Swierzutkie logi:
ComboFix:
Kod:
ComboFix 08-01-07.5 - geKon 2008-01-11 13:35:02.5 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1250.1.1045.18.1538 [GMT 1:00]
Running from: C:\Documents and Settings\geKon\Pulpit\Skróty pulpitu\ComboFix.exe
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\WINDOWS\system32\AutoRun.inf
.
((((((((((((((((((((((((( Files Created from 2007-12-11 to 2008-01-11 )))))))))))))))))))))))))))))))
.
2008-01-10 21:28 . 2008-01-10 21:28 <DIR> d--h----- C:\WINDOWS\system32\GroupPolicy
2008-01-10 21:14 . 2008-01-10 21:14 8,272 ---hs---- C:\`.vbs
2008-01-10 21:14 . 2008-01-09 20:22 195 -rahs---- C:\autorun.inf
2008-01-10 20:39 . 2008-01-10 20:39 <DIR> d-------- C:\WINDOWS\ERUNT
2008-01-10 20:24 . 2008-01-10 20:43 <DIR> d-------- C:\Program Files\SUPERAntiSpyware
2008-01-10 20:24 . 2008-01-10 20:24 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-01-10 20:24 . 2008-01-10 20:24 <DIR> d-------- C:\Documents and Settings\geKon\Dane aplikacji\SUPERAntiSpyware.com
2008-01-10 20:24 . 2008-01-10 20:24 <DIR> d-------- C:\Documents and Settings\All Users\Dane aplikacji\SUPERAntiSpyware.com
2008-01-09 18:05 . 2008-01-09 18:05 <DIR> d-------- C:\Documents and Settings\geKon\Verba_6_Grudnia
2008-01-08 19:21 . 2008-01-10 21:14 8,272 ---hs---- C:\WINDOWS\system32\`.vbe
2008-01-08 19:21 . 2008-01-10 21:14 8,272 ---hs---- C:\WINDOWS\`.vbe
2008-01-07 23:19 . 2000-08-31 08:00 51,200 --a------ C:\WINDOWS\NirCmd.exe
2008-01-07 22:36 . 2008-01-07 22:36 <DIR> d-------- C:\Documents and Settings\All Users\Dane aplikacji\McAfee
2008-01-07 19:04 . 2008-01-07 19:04 <DIR> d-------- C:\Program Files\Sony Ericsson
2008-01-06 12:50 . 2008-01-06 12:50 <DIR> d-------- C:\Documents and Settings\geKon\WINDOWS
2008-01-06 12:48 . 2008-01-06 12:49 44,751 --a------ C:\WINDOWS\system32\devcon.exe
2008-01-06 11:52 . 2008-01-06 11:52 <DIR> d-------- C:\Program Files\AVIConverter
2008-01-06 10:08 . 2008-01-06 10:08 21 ---hs---- C:\date.bin
2008-01-05 21:05 . 2008-01-06 12:51 <DIR> d-------- C:\Program Files\Any Audio Converter
2008-01-04 18:46 . 2008-01-04 18:46 <DIR> d-------- C:\Program Files\Shiny Entertainment
2007-12-30 14:07 . 2007-12-30 14:07 60,273 --a------ C:\WINDOWS\system32\pthreadGC2.dll
2007-12-27 14:54 . 2007-12-27 14:54 664 --a------ C:\WINDOWS\system32\d3d9caps.dat
2007-12-18 16:24 . 2007-12-26 14:16 <DIR> d-------- C:\Program Files\ElcomSoft
2007-12-18 16:24 . 2007-12-18 16:28 1,078 --a------ C:\WINDOWS\ARCHPR.INI
2007-12-16 13:12 . 2008-01-10 13:06 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2007-12-16 13:12 . 2007-12-16 13:12 1,409 --a------ C:\WINDOWS\QTFont.for
2007-12-15 19:10 . 2007-12-15 19:12 <DIR> d-------- C:\ruby
2007-12-12 22:25 . 2007-12-12 22:25 <DIR> d-------- C:\Documents and Settings\LocalService\Dane aplikacji\Xfire
2007-12-12 22:22 . 2007-12-12 22:22 <DIR> d-------- C:\Program Files\Lighthouse Interactive
2007-12-11 18:04 . 2007-12-11 18:04 <DIR> d-------- C:\Program Files\IZArc
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-01-11 12:22 --------- d-----w C:\Documents and Settings\geKon\Dane aplikacji\SiteAdvisor
2008-01-10 20:47 --------- d-----w C:\Program Files\freeCommander2006
2008-01-10 20:38 --------- d---a-w C:\Documents and Settings\All Users\Dane aplikacji\TEMP
2008-01-10 20:14 8,272 --sh--w C:\WINDOWS\system32\`.vbe
2008-01-10 20:14 8,272 --sh--w C:\WINDOWS\`.vbe
2008-01-10 20:14 8,272 --sh--w C:\`.vbs
2008-01-10 18:13 --------- d-----w C:\Program Files\lg_fwupdate
2008-01-07 21:31 --------- d-----w C:\Documents and Settings\geKon\Dane aplikacji\U3
2008-01-06 18:58 --------- d-----w C:\Program Files\speed-bit
2008-01-04 17:46 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-01-04 15:26 --------- d-----w C:\Program Files\MoorHunt
2008-01-04 15:05 --------- d-----w C:\Program Files\NAPI-PROJEKT
2008-01-01 15:58 --------- d-----w C:\Program Files\FMA 2
2008-01-01 13:08 20 ---h--w C:\Documents and Settings\All Users\Dane aplikacji\PKP_DLec.DAT
2008-01-01 13:08 20 ---h--w C:\Documents and Settings\All Users\Dane aplikacji\PKP_DLds.DAT
2007-12-21 20:40 --------- d-----w C:\Program Files\JetAudio
2007-12-21 20:40 --------- d-----w C:\Program Files\Common Files\COWON
2007-12-11 21:09 --------- d-----w C:\Documents and Settings\geKon\Dane aplikacji\Dev-Cpp
2007-12-02 20:04 --------- d-----w C:\Program Files\D-Link AirPlus
2007-12-02 14:16 --------- d-----w C:\Program Files\DAP
2007-11-27 20:22 --------- d-----w C:\Documents and Settings\geKon\Dane aplikacji\uTorrent
2007-11-27 19:59 --------- d-----w C:\Program Files\The Logo Creator v5
2007-11-27 18:45 --------- d-----w C:\Documents and Settings\geKon\Dane aplikacji\OpenOffice.ux.pl2
2007-11-24 11:48 --------- d-----w C:\Program Files\Peer2Mail
2007-11-21 16:59 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\Microsoft Help
2007-11-18 19:32 --------- d-----w C:\Program Files\innotek VirtualBox
2007-11-15 16:46 --------- d-----w C:\Program Files\Selteco
2007-11-13 16:03 139,264 ----a-w C:\WINDOWS\system32\hpzjrd01.dll
2007-11-12 21:56 --------- d-----w C:\Program Files\Hewlett-Packard
2007-11-12 21:55 --------- d-----w C:\Program Files\HP
2007-10-25 17:14 3,350 --sha-w C:\WINDOWS\system32\KGyGaAvL.sys
2007-07-06 12:12 54,313 ----a-w C:\Program Files\tor-bundle-uninstall.exe
2007-07-27 14:55 23 --sha-w C:\WINDOWS\system32\cacceda0_r.dll
.
((((((((((((((((((((((((((((( snapshot@2008-01-07_23.23.57.14 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-01-06 09:10:16 8,272 --sh--w C:\WINDOWS\`.vbe
+ 2008-01-10 20:14:54 8,272 --sh--w C:\WINDOWS\`.vbe
+ 2008-01-10 04:51:09 163,328 ----a-w C:\WINDOWS\ERUNT\SDFIX\ERDNT.EXE
+ 2008-01-10 19:39:42 8,974,336 ----a-w C:\WINDOWS\ERUNT\SDFIX\Users\00000001\ntuser.dat
+ 2008-01-10 19:39:42 376,832 ----a-w C:\WINDOWS\ERUNT\SDFIX\Users\00000002\UsrClass.dat
+ 2008-01-10 04:51:09 163,328 ----a-w C:\WINDOWS\ERUNT\SDFIX_First_Run\ERDNT.EXE
+ 2008-01-10 19:39:41 8,974,336 ----a-w C:\WINDOWS\ERUNT\SDFIX_First_Run\Users\00000001\ntuser.dat
+ 2008-01-10 19:39:41 376,832 ----a-w C:\WINDOWS\ERUNT\SDFIX_First_Run\Users\00000002\UsrClass.dat
+ 2008-01-10 19:24:51 29,696 ----a-r C:\WINDOWS\Installer\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}\IconCDDCBBF11.exe
+ 2008-01-10 19:24:51 18,944 ----a-r C:\WINDOWS\Installer\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}\IconCDDCBBF13.exe
+ 2008-01-10 19:24:51 65,024 ----a-r C:\WINDOWS\Installer\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}\IconCDDCBBF15.exe
- 2007-05-05 10:51:52 8,738 ----a-w C:\WINDOWS\pchealth\helpctr\Config\Cntstore.bin
+ 2008-01-10 19:42:01 8,972 ----a-w C:\WINDOWS\pchealth\helpctr\Config\Cntstore.bin
- 2007-05-05 10:51:50 86,327 ----a-w C:\WINDOWS\pchealth\helpctr\OfflineCache\index.dat
+ 2008-01-10 19:42:47 86,327 ----a-w C:\WINDOWS\pchealth\helpctr\OfflineCache\index.dat
- 2008-01-06 09:10:16 8,272 --sh--w C:\WINDOWS\system32\`.vbe
+ 2008-01-10 20:14:54 8,272 --sh--w C:\WINDOWS\system32\`.vbe
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-03 23:44 15360]
"Gadu-Gadu"="C:\Program Files\Gadu-Gadu\gg.exe" [2007-05-12 20:49 2111176]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"C6501Sound"="c6501.cpl" []
"Ai Remote Help"="C:\Program Files\ASUS\AI Remote\AiRc.exe" [2007-01-19 13:24 3347456]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-02-13 14:05 7557120]
"nwiz"="nwiz.exe" [2006-02-13 14:05 1519616 C:\WINDOWS\system32\nwiz.exe]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2006-02-13 14:05 86016]
"CacheBoost"="C:\Program Files\CacheBoost\trayicon.exe" [2003-06-24 19:55 60928]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2007-04-11 14:32 56080 C:\WINDOWS\KHALMNPR.Exe]
"mkstray"="C:\Program Files\mks_vir_2007\bin\mkstray.exe" [2007-08-25 15:20 663552]
"mks_mail"="C:\Program Files\mks_vir_2007\bin\mks_mail.exe" [2007-05-24 04:06 520192]
"MKSRegmon"="C:\Program Files\mks_vir_2007\bin\mksregmon.exe" [2007-05-24 04:06 303104]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-03 23:44 15360]
C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\
D-Link AirPlus.lnk - C:\Program Files\D-Link AirPlus\AirPlus.exe [2007-12-02 21:04:12]
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2005-05-11 23:23:26]
Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe [2007-07-12 19:58:22]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"SynchronousMachineGroupPolicy"= 0 (0x0)
"SynchronousUserGroupPolicy"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer\run]
"explorer"= `.vbe
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2006-12-20 13:55 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"UIHost"="LogonUI.EXE"
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll 2007-04-19 13:41 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MkS_Scan]
@="service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
@=""
R0 hotcore2;hotcore2;C:\WINDOWS\system32\drivers\hotcore2.sys [2006-10-02 09:39]
R0 mksidsa;mksidsa;C:\WINDOWS\system32\mksidsa.sys [2007-05-24 04:06]
R1 mksfwallt;mksfwallt;C:\WINDOWS\system32\mksfwallt.sys [2007-05-24 04:06]
R1 VBoxDrv;VirtualBox Service;C:\WINDOWS\system32\DRIVERS\VBoxDrv.sys [2007-09-03 17:19]
R1 VBoxUSBMon;VirtualBox USB Monitor Driver;C:\WINDOWS\system32\DRIVERS\VBoxUSBMon.sys [2007-09-03 17:19]
R2 CacheBoost Service;CacheBoost Performance Optimizer and Tuner Service;C:\Program Files\CacheBoost\cbsrv.exe [2003-06-24 19:54]
R2 MksFwall;MksFwall;"C:\Program Files\mks_vir_2007\bin\MksFwall.exe" [2007-05-24 04:06]
R2 MksPC;MksPC;"C:\Program Files\mks_vir_2007\bin\MksPC.exe" [2007-05-24 04:06]
R2 MksUpdate;MksUpdate;"C:\Program Files\mks_vir_2007\bin\mksupdate.exe" [2007-05-24 04:06]
R3 cm102u32;C-Media CM6501 Like Sound Interface;C:\WINDOWS\system32\drivers\c6501.sys [2006-09-05 10:04]
R3 mksfwallf;mksfwallf;C:\WINDOWS\system32\mksfwallf.sys [2007-05-24 04:06]
R3 mksidsf;mksidsf;C:\WINDOWS\system32\mksidsf.sys [2007-05-24 04:06]
R3 MksMonEn;MksMonEn;C:\Program Files\mks_vir_2007\bin\MksMonEn.sys [2007-08-25 15:20]
R3 MksMonEv;MksMonEv;C:\Program Files\mks_vir_2007\bin\MksMonEv.sys [2007-05-24 04:06]
R3 MksMonFd;MksMonFd;C:\Program Files\mks_vir_2007\bin\MksMonFd.sys [2007-05-24 04:06]
R3 USBSTOR;Sterownik magazynu masowego USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 22:08]
S3 SER120;OTI Serial port driver;C:\WINDOWS\system32\DRIVERS\SER120.sys [2005-03-22 03:03]
S3 usbscan;Sterownik skanera USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 21:58]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\K]
\Shell\AutoRun\command - K:\LaunchU3.exe -a
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{fa68113a-8d45-11dc-a2ec-001346139400}]
\Shell\AutoRun\command - K:\LaunchU3.exe -a
.
**************************************************************************
catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-01-11 13:36:36
Windows 5.1.2600 Dodatek Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
PROCESS: C:\WINDOWS\system32\lsass.exe [5.01.2600.2180]
-> C:\Program Files\mks_vir_2007\bin\mkslsp.dll
.
Completion time: 2008-01-11 13:36:57
ComboFix-quarantined-files.txt 2008-01-11 12:36:54
ComboFix5.txt 2008-01-07 22:24:05
Hijackthis:
Kod:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:37:29, on 2008-01-11
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ASUS\AI Remote\AiRc.exe
C:\Program Files\ASUS\AI Remote\AiRemote.exe
C:\Program Files\CacheBoost\trayicon.exe
C:\Program Files\mks_vir_2007\bin\mkstray.exe
C:\Program Files\mks_vir_2007\bin\mks_mail.exe
C:\Program Files\mks_vir_2007\bin\mksregmon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\D-Link AirPlus\AirPlus.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Common Files\Logitech\KhalShared\KHALMNPR.EXE
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\WINDOWS\ATKKBService.exe
C:\Program Files\CacheBoost\cbsrv.exe
C:\Program Files\mks_vir_2007\bin\MksFwall.exe
C:\Program Files\mks_vir_2007\bin\MksPC.exe
C:\Program Files\mks_vir_2007\bin\mksupdate.exe
C:\Program Files\mks_vir_2007\bin\mksvirmonsvc.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
C:\Program Files\mks_vir_2007\bin\mks_scan.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\notepad.exe
C:\Documents and Settings\geKon\Pulpit\Skróty pulpitu\hijackthis.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.pl
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O4 - HKLM\..\Run: [C6501Sound] RunDll32 c6501.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [Ai Remote Help] "C:\Program Files\ASUS\AI Remote\AiRc.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [CacheBoost] C:\Program Files\CacheBoost\trayicon.exe
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [mkstray] C:\Program Files\mks_vir_2007\bin\mkstray.exe
O4 - HKLM\..\Run: [mks_mail] C:\Program Files\mks_vir_2007\bin\mks_mail.exe
O4 - HKLM\..\Run: [MKSRegmon] C:\Program Files\mks_vir_2007\bin\mksregmon.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Gadu-Gadu] "C:\Program Files\Gadu-Gadu\gg.exe" /tray
O4 - HKLM\..\Policies\Explorer\Run: [explorer] `.vbe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA LOKALNA')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA SIECIOWA')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: AutorunsDisabled
O4 - Global Startup: D-Link AirPlus.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm
O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm
O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm
O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files\mks_vir_2007\bin\\mkslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\mks_vir_2007\bin\\mkslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\mks_vir_2007\bin\\mkslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\mks_vir_2007\bin\\mkslsp.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: CacheBoost Performance Optimizer and Tuner Service (CacheBoost Service) - Systweak India - C:\Program Files\CacheBoost\cbsrv.exe
O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
O23 - Service: MksFwall - MKS Sp z o.o. - C:\Program Files\mks_vir_2007\bin\MksFwall.exe
O23 - Service: MksPC - Unknown owner - C:\Program Files\mks_vir_2007\bin\MksPC.exe
O23 - Service: MksUpdate - MKS Sp. z o. o. - C:\Program Files\mks_vir_2007\bin\mksupdate.exe
O23 - Service: mks_vir file monitor (MksVirMonSvc) - Unknown owner - C:\Program Files\mks_vir_2007\bin\mksvirmonsvc.exe
O23 - Service: MkS_Scan - Unknown owner - C:\Program Files\mks_vir_2007\bin\mks_scan.exe
O23 - Service: ForceWare IP service (nSvcIp) - NVIDIA - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
--
End of file - 6489 bytes
10.01.2008, 22:02
Wirus, autorun.inf, dysk flash
Odp: Wirus, autorun.inf, dysk flash
a pliczek przeskanowany i czysty jak łza
Wygląd liniowy
Podobne wątki
