Skocz do zawartości


Zdjęcie

Logi - System się zacina

Rozpoczęty przez timmy , 20 06 2008 03:43

  • Zamknięty Temat jest zamknięty
2 odpowiedzi w tym temacie

#1 timmy

timmy

    Zaawansowany użytkownik

  • 624 postów

Napisano 20 06 2008 - 03:43

Witam. posiadam eset smart security(codziennie aktualizowanego nawet pare razy)

lecz cos mi znow system tnie prosze o sprawdzenie loga!

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 03:35:54, on 2008-06-20
Platform: Windows XP Dodatek SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\taskswitch.exe
C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE
C:\PROGRA~1\MyPortal\Speed-X\SpeedX.exe
C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\DNA\btdna.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\WLAN\WConfig\WConfig.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
C:\Documents and Settings\fritzz\Pulpit\etmin.exe
C:\Program Files\Gadu-Gadu\gg.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\mIRC\mirc.exe
C:\Program Files\Teamspeak2_RC2\TeamSpeak.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\Documents and Settings\fritzz\Pulpit\RapGet\rapget.exe
C:\Program Files\CBS Software\SpeedConnect Internet Accelerator\SpeedConnectStartUp.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [CoolSwitch] C:\WINDOWS\system32\taskswitch.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe"
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [EPSON Stylus C42 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE /P23 "EPSON Stylus C42 Series" /O5 "LPT1:" /M "Stylus C42"
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [NodLogin] C:\Program Files\ESET\ESET Smart Security\nodlogin.exe
O4 - HKCU\..\Run: [SpeedX] C:\PROGRA~1\MyPortal\Speed-X\SpeedX.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [Odkurzacz-MCD] C:\Program Files\Odkurzacz\odk_mcd.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [Uniblue RegistryBooster 2] C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S
O4 - HKCU\..\Run: [Auslogics BoostSpeed 4] C:\Program Files\Auslogics\AusLogics BoostSpeed\boostspeed.exe
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [EPSON Stylus C42 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE /A "C:\WINDOWS\system32\E_S2E6.tmp"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA LOKALNA')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA SIECIOWA')
O4 - Global Startup: Kaspersky Anti-Hacker.lnk = C:\Program Files\Kaspersky Lab\Kaspersky Anti-Hacker\KAVPF.exe
O4 - Global Startup: ScanPanel.lnk = C:\Program Files\Medion\ScanPanel\ScnPanel.exe
O4 - Global Startup: WConfig.lnk = C:\Program Files\WLAN\WConfig\WConfig.exe
O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm
O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm
O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra button: Add to VideoGet - {88CFA58B-A63F-4A94-9C54-0C7A58E3333E} - C:\PROGRA~1\NUCLEA~1\VideoGet\Plugins\VIDEOG~1.DLL
O9 - Extra 'Tools' menuitem: Add to &VideoGet - {88CFA58B-A63F-4A94-9C54-0C7A58E3333E} - C:\PROGRA~1\NUCLEA~1\VideoGet\Plugins\VIDEOG~1.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{4A1D58FC-077F-45BB-BF2F-791BB8CDCC9F}: NameServer = 174.138.200.1,194.204.152.34
O17 - HKLM\System\CCS\Services\Tcpip\..\{92C04C0E-4432-4937-BABE-D2D4321FB314}: NameServer = 174.138.200.1,194.204.152.34
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe

--
End of file - 7351 bytes



ComboFix 08-06-19.1 - fritzz 2008-06-20 3:37:03.4 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.458 [GMT 2:00]
Running from: C:\Documents and Settings\fritzz\Pulpit\ComboFix.exe
* Created a new restore point
* Resident AV is active


WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED Dołączona grafika
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\fritzz\Dane aplikacji\inst.exe

.
((((((((((((((((((((((((( Files Created from 2008-05-20 to 2008-06-20 )))))))))))))))))))))))))))))))
.

2008-06-20 01:47 . 2008-06-20 01:48 <DIR> d-------- C:\WINDOWS\LastGood
2008-06-20 01:47 . 2008-06-20 01:47 <DIR> d-------- C:\Program Files\ESET
2008-06-19 16:40 . 2008-06-19 16:40 <DIR> d-------- C:\Program Files\Common Files\EPSON
2008-06-19 16:40 . 2001-08-23 01:04 139,264 --a------ C:\WINDOWS\system32\EBAPI2.dll
2008-06-19 16:37 . 2002-02-14 04:20 68,748 --a------ C:\WINDOWS\system32\EBPMON2.DLL
2008-06-19 16:37 . 2001-11-21 04:22 56,832 --a------ C:\WINDOWS\system32\ECBTEG.DLL
2008-06-19 16:37 . 2000-06-07 03:01 34,304 --a------ C:\WINDOWS\system32\EBPCHP.DLL
2008-06-19 16:37 . 2001-09-04 04:04 182 --a------ C:\WINDOWS\system32\EBPPORT.DAT
2008-06-19 16:35 . 2008-06-19 16:39 <DIR> d-------- C:\Program Files\EPSON
2008-06-15 20:47 . 2008-06-15 20:47 <DIR> d-------- C:\Program Files\Custom Technology
2008-06-15 20:20 . 2008-06-16 12:47 <DIR> d-------- C:\Program Files\The FilmMachine
2008-06-15 20:20 . 2003-06-19 14:46 491,520 --a------ C:\WINDOWS\system32\lkVCDimager.dll
2008-06-15 17:55 . 2008-06-15 19:13 <DIR> d-------- C:\Documents and Settings\fritzz\Dane aplikacji\Vso
2008-06-15 17:55 . 2008-06-15 17:55 47,360 --a------ C:\WINDOWS\system32\drivers\pcouffin.sys
2008-06-15 17:55 . 2008-06-15 19:04 47,360 --a------ C:\Documents and Settings\fritzz\Dane aplikacji\pcouffin.sys
2008-06-15 16:44 . 2008-06-15 16:44 <DIR> d-------- C:\Program Files\AutoPlay Menu Builder
2008-06-15 14:47 . 2008-06-15 14:47 <DIR> d-------- C:\Documents and Settings\fritzz\Dane aplikacji\DivX
2008-06-13 22:59 . 2008-06-15 20:21 <DIR> d-------- C:\Program Files\AviSynth 2.5
2008-06-13 22:57 . 2008-06-13 23:03 <DIR> d-------- C:\Program Files\Avi2Dvd
2008-06-13 16:15 . 2008-06-13 16:15 <DIR> d-------- C:\Program Files\EDStrong
2008-06-13 16:15 . 2001-10-26 17:29 4,096 --a--c--- C:\WINDOWS\system32\dllcache\ctwdm32.dll
2008-06-13 16:15 . 2001-10-26 17:29 4,096 --a------ C:\WINDOWS\system32\ctwdm32.dll
2008-06-13 15:27 . 2008-06-13 16:14 <DIR> d-------- C:\STRONG
2008-06-13 12:48 . 2008-06-17 23:47 <DIR> d-------- C:\Program Files\DVDlabPro2
2008-06-13 10:05 . 2008-06-13 10:24 <DIR> d-------- C:\Program Files\URUSoft
2008-06-13 09:03 . 2006-10-02 13:44 5,120 --a------ C:\WINDOWS\system32\ff_vfw.dll
2008-06-13 09:03 . 2006-08-05 12:06 547 --a------ C:\WINDOWS\system32\ff_vfw.dll.manifest
2008-06-13 08:06 . 2008-06-13 08:06 <DIR> d-------- C:\Program Files\WinAVI Video Converter
2008-06-13 07:48 . 2008-02-08 02:09 1,035 --a------ C:\donnelly.nfo
2008-06-13 07:42 . 2008-06-13 23:02 <DIR> d-------- C:\control
2008-06-11 14:10 . 2008-06-11 14:10 <DIR> d-------- C:\Program Files\Audacity 1.3 Beta (Unicode)
2008-06-11 14:10 . 2008-06-11 14:13 <DIR> d-------- C:\Documents and Settings\fritzz\Dane aplikacji\Audacity
2008-06-10 18:56 . 2008-06-10 18:56 71,688 --a------ C:\WINDOWS\system32\drivers\epfw.sys
2008-06-10 18:56 . 2008-06-10 18:56 54,280 --a------ C:\WINDOWS\system32\drivers\epfwtdi.sys
2008-06-10 18:48 . 2008-06-10 18:48 53,256 --a------ C:\WINDOWS\system32\drivers\easdrv.sys
2008-06-10 18:47 . 2008-06-10 18:47 39,944 --a------ C:\WINDOWS\system32\drivers\eamon.sys
2008-06-10 15:59 . 2008-06-10 15:59 <DIR> d-------- C:\Program Files\Kaspersky Lab
2008-06-10 15:09 . 2008-06-20 01:49 <DIR> d-------- C:\WINDOWS\Logs
2008-06-10 15:09 . 2008-05-30 14:11 3,850,760 --a------ C:\WINDOWS\system32\D3DX9_38.dll
2008-06-10 15:09 . 2008-05-30 14:11 1,491,992 --a------ C:\WINDOWS\system32\D3DCompiler_38.dll
2008-06-10 15:09 . 2008-05-30 14:19 507,400 --a------ C:\WINDOWS\system32\XAudio2_1.dll
2008-06-10 15:09 . 2008-05-30 14:11 467,984 --a------ C:\WINDOWS\system32\d3dx10_38.dll
2008-06-10 15:09 . 2008-05-30 14:18 238,088 --a------ C:\WINDOWS\system32\xactengine3_1.dll
2008-06-10 15:09 . 2008-05-30 14:17 65,032 --a------ C:\WINDOWS\system32\XAPOFX1_0.dll
2008-06-10 15:09 . 2008-05-30 14:17 25,608 --a------ C:\WINDOWS\system32\X3DAudio1_4.dll
2008-06-08 04:24 . 2008-06-08 04:24 <DIR> d-------- C:\Documents and Settings\fritzz\Dane aplikacji\Ventrilo
2008-06-08 04:23 . 2008-06-08 04:24 <DIR> d-------- C:\Program Files\Ventrilo
2008-06-08 04:23 . 2008-06-08 04:23 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-06-07 04:12 . 2007-07-30 19:19 271,224 --a------ C:\WINDOWS\system32\mucltui.dll
2008-06-07 04:12 . 2007-07-30 19:19 30,072 --a------ C:\WINDOWS\system32\mucltui.dll.mui
2008-06-07 01:16 . 2008-06-07 01:16 <DIR> d-------- C:\WINDOWS\system32\Adobe
2008-06-07 00:53 . 2008-06-07 00:53 38 --a------ C:\WINDOWS\avisplitter.INI
2008-06-06 13:45 . 2008-06-06 13:45 <DIR> d-------- C:\Program Files\K-Lite Codec Pack
2008-06-05 07:45 . 2008-06-05 07:45 <DIR> d-------- C:\Program Files\DNA
2008-06-05 07:45 . 2008-06-05 07:45 <DIR> d-------- C:\Program Files\BitTorrent
2008-06-05 07:45 . 2008-06-20 03:35 <DIR> d-------- C:\Documents and Settings\fritzz\Dane aplikacji\DNA
2008-06-05 07:45 . 2008-06-07 20:39 <DIR> d-------- C:\Documents and Settings\fritzz\Dane aplikacji\BitTorrent
2008-06-03 19:26 . 2008-06-03 19:26 <DIR> d-------- C:\Program Files\Medion
2008-06-03 19:26 . 2001-08-17 18:39 200,704 --a------ C:\WINDOWS\Ausba3.dll
2008-06-03 19:26 . 2001-05-11 11:48 81,920 --a------ C:\WINDOWS\system32\ePlususd.dll
2008-06-03 19:26 . 2001-07-10 18:00 45,056 --a------ C:\WINDOWS\system32\RemovePlus.exe
2008-06-03 19:26 . 2001-06-07 17:56 18,120 --a------ C:\WINDOWS\system32\drivers\ArtecGT.sys
2008-06-03 19:26 . 2001-08-25 00:05 11,464 --------- C:\WINDOWS\Dusb3ar.ini
2008-06-03 19:26 . 2000-12-04 20:36 8,192 --------- C:\WINDOWS\system32\drivers\ePlus2k.usb
2008-06-03 19:26 . 2001-07-24 15:17 2,638 --------- C:\WINDOWS\Ausba3.INI
2008-06-03 19:26 . 2002-09-09 09:54 1,704 --------- C:\WINDOWS\ePlus.ini
2008-06-03 19:26 . 2008-06-20 01:45 1,250 --a------ C:\WINDOWS\ScnPanel.ini
2008-06-03 19:26 . 2001-06-22 15:57 766 --a------ C:\WINDOWS\Uninstall.ico
2008-05-29 18:37 . 2008-05-29 18:37 <DIR> d-------- C:\Program Files\Pro Imaging Powertoys
2008-05-29 18:37 . 2008-05-29 18:37 <DIR> d-------- C:\Program Files\Microsoft Calculator Plus
2008-05-29 18:37 . 2008-05-29 18:37 <DIR> d-------- C:\Program Files\Common Files\Nikon
2008-05-29 18:37 . 2008-05-29 18:37 635,337 --a------ C:\WINDOWS\unins000.exe
2008-05-29 18:37 . 2008-05-29 18:37 926 --a------ C:\WINDOWS\unins000.dat
2008-05-29 18:29 . 2008-05-29 18:29 635,337 --a------ C:\WINDOWS\system32\unins000.exe
2008-05-29 18:29 . 2003-06-25 16:05 266,360 --a------ C:\WINDOWS\system32\TweakUI.exe
2008-05-29 18:29 . 2008-05-29 18:29 1,162 --a------ C:\WINDOWS\system32\unins000.dat
2008-05-28 10:03 . 2008-05-30 22:56 <DIR> d-------- C:\Documents and Settings\fritzz\Dane aplikacji\GanymedeNet
2008-05-28 10:00 . 2008-05-28 10:02 <DIR> d-------- C:\Program Files\Ganymede
2008-05-28 09:20 . 2008-05-28 09:20 5,208 --a------ C:\WINDOWS\system32\pid.PNF
2008-05-27 01:27 . 2008-05-27 14:18 <DIR> d-------- C:\Documents and Settings\fritzz\Dane aplikacji\Hide IP NG
2008-05-26 08:52 . 2008-05-26 08:52 170 --a------ C:\WINDOWS\wininit.ini
2008-05-25 21:06 . 2008-05-28 09:48 <DIR> d-------- C:\Program Files\AVIcodec
2008-05-25 20:48 . 2008-05-25 20:48 <DIR> d-------- C:\Program Files\Google
2008-05-25 20:44 . 2008-05-25 21:06 737,280 --a------ C:\WINDOWS\iun6002.exe
2008-05-25 20:43 . 2006-06-02 00:11 109,568 --------- C:\WINDOWS\system32\pxinsi64.exe
2008-05-25 20:43 . 2006-06-02 00:11 108,544 --------- C:\WINDOWS\system32\pxcpyi64.exe
2008-05-25 20:42 . 2008-05-25 20:43 <DIR> d-------- C:\Program Files\DivX
2008-05-25 20:32 . 2008-05-25 20:33 <DIR> d-------- C:\WINDOWS\speech
2008-05-25 20:32 . 2008-05-25 20:33 <DIR> d-------- C:\Program Files\ivo
2008-05-25 20:30 . 2008-05-25 20:30 <DIR> d-------- C:\WINDOWS\system32\QuickTime
2008-05-25 20:30 . 2008-05-25 20:30 <DIR> d-------- C:\Program Files\QuickTime Alternative
2008-05-25 20:30 . 2008-05-25 20:30 <DIR> d-------- C:\Documents and Settings\All Users\Dane aplikacji\Apple Computer
2008-05-25 20:30 . 2004-09-23 18:57 6,676,480 --a------ C:\WINDOWS\system32\QuickTime.qts
2008-05-25 20:30 . 2004-09-23 18:57 747,008 --a------ C:\WINDOWS\system32\Indeo4.qtx
2008-05-25 20:30 . 2002-12-20 12:40 675,328 --a------ C:\WINDOWS\system32\ir50_32.qtx
2008-05-25 20:30 . 2004-09-23 18:57 430,592 --a------ C:\WINDOWS\system32\QuickTimeVR.qtx
2008-05-25 20:30 . 2005-06-10 17:40 360,504 --a------ C:\WINDOWS\system32\QTPlugin.ocx
2008-05-25 20:30 . 2004-09-23 18:57 323,072 --a------ C:\WINDOWS\system32\QuickTime.cpl
2008-05-25 20:30 . 2002-11-08 20:04 225,280 --a------ C:\WINDOWS\system32\qtmlClient.dll
2008-05-25 20:30 . 2004-09-23 18:57 70,144 --a------ C:\WINDOWS\system32\QuickTimeCheck.ocx
2008-05-25 19:52 . 2008-04-14 00:15 26,112 --a------ C:\WINDOWS\system32\drivers\usbser.sys
2008-05-25 19:52 . 2008-04-14 00:15 26,112 --a--c--- C:\WINDOWS\system32\dllcache\usbser.sys
2008-05-25 12:23 . 2005-07-20 14:35 36,480 --a------ C:\WINDOWS\system32\drivers\P2k.sys
2008-05-25 11:44 . 2008-05-25 11:44 <DIR> d-------- C:\Program Files\MDK2
2008-05-24 07:54 . 2008-06-03 19:24 <DIR> d-------- C:\WINDOWS\SETUP533
2008-05-24 07:54 . 2008-06-03 19:24 <DIR> d-------- C:\Program Files\Cam 3200
2008-05-24 07:54 . 2002-10-21 11:37 515,803 --a------ C:\WINDOWS\system32\drivers\Ca533av.sys
2008-05-24 07:54 . 2002-01-19 15:33 131,072 --a------ C:\WINDOWS\system32\SP5X_32.DLL
2008-05-24 07:54 . 2002-01-19 15:33 131,072 --a------ C:\WINDOWS\system\SP5X_32.DLL
2008-05-24 07:54 . 2003-03-25 16:54 16,384 --a------ C:\WINDOWS\system32\dext533.ax
2008-05-24 07:54 . 2002-12-30 15:24 14,606 --a------ C:\WINDOWS\USB_CAM.ini
2008-05-24 07:54 . 2002-12-04 14:38 11,144 --a------ C:\WINDOWS\system32\drivers\Bulk533.sys
2008-05-24 07:54 . 2003-04-08 08:51 1,833 --a------ C:\WINDOWS\ca533a.ini
2008-05-24 07:54 . 1998-04-24 00:00 1,078 --a------ C:\WINDOWS\system32\WASTE.ICO
2008-05-24 07:54 . 2003-04-09 11:54 163 --a------ C:\WINDOWS\Setup533.ini
2008-05-24 07:54 . 2003-06-16 16:00 147 --a------ C:\WINDOWS\Setup2k.ini
2008-05-24 07:53 . 2008-06-03 19:24 <DIR> d-------- C:\Medion
2008-05-24 07:38 . 2008-04-14 00:15 60,032 --a------ C:\WINDOWS\system32\drivers\USBAUDIO.sys
2008-05-24 07:38 . 2008-04-14 00:15 60,032 --a--c--- C:\WINDOWS\system32\dllcache\usbaudio.sys
2008-05-24 07:37 . 2008-04-14 00:15 32,128 --a------ C:\WINDOWS\system32\drivers\usbccgp.sys
2008-05-24 07:37 . 2008-04-14 00:15 32,128 --a--c--- C:\WINDOWS\system32\dllcache\usbccgp.sys
2008-05-24 07:36 . 2008-04-14 00:15 26,368 --a--c--- C:\WINDOWS\system32\dllcache\usbstor.sys
2008-05-23 05:25 . 2008-05-28 09:33 <DIR> d-------- C:\Program Files\SystemRequirementsLab
2008-05-23 05:23 . 2008-05-28 09:33 <DIR> d-------- C:\Documents and Settings\fritzz\SystemRequirementsLab
2008-05-22 14:35 . 2008-06-20 02:12 <DIR> d-------- C:\Program Files\mIRC

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-06-20 01:36 --------- d-----w C:\Documents and Settings\fritzz\Dane aplikacji\mIRC
2008-06-20 01:00 23,352 ----a-w C:\WINDOWS\system32\drivers\PnkBstrK.sys
2008-06-20 01:00 107,832 ----a-w C:\WINDOWS\system32\PnkBstrB.exe
2008-06-20 00:50 --------- d-----w C:\Program Files\Odkurzacz
2008-06-13 23:17 --------- d-----w C:\Program Files\SpeedFan
2008-06-10 17:18 --------- d-----w C:\Documents and Settings\fritzz\Dane aplikacji\Hamachi
2008-06-10 16:56 30,728 ----a-w C:\WINDOWS\system32\drivers\epfwndis.sys
2008-06-10 16:52 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-06-10 13:59 --------- d-----w C:\Program Files\Common Files\Kaspersky Lab
2008-06-06 11:36 892,928 ----a-w C:\WINDOWS\system32\iconv.dll
2008-06-06 11:35 921,600 ----a-w C:\WINDOWS\system32\vorbisenc.dll
2008-06-06 11:35 9,216 ----a-w C:\WINDOWS\system32\cpuinf32.dll
2008-06-06 11:35 755,200 ----a-w C:\WINDOWS\system32\ir50_32.dll
2008-06-06 11:35 45,056 ----a-w C:\WINDOWS\system32\ogg.dll
2008-06-06 11:35 245,760 ----a-w C:\WINDOWS\system32\mplvpx.dll
2008-06-06 11:35 237,568 ----a-w C:\WINDOWS\system32\OggDS.dll
2008-06-06 11:35 188,416 ----a-w C:\WINDOWS\system32\vorbis.dll
2008-06-06 11:35 1,415,680 ----a-w C:\WINDOWS\system32\WMV9VCM.dll
2008-06-06 11:34 391,168 ----a-w C:\WINDOWS\system32\i263_32.drv
2008-06-02 12:54 --------- d-----w C:\Documents and Settings\fritzz\Dane aplikacji\teamspeak2
2008-06-01 01:31 --------- d-----w C:\Program Files\RivaTuner v2.09
2008-05-29 19:57 --------- d-----w C:\Program Files\Real Alternative
2008-05-29 16:38 --------- d-----w C:\Program Files\Java
2008-05-28 07:28 510,464 ----a-w C:\WINDOWS\system32\winlogon.exe
2008-05-19 22:54 --------- d-----w C:\Program Files\Microsoft Bootvis
2008-05-19 22:53 --------- d-----w C:\Program Files\Common Files\Adobe
2008-05-19 22:33 --------- d-----w C:\Documents and Settings\fritzz\Dane aplikacji\Auslogics
2008-05-19 22:29 --------- d-----w C:\Program Files\Auslogics
2008-05-19 16:59 --------- d-----w C:\Program Files\Uniblue
2008-05-19 16:59 --------- d-----w C:\Documents and Settings\fritzz\Dane aplikacji\Uniblue
2008-05-19 11:04 --------- d-----w C:\Program Files\Trend Micro
2008-05-17 08:02 --------- d-----w C:\Program Files\Gadu-Gadu
2008-05-15 16:23 --------- d-----w C:\Program Files\Hamachi
2008-05-15 16:22 25,280 ----a-w C:\WINDOWS\system32\drivers\hamachi.sys
2008-05-15 16:08 --------- d---a-w C:\Documents and Settings\All Users\Dane aplikacji\TEMP
2008-05-15 01:37 --------- d-----w C:\Documents and Settings\fritzz\Dane aplikacji\Thinstall
2008-05-14 17:43 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\nView_Profiles
2008-05-14 16:24 --------- d-----w C:\Program Files\DAP
2008-05-14 16:21 50,688 ----a-w C:\WINDOWS\system32\wbhelp2.dll
2008-05-13 05:13 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\Adobe Systems
2008-05-12 17:36 --------- d-----w C:\Program Files\Common Files\Download Manager
2008-05-08 12:49 --------- d-----w C:\Program Files\Common Files\Thraex Software
2008-05-08 01:33 --------- d-----w C:\Program Files\NT Registry Optimizer
2008-05-07 23:45 --------- d-----w C:\Program Files\Reference Assemblies
2008-05-07 23:45 --------- d-----w C:\Program Files\MSBuild
2008-05-07 23:36 --------- d-----w C:\Program Files\CBS Software
2008-05-07 18:38 --------- d-----w C:\Program Files\Common Files\Java
2008-05-06 23:28 --------- d-----w C:\Program Files\Winamp
2008-05-06 23:28 --------- d-----w C:\Documents and Settings\fritzz\Dane aplikacji\Winamp
2008-05-06 18:53 --------- d-----w C:\Program Files\Ulead Systems
2008-05-06 18:53 --------- d-----w C:\Program Files\Common Files\Ulead Systems
2008-05-06 18:53 --------- d-----w C:\Documents and Settings\fritzz\Dane aplikacji\Ulead Systems
2008-05-06 18:53 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\Ulead Systems
2008-05-06 11:14 --------- d-----w C:\Program Files\NAPI-PROJEKT
2008-05-05 15:33 60,416 ----a-w C:\WINDOWS\ALCFDRTM.EXE
2008-05-05 11:07 --------- d-----w C:\Program Files\Windows Media Connect 2
2008-05-05 11:03 --------- d-----w C:\Program Files\MSXML 6.0
2008-05-05 11:01 --------- d-----w C:\Program Files\HighMAT CD Writing Wizard
2008-05-05 06:52 --------- d-----w C:\Program Files\SubEdit-Player
2008-05-05 05:08 --------- d-----w C:\Documents and Settings\fritzz\Dane aplikacji\Media Player Classic
2008-05-04 10:59 --------- d-----w C:\Program Files\Common Files\Nero
2008-05-04 10:59 --------- d-----w C:\Documents and Settings\fritzz\Dane aplikacji\Nero
2008-05-04 10:57 --------- d-----w C:\Program Files\Nero
2008-05-04 10:57 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\Nero
2008-05-04 06:39 --------- d-----w C:\Program Files\Ultra RM Converter
2008-05-04 01:35 --------- d-----w C:\Documents and Settings\fritzz\Dane aplikacji\Gadu-Gadu
2008-05-03 21:33 --------- d-----w C:\Program Files\MyPortal
2008-05-03 21:23 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\Office Genuine Advantage
2008-05-03 19:37 107,888 ----a-w C:\WINDOWS\system32\CmdLineExt.dll
2008-05-03 19:37 --------- d--h--r C:\Documents and Settings\fritzz\Dane aplikacji\SecuROM
2008-05-03 19:15 --------- d-----w C:\Program Files\DAEMON Tools Lite
2008-05-03 18:43 669,184 ----a-w C:\WINDOWS\system32\pbsvc.exe
2008-05-03 18:43 22,328 ----a-w C:\Documents and Settings\fritzz\Dane aplikacji\PnkBstrK.sys
2008-05-03 16:18 --------- d-----w C:\Program Files\MarBit
2008-05-03 11:12 716,272 ----a-w C:\WINDOWS\system32\drivers\sptd.sys
2008-05-03 11:12 --------- d-----w C:\Documents and Settings\fritzz\Dane aplikacji\DAEMON Tools
2008-05-03 10:32 66,872 ----a-w C:\WINDOWS\system32\PnkBstrA.exe
2008-05-03 10:08 --------- d-----w C:\Program Files\Teamspeak2_RC2
2008-05-03 09:49 --------- d-----w C:\Documents and Settings\fritzz\Dane aplikacji\ESET
2008-05-03 09:48 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\ESET
2008-05-03 09:03 --------- d-----w C:\Program Files\ULI5289
2008-05-03 09:02 --------- d-----w C:\Program Files\AMD
2008-05-03 09:01 --------- d-----w C:\Program Files\Realtek AC97
2008-05-03 09:00 --------- d-----w C:\Program Files\Common Files\InstallShield
2008-05-03 08:55 25,992 ----a-w C:\WINDOWS\system32\pgdfgsvc.exe
2008-05-03 08:51 --------- d-----w C:\Program Files\WLAN
2008-05-03 08:47 --------- d-----w C:\Program Files\microsoft frontpage
2008-05-03 08:46 --------- d-----w C:\Program Files\Usługi online
2008-04-28 06:52 2,121,235 ----a-w C:\WINDOWS\system32\x264vfw.dll
2008-04-23 15:19 442,368 ----a-w C:\WINDOWS\system32\NVUNINST.EXE
2008-04-14 21:16 1,804 ----a-w C:\WINDOWS\system32\dcache.bin
2008-04-14 20:56 332,288 ----a-w C:\WINDOWS\system32\netsetup.exe
2008-04-14 20:52 92,424 ----a-w C:\WINDOWS\system32\rdpdd.dll
2008-04-14 20:52 87,176 ----a-w C:\WINDOWS\system32\rdpwsx.dll
2008-04-14 20:52 12,168 ----a-w C:\WINDOWS\system32\tsddd.dll
2008-04-14 20:50 999,936 ----a-w C:\WINDOWS\system32\syssetup.dll
2008-04-14 20:49 98,304 ----a-w C:\WINDOWS\system32\actxprxy.dll
2008-04-14 20:48 5,632 ----a-w C:\WINDOWS\system32\wmi.dll
2008-04-14 20:48 1,449,472 ----a-w C:\WINDOWS\system32\winntbbu.dll
2008-04-14 20:47 57,375 ----a-w C:\WINDOWS\system32\odbcji32.dll
.

------- Sigcheck -------

2006-03-02 14:00 14336 ba98327e90022dbd6ee76490e0622e2e C:\WINDOWS\$NtServicePackUninstall$\svchost.exe
2008-04-14 22:51 14336 8607d35d92528e2df386f19a960d23ce C:\WINDOWS\ServicePackFiles\i386\svchost.exe
2008-04-14 22:51 14336 8607d35d92528e2df386f19a960d23ce C:\WINDOWS\system32\svchost.exe

2006-03-02 14:00 578560 0c81764f50f32d376e6e4b9e9f4b01a0 C:\WINDOWS\$NtServicePackUninstall$\user32.dll
2008-04-14 22:50 580096 a435c5c069afd901751ac323ad238793 C:\WINDOWS\ServicePackFiles\i386\user32.dll
2008-04-14 22:50 580096 a435c5c069afd901751ac323ad238793 C:\WINDOWS\system32\user32.dll

2006-03-02 14:00 82944 ab82237486b727dd7dab36a76f38a3a2 C:\WINDOWS\$NtServicePackUninstall$\ws2_32.dll
2008-04-14 22:51 82432 c0aa2ab856680c44739b41e01f5bd4e9 C:\WINDOWS\ServicePackFiles\i386\ws2_32.dll
2008-04-14 22:51 82432 c0aa2ab856680c44739b41e01f5bd4e9 C:\WINDOWS\system32\ws2_32.dll

2006-03-02 14:00 658944 d37dafb534ac8343d59a1b501abe852c C:\WINDOWS\$NtServicePackUninstall$\wininet.dll
2008-04-14 22:50 668672 0457f0afd6ee10445d8cf721fb5fa4eb C:\WINDOWS\ServicePackFiles\i386\wininet.dll
2008-03-01 15:02 826368 acb31b4ed243d4dffa5268f4ad2b0d6f C:\WINDOWS\SoftwareDistribution\Download\d07de49fba4df0416de7d9112561f15e\SP2GDR\wininet.dll
2008-03-01 14:35 827392 b1db24042f335198ead97aaa675b1078 C:\WINDOWS\SoftwareDistribution\Download\d07de49fba4df0416de7d9112561f15e\SP2QFE\wininet.dll
2008-04-14 22:50 668672 0457f0afd6ee10445d8cf721fb5fa4eb C:\WINDOWS\system32\wininet.dll

2006-03-02 14:00 359040 9f4b36614a0fc234525ba224957de55c C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys
2008-04-14 00:50 361344 93ea8d04ec73a85db02eb8805988f733 C:\WINDOWS\ServicePackFiles\i386\tcpip.sys
2008-04-14 00:50 361344 93ea8d04ec73a85db02eb8805988f733 C:\WINDOWS\system32\drivers\tcpip.sys

2006-03-02 14:00 504832 0344407089b08548d4feba62bb0f32d0 C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
2008-04-14 22:51 510464 51fd2e13d723857b9ca239ae77150f48 C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
2008-05-28 09:28 510464 66ecfe388ad1bd281dd3391b756670cf C:\WINDOWS\system32\winlogon.exe

2006-03-02 14:00 182912 558635d3af1c7546d26067d5d9b6959e C:\WINDOWS\$NtServicePackUninstall$\ndis.sys
2008-04-14 00:50 182656 1df7f42665c94b825322fae71721130d C:\WINDOWS\ServicePackFiles\i386\ndis.sys
2008-04-14 00:50 182656 1df7f42665c94b825322fae71721130d C:\WINDOWS\system32\drivers\ndis.sys

2006-03-02 14:00 29056 4448006b6bc60e6c027932cfc38d6855 C:\WINDOWS\$NtServicePackUninstall$\ip6fw.sys
2008-04-14 00:23 36608 3bb22519a194418d5fec05d800a19ad0 C:\WINDOWS\ServicePackFiles\i386\ip6fw.sys
2008-04-14 00:23 36608 3bb22519a194418d5fec05d800a19ad0 C:\WINDOWS\system32\drivers\ip6fw.sys

2006-03-02 14:00 2058112 44d1bc1b05e0c7c82e81687b79c653c7 C:\WINDOWS\$NtServicePackUninstall$\ntkrnlpa.exe
2008-04-14 21:59 2067200 4bba965664faa56b187c27f4cad7e7c5 C:\WINDOWS\ServicePackFiles\i386\ntkrnlpa.exe
2008-04-14 21:59 2067200 4bba965664faa56b187c27f4cad7e7c5 C:\WINDOWS\system32\ntkrnlpa.exe

2006-03-02 14:00 2182272 dcf53422b7edded3b7431fbae4a7ee3f C:\WINDOWS\$NtServicePackUninstall$\ntoskrnl.exe
2008-04-14 22:00 2190336 8ca14ecf04594eabbe93c9ff2e3cbfb1 C:\WINDOWS\ServicePackFiles\i386\ntoskrnl.exe
2008-04-14 22:00 2190336 8ca14ecf04594eabbe93c9ff2e3cbfb1 C:\WINDOWS\system32\ntoskrnl.exe

2008-04-14 22:51 1035264 c791ed9eac5e76d9525e157b1d7a599a C:\WINDOWS\explorer.exe
2006-03-02 14:00 1033728 379098a96e6c165b659de7e4328010ea C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
2008-04-14 22:51 1035264 c791ed9eac5e76d9525e157b1d7a599a C:\WINDOWS\ServicePackFiles\i386\explorer.exe

2006-03-02 14:00 108544 3da8d964d2cc12ef8e8c342471a37917 C:\WINDOWS\$NtServicePackUninstall$\services.exe
2008-04-14 22:51 109056 3e3ae424e27c4cefe4cab368c7b570ea C:\WINDOWS\ServicePackFiles\i386\services.exe
2008-04-14 22:51 109056 3e3ae424e27c4cefe4cab368c7b570ea C:\WINDOWS\system32\services.exe

2006-03-02 14:00 13312 f485fefc8cc4fd29243d800be5d275d1 C:\WINDOWS\$NtServicePackUninstall$\lsass.exe
2008-04-14 22:51 13312 88296f7943f30a1ee3af735440b92268 C:\WINDOWS\ServicePackFiles\i386\lsass.exe
2008-04-14 22:51 13312 88296f7943f30a1ee3af735440b92268 C:\WINDOWS\system32\lsass.exe

2006-03-02 14:00 15360 cbfa30492d70ce3938d8a7783d0c0436 C:\WINDOWS\$NtServicePackUninstall$\ctfmon.exe
2008-04-14 22:51 15360 1bd41eda5b869afc99895c39a8de36e1 C:\WINDOWS\ServicePackFiles\i386\ctfmon.exe
2008-04-14 22:51 15360 1bd41eda5b869afc99895c39a8de36e1 C:\WINDOWS\system32\ctfmon.exe
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpeedX"="C:\PROGRA~1\MyPortal\Speed-X\SpeedX.exe" [2006-06-27 14:11 46718]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe" [2007-10-23 14:18 202024]
"Odkurzacz-MCD"="C:\Program Files\Odkurzacz\odk_mcd.exe" [2008-03-03 14:44 266240]
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2006-12-01 11:46 204288]
"Uniblue RegistryBooster 2"="C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe" [2007-10-22 10:12 1885464]
"Auslogics BoostSpeed 4"="C:\Program Files\Auslogics\AusLogics BoostSpeed\boostspeed.exe" [2008-05-05 14:20 255600]
"BitTorrent DNA"="C:\Program Files\DNA\btdna.exe" [2008-06-05 07:45 289088]
"DAEMON Tools Lite"="C:\Program Files\DAEMON Tools Lite\daemon.exe" [2008-02-14 01:09 486856]
"EPSON Stylus C42 Series"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.exe" [2002-02-19 05:03 74240]
"SpeedConnectStartUp"="" []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"="SOUNDMAN.EXE" [2007-04-16 15:28 577536 C:\WINDOWS\soundman.exe]
"NBKeyScan"="C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2007-09-20 08:51 1836328]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 13:06 40048]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2005-02-24 17:32 5537792]
"CoolSwitch"="C:\WINDOWS\system32\taskswitch.exe" [2002-03-19 17:30 45632]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe" [2008-03-25 04:28 144784]
"nwiz"="nwiz.exe" [2005-02-24 17:32 1495040 C:\WINDOWS\system32\nwiz.exe]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2005-02-24 17:32 86016]
"EPSON Stylus C42 Series"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.exe" [2002-02-19 05:03 74240]
"egui"="C:\Program Files\ESET\ESET Smart Security\egui.exe" [2008-06-10 18:52 1447168]
"NodLogin"="C:\Program Files\ESET\ESET Smart Security\nodlogin.exe" [2008-06-13 21:24 359020]

C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\
Kaspersky Anti-Hacker.lnk - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Hacker\KAVPF.exe [2/7/2006 11:02:49 AM 2195583]
ScanPanel.lnk - C:\Program Files\Medion\ScanPanel\ScnPanel.exe [6/3/2008 7:26:34 PM 1732608]
WConfig.lnk - C:\Program Files\WLAN\WConfig\WConfig.exe [5/3/2008 10:51:31 AM 385024]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"SynchronousMachineGroupPolicy"= 0 (0x0)
"SynchronousUserGroupPolicy"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveSearch"= 1 (0x1)
"NoStrCmpLogical"= 1 (0x1)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoSMBalloonTip"= 1 (0x1)
"MemCheckBoxInRunDlg"= 0 (0x0)
"NoAutoTrayNotify"= 0 (0x0)
"NoResolveTrack"= 0 (0x0)
"NoResolveSearch"= 1 (0x1)
"NoWelcomeScreen"= 1 (0x1)
"NoRecentDocsNetHood"= 1 (0x1)
"NoDesktopCleanupWizard"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.I420"= i263_32.drv
"msacm.dvacm"= C:\PROGRA~1\COMMON~1\ULEADS~1\Vio\Dvacm.acm
"VIDC.SP54"= SP5X_32.DLL
"VIDC.SP55"= SP5X_32.DLL
"VIDC.SP56"= SP5X_32.DLL
"VIDC.SP57"= SP5X_32.DLL
"VIDC.SP58"= SP5X_32.DLL
"msacm.l3fhg"= mp3fhg.acm
"msacm.divxa32"= divxa32.acm
"VIDC.X264"= x264vfw.dll
"VIDC.HFYU"= huffyuv.dll
"vidc.i263"= i263_32.drv
"VIDC.YV12"= yv12vfw.dll

[HKLM\~\startupfolder\C:^Documents and Settings^fritzz^Menu Start^Programy^Autostart^Adobe Gamma.lnk]
backup=C:\WINDOWS\pss\Adobe Gamma.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ALi5289]
--------- 2005-03-10 14:56 405504 C:\Program Files\ULI5289\ALi5289.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
--a------ 2008-02-14 01:09 486856 C:\Program Files\DAEMON Tools Lite\daemon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DownloadAccelerator]
--a------ 2008-04-04 22:12 6930432 C:\Program Files\DAP\DAP.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
--a------ 2007-03-01 14:57 153136 C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Rapget]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Uniblue RegistryBooster 2]
--a------ 2007-10-22 10:12 1885464 C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Uniblue SpeedUpMyPC]
C:\Program Files\Uniblue\SpeedUpMyPC 3\SpeedUpMyPC.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"AntiVirusDisableNotify"=dword:00000001
"UpdatesDisableNotify"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiHacker]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"E:\\Program Files\\The All-Seeing Eye\\eye.exe"=
"C:\\WINDOWS\\system32\\PnkBstrA.exe"=
"C:\\WINDOWS\\system32\\PnkBstrB.exe"=
"C:\\Program Files\\Gadu-Gadu\\gg.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"E:\\Program Files\\Wolfenstein - Enemy Territory\\ET.exe"=
"C:\\Program Files\\mIRC\\mirc.exe"=
"C:\\Program Files\\DNA\\btdna.exe"=
"C:\\Program Files\\BitTorrent\\bittorrent.exe"=

R0 JAHCI;JAHCI;C:\WINDOWS\system32\DRIVERS\JAHCI.sys [2005-05-12 15:12]
R0 Klpf;Klpf;C:\WINDOWS\system32\drivers\Klpf.sys [2006-02-07 11:06]
R0 Klpid;Klpid;C:\WINDOWS\system32\drivers\Klpid.sys [2006-02-07 11:06]
R0 m5289;m5289;C:\WINDOWS\system32\DRIVERS\m5289.sys [2004-12-01 10:49]
R0 uliagpkx;ULi AGP Bus Filter Driver;C:\WINDOWS\system32\DRIVERS\agpkx.sys [2005-05-03 17:31]
R2 DLPortIO;DriverLINX Port I/O Driver;C:\WINDOWS\system32\drivers\DLPortIO.sys [1999-01-10 12:00]
R3 msloop;Sterownik karty Microsoft Loopback;C:\WINDOWS\system32\DRIVERS\loop.sys [2001-08-17 21:53]
R3 RT2400PCI;802.11b WLAN PCI;C:\WINDOWS\system32\DRIVERS\RT2400.sys [2003-10-31 09:47]
S2 Ca533av;Cam 3200, WDM Video Capture;C:\WINDOWS\system32\Drivers\Ca533av.sys [2002-10-21 11:37]
S3 Revolution1;Revolution1;E:\revolutionengine\SHAK3.sys []
S3 ULI5261XP;ULi M526X Ethernet NT Driver;C:\WINDOWS\system32\DRIVERS\ULILAN51.SYS [2005-03-22 20:36]
S3 USBSTOR;Sterownik magazynu masowego USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 00:15]

*Newly Created Service* - EKRN
.
**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-06-20 03:39:02
Windows 5.1.2600 Dodatek Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

HKCU\Software\Microsoft\Windows\CurrentVersion\Run
EPSON Stylus C42 Series = C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE /A "C:\WINDOWS\system32\E_S2E6.tmp"? ?7~??6~????????Z?6~????*?6~????4?????????????????????????????????????????????????????????????9~0?6~????*?6~??7~????w?8~4???????????????,?`???7~????`??????????????????

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\PnkBstrB]
"ImagePath"="C:\WINDOWS\system32\PnkBstrB.exe"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\PnkBstrK]
"ImagePath"="\??\C:\WINDOWS\system32\drivers\PnkBstrK.sys"
.
Completion time: 2008-06-20 3:39:34
ComboFix-quarantined-files.txt 2008-06-20 01:39:31

Pre-Run: 2,883,678,208 bajtów wolnych
Post-Run: 2,878,185,472 bajtów wolnych

418 --- E O F --- 2008-05-18 09:37:47

  • 0

#2 wncvirus

wncvirus

    Leń !

  • 851 postów

Napisano 20 06 2008 - 13:06

Log z hjt czysty jest.

Log z combofix czyty jest.

  • 0

#3 timmy

timmy

    Zaawansowany użytkownik

  • 624 postów

Napisano 20 06 2008 - 16:42

ok dzieki

  • 0
Wróć do Bezpieczeństwo (wirusy i trojany)


Użytkownicy przeglądający ten temat: 0

0 użytkowników, 0 gości, 0 anonimowych

  1. Forum Komputerowe Tweaks.pl
  2. Oprogramowanie
  3. Bezpieczeństwo (wirusy i trojany)
  4. Polityka prywatności
  5. Szukaj
  6. Regulamin Forum ·