Róźnica zdań pomiędzy Spybotem a Kasperskim on–line.
Skanowanie systemu Spaybotem wykazało czerwony problem–BPS Spyware Remover w folderze programu Bullet Proof Soft. Plik i znalezione powiązania zostały spakowane przez Spybota w folderze Recovery.Ponowne sprawdzenie plików w Recovery programem Norton AntiVirus i Kasperski on–line nie potwierdziło zagroźenia. Proszę o informacje czy pliki te stanowią zagroźenie czy nie.
Kopia zap[AheadNeroBurningRom.zip]
File=C:\Documents and Settings\All Users\Dane aplikacji\Spybot – Search & Destroy\Recovery\sbRecovery.reg
Product=Ahead Nero Burning Rom
Description=Compilation directory
Date=2006–03–24 19:44:51
Destination=HKEY_USERS\S–1–5–21–2611717577–2814092748–3809333243–1006\Software\Ahead\Nero – Burning Rom\Settings\NeroCompilation!=
Type=Registry
[AheadNeroBurningRom1.zip]
File=C:\Documents and Settings\All Users\Dane aplikacji\Spybot – Search & Destroy\Recovery\sbRecovery.reg
Product=Ahead Nero Burning Rom
Description=Last ISO directory
Date=2006–03–24 19:44:52
Destination=HKEY_USERS\S–1–5–21–2611717577–2814092748–3809333243–1006\Software\ahead\Nero – Burning Rom\General\OFDLastISODir!=
Type=Registry
[BPSSpywareRemover.zip]
File=*
Product=BPS Spyware Remover
Description=Folder programu
Date=2006–03–24 19:44:52
Destination=C:\Program Files\BulletProofSoft.com\BPS Spyware & Adware Remover\
Type=Directory
[CommonDialogs.zip]
File=C:\Documents and Settings\All Users\Dane aplikacji\Spybot – Search & Destroy\Recovery\sbRecovery.reg
Product=Common Dialogs
Description=History
Date=2006–03–24 19:44:59
Destination=HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSaveMRU
Type=Registry
[InternetExplorer.zip]
File=C:\Documents and Settings\All Users\Dane aplikacji\Spybot – Search & Destroy\Recovery\sbRecovery.reg
Product=Internet Explorer
Description=AutoComplete data
Date=2006–03–24 19:44:59
Destination=HKEY_USERS\S–1–5–21–2611717577–2814092748–3809333243–1006\Software\Microsoft\Internet Explorer\IntelliForms\SPW
Type=Registry
[InternetExplorer1.zip]
File=C:\Documents and Settings\All Users\Dane aplikacji\Spybot – Search & Destroy\Recovery\sbRecovery.reg
Product=Internet Explorer
Description=User agent
Date=2006–03–24 19:44:59
Destination=HKEY_USERS\S–1–5–18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent!=Mozilla/4.0 (compatible; MSIE; Win32)
Type=Registry
[InternetExplorer2.zip]
File=C:\Documents and Settings\All Users\Dane aplikacji\Spybot – Search & Destroy\Recovery\sbRecovery.reg
Product=Internet Explorer
Description=User agent
Date=2006–03–24 19:44:59
Destination=HKEY_USERS\S–1–5–21–2611717577–2814092748–3809333243–1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent!=Mozilla/4.0 (compatible; MSIE; Win32)
Type=Registry
[InternetExplorer3.zip]
File=C:\Documents and Settings\All Users\Dane aplikacji\Spybot – Search & Destroy\Recovery\sbRecovery.reg
Product=Internet Explorer
Description=User agent
Date=2006–03–24 19:44:59
Destination=HKEY_USERS\S–1–5–20\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent!=Mozilla/4.0 (compatible; MSIE; Win32)
Type=Registry
[InternetExplorer4.zip]
File=C:\Documents and Settings\All Users\Dane aplikacji\Spybot – Search & Destroy\Recovery\sbRecovery.reg
Product=Internet Explorer
Description=User agent
Date=2006–03–24 19:45:00
Destination=HKEY_USERS\S–1–5–19\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent!=Mozilla/4.0 (compatible; MSIE; Win32)
Type=Registry
[InternetExplorer5.zip]
File=C:\Documents and Settings\All Users\Dane aplikacji\Spybot – Search & Destroy\Recovery\sbRecovery.reg
Product=Internet Explorer
Description=User agent
Date=2006–03–24 19:45:00
Destination=HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent!=Mozilla/4.0 (compatible; MSIE; Win32)
Type=Registry
[MSDirectD.zip]
File=C:\Documents and Settings\All Users\Dane aplikacji\Spybot – Search & Destroy\Recovery\sbRecovery.reg
Product=MS Direct3D
Description=Most recent application
Date=2006–03–24 19:45:00
Destination=HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Direct3D\MostRecentApplication\Name!=
Type=Registry
[MSDirectDraw.zip]
File=C:\Documents and Settings\All Users\Dane aplikacji\Spybot – Search & Destroy\Recovery\sbRecovery.reg
Product=MS DirectDraw
Description=Most recent application
Date=2006–03–24 19:45:00
Destination=HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DirectDraw\MostRecentApplication\Name!=
Type=Registry
[MSMediaPlayer.zip]
File=C:\Documents and Settings\All Users\Dane aplikacji\Spybot – Search & Destroy\Recovery\sbRecovery.reg
Product=MS Media Player
Description=Anonymous ID
Date=2006–03–24 19:45:00
Destination=HKEY_USERS\S–1–5–21–2611717577–2814092748–3809333243–1006\Software\Microsoft\MediaPlayer\Preferences\SendUserGUID!=B=0
Type=Registry
[MSMediaPlayer1.zip]
File=C:\Documents and Settings\All Users\Dane aplikacji\Spybot – Search & Destroy\Recovery\sbRecovery.reg
Product=MS Media Player
Description=Search terms history
Date=2006–03–24 19:45:00
Destination=HKEY_USERS\S–1–5–21–2611717577–2814092748–3809333243–1006\Software\Microsoft\MediaPlayer\AutoComplete\MediaSearch
Type=Registry
[MSOffice.zip]
File=C:\Documents and Settings\All Users\Dane aplikacji\Spybot – Search & Destroy\Recovery\sbRecovery.reg
Product=MS Office 9.0
Description=Internet history
Date=2006–03–24 19:45:01
Destination=HKEY_USERS\S–1–5–21–2611717577–2814092748–3809333243–1006\Software\Microsoft\Office\9.0\Common\Internet\LocationOfComponents
Type=Registry
[MSOffice1.zip]
File=C:\Documents and Settings\All Users\Dane aplikacji\Spybot – Search & Destroy\Recovery\sbRecovery.reg
Product=MS Office 9.0
Description=Access recent file
Date=2006–03–24 19:45:01
Destination=HKEY_USERS\S–1–5–21–2611717577–2814092748–3809333243–1006\Software\Microsoft\Office\9.0\Access\Settings
Type=Registry
[MSOffice2.zip]
File=*
Product=MS Office 9.0
Description=Recently used files
Date=2006–03–24 19:45:01
Destination=C:\Documents and Settings\Mizeraccy\Dane aplikacji\Microsoft\Office\Niedawny\
Type=Directory
[MSOfficeStartAssistant.zip]
File=C:\Documents and Settings\All Users\Dane aplikacji\Spybot – Search & Destroy\Recovery\sbRecovery.reg
Product=MS Office 9.0 (Start Assistant)
Description=Last opened file directory
Date=2006–03–24 19:45:00
Destination=HKEY_USERS\S–1–5–21–2611717577–2814092748–3809333243–1006\Software\Microsoft\Office\9.0\Osa\FindFile\Place!=
Type=Registry
[MSOfficeWord.zip]
File=C:\Documents and Settings\All Users\Dane aplikacji\Spybot – Search & Destroy\Recovery\sbRecovery.reg
Product=MS Office 9.0 (Word)
Description=Recently used file list
Date=2006–03–24 19:45:00
Destination=HKEY_USERS\S–1–5–21–2611717577–2814092748–3809333243–1006\Software\Microsoft\Office\9.0\Word\Data\Settings
Type=Registry
[MSSearchAssistant.zip]
File=C:\Documents and Settings\All Users\Dane aplikacji\Spybot – Search & Destroy\Recovery\sbRecovery.reg
Product=MS Search Assistant
Description=Typed search terms history
Date=2006–03–24 19:45:31
Destination=HKEY_USERS\S–1–5–21–2611717577–2814092748–3809333243–1006\Software\Microsoft\Search Assistant\ACMru
Type=Registry
[Windows.zip]
File=C:\Documents and Settings\All Users\Dane aplikacji\Spybot – Search & Destroy\Recovery\sbRecovery.reg
Product=Windows
Description=Drivers installation paths
Date=2006–03–24 19:45:36
Destination=HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\Installation Sources!=
Type=Registry
[WindowsExplorer.zip]
File=C:\Documents and Settings\All Users\Dane aplikacji\Spybot – Search & Destroy\Recovery\sbRecovery.reg
Product=Windows Explorer
Description=Last Copy/MoveTo folder
Date=2006–03–24 19:45:31
Destination=HKEY_USERS\S–1–5–21–2611717577–2814092748–3809333243–1006\Software\Microsoft\Windows\CurrentVersion\Explorer\CopyMoveTo\LastFolder
Type=Registry
[WindowsExplorer1.zip]
File=C:\Documents and Settings\All Users\Dane aplikacji\Spybot – Search & Destroy\Recovery\sbRecovery.reg
Product=Windows Explorer
Description=Last visited history
Date=2006–03–24 19:45:31
Destination=HKEY_USERS\S–1–5–21–2611717577–2814092748–3809333243–1006\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\LastVisitedMRU
Type=Registry
[WindowsExplorer10.zip]
File=C:\Documents and Settings\All Users\Dane aplikacji\Spybot – Search & Destroy\Recovery\sbRecovery.reg
Product=Windows Explorer
Description=User Assistant history IE
Date=2006–03–24 19:45:34
Destination=HKEY_USERS\S–1–5–21–2611717577–2814092748–3809333243–1006\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{5E6AB780–7743–11CF–A12B–00AA004AE837}\Count
Type=Registry
[WindowsExplorer2.zip]
File=C:\Documents and Settings\All Users\Dane aplikacji\Spybot – Search & Destroy\Recovery\sbRecovery.reg
Product=Windows Explorer
Description=Recent file global history
Date=2006–03–24 19:45:31
Destination=HKEY_USERS\S–1–5–18\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs
Type=Registry
[WindowsExplorer3.zip]
File=C:\Documents and Settings\All Users\Dane aplikacji\Spybot – Search & Destroy\Recovery\sbRecovery.reg
Product=Windows Explorer
Description=Recent file global history
Date=2006–03–24 19:45:31
Destination=HKEY_USERS\S–1–5–21–2611717577–2814092748–3809333243–1006\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs
Type=Registry
[WindowsExplorer4.zip]
File=C:\Documents and Settings\All Users\Dane aplikacji\Spybot – Search & Destroy\Recovery\sbRecovery.reg
Product=Windows Explorer
Description=Recent file global history
Date=2006–03–24 19:45:32
Destination=HKEY_USERS\S–1–5–20\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs
Type=Registry
[WindowsExplorer5.zip]
File=C:\Documents and Settings\All Users\Dane aplikacji\Spybot – Search & Destroy\Recovery\sbRecovery.reg
Product=Windows Explorer
Description=Recent file global history
Date=2006–03–24 19:45:32
Destination=HKEY_USERS\S–1–5–19\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs
Type=Registry
[WindowsExplorer6.zip]
File=C:\Documents and Settings\All Users\Dane aplikacji\Spybot – Search & Destroy\Recovery\sbRecovery.reg
Product=Windows Explorer
Description=Recent file global history
Date=2006–03–24 19:45:32
Destination=HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs
Type=Registry
[WindowsExplorer7.zip]
File=C:\Documents and Settings\All Users\Dane aplikacji\Spybot – Search & Destroy\Recovery\sbRecovery.reg
Product=Windows Explorer
Description=Recent wallpaper list
Date=2006–03–24 19:45:32
Destination=HKEY_USERS\S–1–5–21–2611717577–2814092748–3809333243–1006\Software\Microsoft\Windows\CurrentVersion\Explorer\Wallpaper\MRU
Type=Registry
[WindowsExplorer8.zip]
File=C:\Documents and Settings\All Users\Dane aplikacji\Spybot – Search & Destroy\Recovery\sbRecovery.reg
Product=Windows Explorer
Description=Stream history
Date=2006–03–24 19:45:33
Destination=HKEY_USERS\S–1–5–21–2611717577–2814092748–3809333243–1006\Software\Microsoft\Windows\CurrentVersion\Explorer\StreamMRU
Type=Registry
[WindowsExplorer9.zip]
File=C:\Documents and Settings\All Users\Dane aplikacji\Spybot – Search & Destroy\Recovery\sbRecovery.reg
Product=Windows Explorer
Description=User Assistant history files
Date=2006–03–24 19:45:33
Destination=HKEY_USERS\S–1–5–21–2611717577–2814092748–3809333243–1006\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{75048700–EF1F–11D0–9888–006097DEACF9}\Count
Type=Registry
[WindowsMediaSDK.zip]
File=C:\Documents and Settings\All Users\Dane aplikacji\Spybot – Search & Destroy\Recovery\sbRecovery.reg
Product=Windows Media SDK
Description=Computer name
Date=2006–03–24 19:45:34
Destination=HKEY_USERS\S–1–5–18\Software\Microsoft\Windows Media\WMSDK\General\ComputerName!=ComputerName
Type=Registry
[WindowsMediaSDK1.zip]
File=C:\Documents and Settings\All Users\Dane aplikacji\Spybot – Search & Destroy\Recovery\sbRecovery.reg
Product=Windows Media SDK
Description=Computer name
Date=2006–03–24 19:45:34
Destination=HKEY_USERS\S–1–5–21–2611717577–2814092748–3809333243–1006\Software\Microsoft\Windows Media\WMSDK\General\ComputerName!=ComputerName
Type=Registry
[WindowsMediaSDK2.zip]
File=C:\Documents and Settings\All Users\Dane aplikacji\Spybot – Search & Destroy\Recovery\sbRecovery.reg
Product=Windows Media SDK
Description=Computer name
Date=2006–03–24 19:45:34
Destination=HKEY_USERS\.DEFAULT\Software\Microsoft\Windows Media\WMSDK\General\ComputerName!=ComputerName
Type=Registry
[WindowsMediaSDK3.zip]
File=C:\Documents and Settings\All Users\Dane aplikacji\Spybot – Search & Destroy\Recovery\sbRecovery.reg
Product=Windows Media SDK
Description=Unique ID
Date=2006–03–24 19:45:35
Destination=HKEY_USERS\S–1–5–18\Software\Microsoft\Windows Media\WMSDK\General\UniqueID!={00000000–0000–0000–0000–000000000000}
Type=Registry
[WindowsMediaSDK4.zip]
File=C:\Documents and Settings\All Users\Dane aplikacji\Spybot – Search & Destroy\Recovery\sbRecovery.reg
Product=Windows Media SDK
Description=Unique ID
Date=2006–03–24 19:45:35
Destination=HKEY_USERS\S–1–5–21–2611717577–2814092748–3809333243–1006\Software\Microsoft\Windows Media\WMSDK\General\UniqueID!={00000000–0000–0000–0000–000000000000}
Type=Registry
[WindowsMediaSDK5.zip]
File=C:\Documents and Settings\All Users\Dane aplikacji\Spybot – Search & Destroy\Recovery\sbRecovery.reg
Product=Windows Media SDK
Description=Unique ID
Date=2006–03–24 19:45:35
Destination=HKEY_USERS\.DEFAULT\Software\Microsoft\Windows Media\WMSDK\General\UniqueID!={00000000–0000–0000–0000–000000000000}
Type=Registry
[WindowsMediaSDK6.zip]
File=C:\Documents and Settings\All Users\Dane aplikacji\Spybot – Search & Destroy\Recovery\sbRecovery.reg
Product=Windows Media SDK
Description=Volume serial number
Date=2006–03–24 19:45:35
Destination=HKEY_USERS\S–1–5–18\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber
Type=Registry
[WindowsMediaSDK7.zip]
File=C:\Documents and Settings\All Users\Dane aplikacji\Spybot – Search & Destroy\Recovery\sbRecovery.reg
Product=Windows Media SDK
Description=Volume serial number
Date=2006–03–24 19:45:35
Destination=HKEY_USERS\S–1–5–21–2611717577–2814092748–3809333243–1006\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber
Type=Registry
[WindowsMediaSDK8.zip]
File=C:\Documents and Settings\All Users\Dane aplikacji\Spybot – Search & Destroy\Recovery\sbRecovery.reg
Product=Windows Media SDK
Description=Volume serial number
Date=2006–03–24 19:45:35
Destination=HKEY_USERS\.DEFAULT\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber
Type=Registry
[WindowsOpenWith.zip]
File=C:\Documents and Settings\All Users\Dane aplikacji\Spybot – Search & Destroy\Recovery\sbRecovery.reg
Product=Windows.OpenWith
Description=Open with list – .ACE extension
Date=2006–03–24 19:45:35
Destination=HKEY_USERS\S–1–5–21–2611717577–2814092748–3809333243–1006\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ACE\OpenWithList
Type=Registry
[WindowsOpenWith1.zip]
File=C:\Documents and Settings\All Users\Dane aplikacji\Spybot – Search & Destroy\Recovery\sbRecovery.reg
Product=Windows.OpenWith
Description=Open with list – .AVI extension
Date=2006–03–24 19:45:35
Destination=HKEY_USERS\S–1–5–21–2611717577–2814092748–3809333243–1006\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.AVI\OpenWithList
Type=Registry
[WindowsOpenWith2.zip]
File=C:\Documents and Settings\All Users\Dane aplikacji\Spybot – Search & Destroy\Recovery\sbRecovery.reg
Product=Windows.OpenWith
Description=Open with list – .BCP extension
Date=2006–03–24 19:45:35
Destination=HKEY_USERS\S–1–5–21–2611717577–2814092748–3809333243–1006\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BCP\OpenWithList
Type=Registry
[WindowsOpenWith3.zip]
File=C:\Documents and Settings\All Users\Dane aplikacji\Spybot – Search & Destroy\Recovery\sbRecovery.reg
Product=Windows.OpenWith
Description=Open with list – .BIN extension
Date=2006–03–24 19:45:36
Destination=HKEY_USERS\S–1–5–21–2611717577–2814092748–3809333243–1006\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BIN\OpenWithList
Type=Registry
[WindowsOpenWith4.zip]
File=C:\Documents and Settings\All Users\Dane aplikacji\Spybot – Search & Destroy\Recovery\sbRecovery.reg
Product=Windows.OpenWith
Description=Open with list – .BMP extension
Date=2006–03–24 19:45:36
Destination=HKEY_USERS\S–1–5–21–2611717577–2814092748–3809333243–1006\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BMP\OpenWithList
Type=Registry
[WindowsOpenWith5.zip]
File=C:\Documents and Settings\All Users\Dane aplikacji\Spybot – Search & Destroy\Recovery\sbRecovery.reg
Product=Windows.OpenWith
Description=Open with list – .CAB extension
Date=2006–03–24 19:45:36
Destination=HKEY_USERS\S–1–5–21–2611717577–2814092748–3809333243–1006\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CAB\OpenWithList
Type=Registry
[WindowsOpenWith6.zip]
File=C:\Documents and Settings\All Users\Dane aplikacji\Spybot – Search & Destroy\Recovery\sbRecovery.reg
Product=Windows.OpenWith
Description=Open with list – .CDA extension
Date=2006–03–24 19:45:36
Destination=HKEY_USERS\S–1–5–21–2611717577–2814092748–3809333243–1006\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CDA\OpenWithList
Type=Registry
[WindowsOpenWith7.zip]
File=C:\Documents and Settings\All Users\Dane aplikacji\Spybot – Search & Destroy\Recovery\sbRecovery.reg
Product=Windows.OpenWith
Description=Open with list – .CSS extension
Date=2006–03–24 19:45:36
Destination=HKEY_USERS\S–1–5–21–2611717577–2814092748–3809333243–1006\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CSS\OpenWithList
Type=Registry
[WindowsOpenWith8.zip]
File=C:\Documents and Settings\All Users\Dane aplikacji\Spybot – Search & Destroy\Recovery\sbRecovery.reg
Product=Windows.OpenWith
Description=Open with list – .CSV extension
Date=2006–03–24 19:45:36
Destination=HKEY_USERS\S–1–5–21–2611717577–2814092748–3809333243–1006\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CSV\OpenWithList
Type=Registry
[WindowsOpenWith9.zip]
File=C:\Documents and Settings\All Users\Dane aplikacji\Spybot – Search & Destroy\Recovery\sbRecovery.reg
Product=Windows.OpenWith
Description=Open with list – .CUE extension
Date=2006–03–24 19:45:36
Destination=HKEY_USERS\S–1–5–21–2611717577–2814092748–3809333243–1006\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CUE\OpenWithList
Type=Registry
[WinRAR.zip]
File=C:\Documents and Settings\All Users\Dane aplikacji\Spybot – Search & Destroy\Recovery\sbRecovery.reg
Product=WinRAR
Description=Managed by wizard archives history
Date=2006–03–24 19:45:36
Destination=HKEY_USERS\S–1–5–21–2611717577–2814092748–3809333243–1006\Software\WinRAR\DialogEditHistory\WizArcName
Type=Registry
[WinRAR1.zip]
File=C:\Documents and Settings\All Users\Dane aplikacji\Spybot – Search & Destroy\Recovery\sbRecovery.reg
Product=WinRAR
Description=Search by archive name history
Date=2006–03–24 19:45:37
Destination=HKEY_USERS\S–1–5–21–2611717577–2814092748–3809333243–1006\Software\WinRAR\DialogEditHistory\FindNames
Type=Registry
[WinRAR2.zip]
File=C:\Documents and Settings\All Users\Dane aplikacji\Spybot – Search & Destroy\Recovery\sbRecovery.reg
Product=WinRAR
Description=Search by archive type history
Date=2006–03–24 19:45:37
Destination=HKEY_USERS\S–1–5–21–2611717577–2814092748–3809333243–1006\Software\WinRAR\DialogEditHistory\FindArcNames
Type=Registry
Log
Logfile of HijackThis v1.99.1
Scan saved at 12:42:10, on 2006–03–27
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Symantec\Norton Ghost 2003\GhostStartTrayApp.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\PROGRA~1\SwiftBtn\SwiftBtn.EXE
C:\Program Files\GlobespanVirata\XPFix.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\PopTray\PopTray.exe
C:\PROGRA~1\Symantec\NORTON~1\GHOSTS~2.EXE
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\SAVScan.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\Program Files\eMule\eMule.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Mizeraccy\Pulpit\hijackthis.com
R0 – HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/
R0 – HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/
R0 – HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
O2 – BHO: AcroIEHlprObj Class – {06849E9F–C8D7–4D59–B87D–784B7D6BE0B3} – C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 – BHO: (no name) – {53707962–6F74–2D53–2644–206D7942484F} – C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 – BHO: SSVHelper Class – {761497BB–D6F0–462C–B6EB–D4DAF1D92D43} – C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 – BHO: Google Toolbar Helper – {AA58ED58–01DD–4d91–8333–CF10577473F7} – c:\program files\google\googletoolbar2.dll
O2 – BHO: CNavExtBho Class – {BDF3E430–B101–42AD–A544–FADC6B084872} – C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 – Toolbar: Norton AntiVirus – {42CDD1BF–3FFB–4238–8AD1–7859DF00B1D6} – C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 – Toolbar: Easy–WebPrint – {327C2873–E90D–4c37–AA9D–10AC9BABA46C} – C:\Program Files\Canon\Easy–WebPrint\Toolband.dll
O3 – Toolbar: &Google – {2318C2B1–4965–11d4–9B18–009027A5CD4F} – C:\WINDOWS\Downloaded Program Files\googlenav.dll
O3 – Toolbar: Yahoo! Toolbar – {EF99BD32–C1FB–11D2–892F–0090271D4F88} – C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 – HKLM\..\Run: [GhostStartTrayApp] C:\Program Files\Symantec\Norton Ghost 2003\GhostStartTrayApp.exe
O4 – HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 – HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 – HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 – HKLM\..\Run: [QT4StBtn] C:\PROGRA~1\SwiftBtn\SwiftBtn.EXE
O4 – HKLM\..\Run: [XPFix] C:\Program Files\GlobespanVirata\XPFix.exe
O4 – HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 – HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 – HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 – HKLM\..\Run: [Easy–PrintToolBox] C:\Program Files\Canon\Easy–PrintToolBox\BJPSMAIN.EXE /logon
O4 – HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 – HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 – HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 – HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" –hide
O4 – HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 – HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 – HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\ccleaner.exe" /AUTO
O4 – Startup: PopTray.lnk = C:\Program Files\PopTray\PopTray.exe
O4 – Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 – Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 – Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 – Extra context menu item: &Tlumacz z LING... – http://www.ling.pl/ling/def–src.php4
O8 – Extra context menu item: &Translate English Word – res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 – Extra context menu item: Backward Links – res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 – Extra context menu item: Cached Snapshot of Page – res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 – Extra context menu item: Easy–WebPrint Add To Print List – res://C:\Program Files\Canon\Easy–WebPrint\Resource.dll/RC_AddToList.html
O8 – Extra context menu item: Easy–WebPrint High Speed Print – res://C:\Program Files\Canon\Easy–WebPrint\Resource.dll/RC_HSPrint.html
O8 – Extra context menu item: Easy–WebPrint Preview – res://C:\Program Files\Canon\Easy–WebPrint\Resource.dll/RC_Preview.html
O8 – Extra context menu item: Easy–WebPrint Print – res://C:\Program Files\Canon\Easy–WebPrint\Resource.dll/RC_Print.html
O8 – Extra context menu item: Similar Pages – res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 – Extra context menu item: Translate Page into English – res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O9 – Extra button: (no name) – {08B0E5C0–4FCB–11CF–AAA5–00401C608501} – C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 – Extra 'Tools' menuitem: Sun Java Console – {08B0E5C0–4FCB–11CF–AAA5–00401C608501} – C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 – Extra button: Messenger – {FB5F1910–F110–11d2–BB9E–00C04F795683} – C:\Program Files\Messenger\msmsgs.exe
O9 – Extra 'Tools' menuitem: Windows Messenger – {FB5F1910–F110–11d2–BB9E–00C04F795683} – C:\Program Files\Messenger\msmsgs.exe
O16 – DPF: {0EB0E74A–2A76–4AB3–A7FB–9BD8C29F7F75} (CKAVWebScan Object) – http://www.kaspersky.pl/resources/virusscanner/kavwebscan_unicode.cab
O16 – DPF: {17492023–C23A–453E–A040–C7C580BBF700} (Windows Genuine Advantage Validation Tool) – http://go.microsoft.com/fwlink/?linkid=48835
O16 – DPF: {2BC66F54–93A8–11D3–BEB6–00105AA9B6AE} (Symantec AntiVirus scanner) – http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 – DPF: {3D8700FB–86A4–4CB4–B738–6F0FC016AC7D} (MainControl Class) – http://arcaonline.arcabit.com/ArcaOnline.cab
O16 – DPF: {644E432F–49D3–41A1–8DD5–E099162EEEC5} (Symantec RuFSI Utility Class) – http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 – DPF: {6CB5E471–C305–11D3–99A8–000086395495} (Google Activate) – http://toolbar.google.com/data/pl/big/1.1.62–big/GoogleNav.cab
O16 – DPF: {6E32070A–766D–4EE6–879C–DC1FA91D2FC3} (MUWebControl Class) – http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1121632147109
O16 – DPF: {74D05D43–3236–11D4–BDCD–00C04F9A3B61} (HouseCall Control) – http://a840.g.akamai.net/7/840/537/2005111401/housecall.trendmicro.com/housecall/xscan53.cab
O16 – DPF: {9A9307A0–7DA4–4DAF–B042–5009F29E09E1} (ActiveScan Installer Class) – http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 – DPF: {B38870E4–7ECB–40DA–8C6A–595F0A5519FF} (MsnMessengerSetupDownloadControl Class) – http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 – DPF: {E7544C6C–CFD6–43EA–B4E9–360CEE20BDF7} (MainControl Class) – http://skaner.mks.com.pl/SkanerOnline.cab
O18 – Protocol: msnim – {828030A1–22C1–4009–854F–8E305202313F} – "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 – Winlogon Notify: avldr – C:\WINDOWS\
O20 – Winlogon Notify: WgaLogon – C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 – Service: ArcaBit NetMonitor (ABNetMon) – Unknown owner – C:\Program Files\MKS\Bin\NetMonSV.exe (file missing)
O23 – Service: Ati HotKey Poller – Unknown owner – C:\WINDOWS\system32\Ati2evxx.exe
O23 – Service: Symantec Event Manager (ccEvtMgr) – Symantec Corporation – C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 – Service: Symantec Password Validation (ccPwdSvc) – Symantec Corporation – C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 – Service: Symantec Settings Manager (ccSetMgr) – Symantec Corporation – C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 – Service: GhostStartService – Symantec Corporation – C:\PROGRA~1\Symantec\NORTON~1\GHOSTS~2.EXE
O23 – Service: InCD Helper (InCDsrv) – Ahead Software AG – C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 – Service: MkS_Vir Monitor (MksVirMonSvc) – Unknown owner – C:\Program Files\MKS\Bin\mksmonsv.exe (file missing)
O23 – Service: Usługa Auto Protect programu Norton AntiVirus (navapsvc) – Symantec Corporation – C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 – Service: SAVScan – Symantec Corporation – C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 – Service: ScriptBlocking Service (SBService) – Symantec Corporation – C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 – Service: Symantec Network Drivers Service (SNDSrvc) – Symantec Corporation – C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 – Service: SymWMI Service (SymWSC) – Symantec Corporation – C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
asowa Spybota ze stwierdzonymi zagroźeniami:
Kopia zap[AheadNeroBurningRom.zip]
File=C:\Documents and Settings\All Users\Dane aplikacji\Spybot – Search & Destroy\Recovery\sbRecovery.reg
Product=Ahead Nero Burning Rom
Description=Compilation directory
Date=2006–03–24 19:44:51
Destination=HKEY_USERS\S–1–5–21–2611717577–2814092748–3809333243–1006\Software\Ahead\Nero – Burning Rom\Settings\NeroCompilation!=
Type=Registry
[AheadNeroBurningRom1.zip]
File=C:\Documents and Settings\All Users\Dane aplikacji\Spybot – Search & Destroy\Recovery\sbRecovery.reg
Product=Ahead Nero Burning Rom
Description=Last ISO directory
Date=2006–03–24 19:44:52
Destination=HKEY_USERS\S–1–5–21–2611717577–2814092748–3809333243–1006\Software\ahead\Nero – Burning Rom\General\OFDLastISODir!=
Type=Registry
[BPSSpywareRemover.zip]
File=*
Product=BPS Spyware Remover
Description=Folder programu
Date=2006–03–24 19:44:52
Destination=C:\Program Files\BulletProofSoft.com\BPS Spyware & Adware Remover\
Type=Directory
[CommonDialogs.zip]
File=C:\Documents and Settings\All Users\Dane aplikacji\Spybot – Search & Destroy\Recovery\sbRecovery.reg
Product=Common Dialogs
Description=History
Date=2006–03–24 19:44:59
Destination=HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSaveMRU
Type=Registry
[InternetExplorer.zip]
File=C:\Documents and Settings\All Users\Dane aplikacji\Spybot – Search & Destroy\Recovery\sbRecovery.reg
Product=Internet Explorer
Description=AutoComplete data
Date=2006–03–24 19:44:59
Destination=HKEY_USERS\S–1–5–21–2611717577–2814092748–3809333243–1006\Software\Microsoft\Internet Explorer\IntelliForms\SPW
Type=Registry
[InternetExplorer1.zip]
File=C:\Documents and Settings\All Users\Dane aplikacji\Spybot – Search & Destroy\Recovery\sbRecovery.reg
Product=Internet Explorer
Description=User agent
Date=2006–03–24 19:44:59
Destination=HKEY_USERS\S–1–5–18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent!=Mozilla/4.0 (compatible; MSIE; Win32)
Type=Registry
[InternetExplorer2.zip]
File=C:\Documents and Settings\All Users\Dane aplikacji\Spybot – Search & Destroy\Recovery\sbRecovery.reg
Product=Internet Explorer
Description=User agent
Date=2006–03–24 19:44:59
Destination=HKEY_USERS\S–1–5–21–2611717577–2814092748–3809333243–1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent!=Mozilla/4.0 (compatible; MSIE; Win32)
Type=Registry
[InternetExplorer3.zip]
File=C:\Documents and Settings\All Users\Dane aplikacji\Spybot – Search & Destroy\Recovery\sbRecovery.reg
Product=Internet Explorer
Description=User agent
Date=2006–03–24 19:44:59
Destination=HKEY_USERS\S–1–5–20\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent!=Mozilla/4.0 (compatible; MSIE; Win32)
Type=Registry
[InternetExplorer4.zip]
File=C:\Documents and Settings\All Users\Dane aplikacji\Spybot – Search & Destroy\Recovery\sbRecovery.reg
Product=Internet Explorer
Description=User agent
Date=2006–03–24 19:45:00
Destination=HKEY_USERS\S–1–5–19\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent!=Mozilla/4.0 (compatible; MSIE; Win32)
Type=Registry
[InternetExplorer5.zip]
File=C:\Documents and Settings\All Users\Dane aplikacji\Spybot – Search & Destroy\Recovery\sbRecovery.reg
Product=Internet Explorer
Description=User agent
Date=2006–03–24 19:45:00
Destination=HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent!=Mozilla/4.0 (compatible; MSIE; Win32)
Type=Registry
[MSDirectD.zip]
File=C:\Documents and Settings\All Users\Dane aplikacji\Spybot – Search & Destroy\Recovery\sbRecovery.reg
Product=MS Direct3D
Description=Most recent application
Date=2006–03–24 19:45:00
Destination=HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Direct3D\MostRecentApplication\Name!=
Type=Registry
[MSDirectDraw.zip]
File=C:\Documents and Settings\All Users\Dane aplikacji\Spybot – Search & Destroy\Recovery\sbRecovery.reg
Product=MS DirectDraw
Description=Most recent application
Date=2006–03–24 19:45:00
Destination=HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DirectDraw\MostRecentApplication\Name!=
Type=Registry
[MSMediaPlayer.zip]
File=C:\Documents and Settings\All Users\Dane aplikacji\Spybot – Search & Destroy\Recovery\sbRecovery.reg
Product=MS Media Player
Description=Anonymous ID
Date=2006–03–24 19:45:00
Destination=HKEY_USERS\S–1–5–21–2611717577–2814092748–3809333243–1006\Software\Microsoft\MediaPlayer\Preferences\SendUserGUID!=B=0
Type=Registry
[MSMediaPlayer1.zip]
File=C:\Documents and Settings\All Users\Dane aplikacji\Spybot – Search & Destroy\Recovery\sbRecovery.reg
Product=MS Media Player
Description=Search terms history
Date=2006–03–24 19:45:00
Destination=HKEY_USERS\S–1–5–21–2611717577–2814092748–3809333243–1006\Software\Microsoft\MediaPlayer\AutoComplete\MediaSearch
Type=Registry
[MSOffice.zip]
File=C:\Documents and Settings\All Users\Dane aplikacji\Spybot – Search & Destroy\Recovery\sbRecovery.reg
Product=MS Office 9.0
Description=Internet history
Date=2006–03–24 19:45:01
Destination=HKEY_USERS\S–1–5–21–2611717577–2814092748–3809333243–1006\Software\Microsoft\Office\9.0\Common\Internet\LocationOfComponents
Type=Registry
[MSOffice1.zip]
File=C:\Documents and Settings\All Users\Dane aplikacji\Spybot – Search & Destroy\Recovery\sbRecovery.reg
Product=MS Office 9.0
Description=Access recent file
Date=2006–03–24 19:45:01
Destination=HKEY_USERS\S–1–5–21–2611717577–2814092748–3809333243–1006\Software\Microsoft\Office\9.0\Access\Settings
Type=Registry
[MSOffice2.zip]
File=*
Product=MS Office 9.0
Description=Recently used files
Date=2006–03–24 19:45:01
Destination=C:\Documents and Settings\Mizeraccy\Dane aplikacji\Microsoft\Office\Niedawny\
Type=Directory
[MSOfficeStartAssistant.zip]
File=C:\Documents and Settings\All Users\Dane aplikacji\Spybot – Search & Destroy\Recovery\sbRecovery.reg
Product=MS Office 9.0 (Start Assistant)
Description=Last opened file directory
Date=2006–03–24 19:45:00
Destination=HKEY_USERS\S–1–5–21–2611717577–2814092748–3809333243–1006\Software\Microsoft\Office\9.0\Osa\FindFile\Place!=
Type=Registry
[MSOfficeWord.zip]
File=C:\Documents and Settings\All Users\Dane aplikacji\Spybot – Search & Destroy\Recovery\sbRecovery.reg
Product=MS Office 9.0 (Word)
Description=Recently used file list
Date=2006–03–24 19:45:00
Destination=HKEY_USERS\S–1–5–21–2611717577–2814092748–3809333243–1006\Software\Microsoft\Office\9.0\Word\Data\Settings
Type=Registry
[MSSearchAssistant.zip]
File=C:\Documents and Settings\All Users\Dane aplikacji\Spybot – Search & Destroy\Recovery\sbRecovery.reg
Product=MS Search Assistant
Description=Typed search terms history
Date=2006–03–24 19:45:31
Destination=HKEY_USERS\S–1–5–21–2611717577–2814092748–3809333243–1006\Software\Microsoft\Search Assistant\ACMru
Type=Registry
[Windows.zip]
File=C:\Documents and Settings\All Users\Dane aplikacji\Spybot – Search & Destroy\Recovery\sbRecovery.reg
Product=Windows
Description=Drivers installation paths
Date=2006–03–24 19:45:36
Destination=HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\Installation Sources!=
Type=Registry
[WindowsExplorer.zip]
File=C:\Documents and Settings\All Users\Dane aplikacji\Spybot – Search & Destroy\Recovery\sbRecovery.reg
Product=Windows Explorer
Description=Last Copy/MoveTo folder
Date=2006–03–24 19:45:31
Destination=HKEY_USERS\S–1–5–21–2611717577–2814092748–3809333243–1006\Software\Microsoft\Windows\CurrentVersion\Explorer\CopyMoveTo\LastFolder
Type=Registry
[WindowsExplorer1.zip]
File=C:\Documents and Settings\All Users\Dane aplikacji\Spybot – Search & Destroy\Recovery\sbRecovery.reg
Product=Windows Explorer
Description=Last visited history
Date=2006–03–24 19:45:31
Destination=HKEY_USERS\S–1–5–21–2611717577–2814092748–3809333243–1006\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\LastVisitedMRU
Type=Registry
[WindowsExplorer10.zip]
File=C:\Documents and Settings\All Users\Dane aplikacji\Spybot – Search & Destroy\Recovery\sbRecovery.reg
Product=Windows Explorer
Description=User Assistant history IE
Date=2006–03–24 19:45:34
Destination=HKEY_USERS\S–1–5–21–2611717577–2814092748–3809333243–1006\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{5E6AB780–7743–11CF–A12B–00AA004AE837}\Count
Type=Registry
[WindowsExplorer2.zip]
File=C:\Documents and Settings\All Users\Dane aplikacji\Spybot – Search & Destroy\Recovery\sbRecovery.reg
Product=Windows Explorer
Description=Recent file global history
Date=2006–03–24 19:45:31
Destination=HKEY_USERS\S–1–5–18\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs
Type=Registry
[WindowsExplorer3.zip]
File=C:\Documents and Settings\All Users\Dane aplikacji\Spybot – Search & Destroy\Recovery\sbRecovery.reg
Product=Windows Explorer
Description=Recent file global history
Date=2006–03–24 19:45:31
Destination=HKEY_USERS\S–1–5–21–2611717577–2814092748–3809333243–1006\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs
Type=Registry
[WindowsExplorer4.zip]
File=C:\Documents and Settings\All Users\Dane aplikacji\Spybot – Search & Destroy\Recovery\sbRecovery.reg
Product=Windows Explorer
Description=Recent file global history
Date=2006–03–24 19:45:32
Destination=HKEY_USERS\S–1–5–20\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs
Type=Registry
[WindowsExplorer5.zip]
File=C:\Documents and Settings\All Users\Dane aplikacji\Spybot – Search & Destroy\Recovery\sbRecovery.reg
Product=Windows Explorer
Description=Recent file global history
Date=2006–03–24 19:45:32
Destination=HKEY_USERS\S–1–5–19\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs
Type=Registry
[WindowsExplorer6.zip]
File=C:\Documents and Settings\All Users\Dane aplikacji\Spybot – Search & Destroy\Recovery\sbRecovery.reg
Product=Windows Explorer
Description=Recent file global history
Date=2006–03–24 19:45:32
Destination=HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs
Type=Registry
[WindowsExplorer7.zip]
File=C:\Documents and Settings\All Users\Dane aplikacji\Spybot – Search & Destroy\Recovery\sbRecovery.reg
Product=Windows Explorer
Description=Recent wallpaper list
Date=2006–03–24 19:45:32
Destination=HKEY_USERS\S–1–5–21–2611717577–2814092748–3809333243–1006\Software\Microsoft\Windows\CurrentVersion\Explorer\Wallpaper\MRU
Type=Registry
[WindowsExplorer8.zip]
File=C:\Documents and Settings\All Users\Dane aplikacji\Spybot – Search & Destroy\Recovery\sbRecovery.reg
Product=Windows Explorer
Description=Stream history
Date=2006–03–24 19:45:33
Destination=HKEY_USERS\S–1–5–21–2611717577–2814092748–3809333243–1006\Software\Microsoft\Windows\CurrentVersion\Explorer\StreamMRU
Type=Registry
[WindowsExplorer9.zip]
File=C:\Documents and Settings\All Users\Dane aplikacji\Spybot – Search & Destroy\Recovery\sbRecovery.reg
Product=Windows Explorer
Description=User Assistant history files
Date=2006–03–24 19:45:33
Destination=HKEY_USERS\S–1–5–21–2611717577–2814092748–3809333243–1006\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{75048700–EF1F–11D0–9888–006097DEACF9}\Count
Type=Registry
[WindowsMediaSDK.zip]
File=C:\Documents and Settings\All Users\Dane aplikacji\Spybot – Search & Destroy\Recovery\sbRecovery.reg
Product=Windows Media SDK
Description=Computer name
Date=2006–03–24 19:45:34
Destination=HKEY_USERS\S–1–5–18\Software\Microsoft\Windows Media\WMSDK\General\ComputerName!=ComputerName
Type=Registry
[WindowsMediaSDK1.zip]
File=C:\Documents and Settings\All Users\Dane aplikacji\Spybot – Search & Destroy\Recovery\sbRecovery.reg
Product=Windows Media SDK
Description=Computer name
Date=2006–03–24 19:45:34
Destination=HKEY_USERS\S–1–5–21–2611717577–2814092748–3809333243–1006\Software\Microsoft\Windows Media\WMSDK\General\ComputerName!=ComputerName
Type=Registry
[WindowsMediaSDK2.zip]
File=C:\Documents and Settings\All Users\Dane aplikacji\Spybot – Search & Destroy\Recovery\sbRecovery.reg
Product=Windows Media SDK
Description=Computer name
Date=2006–03–24 19:45:34
Destination=HKEY_USERS\.DEFAULT\Software\Microsoft\Windows Media\WMSDK\General\ComputerName!=ComputerName
Type=Registry
[WindowsMediaSDK3.zip]
File=C:\Documents and Settings\All Users\Dane aplikacji\Spybot – Search & Destroy\Recovery\sbRecovery.reg
Product=Windows Media SDK
Description=Unique ID
Date=2006–03–24 19:45:35
Destination=HKEY_USERS\S–1–5–18\Software\Microsoft\Windows Media\WMSDK\General\UniqueID!={00000000–0000–0000–0000–000000000000}
Type=Registry
[WindowsMediaSDK4.zip]
File=C:\Documents and Settings\All Users\Dane aplikacji\Spybot – Search & Destroy\Recovery\sbRecovery.reg
Product=Windows Media SDK
Description=Unique ID
Date=2006–03–24 19:45:35
Destination=HKEY_USERS\S–1–5–21–2611717577–2814092748–3809333243–1006\Software\Microsoft\Windows Media\WMSDK\General\UniqueID!={00000000–0000–0000–0000–000000000000}
Type=Registry
[WindowsMediaSDK5.zip]
File=C:\Documents and Settings\All Users\Dane aplikacji\Spybot – Search & Destroy\Recovery\sbRecovery.reg
Product=Windows Media SDK
Description=Unique ID
Date=2006–03–24 19:45:35
Destination=HKEY_USERS\.DEFAULT\Software\Microsoft\Windows Media\WMSDK\General\UniqueID!={00000000–0000–0000–0000–000000000000}
Type=Registry
[WindowsMediaSDK6.zip]
File=C:\Documents and Settings\All Users\Dane aplikacji\Spybot – Search & Destroy\Recovery\sbRecovery.reg
Product=Windows Media SDK
Description=Volume serial number
Date=2006–03–24 19:45:35
Destination=HKEY_USERS\S–1–5–18\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber
Type=Registry
[WindowsMediaSDK7.zip]
File=C:\Documents and Settings\All Users\Dane aplikacji\Spybot – Search & Destroy\Recovery\sbRecovery.reg
Product=Windows Media SDK
Description=Volume serial number
Date=2006–03–24 19:45:35
Destination=HKEY_USERS\S–1–5–21–2611717577–2814092748–3809333243–1006\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber
Type=Registry
[WindowsMediaSDK8.zip]
File=C:\Documents and Settings\All Users\Dane aplikacji\Spybot – Search & Destroy\Recovery\sbRecovery.reg
Product=Windows Media SDK
Description=Volume serial number
Date=2006–03–24 19:45:35
Destination=HKEY_USERS\.DEFAULT\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber
Type=Registry
[WindowsOpenWith.zip]
File=C:\Documents and Settings\All Users\Dane aplikacji\Spybot – Search & Destroy\Recovery\sbRecovery.reg
Product=Windows.OpenWith
Description=Open with list – .ACE extension
Date=2006–03–24 19:45:35
Destination=HKEY_USERS\S–1–5–21–2611717577–2814092748–3809333243–1006\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ACE\OpenWithList
Type=Registry
[WindowsOpenWith1.zip]
File=C:\Documents and Settings\All Users\Dane aplikacji\Spybot – Search & Destroy\Recovery\sbRecovery.reg
Product=Windows.OpenWith
Description=Open with list – .AVI extension
Date=2006–03–24 19:45:35
Destination=HKEY_USERS\S–1–5–21–2611717577–2814092748–3809333243–1006\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.AVI\OpenWithList
Type=Registry
[WindowsOpenWith2.zip]
File=C:\Documents and Settings\All Users\Dane aplikacji\Spybot – Search & Destroy\Recovery\sbRecovery.reg
Product=Windows.OpenWith
Description=Open with list – .BCP extension
Date=2006–03–24 19:45:35
Destination=HKEY_USERS\S–1–5–21–2611717577–2814092748–3809333243–1006\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BCP\OpenWithList
Type=Registry
[WindowsOpenWith3.zip]
File=C:\Documents and Settings\All Users\Dane aplikacji\Spybot – Search & Destroy\Recovery\sbRecovery.reg
Product=Windows.OpenWith
Description=Open with list – .BIN extension
Date=2006–03–24 19:45:36
Destination=HKEY_USERS\S–1–5–21–2611717577–2814092748–3809333243–1006\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BIN\OpenWithList
Type=Registry
[WindowsOpenWith4.zip]
File=C:\Documents and Settings\All Users\Dane aplikacji\Spybot – Search & Destroy\Recovery\sbRecovery.reg
Product=Windows.OpenWith
Description=Open with list – .BMP extension
Date=2006–03–24 19:45:36
Destination=HKEY_USERS\S–1–5–21–2611717577–2814092748–3809333243–1006\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BMP\OpenWithList
Type=Registry
[WindowsOpenWith5.zip]
File=C:\Documents and Settings\All Users\Dane aplikacji\Spybot – Search & Destroy\Recovery\sbRecovery.reg
Product=Windows.OpenWith
Description=Open with list – .CAB extension
Date=2006–03–24 19:45:36
Destination=HKEY_USERS\S–1–5–21–2611717577–2814092748–3809333243–1006\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CAB\OpenWithList
Type=Registry
[WindowsOpenWith6.zip]
File=C:\Documents and Settings\All Users\Dane aplikacji\Spybot – Search & Destroy\Recovery\sbRecovery.reg
Product=Windows.OpenWith
Description=Open with list – .CDA extension
Date=2006–03–24 19:45:36
Destination=HKEY_USERS\S–1–5–21–2611717577–2814092748–3809333243–1006\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CDA\OpenWithList
Type=Registry
[WindowsOpenWith7.zip]
File=C:\Documents and Settings\All Users\Dane aplikacji\Spybot – Search & Destroy\Recovery\sbRecovery.reg
Product=Windows.OpenWith
Description=Open with list – .CSS extension
Date=2006–03–24 19:45:36
Destination=HKEY_USERS\S–1–5–21–2611717577–2814092748–3809333243–1006\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CSS\OpenWithList
Type=Registry
[WindowsOpenWith8.zip]
File=C:\Documents and Settings\All Users\Dane aplikacji\Spybot – Search & Destroy\Recovery\sbRecovery.reg
Product=Windows.OpenWith
Description=Open with list – .CSV extension
Date=2006–03–24 19:45:36
Destination=HKEY_USERS\S–1–5–21–2611717577–2814092748–3809333243–1006\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CSV\OpenWithList
Type=Registry
[WindowsOpenWith9.zip]
File=C:\Documents and Settings\All Users\Dane aplikacji\Spybot – Search & Destroy\Recovery\sbRecovery.reg
Product=Windows.OpenWith
Description=Open with list – .CUE extension
Date=2006–03–24 19:45:36
Destination=HKEY_USERS\S–1–5–21–2611717577–2814092748–3809333243–1006\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CUE\OpenWithList
Type=Registry
[WinRAR.zip]
File=C:\Documents and Settings\All Users\Dane aplikacji\Spybot – Search & Destroy\Recovery\sbRecovery.reg
Product=WinRAR
Description=Managed by wizard archives history
Date=2006–03–24 19:45:36
Destination=HKEY_USERS\S–1–5–21–2611717577–2814092748–3809333243–1006\Software\WinRAR\DialogEditHistory\WizArcName
Type=Registry
[WinRAR1.zip]
File=C:\Documents and Settings\All Users\Dane aplikacji\Spybot – Search & Destroy\Recovery\sbRecovery.reg
Product=WinRAR
Description=Search by archive name history
Date=2006–03–24 19:45:37
Destination=HKEY_USERS\S–1–5–21–2611717577–2814092748–3809333243–1006\Software\WinRAR\DialogEditHistory\FindNames
Type=Registry
[WinRAR2.zip]
File=C:\Documents and Settings\All Users\Dane aplikacji\Spybot – Search & Destroy\Recovery\sbRecovery.reg
Product=WinRAR
Description=Search by archive type history
Date=2006–03–24 19:45:37
Destination=HKEY_USERS\S–1–5–21–2611717577–2814092748–3809333243–1006\Software\WinRAR\DialogEditHistory\FindArcNames
Type=Registry
Log
Logfile of HijackThis v1.99.1
Scan saved at 12:42:10, on 2006–03–27
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Symantec\Norton Ghost 2003\GhostStartTrayApp.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\PROGRA~1\SwiftBtn\SwiftBtn.EXE
C:\Program Files\GlobespanVirata\XPFix.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\PopTray\PopTray.exe
C:\PROGRA~1\Symantec\NORTON~1\GHOSTS~2.EXE
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\SAVScan.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\Program Files\eMule\eMule.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Mizeraccy\Pulpit\hijackthis.com
R0 – HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/
R0 – HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/
R0 – HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
O2 – BHO: AcroIEHlprObj Class – {06849E9F–C8D7–4D59–B87D–784B7D6BE0B3} – C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 – BHO: (no name) – {53707962–6F74–2D53–2644–206D7942484F} – C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 – BHO: SSVHelper Class – {761497BB–D6F0–462C–B6EB–D4DAF1D92D43} – C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 – BHO: Google Toolbar Helper – {AA58ED58–01DD–4d91–8333–CF10577473F7} – c:\program files\google\googletoolbar2.dll
O2 – BHO: CNavExtBho Class – {BDF3E430–B101–42AD–A544–FADC6B084872} – C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 – Toolbar: Norton AntiVirus – {42CDD1BF–3FFB–4238–8AD1–7859DF00B1D6} – C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 – Toolbar: Easy–WebPrint – {327C2873–E90D–4c37–AA9D–10AC9BABA46C} – C:\Program Files\Canon\Easy–WebPrint\Toolband.dll
O3 – Toolbar: &Google – {2318C2B1–4965–11d4–9B18–009027A5CD4F} – C:\WINDOWS\Downloaded Program Files\googlenav.dll
O3 – Toolbar: Yahoo! Toolbar – {EF99BD32–C1FB–11D2–892F–0090271D4F88} – C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 – HKLM\..\Run: [GhostStartTrayApp] C:\Program Files\Symantec\Norton Ghost 2003\GhostStartTrayApp.exe
O4 – HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 – HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 – HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 – HKLM\..\Run: [QT4StBtn] C:\PROGRA~1\SwiftBtn\SwiftBtn.EXE
O4 – HKLM\..\Run: [XPFix] C:\Program Files\GlobespanVirata\XPFix.exe
O4 – HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 – HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 – HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 – HKLM\..\Run: [Easy–PrintToolBox] C:\Program Files\Canon\Easy–PrintToolBox\BJPSMAIN.EXE /logon
O4 – HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 – HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 – HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 – HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" –hide
O4 – HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 – HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 – HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\ccleaner.exe" /AUTO
O4 – Startup: PopTray.lnk = C:\Program Files\PopTray\PopTray.exe
O4 – Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 – Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 – Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 – Extra context menu item: &Tlumacz z LING... – http://www.ling.pl/ling/def–src.php4
O8 – Extra context menu item: &Translate English Word – res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 – Extra context menu item: Backward Links – res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 – Extra context menu item: Cached Snapshot of Page – res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 – Extra context menu item: Easy–WebPrint Add To Print List – res://C:\Program Files\Canon\Easy–WebPrint\Resource.dll/RC_AddToList.html
O8 – Extra context menu item: Easy–WebPrint High Speed Print – res://C:\Program Files\Canon\Easy–WebPrint\Resource.dll/RC_HSPrint.html
O8 – Extra context menu item: Easy–WebPrint Preview – res://C:\Program Files\Canon\Easy–WebPrint\Resource.dll/RC_Preview.html
O8 – Extra context menu item: Easy–WebPrint Print – res://C:\Program Files\Canon\Easy–WebPrint\Resource.dll/RC_Print.html
O8 – Extra context menu item: Similar Pages – res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 – Extra context menu item: Translate Page into English – res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O9 – Extra button: (no name) – {08B0E5C0–4FCB–11CF–AAA5–00401C608501} – C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 – Extra 'Tools' menuitem: Sun Java Console – {08B0E5C0–4FCB–11CF–AAA5–00401C608501} – C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 – Extra button: Messenger – {FB5F1910–F110–11d2–BB9E–00C04F795683} – C:\Program Files\Messenger\msmsgs.exe
O9 – Extra 'Tools' menuitem: Windows Messenger – {FB5F1910–F110–11d2–BB9E–00C04F795683} – C:\Program Files\Messenger\msmsgs.exe
O16 – DPF: {0EB0E74A–2A76–4AB3–A7FB–9BD8C29F7F75} (CKAVWebScan Object) – http://www.kaspersky.pl/resources/virusscanner/kavwebscan_unicode.cab
O16 – DPF: {17492023–C23A–453E–A040–C7C580BBF700} (Windows Genuine Advantage Validation Tool) – http://go.microsoft.com/fwlink/?linkid=48835
O16 – DPF: {2BC66F54–93A8–11D3–BEB6–00105AA9B6AE} (Symantec AntiVirus scanner) – http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 – DPF: {3D8700FB–86A4–4CB4–B738–6F0FC016AC7D} (MainControl Class) – http://arcaonline.arcabit.com/ArcaOnline.cab
O16 – DPF: {644E432F–49D3–41A1–8DD5–E099162EEEC5} (Symantec RuFSI Utility Class) – http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 – DPF: {6CB5E471–C305–11D3–99A8–000086395495} (Google Activate) – http://toolbar.google.com/data/pl/big/1.1.62–big/GoogleNav.cab
O16 – DPF: {6E32070A–766D–4EE6–879C–DC1FA91D2FC3} (MUWebControl Class) – http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1121632147109
O16 – DPF: {74D05D43–3236–11D4–BDCD–00C04F9A3B61} (HouseCall Control) – http://a840.g.akamai.net/7/840/537/2005111401/housecall.trendmicro.com/housecall/xscan53.cab
O16 – DPF: {9A9307A0–7DA4–4DAF–B042–5009F29E09E1} (ActiveScan Installer Class) – http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 – DPF: {B38870E4–7ECB–40DA–8C6A–595F0A5519FF} (MsnMessengerSetupDownloadControl Class) – http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 – DPF: {E7544C6C–CFD6–43EA–B4E9–360CEE20BDF7} (MainControl Class) – http://skaner.mks.com.pl/SkanerOnline.cab
O18 – Protocol: msnim – {828030A1–22C1–4009–854F–8E305202313F} – "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 – Winlogon Notify: avldr – C:\WINDOWS\
O20 – Winlogon Notify: WgaLogon – C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 – Service: ArcaBit NetMonitor (ABNetMon) – Unknown owner – C:\Program Files\MKS\Bin\NetMonSV.exe (file missing)
O23 – Service: Ati HotKey Poller – Unknown owner – C:\WINDOWS\system32\Ati2evxx.exe
O23 – Service: Symantec Event Manager (ccEvtMgr) – Symantec Corporation – C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 – Service: Symantec Password Validation (ccPwdSvc) – Symantec Corporation – C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 – Service: Symantec Settings Manager (ccSetMgr) – Symantec Corporation – C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 – Service: GhostStartService – Symantec Corporation – C:\PROGRA~1\Symantec\NORTON~1\GHOSTS~2.EXE
O23 – Service: InCD Helper (InCDsrv) – Ahead Software AG – C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 – Service: MkS_Vir Monitor (MksVirMonSvc) – Unknown owner – C:\Program Files\MKS\Bin\mksmonsv.exe (file missing)
O23 – Service: Usługa Auto Protect programu Norton AntiVirus (navapsvc) – Symantec Corporation – C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 – Service: SAVScan – Symantec Corporation – C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 – Service: ScriptBlocking Service (SBService) – Symantec Corporation – C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 – Service: Symantec Network Drivers Service (SNDSrvc) – Symantec Corporation – C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 – Service: SymWMI Service (SymWSC) – Symantec Corporation – C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
asowa Spybota ze stwierdzonymi zagroźeniami:
Odpowiedzi: 4
Doszło prawdopodobnie do zmiany w kluczach rejestru co Spybot zapisał w kopii zapasowej/podałem na początku/.Śledząc ścieźki mojego rejestru niektóre wpisy są te same i pokrywają się z kluczem kopii Spybota ale większość nie. Jak sprawdzić co jest moje a co obce? Czy się nie zastanawiać i zaakceptować poprawki Spybota i zostawić to co jest obecnie w rejestrze? Tylko jak zinterpretować w kilku przypadkach brak poprawek?
Spybot Search & Destroy–program do wyszukiwania i usuwania komponentów szpiegujących typu spyware, dialerów, keyloggerów itp.
Norton AntiVirus i Kasperski–programy antywirusowe
A więc programy te mają inne zadania np.Spybot nie widzi wirusów,a Kasperski robaków. :D
Norton AntiVirus i Kasperski–programy antywirusowe
A więc programy te mają inne zadania np.Spybot nie widzi wirusów,a Kasperski robaków. :D
Miałem na próbę "Pande" ale zamulała i odinstalowałem.Przesłałem Log do analizy–wynik niepotrzebne:
020 – Winlog Nofity:avldr jak pisałeś z Pandy
023 – Service:ArcaBit Net Monitor
023 – Service:MkS Vir Monitor
to wszystko wywaliłem.
Spybot ptraktował plik BPS Spyware Remover jako zagroźenie/moźe to jakaś baza wirusów innego programu?/Po poleceniu "napraw problem"dołączył pozostałe pliki,spakował i utworzył Recovery.Wolę nie eksperymentować z opcją przywracania bo nie wiem co się stanie.
020 – Winlog Nofity:avldr jak pisałeś z Pandy
023 – Service:ArcaBit Net Monitor
023 – Service:MkS Vir Monitor
to wszystko wywaliłem.
Spybot ptraktował plik BPS Spyware Remover jako zagroźenie/moźe to jakaś baza wirusów innego programu?/Po poleceniu "napraw problem"dołączył pozostałe pliki,spakował i utworzył Recovery.Wolę nie eksperymentować z opcją przywracania bo nie wiem co się stanie.
No czysto jest
Te wpisy są to kopie zrobione przez Spybot – Search & Destroy. Jak cokolwiek nim usuwałes on zrobił kopie. I nie musza to być tylko wirusy. Spybot ma rózne funkcje. Wejdz w programie Spybot w opcje przywracanie i sam zobaczysz. :wink:
Edit:
Ten wpis wyglada od Pandy. Miałes ja zainstalowaną :?:
Te wpisy są to kopie zrobione przez Spybot – Search & Destroy. Jak cokolwiek nim usuwałes on zrobił kopie. I nie musza to być tylko wirusy. Spybot ma rózne funkcje. Wejdz w programie Spybot w opcje przywracanie i sam zobaczysz. :wink:
Edit:
O20 – Winlogon Notify: avldr – C:\WINDOWS\
Ten wpis wyglada od Pandy. Miałes ja zainstalowaną :?:
Strona 1 / 1