DDS (Ver_10-11-10.01) - NTFSx86 Run by Ola at 20:39:07,20 on 2010-11-17 Internet Explorer: 6.0.2900.2180 Microsoft Windows XP Home Edition 5.1.2600.2.1250.48.1045.18.3071.2593 [GMT 1:00] ============== Running Processes =============== C:\WINDOWS\System32\svchost.exe -k Cognizance C:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe C:\WINDOWS\System32\svchost.exe -k netsvcs C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe svchost.exe svchost.exe C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe C:\WINDOWS\Explorer.exe C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe C:\Program Files\ATKGFNEX\GFNEXSrv.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Intel\Wireless\Bin\EvtEng.exe C:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe C:\WINDOWS\system32\svchost.exe -k imgsvc C:\Program Files\ASUS\ATK Media\DMEDIA.EXE C:\Program Files\ATKOSD2\ATKOSD2.exe C:\Program Files\ASUS\ASUS Live Update\ALU.exe C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\AsGHost.exe C:\Program Files\Common Files\Symantec Shared\ccApp.exe C:\Program Files\P4P\P4P.exe C:\Program Files\ASUS\Splendid\ACMON.exe C:\WINDOWS\ASScrPro.exe C:\Program Files\Wireless Console 2\wcourier.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe C:\WINDOWS\system32\ACEngSvr.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\system32\dumprep.exe C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe C:\Program Files\DAEMON Tools Lite\daemon.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\Internet explorer\iexplore.exe C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\System32\rasautou.exe C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\inetinfo.exe C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\inetinfo.exe C:\Documents and Settings\Ola\Pulpit\dds.scr ============== Pseudo HJT Report =============== uStart Page = hxxp://www.google.pl/ uInternet Settings,ProxyOverride = ; mWinlogon: Shell=Explorer.exe "c:\windows\KesenjanganSosial.exe" BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\documents and settings\all users\dane aplikacji\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll BHO: ASUS Security Protect Manager: {df21f1db-80c6-11d3-9483-b03d0ec10000} - c:\program files\asus security center\asus security protect manager\bin\ItIEAddIn.dll uRun: [CTFMON.EXE] c:\windows\system32\ctfmon.exe uRun: [Power2GoExpress] NA uRun: [LightScribe Control Panel] c:\program files\common files\lightscribe\LightScribeControlPanel.exe -hidden uRun: [Odkurzacz-MCD] c:\program files\odkurzacz\odk_mcd.exe uRun: [DAEMON Tools Lite] "c:\program files\daemon tools lite\daemon.exe" -autorun uRun: [ALLUpdate] "c:\program files\allplayer\ALLUpdate.exe" "sleep" uRun: [Tok-Cirrhatus] uRun: [api32] c:\docume~1\ola\ustawi~1\temp\apiqq.exe uRun: [Tok-Cirrhatus-1827] "c:\documents and settings\ola\ustawienia lokalne\dane aplikacji\smss.exe" uRun: [kamsoft] c:\windows\system32\kamsoft.exe uRun: [systemadd] "c:\documents and settings\ola\dane aplikacji\sysdate32.exe" mRun: [NeroFilterCheck] c:\program files\common files\nero\lib\NeroCheck.exe mRun: [ATKMEDIA] c:\program files\asus\atk media\DMEDIA.EXE mRun: [ATKOSD2] "c:\program files\atkosd2\ATKOSD2.exe" mRun: [CognizanceTS] rundll32.exe c:\progra~1\asusse~1\asusse~1\bin\ASTSVCC.dll,RegisterModule mRun: [ASUS Live Update] c:\program files\asus\asus live update\ALU.exe mRun: [Net4Switch] c:\program files\asus\net4switch\Net4Switch.exe mRun: [ccApp] "c:\program files\common files\symantec shared\ccApp.exe" mRun: [PowerForPhone] "c:\program files\p4p\P4P.exe" mRun: [ACMON] "c:\program files\asus\splendid\ACMON.exe" mRun: [ASUS Camera ScreenSaver] c:\windows\ASScrProlog.exe mRun: [ASUS Screen Saver Protector] c:\windows\ASScrPro.exe mRun: [Wireless Console 2] "c:\program files\wireless console 2\wcourier.exe" mRun: [RTHDCPL] RTHDCPL.EXE mRun: [Alcmtr] ALCMTR.EXE mRun: [SMSERIAL] c:\program files\motorola\smserial\sm56hlpr.exe mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup mRun: [nwiz] nwiz.exe /install mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit mRun: [DrvIcon] c:\program files\vista drive icon\DrvIcon.exe mRun: [IntelZeroConfig] "c:\program files\intel\wireless\bin\ZCfgSvc.exe" mRun: [IntelWireless] "c:\program files\intel\wireless\bin\ifrmewrk.exe" /tf Intel PROSet/Wireless mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot mRun: [Bron-Spizaetus] "c:\windows\shellnew\RakyatKelaparan.exe" mRun: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE StartupFolder: c:\documents and settings\ola\menu start\programy\autostart\Empty.pif StartupFolder: c:\docume~1\alluse~1\menust~1\programy\autost~1\adober~1.lnk - c:\program files\adobe\reader 8.0\reader\reader_sl.exe StartupFolder: c:\docume~1\alluse~1\menust~1\programy\autost~1\adober~2.lnk - c:\program files\adobe\reader 8.0\reader\AdobeCollabSync.exe StartupFolder: c:\docume~1\alluse~1\menust~1\programy\autost~1\ralink~1.lnk - c:\windows\RaUI.exe uPolicies-explorer: NoFolderOptions = 1 (0x1) uPolicies-system: DisableRegistryTools = 1 (0x1) IE: E&ksport do programu Microsoft Excel - c:\progra~1\micros~3\office11\EXCEL.EXE/3000 IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office11\REFIEBAR.DLL Notify: OneCard - c:\program files\asus security center\asus security protect manager\bin\ASWLNPkg.dll AppInit_DLLs: c:\windows\system32\APSHook.dll LSA: Notification Packages = scecli ASWLNPkg mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "c:\program files\common files\lightscribe\LSRunOnce.exe" mASetup: {28ABC5C0-4FCB-11CF-AAX5-21CX1C643131} - c:\system\s-1-5-21-1482476501-1644491937-682003330-1013\system32.exe ================= FIREFOX =================== FF - ProfilePath - c:\docume~1\ola\daneap~1\mozilla\firefox\profiles\x1sw41td.default\ FF - prefs.js: browser.search.selectedEngine - DAEMON Search FF - prefs.js: browser.startup.homepage - hxxp://www.google.pl/ FF - prefs.js: network.proxy.type - 0 FF - component: c:\documents and settings\all users\dane aplikacji\real\realplayer\browserrecordplugin\firefox\ext\components\nprpffbrowserrecordext.dll FF - plugin: c:\documents and settings\all users\dane aplikacji\gadu-gadu 10\_userdata\npgg.3.dll FF - plugin: c:\documents and settings\all users\dane aplikacji\real\realplayer\browserrecordplugin\mozillaplugins\nprphtml5videoshim.dll ---- FIREFOX POLICIES ---- c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true); c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqz9s", true); // Traditional c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqs8s", true); // Simplified c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--j6w193g", true); c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true); c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4a87g", true); c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7c0a67fbc", true); c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7cvafr", true); c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kpry57d", true); // Traditional c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kprw13d", true); // Simplified ============= SERVICES / DRIVERS =============== R0 lullaby;lullaby;c:\windows\system32\drivers\lullaby.sys [2010-7-10 15416] R2 ASBroker;Logon Session Broker;c:\windows\system32\svchost.exe -k Cognizance [2006-3-2 14336] R2 ASChannel;Local Communication Channel;c:\windows\system32\svchost.exe -k Cognizance [2006-3-2 14336] R2 ccEvtMgr;Symantec Event Manager;c:\program files\common files\symantec shared\ccSvcHst.exe [2007-1-9 108648] R2 ccSetMgr;Symantec Settings Manager;c:\program files\common files\symantec shared\ccSvcHst.exe [2007-1-9 108648] R3 AtcL001;NDIS Miniport Driver for Atheros L1 Gigabit Ethernet Controller;c:\windows\system32\drivers\l151x86.sys [2010-7-10 36864] S2 IKANLOADER2;General Purpose USB Driver (e4ldr.sys);c:\windows\system32\drivers\e4ldr.sys --> c:\windows\system32\drivers\e4ldr.sys [?] S3 abp470n5;abp470n5;\??\c:\windows\system32\drivers\mfpkhl.sys --> c:\windows\system32\drivers\mfpkhl.sys [?] S3 e4usbaw;USB ADSL2 WAN Adapter;c:\windows\system32\drivers\e4usbaw.sys --> c:\windows\system32\drivers\e4usbaw.sys [?] S3 ipswuio;ipswuio;c:\windows\system32\drivers\ipswuio.sys [2010-7-10 41656] =============== Created Last 30 ================ 2010-11-17 18:42:33 -------- d-----w- c:\program files\trend micro 2010-11-17 17:12:05 188416 -c--a-w- c:\docume~1\ola\daneap~1\sysdate32.exe 2010-11-17 17:12:05 116224 -c--a-w- c:\docume~1\ola\daneap~1\sysdate.dll 2010-11-16 23:00:01 -------- d-----w- c:\docume~1\ola\ustawi~1\daneap~1\Bron.tok-15-17 2010-11-16 21:00:12 12407 ----a-w- c:\docume~1\ola\ustawi~1\daneap~1\Bron.tok.A15.em.bin 2010-11-15 23:00:00 -------- d-----w- c:\docume~1\ola\ustawi~1\daneap~1\Bron.tok-15-16 2010-11-15 16:13:31 104421 -csh--r- C:\2u.com 2010-11-15 15:43:02 -------- dcsh--r- C:\SYSTEM 2010-11-15 08:56:04 -------- d-----w- c:\docume~1\ola\ustawi~1\daneap~1\Identities 2010-11-14 23:00:01 -------- d-----w- c:\docume~1\ola\ustawi~1\daneap~1\Bron.tok-15-15 2010-11-14 13:10:53 84992 --sh--r- c:\windows\system32\gasretyw0.dll 2010-10-31 22:10:46 -------- d-----w- c:\docume~1\ola\ustawi~1\daneap~1\Bron.tok-15-31 2010-10-19 11:54:49 18944 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\mdippr.dll 2010-10-19 11:54:49 17920 ----a-w- c:\windows\system32\mdimon.dll 2010-10-19 10:28:19 -------- d-----w- c:\program files\Codec 2010-10-18 22:00:01 -------- d-----w- c:\docume~1\ola\ustawi~1\daneap~1\Bron.tok-15-19 ==================== Find3M ==================== 2010-11-15 11:56:11 45056 ----a-w- c:\windows\system32\acovcnt.exe 2010-11-04 18:32:12 43319 ---h--w- c:\windows\KesenjanganSosial.exe 2010-11-04 18:32:12 43319 ----a-w- c:\windows\system32\Ola's Setting.scr 2010-11-04 18:32:12 43319 ----a-w- c:\windows\system32\cmd-brontok.exe 2010-09-21 16:29:52 348160 ----a-w- c:\windows\system32\msvcr71.dll 2010-09-21 16:24:01 737280 ----a-w- c:\windows\iun6002.exe 2010-09-20 13:28:35 376832 ----a-w- c:\windows\system32\AegisI5Installer.exe ============= FINISH: 20:39:29,79 ===============