Poniżej przesyłam Logi:
Raport z The Avenger:
Logfile of The Avenger Version 2.0, (c) by Swandog46
http://swandog46.geekstogo.com
Platform: Windows XP
*******************
Script file opened successfully.
Script file read successfully.
Backups directory opened successfully at C:\Avenger
*******************
Beginning to process script file:
Rootkit scan active.
No rootkits found!
File "C:\WINDOWS\system32\braviax.exe" deleted successfully.
Completed script processing.
*******************
Finished! Terminate.
Log z Deckard’s System Scanner (DSS):
Deckard's System Scanner v20071014.68
Run by ppp on 2008-08-04 00:22:16
Computer is in Normal Mode.
--------------------------------------------------------------------------------
-- System Restore --------------------------------------------------------------
Successfully created a Deckard's System Scanner Restore Point.
-- Last 5 Restore Point(s) --
44: 2008-08-03 22:22:24 UTC - RP255 - Deckard's System Scanner Restore Point
43: 2008-08-03 20:13:45 UTC - RP254 - Aktualizuj do niepodpisanego sterownika
42: 2008-08-03 18:35:27 UTC - RP253 - Punkt kontrolny systemu
41: 2008-08-02 17:32:12 UTC - RP252 - Punkt kontrolny systemu
40: 2008-08-01 13:09:27 UTC - RP251 - Punkt kontrolny systemu
-- First Restore Point --
1: 2008-06-14 21:36:34 UTC - RP212 - Punkt kontrolny systemu
Backed up registry hives.
Performed disk cleanup.
[color=red]System Drive C: has 2.47 GiB (less than 15%) free.[/color]
-- HijackThis (run as ppp.exe) -------------------------------------------------
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 00:24:06, on 2008-08-04
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Eset\nod32kui.exe
C:\PROGRA~1\NEOSTR~1\CnxMon.exe
C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe
C:\PROGRA~1\NEOSTR~1\TaskbarIcon.exe
C:\Program Files\Winamp\winampa.exe
C:\WINDOWS\CTHELPER.EXE
C:\Program Files\Gadu-Gadu\gg.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Program Files\DNA\btdna.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\NetLimiter 2 Monitor\nlsvc.exe
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\NetLimiter 2 Monitor\NLClient.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Mozilla Firefox 3 Beta 4\firefox.exe
C:\PROGRA~1\NEOSTR~1\NeostradaTP.exe
C:\PROGRA~1\NEOSTR~1\ComComp.exe
C:\PROGRA~1\NEOSTR~1\Watch.exe
C:\Documents and Settings\ppp\Pulpit\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\ppp.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Neostrada TP
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\NEOSTR~1\SEARCH~1.DLL
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\System32\igfxpers.exe
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\NEOSTR~1\CnxMon.exe
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\NEOSTR~1\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\NEOSTR~1\TaskbarIcon.exe
O4 - HKLM\..\Run: [AudioHQ] C:\Program Files\Creative\SBLive\AudioHQ\AHQTB.EXE
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [SmartSync - ScheduleSync] C:\PROGRA~1\MOBILE~1\SMARTS~1\SCHEDU~1.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
O4 - HKCU\..\Run: [Gadu-Gadu] "C:\Program Files\Gadu-Gadu\gg.exe" /tray
O4 - HKCU\..\Run: [Orb] "C:\Program Files\Winamp Remote\bin\OrbTray.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_8 -reboot 1
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'USŁUGA LOKALNA')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'USŁUGA SIECIOWA')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Utwórz Ulubione dla urządzenia przenośnego... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1193865122560
O16 - DPF: {DEB21AD3-FDA4-42F6-B57D-EE696A675EE8} (IPSUploader Control) - http://asp01.photoprintit.de/microsite/3091/defaults/activex/IPSUploader.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{37165B6C-1507-47D2-A0C7-57D269DC562C}: NameServer = 208.67.222.222,208.67.220.220
O17 - HKLM\System\CCS\Services\Tcpip\..\{F2D6C71C-921F-4C0D-AFDF-E56239637243}: NameServer = 194.204.159.1 217.98.63.164
O17 - HKLM\System\CS1\Services\Tcpip\..\{37165B6C-1507-47D2-A0C7-57D269DC562C}: NameServer = 208.67.222.222,208.67.220.220
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wpmsg - {2E0AC5A0-3597-11D6-B3ED-0001021DC1C3} - C:\Program Files\Spik\url_wpmsg.dll
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: NetLimiter (nlsvc) - Locktime Software - C:\Program Files\NetLimiter 2 Monitor\nlsvc.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
--
End of file - 7064 bytes
-- HijackThis Fixed Entries (C:\PROGRA~1\TRENDM~1\HIJACK~1\backups\) -----------
backup-20080804-002131-370 O4 - HKCU\..\Run: [braviax] C:\WINDOWS\system32\braviax.exe
backup-20080804-002131-453 O4 - HKLM\..\Run: [braviax] C:\WINDOWS\system32\braviax.exe
-- File Associations -----------------------------------------------------------
[COLOR=red].cpl - cplfile - shell\cplopen\command - rundll32.exe shell32.dll,Control_RunDLL "%1",%*[/COLOR]
[COLOR=red].cpl - cplfile - shell\runas\command - rundll32.exe shell32.dll,Control_RunDLLAsUser "%1",%*[/COLOR]
-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------
R0 giveio - c:\windows\system32\giveio.sys
R0 speedfan - c:\windows\system32\speedfan.sys
R0 W9967CAM (%W9967CAM.Dev%) - c:\windows\system32\drivers\w9967sti.sys
R2 OkiPar - c:\windows\system32\drivers\okipar.sys
R3 actser - c:\windows\system32\drivers\actser.sys
R3 Cap7134 (Philips SAA7134 WDM Capture) - c:\windows\system32\drivers\cap7134.sys
R3 vsbus (Virtual Serial Bus Enumerator) - c:\windows\system32\drivers\vsb.sys
S3 ENTECH - c:\windows\system32\drivers\entech.sys
S3 mcdbus (Driver for MagicISO SCSI Host Controller) - c:\windows\system32\drivers\mcdbus.sys (file missing)
S3 tmhidsuper (ThrustMaster NASCAR Super Sport Combined) - c:\windows\system32\drivers\tmhidsuper.sys
S3 USBW9967 (LEBON LDC035A Digital Camera) - c:\windows\system32\drivers\2kw9967.sys
S3 vserial (ELTIMA Virtual Serial Ports Driver) - c:\windows\system32\drivers\vserial.sys
-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------
R2 nlsvc (NetLimiter) - "c:\program files\netlimiter 2 monitor\nlsvc.exe"
S2 CLTNetCnService (Symantec Lic NetConnect service) - "c:\program files\common files\symantec shared\ccsvchst.exe" /h cccommon (file missing)
-- Device Manager: Disabled ----------------------------------------------------
Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: Karta sieciowa 1394
Device ID: V1394\NIC1394\2000858E23C00
Manufacturer: Microsoft
Name: Karta sieciowa 1394
PNP Device ID: V1394\NIC1394\2000858E23C00
Service: NIC1394
Class GUID: {4D36E96C-E325-11CE-BFC1-08002BE10318}
Description: SoundMAX Integrated Digital Audio
Device ID: PCI\VEN_8086&DEV_24D5&SUBSYS_02851014&REV_02\3&61AAA01&0&FD
Manufacturer: Analog Devices, Inc.
Name: SoundMAX Integrated Digital Audio
PNP Device ID: PCI\VEN_8086&DEV_24D5&SUBSYS_02851014&REV_02\3&61AAA01&0&FD
Service: smwdm
-- Files created between 2008-07-04 and 2008-08-04 -----------------------------
2008-08-03 23:24:18 0 d-------- C:\Program Files\Trend Micro
2008-08-03 22:12:58 110592 --a------ C:\WINDOWS\system32\prop7134.dll
2008-08-03 22:12:58 334816 --a------ C:\WINDOWS\system32\drivers\Cap7134.sys
2008-08-03 22:12:58 114688 --a------ C:\WINDOWS\system32\34com.dll
2008-08-03 22:12:58 135168 --a------ C:\WINDOWS\system32\34api.dll
2008-08-03 22:08:53 0 d-------- C:\Medion
2008-07-30 10:14:49 0 d-------- C:\WINDOWS\system32\Adobe
2008-07-29 00:23:16 0 d-------- C:\Datenuebersicht
2008-07-27 00:41:38 0 d-------- C:\Program Files\Damian Pasternak
2008-07-13 22:12:14 0 d-------- C:\Program Files\GIMP-2.0
2008-07-11 11:43:56 73728 --a------ C:\WINDOWS\system32\CNMCP58.exe
-- Find3M Report ---------------------------------------------------------------
2008-08-04 00:19:24 451220 --a------ C:\WINDOWS\system32\perfh015.dat
2008-08-04 00:19:24 75486 --a------ C:\WINDOWS\system32\perfc015.dat
2008-08-04 00:17:46 0 d-------- C:\Documents and Settings\ppp\Dane aplikacji\Skype
2008-08-04 00:17:30 0 d-------- C:\Program Files\Neostrada TP
2008-08-04 00:17:27 0 d-------- C:\Program Files\Mozilla Firefox 3 Beta 4
2008-08-04 00:15:24 0 d-------- C:\Documents and Settings\ppp\Dane aplikacji\skypePM
2008-08-04 00:13:40 0 d-------- C:\Documents and Settings\ppp\Dane aplikacji\DNA
2008-08-03 23:57:13 0 d-------- C:\Program Files\Mozilla Thunderbird
2008-08-03 20:18:12 0 d-------- C:\Program Files\Deutsch Translator 2
2008-08-03 14:03:26 0 d-------- C:\Program Files\SpeedFan
2008-07-30 10:16:55 0 d-------- C:\Documents and Settings\ppp\Dane aplikacji\Adobe
2008-07-13 23:52:38 0 d-------- C:\Documents and Settings\ppp\Dane aplikacji\gtk-2.0
2008-06-25 11:47:30 0 d-------- C:\Documents and Settings\ppp\Dane aplikacji\AdobeUM
2008-06-20 15:15:27 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-06-20 15:15:03 0 d-------- C:\Program Files\Creative
2008-06-20 15:06:21 409600 --a------ C:\WINDOWS\system32\wrap_oal.dll
2008-06-20 15:06:21 86016 --a------ C:\WINDOWS\system32\OpenAL32.dll
2008-06-20 15:06:13 0 d-------- C:\Documents and Settings\ppp\Dane aplikacji\Creative
2008-06-06 15:29:11 0 d-------- C:\Program Files\WarRock
2008-05-24 13:43:45 103509 --a------ C:\WINDOWS\hpoins04.dat
-- Registry Dump ---------------------------------------------------------------
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="C:\WINDOWS\System32\igfxtray.exe" [2005-04-05 15:22]
"HotKeysCmds"="C:\WINDOWS\System32\hkcmd.exe" [2005-04-05 15:19]
"Persistence"="C:\WINDOWS\System32\igfxpers.exe" [2005-04-05 15:23]
"nod32kui"="C:\Program Files\Eset\nod32kui.exe" [2007-10-31 23:20]
"WooCnxMon"="C:\PROGRA~1\NEOSTR~1\CnxMon.exe" [2003-10-16 19:07]
"SpeedTouch USB Diagnostics"="C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" [2004-01-26 12:38]
"WOOWATCH"="C:\PROGRA~1\NEOSTR~1\Watch.exe" [2003-10-16 19:07]
"WOOTASKBARICON"="C:\PROGRA~1\NEOSTR~1\TaskbarIcon.exe" [2003-10-16 19:07]
"AudioHQ"="C:\Program Files\Creative\SBLive\AudioHQ\AHQTB.EXE" [2000-05-11 02:00]
"WinampAgent"="C:\Program Files\Winamp\winampa.exe" [2007-10-10 07:28]
"SmartSync - ScheduleSync"="C:\PROGRA~1\MOBILE~1\SMARTS~1\SCHEDU~1.EXE" [2005-10-21 17:20]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 11:50]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2005-04-01 17:16]
"nwiz"="nwiz.exe" [2005-04-01 17:16 C:\WINDOWS\system32\nwiz.exe]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2005-04-01 17:16]
"CTHelper"="CTHELPER.EXE" [2006-08-11 14:56 C:\WINDOWS\CTHELPER.EXE]
"CTxfiHlp"="CTXFIHLP.EXE" [2006-08-11 14:56 C:\WINDOWS\system32\CTXFIHLP.EXE]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Gadu-Gadu"="C:\Program Files\Gadu-Gadu\gg.exe" [2007-07-09 09:39]
"Orb"="C:\Program Files\Winamp Remote\bin\OrbTray.exe" [2007-10-23 02:47]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 01:44]
"H/PC Connection Agent"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe" [2006-11-13 16:57]
"Skype"="C:\Program Files\Skype\Phone\Skype.exe" [2007-12-07 16:08]
"BitTorrent DNA"="C:\Program Files\DNA\btdna.exe" [2008-05-29 20:08]
"updateMgr"="C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [2006-03-30 17:45]
C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 23:05:26]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@="Volume shadow copy"
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{28ABC5C0-4FCB-11CF-AAX5-81CX1C635612}]
c:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\ise32.exe
-- End of Deckard's System Scanner: finished at 2008-08-04 00:24:41 ------------
Log z System Repair Engineer:
2008-08-04,00:26:54
System Repair Engineer 2.6.12.1018
Smallfrogs (http://www.KZTechs.com)
Windows XP Professional Dodatek Service Pack 2 (Build 2600) - Administrative User - Completed Functions Allowed
Follow item(s) have been selected:
All Boot Items (Including Registry, Startup Folders, Services and so on)
Browser Add-ons
Running Processes (Including process model information)
File Associations
Winsock Provider
Autorun.Inf
HOSTS File
Process Privileges Scan
Boot Items
Registry
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
<"C:\Program Files\Gadu-Gadu\gg.exe" /tray> [(Verified)Gadu-Gadu sp. z o.o.]
<"C:\Program Files\Winamp Remote\bin\OrbTray.exe" /background> [Orb Networks]
[(Verified)Microsoft Windows Publisher]
<"C:\Program Files\Microsoft ActiveSync\wcescomm.exe"> [(Verified)Microsoft Corporation]
<"C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized> [(Verified)Skype Technologies SA]
<"C:\Program Files\DNA\btdna.exe"> [(Verified)BitTorrent Inc]
<"C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_8 -reboot 1> [File is missing]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
[(Verified)Microsoft Windows Hardware Compatibility Publisher]
[(Verified)Microsoft Windows Hardware Compatibility Publisher]
[(Verified)Microsoft Windows Hardware Compatibility Publisher]
<"C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE> [Eset]
[]
<"C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon> [THOMSON Telecom Belgium]
[France Télécom R&D]
[France Télécom R&D]
[Creative Technology Ltd.]
<"C:\Program Files\Winamp\winampa.exe"> []
[Siemens]
[Ahead Software Gmbh]
[(Verified)Microsoft Windows Hardware Compatibility Publisher]
[NVIDIA Corporation]
[(Verified)Microsoft Windows Hardware Compatibility Publisher]
[Creative Technology Ltd]
[Creative Technology Ltd]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
[(Verified)Microsoft Windows Component Publisher]
[(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
[(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
[(Verified)Microsoft Windows Hardware Compatibility Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\<{12d0ed0d-0ee0-4f90-8827-78cefb8f4988}]
[(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
<%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE> [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{28ABC5C0-4FCB-11CF-AAX5-81CX1C635612}]
[File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
<%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
<"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install> [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
[(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]
[(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
[(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
<"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install> [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}]
[Microsoft Corporation]
==================================
Startup Folders
[Adobe Reader Speed Launch]
C:\PROGRA~1\Adobe\ACROBA~1.0\Reader\READER~1.EXE [Adobe Systems Incorporated]>
==================================
Services
[Symantec Lic NetConnect service / CLTNetCnService][Stopped/Auto Start]
<"C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon><(File is missing)>
[LexBce Server / LexBceS][Running/Auto Start]
[NetLimiter / nlsvc][Running/Auto Start]
<"C:\Program Files\NetLimiter 2 Monitor\nlsvc.exe">
[NOD32 Kernel Service / NOD32krn][Running/Auto Start]
<"C:\Program Files\Eset\nod32krn.exe">
[NVIDIA Display Driver Service / NVSvc][Running/Auto Start]
[Pml Driver HPZ12 / Pml Driver HPZ12][Stopped/Manual Start]
[PnkBstrA / PnkBstrA][Running/Auto Start]
==================================
Drivers
[actser / actser][Running/Manual Start]
[SpeedTouch USB ADSL PPP Networking Driver (NDISWAN) / alcan5wn][Running/Manual Start]
[SpeedTouch ADSL Modem ATM Transport / alcaudsl][Running/Manual Start]
[AMON / AMON][Running/Auto Start]
<\SystemRoot\system32\drivers\amon.sys>
[Philips SAA7134 WDM Capture / Cap7134][Running/Manual Start]
[Creative AC3 Software Decoder / ctac32k][Running/Manual Start]
[Creative Audio Driver (WDM) / ctaud2k][Running/Manual Start]
[Creative DVD-Audio Device Driver / ctdvda2k][Stopped/Manual Start]
[Port gier dla karty Creative SB Live! / ctljystk][Stopped/Manual Start]
[Creative Proxy Driver / ctprxy2k][Running/Manual Start]
[Creative SoundFont Management Device Driver / ctsfm2k][Running/Manual Start]
[Intel(R) PRO/1000 Adapter Driver / E1000][Running/Manual Start]
[Intel(R) PRO Adapter Driver / E100B][Stopped/Manual Start]
[Creative SB Live! Value (WDM) / emu10k][Stopped/Manual Start]
[Creative Interface Manager Driver (WDM) / emu10k1][Stopped/Manual Start]
[E-mu Plug-in Architecture Driver / emupia][Running/Manual Start]
[ENTECH / ENTECH][Stopped/Manual Start]
<\??\C:\WINDOWS\system32\DRIVERS\ENTECH.sys>
[giveio / giveio][Running/Boot Start]
<\SystemRoot\system32\giveio.sys>
[Creative Hardware Abstract Layer Driver / ha10kx2k][Running/Manual Start]
[Creative P16V HAL Driver / hap16v2k][Stopped/Manual Start]
[Creative P17V HAL Driver / hap17v2k][Stopped/Manual Start]
[IEEE-1284.4 Driver HPZid412 / HPZid412][Stopped/Manual Start]
[Print Class Driver for IEEE-1284.4 HPZipr12 / HPZipr12][Stopped/Manual Start]
[USB to IEEE-1284.4 Translation Driver HPZius12 / HPZius12][Stopped/Manual Start]
[ialm / ialm][Stopped/Manual Start]
[Driver for MagicISO SCSI Host Controller / mcdbus][Stopped/Manual Start]
[nltdi / nltdi][Running/System Start]
<\??\C:\WINDOWS\system32\drivers\nltdi.sys>
[nod32drv / nod32drv][Running/System Start]
<\SystemRoot\system32\drivers\nod32drv.sys>
[nv / nv][Running/Manual Start]
[OkiPar / OkiPar][Running/Auto Start]
<\SystemRoot\System32\DRIVERS\OKIPAR.SYS>
[Creative OS Services Driver / ossrv][Running/Manual Start]
[Sterownik bezpośredniego połączenia kablowego / Ptilink][Running/Manual Start]
[PxHelp20 / PxHelp20][Running/Boot Start]
<\SystemRoot\System32\Drivers\PxHelp20.sys>
[Secdrv / Secdrv][Running/Auto Start]
[Creative SoundFont Manager Driver (WDM) / sfman][Stopped/Manual Start]
[SAGEM 802.11g XG762 1211B Driver / SG762_XP][Stopped/Manual Start]
[smwdm / smwdm][Stopped/Manual Start]
[speedfan / speedfan][Running/Boot Start]
<\SystemRoot\system32\speedfan.sys>
[sptd / sptd][Running/Boot Start]
<\SystemRoot\System32\Drivers\sptd.sys>
[ThrustMaster NASCAR Super Sport Combined / tmhidsuper][Stopped/Manual Start]
[LEBON LDC035A Digital Camera / USBW9967][Stopped/Manual Start]
[Virtual Serial Bus Enumerator / vsbus][Running/Manual Start]
[ELTIMA Virtual Serial Ports Driver / vserial][Stopped/Manual Start]
[%W9967CAM.Dev% / W9967CAM][Running/Boot Start]
<\SystemRoot\system32\DRIVERS\W9967STI.SYS>
==================================
Browser Add-ons
[Create Mobile Favorite]
{2EAF5BB1-070F-11D3-9307-00C04FAE2D4F}
[Create Mobile Favorite]
{2EAF5BB2-070F-11D3-9307-00C04FAE2D4F}
[&Badanie]
{92780B25-18CC-41C8-B9BE-3C9C571A8263}
[]
{e2e2dd38-d088-4134-82b7-f2ba38496583} <%windir%\Network Diagnostic\xpnetdiag.exe, (Signed) N/A>
[WUWebControl Class]
{6414512B-B978-451D-A0D8-FCFDF33E833C}
[Java Plug-in 1.4.0_03]
{8AD9C840-044E-11D1-B3E9-00805F499D93}
[]
{8FFBE65D-2C9C-4669-84BD-5829DC0B603C} <, >
[Java Plug-in 1.4.0_03]
{CAFEEFAC-0014-0000-0003-ABCDEFFEDCBA}
[IPSUploader Control]
{DEB21AD3-FDA4-42F6-B57D-EE696A675EE8}
[Adobe PDF Reader Link Helper]
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}
[Windows Media Player]
{22D6F312-B0F6-11D0-94AB-0080C74C7E95}
[]
{2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} <, >
[]
{2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} <, >
[Microsoft Shell UI Helper]
{64AB4BB7-111E-11D1-8F79-00C04FC2FBE1}
[Windows Media Player]
{6BF52A52-394A-11D3-B153-00C04F79FAA6}
[Active Desktop Mover]
{72267F6A-A6F9-11D0-BC94-00C04FB67863} <%SystemRoot%\system32\SHELL32.dll, (Signed) N/A>
[Microsoft Web Browser]
{8856F961-340A-11D0-A96B-00C04FD705A2}
[]
{92780B25-18CC-41C8-B9BE-3C9C571A8263} <, >
[]
{9E385F0A-0BA2-430C-96AA-4399C5E40F6C} <, >
[IPSUploader Thumbnail Control]
{CF7C5669-669A-487D-BC73-24196E611A4B}
[RealPlayer G2 Control]
{CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA}
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000}
[IPSUploader Control]
{DEB21AD3-FDA4-42F6-B57D-EE696A675EE8}
[]
{E2E2DD38-D088-4134-82B7-F2BA38496583} <, >
[XML HTTP Request]
{ED8C108E-4349-11D2-91A4-00C04F7969E8}
[XML HTTP]
{F6D90F16-9C73-11D3-B32E-00C04F990BB4}
[E&ksport do programu Microsoft Excel]
==================================
Running Processes
[PID][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID][C] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID][C] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C] [Eset , 2, 70, 39]
[C] [N/A,]
[PID][C] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID][C] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C] [Eset , 2, 70, 39]
[C] [N/A,]
[PID][C] [Creative Technology Ltd., 1, 0, 0, 22]
[PID][C] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C] [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
[C] [Microsoft Corporation, 7.00.6000.16674 (vista_gdr.080415-1732)]
[C] [Eset , 2, 70, 39]
[C] [N/A,]
[PID][C] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C] [Eset , 2, 70, 39]
[C] [N/A,]
[PID][C] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C] [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
[C] [Microsoft Corporation, 7.00.6000.16674 (vista_gdr.080415-1732)]
[C] [Eset , 2, 70, 39]
[C] [N/A,]
[PID][C] [Lexmark International, Inc., 9.37]
[C] [Lexmark International, Inc., 9.37]
[C] [Lexmark International, Inc., 9.37]
[PID][C] [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]
[C] [BullZip, 3, 0, 0, 35]
[C] [CANON INC., 1.73.2.80]
[C] [CANON INC., 1.71.2.40]
[C] [HP, 2,140,0,0]
[C] [HP, 2.323.0.0]
[C] [HP, 2.323.0.0]
[C] [Lexmark International, Inc., 9.37]
[C] [Lexmark International, Inc., 9.37]
[C] [Microsoft Corporation, 11.3.1897.0]
[C] [Microsoft Corporation, 5.1.2600.2079 built by: xpsp(skatari)]
[C] [Oki Data Corporation, 1.0.3]
[C] [Oki Data Corporation, 1.0.13]
[C] [CANON INC., 1.73.2.80]
[C] [CANON INC., 1.71.2.40]
[C] [Lexmark International, 1.0.4.0]
[C] [Microsoft Corporation, 11.3.1897.0]
[C] [Lexmark International, Inc., 1, 0, 1, 0]
[PID][C] [Lexmark International, Inc., 9.37]
[C] [Eset , 2, 70, 39]
[C] [N/A,]
[C] [Lexmark International, Inc., 9.37]
[PID][C] [Microsoft Corporation, 6.00.2900.3156 (xpsp_sp2_gdr.070613-1234)]
[C] [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
[C] [Microsoft Corporation, 7.00.6000.16674 (vista_gdr.080415-1732)]
[C] [Microsoft Corporation, 7.00.6000.16674 (vista_gdr.080415-1732)]
[C] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[C] [Creative Technology Ltd, 1, 0, 0, 12]
[C] [Gadu-Gadu S.A., 7,6,0,1578]
[C] [Adobe Systems, Inc., 7.0.0.0]
[C] [Microsoft Corporation, 11.0.5510]
[PID][C] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C] [Creative Technology Ltd, 1, 0, 0, 12]
[C] [Gadu-Gadu S.A., 7,6,0,1578]
[PID][C] [Eset , 2, 70, 39]
[C] [N/A,]
[C] [Creative Technology Ltd, 1, 0, 0, 12]
[C] [Eset , 2, 70, 39]
[C] [Eset , 2, 70, 39]
[C] [Eset , 2, 70, 39]
[C] [N/A,]
[C] [Eset , 2, 70, 39]
[C] [N/A,]
[C] [Eset , 2, 70, 39]
[C] [N/A,]
[C] [Eset , 2, 70, 39]
[C] [Eset , 2, 70, 39]
[C] [Eset , 2, 70, 39]
[C] [N/A,]
[C] [Gadu-Gadu S.A., 7,6,0,1578]
[PID][C] [, 1, 0, 0, 1]
[C] [Microsoft Corporation, 6.00.8168.0]
[C] [Gadu-Gadu S.A., 7,6,0,1578]
[PID][C] [THOMSON Telecom Belgium, 301.0.0.12]
[C] [Creative Technology Ltd, 1, 0, 0, 12]
[C] [Gadu-Gadu S.A., 7,6,0,1578]
[PID][C] [France Télécom R&D, 5.6 (3)]
[C] [France Télécom R&D, 5.4 (36)]
[C] [Microsoft Corporation, 6.00.8168.0]
[C] [France Télécom R&D, 5.6 (0)]
[C] [, 5.6]
[C] [France Télécom R&D, 5.6 (521)]
[C] [Creative Technology Ltd, 1, 0, 0, 12]
[C] [Gadu-Gadu S.A., 7,6,0,1578]
[PID][C] [N/A,]
[C] [Nullsoft, Inc., 7.10.0000]
[C] [Gadu-Gadu S.A., 7,6,0,1578]
[PID][C] [Creative Technology Ltd, 2, 0, 0, 41]
[C] [Creative Technology Ltd, 5.12.01.1196-2.09.7540]
[C] [Creative Technology Ltd, 1, 0, 0, 12]
[C] [Creative Technology Ltd, 1, 0, 4, 11]
[C] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[C] [Creative Technology Ltd, 5.12.01.1196-2.09.7540]
[C] [Creative Technology Ltd, 5.12.01.1196-2.09.7540]
[C] [Creative Technology Ltd, 5.12.01.1196-2.09.7540]
[C] [Creative Technology Ltd, 5.12.01.1140-2.07.0070]
[C] [Creative Technology Ltd, 5.12.01.1196-2.09.7540]
[C] [Gadu-Gadu S.A., 7,6,0,1578]
[PID][C] [Gadu-Gadu S.A., 7,7,0,3669]
[C] [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
[C] [Microsoft Corporation, 7.00.6000.16674 (vista_gdr.080415-1732)]
[C] [sms-express.com, 1, 0, 0, 0]
[C] [The OpenSSL Project, http://www.openssl.org/, 0.9.8e]
[C] [Microsoft Corporation, 7.10.6030.0]
[C] [The OpenSSL Project, http://www.openssl.org/, 0.9.8e]
[C] [Gadu-Gadu S.A., 7,6,0,1578]
[C] [Microsoft Corporation, 6.2.0013.1 (DbgBuild.030619-2209)]
[C] [N/A,]
[C] [The OpenSSL Project, http://www.openssl.org/, 0.9.8e]
[C] [Gadu-Gadu S.A., 7,7,0,2976]
[C] [n0ne, 1, 0, 0, 2]
[C] [Gadu-Gadu S.A., 7,6,0,3433]
[C] [N/A,]
[C] [N/A,]
[C] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[C] [Microsoft Corporation, 7.00.6000.16674 (vista_gdr.080415-1732)]
[C] [Eset , 2, 70, 39]
[C] [N/A,]
[C] [Creative Technology Ltd, 1, 0, 0, 12]
[C] [Microsoft Corporation, 7.00.9466]
[C] [Microsoft Corporation, 7.00.9466]
[PID][C] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C] [Gadu-Gadu S.A., 7,6,0,1578]
[PID][C] [Microsoft Corporation, 4.5.5096.0]
[C] [Microsoft Corporation, 4.5.5096.0]
[C] [Microsoft Corporation, 4.5.5096.0]
[C] [Microsoft Corporation, 4.5.5096.0]
[C] [Eset , 2, 70, 39]
[C] [N/A,]
[C] [Microsoft Corporation, 4.5.5096.0]
[C] [Microsoft Corporation, 4.5.5096.0]
[C] [Gadu-Gadu S.A., 7,6,0,1578]
[PID][C] [BitTorrent, Inc., 2.0.1.9795]
[C] [Eset , 2, 70, 39]
[C] [N/A,]
[C] [Creative Technology Ltd, 1, 0, 0, 12]
[C] [Gadu-Gadu S.A., 7,6,0,1578]
[PID][C] [Microsoft Corporation, 4.5.5096.0]
[C] [Microsoft Corporation, 4.5.5096.0]
[C] [Microsoft Corporation, 4.5.5096.0]
[C] [Eset , 2, 70, 39]
[C] [N/A,]
[C] [Gadu-Gadu S.A., 7,6,0,1578]
[PID][C] [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
[C] [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
[C] [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
[PID][C] [Microsoft Corporation, 7.00.9466]
[C] [Microsoft Corporation, 7.00.9466]
[PID][C] [Locktime Software, 2.0.10.1]
[PID][C] [Eset , 2, 70, 39]
[C] [Eset , 2, 70, 39]
[C] [Eset , 2, 70, 39]
[C] [Eset , 2, 70, 39]
[C] [Eset , 2, 70, 39]
[C] [N/A,]
[C] [Eset , 2, 70, 39]
[C] [N/A,]
[C] [Eset , 2, 70, 39]
[C] [N/A,]
[C] [Eset , 2, 70, 39]
[C] [Eset , 2, 70, 39]
[C] [Eset , 2, 70, 39]
[C] [N/A,]
[PID][C] [NVIDIA Corporation, 6.14.10.7189]
[C] [NVIDIA Corporation, 6.14.10.7189]
[PID][C] [N/A,]
[C] [Eset , 2, 70, 39]
[C] [N/A,]
[PID][C] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID][C] [Microsoft Corporation, 5.2.3790.1230 built by: dnsrv(bld4act)]
[PID][C] [Locktime Software, 1.0.14.1]
[C] [Locktime Software, 1.0.14.1]
[C] [Microsoft Corporation, 7.00.6000.16674 (vista_gdr.080415-1732)]
[C] [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
[C] [Locktime Software, 2.0.10.1]
[C] [Microsoft Corporation, 7.00.6000.16674 (vista_gdr.080415-1732)]
[C] [Creative Technology Ltd, 1, 0, 0, 12]
[C] [Locktime Software, 1.0.0.1]
[C] [Locktime Software, 1.0.14.1]
[C] [Locktime Software, 1.0.14.1]
[C] [Gadu-Gadu S.A., 7,6,0,1578]
[PID][C] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C] [Eset , 2, 70, 39]
[C] [N/A,]
[PID][C] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID][C] [Mozilla Corporation, 1.9.0.1]
[C] [Mozilla Foundation, 1.9.0.1]
[C] [sqlite.org, 3.5.9]
[C] [Mozilla Foundation, 8.00.0000]
[C] [Netscape Communications Corporation, 4.0]
[C] [Mozilla Foundation, 4.7.1]
[C] [Mozilla Foundation, 3.12.0.3 Basic ECC]
[C] [Mozilla Foundation, 3.12.0.3 Basic ECC]
[C] [Mozilla Foundation, 3.12.0.3 Basic ECC]
[C] [Mozilla Foundation, 4.7.1]
[C] [Mozilla Foundation, 4.7.1]
[C] [Mozilla Foundation, 3.12.0.3 Basic ECC]
[C] [Mozilla Foundation, 1.9.0.1]
[C] [Mozilla Foundation, 1.9.0.1]
[C] [Eset , 2, 70, 39]
[C] [N/A,]
[C] [Mozilla Foundation, 3.12.0.3 Basic ECC]
[C] [Mozilla Foundation, 3.12.0.3 Basic ECC]
[C] [Mozilla Foundation, 3.12.0.3 Basic ECC]
[C] [Mozilla Foundation, 1.70]
[C] [Mozilla Foundation, 1.9.0.1]
[C] [Creative Technology Ltd, 1, 0, 0, 12]
[C] [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
[C] [Microsoft Corporation, 7.00.6000.16674 (vista_gdr.080415-1732)]
[C] [,]
[C] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[C] [Gadu-Gadu S.A., 7,6,0,1578]
[PID][C] [France Télécom R&D, 5.6 (213)]
[C] [France Télécom R&D, 5.4 (36)]
[C] [Microsoft Corporation, 6.00.8168.0]
[C] [France Télécom R&D, 5.6 (0)]
[C] [Creative Technology Ltd, 1, 0, 0, 12]
[C] [France Télécom R&D, 5.6 (521)]
[C] [, 5.6]
[C] [Gadu-Gadu S.A., 7,6,0,1578]
[PID][C] [France Télécom R&D, 5.5 (391)]
[C] [France Télécom R&D, 5.4 (36)]
[C] [Microsoft Corporation, 6.00.8168.0]
[C] [France Télécom R&D, 5.6 (70)]
[C] [France Télécom R&D, 5.4 (72)]
[C] [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
[C] [Microsoft Corporation, 7.00.6000.16674 (vista_gdr.080415-1732)]
[C] [Eset , 2, 70, 39]
[C] [N/A,]
[C] [, 5.6 (4)]
[C] [Gadu-Gadu S.A., 7,6,0,1578]
[PID][C] [France Télécom R&D, 5.5 (81)]
[C] [France Télécom R&D, 5.4 (72)]
[C] [Microsoft Corporation, 6.00.8168.0]
[PID][C] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C] [Creative Technology Ltd, 1, 0, 0, 12]
[C] [Gadu-Gadu S.A., 7,6,0,1578]
[PID][C] [Smallfrogs Studio, 2.6.12.1018]
[PID][C] [Smallfrogs Studio, 2.6.12.1018]
[C] [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
[C] [Microsoft Corporation, 7.00.6000.16674 (vista_gdr.080415-1732)]
[C] [Creative Technology Ltd, 1, 0, 0, 12]
[C] [Gadu-Gadu S.A., 7,6,0,1578]
[C] [Smallfrogs Studio, 2, 1, 0, 15]
[C] [Eset , 2, 70, 39]
[C] [N/A,]
==================================
File Associations
.TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE OK. ["%1" %*]
.COM OK. ["%1" %*]
.PIF OK. ["%1" %*]
.REG OK. [regedit.exe "%1"]
.BAT OK. ["%1" %*]
.SCR OK. ["%1" /S]
.CHM OK. ["C:\WINDOWS\hh.exe" %1]
.HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK OK. [{00021401-0000-0000-C000-000000000046}]
==================================
Winsock Provider
NOD32 protected [MSAFD Tcpip [TCP/IP]]
C:\WINDOWS\System32\imon.dll(Eset , NOD32 IMON - Internet scanning support)
NOD32 protected [MSAFD Tcpip [UDP/IP]]
C:\WINDOWS\System32\imon.dll(Eset , NOD32 IMON - Internet scanning support)
NOD32 protected [MSAFD Tcpip [RAW/IP]]
C:\WINDOWS\System32\imon.dll(Eset , NOD32 IMON - Internet scanning support)
NOD32 protected [RSVP UDP Service Provider]
C:\WINDOWS\System32\imon.dll(Eset , NOD32 IMON - Internet scanning support)
NOD32 protected [RSVP TCP Service Provider]
C:\WINDOWS\System32\imon.dll(Eset , NOD32 IMON - Internet scanning support)
NOD32
C:\WINDOWS\System32\imon.dll(Eset , NOD32 IMON - Internet scanning support)
==================================
Autorun.Inf
N/A
==================================
HOSTS File
127.0.0.1 localhost
==================================
Process Privileges Scan
Special Privileges Enabled: SeLoadDriverPrivilege [PID = 408, C:\PROGRAM FILES\ESET\NOD32KUI.EXE]
Special Privileges Enabled: SeLoadDriverPrivilege [PID = 540, C:\PROGRA~1\NEOSTR~1\CNXMON.EXE]
Special Privileges Enabled: SeLoadDriverPrivilege [PID = 556, C:\PROGRAM FILES\THOMSON\SPEEDTOUCH USB\DRAGDIAG.EXE]
Special Privileges Enabled: SeLoadDriverPrivilege [PID = 600, C:\PROGRA~1\NEOSTR~1\TASKBARICON.EXE]
Special Privileges Enabled: SeLoadDriverPrivilege [PID = 496, C:\PROGRAM FILES\WINAMP\WINAMPA.EXE]
Special Privileges Enabled: SeLoadDriverPrivilege [PID = 760, C:\WINDOWS\CTHELPER.EXE]
Special Privileges Enabled: SeLoadDriverPrivilege [PID = 2984, C:\PROGRAM FILES\NETLIMITER 2 MONITOR\NLCLIENT.EXE]
Special Privileges Enabled: SeLoadDriverPrivilege [PID = 840, C:\PROGRA~1\NEOSTR~1\NEOSTRADATP.EXE]
Special Privileges Enabled: SeLoadDriverPrivilege [PID = 3724, C:\PROGRA~1\NEOSTR~1\COMCOMP.EXE]
Special Privileges Enabled: SeLoadDriverPrivilege [PID = 3576, C:\PROGRA~1\NEOSTR~1\WATCH.EXE]
Special Privileges Enabled: SeLoadDriverPrivilege [PID = 3668, C:\DOCUMENTS AND SETTINGS\PPP\PULPIT\SRENG2\SRENGLDR.EXE]
==================================
API HOOK
N/A
==================================
Hidden Process
N/A
==================================
