Będę Wam bardzo wdzięczny jeżeli sprawdicie mi te logi.
Oto logi z ComboFixa:
Kod:
ComboFix 09-02-06.02 - Admin 2009-02-07 15:03:10.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1250.1.1045.18.511.230 [GMT 1:00]
Uruchomiony z: c:\documents and settings\Admin\Pulpit\ComboFix.exe
AV: System Antywirusowy NOD32 2.51 *On-access scanning enabled* (Outdated)
* Resident AV is active
.
((((((((((((((((((((((((((((((((((((((( Usunięto )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Poprzednie uruchomienie -------
.
c:\windows\explorer.exe.tmp
c:\windows\system32\msssc.dll
c:\windows\system32\systeminfo.dll
.
((((((((((((((((((((((((( Pliki utworzone od 2009-01-07 do 2009-02-07 )))))))))))))))))))))))))))))))
.
2009-02-06 23:07 . 2009-02-06 23:07 <DIR> d-------- c:\program files\K-Lite Codec Pack
2009-02-06 23:07 . 2007-11-29 23:30 3,596,288 --a------ c:\windows\system32\qt-dx331.dll
2009-02-06 23:07 . 2007-07-25 14:24 1,559,040 --a------ c:\windows\system32\xvidcore.dll
2009-02-06 23:07 . 2007-12-04 02:33 682,496 --a------ c:\windows\system32\divx.dll
2009-02-06 23:07 . 2006-09-24 16:11 389,120 --a------ c:\windows\system32\lameACM.acm
2009-02-06 23:07 . 2007-03-10 12:51 282,624 --a------ c:\windows\system32\xvidvfw.dll
2009-02-06 23:07 . 2004-01-25 17:18 217,088 --a------ c:\windows\system32\yv12vfw.dll
2009-02-06 23:07 . 2007-09-04 17:56 164,352 --a------ c:\windows\system32\unrar.dll
2009-02-06 23:07 . 2007-09-21 01:52 118,784 --a------ c:\windows\system32\ac3acm.acm
2009-02-06 23:07 . 2007-11-29 23:28 81,920 --a------ c:\windows\system32\dpl100.dll
2009-02-06 23:07 . 2007-12-24 13:49 7,680 --a------ c:\windows\system32\ff_vfw.dll
2009-02-06 23:07 . 2007-07-10 17:10 547 --a------ c:\windows\system32\ff_vfw.dll.manifest
2009-02-06 23:07 . 2007-10-03 16:03 414 --a------ c:\windows\system32\lame_acm.xml
2009-02-06 21:24 . 2009-02-06 21:26 <DIR> d-------- c:\program files\Odkurzacz
2009-02-06 15:53 . 2009-02-06 15:53 <DIR> d-------- c:\documents and settings\Admin\Dane aplikacji\Media Player Classic
2009-02-05 20:38 . 2009-02-05 20:38 <DIR> d-------- c:\windows\Sun
2009-02-01 17:12 . 2009-02-01 17:12 <DIR> d-------- c:\documents and settings\Admin\Dane aplikacji\WildTangent
2009-02-01 17:11 . 2009-02-01 17:12 <DIR> d-------- c:\documents and settings\All Users\Dane aplikacji\WildTangent
2009-02-01 17:09 . 2009-02-01 17:12 <DIR> d-------- c:\program files\WildGames
2009-02-01 16:29 . 2009-02-01 16:29 <DIR> d-------- c:\program files\Java
2009-02-01 16:29 . 2009-02-01 16:29 410,984 --a------ c:\windows\system32\deploytk.dll
2009-02-01 16:29 . 2009-02-01 16:29 73,728 --a------ c:\windows\system32\javacpl.cpl
2009-01-31 20:23 . 2009-01-31 20:23 <DIR> d-------- c:\program files\7-Zip
2009-01-31 13:50 . 2009-01-31 13:50 <DIR> d-------- c:\program files\MSBuild
2009-01-31 12:16 . 2009-01-31 12:16 502,368 --a------ c:\windows\system32\drivers\amon.sys
2009-01-31 12:16 . 2009-01-31 12:16 270,336 --a------ c:\windows\system32\imon.dll
2009-01-31 12:11 . 2009-01-31 22:21 <DIR> d-------- c:\program files\RegCleaner
2009-01-31 11:31 . 2009-01-31 11:31 <DIR> d-------- c:\program files\ToniArts
2009-01-25 20:48 . 2009-01-25 20:48 <DIR> d-------- c:\program files\Ace Utilities
2009-01-25 20:48 . 2009-02-01 12:40 <DIR> d-a------ c:\documents and settings\All Users\Dane aplikacji\TEMP
2009-01-25 20:17 . 2008-11-30 13:06 <DIR> d--h----- c:\documents and settings\Administrator\Ustawienia lokalne
2009-01-25 20:17 . 2008-11-30 09:52 <DIR> d--h----- c:\documents and settings\Administrator\Szablony
2009-01-25 20:17 . 2008-11-30 10:45 <DIR> dr------- c:\documents and settings\Administrator\Menu Start
2009-01-25 20:17 . 2008-11-30 10:45 <DIR> dr-h----- c:\documents and settings\Administrator\Dane aplikacji
2009-01-25 20:17 . 2009-01-25 20:17 <DIR> d-------- c:\documents and settings\Administrator
2009-01-25 19:50 . 2007-09-28 21:05 593,920 --------- c:\windows\system32\ati2sgag.exe
2009-01-25 19:03 . 2009-01-25 19:03 <DIR> d-------- c:\program files\Radeon Omega Drivers
2009-01-25 12:17 . 2009-01-25 12:45 <DIR> d--h----- c:\windows\$hf_mig$
2009-01-25 12:17 . 2005-02-25 04:36 22,752 --a------ c:\windows\system32\spupdsvc.exe
2009-01-24 20:45 . 2008-06-14 18:36 273,024 --------- c:\windows\system32\drivers\bthport.sys
2009-01-24 20:45 . 2008-06-14 18:36 273,024 -----c--- c:\windows\system32\dllcache\bthport.sys
2009-01-24 16:16 . 2009-01-24 16:16 <DIR> d-------- c:\documents and settings\Admin\Dane aplikacji\atitray
2009-01-24 08:38 . 2009-01-24 08:38 <DIR> d-------- c:\documents and settings\Admin\Dane aplikacji\ESET
2009-01-23 21:35 . 2009-01-23 21:35 <DIR> d-------- c:\documents and settings\Admin\Dane aplikacji\dyyno-vlc
2009-01-23 21:34 . 2009-01-23 21:34 <DIR> d-------- c:\program files\Dyyno
2009-01-23 21:23 . 2009-01-30 22:01 <DIR> d-------- c:\documents and settings\Admin\Dane aplikacji\Xfire
2009-01-23 21:05 . 2009-01-24 16:13 <DIR> d-------- c:\program files\GG Skin Manager
2009-01-23 02:17 . 2009-01-23 02:17 42,320 --a------ c:\windows\system32\xfcodec.dll
2009-01-18 21:07 . 2006-02-22 02:05 148,498 --a------ c:\windows\system32\atmplkxx.hlp
2009-01-18 21:07 . 2006-02-22 02:05 44,430 --a------ c:\windows\system32\attplkxx.hlp
2009-01-18 21:07 . 2006-02-22 02:05 26,138 --a------ c:\windows\system32\atfplkxx.hlp
2009-01-18 20:45 . 2009-01-18 20:45 472,576 --a------ c:\windows\Radeon Omega Drivers v4.8.442 Uninstall.exe
2009-01-18 20:27 . 2009-01-18 20:28 807 --a------ c:\windows\unins000.dat
2009-01-18 20:13 . 2009-01-25 18:52 10 --a------ c:\windows\WININIT.INI
2009-01-18 20:12 . 2009-01-18 20:12 <DIR> d-------- C:\ATI
2009-01-18 18:33 . 2009-01-18 18:33 <DIR> d-------- c:\program files\Trend Micro
2009-01-18 18:00 . 2009-01-18 18:00 <DIR> d-------- c:\program files\Common Files\mozilla.org
2009-01-18 18:00 . 2009-01-18 18:00 118,784 --a------ c:\windows\SeaMonkeyUninstall.exe
2009-01-18 18:00 . 2009-01-18 18:00 118,784 --a------ c:\windows\GREUninstall.exe
2009-01-18 18:00 . 2009-01-18 18:00 7,738 --a------ c:\windows\mozver.dat
2009-01-18 18:00 . 2009-01-18 18:00 335 --a------ c:\windows\nsreg.dat
2009-01-18 17:59 . 2009-01-18 17:59 <DIR> d-------- c:\program files\mozilla.org
.
(((((((((((((((((((((((((((((((((((((((( Sekcja Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-02-07 12:12 --------- d-----w c:\program files\nLite
2009-02-07 11:17 --------- d-----w c:\program files\ESET
2009-01-31 13:03 --------- d-----w c:\program files\HP
2009-01-31 12:50 --------- d-----w c:\documents and settings\All Users\Dane aplikacji\Microsoft Help
2009-01-31 10:31 --------- d--h--w c:\program files\InstallShield Installation Information
2009-01-31 10:31 --------- d-----w c:\program files\Common Files\InstallShield
2009-01-25 17:54 --------- d-----w c:\program files\ATI Technologies
2009-01-18 20:19 66,872 ----a-w c:\windows\system32\PnkBstrA.exe
2009-01-17 20:20 --------- d-----w c:\program files\HD Tune
2009-01-03 13:11 --------- d-----w c:\documents and settings\Admin\Dane aplikacji\Ahead
2008-12-28 17:17 138,184 ----a-w c:\windows\system32\drivers\PnkBstrK.sys
2008-12-28 17:16 183,112 ----a-w c:\windows\system32\PnkBstrB.exe
2008-12-25 20:03 --------- d-----w c:\program files\Testy IQ
2008-12-20 16:11 --------- d-----w c:\program files\Samsung
2008-12-14 19:35 --------- d-----w c:\program files\Ahead
2008-12-14 19:16 --------- d-----w c:\program files\Stardock
2008-12-14 19:01 --------- d-----w c:\program files\Nero
2008-12-14 19:01 --------- d-----w c:\program files\Common Files\Ahead
2008-12-12 21:54 --------- d-----w c:\program files\Ashampoo
2008-12-12 21:54 --------- d-----w c:\documents and settings\All Users\Dane aplikacji\flash
2008-12-07 19:53 --------- d-----w c:\documents and settings\Admin\Dane aplikacji\FarmingSimulator2008
2008-12-07 17:37 --------- d-----w c:\program files\AGEIA Technologies
2008-12-07 17:36 --------- d-----w c:\program files\Common Files\Wise Installation Wizard
.
------- Sigcheck -------
2008-06-20 11:45 360320 2a5554fc5b1e04e131230e3ce035c3f9 c:\windows\SoftwareDistribution\Download\5cb56d26ae277f6fc62b86faa15488d1\SP2GDR\tcpip.sys
2008-06-20 11:44 360960 744e57c99232201ae98c49168b918f48 c:\windows\SoftwareDistribution\Download\5cb56d26ae277f6fc62b86faa15488d1\SP2QFE\tcpip.sys
2008-06-20 12:51 361600 9aefa14bd6b182d61e3119fa5f436d3d c:\windows\SoftwareDistribution\Download\5cb56d26ae277f6fc62b86faa15488d1\SP3GDR\tcpip.sys
2008-06-20 12:59 361600 ad978a1b783b5719720cff204b666c8e c:\windows\SoftwareDistribution\Download\5cb56d26ae277f6fc62b86faa15488d1\SP3QFE\tcpip.sys
2008-05-08 19:02 361344 accf5a9a1ffaa490f33dba1c632b95e1 c:\windows\system32\drivers\tcpip.sys
.
((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"Gadu-Gadu"="d:\programy\Komunikatory\Gadu-Gadu\gg.exe" [2008-03-20 2127296]
"Odkurzacz-MCD"="c:\program files\Odkurzacz\odk_mcd.exe" [2008-12-29 277504]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Hidder"="c:\progra~1\GDATAS~1\SEKRET~1\Hidder.exe" [2002-06-03 565248]
"nod32kui"="c:\program files\Eset\nod32kui.exe" [2009-01-31 921600]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-02-01 136600]
"Smapp"="c:\program files\Analog Devices\SoundMAX\SMTray.exe" [2003-05-05 143360]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2004-02-12 49152]
"HP Component Manager"="c:\program files\HP\hpcoretech\hpcmpmgr.exe" [2004-05-12 241664]
"AtiPTA"="atiptaxx.exe" [2006-02-22 c:\windows\system32\atiptaxx.exe]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"nltide_2"="shell32" [X]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveTrack"= 1 (0x1)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WBSrv]
2008-09-17 08:05 210168 c:\program files\Stardock\Object Desktop\WindowBlinds\WbSrv.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=wbsys.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.XFR1"= xfcodec.dll
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^HP Digital Imaging Monitor.lnk]
backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^HP Image Zone - szybkie uruchamianie.lnk]
backup=c:\windows\pss\HP Image Zone - szybkie uruchamianie.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"WMPNetworkSvc"=3 (0x3)
"Pml Driver HPZ12"=3 (0x3)
"ose"=3 (0x3)
"odserv"=3 (0x3)
"Microsoft Office Groove Audit Service"=3 (0x3)
"ekrn"=2 (0x2)
"xmlprov"=3 (0x3)
"WudfSvc"=3 (0x3)
"Wmi"=3 (0x3)
"WmdmPmSN"=3 (0x3)
"VSS"=3 (0x3)
"upnphost"=3 (0x3)
"SysmonLog"=3 (0x3)
"SwPrv"=3 (0x3)
"SCardSvr"=3 (0x3)
"RSVP"=3 (0x3)
"RasAuto"=3 (0x3)
"NtmsSvc"=3 (0x3)
"NtLmSsp"=3 (0x3)
"NOD32FiXTemDono"=2 (0x2)
"Netlogon"=3 (0x3)
"napagent"=3 (0x3)
"MSDTC"=3 (0x3)
"ImapiService"=3 (0x3)
"HTTPFilter"=3 (0x3)
"hkmsvc"=3 (0x3)
"helpsvc"=3 (0x3)
"GameConsoleService"=3 (0x3)
"EapHost"=3 (0x3)
"Dot3svc"=3 (0x3)
"dmadmin"=3 (0x3)
"COMSysApp"=3 (0x3)
"clr_optimization_v2.0.50727_32"=3 (0x3)
"CiSvc"=3 (0x3)
"Browser"=2 (0x2)
"BITS"=3 (0x3)
"aspnet_state"=3 (0x3)
"AppMgmt"=3 (0x3)
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"Gadu-Gadu"="d:\programy\Komunikatory\Gadu-Gadu\gg.exe" /tray
"ctfmon.exe"=c:\windows\system32\ctfmon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-disabled]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe"
"mspwr"=c:\windows\system32\PuXpMan2.exe
"PwrUpTweakMe"=c:\windows\system32\PuXpTwks.exe /TWEAK
"NeroFilterCheck"=c:\windows\system32\NeroCheck.exe
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\WINDOWS\\Network Diagnostic\\xpnetdiag.exe"=
"d:\\Programy\\Komunikatory\\Gadu-Gadu\\gg.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"d:\\Programy\\Inne\\FreeCall\\FreeCall.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
R0 AFPAnsi;G-DATA UkrywaczAnsi;c:\windows\system32\drivers\AFPAnsi.sys [2008-11-30 31776]
R1 atitray;atitray;c:\program files\Radeon Omega Drivers\v4.8.442\ATI Tray Tools\atitray.sys [2009-01-25 17952]
S3 EverestDriver;Lavalys EVEREST Kernel Driver;d:\programy\Diagnostyczne\Everest Ultimate 4.20.1303\kerneld.wnt [2008-08-30 22640]
S4 ekrn;Eset Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [2008-02-20 472320]
S4 NOD32FiXTemDono;Eset Nod32 Boot;c:\windows\system32\regedt32.exe [2001-10-26 3584]
.
Zawartość folderu 'Zaplanowane zadania'
2009-01-18 c:\windows\Tasks\NSSstub.job
- c:\windows\system32\Adobe\Shockwave 11\nssstub.exe [2008-11-30 10:22]
.
.
------- Skan uzupełniający -------
.
uInternet Connection Wizard,ShellNext = iexplore
LSP: c:\windows\system32\imon.dll
FF - ProfilePath - c:\documents and settings\Admin\Dane aplikacji\Mozilla\Firefox\Profiles\y6upslmt.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.onet.pl/
FF - plugin: c:\documents and settings\Admin\Dane aplikacji\Mozilla\Firefox\Profiles\y6upslmt.default\extensions\NPDyyno@dyyno.com\plugins\npDyyno.dll
FF - plugin: c:\program files\Dyyno\Dyyno Player\npvlc.dll
.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-02-07 15:04:29
Windows 5.1.2600 Dodatek Service Pack 3 NTFS
skanowanie ukrytych procesów ...
skanowanie ukrytych wpisów autostartu ...
skanowanie ukrytych plików ...
c:\windows\hide.conf 94 bytes
skanowanie pomyślnie ukończone
ukryte pliki: 1
**************************************************************************
[HKEY_LOCAL_MACHINE\System\ControlSet002\Services\EverestDriver]
"ImagePath"="\??\d:\programy\Diagnostyczne\Everest Ultimate 4.20.1303\kerneld.wnt"
.
--------------------- ZABLOKOWANE KLUCZE REJESTRU ---------------------
[HKEY_USERS\S-1-5-21-73586283-1682526488-1177238915-1003\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
--------------------- Pliki DLL ładowane pod uruchomionymi procesami ---------------------
- - - - - - - > 'winlogon.exe'(536)
c:\windows\system32\Ati2evxx.dll
c:\program files\Stardock\Object Desktop\WindowBlinds\wbsrv.dll
- - - - - - - > 'lsass.exe'(592)
c:\windows\system32\imon.dll
c:\program files\Eset\pr_imon.dll
.
Czas ukończenia: 2009-02-07 15:05:43
ComboFix-quarantined-files.txt 2009-02-07 14:05:40
Przed: 12,676,263,936 bajtów wolnych
Po: 12,665,241,600 bajtów wolnych
WindowsXP-KB310994-SP2-Pro-BootDisk-PLK.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /FASTDETECT
260 --- E O F --- 2009-01-25 11:45:20
A teraz hajithis
Kod:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:07:56, on 2009-02-07
Platform: Windows XP Dodatek SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\HP\hpcoretech\comp\hptskmgr.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\notepad.exe
C:\WINDOWS\explorer.exe
D:\Programy\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [Hidder] C:\PROGRA~1\GDATAS~1\SEKRET~1\Hidder.exe /start
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [AtiPTA] atiptaxx.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Gadu-Gadu] "D:\Programy\Komunikatory\Gadu-Gadu\gg.exe" /tray
O4 - HKCU\..\Run: [Odkurzacz-MCD] C:\Program Files\Odkurzacz\odk_mcd.exe
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')
O9 - Extra button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
--
End of file - 4640 bytes
Z góry Wam dziękuję
07.02.2009, 16:08
Prosze o sprawdzenie logów :)
Wygląd liniowy
Podobne wątki
