Anonim / 4 lata, 12 miesięcy temu | Download | Plaintext | Odpowiedz |

  1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
DDS (Ver_2012-11-20.01) - NTFS_x86 
Internet Explorer: 8.0.6001.18702  BrowserJavaVersion: 10.9.2
Run by user at 16:11:07 on 2012-12-14
Microsoft Windows XP Home Edition  5.1.2600.3.1250.48.1045.18.2039.1078 [GMT 1:00]
.
AV: ESET NOD32 Antivirus 4.0 *Enabled/Outdated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
.
============== Running Processes ================
.
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\Java\jre7\bin\jqs.exe
c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
C:\Program Files\CDBurnerXP\NMSAccessU.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\WrtMon.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\WrtProc.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Core Temp\Core Temp.exe
C:\Program Files\Samsung\Samsung PC Studio 7\PCSuite.exe
C:\Program Files\InfoSerwis\Gz.exe
C:\PROGRA~1\MICROS~3\rapimgr.exe
C:\Program Files\Oprogramowanie licznika osób\People Counter.exe
C:\Program Files\OpenOffice.org 2.3\program\soffice.exe
C:\Program Files\OpenOffice.org 2.3\program\soffice.BIN
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\InsERT\InsERT GT\Subiekt.exe
C:\Program Files\UltraVNC\winvnc.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\WINDOWS\system32\NOTEPAD.EXE
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\svchost.exe -k rpcss
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k imgsvc
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.pl/
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - c:\program files\google\googletoolbarnotifier\5.6.5612.1312\swg.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
uRun: [H/PC Connection Agent] "c:\program files\microsoft activesync\wcescomm.exe"
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [Core Temp] "c:\program files\core temp\Core Temp.exe"
uRun: [S60 PC Suite Tray] "c:\program files\samsung\samsung pc studio 7\PCSuite.exe" -onlytray
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [High Definition Audio Property Page Shortcut] HDAShCut.exe
mRun: [SoundMAXPnP] c:\program files\analog devices\core\smax4pnp.exe
mRun: [OrderReminder] c:\program files\hewlett-packard\orderreminder\OrderReminder.exe
mRun: [egui] "c:\program files\eset\eset nod32 antivirus\egui.exe" /hide /waitservice
mRun: [SSBkgdUpdate] "c:\program files\common files\scansoft shared\ssbkgdupdate\SSBkgdupdate.exe" -Embedding -boot
mRun: [OpwareSE4] "c:\program files\scansoft\omnipagese4.0\OpwareSE4.exe"
mRun: [WrtMon.exe] c:\windows\system32\spool\drivers\w32x86\3\WrtMon.exe
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
dRun: [Samsung.PCSync] "c:\program files\samsung\samsung pc studio 7\PcSync2.exe" /NoDialog
StartupFolder: c:\docume~1\user\menust~1\programy\autost~1\gz.lnk - c:\program files\infoserwis\Gz.exe
StartupFolder: c:\docume~1\user\menust~1\programy\autost~1\liczni~1.lnk - c:\program files\oprogramowanie licznika osób\People Counter.exe
StartupFolder: c:\docume~1\user\menust~1\programy\autost~1\openof~1.lnk - c:\program files\openoffice.org 2.3\program\quickstart.exe
StartupFolder: c:\docume~1\user\menust~1\programy\autost~1\ultrav~1.lnk - c:\program files\ultravnc\winvnc.exe
StartupFolder: c:\docume~1\alluse~1\menust~1\programy\autost~1\ultrav~1.lnk - c:\program files\ultravnc\winvnc.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:323
uPolicies-Explorer: NoDriveAutoRun = dword:67108863
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDriveAutoRun = dword:67108863
mPolicies-Explorer: NoDriveTypeAutoRun = dword:323
mPolicies-Explorer: NoDrives = dword:0
mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:323
mPolicies-Explorer: NoDriveAutoRun = dword:67108863
IE: Funkcja Google Sidewiki - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\program files\microsoft activesync\INetRepl.dll
IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\program files\microsoft activesync\INetRepl.dll
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
Trusted Zone: mks.com.pl
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {31435657-9980-0010-8000-00AA00389B71} - hxxp://download.microsoft.com/download/e/2/f/e2fcec4b-6c8b-48b7-adab-ab9c403a978f/wvc1dmo.cab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1198224653533
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} - hxxps://secure.logmein.com/activex/ractrl.cab?lmi=100
TCP: Interfaces\{B9D47082-E384-4654-BD2E-D12F34375812} : NameServer = 194.204.152.34,194.204.159.1
Notify: igfxcui - igfxdev.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\user\dane aplikacji\mozilla\firefox\profiles\otryw39l.default\
FF - prefs.js: browser.startup.homepage - google.pl
FF - plugin: c:\program files\adobe\reader 11.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\update\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\microsoft silverlight\5.1.10411.0\npctrlui.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_5_502_135.dll
FF - plugin: c:\windows\system32\npDeployJava1.dll
FF - plugin: c:\windows\system32\npptools.dll
FF - ExtSQL: !HIDDEN! 2009-09-02 21:01; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
.
============= SERVICES / DRIVERS ===============
.
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [2009-9-11 108792]
R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [2009-9-11 96408]
R1 mdf15;mdf15;c:\program files\clarus\samsung secretzone\mdf15.sys [2010-12-11 12800]
R1 mvd20;mvd20;c:\program files\clarus\samsung secretzone\mvd20.sys [2010-12-11 64000]
R2 ASTRA32;ASTRA32 Kernel Driver 5.2.1.0;c:\program files\astra32\astra32.sys [2007-2-22 30864]
R2 ekrn;ESET Service;c:\program files\eset\eset nod32 antivirus\ekrn.exe [2009-9-11 735960]
R3 ALSysIO;ALSysIO;\??\c:\docume~1\user\ustawi~1\temp\alsysio.sys --> c:\docume~1\user\ustawi~1\temp\ALSysIO.sys [?]
R3 AtcL001;NDIS Miniport Driver for Attansic L1 Gigabit Ethernet Controller;c:\windows\system32\drivers\atl01_xp.sys [2007-12-19 38656]
S4 MSR Service;Virtual Disk Service Manager;c:\program files\clarus\samsung secretzone\MSSvc.exe [2010-12-11 114688]
.
=============== Created Last 30 ================
.
2012-12-14 15:08:50	--------	d-----w-	c:\program files\trend micro
2012-12-13 18:18:27	--------	d-----w-	c:\documents and settings\user\Doctor Web
2012-12-13 13:31:27	273024	-c----w-	c:\windows\system32\dllcache\bthport.sys
2012-12-13 13:31:10	456320	-c----w-	c:\windows\system32\dllcache\mrxsmb.sys
2012-12-13 13:29:49	40960	-c----w-	c:\windows\system32\dllcache\ndproxy.sys
2012-12-13 13:29:30	81920	-c----w-	c:\windows\system32\dllcache\fontsub.dll
2012-12-13 13:29:30	119808	-c----w-	c:\windows\system32\dllcache\t2embed.dll
2012-12-13 13:28:38	536576	-c----w-	c:\windows\system32\dllcache\msado15.dll
2012-12-13 13:28:03	617472	-c----w-	c:\windows\system32\dllcache\comctl32.dll
2012-12-13 13:27:59	953856	-c----w-	c:\windows\system32\dllcache\mfc40u.dll
2012-12-13 13:27:37	105472	-c----w-	c:\windows\system32\dllcache\mup.sys
2012-12-13 13:25:56	227840	-c----w-	c:\windows\system32\dllcache\wmiprvse.exe
2012-12-13 13:25:54	285696	-c----w-	c:\windows\system32\dllcache\pdh.dll
2012-12-13 13:25:53	473600	-c----w-	c:\windows\system32\dllcache\fastprox.dll
2012-12-13 13:25:53	401408	-c----w-	c:\windows\system32\dllcache\rpcss.dll
2012-12-13 13:25:53	111104	-c----w-	c:\windows\system32\dllcache\services.exe
2012-12-13 13:25:52	686592	-c----w-	c:\windows\system32\dllcache\advapi32.dll
2012-12-13 13:25:51	453120	-c----w-	c:\windows\system32\dllcache\wmiprvsd.dll
2012-12-13 13:23:45	471552	-c----w-	c:\windows\system32\dllcache\aclayers.dll
2012-12-13 13:15:55	139784	-c----w-	c:\windows\system32\dllcache\rdpwd.sys
2012-12-13 13:12:02	521728	-c----w-	c:\windows\system32\dllcache\jsdbgui.dll
2012-12-13 13:10:57	726528	-c----w-	c:\windows\system32\dllcache\ntdll.dll
2012-12-13 13:10:57	2150400	-c----w-	c:\windows\system32\dllcache\ntkrnlmp.exe
2012-12-13 13:10:56	2194176	-c----w-	c:\windows\system32\dllcache\ntoskrnl.exe
2012-12-13 13:10:55	2070912	-c----w-	c:\windows\system32\dllcache\ntkrnlpa.exe
2012-12-13 13:10:55	2029056	-c----w-	c:\windows\system32\dllcache\ntkrpamp.exe
2012-12-13 13:10:41	10496	-c----w-	c:\windows\system32\dllcache\ndistapi.sys
2012-12-13 13:10:39	3072	-c----w-	c:\windows\system32\dllcache\iacenc.dll
2012-12-13 13:10:39	3072	------w-	c:\windows\system32\iacenc.dll
2012-12-13 13:10:22	45568	-c----w-	c:\windows\system32\dllcache\wab.exe
2012-12-13 13:10:18	590848	-c----w-	c:\windows\system32\dllcache\rpcrt4.dll
2012-12-13 09:24:50	697272	----a-w-	c:\windows\system32\FlashPlayerApp.exe
2012-12-13 09:21:22	821736	----a-w-	c:\windows\system32\npDeployJava1.dll
2012-12-13 09:21:22	143872	----a-w-	c:\windows\system32\javacpl.cpl
2012-12-13 09:21:18	93672	----a-w-	c:\windows\system32\WindowsAccessBridge.dll
2012-12-13 09:01:02	89600	-c----w-	c:\windows\system32\dllcache\msxml6r.dll
2012-12-13 09:01:02	1372672	-c----w-	c:\windows\system32\dllcache\msxml6.dll
2012-12-13 08:57:59	294912	------w-	c:\program files\windows media player\dlimport.exe
2012-12-13 08:57:54	294912	-c----w-	c:\windows\system32\dllcache\dlimport.exe
2012-12-13 08:54:05	19569	----a-w-	c:\windows\002935_.tmp
2012-12-13 08:50:57	--------	d-----w-	c:\windows\EHome
.
==================== Find3M  ====================
.
2012-12-13 09:37:25	73656	----a-w-	c:\windows\system32\FlashPlayerCPLApp.cpl
2012-12-13 09:21:01	746984	----a-w-	c:\windows\system32\deployJava1.dll
2012-11-13 11:55:14	1866624	----a-w-	c:\windows\system32\win32k.sys
2012-11-06 00:41:17	290560	----a-w-	c:\windows\system32\atmfd.dll
2012-11-02 02:03:58	375296	----a-w-	c:\windows\system32\dpnet.dll
2012-11-01 12:13:02	916992	----a-w-	c:\windows\system32\wininet.dll
2012-11-01 12:13:02	43520	----a-w-	c:\windows\system32\licmgr10.dll
2012-11-01 12:13:02	1469440	------w-	c:\windows\system32\inetcpl.cpl
2012-11-01 00:35:48	385024	----a-w-	c:\windows\system32\html.iec
2012-10-02 18:04:38	58368	----a-w-	c:\windows\system32\synceng.dll
2012-09-29 18:54:26	22856	----a-w-	c:\windows\system32\drivers\mbam.sys
.
============= FINISH: 16:11:58,29 ===============