POMOCY Trojan download
Prosze o natychmiastowo popoc złapałem przed chwilo Trojana i instaluje mi jakieś śmiecie ratunku
Odpowiedzi: 17
Prosze ponownie sprawdzi log,
Logfile of HijackThis v1.99.1
Scan saved at 17:44:29, on 2006–02–24
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Eset\nod32krn.exe
E:\Programy\Alcohol ..9.5\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Eset\nod32kui.exe
E:\Antivirusy\Spyware Nuker\swnxt.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
E:\Odtwarzacze\PowerDVD\PDVDServ.exe
C:\Program Files\Hewlett–Packard\HP Software Update\HPWuSchd2.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
E:\Programy\D–Link AirPlus\AirPlus.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
E:\P2P\eMule plus\eMule.exe
E:\P2P\eMule\emule.exe
C:\WINDOWS\system32\ntvdm.exe
E:\Programy\Przeglondarka internetowa\Opera\Opera.exe
C:\PROGRA~1\GetRight\getright.exe
C:\PROGRA~1\GetRight\getright.exe
E:\Antivirusy\hijackthis\HijackThis.exe
R1 – HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R0 – HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
O2 – BHO: AcroIEHlprObj Class – {06849E9F–C8D7–4D59–B87D–784B7D6BE0B3} – E:\Programy\Acrobat 5.0 CE\Reader\ActiveX\AcroIEHelper.ocx
O2 – BHO: bho2gr Class – {31FF080D–12A3–439A–A2EF–4BA95A3148E8} – C:\Program Files\GetRight\xx2gr.dll
O2 – BHO: (no name) – {53707962–6F74–2D53–2644–206D7942484F} – E:\Antivirusy\Spybot – Search & Destroy\SDHelper.dll
O2 – BHO: SSVHelper Class – {761497BB–D6F0–462C–B6EB–D4DAF1D92D43} – C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O4 – HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 – HKLM\..\Run: [SWN2] E:\Antivirusy\Spyware Nuker\swnxt.exe /h
O4 – HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 – HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime –Delay
O4 – HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 – HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe
O4 – HKLM\..\Run: [RemoteControl] E:\Odtwarzacze\PowerDVD\PDVDServ.exe
O4 – HKLM\..\Run: [HP Software Update] C:\Program Files\Hewlett–Packard\HP Software Update\HPWuSchd2.exe
O4 – HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 – HKLM\..\Run: [BearShare] "E:\P2P\BearShare\BearShare.exe" /pause
O4 – HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 – Global Startup: D–Link AirPlus.lnk = ?
O4 – Global Startup: GetRight – Tray Icon.lnk = C:\Program Files\GetRight\getright.exe
O4 – Global Startup: Microsoft Office.lnk = E:\Programy\Microsoft Office\Office10\OSA.EXE
O8 – Extra context menu item: E&ksport do programu Microsoft Excel – res://E:\Programy\MICROS~1\Office10\EXCEL.EXE/3000
O9 – Extra button: (no name) – {08B0E5C0–4FCB–11CF–AAA5–00401C608501} – C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 – Extra 'Tools' menuitem: Sun Java Console – {08B0E5C0–4FCB–11CF–AAA5–00401C608501} – C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 – Extra button: Messenger – {FB5F1910–F110–11d2–BB9E–00C04F795683} – C:\Program Files\Messenger\msmsgs.exe
O9 – Extra 'Tools' menuitem: Windows Messenger – {FB5F1910–F110–11d2–BB9E–00C04F795683} – C:\Program Files\Messenger\msmsgs.exe
O23 – Service: Ati HotKey Poller – ATI Technologies Inc. – C:\WINDOWS\system32\Ati2evxx.exe
O23 – Service: ATI Smart – Unknown owner – C:\WINDOWS\system32\ati2sgag.exe
O23 – Service: NOD32 Kernel Service (NOD32krn) – Eset – C:\Program Files\Eset\nod32krn.exe
O23 – Service: StarWind iSCSI Service (StarWindService) – Rocket Division Software – E:
\Programy\Alcohol ..9.5\Alcohol 120\StarWind\StarWindService.exe
********* Spyware Nuker XT Log File **********
– Version: 4.5.40.1560 Build 1560
– Definition Database Date: 1/16/2006 08:36:25 AM (12867 entries)
– OS version: Windows XP 5.1.2600 []
– Default Browser: IExplore (C:\Program Files\Internet Explorer\iexplore.exe)
– Browser Versions: IE:6.0.2600.0000;
– User ID: S–1–5–21–1757981266–492894223–682003330–1003
= 02–11–2006 18:44:56 database: 1/16/2006 08:36:25 AM (12867 entries)
= 02–11–2006 18:44:56 2009 exe signatures
= 02–11–2006 18:44:56 52 exe signatures
= 02–11–2006 18:44:57 Scan Locations: "C:\", "D:\"
= 02–11–2006 18:44:57 restored essential registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main|Default_Page_URL => "about:blank"
= 02–11–2006 18:44:57 restored essential registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main|Default_Search_URL => "http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
= 02–11–2006 18:44:57 [396] *** Process: 348 (parent 900) C:\WINDOWS\System32\rasautou.exe:
= 02–11–2006 18:44:57 apn–scan(rasautou.exe): 46 microseconds
= 02–11–2006 18:44:57 [396] ap–scan [0ms]: NO THREAT found in file C:\WINDOWS\System32\rasautou.exe
= 02–11–2006 18:45:22 [604] *** Process: 404 (parent 988) C:\DOCUME~1\Deus\USTAWI~1\Temp\Rar$EX04.079\Crack.eXe:
= 02–11–2006 18:45:22 apn–scan(Crack.eXe): 43 microseconds
= 02–11–2006 18:45:22 [604] ap–scan [0ms]: NO THREAT found in file C:\DOCUME~1\Deus\USTAWI~1\Temp\Rar$EX04.079\Crack.eXe
= 02–11–2006 18:45:30 [864] *** Process: 124 (parent 988) C:\DOCUME~1\Deus\USTAWI~1\Temp\Rar$EX05.375\Crack.eXe:
= 02–11–2006 18:45:30 apn–scan(Crack.eXe): 42 microseconds
= 02–11–2006 18:45:30 [864] ap–scan [15ms]: NO THREAT found in file C:\DOCUME~1\Deus\USTAWI~1\Temp\Rar$EX05.375\Crack.eXe
= 02–11–2006 18:46:08 [836] *** Process: 520 (parent 1072) D:\Antivirusy\Crack.eXe:
= 02–11–2006 18:46:08 apn–scan(Crack.eXe): 34 microseconds
= 02–11–2006 18:46:08 [836] ap–scan [16ms]: NO THREAT found in file D:\Antivirusy\Crack.eXe
= 02–11–2006 18:46:13 [364] *** Process: 488 (parent 1072) D:\Antivirusy\Spyware Nuker\Crack.eXe:
= 02–11–2006 18:46:13 apn–scan(Crack.eXe): 39 microseconds
= 02–11–2006 18:46:13 [364] ap–scan [16ms]: NO THREAT found in file D:\Antivirusy\Spyware Nuker\Crack.eXe
= 02–11–2006 18:46:16 [936] *** Process: 2004 (parent 1072) D:\Antivirusy\Spyware Nuker\Crack.eXe:
= 02–11–2006 18:46:16 apn–scan(Crack.eXe): 35 microseconds
= 02–11–2006 18:46:16 [936] ap–scan [0ms]: NO THREAT found in file D:\Antivirusy\Spyware Nuker\Crack.eXe
= 02–11–2006 18:46:21 [796] *** Process: 444 (parent 1072) D:\Antivirusy\Spyware Nuker\swnxt.exe:
= 02–11–2006 18:46:21 apn–scan(swnxt.exe): 40 microseconds
= 02–11–2006 18:46:21 [796] ap–scan [203ms]: NO THREAT found in file D:\Antivirusy\Spyware Nuker\swnxt.exe
********* Spyware Nuker XT Log File **********
– Version: 4.5.40.1560 Build 1560
– Definition Database Date: 1/16/2006 08:36:25 AM (12867 entries)
– OS version: Windows XP 5.1.2600 []
– Default Browser: IExplore (C:\Program Files\Internet Explorer\iexplore.exe)
– Browser Versions: IE:6.0.2600.0000;
– User ID: S–1–5–21–1757981266–492894223–682003330–1003
= 02–11–2006 18:46:21 database: 1/16/2006 08:36:25 AM (12867 entries)
= 02–11–2006 18:46:22 2009 exe signatures
= 02–11–2006 18:46:22 52 exe signatures
= 02–11–2006 18:46:49 [920] *** Process: 1064 (parent 900) C:\WINDOWS\System32\rundll32.exe:
= 02–11–2006 18:46:49 apn–scan(rundll32.exe): 46 microseconds
= 02–11–2006 18:46:49 [920] ap–scan [31ms]: NO THREAT found in file C:\WINDOWS\System32\rundll32.exe
= 02–11–2006 18:46:49 [1508] *** Process: 1136 (parent 668) C:\WINDOWS\System32\imapi.exe:
= 02–11–2006 18:46:49 apn–scan(imapi.exe): 46 microseconds
= 02–11–2006 18:46:49 [1508] ap–scan [31ms]: NO THREAT found in file C:\WINDOWS\System32\imapi.exe
= 02–11–2006 18:47:06 [1500] *** Process: 464 (parent 900) C:\WINDOWS\System32\rundll32.exe:
= 02–11–2006 18:47:06 apn–scan(rundll32.exe): 46 microseconds
= 02–11–2006 18:47:06 [1500] ap–scan [0ms]: NO THREAT found in file C:\WINDOWS\System32\rundll32.exe
= 02–11–2006 18:47:06 [648] *** Process: 752 (parent 668) C:\WINDOWS\System32\imapi.exe:
= 02–11–2006 18:47:06 apn–scan(imapi.exe): 47 microseconds
= 02–11–2006 18:47:06 [648] ap–scan [16ms]: NO THREAT found in file C:\WINDOWS\System32\imapi.exe
= 02–11–2006 18:47:07 [1232] *** Process: 1188 (parent 1072) E:\AUTORUN.EXE:
= 02–11–2006 18:47:08 apn–scan(AUTORUN.EXE): 33 microseconds
= 02–11–2006 18:47:08 [1232] ap–scan [844ms]: NO THREAT found in file E:\AUTORUN.EXE
= 02–11–2006 18:47:12 [1460] *** Process: 1156 (parent 1072) C:\WINDOWS\system32\rundll32.exe:
= 02–11–2006 18:47:12 apn–scan(rundll32.exe): 48 microseconds
= 02–11–2006 18:47:12 [1460] ap–scan [16ms]: NO THREAT found in file C:\WINDOWS\system32\rundll32.exe
= 02–11–2006 18:47:13 [1140] *** Process: 952 (parent 848) C:\WINDOWS\System32\wbem\wmiprvse.exe:
= 02–11–2006 18:47:13 apn–scan(wmiprvse.exe): 49 microseconds
= 02–11–2006 18:47:13 [1140] ap–scan [62ms]: NO THREAT found in file C:\WINDOWS\System32\wbem\wmiprvse.exe
= 02–11–2006 18:47:15 [1664] *** Process: 1548 (parent 1156) C:\WINDOWS\System32\mmc.exe:
= 02–11–2006 18:47:16 apn–scan(mmc.exe): 45 microseconds
= 02–11–2006 18:47:16 [1664] ap–scan [172ms]: NO THREAT found in file C:\WINDOWS\System32\mmc.exe
= 02–11–2006 18:47:45 [1680] *** Process: 1688 (parent 1072) C:\WINDOWS\system32\rundll32.exe:
= 02–11–2006 18:47:45 apn–scan(rundll32.exe): 48 microseconds
= 02–11–2006 18:47:45 [1680] ap–scan [16ms]: NO THREAT found in file C:\WINDOWS\system32\rundll32.exe
= 02–11–2006 18:49:09 [1968] *** Process: 1964 (parent 1688) C:\WINDOWS\system32\runonce.exe:
= 02–11–2006 18:49:09 apn–scan(runonce.exe): 48 microseconds
= 02–11–2006 18:49:09 [1968] ap–scan [15ms]: NO THREAT found in file C:\WINDOWS\system32\runonce.exe
= 02–11–2006 18:49:10 [1952] *** Process: 1792 (parent 1688) C:\WINDOWS\system32\runonce.exe:
= 02–11–2006 18:49:10 apn–scan(runonce.exe): 48 microseconds
= 02–11–2006 18:49:10 [1952] ap–scan [0ms]: NO THREAT found in file C:\WINDOWS\system32\runonce.exe
= 02–11–2006 18:49:20 [976] *** Process: 984 (parent 1072) C:\WINDOWS\System32\rundll32.exe:
= 02–11–2006 18:49:20 apn–scan(rundll32.exe): 48 microseconds
= 02–11–2006 18:49:20 [976] ap–scan [0ms]: NO THREAT found in file C:\WINDOWS\System32\rundll32.exe
= 02–11–2006 18:50:03 [1892] *** Process: 292 (parent 1072) C:\Program Files\Internet Explorer\iexplore.exe:
= 02–11–2006 18:50:03 apn–scan(iexplore.exe): 47 microseconds
= 02–11–2006 18:50:03 [1892] ap–scan [31ms]: NO THREAT found in file C:\Program Files\Internet Explorer\iexplore.exe
= 02–11–2006 18:50:41 [1660] *** Process: 532 (parent 900) C:\WINDOWS\System32\rundll32.exe:
= 02–11–2006 18:50:41 apn–scan(rundll32.exe): 47 microseconds
= 02–11–2006 18:50:41 [1660] ap–scan [16ms]: NO THREAT found in file C:\WINDOWS\System32\rundll32.exe
= 02–11–2006 18:50:41 [968] *** Process: 1956 (parent 668) C:\WINDOWS\System32\imapi.exe:
= 02–11–2006 18:50:41 apn–scan(imapi.exe): 46 microseconds
= 02–11–2006 18:50:41 [968] ap–scan [32ms]: NO THREAT found in file C:\WINDOWS\System32\imapi.exe
= 02–11–2006 18:50:56 [1820] *** Process: 996 (parent 900) \\?\C:\WINDOWS\system32\WBEM\WMIADAP.EXE:
= 02–11–2006 18:50:56 apn–scan(WMIADAP.EXE): 36 microseconds
= 02–11–2006 18:50:56 [1820] ap–scan [78ms]: NO THREAT found in file \\?\C:\WINDOWS\system32\WBEM\WMIADAP.EXE
= 02–11–2006 18:50:56 [1212] *** Process: 432 (parent 848) C:\WINDOWS\System32\wbem\wmiprvse.exe:
= 02–11–2006 18:50:57 apn–scan(wmiprvse.exe): 48 microseconds
= 02–11–2006 18:50:57 [1212] ap–scan [47ms]: NO THREAT found in file C:\WINDOWS\System32\wbem\wmiprvse.exe
********* Spyware Nuker XT Log File **********
– Version: 4.5.40.1560 Build 1560
– Definition Database Date: 1/16/2006 08:36:25 AM (12867 entries)
– OS version: Windows XP 5.1.2600 []
– Default Browser: Opera (C:\Programy\Opera\Opera.exe)
– Browser Versions: IE:6.0.2600.0000;
– User ID: S–1–5–21–1757981266–492894223–682003330–1003
= 02–11–2006 20:32:41 database: 1/16/2006 08:36:25 AM (12867 entries)
= 02–11–2006 20:32:46 2009 exe signatures
= 02–11–2006 20:32:46 52 exe signatures
= 02–11–2006 20:33:05 Scan Locations: "C:\", "D:\"
= 02–11–2006 20:33:14 [744] *** Process: 720 (parent 728) C:\WINDOWS\System32\wbem\wmiprvse.exe:
= 02–11–2006 20:33:14 apn–scan(wmiprvse.exe): 51 microseconds
= 02–11–2006 20:33:14 [744] ap–scan [140ms]: NO THREAT found in file C:\WINDOWS\System32\wbem\wmiprvse.exe
= 02–11–2006 20:33:24 [1648] *** Process: 1632 (parent 540) C:\WINDOWS\System32\wbem\wmiapsrv.exe:
= 02–11–2006 20:33:24 apn–scan(wmiapsrv.exe): 49 microseconds
= 02–11–2006 20:33:24 [1648] ap–scan [62ms]: NO THREAT found in file C:\WINDOWS\System32\wbem\wmiapsrv.exe
= 02–11–2006 20:33:26 process list begins (scan)
= 02–11–2006 20:33:26 0416 \SystemRoot\System32\smss.exe
= 02–11–2006 20:33:26 0472 C:\WINDOWS\system32\csrss.exe
= 02–11–2006 20:33:26 0496 C:\WINDOWS\system32\winlogon.exe
= 02–11–2006 20:33:26 0540 C:\WINDOWS\system32\services.exe
= 02–11–2006 20:33:26 0552 C:\WINDOWS\system32\lsass.exe
= 02–11–2006 20:33:26 0728 C:\WINDOWS\system32\svchost.exe
= 02–11–2006 20:33:26 0780 C:\WINDOWS\System32\svchost.exe
= 02–11–2006 20:33:26 0844 C:\WINDOWS\System32\svchost.exe
= 02–11–2006 20:33:26 0868 C:\WINDOWS\System32\svchost.exe
= 02–11–2006 20:33:26 0948 C:\WINDOWS\system32\spoolsv.exe
= 02–11–2006 20:33:26 1124 C:\Program Files\Eset\nod32krn.exe
= 02–11–2006 20:33:26 1156 C:\Programy\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
= 02–11–2006 20:33:26 1680 C:\WINDOWS\Explorer.EXE
= 02–11–2006 20:33:26 1892 C:\Program Files\Eset\nod32kui.exe
= 02–11–2006 20:33:26 1980 D:\Antivirusy\Spyware Nuker\swnxt.exe
= 02–11–2006 20:33:26 2012 C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
= 02–11–2006 20:33:26 2032 C:\WINDOWS\System32\RunDll32.exe
= 02–11–2006 20:33:26 0216 C:\Programy\PowerDVD\PDVDServ.exe
= 02–11–2006 20:33:26 0244 C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
= 02–11–2006 20:33:26 0276 C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb10.exe
= 02–11–2006 20:33:26 0296 C:\Program Files\Hewlett–Packard\HP Software Update\HPWuSchd2.exe
= 02–11–2006 20:33:26 0352 C:\Odtwarzacze\Winamp\winampa.exe
= 02–11–2006 20:33:26 0348 D:\P2P\Ares\Ares.exe
= 02–11–2006 20:33:26 0720 C:\WINDOWS\System32\wbem\wmiprvse.exe
= 02–11–2006 20:33:26 process list ends (scan)
= 02–11–2006 20:33:35 Will scan the following folders:
= 02–11–2006 20:33:35 1: C:\
= 02–11–2006 20:33:35 2: D:\
= 02–11–2006 20:33:56 [3624] *** Process: 3616 (parent 244) C:\Program Files\HP\hpcoretech\soln\HPOSM.exe:
= 02–11–2006 20:33:56 apn–scan(HPOSM.exe): 75 microseconds
= 02–11–2006 20:33:56 [3624] ap–scan [78ms]: NO THREAT found in file C:\Program Files\HP\hpcoretech\soln\HPOSM.exe
= 02–11–2006 20:33:57 [3796] *** Process: 3788 (parent 244) C:\Program Files\HP\hpcoretech\comp\hpdarc.exe:
= 02–11–2006 20:33:57 apn–scan(hpdarc.exe): 61 microseconds
= 02–11–2006 20:33:57 [3796] ap–scan [47ms]: NO THREAT found in file C:\Program Files\HP\hpcoretech\comp\hpdarc.exe
= 02–11–2006 20:33:58 [3948] *** Process: 3940 (parent 244) C:\Program Files\HP\hpcoretech\comp\hptskmgr.exe:
= 02–11–2006 20:33:58 apn–scan(hptskmgr.exe): 45 microseconds
= 02–11–2006 20:33:58 [3948] ap–scan [46ms]: NO THREAT found in file C:\Program Files\HP\hpcoretech\comp\hptskmgr.exe
= 02–11–2006 20:33:59 [4012] *** Process: 4004 (parent 244) C:\Program Files\HP\hpcoretech\comp\hpuihost.exe:
= 02–11–2006 20:33:59 apn–scan(hpuihost.exe): 46 microseconds
= 02–11–2006 20:33:59 [4012] ap–scan [32ms]: NO THREAT found in file C:\Program Files\HP\hpcoretech\comp\hpuihost.exe
= 02–11–2006 20:34:13 [1716] *** Process: 1780 (parent 1680) C:\WINDOWS\system32\rundll32.exe:
= 02–11–2006 20:34:13 apn–scan(rundll32.exe): 63 microseconds
= 02–11–2006 20:34:13 [1716] ap–scan [16ms]: NO THREAT found in file C:\WINDOWS\system32\rundll32.exe
= 02–11–2006 20:34:48 [3760] *** Process: 3752 (parent 1680) D:\Odebrane pliki\Ati sterownik redeon\9–13_mmc_euro1.exe:
= 02–11–2006 20:34:48 apn–scan(9–13_mmc_euro1.exe): 53 microseconds
= 02–11–2006 20:34:48 [3760] ap–scan [94ms]: NO THREAT found in file D:\Odebrane pliki\Ati sterownik redeon\9–13_mmc_euro1.exe
= 02–11–2006 20:35:09 [744] *** Process: 752 (parent 3752) D:\ATI\SUPPORT\9–13_mmc_euro1\setup.exe:
= 02–11–2006 20:35:09 apn–scan(setup.exe): 39 microseconds
= 02–11–2006 20:35:09 [744] ap–scan [125ms]: NO THREAT found in file D:\ATI\SUPPORT\9–13_mmc_euro1\setup.exe
= 02–11–2006 20:35:14 [1716] *** Process: 556 (parent 728) C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe:
= 02–11–2006 20:35:15 apn–scan(IDriver.exe): 61 microseconds
= 02–11–2006 20:35:15 [1716] ap–scan [235ms]: NO THREAT found in file C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe
= 02–11–2006 20:35:15 [2084] *** Process: 2076 (parent 728) C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe:
= 02–11–2006 20:35:15 apn–scan(IDriver.exe): 48 microseconds
= 02–11–2006 20:35:15 [2084] ap–scan [203ms]: NO THREAT found in file C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe
= 02–11–2006 20:35:16 [1152] *** Process: 2140 (parent 540) C:\WINDOWS\System32\msiexec.exe:
= 02–11–2006 20:35:16 apn–scan(msiexec.exe): 53 microseconds
= 02–11–2006 20:35:16 [1152] ap–scan [31ms]: NO THREAT found in file C:\WINDOWS\System32\msiexec.exe
= 02–11–2006 20:35:16 [2200] *** Process: 204 (parent 2140) C:\WINDOWS\System32\MsiExec.exe:
= 02–11–2006 20:35:16 apn–scan(MsiExec.exe): 47 microseconds
= 02–11–2006 20:35:16 [2200] ap–scan [16ms]: NO THREAT found in file C:\WINDOWS\System32\MsiExec.exe
= 02–11–2006 20:35:27 [2876] *** Process: 2868 (parent 728) C:\WINDOWS\System32\wbem\wmiprvse.exe:
= 02–11–2006 20:35:27 apn–scan(wmiprvse.exe): 57 microseconds
= 02–11–2006 20:35:27 [2876] ap–scan [47ms]: NO THREAT found in file C:\WINDOWS\System32\wbem\wmiprvse.exe
= 02–11–2006 20:35:52 [3248] *** Process: 3240 (parent 2140) C:\WINDOWS\System32\MsiExec.exe:
= 02–11–2006 20:35:52 apn–scan(MsiExec.exe): 49 microseconds
= 02–11–2006 20:35:52 [3248] ap–scan [31ms]: NO THREAT found in file C:\WINDOWS\System32\MsiExec.exe
= 02–11–2006 20:35:54 [3472] *** Process: 3072 (parent 2140) C:\WINDOWS\System32\MsiExec.exe:
= 02–11–2006 20:35:54 apn–scan(MsiExec.exe): 48 microseconds
= 02–11–2006 20:35:54 [3472] ap–scan [16ms]: NO THREAT found in file C:\WINDOWS\System32\MsiExec.exe
= 02–11–2006 20:36:00 [3948] *** Process: 3956 (parent 496) C:\WINDOWS\system32\logonui.exe:
= 02–11–2006 20:36:00 apn–scan(logonui.exe): 56 microseconds
= 02–11–2006 20:36:00 [3948] ap–scan [78ms]: NO THREAT found in file C:\WINDOWS\system32\logonui.exe
********* Spyware Nuker XT Log File **********
– Version: 4.5.40.1560 Build 1560
– Definition Database Date: 1/16/2006 08:36:25 AM (12867 entries)
– OS version: Windows XP 5.1.2600 []
– Default Browser: Opera (C:\Programy\Opera\Opera.exe)
– Browser Versions: IE:6.0.2600.0000;
– User ID: S–1–5–21–1757981266–492894223–682003330–1003
= 02–11–2006 20:37:34 database: 1/16/2006 08:36:25 AM (12867 entries)
= 02–11–2006 20:37:38 2009 exe signatures
= 02–11–2006 20:37:38 52 exe signatures
= 02–11–2006 20:37:50 Scan Locations: "C:\", "D:\"
= 02–11–2006 20:37:59 [152] *** Process: 1884 (parent 908) C:\WINDOWS\System32\wbem\wmiprvse.exe:
= 02–11–2006 20:37:59 apn–scan(wmiprvse.exe): 50 microseconds
= 02–11–2006 20:37:59 [152] ap–scan [156ms]: NO THREAT found in file C:\WINDOWS\System32\wbem\wmiprvse.exe
= 02–11–2006 20:38:09 [2472] *** Process: 2464 (parent 716) C:\WINDOWS\System32\wbem\wmiapsrv.exe:
= 02–11–2006 20:38:09 apn–scan(wmiapsrv.exe): 49 microseconds
= 02–11–2006 20:38:09 [2472] ap–scan [32ms]: NO THREAT found in file C:\WINDOWS\System32\wbem\wmiapsrv.exe
= 02–11–2006 20:38:58 [1356] *** Process: 1352 (parent 1572) C:\WINDOWS\system32\rundll32.exe:
= 02–11–2006 20:38:58 apn–scan(rundll32.exe): 47 microseconds
= 02–11–2006 20:38:58 [1356] ap–scan [15ms]: NO THREAT found in file C:\WINDOWS\system32\rundll32.exe
= 02–11–2006 20:39:21 [2552] *** Process: 2544 (parent 1032) C:\WINDOWS\System32\MsiExec.exe:
= 02–11–2006 20:39:21 apn–scan(MsiExec.exe): 47 microseconds
= 02–11–2006 20:39:21 [2552] ap–scan [31ms]: NO THREAT found in file C:\WINDOWS\System32\MsiExec.exe
= 02–11–2006 20:39:21 [2624] *** Process: 2616 (parent 908) C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe:
= 02–11–2006 20:39:21 apn–scan(IDriver.exe): 44 microseconds
= 02–11–2006 20:39:21 [2624] ap–scan [266ms]: NO THREAT found in file C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe
= 02–11–2006 20:39:38 [3992] *** Process: 3972 (parent 1032) C:\Program Files\ATI Technologies\ATI.ACE\atishlx.exe:
= 02–11–2006 20:39:38 apn–scan(atishlx.exe): 47 microseconds
= 02–11–2006 20:39:38 [3992] ap–scan [47ms]: NO THREAT found in file C:\Program Files\ATI Technologies\ATI.ACE\atishlx.exe
= 02–11–2006 20:39:39 [4052] *** Process: 4044 (parent 3972) C:\WINDOWS\System32\cmd.exe:
= 02–11–2006 20:39:39 apn–scan(cmd.exe): 49 microseconds
= 02–11–2006 20:39:39 [4052] ap–scan [422ms]: NO THREAT found in file C:\WINDOWS\System32\cmd.exe
= 02–11–2006 20:39:39 [4092] *** Process: 1316 (parent 4044) C:\WINDOWS\regedit.exe:
= 02–11–2006 20:39:40 apn–scan(regedit.exe): 45 microseconds
= 02–11–2006 20:39:40 [4092] ap–scan [63ms]: NO THREAT found in file C:\WINDOWS\regedit.exe
= 02–11–2006 20:39:40 [568] *** Process: 532 (parent 4044) C:\Program Files\ATI Technologies\ATI.ACE\thunk.exe:
= 02–11–2006 20:39:40 apn–scan(thunk.exe): 44 microseconds
= 02–11–2006 20:39:40 [568] ap–scan [15ms]: NO THREAT found in file C:\Program Files\ATI Technologies\ATI.ACE\thunk.exe
= 02–11–2006 20:39:40 [1492] *** Process: 284 (parent 4044) C:\Program Files\ATI Technologies\ATI.ACE\uccc.exe:
= 02–11–2006 20:39:40 apn–scan(uccc.exe): 44 microseconds
= 02–11–2006 20:39:40 [1492] ap–scan [32ms]: NO THREAT found in file C:\Program Files\ATI Technologies\ATI.ACE\uccc.exe
= 02–11–2006 20:39:42 [1940] *** Process: 1208 (parent 1032) C:\WINDOWS\System32\MsiExec.exe:
= 02–11–2006 20:39:42 apn–scan(MsiExec.exe): 46 microseconds
= 02–11–2006 20:39:42 [1940] ap–scan [16ms]: NO THREAT found in file C:\WINDOWS\System32\MsiExec.exe
= 02–11–2006 20:39:50 [720] *** Process: 360 (parent 1572) C:\WINDOWS\System32\SNDVOL32.EXE:
= 02–11–2006 20:39:50 apn–scan(SNDVOL32.EXE): 50 microseconds
= 02–11–2006 20:39:50 [720] ap–scan [63ms]: NO THREAT found in file C:\WINDOWS\System32\SNDVOL32.EXE
= 02–11–2006 20:39:55 [3632] *** Process: 3624 (parent 1572) C:\WINDOWS\system32\rundll32.exe:
= 02–11–2006 20:39:55 apn–scan(rundll32.exe): 47 microseconds
= 02–11–2006 20:39:55 [3632] ap–scan [16ms]: NO THREAT found in file C:\WINDOWS\system32\rundll32.exe
= 02–11–2006 20:40:07 [3332] *** Process: 3324 (parent 1032) C:\WINDOWS\Installer\MSI59A.tmp:
= 02–11–2006 20:40:07 apn–scan(MSI59A.tmp): 46 microseconds
= 02–11–2006 20:40:07 [3332] ap–scan [15ms]: NO THREAT found in file C:\WINDOWS\Installer\MSI59A.tmp
= 02–11–2006 20:40:33 [3976] *** Process: 3968 (parent 1572) D:\Odebrane pliki\Ati sterownik redeon\6–1_xp–2k_dd_ccc_wdm_enu_29602_redeon .exe:
= 02–11–2006 20:40:33 apn–scan(6–1_xp–2k_dd_ccc_wdm_enu_29602_redeon .exe): 37 microseconds
= 02–11–2006 20:40:33 [3976] ap–scan [125ms]: NO THREAT found in file D:\Odebrane pliki\Ati sterownik redeon\6–1_xp–2k_dd_ccc_wdm_enu_29602_redeon .exe
= 02–11–2006 20:41:01 [2716] *** Process: 2696 (parent 3968) D:\ATI\SUPPORT\6–1_xp–2k_dd_ccc_wdm_enu_29602\setup.exe:
= 02–11–2006 20:41:01 apn–scan(setup.exe): 38 microseconds
= 02–11–2006 20:41:01 [2716] ap–scan [63ms]: NO THREAT found in file D:\ATI\SUPPORT\6–1_xp–2k_dd_ccc_wdm_enu_29602\setup.exe
= 02–11–2006 20:41:02 [2740] *** Process: 2736 (parent 2696) D:\ATI\SUPPORT\6–1_xp–2k_dd_ccc_wdm_enu_29602\issetup.exe:
= 02–11–2006 20:41:02 apn–scan(issetup.exe): 37 microseconds
= 02–11–2006 20:41:02 [2740] ap–scan [63ms]: NO THREAT found in file D:\ATI\SUPPORT\6–1_xp–2k_dd_ccc_wdm_enu_29602\issetup.exe
= 02–11–2006 20:41:02 [2784] *** Process: 2776 (parent 2736) C:\Program Files\Common Files\InstallShield\engine\6\Intel 32\IKernel.exe:
= 02–11–2006 20:41:02 apn–scan(IKernel.exe): 48 microseconds
= 02–11–2006 20:41:02 [2784] ap–scan [171ms]: NO THREAT found in file C:\Program Files\Common Files\InstallShield\engine\6\Intel 32\IKernel.exe
= 02–11–2006 20:41:03 [2832] *** Process: 2824 (parent 908) C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\IKernel.exe:
= 02–11–2006 20:41:03 apn–scan(IKernel.exe): 44 microseconds
= 02–11–2006 20:41:03 [2832] ap–scan [188ms]: NO THREAT found in file C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\IKernel.exe
= 02–11–2006 20:41:04 [2888] *** Process: 2880 (parent 2824) C:\Program Files\Common Files\InstallShield\engine\6\Intel 32\iKernel.exe:
= 02–11–2006 20:41:04 apn–scan(iKernel.exe): 48 microseconds
= 02–11–2006 20:41:04 [2888] ap–scan [156ms]: NO THREAT found in file C:\Program Files\Common Files\InstallShield\engine\6\Intel 32\iKernel.exe
= 02–11–2006 20:41:11 [3292] *** Process: 3284 (parent 908) C:\WINDOWS\System32\wbem\wmiprvse.exe:
= 02–11–2006 20:41:11 apn–scan(wmiprvse.exe): 52 microseconds
= 02–11–2006 20:41:11 [3292] ap–scan [47ms]: NO THREAT found in file C:\WINDOWS\System32\wbem\wmiprvse.exe
= 02–11–2006 20:41:23 [3552] *** Process: 3544 (parent 2824) D:\ATI\SUPPORT\6–1_xp–2k_dd_ccc_wdm_enu_29602\AtiCim.bin:
= 02–11–2006 20:41:23 apn–scan(AtiCim.bin): 37 microseconds
= 02–11–2006 20:41:23 [3552] ap–scan [31ms]: NO THREAT found in file D:\ATI\SUPPORT\6–1_xp–2k_dd_ccc_wdm_enu_29602\AtiCim.bin
= 02–11–2006 20:41:24 [524] *** Process: 152 (parent 3544) D:\ATI\SUPPORT\6–1_xp–2k_dd_ccc_wdm_enu_29602\Driver\setup.exe:
= 02–11–2006 20:41:24 apn–scan(setup.exe): 39 microseconds
= 02–11–2006 20:41:24 [524] ap–scan [16ms]: NO THREAT found in file D:\ATI\SUPPORT\6–1_xp–2k_dd_ccc_wdm_enu_29602\Driver\setup.exe
= 02–11–2006 20:41:24 [3620] *** Process: 3608 (parent 152) C:\Program Files\Common Files\InstallShield\engine\6\Intel 32\IKernel.exe:
= 02–11–2006 20:41:25 apn–scan(IKernel.exe): 46 microseconds
= 02–11–2006 20:41:25 [3620] ap–scan [187ms]: NO THREAT found in file C:\Program Files\Common Files\InstallShield\engine\6\Intel 32\IKernel.exe
= 02–11–2006 20:41:25 [3716] *** Process: 3704 (parent 908) C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\IKernel.exe:
= 02–11–2006 20:41:25 apn–scan(IKernel.exe): 43 microseconds
= 02–11–2006 20:41:25 [3716] ap–scan [157ms]: NO THREAT found in file C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\IKernel.exe
= 02–11–2006 20:41:25 [3832] *** Process: 3824 (parent 3704) C:\Program Files\Common Files\InstallShield\engine\6\Intel 32\iKernel.exe:
= 02–11–2006 20:41:25 apn–scan(iKernel.exe): 47 microseconds
= 02–11–2006 20:41:25 [3832] ap–scan [156ms]: NO THREAT found in file C:\Program Files\Common Files\InstallShield\engine\6\Intel 32\iKernel.exe
= 02–11–2006 20:41:30 [4012] *** Process: 1252 (parent 3704) C:\WINDOWS\regedit.exe:
= 02–11–2006 20:41:30 apn–scan(regedit.exe): 43 microseconds
= 02–11–2006 20:41:30 [4012] ap–scan [31ms]: NO THREAT found in file C:\WINDOWS\regedit.exe
= 02–11–2006 20:41:37 [2496] *** Process: 2488 (parent 3704) C:\WINDOWS\System32\runonce.exe:
= 02–11–2006 20:41:37 apn–scan(runonce.exe): 48 microseconds
= 02–11–2006 20:41:37 [2496] ap–scan [15ms]: NO THREAT found in file C:\WINDOWS\System32\runonce.exe
= 02–11–2006 20:41:39 [2648] *** Process: 2644 (parent 3704) C:\WINDOWS\system32\ati2sgag.exe:
= 02–11–2006 20:41:39 apn–scan(ati2sgag.exe): 46 microseconds
= 02–11–2006 20:41:39 [2648] ap–scan [125ms]: NO THREAT found in file C:\WINDOWS\system32\ati2sgag.exe
= 02–11–2006 20:41:47 [2808] *** Process: 1716 (parent 3544) D:\ATI\SUPPORT\6–1_xp–2k_dd_ccc_wdm_enu_29602\ACE\setup.exe:
= 02–11–2006 20:41:47 apn–scan(setup.exe): 41 microseconds
= 02–11–2006 20:41:47 [2808] ap–scan [125ms]: NO THREAT found in file D:\ATI\SUPPORT\6–1_xp–2k_dd_ccc_wdm_enu_29602\ACE\setup.exe
= 02–11–2006 20:42:01 [3696] *** Process: 3388 (parent 1716) C:\WINDOWS\system32\MSIEXEC.EXE:
= 02–11–2006 20:42:01 apn–scan(MSIEXEC.EXE): 48 microseconds
= 02–11–2006 20:42:01 [3696] ap–scan [16ms]: NO THREAT found in file C:\WINDOWS\system32\MSIEXEC.EXE
= 02–11–2006 20:42:01 [3476] *** Process: 3468 (parent 1032) C:\WINDOWS\System32\MsiExec.exe:
= 02–11–2006 20:42:01 apn–scan(MsiExec.exe): 47 microseconds
= 02–11–2006 20:42:01 [3476] ap–scan [32ms]: NO THREAT found in file C:\WINDOWS\System32\MsiExec.exe
= 02–11–2006 20:42:01 [1788] *** Process: 1928 (parent 908) C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe:
= 02–11–2006 20:42:01 apn–scan(IDriver.exe): 44 microseconds
= 02–11–2006 20:42:01 [1788] ap–scan [218ms]: NO THREAT found in file C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe
= 02–11–2006 20:42:06 [3540] *** Process: 3872 (parent 1032) C:\WINDOWS\System32\MsiExec.exe:
= 02–11–2006 20:42:06 apn–scan(MsiExec.exe): 47 microseconds
= 02–11–2006 20:42:06 [3540] ap–scan [31ms]: NO THREAT found in file C:\WINDOWS\System32\MsiExec.exe
= 02–11–2006 20:42:19 [852] *** Process: 376 (parent 1032) C:\Program Files\ATI Technologies\ATI.ACE\atishlx.exe:
= 02–11–2006 20:42:19 apn–scan(atishlx.exe): 44 microseconds
= 02–11–2006 20:42:19 [852] ap–scan [31ms]: NO THREAT found in file C:\Program Files\ATI Technologies\ATI.ACE\atishlx.exe
= 02–11–2006 20:42:19 [692] *** Process: 508 (parent 376) C:\WINDOWS\System32\cmd.exe:
= 02–11–2006 20:42:20 apn–scan(cmd.exe): 46 microseconds
= 02–11–2006 20:42:20 [692] ap–scan [297ms]: NO THREAT found in file C:\WINDOWS\System32\cmd.exe
= 02–11–2006 20:42:20 [1196] *** Process: 1096 (parent 508) C:\WINDOWS\regedit.exe:
= 02–11–2006 20:42:20 apn–scan(regedit.exe): 44 microseconds
= 02–11–2006 20:42:20 [1196] ap–scan [63ms]: NO THREAT found in file C:\WINDOWS\regedit.exe
= 02–11–2006 20:42:20 [1300] *** Process: 1904 (parent 508) C:\WINDOWS\regedit.exe:
= 02–11–2006 20:42:20 apn–scan(regedit.exe): 43 microseconds
= 02–11–2006 20:42:20 [1300] ap–scan [94ms]: NO THREAT found in file C:\WINDOWS\regedit.exe
= 02–11–2006 20:42:20 [1500] *** Process: 1376 (parent 508) C:\Program Files\ATI Technologies\ATI.ACE\thunk.exe:
= 02–11–2006 20:42:20 apn–scan(thunk.exe): 44 microseconds
= 02–11–2006 20:42:20 [1500] ap–scan [16ms]: NO THREAT found in file C:\Program Files\ATI Technologies\ATI.ACE\thunk.exe
= 02–11–2006 20:42:20 [1840] *** Process: 1216 (parent 508) C:\Program Files\ATI Technologies\ATI.ACE\thunk.exe:
= 02–11–2006 20:42:20 apn–scan(thunk.exe): 44 microseconds
= 02–11–2006 20:42:20 [1840] ap–scan [31ms]: NO THREAT found in file C:\Program Files\ATI Technologies\ATI.ACE\thunk.exe
= 02–11–2006 20:42:31 [2172] *** Process: 2168 (parent 672) C:\WINDOWS\system32\logonui.exe:
= 02–11–2006 20:42:32 apn–scan(logonui.exe): 48 microseconds
= 02–11–2006 20:42:32 [2172] ap–scan [360ms]: NO THREAT found in file C:\WINDOWS\system32\logonui.exe
********* Spyware Nuker XT Log File **********
– Version: 4.5.40.1560 Build 1560
– Definition Database Date: 1/16/2006 08:36:25 AM (12867 entries)
– OS version: Windows XP 5.1.2600 []
– Default Browser: Opera (C:\Programy\Opera\Opera.exe)
– Browser Versions: IE:6.0.2600.0000;
– User ID: S–1–5–21–1757981266–492894223–682003330–1003
= 02–11–2006 20:43:43 database: 1/16/2006 08:36:25 AM (12867 entries)
= 02–11–2006 20:43:45 2009 exe signatures
= 02–11–2006 20:43:45 52 exe signatures
= 02–11–2006 20:43:49 Scan Locations: "C:\", "D:\"
= 02–11–2006 20:44:01 [1836] *** Process: 1828 (parent 1204) C:\WINDOWS\System32\regedt32.exe:
= 02–11–2006 20:44:01 apn–scan(regedt32.exe): 46 microseconds
= 02–11–2006 20:44:01 [1836] ap–scan [63ms]: NO THREAT found in file C:\WINDOWS\System32\regedt32.exe
= 02–11–2006 20:44:07 [1876] *** Process: 1868 (parent 1616) C:\Program Files\ATI Technologies\ATI.ACE\cli.exe:
= 02–11–2006 20:44:08 apn–scan(cli.exe): 54 microseconds
= 02–11–2006 20:44:08 [1876] ap–scan [937ms]: NO THREAT found in file C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
= 02–11–2006 20:44:08 [1908] *** Process: 1900 (parent 1828) C:\WINDOWS\regedit.exe:
= 02–11–2006 20:44:09 apn–scan(regedit.exe): 48 microseconds
= 02–11–2006 20:44:09 [1908] ap–scan [593ms]: NO THREAT found in file C:\WINDOWS\regedit.exe
= 02–11–2006 20:44:09 [1988] *** Process: 1980 (parent 720) C:\WINDOWS\System32\imapi.exe:
= 02–11–2006 20:44:09 apn–scan(imapi.exe): 46 microseconds
= 02–11–2006 20:44:09 [1988] ap–scan [78ms]: NO THREAT found in file C:\WINDOWS\System32\imapi.exe
= 02–11–2006 20:44:13 [1060] *** Process: 556 (parent 1076) C:\WINDOWS\system32\ati2sgag.exe:
= 02–11–2006 20:44:14 apn–scan(ati2sgag.exe): 48 microseconds
= 02–11–2006 20:44:14 [1060] ap–scan [610ms]: NO THREAT found in file C:\WINDOWS\system32\ati2sgag.exe
= 02–11–2006 20:44:24 [2148] *** Process: 2140 (parent 932) C:\WINDOWS\System32\wbem\wmiprvse.exe:
= 02–11–2006 20:44:24 apn–scan(wmiprvse.exe): 55 microseconds
= 02–11–2006 20:44:24 [2148] ap–scan [78ms]: NO THREAT found in file C:\WINDOWS\System32\wbem\wmiprvse.exe
= 02–11–2006 20:44:24 [2172] *** Process: 2164 (parent 720) C:\WINDOWS\System32\wbem\wmiapsrv.exe:
= 02–11–2006 20:44:24 apn–scan(wmiapsrv.exe): 48 microseconds
= 02–11–2006 20:44:24 [2172] ap–scan [62ms]: NO THREAT found in file C:\WINDOWS\System32\wbem\wmiapsrv.exe
= 02–11–2006 20:44:28 [2448] *** Process: 2440 (parent 1528) C:\Program Files\ATI Technologies\ATI.ACE\cli.exe:
= 02–11–2006 20:44:28 apn–scan(cli.exe): 46 microseconds
= 02–11–2006 20:44:28 [2448] ap–scan [47ms]: NO THREAT found in file C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
= 02–11–2006 20:44:33 [2864] *** Process: 2856 (parent 428) C:\Program Files\ATI Technologies\ATI.ACE\cli.exe:
= 02–11–2006 20:44:33 apn–scan(cli.exe): 50 microseconds
= 02–11–2006 20:44:33 [2864] ap–scan [31ms]: NO THREAT found in file C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
= 02–11–2006 20:44:33 [2888] *** Process: 2880 (parent 428) C:\Program Files\ATI Technologies\ATI.ACE\cli.exe:
= 02–11–2006 20:44:34 apn–scan(cli.exe): 46 microseconds
= 02–11–2006 20:44:34 [2888] ap–scan [63ms]: NO THREAT found in file C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
= 02–11–2006 20:44:34 [2936] *** Process: 2928 (parent 428) C:\Program Files\ATI Technologies\ATI.ACE\cli.exe:
= 02–11–2006 20:44:34 apn–scan(cli.exe): 46 microseconds
= 02–11–2006 20:44:34 [2936] ap–scan [78ms]: NO THREAT found in file C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
= 02–11–2006 20:44:45 [3408] *** Process: 3400 (parent 2880) C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe:
= 02–11–2006 20:44:45 apn–scan(CLI.exe): 52 microseconds
= 02–11–2006 20:44:45 [3408] ap–scan [93ms]: NO THREAT found in file C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
= 02–11–2006 20:44:45 [3532] *** Process: 3524 (parent 720) C:\WINDOWS\System32\wbem\wmiapsrv.exe:
= 02–11–2006 20:44:45 apn–scan(wmiapsrv.exe): 48 microseconds
= 02–11–2006 20:44:45 [3532] ap–scan [31ms]: NO THREAT found in file C:\WINDOWS\System32\wbem\wmiapsrv.exe
= 02–11–2006 20:44:46 [3628] *** Process: 3620 (parent 720) C:\WINDOWS\System32\wbem\wmiapsrv.exe:
= 02–11–2006 20:44:46 apn–scan(wmiapsrv.exe): 48 microseconds
= 02–11–2006 20:44:46 [3628] ap–scan [31ms]: NO THREAT found in file C:\WINDOWS\System32\wbem\wmiapsrv.exe
= 02–11–2006 20:45:08 [244] *** Process: 1456 (parent 2880) C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe:
= 02–11–2006 20:45:08 apn–scan(CLI.exe): 46 microseconds
= 02–11–2006 20:45:08 [244] ap–scan [31ms]: NO THREAT found in file C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
= 02–11–2006 20:45:11 [1428] *** Process: 1500 (parent 1616) C:\WINDOWS\system32\rundll32.exe:
= 02–11–2006 20:45:11 apn–scan(rundll32.exe): 48 microseconds
= 02–11–2006 20:45:11 [1428] ap–scan [16ms]: NO THREAT found in file C:\WINDOWS\system32\rundll32.exe
= 02–11–2006 20:45:28 [3872] *** Process: 3864 (parent 1528) C:\Program Files\ATI Technologies\ATI.ACE\cli.exe:
= 02–11–2006 20:45:28 apn–scan(cli.exe): 47 microseconds
= 02–11–2006 20:45:28 [3872] ap–scan [31ms]: NO THREAT found in file C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
= 02–11–2006 20:45:45 [2260] *** Process: 3040 (parent 2880) D:\ATI\SUPPORT\Hydrovision\HydraCPL.exe:
= 02–11–2006 20:45:45 apn–scan(HydraCPL.exe): 35 microseconds
= 02–11–2006 20:45:45 [2260] ap–scan [63ms]: NO THREAT found in file D:\ATI\SUPPORT\Hydrovision\HydraCPL.exe
= 02–11–2006 20:46:01 [2292] *** Process: 2252 (parent 1616) C:\WINDOWS\system32\rundll32.exe:
= 02–11–2006 20:46:01 apn–scan(rundll32.exe): 48 microseconds
= 02–11–2006 20:46:01 [2292] ap–scan [16ms]: NO THREAT found in file C:\WINDOWS\system32\rundll32.exe
= 02–11–2006 20:46:07 [3724] *** Process: 3708 (parent 1528) C:\Program Files\ATI Technologies\ATI.ACE\cli.exe:
= 02–11–2006 20:46:07 apn–scan(cli.exe): 50 microseconds
= 02–11–2006 20:46:07 [3724] ap–scan [31ms]: NO THREAT found in file C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
= 02–11–2006 20:46:14 [3956] *** Process: 540 (parent 1528) C:\Program Files\ATI Technologies\ATI.ACE\cli.exe:
= 02–11–2006 20:46:14 apn–scan(cli.exe): 48 microseconds
= 02–11–2006 20:46:14 [3956] ap–scan [31ms]: NO THREAT found in file C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
= 02–11–2006 20:46:21 [560] *** Process: 1192 (parent 1616) C:\WINDOWS\system32\rundll32.exe:
= 02–11–2006 20:46:21 apn–scan(rundll32.exe): 50 microseconds
= 02–11–2006 20:46:21 [560] ap–scan [15ms]: NO THREAT found in file C:\WINDOWS\system32\rundll32.exe
= 02–11–2006 20:46:27 [548] *** Process: 3280 (parent 1192) C:\WINDOWS\System32\logon.scr:
= 02–11–2006 20:46:27 apn–scan(logon.scr): 46 microseconds
= 02–11–2006 20:46:27 [548] ap–scan [47ms]: NO THREAT found in file C:\WINDOWS\System32\logon.scr
= 02–11–2006 20:47:22 [496] *** Process: 1840 (parent 984) C:\WINDOWS\System32\rundll32.exe:
= 02–11–2006 20:47:22 apn–scan(rundll32.exe): 46 microseconds
= 02–11–2006 20:47:22 [496] ap–scan [47ms]: NO THREAT found in file C:\WINDOWS\System32\rundll32.exe
= 02–11–2006 20:47:22 [1964] *** Process: 2044 (parent 720) C:\WINDOWS\System32\imapi.exe:
= 02–11–2006 20:47:22 apn–scan(imapi.exe): 47 microseconds
= 02–11–2006 20:47:22 [1964] ap–scan [47ms]: NO THREAT found in file C:\WINDOWS\System32\imapi.exe
= 02–11–2006 20:48:05 [3344] *** Process: 3336 (parent 2880) C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe:
= 02–11–2006 20:48:05 apn–scan(CLI.exe): 46 microseconds
= 02–11–2006 20:48:05 [3344] ap–scan [32ms]: NO THREAT found in file C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
= 02–11–2006 20:48:09 [3584] *** Process: 3572 (parent 932) C:\WINDOWS\System32\wbem\wmiprvse.exe:
= 02–11–2006 20:48:09 apn–scan(wmiprvse.exe): 47 microseconds
= 02–11–2006 20:48:09 [3584] ap–scan [62ms]: NO THREAT found in file C:\WINDOWS\System32\wbem\wmiprvse.exe
= 02–11–2006 20:49:11 [444] *** Process: 3188 (parent 1192) C:\WINDOWS\system32\runonce.exe:
= 02–11–2006 20:49:11 apn–scan(runonce.exe): 48 microseconds
= 02–11–2006 20:49:11 [444] ap–scan [0ms]: NO THREAT found in file C:\WINDOWS\system32\runonce.exe
= 02–11–2006 20:49:44 [4072] *** Process: 2020 (parent 1192) C:\PROGRAM FILES\ATI TECHNOLOGIES\ATI.ACE\cli.exe:
= 02–11–2006 20:49:44 apn–scan(cli.exe): 48 microseconds
= 02–11–2006 20:49:44 [4072] ap–scan [47ms]: NO THREAT found in file C:\PROGRAM FILES\ATI TECHNOLOGIES\ATI.ACE\cli.exe
= 02–11–2006 20:49:47 [4000] *** Process: 3988 (parent 932) C:\WINDOWS\System32\wbem\wmiprvse.exe:
= 02–11–2006 20:49:47 apn–scan(wmiprvse.exe): 48 microseconds
= 02–11–2006 20:49:47 [4000] ap–scan [47ms]: NO THREAT found in file C:\WINDOWS\System32\wbem\wmiprvse.exe
= 02–11–2006 20:50:12 [2244] *** Process: 2232 (parent 1616) D:\Odebrane pliki\Ati sterownik redeon\6–1_xp–2k_dd_ccc_wdm_enu_29602_redeon .exe:
= 02–11–2006 20:50:13 apn–scan(6–1_xp–2k_dd_ccc_wdm_enu_29602_redeon .exe): 37 microseconds
= 02–11–2006 20:50:13 [2244] ap–scan [94ms]: NO THREAT found in file D:\Odebrane pliki\Ati sterownik redeon\6–1_xp–2k_dd_ccc_wdm_enu_29602_redeon .exe
= 02–11–2006 20:50:41 [3360] *** Process: 3344 (parent 2232) D:\ATI\SUPPORT\6–1_xp–2k_dd_ccc_wdm_enu_29602\setup.exe:
= 02–11–2006 20:50:41 apn–scan(setup.exe): 35 microseconds
= 02–11–2006 20:50:41 [3360] ap–scan [62ms]: NO THREAT found in file D:\ATI\SUPPORT\6–1_xp–2k_dd_ccc_wdm_enu_29602\setup.exe
= 02–11–2006 20:50:42 [3788] *** Process: 2112 (parent 3344) D:\ATI\SUPPORT\6–1_xp–2k_dd_ccc_wdm_enu_29602\issetup.exe:
= 02–11–2006 20:50:42 apn–scan(issetup.exe): 36 microseconds
= 02–11–2006 20:50:42 [3788] ap–scan [62ms]: NO THREAT found in file D:\ATI\SUPPORT\6–1_xp–2k_dd_ccc_wdm_enu_29602\issetup.exe
= 02–11–2006 20:50:42 [2084] *** Process: 1956 (parent 2112) C:\Program Files\Common Files\InstallShield\engine\6\Intel 32\IKernel.exe:
= 02–11–2006 20:50:42 apn–scan(IKernel.exe): 49 microseconds
= 02–11–2006 20:50:42 [2084] ap–scan [156ms]: NO THREAT found in file C:\Program Files\Common Files\InstallShield\engine\6\Intel 32\IKernel.exe
= 02–11–2006 20:50:43 [3624] *** Process: 3584 (parent 932) C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\IKernel.exe:
= 02–11–2006 20:50:43 apn–scan(IKernel.exe): 45 microseconds
= 02–11–2006 20:50:43 [3624] ap–scan [172ms]: NO THREAT found in file C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\IKernel.exe
= 02–11–2006 20:50:43 [3684] *** Process: 3676 (parent 3584) C:\Program Files\Common Files\InstallShield\engine\6\Intel 32\iKernel.exe:
= 02–11–2006 20:50:43 apn–scan(iKernel.exe): 49 microseconds
= 02–11–2006 20:50:43 [3684] ap–scan [157ms]: NO THREAT found in file C:\Program Files\Common Files\InstallShield\engine\6\Intel 32\iKernel.exe
= 02–11–2006 20:51:04 [1492] *** Process: 1640 (parent 3584) D:\ATI\SUPPORT\6–1_xp–2k_dd_ccc_wdm_enu_29602\AtiCim.bin:
= 02–11–2006 20:51:04 apn–scan(AtiCim.bin): 35 microseconds
= 02–11–2006 20:51:04 [1492] ap–scan [31ms]: NO THREAT found in file D:\ATI\SUPPORT\6–1_xp–2k_dd_ccc_wdm_enu_29602\AtiCim.bin
= 02–11–2006 20:51:05 [3520] *** Process: 3768 (parent 1640) D:\ATI\SUPPORT\6–1_xp–2k_dd_ccc_wdm_enu_29602\Driver\setup.exe:
= 02–11–2006 20:51:05 apn–scan(setup.exe): 38 microseconds
= 02–11–2006 20:51:05 [3520] ap–scan [16ms]: NO THREAT found in file D:\ATI\SUPPORT\6–1_xp–2k_dd_ccc_wdm_enu_29602\Driver\setup.exe
= 02–11–2006 20:51:06 [1884] *** Process: 2104 (parent 3768) C:\Program Files\Common Files\InstallShield\engine\6\Intel 32\IKernel.exe:
= 02–11–2006 20:51:06 apn–scan(IKernel.exe): 47 microseconds
= 02–11–2006 20:51:06 [1884] ap–scan [157ms]: NO THREAT found in file C:\Program Files\Common Files\InstallShield\engine\6\Intel 32\IKernel.exe
= 02–11–2006 20:51:06 [2184] *** Process: 2180 (parent 932) C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\IKernel.exe:
= 02–11–2006 20:51:06 apn–scan(IKernel.exe): 45 microseconds
= 02–11–2006 20:51:06 [2184] ap–scan [156ms]: NO THREAT found in file C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\IKernel.exe
= 02–11–2006 20:51:06 [2292] *** Process: 2244 (parent 2180) C:\Program Files\Common Files\InstallShield\engine\6\Intel 32\iKernel.exe:
= 02–11–2006 20:51:06 apn–scan(iKernel.exe): 49 microseconds
= 02–11–2006 20:51:06 [2292] ap–scan [156ms]: NO THREAT found in file C:\Program Files\Common Files\InstallShield\engine\6\Intel 32\iKernel.exe
= 02–11–2006 20:51:10 [2432] *** Process: 2760 (parent 2180) C:\WINDOWS\regedit.exe:
= 02–11–2006 20:51:10 apn–scan(regedit.exe): 43 microseconds
= 02–11–2006 20:51:10 [2432] ap–scan [31ms]: NO THREAT found in file C:\WINDOWS\regedit.exe
= 02–11–2006 20:51:16 [3100] *** Process: 3088 (parent 2180) C:\WINDOWS\System32\runonce.exe:
= 02–11–2006 20:51:16 apn–scan(runonce.exe): 48 microseconds
= 02–11–2006 20:51:16 [3100] ap–scan [16ms]: NO THREAT found in file C:\WINDOWS\System32\runonce.exe
= 02–11–2006 20:51:18 [992] *** Process: 1556 (parent 2180) C:\WINDOWS\system32\ati2sgag.exe:
= 02–11–2006 20:51:18 apn–scan(ati2sgag.exe): 47 microseconds
= 02–11–2006 20:51:18 [992] ap–scan [125ms]: NO THREAT found in file C:\WINDOWS\system32\ati2sgag.exe
= 02–11–2006 20:51:25 [3632] *** Process: 3640 (parent 1640) D:\ATI\SUPPORT\6–1_xp–2k_dd_ccc_wdm_enu_29602\ACE\setup.exe:
= 02–11–2006 20:51:26 apn–scan(setup.exe): 40 microseconds
= 02–11–2006 20:51:26 [3632] ap–scan [125ms]: NO THREAT found in file D:\ATI\SUPPORT\6–1_xp–2k_dd_ccc_wdm_enu_29602\ACE\setup.exe
= 02–11–2006 20:51:29 [3588] *** Process: 3532 (parent 720) C:\WINDOWS\System32\msiexec.exe:
= 02–11–2006 20:51:29 apn–scan(msiexec.exe): 45 microseconds
= 02–11–2006 20:51:29 [3588] ap–scan [15ms]: NO THREAT found in file C:\WINDOWS\System32\msiexec.exe
= 02–11–2006 20:51:32 [2024] *** Process: 3636 (parent 3640) C:\WINDOWS\system32\MSIEXEC.EXE:
= 02–11–2006 20:51:32 apn–scan(MSIEXEC.EXE): 47 microseconds
= 02–11–2006 20:51:32 [2024] ap–scan [32ms]: NO THREAT found in file C:\WINDOWS\system32\MSIEXEC.EXE
= 02–11–2006 20:51:32 [848] *** Process: 4000 (parent 3532) C:\WINDOWS\System32\MsiExec.exe:
= 02–11–2006 20:51:32 apn–scan(MsiExec.exe): 46 microseconds
= 02–11–2006 20:51:32 [848] ap–scan [31ms]: NO THREAT found in file C:\WINDOWS\System32\MsiExec.exe
= 02–11–2006 20:51:32 [212] *** Process: 796 (parent 932) C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe:
= 02–11–2006 20:51:32 apn–scan(IDriver.exe): 45 microseconds
= 02–11–2006 20:51:32 [212] ap–scan [188ms]: NO THREAT found in file C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe
= 02–11–2006 20:51:38 [216] *** Process: 3500 (parent 3532) C:\WINDOWS\System32\MsiExec.exe:
= 02–11–2006 20:51:38 apn–scan(MsiExec.exe): 49 microseconds
= 02–11–2006 20:51:38 [216] ap–scan [31ms]: NO THREAT found in file C:\WINDOWS\System32\MsiExec.exe
= 02–11–2006 20:51:38 [4080] *** Process: 2332 (parent 3532) C:\WINDOWS\Installer\MSI1F.tmp:
= 02–11–2006 20:51:38 apn–scan(MSI1F.tmp): 46 microseconds
= 02–11–2006 20:51:38 [4080] ap–scan [16ms]: NO THREAT found in file C:\WINDOWS\Installer\MSI1F.tmp
= 02–11–2006 20:52:50 [292] *** Process: 4012 (parent 1616) D:\Odebrane pliki\Ati sterownik redeon\6–1_ccc_pl_29602.exe:
= 02–11–2006 20:52:50 apn–scan(6–1_ccc_pl_29602.exe): 39 microseconds
= 02–11–2006 20:52:50 [292] ap–scan [78ms]: NO THREAT found in file D:\Odebrane pliki\Ati sterownik redeon\6–1_ccc_pl_29602.exe
= 02–11–2006 20:53:08 [1524] *** Process: 1756 (parent 4012) D:\ATI\SUPPORT\6–1_ccc_pl_29602\setup.exe:
= 02–11–2006 20:53:09 apn–scan(setup.exe): 36 microseconds
= 02–11–2006 20:53:09 [1524] ap–scan [125ms]: NO THREAT found in file D:\ATI\SUPPORT\6–1_ccc_pl_29602\setup.exe
= 02–11–2006 20:53:13 [3152] *** Process: 2072 (parent 1756) C:\WINDOWS\System32\MSIEXEC.EXE:
= 02–11–2006 20:53:13 apn–scan(MSIEXEC.EXE): 46 microseconds
= 02–11–2006 20:53:13 [3152] ap–scan [31ms]: NO THREAT found in file C:\WINDOWS\System32\MSIEXEC.EXE
= 02–11–2006 20:53:14 [3884] *** Process: 300 (parent 3532) C:\WINDOWS\System32\MsiExec.exe:
= 02–11–2006 20:53:14 apn–scan(MsiExec.exe): 47 microseconds
= 02–11–2006 20:53:14 [3884] ap–scan [32ms]: NO THREAT found in file C:\WINDOWS\System32\MsiExec.exe
= 02–11–2006 20:53:14 [160] *** Process: 3716 (parent 932) C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe:
= 02–11–2006 20:53:14 apn–scan(IDriver.exe): 44 microseconds
= 02–11–2006 20:53:14 [160] ap–scan [203ms]: NO THREAT found in file C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe
= 02–11–2006 20:53:27 [3884] *** Process: 2324 (parent 3532) C:\WINDOWS\System32\MsiExec.exe:
= 02–11–2006 20:53:27 apn–scan(MsiExec.exe): 46 microseconds
= 02–11–2006 20:53:27 [3884] ap–scan [16ms]: NO THREAT found in file C:\WINDOWS\System32\MsiExec.exe
= 02–11–2006 20:53:31 [2184] *** Process: 2200 (parent 932) C:\WINDOWS\System32\wbem\wmiprvse.exe:
= 02–11–2006 20:53:31 apn–scan(wmiprvse.exe): 48 microseconds
= 02–11–2006 20:53:31 [2184] ap–scan [46ms]: NO THREAT found in file C:\WINDOWS\System32\wbem\wmiprvse.exe
= 02–11–2006 20:53:31 [3516] *** Process: 1816 (parent 932) C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe:
= 02–11–2006 20:53:31 apn–scan(IDriver.exe): 46 microseconds
= 02–11–2006 20:53:31 [3516] ap–scan [188ms]: NO THREAT found in file C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe
= 02–11–2006 20:53:40 [2688] *** Process: 2076 (parent 1204) C:\WINDOWS\System32\regedt32.exe:
= 02–11–2006 20:53:40 apn–scan(regedt32.exe): 48 microseconds
= 02–11–2006 20:53:40 [2688] ap–scan [16ms]: NO THREAT found in file C:\WINDOWS\System32\regedt32.exe
= 02–11–2006 20:53:40 [2740] *** Process: 2732 (parent 2076) C:\WINDOWS\regedit.exe:
= 02–11–2006 20:53:40 apn–scan(regedit.exe): 46 microseconds
= 02–11–2006 20:53:40 [2740] ap–scan [156ms]: NO THREAT found in file C:\WINDOWS\regedit.exe
= 02–11–2006 20:53:48 [476] *** Process: 3272 (parent 3532) C:\WINDOWS\System32\MsiExec.exe:
= 02–11–2006 20:53:48 apn–scan(MsiExec.exe): 47 microseconds
= 02–11–2006 20:53:48 [476] ap–scan [31ms]: NO THREAT found in file C:\WINDOWS\System32\MsiExec.exe
= 02–11–2006 20:54:10 [2980] *** Process: 3856 (parent 3532) C:\WINDOWS\Installer\MSI436.tmp:
= 02–11–2006 20:54:10 apn–scan(MSI436.tmp): 46 microseconds
= 02–11–2006 20:54:10 [2980] ap–scan [31ms]: NO THREAT found in file C:\WINDOWS\Installer\MSI436.tmp
= 02–11–2006 20:54:36 [2940] *** Process: 2912 (parent 3532) C:\Program Files\ATI Technologies\ATI.ACE\atishlx.exe:
= 02–11–2006 20:54:36 apn–scan(atishlx.exe): 52 microseconds
= 02–11–2006 20:54:36 [2940] ap–scan [31ms]: NO THREAT found in file C:\Program Files\ATI Technologies\ATI.ACE\atishlx.exe
= 02–11–2006 20:54:36 [3044] *** Process: 2764 (parent 2912) C:\WINDOWS\System32\cmd.exe:
= 02–11–2006 20:54:36 apn–scan(cmd.exe): 48 microseconds
= 02–11–2006 20:54:36 [3044] ap–scan [360ms]: NO THREAT found in file C:\WINDOWS\System32\cmd.exe
= 02–11–2006 20:54:37 [3120] *** Process: 2276 (parent 2764) C:\WINDOWS\regedit.exe:
= 02–11–2006 20:54:37 apn–scan(regedit.exe): 45 microseconds
= 02–11–2006 20:54:37 [3120] ap–scan [47ms]: NO THREAT found in file C:\WINDOWS\regedit.exe
= 02–11–2006 20:54:37 [3132] *** Process: 2120 (parent 2764) C:\WINDOWS\regedit.exe:
= 02–11–2006 20:54:37 apn–scan(regedit.exe): 54 microseconds
= 02–11–2006 20:54:37 [3132] ap–scan [47ms]: NO THREAT found in file C:\WINDOWS\regedit.exe
= 02–11–2006 20:54:37 [3184] *** Process: 3156 (parent 2764) C:\Program Files\ATI Technologies\ATI.ACE\thunk.exe:
= 02–11–2006 20:54:37 apn–scan(thunk.exe): 45 microseconds
= 02–11–2006 20:54:37 [3184] ap–scan [31ms]: NO THREAT found in file C:\Program Files\ATI Technologies\ATI.ACE\thunk.exe
= 02–11–2006 20:54:37 [3208] *** Process: 444 (parent 2764) C:\Program Files\ATI Technologies\ATI.ACE\thunk.exe:
= 02–11–2006 20:54:37 apn–scan(thunk.exe): 45 microseconds
= 02–11–2006 20:54:37 [3208] ap–scan [15ms]: NO THREAT found in file C:\Program Files\ATI Technologies\ATI.ACE\thunk.exe
= 02–11–2006 20:54:52 [3492] *** Process: 3420 (parent 676) C:\WINDOWS\system32\logonui.exe:
= 02–11–2006 20:54:52 apn–scan(logonui.exe): 49 microseconds
= 02–11–2006 20:54:52 [3492] ap–scan [78ms]: NO THREAT found in file C:\WINDOWS\system32\logonui.exe
********* Spyware Nuker XT Log File **********
– Version: 4.5.40.1560 Build 1560
– Definition Database Date: 1/16/2006 08:36:25 AM (12867 entries)
– OS version: Windows XP 5.1.2600 []
– Default Browser: Opera (C:\Programy\Opera\Opera.exe)
– Browser Versions: IE:6.0.2600.0000;
– User ID: S–1–5–21–1757981266–492894223–682003330–1003
= 02–11–2006 20:56:19 database: 1/16/2006 08:36:25 AM (12867 entries)
= 02–11–2006 20:56:20 2009 exe signatures
= 02–11–2006 20:56:20 52 exe signatures
= 02–11–2006 20:56:21 Scan Locations: "C:\", "D:\"
= 02–11–2006 20:56:26 [1240] *** Process: 1232 (parent 720) C:\WINDOWS\system32\ati2sgag.exe:
= 02–11–2006 20:56:26 apn–scan(ati2sgag.exe): 48 microseconds
= 02–11–2006 20:56:26 [1240] ap–scan [156ms]: NO THREAT found in file C:\WINDOWS\system32\ati2sgag.exe
= 02–11–2006 20:56:26 [1388] *** Process: 1380 (parent 720) C:\Program Files\Eset\nod32krn.exe:
= 02–11–2006 20:56:28 apn–scan(nod32krn.exe): 53 microseconds
= 02–11–2006 20:56:28 [1388] ap–scan [2375ms]: NO THREAT found in file C:\Program Files\Eset\nod32krn.exe
= 02–11–2006 20:56:29 [1548] *** Process: 1536 (parent 720) C:\Programy\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe:
= 02–11–2006 20:56:29 apn–scan(StarWindService.exe): 46 microseconds
= 02–11–2006 20:56:29 [1548] ap–scan [546ms]: NO THREAT found in file C:\Programy\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
= 02–11–2006 20:56:37 [2024] *** Process: 2016 (parent 1380) C:\WINDOWS\System32\regedt32.exe:
= 02–11–2006 20:56:38 apn–scan(regedt32.exe): 50 microseconds
= 02–11–2006 20:56:38 [2024] ap–scan [860ms]: NO THREAT found in file C:\WINDOWS\System32\regedt32.exe
= 02–11–2006 20:56:38 [220] *** Process: 212 (parent 720) C:\WINDOWS\System32\imapi.exe:
= 02–11–2006 20:56:39 apn–scan(imapi.exe): 50 microseconds
= 02–11–2006 20:56:39 [220] ap–scan [1093ms]: NO THREAT found in file C:\WINDOWS\System32\imapi.exe
= 02–11–2006 20:56:41 [440] *** Process: 1080 (parent 1232) C:\WINDOWS\system32\ati2sgag.exe:
= 02–11–2006 20:56:41 [460] *** Process: 452 (parent 720) C:\WINDOWS\System32\wbem\wmiapsrv.exe:
= 02–11–2006 20:56:41 apn–scan(ati2sgag.exe): 48 microseconds
= 02–11–2006 20:56:41 [528] *** Process: 508 (parent 2016) C:\WINDOWS\regedit.exe:
= 02–11–2006 20:56:41 apn–scan(wmiapsrv.exe): 50 microseconds
= 02–11–2006 20:56:41 [440] ap–scan [407ms]: NO THREAT found in file C:\WINDOWS\system32\ati2sgag.exe
= 02–11–2006 20:56:41 apn–scan(regedit.exe): 47 microseconds
= 02–11–2006 20:56:42 [460] ap–scan [203ms]: NO THREAT found in file C:\WINDOWS\System32\wbem\wmiapsrv.exe
= 02–11–2006 20:56:42 [528] ap–scan [500ms]: NO THREAT found in file C:\WINDOWS\regedit.exe
= 02–11–2006 20:56:48 [1212] *** Process: 1144 (parent 1528) C:\Program Files\ATI Technologies\ATI.ACE\cli.exe:
= 02–11–2006 20:56:48 apn–scan(cli.exe): 50 microseconds
= 02–11–2006 20:56:48 [1212] ap–scan [328ms]: NO THREAT found in file C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
= 02–11–2006 20:56:49 [1880] *** Process: 1376 (parent 932) C:\WINDOWS\System32\wbem\wmiprvse.exe:
= 02–11–2006 20:56:50 apn–scan(wmiprvse.exe): 55 microseconds
= 02–11–2006 20:56:50 [1880] ap–scan [141ms]: NO THREAT found in file C:\WINDOWS\System32\wbem\wmiprvse.exe
= 02–11–2006 20:56:51 [2184] *** Process: 2176 (parent 1528) C:\Program Files\ATI Technologies\ATI.ACE\cli.exe:
= 02–11–2006 20:56:51 apn–scan(cli.exe): 49 microseconds
= 02–11–2006 20:56:51 [2184] ap–scan [94ms]: NO THREAT found in file C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
= 02–11–2006 20:56:54 [2404] *** Process: 2396 (parent 1528) C:\Program Files\ATI Technologies\ATI.ACE\cli.exe:
= 02–11–2006 20:56:54 apn–scan(cli.exe): 47 microseconds
= 02–11–2006 20:56:54 [2404] ap–scan [47ms]: NO THREAT found in file C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
= 02–11–2006 20:56:59 [2676] *** Process: 2668 (parent 376) C:\Program Files\ATI Technologies\ATI.ACE\cli.exe:
= 02–11–2006 20:56:59 apn–scan(cli.exe): 44 microseconds
= 02–11–2006 20:56:59 [2676] ap–scan [31ms]: NO THREAT found in file C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
= 02–11–2006 20:56:59 [2700] *** Process: 2692 (parent 376) C:\Program Files\ATI Technologies\ATI.ACE\cli.exe:
= 02–11–2006 20:56:59 apn–scan(cli.exe): 46 microseconds
= 02–11–2006 20:56:59 [2700] ap–scan [110ms]: NO THREAT found in file C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
= 02–11–2006 20:56:59 [2736] *** Process: 2728 (parent 376) C:\Program Files\ATI Technologies\ATI.ACE\cli.exe:
= 02–11–2006 20:56:59 apn–scan(cli.exe): 46 microseconds
= 02–11–2006 20:56:59 [2736] ap–scan [62ms]: NO THREAT found in file C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
= 02–11–2006 20:57:08 [3076] *** Process: 3068 (parent 2692) C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe:
= 02–11–2006 20:57:08 apn–scan(CLI.exe): 50 microseconds
= 02–11–2006 20:57:08 [3076] ap–scan [32ms]: NO THREAT found in file C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
= 02–11–2006 20:57:11 [3248] *** Process: 3240 (parent 720) C:\WINDOWS\System32\wbem\wmiapsrv.exe:
= 02–11–2006 20:57:11 apn–scan(wmiapsrv.exe): 49 microseconds
= 02–11–2006 20:57:11 [3248] ap–scan [62ms]: NO THREAT found in file C:\WINDOWS\System32\wbem\wmiapsrv.exe
= 02–11–2006 20:57:11 [3336] *** Process: 3328 (parent 720) C:\WINDOWS\System32\wbem\wmiapsrv.exe:
= 02–11–2006 20:57:11 apn–scan(wmiapsrv.exe): 49 microseconds
= 02–11–2006 20:57:11 [3336] ap–scan [32ms]: NO THREAT found in file C:\WINDOWS\System32\wbem\wmiapsrv.exe
= 02–11–2006 20:57:42 [468] *** Process: 1180 (parent 1528) C:\Program Files\ATI Technologies\ATI.ACE\cli.exe:
= 02–11–2006 20:57:42 apn–scan(cli.exe): 46 microseconds
= 02–11–2006 20:57:42 [468] ap–scan [32ms]: NO THREAT found in file C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
= 02–11–2006 20:59:45 [1192] *** Process: 1656 (parent 1648) C:\Programy\WinRAR\WinRAR.exe:
= 02–11–2006 20:59:46 apn–scan(WinRAR.exe): 42 microseconds
= 02–11–2006 20:59:46 [1192] ap–scan [265ms]: NO THREAT found in file C:\Programy\WinRAR\WinRAR.exe
= 02–11–2006 20:59:50 [2420] *** Process: 2416 (parent 1656) C:\DOCUME~1\Deus\USTAWI~1\Temp\Rar$EX00.859\Crack.eXe:
= 02–11–2006 20:59:50 apn–scan(Crack.eXe): 43 microseconds
= 02–11–2006 20:59:50 [2420] ap–scan [16ms]: NO THREAT found in file C:\DOCUME~1\Deus\USTAWI~1\Temp\Rar$EX00.859\Crack.eXe
= 02–11–2006 21:00:05 [224] *** Process: 2436 (parent 1648) C:\Programy\WinRAR\WinRAR.exe:
= 02–11–2006 21:00:06 apn–scan(WinRAR.exe): 42 microseconds
= 02–11–2006 21:00:06 [224] ap–scan [234ms]: NO THREAT found in file C:\Programy\WinRAR\WinRAR.exe
= 02–11–2006 21:00:17 [440] *** Process: 2876 (parent 1648) D:\P2P\eMule plus\Incoming\Spyware.Nuker.XT.v4.5.40.1560.incl.crack.TBE.by.ChingLiu\Crack.eXe:
= 02–11–2006 21:00:17 apn–scan(Crack.eXe): 41 microseconds
= 02–11–2006 21:00:17 [440] ap–scan [0ms]: NO THREAT found in file D:\P2P\eMule plus\Incoming\Spyware.Nuker.XT.v4.5.40.1560.incl.crack.TBE.by.ChingLiu\Crack.eXe
= 02–11–2006 21:00:21 [2964] *** Process: 1552 (parent 1648) D:\P2P\eMule plus\Incoming\Spyware.Nuker.XT.v4.5.40.1560.incl.crack.TBE.by.ChingLiu\Crack.eXe:
= 02–11–2006 21:00:21 apn–scan(Crack.eXe): 37 microseconds
= 02–11–2006 21:00:21 [2964] ap–scan [0ms]: NO THREAT found in file D:\P2P\eMule plus\Incoming\Spyware.Nuker.XT.v4.5.40.1560.incl.crack.TBE.by.ChingLiu\Crack.eXe
= 02–11–2006 21:01:08 [3804] *** Process: 3800 (parent 1648) D:\Antivirusy\Spyware Nuker\Crack.eXe:
= 02–11–2006 21:01:09 apn–scan(Crack.eXe): 37 microseconds
= 02–11–2006 21:01:09 [3804] ap–scan [15ms]: NO THREAT found in file D:\Antivirusy\Spyware Nuker\Crack.eXe
= 02–11–2006 21:03:11 [2652] *** Process: 3828 (parent 1648) D:\P2P\Ares\Ares.exe:
= 02–11–2006 21:03:12 apn–scan(Ares.exe): 34 microseconds
= 02–11–2006 21:03:12 [2652] ap–scan [187ms]: NO THREAT found in file D:\P2P\Ares\Ares.exe
= 02–11–2006 21:04:06 [2632] *** Process: 2624 (parent 332) C:\Odtwarzacze\Winamp\winamp.exe:
= 02–11–2006 21:04:06 apn–scan(winamp.exe): 41 microseconds
= 02–11–2006 21:04:06 [2632] ap–scan [735ms]: NO THREAT found in file C:\Odtwarzacze\Winamp\winamp.exe
= 02–11–2006 21:04:07 [2684] *** Process: 2808 (parent 332) C:\Odtwarzacze\Winamp\winamp.exe:
= 02–11–2006 21:04:07 apn–scan(winamp.exe): 44 microseconds
= 02–11–2006 21:04:07 [2684] ap–scan [360ms]: NO THREAT found in file C:\Odtwarzacze\Winamp\winamp.exe
= 02–11–2006 21:04:07 [2736] *** Process: 2752 (parent 332) C:\Odtwarzacze\Winamp\winamp.exe:
= 02–11–2006 21:04:07 apn–scan(winamp.exe): 41 microseconds
= 02–11–2006 21:04:07 [2736] ap–scan [359ms]: NO THREAT found in file C:\Odtwarzacze\Winamp\winamp.exe
= 02–11–2006 21:04:07 [2608] *** Process: 2800 (parent 332) C:\Odtwarzacze\Winamp\winamp.exe:
= 02–11–2006 21:04:08 apn–scan(winamp.exe): 40 microseconds
= 02–11–2006 21:04:08 [2608] ap–scan [391ms]: NO THREAT found in file C:\Odtwarzacze\Winamp\winamp.exe
= 02–11–2006 21:04:08 [2524] *** Process: 2512 (parent 332) C:\Odtwarzacze\Winamp\winamp.exe:
= 02–11–2006 21:04:08 apn–scan(winamp.exe): 41 microseconds
= 02–11–2006 21:04:08 [2524] ap–scan [344ms]: NO THREAT found in file C:\Odtwarzacze\Winamp\winamp.exe
= 02–11–2006 21:04:08 [436] *** Process: 2852 (parent 332) C:\Odtwarzacze\Winamp\winamp.exe:
= 02–11–2006 21:04:08 apn–scan(winamp.exe): 44 microseconds
= 02–11–2006 21:04:09 [436] ap–scan [375ms]: NO THREAT found in file C:\Odtwarzacze\Winamp\winamp.exe
= 02–11–2006 21:04:09 [2896] *** Process: 2892 (parent 332) C:\Odtwarzacze\Winamp\winamp.exe:
= 02–11–2006 21:04:09 apn–scan(winamp.exe): 42 microseconds
= 02–11–2006 21:04:09 [2896] ap–scan [344ms]: NO THREAT found in file C:\Odtwarzacze\Winamp\winamp.exe
= 02–11–2006 21:04:23 [1544] *** Process: 3236 (parent 2692) C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe:
= 02–11–2006 21:04:24 apn–scan(CLI.exe): 61 microseconds
= 02–11–2006 21:04:24 [1544] ap–scan [125ms]: NO THREAT found in file C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
= 02–11–2006 21:04:31 [3480] *** Process: 3468 (parent 932) C:\WINDOWS\System32\wbem\wmiprvse.exe:
= 02–11–2006 21:04:31 apn–scan(wmiprvse.exe): 53 microseconds
= 02–11–2006 21:04:31 [3480] ap–scan [141ms]: NO THREAT found in file C:\WINDOWS\System32\wbem\wmiprvse.exe
= 02–11–2006 21:05:43 [2380] *** Process: 2568 (parent 1648) C:\Odtwarzacze\Winamp\winamp.exe:
= 02–11–2006 21:05:44 apn–scan(winamp.exe): 42 microseconds
= 02–11–2006 21:05:44 [2380] ap–scan [641ms]: NO THREAT found in file C:\Odtwarzacze\Winamp\winamp.exe
= 02–11–2006 21:05:47 [2508] *** Process: 2608 (parent 1648) C:\Odtwarzacze\Winamp\winamp.exe:
= 02–11–2006 21:05:47 [2848] *** Process: 2784 (parent 1648) C:\Odtwarzacze\Winamp\winamp.exe:
= 02–11–2006 21:05:47 apn–scan(winamp.exe): 43 microseconds
= 02–11–2006 21:05:48 [2508] ap–scan [735ms]: NO THREAT found in file C:\Odtwarzacze\Winamp\winamp.exe
= 02–11–2006 21:05:48 apn–scan(winamp.exe): 42 microseconds
= 02–11–2006 21:05:48 [2848] ap–scan [672ms]: NO THREAT found in file C:\Odtwarzacze\Winamp\winamp.exe
= 02–11–2006 21:09:38 [2860] *** Process: 2836 (parent 1648) C:\Program Files\ATI Technologies\ATI.ACE\cli.exe:
= 02–11–2006 21:09:38 apn–scan(cli.exe): 47 microseconds
= 02–11–2006 21:09:38 [2860] ap–scan [31ms]: NO THREAT found in file C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
= 02–11–2006 21:09:41 [2976] *** Process: 2964 (parent 932) C:\WINDOWS\System32\wbem\wmiprvse.exe:
= 02–11–2006 21:09:41 apn–scan(wmiprvse.exe): 50 microseconds
= 02–11–2006 21:09:41 [2976] ap–scan [62ms]: NO THREAT found in file C:\WINDOWS\System32\wbem\wmiprvse.exe
= 02–11–2006 21:11:33 [4056] *** Process: 4040 (parent 1648) C:\Program Files\ATI Technologies\ATI.ACE\cli.exe:
= 02–11–2006 21:11:33 apn–scan(cli.exe): 47 microseconds
= 02–11–2006 21:11:33 [4056] ap–scan [31ms]: NO THREAT found in file C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
= 02–11–2006 21:11:59 [2412] *** Process: 2532 (parent 1648) D:\ATI\SUPPORT\Hydrovision\MagnifyFX.exe:
= 02–11–2006 21:11:59 apn–scan(MagnifyFX.exe): 43 microseconds
= 02–11–2006 21:11:59 [2412] ap–scan [109ms]: NO THREAT found in file D:\ATI\SUPPORT\Hydrovision\MagnifyFX.exe
= 02–11–2006 21:12:07 [2940] *** Process: 2880 (parent 1648) D:\ATI\SUPPORT\Hydrovision\HydraCPL.exe:
= 02–11–2006 21:12:07 apn–scan(HydraCPL.exe): 53 microseconds
= 02–11–2006 21:12:07 [2940] ap–scan [46ms]: NO THREAT found in file D:\ATI\SUPPORT\Hydrovision\HydraCPL.exe
= 02–11–2006 21:13:33 [3460] *** Process: 820 (parent 1648) D:\P2P\eMule\emule.exe:
= 02–11–2006 21:13:34 apn–scan(emule.exe): 34 microseconds
= 02–11–2006 21:13:34 [3460] ap–scan [969ms]: NO THREAT found in file D:\P2P\eMule\emule.exe
= 02–11–2006 21:14:10 [1956] *** Process: 532 (parent 1648) C:\WINDOWS\system32\NOTEPAD.EXE:
= 02–11–2006 21:14:10 apn–scan(NOTEPAD.EXE): 48 microseconds
= 02–11–2006 21:14:10 [1956] ap–scan [47ms]: NO THREAT found in file C:\WINDOWS\system32\NOTEPAD.EXE
= 02–11–2006 21:14:30 [2956] *** Process: 2696 (parent 228) C:\WINDOWS\hh.exe:
= 02–11–2006 21:14:30 apn–scan(hh.exe): 48 microseconds
= 02–11–2006 21:14:30 [2956] ap–scan [47ms]: NO THREAT found in file C:\WINDOWS\hh.exe
= 02–11–2006 21:15:03 [3348] *** Process: 3340 (parent 228) C:\Program Files\INAC\StartUp Manager\StartupManager.exe:
= 02–11–2006 21:15:03 apn–scan(StartupManager.exe): 52 microseconds
= 02–11–2006 21:15:03 [3348] ap–scan [266ms]: NO THREAT found in file C:\Program Files\INAC\StartUp Manager\StartupManager.exe
= 02–11–2006 21:15:19 process list begins (scan)
= 02–11–2006 21:15:19 0584 \SystemRoot\System32\smss.exe
= 02–11–2006 21:15:19 0648 C:\WINDOWS\system32\csrss.exe
= 02–11–2006 21:15:19 0676 C:\WINDOWS\system32\winlogon.exe
= 02–11–2006 21:15:19 0720 C:\WINDOWS\system32\services.exe
= 02–11–2006 21:15:19 0732 C:\WINDOWS\syst
Logfile of HijackThis v1.99.1
Scan saved at 17:44:29, on 2006–02–24
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Eset\nod32krn.exe
E:\Programy\Alcohol ..9.5\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Eset\nod32kui.exe
E:\Antivirusy\Spyware Nuker\swnxt.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
E:\Odtwarzacze\PowerDVD\PDVDServ.exe
C:\Program Files\Hewlett–Packard\HP Software Update\HPWuSchd2.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
E:\Programy\D–Link AirPlus\AirPlus.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
E:\P2P\eMule plus\eMule.exe
E:\P2P\eMule\emule.exe
C:\WINDOWS\system32\ntvdm.exe
E:\Programy\Przeglondarka internetowa\Opera\Opera.exe
C:\PROGRA~1\GetRight\getright.exe
C:\PROGRA~1\GetRight\getright.exe
E:\Antivirusy\hijackthis\HijackThis.exe
R1 – HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R0 – HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
O2 – BHO: AcroIEHlprObj Class – {06849E9F–C8D7–4D59–B87D–784B7D6BE0B3} – E:\Programy\Acrobat 5.0 CE\Reader\ActiveX\AcroIEHelper.ocx
O2 – BHO: bho2gr Class – {31FF080D–12A3–439A–A2EF–4BA95A3148E8} – C:\Program Files\GetRight\xx2gr.dll
O2 – BHO: (no name) – {53707962–6F74–2D53–2644–206D7942484F} – E:\Antivirusy\Spybot – Search & Destroy\SDHelper.dll
O2 – BHO: SSVHelper Class – {761497BB–D6F0–462C–B6EB–D4DAF1D92D43} – C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O4 – HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 – HKLM\..\Run: [SWN2] E:\Antivirusy\Spyware Nuker\swnxt.exe /h
O4 – HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 – HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime –Delay
O4 – HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 – HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe
O4 – HKLM\..\Run: [RemoteControl] E:\Odtwarzacze\PowerDVD\PDVDServ.exe
O4 – HKLM\..\Run: [HP Software Update] C:\Program Files\Hewlett–Packard\HP Software Update\HPWuSchd2.exe
O4 – HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 – HKLM\..\Run: [BearShare] "E:\P2P\BearShare\BearShare.exe" /pause
O4 – HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 – Global Startup: D–Link AirPlus.lnk = ?
O4 – Global Startup: GetRight – Tray Icon.lnk = C:\Program Files\GetRight\getright.exe
O4 – Global Startup: Microsoft Office.lnk = E:\Programy\Microsoft Office\Office10\OSA.EXE
O8 – Extra context menu item: E&ksport do programu Microsoft Excel – res://E:\Programy\MICROS~1\Office10\EXCEL.EXE/3000
O9 – Extra button: (no name) – {08B0E5C0–4FCB–11CF–AAA5–00401C608501} – C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 – Extra 'Tools' menuitem: Sun Java Console – {08B0E5C0–4FCB–11CF–AAA5–00401C608501} – C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 – Extra button: Messenger – {FB5F1910–F110–11d2–BB9E–00C04F795683} – C:\Program Files\Messenger\msmsgs.exe
O9 – Extra 'Tools' menuitem: Windows Messenger – {FB5F1910–F110–11d2–BB9E–00C04F795683} – C:\Program Files\Messenger\msmsgs.exe
O23 – Service: Ati HotKey Poller – ATI Technologies Inc. – C:\WINDOWS\system32\Ati2evxx.exe
O23 – Service: ATI Smart – Unknown owner – C:\WINDOWS\system32\ati2sgag.exe
O23 – Service: NOD32 Kernel Service (NOD32krn) – Eset – C:\Program Files\Eset\nod32krn.exe
O23 – Service: StarWind iSCSI Service (StarWindService) – Rocket Division Software – E:
\Programy\Alcohol ..9.5\Alcohol 120\StarWind\StarWindService.exe
********* Spyware Nuker XT Log File **********
– Version: 4.5.40.1560 Build 1560
– Definition Database Date: 1/16/2006 08:36:25 AM (12867 entries)
– OS version: Windows XP 5.1.2600 []
– Default Browser: IExplore (C:\Program Files\Internet Explorer\iexplore.exe)
– Browser Versions: IE:6.0.2600.0000;
– User ID: S–1–5–21–1757981266–492894223–682003330–1003
= 02–11–2006 18:44:56 database: 1/16/2006 08:36:25 AM (12867 entries)
= 02–11–2006 18:44:56 2009 exe signatures
= 02–11–2006 18:44:56 52 exe signatures
= 02–11–2006 18:44:57 Scan Locations: "C:\", "D:\"
= 02–11–2006 18:44:57 restored essential registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main|Default_Page_URL => "about:blank"
= 02–11–2006 18:44:57 restored essential registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main|Default_Search_URL => "http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
= 02–11–2006 18:44:57 [396] *** Process: 348 (parent 900) C:\WINDOWS\System32\rasautou.exe:
= 02–11–2006 18:44:57 apn–scan(rasautou.exe): 46 microseconds
= 02–11–2006 18:44:57 [396] ap–scan [0ms]: NO THREAT found in file C:\WINDOWS\System32\rasautou.exe
= 02–11–2006 18:45:22 [604] *** Process: 404 (parent 988) C:\DOCUME~1\Deus\USTAWI~1\Temp\Rar$EX04.079\Crack.eXe:
= 02–11–2006 18:45:22 apn–scan(Crack.eXe): 43 microseconds
= 02–11–2006 18:45:22 [604] ap–scan [0ms]: NO THREAT found in file C:\DOCUME~1\Deus\USTAWI~1\Temp\Rar$EX04.079\Crack.eXe
= 02–11–2006 18:45:30 [864] *** Process: 124 (parent 988) C:\DOCUME~1\Deus\USTAWI~1\Temp\Rar$EX05.375\Crack.eXe:
= 02–11–2006 18:45:30 apn–scan(Crack.eXe): 42 microseconds
= 02–11–2006 18:45:30 [864] ap–scan [15ms]: NO THREAT found in file C:\DOCUME~1\Deus\USTAWI~1\Temp\Rar$EX05.375\Crack.eXe
= 02–11–2006 18:46:08 [836] *** Process: 520 (parent 1072) D:\Antivirusy\Crack.eXe:
= 02–11–2006 18:46:08 apn–scan(Crack.eXe): 34 microseconds
= 02–11–2006 18:46:08 [836] ap–scan [16ms]: NO THREAT found in file D:\Antivirusy\Crack.eXe
= 02–11–2006 18:46:13 [364] *** Process: 488 (parent 1072) D:\Antivirusy\Spyware Nuker\Crack.eXe:
= 02–11–2006 18:46:13 apn–scan(Crack.eXe): 39 microseconds
= 02–11–2006 18:46:13 [364] ap–scan [16ms]: NO THREAT found in file D:\Antivirusy\Spyware Nuker\Crack.eXe
= 02–11–2006 18:46:16 [936] *** Process: 2004 (parent 1072) D:\Antivirusy\Spyware Nuker\Crack.eXe:
= 02–11–2006 18:46:16 apn–scan(Crack.eXe): 35 microseconds
= 02–11–2006 18:46:16 [936] ap–scan [0ms]: NO THREAT found in file D:\Antivirusy\Spyware Nuker\Crack.eXe
= 02–11–2006 18:46:21 [796] *** Process: 444 (parent 1072) D:\Antivirusy\Spyware Nuker\swnxt.exe:
= 02–11–2006 18:46:21 apn–scan(swnxt.exe): 40 microseconds
= 02–11–2006 18:46:21 [796] ap–scan [203ms]: NO THREAT found in file D:\Antivirusy\Spyware Nuker\swnxt.exe
********* Spyware Nuker XT Log File **********
– Version: 4.5.40.1560 Build 1560
– Definition Database Date: 1/16/2006 08:36:25 AM (12867 entries)
– OS version: Windows XP 5.1.2600 []
– Default Browser: IExplore (C:\Program Files\Internet Explorer\iexplore.exe)
– Browser Versions: IE:6.0.2600.0000;
– User ID: S–1–5–21–1757981266–492894223–682003330–1003
= 02–11–2006 18:46:21 database: 1/16/2006 08:36:25 AM (12867 entries)
= 02–11–2006 18:46:22 2009 exe signatures
= 02–11–2006 18:46:22 52 exe signatures
= 02–11–2006 18:46:49 [920] *** Process: 1064 (parent 900) C:\WINDOWS\System32\rundll32.exe:
= 02–11–2006 18:46:49 apn–scan(rundll32.exe): 46 microseconds
= 02–11–2006 18:46:49 [920] ap–scan [31ms]: NO THREAT found in file C:\WINDOWS\System32\rundll32.exe
= 02–11–2006 18:46:49 [1508] *** Process: 1136 (parent 668) C:\WINDOWS\System32\imapi.exe:
= 02–11–2006 18:46:49 apn–scan(imapi.exe): 46 microseconds
= 02–11–2006 18:46:49 [1508] ap–scan [31ms]: NO THREAT found in file C:\WINDOWS\System32\imapi.exe
= 02–11–2006 18:47:06 [1500] *** Process: 464 (parent 900) C:\WINDOWS\System32\rundll32.exe:
= 02–11–2006 18:47:06 apn–scan(rundll32.exe): 46 microseconds
= 02–11–2006 18:47:06 [1500] ap–scan [0ms]: NO THREAT found in file C:\WINDOWS\System32\rundll32.exe
= 02–11–2006 18:47:06 [648] *** Process: 752 (parent 668) C:\WINDOWS\System32\imapi.exe:
= 02–11–2006 18:47:06 apn–scan(imapi.exe): 47 microseconds
= 02–11–2006 18:47:06 [648] ap–scan [16ms]: NO THREAT found in file C:\WINDOWS\System32\imapi.exe
= 02–11–2006 18:47:07 [1232] *** Process: 1188 (parent 1072) E:\AUTORUN.EXE:
= 02–11–2006 18:47:08 apn–scan(AUTORUN.EXE): 33 microseconds
= 02–11–2006 18:47:08 [1232] ap–scan [844ms]: NO THREAT found in file E:\AUTORUN.EXE
= 02–11–2006 18:47:12 [1460] *** Process: 1156 (parent 1072) C:\WINDOWS\system32\rundll32.exe:
= 02–11–2006 18:47:12 apn–scan(rundll32.exe): 48 microseconds
= 02–11–2006 18:47:12 [1460] ap–scan [16ms]: NO THREAT found in file C:\WINDOWS\system32\rundll32.exe
= 02–11–2006 18:47:13 [1140] *** Process: 952 (parent 848) C:\WINDOWS\System32\wbem\wmiprvse.exe:
= 02–11–2006 18:47:13 apn–scan(wmiprvse.exe): 49 microseconds
= 02–11–2006 18:47:13 [1140] ap–scan [62ms]: NO THREAT found in file C:\WINDOWS\System32\wbem\wmiprvse.exe
= 02–11–2006 18:47:15 [1664] *** Process: 1548 (parent 1156) C:\WINDOWS\System32\mmc.exe:
= 02–11–2006 18:47:16 apn–scan(mmc.exe): 45 microseconds
= 02–11–2006 18:47:16 [1664] ap–scan [172ms]: NO THREAT found in file C:\WINDOWS\System32\mmc.exe
= 02–11–2006 18:47:45 [1680] *** Process: 1688 (parent 1072) C:\WINDOWS\system32\rundll32.exe:
= 02–11–2006 18:47:45 apn–scan(rundll32.exe): 48 microseconds
= 02–11–2006 18:47:45 [1680] ap–scan [16ms]: NO THREAT found in file C:\WINDOWS\system32\rundll32.exe
= 02–11–2006 18:49:09 [1968] *** Process: 1964 (parent 1688) C:\WINDOWS\system32\runonce.exe:
= 02–11–2006 18:49:09 apn–scan(runonce.exe): 48 microseconds
= 02–11–2006 18:49:09 [1968] ap–scan [15ms]: NO THREAT found in file C:\WINDOWS\system32\runonce.exe
= 02–11–2006 18:49:10 [1952] *** Process: 1792 (parent 1688) C:\WINDOWS\system32\runonce.exe:
= 02–11–2006 18:49:10 apn–scan(runonce.exe): 48 microseconds
= 02–11–2006 18:49:10 [1952] ap–scan [0ms]: NO THREAT found in file C:\WINDOWS\system32\runonce.exe
= 02–11–2006 18:49:20 [976] *** Process: 984 (parent 1072) C:\WINDOWS\System32\rundll32.exe:
= 02–11–2006 18:49:20 apn–scan(rundll32.exe): 48 microseconds
= 02–11–2006 18:49:20 [976] ap–scan [0ms]: NO THREAT found in file C:\WINDOWS\System32\rundll32.exe
= 02–11–2006 18:50:03 [1892] *** Process: 292 (parent 1072) C:\Program Files\Internet Explorer\iexplore.exe:
= 02–11–2006 18:50:03 apn–scan(iexplore.exe): 47 microseconds
= 02–11–2006 18:50:03 [1892] ap–scan [31ms]: NO THREAT found in file C:\Program Files\Internet Explorer\iexplore.exe
= 02–11–2006 18:50:41 [1660] *** Process: 532 (parent 900) C:\WINDOWS\System32\rundll32.exe:
= 02–11–2006 18:50:41 apn–scan(rundll32.exe): 47 microseconds
= 02–11–2006 18:50:41 [1660] ap–scan [16ms]: NO THREAT found in file C:\WINDOWS\System32\rundll32.exe
= 02–11–2006 18:50:41 [968] *** Process: 1956 (parent 668) C:\WINDOWS\System32\imapi.exe:
= 02–11–2006 18:50:41 apn–scan(imapi.exe): 46 microseconds
= 02–11–2006 18:50:41 [968] ap–scan [32ms]: NO THREAT found in file C:\WINDOWS\System32\imapi.exe
= 02–11–2006 18:50:56 [1820] *** Process: 996 (parent 900) \\?\C:\WINDOWS\system32\WBEM\WMIADAP.EXE:
= 02–11–2006 18:50:56 apn–scan(WMIADAP.EXE): 36 microseconds
= 02–11–2006 18:50:56 [1820] ap–scan [78ms]: NO THREAT found in file \\?\C:\WINDOWS\system32\WBEM\WMIADAP.EXE
= 02–11–2006 18:50:56 [1212] *** Process: 432 (parent 848) C:\WINDOWS\System32\wbem\wmiprvse.exe:
= 02–11–2006 18:50:57 apn–scan(wmiprvse.exe): 48 microseconds
= 02–11–2006 18:50:57 [1212] ap–scan [47ms]: NO THREAT found in file C:\WINDOWS\System32\wbem\wmiprvse.exe
********* Spyware Nuker XT Log File **********
– Version: 4.5.40.1560 Build 1560
– Definition Database Date: 1/16/2006 08:36:25 AM (12867 entries)
– OS version: Windows XP 5.1.2600 []
– Default Browser: Opera (C:\Programy\Opera\Opera.exe)
– Browser Versions: IE:6.0.2600.0000;
– User ID: S–1–5–21–1757981266–492894223–682003330–1003
= 02–11–2006 20:32:41 database: 1/16/2006 08:36:25 AM (12867 entries)
= 02–11–2006 20:32:46 2009 exe signatures
= 02–11–2006 20:32:46 52 exe signatures
= 02–11–2006 20:33:05 Scan Locations: "C:\", "D:\"
= 02–11–2006 20:33:14 [744] *** Process: 720 (parent 728) C:\WINDOWS\System32\wbem\wmiprvse.exe:
= 02–11–2006 20:33:14 apn–scan(wmiprvse.exe): 51 microseconds
= 02–11–2006 20:33:14 [744] ap–scan [140ms]: NO THREAT found in file C:\WINDOWS\System32\wbem\wmiprvse.exe
= 02–11–2006 20:33:24 [1648] *** Process: 1632 (parent 540) C:\WINDOWS\System32\wbem\wmiapsrv.exe:
= 02–11–2006 20:33:24 apn–scan(wmiapsrv.exe): 49 microseconds
= 02–11–2006 20:33:24 [1648] ap–scan [62ms]: NO THREAT found in file C:\WINDOWS\System32\wbem\wmiapsrv.exe
= 02–11–2006 20:33:26 process list begins (scan)
= 02–11–2006 20:33:26 0416 \SystemRoot\System32\smss.exe
= 02–11–2006 20:33:26 0472 C:\WINDOWS\system32\csrss.exe
= 02–11–2006 20:33:26 0496 C:\WINDOWS\system32\winlogon.exe
= 02–11–2006 20:33:26 0540 C:\WINDOWS\system32\services.exe
= 02–11–2006 20:33:26 0552 C:\WINDOWS\system32\lsass.exe
= 02–11–2006 20:33:26 0728 C:\WINDOWS\system32\svchost.exe
= 02–11–2006 20:33:26 0780 C:\WINDOWS\System32\svchost.exe
= 02–11–2006 20:33:26 0844 C:\WINDOWS\System32\svchost.exe
= 02–11–2006 20:33:26 0868 C:\WINDOWS\System32\svchost.exe
= 02–11–2006 20:33:26 0948 C:\WINDOWS\system32\spoolsv.exe
= 02–11–2006 20:33:26 1124 C:\Program Files\Eset\nod32krn.exe
= 02–11–2006 20:33:26 1156 C:\Programy\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
= 02–11–2006 20:33:26 1680 C:\WINDOWS\Explorer.EXE
= 02–11–2006 20:33:26 1892 C:\Program Files\Eset\nod32kui.exe
= 02–11–2006 20:33:26 1980 D:\Antivirusy\Spyware Nuker\swnxt.exe
= 02–11–2006 20:33:26 2012 C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
= 02–11–2006 20:33:26 2032 C:\WINDOWS\System32\RunDll32.exe
= 02–11–2006 20:33:26 0216 C:\Programy\PowerDVD\PDVDServ.exe
= 02–11–2006 20:33:26 0244 C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
= 02–11–2006 20:33:26 0276 C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb10.exe
= 02–11–2006 20:33:26 0296 C:\Program Files\Hewlett–Packard\HP Software Update\HPWuSchd2.exe
= 02–11–2006 20:33:26 0352 C:\Odtwarzacze\Winamp\winampa.exe
= 02–11–2006 20:33:26 0348 D:\P2P\Ares\Ares.exe
= 02–11–2006 20:33:26 0720 C:\WINDOWS\System32\wbem\wmiprvse.exe
= 02–11–2006 20:33:26 process list ends (scan)
= 02–11–2006 20:33:35 Will scan the following folders:
= 02–11–2006 20:33:35 1: C:\
= 02–11–2006 20:33:35 2: D:\
= 02–11–2006 20:33:56 [3624] *** Process: 3616 (parent 244) C:\Program Files\HP\hpcoretech\soln\HPOSM.exe:
= 02–11–2006 20:33:56 apn–scan(HPOSM.exe): 75 microseconds
= 02–11–2006 20:33:56 [3624] ap–scan [78ms]: NO THREAT found in file C:\Program Files\HP\hpcoretech\soln\HPOSM.exe
= 02–11–2006 20:33:57 [3796] *** Process: 3788 (parent 244) C:\Program Files\HP\hpcoretech\comp\hpdarc.exe:
= 02–11–2006 20:33:57 apn–scan(hpdarc.exe): 61 microseconds
= 02–11–2006 20:33:57 [3796] ap–scan [47ms]: NO THREAT found in file C:\Program Files\HP\hpcoretech\comp\hpdarc.exe
= 02–11–2006 20:33:58 [3948] *** Process: 3940 (parent 244) C:\Program Files\HP\hpcoretech\comp\hptskmgr.exe:
= 02–11–2006 20:33:58 apn–scan(hptskmgr.exe): 45 microseconds
= 02–11–2006 20:33:58 [3948] ap–scan [46ms]: NO THREAT found in file C:\Program Files\HP\hpcoretech\comp\hptskmgr.exe
= 02–11–2006 20:33:59 [4012] *** Process: 4004 (parent 244) C:\Program Files\HP\hpcoretech\comp\hpuihost.exe:
= 02–11–2006 20:33:59 apn–scan(hpuihost.exe): 46 microseconds
= 02–11–2006 20:33:59 [4012] ap–scan [32ms]: NO THREAT found in file C:\Program Files\HP\hpcoretech\comp\hpuihost.exe
= 02–11–2006 20:34:13 [1716] *** Process: 1780 (parent 1680) C:\WINDOWS\system32\rundll32.exe:
= 02–11–2006 20:34:13 apn–scan(rundll32.exe): 63 microseconds
= 02–11–2006 20:34:13 [1716] ap–scan [16ms]: NO THREAT found in file C:\WINDOWS\system32\rundll32.exe
= 02–11–2006 20:34:48 [3760] *** Process: 3752 (parent 1680) D:\Odebrane pliki\Ati sterownik redeon\9–13_mmc_euro1.exe:
= 02–11–2006 20:34:48 apn–scan(9–13_mmc_euro1.exe): 53 microseconds
= 02–11–2006 20:34:48 [3760] ap–scan [94ms]: NO THREAT found in file D:\Odebrane pliki\Ati sterownik redeon\9–13_mmc_euro1.exe
= 02–11–2006 20:35:09 [744] *** Process: 752 (parent 3752) D:\ATI\SUPPORT\9–13_mmc_euro1\setup.exe:
= 02–11–2006 20:35:09 apn–scan(setup.exe): 39 microseconds
= 02–11–2006 20:35:09 [744] ap–scan [125ms]: NO THREAT found in file D:\ATI\SUPPORT\9–13_mmc_euro1\setup.exe
= 02–11–2006 20:35:14 [1716] *** Process: 556 (parent 728) C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe:
= 02–11–2006 20:35:15 apn–scan(IDriver.exe): 61 microseconds
= 02–11–2006 20:35:15 [1716] ap–scan [235ms]: NO THREAT found in file C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe
= 02–11–2006 20:35:15 [2084] *** Process: 2076 (parent 728) C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe:
= 02–11–2006 20:35:15 apn–scan(IDriver.exe): 48 microseconds
= 02–11–2006 20:35:15 [2084] ap–scan [203ms]: NO THREAT found in file C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe
= 02–11–2006 20:35:16 [1152] *** Process: 2140 (parent 540) C:\WINDOWS\System32\msiexec.exe:
= 02–11–2006 20:35:16 apn–scan(msiexec.exe): 53 microseconds
= 02–11–2006 20:35:16 [1152] ap–scan [31ms]: NO THREAT found in file C:\WINDOWS\System32\msiexec.exe
= 02–11–2006 20:35:16 [2200] *** Process: 204 (parent 2140) C:\WINDOWS\System32\MsiExec.exe:
= 02–11–2006 20:35:16 apn–scan(MsiExec.exe): 47 microseconds
= 02–11–2006 20:35:16 [2200] ap–scan [16ms]: NO THREAT found in file C:\WINDOWS\System32\MsiExec.exe
= 02–11–2006 20:35:27 [2876] *** Process: 2868 (parent 728) C:\WINDOWS\System32\wbem\wmiprvse.exe:
= 02–11–2006 20:35:27 apn–scan(wmiprvse.exe): 57 microseconds
= 02–11–2006 20:35:27 [2876] ap–scan [47ms]: NO THREAT found in file C:\WINDOWS\System32\wbem\wmiprvse.exe
= 02–11–2006 20:35:52 [3248] *** Process: 3240 (parent 2140) C:\WINDOWS\System32\MsiExec.exe:
= 02–11–2006 20:35:52 apn–scan(MsiExec.exe): 49 microseconds
= 02–11–2006 20:35:52 [3248] ap–scan [31ms]: NO THREAT found in file C:\WINDOWS\System32\MsiExec.exe
= 02–11–2006 20:35:54 [3472] *** Process: 3072 (parent 2140) C:\WINDOWS\System32\MsiExec.exe:
= 02–11–2006 20:35:54 apn–scan(MsiExec.exe): 48 microseconds
= 02–11–2006 20:35:54 [3472] ap–scan [16ms]: NO THREAT found in file C:\WINDOWS\System32\MsiExec.exe
= 02–11–2006 20:36:00 [3948] *** Process: 3956 (parent 496) C:\WINDOWS\system32\logonui.exe:
= 02–11–2006 20:36:00 apn–scan(logonui.exe): 56 microseconds
= 02–11–2006 20:36:00 [3948] ap–scan [78ms]: NO THREAT found in file C:\WINDOWS\system32\logonui.exe
********* Spyware Nuker XT Log File **********
– Version: 4.5.40.1560 Build 1560
– Definition Database Date: 1/16/2006 08:36:25 AM (12867 entries)
– OS version: Windows XP 5.1.2600 []
– Default Browser: Opera (C:\Programy\Opera\Opera.exe)
– Browser Versions: IE:6.0.2600.0000;
– User ID: S–1–5–21–1757981266–492894223–682003330–1003
= 02–11–2006 20:37:34 database: 1/16/2006 08:36:25 AM (12867 entries)
= 02–11–2006 20:37:38 2009 exe signatures
= 02–11–2006 20:37:38 52 exe signatures
= 02–11–2006 20:37:50 Scan Locations: "C:\", "D:\"
= 02–11–2006 20:37:59 [152] *** Process: 1884 (parent 908) C:\WINDOWS\System32\wbem\wmiprvse.exe:
= 02–11–2006 20:37:59 apn–scan(wmiprvse.exe): 50 microseconds
= 02–11–2006 20:37:59 [152] ap–scan [156ms]: NO THREAT found in file C:\WINDOWS\System32\wbem\wmiprvse.exe
= 02–11–2006 20:38:09 [2472] *** Process: 2464 (parent 716) C:\WINDOWS\System32\wbem\wmiapsrv.exe:
= 02–11–2006 20:38:09 apn–scan(wmiapsrv.exe): 49 microseconds
= 02–11–2006 20:38:09 [2472] ap–scan [32ms]: NO THREAT found in file C:\WINDOWS\System32\wbem\wmiapsrv.exe
= 02–11–2006 20:38:58 [1356] *** Process: 1352 (parent 1572) C:\WINDOWS\system32\rundll32.exe:
= 02–11–2006 20:38:58 apn–scan(rundll32.exe): 47 microseconds
= 02–11–2006 20:38:58 [1356] ap–scan [15ms]: NO THREAT found in file C:\WINDOWS\system32\rundll32.exe
= 02–11–2006 20:39:21 [2552] *** Process: 2544 (parent 1032) C:\WINDOWS\System32\MsiExec.exe:
= 02–11–2006 20:39:21 apn–scan(MsiExec.exe): 47 microseconds
= 02–11–2006 20:39:21 [2552] ap–scan [31ms]: NO THREAT found in file C:\WINDOWS\System32\MsiExec.exe
= 02–11–2006 20:39:21 [2624] *** Process: 2616 (parent 908) C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe:
= 02–11–2006 20:39:21 apn–scan(IDriver.exe): 44 microseconds
= 02–11–2006 20:39:21 [2624] ap–scan [266ms]: NO THREAT found in file C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe
= 02–11–2006 20:39:38 [3992] *** Process: 3972 (parent 1032) C:\Program Files\ATI Technologies\ATI.ACE\atishlx.exe:
= 02–11–2006 20:39:38 apn–scan(atishlx.exe): 47 microseconds
= 02–11–2006 20:39:38 [3992] ap–scan [47ms]: NO THREAT found in file C:\Program Files\ATI Technologies\ATI.ACE\atishlx.exe
= 02–11–2006 20:39:39 [4052] *** Process: 4044 (parent 3972) C:\WINDOWS\System32\cmd.exe:
= 02–11–2006 20:39:39 apn–scan(cmd.exe): 49 microseconds
= 02–11–2006 20:39:39 [4052] ap–scan [422ms]: NO THREAT found in file C:\WINDOWS\System32\cmd.exe
= 02–11–2006 20:39:39 [4092] *** Process: 1316 (parent 4044) C:\WINDOWS\regedit.exe:
= 02–11–2006 20:39:40 apn–scan(regedit.exe): 45 microseconds
= 02–11–2006 20:39:40 [4092] ap–scan [63ms]: NO THREAT found in file C:\WINDOWS\regedit.exe
= 02–11–2006 20:39:40 [568] *** Process: 532 (parent 4044) C:\Program Files\ATI Technologies\ATI.ACE\thunk.exe:
= 02–11–2006 20:39:40 apn–scan(thunk.exe): 44 microseconds
= 02–11–2006 20:39:40 [568] ap–scan [15ms]: NO THREAT found in file C:\Program Files\ATI Technologies\ATI.ACE\thunk.exe
= 02–11–2006 20:39:40 [1492] *** Process: 284 (parent 4044) C:\Program Files\ATI Technologies\ATI.ACE\uccc.exe:
= 02–11–2006 20:39:40 apn–scan(uccc.exe): 44 microseconds
= 02–11–2006 20:39:40 [1492] ap–scan [32ms]: NO THREAT found in file C:\Program Files\ATI Technologies\ATI.ACE\uccc.exe
= 02–11–2006 20:39:42 [1940] *** Process: 1208 (parent 1032) C:\WINDOWS\System32\MsiExec.exe:
= 02–11–2006 20:39:42 apn–scan(MsiExec.exe): 46 microseconds
= 02–11–2006 20:39:42 [1940] ap–scan [16ms]: NO THREAT found in file C:\WINDOWS\System32\MsiExec.exe
= 02–11–2006 20:39:50 [720] *** Process: 360 (parent 1572) C:\WINDOWS\System32\SNDVOL32.EXE:
= 02–11–2006 20:39:50 apn–scan(SNDVOL32.EXE): 50 microseconds
= 02–11–2006 20:39:50 [720] ap–scan [63ms]: NO THREAT found in file C:\WINDOWS\System32\SNDVOL32.EXE
= 02–11–2006 20:39:55 [3632] *** Process: 3624 (parent 1572) C:\WINDOWS\system32\rundll32.exe:
= 02–11–2006 20:39:55 apn–scan(rundll32.exe): 47 microseconds
= 02–11–2006 20:39:55 [3632] ap–scan [16ms]: NO THREAT found in file C:\WINDOWS\system32\rundll32.exe
= 02–11–2006 20:40:07 [3332] *** Process: 3324 (parent 1032) C:\WINDOWS\Installer\MSI59A.tmp:
= 02–11–2006 20:40:07 apn–scan(MSI59A.tmp): 46 microseconds
= 02–11–2006 20:40:07 [3332] ap–scan [15ms]: NO THREAT found in file C:\WINDOWS\Installer\MSI59A.tmp
= 02–11–2006 20:40:33 [3976] *** Process: 3968 (parent 1572) D:\Odebrane pliki\Ati sterownik redeon\6–1_xp–2k_dd_ccc_wdm_enu_29602_redeon .exe:
= 02–11–2006 20:40:33 apn–scan(6–1_xp–2k_dd_ccc_wdm_enu_29602_redeon .exe): 37 microseconds
= 02–11–2006 20:40:33 [3976] ap–scan [125ms]: NO THREAT found in file D:\Odebrane pliki\Ati sterownik redeon\6–1_xp–2k_dd_ccc_wdm_enu_29602_redeon .exe
= 02–11–2006 20:41:01 [2716] *** Process: 2696 (parent 3968) D:\ATI\SUPPORT\6–1_xp–2k_dd_ccc_wdm_enu_29602\setup.exe:
= 02–11–2006 20:41:01 apn–scan(setup.exe): 38 microseconds
= 02–11–2006 20:41:01 [2716] ap–scan [63ms]: NO THREAT found in file D:\ATI\SUPPORT\6–1_xp–2k_dd_ccc_wdm_enu_29602\setup.exe
= 02–11–2006 20:41:02 [2740] *** Process: 2736 (parent 2696) D:\ATI\SUPPORT\6–1_xp–2k_dd_ccc_wdm_enu_29602\issetup.exe:
= 02–11–2006 20:41:02 apn–scan(issetup.exe): 37 microseconds
= 02–11–2006 20:41:02 [2740] ap–scan [63ms]: NO THREAT found in file D:\ATI\SUPPORT\6–1_xp–2k_dd_ccc_wdm_enu_29602\issetup.exe
= 02–11–2006 20:41:02 [2784] *** Process: 2776 (parent 2736) C:\Program Files\Common Files\InstallShield\engine\6\Intel 32\IKernel.exe:
= 02–11–2006 20:41:02 apn–scan(IKernel.exe): 48 microseconds
= 02–11–2006 20:41:02 [2784] ap–scan [171ms]: NO THREAT found in file C:\Program Files\Common Files\InstallShield\engine\6\Intel 32\IKernel.exe
= 02–11–2006 20:41:03 [2832] *** Process: 2824 (parent 908) C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\IKernel.exe:
= 02–11–2006 20:41:03 apn–scan(IKernel.exe): 44 microseconds
= 02–11–2006 20:41:03 [2832] ap–scan [188ms]: NO THREAT found in file C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\IKernel.exe
= 02–11–2006 20:41:04 [2888] *** Process: 2880 (parent 2824) C:\Program Files\Common Files\InstallShield\engine\6\Intel 32\iKernel.exe:
= 02–11–2006 20:41:04 apn–scan(iKernel.exe): 48 microseconds
= 02–11–2006 20:41:04 [2888] ap–scan [156ms]: NO THREAT found in file C:\Program Files\Common Files\InstallShield\engine\6\Intel 32\iKernel.exe
= 02–11–2006 20:41:11 [3292] *** Process: 3284 (parent 908) C:\WINDOWS\System32\wbem\wmiprvse.exe:
= 02–11–2006 20:41:11 apn–scan(wmiprvse.exe): 52 microseconds
= 02–11–2006 20:41:11 [3292] ap–scan [47ms]: NO THREAT found in file C:\WINDOWS\System32\wbem\wmiprvse.exe
= 02–11–2006 20:41:23 [3552] *** Process: 3544 (parent 2824) D:\ATI\SUPPORT\6–1_xp–2k_dd_ccc_wdm_enu_29602\AtiCim.bin:
= 02–11–2006 20:41:23 apn–scan(AtiCim.bin): 37 microseconds
= 02–11–2006 20:41:23 [3552] ap–scan [31ms]: NO THREAT found in file D:\ATI\SUPPORT\6–1_xp–2k_dd_ccc_wdm_enu_29602\AtiCim.bin
= 02–11–2006 20:41:24 [524] *** Process: 152 (parent 3544) D:\ATI\SUPPORT\6–1_xp–2k_dd_ccc_wdm_enu_29602\Driver\setup.exe:
= 02–11–2006 20:41:24 apn–scan(setup.exe): 39 microseconds
= 02–11–2006 20:41:24 [524] ap–scan [16ms]: NO THREAT found in file D:\ATI\SUPPORT\6–1_xp–2k_dd_ccc_wdm_enu_29602\Driver\setup.exe
= 02–11–2006 20:41:24 [3620] *** Process: 3608 (parent 152) C:\Program Files\Common Files\InstallShield\engine\6\Intel 32\IKernel.exe:
= 02–11–2006 20:41:25 apn–scan(IKernel.exe): 46 microseconds
= 02–11–2006 20:41:25 [3620] ap–scan [187ms]: NO THREAT found in file C:\Program Files\Common Files\InstallShield\engine\6\Intel 32\IKernel.exe
= 02–11–2006 20:41:25 [3716] *** Process: 3704 (parent 908) C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\IKernel.exe:
= 02–11–2006 20:41:25 apn–scan(IKernel.exe): 43 microseconds
= 02–11–2006 20:41:25 [3716] ap–scan [157ms]: NO THREAT found in file C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\IKernel.exe
= 02–11–2006 20:41:25 [3832] *** Process: 3824 (parent 3704) C:\Program Files\Common Files\InstallShield\engine\6\Intel 32\iKernel.exe:
= 02–11–2006 20:41:25 apn–scan(iKernel.exe): 47 microseconds
= 02–11–2006 20:41:25 [3832] ap–scan [156ms]: NO THREAT found in file C:\Program Files\Common Files\InstallShield\engine\6\Intel 32\iKernel.exe
= 02–11–2006 20:41:30 [4012] *** Process: 1252 (parent 3704) C:\WINDOWS\regedit.exe:
= 02–11–2006 20:41:30 apn–scan(regedit.exe): 43 microseconds
= 02–11–2006 20:41:30 [4012] ap–scan [31ms]: NO THREAT found in file C:\WINDOWS\regedit.exe
= 02–11–2006 20:41:37 [2496] *** Process: 2488 (parent 3704) C:\WINDOWS\System32\runonce.exe:
= 02–11–2006 20:41:37 apn–scan(runonce.exe): 48 microseconds
= 02–11–2006 20:41:37 [2496] ap–scan [15ms]: NO THREAT found in file C:\WINDOWS\System32\runonce.exe
= 02–11–2006 20:41:39 [2648] *** Process: 2644 (parent 3704) C:\WINDOWS\system32\ati2sgag.exe:
= 02–11–2006 20:41:39 apn–scan(ati2sgag.exe): 46 microseconds
= 02–11–2006 20:41:39 [2648] ap–scan [125ms]: NO THREAT found in file C:\WINDOWS\system32\ati2sgag.exe
= 02–11–2006 20:41:47 [2808] *** Process: 1716 (parent 3544) D:\ATI\SUPPORT\6–1_xp–2k_dd_ccc_wdm_enu_29602\ACE\setup.exe:
= 02–11–2006 20:41:47 apn–scan(setup.exe): 41 microseconds
= 02–11–2006 20:41:47 [2808] ap–scan [125ms]: NO THREAT found in file D:\ATI\SUPPORT\6–1_xp–2k_dd_ccc_wdm_enu_29602\ACE\setup.exe
= 02–11–2006 20:42:01 [3696] *** Process: 3388 (parent 1716) C:\WINDOWS\system32\MSIEXEC.EXE:
= 02–11–2006 20:42:01 apn–scan(MSIEXEC.EXE): 48 microseconds
= 02–11–2006 20:42:01 [3696] ap–scan [16ms]: NO THREAT found in file C:\WINDOWS\system32\MSIEXEC.EXE
= 02–11–2006 20:42:01 [3476] *** Process: 3468 (parent 1032) C:\WINDOWS\System32\MsiExec.exe:
= 02–11–2006 20:42:01 apn–scan(MsiExec.exe): 47 microseconds
= 02–11–2006 20:42:01 [3476] ap–scan [32ms]: NO THREAT found in file C:\WINDOWS\System32\MsiExec.exe
= 02–11–2006 20:42:01 [1788] *** Process: 1928 (parent 908) C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe:
= 02–11–2006 20:42:01 apn–scan(IDriver.exe): 44 microseconds
= 02–11–2006 20:42:01 [1788] ap–scan [218ms]: NO THREAT found in file C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe
= 02–11–2006 20:42:06 [3540] *** Process: 3872 (parent 1032) C:\WINDOWS\System32\MsiExec.exe:
= 02–11–2006 20:42:06 apn–scan(MsiExec.exe): 47 microseconds
= 02–11–2006 20:42:06 [3540] ap–scan [31ms]: NO THREAT found in file C:\WINDOWS\System32\MsiExec.exe
= 02–11–2006 20:42:19 [852] *** Process: 376 (parent 1032) C:\Program Files\ATI Technologies\ATI.ACE\atishlx.exe:
= 02–11–2006 20:42:19 apn–scan(atishlx.exe): 44 microseconds
= 02–11–2006 20:42:19 [852] ap–scan [31ms]: NO THREAT found in file C:\Program Files\ATI Technologies\ATI.ACE\atishlx.exe
= 02–11–2006 20:42:19 [692] *** Process: 508 (parent 376) C:\WINDOWS\System32\cmd.exe:
= 02–11–2006 20:42:20 apn–scan(cmd.exe): 46 microseconds
= 02–11–2006 20:42:20 [692] ap–scan [297ms]: NO THREAT found in file C:\WINDOWS\System32\cmd.exe
= 02–11–2006 20:42:20 [1196] *** Process: 1096 (parent 508) C:\WINDOWS\regedit.exe:
= 02–11–2006 20:42:20 apn–scan(regedit.exe): 44 microseconds
= 02–11–2006 20:42:20 [1196] ap–scan [63ms]: NO THREAT found in file C:\WINDOWS\regedit.exe
= 02–11–2006 20:42:20 [1300] *** Process: 1904 (parent 508) C:\WINDOWS\regedit.exe:
= 02–11–2006 20:42:20 apn–scan(regedit.exe): 43 microseconds
= 02–11–2006 20:42:20 [1300] ap–scan [94ms]: NO THREAT found in file C:\WINDOWS\regedit.exe
= 02–11–2006 20:42:20 [1500] *** Process: 1376 (parent 508) C:\Program Files\ATI Technologies\ATI.ACE\thunk.exe:
= 02–11–2006 20:42:20 apn–scan(thunk.exe): 44 microseconds
= 02–11–2006 20:42:20 [1500] ap–scan [16ms]: NO THREAT found in file C:\Program Files\ATI Technologies\ATI.ACE\thunk.exe
= 02–11–2006 20:42:20 [1840] *** Process: 1216 (parent 508) C:\Program Files\ATI Technologies\ATI.ACE\thunk.exe:
= 02–11–2006 20:42:20 apn–scan(thunk.exe): 44 microseconds
= 02–11–2006 20:42:20 [1840] ap–scan [31ms]: NO THREAT found in file C:\Program Files\ATI Technologies\ATI.ACE\thunk.exe
= 02–11–2006 20:42:31 [2172] *** Process: 2168 (parent 672) C:\WINDOWS\system32\logonui.exe:
= 02–11–2006 20:42:32 apn–scan(logonui.exe): 48 microseconds
= 02–11–2006 20:42:32 [2172] ap–scan [360ms]: NO THREAT found in file C:\WINDOWS\system32\logonui.exe
********* Spyware Nuker XT Log File **********
– Version: 4.5.40.1560 Build 1560
– Definition Database Date: 1/16/2006 08:36:25 AM (12867 entries)
– OS version: Windows XP 5.1.2600 []
– Default Browser: Opera (C:\Programy\Opera\Opera.exe)
– Browser Versions: IE:6.0.2600.0000;
– User ID: S–1–5–21–1757981266–492894223–682003330–1003
= 02–11–2006 20:43:43 database: 1/16/2006 08:36:25 AM (12867 entries)
= 02–11–2006 20:43:45 2009 exe signatures
= 02–11–2006 20:43:45 52 exe signatures
= 02–11–2006 20:43:49 Scan Locations: "C:\", "D:\"
= 02–11–2006 20:44:01 [1836] *** Process: 1828 (parent 1204) C:\WINDOWS\System32\regedt32.exe:
= 02–11–2006 20:44:01 apn–scan(regedt32.exe): 46 microseconds
= 02–11–2006 20:44:01 [1836] ap–scan [63ms]: NO THREAT found in file C:\WINDOWS\System32\regedt32.exe
= 02–11–2006 20:44:07 [1876] *** Process: 1868 (parent 1616) C:\Program Files\ATI Technologies\ATI.ACE\cli.exe:
= 02–11–2006 20:44:08 apn–scan(cli.exe): 54 microseconds
= 02–11–2006 20:44:08 [1876] ap–scan [937ms]: NO THREAT found in file C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
= 02–11–2006 20:44:08 [1908] *** Process: 1900 (parent 1828) C:\WINDOWS\regedit.exe:
= 02–11–2006 20:44:09 apn–scan(regedit.exe): 48 microseconds
= 02–11–2006 20:44:09 [1908] ap–scan [593ms]: NO THREAT found in file C:\WINDOWS\regedit.exe
= 02–11–2006 20:44:09 [1988] *** Process: 1980 (parent 720) C:\WINDOWS\System32\imapi.exe:
= 02–11–2006 20:44:09 apn–scan(imapi.exe): 46 microseconds
= 02–11–2006 20:44:09 [1988] ap–scan [78ms]: NO THREAT found in file C:\WINDOWS\System32\imapi.exe
= 02–11–2006 20:44:13 [1060] *** Process: 556 (parent 1076) C:\WINDOWS\system32\ati2sgag.exe:
= 02–11–2006 20:44:14 apn–scan(ati2sgag.exe): 48 microseconds
= 02–11–2006 20:44:14 [1060] ap–scan [610ms]: NO THREAT found in file C:\WINDOWS\system32\ati2sgag.exe
= 02–11–2006 20:44:24 [2148] *** Process: 2140 (parent 932) C:\WINDOWS\System32\wbem\wmiprvse.exe:
= 02–11–2006 20:44:24 apn–scan(wmiprvse.exe): 55 microseconds
= 02–11–2006 20:44:24 [2148] ap–scan [78ms]: NO THREAT found in file C:\WINDOWS\System32\wbem\wmiprvse.exe
= 02–11–2006 20:44:24 [2172] *** Process: 2164 (parent 720) C:\WINDOWS\System32\wbem\wmiapsrv.exe:
= 02–11–2006 20:44:24 apn–scan(wmiapsrv.exe): 48 microseconds
= 02–11–2006 20:44:24 [2172] ap–scan [62ms]: NO THREAT found in file C:\WINDOWS\System32\wbem\wmiapsrv.exe
= 02–11–2006 20:44:28 [2448] *** Process: 2440 (parent 1528) C:\Program Files\ATI Technologies\ATI.ACE\cli.exe:
= 02–11–2006 20:44:28 apn–scan(cli.exe): 46 microseconds
= 02–11–2006 20:44:28 [2448] ap–scan [47ms]: NO THREAT found in file C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
= 02–11–2006 20:44:33 [2864] *** Process: 2856 (parent 428) C:\Program Files\ATI Technologies\ATI.ACE\cli.exe:
= 02–11–2006 20:44:33 apn–scan(cli.exe): 50 microseconds
= 02–11–2006 20:44:33 [2864] ap–scan [31ms]: NO THREAT found in file C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
= 02–11–2006 20:44:33 [2888] *** Process: 2880 (parent 428) C:\Program Files\ATI Technologies\ATI.ACE\cli.exe:
= 02–11–2006 20:44:34 apn–scan(cli.exe): 46 microseconds
= 02–11–2006 20:44:34 [2888] ap–scan [63ms]: NO THREAT found in file C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
= 02–11–2006 20:44:34 [2936] *** Process: 2928 (parent 428) C:\Program Files\ATI Technologies\ATI.ACE\cli.exe:
= 02–11–2006 20:44:34 apn–scan(cli.exe): 46 microseconds
= 02–11–2006 20:44:34 [2936] ap–scan [78ms]: NO THREAT found in file C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
= 02–11–2006 20:44:45 [3408] *** Process: 3400 (parent 2880) C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe:
= 02–11–2006 20:44:45 apn–scan(CLI.exe): 52 microseconds
= 02–11–2006 20:44:45 [3408] ap–scan [93ms]: NO THREAT found in file C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
= 02–11–2006 20:44:45 [3532] *** Process: 3524 (parent 720) C:\WINDOWS\System32\wbem\wmiapsrv.exe:
= 02–11–2006 20:44:45 apn–scan(wmiapsrv.exe): 48 microseconds
= 02–11–2006 20:44:45 [3532] ap–scan [31ms]: NO THREAT found in file C:\WINDOWS\System32\wbem\wmiapsrv.exe
= 02–11–2006 20:44:46 [3628] *** Process: 3620 (parent 720) C:\WINDOWS\System32\wbem\wmiapsrv.exe:
= 02–11–2006 20:44:46 apn–scan(wmiapsrv.exe): 48 microseconds
= 02–11–2006 20:44:46 [3628] ap–scan [31ms]: NO THREAT found in file C:\WINDOWS\System32\wbem\wmiapsrv.exe
= 02–11–2006 20:45:08 [244] *** Process: 1456 (parent 2880) C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe:
= 02–11–2006 20:45:08 apn–scan(CLI.exe): 46 microseconds
= 02–11–2006 20:45:08 [244] ap–scan [31ms]: NO THREAT found in file C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
= 02–11–2006 20:45:11 [1428] *** Process: 1500 (parent 1616) C:\WINDOWS\system32\rundll32.exe:
= 02–11–2006 20:45:11 apn–scan(rundll32.exe): 48 microseconds
= 02–11–2006 20:45:11 [1428] ap–scan [16ms]: NO THREAT found in file C:\WINDOWS\system32\rundll32.exe
= 02–11–2006 20:45:28 [3872] *** Process: 3864 (parent 1528) C:\Program Files\ATI Technologies\ATI.ACE\cli.exe:
= 02–11–2006 20:45:28 apn–scan(cli.exe): 47 microseconds
= 02–11–2006 20:45:28 [3872] ap–scan [31ms]: NO THREAT found in file C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
= 02–11–2006 20:45:45 [2260] *** Process: 3040 (parent 2880) D:\ATI\SUPPORT\Hydrovision\HydraCPL.exe:
= 02–11–2006 20:45:45 apn–scan(HydraCPL.exe): 35 microseconds
= 02–11–2006 20:45:45 [2260] ap–scan [63ms]: NO THREAT found in file D:\ATI\SUPPORT\Hydrovision\HydraCPL.exe
= 02–11–2006 20:46:01 [2292] *** Process: 2252 (parent 1616) C:\WINDOWS\system32\rundll32.exe:
= 02–11–2006 20:46:01 apn–scan(rundll32.exe): 48 microseconds
= 02–11–2006 20:46:01 [2292] ap–scan [16ms]: NO THREAT found in file C:\WINDOWS\system32\rundll32.exe
= 02–11–2006 20:46:07 [3724] *** Process: 3708 (parent 1528) C:\Program Files\ATI Technologies\ATI.ACE\cli.exe:
= 02–11–2006 20:46:07 apn–scan(cli.exe): 50 microseconds
= 02–11–2006 20:46:07 [3724] ap–scan [31ms]: NO THREAT found in file C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
= 02–11–2006 20:46:14 [3956] *** Process: 540 (parent 1528) C:\Program Files\ATI Technologies\ATI.ACE\cli.exe:
= 02–11–2006 20:46:14 apn–scan(cli.exe): 48 microseconds
= 02–11–2006 20:46:14 [3956] ap–scan [31ms]: NO THREAT found in file C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
= 02–11–2006 20:46:21 [560] *** Process: 1192 (parent 1616) C:\WINDOWS\system32\rundll32.exe:
= 02–11–2006 20:46:21 apn–scan(rundll32.exe): 50 microseconds
= 02–11–2006 20:46:21 [560] ap–scan [15ms]: NO THREAT found in file C:\WINDOWS\system32\rundll32.exe
= 02–11–2006 20:46:27 [548] *** Process: 3280 (parent 1192) C:\WINDOWS\System32\logon.scr:
= 02–11–2006 20:46:27 apn–scan(logon.scr): 46 microseconds
= 02–11–2006 20:46:27 [548] ap–scan [47ms]: NO THREAT found in file C:\WINDOWS\System32\logon.scr
= 02–11–2006 20:47:22 [496] *** Process: 1840 (parent 984) C:\WINDOWS\System32\rundll32.exe:
= 02–11–2006 20:47:22 apn–scan(rundll32.exe): 46 microseconds
= 02–11–2006 20:47:22 [496] ap–scan [47ms]: NO THREAT found in file C:\WINDOWS\System32\rundll32.exe
= 02–11–2006 20:47:22 [1964] *** Process: 2044 (parent 720) C:\WINDOWS\System32\imapi.exe:
= 02–11–2006 20:47:22 apn–scan(imapi.exe): 47 microseconds
= 02–11–2006 20:47:22 [1964] ap–scan [47ms]: NO THREAT found in file C:\WINDOWS\System32\imapi.exe
= 02–11–2006 20:48:05 [3344] *** Process: 3336 (parent 2880) C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe:
= 02–11–2006 20:48:05 apn–scan(CLI.exe): 46 microseconds
= 02–11–2006 20:48:05 [3344] ap–scan [32ms]: NO THREAT found in file C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
= 02–11–2006 20:48:09 [3584] *** Process: 3572 (parent 932) C:\WINDOWS\System32\wbem\wmiprvse.exe:
= 02–11–2006 20:48:09 apn–scan(wmiprvse.exe): 47 microseconds
= 02–11–2006 20:48:09 [3584] ap–scan [62ms]: NO THREAT found in file C:\WINDOWS\System32\wbem\wmiprvse.exe
= 02–11–2006 20:49:11 [444] *** Process: 3188 (parent 1192) C:\WINDOWS\system32\runonce.exe:
= 02–11–2006 20:49:11 apn–scan(runonce.exe): 48 microseconds
= 02–11–2006 20:49:11 [444] ap–scan [0ms]: NO THREAT found in file C:\WINDOWS\system32\runonce.exe
= 02–11–2006 20:49:44 [4072] *** Process: 2020 (parent 1192) C:\PROGRAM FILES\ATI TECHNOLOGIES\ATI.ACE\cli.exe:
= 02–11–2006 20:49:44 apn–scan(cli.exe): 48 microseconds
= 02–11–2006 20:49:44 [4072] ap–scan [47ms]: NO THREAT found in file C:\PROGRAM FILES\ATI TECHNOLOGIES\ATI.ACE\cli.exe
= 02–11–2006 20:49:47 [4000] *** Process: 3988 (parent 932) C:\WINDOWS\System32\wbem\wmiprvse.exe:
= 02–11–2006 20:49:47 apn–scan(wmiprvse.exe): 48 microseconds
= 02–11–2006 20:49:47 [4000] ap–scan [47ms]: NO THREAT found in file C:\WINDOWS\System32\wbem\wmiprvse.exe
= 02–11–2006 20:50:12 [2244] *** Process: 2232 (parent 1616) D:\Odebrane pliki\Ati sterownik redeon\6–1_xp–2k_dd_ccc_wdm_enu_29602_redeon .exe:
= 02–11–2006 20:50:13 apn–scan(6–1_xp–2k_dd_ccc_wdm_enu_29602_redeon .exe): 37 microseconds
= 02–11–2006 20:50:13 [2244] ap–scan [94ms]: NO THREAT found in file D:\Odebrane pliki\Ati sterownik redeon\6–1_xp–2k_dd_ccc_wdm_enu_29602_redeon .exe
= 02–11–2006 20:50:41 [3360] *** Process: 3344 (parent 2232) D:\ATI\SUPPORT\6–1_xp–2k_dd_ccc_wdm_enu_29602\setup.exe:
= 02–11–2006 20:50:41 apn–scan(setup.exe): 35 microseconds
= 02–11–2006 20:50:41 [3360] ap–scan [62ms]: NO THREAT found in file D:\ATI\SUPPORT\6–1_xp–2k_dd_ccc_wdm_enu_29602\setup.exe
= 02–11–2006 20:50:42 [3788] *** Process: 2112 (parent 3344) D:\ATI\SUPPORT\6–1_xp–2k_dd_ccc_wdm_enu_29602\issetup.exe:
= 02–11–2006 20:50:42 apn–scan(issetup.exe): 36 microseconds
= 02–11–2006 20:50:42 [3788] ap–scan [62ms]: NO THREAT found in file D:\ATI\SUPPORT\6–1_xp–2k_dd_ccc_wdm_enu_29602\issetup.exe
= 02–11–2006 20:50:42 [2084] *** Process: 1956 (parent 2112) C:\Program Files\Common Files\InstallShield\engine\6\Intel 32\IKernel.exe:
= 02–11–2006 20:50:42 apn–scan(IKernel.exe): 49 microseconds
= 02–11–2006 20:50:42 [2084] ap–scan [156ms]: NO THREAT found in file C:\Program Files\Common Files\InstallShield\engine\6\Intel 32\IKernel.exe
= 02–11–2006 20:50:43 [3624] *** Process: 3584 (parent 932) C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\IKernel.exe:
= 02–11–2006 20:50:43 apn–scan(IKernel.exe): 45 microseconds
= 02–11–2006 20:50:43 [3624] ap–scan [172ms]: NO THREAT found in file C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\IKernel.exe
= 02–11–2006 20:50:43 [3684] *** Process: 3676 (parent 3584) C:\Program Files\Common Files\InstallShield\engine\6\Intel 32\iKernel.exe:
= 02–11–2006 20:50:43 apn–scan(iKernel.exe): 49 microseconds
= 02–11–2006 20:50:43 [3684] ap–scan [157ms]: NO THREAT found in file C:\Program Files\Common Files\InstallShield\engine\6\Intel 32\iKernel.exe
= 02–11–2006 20:51:04 [1492] *** Process: 1640 (parent 3584) D:\ATI\SUPPORT\6–1_xp–2k_dd_ccc_wdm_enu_29602\AtiCim.bin:
= 02–11–2006 20:51:04 apn–scan(AtiCim.bin): 35 microseconds
= 02–11–2006 20:51:04 [1492] ap–scan [31ms]: NO THREAT found in file D:\ATI\SUPPORT\6–1_xp–2k_dd_ccc_wdm_enu_29602\AtiCim.bin
= 02–11–2006 20:51:05 [3520] *** Process: 3768 (parent 1640) D:\ATI\SUPPORT\6–1_xp–2k_dd_ccc_wdm_enu_29602\Driver\setup.exe:
= 02–11–2006 20:51:05 apn–scan(setup.exe): 38 microseconds
= 02–11–2006 20:51:05 [3520] ap–scan [16ms]: NO THREAT found in file D:\ATI\SUPPORT\6–1_xp–2k_dd_ccc_wdm_enu_29602\Driver\setup.exe
= 02–11–2006 20:51:06 [1884] *** Process: 2104 (parent 3768) C:\Program Files\Common Files\InstallShield\engine\6\Intel 32\IKernel.exe:
= 02–11–2006 20:51:06 apn–scan(IKernel.exe): 47 microseconds
= 02–11–2006 20:51:06 [1884] ap–scan [157ms]: NO THREAT found in file C:\Program Files\Common Files\InstallShield\engine\6\Intel 32\IKernel.exe
= 02–11–2006 20:51:06 [2184] *** Process: 2180 (parent 932) C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\IKernel.exe:
= 02–11–2006 20:51:06 apn–scan(IKernel.exe): 45 microseconds
= 02–11–2006 20:51:06 [2184] ap–scan [156ms]: NO THREAT found in file C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\IKernel.exe
= 02–11–2006 20:51:06 [2292] *** Process: 2244 (parent 2180) C:\Program Files\Common Files\InstallShield\engine\6\Intel 32\iKernel.exe:
= 02–11–2006 20:51:06 apn–scan(iKernel.exe): 49 microseconds
= 02–11–2006 20:51:06 [2292] ap–scan [156ms]: NO THREAT found in file C:\Program Files\Common Files\InstallShield\engine\6\Intel 32\iKernel.exe
= 02–11–2006 20:51:10 [2432] *** Process: 2760 (parent 2180) C:\WINDOWS\regedit.exe:
= 02–11–2006 20:51:10 apn–scan(regedit.exe): 43 microseconds
= 02–11–2006 20:51:10 [2432] ap–scan [31ms]: NO THREAT found in file C:\WINDOWS\regedit.exe
= 02–11–2006 20:51:16 [3100] *** Process: 3088 (parent 2180) C:\WINDOWS\System32\runonce.exe:
= 02–11–2006 20:51:16 apn–scan(runonce.exe): 48 microseconds
= 02–11–2006 20:51:16 [3100] ap–scan [16ms]: NO THREAT found in file C:\WINDOWS\System32\runonce.exe
= 02–11–2006 20:51:18 [992] *** Process: 1556 (parent 2180) C:\WINDOWS\system32\ati2sgag.exe:
= 02–11–2006 20:51:18 apn–scan(ati2sgag.exe): 47 microseconds
= 02–11–2006 20:51:18 [992] ap–scan [125ms]: NO THREAT found in file C:\WINDOWS\system32\ati2sgag.exe
= 02–11–2006 20:51:25 [3632] *** Process: 3640 (parent 1640) D:\ATI\SUPPORT\6–1_xp–2k_dd_ccc_wdm_enu_29602\ACE\setup.exe:
= 02–11–2006 20:51:26 apn–scan(setup.exe): 40 microseconds
= 02–11–2006 20:51:26 [3632] ap–scan [125ms]: NO THREAT found in file D:\ATI\SUPPORT\6–1_xp–2k_dd_ccc_wdm_enu_29602\ACE\setup.exe
= 02–11–2006 20:51:29 [3588] *** Process: 3532 (parent 720) C:\WINDOWS\System32\msiexec.exe:
= 02–11–2006 20:51:29 apn–scan(msiexec.exe): 45 microseconds
= 02–11–2006 20:51:29 [3588] ap–scan [15ms]: NO THREAT found in file C:\WINDOWS\System32\msiexec.exe
= 02–11–2006 20:51:32 [2024] *** Process: 3636 (parent 3640) C:\WINDOWS\system32\MSIEXEC.EXE:
= 02–11–2006 20:51:32 apn–scan(MSIEXEC.EXE): 47 microseconds
= 02–11–2006 20:51:32 [2024] ap–scan [32ms]: NO THREAT found in file C:\WINDOWS\system32\MSIEXEC.EXE
= 02–11–2006 20:51:32 [848] *** Process: 4000 (parent 3532) C:\WINDOWS\System32\MsiExec.exe:
= 02–11–2006 20:51:32 apn–scan(MsiExec.exe): 46 microseconds
= 02–11–2006 20:51:32 [848] ap–scan [31ms]: NO THREAT found in file C:\WINDOWS\System32\MsiExec.exe
= 02–11–2006 20:51:32 [212] *** Process: 796 (parent 932) C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe:
= 02–11–2006 20:51:32 apn–scan(IDriver.exe): 45 microseconds
= 02–11–2006 20:51:32 [212] ap–scan [188ms]: NO THREAT found in file C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe
= 02–11–2006 20:51:38 [216] *** Process: 3500 (parent 3532) C:\WINDOWS\System32\MsiExec.exe:
= 02–11–2006 20:51:38 apn–scan(MsiExec.exe): 49 microseconds
= 02–11–2006 20:51:38 [216] ap–scan [31ms]: NO THREAT found in file C:\WINDOWS\System32\MsiExec.exe
= 02–11–2006 20:51:38 [4080] *** Process: 2332 (parent 3532) C:\WINDOWS\Installer\MSI1F.tmp:
= 02–11–2006 20:51:38 apn–scan(MSI1F.tmp): 46 microseconds
= 02–11–2006 20:51:38 [4080] ap–scan [16ms]: NO THREAT found in file C:\WINDOWS\Installer\MSI1F.tmp
= 02–11–2006 20:52:50 [292] *** Process: 4012 (parent 1616) D:\Odebrane pliki\Ati sterownik redeon\6–1_ccc_pl_29602.exe:
= 02–11–2006 20:52:50 apn–scan(6–1_ccc_pl_29602.exe): 39 microseconds
= 02–11–2006 20:52:50 [292] ap–scan [78ms]: NO THREAT found in file D:\Odebrane pliki\Ati sterownik redeon\6–1_ccc_pl_29602.exe
= 02–11–2006 20:53:08 [1524] *** Process: 1756 (parent 4012) D:\ATI\SUPPORT\6–1_ccc_pl_29602\setup.exe:
= 02–11–2006 20:53:09 apn–scan(setup.exe): 36 microseconds
= 02–11–2006 20:53:09 [1524] ap–scan [125ms]: NO THREAT found in file D:\ATI\SUPPORT\6–1_ccc_pl_29602\setup.exe
= 02–11–2006 20:53:13 [3152] *** Process: 2072 (parent 1756) C:\WINDOWS\System32\MSIEXEC.EXE:
= 02–11–2006 20:53:13 apn–scan(MSIEXEC.EXE): 46 microseconds
= 02–11–2006 20:53:13 [3152] ap–scan [31ms]: NO THREAT found in file C:\WINDOWS\System32\MSIEXEC.EXE
= 02–11–2006 20:53:14 [3884] *** Process: 300 (parent 3532) C:\WINDOWS\System32\MsiExec.exe:
= 02–11–2006 20:53:14 apn–scan(MsiExec.exe): 47 microseconds
= 02–11–2006 20:53:14 [3884] ap–scan [32ms]: NO THREAT found in file C:\WINDOWS\System32\MsiExec.exe
= 02–11–2006 20:53:14 [160] *** Process: 3716 (parent 932) C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe:
= 02–11–2006 20:53:14 apn–scan(IDriver.exe): 44 microseconds
= 02–11–2006 20:53:14 [160] ap–scan [203ms]: NO THREAT found in file C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe
= 02–11–2006 20:53:27 [3884] *** Process: 2324 (parent 3532) C:\WINDOWS\System32\MsiExec.exe:
= 02–11–2006 20:53:27 apn–scan(MsiExec.exe): 46 microseconds
= 02–11–2006 20:53:27 [3884] ap–scan [16ms]: NO THREAT found in file C:\WINDOWS\System32\MsiExec.exe
= 02–11–2006 20:53:31 [2184] *** Process: 2200 (parent 932) C:\WINDOWS\System32\wbem\wmiprvse.exe:
= 02–11–2006 20:53:31 apn–scan(wmiprvse.exe): 48 microseconds
= 02–11–2006 20:53:31 [2184] ap–scan [46ms]: NO THREAT found in file C:\WINDOWS\System32\wbem\wmiprvse.exe
= 02–11–2006 20:53:31 [3516] *** Process: 1816 (parent 932) C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe:
= 02–11–2006 20:53:31 apn–scan(IDriver.exe): 46 microseconds
= 02–11–2006 20:53:31 [3516] ap–scan [188ms]: NO THREAT found in file C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe
= 02–11–2006 20:53:40 [2688] *** Process: 2076 (parent 1204) C:\WINDOWS\System32\regedt32.exe:
= 02–11–2006 20:53:40 apn–scan(regedt32.exe): 48 microseconds
= 02–11–2006 20:53:40 [2688] ap–scan [16ms]: NO THREAT found in file C:\WINDOWS\System32\regedt32.exe
= 02–11–2006 20:53:40 [2740] *** Process: 2732 (parent 2076) C:\WINDOWS\regedit.exe:
= 02–11–2006 20:53:40 apn–scan(regedit.exe): 46 microseconds
= 02–11–2006 20:53:40 [2740] ap–scan [156ms]: NO THREAT found in file C:\WINDOWS\regedit.exe
= 02–11–2006 20:53:48 [476] *** Process: 3272 (parent 3532) C:\WINDOWS\System32\MsiExec.exe:
= 02–11–2006 20:53:48 apn–scan(MsiExec.exe): 47 microseconds
= 02–11–2006 20:53:48 [476] ap–scan [31ms]: NO THREAT found in file C:\WINDOWS\System32\MsiExec.exe
= 02–11–2006 20:54:10 [2980] *** Process: 3856 (parent 3532) C:\WINDOWS\Installer\MSI436.tmp:
= 02–11–2006 20:54:10 apn–scan(MSI436.tmp): 46 microseconds
= 02–11–2006 20:54:10 [2980] ap–scan [31ms]: NO THREAT found in file C:\WINDOWS\Installer\MSI436.tmp
= 02–11–2006 20:54:36 [2940] *** Process: 2912 (parent 3532) C:\Program Files\ATI Technologies\ATI.ACE\atishlx.exe:
= 02–11–2006 20:54:36 apn–scan(atishlx.exe): 52 microseconds
= 02–11–2006 20:54:36 [2940] ap–scan [31ms]: NO THREAT found in file C:\Program Files\ATI Technologies\ATI.ACE\atishlx.exe
= 02–11–2006 20:54:36 [3044] *** Process: 2764 (parent 2912) C:\WINDOWS\System32\cmd.exe:
= 02–11–2006 20:54:36 apn–scan(cmd.exe): 48 microseconds
= 02–11–2006 20:54:36 [3044] ap–scan [360ms]: NO THREAT found in file C:\WINDOWS\System32\cmd.exe
= 02–11–2006 20:54:37 [3120] *** Process: 2276 (parent 2764) C:\WINDOWS\regedit.exe:
= 02–11–2006 20:54:37 apn–scan(regedit.exe): 45 microseconds
= 02–11–2006 20:54:37 [3120] ap–scan [47ms]: NO THREAT found in file C:\WINDOWS\regedit.exe
= 02–11–2006 20:54:37 [3132] *** Process: 2120 (parent 2764) C:\WINDOWS\regedit.exe:
= 02–11–2006 20:54:37 apn–scan(regedit.exe): 54 microseconds
= 02–11–2006 20:54:37 [3132] ap–scan [47ms]: NO THREAT found in file C:\WINDOWS\regedit.exe
= 02–11–2006 20:54:37 [3184] *** Process: 3156 (parent 2764) C:\Program Files\ATI Technologies\ATI.ACE\thunk.exe:
= 02–11–2006 20:54:37 apn–scan(thunk.exe): 45 microseconds
= 02–11–2006 20:54:37 [3184] ap–scan [31ms]: NO THREAT found in file C:\Program Files\ATI Technologies\ATI.ACE\thunk.exe
= 02–11–2006 20:54:37 [3208] *** Process: 444 (parent 2764) C:\Program Files\ATI Technologies\ATI.ACE\thunk.exe:
= 02–11–2006 20:54:37 apn–scan(thunk.exe): 45 microseconds
= 02–11–2006 20:54:37 [3208] ap–scan [15ms]: NO THREAT found in file C:\Program Files\ATI Technologies\ATI.ACE\thunk.exe
= 02–11–2006 20:54:52 [3492] *** Process: 3420 (parent 676) C:\WINDOWS\system32\logonui.exe:
= 02–11–2006 20:54:52 apn–scan(logonui.exe): 49 microseconds
= 02–11–2006 20:54:52 [3492] ap–scan [78ms]: NO THREAT found in file C:\WINDOWS\system32\logonui.exe
********* Spyware Nuker XT Log File **********
– Version: 4.5.40.1560 Build 1560
– Definition Database Date: 1/16/2006 08:36:25 AM (12867 entries)
– OS version: Windows XP 5.1.2600 []
– Default Browser: Opera (C:\Programy\Opera\Opera.exe)
– Browser Versions: IE:6.0.2600.0000;
– User ID: S–1–5–21–1757981266–492894223–682003330–1003
= 02–11–2006 20:56:19 database: 1/16/2006 08:36:25 AM (12867 entries)
= 02–11–2006 20:56:20 2009 exe signatures
= 02–11–2006 20:56:20 52 exe signatures
= 02–11–2006 20:56:21 Scan Locations: "C:\", "D:\"
= 02–11–2006 20:56:26 [1240] *** Process: 1232 (parent 720) C:\WINDOWS\system32\ati2sgag.exe:
= 02–11–2006 20:56:26 apn–scan(ati2sgag.exe): 48 microseconds
= 02–11–2006 20:56:26 [1240] ap–scan [156ms]: NO THREAT found in file C:\WINDOWS\system32\ati2sgag.exe
= 02–11–2006 20:56:26 [1388] *** Process: 1380 (parent 720) C:\Program Files\Eset\nod32krn.exe:
= 02–11–2006 20:56:28 apn–scan(nod32krn.exe): 53 microseconds
= 02–11–2006 20:56:28 [1388] ap–scan [2375ms]: NO THREAT found in file C:\Program Files\Eset\nod32krn.exe
= 02–11–2006 20:56:29 [1548] *** Process: 1536 (parent 720) C:\Programy\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe:
= 02–11–2006 20:56:29 apn–scan(StarWindService.exe): 46 microseconds
= 02–11–2006 20:56:29 [1548] ap–scan [546ms]: NO THREAT found in file C:\Programy\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
= 02–11–2006 20:56:37 [2024] *** Process: 2016 (parent 1380) C:\WINDOWS\System32\regedt32.exe:
= 02–11–2006 20:56:38 apn–scan(regedt32.exe): 50 microseconds
= 02–11–2006 20:56:38 [2024] ap–scan [860ms]: NO THREAT found in file C:\WINDOWS\System32\regedt32.exe
= 02–11–2006 20:56:38 [220] *** Process: 212 (parent 720) C:\WINDOWS\System32\imapi.exe:
= 02–11–2006 20:56:39 apn–scan(imapi.exe): 50 microseconds
= 02–11–2006 20:56:39 [220] ap–scan [1093ms]: NO THREAT found in file C:\WINDOWS\System32\imapi.exe
= 02–11–2006 20:56:41 [440] *** Process: 1080 (parent 1232) C:\WINDOWS\system32\ati2sgag.exe:
= 02–11–2006 20:56:41 [460] *** Process: 452 (parent 720) C:\WINDOWS\System32\wbem\wmiapsrv.exe:
= 02–11–2006 20:56:41 apn–scan(ati2sgag.exe): 48 microseconds
= 02–11–2006 20:56:41 [528] *** Process: 508 (parent 2016) C:\WINDOWS\regedit.exe:
= 02–11–2006 20:56:41 apn–scan(wmiapsrv.exe): 50 microseconds
= 02–11–2006 20:56:41 [440] ap–scan [407ms]: NO THREAT found in file C:\WINDOWS\system32\ati2sgag.exe
= 02–11–2006 20:56:41 apn–scan(regedit.exe): 47 microseconds
= 02–11–2006 20:56:42 [460] ap–scan [203ms]: NO THREAT found in file C:\WINDOWS\System32\wbem\wmiapsrv.exe
= 02–11–2006 20:56:42 [528] ap–scan [500ms]: NO THREAT found in file C:\WINDOWS\regedit.exe
= 02–11–2006 20:56:48 [1212] *** Process: 1144 (parent 1528) C:\Program Files\ATI Technologies\ATI.ACE\cli.exe:
= 02–11–2006 20:56:48 apn–scan(cli.exe): 50 microseconds
= 02–11–2006 20:56:48 [1212] ap–scan [328ms]: NO THREAT found in file C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
= 02–11–2006 20:56:49 [1880] *** Process: 1376 (parent 932) C:\WINDOWS\System32\wbem\wmiprvse.exe:
= 02–11–2006 20:56:50 apn–scan(wmiprvse.exe): 55 microseconds
= 02–11–2006 20:56:50 [1880] ap–scan [141ms]: NO THREAT found in file C:\WINDOWS\System32\wbem\wmiprvse.exe
= 02–11–2006 20:56:51 [2184] *** Process: 2176 (parent 1528) C:\Program Files\ATI Technologies\ATI.ACE\cli.exe:
= 02–11–2006 20:56:51 apn–scan(cli.exe): 49 microseconds
= 02–11–2006 20:56:51 [2184] ap–scan [94ms]: NO THREAT found in file C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
= 02–11–2006 20:56:54 [2404] *** Process: 2396 (parent 1528) C:\Program Files\ATI Technologies\ATI.ACE\cli.exe:
= 02–11–2006 20:56:54 apn–scan(cli.exe): 47 microseconds
= 02–11–2006 20:56:54 [2404] ap–scan [47ms]: NO THREAT found in file C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
= 02–11–2006 20:56:59 [2676] *** Process: 2668 (parent 376) C:\Program Files\ATI Technologies\ATI.ACE\cli.exe:
= 02–11–2006 20:56:59 apn–scan(cli.exe): 44 microseconds
= 02–11–2006 20:56:59 [2676] ap–scan [31ms]: NO THREAT found in file C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
= 02–11–2006 20:56:59 [2700] *** Process: 2692 (parent 376) C:\Program Files\ATI Technologies\ATI.ACE\cli.exe:
= 02–11–2006 20:56:59 apn–scan(cli.exe): 46 microseconds
= 02–11–2006 20:56:59 [2700] ap–scan [110ms]: NO THREAT found in file C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
= 02–11–2006 20:56:59 [2736] *** Process: 2728 (parent 376) C:\Program Files\ATI Technologies\ATI.ACE\cli.exe:
= 02–11–2006 20:56:59 apn–scan(cli.exe): 46 microseconds
= 02–11–2006 20:56:59 [2736] ap–scan [62ms]: NO THREAT found in file C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
= 02–11–2006 20:57:08 [3076] *** Process: 3068 (parent 2692) C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe:
= 02–11–2006 20:57:08 apn–scan(CLI.exe): 50 microseconds
= 02–11–2006 20:57:08 [3076] ap–scan [32ms]: NO THREAT found in file C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
= 02–11–2006 20:57:11 [3248] *** Process: 3240 (parent 720) C:\WINDOWS\System32\wbem\wmiapsrv.exe:
= 02–11–2006 20:57:11 apn–scan(wmiapsrv.exe): 49 microseconds
= 02–11–2006 20:57:11 [3248] ap–scan [62ms]: NO THREAT found in file C:\WINDOWS\System32\wbem\wmiapsrv.exe
= 02–11–2006 20:57:11 [3336] *** Process: 3328 (parent 720) C:\WINDOWS\System32\wbem\wmiapsrv.exe:
= 02–11–2006 20:57:11 apn–scan(wmiapsrv.exe): 49 microseconds
= 02–11–2006 20:57:11 [3336] ap–scan [32ms]: NO THREAT found in file C:\WINDOWS\System32\wbem\wmiapsrv.exe
= 02–11–2006 20:57:42 [468] *** Process: 1180 (parent 1528) C:\Program Files\ATI Technologies\ATI.ACE\cli.exe:
= 02–11–2006 20:57:42 apn–scan(cli.exe): 46 microseconds
= 02–11–2006 20:57:42 [468] ap–scan [32ms]: NO THREAT found in file C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
= 02–11–2006 20:59:45 [1192] *** Process: 1656 (parent 1648) C:\Programy\WinRAR\WinRAR.exe:
= 02–11–2006 20:59:46 apn–scan(WinRAR.exe): 42 microseconds
= 02–11–2006 20:59:46 [1192] ap–scan [265ms]: NO THREAT found in file C:\Programy\WinRAR\WinRAR.exe
= 02–11–2006 20:59:50 [2420] *** Process: 2416 (parent 1656) C:\DOCUME~1\Deus\USTAWI~1\Temp\Rar$EX00.859\Crack.eXe:
= 02–11–2006 20:59:50 apn–scan(Crack.eXe): 43 microseconds
= 02–11–2006 20:59:50 [2420] ap–scan [16ms]: NO THREAT found in file C:\DOCUME~1\Deus\USTAWI~1\Temp\Rar$EX00.859\Crack.eXe
= 02–11–2006 21:00:05 [224] *** Process: 2436 (parent 1648) C:\Programy\WinRAR\WinRAR.exe:
= 02–11–2006 21:00:06 apn–scan(WinRAR.exe): 42 microseconds
= 02–11–2006 21:00:06 [224] ap–scan [234ms]: NO THREAT found in file C:\Programy\WinRAR\WinRAR.exe
= 02–11–2006 21:00:17 [440] *** Process: 2876 (parent 1648) D:\P2P\eMule plus\Incoming\Spyware.Nuker.XT.v4.5.40.1560.incl.crack.TBE.by.ChingLiu\Crack.eXe:
= 02–11–2006 21:00:17 apn–scan(Crack.eXe): 41 microseconds
= 02–11–2006 21:00:17 [440] ap–scan [0ms]: NO THREAT found in file D:\P2P\eMule plus\Incoming\Spyware.Nuker.XT.v4.5.40.1560.incl.crack.TBE.by.ChingLiu\Crack.eXe
= 02–11–2006 21:00:21 [2964] *** Process: 1552 (parent 1648) D:\P2P\eMule plus\Incoming\Spyware.Nuker.XT.v4.5.40.1560.incl.crack.TBE.by.ChingLiu\Crack.eXe:
= 02–11–2006 21:00:21 apn–scan(Crack.eXe): 37 microseconds
= 02–11–2006 21:00:21 [2964] ap–scan [0ms]: NO THREAT found in file D:\P2P\eMule plus\Incoming\Spyware.Nuker.XT.v4.5.40.1560.incl.crack.TBE.by.ChingLiu\Crack.eXe
= 02–11–2006 21:01:08 [3804] *** Process: 3800 (parent 1648) D:\Antivirusy\Spyware Nuker\Crack.eXe:
= 02–11–2006 21:01:09 apn–scan(Crack.eXe): 37 microseconds
= 02–11–2006 21:01:09 [3804] ap–scan [15ms]: NO THREAT found in file D:\Antivirusy\Spyware Nuker\Crack.eXe
= 02–11–2006 21:03:11 [2652] *** Process: 3828 (parent 1648) D:\P2P\Ares\Ares.exe:
= 02–11–2006 21:03:12 apn–scan(Ares.exe): 34 microseconds
= 02–11–2006 21:03:12 [2652] ap–scan [187ms]: NO THREAT found in file D:\P2P\Ares\Ares.exe
= 02–11–2006 21:04:06 [2632] *** Process: 2624 (parent 332) C:\Odtwarzacze\Winamp\winamp.exe:
= 02–11–2006 21:04:06 apn–scan(winamp.exe): 41 microseconds
= 02–11–2006 21:04:06 [2632] ap–scan [735ms]: NO THREAT found in file C:\Odtwarzacze\Winamp\winamp.exe
= 02–11–2006 21:04:07 [2684] *** Process: 2808 (parent 332) C:\Odtwarzacze\Winamp\winamp.exe:
= 02–11–2006 21:04:07 apn–scan(winamp.exe): 44 microseconds
= 02–11–2006 21:04:07 [2684] ap–scan [360ms]: NO THREAT found in file C:\Odtwarzacze\Winamp\winamp.exe
= 02–11–2006 21:04:07 [2736] *** Process: 2752 (parent 332) C:\Odtwarzacze\Winamp\winamp.exe:
= 02–11–2006 21:04:07 apn–scan(winamp.exe): 41 microseconds
= 02–11–2006 21:04:07 [2736] ap–scan [359ms]: NO THREAT found in file C:\Odtwarzacze\Winamp\winamp.exe
= 02–11–2006 21:04:07 [2608] *** Process: 2800 (parent 332) C:\Odtwarzacze\Winamp\winamp.exe:
= 02–11–2006 21:04:08 apn–scan(winamp.exe): 40 microseconds
= 02–11–2006 21:04:08 [2608] ap–scan [391ms]: NO THREAT found in file C:\Odtwarzacze\Winamp\winamp.exe
= 02–11–2006 21:04:08 [2524] *** Process: 2512 (parent 332) C:\Odtwarzacze\Winamp\winamp.exe:
= 02–11–2006 21:04:08 apn–scan(winamp.exe): 41 microseconds
= 02–11–2006 21:04:08 [2524] ap–scan [344ms]: NO THREAT found in file C:\Odtwarzacze\Winamp\winamp.exe
= 02–11–2006 21:04:08 [436] *** Process: 2852 (parent 332) C:\Odtwarzacze\Winamp\winamp.exe:
= 02–11–2006 21:04:08 apn–scan(winamp.exe): 44 microseconds
= 02–11–2006 21:04:09 [436] ap–scan [375ms]: NO THREAT found in file C:\Odtwarzacze\Winamp\winamp.exe
= 02–11–2006 21:04:09 [2896] *** Process: 2892 (parent 332) C:\Odtwarzacze\Winamp\winamp.exe:
= 02–11–2006 21:04:09 apn–scan(winamp.exe): 42 microseconds
= 02–11–2006 21:04:09 [2896] ap–scan [344ms]: NO THREAT found in file C:\Odtwarzacze\Winamp\winamp.exe
= 02–11–2006 21:04:23 [1544] *** Process: 3236 (parent 2692) C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe:
= 02–11–2006 21:04:24 apn–scan(CLI.exe): 61 microseconds
= 02–11–2006 21:04:24 [1544] ap–scan [125ms]: NO THREAT found in file C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
= 02–11–2006 21:04:31 [3480] *** Process: 3468 (parent 932) C:\WINDOWS\System32\wbem\wmiprvse.exe:
= 02–11–2006 21:04:31 apn–scan(wmiprvse.exe): 53 microseconds
= 02–11–2006 21:04:31 [3480] ap–scan [141ms]: NO THREAT found in file C:\WINDOWS\System32\wbem\wmiprvse.exe
= 02–11–2006 21:05:43 [2380] *** Process: 2568 (parent 1648) C:\Odtwarzacze\Winamp\winamp.exe:
= 02–11–2006 21:05:44 apn–scan(winamp.exe): 42 microseconds
= 02–11–2006 21:05:44 [2380] ap–scan [641ms]: NO THREAT found in file C:\Odtwarzacze\Winamp\winamp.exe
= 02–11–2006 21:05:47 [2508] *** Process: 2608 (parent 1648) C:\Odtwarzacze\Winamp\winamp.exe:
= 02–11–2006 21:05:47 [2848] *** Process: 2784 (parent 1648) C:\Odtwarzacze\Winamp\winamp.exe:
= 02–11–2006 21:05:47 apn–scan(winamp.exe): 43 microseconds
= 02–11–2006 21:05:48 [2508] ap–scan [735ms]: NO THREAT found in file C:\Odtwarzacze\Winamp\winamp.exe
= 02–11–2006 21:05:48 apn–scan(winamp.exe): 42 microseconds
= 02–11–2006 21:05:48 [2848] ap–scan [672ms]: NO THREAT found in file C:\Odtwarzacze\Winamp\winamp.exe
= 02–11–2006 21:09:38 [2860] *** Process: 2836 (parent 1648) C:\Program Files\ATI Technologies\ATI.ACE\cli.exe:
= 02–11–2006 21:09:38 apn–scan(cli.exe): 47 microseconds
= 02–11–2006 21:09:38 [2860] ap–scan [31ms]: NO THREAT found in file C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
= 02–11–2006 21:09:41 [2976] *** Process: 2964 (parent 932) C:\WINDOWS\System32\wbem\wmiprvse.exe:
= 02–11–2006 21:09:41 apn–scan(wmiprvse.exe): 50 microseconds
= 02–11–2006 21:09:41 [2976] ap–scan [62ms]: NO THREAT found in file C:\WINDOWS\System32\wbem\wmiprvse.exe
= 02–11–2006 21:11:33 [4056] *** Process: 4040 (parent 1648) C:\Program Files\ATI Technologies\ATI.ACE\cli.exe:
= 02–11–2006 21:11:33 apn–scan(cli.exe): 47 microseconds
= 02–11–2006 21:11:33 [4056] ap–scan [31ms]: NO THREAT found in file C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
= 02–11–2006 21:11:59 [2412] *** Process: 2532 (parent 1648) D:\ATI\SUPPORT\Hydrovision\MagnifyFX.exe:
= 02–11–2006 21:11:59 apn–scan(MagnifyFX.exe): 43 microseconds
= 02–11–2006 21:11:59 [2412] ap–scan [109ms]: NO THREAT found in file D:\ATI\SUPPORT\Hydrovision\MagnifyFX.exe
= 02–11–2006 21:12:07 [2940] *** Process: 2880 (parent 1648) D:\ATI\SUPPORT\Hydrovision\HydraCPL.exe:
= 02–11–2006 21:12:07 apn–scan(HydraCPL.exe): 53 microseconds
= 02–11–2006 21:12:07 [2940] ap–scan [46ms]: NO THREAT found in file D:\ATI\SUPPORT\Hydrovision\HydraCPL.exe
= 02–11–2006 21:13:33 [3460] *** Process: 820 (parent 1648) D:\P2P\eMule\emule.exe:
= 02–11–2006 21:13:34 apn–scan(emule.exe): 34 microseconds
= 02–11–2006 21:13:34 [3460] ap–scan [969ms]: NO THREAT found in file D:\P2P\eMule\emule.exe
= 02–11–2006 21:14:10 [1956] *** Process: 532 (parent 1648) C:\WINDOWS\system32\NOTEPAD.EXE:
= 02–11–2006 21:14:10 apn–scan(NOTEPAD.EXE): 48 microseconds
= 02–11–2006 21:14:10 [1956] ap–scan [47ms]: NO THREAT found in file C:\WINDOWS\system32\NOTEPAD.EXE
= 02–11–2006 21:14:30 [2956] *** Process: 2696 (parent 228) C:\WINDOWS\hh.exe:
= 02–11–2006 21:14:30 apn–scan(hh.exe): 48 microseconds
= 02–11–2006 21:14:30 [2956] ap–scan [47ms]: NO THREAT found in file C:\WINDOWS\hh.exe
= 02–11–2006 21:15:03 [3348] *** Process: 3340 (parent 228) C:\Program Files\INAC\StartUp Manager\StartupManager.exe:
= 02–11–2006 21:15:03 apn–scan(StartupManager.exe): 52 microseconds
= 02–11–2006 21:15:03 [3348] ap–scan [266ms]: NO THREAT found in file C:\Program Files\INAC\StartUp Manager\StartupManager.exe
= 02–11–2006 21:15:19 process list begins (scan)
= 02–11–2006 21:15:19 0584 \SystemRoot\System32\smss.exe
= 02–11–2006 21:15:19 0648 C:\WINDOWS\system32\csrss.exe
= 02–11–2006 21:15:19 0676 C:\WINDOWS\system32\winlogon.exe
= 02–11–2006 21:15:19 0720 C:\WINDOWS\system32\services.exe
= 02–11–2006 21:15:19 0732 C:\WINDOWS\syst
Prosze ponownie sprawdzi log,
Logfile of HijackThis v1.99.1
Scan saved at 17:44:29, on 2006–02–24
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Eset\nod32krn.exe
E:\Programy\Alcohol ..9.5\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Eset\nod32kui.exe
E:\Antivirusy\Spyware Nuker\swnxt.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
E:\Odtwarzacze\PowerDVD\PDVDServ.exe
C:\Program Files\Hewlett–Packard\HP Software Update\HPWuSchd2.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
E:\Programy\D–Link AirPlus\AirPlus.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
E:\P2P\eMule plus\eMule.exe
E:\P2P\eMule\emule.exe
C:\WINDOWS\system32\ntvdm.exe
E:\Programy\Przeglondarka internetowa\Opera\Opera.exe
C:\PROGRA~1\GetRight\getright.exe
C:\PROGRA~1\GetRight\getright.exe
E:\Antivirusy\hijackthis\HijackThis.exe
R1 – HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R0 – HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
O2 – BHO: AcroIEHlprObj Class – {06849E9F–C8D7–4D59–B87D–784B7D6BE0B3} – E:\Programy\Acrobat 5.0 CE\Reader\ActiveX\AcroIEHelper.ocx
O2 – BHO: bho2gr Class – {31FF080D–12A3–439A–A2EF–4BA95A3148E8} – C:\Program Files\GetRight\xx2gr.dll
O2 – BHO: (no name) – {53707962–6F74–2D53–2644–206D7942484F} – E:\Antivirusy\Spybot – Search & Destroy\SDHelper.dll
O2 – BHO: SSVHelper Class – {761497BB–D6F0–462C–B6EB–D4DAF1D92D43} – C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O4 – HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 – HKLM\..\Run: [SWN2] E:\Antivirusy\Spyware Nuker\swnxt.exe /h
O4 – HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 – HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime –Delay
O4 – HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 – HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe
O4 – HKLM\..\Run: [RemoteControl] E:\Odtwarzacze\PowerDVD\PDVDServ.exe
O4 – HKLM\..\Run: [HP Software Update] C:\Program Files\Hewlett–Packard\HP Software Update\HPWuSchd2.exe
O4 – HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 – HKLM\..\Run: [BearShare] "E:\P2P\BearShare\BearShare.exe" /pause
O4 – HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 – Global Startup: D–Link AirPlus.lnk = ?
O4 – Global Startup: GetRight – Tray Icon.lnk = C:\Program Files\GetRight\getright.exe
O4 – Global Startup: Microsoft Office.lnk = E:\Programy\Microsoft Office\Office10\OSA.EXE
O8 – Extra context menu item: E&ksport do programu Microsoft Excel – res://E:\Programy\MICROS~1\Office10\EXCEL.EXE/3000
O9 – Extra button: (no name) – {08B0E5C0–4FCB–11CF–AAA5–00401C608501} – C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 – Extra 'Tools' menuitem: Sun Java Console – {08B0E5C0–4FCB–11CF–AAA5–00401C608501} – C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 – Extra button: Messenger – {FB5F1910–F110–11d2–BB9E–00C04F795683} – C:\Program Files\Messenger\msmsgs.exe
O9 – Extra 'Tools' menuitem: Windows Messenger – {FB5F1910–F110–11d2–BB9E–00C04F795683} – C:\Program Files\Messenger\msmsgs.exe
O23 – Service: Ati HotKey Poller – ATI Technologies Inc. – C:\WINDOWS\system32\Ati2evxx.exe
O23 – Service: ATI Smart – Unknown owner – C:\WINDOWS\system32\ati2sgag.exe
O23 – Service: NOD32 Kernel Service (NOD32krn) – Eset – C:\Program Files\Eset\nod32krn.exe
O23 – Service: StarWind iSCSI Service (StarWindService) – Rocket Division Software – E:
\Programy\Alcohol ..9.5\Alcohol 120\StarWind\StarWindService.exe
********* Spyware Nuker XT Log File **********
– Version: 4.5.40.1560 Build 1560
– Definition Database Date: 1/16/2006 08:36:25 AM (12867 entries)
– OS version: Windows XP 5.1.2600 []
– Default Browser: IExplore (C:\Program Files\Internet Explorer\iexplore.exe)
– Browser Versions: IE:6.0.2600.0000;
– User ID: S–1–5–21–1757981266–492894223–682003330–1003
= 02–11–2006 18:44:56 database: 1/16/2006 08:36:25 AM (12867 entries)
= 02–11–2006 18:44:56 2009 exe signatures
= 02–11–2006 18:44:56 52 exe signatures
= 02–11–2006 18:44:57 Scan Locations: "C:\", "D:\"
= 02–11–2006 18:44:57 restored essential registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main|Default_Page_URL => "about:blank"
= 02–11–2006 18:44:57 restored essential registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main|Default_Search_URL => "http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
= 02–11–2006 18:44:57 [396] *** Process: 348 (parent 900) C:\WINDOWS\System32\rasautou.exe:
= 02–11–2006 18:44:57 apn–scan(rasautou.exe): 46 microseconds
= 02–11–2006 18:44:57 [396] ap–scan [0ms]: NO THREAT found in file C:\WINDOWS\System32\rasautou.exe
= 02–11–2006 18:45:22 [604] *** Process: 404 (parent 988) C:\DOCUME~1\Deus\USTAWI~1\Temp\Rar$EX04.079\Crack.eXe:
= 02–11–2006 18:45:22 apn–scan(Crack.eXe): 43 microseconds
= 02–11–2006 18:45:22 [604] ap–scan [0ms]: NO THREAT found in file C:\DOCUME~1\Deus\USTAWI~1\Temp\Rar$EX04.079\Crack.eXe
= 02–11–2006 18:45:30 [864] *** Process: 124 (parent 988) C:\DOCUME~1\Deus\USTAWI~1\Temp\Rar$EX05.375\Crack.eXe:
= 02–11–2006 18:45:30 apn–scan(Crack.eXe): 42 microseconds
= 02–11–2006 18:45:30 [864] ap–scan [15ms]: NO THREAT found in file C:\DOCUME~1\Deus\USTAWI~1\Temp\Rar$EX05.375\Crack.eXe
= 02–11–2006 18:46:08 [836] *** Process: 520 (parent 1072) D:\Antivirusy\Crack.eXe:
= 02–11–2006 18:46:08 apn–scan(Crack.eXe): 34 microseconds
= 02–11–2006 18:46:08 [836] ap–scan [16ms]: NO THREAT found in file D:\Antivirusy\Crack.eXe
= 02–11–2006 18:46:13 [364] *** Process: 488 (parent 1072) D:\Antivirusy\Spyware Nuker\Crack.eXe:
= 02–11–2006 18:46:13 apn–scan(Crack.eXe): 39 microseconds
= 02–11–2006 18:46:13 [364] ap–scan [16ms]: NO THREAT found in file D:\Antivirusy\Spyware Nuker\Crack.eXe
= 02–11–2006 18:46:16 [936] *** Process: 2004 (parent 1072) D:\Antivirusy\Spyware Nuker\Crack.eXe:
= 02–11–2006 18:46:16 apn–scan(Crack.eXe): 35 microseconds
= 02–11–2006 18:46:16 [936] ap–scan [0ms]: NO THREAT found in file D:\Antivirusy\Spyware Nuker\Crack.eXe
= 02–11–2006 18:46:21 [796] *** Process: 444 (parent 1072) D:\Antivirusy\Spyware Nuker\swnxt.exe:
= 02–11–2006 18:46:21 apn–scan(swnxt.exe): 40 microseconds
= 02–11–2006 18:46:21 [796] ap–scan [203ms]: NO THREAT found in file D:\Antivirusy\Spyware Nuker\swnxt.exe
********* Spyware Nuker XT Log File **********
– Version: 4.5.40.1560 Build 1560
– Definition Database Date: 1/16/2006 08:36:25 AM (12867 entries)
– OS version: Windows XP 5.1.2600 []
– Default Browser: IExplore (C:\Program Files\Internet Explorer\iexplore.exe)
– Browser Versions: IE:6.0.2600.0000;
– User ID: S–1–5–21–1757981266–492894223–682003330–1003
= 02–11–2006 18:46:21 database: 1/16/2006 08:36:25 AM (12867 entries)
= 02–11–2006 18:46:22 2009 exe signatures
= 02–11–2006 18:46:22 52 exe signatures
= 02–11–2006 18:46:49 [920] *** Process: 1064 (parent 900) C:\WINDOWS\System32\rundll32.exe:
= 02–11–2006 18:46:49 apn–scan(rundll32.exe): 46 microseconds
= 02–11–2006 18:46:49 [920] ap–scan [31ms]: NO THREAT found in file C:\WINDOWS\System32\rundll32.exe
= 02–11–2006 18:46:49 [1508] *** Process: 1136 (parent 668) C:\WINDOWS\System32\imapi.exe:
= 02–11–2006 18:46:49 apn–scan(imapi.exe): 46 microseconds
= 02–11–2006 18:46:49 [1508] ap–scan [31ms]: NO THREAT found in file C:\WINDOWS\System32\imapi.exe
= 02–11–2006 18:47:06 [1500] *** Process: 464 (parent 900) C:\WINDOWS\System32\rundll32.exe:
= 02–11–2006 18:47:06 apn–scan(rundll32.exe): 46 microseconds
= 02–11–2006 18:47:06 [1500] ap–scan [0ms]: NO THREAT found in file C:\WINDOWS\System32\rundll32.exe
= 02–11–2006 18:47:06 [648] *** Process: 752 (parent 668) C:\WINDOWS\System32\imapi.exe:
= 02–11–2006 18:47:06 apn–scan(imapi.exe): 47 microseconds
= 02–11–2006 18:47:06 [648] ap–scan [16ms]: NO THREAT found in file C:\WINDOWS\System32\imapi.exe
= 02–11–2006 18:47:07 [1232] *** Process: 1188 (parent 1072) E:\AUTORUN.EXE:
= 02–11–2006 18:47:08 apn–scan(AUTORUN.EXE): 33 microseconds
= 02–11–2006 18:47:08 [1232] ap–scan [844ms]: NO THREAT found in file E:\AUTORUN.EXE
= 02–11–2006 18:47:12 [1460] *** Process: 1156 (parent 1072) C:\WINDOWS\system32\rundll32.exe:
= 02–11–2006 18:47:12 apn–scan(rundll32.exe): 48 microseconds
= 02–11–2006 18:47:12 [1460] ap–scan [16ms]: NO THREAT found in file C:\WINDOWS\system32\rundll32.exe
= 02–11–2006 18:47:13 [1140] *** Process: 952 (parent 848) C:\WINDOWS\System32\wbem\wmiprvse.exe:
= 02–11–2006 18:47:13 apn–scan(wmiprvse.exe): 49 microseconds
= 02–11–2006 18:47:13 [1140] ap–scan [62ms]: NO THREAT found in file C:\WINDOWS\System32\wbem\wmiprvse.exe
= 02–11–2006 18:47:15 [1664] *** Process: 1548 (parent 1156) C:\WINDOWS\System32\mmc.exe:
= 02–11–2006 18:47:16 apn–scan(mmc.exe): 45 microseconds
= 02–11–2006 18:47:16 [1664] ap–scan [172ms]: NO THREAT found in file C:\WINDOWS\System32\mmc.exe
= 02–11–2006 18:47:45 [1680] *** Process: 1688 (parent 1072) C:\WINDOWS\system32\rundll32.exe:
= 02–11–2006 18:47:45 apn–scan(rundll32.exe): 48 microseconds
= 02–11–2006 18:47:45 [1680] ap–scan [16ms]: NO THREAT found in file C:\WINDOWS\system32\rundll32.exe
= 02–11–2006 18:49:09 [1968] *** Process: 1964 (parent 1688) C:\WINDOWS\system32\runonce.exe:
= 02–11–2006 18:49:09 apn–scan(runonce.exe): 48 microseconds
= 02–11–2006 18:49:09 [1968] ap–scan [15ms]: NO THREAT found in file C:\WINDOWS\system32\runonce.exe
= 02–11–2006 18:49:10 [1952] *** Process: 1792 (parent 1688) C:\WINDOWS\system32\runonce.exe:
= 02–11–2006 18:49:10 apn–scan(runonce.exe): 48 microseconds
= 02–11–2006 18:49:10 [1952] ap–scan [0ms]: NO THREAT found in file C:\WINDOWS\system32\runonce.exe
= 02–11–2006 18:49:20 [976] *** Process: 984 (parent 1072) C:\WINDOWS\System32\rundll32.exe:
= 02–11–2006 18:49:20 apn–scan(rundll32.exe): 48 microseconds
= 02–11–2006 18:49:20 [976] ap–scan [0ms]: NO THREAT found in file C:\WINDOWS\System32\rundll32.exe
= 02–11–2006 18:50:03 [1892] *** Process: 292 (parent 1072) C:\Program Files\Internet Explorer\iexplore.exe:
= 02–11–2006 18:50:03 apn–scan(iexplore.exe): 47 microseconds
= 02–11–2006 18:50:03 [1892] ap–scan [31ms]: NO THREAT found in file C:\Program Files\Internet Explorer\iexplore.exe
= 02–11–2006 18:50:41 [1660] *** Process: 532 (parent 900) C:\WINDOWS\System32\rundll32.exe:
= 02–11–2006 18:50:41 apn–scan(rundll32.exe): 47 microseconds
= 02–11–2006 18:50:41 [1660] ap–scan [16ms]: NO THREAT found in file C:\WINDOWS\System32\rundll32.exe
= 02–11–2006 18:50:41 [968] *** Process: 1956 (parent 668) C:\WINDOWS\System32\imapi.exe:
= 02–11–2006 18:50:41 apn–scan(imapi.exe): 46 microseconds
= 02–11–2006 18:50:41 [968] ap–scan [32ms]: NO THREAT found in file C:\WINDOWS\System32\imapi.exe
= 02–11–2006 18:50:56 [1820] *** Process: 996 (parent 900) \\?\C:\WINDOWS\system32\WBEM\WMIADAP.EXE:
= 02–11–2006 18:50:56 apn–scan(WMIADAP.EXE): 36 microseconds
= 02–11–2006 18:50:56 [1820] ap–scan [78ms]: NO THREAT found in file \\?\C:\WINDOWS\system32\WBEM\WMIADAP.EXE
= 02–11–2006 18:50:56 [1212] *** Process: 432 (parent 848) C:\WINDOWS\System32\wbem\wmiprvse.exe:
= 02–11–2006 18:50:57 apn–scan(wmiprvse.exe): 48 microseconds
= 02–11–2006 18:50:57 [1212] ap–scan [47ms]: NO THREAT found in file C:\WINDOWS\System32\wbem\wmiprvse.exe
********* Spyware Nuker XT Log File **********
– Version: 4.5.40.1560 Build 1560
– Definition Database Date: 1/16/2006 08:36:25 AM (12867 entries)
– OS version: Windows XP 5.1.2600 []
– Default Browser: Opera (C:\Programy\Opera\Opera.exe)
– Browser Versions: IE:6.0.2600.0000;
– User ID: S–1–5–21–1757981266–492894223–682003330–1003
= 02–11–2006 20:32:41 database: 1/16/2006 08:36:25 AM (12867 entries)
= 02–11–2006 20:32:46 2009 exe signatures
= 02–11–2006 20:32:46 52 exe signatures
= 02–11–2006 20:33:05 Scan Locations: "C:\", "D:\"
= 02–11–2006 20:33:14 [744] *** Process: 720 (parent 728) C:\WINDOWS\System32\wbem\wmiprvse.exe:
= 02–11–2006 20:33:14 apn–scan(wmiprvse.exe): 51 microseconds
= 02–11–2006 20:33:14 [744] ap–scan [140ms]: NO THREAT found in file C:\WINDOWS\System32\wbem\wmiprvse.exe
= 02–11–2006 20:33:24 [1648] *** Process: 1632 (parent 540) C:\WINDOWS\System32\wbem\wmiapsrv.exe:
= 02–11–2006 20:33:24 apn–scan(wmiapsrv.exe): 49 microseconds
= 02–11–2006 20:33:24 [1648] ap–scan [62ms]: NO THREAT found in file C:\WINDOWS\System32\wbem\wmiapsrv.exe
= 02–11–2006 20:33:26 process list begins (scan)
= 02–11–2006 20:33:26 0416 \SystemRoot\System32\smss.exe
= 02–11–2006 20:33:26 0472 C:\WINDOWS\system32\csrss.exe
= 02–11–2006 20:33:26 0496 C:\WINDOWS\system32\winlogon.exe
= 02–11–2006 20:33:26 0540 C:\WINDOWS\system32\services.exe
= 02–11–2006 20:33:26 0552 C:\WINDOWS\system32\lsass.exe
= 02–11–2006 20:33:26 0728 C:\WINDOWS\system32\svchost.exe
= 02–11–2006 20:33:26 0780 C:\WINDOWS\System32\svchost.exe
= 02–11–2006 20:33:26 0844 C:\WINDOWS\System32\svchost.exe
= 02–11–2006 20:33:26 0868 C:\WINDOWS\System32\svchost.exe
= 02–11–2006 20:33:26 0948 C:\WINDOWS\system32\spoolsv.exe
= 02–11–2006 20:33:26 1124 C:\Program Files\Eset\nod32krn.exe
= 02–11–2006 20:33:26 1156 C:\Programy\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
= 02–11–2006 20:33:26 1680 C:\WINDOWS\Explorer.EXE
= 02–11–2006 20:33:26 1892 C:\Program Files\Eset\nod32kui.exe
= 02–11–2006 20:33:26 1980 D:\Antivirusy\Spyware Nuker\swnxt.exe
= 02–11–2006 20:33:26 2012 C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
= 02–11–2006 20:33:26 2032 C:\WINDOWS\System32\RunDll32.exe
= 02–11–2006 20:33:26 0216 C:\Programy\PowerDVD\PDVDServ.exe
= 02–11–2006 20:33:26 0244 C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
= 02–11–2006 20:33:26 0276 C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb10.exe
= 02–11–2006 20:33:26 0296 C:\Program Files\Hewlett–Packard\HP Software Update\HPWuSchd2.exe
= 02–11–2006 20:33:26 0352 C:\Odtwarzacze\Winamp\winampa.exe
= 02–11–2006 20:33:26 0348 D:\P2P\Ares\Ares.exe
= 02–11–2006 20:33:26 0720 C:\WINDOWS\System32\wbem\wmiprvse.exe
= 02–11–2006 20:33:26 process list ends (scan)
= 02–11–2006 20:33:35 Will scan the following folders:
= 02–11–2006 20:33:35 1: C:\
= 02–11–2006 20:33:35 2: D:\
= 02–11–2006 20:33:56 [3624] *** Process: 3616 (parent 244) C:\Program Files\HP\hpcoretech\soln\HPOSM.exe:
= 02–11–2006 20:33:56 apn–scan(HPOSM.exe): 75 microseconds
= 02–11–2006 20:33:56 [3624] ap–scan [78ms]: NO THREAT found in file C:\Program Files\HP\hpcoretech\soln\HPOSM.exe
= 02–11–2006 20:33:57 [3796] *** Process: 3788 (parent 244) C:\Program Files\HP\hpcoretech\comp\hpdarc.exe:
= 02–11–2006 20:33:57 apn–scan(hpdarc.exe): 61 microseconds
= 02–11–2006 20:33:57 [3796] ap–scan [47ms]: NO THREAT found in file C:\Program Files\HP\hpcoretech\comp\hpdarc.exe
= 02–11–2006 20:33:58 [3948] *** Process: 3940 (parent 244) C:\Program Files\HP\hpcoretech\comp\hptskmgr.exe:
= 02–11–2006 20:33:58 apn–scan(hptskmgr.exe): 45 microseconds
= 02–11–2006 20:33:58 [3948] ap–scan [46ms]: NO THREAT found in file C:\Program Files\HP\hpcoretech\comp\hptskmgr.exe
= 02–11–2006 20:33:59 [4012] *** Process: 4004 (parent 244) C:\Program Files\HP\hpcoretech\comp\hpuihost.exe:
= 02–11–2006 20:33:59 apn–scan(hpuihost.exe): 46 microseconds
= 02–11–2006 20:33:59 [4012] ap–scan [32ms]: NO THREAT found in file C:\Program Files\HP\hpcoretech\comp\hpuihost.exe
= 02–11–2006 20:34:13 [1716] *** Process: 1780 (parent 1680) C:\WINDOWS\system32\rundll32.exe:
= 02–11–2006 20:34:13 apn–scan(rundll32.exe): 63 microseconds
= 02–11–2006 20:34:13 [1716] ap–scan [16ms]: NO THREAT found in file C:\WINDOWS\system32\rundll32.exe
= 02–11–2006 20:34:48 [3760] *** Process: 3752 (parent 1680) D:\Odebrane pliki\Ati sterownik redeon\9–13_mmc_euro1.exe:
= 02–11–2006 20:34:48 apn–scan(9–13_mmc_euro1.exe): 53 microseconds
= 02–11–2006 20:34:48 [3760] ap–scan [94ms]: NO THREAT found in file D:\Odebrane pliki\Ati sterownik redeon\9–13_mmc_euro1.exe
= 02–11–2006 20:35:09 [744] *** Process: 752 (parent 3752) D:\ATI\SUPPORT\9–13_mmc_euro1\setup.exe:
= 02–11–2006 20:35:09 apn–scan(setup.exe): 39 microseconds
= 02–11–2006 20:35:09 [744] ap–scan [125ms]: NO THREAT found in file D:\ATI\SUPPORT\9–13_mmc_euro1\setup.exe
= 02–11–2006 20:35:14 [1716] *** Process: 556 (parent 728) C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe:
= 02–11–2006 20:35:15 apn–scan(IDriver.exe): 61 microseconds
= 02–11–2006 20:35:15 [1716] ap–scan [235ms]: NO THREAT found in file C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe
= 02–11–2006 20:35:15 [2084] *** Process: 2076 (parent 728) C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe:
= 02–11–2006 20:35:15 apn–scan(IDriver.exe): 48 microseconds
= 02–11–2006 20:35:15 [2084] ap–scan [203ms]: NO THREAT found in file C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe
= 02–11–2006 20:35:16 [1152] *** Process: 2140 (parent 540) C:\WINDOWS\System32\msiexec.exe:
= 02–11–2006 20:35:16 apn–scan(msiexec.exe): 53 microseconds
= 02–11–2006 20:35:16 [1152] ap–scan [31ms]: NO THREAT found in file C:\WINDOWS\System32\msiexec.exe
= 02–11–2006 20:35:16 [2200] *** Process: 204 (parent 2140) C:\WINDOWS\System32\MsiExec.exe:
= 02–11–2006 20:35:16 apn–scan(MsiExec.exe): 47 microseconds
= 02–11–2006 20:35:16 [2200] ap–scan [16ms]: NO THREAT found in file C:\WINDOWS\System32\MsiExec.exe
= 02–11–2006 20:35:27 [2876] *** Process: 2868 (parent 728) C:\WINDOWS\System32\wbem\wmiprvse.exe:
= 02–11–2006 20:35:27 apn–scan(wmiprvse.exe): 57 microseconds
= 02–11–2006 20:35:27 [2876] ap–scan [47ms]: NO THREAT found in file C:\WINDOWS\System32\wbem\wmiprvse.exe
= 02–11–2006 20:35:52 [3248] *** Process: 3240 (parent 2140) C:\WINDOWS\System32\MsiExec.exe:
= 02–11–2006 20:35:52 apn–scan(MsiExec.exe): 49 microseconds
= 02–11–2006 20:35:52 [3248] ap–scan [31ms]: NO THREAT found in file C:\WINDOWS\System32\MsiExec.exe
= 02–11–2006 20:35:54 [3472] *** Process: 3072 (parent 2140) C:\WINDOWS\System32\MsiExec.exe:
= 02–11–2006 20:35:54 apn–scan(MsiExec.exe): 48 microseconds
= 02–11–2006 20:35:54 [3472] ap–scan [16ms]: NO THREAT found in file C:\WINDOWS\System32\MsiExec.exe
= 02–11–2006 20:36:00 [3948] *** Process: 3956 (parent 496) C:\WINDOWS\system32\logonui.exe:
= 02–11–2006 20:36:00 apn–scan(logonui.exe): 56 microseconds
= 02–11–2006 20:36:00 [3948] ap–scan [78ms]: NO THREAT found in file C:\WINDOWS\system32\logonui.exe
********* Spyware Nuker XT Log File **********
– Version: 4.5.40.1560 Build 1560
– Definition Database Date: 1/16/2006 08:36:25 AM (12867 entries)
– OS version: Windows XP 5.1.2600 []
– Default Browser: Opera (C:\Programy\Opera\Opera.exe)
– Browser Versions: IE:6.0.2600.0000;
– User ID: S–1–5–21–1757981266–492894223–682003330–1003
= 02–11–2006 20:37:34 database: 1/16/2006 08:36:25 AM (12867 entries)
= 02–11–2006 20:37:38 2009 exe signatures
= 02–11–2006 20:37:38 52 exe signatures
= 02–11–2006 20:37:50 Scan Locations: "C:\", "D:\"
= 02–11–2006 20:37:59 [152] *** Process: 1884 (parent 908) C:\WINDOWS\System32\wbem\wmiprvse.exe:
= 02–11–2006 20:37:59 apn–scan(wmiprvse.exe): 50 microseconds
= 02–11–2006 20:37:59 [152] ap–scan [156ms]: NO THREAT found in file C:\WINDOWS\System32\wbem\wmiprvse.exe
= 02–11–2006 20:38:09 [2472] *** Process: 2464 (parent 716) C:\WINDOWS\System32\wbem\wmiapsrv.exe:
= 02–11–2006 20:38:09 apn–scan(wmiapsrv.exe): 49 microseconds
= 02–11–2006 20:38:09 [2472] ap–scan [32ms]: NO THREAT found in file C:\WINDOWS\System32\wbem\wmiapsrv.exe
= 02–11–2006 20:38:58 [1356] *** Process: 1352 (parent 1572) C:\WINDOWS\system32\rundll32.exe:
= 02–11–2006 20:38:58 apn–scan(rundll32.exe): 47 microseconds
= 02–11–2006 20:38:58 [1356] ap–scan [15ms]: NO THREAT found in file C:\WINDOWS\system32\rundll32.exe
= 02–11–2006 20:39:21 [2552] *** Process: 2544 (parent 1032) C:\WINDOWS\System32\MsiExec.exe:
= 02–11–2006 20:39:21 apn–scan(MsiExec.exe): 47 microseconds
= 02–11–2006 20:39:21 [2552] ap–scan [31ms]: NO THREAT found in file C:\WINDOWS\System32\MsiExec.exe
= 02–11–2006 20:39:21 [2624] *** Process: 2616 (parent 908) C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe:
= 02–11–2006 20:39:21 apn–scan(IDriver.exe): 44 microseconds
= 02–11–2006 20:39:21 [2624] ap–scan [266ms]: NO THREAT found in file C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe
= 02–11–2006 20:39:38 [3992] *** Process: 3972 (parent 1032) C:\Program Files\ATI Technologies\ATI.ACE\atishlx.exe:
= 02–11–2006 20:39:38 apn–scan(atishlx.exe): 47 microseconds
= 02–11–2006 20:39:38 [3992] ap–scan [47ms]: NO THREAT found in file C:\Program Files\ATI Technologies\ATI.ACE\atishlx.exe
= 02–11–2006 20:39:39 [4052] *** Process: 4044 (parent 3972) C:\WINDOWS\System32\cmd.exe:
= 02–11–2006 20:39:39 apn–scan(cmd.exe): 49 microseconds
= 02–11–2006 20:39:39 [4052] ap–scan [422ms]: NO THREAT found in file C:\WINDOWS\System32\cmd.exe
= 02–11–2006 20:39:39 [4092] *** Process: 1316 (parent 4044) C:\WINDOWS\regedit.exe:
= 02–11–2006 20:39:40 apn–scan(regedit.exe): 45 microseconds
= 02–11–2006 20:39:40 [4092] ap–scan [63ms]: NO THREAT found in file C:\WINDOWS\regedit.exe
= 02–11–2006 20:39:40 [568] *** Process: 532 (parent 4044) C:\Program Files\ATI Technologies\ATI.ACE\thunk.exe:
= 02–11–2006 20:39:40 apn–scan(thunk.exe): 44 microseconds
= 02–11–2006 20:39:40 [568] ap–scan [15ms]: NO THREAT found in file C:\Program Files\ATI Technologies\ATI.ACE\thunk.exe
= 02–11–2006 20:39:40 [1492] *** Process: 284 (parent 4044) C:\Program Files\ATI Technologies\ATI.ACE\uccc.exe:
= 02–11–2006 20:39:40 apn–scan(uccc.exe): 44 microseconds
= 02–11–2006 20:39:40 [1492] ap–scan [32ms]: NO THREAT found in file C:\Program Files\ATI Technologies\ATI.ACE\uccc.exe
= 02–11–2006 20:39:42 [1940] *** Process: 1208 (parent 1032) C:\WINDOWS\System32\MsiExec.exe:
= 02–11–2006 20:39:42 apn–scan(MsiExec.exe): 46 microseconds
= 02–11–2006 20:39:42 [1940] ap–scan [16ms]: NO THREAT found in file C:\WINDOWS\System32\MsiExec.exe
= 02–11–2006 20:39:50 [720] *** Process: 360 (parent 1572) C:\WINDOWS\System32\SNDVOL32.EXE:
= 02–11–2006 20:39:50 apn–scan(SNDVOL32.EXE): 50 microseconds
= 02–11–2006 20:39:50 [720] ap–scan [63ms]: NO THREAT found in file C:\WINDOWS\System32\SNDVOL32.EXE
= 02–11–2006 20:39:55 [3632] *** Process: 3624 (parent 1572) C:\WINDOWS\system32\rundll32.exe:
= 02–11–2006 20:39:55 apn–scan(rundll32.exe): 47 microseconds
= 02–11–2006 20:39:55 [3632] ap–scan [16ms]: NO THREAT found in file C:\WINDOWS\system32\rundll32.exe
= 02–11–2006 20:40:07 [3332] *** Process: 3324 (parent 1032) C:\WINDOWS\Installer\MSI59A.tmp:
= 02–11–2006 20:40:07 apn–scan(MSI59A.tmp): 46 microseconds
= 02–11–2006 20:40:07 [3332] ap–scan [15ms]: NO THREAT found in file C:\WINDOWS\Installer\MSI59A.tmp
= 02–11–2006 20:40:33 [3976] *** Process: 3968 (parent 1572) D:\Odebrane pliki\Ati sterownik redeon\6–1_xp–2k_dd_ccc_wdm_enu_29602_redeon .exe:
= 02–11–2006 20:40:33 apn–scan(6–1_xp–2k_dd_ccc_wdm_enu_29602_redeon .exe): 37 microseconds
= 02–11–2006 20:40:33 [3976] ap–scan [125ms]: NO THREAT found in file D:\Odebrane pliki\Ati sterownik redeon\6–1_xp–2k_dd_ccc_wdm_enu_29602_redeon .exe
= 02–11–2006 20:41:01 [2716] *** Process: 2696 (parent 3968) D:\ATI\SUPPORT\6–1_xp–2k_dd_ccc_wdm_enu_29602\setup.exe:
= 02–11–2006 20:41:01 apn–scan(setup.exe): 38 microseconds
= 02–11–2006 20:41:01 [2716] ap–scan [63ms]: NO THREAT found in file D:\ATI\SUPPORT\6–1_xp–2k_dd_ccc_wdm_enu_29602\setup.exe
= 02–11–2006 20:41:02 [2740] *** Process: 2736 (parent 2696) D:\ATI\SUPPORT\6–1_xp–2k_dd_ccc_wdm_enu_29602\issetup.exe:
= 02–11–2006 20:41:02 apn–scan(issetup.exe): 37 microseconds
= 02–11–2006 20:41:02 [2740] ap–scan [63ms]: NO THREAT found in file D:\ATI\SUPPORT\6–1_xp–2k_dd_ccc_wdm_enu_29602\issetup.exe
= 02–11–2006 20:41:02 [2784] *** Process: 2776 (parent 2736) C:\Program Files\Common Files\InstallShield\engine\6\Intel 32\IKernel.exe:
= 02–11–2006 20:41:02 apn–scan(IKernel.exe): 48 microseconds
= 02–11–2006 20:41:02 [2784] ap–scan [171ms]: NO THREAT found in file C:\Program Files\Common Files\InstallShield\engine\6\Intel 32\IKernel.exe
= 02–11–2006 20:41:03 [2832] *** Process: 2824 (parent 908) C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\IKernel.exe:
= 02–11–2006 20:41:03 apn–scan(IKernel.exe): 44 microseconds
= 02–11–2006 20:41:03 [2832] ap–scan [188ms]: NO THREAT found in file C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\IKernel.exe
= 02–11–2006 20:41:04 [2888] *** Process: 2880 (parent 2824) C:\Program Files\Common Files\InstallShield\engine\6\Intel 32\iKernel.exe:
= 02–11–2006 20:41:04 apn–scan(iKernel.exe): 48 microseconds
= 02–11–2006 20:41:04 [2888] ap–scan [156ms]: NO THREAT found in file C:\Program Files\Common Files\InstallShield\engine\6\Intel 32\iKernel.exe
= 02–11–2006 20:41:11 [3292] *** Process: 3284 (parent 908) C:\WINDOWS\System32\wbem\wmiprvse.exe:
= 02–11–2006 20:41:11 apn–scan(wmiprvse.exe): 52 microseconds
= 02–11–2006 20:41:11 [3292] ap–scan [47ms]: NO THREAT found in file C:\WINDOWS\System32\wbem\wmiprvse.exe
= 02–11–2006 20:41:23 [3552] *** Process: 3544 (parent 2824) D:\ATI\SUPPORT\6–1_xp–2k_dd_ccc_wdm_enu_29602\AtiCim.bin:
= 02–11–2006 20:41:23 apn–scan(AtiCim.bin): 37 microseconds
= 02–11–2006 20:41:23 [3552] ap–scan [31ms]: NO THREAT found in file D:\ATI\SUPPORT\6–1_xp–2k_dd_ccc_wdm_enu_29602\AtiCim.bin
= 02–11–2006 20:41:24 [524] *** Process: 152 (parent 3544) D:\ATI\SUPPORT\6–1_xp–2k_dd_ccc_wdm_enu_29602\Driver\setup.exe:
= 02–11–2006 20:41:24 apn–scan(setup.exe): 39 microseconds
= 02–11–2006 20:41:24 [524] ap–scan [16ms]: NO THREAT found in file D:\ATI\SUPPORT\6–1_xp–2k_dd_ccc_wdm_enu_29602\Driver\setup.exe
= 02–11–2006 20:41:24 [3620] *** Process: 3608 (parent 152) C:\Program Files\Common Files\InstallShield\engine\6\Intel 32\IKernel.exe:
= 02–11–2006 20:41:25 apn–scan(IKernel.exe): 46 microseconds
= 02–11–2006 20:41:25 [3620] ap–scan [187ms]: NO THREAT found in file C:\Program Files\Common Files\InstallShield\engine\6\Intel 32\IKernel.exe
= 02–11–2006 20:41:25 [3716] *** Process: 3704 (parent 908) C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\IKernel.exe:
= 02–11–2006 20:41:25 apn–scan(IKernel.exe): 43 microseconds
= 02–11–2006 20:41:25 [3716] ap–scan [157ms]: NO THREAT found in file C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\IKernel.exe
= 02–11–2006 20:41:25 [3832] *** Process: 3824 (parent 3704) C:\Program Files\Common Files\InstallShield\engine\6\Intel 32\iKernel.exe:
= 02–11–2006 20:41:25 apn–scan(iKernel.exe): 47 microseconds
= 02–11–2006 20:41:25 [3832] ap–scan [156ms]: NO THREAT found in file C:\Program Files\Common Files\InstallShield\engine\6\Intel 32\iKernel.exe
= 02–11–2006 20:41:30 [4012] *** Process: 1252 (parent 3704) C:\WINDOWS\regedit.exe:
= 02–11–2006 20:41:30 apn–scan(regedit.exe): 43 microseconds
= 02–11–2006 20:41:30 [4012] ap–scan [31ms]: NO THREAT found in file C:\WINDOWS\regedit.exe
= 02–11–2006 20:41:37 [2496] *** Process: 2488 (parent 3704) C:\WINDOWS\System32\runonce.exe:
= 02–11–2006 20:41:37 apn–scan(runonce.exe): 48 microseconds
= 02–11–2006 20:41:37 [2496] ap–scan [15ms]: NO THREAT found in file C:\WINDOWS\System32\runonce.exe
= 02–11–2006 20:41:39 [2648] *** Process: 2644 (parent 3704) C:\WINDOWS\system32\ati2sgag.exe:
= 02–11–2006 20:41:39 apn–scan(ati2sgag.exe): 46 microseconds
= 02–11–2006 20:41:39 [2648] ap–scan [125ms]: NO THREAT found in file C:\WINDOWS\system32\ati2sgag.exe
= 02–11–2006 20:41:47 [2808] *** Process: 1716 (parent 3544) D:\ATI\SUPPORT\6–1_xp–2k_dd_ccc_wdm_enu_29602\ACE\setup.exe:
= 02–11–2006 20:41:47 apn–scan(setup.exe): 41 microseconds
= 02–11–2006 20:41:47 [2808] ap–scan [125ms]: NO THREAT found in file D:\ATI\SUPPORT\6–1_xp–2k_dd_ccc_wdm_enu_29602\ACE\setup.exe
= 02–11–2006 20:42:01 [3696] *** Process: 3388 (parent 1716) C:\WINDOWS\system32\MSIEXEC.EXE:
= 02–11–2006 20:42:01 apn–scan(MSIEXEC.EXE): 48 microseconds
= 02–11–2006 20:42:01 [3696] ap–scan [16ms]: NO THREAT found in file C:\WINDOWS\system32\MSIEXEC.EXE
= 02–11–2006 20:42:01 [3476] *** Process: 3468 (parent 1032) C:\WINDOWS\System32\MsiExec.exe:
= 02–11–2006 20:42:01 apn–scan(MsiExec.exe): 47 microseconds
= 02–11–2006 20:42:01 [3476] ap–scan [32ms]: NO THREAT found in file C:\WINDOWS\System32\MsiExec.exe
= 02–11–2006 20:42:01 [1788] *** Process: 1928 (parent 908) C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe:
= 02–11–2006 20:42:01 apn–scan(IDriver.exe): 44 microseconds
= 02–11–2006 20:42:01 [1788] ap–scan [218ms]: NO THREAT found in file C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe
= 02–11–2006 20:42:06 [3540] *** Process: 3872 (parent 1032) C:\WINDOWS\System32\MsiExec.exe:
= 02–11–2006 20:42:06 apn–scan(MsiExec.exe): 47 microseconds
= 02–11–2006 20:42:06 [3540] ap–scan [31ms]: NO THREAT found in file C:\WINDOWS\System32\MsiExec.exe
= 02–11–2006 20:42:19 [852] *** Process: 376 (parent 1032) C:\Program Files\ATI Technologies\ATI.ACE\atishlx.exe:
= 02–11–2006 20:42:19 apn–scan(atishlx.exe): 44 microseconds
= 02–11–2006 20:42:19 [852] ap–scan [31ms]: NO THREAT found in file C:\Program Files\ATI Technologies\ATI.ACE\atishlx.exe
= 02–11–2006 20:42:19 [692] *** Process: 508 (parent 376) C:\WINDOWS\System32\cmd.exe:
= 02–11–2006 20:42:20 apn–scan(cmd.exe): 46 microseconds
= 02–11–2006 20:42:20 [692] ap–scan [297ms]: NO THREAT found in file C:\WINDOWS\System32\cmd.exe
= 02–11–2006 20:42:20 [1196] *** Process: 1096 (parent 508) C:\WINDOWS\regedit.exe:
= 02–11–2006 20:42:20 apn–scan(regedit.exe): 44 microseconds
= 02–11–2006 20:42:20 [1196] ap–scan [63ms]: NO THREAT found in file C:\WINDOWS\regedit.exe
= 02–11–2006 20:42:20 [1300] *** Process: 1904 (parent 508) C:\WINDOWS\regedit.exe:
= 02–11–2006 20:42:20 apn–scan(regedit.exe): 43 microseconds
= 02–11–2006 20:42:20 [1300] ap–scan [94ms]: NO THREAT found in file C:\WINDOWS\regedit.exe
= 02–11–2006 20:42:20 [1500] *** Process: 1376 (parent 508) C:\Program Files\ATI Technologies\ATI.ACE\thunk.exe:
= 02–11–2006 20:42:20 apn–scan(thunk.exe): 44 microseconds
= 02–11–2006 20:42:20 [1500] ap–scan [16ms]: NO THREAT found in file C:\Program Files\ATI Technologies\ATI.ACE\thunk.exe
= 02–11–2006 20:42:20 [1840] *** Process: 1216 (parent 508) C:\Program Files\ATI Technologies\ATI.ACE\thunk.exe:
= 02–11–2006 20:42:20 apn–scan(thunk.exe): 44 microseconds
= 02–11–2006 20:42:20 [1840] ap–scan [31ms]: NO THREAT found in file C:\Program Files\ATI Technologies\ATI.ACE\thunk.exe
= 02–11–2006 20:42:31 [2172] *** Process: 2168 (parent 672) C:\WINDOWS\system32\logonui.exe:
= 02–11–2006 20:42:32 apn–scan(logonui.exe): 48 microseconds
= 02–11–2006 20:42:32 [2172] ap–scan [360ms]: NO THREAT found in file C:\WINDOWS\system32\logonui.exe
********* Spyware Nuker XT Log File **********
– Version: 4.5.40.1560 Build 1560
– Definition Database Date: 1/16/2006 08:36:25 AM (12867 entries)
– OS version: Windows XP 5.1.2600 []
– Default Browser: Opera (C:\Programy\Opera\Opera.exe)
– Browser Versions: IE:6.0.2600.0000;
– User ID: S–1–5–21–1757981266–492894223–682003330–1003
= 02–11–2006 20:43:43 database: 1/16/2006 08:36:25 AM (12867 entries)
= 02–11–2006 20:43:45 2009 exe signatures
= 02–11–2006 20:43:45 52 exe signatures
= 02–11–2006 20:43:49 Scan Locations: "C:\", "D:\"
= 02–11–2006 20:44:01 [1836] *** Process: 1828 (parent 1204) C:\WINDOWS\System32\regedt32.exe:
= 02–11–2006 20:44:01 apn–scan(regedt32.exe): 46 microseconds
= 02–11–2006 20:44:01 [1836] ap–scan [63ms]: NO THREAT found in file C:\WINDOWS\System32\regedt32.exe
= 02–11–2006 20:44:07 [1876] *** Process: 1868 (parent 1616) C:\Program Files\ATI Technologies\ATI.ACE\cli.exe:
= 02–11–2006 20:44:08 apn–scan(cli.exe): 54 microseconds
= 02–11–2006 20:44:08 [1876] ap–scan [937ms]: NO THREAT found in file C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
= 02–11–2006 20:44:08 [1908] *** Process: 1900 (parent 1828) C:\WINDOWS\regedit.exe:
= 02–11–2006 20:44:09 apn–scan(regedit.exe): 48 microseconds
= 02–11–2006 20:44:09 [1908] ap–scan [593ms]: NO THREAT found in file C:\WINDOWS\regedit.exe
= 02–11–2006 20:44:09 [1988] *** Process: 1980 (parent 720) C:\WINDOWS\System32\imapi.exe:
= 02–11–2006 20:44:09 apn–scan(imapi.exe): 46 microseconds
= 02–11–2006 20:44:09 [1988] ap–scan [78ms]: NO THREAT found in file C:\WINDOWS\System32\imapi.exe
= 02–11–2006 20:44:13 [1060] *** Process: 556 (parent 1076) C:\WINDOWS\system32\ati2sgag.exe:
= 02–11–2006 20:44:14 apn–scan(ati2sgag.exe): 48 microseconds
= 02–11–2006 20:44:14 [1060] ap–scan [610ms]: NO THREAT found in file C:\WINDOWS\system32\ati2sgag.exe
= 02–11–2006 20:44:24 [2148] *** Process: 2140 (parent 932) C:\WINDOWS\System32\wbem\wmiprvse.exe:
= 02–11–2006 20:44:24 apn–scan(wmiprvse.exe): 55 microseconds
= 02–11–2006 20:44:24 [2148] ap–scan [78ms]: NO THREAT found in file C:\WINDOWS\System32\wbem\wmiprvse.exe
= 02–11–2006 20:44:24 [2172] *** Process: 2164 (parent 720) C:\WINDOWS\System32\wbem\wmiapsrv.exe:
= 02–11–2006 20:44:24 apn–scan(wmiapsrv.exe): 48 microseconds
= 02–11–2006 20:44:24 [2172] ap–scan [62ms]: NO THREAT found in file C:\WINDOWS\System32\wbem\wmiapsrv.exe
= 02–11–2006 20:44:28 [2448] *** Process: 2440 (parent 1528) C:\Program Files\ATI Technologies\ATI.ACE\cli.exe:
= 02–11–2006 20:44:28 apn–scan(cli.exe): 46 microseconds
= 02–11–2006 20:44:28 [2448] ap–scan [47ms]: NO THREAT found in file C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
= 02–11–2006 20:44:33 [2864] *** Process: 2856 (parent 428) C:\Program Files\ATI Technologies\ATI.ACE\cli.exe:
= 02–11–2006 20:44:33 apn–scan(cli.exe): 50 microseconds
= 02–11–2006 20:44:33 [2864] ap–scan [31ms]: NO THREAT found in file C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
= 02–11–2006 20:44:33 [2888] *** Process: 2880 (parent 428) C:\Program Files\ATI Technologies\ATI.ACE\cli.exe:
= 02–11–2006 20:44:34 apn–scan(cli.exe): 46 microseconds
= 02–11–2006 20:44:34 [2888] ap–scan [63ms]: NO THREAT found in file C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
= 02–11–2006 20:44:34 [2936] *** Process: 2928 (parent 428) C:\Program Files\ATI Technologies\ATI.ACE\cli.exe:
= 02–11–2006 20:44:34 apn–scan(cli.exe): 46 microseconds
= 02–11–2006 20:44:34 [2936] ap–scan [78ms]: NO THREAT found in file C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
= 02–11–2006 20:44:45 [3408] *** Process: 3400 (parent 2880) C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe:
= 02–11–2006 20:44:45 apn–scan(CLI.exe): 52 microseconds
= 02–11–2006 20:44:45 [3408] ap–scan [93ms]: NO THREAT found in file C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
= 02–11–2006 20:44:45 [3532] *** Process: 3524 (parent 720) C:\WINDOWS\System32\wbem\wmiapsrv.exe:
= 02–11–2006 20:44:45 apn–scan(wmiapsrv.exe): 48 microseconds
= 02–11–2006 20:44:45 [3532] ap–scan [31ms]: NO THREAT found in file C:\WINDOWS\System32\wbem\wmiapsrv.exe
= 02–11–2006 20:44:46 [3628] *** Process: 3620 (parent 720) C:\WINDOWS\System32\wbem\wmiapsrv.exe:
= 02–11–2006 20:44:46 apn–scan(wmiapsrv.exe): 48 microseconds
= 02–11–2006 20:44:46 [3628] ap–scan [31ms]: NO THREAT found in file C:\WINDOWS\System32\wbem\wmiapsrv.exe
= 02–11–2006 20:45:08 [244] *** Process: 1456 (parent 2880) C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe:
= 02–11–2006 20:45:08 apn–scan(CLI.exe): 46 microseconds
= 02–11–2006 20:45:08 [244] ap–scan [31ms]: NO THREAT found in file C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
= 02–11–2006 20:45:11 [1428] *** Process: 1500 (parent 1616) C:\WINDOWS\system32\rundll32.exe:
= 02–11–2006 20:45:11 apn–scan(rundll32.exe): 48 microseconds
= 02–11–2006 20:45:11 [1428] ap–scan [16ms]: NO THREAT found in file C:\WINDOWS\system32\rundll32.exe
= 02–11–2006 20:45:28 [3872] *** Process: 3864 (parent 1528) C:\Program Files\ATI Technologies\ATI.ACE\cli.exe:
= 02–11–2006 20:45:28 apn–scan(cli.exe): 47 microseconds
= 02–11–2006 20:45:28 [3872] ap–scan [31ms]: NO THREAT found in file C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
= 02–11–2006 20:45:45 [2260] *** Process: 3040 (parent 2880) D:\ATI\SUPPORT\Hydrovision\HydraCPL.exe:
= 02–11–2006 20:45:45 apn–scan(HydraCPL.exe): 35 microseconds
= 02–11–2006 20:45:45 [2260] ap–scan [63ms]: NO THREAT found in file D:\ATI\SUPPORT\Hydrovision\HydraCPL.exe
= 02–11–2006 20:46:01 [2292] *** Process: 2252 (parent 1616) C:\WINDOWS\system32\rundll32.exe:
= 02–11–2006 20:46:01 apn–scan(rundll32.exe): 48 microseconds
= 02–11–2006 20:46:01 [2292] ap–scan [16ms]: NO THREAT found in file C:\WINDOWS\system32\rundll32.exe
= 02–11–2006 20:46:07 [3724] *** Process: 3708 (parent 1528) C:\Program Files\ATI Technologies\ATI.ACE\cli.exe:
= 02–11–2006 20:46:07 apn–scan(cli.exe): 50 microseconds
= 02–11–2006 20:46:07 [3724] ap–scan [31ms]: NO THREAT found in file C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
= 02–11–2006 20:46:14 [3956] *** Process: 540 (parent 1528) C:\Program Files\ATI Technologies\ATI.ACE\cli.exe:
= 02–11–2006 20:46:14 apn–scan(cli.exe): 48 microseconds
= 02–11–2006 20:46:14 [3956] ap–scan [31ms]: NO THREAT found in file C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
= 02–11–2006 20:46:21 [560] *** Process: 1192 (parent 1616) C:\WINDOWS\system32\rundll32.exe:
= 02–11–2006 20:46:21 apn–scan(rundll32.exe): 50 microseconds
= 02–11–2006 20:46:21 [560] ap–scan [15ms]: NO THREAT found in file C:\WINDOWS\system32\rundll32.exe
= 02–11–2006 20:46:27 [548] *** Process: 3280 (parent 1192) C:\WINDOWS\System32\logon.scr:
= 02–11–2006 20:46:27 apn–scan(logon.scr): 46 microseconds
= 02–11–2006 20:46:27 [548] ap–scan [47ms]: NO THREAT found in file C:\WINDOWS\System32\logon.scr
= 02–11–2006 20:47:22 [496] *** Process: 1840 (parent 984) C:\WINDOWS\System32\rundll32.exe:
= 02–11–2006 20:47:22 apn–scan(rundll32.exe): 46 microseconds
= 02–11–2006 20:47:22 [496] ap–scan [47ms]: NO THREAT found in file C:\WINDOWS\System32\rundll32.exe
= 02–11–2006 20:47:22 [1964] *** Process: 2044 (parent 720) C:\WINDOWS\System32\imapi.exe:
= 02–11–2006 20:47:22 apn–scan(imapi.exe): 47 microseconds
= 02–11–2006 20:47:22 [1964] ap–scan [47ms]: NO THREAT found in file C:\WINDOWS\System32\imapi.exe
= 02–11–2006 20:48:05 [3344] *** Process: 3336 (parent 2880) C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe:
= 02–11–2006 20:48:05 apn–scan(CLI.exe): 46 microseconds
= 02–11–2006 20:48:05 [3344] ap–scan [32ms]: NO THREAT found in file C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
= 02–11–2006 20:48:09 [3584] *** Process: 3572 (parent 932) C:\WINDOWS\System32\wbem\wmiprvse.exe:
= 02–11–2006 20:48:09 apn–scan(wmiprvse.exe): 47 microseconds
= 02–11–2006 20:48:09 [3584] ap–scan [62ms]: NO THREAT found in file C:\WINDOWS\System32\wbem\wmiprvse.exe
= 02–11–2006 20:49:11 [444] *** Process: 3188 (parent 1192) C:\WINDOWS\system32\runonce.exe:
= 02–11–2006 20:49:11 apn–scan(runonce.exe): 48 microseconds
= 02–11–2006 20:49:11 [444] ap–scan [0ms]: NO THREAT found in file C:\WINDOWS\system32\runonce.exe
= 02–11–2006 20:49:44 [4072] *** Process: 2020 (parent 1192) C:\PROGRAM FILES\ATI TECHNOLOGIES\ATI.ACE\cli.exe:
= 02–11–2006 20:49:44 apn–scan(cli.exe): 48 microseconds
= 02–11–2006 20:49:44 [4072] ap–scan [47ms]: NO THREAT found in file C:\PROGRAM FILES\ATI TECHNOLOGIES\ATI.ACE\cli.exe
= 02–11–2006 20:49:47 [4000] *** Process: 3988 (parent 932) C:\WINDOWS\System32\wbem\wmiprvse.exe:
= 02–11–2006 20:49:47 apn–scan(wmiprvse.exe): 48 microseconds
= 02–11–2006 20:49:47 [4000] ap–scan [47ms]: NO THREAT found in file C:\WINDOWS\System32\wbem\wmiprvse.exe
= 02–11–2006 20:50:12 [2244] *** Process: 2232 (parent 1616) D:\Odebrane pliki\Ati sterownik redeon\6–1_xp–2k_dd_ccc_wdm_enu_29602_redeon .exe:
= 02–11–2006 20:50:13 apn–scan(6–1_xp–2k_dd_ccc_wdm_enu_29602_redeon .exe): 37 microseconds
= 02–11–2006 20:50:13 [2244] ap–scan [94ms]: NO THREAT found in file D:\Odebrane pliki\Ati sterownik redeon\6–1_xp–2k_dd_ccc_wdm_enu_29602_redeon .exe
= 02–11–2006 20:50:41 [3360] *** Process: 3344 (parent 2232) D:\ATI\SUPPORT\6–1_xp–2k_dd_ccc_wdm_enu_29602\setup.exe:
= 02–11–2006 20:50:41 apn–scan(setup.exe): 35 microseconds
= 02–11–2006 20:50:41 [3360] ap–scan [62ms]: NO THREAT found in file D:\ATI\SUPPORT\6–1_xp–2k_dd_ccc_wdm_enu_29602\setup.exe
= 02–11–2006 20:50:42 [3788] *** Process: 2112 (parent 3344) D:\ATI\SUPPORT\6–1_xp–2k_dd_ccc_wdm_enu_29602\issetup.exe:
= 02–11–2006 20:50:42 apn–scan(issetup.exe): 36 microseconds
= 02–11–2006 20:50:42 [3788] ap–scan [62ms]: NO THREAT found in file D:\ATI\SUPPORT\6–1_xp–2k_dd_ccc_wdm_enu_29602\issetup.exe
= 02–11–2006 20:50:42 [2084] *** Process: 1956 (parent 2112) C:\Program Files\Common Files\InstallShield\engine\6\Intel 32\IKernel.exe:
= 02–11–2006 20:50:42 apn–scan(IKernel.exe): 49 microseconds
= 02–11–2006 20:50:42 [2084] ap–scan [156ms]: NO THREAT found in file C:\Program Files\Common Files\InstallShield\engine\6\Intel 32\IKernel.exe
= 02–11–2006 20:50:43 [3624] *** Process: 3584 (parent 932) C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\IKernel.exe:
= 02–11–2006 20:50:43 apn–scan(IKernel.exe): 45 microseconds
= 02–11–2006 20:50:43 [3624] ap–scan [172ms]: NO THREAT found in file C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\IKernel.exe
= 02–11–2006 20:50:43 [3684] *** Process: 3676 (parent 3584) C:\Program Files\Common Files\InstallShield\engine\6\Intel 32\iKernel.exe:
= 02–11–2006 20:50:43 apn–scan(iKernel.exe): 49 microseconds
= 02–11–2006 20:50:43 [3684] ap–scan [157ms]: NO THREAT found in file C:\Program Files\Common Files\InstallShield\engine\6\Intel 32\iKernel.exe
= 02–11–2006 20:51:04 [1492] *** Process: 1640 (parent 3584) D:\ATI\SUPPORT\6–1_xp–2k_dd_ccc_wdm_enu_29602\AtiCim.bin:
= 02–11–2006 20:51:04 apn–scan(AtiCim.bin): 35 microseconds
= 02–11–2006 20:51:04 [1492] ap–scan [31ms]: NO THREAT found in file D:\ATI\SUPPORT\6–1_xp–2k_dd_ccc_wdm_enu_29602\AtiCim.bin
= 02–11–2006 20:51:05 [3520] *** Process: 3768 (parent 1640) D:\ATI\SUPPORT\6–1_xp–2k_dd_ccc_wdm_enu_29602\Driver\setup.exe:
= 02–11–2006 20:51:05 apn–scan(setup.exe): 38 microseconds
= 02–11–2006 20:51:05 [3520] ap–scan [16ms]: NO THREAT found in file D:\ATI\SUPPORT\6–1_xp–2k_dd_ccc_wdm_enu_29602\Driver\setup.exe
= 02–11–2006 20:51:06 [1884] *** Process: 2104 (parent 3768) C:\Program Files\Common Files\InstallShield\engine\6\Intel 32\IKernel.exe:
= 02–11–2006 20:51:06 apn–scan(IKernel.exe): 47 microseconds
= 02–11–2006 20:51:06 [1884] ap–scan [157ms]: NO THREAT found in file C:\Program Files\Common Files\InstallShield\engine\6\Intel 32\IKernel.exe
= 02–11–2006 20:51:06 [2184] *** Process: 2180 (parent 932) C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\IKernel.exe:
= 02–11–2006 20:51:06 apn–scan(IKernel.exe): 45 microseconds
= 02–11–2006 20:51:06 [2184] ap–scan [156ms]: NO THREAT found in file C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\IKernel.exe
= 02–11–2006 20:51:06 [2292] *** Process: 2244 (parent 2180) C:\Program Files\Common Files\InstallShield\engine\6\Intel 32\iKernel.exe:
= 02–11–2006 20:51:06 apn–scan(iKernel.exe): 49 microseconds
= 02–11–2006 20:51:06 [2292] ap–scan [156ms]: NO THREAT found in file C:\Program Files\Common Files\InstallShield\engine\6\Intel 32\iKernel.exe
= 02–11–2006 20:51:10 [2432] *** Process: 2760 (parent 2180) C:\WINDOWS\regedit.exe:
= 02–11–2006 20:51:10 apn–scan(regedit.exe): 43 microseconds
= 02–11–2006 20:51:10 [2432] ap–scan [31ms]: NO THREAT found in file C:\WINDOWS\regedit.exe
= 02–11–2006 20:51:16 [3100] *** Process: 3088 (parent 2180) C:\WINDOWS\System32\runonce.exe:
= 02–11–2006 20:51:16 apn–scan(runonce.exe): 48 microseconds
= 02–11–2006 20:51:16 [3100] ap–scan [16ms]: NO THREAT found in file C:\WINDOWS\System32\runonce.exe
= 02–11–2006 20:51:18 [992] *** Process: 1556 (parent 2180) C:\WINDOWS\system32\ati2sgag.exe:
= 02–11–2006 20:51:18 apn–scan(ati2sgag.exe): 47 microseconds
= 02–11–2006 20:51:18 [992] ap–scan [125ms]: NO THREAT found in file C:\WINDOWS\system32\ati2sgag.exe
= 02–11–2006 20:51:25 [3632] *** Process: 3640 (parent 1640) D:\ATI\SUPPORT\6–1_xp–2k_dd_ccc_wdm_enu_29602\ACE\setup.exe:
= 02–11–2006 20:51:26 apn–scan(setup.exe): 40 microseconds
= 02–11–2006 20:51:26 [3632] ap–scan [125ms]: NO THREAT found in file D:\ATI\SUPPORT\6–1_xp–2k_dd_ccc_wdm_enu_29602\ACE\setup.exe
= 02–11–2006 20:51:29 [3588] *** Process: 3532 (parent 720) C:\WINDOWS\System32\msiexec.exe:
= 02–11–2006 20:51:29 apn–scan(msiexec.exe): 45 microseconds
= 02–11–2006 20:51:29 [3588] ap–scan [15ms]: NO THREAT found in file C:\WINDOWS\System32\msiexec.exe
= 02–11–2006 20:51:32 [2024] *** Process: 3636 (parent 3640) C:\WINDOWS\system32\MSIEXEC.EXE:
= 02–11–2006 20:51:32 apn–scan(MSIEXEC.EXE): 47 microseconds
= 02–11–2006 20:51:32 [2024] ap–scan [32ms]: NO THREAT found in file C:\WINDOWS\system32\MSIEXEC.EXE
= 02–11–2006 20:51:32 [848] *** Process: 4000 (parent 3532) C:\WINDOWS\System32\MsiExec.exe:
= 02–11–2006 20:51:32 apn–scan(MsiExec.exe): 46 microseconds
= 02–11–2006 20:51:32 [848] ap–scan [31ms]: NO THREAT found in file C:\WINDOWS\System32\MsiExec.exe
= 02–11–2006 20:51:32 [212] *** Process: 796 (parent 932) C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe:
= 02–11–2006 20:51:32 apn–scan(IDriver.exe): 45 microseconds
= 02–11–2006 20:51:32 [212] ap–scan [188ms]: NO THREAT found in file C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe
= 02–11–2006 20:51:38 [216] *** Process: 3500 (parent 3532) C:\WINDOWS\System32\MsiExec.exe:
= 02–11–2006 20:51:38 apn–scan(MsiExec.exe): 49 microseconds
= 02–11–2006 20:51:38 [216] ap–scan [31ms]: NO THREAT found in file C:\WINDOWS\System32\MsiExec.exe
= 02–11–2006 20:51:38 [4080] *** Process: 2332 (parent 3532) C:\WINDOWS\Installer\MSI1F.tmp:
= 02–11–2006 20:51:38 apn–scan(MSI1F.tmp): 46 microseconds
= 02–11–2006 20:51:38 [4080] ap–scan [16ms]: NO THREAT found in file C:\WINDOWS\Installer\MSI1F.tmp
= 02–11–2006 20:52:50 [292] *** Process: 4012 (parent 1616) D:\Odebrane pliki\Ati sterownik redeon\6–1_ccc_pl_29602.exe:
= 02–11–2006 20:52:50 apn–scan(6–1_ccc_pl_29602.exe): 39 microseconds
= 02–11–2006 20:52:50 [292] ap–scan [78ms]: NO THREAT found in file D:\Odebrane pliki\Ati sterownik redeon\6–1_ccc_pl_29602.exe
= 02–11–2006 20:53:08 [1524] *** Process: 1756 (parent 4012) D:\ATI\SUPPORT\6–1_ccc_pl_29602\setup.exe:
= 02–11–2006 20:53:09 apn–scan(setup.exe): 36 microseconds
= 02–11–2006 20:53:09 [1524] ap–scan [125ms]: NO THREAT found in file D:\ATI\SUPPORT\6–1_ccc_pl_29602\setup.exe
= 02–11–2006 20:53:13 [3152] *** Process: 2072 (parent 1756) C:\WINDOWS\System32\MSIEXEC.EXE:
= 02–11–2006 20:53:13 apn–scan(MSIEXEC.EXE): 46 microseconds
= 02–11–2006 20:53:13 [3152] ap–scan [31ms]: NO THREAT found in file C:\WINDOWS\System32\MSIEXEC.EXE
= 02–11–2006 20:53:14 [3884] *** Process: 300 (parent 3532) C:\WINDOWS\System32\MsiExec.exe:
= 02–11–2006 20:53:14 apn–scan(MsiExec.exe): 47 microseconds
= 02–11–2006 20:53:14 [3884] ap–scan [32ms]: NO THREAT found in file C:\WINDOWS\System32\MsiExec.exe
= 02–11–2006 20:53:14 [160] *** Process: 3716 (parent 932) C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe:
= 02–11–2006 20:53:14 apn–scan(IDriver.exe): 44 microseconds
= 02–11–2006 20:53:14 [160] ap–scan [203ms]: NO THREAT found in file C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe
= 02–11–2006 20:53:27 [3884] *** Process: 2324 (parent 3532) C:\WINDOWS\System32\MsiExec.exe:
= 02–11–2006 20:53:27 apn–scan(MsiExec.exe): 46 microseconds
= 02–11–2006 20:53:27 [3884] ap–scan [16ms]: NO THREAT found in file C:\WINDOWS\System32\MsiExec.exe
= 02–11–2006 20:53:31 [2184] *** Process: 2200 (parent 932) C:\WINDOWS\System32\wbem\wmiprvse.exe:
= 02–11–2006 20:53:31 apn–scan(wmiprvse.exe): 48 microseconds
= 02–11–2006 20:53:31 [2184] ap–scan [46ms]: NO THREAT found in file C:\WINDOWS\System32\wbem\wmiprvse.exe
= 02–11–2006 20:53:31 [3516] *** Process: 1816 (parent 932) C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe:
= 02–11–2006 20:53:31 apn–scan(IDriver.exe): 46 microseconds
= 02–11–2006 20:53:31 [3516] ap–scan [188ms]: NO THREAT found in file C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe
= 02–11–2006 20:53:40 [2688] *** Process: 2076 (parent 1204) C:\WINDOWS\System32\regedt32.exe:
= 02–11–2006 20:53:40 apn–scan(regedt32.exe): 48 microseconds
= 02–11–2006 20:53:40 [2688] ap–scan [16ms]: NO THREAT found in file C:\WINDOWS\System32\regedt32.exe
= 02–11–2006 20:53:40 [2740] *** Process: 2732 (parent 2076) C:\WINDOWS\regedit.exe:
= 02–11–2006 20:53:40 apn–scan(regedit.exe): 46 microseconds
= 02–11–2006 20:53:40 [2740] ap–scan [156ms]: NO THREAT found in file C:\WINDOWS\regedit.exe
= 02–11–2006 20:53:48 [476] *** Process: 3272 (parent 3532) C:\WINDOWS\System32\MsiExec.exe:
= 02–11–2006 20:53:48 apn–scan(MsiExec.exe): 47 microseconds
= 02–11–2006 20:53:48 [476] ap–scan [31ms]: NO THREAT found in file C:\WINDOWS\System32\MsiExec.exe
= 02–11–2006 20:54:10 [2980] *** Process: 3856 (parent 3532) C:\WINDOWS\Installer\MSI436.tmp:
= 02–11–2006 20:54:10 apn–scan(MSI436.tmp): 46 microseconds
= 02–11–2006 20:54:10 [2980] ap–scan [31ms]: NO THREAT found in file C:\WINDOWS\Installer\MSI436.tmp
= 02–11–2006 20:54:36 [2940] *** Process: 2912 (parent 3532) C:\Program Files\ATI Technologies\ATI.ACE\atishlx.exe:
= 02–11–2006 20:54:36 apn–scan(atishlx.exe): 52 microseconds
= 02–11–2006 20:54:36 [2940] ap–scan [31ms]: NO THREAT found in file C:\Program Files\ATI Technologies\ATI.ACE\atishlx.exe
= 02–11–2006 20:54:36 [3044] *** Process: 2764 (parent 2912) C:\WINDOWS\System32\cmd.exe:
= 02–11–2006 20:54:36 apn–scan(cmd.exe): 48 microseconds
= 02–11–2006 20:54:36 [3044] ap–scan [360ms]: NO THREAT found in file C:\WINDOWS\System32\cmd.exe
= 02–11–2006 20:54:37 [3120] *** Process: 2276 (parent 2764) C:\WINDOWS\regedit.exe:
= 02–11–2006 20:54:37 apn–scan(regedit.exe): 45 microseconds
= 02–11–2006 20:54:37 [3120] ap–scan [47ms]: NO THREAT found in file C:\WINDOWS\regedit.exe
= 02–11–2006 20:54:37 [3132] *** Process: 2120 (parent 2764) C:\WINDOWS\regedit.exe:
= 02–11–2006 20:54:37 apn–scan(regedit.exe): 54 microseconds
= 02–11–2006 20:54:37 [3132] ap–scan [47ms]: NO THREAT found in file C:\WINDOWS\regedit.exe
= 02–11–2006 20:54:37 [3184] *** Process: 3156 (parent 2764) C:\Program Files\ATI Technologies\ATI.ACE\thunk.exe:
= 02–11–2006 20:54:37 apn–scan(thunk.exe): 45 microseconds
= 02–11–2006 20:54:37 [3184] ap–scan [31ms]: NO THREAT found in file C:\Program Files\ATI Technologies\ATI.ACE\thunk.exe
= 02–11–2006 20:54:37 [3208] *** Process: 444 (parent 2764) C:\Program Files\ATI Technologies\ATI.ACE\thunk.exe:
= 02–11–2006 20:54:37 apn–scan(thunk.exe): 45 microseconds
= 02–11–2006 20:54:37 [3208] ap–scan [15ms]: NO THREAT found in file C:\Program Files\ATI Technologies\ATI.ACE\thunk.exe
= 02–11–2006 20:54:52 [3492] *** Process: 3420 (parent 676) C:\WINDOWS\system32\logonui.exe:
= 02–11–2006 20:54:52 apn–scan(logonui.exe): 49 microseconds
= 02–11–2006 20:54:52 [3492] ap–scan [78ms]: NO THREAT found in file C:\WINDOWS\system32\logonui.exe
********* Spyware Nuker XT Log File **********
– Version: 4.5.40.1560 Build 1560
– Definition Database Date: 1/16/2006 08:36:25 AM (12867 entries)
– OS version: Windows XP 5.1.2600 []
– Default Browser: Opera (C:\Programy\Opera\Opera.exe)
– Browser Versions: IE:6.0.2600.0000;
– User ID: S–1–5–21–1757981266–492894223–682003330–1003
= 02–11–2006 20:56:19 database: 1/16/2006 08:36:25 AM (12867 entries)
= 02–11–2006 20:56:20 2009 exe signatures
= 02–11–2006 20:56:20 52 exe signatures
= 02–11–2006 20:56:21 Scan Locations: "C:\", "D:\"
= 02–11–2006 20:56:26 [1240] *** Process: 1232 (parent 720) C:\WINDOWS\system32\ati2sgag.exe:
= 02–11–2006 20:56:26 apn–scan(ati2sgag.exe): 48 microseconds
= 02–11–2006 20:56:26 [1240] ap–scan [156ms]: NO THREAT found in file C:\WINDOWS\system32\ati2sgag.exe
= 02–11–2006 20:56:26 [1388] *** Process: 1380 (parent 720) C:\Program Files\Eset\nod32krn.exe:
= 02–11–2006 20:56:28 apn–scan(nod32krn.exe): 53 microseconds
= 02–11–2006 20:56:28 [1388] ap–scan [2375ms]: NO THREAT found in file C:\Program Files\Eset\nod32krn.exe
= 02–11–2006 20:56:29 [1548] *** Process: 1536 (parent 720) C:\Programy\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe:
= 02–11–2006 20:56:29 apn–scan(StarWindService.exe): 46 microseconds
= 02–11–2006 20:56:29 [1548] ap–scan [546ms]: NO THREAT found in file C:\Programy\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
= 02–11–2006 20:56:37 [2024] *** Process: 2016 (parent 1380) C:\WINDOWS\System32\regedt32.exe:
= 02–11–2006 20:56:38 apn–scan(regedt32.exe): 50 microseconds
= 02–11–2006 20:56:38 [2024] ap–scan [860ms]: NO THREAT found in file C:\WINDOWS\System32\regedt32.exe
= 02–11–2006 20:56:38 [220] *** Process: 212 (parent 720) C:\WINDOWS\System32\imapi.exe:
= 02–11–2006 20:56:39 apn–scan(imapi.exe): 50 microseconds
= 02–11–2006 20:56:39 [220] ap–scan [1093ms]: NO THREAT found in file C:\WINDOWS\System32\imapi.exe
= 02–11–2006 20:56:41 [440] *** Process: 1080 (parent 1232) C:\WINDOWS\system32\ati2sgag.exe:
= 02–11–2006 20:56:41 [460] *** Process: 452 (parent 720) C:\WINDOWS\System32\wbem\wmiapsrv.exe:
= 02–11–2006 20:56:41 apn–scan(ati2sgag.exe): 48 microseconds
= 02–11–2006 20:56:41 [528] *** Process: 508 (parent 2016) C:\WINDOWS\regedit.exe:
= 02–11–2006 20:56:41 apn–scan(wmiapsrv.exe): 50 microseconds
= 02–11–2006 20:56:41 [440] ap–scan [407ms]: NO THREAT found in file C:\WINDOWS\system32\ati2sgag.exe
= 02–11–2006 20:56:41 apn–scan(regedit.exe): 47 microseconds
= 02–11–2006 20:56:42 [460] ap–scan [203ms]: NO THREAT found in file C:\WINDOWS\System32\wbem\wmiapsrv.exe
= 02–11–2006 20:56:42 [528] ap–scan [500ms]: NO THREAT found in file C:\WINDOWS\regedit.exe
= 02–11–2006 20:56:48 [1212] *** Process: 1144 (parent 1528) C:\Program Files\ATI Technologies\ATI.ACE\cli.exe:
= 02–11–2006 20:56:48 apn–scan(cli.exe): 50 microseconds
= 02–11–2006 20:56:48 [1212] ap–scan [328ms]: NO THREAT found in file C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
= 02–11–2006 20:56:49 [1880] *** Process: 1376 (parent 932) C:\WINDOWS\System32\wbem\wmiprvse.exe:
= 02–11–2006 20:56:50 apn–scan(wmiprvse.exe): 55 microseconds
= 02–11–2006 20:56:50 [1880] ap–scan [141ms]: NO THREAT found in file C:\WINDOWS\System32\wbem\wmiprvse.exe
= 02–11–2006 20:56:51 [2184] *** Process: 2176 (parent 1528) C:\Program Files\ATI Technologies\ATI.ACE\cli.exe:
= 02–11–2006 20:56:51 apn–scan(cli.exe): 49 microseconds
= 02–11–2006 20:56:51 [2184] ap–scan [94ms]: NO THREAT found in file C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
= 02–11–2006 20:56:54 [2404] *** Process: 2396 (parent 1528) C:\Program Files\ATI Technologies\ATI.ACE\cli.exe:
= 02–11–2006 20:56:54 apn–scan(cli.exe): 47 microseconds
= 02–11–2006 20:56:54 [2404] ap–scan [47ms]: NO THREAT found in file C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
= 02–11–2006 20:56:59 [2676] *** Process: 2668 (parent 376) C:\Program Files\ATI Technologies\ATI.ACE\cli.exe:
= 02–11–2006 20:56:59 apn–scan(cli.exe): 44 microseconds
= 02–11–2006 20:56:59 [2676] ap–scan [31ms]: NO THREAT found in file C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
= 02–11–2006 20:56:59 [2700] *** Process: 2692 (parent 376) C:\Program Files\ATI Technologies\ATI.ACE\cli.exe:
= 02–11–2006 20:56:59 apn–scan(cli.exe): 46 microseconds
= 02–11–2006 20:56:59 [2700] ap–scan [110ms]: NO THREAT found in file C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
= 02–11–2006 20:56:59 [2736] *** Process: 2728 (parent 376) C:\Program Files\ATI Technologies\ATI.ACE\cli.exe:
= 02–11–2006 20:56:59 apn–scan(cli.exe): 46 microseconds
= 02–11–2006 20:56:59 [2736] ap–scan [62ms]: NO THREAT found in file C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
= 02–11–2006 20:57:08 [3076] *** Process: 3068 (parent 2692) C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe:
= 02–11–2006 20:57:08 apn–scan(CLI.exe): 50 microseconds
= 02–11–2006 20:57:08 [3076] ap–scan [32ms]: NO THREAT found in file C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
= 02–11–2006 20:57:11 [3248] *** Process: 3240 (parent 720) C:\WINDOWS\System32\wbem\wmiapsrv.exe:
= 02–11–2006 20:57:11 apn–scan(wmiapsrv.exe): 49 microseconds
= 02–11–2006 20:57:11 [3248] ap–scan [62ms]: NO THREAT found in file C:\WINDOWS\System32\wbem\wmiapsrv.exe
= 02–11–2006 20:57:11 [3336] *** Process: 3328 (parent 720) C:\WINDOWS\System32\wbem\wmiapsrv.exe:
= 02–11–2006 20:57:11 apn–scan(wmiapsrv.exe): 49 microseconds
= 02–11–2006 20:57:11 [3336] ap–scan [32ms]: NO THREAT found in file C:\WINDOWS\System32\wbem\wmiapsrv.exe
= 02–11–2006 20:57:42 [468] *** Process: 1180 (parent 1528) C:\Program Files\ATI Technologies\ATI.ACE\cli.exe:
= 02–11–2006 20:57:42 apn–scan(cli.exe): 46 microseconds
= 02–11–2006 20:57:42 [468] ap–scan [32ms]: NO THREAT found in file C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
= 02–11–2006 20:59:45 [1192] *** Process: 1656 (parent 1648) C:\Programy\WinRAR\WinRAR.exe:
= 02–11–2006 20:59:46 apn–scan(WinRAR.exe): 42 microseconds
= 02–11–2006 20:59:46 [1192] ap–scan [265ms]: NO THREAT found in file C:\Programy\WinRAR\WinRAR.exe
= 02–11–2006 20:59:50 [2420] *** Process: 2416 (parent 1656) C:\DOCUME~1\Deus\USTAWI~1\Temp\Rar$EX00.859\Crack.eXe:
= 02–11–2006 20:59:50 apn–scan(Crack.eXe): 43 microseconds
= 02–11–2006 20:59:50 [2420] ap–scan [16ms]: NO THREAT found in file C:\DOCUME~1\Deus\USTAWI~1\Temp\Rar$EX00.859\Crack.eXe
= 02–11–2006 21:00:05 [224] *** Process: 2436 (parent 1648) C:\Programy\WinRAR\WinRAR.exe:
= 02–11–2006 21:00:06 apn–scan(WinRAR.exe): 42 microseconds
= 02–11–2006 21:00:06 [224] ap–scan [234ms]: NO THREAT found in file C:\Programy\WinRAR\WinRAR.exe
= 02–11–2006 21:00:17 [440] *** Process: 2876 (parent 1648) D:\P2P\eMule plus\Incoming\Spyware.Nuker.XT.v4.5.40.1560.incl.crack.TBE.by.ChingLiu\Crack.eXe:
= 02–11–2006 21:00:17 apn–scan(Crack.eXe): 41 microseconds
= 02–11–2006 21:00:17 [440] ap–scan [0ms]: NO THREAT found in file D:\P2P\eMule plus\Incoming\Spyware.Nuker.XT.v4.5.40.1560.incl.crack.TBE.by.ChingLiu\Crack.eXe
= 02–11–2006 21:00:21 [2964] *** Process: 1552 (parent 1648) D:\P2P\eMule plus\Incoming\Spyware.Nuker.XT.v4.5.40.1560.incl.crack.TBE.by.ChingLiu\Crack.eXe:
= 02–11–2006 21:00:21 apn–scan(Crack.eXe): 37 microseconds
= 02–11–2006 21:00:21 [2964] ap–scan [0ms]: NO THREAT found in file D:\P2P\eMule plus\Incoming\Spyware.Nuker.XT.v4.5.40.1560.incl.crack.TBE.by.ChingLiu\Crack.eXe
= 02–11–2006 21:01:08 [3804] *** Process: 3800 (parent 1648) D:\Antivirusy\Spyware Nuker\Crack.eXe:
= 02–11–2006 21:01:09 apn–scan(Crack.eXe): 37 microseconds
= 02–11–2006 21:01:09 [3804] ap–scan [15ms]: NO THREAT found in file D:\Antivirusy\Spyware Nuker\Crack.eXe
= 02–11–2006 21:03:11 [2652] *** Process: 3828 (parent 1648) D:\P2P\Ares\Ares.exe:
= 02–11–2006 21:03:12 apn–scan(Ares.exe): 34 microseconds
= 02–11–2006 21:03:12 [2652] ap–scan [187ms]: NO THREAT found in file D:\P2P\Ares\Ares.exe
= 02–11–2006 21:04:06 [2632] *** Process: 2624 (parent 332) C:\Odtwarzacze\Winamp\winamp.exe:
= 02–11–2006 21:04:06 apn–scan(winamp.exe): 41 microseconds
= 02–11–2006 21:04:06 [2632] ap–scan [735ms]: NO THREAT found in file C:\Odtwarzacze\Winamp\winamp.exe
= 02–11–2006 21:04:07 [2684] *** Process: 2808 (parent 332) C:\Odtwarzacze\Winamp\winamp.exe:
= 02–11–2006 21:04:07 apn–scan(winamp.exe): 44 microseconds
= 02–11–2006 21:04:07 [2684] ap–scan [360ms]: NO THREAT found in file C:\Odtwarzacze\Winamp\winamp.exe
= 02–11–2006 21:04:07 [2736] *** Process: 2752 (parent 332) C:\Odtwarzacze\Winamp\winamp.exe:
= 02–11–2006 21:04:07 apn–scan(winamp.exe): 41 microseconds
= 02–11–2006 21:04:07 [2736] ap–scan [359ms]: NO THREAT found in file C:\Odtwarzacze\Winamp\winamp.exe
= 02–11–2006 21:04:07 [2608] *** Process: 2800 (parent 332) C:\Odtwarzacze\Winamp\winamp.exe:
= 02–11–2006 21:04:08 apn–scan(winamp.exe): 40 microseconds
= 02–11–2006 21:04:08 [2608] ap–scan [391ms]: NO THREAT found in file C:\Odtwarzacze\Winamp\winamp.exe
= 02–11–2006 21:04:08 [2524] *** Process: 2512 (parent 332) C:\Odtwarzacze\Winamp\winamp.exe:
= 02–11–2006 21:04:08 apn–scan(winamp.exe): 41 microseconds
= 02–11–2006 21:04:08 [2524] ap–scan [344ms]: NO THREAT found in file C:\Odtwarzacze\Winamp\winamp.exe
= 02–11–2006 21:04:08 [436] *** Process: 2852 (parent 332) C:\Odtwarzacze\Winamp\winamp.exe:
= 02–11–2006 21:04:08 apn–scan(winamp.exe): 44 microseconds
= 02–11–2006 21:04:09 [436] ap–scan [375ms]: NO THREAT found in file C:\Odtwarzacze\Winamp\winamp.exe
= 02–11–2006 21:04:09 [2896] *** Process: 2892 (parent 332) C:\Odtwarzacze\Winamp\winamp.exe:
= 02–11–2006 21:04:09 apn–scan(winamp.exe): 42 microseconds
= 02–11–2006 21:04:09 [2896] ap–scan [344ms]: NO THREAT found in file C:\Odtwarzacze\Winamp\winamp.exe
= 02–11–2006 21:04:23 [1544] *** Process: 3236 (parent 2692) C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe:
= 02–11–2006 21:04:24 apn–scan(CLI.exe): 61 microseconds
= 02–11–2006 21:04:24 [1544] ap–scan [125ms]: NO THREAT found in file C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
= 02–11–2006 21:04:31 [3480] *** Process: 3468 (parent 932) C:\WINDOWS\System32\wbem\wmiprvse.exe:
= 02–11–2006 21:04:31 apn–scan(wmiprvse.exe): 53 microseconds
= 02–11–2006 21:04:31 [3480] ap–scan [141ms]: NO THREAT found in file C:\WINDOWS\System32\wbem\wmiprvse.exe
= 02–11–2006 21:05:43 [2380] *** Process: 2568 (parent 1648) C:\Odtwarzacze\Winamp\winamp.exe:
= 02–11–2006 21:05:44 apn–scan(winamp.exe): 42 microseconds
= 02–11–2006 21:05:44 [2380] ap–scan [641ms]: NO THREAT found in file C:\Odtwarzacze\Winamp\winamp.exe
= 02–11–2006 21:05:47 [2508] *** Process: 2608 (parent 1648) C:\Odtwarzacze\Winamp\winamp.exe:
= 02–11–2006 21:05:47 [2848] *** Process: 2784 (parent 1648) C:\Odtwarzacze\Winamp\winamp.exe:
= 02–11–2006 21:05:47 apn–scan(winamp.exe): 43 microseconds
= 02–11–2006 21:05:48 [2508] ap–scan [735ms]: NO THREAT found in file C:\Odtwarzacze\Winamp\winamp.exe
= 02–11–2006 21:05:48 apn–scan(winamp.exe): 42 microseconds
= 02–11–2006 21:05:48 [2848] ap–scan [672ms]: NO THREAT found in file C:\Odtwarzacze\Winamp\winamp.exe
= 02–11–2006 21:09:38 [2860] *** Process: 2836 (parent 1648) C:\Program Files\ATI Technologies\ATI.ACE\cli.exe:
= 02–11–2006 21:09:38 apn–scan(cli.exe): 47 microseconds
= 02–11–2006 21:09:38 [2860] ap–scan [31ms]: NO THREAT found in file C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
= 02–11–2006 21:09:41 [2976] *** Process: 2964 (parent 932) C:\WINDOWS\System32\wbem\wmiprvse.exe:
= 02–11–2006 21:09:41 apn–scan(wmiprvse.exe): 50 microseconds
= 02–11–2006 21:09:41 [2976] ap–scan [62ms]: NO THREAT found in file C:\WINDOWS\System32\wbem\wmiprvse.exe
= 02–11–2006 21:11:33 [4056] *** Process: 4040 (parent 1648) C:\Program Files\ATI Technologies\ATI.ACE\cli.exe:
= 02–11–2006 21:11:33 apn–scan(cli.exe): 47 microseconds
= 02–11–2006 21:11:33 [4056] ap–scan [31ms]: NO THREAT found in file C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
= 02–11–2006 21:11:59 [2412] *** Process: 2532 (parent 1648) D:\ATI\SUPPORT\Hydrovision\MagnifyFX.exe:
= 02–11–2006 21:11:59 apn–scan(MagnifyFX.exe): 43 microseconds
= 02–11–2006 21:11:59 [2412] ap–scan [109ms]: NO THREAT found in file D:\ATI\SUPPORT\Hydrovision\MagnifyFX.exe
= 02–11–2006 21:12:07 [2940] *** Process: 2880 (parent 1648) D:\ATI\SUPPORT\Hydrovision\HydraCPL.exe:
= 02–11–2006 21:12:07 apn–scan(HydraCPL.exe): 53 microseconds
= 02–11–2006 21:12:07 [2940] ap–scan [46ms]: NO THREAT found in file D:\ATI\SUPPORT\Hydrovision\HydraCPL.exe
= 02–11–2006 21:13:33 [3460] *** Process: 820 (parent 1648) D:\P2P\eMule\emule.exe:
= 02–11–2006 21:13:34 apn–scan(emule.exe): 34 microseconds
= 02–11–2006 21:13:34 [3460] ap–scan [969ms]: NO THREAT found in file D:\P2P\eMule\emule.exe
= 02–11–2006 21:14:10 [1956] *** Process: 532 (parent 1648) C:\WINDOWS\system32\NOTEPAD.EXE:
= 02–11–2006 21:14:10 apn–scan(NOTEPAD.EXE): 48 microseconds
= 02–11–2006 21:14:10 [1956] ap–scan [47ms]: NO THREAT found in file C:\WINDOWS\system32\NOTEPAD.EXE
= 02–11–2006 21:14:30 [2956] *** Process: 2696 (parent 228) C:\WINDOWS\hh.exe:
= 02–11–2006 21:14:30 apn–scan(hh.exe): 48 microseconds
= 02–11–2006 21:14:30 [2956] ap–scan [47ms]: NO THREAT found in file C:\WINDOWS\hh.exe
= 02–11–2006 21:15:03 [3348] *** Process: 3340 (parent 228) C:\Program Files\INAC\StartUp Manager\StartupManager.exe:
= 02–11–2006 21:15:03 apn–scan(StartupManager.exe): 52 microseconds
= 02–11–2006 21:15:03 [3348] ap–scan [266ms]: NO THREAT found in file C:\Program Files\INAC\StartUp Manager\StartupManager.exe
= 02–11–2006 21:15:19 process list begins (scan)
= 02–11–2006 21:15:19 0584 \SystemRoot\System32\smss.exe
= 02–11–2006 21:15:19 0648 C:\WINDOWS\system32\csrss.exe
= 02–11–2006 21:15:19 0676 C:\WINDOWS\system32\winlogon.exe
= 02–11–2006 21:15:19 0720 C:\WINDOWS\system32\services.exe
= 02–11–2006 21:15:19 0732 C:\WINDOWS\syst
Logfile of HijackThis v1.99.1
Scan saved at 17:44:29, on 2006–02–24
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Eset\nod32krn.exe
E:\Programy\Alcohol ..9.5\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Eset\nod32kui.exe
E:\Antivirusy\Spyware Nuker\swnxt.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
E:\Odtwarzacze\PowerDVD\PDVDServ.exe
C:\Program Files\Hewlett–Packard\HP Software Update\HPWuSchd2.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
E:\Programy\D–Link AirPlus\AirPlus.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
E:\P2P\eMule plus\eMule.exe
E:\P2P\eMule\emule.exe
C:\WINDOWS\system32\ntvdm.exe
E:\Programy\Przeglondarka internetowa\Opera\Opera.exe
C:\PROGRA~1\GetRight\getright.exe
C:\PROGRA~1\GetRight\getright.exe
E:\Antivirusy\hijackthis\HijackThis.exe
R1 – HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R0 – HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
O2 – BHO: AcroIEHlprObj Class – {06849E9F–C8D7–4D59–B87D–784B7D6BE0B3} – E:\Programy\Acrobat 5.0 CE\Reader\ActiveX\AcroIEHelper.ocx
O2 – BHO: bho2gr Class – {31FF080D–12A3–439A–A2EF–4BA95A3148E8} – C:\Program Files\GetRight\xx2gr.dll
O2 – BHO: (no name) – {53707962–6F74–2D53–2644–206D7942484F} – E:\Antivirusy\Spybot – Search & Destroy\SDHelper.dll
O2 – BHO: SSVHelper Class – {761497BB–D6F0–462C–B6EB–D4DAF1D92D43} – C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O4 – HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 – HKLM\..\Run: [SWN2] E:\Antivirusy\Spyware Nuker\swnxt.exe /h
O4 – HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 – HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime –Delay
O4 – HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 – HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe
O4 – HKLM\..\Run: [RemoteControl] E:\Odtwarzacze\PowerDVD\PDVDServ.exe
O4 – HKLM\..\Run: [HP Software Update] C:\Program Files\Hewlett–Packard\HP Software Update\HPWuSchd2.exe
O4 – HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 – HKLM\..\Run: [BearShare] "E:\P2P\BearShare\BearShare.exe" /pause
O4 – HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 – Global Startup: D–Link AirPlus.lnk = ?
O4 – Global Startup: GetRight – Tray Icon.lnk = C:\Program Files\GetRight\getright.exe
O4 – Global Startup: Microsoft Office.lnk = E:\Programy\Microsoft Office\Office10\OSA.EXE
O8 – Extra context menu item: E&ksport do programu Microsoft Excel – res://E:\Programy\MICROS~1\Office10\EXCEL.EXE/3000
O9 – Extra button: (no name) – {08B0E5C0–4FCB–11CF–AAA5–00401C608501} – C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 – Extra 'Tools' menuitem: Sun Java Console – {08B0E5C0–4FCB–11CF–AAA5–00401C608501} – C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 – Extra button: Messenger – {FB5F1910–F110–11d2–BB9E–00C04F795683} – C:\Program Files\Messenger\msmsgs.exe
O9 – Extra 'Tools' menuitem: Windows Messenger – {FB5F1910–F110–11d2–BB9E–00C04F795683} – C:\Program Files\Messenger\msmsgs.exe
O23 – Service: Ati HotKey Poller – ATI Technologies Inc. – C:\WINDOWS\system32\Ati2evxx.exe
O23 – Service: ATI Smart – Unknown owner – C:\WINDOWS\system32\ati2sgag.exe
O23 – Service: NOD32 Kernel Service (NOD32krn) – Eset – C:\Program Files\Eset\nod32krn.exe
O23 – Service: StarWind iSCSI Service (StarWindService) – Rocket Division Software – E:
\Programy\Alcohol ..9.5\Alcohol 120\StarWind\StarWindService.exe
********* Spyware Nuker XT Log File **********
– Version: 4.5.40.1560 Build 1560
– Definition Database Date: 1/16/2006 08:36:25 AM (12867 entries)
– OS version: Windows XP 5.1.2600 []
– Default Browser: IExplore (C:\Program Files\Internet Explorer\iexplore.exe)
– Browser Versions: IE:6.0.2600.0000;
– User ID: S–1–5–21–1757981266–492894223–682003330–1003
= 02–11–2006 18:44:56 database: 1/16/2006 08:36:25 AM (12867 entries)
= 02–11–2006 18:44:56 2009 exe signatures
= 02–11–2006 18:44:56 52 exe signatures
= 02–11–2006 18:44:57 Scan Locations: "C:\", "D:\"
= 02–11–2006 18:44:57 restored essential registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main|Default_Page_URL => "about:blank"
= 02–11–2006 18:44:57 restored essential registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main|Default_Search_URL => "http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
= 02–11–2006 18:44:57 [396] *** Process: 348 (parent 900) C:\WINDOWS\System32\rasautou.exe:
= 02–11–2006 18:44:57 apn–scan(rasautou.exe): 46 microseconds
= 02–11–2006 18:44:57 [396] ap–scan [0ms]: NO THREAT found in file C:\WINDOWS\System32\rasautou.exe
= 02–11–2006 18:45:22 [604] *** Process: 404 (parent 988) C:\DOCUME~1\Deus\USTAWI~1\Temp\Rar$EX04.079\Crack.eXe:
= 02–11–2006 18:45:22 apn–scan(Crack.eXe): 43 microseconds
= 02–11–2006 18:45:22 [604] ap–scan [0ms]: NO THREAT found in file C:\DOCUME~1\Deus\USTAWI~1\Temp\Rar$EX04.079\Crack.eXe
= 02–11–2006 18:45:30 [864] *** Process: 124 (parent 988) C:\DOCUME~1\Deus\USTAWI~1\Temp\Rar$EX05.375\Crack.eXe:
= 02–11–2006 18:45:30 apn–scan(Crack.eXe): 42 microseconds
= 02–11–2006 18:45:30 [864] ap–scan [15ms]: NO THREAT found in file C:\DOCUME~1\Deus\USTAWI~1\Temp\Rar$EX05.375\Crack.eXe
= 02–11–2006 18:46:08 [836] *** Process: 520 (parent 1072) D:\Antivirusy\Crack.eXe:
= 02–11–2006 18:46:08 apn–scan(Crack.eXe): 34 microseconds
= 02–11–2006 18:46:08 [836] ap–scan [16ms]: NO THREAT found in file D:\Antivirusy\Crack.eXe
= 02–11–2006 18:46:13 [364] *** Process: 488 (parent 1072) D:\Antivirusy\Spyware Nuker\Crack.eXe:
= 02–11–2006 18:46:13 apn–scan(Crack.eXe): 39 microseconds
= 02–11–2006 18:46:13 [364] ap–scan [16ms]: NO THREAT found in file D:\Antivirusy\Spyware Nuker\Crack.eXe
= 02–11–2006 18:46:16 [936] *** Process: 2004 (parent 1072) D:\Antivirusy\Spyware Nuker\Crack.eXe:
= 02–11–2006 18:46:16 apn–scan(Crack.eXe): 35 microseconds
= 02–11–2006 18:46:16 [936] ap–scan [0ms]: NO THREAT found in file D:\Antivirusy\Spyware Nuker\Crack.eXe
= 02–11–2006 18:46:21 [796] *** Process: 444 (parent 1072) D:\Antivirusy\Spyware Nuker\swnxt.exe:
= 02–11–2006 18:46:21 apn–scan(swnxt.exe): 40 microseconds
= 02–11–2006 18:46:21 [796] ap–scan [203ms]: NO THREAT found in file D:\Antivirusy\Spyware Nuker\swnxt.exe
********* Spyware Nuker XT Log File **********
– Version: 4.5.40.1560 Build 1560
– Definition Database Date: 1/16/2006 08:36:25 AM (12867 entries)
– OS version: Windows XP 5.1.2600 []
– Default Browser: IExplore (C:\Program Files\Internet Explorer\iexplore.exe)
– Browser Versions: IE:6.0.2600.0000;
– User ID: S–1–5–21–1757981266–492894223–682003330–1003
= 02–11–2006 18:46:21 database: 1/16/2006 08:36:25 AM (12867 entries)
= 02–11–2006 18:46:22 2009 exe signatures
= 02–11–2006 18:46:22 52 exe signatures
= 02–11–2006 18:46:49 [920] *** Process: 1064 (parent 900) C:\WINDOWS\System32\rundll32.exe:
= 02–11–2006 18:46:49 apn–scan(rundll32.exe): 46 microseconds
= 02–11–2006 18:46:49 [920] ap–scan [31ms]: NO THREAT found in file C:\WINDOWS\System32\rundll32.exe
= 02–11–2006 18:46:49 [1508] *** Process: 1136 (parent 668) C:\WINDOWS\System32\imapi.exe:
= 02–11–2006 18:46:49 apn–scan(imapi.exe): 46 microseconds
= 02–11–2006 18:46:49 [1508] ap–scan [31ms]: NO THREAT found in file C:\WINDOWS\System32\imapi.exe
= 02–11–2006 18:47:06 [1500] *** Process: 464 (parent 900) C:\WINDOWS\System32\rundll32.exe:
= 02–11–2006 18:47:06 apn–scan(rundll32.exe): 46 microseconds
= 02–11–2006 18:47:06 [1500] ap–scan [0ms]: NO THREAT found in file C:\WINDOWS\System32\rundll32.exe
= 02–11–2006 18:47:06 [648] *** Process: 752 (parent 668) C:\WINDOWS\System32\imapi.exe:
= 02–11–2006 18:47:06 apn–scan(imapi.exe): 47 microseconds
= 02–11–2006 18:47:06 [648] ap–scan [16ms]: NO THREAT found in file C:\WINDOWS\System32\imapi.exe
= 02–11–2006 18:47:07 [1232] *** Process: 1188 (parent 1072) E:\AUTORUN.EXE:
= 02–11–2006 18:47:08 apn–scan(AUTORUN.EXE): 33 microseconds
= 02–11–2006 18:47:08 [1232] ap–scan [844ms]: NO THREAT found in file E:\AUTORUN.EXE
= 02–11–2006 18:47:12 [1460] *** Process: 1156 (parent 1072) C:\WINDOWS\system32\rundll32.exe:
= 02–11–2006 18:47:12 apn–scan(rundll32.exe): 48 microseconds
= 02–11–2006 18:47:12 [1460] ap–scan [16ms]: NO THREAT found in file C:\WINDOWS\system32\rundll32.exe
= 02–11–2006 18:47:13 [1140] *** Process: 952 (parent 848) C:\WINDOWS\System32\wbem\wmiprvse.exe:
= 02–11–2006 18:47:13 apn–scan(wmiprvse.exe): 49 microseconds
= 02–11–2006 18:47:13 [1140] ap–scan [62ms]: NO THREAT found in file C:\WINDOWS\System32\wbem\wmiprvse.exe
= 02–11–2006 18:47:15 [1664] *** Process: 1548 (parent 1156) C:\WINDOWS\System32\mmc.exe:
= 02–11–2006 18:47:16 apn–scan(mmc.exe): 45 microseconds
= 02–11–2006 18:47:16 [1664] ap–scan [172ms]: NO THREAT found in file C:\WINDOWS\System32\mmc.exe
= 02–11–2006 18:47:45 [1680] *** Process: 1688 (parent 1072) C:\WINDOWS\system32\rundll32.exe:
= 02–11–2006 18:47:45 apn–scan(rundll32.exe): 48 microseconds
= 02–11–2006 18:47:45 [1680] ap–scan [16ms]: NO THREAT found in file C:\WINDOWS\system32\rundll32.exe
= 02–11–2006 18:49:09 [1968] *** Process: 1964 (parent 1688) C:\WINDOWS\system32\runonce.exe:
= 02–11–2006 18:49:09 apn–scan(runonce.exe): 48 microseconds
= 02–11–2006 18:49:09 [1968] ap–scan [15ms]: NO THREAT found in file C:\WINDOWS\system32\runonce.exe
= 02–11–2006 18:49:10 [1952] *** Process: 1792 (parent 1688) C:\WINDOWS\system32\runonce.exe:
= 02–11–2006 18:49:10 apn–scan(runonce.exe): 48 microseconds
= 02–11–2006 18:49:10 [1952] ap–scan [0ms]: NO THREAT found in file C:\WINDOWS\system32\runonce.exe
= 02–11–2006 18:49:20 [976] *** Process: 984 (parent 1072) C:\WINDOWS\System32\rundll32.exe:
= 02–11–2006 18:49:20 apn–scan(rundll32.exe): 48 microseconds
= 02–11–2006 18:49:20 [976] ap–scan [0ms]: NO THREAT found in file C:\WINDOWS\System32\rundll32.exe
= 02–11–2006 18:50:03 [1892] *** Process: 292 (parent 1072) C:\Program Files\Internet Explorer\iexplore.exe:
= 02–11–2006 18:50:03 apn–scan(iexplore.exe): 47 microseconds
= 02–11–2006 18:50:03 [1892] ap–scan [31ms]: NO THREAT found in file C:\Program Files\Internet Explorer\iexplore.exe
= 02–11–2006 18:50:41 [1660] *** Process: 532 (parent 900) C:\WINDOWS\System32\rundll32.exe:
= 02–11–2006 18:50:41 apn–scan(rundll32.exe): 47 microseconds
= 02–11–2006 18:50:41 [1660] ap–scan [16ms]: NO THREAT found in file C:\WINDOWS\System32\rundll32.exe
= 02–11–2006 18:50:41 [968] *** Process: 1956 (parent 668) C:\WINDOWS\System32\imapi.exe:
= 02–11–2006 18:50:41 apn–scan(imapi.exe): 46 microseconds
= 02–11–2006 18:50:41 [968] ap–scan [32ms]: NO THREAT found in file C:\WINDOWS\System32\imapi.exe
= 02–11–2006 18:50:56 [1820] *** Process: 996 (parent 900) \\?\C:\WINDOWS\system32\WBEM\WMIADAP.EXE:
= 02–11–2006 18:50:56 apn–scan(WMIADAP.EXE): 36 microseconds
= 02–11–2006 18:50:56 [1820] ap–scan [78ms]: NO THREAT found in file \\?\C:\WINDOWS\system32\WBEM\WMIADAP.EXE
= 02–11–2006 18:50:56 [1212] *** Process: 432 (parent 848) C:\WINDOWS\System32\wbem\wmiprvse.exe:
= 02–11–2006 18:50:57 apn–scan(wmiprvse.exe): 48 microseconds
= 02–11–2006 18:50:57 [1212] ap–scan [47ms]: NO THREAT found in file C:\WINDOWS\System32\wbem\wmiprvse.exe
********* Spyware Nuker XT Log File **********
– Version: 4.5.40.1560 Build 1560
– Definition Database Date: 1/16/2006 08:36:25 AM (12867 entries)
– OS version: Windows XP 5.1.2600 []
– Default Browser: Opera (C:\Programy\Opera\Opera.exe)
– Browser Versions: IE:6.0.2600.0000;
– User ID: S–1–5–21–1757981266–492894223–682003330–1003
= 02–11–2006 20:32:41 database: 1/16/2006 08:36:25 AM (12867 entries)
= 02–11–2006 20:32:46 2009 exe signatures
= 02–11–2006 20:32:46 52 exe signatures
= 02–11–2006 20:33:05 Scan Locations: "C:\", "D:\"
= 02–11–2006 20:33:14 [744] *** Process: 720 (parent 728) C:\WINDOWS\System32\wbem\wmiprvse.exe:
= 02–11–2006 20:33:14 apn–scan(wmiprvse.exe): 51 microseconds
= 02–11–2006 20:33:14 [744] ap–scan [140ms]: NO THREAT found in file C:\WINDOWS\System32\wbem\wmiprvse.exe
= 02–11–2006 20:33:24 [1648] *** Process: 1632 (parent 540) C:\WINDOWS\System32\wbem\wmiapsrv.exe:
= 02–11–2006 20:33:24 apn–scan(wmiapsrv.exe): 49 microseconds
= 02–11–2006 20:33:24 [1648] ap–scan [62ms]: NO THREAT found in file C:\WINDOWS\System32\wbem\wmiapsrv.exe
= 02–11–2006 20:33:26 process list begins (scan)
= 02–11–2006 20:33:26 0416 \SystemRoot\System32\smss.exe
= 02–11–2006 20:33:26 0472 C:\WINDOWS\system32\csrss.exe
= 02–11–2006 20:33:26 0496 C:\WINDOWS\system32\winlogon.exe
= 02–11–2006 20:33:26 0540 C:\WINDOWS\system32\services.exe
= 02–11–2006 20:33:26 0552 C:\WINDOWS\system32\lsass.exe
= 02–11–2006 20:33:26 0728 C:\WINDOWS\system32\svchost.exe
= 02–11–2006 20:33:26 0780 C:\WINDOWS\System32\svchost.exe
= 02–11–2006 20:33:26 0844 C:\WINDOWS\System32\svchost.exe
= 02–11–2006 20:33:26 0868 C:\WINDOWS\System32\svchost.exe
= 02–11–2006 20:33:26 0948 C:\WINDOWS\system32\spoolsv.exe
= 02–11–2006 20:33:26 1124 C:\Program Files\Eset\nod32krn.exe
= 02–11–2006 20:33:26 1156 C:\Programy\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
= 02–11–2006 20:33:26 1680 C:\WINDOWS\Explorer.EXE
= 02–11–2006 20:33:26 1892 C:\Program Files\Eset\nod32kui.exe
= 02–11–2006 20:33:26 1980 D:\Antivirusy\Spyware Nuker\swnxt.exe
= 02–11–2006 20:33:26 2012 C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
= 02–11–2006 20:33:26 2032 C:\WINDOWS\System32\RunDll32.exe
= 02–11–2006 20:33:26 0216 C:\Programy\PowerDVD\PDVDServ.exe
= 02–11–2006 20:33:26 0244 C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
= 02–11–2006 20:33:26 0276 C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb10.exe
= 02–11–2006 20:33:26 0296 C:\Program Files\Hewlett–Packard\HP Software Update\HPWuSchd2.exe
= 02–11–2006 20:33:26 0352 C:\Odtwarzacze\Winamp\winampa.exe
= 02–11–2006 20:33:26 0348 D:\P2P\Ares\Ares.exe
= 02–11–2006 20:33:26 0720 C:\WINDOWS\System32\wbem\wmiprvse.exe
= 02–11–2006 20:33:26 process list ends (scan)
= 02–11–2006 20:33:35 Will scan the following folders:
= 02–11–2006 20:33:35 1: C:\
= 02–11–2006 20:33:35 2: D:\
= 02–11–2006 20:33:56 [3624] *** Process: 3616 (parent 244) C:\Program Files\HP\hpcoretech\soln\HPOSM.exe:
= 02–11–2006 20:33:56 apn–scan(HPOSM.exe): 75 microseconds
= 02–11–2006 20:33:56 [3624] ap–scan [78ms]: NO THREAT found in file C:\Program Files\HP\hpcoretech\soln\HPOSM.exe
= 02–11–2006 20:33:57 [3796] *** Process: 3788 (parent 244) C:\Program Files\HP\hpcoretech\comp\hpdarc.exe:
= 02–11–2006 20:33:57 apn–scan(hpdarc.exe): 61 microseconds
= 02–11–2006 20:33:57 [3796] ap–scan [47ms]: NO THREAT found in file C:\Program Files\HP\hpcoretech\comp\hpdarc.exe
= 02–11–2006 20:33:58 [3948] *** Process: 3940 (parent 244) C:\Program Files\HP\hpcoretech\comp\hptskmgr.exe:
= 02–11–2006 20:33:58 apn–scan(hptskmgr.exe): 45 microseconds
= 02–11–2006 20:33:58 [3948] ap–scan [46ms]: NO THREAT found in file C:\Program Files\HP\hpcoretech\comp\hptskmgr.exe
= 02–11–2006 20:33:59 [4012] *** Process: 4004 (parent 244) C:\Program Files\HP\hpcoretech\comp\hpuihost.exe:
= 02–11–2006 20:33:59 apn–scan(hpuihost.exe): 46 microseconds
= 02–11–2006 20:33:59 [4012] ap–scan [32ms]: NO THREAT found in file C:\Program Files\HP\hpcoretech\comp\hpuihost.exe
= 02–11–2006 20:34:13 [1716] *** Process: 1780 (parent 1680) C:\WINDOWS\system32\rundll32.exe:
= 02–11–2006 20:34:13 apn–scan(rundll32.exe): 63 microseconds
= 02–11–2006 20:34:13 [1716] ap–scan [16ms]: NO THREAT found in file C:\WINDOWS\system32\rundll32.exe
= 02–11–2006 20:34:48 [3760] *** Process: 3752 (parent 1680) D:\Odebrane pliki\Ati sterownik redeon\9–13_mmc_euro1.exe:
= 02–11–2006 20:34:48 apn–scan(9–13_mmc_euro1.exe): 53 microseconds
= 02–11–2006 20:34:48 [3760] ap–scan [94ms]: NO THREAT found in file D:\Odebrane pliki\Ati sterownik redeon\9–13_mmc_euro1.exe
= 02–11–2006 20:35:09 [744] *** Process: 752 (parent 3752) D:\ATI\SUPPORT\9–13_mmc_euro1\setup.exe:
= 02–11–2006 20:35:09 apn–scan(setup.exe): 39 microseconds
= 02–11–2006 20:35:09 [744] ap–scan [125ms]: NO THREAT found in file D:\ATI\SUPPORT\9–13_mmc_euro1\setup.exe
= 02–11–2006 20:35:14 [1716] *** Process: 556 (parent 728) C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe:
= 02–11–2006 20:35:15 apn–scan(IDriver.exe): 61 microseconds
= 02–11–2006 20:35:15 [1716] ap–scan [235ms]: NO THREAT found in file C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe
= 02–11–2006 20:35:15 [2084] *** Process: 2076 (parent 728) C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe:
= 02–11–2006 20:35:15 apn–scan(IDriver.exe): 48 microseconds
= 02–11–2006 20:35:15 [2084] ap–scan [203ms]: NO THREAT found in file C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe
= 02–11–2006 20:35:16 [1152] *** Process: 2140 (parent 540) C:\WINDOWS\System32\msiexec.exe:
= 02–11–2006 20:35:16 apn–scan(msiexec.exe): 53 microseconds
= 02–11–2006 20:35:16 [1152] ap–scan [31ms]: NO THREAT found in file C:\WINDOWS\System32\msiexec.exe
= 02–11–2006 20:35:16 [2200] *** Process: 204 (parent 2140) C:\WINDOWS\System32\MsiExec.exe:
= 02–11–2006 20:35:16 apn–scan(MsiExec.exe): 47 microseconds
= 02–11–2006 20:35:16 [2200] ap–scan [16ms]: NO THREAT found in file C:\WINDOWS\System32\MsiExec.exe
= 02–11–2006 20:35:27 [2876] *** Process: 2868 (parent 728) C:\WINDOWS\System32\wbem\wmiprvse.exe:
= 02–11–2006 20:35:27 apn–scan(wmiprvse.exe): 57 microseconds
= 02–11–2006 20:35:27 [2876] ap–scan [47ms]: NO THREAT found in file C:\WINDOWS\System32\wbem\wmiprvse.exe
= 02–11–2006 20:35:52 [3248] *** Process: 3240 (parent 2140) C:\WINDOWS\System32\MsiExec.exe:
= 02–11–2006 20:35:52 apn–scan(MsiExec.exe): 49 microseconds
= 02–11–2006 20:35:52 [3248] ap–scan [31ms]: NO THREAT found in file C:\WINDOWS\System32\MsiExec.exe
= 02–11–2006 20:35:54 [3472] *** Process: 3072 (parent 2140) C:\WINDOWS\System32\MsiExec.exe:
= 02–11–2006 20:35:54 apn–scan(MsiExec.exe): 48 microseconds
= 02–11–2006 20:35:54 [3472] ap–scan [16ms]: NO THREAT found in file C:\WINDOWS\System32\MsiExec.exe
= 02–11–2006 20:36:00 [3948] *** Process: 3956 (parent 496) C:\WINDOWS\system32\logonui.exe:
= 02–11–2006 20:36:00 apn–scan(logonui.exe): 56 microseconds
= 02–11–2006 20:36:00 [3948] ap–scan [78ms]: NO THREAT found in file C:\WINDOWS\system32\logonui.exe
********* Spyware Nuker XT Log File **********
– Version: 4.5.40.1560 Build 1560
– Definition Database Date: 1/16/2006 08:36:25 AM (12867 entries)
– OS version: Windows XP 5.1.2600 []
– Default Browser: Opera (C:\Programy\Opera\Opera.exe)
– Browser Versions: IE:6.0.2600.0000;
– User ID: S–1–5–21–1757981266–492894223–682003330–1003
= 02–11–2006 20:37:34 database: 1/16/2006 08:36:25 AM (12867 entries)
= 02–11–2006 20:37:38 2009 exe signatures
= 02–11–2006 20:37:38 52 exe signatures
= 02–11–2006 20:37:50 Scan Locations: "C:\", "D:\"
= 02–11–2006 20:37:59 [152] *** Process: 1884 (parent 908) C:\WINDOWS\System32\wbem\wmiprvse.exe:
= 02–11–2006 20:37:59 apn–scan(wmiprvse.exe): 50 microseconds
= 02–11–2006 20:37:59 [152] ap–scan [156ms]: NO THREAT found in file C:\WINDOWS\System32\wbem\wmiprvse.exe
= 02–11–2006 20:38:09 [2472] *** Process: 2464 (parent 716) C:\WINDOWS\System32\wbem\wmiapsrv.exe:
= 02–11–2006 20:38:09 apn–scan(wmiapsrv.exe): 49 microseconds
= 02–11–2006 20:38:09 [2472] ap–scan [32ms]: NO THREAT found in file C:\WINDOWS\System32\wbem\wmiapsrv.exe
= 02–11–2006 20:38:58 [1356] *** Process: 1352 (parent 1572) C:\WINDOWS\system32\rundll32.exe:
= 02–11–2006 20:38:58 apn–scan(rundll32.exe): 47 microseconds
= 02–11–2006 20:38:58 [1356] ap–scan [15ms]: NO THREAT found in file C:\WINDOWS\system32\rundll32.exe
= 02–11–2006 20:39:21 [2552] *** Process: 2544 (parent 1032) C:\WINDOWS\System32\MsiExec.exe:
= 02–11–2006 20:39:21 apn–scan(MsiExec.exe): 47 microseconds
= 02–11–2006 20:39:21 [2552] ap–scan [31ms]: NO THREAT found in file C:\WINDOWS\System32\MsiExec.exe
= 02–11–2006 20:39:21 [2624] *** Process: 2616 (parent 908) C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe:
= 02–11–2006 20:39:21 apn–scan(IDriver.exe): 44 microseconds
= 02–11–2006 20:39:21 [2624] ap–scan [266ms]: NO THREAT found in file C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe
= 02–11–2006 20:39:38 [3992] *** Process: 3972 (parent 1032) C:\Program Files\ATI Technologies\ATI.ACE\atishlx.exe:
= 02–11–2006 20:39:38 apn–scan(atishlx.exe): 47 microseconds
= 02–11–2006 20:39:38 [3992] ap–scan [47ms]: NO THREAT found in file C:\Program Files\ATI Technologies\ATI.ACE\atishlx.exe
= 02–11–2006 20:39:39 [4052] *** Process: 4044 (parent 3972) C:\WINDOWS\System32\cmd.exe:
= 02–11–2006 20:39:39 apn–scan(cmd.exe): 49 microseconds
= 02–11–2006 20:39:39 [4052] ap–scan [422ms]: NO THREAT found in file C:\WINDOWS\System32\cmd.exe
= 02–11–2006 20:39:39 [4092] *** Process: 1316 (parent 4044) C:\WINDOWS\regedit.exe:
= 02–11–2006 20:39:40 apn–scan(regedit.exe): 45 microseconds
= 02–11–2006 20:39:40 [4092] ap–scan [63ms]: NO THREAT found in file C:\WINDOWS\regedit.exe
= 02–11–2006 20:39:40 [568] *** Process: 532 (parent 4044) C:\Program Files\ATI Technologies\ATI.ACE\thunk.exe:
= 02–11–2006 20:39:40 apn–scan(thunk.exe): 44 microseconds
= 02–11–2006 20:39:40 [568] ap–scan [15ms]: NO THREAT found in file C:\Program Files\ATI Technologies\ATI.ACE\thunk.exe
= 02–11–2006 20:39:40 [1492] *** Process: 284 (parent 4044) C:\Program Files\ATI Technologies\ATI.ACE\uccc.exe:
= 02–11–2006 20:39:40 apn–scan(uccc.exe): 44 microseconds
= 02–11–2006 20:39:40 [1492] ap–scan [32ms]: NO THREAT found in file C:\Program Files\ATI Technologies\ATI.ACE\uccc.exe
= 02–11–2006 20:39:42 [1940] *** Process: 1208 (parent 1032) C:\WINDOWS\System32\MsiExec.exe:
= 02–11–2006 20:39:42 apn–scan(MsiExec.exe): 46 microseconds
= 02–11–2006 20:39:42 [1940] ap–scan [16ms]: NO THREAT found in file C:\WINDOWS\System32\MsiExec.exe
= 02–11–2006 20:39:50 [720] *** Process: 360 (parent 1572) C:\WINDOWS\System32\SNDVOL32.EXE:
= 02–11–2006 20:39:50 apn–scan(SNDVOL32.EXE): 50 microseconds
= 02–11–2006 20:39:50 [720] ap–scan [63ms]: NO THREAT found in file C:\WINDOWS\System32\SNDVOL32.EXE
= 02–11–2006 20:39:55 [3632] *** Process: 3624 (parent 1572) C:\WINDOWS\system32\rundll32.exe:
= 02–11–2006 20:39:55 apn–scan(rundll32.exe): 47 microseconds
= 02–11–2006 20:39:55 [3632] ap–scan [16ms]: NO THREAT found in file C:\WINDOWS\system32\rundll32.exe
= 02–11–2006 20:40:07 [3332] *** Process: 3324 (parent 1032) C:\WINDOWS\Installer\MSI59A.tmp:
= 02–11–2006 20:40:07 apn–scan(MSI59A.tmp): 46 microseconds
= 02–11–2006 20:40:07 [3332] ap–scan [15ms]: NO THREAT found in file C:\WINDOWS\Installer\MSI59A.tmp
= 02–11–2006 20:40:33 [3976] *** Process: 3968 (parent 1572) D:\Odebrane pliki\Ati sterownik redeon\6–1_xp–2k_dd_ccc_wdm_enu_29602_redeon .exe:
= 02–11–2006 20:40:33 apn–scan(6–1_xp–2k_dd_ccc_wdm_enu_29602_redeon .exe): 37 microseconds
= 02–11–2006 20:40:33 [3976] ap–scan [125ms]: NO THREAT found in file D:\Odebrane pliki\Ati sterownik redeon\6–1_xp–2k_dd_ccc_wdm_enu_29602_redeon .exe
= 02–11–2006 20:41:01 [2716] *** Process: 2696 (parent 3968) D:\ATI\SUPPORT\6–1_xp–2k_dd_ccc_wdm_enu_29602\setup.exe:
= 02–11–2006 20:41:01 apn–scan(setup.exe): 38 microseconds
= 02–11–2006 20:41:01 [2716] ap–scan [63ms]: NO THREAT found in file D:\ATI\SUPPORT\6–1_xp–2k_dd_ccc_wdm_enu_29602\setup.exe
= 02–11–2006 20:41:02 [2740] *** Process: 2736 (parent 2696) D:\ATI\SUPPORT\6–1_xp–2k_dd_ccc_wdm_enu_29602\issetup.exe:
= 02–11–2006 20:41:02 apn–scan(issetup.exe): 37 microseconds
= 02–11–2006 20:41:02 [2740] ap–scan [63ms]: NO THREAT found in file D:\ATI\SUPPORT\6–1_xp–2k_dd_ccc_wdm_enu_29602\issetup.exe
= 02–11–2006 20:41:02 [2784] *** Process: 2776 (parent 2736) C:\Program Files\Common Files\InstallShield\engine\6\Intel 32\IKernel.exe:
= 02–11–2006 20:41:02 apn–scan(IKernel.exe): 48 microseconds
= 02–11–2006 20:41:02 [2784] ap–scan [171ms]: NO THREAT found in file C:\Program Files\Common Files\InstallShield\engine\6\Intel 32\IKernel.exe
= 02–11–2006 20:41:03 [2832] *** Process: 2824 (parent 908) C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\IKernel.exe:
= 02–11–2006 20:41:03 apn–scan(IKernel.exe): 44 microseconds
= 02–11–2006 20:41:03 [2832] ap–scan [188ms]: NO THREAT found in file C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\IKernel.exe
= 02–11–2006 20:41:04 [2888] *** Process: 2880 (parent 2824) C:\Program Files\Common Files\InstallShield\engine\6\Intel 32\iKernel.exe:
= 02–11–2006 20:41:04 apn–scan(iKernel.exe): 48 microseconds
= 02–11–2006 20:41:04 [2888] ap–scan [156ms]: NO THREAT found in file C:\Program Files\Common Files\InstallShield\engine\6\Intel 32\iKernel.exe
= 02–11–2006 20:41:11 [3292] *** Process: 3284 (parent 908) C:\WINDOWS\System32\wbem\wmiprvse.exe:
= 02–11–2006 20:41:11 apn–scan(wmiprvse.exe): 52 microseconds
= 02–11–2006 20:41:11 [3292] ap–scan [47ms]: NO THREAT found in file C:\WINDOWS\System32\wbem\wmiprvse.exe
= 02–11–2006 20:41:23 [3552] *** Process: 3544 (parent 2824) D:\ATI\SUPPORT\6–1_xp–2k_dd_ccc_wdm_enu_29602\AtiCim.bin:
= 02–11–2006 20:41:23 apn–scan(AtiCim.bin): 37 microseconds
= 02–11–2006 20:41:23 [3552] ap–scan [31ms]: NO THREAT found in file D:\ATI\SUPPORT\6–1_xp–2k_dd_ccc_wdm_enu_29602\AtiCim.bin
= 02–11–2006 20:41:24 [524] *** Process: 152 (parent 3544) D:\ATI\SUPPORT\6–1_xp–2k_dd_ccc_wdm_enu_29602\Driver\setup.exe:
= 02–11–2006 20:41:24 apn–scan(setup.exe): 39 microseconds
= 02–11–2006 20:41:24 [524] ap–scan [16ms]: NO THREAT found in file D:\ATI\SUPPORT\6–1_xp–2k_dd_ccc_wdm_enu_29602\Driver\setup.exe
= 02–11–2006 20:41:24 [3620] *** Process: 3608 (parent 152) C:\Program Files\Common Files\InstallShield\engine\6\Intel 32\IKernel.exe:
= 02–11–2006 20:41:25 apn–scan(IKernel.exe): 46 microseconds
= 02–11–2006 20:41:25 [3620] ap–scan [187ms]: NO THREAT found in file C:\Program Files\Common Files\InstallShield\engine\6\Intel 32\IKernel.exe
= 02–11–2006 20:41:25 [3716] *** Process: 3704 (parent 908) C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\IKernel.exe:
= 02–11–2006 20:41:25 apn–scan(IKernel.exe): 43 microseconds
= 02–11–2006 20:41:25 [3716] ap–scan [157ms]: NO THREAT found in file C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\IKernel.exe
= 02–11–2006 20:41:25 [3832] *** Process: 3824 (parent 3704) C:\Program Files\Common Files\InstallShield\engine\6\Intel 32\iKernel.exe:
= 02–11–2006 20:41:25 apn–scan(iKernel.exe): 47 microseconds
= 02–11–2006 20:41:25 [3832] ap–scan [156ms]: NO THREAT found in file C:\Program Files\Common Files\InstallShield\engine\6\Intel 32\iKernel.exe
= 02–11–2006 20:41:30 [4012] *** Process: 1252 (parent 3704) C:\WINDOWS\regedit.exe:
= 02–11–2006 20:41:30 apn–scan(regedit.exe): 43 microseconds
= 02–11–2006 20:41:30 [4012] ap–scan [31ms]: NO THREAT found in file C:\WINDOWS\regedit.exe
= 02–11–2006 20:41:37 [2496] *** Process: 2488 (parent 3704) C:\WINDOWS\System32\runonce.exe:
= 02–11–2006 20:41:37 apn–scan(runonce.exe): 48 microseconds
= 02–11–2006 20:41:37 [2496] ap–scan [15ms]: NO THREAT found in file C:\WINDOWS\System32\runonce.exe
= 02–11–2006 20:41:39 [2648] *** Process: 2644 (parent 3704) C:\WINDOWS\system32\ati2sgag.exe:
= 02–11–2006 20:41:39 apn–scan(ati2sgag.exe): 46 microseconds
= 02–11–2006 20:41:39 [2648] ap–scan [125ms]: NO THREAT found in file C:\WINDOWS\system32\ati2sgag.exe
= 02–11–2006 20:41:47 [2808] *** Process: 1716 (parent 3544) D:\ATI\SUPPORT\6–1_xp–2k_dd_ccc_wdm_enu_29602\ACE\setup.exe:
= 02–11–2006 20:41:47 apn–scan(setup.exe): 41 microseconds
= 02–11–2006 20:41:47 [2808] ap–scan [125ms]: NO THREAT found in file D:\ATI\SUPPORT\6–1_xp–2k_dd_ccc_wdm_enu_29602\ACE\setup.exe
= 02–11–2006 20:42:01 [3696] *** Process: 3388 (parent 1716) C:\WINDOWS\system32\MSIEXEC.EXE:
= 02–11–2006 20:42:01 apn–scan(MSIEXEC.EXE): 48 microseconds
= 02–11–2006 20:42:01 [3696] ap–scan [16ms]: NO THREAT found in file C:\WINDOWS\system32\MSIEXEC.EXE
= 02–11–2006 20:42:01 [3476] *** Process: 3468 (parent 1032) C:\WINDOWS\System32\MsiExec.exe:
= 02–11–2006 20:42:01 apn–scan(MsiExec.exe): 47 microseconds
= 02–11–2006 20:42:01 [3476] ap–scan [32ms]: NO THREAT found in file C:\WINDOWS\System32\MsiExec.exe
= 02–11–2006 20:42:01 [1788] *** Process: 1928 (parent 908) C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe:
= 02–11–2006 20:42:01 apn–scan(IDriver.exe): 44 microseconds
= 02–11–2006 20:42:01 [1788] ap–scan [218ms]: NO THREAT found in file C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe
= 02–11–2006 20:42:06 [3540] *** Process: 3872 (parent 1032) C:\WINDOWS\System32\MsiExec.exe:
= 02–11–2006 20:42:06 apn–scan(MsiExec.exe): 47 microseconds
= 02–11–2006 20:42:06 [3540] ap–scan [31ms]: NO THREAT found in file C:\WINDOWS\System32\MsiExec.exe
= 02–11–2006 20:42:19 [852] *** Process: 376 (parent 1032) C:\Program Files\ATI Technologies\ATI.ACE\atishlx.exe:
= 02–11–2006 20:42:19 apn–scan(atishlx.exe): 44 microseconds
= 02–11–2006 20:42:19 [852] ap–scan [31ms]: NO THREAT found in file C:\Program Files\ATI Technologies\ATI.ACE\atishlx.exe
= 02–11–2006 20:42:19 [692] *** Process: 508 (parent 376) C:\WINDOWS\System32\cmd.exe:
= 02–11–2006 20:42:20 apn–scan(cmd.exe): 46 microseconds
= 02–11–2006 20:42:20 [692] ap–scan [297ms]: NO THREAT found in file C:\WINDOWS\System32\cmd.exe
= 02–11–2006 20:42:20 [1196] *** Process: 1096 (parent 508) C:\WINDOWS\regedit.exe:
= 02–11–2006 20:42:20 apn–scan(regedit.exe): 44 microseconds
= 02–11–2006 20:42:20 [1196] ap–scan [63ms]: NO THREAT found in file C:\WINDOWS\regedit.exe
= 02–11–2006 20:42:20 [1300] *** Process: 1904 (parent 508) C:\WINDOWS\regedit.exe:
= 02–11–2006 20:42:20 apn–scan(regedit.exe): 43 microseconds
= 02–11–2006 20:42:20 [1300] ap–scan [94ms]: NO THREAT found in file C:\WINDOWS\regedit.exe
= 02–11–2006 20:42:20 [1500] *** Process: 1376 (parent 508) C:\Program Files\ATI Technologies\ATI.ACE\thunk.exe:
= 02–11–2006 20:42:20 apn–scan(thunk.exe): 44 microseconds
= 02–11–2006 20:42:20 [1500] ap–scan [16ms]: NO THREAT found in file C:\Program Files\ATI Technologies\ATI.ACE\thunk.exe
= 02–11–2006 20:42:20 [1840] *** Process: 1216 (parent 508) C:\Program Files\ATI Technologies\ATI.ACE\thunk.exe:
= 02–11–2006 20:42:20 apn–scan(thunk.exe): 44 microseconds
= 02–11–2006 20:42:20 [1840] ap–scan [31ms]: NO THREAT found in file C:\Program Files\ATI Technologies\ATI.ACE\thunk.exe
= 02–11–2006 20:42:31 [2172] *** Process: 2168 (parent 672) C:\WINDOWS\system32\logonui.exe:
= 02–11–2006 20:42:32 apn–scan(logonui.exe): 48 microseconds
= 02–11–2006 20:42:32 [2172] ap–scan [360ms]: NO THREAT found in file C:\WINDOWS\system32\logonui.exe
********* Spyware Nuker XT Log File **********
– Version: 4.5.40.1560 Build 1560
– Definition Database Date: 1/16/2006 08:36:25 AM (12867 entries)
– OS version: Windows XP 5.1.2600 []
– Default Browser: Opera (C:\Programy\Opera\Opera.exe)
– Browser Versions: IE:6.0.2600.0000;
– User ID: S–1–5–21–1757981266–492894223–682003330–1003
= 02–11–2006 20:43:43 database: 1/16/2006 08:36:25 AM (12867 entries)
= 02–11–2006 20:43:45 2009 exe signatures
= 02–11–2006 20:43:45 52 exe signatures
= 02–11–2006 20:43:49 Scan Locations: "C:\", "D:\"
= 02–11–2006 20:44:01 [1836] *** Process: 1828 (parent 1204) C:\WINDOWS\System32\regedt32.exe:
= 02–11–2006 20:44:01 apn–scan(regedt32.exe): 46 microseconds
= 02–11–2006 20:44:01 [1836] ap–scan [63ms]: NO THREAT found in file C:\WINDOWS\System32\regedt32.exe
= 02–11–2006 20:44:07 [1876] *** Process: 1868 (parent 1616) C:\Program Files\ATI Technologies\ATI.ACE\cli.exe:
= 02–11–2006 20:44:08 apn–scan(cli.exe): 54 microseconds
= 02–11–2006 20:44:08 [1876] ap–scan [937ms]: NO THREAT found in file C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
= 02–11–2006 20:44:08 [1908] *** Process: 1900 (parent 1828) C:\WINDOWS\regedit.exe:
= 02–11–2006 20:44:09 apn–scan(regedit.exe): 48 microseconds
= 02–11–2006 20:44:09 [1908] ap–scan [593ms]: NO THREAT found in file C:\WINDOWS\regedit.exe
= 02–11–2006 20:44:09 [1988] *** Process: 1980 (parent 720) C:\WINDOWS\System32\imapi.exe:
= 02–11–2006 20:44:09 apn–scan(imapi.exe): 46 microseconds
= 02–11–2006 20:44:09 [1988] ap–scan [78ms]: NO THREAT found in file C:\WINDOWS\System32\imapi.exe
= 02–11–2006 20:44:13 [1060] *** Process: 556 (parent 1076) C:\WINDOWS\system32\ati2sgag.exe:
= 02–11–2006 20:44:14 apn–scan(ati2sgag.exe): 48 microseconds
= 02–11–2006 20:44:14 [1060] ap–scan [610ms]: NO THREAT found in file C:\WINDOWS\system32\ati2sgag.exe
= 02–11–2006 20:44:24 [2148] *** Process: 2140 (parent 932) C:\WINDOWS\System32\wbem\wmiprvse.exe:
= 02–11–2006 20:44:24 apn–scan(wmiprvse.exe): 55 microseconds
= 02–11–2006 20:44:24 [2148] ap–scan [78ms]: NO THREAT found in file C:\WINDOWS\System32\wbem\wmiprvse.exe
= 02–11–2006 20:44:24 [2172] *** Process: 2164 (parent 720) C:\WINDOWS\System32\wbem\wmiapsrv.exe:
= 02–11–2006 20:44:24 apn–scan(wmiapsrv.exe): 48 microseconds
= 02–11–2006 20:44:24 [2172] ap–scan [62ms]: NO THREAT found in file C:\WINDOWS\System32\wbem\wmiapsrv.exe
= 02–11–2006 20:44:28 [2448] *** Process: 2440 (parent 1528) C:\Program Files\ATI Technologies\ATI.ACE\cli.exe:
= 02–11–2006 20:44:28 apn–scan(cli.exe): 46 microseconds
= 02–11–2006 20:44:28 [2448] ap–scan [47ms]: NO THREAT found in file C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
= 02–11–2006 20:44:33 [2864] *** Process: 2856 (parent 428) C:\Program Files\ATI Technologies\ATI.ACE\cli.exe:
= 02–11–2006 20:44:33 apn–scan(cli.exe): 50 microseconds
= 02–11–2006 20:44:33 [2864] ap–scan [31ms]: NO THREAT found in file C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
= 02–11–2006 20:44:33 [2888] *** Process: 2880 (parent 428) C:\Program Files\ATI Technologies\ATI.ACE\cli.exe:
= 02–11–2006 20:44:34 apn–scan(cli.exe): 46 microseconds
= 02–11–2006 20:44:34 [2888] ap–scan [63ms]: NO THREAT found in file C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
= 02–11–2006 20:44:34 [2936] *** Process: 2928 (parent 428) C:\Program Files\ATI Technologies\ATI.ACE\cli.exe:
= 02–11–2006 20:44:34 apn–scan(cli.exe): 46 microseconds
= 02–11–2006 20:44:34 [2936] ap–scan [78ms]: NO THREAT found in file C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
= 02–11–2006 20:44:45 [3408] *** Process: 3400 (parent 2880) C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe:
= 02–11–2006 20:44:45 apn–scan(CLI.exe): 52 microseconds
= 02–11–2006 20:44:45 [3408] ap–scan [93ms]: NO THREAT found in file C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
= 02–11–2006 20:44:45 [3532] *** Process: 3524 (parent 720) C:\WINDOWS\System32\wbem\wmiapsrv.exe:
= 02–11–2006 20:44:45 apn–scan(wmiapsrv.exe): 48 microseconds
= 02–11–2006 20:44:45 [3532] ap–scan [31ms]: NO THREAT found in file C:\WINDOWS\System32\wbem\wmiapsrv.exe
= 02–11–2006 20:44:46 [3628] *** Process: 3620 (parent 720) C:\WINDOWS\System32\wbem\wmiapsrv.exe:
= 02–11–2006 20:44:46 apn–scan(wmiapsrv.exe): 48 microseconds
= 02–11–2006 20:44:46 [3628] ap–scan [31ms]: NO THREAT found in file C:\WINDOWS\System32\wbem\wmiapsrv.exe
= 02–11–2006 20:45:08 [244] *** Process: 1456 (parent 2880) C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe:
= 02–11–2006 20:45:08 apn–scan(CLI.exe): 46 microseconds
= 02–11–2006 20:45:08 [244] ap–scan [31ms]: NO THREAT found in file C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
= 02–11–2006 20:45:11 [1428] *** Process: 1500 (parent 1616) C:\WINDOWS\system32\rundll32.exe:
= 02–11–2006 20:45:11 apn–scan(rundll32.exe): 48 microseconds
= 02–11–2006 20:45:11 [1428] ap–scan [16ms]: NO THREAT found in file C:\WINDOWS\system32\rundll32.exe
= 02–11–2006 20:45:28 [3872] *** Process: 3864 (parent 1528) C:\Program Files\ATI Technologies\ATI.ACE\cli.exe:
= 02–11–2006 20:45:28 apn–scan(cli.exe): 47 microseconds
= 02–11–2006 20:45:28 [3872] ap–scan [31ms]: NO THREAT found in file C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
= 02–11–2006 20:45:45 [2260] *** Process: 3040 (parent 2880) D:\ATI\SUPPORT\Hydrovision\HydraCPL.exe:
= 02–11–2006 20:45:45 apn–scan(HydraCPL.exe): 35 microseconds
= 02–11–2006 20:45:45 [2260] ap–scan [63ms]: NO THREAT found in file D:\ATI\SUPPORT\Hydrovision\HydraCPL.exe
= 02–11–2006 20:46:01 [2292] *** Process: 2252 (parent 1616) C:\WINDOWS\system32\rundll32.exe:
= 02–11–2006 20:46:01 apn–scan(rundll32.exe): 48 microseconds
= 02–11–2006 20:46:01 [2292] ap–scan [16ms]: NO THREAT found in file C:\WINDOWS\system32\rundll32.exe
= 02–11–2006 20:46:07 [3724] *** Process: 3708 (parent 1528) C:\Program Files\ATI Technologies\ATI.ACE\cli.exe:
= 02–11–2006 20:46:07 apn–scan(cli.exe): 50 microseconds
= 02–11–2006 20:46:07 [3724] ap–scan [31ms]: NO THREAT found in file C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
= 02–11–2006 20:46:14 [3956] *** Process: 540 (parent 1528) C:\Program Files\ATI Technologies\ATI.ACE\cli.exe:
= 02–11–2006 20:46:14 apn–scan(cli.exe): 48 microseconds
= 02–11–2006 20:46:14 [3956] ap–scan [31ms]: NO THREAT found in file C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
= 02–11–2006 20:46:21 [560] *** Process: 1192 (parent 1616) C:\WINDOWS\system32\rundll32.exe:
= 02–11–2006 20:46:21 apn–scan(rundll32.exe): 50 microseconds
= 02–11–2006 20:46:21 [560] ap–scan [15ms]: NO THREAT found in file C:\WINDOWS\system32\rundll32.exe
= 02–11–2006 20:46:27 [548] *** Process: 3280 (parent 1192) C:\WINDOWS\System32\logon.scr:
= 02–11–2006 20:46:27 apn–scan(logon.scr): 46 microseconds
= 02–11–2006 20:46:27 [548] ap–scan [47ms]: NO THREAT found in file C:\WINDOWS\System32\logon.scr
= 02–11–2006 20:47:22 [496] *** Process: 1840 (parent 984) C:\WINDOWS\System32\rundll32.exe:
= 02–11–2006 20:47:22 apn–scan(rundll32.exe): 46 microseconds
= 02–11–2006 20:47:22 [496] ap–scan [47ms]: NO THREAT found in file C:\WINDOWS\System32\rundll32.exe
= 02–11–2006 20:47:22 [1964] *** Process: 2044 (parent 720) C:\WINDOWS\System32\imapi.exe:
= 02–11–2006 20:47:22 apn–scan(imapi.exe): 47 microseconds
= 02–11–2006 20:47:22 [1964] ap–scan [47ms]: NO THREAT found in file C:\WINDOWS\System32\imapi.exe
= 02–11–2006 20:48:05 [3344] *** Process: 3336 (parent 2880) C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe:
= 02–11–2006 20:48:05 apn–scan(CLI.exe): 46 microseconds
= 02–11–2006 20:48:05 [3344] ap–scan [32ms]: NO THREAT found in file C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
= 02–11–2006 20:48:09 [3584] *** Process: 3572 (parent 932) C:\WINDOWS\System32\wbem\wmiprvse.exe:
= 02–11–2006 20:48:09 apn–scan(wmiprvse.exe): 47 microseconds
= 02–11–2006 20:48:09 [3584] ap–scan [62ms]: NO THREAT found in file C:\WINDOWS\System32\wbem\wmiprvse.exe
= 02–11–2006 20:49:11 [444] *** Process: 3188 (parent 1192) C:\WINDOWS\system32\runonce.exe:
= 02–11–2006 20:49:11 apn–scan(runonce.exe): 48 microseconds
= 02–11–2006 20:49:11 [444] ap–scan [0ms]: NO THREAT found in file C:\WINDOWS\system32\runonce.exe
= 02–11–2006 20:49:44 [4072] *** Process: 2020 (parent 1192) C:\PROGRAM FILES\ATI TECHNOLOGIES\ATI.ACE\cli.exe:
= 02–11–2006 20:49:44 apn–scan(cli.exe): 48 microseconds
= 02–11–2006 20:49:44 [4072] ap–scan [47ms]: NO THREAT found in file C:\PROGRAM FILES\ATI TECHNOLOGIES\ATI.ACE\cli.exe
= 02–11–2006 20:49:47 [4000] *** Process: 3988 (parent 932) C:\WINDOWS\System32\wbem\wmiprvse.exe:
= 02–11–2006 20:49:47 apn–scan(wmiprvse.exe): 48 microseconds
= 02–11–2006 20:49:47 [4000] ap–scan [47ms]: NO THREAT found in file C:\WINDOWS\System32\wbem\wmiprvse.exe
= 02–11–2006 20:50:12 [2244] *** Process: 2232 (parent 1616) D:\Odebrane pliki\Ati sterownik redeon\6–1_xp–2k_dd_ccc_wdm_enu_29602_redeon .exe:
= 02–11–2006 20:50:13 apn–scan(6–1_xp–2k_dd_ccc_wdm_enu_29602_redeon .exe): 37 microseconds
= 02–11–2006 20:50:13 [2244] ap–scan [94ms]: NO THREAT found in file D:\Odebrane pliki\Ati sterownik redeon\6–1_xp–2k_dd_ccc_wdm_enu_29602_redeon .exe
= 02–11–2006 20:50:41 [3360] *** Process: 3344 (parent 2232) D:\ATI\SUPPORT\6–1_xp–2k_dd_ccc_wdm_enu_29602\setup.exe:
= 02–11–2006 20:50:41 apn–scan(setup.exe): 35 microseconds
= 02–11–2006 20:50:41 [3360] ap–scan [62ms]: NO THREAT found in file D:\ATI\SUPPORT\6–1_xp–2k_dd_ccc_wdm_enu_29602\setup.exe
= 02–11–2006 20:50:42 [3788] *** Process: 2112 (parent 3344) D:\ATI\SUPPORT\6–1_xp–2k_dd_ccc_wdm_enu_29602\issetup.exe:
= 02–11–2006 20:50:42 apn–scan(issetup.exe): 36 microseconds
= 02–11–2006 20:50:42 [3788] ap–scan [62ms]: NO THREAT found in file D:\ATI\SUPPORT\6–1_xp–2k_dd_ccc_wdm_enu_29602\issetup.exe
= 02–11–2006 20:50:42 [2084] *** Process: 1956 (parent 2112) C:\Program Files\Common Files\InstallShield\engine\6\Intel 32\IKernel.exe:
= 02–11–2006 20:50:42 apn–scan(IKernel.exe): 49 microseconds
= 02–11–2006 20:50:42 [2084] ap–scan [156ms]: NO THREAT found in file C:\Program Files\Common Files\InstallShield\engine\6\Intel 32\IKernel.exe
= 02–11–2006 20:50:43 [3624] *** Process: 3584 (parent 932) C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\IKernel.exe:
= 02–11–2006 20:50:43 apn–scan(IKernel.exe): 45 microseconds
= 02–11–2006 20:50:43 [3624] ap–scan [172ms]: NO THREAT found in file C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\IKernel.exe
= 02–11–2006 20:50:43 [3684] *** Process: 3676 (parent 3584) C:\Program Files\Common Files\InstallShield\engine\6\Intel 32\iKernel.exe:
= 02–11–2006 20:50:43 apn–scan(iKernel.exe): 49 microseconds
= 02–11–2006 20:50:43 [3684] ap–scan [157ms]: NO THREAT found in file C:\Program Files\Common Files\InstallShield\engine\6\Intel 32\iKernel.exe
= 02–11–2006 20:51:04 [1492] *** Process: 1640 (parent 3584) D:\ATI\SUPPORT\6–1_xp–2k_dd_ccc_wdm_enu_29602\AtiCim.bin:
= 02–11–2006 20:51:04 apn–scan(AtiCim.bin): 35 microseconds
= 02–11–2006 20:51:04 [1492] ap–scan [31ms]: NO THREAT found in file D:\ATI\SUPPORT\6–1_xp–2k_dd_ccc_wdm_enu_29602\AtiCim.bin
= 02–11–2006 20:51:05 [3520] *** Process: 3768 (parent 1640) D:\ATI\SUPPORT\6–1_xp–2k_dd_ccc_wdm_enu_29602\Driver\setup.exe:
= 02–11–2006 20:51:05 apn–scan(setup.exe): 38 microseconds
= 02–11–2006 20:51:05 [3520] ap–scan [16ms]: NO THREAT found in file D:\ATI\SUPPORT\6–1_xp–2k_dd_ccc_wdm_enu_29602\Driver\setup.exe
= 02–11–2006 20:51:06 [1884] *** Process: 2104 (parent 3768) C:\Program Files\Common Files\InstallShield\engine\6\Intel 32\IKernel.exe:
= 02–11–2006 20:51:06 apn–scan(IKernel.exe): 47 microseconds
= 02–11–2006 20:51:06 [1884] ap–scan [157ms]: NO THREAT found in file C:\Program Files\Common Files\InstallShield\engine\6\Intel 32\IKernel.exe
= 02–11–2006 20:51:06 [2184] *** Process: 2180 (parent 932) C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\IKernel.exe:
= 02–11–2006 20:51:06 apn–scan(IKernel.exe): 45 microseconds
= 02–11–2006 20:51:06 [2184] ap–scan [156ms]: NO THREAT found in file C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\IKernel.exe
= 02–11–2006 20:51:06 [2292] *** Process: 2244 (parent 2180) C:\Program Files\Common Files\InstallShield\engine\6\Intel 32\iKernel.exe:
= 02–11–2006 20:51:06 apn–scan(iKernel.exe): 49 microseconds
= 02–11–2006 20:51:06 [2292] ap–scan [156ms]: NO THREAT found in file C:\Program Files\Common Files\InstallShield\engine\6\Intel 32\iKernel.exe
= 02–11–2006 20:51:10 [2432] *** Process: 2760 (parent 2180) C:\WINDOWS\regedit.exe:
= 02–11–2006 20:51:10 apn–scan(regedit.exe): 43 microseconds
= 02–11–2006 20:51:10 [2432] ap–scan [31ms]: NO THREAT found in file C:\WINDOWS\regedit.exe
= 02–11–2006 20:51:16 [3100] *** Process: 3088 (parent 2180) C:\WINDOWS\System32\runonce.exe:
= 02–11–2006 20:51:16 apn–scan(runonce.exe): 48 microseconds
= 02–11–2006 20:51:16 [3100] ap–scan [16ms]: NO THREAT found in file C:\WINDOWS\System32\runonce.exe
= 02–11–2006 20:51:18 [992] *** Process: 1556 (parent 2180) C:\WINDOWS\system32\ati2sgag.exe:
= 02–11–2006 20:51:18 apn–scan(ati2sgag.exe): 47 microseconds
= 02–11–2006 20:51:18 [992] ap–scan [125ms]: NO THREAT found in file C:\WINDOWS\system32\ati2sgag.exe
= 02–11–2006 20:51:25 [3632] *** Process: 3640 (parent 1640) D:\ATI\SUPPORT\6–1_xp–2k_dd_ccc_wdm_enu_29602\ACE\setup.exe:
= 02–11–2006 20:51:26 apn–scan(setup.exe): 40 microseconds
= 02–11–2006 20:51:26 [3632] ap–scan [125ms]: NO THREAT found in file D:\ATI\SUPPORT\6–1_xp–2k_dd_ccc_wdm_enu_29602\ACE\setup.exe
= 02–11–2006 20:51:29 [3588] *** Process: 3532 (parent 720) C:\WINDOWS\System32\msiexec.exe:
= 02–11–2006 20:51:29 apn–scan(msiexec.exe): 45 microseconds
= 02–11–2006 20:51:29 [3588] ap–scan [15ms]: NO THREAT found in file C:\WINDOWS\System32\msiexec.exe
= 02–11–2006 20:51:32 [2024] *** Process: 3636 (parent 3640) C:\WINDOWS\system32\MSIEXEC.EXE:
= 02–11–2006 20:51:32 apn–scan(MSIEXEC.EXE): 47 microseconds
= 02–11–2006 20:51:32 [2024] ap–scan [32ms]: NO THREAT found in file C:\WINDOWS\system32\MSIEXEC.EXE
= 02–11–2006 20:51:32 [848] *** Process: 4000 (parent 3532) C:\WINDOWS\System32\MsiExec.exe:
= 02–11–2006 20:51:32 apn–scan(MsiExec.exe): 46 microseconds
= 02–11–2006 20:51:32 [848] ap–scan [31ms]: NO THREAT found in file C:\WINDOWS\System32\MsiExec.exe
= 02–11–2006 20:51:32 [212] *** Process: 796 (parent 932) C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe:
= 02–11–2006 20:51:32 apn–scan(IDriver.exe): 45 microseconds
= 02–11–2006 20:51:32 [212] ap–scan [188ms]: NO THREAT found in file C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe
= 02–11–2006 20:51:38 [216] *** Process: 3500 (parent 3532) C:\WINDOWS\System32\MsiExec.exe:
= 02–11–2006 20:51:38 apn–scan(MsiExec.exe): 49 microseconds
= 02–11–2006 20:51:38 [216] ap–scan [31ms]: NO THREAT found in file C:\WINDOWS\System32\MsiExec.exe
= 02–11–2006 20:51:38 [4080] *** Process: 2332 (parent 3532) C:\WINDOWS\Installer\MSI1F.tmp:
= 02–11–2006 20:51:38 apn–scan(MSI1F.tmp): 46 microseconds
= 02–11–2006 20:51:38 [4080] ap–scan [16ms]: NO THREAT found in file C:\WINDOWS\Installer\MSI1F.tmp
= 02–11–2006 20:52:50 [292] *** Process: 4012 (parent 1616) D:\Odebrane pliki\Ati sterownik redeon\6–1_ccc_pl_29602.exe:
= 02–11–2006 20:52:50 apn–scan(6–1_ccc_pl_29602.exe): 39 microseconds
= 02–11–2006 20:52:50 [292] ap–scan [78ms]: NO THREAT found in file D:\Odebrane pliki\Ati sterownik redeon\6–1_ccc_pl_29602.exe
= 02–11–2006 20:53:08 [1524] *** Process: 1756 (parent 4012) D:\ATI\SUPPORT\6–1_ccc_pl_29602\setup.exe:
= 02–11–2006 20:53:09 apn–scan(setup.exe): 36 microseconds
= 02–11–2006 20:53:09 [1524] ap–scan [125ms]: NO THREAT found in file D:\ATI\SUPPORT\6–1_ccc_pl_29602\setup.exe
= 02–11–2006 20:53:13 [3152] *** Process: 2072 (parent 1756) C:\WINDOWS\System32\MSIEXEC.EXE:
= 02–11–2006 20:53:13 apn–scan(MSIEXEC.EXE): 46 microseconds
= 02–11–2006 20:53:13 [3152] ap–scan [31ms]: NO THREAT found in file C:\WINDOWS\System32\MSIEXEC.EXE
= 02–11–2006 20:53:14 [3884] *** Process: 300 (parent 3532) C:\WINDOWS\System32\MsiExec.exe:
= 02–11–2006 20:53:14 apn–scan(MsiExec.exe): 47 microseconds
= 02–11–2006 20:53:14 [3884] ap–scan [32ms]: NO THREAT found in file C:\WINDOWS\System32\MsiExec.exe
= 02–11–2006 20:53:14 [160] *** Process: 3716 (parent 932) C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe:
= 02–11–2006 20:53:14 apn–scan(IDriver.exe): 44 microseconds
= 02–11–2006 20:53:14 [160] ap–scan [203ms]: NO THREAT found in file C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe
= 02–11–2006 20:53:27 [3884] *** Process: 2324 (parent 3532) C:\WINDOWS\System32\MsiExec.exe:
= 02–11–2006 20:53:27 apn–scan(MsiExec.exe): 46 microseconds
= 02–11–2006 20:53:27 [3884] ap–scan [16ms]: NO THREAT found in file C:\WINDOWS\System32\MsiExec.exe
= 02–11–2006 20:53:31 [2184] *** Process: 2200 (parent 932) C:\WINDOWS\System32\wbem\wmiprvse.exe:
= 02–11–2006 20:53:31 apn–scan(wmiprvse.exe): 48 microseconds
= 02–11–2006 20:53:31 [2184] ap–scan [46ms]: NO THREAT found in file C:\WINDOWS\System32\wbem\wmiprvse.exe
= 02–11–2006 20:53:31 [3516] *** Process: 1816 (parent 932) C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe:
= 02–11–2006 20:53:31 apn–scan(IDriver.exe): 46 microseconds
= 02–11–2006 20:53:31 [3516] ap–scan [188ms]: NO THREAT found in file C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe
= 02–11–2006 20:53:40 [2688] *** Process: 2076 (parent 1204) C:\WINDOWS\System32\regedt32.exe:
= 02–11–2006 20:53:40 apn–scan(regedt32.exe): 48 microseconds
= 02–11–2006 20:53:40 [2688] ap–scan [16ms]: NO THREAT found in file C:\WINDOWS\System32\regedt32.exe
= 02–11–2006 20:53:40 [2740] *** Process: 2732 (parent 2076) C:\WINDOWS\regedit.exe:
= 02–11–2006 20:53:40 apn–scan(regedit.exe): 46 microseconds
= 02–11–2006 20:53:40 [2740] ap–scan [156ms]: NO THREAT found in file C:\WINDOWS\regedit.exe
= 02–11–2006 20:53:48 [476] *** Process: 3272 (parent 3532) C:\WINDOWS\System32\MsiExec.exe:
= 02–11–2006 20:53:48 apn–scan(MsiExec.exe): 47 microseconds
= 02–11–2006 20:53:48 [476] ap–scan [31ms]: NO THREAT found in file C:\WINDOWS\System32\MsiExec.exe
= 02–11–2006 20:54:10 [2980] *** Process: 3856 (parent 3532) C:\WINDOWS\Installer\MSI436.tmp:
= 02–11–2006 20:54:10 apn–scan(MSI436.tmp): 46 microseconds
= 02–11–2006 20:54:10 [2980] ap–scan [31ms]: NO THREAT found in file C:\WINDOWS\Installer\MSI436.tmp
= 02–11–2006 20:54:36 [2940] *** Process: 2912 (parent 3532) C:\Program Files\ATI Technologies\ATI.ACE\atishlx.exe:
= 02–11–2006 20:54:36 apn–scan(atishlx.exe): 52 microseconds
= 02–11–2006 20:54:36 [2940] ap–scan [31ms]: NO THREAT found in file C:\Program Files\ATI Technologies\ATI.ACE\atishlx.exe
= 02–11–2006 20:54:36 [3044] *** Process: 2764 (parent 2912) C:\WINDOWS\System32\cmd.exe:
= 02–11–2006 20:54:36 apn–scan(cmd.exe): 48 microseconds
= 02–11–2006 20:54:36 [3044] ap–scan [360ms]: NO THREAT found in file C:\WINDOWS\System32\cmd.exe
= 02–11–2006 20:54:37 [3120] *** Process: 2276 (parent 2764) C:\WINDOWS\regedit.exe:
= 02–11–2006 20:54:37 apn–scan(regedit.exe): 45 microseconds
= 02–11–2006 20:54:37 [3120] ap–scan [47ms]: NO THREAT found in file C:\WINDOWS\regedit.exe
= 02–11–2006 20:54:37 [3132] *** Process: 2120 (parent 2764) C:\WINDOWS\regedit.exe:
= 02–11–2006 20:54:37 apn–scan(regedit.exe): 54 microseconds
= 02–11–2006 20:54:37 [3132] ap–scan [47ms]: NO THREAT found in file C:\WINDOWS\regedit.exe
= 02–11–2006 20:54:37 [3184] *** Process: 3156 (parent 2764) C:\Program Files\ATI Technologies\ATI.ACE\thunk.exe:
= 02–11–2006 20:54:37 apn–scan(thunk.exe): 45 microseconds
= 02–11–2006 20:54:37 [3184] ap–scan [31ms]: NO THREAT found in file C:\Program Files\ATI Technologies\ATI.ACE\thunk.exe
= 02–11–2006 20:54:37 [3208] *** Process: 444 (parent 2764) C:\Program Files\ATI Technologies\ATI.ACE\thunk.exe:
= 02–11–2006 20:54:37 apn–scan(thunk.exe): 45 microseconds
= 02–11–2006 20:54:37 [3208] ap–scan [15ms]: NO THREAT found in file C:\Program Files\ATI Technologies\ATI.ACE\thunk.exe
= 02–11–2006 20:54:52 [3492] *** Process: 3420 (parent 676) C:\WINDOWS\system32\logonui.exe:
= 02–11–2006 20:54:52 apn–scan(logonui.exe): 49 microseconds
= 02–11–2006 20:54:52 [3492] ap–scan [78ms]: NO THREAT found in file C:\WINDOWS\system32\logonui.exe
********* Spyware Nuker XT Log File **********
– Version: 4.5.40.1560 Build 1560
– Definition Database Date: 1/16/2006 08:36:25 AM (12867 entries)
– OS version: Windows XP 5.1.2600 []
– Default Browser: Opera (C:\Programy\Opera\Opera.exe)
– Browser Versions: IE:6.0.2600.0000;
– User ID: S–1–5–21–1757981266–492894223–682003330–1003
= 02–11–2006 20:56:19 database: 1/16/2006 08:36:25 AM (12867 entries)
= 02–11–2006 20:56:20 2009 exe signatures
= 02–11–2006 20:56:20 52 exe signatures
= 02–11–2006 20:56:21 Scan Locations: "C:\", "D:\"
= 02–11–2006 20:56:26 [1240] *** Process: 1232 (parent 720) C:\WINDOWS\system32\ati2sgag.exe:
= 02–11–2006 20:56:26 apn–scan(ati2sgag.exe): 48 microseconds
= 02–11–2006 20:56:26 [1240] ap–scan [156ms]: NO THREAT found in file C:\WINDOWS\system32\ati2sgag.exe
= 02–11–2006 20:56:26 [1388] *** Process: 1380 (parent 720) C:\Program Files\Eset\nod32krn.exe:
= 02–11–2006 20:56:28 apn–scan(nod32krn.exe): 53 microseconds
= 02–11–2006 20:56:28 [1388] ap–scan [2375ms]: NO THREAT found in file C:\Program Files\Eset\nod32krn.exe
= 02–11–2006 20:56:29 [1548] *** Process: 1536 (parent 720) C:\Programy\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe:
= 02–11–2006 20:56:29 apn–scan(StarWindService.exe): 46 microseconds
= 02–11–2006 20:56:29 [1548] ap–scan [546ms]: NO THREAT found in file C:\Programy\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
= 02–11–2006 20:56:37 [2024] *** Process: 2016 (parent 1380) C:\WINDOWS\System32\regedt32.exe:
= 02–11–2006 20:56:38 apn–scan(regedt32.exe): 50 microseconds
= 02–11–2006 20:56:38 [2024] ap–scan [860ms]: NO THREAT found in file C:\WINDOWS\System32\regedt32.exe
= 02–11–2006 20:56:38 [220] *** Process: 212 (parent 720) C:\WINDOWS\System32\imapi.exe:
= 02–11–2006 20:56:39 apn–scan(imapi.exe): 50 microseconds
= 02–11–2006 20:56:39 [220] ap–scan [1093ms]: NO THREAT found in file C:\WINDOWS\System32\imapi.exe
= 02–11–2006 20:56:41 [440] *** Process: 1080 (parent 1232) C:\WINDOWS\system32\ati2sgag.exe:
= 02–11–2006 20:56:41 [460] *** Process: 452 (parent 720) C:\WINDOWS\System32\wbem\wmiapsrv.exe:
= 02–11–2006 20:56:41 apn–scan(ati2sgag.exe): 48 microseconds
= 02–11–2006 20:56:41 [528] *** Process: 508 (parent 2016) C:\WINDOWS\regedit.exe:
= 02–11–2006 20:56:41 apn–scan(wmiapsrv.exe): 50 microseconds
= 02–11–2006 20:56:41 [440] ap–scan [407ms]: NO THREAT found in file C:\WINDOWS\system32\ati2sgag.exe
= 02–11–2006 20:56:41 apn–scan(regedit.exe): 47 microseconds
= 02–11–2006 20:56:42 [460] ap–scan [203ms]: NO THREAT found in file C:\WINDOWS\System32\wbem\wmiapsrv.exe
= 02–11–2006 20:56:42 [528] ap–scan [500ms]: NO THREAT found in file C:\WINDOWS\regedit.exe
= 02–11–2006 20:56:48 [1212] *** Process: 1144 (parent 1528) C:\Program Files\ATI Technologies\ATI.ACE\cli.exe:
= 02–11–2006 20:56:48 apn–scan(cli.exe): 50 microseconds
= 02–11–2006 20:56:48 [1212] ap–scan [328ms]: NO THREAT found in file C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
= 02–11–2006 20:56:49 [1880] *** Process: 1376 (parent 932) C:\WINDOWS\System32\wbem\wmiprvse.exe:
= 02–11–2006 20:56:50 apn–scan(wmiprvse.exe): 55 microseconds
= 02–11–2006 20:56:50 [1880] ap–scan [141ms]: NO THREAT found in file C:\WINDOWS\System32\wbem\wmiprvse.exe
= 02–11–2006 20:56:51 [2184] *** Process: 2176 (parent 1528) C:\Program Files\ATI Technologies\ATI.ACE\cli.exe:
= 02–11–2006 20:56:51 apn–scan(cli.exe): 49 microseconds
= 02–11–2006 20:56:51 [2184] ap–scan [94ms]: NO THREAT found in file C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
= 02–11–2006 20:56:54 [2404] *** Process: 2396 (parent 1528) C:\Program Files\ATI Technologies\ATI.ACE\cli.exe:
= 02–11–2006 20:56:54 apn–scan(cli.exe): 47 microseconds
= 02–11–2006 20:56:54 [2404] ap–scan [47ms]: NO THREAT found in file C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
= 02–11–2006 20:56:59 [2676] *** Process: 2668 (parent 376) C:\Program Files\ATI Technologies\ATI.ACE\cli.exe:
= 02–11–2006 20:56:59 apn–scan(cli.exe): 44 microseconds
= 02–11–2006 20:56:59 [2676] ap–scan [31ms]: NO THREAT found in file C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
= 02–11–2006 20:56:59 [2700] *** Process: 2692 (parent 376) C:\Program Files\ATI Technologies\ATI.ACE\cli.exe:
= 02–11–2006 20:56:59 apn–scan(cli.exe): 46 microseconds
= 02–11–2006 20:56:59 [2700] ap–scan [110ms]: NO THREAT found in file C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
= 02–11–2006 20:56:59 [2736] *** Process: 2728 (parent 376) C:\Program Files\ATI Technologies\ATI.ACE\cli.exe:
= 02–11–2006 20:56:59 apn–scan(cli.exe): 46 microseconds
= 02–11–2006 20:56:59 [2736] ap–scan [62ms]: NO THREAT found in file C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
= 02–11–2006 20:57:08 [3076] *** Process: 3068 (parent 2692) C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe:
= 02–11–2006 20:57:08 apn–scan(CLI.exe): 50 microseconds
= 02–11–2006 20:57:08 [3076] ap–scan [32ms]: NO THREAT found in file C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
= 02–11–2006 20:57:11 [3248] *** Process: 3240 (parent 720) C:\WINDOWS\System32\wbem\wmiapsrv.exe:
= 02–11–2006 20:57:11 apn–scan(wmiapsrv.exe): 49 microseconds
= 02–11–2006 20:57:11 [3248] ap–scan [62ms]: NO THREAT found in file C:\WINDOWS\System32\wbem\wmiapsrv.exe
= 02–11–2006 20:57:11 [3336] *** Process: 3328 (parent 720) C:\WINDOWS\System32\wbem\wmiapsrv.exe:
= 02–11–2006 20:57:11 apn–scan(wmiapsrv.exe): 49 microseconds
= 02–11–2006 20:57:11 [3336] ap–scan [32ms]: NO THREAT found in file C:\WINDOWS\System32\wbem\wmiapsrv.exe
= 02–11–2006 20:57:42 [468] *** Process: 1180 (parent 1528) C:\Program Files\ATI Technologies\ATI.ACE\cli.exe:
= 02–11–2006 20:57:42 apn–scan(cli.exe): 46 microseconds
= 02–11–2006 20:57:42 [468] ap–scan [32ms]: NO THREAT found in file C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
= 02–11–2006 20:59:45 [1192] *** Process: 1656 (parent 1648) C:\Programy\WinRAR\WinRAR.exe:
= 02–11–2006 20:59:46 apn–scan(WinRAR.exe): 42 microseconds
= 02–11–2006 20:59:46 [1192] ap–scan [265ms]: NO THREAT found in file C:\Programy\WinRAR\WinRAR.exe
= 02–11–2006 20:59:50 [2420] *** Process: 2416 (parent 1656) C:\DOCUME~1\Deus\USTAWI~1\Temp\Rar$EX00.859\Crack.eXe:
= 02–11–2006 20:59:50 apn–scan(Crack.eXe): 43 microseconds
= 02–11–2006 20:59:50 [2420] ap–scan [16ms]: NO THREAT found in file C:\DOCUME~1\Deus\USTAWI~1\Temp\Rar$EX00.859\Crack.eXe
= 02–11–2006 21:00:05 [224] *** Process: 2436 (parent 1648) C:\Programy\WinRAR\WinRAR.exe:
= 02–11–2006 21:00:06 apn–scan(WinRAR.exe): 42 microseconds
= 02–11–2006 21:00:06 [224] ap–scan [234ms]: NO THREAT found in file C:\Programy\WinRAR\WinRAR.exe
= 02–11–2006 21:00:17 [440] *** Process: 2876 (parent 1648) D:\P2P\eMule plus\Incoming\Spyware.Nuker.XT.v4.5.40.1560.incl.crack.TBE.by.ChingLiu\Crack.eXe:
= 02–11–2006 21:00:17 apn–scan(Crack.eXe): 41 microseconds
= 02–11–2006 21:00:17 [440] ap–scan [0ms]: NO THREAT found in file D:\P2P\eMule plus\Incoming\Spyware.Nuker.XT.v4.5.40.1560.incl.crack.TBE.by.ChingLiu\Crack.eXe
= 02–11–2006 21:00:21 [2964] *** Process: 1552 (parent 1648) D:\P2P\eMule plus\Incoming\Spyware.Nuker.XT.v4.5.40.1560.incl.crack.TBE.by.ChingLiu\Crack.eXe:
= 02–11–2006 21:00:21 apn–scan(Crack.eXe): 37 microseconds
= 02–11–2006 21:00:21 [2964] ap–scan [0ms]: NO THREAT found in file D:\P2P\eMule plus\Incoming\Spyware.Nuker.XT.v4.5.40.1560.incl.crack.TBE.by.ChingLiu\Crack.eXe
= 02–11–2006 21:01:08 [3804] *** Process: 3800 (parent 1648) D:\Antivirusy\Spyware Nuker\Crack.eXe:
= 02–11–2006 21:01:09 apn–scan(Crack.eXe): 37 microseconds
= 02–11–2006 21:01:09 [3804] ap–scan [15ms]: NO THREAT found in file D:\Antivirusy\Spyware Nuker\Crack.eXe
= 02–11–2006 21:03:11 [2652] *** Process: 3828 (parent 1648) D:\P2P\Ares\Ares.exe:
= 02–11–2006 21:03:12 apn–scan(Ares.exe): 34 microseconds
= 02–11–2006 21:03:12 [2652] ap–scan [187ms]: NO THREAT found in file D:\P2P\Ares\Ares.exe
= 02–11–2006 21:04:06 [2632] *** Process: 2624 (parent 332) C:\Odtwarzacze\Winamp\winamp.exe:
= 02–11–2006 21:04:06 apn–scan(winamp.exe): 41 microseconds
= 02–11–2006 21:04:06 [2632] ap–scan [735ms]: NO THREAT found in file C:\Odtwarzacze\Winamp\winamp.exe
= 02–11–2006 21:04:07 [2684] *** Process: 2808 (parent 332) C:\Odtwarzacze\Winamp\winamp.exe:
= 02–11–2006 21:04:07 apn–scan(winamp.exe): 44 microseconds
= 02–11–2006 21:04:07 [2684] ap–scan [360ms]: NO THREAT found in file C:\Odtwarzacze\Winamp\winamp.exe
= 02–11–2006 21:04:07 [2736] *** Process: 2752 (parent 332) C:\Odtwarzacze\Winamp\winamp.exe:
= 02–11–2006 21:04:07 apn–scan(winamp.exe): 41 microseconds
= 02–11–2006 21:04:07 [2736] ap–scan [359ms]: NO THREAT found in file C:\Odtwarzacze\Winamp\winamp.exe
= 02–11–2006 21:04:07 [2608] *** Process: 2800 (parent 332) C:\Odtwarzacze\Winamp\winamp.exe:
= 02–11–2006 21:04:08 apn–scan(winamp.exe): 40 microseconds
= 02–11–2006 21:04:08 [2608] ap–scan [391ms]: NO THREAT found in file C:\Odtwarzacze\Winamp\winamp.exe
= 02–11–2006 21:04:08 [2524] *** Process: 2512 (parent 332) C:\Odtwarzacze\Winamp\winamp.exe:
= 02–11–2006 21:04:08 apn–scan(winamp.exe): 41 microseconds
= 02–11–2006 21:04:08 [2524] ap–scan [344ms]: NO THREAT found in file C:\Odtwarzacze\Winamp\winamp.exe
= 02–11–2006 21:04:08 [436] *** Process: 2852 (parent 332) C:\Odtwarzacze\Winamp\winamp.exe:
= 02–11–2006 21:04:08 apn–scan(winamp.exe): 44 microseconds
= 02–11–2006 21:04:09 [436] ap–scan [375ms]: NO THREAT found in file C:\Odtwarzacze\Winamp\winamp.exe
= 02–11–2006 21:04:09 [2896] *** Process: 2892 (parent 332) C:\Odtwarzacze\Winamp\winamp.exe:
= 02–11–2006 21:04:09 apn–scan(winamp.exe): 42 microseconds
= 02–11–2006 21:04:09 [2896] ap–scan [344ms]: NO THREAT found in file C:\Odtwarzacze\Winamp\winamp.exe
= 02–11–2006 21:04:23 [1544] *** Process: 3236 (parent 2692) C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe:
= 02–11–2006 21:04:24 apn–scan(CLI.exe): 61 microseconds
= 02–11–2006 21:04:24 [1544] ap–scan [125ms]: NO THREAT found in file C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
= 02–11–2006 21:04:31 [3480] *** Process: 3468 (parent 932) C:\WINDOWS\System32\wbem\wmiprvse.exe:
= 02–11–2006 21:04:31 apn–scan(wmiprvse.exe): 53 microseconds
= 02–11–2006 21:04:31 [3480] ap–scan [141ms]: NO THREAT found in file C:\WINDOWS\System32\wbem\wmiprvse.exe
= 02–11–2006 21:05:43 [2380] *** Process: 2568 (parent 1648) C:\Odtwarzacze\Winamp\winamp.exe:
= 02–11–2006 21:05:44 apn–scan(winamp.exe): 42 microseconds
= 02–11–2006 21:05:44 [2380] ap–scan [641ms]: NO THREAT found in file C:\Odtwarzacze\Winamp\winamp.exe
= 02–11–2006 21:05:47 [2508] *** Process: 2608 (parent 1648) C:\Odtwarzacze\Winamp\winamp.exe:
= 02–11–2006 21:05:47 [2848] *** Process: 2784 (parent 1648) C:\Odtwarzacze\Winamp\winamp.exe:
= 02–11–2006 21:05:47 apn–scan(winamp.exe): 43 microseconds
= 02–11–2006 21:05:48 [2508] ap–scan [735ms]: NO THREAT found in file C:\Odtwarzacze\Winamp\winamp.exe
= 02–11–2006 21:05:48 apn–scan(winamp.exe): 42 microseconds
= 02–11–2006 21:05:48 [2848] ap–scan [672ms]: NO THREAT found in file C:\Odtwarzacze\Winamp\winamp.exe
= 02–11–2006 21:09:38 [2860] *** Process: 2836 (parent 1648) C:\Program Files\ATI Technologies\ATI.ACE\cli.exe:
= 02–11–2006 21:09:38 apn–scan(cli.exe): 47 microseconds
= 02–11–2006 21:09:38 [2860] ap–scan [31ms]: NO THREAT found in file C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
= 02–11–2006 21:09:41 [2976] *** Process: 2964 (parent 932) C:\WINDOWS\System32\wbem\wmiprvse.exe:
= 02–11–2006 21:09:41 apn–scan(wmiprvse.exe): 50 microseconds
= 02–11–2006 21:09:41 [2976] ap–scan [62ms]: NO THREAT found in file C:\WINDOWS\System32\wbem\wmiprvse.exe
= 02–11–2006 21:11:33 [4056] *** Process: 4040 (parent 1648) C:\Program Files\ATI Technologies\ATI.ACE\cli.exe:
= 02–11–2006 21:11:33 apn–scan(cli.exe): 47 microseconds
= 02–11–2006 21:11:33 [4056] ap–scan [31ms]: NO THREAT found in file C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
= 02–11–2006 21:11:59 [2412] *** Process: 2532 (parent 1648) D:\ATI\SUPPORT\Hydrovision\MagnifyFX.exe:
= 02–11–2006 21:11:59 apn–scan(MagnifyFX.exe): 43 microseconds
= 02–11–2006 21:11:59 [2412] ap–scan [109ms]: NO THREAT found in file D:\ATI\SUPPORT\Hydrovision\MagnifyFX.exe
= 02–11–2006 21:12:07 [2940] *** Process: 2880 (parent 1648) D:\ATI\SUPPORT\Hydrovision\HydraCPL.exe:
= 02–11–2006 21:12:07 apn–scan(HydraCPL.exe): 53 microseconds
= 02–11–2006 21:12:07 [2940] ap–scan [46ms]: NO THREAT found in file D:\ATI\SUPPORT\Hydrovision\HydraCPL.exe
= 02–11–2006 21:13:33 [3460] *** Process: 820 (parent 1648) D:\P2P\eMule\emule.exe:
= 02–11–2006 21:13:34 apn–scan(emule.exe): 34 microseconds
= 02–11–2006 21:13:34 [3460] ap–scan [969ms]: NO THREAT found in file D:\P2P\eMule\emule.exe
= 02–11–2006 21:14:10 [1956] *** Process: 532 (parent 1648) C:\WINDOWS\system32\NOTEPAD.EXE:
= 02–11–2006 21:14:10 apn–scan(NOTEPAD.EXE): 48 microseconds
= 02–11–2006 21:14:10 [1956] ap–scan [47ms]: NO THREAT found in file C:\WINDOWS\system32\NOTEPAD.EXE
= 02–11–2006 21:14:30 [2956] *** Process: 2696 (parent 228) C:\WINDOWS\hh.exe:
= 02–11–2006 21:14:30 apn–scan(hh.exe): 48 microseconds
= 02–11–2006 21:14:30 [2956] ap–scan [47ms]: NO THREAT found in file C:\WINDOWS\hh.exe
= 02–11–2006 21:15:03 [3348] *** Process: 3340 (parent 228) C:\Program Files\INAC\StartUp Manager\StartupManager.exe:
= 02–11–2006 21:15:03 apn–scan(StartupManager.exe): 52 microseconds
= 02–11–2006 21:15:03 [3348] ap–scan [266ms]: NO THREAT found in file C:\Program Files\INAC\StartUp Manager\StartupManager.exe
= 02–11–2006 21:15:19 process list begins (scan)
= 02–11–2006 21:15:19 0584 \SystemRoot\System32\smss.exe
= 02–11–2006 21:15:19 0648 C:\WINDOWS\system32\csrss.exe
= 02–11–2006 21:15:19 0676 C:\WINDOWS\system32\winlogon.exe
= 02–11–2006 21:15:19 0720 C:\WINDOWS\system32\services.exe
= 02–11–2006 21:15:19 0732 C:\WINDOWS\syst
Tego wszystkiego się pozbądź łacznie w plikami *.dll
W tych pięciu ostatnich kluczach w podkluczach InprocServer32 masz wartości domyślne, wymienione tam biblioteki dll tez znikają z dysku.
Moźesz się posłuźyć Killboxem z opcja delete on reboot.
HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\
"{B04ADF99–F677–4975–9AB6–B349BF74A3EC}" = (no title provided)
–> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\system32\ekent.dll" [file not found]
"{1BCCCB70–2D36–460E–B80C–BE9E0CC3142B}" = (no title provided)
–> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\system32\oYkley.dll" [file not found]
"{63402064–04C2–4ACD–ABB9–7BAD270422D6}" = (no title provided)
–> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\system32\mkaudite.dll" [file not found]
"{C1D3E74D–1414–466E–9FBD–BB680EF22B88}" = (no title provided)
–> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\system32\dpsynth.dll" [file not found]
"{32C9D798–2F09–41B7–8244–88054AFB26CF}" = (no title provided)
–> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\system32\hSl.dll" [file not found]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform]
"{5496A204–FC25–EBA6–9F40–8AD260A07E73}"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved]
"{B04ADF99–F677–4975–9AB6–B349BF74A3EC}"=""
"{1BCCCB70–2D36–460E–B80C–BE9E0CC3142B}"=""
"{21882611–5F4B–4787–856D–B4B2A752E0A0}"=""
"{63402064–04C2–4ACD–ABB9–7BAD270422D6}"=""
"{C1D3E74D–1414–466E–9FBD–BB680EF22B88}"=""
"{32C9D798–2F09–41B7–8244–88054AFB26CF}"=""
[HKEY_CLASSES_ROOT\CLSID\{B04ADF99–F677–4975–9AB6–B349BF74A3EC}]
[HKEY_CLASSES_ROOT\CLSID\{1BCCCB70–2D36–460E–B80C–BE9E0CC3142B}]
[HKEY_CLASSES_ROOT\CLSID\{63402064–04C2–4ACD–ABB9–7BAD270422D6}]
[HKEY_CLASSES_ROOT\CLSID\{C1D3E74D–1414–466E–9FBD–BB680EF22B88}]
[HKEY_CLASSES_ROOT\CLSID\{32C9D798–2F09–41B7–8244–88054AFB26CF}]
W tych pięciu ostatnich kluczach w podkluczach InprocServer32 masz wartości domyślne, wymienione tam biblioteki dll tez znikają z dysku.
Moźesz się posłuźyć Killboxem z opcja delete on reboot.
L2MFIX find log 010406
These are the registry keys present
**********************************************************************************
Winlogon/notify:
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
"DLLName"="Ati2evxx.dll"
"Asynchronous"=dword:00000000
"Impersonate"=dword:00000001
"Lock"="AtiLockEvent"
"Logoff"="AtiLogoffEvent"
"Logon"="AtiLogonEvent"
"Disconnect"="AtiDisConnectEvent"
"Reconnect"="AtiReConnectEvent"
"Safe"=dword:00000000
"Shutdown"="AtiShutdownEvent"
"StartScreenSaver"="AtiStartScreenSaverEvent"
"StartShell"="AtiStartShellEvent"
"Startup"="AtiStartupEvent"
"StopScreenSaver"="AtiStopScreenSaverEvent"
"Unlock"="AtiUnLockEvent"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain]
"Asynchronous"=dword:00000000
"Impersonate"=dword:00000000
"DllName"=hex(2):63,00,72,00,79,00,70,00,74,00,33,00,32,00,2e,00,64,00,6c,00,\
6c,00,00,00
"Logoff"="ChainWlxLogoffEvent"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet]
"Asynchronous"=dword:00000000
"Impersonate"=dword:00000000
"DllName"=hex(2):63,00,72,00,79,00,70,00,74,00,6e,00,65,00,74,00,2e,00,64,00,\
6c,00,6c,00,00,00
"Logoff"="CryptnetWlxLogoffEvent"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll]
"DLLName"="cscdll.dll"
"Logon"="WinlogonLogonEvent"
"Logoff"="WinlogonLogoffEvent"
"ScreenSaver"="WinlogonScreenSaverEvent"
"Startup"="WinlogonStartupEvent"
"Shutdown"="WinlogonShutdownEvent"
"StartShell"="WinlogonStartShellEvent"
"Impersonate"=dword:00000000
"Asynchronous"=dword:00000001
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp]
"DLLName"="wlnotify.dll"
"Logon"="SCardStartCertProp"
"Logoff"="SCardStopCertProp"
"Lock"="SCardSuspendCertProp"
"Unlock"="SCardResumeCertProp"
"Enabled"=dword:00000001
"Impersonate"=dword:00000001
"Asynchronous"=dword:00000001
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule]
"Asynchronous"=dword:00000000
"DllName"=hex(2):77,00,6c,00,6e,00,6f,00,74,00,69,00,66,00,79,00,2e,00,64,00,\
6c,00,6c,00,00,00
"Impersonate"=dword:00000000
"StartShell"="SchedStartShell"
"Logoff"="SchedEventLogOff"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy]
"Logoff"="WLEventLogoff"
"Impersonate"=dword:00000000
"Asynchronous"=dword:00000001
"DllName"=hex(2):73,00,63,00,6c,00,67,00,6e,00,74,00,66,00,79,00,2e,00,64,00,\
6c,00,6c,00,00,00
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn]
"DLLName"="WlNotify.dll"
"Lock"="SensLockEvent"
"Logon"="SensLogonEvent"
"Logoff"="SensLogoffEvent"
"Safe"=dword:00000001
"MaxWait"=dword:00000258
"StartScreenSaver"="SensStartScreenSaverEvent"
"StopScreenSaver"="SensStopScreenSaverEvent"
"Startup"="SensStartupEvent"
"Shutdown"="SensShutdownEvent"
"StartShell"="SensStartShellEvent"
"PostShell"="SensPostShellEvent"
"Disconnect"="SensDisconnectEvent"
"Reconnect"="SensReconnectEvent"
"Unlock"="SensUnlockEvent"
"Impersonate"=dword:00000001
"Asynchronous"=dword:00000001
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv]
"Asynchronous"=dword:00000000
"DllName"=hex(2):77,00,6c,00,6e,00,6f,00,74,00,69,00,66,00,79,00,2e,00,64,00,\
6c,00,6c,00,00,00
"Impersonate"=dword:00000000
"Logoff"="TSEventLogoff"
"Logon"="TSEventLogon"
"PostShell"="TSEventPostShell"
"Shutdown"="TSEventShutdown"
"StartShell"="TSEventStartShell"
"Startup"="TSEventStartup"
"MaxWait"=dword:00000258
"Reconnect"="TSEventReconnect"
"Disconnect"="TSEventDisconnect"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon]
"DLLName"="wlnotify.dll"
"Logon"="RegisterTicketExpiredNotificationEvent"
"Logoff"="UnregisterTicketExpiredNotificationEvent"
"Impersonate"=dword:00000001
"Asynchronous"=dword:00000001
**********************************************************************************
useragent:
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform]
"{5496A204–FC25–EBA6–9F40–8AD260A07E73}"=""
**********************************************************************************
Shell Extension key:
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved]
"{00022613–0000–0000–C000–000000000046}"="Karta waciwoci pliku multimedialnego"
"{176d6597–26d3–11d1–b350–080036a75b03}"="ZarzĄdzanie skanerem ICM"
"{1F2E5C40–9550–11CE–99D2–00AA006E086C}"="Strona zabezpiecze NTFS"
"{3EA48300–8CF6–101B–84FB–666CCB9BCD32}"="Strona waciwoci OLE Docfile"
"{40dd6e20–7c17–11ce–a804–00aa003ca9f6}"="Rozszerzenia powoki dla udostpniania zasobw"
"{41E300E0–78B6–11ce–849B–444553540000}"="PlusPack CPL Extension"
"{42071712–76d4–11d1–8b24–00a0c9068ff3}"="Rozszerzenie CPL karty graficznej"
"{42071713–76d4–11d1–8b24–00a0c9068ff3}"="Rozszerzenie CPL monitora wywietlania"
"{42071714–76d4–11d1–8b24–00a0c9068ff3}"="Rozszerzenie CPL kadrowania wywietlania"
"{4E40F770–369C–11d0–8922–00A024AB2DBB}"="Strona zabezpiecze usugi DS"
"{513D916F–2A8E–4F51–AEAB–0CBC76FB1AF8}"="Strona zgodnoci"
"{56117100–C0CD–101B–81E2–00AA004AE837}"="Program obsugi danych wycinkowych powoki"
"{59099400–57FF–11CE–BD94–0020AF85B590}"="Rozszerzenie Disc Copy"
"{59be4990–f85c–11ce–aff7–00aa003ca9f6}"="Rozszerzenia powoki dla obiektw Microsoft Windows Network"
"{5DB2625A–54DF–11D0–B6C4–0800091AA605}"="ZarzĄdzanie monitorem ICM"
"{675F097E–4C4D–11D0–B6C1–0800091AA605}"="ZarzĄdzanie drukarkĄ ICM"
"{764BF0E1–F219–11ce–972D–00AA00A14F56}"="Rozszerzenia powoki dla kompresji plikw"
"{77597368–7b15–11d0–a0c2–080036af3f03}"="Rozszerzenie powoki drukarek sieci Web"
"{7988B573–EC89–11cf–9C00–00AA00A14F56}"="Disk Quota UI"
"{853FE2B1–B769–11d0–9C4E–00C04FB6C6FA}"="Menu kontekstowe szyfrowania"
"{85BBD920–42A0–1069–A2E4–08002B30309D}"="Aktwka"
"{88895560–9AA2–1069–930E–00AA0030EBC8}"="Rozszerzenie ikony HyperTerminalu"
"{BD84B380–8CA2–1069–AB1D–08000948F534}"="Fonts"
"{DBCE2480–C732–101B–BE72–BA78E9AD5B27}"="Profil ICC"
"{F37C5810–4D3F–11d0–B4BF–00AA00BBB723}"="Strona zabezpiecze drukarek"
"{f81e9010–6ea4–11ce–a7ff–00aa003ca9f6}"="Rozszerzenia powoki dla udostpniania zasobw"
"{f92e8c40–3d33–11d2–b1aa–080036a75b03}"="Display TroubleShoot CPL Extension"
"{7444C717–39BF–11D1–8CD9–00C04FC29D45}"="Rozszerzenie Crypto PKO"
"{7444C719–39BF–11D1–8CD9–00C04FC29D45}"="Rozszerzenie Crypto Sign"
"{7007ACC7–3202–11D1–AAD2–00805FC1270E}"="PoĄczenia sieciowe"
"{992CFFA0–F557–101A–88EC–00DD010CCC48}"="PoĄczenia sieciowe"
"{E211B736–43FD–11D1–9EFB–0000F8757FCD}"="&Skanery i aparaty fotograficzne"
"{FB0C9C8A–6C50–11D1–9F1D–0000F8757FCD}"="&Skanery i aparaty fotograficzne"
"{905667aa–acd6–11d2–8080–00805f6596d2}"="&Skanery i aparaty fotograficzne"
"{3F953603–1008–4f6e–A73A–04AAC7A992F1}"="&Skanery i aparaty fotograficzne"
"{83bbcbf3–b28a–4919–a5aa–73027445d672}"="&Skanery i aparaty fotograficzne"
"{F0152790–D56E–4445–850E–4F3117DB740C}"="Remote Sessions CPL Extension"
"{5F327514–6C5E–4d60–8F16–D07FA08A78ED}"="Auto Update Property Sheet Extension"
"{60254CA5–953B–11CF–8C96–00AA00B8708C}"="Rozszerzenia powoki dla hosta skryptw systemu Windows"
"{2206CDB2–19C1–11D1–89E0–00C04FD7A829}"="Microsoft Data Link"
"{DD2110F0–9EEF–11cf–8D8E–00AA0060F5BF}"="Tasks Folder Icon Handler"
"{797F1E90–9EDD–11cf–8D8E–00AA0060F5BF}"="Tasks Folder Shell Extension"
"{D6277990–4C6A–11CF–8D87–00AA0060F5BF}"="Zaplanowane zadania"
"{0DF44EAA–FF21–4412–828E–260A8728E7F1}"="Pasek zada i menu Start"
"{2559a1f0–21d7–11d4–bdaf–00c04f60b9f0}"="Wyszukaj"
"{2559a1f1–21d7–11d4–bdaf–00c04f60b9f0}"="Pomoc i obsuga techniczna"
"{2559a1f2–21d7–11d4–bdaf–00c04f60b9f0}"="Pomoc i obsuga techniczna"
"{2559a1f3–21d7–11d4–bdaf–00c04f60b9f0}"="Uruchom..."
"{2559a1f4–21d7–11d4–bdaf–00c04f60b9f0}"="Internet"
"{2559a1f5–21d7–11d4–bdaf–00c04f60b9f0}"="E–mail"
"{D20EA4E1–3957–11d2–A40B–0C5020524152}"="Czcionki"
"{D20EA4E1–3957–11d2–A40B–0C5020524153}"="Narzdzia administracyjne"
"{875CB1A1–0F29–45de–A1AE–CFB4950D0B78}"="Audio Media Properties Handler"
"{40C3D757–D6E4–4b49–BB41–0E5BBEA28817}"="Video Media Properties Handler"
"{E4B29F9D–D390–480b–92FD–7DDB47101D71}"="Wav Properties Handler"
"{87D62D94–71B3–4b9a–9489–5FE6850DC73E}"="Avi Properties Handler"
"{A6FD9E45–6E44–43f9–8644–08598F5A74D9}"="Midi Properties Handler"
"{c5a40261–cd64–4ccf–84cb–c394da41d590}"="Video Thumbnail Extractor"
"{5E6AB780–7743–11CF–A12B–00AA004AE837}"="Pasek narzdzi programu Microsoft Internet"
"{22BF0C20–6DA7–11D0–B373–00A0C9034938}"="Stan pobierania"
"{91EA3F8B–C99B–11d0–9815–00C04FD91972}"="Folder powoki zwikszonej"
"{6413BA2C–B461–11d1–A18A–080036B11A03}"="Folder powoki zwikszonej 2"
"{F61FFEC1–754F–11d0–80CA–00AA005B4383}"="BandProxy"
"{7BA4C742–9E81–11CF–99D3–00AA004AE837}"="Pasek przeglĄdarki Microsoft"
"{30D02401–6A81–11d0–8274–00C04FD5AE38}"="Pasek wyszukiwania"
"{32683183–48a0–441b–a342–7c2a440a9478}"="Pasek multimediw"
"{169A0691–8DF9–11d1–A1C4–00C04FD75D13}"="Wyszukiwanie w okienku"
"{07798131–AF23–11d1–9111–00A0C98BA67D}"="Wyszukiwanie w sieci Web"
"{AF4F6510–F982–11d0–8595–00AA004CD6D8}"="Narzdzie opcji drzewa rejestru"
"{01E04581–4EEE–11d0–BFE9–00AA005B4383}"="&Adres"
"{A08C11D2–A228–11d0–825B–00AA005B4383}"="Pole edycji adresu"
"{00BB2763–6A77–11D0–A535–00C04FD7D062}"="Autouzupenianie Microsoft"
"{7376D660–C583–11d0–A3A5–00C04FD706EC}"="Wyodrbnianie obrazw Trident"
"{6756A641–DE71–11d0–831B–00AA005B4383}"="Lista autouzupeniania MRU"
"{6935DB93–21E8–4ccc–BEB9–9FE3C77A297A}"="Niestandardowa lista autouzupeniania MRU"
"{7e653215–fa25–46bd–a339–34a2790f3cb7}"="Dostpny"
"{acf35015–526e–4230–9596–becbe19f0ac9}"="Pasek podrczny ledzenia"
"{E0E11A09–5CB8–4B6C–8332–E00720A168F2}"="Analizator paska adresu"
"{00BB2764–6A77–11D0–A535–00C04FD7D062}"="Lista autouzupeniania historii Microsoft"
"{03C036F1–A186–11D0–824A–00AA005B4383}"="Lista autouzupeniania folderu powoki Microsoft"
"{00BB2765–6A77–11D0–A535–00C04FD7D062}"="Kontener wielu list autouzupeniania Microsoft"
"{ECD4FC4E–521C–11D0–B792–00A0C90312E1}"="Menu witryny paska powoki"
"{3CCF8A41–5C85–11d0–9796–00AA00B90ADF}"="Shell DeskBarApp"
"{ECD4FC4C–521C–11D0–B792–00A0C90312E1}"="Pasek pulpitu powoki"
"{ECD4FC4D–521C–11D0–B792–00A0C90312E1}"="Shell Rebar BandSite"
"{DD313E04–FEFF–11d1–8ECD–0000F87A470C}"="Pomoc dla uytkownika"
"{EF8AD2D1–AE36–11D1–B2D2–006097DF8C11}"="Globalne ustawienia folderw"
"{EFA24E61–B078–11d0–89E4–00C04FC9E26E}"="Favorites Band"
"{0A89A860–D7B1–11CE–8350–444553540000}"="Shell Automation Inproc Service"
"{E7E4BC40–E76A–11CE–A9BB–00AA004AE837}"="Shell DocObject Viewer"
"{A5E46E3A–8849–11D1–9D8C–00C04FC99D61}"="Microsoft Browser Architecture"
"{FBF23B40–E3F0–101B–8488–00AA003E56F8}"="InternetShortcut"
"{3C374A40–BAE4–11CF–BF7D–00AA006946EE}"="Microsoft Url History Service"
"{FF393560–C2A7–11CF–BFF4–444553540000}"="Historia"
"{7BD29E00–76C1–11CF–9DD0–00A0C9034933}"="Tymczasowe pliki internetowe"
"{7BD29E01–76C1–11CF–9DD0–00A0C9034933}"="Tymczasowe pliki internetowe"
"{CFBFAE00–17A6–11D0–99CB–00C04FD64497}"="Microsoft Url Search Hook"
"{A2B0DD40–CC59–11d0–A3A5–00C04FD706EC}"="Ekran powitalny pakietu IE4"
"{67EA19A0–CCEF–11d0–8024–00C04FD75D13}"="CDF Extension Copy Hook"
"{131A6951–7F78–11D0–A979–00C04FD705A2}"="ISFBand OC"
"{9461b922–3c5a–11d2–bf8b–00c04fb93661}"="Search Assistant OC"
"{3DC7A020–0ACD–11CF–A9BB–00AA004AE837}"="Internet"
"{871C5380–42A0–1069–A2EA–08002B30309D}"="Internet Name Space"
"{EFA24E64–B078–11d0–89E4–00C04FC9E26E}"="Pasek eksploratora"
"{9E56BE60–C50F–11CF–9A2C–00A0C90A90CE}"="Sendmail service"
"{9E56BE61–C50F–11CF–9A2C–00A0C90A90CE}"="Sendmail service"
"{88C6C381–2E85–11D0–94DE–444553540000}"="Folder pamici podrcznej ActiveX"
"{E6FB5E20–DE35–11CF–9C87–00AA005127ED}"="WebCheck"
"{ABBE31D0–6DAE–11D0–BECA–00C04FD940BE}"="Subscription Mgr"
"{F5175861–2688–11d0–9C5E–00AA00A45957}"="Folder subskrypcji"
"{08165EA0–E946–11CF–9C87–00AA005127ED}"="WebCheckWebCrawler"
"{E3A8BDE6–ABCE–11d0–BC4B–00C04FD929DB}"="WebCheckChannelAgent"
"{E8BB6DC0–6B4E–11d0–92DB–00A0C90C2BD7}"="TrayAgent"
"{7D559C10–9FE9–11d0–93F7–00AA0059CE02}"="Code Download Agent"
"{E6CC6978–6B6E–11D0–BECA–00C04FD940BE}"="ConnectionAgent"
"{D8BD2030–6FC9–11D0–864F–00AA006809D9}"="PostAgent"
"{7FC0B86E–5FA7–11d1–BC7C–00C04FD929DB}"="WebCheck SyncMgr Handler"
"{352EC2B7–8B9A–11D1–B8AE–006008059382}"="Meneder aplikacji powoki"
"{0B124F8F–91F0–11D1–B8B5–006008059382}"="Wyliczanie zainstalowanych aplikacji"
"{CFCCC7A0–A282–11D1–9082–006008059382}"="Publikator aplikacji Darwin"
"{e84fda7c–1d6a–45f6–b725–cb260c236066}"="Shell Image Verbs"
"{66e4e4fb–f385–4dd0–8d74–a2efd1bc6178}"="Shell Image Data Factory"
"{3F30C968–480A–4C6C–862D–EFC0897BB84B}"="GDI+program wyodrbniajĄcy miniatury plikw"
"{9DBD2C50–62AD–11d0–B806–00C04FD706EC}"="Informacje podsumowujĄce obsugi miniatur (DOCFILES)"
"{EAB841A0–9550–11cf–8C16–00805F1408F3}"="Wyodrbnianie miniatur HTML"
"{eb9b1153–3b57–4e68–959a–a3266bc3d7fe}"="Shell Image Property Handler"
"{CC6EEFFB–43F6–46c5–9619–51D571967F7D}"="Kreator publikacji w sieci Web"
"{add36aa8–751a–4579–a266–d66f5202ccbb}"="Zamawianie odbitek w sieci Web"
"{6b33163c–76a5–4b6c–bf21–45de9cd503a1}"="Obiekt powoki kreatora publikacji"
"{58f1f272–9240–4f51–b6d4–fd63d1618591}"="Kreator uzyskiwania profilu usugi Passport"
"{7A9D77BD–5403–11d2–8785–2E0420524153}"="Konta uytkownikw"
"{BD472F60–27FA–11cf–B8B4–444553540000}"="Compressed (zipped) Folder Right Drag Handler"
"{888DCA60–FC0A–11CF–8F0F–00C04FD7D062}"="Compressed (zipped) Folder SendTo Target"
"{f39a0dc0–9cc8–11d0–a599–00c04fd64433}"="Plik kanau"
"{f3aa0dc0–9cc8–11d0–a599–00c04fd64434}"="Skrt kanau"
"{f3ba0dc0–9cc8–11d0–a599–00c04fd64435}"="Obiekt obsugi kanau"
"{f3da0dc0–9cc8–11d0–a599–00c04fd64437}"="Channel Menu"
"{f3ea0dc0–9cc8–11d0–a599–00c04fd64438}"="Channel Properties"
"{63da6ec0–2e98–11cf–8d82–444553540000}"="FTP Folders Webview"
"{883373C3–BF89–11D1–BE35–080036B11A03}"="Microsoft DocProp Shell Ext"
"{A9CF0EAE–901A–4739–A481–E35B73E47F6D}"="Microsoft DocProp Inplace Edit Box Control"
"{8EE97210–FD1F–4B19–91DA–67914005F020}"="Microsoft DocProp Inplace ML Edit Box Control"
"{0EEA25CC–4362–4A12–850B–86EE61B0D3EB}"="Microsoft DocProp Inplace Droplist Combo Control"
"{6A205B57–2567–4A2C–B881–F787FAB579A3}"="Microsoft DocProp Inplace Calendar Control"
"{28F8A4AC–BBB3–4D9B–B177–82BFC914FA33}"="Microsoft DocProp Inplace Time Control"
"{8A23E65E–31C2–11d0–891C–00A024AB2DBB}"="Directory Query UI"
"{9E51E0D0–6E0F–11d2–9601–00C04FA31A86}"="Shell properties for a DS object"
"{163FDC20–2ABC–11d0–88F0–00A024AB2DBB}"="Directory Object Find"
"{F020E586–5264–11d1–A532–0000F8757D7E}"="Directory Start/Search Find"
"{0D45D530–764B–11d0–A1CA–00AA00C16E65}"="Directory Property UI"
"{62AE1F9A–126A–11D0–A14B–0800361B1103}"="Directory Context Menu Verbs"
"{ECF03A33–103D–11d2–854D–006008059367}"="MyDocs Copy Hook"
"{ECF03A32–103D–11d2–854D–006008059367}"="MyDocs Drop Target"
"{4a7ded0a–ad25–11d0–98a8–0800361b1103}"="MyDocs Properties"
"{750fdf0e–2a26–11d1–a3ea–080036587f03}"="Offline Files Menu"
"{10CFC467–4392–11d2–8DB4–00C04FA31A66}"="Offline Files Folder Options"
"{AFDB1F70–2A4C–11d2–9039–00C04F8EEB3E}"="Folder plikw trybu offline"
"{143A62C8–C33B–11D1–84FE–00C04FA34A14}"="Microsoft Agent Character Property Sheet Handler"
"{ECCDF543–45CC–11CE–B9BF–0080C87CDBA6}"="DfsShell"
"{60fd46de–f830–4894–a628–6fa81bc0190d}"="%DESC_PublishDropTarget%"
"{7A80E4A8–8005–11D2–BCF8–00C04F72C717}"="MMC Icon Handler"
"{0CD7A5C0–9F37–11CE–AE65–08002B2E1262}"=".CAB file viewer"
"{32714800–2E5F–11d0–8B85–00AA0044F941}"="&Do osb..."
"{8DD448E6–C188–4aed–AF92–44956194EB1F}"="Windows Media Player Play as Playlist Context Menu Handler"
"{CE3FB1D1–02AE–4a5f–A6E9–D9F1B4073E6C}"="Windows Media Player Burn Audio CD Context Menu Handler"
"{F1B9284F–E9DC–4e68–9D7E–42362A59F0FD}"="Windows Media Player Add to Playlist Context Menu Handler"
"{B41DB860–8EE4–11D2–9906–E49FADC173CA}"="WinRAR shell extension"
"{BDEADF00–C265–11D0–BCED–00A0C90AB50F}"="Foldery w sieci Web"
"{42042206–2D85–11D3–8CFF–005004838597}"="Microsoft Office HTML Icon Handler"
"{32020A01–506E–484D–A2A8–BE3CF17601C3}"="AlcoholShellEx"
"{640167b4–59b0–47a6–b335–a6b3c0695aea}"="Portable Media Devices"
"{cc86590a–b60a–48e6–996b–41d25ed39a1e}"="Portable Media Devices Menu"
"{B04ADF99–F677–4975–9AB6–B349BF74A3EC}"=""
"{1BCCCB70–2D36–460E–B80C–BE9E0CC3142B}"=""
"{21882611–5F4B–4787–856D–B4B2A752E0A0}"=""
"{63402064–04C2–4ACD–ABB9–7BAD270422D6}"=""
"{C1D3E74D–1414–466E–9FBD–BB680EF22B88}"=""
"{32C9D798–2F09–41B7–8244–88054AFB26CF}"=""
"{B089FE88–FB52–11D3–BDF1–0050DA34150D}"="NOD32 Context Menu Shell Extension"
"{1D2680C9–0E2A–469d–B787–065558BC7D43}"="Fusion Cache"
"{5E2121EE–0300–11D4–8D3B–444553540000}"="Catalyst Context Menu extension"
**********************************************************************************
HKEY ROOT CLASSIDS:
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID\{B04ADF99–F677–4975–9AB6–B349BF74A3EC}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{B04ADF99–F677–4975–9AB6–B349BF74A3EC}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID\{B04ADF99–F677–4975–9AB6–B349BF74A3EC}\Implemented Categories\{00021492–0000–0000–C000–000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{B04ADF99–F677–4975–9AB6–B349BF74A3EC}\InprocServer32]
@="C:\\WINDOWS\\system32\\ekent.dll"
"ThreadingModel"="Apartment"
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID\{1BCCCB70–2D36–460E–B80C–BE9E0CC3142B}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{1BCCCB70–2D36–460E–B80C–BE9E0CC3142B}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID\{1BCCCB70–2D36–460E–B80C–BE9E0CC3142B}\Implemented Categories\{00021492–0000–0000–C000–000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{1BCCCB70–2D36–460E–B80C–BE9E0CC3142B}\InprocServer32]
@="C:\\WINDOWS\\system32\\oYkley.dll"
"ThreadingModel"="Apartment"
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID\{63402064–04C2–4ACD–ABB9–7BAD270422D6}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{63402064–04C2–4ACD–ABB9–7BAD270422D6}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID\{63402064–04C2–4ACD–ABB9–7BAD270422D6}\Implemented Categories\{00021492–0000–0000–C000–000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{63402064–04C2–4ACD–ABB9–7BAD270422D6}\InprocServer32]
@="C:\\WINDOWS\\system32\\mkaudite.dll"
"ThreadingModel"="Apartment"
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID\{C1D3E74D–1414–466E–9FBD–BB680EF22B88}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{C1D3E74D–1414–466E–9FBD–BB680EF22B88}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID\{C1D3E74D–1414–466E–9FBD–BB680EF22B88}\Implemented Categories\{00021492–0000–0000–C000–000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{C1D3E74D–1414–466E–9FBD–BB680EF22B88}\InprocServer32]
@="C:\\WINDOWS\\system32\\dpsynth.dll"
"ThreadingModel"="Apartment"
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID\{32C9D798–2F09–41B7–8244–88054AFB26CF}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{32C9D798–2F09–41B7–8244–88054AFB26CF}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID\{32C9D798–2F09–41B7–8244–88054AFB26CF}\Implemented Categories\{00021492–0000–0000–C000–000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{32C9D798–2F09–41B7–8244–88054AFB26CF}\InprocServer32]
@="C:\\WINDOWS\\system32\\hSl.dll"
"ThreadingModel"="Apartment"
**********************************************************************************
Files Found are not all bad files:
C:\WINDOWS\SYSTEM32\
ati2cqag.dll Thu 2006–01–05 4:05:36 A.... 237 568 232,00 K
ati2dvag.dll Thu 2006–01–05 4:47:00 ..... 252 928 247,00 K
ati2edxx.dll Thu 2006–01–05 4:41:12 A.... 40 960 40,00 K
ati2evxx.dll Thu 2006–01–05 4:41:00 A.... 61 440 60,00 K
ati3duag.dll Thu 2006–01–05 4:31:28 A.... 2 518 176 2,40 M
atiddc.dll Thu 2006–01–05 4:39:22 A.... 53 248 52,00 K
atidemgr.dll Thu 2006–01–05 3:22:04 A.... 258 048 252,00 K
atiiiexx.dll Thu 2006–01–05 4:19:00 A.... 307 200 300,00 K
atikvmag.dll Thu 2006–01–05 4:11:38 A.... 151 552 148,00 K
atioglx1.dll Thu 2006–01–05 4:20:06 A.... 6 684 672 6,38 M
atioglxx.dll Thu 2006–01–05 4:01:34 A.... 4 968 448 4,74 M
atipdlxx.dll Thu 2006–01–05 4:41:42 A.... 110 592 108,00 K
atitvo32.dll Thu 2006–01–05 4:10:58 A.... 17 408 17,00 K
ativvaxx.dll Thu 2006–01–05 4:25:12 A.... 862 336 842,13 K
cmdlin~1.dll Mon 2006–01–30 18:10:54 A.... 98 304 96,00 K
cpuinf32.dll Fri 2006–01–13 21:54:38 A.... 9 216 9,00 K
divx.dll Fri 2006–01–13 21:50:46 A.... 609 280 595,00 K
ff_vfw.dll Tue 2005–11–29 21:17:16 A.... 5 632 5,50 K
gccoll~1.dll Tue 2005–11–15 12:12:08 A.... 126 680 123,71 K
gcunco~1.dll Tue 2005–11–15 12:12:06 A.... 95 448 93,21 K
gdi32.dll Mon 2006–01–02 23:39:26 A.... 260 608 254,50 K
hashlib.dll Tue 2005–11–15 12:12:08 A.... 117 976 115,21 K
imon.dll Sun 2006–02–05 12:23:38 A.... 270 336 264,00 K
mplvpx.dll Fri 2006–01–13 21:55:02 A.... 245 760 240,00 K
mshtml.dll Tue 2005–11–22 17:40:38 A.... 2 700 288 2,57 M
msvbvm60.dll Mon 2006–01–09 20:07:28 A.... 1 385 744 1,32 M
oemdspif.dll Thu 2006–01–05 4:41:26 A.... 77 824 76,00 K
ogg.dll Fri 2006–01–13 21:55:30 A.... 45 056 44,00 K
oggds.dll Fri 2006–01–13 21:57:48 A.... 237 568 232,00 K
px.dll Mon 2005–12–05 6:12:26 ..... 339 968 332,00 K
pxdrv.dll Mon 2005–12–05 6:12:26 ..... 405 504 396,00 K
pxmas.dll Mon 2005–12–05 6:12:26 ..... 172 032 168,00 K
pxwave.dll Mon 2005–12–05 6:12:26 ..... 339 968 332,00 K
rmoc3260.dll Tue 2005–11–15 9:38:10 A.... 176 167 172,04 K
vorbis.dll Fri 2006–01–13 21:55:58 A.... 188 416 184,00 K
vorbis~1.dll Fri 2006–01–13 21:57:24 A.... 921 600 900,00 K
vp7vfw.dll Fri 2005–12–02 16:42:38 A.... 630 784 616,00 K
vxblock.dll Mon 2005–12–05 6:12:26 ..... 28 672 28,00 K
xvid.dll Fri 2006–01–13 21:48:18 A.... 626 688 612,00 K
xvidcore.dll Fri 2006–01–13 21:49:24 A.... 675 840 660,00 K
xvidvfw.dll Fri 2006–01–13 21:49:40 A.... 155 648 152,00 K
41 items found: 41 files, 0 directories.
Total of file sizes: 27 471 583 bytes 26,20 M
Locate .tmp files:
No matches found.
**********************************************************************************
Directory Listing of system files:
Wolumin w stacji C to Celux
Numer seryjny woluminu: 5446–604A
Katalog: C:\WINDOWS\System32
2006–02–09 18:52 dllcache
2006–01–09 11:09 Microsoft
0 plik(w) 0 bajtw
2 katalog(w) 1991430144 bajtw wolnych
These are the registry keys present
**********************************************************************************
Winlogon/notify:
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
"DLLName"="Ati2evxx.dll"
"Asynchronous"=dword:00000000
"Impersonate"=dword:00000001
"Lock"="AtiLockEvent"
"Logoff"="AtiLogoffEvent"
"Logon"="AtiLogonEvent"
"Disconnect"="AtiDisConnectEvent"
"Reconnect"="AtiReConnectEvent"
"Safe"=dword:00000000
"Shutdown"="AtiShutdownEvent"
"StartScreenSaver"="AtiStartScreenSaverEvent"
"StartShell"="AtiStartShellEvent"
"Startup"="AtiStartupEvent"
"StopScreenSaver"="AtiStopScreenSaverEvent"
"Unlock"="AtiUnLockEvent"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain]
"Asynchronous"=dword:00000000
"Impersonate"=dword:00000000
"DllName"=hex(2):63,00,72,00,79,00,70,00,74,00,33,00,32,00,2e,00,64,00,6c,00,\
6c,00,00,00
"Logoff"="ChainWlxLogoffEvent"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet]
"Asynchronous"=dword:00000000
"Impersonate"=dword:00000000
"DllName"=hex(2):63,00,72,00,79,00,70,00,74,00,6e,00,65,00,74,00,2e,00,64,00,\
6c,00,6c,00,00,00
"Logoff"="CryptnetWlxLogoffEvent"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll]
"DLLName"="cscdll.dll"
"Logon"="WinlogonLogonEvent"
"Logoff"="WinlogonLogoffEvent"
"ScreenSaver"="WinlogonScreenSaverEvent"
"Startup"="WinlogonStartupEvent"
"Shutdown"="WinlogonShutdownEvent"
"StartShell"="WinlogonStartShellEvent"
"Impersonate"=dword:00000000
"Asynchronous"=dword:00000001
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp]
"DLLName"="wlnotify.dll"
"Logon"="SCardStartCertProp"
"Logoff"="SCardStopCertProp"
"Lock"="SCardSuspendCertProp"
"Unlock"="SCardResumeCertProp"
"Enabled"=dword:00000001
"Impersonate"=dword:00000001
"Asynchronous"=dword:00000001
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule]
"Asynchronous"=dword:00000000
"DllName"=hex(2):77,00,6c,00,6e,00,6f,00,74,00,69,00,66,00,79,00,2e,00,64,00,\
6c,00,6c,00,00,00
"Impersonate"=dword:00000000
"StartShell"="SchedStartShell"
"Logoff"="SchedEventLogOff"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy]
"Logoff"="WLEventLogoff"
"Impersonate"=dword:00000000
"Asynchronous"=dword:00000001
"DllName"=hex(2):73,00,63,00,6c,00,67,00,6e,00,74,00,66,00,79,00,2e,00,64,00,\
6c,00,6c,00,00,00
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn]
"DLLName"="WlNotify.dll"
"Lock"="SensLockEvent"
"Logon"="SensLogonEvent"
"Logoff"="SensLogoffEvent"
"Safe"=dword:00000001
"MaxWait"=dword:00000258
"StartScreenSaver"="SensStartScreenSaverEvent"
"StopScreenSaver"="SensStopScreenSaverEvent"
"Startup"="SensStartupEvent"
"Shutdown"="SensShutdownEvent"
"StartShell"="SensStartShellEvent"
"PostShell"="SensPostShellEvent"
"Disconnect"="SensDisconnectEvent"
"Reconnect"="SensReconnectEvent"
"Unlock"="SensUnlockEvent"
"Impersonate"=dword:00000001
"Asynchronous"=dword:00000001
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv]
"Asynchronous"=dword:00000000
"DllName"=hex(2):77,00,6c,00,6e,00,6f,00,74,00,69,00,66,00,79,00,2e,00,64,00,\
6c,00,6c,00,00,00
"Impersonate"=dword:00000000
"Logoff"="TSEventLogoff"
"Logon"="TSEventLogon"
"PostShell"="TSEventPostShell"
"Shutdown"="TSEventShutdown"
"StartShell"="TSEventStartShell"
"Startup"="TSEventStartup"
"MaxWait"=dword:00000258
"Reconnect"="TSEventReconnect"
"Disconnect"="TSEventDisconnect"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon]
"DLLName"="wlnotify.dll"
"Logon"="RegisterTicketExpiredNotificationEvent"
"Logoff"="UnregisterTicketExpiredNotificationEvent"
"Impersonate"=dword:00000001
"Asynchronous"=dword:00000001
**********************************************************************************
useragent:
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform]
"{5496A204–FC25–EBA6–9F40–8AD260A07E73}"=""
**********************************************************************************
Shell Extension key:
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved]
"{00022613–0000–0000–C000–000000000046}"="Karta waciwoci pliku multimedialnego"
"{176d6597–26d3–11d1–b350–080036a75b03}"="ZarzĄdzanie skanerem ICM"
"{1F2E5C40–9550–11CE–99D2–00AA006E086C}"="Strona zabezpiecze NTFS"
"{3EA48300–8CF6–101B–84FB–666CCB9BCD32}"="Strona waciwoci OLE Docfile"
"{40dd6e20–7c17–11ce–a804–00aa003ca9f6}"="Rozszerzenia powoki dla udostpniania zasobw"
"{41E300E0–78B6–11ce–849B–444553540000}"="PlusPack CPL Extension"
"{42071712–76d4–11d1–8b24–00a0c9068ff3}"="Rozszerzenie CPL karty graficznej"
"{42071713–76d4–11d1–8b24–00a0c9068ff3}"="Rozszerzenie CPL monitora wywietlania"
"{42071714–76d4–11d1–8b24–00a0c9068ff3}"="Rozszerzenie CPL kadrowania wywietlania"
"{4E40F770–369C–11d0–8922–00A024AB2DBB}"="Strona zabezpiecze usugi DS"
"{513D916F–2A8E–4F51–AEAB–0CBC76FB1AF8}"="Strona zgodnoci"
"{56117100–C0CD–101B–81E2–00AA004AE837}"="Program obsugi danych wycinkowych powoki"
"{59099400–57FF–11CE–BD94–0020AF85B590}"="Rozszerzenie Disc Copy"
"{59be4990–f85c–11ce–aff7–00aa003ca9f6}"="Rozszerzenia powoki dla obiektw Microsoft Windows Network"
"{5DB2625A–54DF–11D0–B6C4–0800091AA605}"="ZarzĄdzanie monitorem ICM"
"{675F097E–4C4D–11D0–B6C1–0800091AA605}"="ZarzĄdzanie drukarkĄ ICM"
"{764BF0E1–F219–11ce–972D–00AA00A14F56}"="Rozszerzenia powoki dla kompresji plikw"
"{77597368–7b15–11d0–a0c2–080036af3f03}"="Rozszerzenie powoki drukarek sieci Web"
"{7988B573–EC89–11cf–9C00–00AA00A14F56}"="Disk Quota UI"
"{853FE2B1–B769–11d0–9C4E–00C04FB6C6FA}"="Menu kontekstowe szyfrowania"
"{85BBD920–42A0–1069–A2E4–08002B30309D}"="Aktwka"
"{88895560–9AA2–1069–930E–00AA0030EBC8}"="Rozszerzenie ikony HyperTerminalu"
"{BD84B380–8CA2–1069–AB1D–08000948F534}"="Fonts"
"{DBCE2480–C732–101B–BE72–BA78E9AD5B27}"="Profil ICC"
"{F37C5810–4D3F–11d0–B4BF–00AA00BBB723}"="Strona zabezpiecze drukarek"
"{f81e9010–6ea4–11ce–a7ff–00aa003ca9f6}"="Rozszerzenia powoki dla udostpniania zasobw"
"{f92e8c40–3d33–11d2–b1aa–080036a75b03}"="Display TroubleShoot CPL Extension"
"{7444C717–39BF–11D1–8CD9–00C04FC29D45}"="Rozszerzenie Crypto PKO"
"{7444C719–39BF–11D1–8CD9–00C04FC29D45}"="Rozszerzenie Crypto Sign"
"{7007ACC7–3202–11D1–AAD2–00805FC1270E}"="PoĄczenia sieciowe"
"{992CFFA0–F557–101A–88EC–00DD010CCC48}"="PoĄczenia sieciowe"
"{E211B736–43FD–11D1–9EFB–0000F8757FCD}"="&Skanery i aparaty fotograficzne"
"{FB0C9C8A–6C50–11D1–9F1D–0000F8757FCD}"="&Skanery i aparaty fotograficzne"
"{905667aa–acd6–11d2–8080–00805f6596d2}"="&Skanery i aparaty fotograficzne"
"{3F953603–1008–4f6e–A73A–04AAC7A992F1}"="&Skanery i aparaty fotograficzne"
"{83bbcbf3–b28a–4919–a5aa–73027445d672}"="&Skanery i aparaty fotograficzne"
"{F0152790–D56E–4445–850E–4F3117DB740C}"="Remote Sessions CPL Extension"
"{5F327514–6C5E–4d60–8F16–D07FA08A78ED}"="Auto Update Property Sheet Extension"
"{60254CA5–953B–11CF–8C96–00AA00B8708C}"="Rozszerzenia powoki dla hosta skryptw systemu Windows"
"{2206CDB2–19C1–11D1–89E0–00C04FD7A829}"="Microsoft Data Link"
"{DD2110F0–9EEF–11cf–8D8E–00AA0060F5BF}"="Tasks Folder Icon Handler"
"{797F1E90–9EDD–11cf–8D8E–00AA0060F5BF}"="Tasks Folder Shell Extension"
"{D6277990–4C6A–11CF–8D87–00AA0060F5BF}"="Zaplanowane zadania"
"{0DF44EAA–FF21–4412–828E–260A8728E7F1}"="Pasek zada i menu Start"
"{2559a1f0–21d7–11d4–bdaf–00c04f60b9f0}"="Wyszukaj"
"{2559a1f1–21d7–11d4–bdaf–00c04f60b9f0}"="Pomoc i obsuga techniczna"
"{2559a1f2–21d7–11d4–bdaf–00c04f60b9f0}"="Pomoc i obsuga techniczna"
"{2559a1f3–21d7–11d4–bdaf–00c04f60b9f0}"="Uruchom..."
"{2559a1f4–21d7–11d4–bdaf–00c04f60b9f0}"="Internet"
"{2559a1f5–21d7–11d4–bdaf–00c04f60b9f0}"="E–mail"
"{D20EA4E1–3957–11d2–A40B–0C5020524152}"="Czcionki"
"{D20EA4E1–3957–11d2–A40B–0C5020524153}"="Narzdzia administracyjne"
"{875CB1A1–0F29–45de–A1AE–CFB4950D0B78}"="Audio Media Properties Handler"
"{40C3D757–D6E4–4b49–BB41–0E5BBEA28817}"="Video Media Properties Handler"
"{E4B29F9D–D390–480b–92FD–7DDB47101D71}"="Wav Properties Handler"
"{87D62D94–71B3–4b9a–9489–5FE6850DC73E}"="Avi Properties Handler"
"{A6FD9E45–6E44–43f9–8644–08598F5A74D9}"="Midi Properties Handler"
"{c5a40261–cd64–4ccf–84cb–c394da41d590}"="Video Thumbnail Extractor"
"{5E6AB780–7743–11CF–A12B–00AA004AE837}"="Pasek narzdzi programu Microsoft Internet"
"{22BF0C20–6DA7–11D0–B373–00A0C9034938}"="Stan pobierania"
"{91EA3F8B–C99B–11d0–9815–00C04FD91972}"="Folder powoki zwikszonej"
"{6413BA2C–B461–11d1–A18A–080036B11A03}"="Folder powoki zwikszonej 2"
"{F61FFEC1–754F–11d0–80CA–00AA005B4383}"="BandProxy"
"{7BA4C742–9E81–11CF–99D3–00AA004AE837}"="Pasek przeglĄdarki Microsoft"
"{30D02401–6A81–11d0–8274–00C04FD5AE38}"="Pasek wyszukiwania"
"{32683183–48a0–441b–a342–7c2a440a9478}"="Pasek multimediw"
"{169A0691–8DF9–11d1–A1C4–00C04FD75D13}"="Wyszukiwanie w okienku"
"{07798131–AF23–11d1–9111–00A0C98BA67D}"="Wyszukiwanie w sieci Web"
"{AF4F6510–F982–11d0–8595–00AA004CD6D8}"="Narzdzie opcji drzewa rejestru"
"{01E04581–4EEE–11d0–BFE9–00AA005B4383}"="&Adres"
"{A08C11D2–A228–11d0–825B–00AA005B4383}"="Pole edycji adresu"
"{00BB2763–6A77–11D0–A535–00C04FD7D062}"="Autouzupenianie Microsoft"
"{7376D660–C583–11d0–A3A5–00C04FD706EC}"="Wyodrbnianie obrazw Trident"
"{6756A641–DE71–11d0–831B–00AA005B4383}"="Lista autouzupeniania MRU"
"{6935DB93–21E8–4ccc–BEB9–9FE3C77A297A}"="Niestandardowa lista autouzupeniania MRU"
"{7e653215–fa25–46bd–a339–34a2790f3cb7}"="Dostpny"
"{acf35015–526e–4230–9596–becbe19f0ac9}"="Pasek podrczny ledzenia"
"{E0E11A09–5CB8–4B6C–8332–E00720A168F2}"="Analizator paska adresu"
"{00BB2764–6A77–11D0–A535–00C04FD7D062}"="Lista autouzupeniania historii Microsoft"
"{03C036F1–A186–11D0–824A–00AA005B4383}"="Lista autouzupeniania folderu powoki Microsoft"
"{00BB2765–6A77–11D0–A535–00C04FD7D062}"="Kontener wielu list autouzupeniania Microsoft"
"{ECD4FC4E–521C–11D0–B792–00A0C90312E1}"="Menu witryny paska powoki"
"{3CCF8A41–5C85–11d0–9796–00AA00B90ADF}"="Shell DeskBarApp"
"{ECD4FC4C–521C–11D0–B792–00A0C90312E1}"="Pasek pulpitu powoki"
"{ECD4FC4D–521C–11D0–B792–00A0C90312E1}"="Shell Rebar BandSite"
"{DD313E04–FEFF–11d1–8ECD–0000F87A470C}"="Pomoc dla uytkownika"
"{EF8AD2D1–AE36–11D1–B2D2–006097DF8C11}"="Globalne ustawienia folderw"
"{EFA24E61–B078–11d0–89E4–00C04FC9E26E}"="Favorites Band"
"{0A89A860–D7B1–11CE–8350–444553540000}"="Shell Automation Inproc Service"
"{E7E4BC40–E76A–11CE–A9BB–00AA004AE837}"="Shell DocObject Viewer"
"{A5E46E3A–8849–11D1–9D8C–00C04FC99D61}"="Microsoft Browser Architecture"
"{FBF23B40–E3F0–101B–8488–00AA003E56F8}"="InternetShortcut"
"{3C374A40–BAE4–11CF–BF7D–00AA006946EE}"="Microsoft Url History Service"
"{FF393560–C2A7–11CF–BFF4–444553540000}"="Historia"
"{7BD29E00–76C1–11CF–9DD0–00A0C9034933}"="Tymczasowe pliki internetowe"
"{7BD29E01–76C1–11CF–9DD0–00A0C9034933}"="Tymczasowe pliki internetowe"
"{CFBFAE00–17A6–11D0–99CB–00C04FD64497}"="Microsoft Url Search Hook"
"{A2B0DD40–CC59–11d0–A3A5–00C04FD706EC}"="Ekran powitalny pakietu IE4"
"{67EA19A0–CCEF–11d0–8024–00C04FD75D13}"="CDF Extension Copy Hook"
"{131A6951–7F78–11D0–A979–00C04FD705A2}"="ISFBand OC"
"{9461b922–3c5a–11d2–bf8b–00c04fb93661}"="Search Assistant OC"
"{3DC7A020–0ACD–11CF–A9BB–00AA004AE837}"="Internet"
"{871C5380–42A0–1069–A2EA–08002B30309D}"="Internet Name Space"
"{EFA24E64–B078–11d0–89E4–00C04FC9E26E}"="Pasek eksploratora"
"{9E56BE60–C50F–11CF–9A2C–00A0C90A90CE}"="Sendmail service"
"{9E56BE61–C50F–11CF–9A2C–00A0C90A90CE}"="Sendmail service"
"{88C6C381–2E85–11D0–94DE–444553540000}"="Folder pamici podrcznej ActiveX"
"{E6FB5E20–DE35–11CF–9C87–00AA005127ED}"="WebCheck"
"{ABBE31D0–6DAE–11D0–BECA–00C04FD940BE}"="Subscription Mgr"
"{F5175861–2688–11d0–9C5E–00AA00A45957}"="Folder subskrypcji"
"{08165EA0–E946–11CF–9C87–00AA005127ED}"="WebCheckWebCrawler"
"{E3A8BDE6–ABCE–11d0–BC4B–00C04FD929DB}"="WebCheckChannelAgent"
"{E8BB6DC0–6B4E–11d0–92DB–00A0C90C2BD7}"="TrayAgent"
"{7D559C10–9FE9–11d0–93F7–00AA0059CE02}"="Code Download Agent"
"{E6CC6978–6B6E–11D0–BECA–00C04FD940BE}"="ConnectionAgent"
"{D8BD2030–6FC9–11D0–864F–00AA006809D9}"="PostAgent"
"{7FC0B86E–5FA7–11d1–BC7C–00C04FD929DB}"="WebCheck SyncMgr Handler"
"{352EC2B7–8B9A–11D1–B8AE–006008059382}"="Meneder aplikacji powoki"
"{0B124F8F–91F0–11D1–B8B5–006008059382}"="Wyliczanie zainstalowanych aplikacji"
"{CFCCC7A0–A282–11D1–9082–006008059382}"="Publikator aplikacji Darwin"
"{e84fda7c–1d6a–45f6–b725–cb260c236066}"="Shell Image Verbs"
"{66e4e4fb–f385–4dd0–8d74–a2efd1bc6178}"="Shell Image Data Factory"
"{3F30C968–480A–4C6C–862D–EFC0897BB84B}"="GDI+program wyodrbniajĄcy miniatury plikw"
"{9DBD2C50–62AD–11d0–B806–00C04FD706EC}"="Informacje podsumowujĄce obsugi miniatur (DOCFILES)"
"{EAB841A0–9550–11cf–8C16–00805F1408F3}"="Wyodrbnianie miniatur HTML"
"{eb9b1153–3b57–4e68–959a–a3266bc3d7fe}"="Shell Image Property Handler"
"{CC6EEFFB–43F6–46c5–9619–51D571967F7D}"="Kreator publikacji w sieci Web"
"{add36aa8–751a–4579–a266–d66f5202ccbb}"="Zamawianie odbitek w sieci Web"
"{6b33163c–76a5–4b6c–bf21–45de9cd503a1}"="Obiekt powoki kreatora publikacji"
"{58f1f272–9240–4f51–b6d4–fd63d1618591}"="Kreator uzyskiwania profilu usugi Passport"
"{7A9D77BD–5403–11d2–8785–2E0420524153}"="Konta uytkownikw"
"{BD472F60–27FA–11cf–B8B4–444553540000}"="Compressed (zipped) Folder Right Drag Handler"
"{888DCA60–FC0A–11CF–8F0F–00C04FD7D062}"="Compressed (zipped) Folder SendTo Target"
"{f39a0dc0–9cc8–11d0–a599–00c04fd64433}"="Plik kanau"
"{f3aa0dc0–9cc8–11d0–a599–00c04fd64434}"="Skrt kanau"
"{f3ba0dc0–9cc8–11d0–a599–00c04fd64435}"="Obiekt obsugi kanau"
"{f3da0dc0–9cc8–11d0–a599–00c04fd64437}"="Channel Menu"
"{f3ea0dc0–9cc8–11d0–a599–00c04fd64438}"="Channel Properties"
"{63da6ec0–2e98–11cf–8d82–444553540000}"="FTP Folders Webview"
"{883373C3–BF89–11D1–BE35–080036B11A03}"="Microsoft DocProp Shell Ext"
"{A9CF0EAE–901A–4739–A481–E35B73E47F6D}"="Microsoft DocProp Inplace Edit Box Control"
"{8EE97210–FD1F–4B19–91DA–67914005F020}"="Microsoft DocProp Inplace ML Edit Box Control"
"{0EEA25CC–4362–4A12–850B–86EE61B0D3EB}"="Microsoft DocProp Inplace Droplist Combo Control"
"{6A205B57–2567–4A2C–B881–F787FAB579A3}"="Microsoft DocProp Inplace Calendar Control"
"{28F8A4AC–BBB3–4D9B–B177–82BFC914FA33}"="Microsoft DocProp Inplace Time Control"
"{8A23E65E–31C2–11d0–891C–00A024AB2DBB}"="Directory Query UI"
"{9E51E0D0–6E0F–11d2–9601–00C04FA31A86}"="Shell properties for a DS object"
"{163FDC20–2ABC–11d0–88F0–00A024AB2DBB}"="Directory Object Find"
"{F020E586–5264–11d1–A532–0000F8757D7E}"="Directory Start/Search Find"
"{0D45D530–764B–11d0–A1CA–00AA00C16E65}"="Directory Property UI"
"{62AE1F9A–126A–11D0–A14B–0800361B1103}"="Directory Context Menu Verbs"
"{ECF03A33–103D–11d2–854D–006008059367}"="MyDocs Copy Hook"
"{ECF03A32–103D–11d2–854D–006008059367}"="MyDocs Drop Target"
"{4a7ded0a–ad25–11d0–98a8–0800361b1103}"="MyDocs Properties"
"{750fdf0e–2a26–11d1–a3ea–080036587f03}"="Offline Files Menu"
"{10CFC467–4392–11d2–8DB4–00C04FA31A66}"="Offline Files Folder Options"
"{AFDB1F70–2A4C–11d2–9039–00C04F8EEB3E}"="Folder plikw trybu offline"
"{143A62C8–C33B–11D1–84FE–00C04FA34A14}"="Microsoft Agent Character Property Sheet Handler"
"{ECCDF543–45CC–11CE–B9BF–0080C87CDBA6}"="DfsShell"
"{60fd46de–f830–4894–a628–6fa81bc0190d}"="%DESC_PublishDropTarget%"
"{7A80E4A8–8005–11D2–BCF8–00C04F72C717}"="MMC Icon Handler"
"{0CD7A5C0–9F37–11CE–AE65–08002B2E1262}"=".CAB file viewer"
"{32714800–2E5F–11d0–8B85–00AA0044F941}"="&Do osb..."
"{8DD448E6–C188–4aed–AF92–44956194EB1F}"="Windows Media Player Play as Playlist Context Menu Handler"
"{CE3FB1D1–02AE–4a5f–A6E9–D9F1B4073E6C}"="Windows Media Player Burn Audio CD Context Menu Handler"
"{F1B9284F–E9DC–4e68–9D7E–42362A59F0FD}"="Windows Media Player Add to Playlist Context Menu Handler"
"{B41DB860–8EE4–11D2–9906–E49FADC173CA}"="WinRAR shell extension"
"{BDEADF00–C265–11D0–BCED–00A0C90AB50F}"="Foldery w sieci Web"
"{42042206–2D85–11D3–8CFF–005004838597}"="Microsoft Office HTML Icon Handler"
"{32020A01–506E–484D–A2A8–BE3CF17601C3}"="AlcoholShellEx"
"{640167b4–59b0–47a6–b335–a6b3c0695aea}"="Portable Media Devices"
"{cc86590a–b60a–48e6–996b–41d25ed39a1e}"="Portable Media Devices Menu"
"{B04ADF99–F677–4975–9AB6–B349BF74A3EC}"=""
"{1BCCCB70–2D36–460E–B80C–BE9E0CC3142B}"=""
"{21882611–5F4B–4787–856D–B4B2A752E0A0}"=""
"{63402064–04C2–4ACD–ABB9–7BAD270422D6}"=""
"{C1D3E74D–1414–466E–9FBD–BB680EF22B88}"=""
"{32C9D798–2F09–41B7–8244–88054AFB26CF}"=""
"{B089FE88–FB52–11D3–BDF1–0050DA34150D}"="NOD32 Context Menu Shell Extension"
"{1D2680C9–0E2A–469d–B787–065558BC7D43}"="Fusion Cache"
"{5E2121EE–0300–11D4–8D3B–444553540000}"="Catalyst Context Menu extension"
**********************************************************************************
HKEY ROOT CLASSIDS:
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID\{B04ADF99–F677–4975–9AB6–B349BF74A3EC}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{B04ADF99–F677–4975–9AB6–B349BF74A3EC}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID\{B04ADF99–F677–4975–9AB6–B349BF74A3EC}\Implemented Categories\{00021492–0000–0000–C000–000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{B04ADF99–F677–4975–9AB6–B349BF74A3EC}\InprocServer32]
@="C:\\WINDOWS\\system32\\ekent.dll"
"ThreadingModel"="Apartment"
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID\{1BCCCB70–2D36–460E–B80C–BE9E0CC3142B}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{1BCCCB70–2D36–460E–B80C–BE9E0CC3142B}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID\{1BCCCB70–2D36–460E–B80C–BE9E0CC3142B}\Implemented Categories\{00021492–0000–0000–C000–000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{1BCCCB70–2D36–460E–B80C–BE9E0CC3142B}\InprocServer32]
@="C:\\WINDOWS\\system32\\oYkley.dll"
"ThreadingModel"="Apartment"
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID\{63402064–04C2–4ACD–ABB9–7BAD270422D6}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{63402064–04C2–4ACD–ABB9–7BAD270422D6}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID\{63402064–04C2–4ACD–ABB9–7BAD270422D6}\Implemented Categories\{00021492–0000–0000–C000–000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{63402064–04C2–4ACD–ABB9–7BAD270422D6}\InprocServer32]
@="C:\\WINDOWS\\system32\\mkaudite.dll"
"ThreadingModel"="Apartment"
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID\{C1D3E74D–1414–466E–9FBD–BB680EF22B88}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{C1D3E74D–1414–466E–9FBD–BB680EF22B88}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID\{C1D3E74D–1414–466E–9FBD–BB680EF22B88}\Implemented Categories\{00021492–0000–0000–C000–000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{C1D3E74D–1414–466E–9FBD–BB680EF22B88}\InprocServer32]
@="C:\\WINDOWS\\system32\\dpsynth.dll"
"ThreadingModel"="Apartment"
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID\{32C9D798–2F09–41B7–8244–88054AFB26CF}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{32C9D798–2F09–41B7–8244–88054AFB26CF}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID\{32C9D798–2F09–41B7–8244–88054AFB26CF}\Implemented Categories\{00021492–0000–0000–C000–000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{32C9D798–2F09–41B7–8244–88054AFB26CF}\InprocServer32]
@="C:\\WINDOWS\\system32\\hSl.dll"
"ThreadingModel"="Apartment"
**********************************************************************************
Files Found are not all bad files:
C:\WINDOWS\SYSTEM32\
ati2cqag.dll Thu 2006–01–05 4:05:36 A.... 237 568 232,00 K
ati2dvag.dll Thu 2006–01–05 4:47:00 ..... 252 928 247,00 K
ati2edxx.dll Thu 2006–01–05 4:41:12 A.... 40 960 40,00 K
ati2evxx.dll Thu 2006–01–05 4:41:00 A.... 61 440 60,00 K
ati3duag.dll Thu 2006–01–05 4:31:28 A.... 2 518 176 2,40 M
atiddc.dll Thu 2006–01–05 4:39:22 A.... 53 248 52,00 K
atidemgr.dll Thu 2006–01–05 3:22:04 A.... 258 048 252,00 K
atiiiexx.dll Thu 2006–01–05 4:19:00 A.... 307 200 300,00 K
atikvmag.dll Thu 2006–01–05 4:11:38 A.... 151 552 148,00 K
atioglx1.dll Thu 2006–01–05 4:20:06 A.... 6 684 672 6,38 M
atioglxx.dll Thu 2006–01–05 4:01:34 A.... 4 968 448 4,74 M
atipdlxx.dll Thu 2006–01–05 4:41:42 A.... 110 592 108,00 K
atitvo32.dll Thu 2006–01–05 4:10:58 A.... 17 408 17,00 K
ativvaxx.dll Thu 2006–01–05 4:25:12 A.... 862 336 842,13 K
cmdlin~1.dll Mon 2006–01–30 18:10:54 A.... 98 304 96,00 K
cpuinf32.dll Fri 2006–01–13 21:54:38 A.... 9 216 9,00 K
divx.dll Fri 2006–01–13 21:50:46 A.... 609 280 595,00 K
ff_vfw.dll Tue 2005–11–29 21:17:16 A.... 5 632 5,50 K
gccoll~1.dll Tue 2005–11–15 12:12:08 A.... 126 680 123,71 K
gcunco~1.dll Tue 2005–11–15 12:12:06 A.... 95 448 93,21 K
gdi32.dll Mon 2006–01–02 23:39:26 A.... 260 608 254,50 K
hashlib.dll Tue 2005–11–15 12:12:08 A.... 117 976 115,21 K
imon.dll Sun 2006–02–05 12:23:38 A.... 270 336 264,00 K
mplvpx.dll Fri 2006–01–13 21:55:02 A.... 245 760 240,00 K
mshtml.dll Tue 2005–11–22 17:40:38 A.... 2 700 288 2,57 M
msvbvm60.dll Mon 2006–01–09 20:07:28 A.... 1 385 744 1,32 M
oemdspif.dll Thu 2006–01–05 4:41:26 A.... 77 824 76,00 K
ogg.dll Fri 2006–01–13 21:55:30 A.... 45 056 44,00 K
oggds.dll Fri 2006–01–13 21:57:48 A.... 237 568 232,00 K
px.dll Mon 2005–12–05 6:12:26 ..... 339 968 332,00 K
pxdrv.dll Mon 2005–12–05 6:12:26 ..... 405 504 396,00 K
pxmas.dll Mon 2005–12–05 6:12:26 ..... 172 032 168,00 K
pxwave.dll Mon 2005–12–05 6:12:26 ..... 339 968 332,00 K
rmoc3260.dll Tue 2005–11–15 9:38:10 A.... 176 167 172,04 K
vorbis.dll Fri 2006–01–13 21:55:58 A.... 188 416 184,00 K
vorbis~1.dll Fri 2006–01–13 21:57:24 A.... 921 600 900,00 K
vp7vfw.dll Fri 2005–12–02 16:42:38 A.... 630 784 616,00 K
vxblock.dll Mon 2005–12–05 6:12:26 ..... 28 672 28,00 K
xvid.dll Fri 2006–01–13 21:48:18 A.... 626 688 612,00 K
xvidcore.dll Fri 2006–01–13 21:49:24 A.... 675 840 660,00 K
xvidvfw.dll Fri 2006–01–13 21:49:40 A.... 155 648 152,00 K
41 items found: 41 files, 0 directories.
Total of file sizes: 27 471 583 bytes 26,20 M
Locate .tmp files:
No matches found.
**********************************************************************************
Directory Listing of system files:
Wolumin w stacji C to Celux
Numer seryjny woluminu: 5446–604A
Katalog: C:\WINDOWS\System32
2006–02–09 18:52 dllcache
2006–01–09 11:09 Microsoft
0 plik(w) 0 bajtw
2 katalog(w) 1991430144 bajtw wolnych
Spyware Nuker wykrył mi sporo trojanów, sam go instaloweł, nie rozumiem dlaczego na czarnej liście.
"Silent Runners.vbs", revision 43, http://www.silentrunners.org/
Operating System: Windows XP
Output limited to non–default values, except where indicated by "{++}"
Startup items buried in registry:
–––––––––––––––––––––––––––––––––
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ {++}
"NBJ" = ""C:\Programy\Ahead\Nero BackItUp\NBJ.exe"" ["Ahead Software AG"]
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ {++}
"HPDJ Taskbar Utility" = "C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb10.exe" ["HP"]
"NeroFilterCheck" = "C:\WINDOWS\system32\NeroCheck.exe" ["Ahead Software Gmbh"]
"RemoteControl" = "C:\Odtwarzacze\PowerDVD\PDVDServ.exe" ["Cyberlink Corp."]
"Cmaudio" = "RunDll32 cmicnfg.cpl,CMICtrlWnd" [MS]
"(Default)" = (empty string)
"SWN2" = "C:\Programy\Spyware Nuker\swnxt.exe /h" ["Trek Blue, Inc"]
"nod32kui" = ""C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE" ["Eset "]
"ATICCC" = ""C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime –Delay" [null data]
"DXDllRegExe" = "C:\WINDOWS\System32\dxdllreg.exe " [MS]
"KernelFaultCheck" = "C:\WINDOWS\system32\dumprep 0 –k" [MS]
HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\
"{88895560–9AA2–1069–930E–00AA0030EBC8}" = "Rozszerzenie ikony HyperTerminalu"
–> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\System32\hticons.dll" ["Hilgraeve, Inc."]
"{B41DB860–8EE4–11D2–9906–E49FADC173CA}" = "WinRAR shell extension"
–> {CLSID}\InProcServer32\(Default) = "C:\Programy\WinRAR–\rarext.dll" [null data]
"{42042206–2D85–11D3–8CFF–005004838597}" = "Microsoft Office HTML Icon Handler"
–> {CLSID}\InProcServer32\(Default) = "C:\Programy\Microsoft Office\Office10\msohev.dll" [MS]
"{32020A01–506E–484D–A2A8–BE3CF17601C3}" = "AlcoholShellEx"
–> {CLSID}\InProcServer32\(Default) = "C:\Programy\ALCOHO~1\ALCOHO~1\AXShlEx.dll" ["Alcohol Soft Development Team"]
"{640167b4–59b0–47a6–b335–a6b3c0695aea}" = "Portable Media Devices"
–> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\System32\Audiodev.dll" [MS]
"{cc86590a–b60a–48e6–996b–41d25ed39a1e}" = "Portable Media Devices Menu"
–> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\System32\Audiodev.dll" [MS]
"{B04ADF99–F677–4975–9AB6–B349BF74A3EC}" = (no title provided)
–> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\system32\ekent.dll" [file not found]
"{1BCCCB70–2D36–460E–B80C–BE9E0CC3142B}" = (no title provided)
–> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\system32\oYkley.dll" [file not found]
"{63402064–04C2–4ACD–ABB9–7BAD270422D6}" = (no title provided)
–> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\system32\mkaudite.dll" [file not found]
"{C1D3E74D–1414–466E–9FBD–BB680EF22B88}" = (no title provided)
–> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\system32\dpsynth.dll" [file not found]
"{32C9D798–2F09–41B7–8244–88054AFB26CF}" = (no title provided)
–> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\system32\hSl.dll" [file not found]
"{B089FE88–FB52–11D3–BDF1–0050DA34150D}" = "NOD32 Context Menu Shell Extension"
–> {CLSID}\InProcServer32\(Default) = "C:\Program Files\Eset\nodshex.dll" [null data]
"{5E2121EE–0300–11D4–8D3B–444553540000}" = "Catalyst Context Menu extension"
–> {CLSID}\InProcServer32\(Default) = "C:\Program Files\ATI Technologies\ATI.ACE\atiacmxx.dll" [empty string]
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\
INFECTION WARNING! AtiExtEvent\DLLName = "Ati2evxx.dll" ["ATI Technologies Inc."]
HKLM\Software\Classes\*\shellex\ContextMenuHandlers\
NOD32 Context Menu Shell Extension\(Default) = "{B089FE88–FB52–11D3–BDF1–0050DA34150D}"
–> {CLSID}\InProcServer32\(Default) = "C:\Program Files\Eset\nodshex.dll" [null data]
WinRAR\(Default) = "{B41DB860–8EE4–11D2–9906–E49FADC173CA}"
–> {CLSID}\InProcServer32\(Default) = "C:\Programy\WinRAR–\rarext.dll" [null data]
HKLM\Software\Classes\Directory\shellex\ContextMenuHandlers\
WinRAR\(Default) = "{B41DB860–8EE4–11D2–9906–E49FADC173CA}"
–> {CLSID}\InProcServer32\(Default) = "C:\Programy\WinRAR–\rarext.dll" [null data]
HKLM\Software\Classes\Folder\shellex\ContextMenuHandlers\
NOD32 Context Menu Shell Extension\(Default) = "{B089FE88–FB52–11D3–BDF1–0050DA34150D}"
–> {CLSID}\InProcServer32\(Default) = "C:\Program Files\Eset\nodshex.dll" [null data]
WinRAR\(Default) = "{B41DB860–8EE4–11D2–9906–E49FADC173CA}"
–> {CLSID}\InProcServer32\(Default) = "C:\Programy\WinRAR–\rarext.dll" [null data]
Active Desktop and Wallpaper:
–––––––––––––––––––––––––––––
Active Desktop is disabled at this entry:
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellState
HKCU\Control Panel\Desktop\
"Wallpaper" = "C:\Documents and Settings\Janusz\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp"
Startup items in "Janusz" & "All Users" startup folders:
––––––––––––––––––––––––––––––––––––––––––––––––––––––––
C:\Documents and Settings\All Users\Menu Start\Programy\Autostart
"D–Link AirPlus" –> shortcut to: "C:\Program Files\D–Link AirPlus\AirPlus.exe" ["D–Link"]
"Microsoft Office" –> shortcut to: "C:\Programy\Microsoft Office\Office10\OSA.EXE –b –l" [MS]
Winsock2 Service Provider DLLs:
–––––––––––––––––––––––––––––––
Namespace Service Providers
HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries\ {++}
000000000001\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS]
000000000002\LibraryPath = "%SystemRoot%\System32\winrnr.dll" [MS]
000000000003\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS]
Transport Service Providers
HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\ {++}
0000000000##\PackedCatalogItem (contains) DLL [Company Name], (at) ## range:
C:\WINDOWS\System32\imon.dll ["Eset "], 01 – 05, 20
%SystemRoot%\system32\mswsock.dll [MS], 06 – 08, 11 – 19
%SystemRoot%\system32\rsvpsp.dll [MS], 09 – 10
Toolbars, Explorer Bars, Extensions:
––––––––––––––––––––––––––––––––––––
Extensions (Tools menu items, main toolbar menu buttons)
HKLM\Software\Microsoft\Internet Explorer\Extensions\
{FB5F1910–F110–11D2–BB9E–00C04F795683}\
"ButtonText" = "Messenger"
"MenuText" = "Messenger"
"Exec" = "C:\Program Files\Messenger\MSMSGS.EXE" [MS]
All Non–Disabled Services (Display Name, Service Name, Path {Service DLL}):
–––––––––––––––––––––––––––––––––––––––––––––––––––––––––––––––––––––––––––
ASP.NET State Service, aspnet_state, "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe" [MS]
Ati HotKey Poller, Ati HotKey Poller, "C:\WINDOWS\System32\Ati2evxx.exe" ["ATI Technologies Inc."]
ATI Smart, ATI Smart, "C:\WINDOWS\system32\ati2sgag.exe" [empty string]
Karta wydajności WMI, WmiApSrv, "C:\WINDOWS\System32\wbem\wmiapsrv.exe" [MS]
NOD32 Kernel Service, NOD32krn, ""C:\Program Files\Eset\nod32krn.exe"" ["Eset "]
Portable Media Serial Number Service, WmdmPmSN, "C:\WINDOWS\System32\svchost.exe –k netsvcs" {"C:\WINDOWS\System32\MsPMSNSv.dll" [MS]}
Usługa administracyjna Menedźera dysków logicznych, dmadmin, "C:\WINDOWS\System32\dmadmin.exe /com" ["Microsoft Corp., Veritas Software"]
Windows User Mode Driver Framework, UMWdf, "C:\WINDOWS\System32\wdfmgr.exe" [MS]
Print Monitors:
–––––––––––––––
HKLM\System\CurrentControlSet\Control\Print\Monitors\
hpzlnt10\Driver = "hpzlnt10.dll" ["HP"]
––––––––––
+ This report excludes default entries except where indicated.
+ To see *everywhere* the script checks and *everything* it finds,
launch it from a command prompt or a shortcut with the –all parameter.
+ To search all directories of local fixed drives for DESKTOP.INI
DLL launch points and all Registry CLSIDs for dormant Explorer Bars,
use the –supp parameter or answer "No" at the first message box.
–––––––––– (total run time: 46 seconds, including 4 seconds for message boxes)
"Silent Runners.vbs", revision 43, http://www.silentrunners.org/
Operating System: Windows XP
Output limited to non–default values, except where indicated by "{++}"
Startup items buried in registry:
–––––––––––––––––––––––––––––––––
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ {++}
"NBJ" = ""C:\Programy\Ahead\Nero BackItUp\NBJ.exe"" ["Ahead Software AG"]
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ {++}
"HPDJ Taskbar Utility" = "C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb10.exe" ["HP"]
"NeroFilterCheck" = "C:\WINDOWS\system32\NeroCheck.exe" ["Ahead Software Gmbh"]
"RemoteControl" = "C:\Odtwarzacze\PowerDVD\PDVDServ.exe" ["Cyberlink Corp."]
"Cmaudio" = "RunDll32 cmicnfg.cpl,CMICtrlWnd" [MS]
"(Default)" = (empty string)
"SWN2" = "C:\Programy\Spyware Nuker\swnxt.exe /h" ["Trek Blue, Inc"]
"nod32kui" = ""C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE" ["Eset "]
"ATICCC" = ""C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime –Delay" [null data]
"DXDllRegExe" = "C:\WINDOWS\System32\dxdllreg.exe " [MS]
"KernelFaultCheck" = "C:\WINDOWS\system32\dumprep 0 –k" [MS]
HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\
"{88895560–9AA2–1069–930E–00AA0030EBC8}" = "Rozszerzenie ikony HyperTerminalu"
–> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\System32\hticons.dll" ["Hilgraeve, Inc."]
"{B41DB860–8EE4–11D2–9906–E49FADC173CA}" = "WinRAR shell extension"
–> {CLSID}\InProcServer32\(Default) = "C:\Programy\WinRAR–\rarext.dll" [null data]
"{42042206–2D85–11D3–8CFF–005004838597}" = "Microsoft Office HTML Icon Handler"
–> {CLSID}\InProcServer32\(Default) = "C:\Programy\Microsoft Office\Office10\msohev.dll" [MS]
"{32020A01–506E–484D–A2A8–BE3CF17601C3}" = "AlcoholShellEx"
–> {CLSID}\InProcServer32\(Default) = "C:\Programy\ALCOHO~1\ALCOHO~1\AXShlEx.dll" ["Alcohol Soft Development Team"]
"{640167b4–59b0–47a6–b335–a6b3c0695aea}" = "Portable Media Devices"
–> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\System32\Audiodev.dll" [MS]
"{cc86590a–b60a–48e6–996b–41d25ed39a1e}" = "Portable Media Devices Menu"
–> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\System32\Audiodev.dll" [MS]
"{B04ADF99–F677–4975–9AB6–B349BF74A3EC}" = (no title provided)
–> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\system32\ekent.dll" [file not found]
"{1BCCCB70–2D36–460E–B80C–BE9E0CC3142B}" = (no title provided)
–> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\system32\oYkley.dll" [file not found]
"{63402064–04C2–4ACD–ABB9–7BAD270422D6}" = (no title provided)
–> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\system32\mkaudite.dll" [file not found]
"{C1D3E74D–1414–466E–9FBD–BB680EF22B88}" = (no title provided)
–> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\system32\dpsynth.dll" [file not found]
"{32C9D798–2F09–41B7–8244–88054AFB26CF}" = (no title provided)
–> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\system32\hSl.dll" [file not found]
"{B089FE88–FB52–11D3–BDF1–0050DA34150D}" = "NOD32 Context Menu Shell Extension"
–> {CLSID}\InProcServer32\(Default) = "C:\Program Files\Eset\nodshex.dll" [null data]
"{5E2121EE–0300–11D4–8D3B–444553540000}" = "Catalyst Context Menu extension"
–> {CLSID}\InProcServer32\(Default) = "C:\Program Files\ATI Technologies\ATI.ACE\atiacmxx.dll" [empty string]
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\
INFECTION WARNING! AtiExtEvent\DLLName = "Ati2evxx.dll" ["ATI Technologies Inc."]
HKLM\Software\Classes\*\shellex\ContextMenuHandlers\
NOD32 Context Menu Shell Extension\(Default) = "{B089FE88–FB52–11D3–BDF1–0050DA34150D}"
–> {CLSID}\InProcServer32\(Default) = "C:\Program Files\Eset\nodshex.dll" [null data]
WinRAR\(Default) = "{B41DB860–8EE4–11D2–9906–E49FADC173CA}"
–> {CLSID}\InProcServer32\(Default) = "C:\Programy\WinRAR–\rarext.dll" [null data]
HKLM\Software\Classes\Directory\shellex\ContextMenuHandlers\
WinRAR\(Default) = "{B41DB860–8EE4–11D2–9906–E49FADC173CA}"
–> {CLSID}\InProcServer32\(Default) = "C:\Programy\WinRAR–\rarext.dll" [null data]
HKLM\Software\Classes\Folder\shellex\ContextMenuHandlers\
NOD32 Context Menu Shell Extension\(Default) = "{B089FE88–FB52–11D3–BDF1–0050DA34150D}"
–> {CLSID}\InProcServer32\(Default) = "C:\Program Files\Eset\nodshex.dll" [null data]
WinRAR\(Default) = "{B41DB860–8EE4–11D2–9906–E49FADC173CA}"
–> {CLSID}\InProcServer32\(Default) = "C:\Programy\WinRAR–\rarext.dll" [null data]
Active Desktop and Wallpaper:
–––––––––––––––––––––––––––––
Active Desktop is disabled at this entry:
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellState
HKCU\Control Panel\Desktop\
"Wallpaper" = "C:\Documents and Settings\Janusz\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp"
Startup items in "Janusz" & "All Users" startup folders:
––––––––––––––––––––––––––––––––––––––––––––––––––––––––
C:\Documents and Settings\All Users\Menu Start\Programy\Autostart
"D–Link AirPlus" –> shortcut to: "C:\Program Files\D–Link AirPlus\AirPlus.exe" ["D–Link"]
"Microsoft Office" –> shortcut to: "C:\Programy\Microsoft Office\Office10\OSA.EXE –b –l" [MS]
Winsock2 Service Provider DLLs:
–––––––––––––––––––––––––––––––
Namespace Service Providers
HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries\ {++}
000000000001\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS]
000000000002\LibraryPath = "%SystemRoot%\System32\winrnr.dll" [MS]
000000000003\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS]
Transport Service Providers
HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\ {++}
0000000000##\PackedCatalogItem (contains) DLL [Company Name], (at) ## range:
C:\WINDOWS\System32\imon.dll ["Eset "], 01 – 05, 20
%SystemRoot%\system32\mswsock.dll [MS], 06 – 08, 11 – 19
%SystemRoot%\system32\rsvpsp.dll [MS], 09 – 10
Toolbars, Explorer Bars, Extensions:
––––––––––––––––––––––––––––––––––––
Extensions (Tools menu items, main toolbar menu buttons)
HKLM\Software\Microsoft\Internet Explorer\Extensions\
{FB5F1910–F110–11D2–BB9E–00C04F795683}\
"ButtonText" = "Messenger"
"MenuText" = "Messenger"
"Exec" = "C:\Program Files\Messenger\MSMSGS.EXE" [MS]
All Non–Disabled Services (Display Name, Service Name, Path {Service DLL}):
–––––––––––––––––––––––––––––––––––––––––––––––––––––––––––––––––––––––––––
ASP.NET State Service, aspnet_state, "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe" [MS]
Ati HotKey Poller, Ati HotKey Poller, "C:\WINDOWS\System32\Ati2evxx.exe" ["ATI Technologies Inc."]
ATI Smart, ATI Smart, "C:\WINDOWS\system32\ati2sgag.exe" [empty string]
Karta wydajności WMI, WmiApSrv, "C:\WINDOWS\System32\wbem\wmiapsrv.exe" [MS]
NOD32 Kernel Service, NOD32krn, ""C:\Program Files\Eset\nod32krn.exe"" ["Eset "]
Portable Media Serial Number Service, WmdmPmSN, "C:\WINDOWS\System32\svchost.exe –k netsvcs" {"C:\WINDOWS\System32\MsPMSNSv.dll" [MS]}
Usługa administracyjna Menedźera dysków logicznych, dmadmin, "C:\WINDOWS\System32\dmadmin.exe /com" ["Microsoft Corp., Veritas Software"]
Windows User Mode Driver Framework, UMWdf, "C:\WINDOWS\System32\wdfmgr.exe" [MS]
Print Monitors:
–––––––––––––––
HKLM\System\CurrentControlSet\Control\Print\Monitors\
hpzlnt10\Driver = "hpzlnt10.dll" ["HP"]
––––––––––
+ This report excludes default entries except where indicated.
+ To see *everywhere* the script checks and *everything* it finds,
launch it from a command prompt or a shortcut with the –all parameter.
+ To search all directories of local fixed drives for DESKTOP.INI
DLL launch points and all Registry CLSIDs for dormant Explorer Bars,
use the –supp parameter or answer "No" at the first message box.
–––––––––– (total run time: 46 seconds, including 4 seconds for message boxes)
Usun dodatkowo te wszystkie wpisy z about:blank
Sciągnij narzedzia L2Mfix oraz Silent Runners i wrzuć tutaj te dwa logi.
Sprawdź czy debugger z tematu gusioo'a w dziale XP nie da rady uruchomić w trybie awaryjnym.
Spyware Nuker swego czasu był na czarnej liście, ni wiem jak jest teraz więc sam go instalowałeś?
Sciągnij narzedzia L2Mfix oraz Silent Runners i wrzuć tutaj te dwa logi.
Sprawdź czy debugger z tematu gusioo'a w dziale XP nie da rady uruchomić w trybie awaryjnym.
Spyware Nuker swego czasu był na czarnej liście, ni wiem jak jest teraz więc sam go instalowałeś?
log czysty...
Nie moge uruchomić windowsa xp w trybie normalnym bo mam ciągły reset a moźe to szkodnik?
Logfile of HijackThis v1.99.1
Scan saved at 23:47:07, on 2006–02–09
Platform: Windows XP Dodatek SP. 1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Programy\Opera\Opera.exe
C:\Programy\Spyware Nuker\swnxt.exe
D:\P2P\eMule\emule.exe
D:\P2P\eMule plus\eMule.exe
C:\Documents and Settings\Janusz\Pulpit\HijackThis.exe
R1 – HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 – HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
R1 – HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
R1 – HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R1 – HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 – HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
R1 – HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
R1 – HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R0 – HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R0 – HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = about:blank
R0 – HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = about:blank
R0 – HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
O3 – Toolbar: &Radio – {8E718888–423F–11D2–876E–00A0C9082467} – C:\WINDOWS\System32\msdxm.ocx
O4 – HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb10.exe
O4 – HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 – HKLM\..\Run: [RemoteControl] C:\Odtwarzacze\PowerDVD\PDVDServ.exe
O4 – HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 – HKLM\..\Run: [SWN2] C:\Programy\Spyware Nuker\swnxt.exe /h
O4 – HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 – HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime –Delay
O4 – HKLM\..\Run: [DXDllRegExe] C:\WINDOWS\System32\dxdllreg.exe
O4 – HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 –k
O4 – HKCU\..\Run: [NBJ] "C:\Programy\Ahead\Nero BackItUp\NBJ.exe"
O4 – Global Startup: D–Link AirPlus.lnk = ?
O4 – Global Startup: Microsoft Office.lnk = C:\Programy\Microsoft Office\Office10\OSA.EXE
O8 – Extra context menu item: E&ksport do programu Microsoft Excel – res://C:\Programy\MICROS~1\Office10\EXCEL.EXE/3000
O9 – Extra button: Messenger – {FB5F1910–F110–11d2–BB9E–00C04F795683} – C:\Program Files\Messenger\MSMSGS.EXE
O9 – Extra 'Tools' menuitem: Messenger – {FB5F1910–F110–11d2–BB9E–00C04F795683} – C:\Program Files\Messenger\MSMSGS.EXE
O16 – DPF: {17492023–C23A–453E–A040–C7C580BBF700} (Windows Genuine Advantage Validation Tool) – http://go.microsoft.com/fwlink/?linkid=39204
O16 – DPF: {2BC66F54–93A8–11D3–BEB6–00105AA9B6AE} (Symantec AntiVirus scanner) – http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 – DPF: {6414512B–B978–451D–A0D8–FCFDF33E833C} (WUWebControl Class) – http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1137096027390
O16 – DPF: {644E432F–49D3–41A1–8DD5–E099162EEEC5} (Symantec RuFSI Utility Class) – http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O23 – Service: Ati HotKey Poller – ATI Technologies Inc. – C:\WINDOWS\System32\Ati2evxx.exe
O23 – Service: ATI Smart – Unknown owner – C:\WINDOWS\system32\ati2sgag.exe
O23 – Service: NOD32 Kernel Service (NOD32krn) – Eset – C:\Program Files\Eset\nod32krn.exe
Logfile of HijackThis v1.99.1
Scan saved at 23:47:07, on 2006–02–09
Platform: Windows XP Dodatek SP. 1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Programy\Opera\Opera.exe
C:\Programy\Spyware Nuker\swnxt.exe
D:\P2P\eMule\emule.exe
D:\P2P\eMule plus\eMule.exe
C:\Documents and Settings\Janusz\Pulpit\HijackThis.exe
R1 – HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 – HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
R1 – HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
R1 – HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R1 – HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 – HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
R1 – HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
R1 – HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R0 – HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R0 – HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = about:blank
R0 – HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = about:blank
R0 – HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
O3 – Toolbar: &Radio – {8E718888–423F–11D2–876E–00A0C9082467} – C:\WINDOWS\System32\msdxm.ocx
O4 – HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb10.exe
O4 – HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 – HKLM\..\Run: [RemoteControl] C:\Odtwarzacze\PowerDVD\PDVDServ.exe
O4 – HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 – HKLM\..\Run: [SWN2] C:\Programy\Spyware Nuker\swnxt.exe /h
O4 – HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 – HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime –Delay
O4 – HKLM\..\Run: [DXDllRegExe] C:\WINDOWS\System32\dxdllreg.exe
O4 – HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 –k
O4 – HKCU\..\Run: [NBJ] "C:\Programy\Ahead\Nero BackItUp\NBJ.exe"
O4 – Global Startup: D–Link AirPlus.lnk = ?
O4 – Global Startup: Microsoft Office.lnk = C:\Programy\Microsoft Office\Office10\OSA.EXE
O8 – Extra context menu item: E&ksport do programu Microsoft Excel – res://C:\Programy\MICROS~1\Office10\EXCEL.EXE/3000
O9 – Extra button: Messenger – {FB5F1910–F110–11d2–BB9E–00C04F795683} – C:\Program Files\Messenger\MSMSGS.EXE
O9 – Extra 'Tools' menuitem: Messenger – {FB5F1910–F110–11d2–BB9E–00C04F795683} – C:\Program Files\Messenger\MSMSGS.EXE
O16 – DPF: {17492023–C23A–453E–A040–C7C580BBF700} (Windows Genuine Advantage Validation Tool) – http://go.microsoft.com/fwlink/?linkid=39204
O16 – DPF: {2BC66F54–93A8–11D3–BEB6–00105AA9B6AE} (Symantec AntiVirus scanner) – http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 – DPF: {6414512B–B978–451D–A0D8–FCFDF33E833C} (WUWebControl Class) – http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1137096027390
O16 – DPF: {644E432F–49D3–41A1–8DD5–E099162EEEC5} (Symantec RuFSI Utility Class) – http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O23 – Service: Ati HotKey Poller – ATI Technologies Inc. – C:\WINDOWS\System32\Ati2evxx.exe
O23 – Service: ATI Smart – Unknown owner – C:\WINDOWS\system32\ati2sgag.exe
O23 – Service: NOD32 Kernel Service (NOD32krn) – Eset – C:\Program Files\Eset\nod32krn.exe
usunołem wpisy ale lol znikł mi:
O23 – Service: RadClock – Unknown owner – C:\WINDOWS\system32\RadClock.exe (file missing) potem jak uzy te kod?
O23 – Service: RadClock – Unknown owner – C:\WINDOWS\system32\RadClock.exe (file missing) potem jak uzy te kod?
Salio:
F2 – REG:system.ini: Shell=explorer.exe "c:\program files\common files\microsoft shared\web folders\ibm00001.exe"
O4 – HKCU\..\Run: [pro] C:\winstall.exe
O4 – HKCU\..\Run: [zowq] C:\PROGRA~1\COMMON~1\zowq\zowqm.exe
O20 – Winlogon Notify: Dynamic Directory – C:\WINDOWS\system32\lvn8095ue.dll (file missing)
O20 – Winlogon Notify: tcpwrk – tcpwrk.dll (file missing)
O23 – Service: RadClock – Unknown owner – C:\WINDOWS\system32\RadClock.exe (file missing)
Puść to w niepamięć – rzeczy na czerwono teź
Potem w awaryjnym dajesz start uruchomw wpisujesz cmd a potem
sc stop RadClock
sc delete RadClock
Logfile of HijackThis v1.99.1
Scan saved at 20:35:41, on 2006–02–06
Platform: Windows XP Dodatek SP. 1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\explorer.exe
C:\Odtwarzacze\PowerDVD\PDVDServ.exe
C:\Programy\Spyware Nuker\swnxt.exe
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI HYDRAVISION\HydraDM.exe
C:\Program Files\D–Link AirPlus\AirPlus.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Programy\Gadu–Gadu\gg.exe
D:\P2P\eMule plus\eMule.exe
D:\P2P\eMule\emule.exe
C:\Programy\Opera\Opera.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Documents and Settings\Janusz\Pulpit\HijackThis.exe
R1 – HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 – HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
R1 – HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
R1 – HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R1 – HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 – HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
R1 – HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
R1 – HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R0 – HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R0 – HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = about:blank
R0 – HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = about:blank
R0 – HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
F2 – REG:system.ini: Shell=explorer.exe "c:\program files\common files\microsoft shared\web folders\ibm00001.exe"
O3 – Toolbar: &Radio – {8E718888–423F–11D2–876E–00A0C9082467} – C:\WINDOWS\System32\msdxm.ocx
O4 – HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb10.exe
O4 – HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 – HKLM\..\Run: [RemoteControl] C:\Odtwarzacze\PowerDVD\PDVDServ.exe
O4 – HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 – HKLM\..\Run: [SWN2] C:\Programy\Spyware Nuker\swnxt.exe /h
O4 – HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 – HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime –Delay
O4 – HKLM\..\Run: [HydraVisionDesktopManager] C:\Program Files\ATI Technologies\ATI HYDRAVISION\HydraDM.exe
O4 – HKCU\..\Run: [NBJ] "C:\Programy\Ahead\Nero BackItUp\NBJ.exe"
O4 – HKCU\..\Run: [pro] C:\winstall.exe
O4 – HKCU\..\Run: [zowq] C:\PROGRA~1\COMMON~1\zowq\zowqm.exe
O4 – Global Startup: D–Link AirPlus.lnk = ?
O4 – Global Startup: Microsoft Office.lnk = C:\Programy\Microsoft Office\Office10\OSA.EXE
O8 – Extra context menu item: E&ksport do programu Microsoft Excel – res://C:\Programy\MICROS~1\Office10\EXCEL.EXE/3000
O9 – Extra button: Related – {c95fe080–8f5d–11d2–a20b–00aa003c157a} – C:\WINDOWS\web\related.htm
O9 – Extra 'Tools' menuitem: Show &Related Links – {c95fe080–8f5d–11d2–a20b–00aa003c157a} – C:\WINDOWS\web\related.htm
O9 – Extra button: Messenger – {FB5F1910–F110–11d2–BB9E–00C04F795683} – C:\Program Files\Messenger\MSMSGS.EXE
O9 – Extra 'Tools' menuitem: Messenger – {FB5F1910–F110–11d2–BB9E–00C04F795683} – C:\Program Files\Messenger\MSMSGS.EXE
O16 – DPF: {17492023–C23A–453E–A040–C7C580BBF700} (Windows Genuine Advantage Validation Tool) – http://go.microsoft.com/fwlink/?linkid=39204
O16 – DPF: {2BC66F54–93A8–11D3–BEB6–00105AA9B6AE} (Symantec AntiVirus scanner) – http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 – DPF: {6414512B–B978–451D–A0D8–FCFDF33E833C} (WUWebControl Class) – http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1137096027390
O16 – DPF: {644E432F–49D3–41A1–8DD5–E099162EEEC5} (Symantec RuFSI Utility Class) – http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O20 – Winlogon Notify: Dynamic Directory – C:\WINDOWS\system32\lvn8095ue.dll (file missing)
O20 – Winlogon Notify: tcpwrk – tcpwrk.dll (file missing)
O23 – Service: Ati HotKey Poller – ATI Technologies Inc. – C:\WINDOWS\System32\Ati2evxx.exe
O23 – Service: ATI Smart – Unknown owner – C:\WINDOWS\system32\ati2sgag.exe
O23 – Service: NOD32 Kernel Service (NOD32krn) – Eset – C:\Program Files\Eset\nod32krn.exe
O23 – Service: RadClock – Unknown owner – C:\WINDOWS\system32\RadClock.exe (file missing)
Scan saved at 20:35:41, on 2006–02–06
Platform: Windows XP Dodatek SP. 1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\explorer.exe
C:\Odtwarzacze\PowerDVD\PDVDServ.exe
C:\Programy\Spyware Nuker\swnxt.exe
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI HYDRAVISION\HydraDM.exe
C:\Program Files\D–Link AirPlus\AirPlus.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Programy\Gadu–Gadu\gg.exe
D:\P2P\eMule plus\eMule.exe
D:\P2P\eMule\emule.exe
C:\Programy\Opera\Opera.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Documents and Settings\Janusz\Pulpit\HijackThis.exe
R1 – HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 – HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
R1 – HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
R1 – HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R1 – HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 – HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
R1 – HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
R1 – HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R0 – HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R0 – HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = about:blank
R0 – HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = about:blank
R0 – HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
F2 – REG:system.ini: Shell=explorer.exe "c:\program files\common files\microsoft shared\web folders\ibm00001.exe"
O3 – Toolbar: &Radio – {8E718888–423F–11D2–876E–00A0C9082467} – C:\WINDOWS\System32\msdxm.ocx
O4 – HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb10.exe
O4 – HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 – HKLM\..\Run: [RemoteControl] C:\Odtwarzacze\PowerDVD\PDVDServ.exe
O4 – HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 – HKLM\..\Run: [SWN2] C:\Programy\Spyware Nuker\swnxt.exe /h
O4 – HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 – HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime –Delay
O4 – HKLM\..\Run: [HydraVisionDesktopManager] C:\Program Files\ATI Technologies\ATI HYDRAVISION\HydraDM.exe
O4 – HKCU\..\Run: [NBJ] "C:\Programy\Ahead\Nero BackItUp\NBJ.exe"
O4 – HKCU\..\Run: [pro] C:\winstall.exe
O4 – HKCU\..\Run: [zowq] C:\PROGRA~1\COMMON~1\zowq\zowqm.exe
O4 – Global Startup: D–Link AirPlus.lnk = ?
O4 – Global Startup: Microsoft Office.lnk = C:\Programy\Microsoft Office\Office10\OSA.EXE
O8 – Extra context menu item: E&ksport do programu Microsoft Excel – res://C:\Programy\MICROS~1\Office10\EXCEL.EXE/3000
O9 – Extra button: Related – {c95fe080–8f5d–11d2–a20b–00aa003c157a} – C:\WINDOWS\web\related.htm
O9 – Extra 'Tools' menuitem: Show &Related Links – {c95fe080–8f5d–11d2–a20b–00aa003c157a} – C:\WINDOWS\web\related.htm
O9 – Extra button: Messenger – {FB5F1910–F110–11d2–BB9E–00C04F795683} – C:\Program Files\Messenger\MSMSGS.EXE
O9 – Extra 'Tools' menuitem: Messenger – {FB5F1910–F110–11d2–BB9E–00C04F795683} – C:\Program Files\Messenger\MSMSGS.EXE
O16 – DPF: {17492023–C23A–453E–A040–C7C580BBF700} (Windows Genuine Advantage Validation Tool) – http://go.microsoft.com/fwlink/?linkid=39204
O16 – DPF: {2BC66F54–93A8–11D3–BEB6–00105AA9B6AE} (Symantec AntiVirus scanner) – http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 – DPF: {6414512B–B978–451D–A0D8–FCFDF33E833C} (WUWebControl Class) – http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1137096027390
O16 – DPF: {644E432F–49D3–41A1–8DD5–E099162EEEC5} (Symantec RuFSI Utility Class) – http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O20 – Winlogon Notify: Dynamic Directory – C:\WINDOWS\system32\lvn8095ue.dll (file missing)
O20 – Winlogon Notify: tcpwrk – tcpwrk.dll (file missing)
O23 – Service: Ati HotKey Poller – ATI Technologies Inc. – C:\WINDOWS\System32\Ati2evxx.exe
O23 – Service: ATI Smart – Unknown owner – C:\WINDOWS\system32\ati2sgag.exe
O23 – Service: NOD32 Kernel Service (NOD32krn) – Eset – C:\Program Files\Eset\nod32krn.exe
O23 – Service: RadClock – Unknown owner – C:\WINDOWS\system32\RadClock.exe (file missing)
Wkleic jego zawartosc :wink:
jak dodc lag aby był widoczny bezposrednio na poście,kurna nie moge go dodac jako załącznikc wyskakóje błąd?"Logowanie do serwera FTP nie powiodło się. Sprawdź swoją Nazwę Uźytkownika 'cxp' i Hasło."
Tylko ze wynikł problem z::::System windows nie moźe odnaleźć pliku "c;\program files\common files\microsoft harde\web folders\ibm 00001.exe.Czy to powaźne...?
Wpisz sobie do wyszukiwarki forumowej 00001 i zobacz co z tym zrobić.
pozbyłem się chyba... virusów/trojanów itp. antywirusami Nod32 i Spyware Nuker XT dziwne norton antivirus 2006 demo nic mi nie znalazł, na szczęście system mi sie nie muli. Tylko ze wynikł problem z::::System windows nie moźe odnaleźć pliku "c;\program files\common files\microsoft harde\web folders\ibm 00001.exe.Czy to powaźne...?
Sorki, wykrył go Norton antywirus 2003 nie mogę znaleźć dane połoźenia trojona nazwie jego odkryłem po raportach kolega mówi źe go moźna wyłączyć ale niewiem jak go znaleźć.
Złapałem go źciągająć ze
stronki
Złapałem go źciągająć ze
stronki
Czyli mam sie juz zbierać, przyjeźdzać i trojana na miejscu wywalić?
Łapska opadają jak się takie tematy czyta, wersji downloaderów jest jak psów, strzelić mam jaki się u Ciebie zadomowił? Jakiś program wykrył go, czy sam sobie to ubzdurałeś? W jakimś pliku na dysku czy na chodniku przed domem?
Wymieniac dalej czego zabrakło w pierwszym poście, czy sam to sobie uświadomisz po lekturze tego tematu?
To tak jakbyś na forum napisał, ze Ci mieszkanie sąsiedzi zalewają, pomocy! Litości.
Łapska opadają jak się takie tematy czyta, wersji downloaderów jest jak psów, strzelić mam jaki się u Ciebie zadomowił? Jakiś program wykrył go, czy sam sobie to ubzdurałeś? W jakimś pliku na dysku czy na chodniku przed domem?
Wymieniac dalej czego zabrakło w pierwszym poście, czy sam to sobie uświadomisz po lekturze tego tematu?
To tak jakbyś na forum napisał, ze Ci mieszkanie sąsiedzi zalewają, pomocy! Litości.
Strona 1 / 1