ComboFix 07-02-06.3 - Running from: "F:\Robert1\potrzebne"
(((((((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
C:\WINDOWS\system32\.exe
((((((((((((((((((((((((((((((( Files Created from 2007-04-09 to 2007-05-09 ))))))))))))))))))))))))))))))))))
2007-05-08 19:30 41,476 --ahs---- C:\WINDOWS\system32\smsc.exe
2007-05-08 14:12 41,476 -r-hs---- C:\WINDOWS\system\msnmsgr32.exe
2007-05-07 20:28
d-------- C:\Program Files\BearShare
2007-05-07 20:28 d-------- C:\My Downloads
2007-05-03 18:38 58,548 --ahs---- C:\WINDOWS\system32\host.exe
2007-05-03 13:39 d-------- C:\Program Files\Ager Web Edytor
2007-05-03 10:37 392 --a------ C:\zzc.exe
2007-05-02 19:06 53,248 --a------ C:\WINDOWS\system32\Process.exe
2007-05-02 19:06 39,184 --a------ C:\WINDOWS\system32\Ntrights.exe
2007-05-02 19:06 175,616 --a------ C:\WINDOWS\system32\strings.exe
2007-05-02 19:06 16,384 --a------ C:\WINDOWS\system32\restart.exe
2007-05-02 19:06 126,976 --a------ C:\WINDOWS\system32\zip.exe
2007-05-02 19:06 11,254 --a------ C:\WINDOWS\system32\locate.com
2007-05-02 18:53 d-------- C:\VundoFix Backups
2007-05-02 18:05 60,416 --a------ C:\WINDOWS\system32\drivers\jwedvcwc.sys
2007-05-02 18:05 336 --a------ C:\reboot.bat
2007-05-02 18:05 19,814 --a------ C:\reboot.exe
2007-05-02 18:05 126,976 --a------ C:\zip.exe
2007-05-02 18:05 1,342 --a------ C:\avexport.bat
2007-05-02 18:05 1,080 --a------ C:\gdalsciy.bat
2007-05-02 16:37 2,297,552 --a------ C:\WINDOWS\system32\d3dx9_26.dll
2007-05-02 10:34 64,315 --a------ C:\adsok.exe
2007-04-27 19:44 d-------- C:\DOCUME~1\Rodzina\Dane aplikacji\CyberLink
2007-04-27 19:42 d-------- C:\DOCUME~1\ALLUSE~1\Dane aplikacji\CyberLink
2007-04-27 19:39 d-------- C:\Program Files\CyberLink
2007-04-25 20:18 d-------- C:\Program Files\illiminable
2007-04-21 20:27 d-------- C:\WINDOWS\ShellNew
2007-04-21 20:26 d-------- C:\DOCUME~1\Rodzina\Dane aplikacji\Microsoft Web Folders
2007-04-21 16:08 d-------- C:\Program Files\Yahoo!
2007-04-21 16:07 d-------- C:\Program Files\CCleaner
2007-04-21 16:01 d-------- C:\Program Files\RegCleaner
2007-04-20 12:32 488,835 ---hs---- C:\WINDOWS\system32\ststv.bak2
2007-04-19 22:23 98,304 --a------ C:\WINDOWS\system32\msir3jp.dll
2007-04-19 22:23 9,216 --a------ C:\WINDOWS\system32\kbdnecAT.dll
2007-04-19 22:23 838,144 --a------ C:\WINDOWS\system32\chtbrkr.dll
2007-04-19 22:23 827,438 --a------ C:\WINDOWS\system32\imjp81k.dll
2007-04-19 22:23 73,216 --a------ C:\WINDOWS\system32\uniime.dll
2007-04-19 22:23 70,656 --a------ C:\WINDOWS\system32\korwbrkr.dll
2007-04-19 22:23 7,680 --a------ C:\WINDOWS\system32\kbdnecNT.dll
2007-04-19 22:23 7,168 --a------ C:\WINDOWS\system32\kbdnec95.dll
2007-04-19 22:23 7,168 --a------ C:\WINDOWS\system32\kbdibm02.dll
2007-04-19 22:23 7,168 --a------ C:\WINDOWS\system32\f3ahvoas.dll
2007-04-19 22:23 6,656 --a------ C:\WINDOWS\system32\kbdlk41a.dll
2007-04-19 22:23 6,144 --a------ C:\WINDOWS\system32\kbdlk41j.dll
2007-04-19 22:23 6,144 --a------ C:\WINDOWS\system32\kbdax2.dll
2007-04-19 22:23 6,144 --a------ C:\WINDOWS\system32\kbd106n.dll
2007-04-19 22:23 6,144 --a------ C:\WINDOWS\system32\kbd101a.dll
2007-04-19 22:23 6,144 --a------ C:\WINDOWS\system32\kbd101.dll
2007-04-19 22:23 218,112 --a------ C:\WINDOWS\system32\c_g18030.dll
2007-04-19 22:23 1,677,824 --a------ C:\WINDOWS\system32\chsbrkr.dll
2007-04-19 22:22 6,656 --a------ C:\WINDOWS\system32\c_is2022.dll
2007-04-19 10:02 204,800 --a------ C:\WINDOWS\system32\clcl4.exe
2007-04-19 09:54 49,204 --a------ C:\WINDOWS\system32\jgtiqivu.dll
2007-04-19 09:54 462,859 ---hs---- C:\WINDOWS\system32\ststv.bak1
2007-04-18 21:48 11,063 --a------ C:\WINDOWS\system32\awvtq.dll
2007-04-18 19:03 8,704 --a------ C:\WINDOWS\system32\kbdjpn.dll
2007-04-18 19:03 8,192 --a------ C:\WINDOWS\system32\kbdkor.dll
2007-04-18 19:03 6,144 --a------ C:\WINDOWS\system32\kbd106.dll
2007-04-18 19:03 6,144 --a------ C:\WINDOWS\system32\kbd101c.dll
2007-04-18 19:03 6,144 --a------ C:\WINDOWS\system32\kbd101b.dll
2007-04-18 19:03 5,632 --a------ C:\WINDOWS\system32\kbd103.dll
2007-04-18 16:49 d-------- C:\avenger
2007-04-18 15:08 23,416 --a------ C:\WINDOWS\system32\drivers\aswRdr.sys
2007-04-18 15:07 95,872 --a------ C:\WINDOWS\system32\AVASTSS.scr
2007-04-18 15:07 94,552 --a------ C:\WINDOWS\system32\drivers\aswmon2.sys
2007-04-18 15:07 85,952 --a------ C:\WINDOWS\system32\drivers\aswmon.sys
2007-04-18 15:07 745,600 --a------ C:\WINDOWS\system32\aswBoot.exe
2007-04-18 15:07 43,176 --a------ C:\WINDOWS\system32\drivers\aswTdi.sys
2007-04-18 15:07 26,888 --a------ C:\WINDOWS\system32\drivers\aavmker4.sys
2007-04-18 14:46 d-------- C:\WINDOWS\CSC
2007-04-18 14:42 185,856 --a------ C:\WINDOWS\system32\Bmp2Jpeg.dll
2007-04-18 14:42 101,888 --a------ C:\WINDOWS\system32\VB6STKIT.DLL
2007-04-17 18:04 d-------- C:\DOCUME~1\ALLUSE~1\Dane aplikacji\FRISK Software
2007-04-17 17:06 d-------- C:\WINDOWS\system32\Kaspersky Lab
2007-04-15 21:08 787,456 --a------ C:\WINDOWS\system32\drivers\ati2mtag.sys
2007-04-15 21:08 294,912 -ra------ C:\WINDOWS\system32\atiiiexx.dll
2007-04-15 21:08 151,552 -ra------ C:\WINDOWS\system32\ATIDEMGR.dll
2007-04-15 20:59 d-------- C:\WINDOWS\LastGood
2007-04-15 20:52 d-------- C:\WINDOWS\LastGood.Tmp
2007-04-15 20:51 d-------- C:\ATI
2007-04-12 13:03 d-------- C:\Program Files\PuTTY
2007-04-12 07:17 d-------- C:\Program Files\BearShare Applications
2007-04-11 15:00 d-------- C:\DOCUME~1\Rodzina\Dane aplikacji\FileZilla
2007-04-11 14:59 d-------- C:\Program Files\FileZilla Client
2007-04-10 17:55 d-------- C:\!KillBox
(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))
2007-05-09 14:07 -------- d-------- C:\Program Files\mozilla firefox
2007-05-09 12:51 -------- d-------- C:\Program Files\wanadoo
2007-05-08 18:58 -------- d-------- C:\Program Files\flashget
2007-05-08 14:53 -------- d-------- C:\Program Files\gadu-gadu
2007-05-05 20:50 -------- d-------- C:\Program Files\polo
2007-05-03 21:51 -------- d---s---- C:\DOCUME~1\Rodzina\Dane aplikacji\microsoft
2007-05-02 23:47 -------- d-------- C:\DOCUME~1\Rodzina\Dane aplikacji\skype
2007-05-02 16:47 163644 --a------ C:\WINDOWS\system32\drivers\secdrv.sys
2007-04-28 10:43 -------- d-------- C:\DOCUME~1\Rodzina\Dane aplikacji\identities
2007-04-27 19:39 -------- d--h----- C:\Program Files\installshield installation information
2007-04-26 20:42 -------- d-------- C:\Program Files\maiet
2007-04-23 14:22 -------- d-------- C:\Program Files\ea sports
2007-04-21 20:25 -------- d-------- C:\Program Files\microsoft frontpage
2007-04-18 17:48 -------- d-------- C:\DOCUME~1\Rodzina\Dane aplikacji\adobe
2007-04-15 20:50 -------- d-------- C:\Program Files\ati technologies
2007-04-07 18:52 -------- d-------- C:\Program Files\pwn
2007-04-07 10:52 -------- d-------- C:\DOCUME~1\Rodzina\Dane aplikacji\help
2007-04-05 21:56 -------- d-------- C:\DOCUME~1\Rodzina\Dane aplikacji\divx
2007-04-05 21:09 3805 --a------ C:\WINDOWS\mozver.dat
2007-04-04 20:50 49492 --a------ C:\WINDOWS\system32\perfc015.dat
2007-04-04 20:50 355486 --a------ C:\WINDOWS\system32\perfh015.dat
2007-04-04 18:27 -------- d-------- C:\Program Files\stardock
2007-04-04 16:29 -------- d-------- C:\Program Files\divx
2007-04-04 16:28 -------- d-------- C:\Program Files\google
2007-04-01 21:33 -------- d-------- C:\Program Files\microsoft.net
2007-03-31 13:01 -------- d-------- C:\Program Files\robster productions
2007-03-29 21:28 -------- d--h----- C:\Program Files\windowsupdate
2007-03-29 12:48 -------- d-------- C:\Program Files\marbit
2007-03-27 15:13 -------- d-------- C:\Program Files\Common Files\adobe
2007-03-27 09:55 524288 --a------ C:\WINDOWS\system32\divxsm.exe
2007-03-27 09:55 36624 --------- C:\WINDOWS\system32\drivers\PxHelp20.sys
2007-03-27 09:55 3596288 --a------ C:\WINDOWS\system32\qt-dx331.dll
2007-03-27 09:55 200704 --a------ C:\WINDOWS\system32\ssldivx.dll
2007-03-27 09:55 129784 --------- C:\WINDOWS\system32\pxafs.dll
2007-03-27 09:55 118520 --------- C:\WINDOWS\system32\pxinsi64.exe
2007-03-27 09:55 116472 --------- C:\WINDOWS\system32\pxcpyi64.exe
2007-03-27 09:55 1044480 --a------ C:\WINDOWS\system32\libdivx.dll
2007-03-27 09:49 73728 --a------ C:\WINDOWS\system32\dpl100.dll
2007-03-27 09:49 593920 --a------ C:\WINDOWS\system32\dpugui11.dll
2007-03-27 09:49 57344 --a------ C:\WINDOWS\system32\dpv11.dll
2007-03-27 09:49 53248 --a------ C:\WINDOWS\system32\dpugui10.dll
2007-03-27 09:49 344064 --a------ C:\WINDOWS\system32\dpus11.dll
2007-03-27 09:49 294912 --a------ C:\WINDOWS\system32\dpu11.dll
2007-03-27 09:49 294912 --a------ C:\WINDOWS\system32\dpu10.dll
2007-03-27 09:49 196608 --a------ C:\WINDOWS\system32\dtu100.dll
2007-03-27 09:48 823296 --a------ C:\WINDOWS\system32\divx_xx0c.dll
2007-03-27 09:48 823296 --a------ C:\WINDOWS\system32\divx_xx07.dll
2007-03-27 09:48 802816 --a------ C:\WINDOWS\system32\divx_xx11.dll
2007-03-27 09:48 639066 --a------ C:\WINDOWS\system32\divx.dll
2007-03-25 16:10 82380 --a------ C:\WINDOWS\system32\drivers\AFS2K.SYS
2007-03-25 16:10 -------- d-------- C:\Program Files\hewlett-packard
2007-03-23 15:41 -------- d-------- C:\DOCUME~1\Rodzina\Dane aplikacji\ganymedenet
2007-03-23 14:58 -------- d-------- C:\Program Files\winamp
2007-03-21 20:08 -------- d-------- C:\Program Files\ahead
2007-03-21 20:07 -------- d-------- C:\Program Files\Common Files\ahead
2007-03-21 17:24 -------- d-------- C:\Program Files\skype
2007-03-21 16:54 -------- d-------- C:\Program Files\messenger
2007-03-21 16:46 -------- d-------- C:\Program Files\windows nt
2007-03-21 16:46 -------- d-------- C:\Program Files\movie maker
2007-03-21 16:26 -------- d-------- C:\Program Files\lavalys
2007-03-21 11:55 -------- d-------- C:\Program Files\valve
2007-03-21 11:22 -------- d-------- C:\DOCUME~1\Rodzina\Dane aplikacji\macromedia
2007-03-21 11:21 107134 --a------ C:\WINDOWS\uninstallfirefox.exe
2007-03-21 11:21 0 --a------ C:\WINDOWS\nsreg.dat
2007-03-21 11:21 -------- d-------- C:\DOCUME~1\Rodzina\Dane aplikacji\mozilla
2007-03-21 11:14 -------- d-------- C:\Program Files\sagem
2007-03-21 11:14 -------- d-------- C:\Program Files\javasoft
2007-03-21 10:36 -------- d-------- C:\Program Files\alwil software
2007-03-21 10:35 -------- d-------- C:\DOCUME~1\Rodzina\Dane aplikacji\ati
2007-03-21 10:19 -------- d-------- C:\Program Files\Common Files\installshield
2007-03-21 10:12 -------- d-------- C:\Program Files\c-media 3d audio
2007-03-21 10:03 0 -rahs---- C:\MSDOS.SYS
2007-03-21 10:03 0 -rahs---- C:\IO.SYS
2007-03-21 10:03 0 --a------ C:\CONFIG.SYS
2007-03-21 10:03 0 --a------ C:\AUTOEXEC.BAT
2007-03-21 10:01 -------- d-------- C:\Program Files\usˆugi online
2007-03-21 10:00 -------- d-------- C:\Program Files\Common Files\mssoap
2007-03-21 09:59 21856 --a------ C:\WINDOWS\system32\emptyregdb.dat
2007-03-21 09:58 -------- d-------- C:\Program Files\msn gaming zone
2007-03-21 09:50 62 --ahs---- C:\DOCUME~1\Rodzina\Dane aplikacji\desktop.ini
2007-03-21 09:50 -------- d-------- C:\Program Files\Common Files\speechengines
2007-03-21 09:50 -------- d-------- C:\Program Files\Common Files\odbc
2007-03-02 22:54 307200 --a------ C:\WINDOWS\system32\atidemgx.dll
2007-03-02 22:29 3107788 --a------ C:\WINDOWS\system32\ativvaxx.dat
2007-03-02 22:17 258048 --a------ C:\WINDOWS\system32\atikvmag.dll
2007-02-26 17:44 147685 --a------ C:\WINDOWS\system32\atiicdxx.dat
2007-02-16 03:40 124472 --a------ C:\WINDOWS\system32\divxcodecupdatechecker.exe
(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))
*Note* empty entries & legit default entries are not shown
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"CTFMON.EXE"="C:\\WINDOWS\\System32\\ctfmon.exe"
"Gadu-Gadu"="\"C:\\Program Files\\Gadu-Gadu\\gg.exe\" /tray"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"WOOWATCH"="C:\\PROGRA~1\\Wanadoo\\Watch.exe"
"WOOTASKBARICON"="C:\\PROGRA~1\\Wanadoo\\TaskbarIcon.exe"
"HP Software Update"="C:\\Program Files\\Hewlett-Packard\\HP Software Update\\HPWuSchd.exe"
"HPDJ Taskbar Utility"="C:\\WINDOWS\\System32\\spool\\drivers\\w32x86\\3\\hpztsb08.exe"
"DeviceDiscovery"="C:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpotdd01.exe"
"avast!"="C:\\PROGRA~1\\ALWILS~1\\Avast4\\ashDisp.exe"
"RemoteControl"="\"C:\\Program Files\\CyberLink\\PowerDVD\\PDVDServ.exe\""
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL]
"Installed"="1"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI]
"NoChange"="1"
"Installed"="1"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS]
"Installed"="1"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BearShare]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="BearShare"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\BearShare\\BearShare.exe\" /pause"
"inimapping"="0"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Cmaudio]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="RunDll32 cmicnfg"
"hkey"="HKLM"
"command"="RunDll32 cmicnfg.cpl,CMICtrlWnd"
"inimapping"="0"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Flashget]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="flashget"
"hkey"="HKLM"
"command"="C:\\Program Files\\FlashGet\\flashget.exe /min"
"inimapping"="0"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="NeroCheck"
"hkey"="HKLM"
"command"="C:\\WINDOWS\\system32\\NeroCheck.exe"
"inimapping"="0"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Skype"
"hkey"="HKCU"
"command"="\"C:\\Program Files\\Skype\\Phone\\Skype.exe\" /nosplash /minimized"
"inimapping"="0"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="winampa"
"hkey"="HKLM"
"command"="C:\\Program Files\\Winamp\\winampa.exe"
"inimapping"="0"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost]
LocalService REG_MULTI_SZ Alerter\0WebClient\0LmHosts\0RemoteRegistry\0upnphost\0SSDPSRV\0\0
NetworkService REG_MULTI_SZ DnsCache\0\0
rpcss REG_MULTI_SZ RpcSs\0\0
imgsvc REG_MULTI_SZ StiSvc\0\0
termsvcs REG_MULTI_SZ TermService\0\0
HTTPFilter REG_MULTI_SZ HTTPFilter\0\0
*newlycreated* - HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\LEGACY_ADILOADER
~ ~ ~ ~ ~ ~ ~ ~ Hijackthis Backups ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~
backup-20070502-190256-980
O2 - BHO: (no name) - {2BFA6DC1-E90C-4CC1-B826-3ABF1645ED9B} - (no file)
backup-20070502-190245-534
O4 - HKLM\..\Run: [egcnimwk] C:\gdalsciy.bat
backup-20070430-140052-515
O23 - Service: System Manger Service 32 (SMSC) - Unknown owner - C:\WINDOWS\system\smsc.exe (file missing)
backup-20070430-140052-378
O23 - Service: Network Windows Service (MSWindows) - Unknown owner - C:\WINDOWS\System32\urdvxc.exe" /service (file missing)
backup-20070430-140052-111
O23 - Service: msn msgr 32-bit client process (msnmsgr32) - Unknown owner - C:\WINDOWS\system\msnmsgr32.exe
backup-20070430-140052-288
O23 - Service: Microsoft Host Service (MSHOST) - Unknown owner - C:\WINDOWS\system\host.exe
backup-20070430-140052-474
O23 - Service: Network helper Service (MSDisk) - Unknown owner - C:\WINDOWS\System32\irdvxc.exe" /service (file missing)
backup-20070430-140052-299
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
backup-20070430-140051-240
O4 - HKLM\..\Run: [InfoData] rundll32.exe "C:\WINDOWS\System32\fhsiowtt.dll",realset
backup-20070428-111129-945
O23 - Service: System Manger Service 32 (SMSC) - Unknown owner - C:\WINDOWS\system\smsc.exe (file missing)
backup-20070428-111129-678
O23 - Service: Network Windows Service (MSWindows) - Unknown owner - C:\WINDOWS\System32\urdvxc.exe" /service (file missing)
backup-20070428-111129-856
O23 - Service: msn msgr 32-bit client process (msnmsgr32) - Unknown owner - C:\WINDOWS\system\msnmsgr32.exe (file missing)
backup-20070428-111129-646
O23 - Service: Microsoft Host Service (MSHOST) - Unknown owner - C:\WINDOWS\system\host.exe (file missing)
backup-20070428-111129-929
O23 - Service: Network helper Service (MSDisk) - Unknown owner - C:\WINDOWS\System32\irdvxc.exe" /service (file missing)
backup-20070428-105622-683
O23 - Service: Network Windows Service (MSWindows) - Unknown owner - C:\WINDOWS\System32\urdvxc.exe" /service (file missing)
backup-20070428-105622-860
O23 - Service: msn msgr 32-bit client process (msnmsgr32) - Unknown owner - C:\WINDOWS\system\msnmsgr32.exe (file missing)
backup-20070428-105622-651
O23 - Service: Microsoft Host Service (MSHOST) - Unknown owner - C:\WINDOWS\system\host.exe
backup-20070428-105622-871
O23 - Service: Network helper Service (MSDisk) - Unknown owner - C:\WINDOWS\System32\irdvxc.exe" /service (file missing)
backup-20070428-105622-954
O4 - HKLM\..\Run: [InfoData] rundll32.exe "C:\WINDOWS\System32\efpcajce.dll",realset
backup-20070428-105622-950
O23 - Service: System Manger Service 32 (SMSC) - Unknown owner - C:\WINDOWS\system\smsc.exe (file missing)
backup-20070426-202730-443
O23 - Service: System Manger Service 32 (SMSC) - Unknown owner - C:\WINDOWS\system\smsc.exe (file missing)
backup-20070426-202730-620
O23 - Service: Network Windows Service (MSWindows) - Unknown owner - C:\WINDOWS\System32\urdvxc.exe" /service (file missing)
backup-20070426-202730-806
O23 - Service: msn msgr 32-bit client process (msnmsgr32) - Unknown owner - C:\WINDOWS\system\msnmsgr32.exe (file missing)
backup-20070426-202730-411
O23 - Service: Microsoft Host Service (MSHOST) - Unknown owner - C:\WINDOWS\system\host.exe
backup-20070426-202730-631
O23 - Service: Network helper Service (MSDisk) - Unknown owner - C:\WINDOWS\System32\irdvxc.exe" /service (file missing)
backup-20070426-202730-245
O4 - HKLM\..\Run: [InfoData] rundll32.exe "C:\WINDOWS\System32\jherkqyk.dll",realset
backup-20070425-204634-246
O23 - Service: System Manger Service 32 (SMSC) - Unknown owner - C:\WINDOWS\system\smsc.exe (file missing)
backup-20070425-204634-979
O23 - Service: Network Windows Service (MSWindows) - Unknown owner - C:\WINDOWS\System32\urdvxc.exe" /service (file missing)
backup-20070425-204634-156
O23 - Service: msn msgr 32-bit client process (msnmsgr32) - Unknown owner - C:\WINDOWS\system\msnmsgr32.exe (file missing)
backup-20070425-204634-342
O23 - Service: Microsoft Host Service (MSHOST) - Unknown owner - C:\WINDOWS\system\host.exe (file missing)
backup-20070425-204512-337
O23 - Service: msn msgr 32-bit client process (msnmsgr32) - Unknown owner - C:\WINDOWS\system\msnmsgr32.exe (file missing)
backup-20070425-204444-762
O4 - HKCU\..\Run: [Steam] "c:\progra~1\valve\steam\steam.exe" -silent
backup-20070425-204444-679
O23 - Service: System Manger Service 32 (SMSC) - Unknown owner - C:\WINDOWS\system\smsc.exe (file missing)
backup-20070425-202606-955
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
backup-20070425-202606-560
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
backup-20070425-202606-780
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
backup-20070425-202549-141
O23 - Service: Microsoft Host Service (MSHOST) - Unknown owner - C:\WINDOWS\system\host.exe
backup-20070423-145821-899
O23 - Service: Network Windows Service (MSWindows) - Unknown owner - C:\WINDOWS\System32\urdvxc.exe" /service (file missing)
backup-20070423-145821-679
O23 - Service: System Manger Service 32 (SMSC) - Unknown owner - C:\WINDOWS\system\smsc.exe
backup-20070423-145703-319
O23 - Service: System Manger Service 32 (SMSC) - Unknown owner - C:\WINDOWS\system\smsc.exe
backup-20070420-223015-795
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe /SYNC
backup-20070420-223000-370
O23 - Service: Network Windows Service (MSWindows) - Unknown owner - C:\WINDOWS\System32\urdvxc.exe" /service (file missing)
backup-20070420-223000-171
O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
backup-20070420-223000-904
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName
backup-20070420-223000-267
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
backup-20070420-223000-872
O4 - HKLM\..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32
backup-20070420-223000-440
O4 - HKLM\..\Run: [clcl4] C:\WINDOWS\System32\clcl4.exe
backup-20070419-174130-950
O23 - Service: Network Windows Service (MSWindows) - Unknown owner - C:\WINDOWS\System32\urdvxc.exe" /service (file missing)
backup-20070419-174020-142
O23 - Service: System Manger Service 32 (SMSC) - Unknown owner - C:\WINDOWS\system\smsc.exe
backup-20070418-162316-585
O23 - Service: System Manger Service 32 (SMSC) - Unknown owner - C:\WINDOWS\system\smsc.exe (file missing)
backup-20070418-162231-612
O23 - Service: Network helper Service (MSDisk) - Unknown owner - C:\WINDOWS\System32\irdvxc.exe" /service (file missing)
backup-20070418-162148-540
O23 - Service: Network Windows Service (MSWindows) - Unknown owner - C:\WINDOWS\System32\urdvxc.exe" /service (file missing)
backup-20070418-162046-977
O23 - Service: Network Windows Service (MSWindows) - Unknown owner - C:\WINDOWS\System32\urdvxc.exe" /service (file missing)
backup-20070418-161935-977
O23 - Service: System Manger Service 32 (SMSC) - Unknown owner - C:\WINDOWS\system\smsc.exe (file missing)
backup-20070418-141505-891
O23 - Service: System Manger Service 32 (SMSC) - Unknown owner - C:\WINDOWS\system\smsc.exe (file missing)
backup-20070417-174928-551
O23 - Service: System Manger Service 32 (SMSC) - Unknown owner - C:\WINDOWS\system\smsc.exe
backup-20070414-105801-504
O23 - Service: Network helper Service (MSDisk) - Unknown owner - C:\WINDOWS\System32\irdvxc.exe" /service (file missing)
backup-20070414-105801-421
O23 - Service: msn msgr 32-bit client process (msnmsgr32) - Unknown owner - C:\WINDOWS\system\msnmsgr32.exe (file missing)
backup-20070414-095615-900
O23 - Service: msn msgr 32-bit client process (msnmsgr32) - Unknown owner - C:\WINDOWS\system\msnmsgr32.exe
backup-20070414-095546-947
O23 - Service: msn msgr 32-bit client process (msnmsgr32) - Unknown owner - C:\WINDOWS\system\msnmsgr32.exe
backup-20070413-212702-663
O23 - Service: System Manger Service 32 (SMSC) - Unknown owner - C:\WINDOWS\system\smsc.exe
backup-20070412-172411-816
O23 - Service: Network helper Service (MSDisk) - Unknown owner - C:\WINDOWS\System32\irdvxc.exe" /service (file missing)
backup-20070412-172403-987
O23 - Service: Network helper Service (MSDisk) - Unknown owner - C:\WINDOWS\System32\irdvxc.exe" /service (file missing)
backup-20070412-172403-766
O23 - Service: System Manger Service 32 (SMSC) - Unknown owner - C:\WINDOWS\system\smsc.exe
backup-20070410-175810-683
O23 - Service: System Manger Service 32 (SMSC) - Unknown owner - C:\WINDOWS\system\smsc.exe
backup-20070410-175759-442
O23 - Service: System Manger Service 32 (SMSC) - Unknown owner - C:\WINDOWS\system\smsc.exe
backup-20070409-221107-279
O2 - BHO: XBTP02634 - {F97DA966-F09D-4cab-BF29-75A0026986EA} - C:\PROGRA~1\BEARSH~1\BEARSH~2\MediaBar.dll (file missing)
backup-20070409-221107-549
R3 - URLSearchHook: BearShare MediaBar - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - C:\Program Files\BearShare applications\BearShare MediaBar\MediaBar.dll (file missing)
backup-20070409-221107-454
O3 - Toolbar: BearShare MediaBar - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - C:\Program Files\BearShare applications\BearShare MediaBar\MediaBar.dll (file missing)
backup-20070408-201550-655
O23 - Service: Network helper Service (MSDisk) - Unknown owner - C:\WINDOWS\System32\irdvxc.exe" /service (file missing)
backup-20070408-201550-435
O23 - Service: System Manger Service 32 (SMSC) - Unknown owner - C:\WINDOWS\system\smsc.exe
backup-20070408-201541-748
O23 - Service: System Manger Service 32 (SMSC) - Unknown owner - C:\WINDOWS\system\smsc.exe
backup-20070408-162059-336
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\system32\msdxm.ocx
backup-20070404-205038-222
O23 - Service: Network helper Service (MSDisk) - Unknown owner - C:\WINDOWS\System32\irdvxc.exe" /service (file missing)
backup-20070404-184635-236
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.bearshare.com/sidebar.html?src=ssb
backup-20070404-184635-421
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.bearshare.com/sidebar.html?src=ssb
backup-20070404-184635-246
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.bearshare.com/sidebar.html?src=ssb
backup-20070404-184635-329
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://search.bearshare.com/sidebar.html?src=ssb
backup-20070404-184635-732
O4 - HKLM\..\Run: [Ms M1crofost System updt] C:\WINDOWS\System32\ehuytq.exe
backup-20070404-184635-930
O4 - HKLM\..\RunServices: [Ms M1crofost System updt] C:\WINDOWS\System32\ehuytq.exe
backup-20070403-223633-133
O23 - Service: Network helper Service (MSDisk) - Unknown owner - C:\WINDOWS\System32\irdvxc.exe" /service (file missing)
backup-20070403-144339-628
O4 - HKLM\..\RunServices: [Ms M1crofost System updt] C:\WINDOWS\System32\ehuytq.exe
backup-20070403-144339-233
O4 - HKLM\..\Run: [Ms M1crofost System updt] C:\WINDOWS\System32\ehuytq.exe
backup-20070403-144307-505
O4 - HKCU\..\Run: [Ms M1crofost System updt] C:\WINDOWS\System32\ehuytq.exe
backup-20070403-144249-372
O16 - DPF: {CD995117-98E5-4169-9920-6C12D4C0B548} (HGPlugin9USA Class) - http://gamedownload.ijjimax.com/gamedownload/dist/hgstart/HGPlugin9USA.cab
backup-20070330-225825-944
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.bearshare.com/sidebar.html?src=ssb
backup-20070330-225825-129
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.bearshare.com/pl/
backup-20070330-225825-734
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.bearshare.com/sidebar.html?src=ssb
backup-20070330-225825-954
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.bearshare.com/sidebar.html?src=ssb
backup-20070330-225825-444
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://search.bearshare.com/sidebar.html?src=ssb
backup-20070327-212059-577
O23 - Service: msnntlp - Unknown owner - C:\WINDOWS\system\msnntlp.exe
backup-20070327-212034-969
R3 - URLSearchHook: BearShare MediaBar - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - C:\Program Files\BearShare applications\BearShare MediaBar\MediaBar.dll
backup-20070327-212025-746
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = £¹cza
backup-20070327-212025-547
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.bearshare.com/sidebar.html?src=ssb
backup-20070327-212025-280
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.bearshare.com/pl/
backup-20070327-212025-458
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.bearshare.com/sidebar.html?src=ssb
backup-20070327-212025-644
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.bearshare.com/sidebar.html?src=ssb
backup-20070327-212025-780
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://search.bearshare.com/sidebar.html?src=ssb
backup-20070321-080910-920
O23 - Service: Network Windows Service (MSWindows) - Unknown owner - C:\WINDOWS\System32\urdvxc.exe" /service (file missing)
backup-20070320-205500-175
O4 - HKLM\..\RunServices: [msvccc66] svcchosst.exe
backup-20070320-205500-258
O4 - HKLM\..\Run: [msvccc66] svcchosst.exe
backup-20070320-205500-955
O23 - Service: Network Windows Service (MSWindows) - Unknown owner - C:\WINDOWS\System32\urdvxc.exe" /service (file missing)
backup-20070320-155507-758
O4 - HKCU\..\Run: [Live Messanger] livemsgr.exe
backup-20070320-155507-944
O4 - HKLM\..\RunServices: [msvccc66] svcchosst.exe
backup-20070320-155507-548
O4 - HKLM\..\RunServices: [Live Messanger] livemsgr.exe
backup-20070320-155507-831
O4 - HKLM\..\Run: [msvccc66] svcchosst.exe
backup-20070320-155507-914
O4 - HKLM\..\Run: [Live Messanger] livemsgr.exe
backup-20070319-143954-788
O4 - HKLM\..\Run: [msvccc66] svcchosst.exe
backup-20070319-143954-933
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = £¹cza
backup-20070319-143954-567
O4 - HKLM\..\RunServices: [msvccc66] svcchosst.exe
backup-20070317-170043-413
O4 - HKLM\..\Run: [msvccc66] svcchosst.exe
backup-20070314-215802-389
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
********************************************************************
catchme 0.1 W2K/XP - userland rootkit detector by Gmer, 17 October 2006
http://www.gmer.net
scanning hidden processes ...
scanning hidden services ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0
********************************************************************
Completion time: 07-05-09 14:31:36