Miałem trojana. Proszę o sprawdzenie logów


(cptiev) #1
Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 17:49, on 2008-01-11

Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16574)

Boot mode: Normal


Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

C:\Program Files\Alwil Software\Avast4\ashServ.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

C:\WINDOWS\system32\nvsvc32.exe

D:\Program Files\Spyware Terminator\sp_rsser.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

C:\Program Files\Multimedia Card Reader\shwicon2k.exe

C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

C:\WINDOWS\SOUNDMAN.EXE

C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe

C:\Program Files\Common Files\Real\Update_OB\realsched.exe

C:\Program Files\iTunes\iTunesHelper.exe

D:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Winamp Remote\bin\OrbTray.exe

C:\Program Files\DAEMON Tools\daemon.exe

C:\Program Files\Nonbrand\802.11g Wireless LAN PCI Card Driver and Utility\RtWlan.exe

C:\Program Files\Winamp Remote\bin\Orb.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe

C:\WINDOWS\explorer.exe

D:\Program Files\MoorHunt\MoorHunt.exe

C:\Program Files\Mozilla Firefox\firefox.exe

D:\Program Files\Trend Micro\HijackThis\HijackThis.exe

C:\WINDOWS\system32\cmd.exe

C:\WINDOWS\system32\cmd.exe

C:\ComboFix\vfind.cfexe

C:\ComboFix\vfind.cfexe


R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = :

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: Winamp Toolbar BHO - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll

O4 - HKLM\..\Run: [Sunkist2k] C:\Program Files\Multimedia Card Reader\shwicon2k.exe

O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE

O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [SpywareTerminator] "D:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [Orb] "C:\Program Files\Winamp Remote\bin\OrbTray.exe" /background

O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033

O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA LOKALNA')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA SIECIOWA')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Global Startup: 802.11g Wireless LAN PCI Card Utility.lnk = ?

O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe

O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe

O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

O8 - Extra context menu item: &Winamp Toolbar Search - C:\Documents and Settings\All Users\Dane aplikacji\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{A4D25B34-CDAD-4518-BEE1-73FDFF6E7EF5}: NameServer = 192.0.6.1

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O23 - Service: Urządzenie mobilne Apple (Apple Mobile Device) - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

O23 - Service: Usługa iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - D:\Program Files\Spyware Terminator\sp_rsser.exe


--

End of file - 7158 bytes

ComboFix 08-01-10.2 - Łukasz 2008-01-11 18:59:45.5 - NTFSx86

Running from: C:\Documents and Settings\Łukasz\Pulpit\ComboFix.exe

.


((((((((((((((((((((((((( Files Created from 2007-12-11 to 2008-01-11 )))))))))))))))))))))))))))))))

.


2008-01-11 15:55 . 2008-01-11 15:55

[code]Deckard's System Scanner v20071014.68 Run by Łukasz on 2008-01-11 19:24:48 Computer is in Normal Mode. -------------------------------------------------------------------------------- -- System Restore -------------------------------------------------------------- Successfully created a Deckard's System Scanner Restore Point. -- Last 5 Restore Point(s) -- 18: 2008-01-11 18:25:07 UTC - RP18 - Deckard's System Scanner Restore Point 17: 2008-01-11 14:44:21 UTC - RP17 - ComboFix created restore point 16: 2008-01-11 14:41:26 UTC - RP16 - ComboFix created restore point 15: 2008-01-11 14:31:32 UTC - RP15 - Zainstalowany program DirectX 9.0 14: 2008-01-11 13:50:36 UTC - RP14 - Zainstalowany program DirectX 9.0 -- First Restore Point -- 1: 2007-12-29 17:25:46 UTC - RP1 - Punkt kontrolny systemu Backed up registry hives. Performed disk cleanup. [color=red]System Drive C: has 1.71 GiB (less than 15%) free.[/color] -- HijackThis (run as Łukasz.exe) ---------------------------------------------- Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 19:25:54, on 2008-01-11 Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16574) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\WINDOWS\system32\nvsvc32.exe D:\Program Files\Spyware Terminator\sp_rsser.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\Multimedia Card Reader\shwicon2k.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\iTunes\iTunesHelper.exe D:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Winamp Remote\bin\OrbTray.exe C:\Program Files\DAEMON Tools\daemon.exe C:\Program Files\Winamp Remote\bin\Orb.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files\Alwil Software\Avast4\ashSimpl.exe C:\Program Files\Gadu-Gadu\gg.exe C:\WINDOWS\explorer.exe D:\Program Files\MoorHunt\MoorHunt.exe C:\Documents and Settings\Łukasz\Pulpit\dss.exe D:\PROGRA~1\TRENDM~1\HIJACK~1\Łukasz.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = : R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Winamp Toolbar BHO - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll O4 - HKLM..\Run: [Sunkist2k] C:\Program Files\Multimedia Card Reader\shwicon2k.exe O4 - HKLM..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM..\Run: [SoundMan] SOUNDMAN.EXE O4 - HKLM..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" O4 - HKLM..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM..\Run: [nwiz] nwiz.exe /install O4 - HKLM..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM..\Run: [SpywareTerminator] "D:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe" O4 - HKCU..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU..\Run: [Orb] "C:\Program Files\Winamp Remote\bin\OrbTray.exe" /background O4 - HKCU..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033 O4 - HKCU..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKUS\S-1-5-19..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA LOKALNA') O4 - HKUS\S-1-5-20..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA SIECIOWA') O4 - HKUS\S-1-5-18..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS.DEFAULT..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: 802.11g Wireless LAN PCI Card Utility.lnk = ? O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O8 - Extra context menu item: &Winamp Toolbar Search - C:\Documents and Settings\All Users\Dane aplikacji\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O17 - HKLM\System\CCS\Services\Tcpip..{A4D25B34-CDAD-4518-BEE1-73FDFF6E7EF5}: NameServer = 192.0.6.1 O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: Urządzenie mobilne Apple (Apple Mobile Device) - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: Usługa iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - D:\Program Files\Spyware Terminator\sp_rsser.exe -- End of file - 7043 bytes -- HijackThis Fixed Entries (D:\PROGRA~1\TRENDM~1\HIJACK~1\backups) ----------- backup-20080110-191826-136 O4 - HKLM..\Run: [SpywareTerminator] "D:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe" backup-20080110-191826-243 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 backup-20080110-191826-326 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 backup-20080110-191826-741 O4 - HKLM..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit -- File Associations ----------------------------------------------------------- [COLOR=red].cpl - cplfile - shell\cplopen\command - rundll32.exe shell32.dll,Control_RunDLL "%1",%*[/COLOR] [COLOR=red].cpl - cplfile - shell\runas\command - rundll32.exe shell32.dll,Control_RunDLLAsUser "%1",%*[/COLOR] -- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------- R0 sfdrv01 (StarForce Protection Environment Driver (version 1.x)) - c:\windows\system32\drivers\sfdrv01.sys R0 sfhlp02 (StarForce Protection Helper Driver (version 2.x)) - c:\windows\system32\drivers\sfhlp02.sys R0 sfsync03 (StarForce Protection Synchronization Driver (version 3.x)) - c:\windows\system32\drivers\sfsync03.sys R1 sp_rsdrv2 (Spyware Terminator Driver 2) - c:\windows\system32\drivers\sp_rsdrv2.sys R2 AegisP (AEGIS Protocol (IEEE 802.1x) v3.4.5.0) - c:\windows\system32\drivers\aegisp.sys R2 MaVctrl - c:\windows\system32\drivers\mavc2k.sys R3 actser - c:\windows\system32\drivers\actser.sys R3 mamotou - c:\windows\system32\drivers\mamotou.sys R3 SjyPkt - c:\windows\system32\drivers\sjypkt.sys R3 SoC PC-Camera Service (CANYON CN-WCAM21 PC-Camera) - c:\windows\system32\drivers\pfc027.sys R3 SunkFilt (Alcor Micro Corp Reader) - c:\windows\system32\drivers\sunkfilt.sys R3 vsbus (Virtual Serial Bus Enumerator) - c:\windows\system32\drivers\vsb.sys S3 GVCplDrv - c:\windows\system32\drivers\gvcpldrv.sys S3 siusbmod - c:\windows\system32\drivers\siusbmod.sys S3 vserial (ELTIMA Virtual Serial Ports Driver) - c:\windows\system32\drivers\vserial.sys -- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled -------------------- R2 Apple Mobile Device (Urządzenie mobilne Apple) - "c:\program files\common files\apple\mobile device support\bin\applemobiledeviceservice.exe" R2 sp_rssrv (Spyware Terminator Realtime Shield Service) - "d:\program files\spyware terminator\sp_rsser.exe" -- Device Manager: Disabled ---------------------------------------------------- No disabled devices found. -- Scheduled Tasks ------------------------------------------------------------- 2007-12-05 07:32:01 284 --a------ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job -- Files created between 2007-12-11 and 2008-01-11 ----------------------------- 2008-01-11 15:51:09 0 d-------- C:!KillBox 2008-01-10 21:15:52 304182 --a------ C:\StiImg.dat 2008-01-10 21:09:11 0 d-------- C:\WINDOWS\PAC207 2008-01-10 17:17:04 0 d-------- C:\Program Files\jv16 PowerTools 2008-01-10 17:02:19 0 d-------- C:\Program Files\RegCleaner 2008-01-08 18:02:45 0 d-------- C:\Program Files\Cossacks 2008-01-08 17:55:00 53248 --a------ C:\WINDOWS\system32\unrar.dll 2008-01-08 17:54:58 4358144 -ra------ C:\WINDOWS\uncsetup.exe 2008-01-08 17:47:07 0 d-------- C:\WINDOWS\system32\Futuremark 2008-01-08 17:47:07 0 d-------- C:\Program Files\Common Files\Futuremark Shared 2008-01-08 17:38:10 0 d-------- C:\Documents and Settings\Łukasz\Application Data\SystemRequirementsLab 2008-01-07 18:39:38 0 d-------- C:\Documents and Settings\Łukasz\Shared 2008-01-05 20:41:12 0 d-------- C:\Program Files\Common Files\Skype 2008-01-05 11:40:47 0 d-------- C:\Program Files\iPod 2008-01-05 11:39:46 0 d-------- C:\Program Files\iTunes 2007-12-31 14:50:35 138752 --a------ C:\WINDOWS\system32\drivers\sp_rsdrv2.sys 2007-12-31 12:42:11 0 d-------- C:\Documents and Settings\Łukasz\Application Data 2007-12-31 12:42:11 0 d-------- C:\Documents and Settings\Łukasz\Application Data\Spyware Terminator 2007-12-31 12:19:43 24576 --a------ C:\WINDOWS\system32\SmartSubClass.dll 2007-12-31 12:19:42 101888 --a------ C:\WINDOWS\system32\VB6STKIT.DLL 2007-12-31 10:56:56 0 d-------- C:\Documents and Settings\Łukasz\dwhelper 2007-12-30 18:58:33 98304 --a------ C:\WINDOWS\system32\CmdLineExt.dll 2007-12-30 14:45:21 0 d-------- C:\Program Files\TVUPlayer 2007-12-30 14:41:01 0 d-------- C:\Program Files\Joost 2007-12-29 17:40:11 0 d-------- C:\Program Files\Dcads Games Collection 2007-12-23 10:37:39 0 d-------- C:\Program Files\Motorola Tools 2007-12-19 21:30:05 0 d-------- C:\Program Files\mobile PhoneTools 2007-12-18 21:14:39 0 d-------- C:\FastDow 2007-12-13 20:25:55 0 d-------- C:\Program Files\Onet -- Find3M Report --------------------------------------------------------------- 2008-01-11 17:56:08 0 d-------- C:\Documents and Settings\Łukasz\Dane aplikacji\LimeWire 2008-01-11 17:39:51 0 d-------- C:\Documents and Settings\Łukasz\Dane aplikacji\Skype 2008-01-11 17:39:35 0 d-------- C:\Documents and Settings\Łukasz\Dane aplikacji\skypePM 2008-01-11 15:35:18 0 d-------- C:\Documents and Settings\Łukasz\Dane aplikacji\Help 2008-01-11 14:33:33 0 d--h----- C:\Program Files\InstallShield Installation Information 2008-01-11 12:28:49 0 d-------- C:\Program Files\Winamp Remote 2008-01-10 21:10:21 0 d-------- C:\Program Files\Common Files\InstallShield 2008-01-10 19:24:57 0 d-------- C:\Documents and Settings\Łukasz\Dane aplikacji\PC Tools 2008-01-08 19:50:14 0 d-------- C:\Documents and Settings\Łukasz\Dane aplikacji\Tlen.pl 2008-01-08 17:47:07 0 d-------- C:\Program Files\Common Files 2008-01-08 17:46:59 0 d-------- C:\Documents and Settings\Łukasz\Dane aplikacji\InstallShield 2008-01-07 18:16:42 0 d-------- C:\Program Files\DivX 2008-01-06 21:52:33 490808 --a------ C:\WINDOWS\system32\perfh015.dat 2008-01-06 21:52:33 83988 --a------ C:\WINDOWS\system32\perfc015.dat 2008-01-05 20:41:20 0 d-------- C:\Program Files\Skype 2008-01-05 11:37:36 0 d-------- C:\Program Files\QuickTime 2008-01-02 21:45:12 0 d-------- C:\Program Files\Tlen.pl 2007-12-31 13:32:13 0 d-------- C:\Program Files\Common Files\SecurePCCleaner 2007-12-31 12:41:23 0 d-------- C:\Documents and Settings\Łukasz\Dane aplikacji\Lavasoft 2007-12-30 16:12:32 0 d-------- C:\Documents and Settings\Łukasz\Dane aplikacji\Activision 2007-12-30 14:49:19 0 d-------- C:\Documents and Settings\Łukasz\Dane aplikacji\TVU Networks 2007-12-30 14:41:38 0 d-------- C:\Documents and Settings\Łukasz\Dane aplikacji\Joost 2007-12-29 18:27:13 0 d-------- C:\Program Files\Adssite Advanced Toolbar 2007-12-29 18:16:29 0 d-------- C:\Documents and Settings\Łukasz\Dane aplikacji\Image Zone Express 2007-12-27 14:39:51 0 d-------- C:\Program Files\Warcraft III 2007-12-26 12:06:01 0 d-------- C:\Documents and Settings\Łukasz\Dane aplikacji\SecurePCCleaner 2007-12-23 10:58:27 0 d-------- C:\Documents and Settings\Łukasz\Dane aplikacji\Mobile Master 2007-12-23 10:56:38 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard 2007-12-19 21:30:35 0 d-------- C:\Program Files\LiveUpdate 2007-12-13 20:30:21 0 d-------- C:\Documents and Settings\Łukasz\Dane aplikacji\Onet 2007-12-13 20:30:21 0 d-------- C:\Documents and Settings\Łukasz\Dane aplikacji\MozillaControl 2007-12-13 20:30:18 0 d-------- C:\Documents and Settings\Łukasz\Dane aplikacji\Listonosz 2007-12-13 20:30:17 0 d-------- C:\Documents and Settings\Łukasz\Dane aplikacji\AutoUpdate 2007-12-06 13:48:09 0 d-------- C:\Documents and Settings\Łukasz\Dane aplikacji\Media Player Classic 2007-12-05 21:55:02 0 d-------- C:\Documents and Settings\Łukasz\Dane aplikacji\Jasc 2007-12-05 21:50:13 0 d-------- C:\Program Files\Jasc Software Inc 2007-12-05 21:47:16 0 d-------- C:\Program Files\Ulead Systems 2007-12-05 20:23:46 67582 --a------ C:\Documents and Settings\Łukasz\Dane aplikacji\Update_HP_RedboxHprblog_HPSU.log 2007-12-05 19:51:06 139264 --a------ C:\WINDOWS\system32\hpzjrd01.dll 2007-12-04 02:33:18 802816 --a------ C:\WINDOWS\system32\divx_xx11.dll 2007-12-04 02:33:18 823296 --a------ C:\WINDOWS\system32\divx_xx0c.dll 2007-12-04 02:33:18 823296 --a------ C:\WINDOWS\system32\divx_xx07.dll 2007-12-04 02:33:16 682496 --a------ C:\WINDOWS\system32\DivX.dll 2007-12-02 20:48:40 0 d-------- C:\Program Files\pwn.pl 2007-12-02 10:55:55 0 d-------- C:\Program Files\NAPI-PROJEKT 2007-12-01 19:00:19 0 d-------- C:\Program Files\SystemRequirementsLab 2007-11-29 23:30:28 3596288 --a------ C:\WINDOWS\system32\qt-dx331.dll 2007-11-29 23:28:24 196608 --a------ C:\WINDOWS\system32\dtu100.dll 2007-11-29 23:28:24 81920 --a------ C:\WINDOWS\system32\dpl100.dll 2007-11-28 22:52:32 12288 --a------ C:\WINDOWS\system32\DivXWMPExtType.dll 2007-11-28 17:23:09 40737 --a------ C:\WINDOWS\system32\rightonadz-uninst.exe 2007-11-27 20:07:20 52470 --a------ C:\WINDOWS\War3Unin.dat 2007-11-27 20:04:26 2829 --a------ C:\WINDOWS\War3Unin.pif 2007-11-27 20:04:26 139264 --a------ C:\WINDOWS\War3Unin.exe 2007-11-27 14:14:40 0 d-------- C:\Program Files\DAEMON Tools 2007-11-26 16:13:50 0 d-------- C:\Program Files\directx 2007-11-25 19:16:38 0 d-------- C:\Documents and Settings\Łukasz\Dane aplikacji\Adssite Advanced Toolbar 2007-11-25 19:15:49 0 d-------- C:\Program Files\Adssite Games Collection 2007-11-25 15:43:12 5408 --a------ C:\WINDOWS\mozver.dat 2007-11-24 21:32:39 0 d-------- C:\Documents and Settings\Łukasz\Dane aplikacji\GanymedeNet 2007-11-24 21:23:36 0 d-------- C:\Program Files\Ganymede 2007-11-22 21:24:02 664 --a------ C:\WINDOWS\system32\d3d9caps.dat 2007-11-17 10:54:51 0 d-------- C:\Program Files\Google 2007-11-17 10:52:08 0 d-------- C:\Program Files\Common Files\Real 2007-11-17 10:42:51 0 d-------- C:\Documents and Settings\Łukasz\Dane aplikacji\Winamp 2007-11-17 10:42:49 0 d-------- C:\Program Files\Winamp 2007-11-17 10:39:28 0 d-------- C:\Program Files\Winamp Toolbar 2007-11-12 21:07:18 0 d-------- C:\Documents and Settings\Łukasz\Dane aplikacji\DivX 2007-11-11 13:58:17 0 d-------- C:\Program Files\MSXML 6.0 2007-11-11 10:30:51 0 d-------- C:\Program Files\MSBuild 2007-11-11 10:26:48 0 d-------- C:\Program Files\Reference Assemblies 2007-11-11 08:55:18 0 d-------- C:\Documents and Settings\Łukasz\Dane aplikacji\Real 2007-11-11 08:43:17 0 d-------- C:\Program Files\Common Files\xing shared 2007-11-11 08:42:59 0 d-------- C:\Program Files\Real 2007-11-04 18:33:20 113609 --a------ C:\WINDOWS\hpoins07.dat 2007-11-03 21:39:33 4 --a------ C:\WINDOWS\system32\proc625010911.bin 2007-11-03 21:10:35 504832 --a------ C:\WINDOWS\system32\winlogon.exe 2007-11-03 21:02:04 0 --a------ C:\WINDOWS\nsreg.dat 2007-11-03 20:43:10 0 -rahs---- C:\MSDOS.SYS 2007-11-03 20:43:10 0 -rahs---- C:\IO.SYS 2007-11-03 20:43:10 0 --a------ C:\CONFIG.SYS 2007-11-03 20:43:10 0 --a------ C:\AUTOEXEC.BAT 2007-11-03 20:40:06 21856 --a------ C:\WINDOWS\system32\emptyregdb.dat 2007-11-03 20:32:21 62 --ahs---- C:\Documents and Settings\Łukasz\Dane aplikacji\desktop.ini 2007-10-17 18:23:24 10752 --a------ C:\WINDOWS\system32\WhoisCL.exe 2007-10-11 09:55:10 88576 --a------ C:\WINDOWS\system32\infocardapi.dll -- Registry Dump --------------------------------------------------------------- *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\~\Browser Helper Objects{25CEE8EC-5730-41bc-8B58-22DDC8AB8C20}] 2007-10-04 21:06 1135968 --a------ C:\Program Files\Winamp Toolbar\winamptb.dll [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser] "{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}"= C:\Program Files\Winamp Toolbar\winamptb.dll [2007-10-04 21:06 1135968] [-HKEY\_CLASSES\_ROOT\CLSID\{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}] [HKEY\_CLASSES\_ROOT\WINAMPTB.AOLToolBand.1] [HKEY\_CLASSES\_ROOT\TypeLib\{538CD77C-BFDD-49b0-9562-77419CAB89D1}] [HKEY\_CLASSES\_ROOT\WINAMPTB.AOLToolBand] [HKEY\_LOCAL\_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sunkist2k"="C:\Program Files\Multimedia Card Reader\shwicon2k.exe" [2004-12-10 11:49] "avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-12-04 14:00] "SoundMan"="SOUNDMAN.EXE" [2006-03-01 09:22 C:\WINDOWS\soundman.exe] "HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2005-05-11 23:12] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11] "TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2007-11-11 08:43] "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-10-22 12:22] "nwiz"="nwiz.exe" [2006-10-22 12:22 C:\WINDOWS\system32\nwiz.exe] "QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2007-12-11 10:56] "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-12-11 12:10] "SpywareTerminator"="D:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe" [2007-12-31 12:42] [HKEY\_CURRENT\_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2006-03-02 13:00] "Orb"="C:\Program Files\Winamp Remote\bin\OrbTray.exe" [2007-10-23 01:47] "DAEMON Tools"="C:\Program Files\DAEMON Tools\daemon.exe" [2007-08-16 12:24] "P2kAutostart"="" [] "Skype"="C:\Program Files\Skype\Phone\Skype.exe" [2007-12-12 15:23] C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\ 802.11g Wireless LAN PCI Card Utility.lnk - C:\Program Files\Nonbrand\802.11g Wireless LAN PCI Card Driver and Utility\RtWlan.exe [2007-11-03 20:51:36] Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe [2006-10-23 02:48:00] Adobe Reader Synchronizer.lnk - C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe [2006-10-23 01:01:00] HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2005-05-11 23:23:26] -- End of Deckard's System Scanner: finished at 2008-01-11 19:27:33 ------------

Deckard's System Scanner v20071014.68

(Gutek) #2

Zastosuj się do tego Tematu i zmień tytuł tematu na konkretny inaczej KOSZ

Pozdrawiam Gutek2222

Zmiana zasad wklejania logów na forum - viewtopic.php?f=16&t=213350

Ja nic nie widzę