Hijackthis
- Kod: Zaznacz wszystko
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:41:09, on 2009-02-14
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\Ati2evxx.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
D:\WINDOWS\system32\spoolsv.exe
D:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\PnkBstrA.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\system32\Ati2evxx.exe
D:\WINDOWS\Explorer.EXE
D:\Program Files\ZTE Corporation\ZXDSL852\CnxDslTb.exe
D:\PROGRA~1\NEOSTR~1\TaskbarIcon.exe
D:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
D:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
D:\WINDOWS\SOUNDMAN.EXE
D:\Program Files\glass2k\Glass2k.exe
D:\WINDOWS\system32\ctfmon.exe
D:\FRAPS\FRAPS.EXE
D:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
D:\PROGRA~1\NEOSTR~1\NeostradaTP.exe
D:\PROGRA~1\NEOSTR~1\ComComp.exe
D:\PROGRA~1\NEOSTR~1\Watch.exe
D:\Program Files\ATI Technologies\ATI.ACE\cli.exe
D:\Program Files\ATI Technologies\ATI.ACE\cli.exe
D:\Program Files\ATI Technologies\ATI.ACE\cli.exe
D:\Program Files\Mozilla Firefox\firefox.exe
D:\Documents and Settings\BoskiOski666\Pulpit\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wp.pl
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Neostrada TP
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - D:\PROGRA~1\NEOSTR~1\SEARCH~1.DLL
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - D:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - D:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - D:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - D:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O2 - BHO: UrlHelper Class - {A1123C1A-5D52-4df7-B639-6346165FCD58} - D:\Program Files\BearFlix Applications\BearFlix MediaBar\BearFlixIEHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - D:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - D:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - D:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
O2 - BHO: Ask Toolbar BHO - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - D:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - D:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Ask Toolbar - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - D:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - D:\Program Files\Winamp Toolbar\winamptb.dll
O3 - Toolbar: BearFlix MediaBar - {0388BA0C-C7F1-4E6A-BD7A-B59623F33363} - D:\Program Files\BearFlix Applications\BearFlix MediaBar\BearFlixMediaBar.dll
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - D:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [CnxDslTaskBar] "D:\Program Files\ZTE Corporation\ZXDSL852\CnxDslTb.exe" "ZTE Corporation\ZXDSL852"
O4 - HKLM\..\Run: [WOOWATCH] D:\PROGRA~1\NEOSTR~1\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] D:\PROGRA~1\NEOSTR~1\TaskbarIcon.exe
O4 - HKLM\..\Run: [egui] "D:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [hpqSRMon] D:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [Glass2k] D:\Program Files\glass2k\Glass2k.exe
O4 - HKLM\..\Run: [ATICCC] "D:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Fraps] D:\FRAPS\FRAPS.EXE
O4 - HKCU\..\Run: [Nowe Gadu-Gadu] "D:\Program Files\Nowe Gadu-Gadu\gg.exe"
O4 - HKCU\..\Run: [swg] D:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA LOKALNA')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA SIECIOWA')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: &Winamp Search - D:\Documents and Settings\All Users\Dane aplikacji\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: Ściągnij przez IDM - D:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: Ściągnij wszystkie linki przez IDM - D:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: Ściągnij zawartość wideo FLV przez IDM - D:\Program Files\Internet Download Manager\IEGetVL.htm
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - D:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Zaznaczanie HP Smart - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - D:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{FC27BB61-BFAE-4786-AF48-9AE613E41AAB}: NameServer = 194.204.159.1 217.98.63.164
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - D:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - D:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - D:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - D:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - D:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - D:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Google Updater Service (gusvc) - Google - D:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: PnkBstrA - Unknown owner - D:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: ServiceLayer - Nokia. - D:\Program Files\PC Connectivity Solution\ServiceLayer.exe
--
End of file - 7756 bytes
ComboFix:
- Kod: Zaznacz wszystko
ComboFix 09-02-12.03 - BoskiOski666 2009-02-14 15:43:44.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1250.1.1045.18.447.51 [GMT 1:00]
Uruchomiony z: D:\Documents and Settings\BoskiOski666\Pulpit\ComboFix.exe
AV: ESET NOD32 Antivirus 3.0 *On-access scanning enabled* (Outdated)
* Utworzono nowy punkt przywracania
UWAGA - TEN KOMPUTER NIE MA ZAINSTALOWANEJ KONSOLI ODZYSKIWANIA !!
.
((((((((((((((((((((((((((((((((((((((( Usunięto )))))))))))))))))))))))))))))))))))))))))))))))))
.
D:\Autorun.inf
D:\Program Files\Mozilla Firefox\plugins\NPMyGlSh.dll
D:\WINDOWS\IE4 Error Log.txt
.
((((((((((((((((((((((((( Pliki utworzone od 2009-01-14 do 2009-02-14 )))))))))))))))))))))))))))))))
.
2009-02-12 16:38 . 2009-02-12 16:38 <DIR> d-------- D:\Documents and Settings\BoskiOski666\.gstreamer-0.10
2009-02-08 19:56 . 2003-09-08 19:28 81,920 --a------ D:\UsbSync.dll
2009-02-08 19:56 . 2006-04-09 18:40 28,672 --a------ D:\USBPort.dll
2009-02-08 19:52 . 2009-02-08 19:52 <DIR> d-------- D:\Program Files\Softick
2009-02-08 14:18 . 2009-02-10 16:12 <DIR> d-------- D:\Program Files\Valve
2009-02-04 22:37 . 2009-02-04 22:37 <DIR> d-------- D:\Documents and Settings\Bracia\Dane aplikacji\TransRender
2009-02-04 22:37 . 2009-02-04 22:37 <DIR> d-------- D:\Documents and Settings\Bracia\Dane aplikacji\Temporary
2009-02-04 22:37 . 2009-02-04 22:37 <DIR> d-------- D:\Documents and Settings\Bracia\Dane aplikacji\Samsung
2009-02-04 22:37 . 2009-02-04 22:37 <DIR> d-------- D:\Documents and Settings\Bracia\Dane aplikacji\ConvertTemp
2009-02-04 16:39 . 2009-02-04 16:41 613 --a------ D:\WINDOWS\mp3wavcon.ini
2009-02-04 16:38 . 2009-02-04 16:38 <DIR> d-------- D:\Program Files\WAV MP3 Converter
2009-02-04 16:38 . 2003-12-15 12:43 1,871,872 --a------ D:\WINDOWS\system32\NCTAudioFile2.dll
2009-02-04 16:38 . 2003-12-08 12:19 425,984 --a------ D:\WINDOWS\system32\NCTAudioTransform2.dll
2009-02-04 16:38 . 2003-08-07 14:01 237,568 --a------ D:\WINDOWS\system32\lame_enc.dll
2009-02-04 16:38 . 2003-12-15 12:24 196,608 --a------ D:\WINDOWS\system32\NCTWMAFile2.dll
2009-02-04 16:38 . 2003-12-08 12:49 116,304 --a------ D:\WINDOWS\system32\NCTWMAProfiles.prx
2009-02-04 16:38 . 2009-02-04 16:41 5 --a------ D:\WINDOWS\system32\SySmp3con.dat
2009-02-04 16:32 . 2009-02-04 16:32 <DIR> d-------- D:\Program Files\CDex_150
2009-02-04 15:00 . 2009-02-04 15:00 <DIR> d-------- D:\Documents and Settings\BoskiOski666\Dane aplikacji\TransRender
2009-02-04 15:00 . 2009-02-04 15:11 <DIR> d-------- D:\Documents and Settings\BoskiOski666\Dane aplikacji\Temporary
2009-02-04 15:00 . 2009-02-04 15:11 <DIR> d-------- D:\Documents and Settings\BoskiOski666\Dane aplikacji\ConvertTemp
2009-02-04 14:59 . 2009-02-04 14:59 <DIR> d-------- D:\Documents and Settings\BoskiOski666\Dane aplikacji\Samsung
2009-02-04 14:58 . 2006-05-03 22:53 174,592 --a------ D:\WINDOWS\system32\framedyn.dll
2009-02-04 14:57 . 2006-07-24 16:05 5,632 --a------ D:\WINDOWS\system32\drivers\StarOpen.sys
2009-02-04 14:51 . 2009-02-04 14:58 <DIR> d-------- D:\WINDOWS\system32\Samsung_USB_Drivers
2009-02-04 14:51 . 2005-08-30 17:59 94,000 --a------ D:\WINDOWS\system32\drivers\ss_mdm.sys
2009-02-04 14:51 . 2005-08-30 17:57 58,320 --a------ D:\WINDOWS\system32\drivers\ss_bus.sys
2009-02-04 14:51 . 2005-08-30 17:58 8,304 --a------ D:\WINDOWS\system32\drivers\ss_mdfl.sys
2009-02-04 14:51 . 2005-08-30 17:58 6,144 --a------ D:\WINDOWS\system32\drivers\ss_cmnt.sys
2009-02-04 14:51 . 2005-08-30 17:58 6,144 --a------ D:\WINDOWS\system32\drivers\ss_cm.sys
2009-02-04 14:51 . 2005-08-30 17:57 5,808 --a------ D:\WINDOWS\system32\drivers\ss_whnt.sys
2009-02-04 14:51 . 2005-08-30 17:57 5,808 --a------ D:\WINDOWS\system32\drivers\ss_wh.sys
2009-02-04 14:50 . 2009-02-04 14:50 <DIR> d-------- D:\Program Files\Samsung
2009-02-04 14:50 . 2005-08-28 20:51 766 --a------ D:\WINDOWS\system32\Uninstall.ico
2009-01-23 10:13 . 2009-01-23 10:13 <DIR> d-------- D:\Program Files\kRk Software
2009-01-22 22:37 . 2009-01-22 22:37 <DIR> d-------- D:\Program Files\Ventrilo
2009-01-22 22:37 . 2009-01-22 22:38 <DIR> d-------- D:\Documents and Settings\BoskiOski666\Dane aplikacji\Ventrilo
2009-01-21 15:33 . 2009-01-21 15:33 <DIR> d-------- D:\Documents and Settings\BoskiOski666\Dane aplikacji\PC Suite
2009-01-21 14:55 . 2009-01-21 14:55 <DIR> d-------- D:\Documents and Settings\Bracia\Dane aplikacji\Nokia Multimedia Player
2009-01-21 12:50 . 2004-08-03 23:08 25,600 --a------ D:\WINDOWS\system32\drivers\usbser.sys
2009-01-21 12:50 . 2004-08-03 23:08 25,600 --a--c--- D:\WINDOWS\system32\dllcache\usbser.sys
2009-01-21 12:50 . 2006-10-08 21:51 23,856 --a------ D:\WINDOWS\system32\spupdsvc.exe
2009-01-21 12:50 . 2009-01-21 12:50 0 --ah----- D:\WINDOWS\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
2009-01-21 12:50 . 2009-01-21 12:50 0 --ah----- D:\WINDOWS\system32\drivers\Msft_Kernel_ccdcmb_01005.Wdf
2009-01-21 12:48 . 2009-01-21 12:51 <DIR> d-------- D:\Documents and Settings\Bracia\Dane aplikacji\PC Suite
2009-01-21 12:48 . 2009-01-21 12:48 <DIR> d-------- D:\Documents and Settings\All Users\Dane aplikacji\PC Suite
2009-01-21 12:47 . 2009-01-21 14:53 <DIR> d-------- D:\Documents and Settings\Bracia\Dane aplikacji\Nokia
2009-01-21 12:46 . 2009-01-21 12:46 <DIR> d-------- D:\Program Files\Common Files\PCSuite
2009-01-21 12:46 . 2009-01-21 12:46 <DIR> d-------- D:\Program Files\Common Files\Nokia
2009-01-21 12:43 . 2009-01-21 12:43 <DIR> d-------- D:\Program Files\PC Connectivity Solution
2009-01-20 16:17 . 2009-01-20 16:17 <DIR> d-------- D:\Program Files\DIFX
2009-01-20 16:17 . 2007-09-17 15:53 21,632 --a------ D:\WINDOWS\system32\drivers\pccsmcfd.sys
2009-01-20 16:10 . 2009-01-21 12:45 <DIR> d-------- D:\Program Files\Nokia
2009-01-20 16:10 . 2007-11-29 10:33 1,419,232 --a------ D:\WINDOWS\system32\wdfcoinstaller01005.dll
2009-01-20 16:10 . 2007-11-29 10:39 95,744 --a------ D:\WINDOWS\system32\nmwcdcocls.dll
2009-01-20 16:10 . 2007-11-29 10:32 48,128 --a------ D:\WINDOWS\system32\nmwcdcls.dll
2009-01-20 16:10 . 2007-11-29 10:39 19,328 --a------ D:\WINDOWS\system32\drivers\ccdcmbo.sys
2009-01-20 16:10 . 2007-11-29 10:39 16,896 --a------ D:\WINDOWS\system32\drivers\ccdcmb.sys
2009-01-20 16:10 . 2007-11-29 10:39 8,064 --a------ D:\WINDOWS\system32\drivers\usbser_lowerfltj.sys
2009-01-20 16:10 . 2007-11-29 10:39 8,064 --a------ D:\WINDOWS\system32\drivers\usbser_lowerflt.sys
2009-01-20 16:08 . 2009-01-20 16:08 <DIR> d-------- D:\Documents and Settings\All Users\Dane aplikacji\Installations
.
(((((((((((((((((((((((((((((((((((((((( Sekcja Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-02-14 14:42 --------- d---a-w D:\Documents and Settings\All Users\Dane aplikacji\TEMP
2009-02-14 14:42 --------- d-----w D:\Program Files\Neostrada TP
2009-02-14 08:25 --------- d-----w D:\Documents and Settings\Bracia\Dane aplikacji\Azureus
2009-02-14 00:02 --------- d-----w D:\Documents and Settings\Bracia\Dane aplikacji\Skype
2009-02-13 23:52 --------- d-----w D:\Documents and Settings\Bracia\Dane aplikacji\skypePM
2009-02-13 23:48 --------- d-----w D:\Documents and Settings\BoskiOski666\Dane aplikacji\HPAppData
2009-02-13 18:20 --------- d-----w D:\Documents and Settings\Bracia\Dane aplikacji\HPAppData
2009-02-11 14:55 --------- d-----w D:\Documents and Settings\BoskiOski666\Dane aplikacji\mIRC
2009-02-09 10:37 --------- d-----w D:\Documents and Settings\BoskiOski666\Dane aplikacji\Azureus
2009-02-08 09:00 --------- d-----w D:\Documents and Settings\BoskiOski666\Dane aplikacji\ATI
2009-02-04 13:57 --------- d--h--w D:\Program Files\InstallShield Installation Information
2009-01-31 19:57 --------- d-----w D:\Documents and Settings\BoskiOski666\Dane aplikacji\DMCache
2009-01-30 23:32 --------- d-----w D:\Program Files\Azureus
2009-01-23 16:55 --------- d-----w D:\Documents and Settings\BoskiOski666\Dane aplikacji\teamspeak2
2009-01-22 21:36 --------- d-----w D:\Program Files\Common Files\Wise Installation Wizard
2009-01-22 07:12 --------- d-----w D:\Program Files\EA Sports
2009-01-18 20:45 --------- d-----w D:\Program Files\EA GAMES
2009-01-16 22:22 --------- d-----w D:\Program Files\Warcraft III
2009-01-10 14:44 --------- d-----w D:\Program Files\Google
2009-01-07 20:20 --------- d-----w D:\Program Files\Nowe Gadu-Gadu
2009-01-01 13:35 --------- d-----w D:\Program Files\Halflife Logo Creator
2009-01-01 07:34 --------- d-----w D:\Program Files\WorldOfGoo
2009-01-01 07:34 --------- d-----w D:\Documents and Settings\All Users\Dane aplikacji\2DBoy
2008-12-31 11:57 --------- d-----w D:\Program Files\LEGO Media
2008-12-28 13:00 --------- d-----w D:\Program Files\GTA VC - NFS Undeground
2008-12-27 19:56 98,304 ----a-w D:\WINDOWS\system32CmdLineExt.dll
2008-12-24 19:35 --------- d-----w D:\Program Files\Team17
2008-12-01 20:52 425,984 ----a-w D:\WINDOWS\system32\ATIDEMGX.dll
2008-12-01 20:51 318,464 ----a-w D:\WINDOWS\system32\ati2dvag.dll
2008-12-01 20:46 11,304,960 ----a-w D:\WINDOWS\system32\atioglxx.dll
2008-12-01 20:41 188,416 ----a-w D:\WINDOWS\system32\atipdlxx.dll
2008-12-01 20:40 43,520 ----a-w D:\WINDOWS\system32\ati2edxx.dll
2008-12-01 20:40 26,112 ----a-w D:\WINDOWS\system32\Ati2mdxx.exe
2008-12-01 20:40 147,456 ----a-w D:\WINDOWS\system32\Oemdspif.dll
2008-12-01 20:40 143,360 ----a-w D:\WINDOWS\system32\ati2evxx.dll
2008-12-01 20:38 598,016 ----a-w D:\WINDOWS\system32\ati2evxx.exe
2008-12-01 20:37 53,248 ----a-w D:\WINDOWS\system32\ATIDDC.DLL
2008-12-01 20:27 4,120,384 ----a-w D:\WINDOWS\system32\ati3duag.dll
2008-12-01 20:19 307,200 ----a-w D:\WINDOWS\system32\atiiiexx.dll
2008-12-01 20:11 2,495,360 ----a-w D:\WINDOWS\system32\ativvaxx.dll
2008-12-01 19:57 48,640 ----a-w D:\WINDOWS\system32\amdpcom32.dll
2008-12-01 19:53 45,056 ----a-w D:\WINDOWS\system32\amdcalrt.dll
2008-12-01 19:53 45,056 ----a-w D:\WINDOWS\system32\amdcalcl.dll
2008-12-01 19:53 401,408 ----a-w D:\WINDOWS\system32\atikvmag.dll
2008-12-01 19:52 86,016 ----a-w D:\WINDOWS\system32\atiadlxx.dll
2008-12-01 19:52 17,408 ----a-w D:\WINDOWS\system32\atitvo32.dll
2008-12-01 19:50 3,252,224 ----a-w D:\WINDOWS\system32\Amdcaldd.dll
2008-12-01 19:50 286,720 ----a-w D:\WINDOWS\system32\atiok3x2.dll
2008-12-01 19:45 577,536 ----a-w D:\WINDOWS\system32\ati2cqag.dll
2008-12-01 13:35 593,920 ------w D:\WINDOWS\system32\ati2sgag.exe
2008-11-30 09:13 2,829 ----a-w D:\WINDOWS\War3Unin.pif
2008-11-30 09:13 126,976 ----a-w D:\WINDOWS\War3Unin.exe
.
------- Sigcheck -------
2004-08-04 00:44 803840 fa593fc36ac2ed005c1ec09a3e991ec4 D:\WINDOWS\system32\wininet.dll
2004-08-04 00:44 803840 fa593fc36ac2ed005c1ec09a3e991ec4 D:\WINDOWS\system32\dllcache\wininet.dll
2004-08-04 00:44 658944 d37dafb534ac8343d59a1b501abe852c D:\WINDOWS\VistaMizer\old\wininet.dll
2004-08-04 00:44 544256 87d414eba254e42649f4d0a00bb653c6 D:\WINDOWS\system32\winlogon.exe
2004-08-04 00:44 544256 87d414eba254e42649f4d0a00bb653c6 D:\WINDOWS\system32\dllcache\winlogon.exe
2004-08-04 00:44 504832 0344407089b08548d4feba62bb0f32d0 D:\WINDOWS\VistaMizer\old\winlogon.exe
2004-08-04 00:54 2315392 37e799d6050ae484152b039cc2f06e5d D:\WINDOWS\system32\ntkrnlpa.exe
2004-08-04 00:54 2058112 44d1bc1b05e0c7c82e81687b79c653c7 D:\WINDOWS\VistaMizer\old\ntkrnlpa.exe
2004-08-04 00:39 2439552 c9d5b530332fe1f4c7c2189104da7ffd D:\WINDOWS\system32\ntoskrnl.exe
2004-08-04 00:39 2182272 dcf53422b7edded3b7431fbae4a7ee3f D:\WINDOWS\VistaMizer\old\ntoskrnl.exe
2004-08-04 00:44 1551872 fe6ddf00b672c3647b9f20e09b7774ee D:\WINDOWS\explorer.exe
2004-08-04 00:44 1551872 fe6ddf00b672c3647b9f20e09b7774ee D:\WINDOWS\system32\dllcache\explorer.exe
2004-08-04 00:44 1033728 379098a96e6c165b659de7e4328010ea D:\WINDOWS\VistaMizer\old\explorer.exe
2004-08-04 00:44 25088 36eab91ffd244d3202830e417c45e0a5 D:\WINDOWS\system32\ctfmon.exe
2004-08-04 00:44 25088 36eab91ffd244d3202830e417c45e0a5 D:\WINDOWS\system32\dllcache\ctfmon.exe
2004-08-04 00:44 15360 cbfa30492d70ce3938d8a7783d0c0436 D:\WINDOWS\VistaMizer\old\ctfmon.exe
.
((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A1123C1A-5D52-4df7-B639-6346165FCD58}]
2008-07-17 10:07 411064 --a------ D:\Program Files\BearFlix Applications\BearFlix MediaBar\BearFlixIEHelper.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{0388BA0C-C7F1-4E6A-BD7A-B59623F33363}"= "D:\Program Files\BearFlix Applications\BearFlix MediaBar\BearFlixMediaBar.dll" [2008-07-17 10:07 480696]
[HKEY_CLASSES_ROOT\clsid\{0388ba0c-c7f1-4e6a-bd7a-b59623f33363}]
[HKEY_CLASSES_ROOT\BearFlixMediaBar.BearFlixStockBar.1]
[HKEY_CLASSES_ROOT\TypeLib\{FF3A7D74-C160-42c7-BA49-0B6AB56DEAC3}]
[HKEY_CLASSES_ROOT\BearFlixMediaBar.BearFlixStockBar]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{0388BA0C-C7F1-4E6A-BD7A-B59623F33363}"= "D:\Program Files\BearFlix Applications\BearFlix MediaBar\BearFlixMediaBar.dll" [2008-07-17 10:07 480696]
[HKEY_CLASSES_ROOT\clsid\{0388ba0c-c7f1-4e6a-bd7a-b59623f33363}]
[HKEY_CLASSES_ROOT\BearFlixMediaBar.BearFlixStockBar.1]
[HKEY_CLASSES_ROOT\TypeLib\{FF3A7D74-C160-42c7-BA49-0B6AB56DEAC3}]
[HKEY_CLASSES_ROOT\BearFlixMediaBar.BearFlixStockBar]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="D:\WINDOWS\system32\ctfmon.exe" [2004-08-04 00:44 25088]
"Fraps"="D:\FRAPS\FRAPS.EXE" [2006-12-19 14:02 2842624]
"Nowe Gadu-Gadu"="D:\Program Files\Nowe Gadu-Gadu\gg.exe" [2008-12-22 13:11 8966760]
"swg"="D:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-06-10 15:50 68856]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CnxDslTaskBar"="D:\Program Files\ZTE Corporation\ZXDSL852\CnxDslTb.exe" [2005-07-21 19:52 278528]
"WOOWATCH"="D:\PROGRA~1\NEOSTR~1\Watch.exe" [2005-07-21 07:33 20480]
"WOOTASKBARICON"="D:\PROGRA~1\NEOSTR~1\TaskbarIcon.exe" [2005-07-21 07:33 53248]
"egui"="D:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" [2008-03-13 15:48 1443072]
"hpqSRMon"="D:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe" [2007-08-22 15:31 80896]
"Glass2k"="D:\Program Files\glass2k\Glass2k.exe" [2007-10-17 00:04 56325]
"ATICCC"="D:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe" [2006-05-10 10:12 90112]
"SoundMan"="SOUNDMAN.EXE" [2006-11-17 05:42 577536 D:\WINDOWS\soundman.exe]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="D:\WINDOWS\system32\CTFMON.EXE" [2004-08-04 00:44 25088]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.l3fhg"= mp3fhg.acm
"msacm.divxa32"= divxa32.acm
[HKLM\~\startupfolder\D:^Documents and Settings^BoskiOski666^Menu Start^Programy^Autostart^Thoosje Vista Sidebar.lnk]
path=D:\Documents and Settings\BoskiOski666\Menu Start\Programy\Autostart\Thoosje Vista Sidebar.lnk
backup=D:\WINDOWS\pss\Thoosje Vista Sidebar.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CreativeMouse ]
--a------ 2004-06-27 13:54 503808 D:\Program Files\Mouse Driver\MouseDrv.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
--a------ 2008-04-01 10:39 486856 D:\Program Files\DAEMON Tools Lite\daemon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Gadu-Gadu]
--a------ 2008-03-20 11:04 2127296 D:\Program Files\Gadu-Gadu\gg.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Glass2k]
--a------ 2007-10-17 00:04 56325 D:\Program Files\glass2k\Glass2k.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
--a------ 2007-10-14 20:17 49152 D:\Program Files\HP\HP Software Update\hpwuSchd2.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IDMan]
--a------ 2007-12-21 13:04 2573744 D:\Program Files\Internet Download Manager\IDMan.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Kalendarz XP]
--a------ 2007-05-06 16:41 1194496 C:\Program Files\Kalendarz XP\Kalendarz.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nokia.PCSync]
--a------ 2008-03-26 18:41 1232896 D:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
--a------ 2008-04-16 12:53 1079808 D:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
--a------ 2008-10-09 17:27 1410296 c:\Program Files\Steam\steam.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
--a------ 2008-03-25 03:28 144784 D:\Program Files\Java\jre1.6.0_06\bin\jusched.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
--a------ 2008-06-10 15:50 68856 D:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
--a------ 2008-04-01 19:49 36352 D:\Program Files\Winamp\winampa.exe
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Counter Strike 1.6\\hl.exe"=
"E:\\Elasto Mania\\Belma 2 bez leveli\\belma.exe"=
"D:\\Program Files\\Azureus\\Azureus.exe"=
"C:\\Program Files\\Quake III Arena\\quake3.exe"=
"D:\\Program Files\\Gadu-Gadu\\gg.exe"=
"C:\\Program Files\\Red Faction\\rf.exe"=
"D:\\Program Files\\BearShare\\BearShare.exe"=
"D:\\Program Files\\BearFlix\\bearflix.exe"=
"E:\\Elasto Mania\\Belma\\belma.exe"=
"D:\\Program Files\\Flatout\\flatout.exe"=
"D:\\Program Files\\Nowe Gadu-Gadu\\gg.exe"=
"C:\\Program Files\\TrackMania Sunrise\\TmSunrise.exe"=
"E:\\Elasto Mania\\BelmaC\\belma.exe"=
"C:\\Program Files\\Steam\\SteamApps\\boskioski666_\\counter-strike\\hl.exe"=
"D:\\Program Files\\EA GAMES\\Battlefield 1942\\BF1942.exe"=
"D:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"D:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"D:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"D:\\Program Files\\HP\\Digital Imaging\\bin\\hpiscnapp.exe"=
"D:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"D:\\Program Files\\Warcraft III\\Warcraft III.exe"=
"D:\\Program Files\\Team17\\Worms World Party\\Wwp.exe"=
"D:\\pulp\\Gry i Foty\\mIRC\\mirc.exe"=
"D:\\Program Files\\Skype\\Phone\\Skype.exe"=
"D:\\pulp\\Gry i Foty\\KOMORKA\\Samsung Java - Uploader.exe"=
R1 epfwtdir;epfwtdir;D:\WINDOWS\system32\drivers\epfwtdir.sys [2008-03-13 15:52:18 33800]
R2 ekrn;Eset Service;D:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2008-03-13 15:49:56 472320]
R3 CnxEtP;ZTE ZXDSL852 Adapter Filter Driver;D:\WINDOWS\system32\drivers\CnxEtP.sys [2008-06-06 17:10:20 131072]
R3 CnxEtU;ZTE ZXDSL852 Interface Device Driver;D:\WINDOWS\system32\drivers\CnxEtU.sys [2008-06-06 17:10:20 618112]
R3 CnxTgNW;ZTE ZXDSL852 WAN PPPoA Adapter Driver;D:\WINDOWS\system32\drivers\CnxTgNW.sys [2008-06-06 17:10:27 52736]
S2 NOD32FiXTemDono;Eset Nod32 Boot;D:\WINDOWS\system32\regedt32.exe [2001-10-26 17:30:00 25600]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Zawartość folderu 'Zaplanowane zadania'
2009-02-14 D:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-350281380-233495102-1455855570-1004.job
- D:\Documents and Settings\Bracia\Ustawienia lokalne\Dane aplikacji\Google\Update\GoogleUpdate.exe [2008-12-11 10:20]
.
.
------- Skan uzupełniający -------
.
uStart Page = hxxp://www.wp.pl
uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: &Winamp Search - D:\Documents and Settings\All Users\Dane aplikacji\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
IE: Ściągnij przez IDM - D:\Program Files\Internet Download Manager\IEExt.htm
IE: Ściągnij wszystkie linki przez IDM - D:\Program Files\Internet Download Manager\IEGetAll.htm
IE: Ściągnij zawartość wideo FLV przez IDM - D:\Program Files\Internet Download Manager\IEGetVL.htm
IE: { - D:\Program Files\Messenger\msmsgs.exe
FF - ProfilePath - D:\Documents and Settings\BoskiOski666\Dane aplikacji\Mozilla\Firefox\Profiles\0iczagbu.default\
FF - prefs.js: browser.startup.homepage - www.google.mn
FF - component: D:\Documents and Settings\BoskiOski666\Dane aplikacji\IDM\idmmzcc2\components\idmmzcc.dll
FF - component: D:\Documents and Settings\BoskiOski666\Dane aplikacji\Mozilla\Firefox\Profiles\0iczagbu.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}\components\WinampPlayer.dll
FF - plugin: D:\Program Files\Mozilla Firefox\plugins\NPAskSBr.dll
FF - plugin: D:\Program Files\Mozilla Firefox\plugins\npganymedenet.dll
.
oraz skasuj folder C:\
