"{42071714-76d4-11d1-8b24-00a0c9068ff3}" = "Rozszerzenie CPL kadrowania wyświetlania"
-> {HKLM...CLSID} = "Rozszerzenie CPL kadrowania wyświetlania"
\InProcServer32\(Default) = "deskpan.dll" [file not found]
"{88895560-9AA2-1069-930E-00AA0030EBC8}" = "Rozszerzenie ikony HyperTerminalu"
-> {HKLM...CLSID} = "HyperTerminal Icon Ext"
\InProcServer32\(Default) = "C:\WINDOWS\system32\hticons.dll" ["Hilgraeve, Inc."]
"{A70C977A-BF00-412C-90B7-034C51DA2439}" = "NvCpl DesktopContext Class"
-> {HKLM...CLSID} = "DesktopContext Class"
\InProcServer32\(Default) = "C:\WINDOWS\system32\nvcpl.dll" ["NVIDIA Corporation"]
"{FFB699E0-306A-11d3-8BD1-00104B6F7516}" = "Play on my TV helper"
-> {HKLM...CLSID} = "NVIDIA CPL Extension"
\InProcServer32\(Default) = "C:\WINDOWS\system32\nvcpl.dll" ["NVIDIA Corporation"]
"{1CDB2949-8F65-4355-8456-263E7C208A5D}" = "Desktop Explorer"
-> {HKLM...CLSID} = "Desktop Explorer"
\InProcServer32\(Default) = "C:\WINDOWS\system32\nvshell.dll" ["NVIDIA Corporation"]
"{1E9B04FB-F9E5-4718-997B-B8DA88302A47}" = "Desktop Explorer Menu"
-> {HKLM...CLSID} = (no title provided)
\InProcServer32\(Default) = "C:\WINDOWS\system32\nvshell.dll" ["NVIDIA Corporation"]
"{1E9B04FB-F9E5-4718-997B-B8DA88302A48}" = "nView Desktop Context Menu"
-> {HKLM...CLSID} = "nView Desktop Context Menu"
\InProcServer32\(Default) = "C:\WINDOWS\system32\nvshell.dll" ["NVIDIA Corporation"]
"{472083B0-C522-11CF-8763-00608CC02F24}" = "avast"
-> {HKLM...CLSID} = "avast"
\InProcServer32\(Default) = "C:\Program Files\Alwil Software\Avast4\ashShell.dll" ["ALWIL Software"]
"{32020A01-506E-484D-A2A8-BE3CF17601C3}" = "AlcoholShellEx"
-> {HKLM...CLSID} = "AlcoholShellEx"
\InProcServer32\(Default) = "C:\PROGRA~1\ALCOHO~1\ALCOHO~1\AXShlEx.dll" ["Alcohol Soft Development Team"]
"{42042206-2D85-11D3-8CFF-005004838597}" = "Microsoft Office HTML Icon Handler"
-> {HKLM...CLSID} = (no title provided)
\InProcServer32\(Default) = "C:\Program Files\Microsoft Office\Office10\msohev.dll" [MS]
"{A5110426-177D-4e08-AB3F-785F10B4439C}" = "Sony Ericsson File Manager"
-> {HKLM...CLSID} = "Sony Ericsson File Manager"
\InProcServer32\(Default) = "C:\Program Files\Sony Ericsson\Mobile2\File Manager\fmgrgui.dll" ["Sony Ericsson Mobile Communications AB"]
HKLM\Software\Classes\Folder\shellex\ColumnHandlers\
{F9DB5320-233E-11D1-9F84-707F02C10627}\(Default) = "PDF Column Info"
-> {HKLM...CLSID} = "PDF Shell Extension"
\InProcServer32\(Default) = "C:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll" ["Adobe Systems, Inc."]
HKLM\Software\Classes\*\shellex\ContextMenuHandlers\
avast\(Default) = "{472083B0-C522-11CF-8763-00608CC02F24}"
-> {HKLM...CLSID} = "avast"
\InProcServer32\(Default) = "C:\Program Files\Alwil Software\Avast4\ashShell.dll" ["ALWIL Software"]
PowerArchiver\(Default) = "{d03d3e68-0c44-3d45-b15f-bcfd8a8b4c7e}"
-> {HKLM...CLSID} = "PowerArchiver Shell Extensions"
\InProcServer32\(Default) = "C:\Program Files\PowerArchiver\PASHLEXT.DLL" ["ConeXware, Inc."]
HKLM\Software\Classes\Folder\shellex\ContextMenuHandlers\
avast\(Default) = "{472083B0-C522-11CF-8763-00608CC02F24}"
-> {HKLM...CLSID} = "avast"
\InProcServer32\(Default) = "C:\Program Files\Alwil Software\Avast4\ashShell.dll" ["ALWIL Software"]
PowerArchiver\(Default) = "{d03d3e68-0c44-3d45-b15f-bcfd8a8b4c7e}"
-> {HKLM...CLSID} = "PowerArchiver Shell Extensions"
\InProcServer32\(Default) = "C:\Program Files\PowerArchiver\PASHLEXT.DLL" ["ConeXware, Inc."]
Group Policies {GPedit.msc branch and setting}:
-----------------------------------------------
Note: detected settings may not have any effect.
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System\
"shutdownwithoutlogon" = (REG_DWORD) hex:0x00000001
{Computer Configuration|Windows Settings|Security Settings|Local Policies|Security Options|
Shutdown: Allow system to be shut down without having to log on}
"undockwithoutlogon" = (REG_DWORD) hex:0x00000001
{Computer Configuration|Windows Settings|Security Settings|Local Policies|Security Options|
Devices: Allow undock without having to log on}
Active Desktop and Wallpaper:
-----------------------------
Active Desktop may be enabled at this entry:
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellState
Displayed if Active Desktop enabled and wallpaper not set by Group Policy:
HKCU\Software\Microsoft\Internet Explorer\Desktop\General\
"Wallpaper" = "C:\WINDOWS\system32\config\systemprofile\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp"
Displayed if Active Desktop disabled and wallpaper not set by Group Policy:
HKCU\Control Panel\Desktop\
"Wallpaper" = "C:\Documents and Settings\Misio\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp"
Active Desktop web content (hidden if disabled):
HKCU\Software\Microsoft\Internet Explorer\Desktop\Components\0\
"FriendlyName" = ""
"Source" = "http://www.krus.gov.pl/krus/struktura/typo3conf/ext/rtehtmlarea/htmlarea/plugins/TYPO3Browsers/img/internal_link.gif"
"SubscribedURL" = "http://www.krus.gov.pl/krus/struktura/typo3conf/ext/rtehtmlarea/htmlarea/plugins/TYPO3Browsers/img/internal_link.gif"
Enabled Screen Saver:
---------------------
HKCU\Control Panel\Desktop\
"SCRNSAVE.EXE" = "C:\WINDOWS\system32\logon.scr" [MS]
Startup items in "Misio" & "All Users" startup folders:
-------------------------------------------------------
C:\Documents and Settings\All Users\Menu Start\Programy\Autostart
"Adobe Reader Speed Launch" -> shortcut to: "C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe" ["Adobe Systems Incorporated"]
"Microsoft Office" -> shortcut to: "C:\Program Files\Microsoft Office\Office10\OSA.EXE -b -l" [MS]
Winsock2 Service Provider DLLs:
-------------------------------
Namespace Service Providers
HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries\ {++}
000000000001\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS]
000000000002\LibraryPath = "%SystemRoot%\System32\winrnr.dll" [MS]
000000000003\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS]
Transport Service Providers
HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\ {++}
0000000000##\PackedCatalogItem (contains) DLL [Company Name], (at) ## range:
%SYSTEMROOT%\system32\bnmndrv.dll [null data], 01 - 11, 23
%SystemRoot%\system32\mswsock.dll [MS], 12 - 14, 17 - 22
%SystemRoot%\system32\rsvpsp.dll [MS], 15 - 16
Toolbars, Explorer Bars, Extensions:
------------------------------------
Extensions (Tools menu items, main toolbar menu buttons)
HKLM\Software\Microsoft\Internet Explorer\Extensions\
{08B0E5C0-4FCB-11CF-AAA5-00401C608501}\
"MenuText" = "Sun Java Console"
"CLSIDExtension" = "{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBC}"
-> {HKCU...CLSID} = "Java Plug-in 1.6.0_01"
\InProcServer32\(Default) = "C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll" ["Sun Microsystems, Inc."]
-> {HKLM...CLSID} = "Java Plug-in 1.6.0_01"
\InProcServer32\(Default) = "C:\Program Files\Java\jre1.6.0_01\bin\npjpi160_01.dll" ["Sun Microsystems, Inc."]
{FB5F1910-F110-11D2-BB9E-00C04F795683}\
"ButtonText" = "Messenger"
"MenuText" = "Windows Messenger"
"Exec" = "C:\Program Files\Messenger\msmsgs.exe" [MS]
Running Services (Display Name, Service Name, Path {Service DLL}):
------------------------------------------------------------------
avast! Antivirus, avast! Antivirus, ""C:\Program Files\Alwil Software\Avast4\ashServ.exe"" ["ALWIL Software"]
avast! iAVS4 Control Service, aswUpdSv, ""C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe"" ["ALWIL Software"]
avast! Mail Scanner, avast! Mail Scanner, ""C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service" ["ALWIL Software"]
avast! Web Scanner, avast! Web Scanner, ""C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service" ["ALWIL Software"]
NVIDIA Display Driver Service, NVSvc, "C:\WINDOWS\system32\nvsvc32.exe" ["NVIDIA Corporation"]
Print Monitors:
---------------
HKLM\System\CurrentControlSet\Control\Print\Monitors\
hpzsnt10\Driver = "hpzsnt10.dll" ["HP"]
----------
+ This report excludes default entries except where indicated.
+ To see *everywhere* the script checks and *everything* it finds,
launch it from a command prompt or a shortcut with the -all parameter.
+ The search for DESKTOP.INI DLL launch points on all local fixed drives
took 8 seconds.
---------- (total run time: 44 seconds)
Ostatnio edytowany przez ironmisiek 04 Maj 2007, 12:09, edytowano w sumie 2 razy
- ironmisiek
- ~user
- Posty: 186
- Dołączenie: 04 Sty 2006, 22:54
- Miejscowość: Lublin
- Pochwały: 1
-
przez wojtas 03 Maj 2007, 22:04
skasuj wpis :
pogrubony wywal
daj loga z comboscana
http://forum.programosy.pl/dodatkowe-narzedzia-do-usuwania-i-ochrony-vt42021.html
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
pogrubony wywal
daj loga z comboscana
http://forum.programosy.pl/dodatkowe-narzedzia-do-usuwania-i-ochrony-vt42021.html
-
wojtas - *mod
- Posty: 18165
- Dołączenie: 13 Sty 2006, 16:00
- Miejscowość: Krzeszyce
- Pochwały: 1656
-
przez ironmisiek 04 Maj 2007, 12:02
Nie wiem czy o to chodziło, ale zamieszczam:
- Kod: Zaznacz wszystko
Deckard's System Scanner v20070426.43
Run by Misio on 2007-05-04 at 11:36:09
Computer is in Normal Mode.
--------------------------------------------------------------------------------
-- System Restore --------------------------------------------------------------
Successfully created a Deckard's System Scanner Restore Point.
-- Last 2 Restore Point(s) --
2: 2007-05-04 09:36:12 UTC - RP2 - Deckard's System Scanner Restore Point
1: 2007-05-04 09:32:18 UTC - RP1 - Punkt kontrolny systemu
Backed up registry hives.
Performed disk cleanup.
-- HijackThis (run as Misio.exe) -----------------------------------------------
Logfile of HijackThis v1.99.1
Scan saved at 11:36:43, on 2007-05-04
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\ALCWZRD.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Beniamin\tguard.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Teleca Shared\CapabilityManager.exe
C:\Program Files\Opera\Opera.exe
C:\Program Files\Common Files\Teleca Shared\Generic.exe
C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Misio\Pulpit\dss.exe
C:\DOCUME~1\Misio\Pulpit\Misio.exe
C:\Program Files\Gadu-Gadu\gg.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.3.28.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [tguard] C:\Program Files\Beniamin\tguard.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Gadu-Gadu] "C:\Program Files\Gadu-Gadu\gg.exe" /tray
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: Download all links using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: Download all videos using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: Download link using &BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\bnmndrv.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bnmndrv.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bnmndrv.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bnmndrv.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bnmndrv.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bnmndrv.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bnmndrv.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bnmndrv.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bnmndrv.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bnmndrv.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bnmndrv.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bnmndrv.dll
O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} (MksSkanerOnline Class) - http://www.mks.com.pl/skaner/SkanerOnline.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{EDF7E41F-5AE9-4CE7-9A45-7FCED6AF70A6}: NameServer = 62.233.190.1,62.233.189.10
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
-- File Associations -----------------------------------------------------------
All associations okay.
-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------
S3 GMSIPCI - d:\install\gmsipci.sys (file missing)
S3 NTACCESS - d:\ntaccess.sys (file missing)
S3 SetupNTGLM7X - d:\ntglm7x.sys (file missing)
-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------
All services whitelisted.
-- Files created between 2007-04-04 and 2007-05-04 -----------------------------
2007-05-03 21:12:07 0 d-------- C:\Program Files\Lavasoft
2007-05-03 21:11:54 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
2007-05-03 12:27:51 0 d-------- C:\Program Files\Championship Manager 00-01
2007-05-03 11:17:16 0 d-------- C:\Program Files\TryMedia
2007-05-03 11:15:33 0 d-------- C:\Program Files\Infogrames
2007-05-03 09:50:43 0 d-------- C:\Program Files\BearShare
2007-05-02 11:30:45 0 d-------- C:\Program Files\LPS
2007-05-01 22:21:00 0 d-------- C:\My Shared Folder
2007-05-01 22:20:58 0 d-------- C:\Program Files\Kazaa Lite Rewolucja
2007-05-01 15:03:46 0 d-------- C:\Program Files\Intercube
2007-05-01 14:48:47 0 d-------- C:\Program Files\Yeti Studios
2007-05-01 14:06:18 0 d-------- C:\WINDOWS\Sun
2007-05-01 14:05:31 0 d-------- C:\Program Files\Java
2007-05-01 14:02:53 0 d-------- C:\Program Files\Common Files\Java
2007-04-30 10:49:58 45568 --a------ C:\WINDOWS\UniFish3.exe
2007-04-30 10:45:30 327168 --a------ C:\WINDOWS\IsUn0415.exe <Not Verified; InstallShield Software Corporation; InstallShield® unInstaller>
2007-04-26 17:18:35 0 d-------- C:\Downloads
2007-04-26 17:17:04 0 d-------- C:\Program Files\BitComet
2007-04-26 10:17:09 0 d-------- C:\Program Files\eMule
2007-04-25 20:14:50 0 d-------- C:\Program Files\Common Files\Teleca Shared
2007-04-25 20:14:39 0 d-------- C:\Program Files\Sony Ericsson
2007-04-25 20:12:56 0 d------c- C:\WINDOWS\system32\DRVSTORE
2007-04-25 20:12:19 0 d-------- C:\WINDOWS\Downloaded Installations
2007-04-25 13:15:23 0 d-------- C:\WINDOWS\ShellNew
2007-04-23 14:36:18 82432 -ra------ C:\WINDOWS\system32\MSXML4r.dll <Not Verified; Microsoft Corporation; Microsoft(R) MSXML 4.0 SP1>
2007-04-23 14:36:18 44544 -ra------ C:\WINDOWS\system32\MSXML4a.dll <Not Verified; Microsoft Corporation; Microsoft(R) MSXML 4.0 SP1>
2007-04-23 14:36:18 626960 -ra------ C:\WINDOWS\system32\hpvaut32.dll <Not Verified; Microsoft Corporation; >
2007-04-23 14:34:08 0 d-------- C:\Program Files\Hewlett-Packard
2007-04-23 14:33:57 0 d-------- C:\Program Files\HP
2007-04-23 09:49:43 0 d-------- C:\Program Files\Hitman 2 Silent Assassin
2007-04-19 15:32:55 0 d-------- C:\Program Files\Codemasters
2007-04-18 21:51:25 0 d-------- C:\Program Files\SkanerOnline
2007-04-18 19:12:32 0 d-------- C:\Program Files\KONAMI
2007-04-18 19:05:50 5248 --a------ C:\WINDOWS\system32\drivers\a347scsi.sys
2007-04-18 19:05:50 160640 --a------ C:\WINDOWS\system32\drivers\a347bus.sys
2007-04-18 19:05:48 0 d-------- C:\Program Files\Alcohol Soft
2007-04-18 18:22:06 0 d-------- C:\My Downloads
2007-04-18 17:50:41 57344 --a------ C:\WINDOWS\rzrunins.exe
2007-04-18 09:49:21 655360 --a------ C:\WINDOWS\system32\bnmndrv.dll
2007-04-18 09:49:21 712704 --a------ C:\WINDOWS\system32\alpf.dll <Not Verified; AKKORP; Beniamin.>
2007-04-18 09:49:20 0 d-------- C:\Program Files\Beniamin
2007-04-18 09:48:45 8704 --a------ C:\WINDOWS\system32\sporder.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-04-17 22:59:57 0 d--hs---- C:\WINDOWS\Installer
2007-04-17 22:59:56 0 d-------- C:\Program Files\Common Files\ODBC
2007-04-17 22:59:54 0 d-------- C:\Program Files\Common Files\SpeechEngines
2007-04-17 22:59:53 0 dr------- C:\Program Files
2007-04-17 22:59:14 0 d-------- C:\WINDOWS\system32\CatRoot2
2007-04-17 22:59:14 0 d-------- C:\WINDOWS\system32\CatRoot
2007-04-17 22:58:53 0 d-------- C:\Documents and Settings
2007-04-17 22:58:52 0 d--hs---- C:\System Volume Information
2007-04-17 22:54:15 0 d-------- C:\WINDOWS
2007-04-17 22:54:15 0 d-------- C:\WINDOWS\WinSxS
2007-04-17 22:54:15 0 dr------- C:\WINDOWS\Web
2007-04-17 22:54:15 0 d-------- C:\WINDOWS\twain_32
2007-04-17 22:54:15 0 d-------- C:\WINDOWS\system32
2007-04-17 22:54:15 0 d-------- C:\WINDOWS\system32\wins
2007-04-17 22:54:15 0 d-------- C:\WINDOWS\system32\wbem
2007-04-17 22:54:15 0 d-------- C:\WINDOWS\system32\usmt
2007-04-17 22:54:15 0 d-------- C:\WINDOWS\system32\spool
2007-04-17 22:54:15 0 d-------- C:\WINDOWS\system32\ShellExt
2007-04-17 22:54:15 0 d-------- C:\WINDOWS\system32\Setup
2007-04-17 22:54:15 0 d-------- C:\WINDOWS\system32\ras
2007-04-17 22:54:15 0 d-------- C:\WINDOWS\system32\oobe
2007-04-17 22:54:15 0 d-------- C:\WINDOWS\system32\npp
2007-04-17 22:54:15 0 d-------- C:\WINDOWS\system32\mui
2007-04-17 22:54:15 0 d-------- C:\WINDOWS\system32\inetsrv
2007-04-17 22:54:15 0 d-------- C:\WINDOWS\system32\IME
2007-04-17 22:54:15 0 d-------- C:\WINDOWS\system32\icsxml
2007-04-17 22:54:15 0 d-------- C:\WINDOWS\system32\ias
2007-04-17 22:54:15 0 d-------- C:\WINDOWS\system32\export
2007-04-17 22:54:15 0 d-------- C:\WINDOWS\system32\drivers
2007-04-17 22:54:15 0 d-------- C:\WINDOWS\system32\drivers\etc
2007-04-17 22:54:15 0 d-------- C:\WINDOWS\system32\drivers\disdn
2007-04-17 22:54:15 0 dr-hs--c- C:\WINDOWS\system32\dllcache
2007-04-17 22:54:15 0 d-------- C:\WINDOWS\system32\dhcp
2007-04-17 22:54:15 0 d-------- C:\WINDOWS\system32\config
2007-04-17 22:54:15 0 d-------- C:\WINDOWS\system32\3com_dmi
2007-04-17 22:54:15 0 d-------- C:\WINDOWS\system32\3076
2007-04-17 22:54:15 0 d-------- C:\WINDOWS\system32\2052
2007-04-17 22:54:15 0 d-------- C:\WINDOWS\system32\1054
2007-04-17 22:54:15 0 d-------- C:\WINDOWS\system32\1045
2007-04-17 22:54:15 0 d-------- C:\WINDOWS\system32\1042
2007-04-17 22:54:15 0 d-------- C:\WINDOWS\system32\1041
2007-04-17 22:54:15 0 d-------- C:\WINDOWS\system32\1037
2007-04-17 22:54:15 0 d-------- C:\WINDOWS\system32\1033
2007-04-17 22:54:15 0 d-------- C:\WINDOWS\system32\1031
2007-04-17 22:54:15 0 d-------- C:\WINDOWS\system32\1028
2007-04-17 22:54:15 0 d-------- C:\WINDOWS\system32\1025
2007-04-17 22:54:15 0 d-------- C:\WINDOWS\system
2007-04-17 22:54:15 0 d-------- C:\WINDOWS\security
2007-04-17 22:54:15 0 d-------- C:\WINDOWS\Resources
2007-04-17 22:54:15 0 d-------- C:\WINDOWS\repair
2007-04-17 22:54:15 0 d-------- C:\WINDOWS\Provisioning
2007-04-17 22:54:15 0 d-------- C:\WINDOWS\PeerNet
2007-04-17 22:54:15 0 d-------- C:\WINDOWS\pchealth
2007-04-17 22:54:15 0 d-------- C:\WINDOWS\mui
2007-04-17 22:54:15 0 d-------- C:\WINDOWS\msapps
2007-04-17 22:54:15 0 d-------- C:\WINDOWS\msagent
2007-04-17 22:54:15 0 d-------- C:\WINDOWS\Media
2007-04-17 22:54:15 0 d-------- C:\WINDOWS\java
2007-04-17 22:54:15 0 d--h----- C:\WINDOWS\inf
2007-04-17 22:54:15 0 d-------- C:\WINDOWS\ime
2007-04-17 22:54:15 0 d-------- C:\WINDOWS\Help
2007-04-17 22:54:15 0 dr--s---- C:\WINDOWS\Fonts
2007-04-17 22:54:15 0 d-------- C:\WINDOWS\ehome
2007-04-17 22:54:15 0 d-------- C:\WINDOWS\Driver Cache
2007-04-17 22:54:15 0 d-------- C:\WINDOWS\Debug
2007-04-17 22:54:15 0 d-------- C:\WINDOWS\Cursors
2007-04-17 22:54:15 0 d-------- C:\WINDOWS\Connection Wizard
2007-04-17 22:54:15 0 d-------- C:\WINDOWS\Config
2007-04-17 22:54:15 0 d-------- C:\WINDOWS\AppPatch
2007-04-17 22:54:15 0 d-------- C:\WINDOWS\addins
2007-04-17 22:46:35 0 d-------- C:\Program Files\Bullfrog
2007-04-17 22:46:24 327168 --a------ C:\WINDOWS\IsUninst.exe <Not Verified; InstallShield Software Corporation; InstallShield® unInstaller>
2007-04-17 22:45:30 157696 --a------ C:\WINDOWS\system32\unrar.dll
2007-04-17 22:45:28 454162 --a------ C:\WINDOWS\system32\x264vfw.dll
2007-04-17 22:45:28 630784 --a------ C:\WINDOWS\system32\vp7vfw.dll <Not Verified; On2.com; On2_VP70>
2007-04-17 22:45:28 438272 --a------ C:\WINDOWS\system32\vp6vfw.dll <Not Verified; On2.com; On2_VP6>
2007-04-17 22:45:28 446464 --a------ C:\WINDOWS\system32\vp31vfw.dll <Not Verified; On2.com; On2_VP3>
2007-04-17 22:45:28 286720 --a------ C:\WINDOWS\system32\3ivxVfWCodec.dll <Not Verified; 3ivx.com; 3ivx D4 4.5.1 Pro>
2007-04-17 22:45:28 1024000 --a------ C:\WINDOWS\system32\3ivx.dll <Not Verified; 3ivx.com; 3ivx D4 4.5.1 Pro>
2007-04-17 22:45:27 180224 --a------ C:\WINDOWS\system32\xvidvfw.dll
2007-04-17 22:45:27 761856 --a------ C:\WINDOWS\system32\xvidcore.dll
2007-04-17 22:45:27 1415680 --a------ C:\WINDOWS\system32\WMV9VCM.dll <Not Verified; Microsoft Corporation; Windows Media Video 9 VCM>
2007-04-17 22:45:27 200704 --a------ C:\WINDOWS\system32\ssldivx.dll <Not Verified; The OpenSSL Project, http://www.openssl.org/; The OpenSSL Toolkit>
2007-04-17 22:45:27 3596288 --a------ C:\WINDOWS\system32\qt-dx331.dll
2007-04-17 22:45:27 1044480 --a------ C:\WINDOWS\system32\libdivx.dll <Not Verified; The OpenSSL Project, http://www.openssl.org/; The OpenSSL Toolkit>
2007-04-17 22:45:26 200704 --a------ C:\WINDOWS\system32\dtu100.dll <Not Verified; DivXNetworks; DivXNetworks dtu100>
2007-04-17 22:45:26 57344 --a------ C:\WINDOWS\system32\dpv11.dll <Not Verified; DivXNetworks; DivXNetworks dpv11>
2007-04-17 22:45:26 339968 --a------ C:\WINDOWS\system32\dpus11.dll <Not Verified; DivXNetworks; DivXNetworks dpus11>
2007-04-17 22:45:26 593920 --a------ C:\WINDOWS\system32\dpuGUI11.dll <Not Verified; DivXNetworks; DivXNetworks dpuGUI11>
2007-04-17 22:45:26 294912 --a------ C:\WINDOWS\system32\dpu11.dll <Not Verified; DivXNetworks; DivXNetworks dpu11>
2007-04-17 22:45:26 86016 --a------ C:\WINDOWS\system32\dpl100.dll <Not Verified; DivXNetworks; DivXNetworks dpl100>
2007-04-17 22:45:26 574976 --a------ C:\WINDOWS\system32\divx.dll <Not Verified; DivX, Inc.; DivX®>
2007-04-17 22:45:25 6144 --a------ C:\WINDOWS\system32\ff_vfw.dll
2007-04-17 22:45:24 19968 --a------ C:\WINDOWS\system32\cpuinf32.dll
2007-04-17 22:45:23 0 d-------- C:\Program Files\K-Lite Codec Pack
2007-04-17 22:37:08 106496 --a------ C:\WINDOWS\system32\TwnLib20.dll <Not Verified; Pegasus Software; TWNLIB20>
2007-04-17 22:37:05 364544 -----n--- C:\WINDOWS\system32\TwnLib4.dll <Not Verified; Pegasus Imaging Corp.; TwnLib4>
2007-04-17 22:37:05 471040 -----n--- C:\WINDOWS\system32\ImagXRA7.dll <Not Verified; Pegasus Imaging Corp.; ImagXpress7>
2007-04-17 22:37:05 262144 -----n--- C:\WINDOWS\system32\ImagXR7.dll <Not Verified; Pegasus Imaging Corp.; ImagXpress7>
2007-04-17 22:37:05 1568768 -----n--- C:\WINDOWS\system32\ImagX7.dll <Not Verified; Pegasus Imaging Corp.; ImagXpress7>
2007-04-17 22:37:03 38912 -----n--- C:\WINDOWS\system32\picn20.dll <Not Verified; Pegasus Imaging Corp.; PEGASUS>
2007-04-17 22:37:01 155648 --a------ C:\WINDOWS\system32\NeroCheck.exe <Not Verified; Ahead Software Gmbh; Ahead Software Gmbh NeroCheck>
2007-04-17 22:37:01 0 d-------- C:\Program Files\Common Files\Ahead
2007-04-17 22:36:56 0 d-------- C:\Program Files\Ahead
2007-04-17 22:36:02 0 d-------- C:\Program Files\MarBit
2007-04-17 22:24:43 0 d-------- C:\Program Files\Winamp
2007-04-17 22:23:57 0 d-------- C:\Program Files\Common Files\Adobe
2007-04-17 22:22:31 0 d-------- C:\Program Files\PowerArchiver
2007-04-17 22:18:40 0 d-------- C:\Program Files\Gadu-Gadu
2007-04-17 22:15:27 0 d-------- C:\Program Files\Opera
2007-04-17 22:13:47 0 d-------- C:\Program Files\Alwil Software
2007-04-17 22:08:38 0 d-------- C:\WINDOWS\system32\Lang
2007-04-17 22:07:46 40960 --a------ C:\WINDOWS\system32\ChCfg.exe
2007-04-17 22:07:42 0 d-------- C:\WINDOWS\system32\RTCOM
2007-04-17 22:07:01 0 d-------- C:\Program Files\Realtek
2007-04-17 22:07:01 0 d--h----- C:\Program Files\InstallShield Installation Information
2007-04-17 22:06:55 487424 --a------ C:\WINDOWS\RtlExUpd.dll <Not Verified; Realtek Semiconductor Corp.; RtlExUpd Dynamic Link Library>
2007-04-17 21:16:13 0 d-------- C:\Misio
2007-04-17 21:14:27 0 d-------- C:\WINDOWS\system32\ReinstallBackups
2007-04-17 21:14:09 0 d-------- C:\WINDOWS\nview
2007-04-17 21:14:05 135168 -ra------ C:\WINDOWS\system32\WinSys.exe <Not Verified; ; DOT Application>
2007-04-17 21:14:04 81920 -ra------ C:\WINDOWS\system32\nvclock.dll <Not Verified; Micro-Star Int'l; MSI nvclock>
2007-04-17 21:14:04 36864 -ra------ C:\WINDOWS\system32\msiuins.exe
2007-04-17 21:14:04 294912 -ra------ C:\WINDOWS\system32\msicpl.dll <Not Verified; MSI; MSI MsiCpl>
2007-04-17 21:14:04 45056 -ra------ C:\WINDOWS\system32\memtest.dll
2007-04-17 21:14:04 36076 -ra------ C:\WINDOWS\system32\drivers\msicpl.sys
2007-04-17 21:14:03 36076 -ra------ C:\WINDOWS\system32\drivers\vgauti.sys
2007-04-17 21:13:56 0 d-------- C:\Program Files\Common Files\InstallShield
2007-04-17 21:12:09 0 d-------- C:\WINDOWS\SoftwareDistribution
2007-04-17 21:10:59 0 d---s---- C:\WINDOWS\system32\Microsoft
2007-04-17 21:10:59 0 d-------- C:\WINDOWS\Prefetch
2007-04-17 21:08:11 0 d-------- C:\WINDOWS\system32\xircom
2007-04-17 21:08:11 0 d-------- C:\Program Files\microsoft frontpage
2007-04-17 21:07:53 0 -rahs---- C:\MSDOS.SYS
2007-04-17 21:07:53 0 -rahs---- C:\IO.SYS
2007-04-17 21:07:53 0 --a------ C:\CONFIG.SYS
2007-04-17 21:07:53 0 --a------ C:\AUTOEXEC.BAT
2007-04-17 21:06:51 0 dr------- C:\WINDOWS\Offline Web Pages
2007-04-17 21:06:51 0 d---s---- C:\WINDOWS\Downloaded Program Files
2007-04-17 21:06:41 0 d--h----- C:\Program Files\WindowsUpdate
2007-04-17 21:06:39 0 d-------- C:\Program Files\Usługi online
2007-04-17 21:06:25 0 d-------- C:\WINDOWS\system32\DirectX
2007-04-17 21:05:53 0 d---s---- C:\WINDOWS\Tasks
2007-04-17 21:05:52 0 d-------- C:\Program Files\Common Files\MSSoap
2007-04-17 21:05:49 0 d-------- C:\WINDOWS\srchasst
2007-04-17 21:05:48 0 d-------- C:\WINDOWS\system32\Macromed
2007-04-17 21:05:41 0 d-------- C:\Program Files\Movie Maker
2007-04-17 21:05:34 0 d-------- C:\WINDOWS\system32\Restore
2007-04-17 21:04:57 21856 --a------ C:\WINDOWS\system32\emptyregdb.dat
2007-04-17 21:04:44 0 d-------- C:\WINDOWS\Registration
2007-04-17 21:04:33 0 d-------- C:\Program Files\Messenger
2007-04-17 21:04:30 0 d-------- C:\Program Files\MSN Gaming Zone
2007-04-17 21:04:04 0 d-------- C:\Program Files\Windows NT
2007-04-17 21:04:01 0 d-------- C:\WINDOWS\system32\MsDtc
2007-04-17 21:04:00 0 d-------- C:\WINDOWS\system32\Com
-- Find3M Report ---------------------------------------------------------------
2007-05-03 21:12:33 0 d-------- C:\Documents and Settings\Misio\Dane aplikacji\Lavasoft
2007-05-01 14:06:18 0 d-------- C:\Documents and Settings\Misio\Dane aplikacji\Sun
2007-04-26 17:18:35 2560 --a------ C:\WINDOWS\system32\BitCometRes.dll <Not Verified; BitComet; BitComet BCTP Helper>
2007-04-25 20:15:38 0 d-------- C:\Documents and Settings\Misio\Dane aplikacji\Teleca
2007-04-23 15:02:39 0 d-------- C:\Documents and Settings\Misio\Dane aplikacji\AdobeUM
2007-04-18 13:10:29 0 d-------- C:\Documents and Settings\Misio\Dane aplikacji\Adobe
2007-04-17 22:59:27 62 --ahs---- C:\Documents and Settings\Misio\Dane aplikacji\desktop.ini
2007-04-17 22:34:09 0 d-------- C:\Documents and Settings\Misio\Dane aplikacji\Macromedia
2007-04-17 22:21:30 0 d-------- C:\Documents and Settings\Misio\Dane aplikacji\Gadu-Gadu
2007-04-17 22:15:40 0 d-------- C:\Documents and Settings\Misio\Dane aplikacji\Opera
2007-04-17 22:13:45 355486 --a------ C:\WINDOWS\system32\perfh015.dat
2007-04-17 22:13:45 49492 --a------ C:\WINDOWS\system32\perfc015.dat
2007-04-17 21:12:52 0 d-------- C:\Documents and Settings\Misio\Dane aplikacji\Identities
2007-03-15 12:00:36 466432 --a------ C:\WINDOWS\system32\SkanerOnline.dll <Not Verified; MKS Sp. z o. o.; SkanerOnline>
-- Registry Dump ---------------------------------------------------------------
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects]
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} C:\Program Files\BitComet\tools\BitCometBHO_1.1.3.28.dll
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"NvCplDaemon"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvCpl.dll,NvStartup"
"nwiz"="nwiz.exe /install"
"NvMediaCenter"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvMcTray.dll,NvTaskbarInit"
"High Definition Audio Property Page Shortcut"="HDAShCut.exe"
"SkyTel"="SkyTel.EXE"
"SoundMan"="SOUNDMAN.EXE"
"AlcWzrd"="ALCWZRD.EXE"
"avast!"="C:\\PROGRA~1\\ALWILS~1\\Avast4\\ashDisp.exe"
"WinampAgent"="C:\\Program Files\\Winamp\\winampa.exe"
"NeroFilterCheck"="C:\\WINDOWS\\system32\\NeroCheck.exe"
"tguard"="C:\\Program Files\\Beniamin\\tguard.exe"
"HP Component Manager"="\"C:\\Program Files\\HP\\hpcoretech\\hpcmpmgr.exe\""
"HPDJ Taskbar Utility"="C:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\hpztsb10.exe"
"HP Software Update"="\"C:\\Program Files\\Hewlett-Packard\\HP Software Update\\HPWuSchd2.exe\""
@=""
"Sony Ericsson PC Suite"="\"C:\\Program Files\\Sony Ericsson\\Mobile2\\Application Launcher\\Application Launcher.exe\" /startoptions"
"SunJavaUpdateSched"="\"C:\\Program Files\\Java\\jre1.6.0_01\\bin\\jusched.exe\""
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"CTFMON.EXE"="C:\\WINDOWS\\system32\\ctfmon.exe"
"Gadu-Gadu"="\"C:\\Program Files\\Gadu-Gadu\\gg.exe\" /tray"
[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"CTFMON.EXE"="C:\\WINDOWS\\system32\\CTFMON.EXE"
[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\0]
Source REG_SZ http://www.krus.gov.pl/krus/struktura/typo3conf/ext/rtehtmlarea/htmlarea/plugins/TYPO3Browsers/img/internal_link.gif
HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa
Authentication Packages REG_MULTI_SZ msv1_0\0\0
Security Packages REG_MULTI_SZ kerberos\0msv1_0\0schannel\0wdigest\0\0
Notification Packages REG_MULTI_SZ scecli\0\0
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost]
HTTPFilter REG_MULTI_SZ HTTPFilter\0\0
LocalService REG_MULTI_SZ Alerter\0WebClient\0LmHosts\0RemoteRegistry\0upnphost\0SSDPSRV\0\0
NetworkService REG_MULTI_SZ DnsCache\0\0
DcomLaunch REG_MULTI_SZ DcomLaunch\0TermService\0\0
rpcss REG_MULTI_SZ RpcSs\0\0
imgsvc REG_MULTI_SZ StiSvc\0\0
termsvcs REG_MULTI_SZ TermService\0\0
-- Hosts -----------------------------------------------------------------------
127.0.0.1 abcsearch.com
127.0.0.1 admin.abcsearch.com
127.0.0.1 www3.abcsearch.com #[Browseraid]
127.0.0.1 www.abcsearch.com
127.0.0.1 abc517.net #[Trojan.Mitglieder.H]
127.0.0.1 acestats.com
127.0.0.1 www.acestats.com
127.0.0.1 actualnames.com #[Parasite.ActualNames]
127.0.0.1 www.actualnames.com
127.0.0.1 ad-up.com
4685 more entries in hosts file.
-- End of Deckard's System Scanner: finished at 2007-05-04 at 11:37:42 ---------
- Kod: Zaznacz wszystko
Deckard's System Scanner v20070426.43
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------
-- System Information ----------------------------------------------------------
Microsoft Windows XP Professional (build 2600) SP 2.0
Architecture: X86; Language: Polish
CPU 0: Intel(R) Pentium(R) 4 CPU 3.00GHz
CPU 1: Intel(R) Pentium(R) 4 CPU 3.00GHz
Percentage of Memory in Use: 63%
Physical Memory (total/avail): 510.73 MiB / 187.93 MiB
Pagefile Memory (total/avail): 1245.83 MiB / 886.15 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1957.66 MiB
A: is Removable (Unformatted)
C: is Fixed (NTFS) - 111.78 GiB total, 81.89 GiB free.
D: is CDROM (No Media)
E: is CDROM (CDFS)
-- Security Center -------------------------------------------------------------
Windows Internal Firewall is enabled.
-- Environment Variables -------------------------------------------------------
ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\Misio\Dane aplikacji
CLIENTNAME=Console
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=MISIO-84BD68D53
ComSpec=C:\WINDOWS\system32\cmd.exe
DEFAULT_CA_NR=CA6
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\Misio
LOGONSERVER=\\MISIO-84BD68D53
NUMBER_OF_PROCESSORS=2
OS=Windows_NT
Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\Program Files\Common Files\Teleca Shared
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 15 Model 4 Stepping 1, GenuineIntel
PROCESSOR_LEVEL=15
PROCESSOR_REVISION=0401
ProgramFiles=C:\Program Files
PROMPT=$P$G
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\Misio\USTAWI~1\Temp
TMP=C:\DOCUME~1\Misio\USTAWI~1\Temp
USERDOMAIN=MISIO-84BD68D53
USERNAME=Misio
USERPROFILE=C:\Documents and Settings\Misio
windir=C:\WINDOWS
-- User Profiles ---------------------------------------------------------------
Misio [I](admin)[/I]
Administrator [I](admin)[/I]
-- Add/Remove Programs ---------------------------------------------------------
--> C:\WINDOWS\system32\msiuins.exe
--> MsiExec.exe /X{E9F81423-211E-46B6-9AE0-38568BC5CF6F}
--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Ad-Aware SE Personal --> MsiExec.exe /X{78CC3BAB-DE2A-4FB4-8FBB-E4DADDC26747}
Adobe Flash Player ActiveX --> C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player Plugin --> C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 7.0.5 - Polish --> MsiExec.exe /I{AC76BA86-7AD7-1045-7B44-A70500000002}
ALLPlayer V2.2 --> C:\Program Files\MarBit\ALLPlayer\UnGins.exe "C:\Program Files\MarBit\ALLPlayer\install.log"
avast! Antivirus --> rundll32 C:\PROGRA~1\ALWILS~1\Avast4\Setup\setiface.dll,RunSetup
BearShare --> C:\PROGRA~1\BEARSH~1\UNWISE.EXE C:\PROGRA~1\BEARSH~1\INSTALL.LOG
Beniamin 1.4.187 --> "C:\Program Files\Beniamin\unins000.exe"
BitComet 0.86 --> C:\Program Files\BitComet\uninst.exe
Championship Manager 00-01 --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Championship Manager 00-01\Uninst.isu"
Colin McRae Rally 04 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F8718F95-21A1-44B9-97EC-679C93020BAE}\setup.exe" -l0x15 -removeonly
Dungeon Keeper 2 --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Bullfrog\Dungeon Keeper 2\Uninst.isu" -c"C:\Program Files\Bullfrog\Dungeon Keeper 2\uninst.dll"
Gadu-Gadu 7.7 --> C:\Program Files\Gadu-Gadu\Setup.exe
Gun Metal --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B26E49E2-9521-4677-95CB-63B117D84BD8}\setup.exe"
High Definition Audio Driver Package - KB888111 --> "C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe"
HijackThis 1.99.1 --> C:\Documents and Settings\Misio\Pulpit\HijackThis.exe /uninstall
Hitman 2 Silent Assassin wersja 1.01 --> "C:\Program Files\Hitman 2 Silent Assassin\unins000.exe"
HP Deskjet 3740 --> msiexec /x{F901CA6D-A074-42D3-A11D-33AAE6FFD0C1}
HP Software Update --> MsiExec.exe /X{B81023A5-71ED-46EB-BE3B-9F974D1155F1}
Java(TM) SE Runtime Environment 6 Update 1 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160010}
K-Lite Codec Pack 2.70 Full --> "C:\Program Files\K-Lite Codec Pack\unins000.exe"
Kazaa Lite Rewolucja 2.6 --> "C:\Program Files\Kazaa Lite Rewolucja\unins000.exe"
Local Port Scanner v1.2.2 --> "C:\Program Files\LPS\unins000.exe"
Microsoft Office XP Professional z programem FrontPage - 2002 --> MsiExec.exe /I{80280415-6000-11D3-8CFE-0050048383C9}
Nero OEM --> C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL
NVIDIA Drivers --> C:\WINDOWS\system32\nvudisp.exe UninstallGUI
Opera 9.01 --> MsiExec.exe /X{0049F6AE-4FE2-4C43-A039-60FCE98A1986}
PowerArchiver 2006 v9.51 Polish --> "C:\Program Files\PowerArchiver\unins000.exe"
Pro Evolution Soccer 6 --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{EBB794ED-D282-4334-92FB-254481EFF514} /l1045
Realtek High Definition Audio Driver --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -l0x15 -removeonly
Roller Coaster Tycoon 2 --> C:\PROGRA~1\INFOGR~1\ROLLER~1\UNWISE.EXE C:\PROGRA~1\INFOGR~1\ROLLER~1\INSTALL.LOG
Skaner on-line mks_vir --> C:\WINDOWS\system32\SkanerOnlineUninstall.exe
Skuteczne Uwodzenie 2 --> "C:\Program Files\Intercube\Skuteczne Uwodzenie 2\unins000.exe"
Sony Ericsson PC Suite 1.20.173 --> MsiExec.exe /I{C5ADA65A-7828-4D85-B071-ECC52B51F794}
Starcraft Brood War (RAZOR 1911) --> C:\WINDOWS\rzrunins.exe C:\Misio\Gry\Brood\rzrunins.log
Winamp (remove only) --> "C:\Program Files\Winamp\UninstWA.exe"
-- End of Deckard's System Scanner: finished at 2007-05-04 at 11:37:42 ---------
- ironmisiek
- ~user
- Posty: 186
- Dołączenie: 04 Sty 2006, 22:54
- Miejscowość: Lublin
- Pochwały: 1
-
11 posty(ów) • Strona 1 z 1
Kto jest na forum
Użytkownicy przeglądający to forum: Shanu5 oraz 20 gości