
- Kod: Zaznacz wszystko
ComboFix 09-03-14.01 - Damian1 2009-03-15 16:43:16.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1250.1.1045.18.1023.518 [GMT 1:00]
Uruchomiony z: c:\documents and settings\Damian1\Moje dokumenty\aaa\ComboFix.exe
AV: AVG 7.5.524 *On-access scanning enabled* (Outdated)
* Utworzono nowy punkt przywracania
UWAGA - TEN KOMPUTER NIE MA ZAINSTALOWANEJ KONSOLI ODZYSKIWANIA !!
.
((((((((((((((((((((((((((((((((((((((( Usunięto )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\program files\Mozilla Firefox\plugins\NPMyGlSh.dll
c:\program files\myglobalsearch
c:\program files\myglobalsearch\bar\1.bin\M9FFXTBR.JAR
c:\program files\myglobalsearch\bar\1.bin\M9FFXTBR.MANIFEST
c:\program files\myglobalsearch\bar\1.bin\M9NTSTBR.JAR
c:\program files\myglobalsearch\bar\1.bin\M9NTSTBR.MANIFEST
c:\program files\myglobalsearch\bar\1.bin\M9PLUGIN.DLL
c:\program files\myglobalsearch\bar\1.bin\MGSBAR.DLL
c:\program files\myglobalsearch\bar\1.bin\NPMYGLSH.DLL
c:\program files\myglobalsearch\bar\Cache\[u]0[/u]0031444
c:\program files\myglobalsearch\bar\Cache\[u]0[/u]07A69D4.bin
c:\program files\myglobalsearch\bar\Cache\[u]0[/u]07A7964.bin
c:\program files\myglobalsearch\bar\Cache\[u]0[/u]07A7CA0.bin
c:\program files\myglobalsearch\bar\Cache\[u]0[/u]0D4B520
c:\program files\myglobalsearch\bar\Cache\files.ini
c:\program files\myglobalsearch\bar\History\search
c:\program files\myglobalsearch\bar\Settings\prevcfg.htm
c:\windows\IE4 Error Log.txt
c:\windows\system32\SkypeComm.dll
c:\windows\system32\taskmagr.exe
c:\windows\system32\wmdmpmsvc.dll
.
((((((((((((((((((((((((( Pliki utworzone od 2009-02-15 do 2009-03-15 )))))))))))))))))))))))))))))))
.
2009-03-15 11:40 . 2009-03-15 11:40 57,344 --a------ c:\windows\system32\imcomm.dll
2009-03-10 20:57 . 2009-03-10 20:58 <DIR> d-------- c:\program files\SopCast
2009-03-09 18:43 . 2009-03-15 16:46 <DIR> d--h----- c:\documents and settings\Administrator\Ustawienia lokalne
2009-03-09 18:43 . 2007-10-17 17:06 <DIR> d-------- c:\documents and settings\Administrator\Ulubione
2009-03-09 18:43 . 2007-10-17 15:19 <DIR> d--h----- c:\documents and settings\Administrator\Szablony
2009-03-09 18:43 . 2007-10-17 17:06 <DIR> d-------- c:\documents and settings\Administrator\Pulpit
2009-03-09 18:43 . 2007-10-17 17:06 <DIR> d-------- c:\documents and settings\Administrator\Moje dokumenty
2009-03-09 18:43 . 2007-10-17 17:06 <DIR> dr------- c:\documents and settings\Administrator\Menu Start
2009-03-09 18:43 . 2007-10-17 17:06 <DIR> dr-h----- c:\documents and settings\Administrator\Dane aplikacji
2009-03-09 18:43 . 2009-03-09 18:43 <DIR> d-------- c:\documents and settings\Administrator
2009-03-09 18:28 . 2009-03-09 18:28 <DIR> d-------- c:\program files\Trend Micro
2009-03-09 18:27 . 2009-03-09 18:27 <DIR> d-------- C:\hj
2009-03-07 20:34 . 2009-03-07 20:34 <DIR> d-------- c:\documents and settings\Jarek\Dane aplikacji\skypePM
2009-03-07 20:31 . 2009-03-07 22:31 <DIR> d-------- c:\documents and settings\Jarek\Dane aplikacji\Skype
2009-03-04 18:08 . 2009-03-04 18:08 <DIR> d-------- c:\program files\MSECache
2009-03-01 21:10 . 2009-03-01 21:10 16,384 --a------ c:\windows\wxpw.dat
2009-03-01 21:10 . 2009-03-01 21:10 16,384 --ahs---- c:\windows\system32\wxpx.dat
2009-03-01 21:07 . 2009-03-01 21:07 16,384 --a------ c:\program files\uik.dat
2009-03-01 21:06 . 2009-03-01 21:06 4 --a------ c:\program files\is.dat
2009-03-01 21:04 . 2009-03-01 21:04 <DIR> d-------- c:\program files\Casino
2009-02-26 17:31 . 2009-02-26 17:32 <DIR> d-------- c:\documents and settings\Konrad\Dane aplikacji\Nowe Gadu-Gadu
2009-02-26 12:01 . 2009-03-15 13:43 <DIR> d-------- c:\documents and settings\Damian1\Dane aplikacji\Nowe Gadu-Gadu
2009-02-26 12:00 . 2009-02-26 12:00 <DIR> d-------- c:\program files\Nowe Gadu-Gadu
2009-02-23 19:49 . 2009-02-23 19:49 <DIR> d-------- c:\documents and settings\Jarek\Dane aplikacji\Gadu-Gadu
2009-02-23 19:47 . 2009-02-24 19:29 <DIR> d-------- c:\documents and settings\Jarek\Gadu-Gadu
2009-02-22 19:54 . 2009-02-22 19:54 <DIR> d-------- c:\program files\JoWood
2009-02-22 17:56 . 2009-02-22 17:56 <DIR> d-------- c:\documents and settings\Damian1\Dane aplikacji\Leadertech
2009-02-21 20:14 . 2009-02-21 20:14 9,818 --a------ c:\windows\system32\ealregsnapshot1.reg
.
(((((((((((((((((((((((((((((((((((((((( Sekcja Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-03-15 13:58 --------- d-----w c:\program files\NAPI-PROJEKT
2009-03-15 10:41 --------- d-----w c:\documents and settings\Damian1\Dane aplikacji\AVG7
2009-03-14 11:55 --------- d-----w c:\program files\Metin2_PL
2009-03-13 18:31 --------- d-----w c:\documents and settings\Konrad\Dane aplikacji\Skype
2009-03-13 15:18 --------- d-----w c:\documents and settings\Konrad\Dane aplikacji\skypePM
2009-03-13 15:17 --------- d-----w c:\documents and settings\Konrad\Dane aplikacji\AVG7
2009-03-12 14:10 --------- d-----w c:\documents and settings\Jarek\Dane aplikacji\AVG7
2009-03-11 22:37 --------- d-----w c:\program files\FlashGet
2009-03-11 22:08 --------- d-----w c:\documents and settings\Damian1\Dane aplikacji\Image Zone Express
2009-02-25 19:06 --------- d--h--w c:\program files\InstallShield Installation Information
2009-02-25 19:06 --------- d-----w c:\program files\EA GAMES
2009-02-23 15:08 --------- d-----w c:\documents and settings\Damian1\Dane aplikacji\Skype
2009-02-23 14:00 --------- d-----w c:\documents and settings\Damian1\Dane aplikacji\skypePM
2009-02-21 19:12 --------- d-----w c:\program files\Electronic Arts
2009-02-09 12:59 --------- d-----w c:\documents and settings\Klaudia\Dane aplikacji\AVG7
2009-02-07 14:26 162,432 ----a-w c:\windows\system32\drivers\ithsgt.sys
2009-02-07 14:26 12,032 ----a-w c:\windows\system32\drivers\lilsgt.sys
2009-02-07 14:20 --------- d-----w c:\program files\Atari
2009-02-05 21:18 --------- d-----w c:\program files\Google
2009-01-27 21:19 --------- d-----w c:\program files\stepmania
2009-01-24 12:22 21,840 ----atw c:\windows\system32\SIntfNT.dll
2009-01-24 12:22 17,212 ----atw c:\windows\system32\SIntf32.dll
2009-01-24 12:22 12,067 ----atw c:\windows\system32\SIntf16.dll
2009-01-24 12:19 --------- d-----w c:\program files\Fox
2009-01-19 22:28 --------- d-----w c:\program files\Easy CD-DA Extractor 6
2009-01-19 22:26 729,088 ----a-w c:\windows\iun6002.exe
2009-01-05 22:33 3,751,995 ----a-w c:\windows\system32\GPhotos.scr
2008-09-09 20:56 22,328 ----a-w c:\documents and settings\Damian1\Dane aplikacji\PnkBstrK.sys
2007-12-18 10:02 32 ----a-w c:\documents and settings\All Users\Dane aplikacji\ezsid.dat
.
------- Sigcheck -------
2004-08-03 22:14 359040 9f4b36614a0fc234525ba224957de55c c:\windows\system32\dllcache\tcpip.sys
2004-08-03 22:14 359040 6a603809f598332dbedd535bdbce313e c:\windows\system32\drivers\tcpip.sys
.
((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2004-08-03 15360]
"Uruchamianie DeCe"="c:\program files\DeCe\dc.exe" [2005-03-03 72704]
"PcSync"="c:\program files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2006-06-27 1449984]
"CTSyncU.exe"="c:\program files\Creative\Sync Manager Unicode\CTSyncU.exe" [2007-05-30 868352]
"CreativeTaskScheduler"="c:\program files\Creative\Shared Files\CTSched.exe" [2006-11-17 53341]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2004-08-03 1667584]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-06-28 8466432]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-06-28 81920]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
"SoundMAXPnP"="c:\program files\Analog Devices\SoundMAX\SMax4PNP.exe" [2004-10-14 1388544]
"WinampAgent"="c:\program files\Winamp\winampa.exe" [2007-05-14 35328]
"AVG7_CC"="c:\progra~1\Grisoft\AVG7\avgcc.exe" [2008-04-16 579584]
"PCSuiteTrayApplication"="c:\progra~1\Nokia\NOKIAP~1\LAUNCH~1.EXE" [2006-06-15 229376]
"hpqSRMon"="c:\program files\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-03-13 81920]
"nwiz"="nwiz.exe" [2007-06-28 c:\windows\system32\nwiz.exe]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-03 15360]
"AVG7_Run"="c:\progra~1\Grisoft\AVG7\avgw.exe" [2007-10-23 219136]
c:\documents and settings\Damian1\Menu Start\Programy\Autostart\
Adobe Gamma.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-03-16 113664]
No-IP DUC.lnk - c:\program files\No-IP\DUC20.exe [2007-10-16 1172992]
Picture Motion Browser Media Check Tool.lnk - c:\program files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe [2008-10-08 376832]
c:\documents and settings\All Users\Menu Start\Programy\Autostart\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2006-02-19 288472]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"= ctwdm32.dll
"aux1"= ctwdm32.dll
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Gadu-Gadu\\gg.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=
"c:\\Program Files\\Last.fm\\LastFM.exe"=
"c:\\Program Files\\Counter Strike 1.6 Reloaded\\hl.exe"=
"c:\\Program Files\\Grisoft\\AVG7\\avginet.exe"=
"c:\\Program Files\\Grisoft\\AVG7\\avgamsvr.exe"=
"c:\\Program Files\\Grisoft\\AVG7\\avgcc.exe"=
"c:\\Program Files\\Grisoft\\AVG7\\avgemc.exe"=
"c:\\Program Files\\BitComet\\BitComet.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\FlashGet\\flashget.exe"=
"c:\\Program Files\\DeCe\\dc.exe"=
"c:\\Program Files\\Electronic Arts\\Medal of Honor Airborne\\UnrealEngine3\\Binaries\\MOHA.exe"=
"c:\\Program Files\\LittleFighter2\\LF2_v1.9c\\lf2.exe"=
"c:\\Program Files\\Wesnoth\\wesnothd.exe"=
"c:\\Program Files\\The All-Seeing Eye\\eye.exe"=
"c:\\Program Files\\Call of Duty\\CoDMP.exe"=
"c:\\Program Files\\Sports Interactive\\Football Manager 2008\\fm.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\Counter Strike 1.6 Reloaded\\cstrike.exe"=
"c:\\Program Files\\BearShare\\BearShare.exe"=
"c:\\Program Files\\Counter Strike 1.6 Reloaded\\hlds.exe"=
"c:\\Program Files\\mIRC\\mirc.exe"=
"c:\\Program Files\\Atari\\Neverwinter Nights 2\\nwn2main.exe"=
"c:\\Program Files\\Atari\\Neverwinter Nights 2\\nwn2main_amdxp.exe"=
"c:\\Program Files\\Atari\\Neverwinter Nights 2\\nwupdate.exe"=
"c:\\Program Files\\Atari\\Neverwinter Nights 2\\nwn2server.exe"=
"c:\\Program Files\\Spring\\spring.exe"=
"c:\\Program Files\\Spring\\TASClient.exe"=
"c:\\Program Files\\VALVe\\Counter-Strike Source\\hl2.exe"=
"c:\\Documents and Settings\\Konrad\\Ustawienia lokalne\\Dane aplikacji\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Wolfenstein - Enemy Territory\\ET.exe"=
"c:\\Program Files\\coldstorage\\kquery4\\KQUERY4.exe"=
"c:\\Program Files\\EA GAMES\\Battlefield 2\\BF2.exe"=
"c:\\Program Files\\MC2\\Sniper Elite\\SniperElite.exe"=
"c:\\Program Files\\Konami\\Pro Evolution Soccer 2009\\pes2009.exe"=
"c:\\Program Files\\Sierra\\FEARCombat\\fpupdate.exe"=
"c:\\Program Files\\Sierra\\FEARCombat\\FEARMP.exe"=
"c:\\Program Files\\JoWood\\The Guild II\\GuildII.exe"=
"c:\\Program Files\\Nowe Gadu-Gadu\\gg.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\SopCast\\adv\\SopAdver.exe"=
"c:\\Program Files\\SopCast\\SopCast.exe"=
"c:\\Program Files\\Metin2_PL\\metin2.bin"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"10057:TCP"= 10057:TCP:BitComet 10057 TCP
"10057:UDP"= 10057:UDP:BitComet 10057 UDP
R2 ABBYY.Licensing.FineReader.Professional.9.0;Usługa licencjonowania programu ABBYY FineReader 9.0;c:\program files\ABBYY FineReader 9.0\NetworkLicenseServer.exe [2007-09-24 566560]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f4ae07d6-aa97-11dd-b609-000c76b04ad8}]
\Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe pagefile.sys.vbs
.
.
------- Skan uzupełniający -------
.
uInternet Connection Wizard,ShellNext = hxxp://gg.hit.gemius.pl/hitredir/id=nXBFBr7X2T_aYm2ciEuR_pPczZCGbE837tmTkSMwGWb._7/stparam=komqhqjtsw/sarg=GDE/url=%20http://www.aqualiathermal.pl/
IE: &D&ownload &with BitComet - c:\program files\BitComet\BitComet.exe/AddLink.htm
IE: &D&ownload all video with BitComet - c:\program files\BitComet\BitComet.exe/AddVideo.htm
IE: &D&ownload all with BitComet - c:\program files\BitComet\BitComet.exe/AddAllLink.htm
IE: &Download All with FlashGet - c:\progra~1\FlashGet\jc_all.htm
IE: &Download with FlashGet - c:\progra~1\FlashGet\jc_link.htm
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&ksport do programu Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
TCP: {D385400D-C405-41D6-B1DD-173DF7A866F4} = 194.204.132.34,194.204.159.1
FF - ProfilePath - c:\documents and settings\Damian1\Dane aplikacji\Mozilla\Firefox\Profiles\n16jswv4.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.pl/
FF - component: c:\program files\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\components\NPComponent.dll
FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npganymedenet.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\NPSignPlugin.dll
---- FIREFOX - SPOSÓB POSTĘPOWANIA ----
FF - user.js: general.useragent.extra.zencast - Creative ZENcast v2.00.08.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-03-15 16:48:57
Windows 5.1.2600 Dodatek Service Pack 2 NTFS
skanowanie ukrytych procesów ...
skanowanie ukrytych wpisów autostartu ...
skanowanie ukrytych plików ...
**************************************************************************
.
--------------------- ZABLOKOWANE KLUCZE REJESTRU ---------------------
[HKEY_USERS\S-1-5-21-1060284298-651377827-725345543-1003\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
Czas ukończenia: 2009-03-15 16:52:38
ComboFix-quarantined-files.txt 2009-03-15 15:51:21
Przed: 5 556 436 992 bajtów wolnych
Po: 10,715,009,024 bajtów wolnych
236 --- E O F --- 2007-10-28 09:30:36
- Kod: Zaznacz wszystko
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:54:08, on 2009-03-15
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ABBYY FineReader 9.0\NetworkLicenseServer.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\Program Files\Winamp\winampa.exe
C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\DeCe\dc.exe
C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe
C:\Program Files\Creative\Shared Files\CTSched.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\No-IP\DUC20.exe
C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
C:\Program Files\EA Games\Need for Speed Undercover\PB\PnkBstrA.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\COMMON~1\Nokia\MPAPI\MPAPI3s.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Java\jre1.6.0_07\bin\jucheck.exe
C:\WINDOWS\system32\notepad.exe
C:\WINDOWS\system32\imapi.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://gg.hit.gemius.pl/hitredir/id=nXBFBr7X2T_aYm2ciEuR_pPczZCGbE837tmTkSMwGWb._7/stparam=komqhqjtsw/sarg=GDE/url=%20http://www.aqualiathermal.pl/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll
O2 - BHO: My Global Search Bar BHO - {37B85A21-692B-4205-9CAD-2626E4993404} - C:\Program Files\MyGlobalSearch\bar\1.bin\MGSBAR.DLL (file missing)
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.8.30.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll
O3 - Toolbar: My Global Search Bar - {37B85A29-692B-4205-9CAD-2626E4993404} - C:\Program Files\MyGlobalSearch\bar\1.bin\MGSBAR.DLL (file missing)
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -startup
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Uruchamianie DeCe] C:\Program Files\DeCe\dc.exe -m
O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
O4 - HKCU\..\Run: [CTSyncU.exe] "C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe"
O4 - HKCU\..\Run: [CreativeTaskScheduler] "C:\Program Files\Creative\Shared Files\CTSched.exe" /logon
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: No-IP DUC.lnk = C:\Program Files\No-IP\DUC20.exe
O4 - Startup: Picture Motion Browser Media Check Tool.lnk = C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: &Download All with FlashGet - C:\PROGRA~1\FlashGet\jc_all.htm
O8 - Extra context menu item: &Download with FlashGet - C:\PROGRA~1\FlashGet\jc_link.htm
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: BitComet Search - {461CC20B-FB6E-4f16-8FE8-C29359DB100E} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.8.30.dll
O9 - Extra button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{D385400D-C405-41D6-B1DD-173DF7A866F4}: NameServer = 194.204.132.34,194.204.159.1
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Usługa licencjonowania programu ABBYY FineReader 9.0 (ABBYY.Licensing.FineReader.Professional.9.0) - ABBYY (BIT Software) - C:\Program Files\ABBYY FineReader 9.0\NetworkLicenseServer.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PunkBuster (PnkBstrA) - Unknown owner - C:\Program Files\EA Games\Need for Speed Undercover\PB\PnkBstrA.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
--
End of file - 9520 bytes
Bardzo prosze o pomoc, z gory dziekuje
