ComboScan v20070306.20 run by prog on 2008-06-25 at 17:00:10
Computer is in Normal Mode.
--------------------------------------------------------------------------------
-- HijackThis (run as prog.exe) ------------------------------------------------
Logfile of HijackThis v1.99.1
Scan saved at 17:00:55, on 2008-06-25
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\brsvc01a.exe
C:\WINDOWS\system32\brss01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Razer\Diamondback 3G\razerhid.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4ss.exe
c:\usr\MYSQL\bin\mysqld.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDClock.exe
C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDCountdown.exe
C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4gui.exe
C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDMedia.exe
C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDPop3.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4gui.exe
C:\Program Files\Razer\Diamondback 3G\razertra.exe
C:\Program Files\Razer\Diamondback 3G\razerofa.exe
C:\Program Files\Tlen.pl\tlen.exe
C:\Program Files\Xfire\xfire.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Last.fm\LastFM.exe
E:\Rzeczy Maxa\Instalki\ochrona komputera i optymalizacja\inne - szczepionki i narzedzia\comboscan.exe
C:\PROGRA~1\HIJACK~1\prog.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [url="http://go.microsoft.com/fwlink/?LinkId=69157"]http://go.microsoft.com/fwlink/?LinkId=69157[/url]
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
O1 - Hosts: 87.118.118.162 nprotect.roseonlinegame.com
O1 - Hosts: 87.118.118.162 update.nprotect.com
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.0.1225.9868\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL
O4 - HKLM\..\Run: [Launch LCDMon] "C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [Diamondback] C:\Program Files\Razer\Diamondback 3G\razerhid.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - [url="http://www.systemrequirementslab.com/sysreqlab2.cab"]http://www.systemrequirementslab.com/sysreqlab2.cab[/url]
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - [url="https://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab"]https://download.macromedia.com/pub/shockwa...ash/swflash.cab[/url]
O17 - HKLM\System\CCS\Services\Tcpip\..\{149128DD-9B0D-4B8B-B6F4-57B2C2C454D8}: NameServer = 194.204.152.34,194.204.159.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{149128DD-9B0D-4B8B-B6F4-57B2C2C454D8}: NameServer = 194.204.152.34,194.204.159.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{149128DD-9B0D-4B8B-B6F4-57B2C2C454D8}: NameServer = 194.204.152.34,194.204.159.1
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4ss.exe
O23 - Service: MySql - Unknown owner - c:\usr/MYSQL/bin/mysqld.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
-- Files created between 2008-05-25 and 2008-06-25 -----------------------------
2008-06-25 16:59:18 395776 --a------ C:\CF24472.exe
2008-06-23 15:03:58 0 d-------- C:\Program Files\7-Zip
2008-06-22 11:17:42 0 d-------- C:\Program Files\UltraISO
2008-06-22 11:17:42 0 d-------- C:\Program Files\Common Files\EZB Systems<EZBSYS~1>
2008-06-22 09:06:43 0 d-------- C:\WINDOWS\Sun
2008-06-21 19:25:20 0 d-------- C:\Program Files\Mozilla Firefox<MOZILL~1>
2008-06-21 19:20:06 0 d-------- C:\WINDOWS\system32\appmgmt
2008-06-21 19:09:38 0 d-------- C:\Program Files\Apple Software Update<APPLES~1>
2008-06-21 13:59:04 0 d-------- C:\Program Files\FinalBurner<FINALB~1>
2008-06-18 13:52:15 0 d-------- C:\Program Files\AutoGK
2008-06-18 13:30:09 43602 --a------ C:\WINDOWS\system32\xvid-uninstall.exe<XVID-U~1.EXE>
2008-06-18 13:28:34 0 d-------- C:\Program Files\Gabest
2008-06-18 13:28:14 0 d-------- C:\Program Files\AviSynth 2.5<AVISYN~1.5>
2008-06-18 13:27:27 0 d-------- C:\Program Files\GordianKnot<GORDIA~1>
2008-06-17 20:01:56 0 d-------- C:\Program Files\PowerQuest<POWERQ~1>
2008-06-17 19:57:51 0 d-------- C:\WINDOWS\DF5A03CCD5AA43D8B948D9903F2AF94A.TMP<DF5A03~1.TMP>
2008-06-17 19:45:40 0 d-------- C:\WINDOWS\Prefetch
2008-06-17 19:28:58 24661 --a------ C:\WINDOWS\system32\spxcoins.dll
2008-06-17 19:28:58 13312 --a------ C:\WINDOWS\system32\irclass.dll
2008-06-14 16:44:07 0 d-------- C:\Program Files\uTorrent
2008-06-10 16:57:29 0 d-------- C:\Program Files\MegauploadToolbar<MEGAUP~1>
2008-06-05 17:37:01 0 d-------- C:\Program Files\CCleaner
2008-06-05 13:46:39 0 d-------- C:\Program Files\ToniArts
2008-06-05 13:43:16 0 d--hs---- C:\WINDOWS\ftpcache
2008-06-03 02:56:50 41296 --a------ C:\WINDOWS\system32\xfcodec.dll
2008-06-02 17:13:19 0 d-------- C:\Program Files\DIFX
2008-06-02 17:13:05 0 d------c- C:\WINDOWS\system32\DRVSTORE
2008-06-02 17:13:05 13225 --a------ C:\WINDOWS\system32\drivers\DB3G.sys
2008-06-02 17:12:55 0 d-------- C:\Program Files\Razer
-- Find3M Report ---------------------------------------------------------------
2008-06-25 16:12:36 0 d-------- C:\Documents and Settings\prog\Dane aplikacji\Skype
2008-06-25 16:03:10 0 d-------- C:\Documents and Settings\prog\Dane aplikacji\foobar2000<FOOBAR~1>
2008-06-25 13:55:42 0 d-------- C:\Documents and Settings\prog\Dane aplikacji\Tlen.pl
2008-06-25 11:01:06 0 d-------- C:\Documents and Settings\prog\Dane aplikacji\Xfire
2008-06-25 09:15:48 0 d---s---- C:\Program Files\Xfire
2008-06-25 00:13:05 107832 --a------ C:\WINDOWS\system32\PnkBstrB.exe
2008-06-24 23:20:50 0 d-------- C:\Documents and Settings\prog\Dane aplikacji\MegauploadToolbar<MEGAUP~1>
2008-06-22 09:06:43 0 d-------- C:\Documents and Settings\prog\Dane aplikacji\Sun
2008-06-22 08:48:42 0 d-------- C:\Program Files\Java
2008-06-21 19:38:16 0 d-------- C:\Program Files\Common Files\Adobe
2008-06-21 19:36:59 0 d-------- C:\Program Files\Opera
2008-06-21 19:25:31 0 d-------- C:\Documents and Settings\prog\Dane aplikacji\Talkback
2008-06-21 19:25:26 0 d-------- C:\Documents and Settings\prog\Dane aplikacji\Mozilla
2008-06-21 19:10:30 0 d-------- C:\Documents and Settings\prog\Dane aplikacji\Apple Computer<APPLEC~1>
2008-06-21 14:12:44 0 d-------- C:\Documents and Settings\prog\Dane aplikacji\FinalBurner DATA<FINALB~1>
2008-06-20 15:15:26 572 --a------ C:\Documents and Settings\prog\Dane aplikacji\AutoGK.ini
2008-06-19 20:19:32 0 d-------- C:\Program Files\Google
2008-06-17 20:06:23 436322 --a------ C:\WINDOWS\system32\perfh015.dat
2008-06-17 20:06:23 67298 --a------ C:\WINDOWS\system32\perfc015.dat
2008-06-17 20:02:18 0 d--h----- C:\Program Files\InstallShield Installation Information<INSTAL~1>
2008-06-17 19:54:54 219648 --a------ C:\WINDOWS\system32\uxtheme.dll
2008-06-17 19:47:49 0 d-------- C:\Program Files\Steam
2008-06-17 19:38:41 23640 --a------ C:\WINDOWS\system32\emptyregdb.dat<EMPTYR~1.DAT>
2008-06-17 19:38:18 0 d-------- C:\Program Files\Messenger<MESSEN~1>
2008-06-17 08:56:20 0 d-------- C:\Documents and Settings\prog\Dane aplikacji\teamspeak2<TEAMSP~1>
2008-06-16 21:53:09 0 d-------- C:\Documents and Settings\prog\Dane aplikacji\Help
2008-06-16 19:13:55 0 d-------- C:\Program Files\No-IP
2008-06-16 15:40:16 0 d-------- C:\Documents and Settings\prog\Dane aplikacji\uTorrent
2008-06-13 20:51:08 0 d-------- C:\Program Files\foobar2000<FOOBAR~1>
2008-06-05 17:51:09 0 d-------- C:\Program Files\Last.fm
2008-06-05 14:29:15 66872 --a------ C:\WINDOWS\system32\PnkBstrA.exe
2008-06-05 14:12:17 22328 --a------ C:\Documents and Settings\prog\Dane aplikacji\PnkBstrK.sys
2008-06-02 17:12:40 0 d-------- C:\Documents and Settings\prog\Dane aplikacji\InstallShield<INSTAL~1>
2008-05-14 21:06:37 0 d-------- C:\Program Files\Xfire Plus<XFIREP~1>
2008-05-14 19:47:21 0 d-------- C:\Documents and Settings\prog\Dane aplikacji\Google
2008-05-12 20:26:23 0 d-------- C:\Program Files\AV Vcs 4.0 DIAMOND<AVVCS4~1.0DI>
2008-05-12 20:03:29 0 d-------- C:\Program Files\Skype
2008-05-12 20:03:28 0 d-------- C:\Program Files\Common Files\Skype
2008-04-30 14:43:58 0 dr------- C:\Documents and Settings\prog\Dane aplikacji\Brother
2008-04-27 09:09:43 0 d-------- C:\Documents and Settings\prog\Dane aplikacji\Adobe
2008-04-26 19:14:06 0 d-------- C:\Program Files\Fraps
2008-04-26 14:14:13 0 d-------- C:\Program Files\Robster Productions<ROBSTE~1>
-- Registry Dump ---------------------------------------------------------------
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"ctfmon.exe"="C:\\WINDOWS\\system32\\ctfmon.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"Launch LCDMon"="\"C:\\Program Files\\Logitech\\GamePanel Software\\LCD Manager\\LCDMon.exe\""
"avgnt"="\"C:\\Program Files\\Avira\\AntiVir PersonalEdition Classic\\avgnt.exe\" /min"
"Diamondback"="C:\\Program Files\\Razer\\Diamondback 3G\\razerhid.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents]
@=""
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL]
"Installed"="1"
@=""
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI]
"NoChange"="1"
"Installed"="1"
@=""
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS]
"Installed"="1"
@=""
[HKEY_USERS\.default\software\microsoft\windows\currentversion\runonce]
"tscuninstall"=hex(2):25,73,79,73,74,65,6d,72,6f,6f,74,25,5c,73,79,73,74,65,6d,\
33,32,5c,74,73,63,75,70,67,72,64,2e,65,78,65,00
[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\runonce]
"tscuninstall"=hex(2):25,73,79,73,74,65,6d,72,6f,6f,74,25,5c,73,79,73,74,65,6d,\
33,32,5c,74,73,63,75,70,67,72,64,2e,65,78,65,00
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^Adobe Reader Speed Launch.lnk]
"path"="C:\\Documents and Settings\\All Users\\Menu Start\\Programy\\Autostart\\Adobe Reader Speed Launch.lnk"
"backup"="C:\\WINDOWS\\pss\\Adobe Reader Speed Launch.lnkCommon Startup"
"location"="Common Startup"
"command"="C:\\PROGRA~1\\Adobe\\ACROBA~1.0\\Reader\\READER~1.EXE "
"item"="Adobe Reader Speed Launch"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^prog^Menu Start^Programy^Autostart^Adobe Gamma.lnk]
"path"="C:\\Documents and Settings\\prog\\Menu Start\\Programy\\Autostart\\Adobe Gamma.lnk"
"backup"="C:\\WINDOWS\\pss\\Adobe Gamma.lnkStartup"
"location"="Startup"
"command"="C:\\PROGRA~1\\COMMON~1\\Adobe\\CALIBR~1\\ADOBEG~1.EXE "
"item"="Adobe Gamma"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^prog^Menu Start^Programy^Autostart^Tworzenie wycinków ekranu i uruchamianie programu OneNote 2007.lnk]
"path"="C:\\Documents and Settings\\prog\\Menu Start\\Programy\\Autostart\\Tworzenie wycinków ekranu i uruchamianie programu OneNote 2007.lnk"
"backup"="C:\\WINDOWS\\pss\\Tworzenie wycinków ekranu i uruchamianie programu OneNote 2007.lnkStartup"
"location"="Startup"
"command"="C:\\PROGRA~1\\MICROS~2\\Office12\\ONENOTEM.EXE /tsr"
"item"="Tworzenie wycinków ekranu i uruchamianie programu OneNote 2007"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Reader_sl"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Adobe\\Reader 8.0\\Reader\\Reader_sl.exe\""
"inimapping"="0"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATICCC]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="cli"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\ATI Technologies\\ATI.ACE\\cli.exe\" runtime -Delay"
"inimapping"="0"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="NMBgMonitor"
"hkey"="HKCU"
"command"="\"C:\\Program Files\\Common Files\\Ahead\\Lib\\NMBgMonitor.exe\""
"inimapping"="0"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="ctfmon"
"hkey"="HKCU"
"command"="C:\\WINDOWS\\system32\\ctfmon.exe"
"inimapping"="0"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTSyncU.exe]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="CTSyncU"
"hkey"="HKCU"
"command"="\"C:\\Program Files\\Creative\\Sync Manager Unicode\\CTSyncU.exe\""
"inimapping"="0"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IndexSearch]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="IndexSearch"
"hkey"="HKLM"
"command"="C:\\Program Files\\ScanSoft\\PaperPort\\IndexSearch.exe"
"inimapping"="0"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Launch LGDCore]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="LGDCore"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Logitech\\GamePanel Software\\G-series Software\\LGDCore.exe\" /SHOWHIDE"
"inimapping"="0"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="NeroCheck"
"hkey"="HKLM"
"command"="C:\\Program Files\\Common Files\\Ahead\\Lib\\NeroCheck.exe"
"inimapping"="0"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PaperPort PTD]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="pptd40nt"
"hkey"="HKLM"
"command"="C:\\Program Files\\ScanSoft\\PaperPort\\pptd40nt.exe"
"inimapping"="0"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="SOUNDMAN"
"hkey"="HKLM"
"command"="SOUNDMAN.EXE"
"inimapping"="0"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSBkgdUpdate]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="SSBkgdupdate"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Common Files\\Scansoft Shared\\SSBkgdUpdate\\SSBkgdupdate.exe\" -Embedding -boot"
"inimapping"="0"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="steam"
"hkey"="HKCU"
"command"="\"c:\\program files\\steam\\steam.exe\" -silent"
"inimapping"="0"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="jusched"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Java\\jre1.6.0_05\\bin\\jusched.exe\""
"inimapping"="0"
[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"CTFMON.EXE"="C:\\WINDOWS\\system32\\CTFMON.EXE"
[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\run]
"CTFMON.EXE"="C:\\WINDOWS\\system32\\CTFMON.EXE"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"disableregistrytools"=dword:00000000
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost]
HTTPFilter REG_MULTI_SZ HTTPFilter\0\0
LocalService REG_MULTI_SZ Alerter\0WebClient\0LmHosts\0RemoteRegistry\0upnphost\0SSDPSRV\0\0
NetworkService REG_MULTI_SZ DnsCache\0\0
DcomLaunch REG_MULTI_SZ DcomLaunch\0TermService\0\0
rpcss REG_MULTI_SZ RpcSs\0\0
imgsvc REG_MULTI_SZ StiSvc\0\0
termsvcs REG_MULTI_SZ TermService\0\0
[HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\G]
Shell\AutoRun\command G:\setup.exe
[HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{546824a5-ed07-11dc-8a26-0014852687dc}]
Shell\AutoRun\command C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL copy.exe
-- End of ComboScan: finished at 2008-06-25 at 17:01:42 ------------------------
Zapisz jako... 
