wklejto.pl

Dodane przez: Zjawa (2012-01-30 08:49) -> text
1.
2.
3.
4.
5.
6.
7.
8.
9.
10.
11.
12.
13.
14.
15.
16.
17.
18.
19.
20.
21.
22.
23.
24.
25.
26.
27.
28.
29.
30.
31.
32.
33.
34.
35.
36.
37.
38.
39.
40.
41.
42.
43.
44.
45.
46.
47.
48.
49.
50.
51.
52.
53.
54.
55.
56.
57.
58.
59.
60.
61.
62.
63.
64.
65.
66.
67.
68.
69.
70.
71.
72.
73.
74.
75.
76.
77.
78.
79.
80.
81.
82.
83.
84.
85.
86.
87.
88.
89.
90.
91.
92.
93.
94.
95.
96.
97.
98.
99.
100.
101.
102.
103.
104.
105.
106.
107.
108.
109.
110.
111.
112.
113.
114.
115.
116.
117.
118.
119.
120.
121.
122.
123.
124.
125.
126.
127.
128.
129.
130.
131.
132.
133.
134.
135.
136.
137.
138.
139.
140.
141.
142.
143.
144.
145.
146.
147.
148.
149.
150.
151.
152.
153.
154.
155.
156.
157.
158.
159.
160.
161.
162.
163.
164.
165.
166.
167.
168.
169.
170.
171.
172.
173.
174.
175.
176.
177.
178.
179.
180.
181.
182.
183.
184.
185.
186.
187.
188.
189.
190.
191.
192.
193.
194.
195.
196.
197.
198.
199.
200.
201.
202.
.
DDS (Ver_2011-08-26.01) - NTFSx86 
Internet Explorer: 8.0.6001.18702  BrowserJavaVersion: 1.6.0_29
Run by SysOp at 8:42:48 on 2012-01-30
Microsoft Windows XP Professional  5.1.2600.3.1250.48.1045.18.2047.1173 [GMT 1:00]
.
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
D:\l2\4GameService.exe
svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\Gadu-Gadu 10\gg.exe
D:\l2\4GameTray.exe
C:\Program Files\TeamSpeak 3 Client\ts3client_win32.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Windows NT\Accessories\wordpad.exe
.
============== Pseudo HJT Report ===============
.
mStart Page = about:blank
mWinlogon: SfcDisable=-99 (0xffffff9d)
TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
uRun: [Auto-Backup] "c:\program files\auto-backup\Auto-Backup.exe" /tray
uRun: [DAEMON Tools Lite] "c:\program files\daemon tools lite\DTLite.exe" -autorun
uRun: [EA Core] "c:\program files\electronic arts\eadm\Core.exe" -silent
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [nwiz] nwiz.exe /install
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [<NO NAME>] 
mRun: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [egui] "c:\program files\eset\eset nod32 antivirus\egui.exe" /hide /waitservice
dRunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N
uPolicies-explorer: NoSMMyPictures = 1 (0x1)
uPolicies-explorer: NoSMConfigurePrograms = 1 (0x1)
dPolicies-explorer: NoSMHelp = 1 (0x1)
dPolicies-explorer: ForceClassicControlPanel = 1 (0x1)
dPolicies-explorer: NoSMMyPictures = 1 (0x1)
dPolicies-explorer: NoSMConfigurePrograms = 1 (0x1)
IE: {5C106A59-CC3C-4caa-81A4-6D909B5ACE23} - {B745F984-EF2E-40D6-A9AC-D8CED7230E61} - c:\program files\keyscrambler\KeyScramblerIE.dll
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://windowsupdate.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1324030216953
DPF: {68282C51-9459-467B-95BF-3C0E89627E55} - hxxp://www.mks.com.pl/skaner/SkanerOnline.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxps://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{050ACC4A-CED8-4C61-848A-74B62F86AE37} : DhcpNameServer = 192.168.1.1
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\overwolf\SKYPE4~1.DLL
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\wpdshserviceobj.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\sysop\dane aplikacji\mozilla\firefox\profiles\2roysfcx.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.pl/
FF - prefs.js: keyword.URL - hxxp://search.hotspotshield.com/g/results.php?c=s&q=
FF - plugin: c:\documents and settings\sysop\dane aplikacji\mozilla\plugins\npgoogletalk.dll
FF - plugin: c:\documents and settings\sysop\dane aplikacji\mozilla\plugins\npgtpo3dautoplugin.dll
FF - plugin: c:\documents and settings\sysop\ustawienia lokalne\dane aplikacji\google\update\1.3.21.79\npGoogleUpdate3.dll
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: d:\l2\npplugin4game.dll
.
============= SERVICES / DRIVERS ===============
.
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [2012-1-30 242240]
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [2011-8-4 118104]
R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [2011-8-4 103112]
R1 oreans32;oreans32;c:\windows\system32\drivers\oreans32.sys [2012-1-14 33824]
R2 4game;4game;d:\l2\4GameService.exe [2011-12-14 757600]
R2 ekrn;ESET Service;c:\program files\eset\eset nod32 antivirus\ekrn.exe [2011-9-22 974944]
R3 KeyScrambler;KeyScrambler;c:\windows\system32\drivers\keyscrambler.sys [2012-1-4 173880]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2012-1-26 652872]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [2011-12-2 1691480]
S3 MBAMProtector;MBAMProtector;\??\c:\windows\system32\drivers\mbam.sys --> c:\windows\system32\drivers\mbam.sys [?]
S3 MSI_MSIBIOS_010507;MSI_MSIBIOS_010507;\??\c:\program files\msi\live update 5\msibios32_100507.sys --> c:\program files\msi\live update 5\msibios32_100507.sys [?]
S3 NPFW;NPFW;\??\c:\windows\system32\npfw.sys --> c:\windows\system32\NPFW.SYS [?]
S3 NPFWFLT;NPFWFLT;\??\c:\windows\system32\npfwflt.sys --> c:\windows\system32\NPFWFLT.SYS [?]
S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\gamemon.des -service --> c:\windows\system32\GameMon.des -service [?]
S3 NPIDS;NPIDS;\??\c:\windows\system32\npids.sys --> c:\windows\system32\NPIDS.SYS [?]
S3 NTIOLib_1_0_4;NTIOLib_1_0_4;\??\c:\program files\msi\live update 5\ntiolib.sys --> c:\program files\msi\live update 5\NTIOLib.sys [?]
S3 OverwolfUpdaterService;Overwolf Updater Service;c:\program files\overwolf\OverwolfUpdater.exe [2012-1-8 17848]
S3 TKCtrl;TKCtrl;\??\c:\windows\system32\tkctrl2k.sys --> c:\windows\system32\TKCtrl2k.sys [?]
S3 TKFsAvM;TKFsAvM;\??\c:\windows\system32\tkfsav.sys --> c:\windows\system32\TKFsAv.sys [?]
S3 TkFsFtM;MiniFilter Driver;c:\windows\system32\tkfsft.sys --> c:\windows\system32\TKFsFt.sys [?]
S3 TKPcFt;TKPcFt;\??\c:\windows\system32\tkpcfthk.sys --> c:\windows\system32\TKPcFtHk.sys [?]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
.
=============== Created Last 30 ================
.
2012-01-30 07:33:53     388096  ----a-r-        c:\documents and settings\sysop\dane aplikacji\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe
2012-01-30 07:31:04     --------        d-----w-        c:\program files\trend micro
2012-01-30 06:19:31     --------        d-----w-        C:\ProgramData
2012-01-30 06:19:31     --------        d-----w-        c:\documents and settings\all users\dane aplikacji\Electronic Arts
2012-01-30 06:15:16     447752  ----a-r-        c:\windows\system32\vp6vfw.dll
2012-01-30 06:15:15     --------        d-----w-        c:\program files\Microsoft WSE
2012-01-30 05:59:38     242240  ----a-w-        c:\windows\system32\drivers\dtsoftbus01.sys
2012-01-30 05:59:26     --------        d-----w-        c:\program files\DAEMON Tools Lite
2012-01-28 06:30:18     56496   ----a-w-        c:\windows\system32\wbhelp2.dll
2012-01-28 06:30:18     544768  ----a-w-        c:\windows\system32\wbocx.ocx
2012-01-28 06:30:17     4608    ----a-w-        c:\windows\system32\W95INF32.DLL
2012-01-28 06:30:17     33968   ----a-w-        c:\windows\system32\anim.dll
2012-01-28 06:30:17     258352  ----a-w-        c:\windows\system32\unicows.dll
2012-01-28 06:30:17     2272    ----a-w-        c:\windows\system32\W95INF16.DLL
2012-01-28 06:30:17     --------        d-----w-        c:\program files\WinUtilities
2012-01-27 10:30:33     --------        d-----w-        c:\documents and settings\sysop\DoctorWeb
2012-01-27 04:05:49     --------        d-----w-        c:\program files\LSoft Technologies
2012-01-26 16:02:35     --------        d-----w-        c:\documents and settings\sysop\dane aplikacji\Malwarebytes
2012-01-26 16:02:29     --------        d-----w-        c:\documents and settings\all users\dane aplikacji\Malwarebytes
2012-01-26 16:02:27     --------        d-----w-        c:\program files\Malwarebytes' Anti-Malware
2012-01-24 15:51:12     --------        d-----w-        c:\documents and settings\sysop\dane aplikacji\firefox@mozilla.com
2012-01-23 13:56:37     --------        d-----w-        c:\documents and settings\sysop\dane aplikacji\Kadu
2012-01-23 03:03:42     --------        d-----w-        c:\program files\ProxyFirewall
2012-01-16 15:38:13     --------        d-----w-        c:\documents and settings\sysop\dane aplikacji\.minecraft
2012-01-14 00:27:18     33824   ----a-w-        c:\windows\system32\drivers\oreans32.sys
2012-01-13 16:13:14     84480   ----a-w-        c:\windows\timeout.exe
2012-01-13 16:13:14     3072    ----a-w-        c:\windows\setwintitle.exe
2012-01-13 14:56:40     --------        d-----w-        C:\Data
2012-01-13 14:15:40     --------        d-----w-        c:\program files\Gadu-Gadu 10
2012-01-12 20:21:49     --------        d--h--w-        C:\kleaner.tmp
2012-01-12 20:00:49     --------        d-----w-        c:\windows\system32\wbem\repository\FS
2012-01-12 20:00:49     --------        d-----w-        c:\windows\system32\wbem\Repository
2012-01-12 20:00:00     --------        d-----w-        c:\program files\Adsen FavIcon
2012-01-09 09:08:38     --------        d-----w-        c:\documents and settings\sysop\dane aplikacji\Auto-Backup
2012-01-09 09:08:33     --------        d-----w-        c:\program files\Auto-Backup
2012-01-08 19:05:25     39352   ----a-w-        c:\windows\system32\drivers\CSVirtualDiskDrv.sys
2012-01-08 19:05:24     88632   ----a-w-        c:\windows\system32\drivers\CSCrySec.sys
2012-01-08 19:04:12     --------        d-----w-        c:\documents and settings\all users\dane aplikacji\Kaspersky Lab
2012-01-08 18:05:33     --------        d-----w-        c:\documents and settings\all users\dane aplikacji\Kaspersky Lab Setup Files
2012-01-07 23:29:30     --------        d-----w-        c:\program files\common files\Overwolf
2012-01-07 23:29:28     --------        d-----w-        c:\program files\Overwolf
2012-01-07 23:26:18     --------        d-----w-        c:\program files\ZD Soft
2012-01-07 23:19:11     --------        d-----w-        c:\documents and settings\sysop\ustawienia lokalne\dane aplikacji\Sony
2012-01-07 23:15:09     --------        d-----w-        c:\program files\Sony
2012-01-07 23:14:40     --------        d-----w-        c:\program files\Sony Setup
2012-01-07 15:02:49     --------        d-----w-        c:\program files\Ffmpeg For Audacity
2012-01-07 14:58:50     --------        d-----w-        c:\program files\Audacity
2012-01-05 13:24:07     --------        d-----w-        c:\program files\20Dollars2Surf
2012-01-04 23:01:54     32768   ----a-w-        c:\windows\system32\drivers\taphss.sys
2012-01-04 13:45:08     --------        d-----w-        c:\documents and settings\sysop\dane aplikacji\QFX Software
2012-01-04 13:45:08     --------        d-----w-        c:\documents and settings\all users\dane aplikacji\QFX Software
2012-01-04 13:42:39     173880  ----a-w-        c:\windows\system32\drivers\keyscrambler.sys
2012-01-04 13:42:38     --------        d-----w-        c:\program files\KeyScrambler
2012-01-03 15:28:01     --------        d-----w-        c:\documents and settings\all users\dane aplikacji\regid.1986-12.com.adobe
2012-01-03 14:08:35     414368  ----a-w-        c:\windows\system32\FlashPlayerCPLApp.cpl
2012-01-03 13:10:44     182672  ----a-w-        c:\program files\mozilla firefox\plugins\nppdf32.dll
2012-01-03 13:10:44     182672  ----a-w-        c:\program files\internet explorer\plugins\nppdf32.dll
2012-01-03 13:07:20     --------        d-----w-        c:\documents and settings\sysop\dane aplikacji\com.adobe.downloadassistant.AdobeDownloadAssistant
2012-01-01 20:40:05     --------        d-----w-        c:\program files\ESET
2012-01-01 13:14:25     --------        d-----w-        c:\program files\mojosoft
2012-01-01 13:14:25     --------        d-----w-        c:\documents and settings\sysop\dane aplikacji\mojosoft
2012-01-01 02:31:19     --------        d-----w-        c:\program files\VideoLAN
2012-01-01 02:10:39     106496  ----a-w-        c:\windows\system32\APmpg4v1.dll
2012-01-01 02:10:39     --------        d-----w-        c:\program files\AngelPotion Video Codec V1
2012-01-01 00:44:02     159744  ----a-w-        c:\program files\internet explorer\wtyczki\npqtplugin6.dll
2012-01-01 00:44:02     159744  ----a-w-        c:\program files\internet explorer\wtyczki\npqtplugin5.dll
2012-01-01 00:44:02     159744  ----a-w-        c:\program files\internet explorer\wtyczki\npqtplugin4.dll
2012-01-01 00:44:02     159744  ----a-w-        c:\program files\internet explorer\wtyczki\npqtplugin3.dll
2012-01-01 00:44:02     159744  ----a-w-        c:\program files\internet explorer\wtyczki\npqtplugin2.dll
2012-01-01 00:44:02     159744  ----a-w-        c:\program files\internet explorer\wtyczki\npqtplugin.dll
2012-01-01 00:43:02     --------        d-----w-        c:\documents and settings\sysop\ustawienia lokalne\dane aplikacji\Apple
2012-01-01 00:42:43     --------        d-----w-        c:\documents and settings\sysop\ustawienia lokalne\dane aplikacji\Apple Computer
.
==================== Find3M  ====================
.
2012-01-03 17:46:33     138160  ----a-w-        c:\windows\system32\drivers\PnkBstrK.sys
2012-01-03 17:46:08     271200  ----a-w-        c:\windows\system32\PnkBstrB.xtr
2012-01-03 17:46:08     271200  ----a-w-        c:\windows\system32\PnkBstrB.exe
2012-01-03 16:26:24     271200  ----a-w-        c:\windows\system32\PnkBstrB.ex0
2011-12-17 22:11:29     18776   ----a-w-        c:\windows\system32\mksidsf.sys
2011-12-14 05:22:13     86016   ----a-w-        c:\windows\system32\OpenAL32.dll
2011-12-03 21:13:39     413696  ----a-w-        c:\windows\system32\wrap_oal.dll
2011-12-03 12:24:54     73728   ----a-w-        c:\windows\system32\javacpl.cpl
2011-12-03 12:24:54     472808  ----a-w-        c:\windows\system32\deployJava1.dll
2011-12-03 07:50:54     75136   ----a-w-        c:\windows\system32\PnkBstrA.exe
2011-12-02 23:04:23     22328   ----a-w-        c:\documents and settings\sysop\dane aplikacji\PnkBstrK.sys
.
============= FINISH:  8:43:05,45 ===============
 
Wygenerowano w 0.076s, przy pomocy GeSHi 1.0.8
'
Podziel się na Facebook Podziel się na BLIP Podziel się na Twitter Podziel się na Buzz Podziel się na Flaker Dodaj zakładkę Google Podziel się na Delicious Wykop to!

Nowy Komentarz:

Komentarze:

Brak Komentarzy!