[log] blue screen, ukryte pliki, prince of persia,sieciowka

[michcio141]

Witam. Mam problemy.
1. Mam Win Xp SP3 i nie moge zagladac do ukrytych plikow. Gdy zaznaczam w opcjach folderow zeby pokazal ukryte pliki nic sie nie dzieje.
2. Przy podpietym nowym urzadzeniu, przewaznie usb, komputer dostaje totalnej zawieszki i czasami wyskakuje blue screen.
3. Przy probie zainstalowania najnowszego Prince of Persia, gdy klikne w setup wyskakuje blad Microsoft Visual C++ Runtime Library
4. Nie moge polaczyc ze soba 2 komputerow scrosowanym kablem, ktory jest napewno dobrze zrobiony bo wczesniej dzialal. Ustawialem ip itd i komputery sie nie widza, czasami w jedna strone. Problem zaczal sie po zmianie sprzetu.

log comofix

ComboFix 09-04-04.01 - Zegarek 2009-04-08 23:05:53.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1250.1.1045.18.3325.2819 [GMT 2:00]
Uruchomiony z: c:\documents and settings\Zegarek\Pulpit\ComboFix.exe
* Utworzono nowy punkt przywracania
* Resident AV is active


UWAGA - TEN KOMPUTER NIE MA ZAINSTALOWANEJ KONSOLI ODZYSKIWANIA !!
.

((((((((((((((((((((((((((((((((((((((( Usunięto )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\2u.com
C:\autorun.inf
C:\j60osk9.cmd
c:\windows\boot.ini
c:\windows\system32\nmdfgds0.dll
c:\windows\system32\olhrwef.exe
D:\2u.com
D:\Autorun.inf
D:\j60osk9.cmd
E:\2u.com
E:\Autorun.inf
E:\j60osk9.cmd

.
((((((((((((((((((((((((( Pliki utworzone od 2009-03-08 do 2009-04-08 )))))))))))))))))))))))))))))))
.

2009-03-30 23:33 . 2008-04-13 20:05 20,992 --a------ c:\windows\system32\drivers\RTL8139.sys

.
(((((((((((((((((((((((((((((((((((((((( Sekcja Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-03-30 21:36 --------- d-----w c:\documents and settings\Zegarek\Dane aplikacji\SiteAdvisor
2009-03-03 19:45 --------- d-----w c:\program files\Common Files\Adobe
2009-03-03 19:44 --------- d-----w c:\program files\Common Files\Adobe Systems Shared
2009-03-03 19:44 --------- d-----w c:\documents and settings\All Users\Dane aplikacji\Adobe Systems
2009-03-02 20:42 --------- d-----w c:\program files\Microsoft ActiveSync
2009-02-24 17:08 --------- d-----w c:\documents and settings\Zegarek\Dane aplikacji\AdobeUM
2009-02-23 21:55 --------- d-----w c:\documents and settings\All Users\Dane aplikacji\nView_Profiles
2009-02-23 21:54 --------- d-----w c:\program files\Common Files\Wise Installation Wizard
2009-02-23 21:45 --------- d-----w c:\program files\NVIDIA Corporation
2009-02-23 21:12 --------- d-----w c:\program files\RivaTuner v2.23
2009-02-23 16:35 --------- d-----w c:\program files\Common Files\Nero
2009-02-23 16:35 --------- d-----w c:\documents and settings\Zegarek\Dane aplikacji\Nero
2009-02-23 16:34 --------- d-----w c:\program files\Nero
2009-02-23 16:34 --------- d-----w c:\documents and settings\All Users\Dane aplikacji\Nero
2009-02-23 15:39 --------- d--h--w c:\program files\InstallShield Installation Information
2009-02-23 15:19 --------- d-----w c:\program files\PRO100 i NR Demo
2009-02-19 22:43 --------- d-----w c:\program files\AGEIA Technologies
2009-02-18 15:49 1,700,352 ----a-w c:\windows\system32\gdiplus.dll
2009-02-17 21:01 278,984 ----a-w c:\windows\system32\drivers\atksgt.sys
2009-02-17 21:01 25,416 ----a-w c:\windows\system32\drivers\lirsgt.sys
2009-02-17 20:51 --------- d-----w c:\program files\DAEMON Tools Pro
2009-02-17 20:50 --------- d-----w c:\documents and settings\All Users\Dane aplikacji\DAEMON Tools Pro
2009-02-17 20:49 --------- d-----w c:\documents and settings\Zegarek\Dane aplikacji\DAEMON Tools Pro
2009-02-17 20:36 685,816 ----a-w c:\windows\system32\drivers\sptd.sys
2009-02-16 18:45 --------- d-----w c:\documents and settings\All Users\Dane aplikacji\Test Drive Unlimited
2009-02-16 17:49 --------- d-----w c:\program files\Multimedia Keyboard Driver
2009-02-16 09:58 --------- d-----w c:\program files\Common Files\InstallShield
2009-02-15 22:09 --------- d-----w c:\program files\McAfee
2009-02-15 22:09 --------- d-----w c:\documents and settings\NetworkService\Dane aplikacji\SiteAdvisor
2009-02-15 22:02 --------- d-----w c:\program files\SiteAdvisor
2009-02-15 22:02 --------- d-----w c:\documents and settings\All Users\Dane aplikacji\McAfee
2009-02-15 22:01 --------- d-----w c:\documents and settings\LocalService\Dane aplikacji\SiteAdvisor
2009-02-15 22:01 --------- d-----w c:\documents and settings\All Users\Dane aplikacji\SiteAdvisor
2009-02-15 22:00 --------- d-----w c:\program files\Common Files\McAfee
2009-02-15 21:59 --------- d-----w c:\program files\McAfee.com
2009-02-09 12:18 401,408 ----a-w c:\windows\system32\nvcuvid.dll
2009-02-08 14:49 --------- d-----w c:\program files\ffdshow
2009-02-07 12:50 107,888 ----a-w c:\windows\system32\CmdLineExt.dll
2009-02-05 21:30 315,392 ----a-w c:\windows\HideWin.exe
2009-01-31 15:36 109,930 --sh--r C:\a2h2.com
2009-01-16 17:24 70,936 ----a-w c:\windows\system32\PhysXLoader.dll
.

------- Sigcheck -------

2008-05-22 17:18 487424 5f1ccdf37f28a88d0473b0c9ea1e0d58 c:\windows\system32\user32.dll

2008-05-22 14:45 361344 accf5a9a1ffaa490f33dba1c632b95e1 c:\windows\system32\drivers\tcpip.sys

2008-05-22 17:15 2146304 262abab004204800fc107194ca7a7b35 c:\windows\system32\ntoskrnl.exe

2008-05-22 17:11 1503232 67eacb65fbb0997dd3be8e4f1a5fe069 c:\windows\explorer.exe

2008-05-22 17:10 40448 0277e1a3e8b337555a45943808451981 c:\windows\system32\ctfmon.exe
.
((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"VisualTaskTips"="c:\program files\Utilities\VisualTaskTips\VisualTaskTips.exe" [2007-09-05 36352]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-05-22 40448]
"RGSC"="c:\program files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe" [2008-11-14 305064]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Nero\Lib\NMBgMonitor.exe" [2007-09-20 202024]
"H/PC Connection Agent"="c:\program files\Microsoft ActiveSync\wcescomm.exe" [2006-06-20 1207080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools"="c:\program files\DAEMON Tools\daemon.exe" [2005-12-10 133016]
"MskAgentexe"="c:\program files\McAfee\MSK\MskAgent.exe" [2007-01-17 152144]
"SiteAdvisor"="c:\program files\SiteAdvisor\6145\SiteAdv.exe" [2007-06-22 36640]
"McENUI"="c:\progra~1\McAfee\MHN\McENUI.exe" [2007-01-19 1082920]
"KMConfig"="c:\program files\Multimedia Keyboard Driver\V5\StartAutorun.exe" [2007-03-06 212992]
"NeroFilterCheck"="c:\program files\Common Files\Nero\Lib\NeroCheck.exe" [2007-03-01 153136]
"NBKeyScan"="c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2007-09-20 1836328]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-10-07 13574144]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-10-07 86016]
"Acrobat Assistant 7.0"="c:\program files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe" [2004-12-14 483328]
"nwiz"="nwiz.exe" [2008-10-07 c:\windows\system32\nwiz.exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"VisualTaskTips"="c:\program files\Utilities\VisualTaskTips\VisualTaskTips.exe" [2007-09-05 36352]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"nltide_2"="shell32" [X]
"nltide_3"="advpack.dll" [2008-03-01 c:\windows\system32\advpack.dll]

c:\documents and settings\Zegarek\Menu Start\Programy\Autostart\
Adobe Gamma.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-03-16 113664]

c:\documents and settings\All Users\Menu Start\Programy\Autostart\
Adobe Acrobat Speed Launcher.lnk - c:\windows\Installer\{AC76BA86-1033-C740-7760-100000000002}\SC_Acrobat.exe [2009-02-24 25214]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"SynchronousMachineGroupPolicy"= 0 (0x0)
"SynchronousUserGroupPolicy"= 0 (0x0)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoSMHelp"= 1 (0x1)
"NoSMConfigurePrograms"= 1 (0x1)
"NoResolveTrack"= 1 (0x1)

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoSMHelp"= 1 (0x1)
"NoSMConfigurePrograms"= 1 (0x1)
"NoResolveTrack"= 1 (0x1)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
"DisableUnicastResponsesToMulticastBroadcast"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"d:\\Gry\\Assassin's Creed\\AssassinsCreed_Dx9.exe"=
"d:\\Gry\\Assassin's Creed\\AssassinsCreed_Dx10.exe"=
"d:\\Gry\\Assassin's Creed\\AssassinsCreed_Launcher.exe"=
"d:\\Gry\\Gears of War\\Binaries\\WarGame-G4WLive.exe"=
"c:\\Program Files\\Rockstar Games\\Rockstar Games Social Club\\RGSCLauncher.exe"=
"d:\\Gry\\Rockstar Games\\Grand Theft Auto IV\\LaunchGTAIV.exe"=
"d:\\Gry\\Far Cry 2\\bin\\FarCry2.exe"=
"d:\\Gry\\Far Cry 2\\bin\\FC2Launcher.exe"=
"d:\\Gry\\Far Cry 2\\bin\\FC2Editor.exe"=
"d:\\Gry\\Call of Duty - World at War\\CoDWaWmp.exe"=
"d:\\Gry\\Call of Duty - World at War\\CoDWaW.exe"=
"c:\\Program Files\\Common Files\\McAfee\\MNA\\McNASvc.exe"=
"c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service

R1 vcdrom;Virtual CD-ROM Device Driver;c:\program files\System\CPL Bonus\vcdrom.sys [2009-02-05 8576]
R2 KMWDSERVICE;Keyboard And Mouse Communication Service;c:\program files\Multimedia Keyboard Driver\V5\KMWDSrv.exe [2007-05-08 2179072]
S3 leafnets;Leaf Networks Adapter;c:\windows\system32\drivers\leafnets.sys [2007-05-03 55296]
S3 WPRO_40_1123;WinPcap Packet Driver (WPRO_40_1123);c:\windows\system32\drivers\WPRO_40_1123.sys --> c:\windows\system32\drivers\WPRO_40_1123.sys [?]

--- Inne Usługi/Sterowniki w Pamięci ---

*NewlyCreated* - SRSERVICE
*NewlyCreated* - VCDROM

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\F]
\Shell\AutoRun\command - F:\a2h2.com
\Shell\open\Command - F:\a2h2.com

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{20c4279e-fd19-11dd-85d4-001cc0ae504c}]
\Shell\AutoRun\command - F:\a2h2.com
\Shell\open\Command - F:\a2h2.com

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8f5b9156-f490-11dd-b3bc-001cc0ae504c}]
\Shell\AutoRun\command - F:\a2h2.com
\Shell\open\Command - F:\a2h2.com

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8f5b9157-f490-11dd-b3bc-001cc0ae504c}]
\Shell\AutoRun\command - N:\a2h2.com
\Shell\open\Command - N:\a2h2.com
.
Zawartość folderu 'Zaplanowane zadania'

2009-02-15 c:\windows\Tasks\McDefragTask.job
- c:\program files\mcafee\mqc\QcConsol.exe [2007-01-17 19:02]

2009-02-15 c:\windows\Tasks\McQcTask.job
- c:\program files\mcafee\mqc\QcConsol.exe [2007-01-17 19:02]
.
- - - - USUNIĘTO PUSTE WPISY - - - -

HKCU-Run-cdoosoft - c:\windows\system32\olhrwef.exe
HKCU-Run-DAEMON Tools Pro Agent - c:\program files\DAEMON Tools Pro\DTProAgent.exe


.
------- Skan uzupełniający -------
.
uStart Page = hxxp://www.google.com/
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uSearchURL,(Default) = hxxp://www.google.com/keyword/%s
IE: Konwertuj do Adobe PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Konwertuj do istniejącego pliku PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Konwertuj miejsce docelowe łącza do Adobe PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Konwertuj miejsce docelowe łącza do istniejącego pliku PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Konwertuj wybrane łącza do Adobe PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Konwertuj wybrane łącza do istniejącego pliku PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Konwertuj zaznaczenie do Adobe PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Konwertuj zaznaczenie do istniejącego pliku PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
Trusted Zone: google.com\mail
.

**************************************************************************

catchme 0.3.1375 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-04-08 23:06:54
Windows 5.1.2600 Dodatek Service Pack 3 NTFS

skanowanie ukrytych procesów ...

skanowanie ukrytych wpisów autostartu ...

skanowanie ukrytych plików ...

skanowanie pomyślnie ukończone
ukryte pliki: 0

**************************************************************************
.
--------------------- ZABLOKOWANE KLUCZE REJESTRU ---------------------

[HKEY_USERS\S-1-5-21-1614895754-1275210071-1417001333-1001\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:8b,d4,a0,f3,07,67,b4,a5,62,d0,86,66,47,d1,e4,d7,84,26,9c,d4,ca,8b,f6,
83,d9,38,54,5e,ff,f1,0a,72,91,b9,bc,af,a7,96,6a,16,bc,d9,c9,cc,fd,e9,9f,7e,\
"??"=hex:47,94,75,25,09,af,3a,d8,33,b4,ea,cc,85,69,01,22

[HKEY_USERS\S-1-5-21-1614895754-1275210071-1417001333-1001\Software\SecuROM\License information*]
"datasecu"=hex:84,ac,ce,7c,6a,93,19,81,67,4e,78,40,aa,c2,0e,e5,57,d4,3a,89,52,
a9,b2,ef,86,74,1d,de,66,85,84,b2,69,03,ec,46,9c,72,9f,d0,30,96,e5,91,fc,02,\
"rkeysecu"=hex:2f,0f,d5,3e,02,2b,06,63,b1,0b,dd,b6,71,e2,54,98
.
--------------------- Pliki DLL ładowane pod uruchomionymi procesami ---------------------

- - - - - - - > 'winlogon.exe'(784)
c:\windows\system32\SETUPAPI.dll
c:\windows\system32\sfc_os.dll
c:\windows\system32\cscui.dll

- - - - - - - > 'lsass.exe'(840)
c:\windows\system32\setupapi.dll
c:\windows\system32\scecli.dll
.
Czas ukończenia: 2009-04-08 23:07:37
ComboFix-quarantined-files.txt 2009-04-08 21:07:35

Przed: 59 729 063 936 bajtów wolnych
Po: 60,569,219,072 bajtów wolnych

222

i z Hijack This

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:29:46, on 2009-04-08
Platform: Windows XP Dodatek SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Multimedia Keyboard Driver\V5\KMWDSrv.exe
C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\program files\common files\mcafee\mna\mcnasvc.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\PROGRA~1\McAfee\MPS\mps.exe
C:\Program Files\McAfee\MSK\MskSrver.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\Program Files\McAfee\MPS\mpsevh.exe
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\SiteAdvisor\6145\SAService.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\McAfee\MSK\MskAgent.exe
C:\Program Files\SiteAdvisor\6145\SiteAdv.exe
C:\Program Files\Multimedia Keyboard Driver\V5\StartAutorun.exe
C:\Program Files\Multimedia Keyboard Driver\V5\KMConfig.exe
C:\Program Files\Multimedia Keyboard Driver\V5\KMProcess.exe
C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe
C:\Program Files\Utilities\VisualTaskTips\VisualTaskTips.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\PROGRA~1\MICROS~3\rapimgr.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
c:\program files\mcafee\msc\mcuimgr.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=74005
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6145\SiteAdv.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\program files\mcafee\virusscan\scriptcl.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6145\SiteAdv.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [MskAgentexe] C:\Program Files\McAfee\MSK\MskAgent.exe
O4 - HKLM\..\Run: [SiteAdvisor] C:\Program Files\SiteAdvisor\6145\SiteAdv.exe
O4 - HKLM\..\Run: [McENUI] C:\PROGRA~1\McAfee\MHN\McENUI.exe /hide
O4 - HKLM\..\Run: [KMConfig] "C:\Program Files\Multimedia Keyboard Driver\V5\StartAutorun.exe" KMConfig.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"
O4 - HKCU\..\Run: [VisualTaskTips] C:\Program Files\Utilities\VisualTaskTips\VisualTaskTips.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [RGSC] C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [cdoosoft] C:\WINDOWS\system32\olhrwef.exe
O4 - HKUS\S-1-5-18\..\Run: [VisualTaskTips] C:\Program Files\Utilities\VisualTaskTips\VisualTaskTips.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [VisualTaskTips] C:\Program Files\Utilities\VisualTaskTips\VisualTaskTips.exe (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ?
O8 - Extra context menu item: Konwertuj do Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Konwertuj do istniejącego pliku PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Konwertuj miejsce docelowe łącza do Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Konwertuj miejsce docelowe łącza do istniejącego pliku PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Konwertuj wybrane łącza do Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Konwertuj wybrane łącza do istniejącego pliku PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Konwertuj zaznaczenie do Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Konwertuj zaznaczenie do istniejącego pliku PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: CiSvc - Unknown owner - C:\WINDOWS\system32\cisvc.exe (file missing)
O23 - Service: McAfee E-mail Proxy (Emproxy) - McAfee, Inc. - C:\PROGRA~1\COMMON~1\McAfee\EmProxy\emproxy.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Keyboard And Mouse Communication Service (KMWDSERVICE) - UASSOFT.COM - C:\Program Files\Multimedia Keyboard Driver\V5\KMWDSrv.exe
O23 - Service: McAfee HackerWatch Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe
O23 - Service: McAfee Update Manager (mcmispupdmgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Protection Manager (mcpromgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Redirector Service (McRedirector) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee Privacy Service (MPS9) - McAfee, Inc. - C:\PROGRA~1\McAfee\MPS\mps.exe
O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SiteAdvisor Service - Unknown owner - C:\Program Files\SiteAdvisor\6145\SAService.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe

--
End of file - 10427 bytes

Czy cos z tych logow wynika?

[Okocza]

michcio141, popraw tagi na logach

[michcio141]

dobra, przyznaje sie ze nie wiem jak...

[wojtas]

hijackthis-silent-runners-regulamin-tego-dzialu-vt9452.html