Prosze o prze analizowanie mojich logów
COMBOFIX
- Kod: Zaznacz wszystko
ComboFix 08-12-07.01 - Patryk 2008-12-08 22:02:35.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1250.1.1045.18.347 [GMT 1:00]
Uruchomiony z: c:\documents and settings\Patryk\Pulpit\ComboFix.exe
* Utworzono nowy punkt przywracania
[COLOR=RED][B]UWAGA - TEN KOMPUTER NIE MA ZAINSTALOWANEJ KONSOLI ODZYSKIWANIA !![/B][/COLOR]
.
((((((((((((((((((((((((((((((((((((((( Usunięto )))))))))))))))))))))))))))))))))))))))))))))))))
.
G:\Autorun.inf
.
((((((((((((((((((((((((( Pliki utworzone od 2008-11-08 do 2008-12-08 )))))))))))))))))))))))))))))))
.
2008-12-06 21:46 . 2008-11-27 20:31 922 --a------ C:\Katyn.720p.HDDVD.x264-TRiM.nfo
2008-12-06 21:46 . 2008-11-27 20:31 196 --a------ C:\Katyn.720p.HDDVD.x264-TRiM.sfv
2008-12-06 21:40 . 2008-11-27 10:34 <DIR> d-------- C:\Sample
2008-12-06 21:40 . 2008-11-27 21:48 7,039,268,369 --a------ C:\Katyn.720p.HDDVD.x264-TRiM.mkv
2008-12-03 17:53 . 2008-12-06 09:01 <DIR> d--h----- C:\$AVG8.VAULT$
2008-12-03 17:42 . 2008-12-08 14:46 <DIR> d-------- c:\windows\system32\drivers\Avg
2008-12-03 17:42 . 2008-12-04 11:11 98,440 --a------ c:\windows\system32\drivers\avgldx86.sys
2008-12-03 17:42 . 2008-12-04 11:11 90,632 --a------ c:\windows\system32\drivers\avgtdix.sys
2008-12-03 17:42 . 2008-12-03 17:42 12,936 --a------ c:\windows\system32\drivers\avgrkx86.sys
2008-12-03 17:42 . 2008-12-03 17:42 10,520 --a------ c:\windows\system32\avgrsstx.dll
2008-12-03 17:41 . 2008-12-03 17:41 <DIR> d-------- c:\program files\AVG
2008-12-03 17:41 . 2008-12-03 17:41 <DIR> d-------- c:\documents and settings\All Users\Dane aplikacji\avg8
2008-12-02 19:24 . 2008-12-02 19:24 237,568 --a------ c:\windows\system32\aaksrv.exe
2008-12-02 19:24 . 2008-12-02 19:24 34,272 --a------ c:\windows\system32\aakah.sys
2008-12-02 19:24 . 2008-12-02 19:24 20,768 --a------ c:\windows\system32\aakbdrv.sys
2008-12-02 18:58 . 2008-12-02 19:24 4,400 --a------ c:\windows\system32\lqoe89kr.lwp
2008-12-01 20:47 . 2008-12-01 20:47 <DIR> d-------- c:\windows\Sun
2008-11-30 13:41 . 2008-12-06 23:01 <DIR> d-------- c:\documents and settings\Marek\Dane aplikacji\U3
2008-11-29 21:25 . 2008-12-08 09:03 <DIR> d-------- c:\documents and settings\Marek\Dane aplikacji\skypePM
2008-11-29 21:25 . 2008-11-29 21:25 56 --ah----- c:\windows\system32\ezsidmv.dat
2008-11-29 21:22 . 2008-11-29 21:22 <DIR> d-------- c:\program files\Skype
2008-11-29 21:22 . 2008-11-29 21:22 <DIR> d-------- c:\program files\Common Files\Skype
2008-11-29 21:22 . 2008-12-08 11:25 <DIR> d-------- c:\documents and settings\Marek\Dane aplikacji\Skype
2008-11-29 21:22 . 2008-11-29 21:22 <DIR> d-------- c:\documents and settings\All Users\Dane aplikacji\Skype
2008-11-28 19:33 . 2008-11-28 19:33 61,504 --a------ c:\windows\system32\comglt32a.dll
2008-11-27 21:16 . 2008-11-27 21:17 1,046 --a------ C:\VirtualDJ Local Database v5.xml
2008-11-26 22:52 . 2008-11-26 22:52 <DIR> d-------- C:\videooutput
2008-11-26 22:52 . 2008-11-26 22:52 <DIR> d-------- c:\documents and settings\Patryk\Dane aplikacji\COWON
2008-11-26 22:52 . 2007-03-07 00:45 3,086,336 --a------ c:\windows\system32\NCMedia.dll
2008-11-26 22:52 . 2007-03-07 00:45 3,086,336 --a------ c:\windows\system32\flvvideo.dll
2008-11-26 20:57 . 2008-12-08 17:10 <DIR> d-------- c:\documents and settings\Patryk\Dane aplikacji\OpenOffice.org2
2008-11-26 20:55 . 2008-11-26 20:55 <DIR> d-------- c:\program files\OpenOffice.org 2.2
2008-11-26 20:55 . 2008-11-26 20:55 <DIR> d-------- c:\program files\Common Files\Java
2008-11-22 10:58 . 2008-04-14 18:20 221,184 --a------ c:\windows\system32\wmpns.dll
2008-11-20 20:13 . 2008-11-20 20:13 <DIR> d-------- c:\program files\Asprate
2008-11-12 17:16 . 2008-09-04 18:17 1,106,944 -----c--- c:\windows\system32\dllcache\msxml3.dll
2008-11-12 17:16 . 2008-10-24 12:21 455,296 -----c--- c:\windows\system32\dllcache\mrxsmb.sys
2008-11-12 17:16 . 2008-11-12 17:16 13,646 --a------ c:\windows\system32\wpa.bak
2008-11-10 16:52 . 2008-11-10 16:52 <DIR> d-------- c:\program files\Common Files\PCSuite
2008-11-10 16:51 . 2008-05-07 07:39 1,419,232 --a------ c:\windows\system32\wdfcoinstaller01005.dll
2008-11-10 16:51 . 2008-05-07 07:38 659,968 --a------ c:\windows\system32\nmwcdcocls.dll
2008-11-10 16:51 . 2008-05-07 07:38 20,864 --a------ c:\windows\system32\drivers\ccdcmbo.sys
2008-11-10 16:51 . 2008-05-07 07:38 17,536 --a------ c:\windows\system32\drivers\ccdcmb.sys
2008-11-10 16:51 . 2008-05-07 07:38 8,064 --a------ c:\windows\system32\drivers\usbser_lowerfltj.sys
2008-11-10 16:51 . 2008-06-06 09:24 8,064 --a------ c:\windows\system32\drivers\usbser_lowerflt.sys
.
(((((((((((((((((((((((((((((((((((((((( Sekcja Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-12-08 20:51 --------- d---a-w c:\documents and settings\All Users\Dane aplikacji\TEMP
2008-12-04 21:18 --------- d-----w c:\program files\MediaCoder
2008-11-28 18:35 --------- d-----w c:\documents and settings\Patryk\Dane aplikacji\Tibia
2008-11-26 19:55 --------- d-----w c:\program files\Java
2008-11-25 18:24 --------- d-----w c:\documents and settings\Patryk\Dane aplikacji\Ahead
2008-11-15 20:29 --------- d-----w c:\documents and settings\All Users\Dane aplikacji\CanonIJPLM
2008-11-10 15:52 --------- d-----w c:\program files\Nokia
2008-11-10 15:52 --------- d-----w c:\program files\Common Files\Nokia
2008-11-10 15:39 --------- d-----w c:\documents and settings\All Users\Dane aplikacji\Installations
2008-11-06 21:56 --------- d-----w c:\program files\DAEMON Tools Lite
2008-11-06 21:52 717,296 ----a-w c:\windows\system32\drivers\sptd.sys
2008-11-06 21:52 --------- d-----w c:\documents and settings\Patryk\Dane aplikacji\DAEMON Tools
2008-11-06 15:09 --------- d-----w c:\program files\Opera
2008-11-02 08:43 --------- d-----w c:\program files\Ad Muncher
2008-11-02 08:43 --------- d-----w c:\documents and settings\All Users\Dane aplikacji\Ad Muncher
2008-10-30 08:19 --------- d-----w c:\documents and settings\Patryk\Dane aplikacji\Nokia
2008-10-26 20:09 685,576 ----a-w c:\windows\unins000.exe
2008-10-26 20:07 --------- d-----w c:\program files\Microsoft ActiveSync
2008-10-26 16:42 410,976 ----a-w c:\windows\system32\deploytk.dll
2008-10-26 11:39 --------- d-----w c:\program files\K-Lite Codec Pack
2008-10-25 20:09 --------- d-----w c:\program files\MSXML 4.0
2008-10-24 15:44 --------- d-----w c:\documents and settings\All Users\Dane aplikacji\Nokia
2008-10-24 15:42 --------- d-----w c:\program files\MSXML 6.0
2008-10-24 14:39 --------- d-----w c:\documents and settings\Marek\Dane aplikacji\CD-LabelPrint
2008-10-24 14:18 --------- d-----w c:\documents and settings\Marek\Dane aplikacji\Ahead
2008-10-24 14:14 --------- d-----w c:\documents and settings\All Users\Dane aplikacji\Ahead
2008-10-24 14:13 --------- d-----w c:\program files\Common Files\Ahead
2008-10-24 14:12 --------- d-----w c:\program files\Nero
2008-10-24 14:12 --------- d-----w c:\documents and settings\All Users\Dane aplikacji\Nero
2008-10-24 11:21 455,296 ----a-w c:\windows\system32\drivers\mrxsmb.sys
2008-10-24 08:56 --------- d-----w c:\documents and settings\Patryk\Dane aplikacji\Media Player Classic
2008-10-24 08:56 --------- d-----w c:\documents and settings\Patryk\Dane aplikacji\DivX
2008-10-24 07:15 --------- d-----w c:\program files\Common Files\Adobe
2008-10-23 10:46 --------- d-----w c:\documents and settings\Marek\Dane aplikacji\Media Player Classic
2008-10-21 16:33 --------- d-----w c:\documents and settings\Patryk\Dane aplikacji\PC Suite
2008-10-20 20:34 --------- d-----w c:\documents and settings\Marek\Dane aplikacji\Nokia
2008-10-20 19:48 --------- d-----w c:\documents and settings\Marek\Dane aplikacji\PC Suite
2008-10-20 19:47 0 ---ha-w c:\windows\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
2008-10-20 19:47 0 ---ha-w c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01005.Wdf
2008-10-20 19:45 --------- d-----w c:\program files\PC Connectivity Solution
2008-10-20 19:45 --------- d-----w c:\program files\DIFX
2008-10-20 19:45 --------- d-----w c:\documents and settings\All Users\Dane aplikacji\PC Suite
2008-10-20 19:18 --------- d-----w c:\program files\ScreenSaver.com
2008-10-18 18:49 892,928 ----a-w c:\windows\system32\iconv.dll
2008-10-18 18:48 921,600 ----a-w c:\windows\system32\vorbisenc.dll
2008-10-18 18:48 237,568 ----a-w c:\windows\system32\OggDS.dll
2008-10-18 18:47 45,056 ----a-w c:\windows\system32\ogg.dll
2008-10-18 18:47 188,416 ----a-w c:\windows\system32\vorbis.dll
2008-10-18 18:47 1,415,680 ----a-w c:\windows\system32\WMV9VCM.dll
2008-10-18 18:46 9,216 ----a-w c:\windows\system32\cpuinf32.dll
2008-10-18 18:46 245,760 ----a-w c:\windows\system32\mplvpx.dll
2008-10-18 18:43 --------- d-----w c:\program files\MarBit
2008-10-17 06:27 --------- d-----w c:\documents and settings\Patryk\Dane aplikacji\Gadu-Gadu
2008-10-16 13:13 202,776 ----a-w c:\windows\system32\wuweb.dll
2008-10-16 13:13 1,809,944 ----a-w c:\windows\system32\wuaueng.dll
2008-10-16 13:12 561,688 ----a-w c:\windows\system32\wuapi.dll
2008-10-16 13:12 323,608 ----a-w c:\windows\system32\wucltui.dll
2008-10-16 13:09 92,696 ----a-w c:\windows\system32\cdm.dll
2008-10-16 13:09 51,224 ----a-w c:\windows\system32\wuauclt.exe
2008-10-16 13:09 43,544 ----a-w c:\windows\system32\wups2.dll
2008-10-16 13:08 34,328 ----a-w c:\windows\system32\wups.dll
2008-10-14 20:37 --------- d-----w c:\program files\Canon
2008-10-14 20:35 --------- d--h--w c:\documents and settings\All Users\Dane aplikacji\CanonBJ
2008-10-14 20:34 --------- d--h--w c:\program files\CanonBJ
2008-10-14 20:29 --------- d-----w c:\documents and settings\Patryk\Dane aplikacji\DisplayTune
2008-10-14 19:22 --------- d-----w c:\documents and settings\Marek\Dane aplikacji\Gadu-Gadu
2008-10-14 19:21 --------- d-----w c:\program files\Gadu-Gadu
2008-10-14 19:14 --------- d-----w c:\documents and settings\Marek\Dane aplikacji\DisplayTune
2008-10-14 19:12 62,009 ----a-w c:\windows\system32\wpfb_s3gigp.dll
2008-10-14 19:12 --------- d--h--w c:\program files\InstallShield Installation Information
2008-10-14 19:12 --------- d-----w c:\program files\Portrait Displays
2008-10-14 19:12 --------- d-----w c:\program files\Common Files\Portrait Displays
2008-10-14 19:07 315,392 ----a-w c:\windows\HideWin.exe
2008-10-14 19:07 --------- d-----w c:\program files\Realtek
2008-10-14 19:06 --------- d-----w c:\program files\S3
2008-10-14 19:06 --------- d-----w c:\program files\Common Files\InstallShield
2008-10-14 19:05 --------- d-----w c:\program files\VIA
2008-10-14 18:56 --------- d-----w c:\program files\microsoft frontpage
2008-10-14 18:54 --------- d-----w c:\program files\Usługi online
2008-09-30 15:43 1,286,152 ----a-w c:\windows\system32\msxml4.dll
2008-09-15 15:27 1,846,656 ----a-w c:\windows\system32\win32k.sys
2008-09-10 01:15 1,307,648 ------w c:\windows\system32\msxml6.dll
.
((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"Gadu-Gadu"="c:\program files\Gadu-Gadu\gg.exe" [2008-03-20 2127296]
"PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" [2008-10-02 1124352]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-06-27 152872]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PivotSoftware"="c:\program files\Portrait Displays\Pivot Software\wpctrl.exe" [2007-02-09 694008]
"DT HPW"="c:\program files\Common Files\Portrait Displays\Shared\DT_startup.exe" [2008-04-16 81920]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-01 153136]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2008-10-26 136600]
"Ad Muncher"="c:\program files\Ad Muncher\AdMunch.exe" [2007-11-03 779776]
"AVG8_TRAY"="d:\progra~1\AVG\AVG8\avgtray.exe" [2008-12-04 1261336]
"VTTimer"="VTTimer.exe" [2006-08-02 c:\windows\system32\VTTimer.exe]
"S3Trayp"="S3trayp.exe" [2006-07-10 c:\windows\system32\S3Trayp.exe]
"SkyTel"="SkyTel.EXE" [2006-05-20 c:\windows\SkyTel.exe]
"RTHDCPL"="RTHDCPL.EXE" [2007-02-03 c:\windows\RTHDCPL.exe]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
c:\documents and settings\Patryk\Menu Start\Programy\Autostart\
OpenOffice.org 2.2.lnk - c:\program files\OpenOffice.org 2.2\program\quickstart.exe [2007-02-02 393216]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=system32\aakah.dll,avgrsstx.dll
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Gadu-Gadu\\gg.exe"=
"c:\\Program Files\\Common Files\\Nokia\\Service Layer\\A\\nsl_host_process.exe"=
"c:\\Program Files\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe"=
"c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"d:\\Patryk\\CS\\hl.exe"=
"d:\\Patryk\\CS\\hltv.exe"=
"d:\\Patryk\\Paintball2\\paintball2.exe"=
"g:\\Patryk\\Inne\\Paintball2\\paintball2.exe"=
"d:\\Patryk\\Games\\Paintball2\\paintball2.exe"=
"d:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
"d:\\Program Files\\AVG\\AVG8\\avgnsx.exe"=
"c:\\Program Files\\Ad Muncher\\AdMunch.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
R0 AvgRkx86;avgrkx86.sys;c:\windows\system32\Drivers\avgrkx86.sys [2008-12-03 12936]
R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\Drivers\avgldx86.sys [2008-12-03 98440]
R1 AvgTdiX;AVG8 Network Redirector;c:\windows\system32\Drivers\avgtdix.sys [2008-12-03 90632]
R1 UserPort;UserPort;\??\c:\windows\system32\Drivers\UserPort.sys [2008-10-16 4256]
R2 aakah;aakah;\??\c:\windows\system32\aakah.sys [2008-12-02 34272]
R2 aakbdrv;aakbdrv;\??\c:\windows\system32\aakbdrv.sys [2008-12-02 20768]
R2 avg8wd;AVG8 WatchDog;d:\progra~1\AVG\AVG8\avgwdsvc.exe [2008-12-03 231704]
R3 S3GIGP;S3GIGP;c:\windows\system32\DRIVERS\S3gIGPm.sys [2008-10-14 659456]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{9cb039bc-bd7a-11dd-9ed0-001d6014e5fb}]
\Shell\AutoRun\command - I:\LaunchU3.exe -a
*Newly Created Service* - PROCEXP90
.
- - - - USUNIĘTO PUSTE WPISY - - - -
MSConfigStartUp-AAK - c:\program files\Advanced Anti Keylogger\aak.exe
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-12-08 22:07:18
Windows 5.1.2600 Dodatek Service Pack 3 NTFS
skanowanie ukrytych procesów ...
skanowanie ukrytych wpisów autostartu ...
skanowanie ukrytych plików ...
skanowanie pomyślnie ukończone
ukryte pliki: 0
**************************************************************************
.
--------------------- Pliki DLL ładowane pod uruchomionymi procesami ---------------------
- - - - - - - > 'winlogon.exe'(684)
c:\windows\system32\avgrsstx.dll
- - - - - - - > 'lsass.exe'(752)
c:\windows\system32\avgrsstx.dll
.
Czas ukończenia: 2008-12-08 22:09:30
ComboFix-quarantined-files.txt 2008-12-08 21:09:25
Przed: 11 157 938 176 bajtów wolnych
Po: 12,815,376,384 bajtów wolnych
226 --- E O F --- 2008-11-13 14:05:16
HIJACK
- Kod: Zaznacz wszystko
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:04:43, on 2008-12-08
Platform: Windows XP Dodatek SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
D:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Common Files\Portrait Displays\Shared\DTSRVC.exe
C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
C:\Program Files\Java\jre6\bin\jqs.exe
D:\PROGRA~1\AVG\AVG8\avgam.exe
D:\PROGRA~1\AVG\AVG8\avgrsx.exe
D:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\WINDOWS\system32\VTTimer.exe
C:\WINDOWS\system32\S3trayp.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Portrait Displays\Pivot Software\wpctrl.exe
C:\Program Files\Portrait Displays\HP My Display\DTHtml.exe
C:\Program Files\Portrait Displays\Pivot Software\floater.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Ad Muncher\AdMunch.exe
D:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Gadu-Gadu\gg.exe
C:\Program Files\Common Files\Portrait Displays\Shared\HookManager.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\OpenOffice.org 2.2\program\soffice.exe
C:\Program Files\OpenOffice.org 2.2\program\soffice.BIN
C:\Program Files\Opera\Opera.exe
C:\WINDOWS\system32\wuauclt.exe
D:\Patryk\1\Tibia.exe
C:\Documents and Settings\Patryk\Pulpit\HiJackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - D:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [S3Trayp] S3trayp.exe
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [PivotSoftware] "C:\Program Files\Portrait Displays\Pivot Software\wpctrl.exe"
O4 - HKLM\..\Run: [DT HPW] C:\Program Files\Common Files\Portrait Displays\Shared\DT_startup.exe -HPW
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Ad Muncher] "C:\Program Files\Ad Muncher\AdMunch.exe" /bt
O4 - HKLM\..\Run: [AVG8_TRAY] D:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Gadu-Gadu] "C:\Program Files\Gadu-Gadu\gg.exe" /tray
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA LOKALNA')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA SIECIOWA')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 2.2.lnk = C:\Program Files\OpenOffice.org 2.2\program\quickstart.exe
O8 - Extra context menu item: Block frame with Ad Muncher - http://www.admuncher.com/request_will_be_intercepted_by/Ad_Muncher/browserextensions.pl?exbrowser=ie&exversion=0.4&pass=K5PN70AI&id=menu_ie_frame
O8 - Extra context menu item: Block image with Ad Muncher - http://www.admuncher.com/request_will_be_intercepted_by/Ad_Muncher/browserextensions.pl?exbrowser=ie&exversion=0.4&pass=K5PN70AI&id=menu_ie_image
O8 - Extra context menu item: Block link with Ad Muncher - http://www.admuncher.com/request_will_be_intercepted_by/Ad_Muncher/browserextensions.pl?exbrowser=ie&exversion=0.4&pass=K5PN70AI&id=menu_ie_link
O8 - Extra context menu item: Don't filter page with Ad Muncher - http://www.admuncher.com/request_will_be_intercepted_by/Ad_Muncher/browserextensions.pl?exbrowser=ie&exversion=0.4&pass=K5PN70AI&id=menu_ie_exclude
O8 - Extra context menu item: Report page to the Ad Muncher developers - http://www.admuncher.com/request_will_be_intercepted_by/Ad_Muncher/browserextensions.pl?exbrowser=ie&exversion=0.4&pass=K5PN70AI&id=menu_ie_report
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~2\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~2\INetRepl.dll
O9 - Extra 'Tools' menuitem: Utwórz Ulubione dla urządzenia przenośnego... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~2\INetRepl.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://www.mks.com.pl
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - D:\Program Files\AVG\AVG8\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: system32\aakah.dll,avgrsstx.dll
O23 - Service: aaksrv - Spydex, Inc. - C:\WINDOWS\system32\aaksrv.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - D:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Portrait Displays Display Tune Service (DTSRVC) - Unknown owner - C:\Program Files\Common Files\Portrait Displays\Shared\DTSRVC.exe
O23 - Service: PIXMA Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
--
End of file - 7924 bytes
oraz skasuj folder C:\
