od pewnego czasu mój komputer zaczął szwankować ...
avast wykrywa coraz więcej trojanów ...
ciągle usuwam pliki zarażone lub zainfekowane ( jak kto woli
)Kiedy włączam Internet Exproler nie pokazują sie żadne obrazki ... (np. logo w google)
poczytałem trochę na forum ... i ściągnąłem program ``ComboFix``
oto log
- Kod: Zaznacz wszystko
ComboFix 08-12-05.01 - Monika 2008-12-05 17:39:16.4 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.1.1045.18.652 [GMT 0:00]
Uruchomiony z: c:\documents and settings\Monika\Pulpit\ComboFix.exe
* Utworzono nowy punkt przywracania
.
((((((((((((((((((((((((((((((((((((((( Usunięto )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\LocalService\Dane aplikacji\twain_32
c:\documents and settings\LocalService\Dane aplikacji\twain_32\user.ds
c:\documents and settings\Monika\Dane aplikacji\gadcom
c:\documents and settings\Monika\Dane aplikacji\gadcom\gadcom.exe
c:\documents and settings\Monika\Ustawienia lokalne\Temporary Internet Files\fbk.sts
c:\documents and settings\NetworkService\Dane aplikacji\twain_32
c:\documents and settings\NetworkService\Dane aplikacji\twain_32\user.ds
c:\windows\system32\CbcIlUtv.ini
c:\windows\system32\CbcIlUtv.ini2
c:\windows\system32\cwvuecil.dll
c:\windows\system32\dhnwwmwj.dll
c:\windows\system32\gawhrbpg.dll
c:\windows\system32\iygrpkxx.ini
c:\windows\system32\jwmwwnhd.ini
c:\windows\system32\mxeqnh.dll
c:\windows\system32\rirbxgja.dll
c:\windows\system32\rolkuwym.dll
c:\windows\system32\twain_32
c:\windows\system32\twain_32\local.ds
c:\windows\system32\twain_32\user.ds
c:\windows\system32\vtUlIcbC.dll
c:\windows\system32\xxkprgyi.dll
c:\windows\system32\ypjekd.dll
.
((((((((((((((((((((((((( Pliki utworzone od 2008-11-05 do 2008-12-05 )))))))))))))))))))))))))))))))
.
2008-12-05 17:43 . 2008-12-05 17:43 54,156 --ah----- c:\windows\QTFont.qfn
2008-12-05 17:43 . 2008-12-05 17:43 1,409 --a------ c:\windows\QTFont.for
2008-12-04 15:59 . 2008-11-21 20:15 401,408 --a------ c:\windows\system32\winhe77.dll
2008-12-04 15:59 . 2008-12-04 15:59 58,880 --a------ C:\fjytg.exe
2008-12-04 15:59 . 2008-12-04 15:59 34,816 --a------ c:\windows\system32\iifdbyol.dll.ren
2008-11-24 18:25 . 2008-11-24 18:25 <DIR> d-------- c:\program files\Common Files\Skype
2008-11-24 18:25 . 2008-11-24 18:25 56 --ah----- c:\windows\system32\ezsidmv.dat
2008-11-13 19:45 . 2008-11-13 19:45 1,393 --a------ c:\windows\imsins.BAK
2008-11-13 18:17 . 2008-09-04 17:17 1,106,944 -----c--- c:\windows\system32\dllcache\msxml3.dll
2008-11-13 18:08 . 2008-10-24 11:21 455,296 -----c--- c:\windows\system32\dllcache\mrxsmb.sys
2008-11-09 17:53 . 2008-11-09 17:53 <DIR> d-------- c:\program files\IrfanView
2008-11-08 19:58 . 2008-11-08 19:58 <DIR> d-------- c:\documents and settings\Monika\.gegl-0.0
.
(((((((((((((((((((((((((((((((((((((((( Sekcja Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2060-08-18 17:02 1,496,064 -c----w c:\windows\system32\CC3250MT.DLL
2060-08-18 16:40 909,824 -c----w c:\windows\system32\cp3245mt.dll
2060-08-18 16:40 24,064 -c----w c:\windows\system32\borlndmm.dll
2008-12-05 17:44 --------- d-----w c:\documents and settings\Monika\Dane aplikacji\OpenOffice.ux.pl2
2008-12-05 16:20 --------- d-----w c:\documents and settings\Monika\Dane aplikacji\Spyware Terminator
2008-12-05 16:06 --------- d-----w c:\program files\Spyware Terminator
2008-12-05 16:06 --------- d-----w c:\documents and settings\All Users\Dane aplikacji\Spyware Terminator
2008-12-05 10:18 --------- d-----w c:\documents and settings\Monika\Dane aplikacji\Skype
2008-12-05 09:18 --------- d-----w c:\documents and settings\Monika\Dane aplikacji\skypePM
2008-12-04 18:27 --------- d-----w c:\program files\Mozilla Thunderbird
2008-12-03 20:33 --------- d-----w c:\program files\FlashGet
2008-12-02 21:52 --------- d-----w c:\program files\Java
2008-11-28 19:21 --------- d-----w c:\program files\Gadu-Gadu
2008-11-24 18:25 --------- d-----w c:\program files\Skype
2008-11-10 05:43 410,984 ----a-w c:\windows\system32\deploytk.dll
2008-11-08 20:18 --------- d-----w c:\documents and settings\Monika\Dane aplikacji\gtk-2.0
2008-11-04 20:03 --------- d-----w c:\program files\Yahoo!
2008-11-04 20:02 --------- d-----w c:\program files\DAEMON Tools Toolbar
2008-11-04 20:01 --------- d-----w c:\program files\Google
2008-11-04 20:00 --------- d-----w c:\program files\ContextProgram
2008-11-04 19:34 141,312 ----a-w c:\windows\system32\drivers\sp_rsdrv2.sys
2008-11-02 15:54 --------- d-----w c:\program files\Windows Live
2008-11-01 13:59 --------- d-----w c:\documents and settings\Administrator\Dane aplikacji\OpenOffice.ux.pl2
2008-10-31 20:49 --------- d-----w c:\program files\CCleaner
2008-10-31 20:21 --------- d-----w c:\documents and settings\Administrator\Dane aplikacji\Thunderbird
2008-10-31 20:21 --------- d-----w c:\documents and settings\Administrator\Dane aplikacji\Talkback
2008-10-31 16:04 --------- d-----w c:\documents and settings\Administrator\Dane aplikacji\Winamp
2008-10-30 20:32 --------- d-----w c:\documents and settings\All Users\Dane aplikacji\NVIDIA
2008-10-29 10:44 --------- d-----w c:\program files\directx
2008-10-29 10:12 --------- d-----w c:\program files\iXi Tools
2008-10-27 13:39 --------- d-----w c:\program files\Microsoft CAPICOM 2.1.0.2
2008-10-26 19:03 --------- d-----w c:\program files\Microsoft SQL Server Compact Edition
2008-10-26 19:01 --------- dcsh--w c:\program files\Common Files\WindowsLiveInstaller
2008-10-26 18:59 --------- d-----w c:\documents and settings\All Users\Dane aplikacji\WLInstaller
2008-10-26 13:52 --------- d-----w c:\program files\VstPlugins
2008-10-26 13:49 --------- d-----w c:\program files\Call of Duty
2008-10-24 11:21 455,296 ----a-w c:\windows\system32\drivers\mrxsmb.sys
2008-10-17 17:49 --------- d-----w c:\program files\Lexmark 1200 Series
2008-10-16 14:13 202,776 ----a-w c:\windows\system32\wuweb.dll
2008-10-16 14:13 1,809,944 ----a-w c:\windows\system32\wuaueng.dll
2008-10-16 14:12 561,688 ----a-w c:\windows\system32\wuapi.dll
2008-10-16 14:12 323,608 ----a-w c:\windows\system32\wucltui.dll
2008-10-16 14:09 92,696 ----a-w c:\windows\system32\cdm.dll
2008-10-16 14:09 51,224 ----a-w c:\windows\system32\wuauclt.exe
2008-10-16 14:09 43,544 ----a-w c:\windows\system32\wups2.dll
2008-10-16 14:08 34,328 ----a-w c:\windows\system32\wups.dll
2008-10-16 14:06 268,648 ----a-w c:\windows\system32\mucltui.dll
2008-10-16 14:06 208,744 ----a-w c:\windows\system32\muweb.dll
2008-10-11 15:42 --------- d-----w c:\program files\EA GAMES
2008-09-30 16:43 1,286,152 ----a-w c:\windows\system32\msxml4.dll
2008-09-15 15:27 1,846,656 ----a-w c:\windows\system32\win32k.sys
2008-09-10 01:15 1,307,648 ------w c:\windows\system32\msxml6.dll
2007-12-15 15:41 32 ----a-w c:\documents and settings\All Users\Dane aplikacji\ezsid.dat
2008-08-27 09:37 88 --sh--r c:\windows\system32\B67796535D.sys
2007-09-25 20:32 88 -csh--r c:\windows\system32\DAB99D55BF.sys
2008-08-27 09:58 6,268 -csha-w c:\windows\system32\KGyGaAvL.sys
.
((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{CB0BF4F2-5875-4FE4-8C1C-F89559C92A1B}"= "c:\windows\system32\winhe77.dll" [2008-11-21 401408]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{CB0BF4F2-5875-4FE4-8C1C-F89559C92A1B}"= "c:\windows\system32\winhe77.dll" [2008-11-21 401408]
[HKEY_CLASSES_ROOT\clsid\{cb0bf4f2-5875-4fe4-8c1c-f89559c92a1b}]
[HKEY_CLASSES_ROOT\TypeLib\{A2213E18-16EA-4DCA-8FC4-0231DDF3E571}]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"Gadu-Gadu"="c:\program files\Gadu-Gadu\gg.exe" [2007-07-09 2119104]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-08-16 7630848]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2006-08-16 86016]
"Lexmark 1200 Series"="c:\program files\Lexmark 1200 Series\lxczbmgr.exe" [2006-07-13 57344]
"LogitechCommunicationsManager"="c:\program files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" [2007-02-08 488984]
"LogitechQuickCamRibbon"="c:\program files\Logitech\QuickCam10\QuickCam10.exe" [2007-02-08 774168]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-02-12 77824]
"WinampAgent"="c:\program files\Winamp\winampa.exe" [2008-04-01 36352]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2008-07-19 78008]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2008-11-10 136600]
"nwiz"="nwiz.exe" [2006-08-16 c:\windows\system32\nwiz.exe]
"SkyTel"="SkyTel.EXE" [2006-05-16 c:\windows\SkyTel.exe]
"RTHDCPL"="RTHDCPL.EXE" [2006-06-01 c:\windows\RTHDCPL.exe]
c:\documents and settings\Administrator\Menu Start\Programy\Autostart\
OpenOffice.ux.pl 2.1.0.lnk - c:\program files\OpenOffice.ux.pl 2.1.0\program\quickstart.exe [2006-12-30 17408]
c:\documents and settings\Monika\Menu Start\Programy\Autostart\
OpenOffice.ux.pl 2.1.0.lnk - c:\program files\OpenOffice.ux.pl 2.1.0\program\quickstart.exe [2006-12-30 17408]
c:\documents and settings\All Users\Menu Start\Programy\Autostart\
Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2004-12-14 29696]
Belkin Wireless USB Utility.lnk - d:\program files\Belkin\USB F5D7050\Wireless Utility\Belkinwcui.exe [2005-10-28 1404928]
Logitech Desktop Messenger.lnk - c:\program files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [2007-12-15 67128]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=wpqgbq.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.l3codec"= l3codecp.acm
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Gadu-Gadu\\gg.exe"=
"c:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\BearShare\\BearShare.exe"=
"c:\\Program Files\\FlashGet\\FlashGet.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2008-11-04 78416]
R1 sp_rsdrv2;Spyware Terminator Driver 2;\??\c:\windows\system32\drivers\sp_rsdrv2.sys [2008-11-04 141312]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\DRIVERS\aswFsBlk.sys [2008-11-04 20560]
S3 PavSRK.sys;PavSRK.sys;\??\c:\windows\system32\PavSRK.sys []
S3 PavTPK.sys;PavTPK.sys;\??\c:\windows\system32\PavTPK.sys []
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3482b442-b3e7-11dd-b809-001966000032}]
\Shell\AutoRun\command - G:\InstallTomTomHOME.exe
.
Zawartość folderu 'Zaplanowane zadania'
2008-09-12 c:\windows\Tasks\Norton Security Scan.job
- c:\program files\Norton Security Scan\Nss.exe []
.
- - - - USUNIĘTO PUSTE WPISY - - - -
BHO-{38BF2E83-FD15-4CFF-9A7A-2DC1AA2CCAED} - c:\windows\system32\vtUlIcbC.dll
Notify-iifdbYoL - iifdbYoL.dll
.
------- Skan uzupełniający -------
.
uStart Page = hxxp://google.pl/
IE: &Download All with FlashGet - c:\progra~1\FlashGet\jc_all.htm
IE: &Download with FlashGet - c:\progra~1\FlashGet\jc_link.htm
Trusted Zone: *.amaena.com
Trusted Zone: *.antimalwareguard.com
Trusted Zone: *.antispyexpert.com
Trusted Zone: *.avsystemcare.com
Trusted Zone: *.gomyhit.com
Trusted Zone: *.imageservr.com
Trusted Zone: *.imagesrvr.com
Trusted Zone: *.onerateld.com
Trusted Zone: *.safetydownload.com
Trusted Zone: *.spyguardpro.com
Trusted Zone: *.storageguardsoft.com
Trusted Zone: *.trustedantivirus.com
Trusted Zone: *.virusremover2008.com
Trusted Zone: *.virusschlacht.com
Trusted Zone: *.amaena.com
Trusted Zone: *.antimalwareguard.com
Trusted Zone: *.antispyexpert.com
Trusted Zone: *.avsystemcare.com
Trusted Zone: *.gomyhit.com
Trusted Zone: *.imageservr.com
Trusted Zone: *.imagesrvr.com
Trusted Zone: *.onerateld.com
Trusted Zone: *.safetydownload.com
Trusted Zone: *.spyguardpro.com
Trusted Zone: *.storageguardsoft.com
Trusted Zone: *.trustedantivirus.com
Trusted Zone: *.virusremover2008.com
Trusted Zone: *.virusschlacht.com
Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
FireFox -: Profile - c:\documents and settings\Monika\Dane aplikacji\Mozilla\Firefox\Profiles\mtqsc3mx.default\
FF -: plugin - c:\program files\Adobe\Acrobat 7.0\Reader\browser\nppdf32.dll
FF -: plugin - c:\program files\Java\jre6\bin\new_plugin\npdeploytk.dll
FF -: plugin - c:\program files\Java\jre6\bin\new_plugin\npjp2.dll
FF -: plugin - c:\program files\Mozilla Firefox\plugins\npdeploytk.dll
FF -: plugin - c:\program files\Yahoo!\Common\npyaxmpb.dll
.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-12-05 17:43:27
Windows 5.1.2600 Dodatek Service Pack 3 NTFS
skanowanie ukrytych procesów ...
skanowanie ukrytych wpisów autostartu ...
skanowanie ukrytych plików ...
skanowanie pomyślnie ukończone
ukryte pliki: 0
**************************************************************************
.
------------------------ Pozostałe uruchomione procesy ------------------------
.
c:\program files\Lavasoft\Ad-Aware\aawservice.exe
c:\program files\Alwil Software\Avast4\aswUpdSv.exe
c:\program files\Alwil Software\Avast4\ashServ.exe
c:\windows\system32\LEXBCES.EXE
c:\windows\system32\LEXPPS.EXE
c:\program files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\windows\system32\rundll32.exe
c:\windows\system32\nvsvc32.exe
c:\program files\Alwil Software\Avast4\ashDisp.exe
c:\windows\system32\PSIService.exe
c:\program files\Spyware Terminator\sp_rsser.exe
c:\program files\Lexmark 1200 Series\lxczbmon.exe
c:\program files\Common Files\LogiShrd\LComMgr\LVComSX.exe
c:\program files\Alwil Software\Avast4\ashMaiSv.exe
c:\program files\Alwil Software\Avast4\ashWebSv.exe
c:\program files\Common Files\LogiShrd\LQCVFX\COCIManager.exe
c:\windows\system32\wbem\wmiapsrv.exe
.
**************************************************************************
.
Czas ukończenia: 2008-12-05 17:47:14 - komputer został uruchomiony ponownie [Monika]
ComboFix-quarantined-files.txt 2008-12-05 17:46:32
ComboFix2.txt 2008-10-31 21:30:48
ComboFix3.txt 2008-10-01 15:11:21
Przed: 8,568,512,512 bajtów wolnych
Po: 8,797,212,672 bajtów wolnych
255 --- E O F --- 2008-11-13 19:48:28
A oto log z ``HIjackThis``
- Kod: Zaznacz wszystko
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:58:36, on 2008-12-05
Platform: Windows XP Dodatek SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
c:\program files\common files\logishrd\lvmvfm\LVPrcSrv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Lexmark 1200 Series\lxczbmgr.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Winamp\winampa.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\PSIService.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\Program Files\Lexmark 1200 Series\lxczbmon.exe
D:\Program Files\Belkin\USB F5D7050\Wireless Utility\Belkinwcui.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\LogiShrd\LComMgr\LVComSX.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Gadu-Gadu\gg.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.pl/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Lexmark 1200 Series] "C:\Program Files\Lexmark 1200 Series\lxczbmgr.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" /hide
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Gadu-Gadu] "C:\Program Files\Gadu-Gadu\gg.exe" /tray
O4 - Startup: OpenOffice.ux.pl 2.1.0.lnk = C:\Program Files\OpenOffice.ux.pl 2.1.0\program\quickstart.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Belkin Wireless USB Utility.lnk = D:\Program Files\Belkin\USB F5D7050\Wireless Utility\Belkinwcui.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O8 - Extra context menu item: &Download All with FlashGet - C:\PROGRA~1\FlashGet\jc_all.htm
O8 - Extra context menu item: &Download with FlashGet - C:\PROGRA~1\FlashGet\jc_link.htm
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: *.amaena.com
O15 - Trusted Zone: *.antimalwareguard.com
O15 - Trusted Zone: *.antispyexpert.com
O15 - Trusted Zone: *.avsystemcare.com
O15 - Trusted Zone: *.gomyhit.com
O15 - Trusted Zone: *.imageservr.com
O15 - Trusted Zone: *.imagesrvr.com
O15 - Trusted Zone: *.onerateld.com
O15 - Trusted Zone: *.safetydownload.com
O15 - Trusted Zone: *.spyguardpro.com
O15 - Trusted Zone: *.storageguardsoft.com
O15 - Trusted Zone: *.trustedantivirus.com
O15 - Trusted Zone: *.virusremover2008.com
O15 - Trusted Zone: *.virusschlacht.com
O15 - Trusted Zone: *.amaena.com (HKLM)
O15 - Trusted Zone: *.antimalwareguard.com (HKLM)
O15 - Trusted Zone: *.antispyexpert.com (HKLM)
O15 - Trusted Zone: *.avsystemcare.com (HKLM)
O15 - Trusted Zone: *.gomyhit.com (HKLM)
O15 - Trusted Zone: *.imageservr.com (HKLM)
O15 - Trusted Zone: *.imagesrvr.com (HKLM)
O15 - Trusted Zone: *.onerateld.com (HKLM)
O15 - Trusted Zone: *.safetydownload.com (HKLM)
O15 - Trusted Zone: *.spyguardpro.com (HKLM)
O15 - Trusted Zone: *.storageguardsoft.com (HKLM)
O15 - Trusted Zone: *.trustedantivirus.com (HKLM)
O15 - Trusted Zone: *.virusremover2008.com (HKLM)
O15 - Trusted Zone: *.virusschlacht.com (HKLM)
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1174301425562
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: wpqgbq.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\common files\logishrd\lvmvfm\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
--
End of file - 8099 bytes
Dodam jeszcze że mój komputer nie miał robionego formatu od nowości ...
Mieszkam w Angli a całe moje oprogramowanie zostało w Polsce
...Prosze o szybką odpowiedź i dziękuje z góry
...P.S. to bardzo pilne ... bardzo proszę pomóżcie ;(
..
pozdro
