Program szpiegujący

[kropelka84]

Witam!!!

Baardzo proszę o pomoc znawców. Właśnie zainstalowałam nowy program antywirusowy Panda, który odnalazł na moim komputerze (uwaga!!)784 programy szpiegujące!!! W ogóle się na tym nie znam i chciałabym zapytać czy mogę go jakoś usunąć lub ewentualnie sprawdzić kto to zrobił?? Wcześniej miałam zainstalowanego Noda 32 i Kaspersky i one tego nie wykryły. Dodam, iż z mojego kompa nikt oprócz mnie na 10000% nie korzystał. Czy taki program mógł zainstalować ktoś z innego kompa? Jeśli to ktoś ze znajomych, to pewnie wie wszystko o mnie :/

:placz: Proszę pomóżcie!!!

[GoBi]

Dziwne jest to że kasperky i NOD nic nie widzieli :/

Daj logi z Hijackthis'a i Combofix'a

[kropelka84]

No właśnie też jestem zdziwiona... Ilość tych programów wciąż rośnie w tej chwili jest 849! Nie mam pojęcia o co z tym chodzi. Daj logi z Hijackthis'a i Combofix'a- to znaczy? :/ Nie wiem co mam zrobić -jestem laikiem :oops: :oops: :oops:

[GoBi]

Kliknji na te nazwy w moim poście powyżej... i postępuj według instrukcji.

estem laikiem

Nie ma co się wstydzić

[kropelka84]

Logfile of HijackThis v1.99.1

Scan saved at 10:54:31, on 2007-08-17

Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16512)

Running processes:

C:WINDOWSSystem32smss.exe

C:WINDOWSsystem32winlogon.exe

C:WINDOWSsystem32services.exe

C:WINDOWSsystem32lsass.exe

C:WINDOWSsystem32svchost.exe

C:WINDOWSSystem32svchost.exe

C:WINDOWSsystem32spoolsv.exe

C:Program FilesPanda SoftwarePanda Antivirus 2007PsCtrls.exe

C:Program FilesPanda SoftwarePanda Antivirus 2007pavsrv51.exe

C:Program FilesPanda SoftwarePanda Antivirus 2007PsImSvc.exe

C:WINDOWSsystem32svchost.exe

C:Program FilesPanda SoftwarePanda Antivirus 2007AVENGINE.EXE

C:WINDOWSExplorer.EXE

C:PROGRA~1NEOSTR~1CnxMon.exe

C:Program FilesThomsonSpeedTouch USBDragdiag.exe

C:PROGRA~1NEOSTR~1TaskbarIcon.exe

C:Program FilesJavajre1.6.0_01binjusched.exe

C:Program FilesScanSoftOmniPageSE2.0OpwareSE2.exe

C:WINDOWSSOUNDMAN.EXE

C:Program FilesPanda SoftwarePanda Antivirus 2007APVXDWIN.EXE

C:WINDOWSsystem32ctfmon.exe

c:program filespanda softwarepanda antivirus 2007WebProxy.exe

C:Program FilesNeostrada TPNeostradaTP.exe

C:Program FilesNeostrada TPComComp.exe

C:Program FilesNeostrada TPWatch.exe

C:Program FilesMozilla Firefoxfirefox.exe

C:Program FilesGadu-Gadugg.exe

C:Documents and SettingsAgataPulpithijackthisHijackThis.exe

R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Bar = http://szukaj.wp.pl

R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.neostrada.pl

R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Window Title = Neostrada TP

R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Łącza

R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:PROGRA~1NEOSTR~1SEARCH~1.DLL

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:Program FilesAdobeAcrobat 6.0 CEReaderActiveXAcroIEHelper.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:Program FilesJavajre1.6.0_01binssv.dll

O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:Program FilesCanonEasy-WebPrintToolband.dll

O4 - HKLM..Run: [WooCnxMon] C:PROGRA~1NEOSTR~1CnxMon.exe

O4 - HKLM..Run: [speedTouch USB Diagnostics] "C:Program FilesThomsonSpeedTouch USBDragdiag.exe" /icon

O4 - HKLM..Run: [WOOWATCH] C:PROGRA~1NEOSTR~1Watch.exe

O4 - HKLM..Run: [WOOTASKBARICON] C:PROGRA~1NEOSTR~1TaskbarIcon.exe

O4 - HKLM..Run: [sunJavaUpdateSched] "C:Program FilesJavajre1.6.0_01binjusched.exe"

O4 - HKLM..Run: [OpwareSE2] "C:Program FilesScanSoftOmniPageSE2.0OpwareSE2.exe"

O4 - HKLM..Run: [OPSE reminder] "C:Program FilesScanSoftOmniPageSE2.0EregEngEreg.exe" -r "C:Program FilesScanSoftOmniPageSE2.0EregEngereg.ini"

O4 - HKLM..Run: [soundMan] SOUNDMAN.EXE

O4 - HKLM..Run: [APVXDWIN] "C:Program FilesPanda SoftwarePanda Antivirus 2007APVXDWIN.EXE" /s

O4 - HKCU..Run: [CTFMON.EXE] C:WINDOWSsystem32ctfmon.exe

O4 - HKCU..Run: [MailScanner] C:Program FilesMKS_VIR_2006Mks_mail.exe

O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:Program FilesCanonEasy-WebPrintResource.dll/RC_AddToList.html

O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:Program FilesCanonEasy-WebPrintResource.dll/RC_HSPrint.html

O8 - Extra context menu item: Easy-WebPrint Preview - res://C:Program FilesCanonEasy-WebPrintResource.dll/RC_Preview.html

O8 - Extra context menu item: Easy-WebPrint Print - res://C:Program FilesCanonEasy-WebPrintResource.dll/RC_Print.html

O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program FilesJavajre1.6.0_01binssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program FilesJavajre1.6.0_01binssv.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%Network Diagnosticxpnetdiag.exe (file missing)

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%Network Diagnosticxpnetdiag.exe (file missing)

O11 - Options group: [iNTERNATIONAL] International*

O17 - HKLMSystemCCSServicesTcpip..{3CB27E5B-71DD-4351-987D-EE4431536E82}: NameServer = 194.204.152.34 217.98.63.164

O20 - Winlogon Notify: avldr - C:WINDOWSSYSTEM32avldr.dll

O20 - Winlogon Notify: WgaLogon - C:WINDOWSSYSTEM32WgaLogon.dll

O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:WINDOWSsystem32WPDShServiceObj.dll

O23 - Service: Panda Software Controller - Panda Software International - C:Program FilesPanda SoftwarePanda Antivirus 2007PsCtrls.exe

O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software International - C:Program FilesPanda SoftwarePanda Antivirus 2007pavsrv51.exe

O23 - Service: Panda IManager Service (PSIMSVC) - Panda Software International - C:Program FilesPanda SoftwarePanda Antivirus 2007PsImSvc.exe

to chyba o to chodziło??

[ Dodano: 2007-08-17, 11:03 ]

A co do Combofixa, to nie rozpoczyna się skanowanie tak jak w instrukcji :/

[GoBi]

Log z HJK jest czysty :/ a panda nie moze tego usunąć ?

[kropelka84]

Dzięki No niby w raporcie skanowania jest napisane, że wyeliminowano, ale liczba tych programów wciąż rośnie już jest ich około 1000. Wygląda na to, że ktoś mnie atakuje?? :/ Czy można sprawdzić kto to robi?? a co z tym Combofixem? Jak zaczynam skanować, to w pewnym momencie wyskakuje komunikat, że wystąpił błąd z aplikacją i zostanie ona zamknieta :niewiedza:

[CatchMe]

W takim razie wklej log z DSS: http://www.stopwirusom.pl/index.php?option...48&Itemid=4

[kropelka84]

Chyba robię coś nie tak, bo tutaj pojawia się ten sam problem co z Combofix :/ . Wyłączyłam antywirusa i inne aplikacje i cały czas to samo :557: :zalamany:

[CatchMe]

Wklej screen by zobrazować co się dzieje.

[kropelka84]

Ufffff Udało się :lol:

Run by Agata on 2007-08-17 at 19:27:11

Computer is in Normal Mode.

--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Successfully created a Deckard's System Scanner Restore Point.

-- Last 5 Restore Point(s) --

62: 2007-08-17 17:27:17 UTC - RP88 - Deckard's System Scanner Restore Point

61: 2007-08-17 16:50:16 UTC - RP87 - Deckard's System Scanner Restore Point

60: 2007-08-17 15:58:48 UTC - RP86 - Deckard's System Scanner Restore Point

59: 2007-08-17 15:56:03 UTC - RP85 - Deckard's System Scanner Restore Point

58: 2007-08-17 09:50:05 UTC - RP84 - Deckard's System Scanner Restore Point

-- First Restore Point --

1: 2007-06-13 07:52:09 UTC - RP27 - Software Distribution Service 2.0

Backed up registry hives.

Performed disk cleanup.

Percentage of Memory in Use: 82% (more than 75%).

Total Physical Memory: 256 MiB (512 MiB recommended).

-- HijackThis Clone ------------------------------------------------------------

Emulating logfile of HijackThis v1.99.1

Scan saved at 2007-08-17 19:27:38

Platform: Windows XP Dodatek Service Pack 2 (5.01.2600)

MSIE: Internet Explorer (7.00.6000.16512)

Running processes:

C:WINDOWSsystem32smss.exe

C:WINDOWSsystem32winlogon.exe

C:WINDOWSsystem32services.exe

C:WINDOWSsystem32lsass.exe

C:WINDOWSsystem32svchost.exe

C:WINDOWSsystem32svchost.exe

C:WINDOWSsystem32spoolsv.exe

C:Program FilesPanda SoftwarePanda Antivirus 2007PsCtrlS.exe

C:Program FilesPanda SoftwarePanda Antivirus 2007PAVSRV51.EXE

C:Program FilesPanda SoftwarePanda Antivirus 2007PsImSvc.exe

C:WINDOWSsystem32svchost.exe

C:Program FilesPanda SoftwarePanda Antivirus 2007AVENGINE.EXE

C:WINDOWSexplorer.exe

C:Program FilesNeostrada TPCnxMon.exe

C:Program FilesThomsonSpeedTouch USBdragdiag.exe

C:Program FilesNeostrada TPTaskBarIcon.exe

C:Program FilesJavajre1.6.0_01binjusched.exe

C:Program FilesScanSoftOmniPageSE2.0opwareSE2.exe

C:WINDOWSsoundman.exe

C:WINDOWSsystem32ctfmon.exe

C:Program FilesNeostrada TPNeostradaTP.exe

C:Program FilesNeostrada TPComComp.exe

C:Program FilesNeostrada TPWatch.exe

C:Program FilesPanda SoftwarePanda Antivirus 2007ApVxdWin.exe

C:Program FilesPanda SoftwarePanda Antivirus 2007WebProxy.exe

C:Program FilesMozilla Firefoxfirefox.exe

C:Program FilesGadu-Gadugg.exe

C:WINDOWSsystem32dllhost.exe

C:Documents and SettingsAgataPulpitdss(2).exe

R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Bar = http://szukaj.wp.pl

R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.neostrada.pl

R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Window Title = Neostrada TP

R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Łącza

R1 - HKEY_LOCAL_MACHINESoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKEY_LOCAL_MACHINESoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKEY_LOCAL_MACHINESoftwareMicrosoftInternet ExplorerMain,Search Bar = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm

R1 - HKEY_LOCAL_MACHINESoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKEY_LOCAL_MACHINESoftwareMicrosoftInternet ExplorerMain,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:Program FilesNeostrada TPSearchPageURL.dll

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:Program FilesAdobeAcrobat 6.0 CEReaderActiveXAcroIEHelper.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:Program FilesJavajre1.6.0_01binssv.dll

O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:Program FilesCanonEasy-WebPrintToolband.dll

O4 - HKEY_LOCAL_MACHINE..Run: [WooCnxMon] C:PROGRA~1NEOSTR~1CnxMon.exe

O4 - HKEY_LOCAL_MACHINE..Run: [speedTouch USB Diagnostics] "C:Program FilesThomsonSpeedTouch USBDragdiag.exe" /icon

O4 - HKEY_LOCAL_MACHINE..Run: [WOOWATCH] C:PROGRA~1NEOSTR~1Watch.exe

O4 - HKEY_LOCAL_MACHINE..Run: [WOOTASKBARICON] C:PROGRA~1NEOSTR~1TaskbarIcon.exe

O4 - HKEY_LOCAL_MACHINE..Run: [sunJavaUpdateSched] "C:Program FilesJavajre1.6.0_01binjusched.exe"

O4 - HKEY_LOCAL_MACHINE..Run: [OpwareSE2] "C:Program FilesScanSoftOmniPageSE2.0OpwareSE2.exe"

O4 - HKEY_LOCAL_MACHINE..Run: [OPSE reminder] "C:Program FilesScanSoftOmniPageSE2.0EregEngEreg.exe" -r "C:Program FilesScanSoftOmniPageSE2.0EregEngereg.ini"

O4 - HKEY_LOCAL_MACHINE..Run: [soundMan] SOUNDMAN.EXE

O4 - HKEY_LOCAL_MACHINE..Run: [APVXDWIN] "C:Program FilesPanda SoftwarePanda Antivirus 2007APVXDWIN.EXE" /s

O4 - HKCU..Run: [CTFMON.EXE] C:WINDOWSsystem32ctfmon.exe

O4 - HKCU..Run: [MailScanner] C:Program FilesMKS_VIR_2006Mks_mail.exe

O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:Program FilesCanonEasy-WebPrintResource.dll/RC_AddToList.html

O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:Program FilesCanonEasy-WebPrintResource.dll/RC_HSPrint.html

O8 - Extra context menu item: Easy-WebPrint Preview - res://C:Program FilesCanonEasy-WebPrintResource.dll/RC_Preview.html

O8 - Extra context menu item: Easy-WebPrint Print - res://C:Program FilesCanonEasy-WebPrintResource.dll/RC_Print.html

O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program FilesJavajre1.6.0_01binssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program FilesJavajre1.6.0_01binssv.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:WINDOWSnetwork diagnosticxpnetdiag.exe

O9 - Extra 'Tools' menuitem: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:WINDOWSnetwork diagnosticxpnetdiag.exe

O17 - HKLMSYSTEMCCSServicesTcpip..{3CB27E5B-71DD-4351-987D-EE4431536E82}: NameServer = 194.204.152.34 217.98.63.164

O20 - Winlogon Notify: avldr - C:WINDOWSsystem32avldr.dll

O23 - Service: Panda Software Controller - Panda Software International - "C:Program FilesPanda SoftwarePanda Antivirus 2007PsCtrls.exe"

O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software International - "C:Program FilesPanda SoftwarePanda Antivirus 2007pavsrv51.exe"

O23 - Service: Panda IManager Service (PSIMSVC) - Panda Software International - "C:Program FilesPanda SoftwarePanda Antivirus 2007PsImSvc.exe"

-- File Associations -----------------------------------------------------------

.cpl - cplfile - shellcplopencommand - rundll32.exe shell32.dll,Control_RunDLL "%1",%*

.cpl - cplfile - shellrunascommand - rundll32.exe shell32.dll,Control_RunDLLAsUser "%1",%*

-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R2 pavdrv (Panda Antivirus Filter Driver for x86) - c:windowssystem32driverspavdrv51.sys <Not Verified; Panda Software International; Panda Residents>

-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

R2 Panda Software Controller - "c:program filespanda softwarepanda antivirus 2007psctrls.exe" <Not Verified; Panda Software International; Panda Corporative Solutions>

R2 PAVSRV (Panda anti-virus service) - "c:program filespanda softwarepanda antivirus 2007pavsrv51.exe" <Not Verified; Panda Software International; Panda residents>

R2 PSIMSVC (Panda IManager Service) - "c:program filespanda softwarepanda antivirus 2007psimsvc.exe" <Not Verified; Panda Software International; Panda Interface Manager>

-- Device Manager: Disabled ----------------------------------------------------

No disabled devices found.

-- Files created between 2007-07-17 and 2007-08-17 -----------------------------

2007-08-17 17:20:25 37 --a------ C:WINDOWS@7Î

2007-08-17 11:50:43 0 d-------- C:Program FilesTrend Micro

2007-08-16 15:22:08 0 d-------- C:Program FilesMedia Player Classic

2007-08-16 15:22:06 0 d-------- C:Program FilesQuickTime Alternative

2007-08-16 09:41:30 37 --a------ C:WINDOWSĐ6Î

2007-08-16 09:29:11 37 --a------ C:WINDOWSr007

2007-08-16 09:28:04 248 --a------ C:WINDOWSsystem32PavCPL.dat

2007-08-16 09:28:04 71680 -----n--- C:WINDOWSsystem32driversPAVDRV51.SYS <Not Verified; Panda Software International; Panda Residents>

2007-08-16 09:27:52 0 d-------- C:WINDOWSsystem32PAV

2007-08-16 09:27:24 45056 --a------ C:WINDOWSsystem32avldr.dll <Not Verified; Panda Software International; Panda residents>

2007-08-16 09:27:21 0 d-------- C:Program FilesPanda Software

2007-08-07 18:06:28 0 d-------- C:Program FilesWindows Media Connect 2

2007-08-07 18:04:07 0 d-------- C:WINDOWSsystem32LogFiles

2007-08-07 18:04:07 0 d-------- C:WINDOWSsystem32driversUMDF

2007-08-03 12:31:52 0 d-------- C:Program FilesIKEA HomePlanner

2007-08-03 12:31:29 0 d-------- C:Program FilesCommon FilesWise Installation Wizard

2007-08-02 22:22:27 0 d-------- C:Program FilesIrfanView

-- Find3M Report ---------------------------------------------------------------

2007-08-17 17:13:16 0 d-------- C:Program FilesNeostrada TP

2007-08-17 14:51:58 0 d-------- C:Documents and SettingsAgataDane aplikacjiCanon

2007-08-17 14:32:15 0 d-------- C:Documents and SettingsAgataDane aplikacjiOpenOffice.ux.pl2

2007-08-17 08:29:55 448004 --a------ C:WINDOWSsystem32perfh015.dat

2007-08-17 08:29:55 74230 --a------ C:WINDOWSsystem32perfc015.dat

2007-08-16 15:29:38 0 d-------- C:Documents and SettingsAgataDane aplikacjiMedia Player Classic

2007-08-16 09:27:17 0 d--h----- C:Program FilesInstallShield Installation Information

2007-08-03 17:58:51 0 d-------- C:Program FilesMozilla Thunderbird

2007-08-03 12:31:29 0 d-------- C:Program FilesCommon Files

2007-07-16 11:14:42 0 d-------- C:Program FilesKaspersky Lab

2007-07-16 10:56:21 0 d-------- C:Program FilesMKS_VIR_2006

2007-06-28 11:07:22 0 d-------- C:Documents and SettingsAgataDane aplikacjiMKS_VIR

2007-06-19 12:41:14 0 d-------- C:Program FilesGoogle

2007-05-25 16:49:55 4088 --a------ C:WINDOWSmozver.dat

2007-05-25 12:19:58 62 --ahs---- C:Documents and SettingsAgataDane aplikacjidesktop.ini

2007-05-25 11:14:47 0 --a------ C:WINDOWSnsreg.dat

2007-05-25 10:31:00 0 -rahs---- C:MSDOS.SYS

2007-05-25 10:31:00 0 -rahs---- C:IO.SYS

2007-05-25 10:31:00 0 --a------ C:CONFIG.SYS

2007-05-25 10:31:00 0 --a------ C:AUTOEXEC.BAT

2007-05-25 10:28:09 21856 --a------ C:WINDOWSsystem32emptyregdb.dat

-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun]

"WooCnxMon"="C:PROGRA~1NEOSTR~1CnxMon.exe" [2003-10-16 18:07]

"SpeedTouch USB Diagnostics"="C:Program FilesThomsonSpeedTouch USBDragdiag.exe" [2004-01-26 11:38]

"WOOWATCH"="C:PROGRA~1NEOSTR~1Watch.exe" [2003-10-16 18:07]

"WOOTASKBARICON"="C:PROGRA~1NEOSTR~1TaskbarIcon.exe" [2003-10-16 18:07]

"SunJavaUpdateSched"="C:Program FilesJavajre1.6.0_01binjusched.exe" [2007-03-14 03:43]

"OpwareSE2"="C:Program FilesScanSoftOmniPageSE2.0OpwareSE2.exe" [2003-05-08 11:00]

"OPSE reminder"="C:Program FilesScanSoftOmniPageSE2.0EregEngEreg.exe" [2003-07-07 09:29]

"SoundMan"="SOUNDMAN.EXE" [2006-11-17 05:42 C:WINDOWSsoundman.exe]

"APVXDWIN"="C:Program FilesPanda SoftwarePanda Antivirus 2007APVXDWIN.exe" [2007-01-25 18:50]

[HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRun]

"CTFMON.EXE"="C:WINDOWSsystem32ctfmon.exe" [2006-03-02 14:00]

"MailScanner"="C:Program FilesMKS_VIR_2006Mks_mail.exe" []

[HKEY_LOCAL_MACHINEsoftwaremicrosoftwindows ntcurrentversionwinlogonnotifyavldr]

avldr.dll 2006-07-14 13:46 45056 C:WINDOWSsystem32avldr.dll

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalMkS_Scan]

@="Service"

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalMkS_ScanService"

-- End of Deckard's System Scanner: finished at 2007-08-17 at 19:29:12 ---------

[ Dodano: 2007-08-17, 19:31 ]

Nie wiem czy to o to chodziło, bo wyskoczyły mi 2 okienka- jedno main.txt- to to, które wysłałam, a drugie extra.txt

[ Dodano: 2007-08-20, 19:25 ]

czy z tym Combofix, który u góry podałam jest wszystko w porządku? bo nie dostałam wiadomości :|