Zrobiłem wszytko tak jak było napisane a to logi:
ComboFix 08-01-11.3 - Radek 2008-01-12 20:51:25.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1250.1.1045.18.600 [GMT 1:00]
Running from: C:\Documents and Settings\Radek\Pulpit\ComboFix.exe
* Created a new restore point
.
((((((((((((((((((((((((( Files Created from 2007-12-12 to 2008-01-12 )))))))))))))))))))))))))))))))
.
2008-01-12 20:39 . 2000-08-31 08:00 51,200 --a------ C:\WINDOWS\NirCmd.exe
2008-01-12 20:32 . 2008-01-12 20:32 <DIR> d-------- C:\Program Files\AskTBar
2008-01-12 18:20 . 2008-01-12 18:20 <DIR> d-------- C:\Program Files\Trend Micro
2008-01-07 15:59 . 2008-01-07 15:59 <DIR> d-------- C:\Documents and Settings\ania\Dane aplikacji\PCToolsFirewallPlus
2008-01-04 22:37 . 2008-01-04 22:38 <DIR> d-------- C:\Documents and Settings\Radek\Dane aplikacji\PCToolsFirewallPlus
2008-01-04 22:31 . 2008-01-04 22:37 <DIR> d-------- C:\Program Files\PC Tools Firewall Plus
2008-01-04 22:31 . 2008-01-04 22:31 <DIR> d-------- C:\Program Files\Common Files\PC Tools
2008-01-04 22:31 . 2007-11-09 16:00 209,816 --a------ C:\WINDOWS\system32\drivers\pctfw2.sys
2008-01-04 22:31 . 2007-11-02 09:15 120,832 --a------ C:\WINDOWS\system32\drivers\pctfw.sys
2008-01-04 22:31 . 2008-01-04 23:01 74,240 --a------ C:\WINDOWS\system32\drivers\iksyssec.sys
2008-01-04 22:31 . 2008-01-04 23:01 56,832 --a------ C:\WINDOWS\system32\drivers\iksysflt.sys
2008-01-04 22:31 . 2007-10-18 00:14 41,288 --a------ C:\WINDOWS\system32\drivers\ikfilesec.sys
2008-01-04 22:31 . 2007-11-09 16:00 40,856 --a------ C:\WINDOWS\system32\drivers\pctmp.sys
2008-01-04 22:31 . 2007-10-18 00:16 29,000 --a------ C:\WINDOWS\system32\drivers\kcom.sys
2008-01-04 22:31 . 2007-11-09 16:00 18,328 --a------ C:\WINDOWS\system32\drivers\pctssipc.sys
2008-01-04 22:30 . 2008-01-11 12:03 <DIR> d-------- C:\Program Files\Spyware Doctor
2008-01-04 21:32 . 2008-01-04 22:12 <DIR> d-------- C:\Documents and Settings\Radek\.housecall6.6
2007-12-27 11:24 . 2007-12-27 11:24 <DIR> d-------- C:\Program Files\DAEMON Tools
2007-12-26 21:13 . 2007-12-26 21:14 <DIR> d-------- C:\Program Files\SNESrompackPL
2007-12-26 20:49 . 2007-12-26 20:49 <DIR> d-------- C:\Program Files\SNES_Rompack__0-9_
2007-12-20 12:57 . 2007-12-20 12:57 <DIR> d-------- C:\Documents and Settings\ania\Dane aplikacji\Teleca
2007-12-20 12:57 . 2007-12-20 12:57 <DIR> d-------- C:\Documents and Settings\ania\Dane aplikacji\Sony Ericsson
2007-12-20 11:47 . 2007-12-20 11:47 <DIR> d-------- C:\Documents and Settings\All Users\Dane aplikacji\My Pictures
2007-12-20 00:28 . 2001-10-26 17:05 17,920 --a------ C:\WINDOWS\system32\drivers\sermouse.sys
2007-12-20 00:28 . 2001-10-26 17:05 17,920 --a--c--- C:\WINDOWS\system32\dllcache\sermouse.sys
2007-12-20 00:15 . 2007-12-20 00:15 <DIR> d-------- C:\Documents and Settings\Radek\Dane aplikacji\Teleca
2007-12-20 00:13 . 2007-12-20 11:48 <DIR> d-------- C:\Program Files\Common Files\Teleca Shared
2007-12-20 00:13 . 2007-12-20 00:13 <DIR> d-------- C:\Program Files\Common Files\Sony Ericsson Shared
2007-12-20 00:13 . 2007-12-20 00:13 <DIR> d-------- C:\Documents and Settings\Radek\Dane aplikacji\Sony Ericsson
2007-12-20 00:12 . 2007-12-20 00:12 <DIR> d-------- C:\Documents and Settings\All Users\Dane aplikacji\Teleca
2007-12-19 19:55 . 2007-12-19 19:55 23,392 --a------ C:\WINDOWS\system32\nscompat.tlb
2007-12-19 19:55 . 2007-12-19 19:55 16,832 --a------ C:\WINDOWS\system32\amcompat.tlb
2007-12-19 18:37 . 2005-07-12 14:12 86,016 --a------ C:\WINDOWS\removeark.exe
2007-12-19 18:37 . 2005-08-12 11:40 28,864 --a------ C:\WINDOWS\system32\drivers\usb2vcom.sys
2007-12-19 12:56 . 2007-12-19 12:56 <DIR> d-------- C:\Documents and Settings\Radek\Dane aplikacji\AdobeAUM
2007-12-19 12:51 . 2007-12-20 00:13 <DIR> d-------- C:\Program Files\Sony Ericsson
2007-12-19 12:51 . 2007-12-20 00:13 <DIR> d-------- C:\Documents and Settings\All Users\Dane aplikacji\Sony Ericsson
2007-12-16 19:12 . 2007-12-16 19:12 8,192 --a------ C:\WINDOWS\d3dx.dat
2007-12-15 17:51 . 2007-12-16 18:52 <DIR> d-------- C:\Documents and Settings\Radek\Dane aplikacji\DAEMON Tools
2007-12-14 15:55 . 2007-12-14 15:55 <DIR> d-------- C:\Program Files\CeWe Color
2007-12-12 19:17 . 2007-12-12 19:17 <DIR> d-------- C:\Documents and Settings\ania\Dane aplikacji\Ulead Systems
2007-12-12 18:30 . 2007-12-12 18:34 <DIR> d-------- C:\Documents and Settings\Radek\Dane aplikacji\Ulead Systems
2007-12-12 18:22 . 2007-12-12 18:22 <DIR> d-------- C:\Program Files\Common Files\InterVideo
2007-12-12 18:22 . 2007-12-12 18:22 <DIR> d-------- C:\Documents and Settings\All Users\Dane aplikacji\InterVideo
2007-12-12 18:22 . 2007-03-27 19:56 210,456 --a------ C:\WINDOWS\system32\IVIresizeW7.dll
2007-12-12 18:22 . 2007-03-27 19:56 206,360 --a------ C:\WINDOWS\system32\IVIresizeA6.dll
2007-12-12 18:22 . 2007-03-27 19:56 198,168 --a------ C:\WINDOWS\system32\IVIresizeP6.dll
2007-12-12 18:22 . 2007-03-27 19:56 198,168 --a------ C:\WINDOWS\system32\IVIresizeM6.dll
2007-12-12 18:22 . 2007-03-27 19:56 194,072 --a------ C:\WINDOWS\system32\IVIresizePX.dll
2007-12-12 18:22 . 2007-03-27 19:56 26,136 --a------ C:\WINDOWS\system32\IVIresize.dll
2007-12-12 18:21 . 2007-12-12 18:21 <DIR> d-------- C:\Program Files\Windows Media Components
2007-12-12 18:21 . 2007-12-12 18:21 <DIR> d-------- C:\Program Files\Common Files\Ulead Systems
2007-12-12 18:21 . 2007-12-12 18:30 <DIR> d-------- C:\Documents and Settings\All Users\Dane aplikacji\Ulead Systems
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-01-12 19:44 --------- d---a-w C:\Documents and Settings\All Users\Dane aplikacji\TEMP
2008-01-12 19:33 --------- d-----w C:\Documents and Settings\Radek\Dane aplikacji\uTorrent
2008-01-12 11:35 --------- d-----w C:\Documents and Settings\ania\Dane aplikacji\Skype
2008-01-09 19:36 --------- d-----w C:\Program Files\Last.fm
2008-01-04 21:30 --------- d-----w C:\Documents and Settings\Radek\Dane aplikacji\PC Tools
2007-12-24 21:19 --------- d--h--w C:\Program Files\InstallShield Installation Information
2007-12-19 18:49 --------- d-----w C:\Program Files\Common Files\Adobe
2007-12-19 18:14 --------- d-----w C:\Program Files\Skype
2007-12-19 12:03 --------- d-----w C:\Documents and Settings\Radek\Dane aplikacji\AdobeUM
2007-12-15 16:46 715,248 ----a-w C:\WINDOWS\system32\drivers\sptd.sys
2007-12-11 20:43 53,248 ----a-w C:\WINDOWS\system32\unrar.dll
2007-12-07 19:46 --------- d-----w C:\Documents and Settings\Radek\Dane aplikacji\ABBYY
2007-12-04 14:56 93,264 ----a-w C:\WINDOWS\system32\drivers\aswmon.sys
2007-12-04 14:55 94,544 ----a-w C:\WINDOWS\system32\drivers\aswmon2.sys
2007-12-04 14:53 23,152 ----a-w C:\WINDOWS\system32\drivers\aswRdr.sys
2007-12-04 14:51 42,912 ----a-w C:\WINDOWS\system32\drivers\aswTdi.sys
2007-12-04 14:49 26,624 ----a-w C:\WINDOWS\system32\drivers\aavmker4.sys
2007-12-04 13:04 837,496 ----a-w C:\WINDOWS\system32\aswBoot.exe
2007-12-04 12:54 95,608 ----a-w C:\WINDOWS\system32\AVASTSS.scr
2007-12-02 22:23 --------- d-----w C:\Documents and Settings\Radek\Dane aplikacji\Tlen.pl
2007-11-29 16:44 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\Adobe Systems
2007-11-29 16:37 --------- d-----w C:\Program Files\Common Files\Adobe Systems Shared
2007-11-29 10:59 --------- d-----w C:\Documents and Settings\Radek\Dane aplikacji\gtk-2.0
2007-11-28 17:09 --------- d-----w C:\Program Files\Softland
2007-11-26 14:52 --------- d-----w C:\Program Files\Grupa IMAGE
2007-11-23 20:20 --------- d-----w C:\Documents and Settings\Radek\Dane aplikacji\DAEMON Tools Pro
2007-11-23 13:43 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\Tages
2007-11-16 22:22 --------- d-----w C:\Documents and Settings\Radek\Dane aplikacji\TrueCrypt
2007-11-13 10:25 20,480 ----a-w C:\WINDOWS\system32\drivers\secdrv.sys
2007-11-07 09:29 723,968 ----a-w C:\WINDOWS\system32\lsasrv.dll
2007-10-31 19:50 724,992 ----a-w C:\WINDOWS\iun6002.exe
2007-10-31 17:56 1 ----a-w C:\Documents and Settings\ania\SI.bin
2007-10-29 22:44 1,291,264 ----a-w C:\WINDOWS\system32\quartz.dll
2007-10-25 08:28 222,720 ----a-w C:\WINDOWS\system32\wmasf.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\PowerPoint]
@={B9CE503D-03F8-4161-A8A6-C912ADFCF2D4}
[HKEY_CLASSES_ROOT\CLSID\{B9CE503D-03F8-4161-A8A6-C912ADFCF2D4}]
C:\WINDOWS\System32\java52e.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-03 23:44 15360]
"PCTAVApp"="C:\Inter\PC Tools AntiVirus\PCTAV.exe" [ ]
"Komunikator"="E:\Program Files\Tlen.pl\tlen.exe" [2007-11-07 15:33 6234624]
"AlcoholAutomount"="E:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" [ ]
"DAEMON Tools Lite"="C:\Program Files\DAEMON Tools\daemon.exe" [2007-12-19 21:13 486856]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"="SOUNDMAN.EXE" [2006-06-20 22:42 577536 C:\WINDOWS\soundman.exe]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-06-24 21:08 8466432]
"nwiz"="nwiz.exe" [2007-06-24 21:08 1626112 C:\WINDOWS\system32\nwiz.exe]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2007-06-24 21:08 81920]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11 132496]
"WinampAgent"="C:\Program Files\Winamp\winampa.exe" [2007-05-19 10:39 35328]
"avast!"="E:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-12-04 14:00 79224]
"UVS11 Preload"="E:\Program Files\Ulead Systems\Ulead VideoStudio 11\uvPL.exe" [2007-09-12 12:17 340136]
"Adobe Photo Downloader"="E:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" [ ]
"Sony Ericsson PC Suite"="C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" [2007-06-13 08:16 528384]
"Anti-Blaxx Manager"="E:\Program Files\Anti-Blaxx 1.18\Anti-Blaxx.exe" [2005-10-26 16:35 225280]
"SDTray"="C:\Program Files\Spyware Doctor\SDTrayApp.exe" [2007-11-02 17:24 1065800]
"00PCTFW"="C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe" [2007-11-09 16:00 2598808]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-03 23:44 15360]
"Picasa Media Detector"="E:\Program Files\Picasa2\PicasaMediaDetector.exe" [ ]
C:\Documents and Settings\Radek\Menu Start\Programy\Autostart\
Last.fm Helper.lnk - C:\Program Files\Last.fm\LastFMHelper.exe [2007-09-03 22:12:49]
PowerReg Scheduler V3.exe [2007-10-24 09:52:55]
R1 pctfw2;pctfw2;C:\WINDOWS\system32\drivers\pctfw2.sys [2007-11-09 16:00]
R1 pctmp;PC Tools Firewall Memory Protection Driver;C:\WINDOWS\system32\drivers\pctmp.sys [2007-11-09 16:00]
R1 pctssipc;PC Tools Security Suite IPC Driver;C:\WINDOWS\system32\drivers\pctssipc.sys [2007-11-09 16:00]
S2 NetCM;Network Connection Manager;C:\Program Files\Common Files\Microsoft Shared\Speech\svchost.exe [2002-01-04 00:49]
S3 Amps2prt;A4Tech PS/2 Port Mouse Driver;C:\WINDOWS\system32\DRIVERS\Amps2prt.sys [2004-03-31 19:03]
S3 usb2vcom;USB to Serial Bridge Controller;C:\WINDOWS\system32\Drivers\usb2vcom.sys [2005-08-12 11:40]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c8f3a1c6-2fac-11dc-a31f-e532fbd222bb}]
\Shell\AutoRun\command - F:\autorun.exe
*Newly Created Service* - PROCEXP90
.
**************************************************************************
catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-01-12 20:53:23
Windows 5.1.2600 Dodatek Service Pack 2 NTFS
detected NTDLL code modification:
ZwClose
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2008-01-12 20:54:10
.
2008-01-09 11:56:43 --- E O F ---
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:57:41, on 2008-01-12
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\PC Tools Firewall Plus\FWService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
E:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
E:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Winamp\winampa.exe
E:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
E:\Program Files\Anti-Blaxx 1.18\Anti-Blaxx.exe
C:\Program Files\Spyware Doctor\SDTrayApp.exe
C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Last.fm\LastFMHelper.exe
C:\Program Files\Common Files\Teleca Shared\Generic.exe
C:\Program Files\Sony Ericsson\Mobile\Mobile Phone Monitor\epmworker.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Spyware Doctor\svcntaux.exe
C:\Program Files\Spyware Doctor\swdsvc.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
E:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
E:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.daemon-search.com/startpage
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
R3 - URLSearchHook: (no name) - {9CB65206-89C4-402c-BA80-02D8C59F9B1D} - C:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Ask Search Assistant BHO - {9CB65201-89C4-402c-BA80-02D8C59F9B1D} - C:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [avast!] E:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [UVS11 Preload] E:\Program Files\Ulead Systems\Ulead VideoStudio 11\uvPL.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "E:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [Anti-Blaxx Manager] E:\Program Files\Anti-Blaxx 1.18\Anti-Blaxx.exe
O4 - HKLM\..\Run: [SDTray] "C:\Program Files\Spyware Doctor\SDTrayApp.exe"
O4 - HKLM\..\Run: [00PCTFW] "C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe" -s
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [PCTAVApp] "C:\Inter\PC Tools AntiVirus\PCTAV.exe" /MONITORSCAN
O4 - HKCU\..\Run: [Komunikator] E:\Program Files\Tlen.pl\tlen.exe
O4 - HKCU\..\Run: [AlcoholAutomount] "E:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools\daemon.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA LOKALNA')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA SIECIOWA')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Last.fm Helper.lnk = C:\Program Files\Last.fm\LastFMHelper.exe
O4 - Startup: PowerReg Scheduler V3.exe
O4 - Startup: Registration THE SETTLERS - Heritage of Kings.LNK = E:\Program Files\Ubisoft\Blue Byte\THE SETTLERS - Heritage of Kings\Support\Register\RegistrationReminder.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://E:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - E:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - E:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - E:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - E:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Capture Device Service - InterVideo Inc. - C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PC Tools Firewall Plus (PCToolsFirewallPlus) - PC Tools - C:\Program Files\PC Tools Firewall Plus\FWService.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\svcntaux.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: Usługa udostępniania w sieci programu Windows Media Player (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\WMPNetwk.exe (file missing)
--
End of file - 7507 bytes
[ Dodano: Dzisiaj o 23:24 ] Przepraszam zauważyłem jaki błąd popełniłem przy przywracaniu systemu ^^ oto poprawne jak mi się wydaje logi:
ComboFix 08-01-11.3 - Radek 2008-01-12 23:17:10.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1250.48.1045.18.548 [GMT 1:00]
Running from: C:\Documents and Settings\Radek\Pulpit\ComboFix.exe
.
((((((((((((((((((((((((( Files Created from 2007-12-12 to 2008-01-12 )))))))))))))))))))))))))))))))
.
2008-01-12 20:39 . 2000-08-31 08:00 51,200 --a------ C:\WINDOWS\NirCmd.exe
2008-01-12 20:32 . 2008-01-12 20:32 <DIR> d-------- C:\Program Files\AskTBar
2008-01-12 18:20 . 2008-01-12 18:20 <DIR> d-------- C:\Program Files\Trend Micro
2008-01-07 15:59 . 2008-01-07 15:59 <DIR> d-------- C:\Documents and Settings\ania\Dane aplikacji\PCToolsFirewallPlus
2008-01-04 22:37 . 2008-01-04 22:38 <DIR> d-------- C:\Documents and Settings\Radek\Dane aplikacji\PCToolsFirewallPlus
2008-01-04 22:31 . 2008-01-04 22:37 <DIR> d-------- C:\Program Files\PC Tools Firewall Plus
2008-01-04 22:31 . 2008-01-04 22:31 <DIR> d-------- C:\Program Files\Common Files\PC Tools
2008-01-04 22:31 . 2007-11-09 16:00 209,816 --a------ C:\WINDOWS\system32\drivers\pctfw2.sys
2008-01-04 22:31 . 2007-11-02 09:15 120,832 --a------ C:\WINDOWS\system32\drivers\pctfw.sys
2008-01-04 22:31 . 2008-01-04 23:01 74,240 --a------ C:\WINDOWS\system32\drivers\iksyssec.sys
2008-01-04 22:31 . 2008-01-04 23:01 56,832 --a------ C:\WINDOWS\system32\drivers\iksysflt.sys
2008-01-04 22:31 . 2007-10-18 00:14 41,288 --a------ C:\WINDOWS\system32\drivers\ikfilesec.sys
2008-01-04 22:31 . 2007-11-09 16:00 40,856 --a------ C:\WINDOWS\system32\drivers\pctmp.sys
2008-01-04 22:31 . 2007-10-18 00:16 29,000 --a------ C:\WINDOWS\system32\drivers\kcom.sys
2008-01-04 22:31 . 2007-11-09 16:00 18,328 --a------ C:\WINDOWS\system32\drivers\pctssipc.sys
2008-01-04 22:30 . 2008-01-11 12:03 <DIR> d-------- C:\Program Files\Spyware Doctor
2008-01-04 21:32 . 2008-01-04 22:12 <DIR> d-------- C:\Documents and Settings\Radek\.housecall6.6
2007-12-27 11:24 . 2007-12-27 11:24 <DIR> d-------- C:\Program Files\DAEMON Tools
2007-12-26 21:13 . 2007-12-26 21:14 <DIR> d-------- C:\Program Files\SNESrompackPL
2007-12-26 20:49 . 2007-12-26 20:49 <DIR> d-------- C:\Program Files\SNES_Rompack__0-9_
2007-12-20 12:57 . 2007-12-20 12:57 <DIR> d-------- C:\Documents and Settings\ania\Dane aplikacji\Teleca
2007-12-20 12:57 . 2007-12-20 12:57 <DIR> d-------- C:\Documents and Settings\ania\Dane aplikacji\Sony Ericsson
2007-12-20 11:47 . 2007-12-20 11:47 <DIR> d-------- C:\Documents and Settings\All Users\Dane aplikacji\My Pictures
2007-12-20 00:28 . 2001-10-26 17:05 17,920 --a------ C:\WINDOWS\system32\drivers\sermouse.sys
2007-12-20 00:28 . 2001-10-26 17:05 17,920 --a--c--- C:\WINDOWS\system32\dllcache\sermouse.sys
2007-12-20 00:15 . 2007-12-20 00:15 <DIR> d-------- C:\Documents and Settings\Radek\Dane aplikacji\Teleca
2007-12-20 00:13 . 2007-12-20 11:48 <DIR> d-------- C:\Program Files\Common Files\Teleca Shared
2007-12-20 00:13 . 2007-12-20 00:13 <DIR> d-------- C:\Program Files\Common Files\Sony Ericsson Shared
2007-12-20 00:13 . 2007-12-20 00:13 <DIR> d-------- C:\Documents and Settings\Radek\Dane aplikacji\Sony Ericsson
2007-12-20 00:12 . 2007-12-20 00:12 <DIR> d-------- C:\Documents and Settings\All Users\Dane aplikacji\Teleca
2007-12-19 19:55 . 2007-12-19 19:55 23,392 --a------ C:\WINDOWS\system32\nscompat.tlb
2007-12-19 19:55 . 2007-12-19 19:55 16,832 --a------ C:\WINDOWS\system32\amcompat.tlb
2007-12-19 18:37 . 2005-07-12 14:12 86,016 --a------ C:\WINDOWS\removeark.exe
2007-12-19 18:37 . 2005-08-12 11:40 28,864 --a------ C:\WINDOWS\system32\drivers\usb2vcom.sys
2007-12-19 12:56 . 2007-12-19 12:56 <DIR> d-------- C:\Documents and Settings\Radek\Dane aplikacji\AdobeAUM
2007-12-19 12:51 . 2007-12-20 00:13 <DIR> d-------- C:\Program Files\Sony Ericsson
2007-12-19 12:51 . 2007-12-20 00:13 <DIR> d-------- C:\Documents and Settings\All Users\Dane aplikacji\Sony Ericsson
2007-12-16 19:12 . 2007-12-16 19:12 8,192 --a------ C:\WINDOWS\d3dx.dat
2007-12-15 17:51 . 2007-12-16 18:52 <DIR> d-------- C:\Documents and Settings\Radek\Dane aplikacji\DAEMON Tools
2007-12-14 15:55 . 2007-12-14 15:55 <DIR> d-------- C:\Program Files\CeWe Color
2007-12-12 19:17 . 2007-12-12 19:17 <DIR> d-------- C:\Documents and Settings\ania\Dane aplikacji\Ulead Systems
2007-12-12 18:30 . 2007-12-12 18:34 <DIR> d-------- C:\Documents and Settings\Radek\Dane aplikacji\Ulead Systems
2007-12-12 18:22 . 2007-12-12 18:22 <DIR> d-------- C:\Program Files\Common Files\InterVideo
2007-12-12 18:22 . 2007-12-12 18:22 <DIR> d-------- C:\Documents and Settings\All Users\Dane aplikacji\InterVideo
2007-12-12 18:22 . 2007-03-27 19:56 210,456 --a------ C:\WINDOWS\system32\IVIresizeW7.dll
2007-12-12 18:22 . 2007-03-27 19:56 206,360 --a------ C:\WINDOWS\system32\IVIresizeA6.dll
2007-12-12 18:22 . 2007-03-27 19:56 198,168 --a------ C:\WINDOWS\system32\IVIresizeP6.dll
2007-12-12 18:22 . 2007-03-27 19:56 198,168 --a------ C:\WINDOWS\system32\IVIresizeM6.dll
2007-12-12 18:22 . 2007-03-27 19:56 194,072 --a------ C:\WINDOWS\system32\IVIresizePX.dll
2007-12-12 18:22 . 2007-03-27 19:56 26,136 --a------ C:\WINDOWS\system32\IVIresize.dll
2007-12-12 18:21 . 2007-12-12 18:21 <DIR> d-------- C:\Program Files\Windows Media Components
2007-12-12 18:21 . 2007-12-12 18:21 <DIR> d-------- C:\Program Files\Common Files\Ulead Systems
2007-12-12 18:21 . 2007-12-12 18:30 <DIR> d-------- C:\Documents and Settings\All Users\Dane aplikacji\Ulead Systems
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-01-12 22:15 --------- d---a-w C:\Documents and Settings\All Users\Dane aplikacji\TEMP
2008-01-12 21:57 --------- d-----w C:\Documents and Settings\Radek\Dane aplikacji\uTorrent
2008-01-12 11:35 --------- d-----w C:\Documents and Settings\ania\Dane aplikacji\Skype
2008-01-09 19:36 --------- d-----w C:\Program Files\Last.fm
2008-01-04 21:30 --------- d-----w C:\Documents and Settings\Radek\Dane aplikacji\PC Tools
2007-12-24 21:19 --------- d--h--w C:\Program Files\InstallShield Installation Information
2007-12-19 18:49 --------- d-----w C:\Program Files\Common Files\Adobe
2007-12-19 18:14 --------- d-----w C:\Program Files\Skype
2007-12-19 12:03 --------- d-----w C:\Documents and Settings\Radek\Dane aplikacji\AdobeUM
2007-12-15 16:46 715,248 ----a-w C:\WINDOWS\system32\drivers\sptd.sys
2007-12-11 20:43 53,248 ----a-w C:\WINDOWS\system32\unrar.dll
2007-12-07 19:46 --------- d-----w C:\Documents and Settings\Radek\Dane aplikacji\ABBYY
2007-12-04 14:56 93,264 ----a-w C:\WINDOWS\system32\drivers\aswmon.sys
2007-12-04 14:55 94,544 ----a-w C:\WINDOWS\system32\drivers\aswmon2.sys
2007-12-04 14:53 23,152 ----a-w C:\WINDOWS\system32\drivers\aswRdr.sys
2007-12-04 14:51 42,912 ----a-w C:\WINDOWS\system32\drivers\aswTdi.sys
2007-12-04 14:49 26,624 ----a-w C:\WINDOWS\system32\drivers\aavmker4.sys
2007-12-04 13:04 837,496 ----a-w C:\WINDOWS\system32\aswBoot.exe
2007-12-04 12:54 95,608 ----a-w C:\WINDOWS\system32\AVASTSS.scr
2007-12-02 22:23 --------- d-----w C:\Documents and Settings\Radek\Dane aplikacji\Tlen.pl
2007-11-29 16:44 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\Adobe Systems
2007-11-29 16:37 --------- d-----w C:\Program Files\Common Files\Adobe Systems Shared
2007-11-29 10:59 --------- d-----w C:\Documents and Settings\Radek\Dane aplikacji\gtk-2.0
2007-11-28 17:09 --------- d-----w C:\Program Files\Softland
2007-11-26 14:52 --------- d-----w C:\Program Files\Grupa IMAGE
2007-11-23 20:20 --------- d-----w C:\Documents and Settings\Radek\Dane aplikacji\DAEMON Tools Pro
2007-11-23 13:43 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\Tages
2007-11-16 22:22 --------- d-----w C:\Documents and Settings\Radek\Dane aplikacji\TrueCrypt
2007-11-13 10:25 20,480 ----a-w C:\WINDOWS\system32\drivers\secdrv.sys
2007-11-07 09:29 723,968 ----a-w C:\WINDOWS\system32\lsasrv.dll
2007-10-31 19:50 724,992 ----a-w C:\WINDOWS\iun6002.exe
2007-10-31 17:56 1 ----a-w C:\Documents and Settings\ania\SI.bin
2007-10-29 22:44 1,291,264 ----a-w C:\WINDOWS\system32\quartz.dll
2007-10-25 08:28 222,720 ----a-w C:\WINDOWS\system32\wmasf.dll
.
((((((((((((((((((((((((((((( snapshot@2008-01-12_20.53.37.82 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-01-12 22:14:43 16,384 ----atw C:\WINDOWS\Temp\Perflib_Perfdata_7c4.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\PowerPoint]
@={B9CE503D-03F8-4161-A8A6-C912ADFCF2D4}
[HKEY_CLASSES_ROOT\CLSID\{B9CE503D-03F8-4161-A8A6-C912ADFCF2D4}]
C:\WINDOWS\System32\java52e.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-03 23:44 15360]
"PCTAVApp"="C:\Inter\PC Tools AntiVirus\PCTAV.exe" [ ]
"Komunikator"="E:\Program Files\Tlen.pl\tlen.exe" [2007-11-07 15:33 6234624]
"AlcoholAutomount"="E:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" [ ]
"DAEMON Tools Lite"="C:\Program Files\DAEMON Tools\daemon.exe" [2007-12-19 21:13 486856]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"="SOUNDMAN.EXE" [2006-06-20 22:42 577536 C:\WINDOWS\soundman.exe]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-06-24 21:08 8466432]
"nwiz"="nwiz.exe" [2007-06-24 21:08 1626112 C:\WINDOWS\system32\nwiz.exe]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2007-06-24 21:08 81920]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11 132496]
"WinampAgent"="C:\Program Files\Winamp\winampa.exe" [2007-05-19 10:39 35328]
"avast!"="E:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-12-04 14:00 79224]
"UVS11 Preload"="E:\Program Files\Ulead Systems\Ulead VideoStudio 11\uvPL.exe" [2007-09-12 12:17 340136]
"Adobe Photo Downloader"="E:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" [ ]
"Sony Ericsson PC Suite"="C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" [2007-06-13 08:16 528384]
"Anti-Blaxx Manager"="E:\Program Files\Anti-Blaxx 1.18\Anti-Blaxx.exe" [2005-10-26 16:35 225280]
"SDTray"="C:\Program Files\Spyware Doctor\SDTrayApp.exe" [2007-11-02 17:24 1065800]
"00PCTFW"="C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe" [2007-11-09 16:00 2598808]
"MSConfig"="C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe" [2004-08-03 23:44 159744]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-03 23:44 15360]
"Picasa Media Detector"="E:\Program Files\Picasa2\PicasaMediaDetector.exe" [ ]
C:\Documents and Settings\Radek\Menu Start\Programy\Autostart\
Last.fm Helper.lnk - C:\Program Files\Last.fm\LastFMHelper.exe [2007-09-03 22:12:49]
R1 pctfw2;pctfw2;C:\WINDOWS\system32\drivers\pctfw2.sys [2007-11-09 16:00]
R1 pctmp;PC Tools Firewall Memory Protection Driver;C:\WINDOWS\system32\drivers\pctmp.sys [2007-11-09 16:00]
R1 pctssipc;PC Tools Security Suite IPC Driver;C:\WINDOWS\system32\drivers\pctssipc.sys [2007-11-09 16:00]
S2 NetCM;Network Connection Manager;C:\Program Files\Common Files\Microsoft Shared\Speech\svchost.exe [2002-01-04 00:49]
S3 Amps2prt;A4Tech PS/2 Port Mouse Driver;C:\WINDOWS\system32\DRIVERS\Amps2prt.sys [2004-03-31 19:03]
S3 usb2vcom;USB to Serial Bridge Controller;C:\WINDOWS\system32\Drivers\usb2vcom.sys [2005-08-12 11:40]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c8f3a1c6-2fac-11dc-a31f-e532fbd222bb}]
\Shell\AutoRun\command - F:\autorun.exe
.
**************************************************************************
catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-01-12 23:19:20
Windows 5.1.2600 Dodatek Service Pack 2 NTFS
detected NTDLL code modification:
ZwClose
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2008-01-12 23:20:08
ComboFix2.txt 2008-01-12 19:54:11
.
2008-01-09 11:56:43 --- E O F ---
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:23:22, on 2008-01-12
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\PC Tools Firewall Plus\FWService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
E:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
E:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Spyware Doctor\svcntaux.exe
C:\Program Files\Spyware Doctor\swdsvc.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Winamp\winampa.exe
E:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
E:\Program Files\Anti-Blaxx 1.18\Anti-Blaxx.exe
C:\Program Files\Spyware Doctor\SDTrayApp.exe
C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Last.fm\LastFMHelper.exe
C:\Program Files\Common Files\Teleca Shared\Generic.exe
C:\Program Files\Sony Ericsson\Mobile\Mobile Phone Monitor\epmworker.exe
E:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
E:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32Info.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.daemon-search.com/startpage
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [avast!] E:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [UVS11 Preload] E:\Program Files\Ulead Systems\Ulead VideoStudio 11\uvPL.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "E:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [Anti-Blaxx Manager] E:\Program Files\Anti-Blaxx 1.18\Anti-Blaxx.exe
O4 - HKLM\..\Run: [SDTray] "C:\Program Files\Spyware Doctor\SDTrayApp.exe"
O4 - HKLM\..\Run: [00PCTFW] "C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe" -s
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [PCTAVApp] "C:\Inter\PC Tools AntiVirus\PCTAV.exe" /MONITORSCAN
O4 - HKCU\..\Run: [Komunikator] E:\Program Files\Tlen.pl\tlen.exe
O4 - HKCU\..\Run: [AlcoholAutomount] "E:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools\daemon.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA LOKALNA')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA SIECIOWA')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Last.fm Helper.lnk = C:\Program Files\Last.fm\LastFMHelper.exe
O4 - Startup: Registration THE SETTLERS - Heritage of Kings.LNK = E:\Program Files\Ubisoft\Blue Byte\THE SETTLERS - Heritage of Kings\Support\Register\RegistrationReminder.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://E:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - E:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - E:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - E:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - E:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Capture Device Service - InterVideo Inc. - C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PC Tools Firewall Plus (PCToolsFirewallPlus) - PC Tools - C:\Program Files\PC Tools Firewall Plus\FWService.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\svcntaux.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: Usługa udostępniania w sieci programu Windows Media Player (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\WMPNetwk.exe (file missing)
--
End of file - 7345 bytes
Coś jeszcze trzeba wykonać czy czysto?
Zapisz jako... 
