Blokowanie się Systemu
Mój pierwszy post ponieważ piszę tylko z problemem z którym już jakiś czas sie borykam... szukałem nawet odpowiedzi na tym forum, ale odpowiedzi nie znalazłem...
Mój problem jest następujący
Kiedy komp się załaduje i gdy zamierzam ( np włączyć cokolwiek) Komputer od razu się blokuję...
Restart nie daje skutku tylko trzeba wyłączyć komputer...
W trybie awaryjnym działa bez problemu ( Tak jak teraz właśnie pisze)
Kolega proponował mi żebym "pobawił się " w msconfig
Niestety nawet gdy mam zaznaczone uruchamianie diagnostyczne problem jest ten sam :(
Komputer przeczyściłem Tuneup2007 defragmentowałem i skanowałem i dalej to samo
Przyczyny dalej niestety nie znam i już brakuje mi pomysłów :(
Pozdrawiam
Odpowiedzi: 18
Typ Data Godzina Źródło Kategoria Zdarzenie Użytkownik Komputer
Informacje 2008-04-03 19:11:25 SecurityCenter Brak 1800 Brak 666-FF46DC3B989
Informacje 2008-04-03 18:05:15 MsiInstaller Brak 11707 Matrixen 666-FF46DC3B989
Informacje 2008-04-03 18:05:11 LoadPerf Brak 1000 Brak 666-FF46DC3B989
Informacje 2008-04-03 18:05:10 LoadPerf Brak 1001 Brak 666-FF46DC3B989
Informacje 2008-04-03 18:05:07 ESENT Ogólne 101 Brak 666-FF46DC3B989
Informacje 2008-04-03 18:05:07 ESENT Ogólne 103 Brak 666-FF46DC3B989
Informacje 2008-04-03 18:03:59 ESENT Ogólne 102 Brak 666-FF46DC3B989
Informacje 2008-04-03 18:03:59 ESENT Ogólne 100 Brak 666-FF46DC3B989
Informacje 2008-04-03 18:03:22 SecurityCenter Brak 1800 Brak 666-FF46DC3B989
Informacje 2008-04-03 17:56:01 SceCli Brak 1500 Brak 666-FF46DC3B989
Informacje 2008-04-03 17:55:18 WmdmPmSN Brak 100 Brak 666-FF46DC3B989
Informacje 2008-04-03 17:54:58 COM+ (113) 4156 Brak 666-FF46DC3B989
Informacje 2008-04-03 17:54:58 COM+ (113) 4156 Brak 666-FF46DC3B989
Informacje 2008-04-03 17:54:58 COM+ (113) 4156 Brak 666-FF46DC3B989
Informacje 2008-04-03 17:54:58 COM+ (113) 4156 Brak 666-FF46DC3B989
Ostrzeżenie 2008-04-03 17:54:53 WinMgmt Brak 5603 SYSTEM 666-FF46DC3B989
Ostrzeżenie 2008-04-03 17:54:53 WinMgmt Brak 5603 SYSTEM 666-FF46DC3B989
Informacje 2008-04-03 17:52:01 LoadPerf Brak 1000 Brak 666-FF46DC3B989
Informacje 2008-04-03 17:52:01 LoadPerf Brak 1000 Brak 666-FF46DC3B989
Informacje 2008-04-03 17:52:01 LoadPerf Brak 1000 Brak 666-FF46DC3B989
Ostrzeżenie 2008-04-03 17:51:53 WinMgmt Brak 63 SYSTEM 666-FF46DC3B989
Ostrzeżenie 2008-04-03 17:51:53 WinMgmt Brak 63 SYSTEM 666-FF46DC3B989
Ostrzeżenie 2008-04-03 17:51:48 WinMgmt Brak 63 SYSTEM 666-FF46DC3B989
Informacje 2008-04-03 17:51:29 LoadPerf Brak 1000 Brak 666-FF46DC3B989
Informacje 2008-04-03 17:51:29 LoadPerf Brak 1001 Brak 666-FF46DC3B989
Informacje 2008-04-03 17:51:28 LoadPerf Brak 1000 Brak 666-FF46DC3B989
Informacje 2008-04-03 17:51:02 MSDTC Dysk 2444 Brak 666-FF46DC3B989
Informacje 2008-04-03 17:51:02 MSDTC Urządzenia 4104 Brak 666-FF46DC3B989
Informacje 2008-04-03 17:50:58 LoadPerf Brak 1000 Brak 666-FF46DC3B989
Informacje 2008-04-03 17:50:54 LoadPerf Brak 1000 Brak 666-FF46DC3B989
Informacje 2008-04-03 17:49:46 LoadPerf Brak 1000 Brak 666-FF46DC3B989
Informacje 2008-04-03 17:49:08 LoadPerf Brak 1000 Brak 666-FF46DC3B989
Informacje 2008-04-03 17:49:07 LoadPerf Brak 1000 Brak 666-FF46DC3B989
Typ Data Godzina Źródło Kategoria Zdarzenie Użytkownik Komputer
Informacje 2008-04-03 19:17:09 eventlog Brak 6005 Brak 666-FF46DC3B989
Informacje 2008-04-03 19:17:09 eventlog Brak 6009 Brak 666-FF46DC3B989
Informacje 2008-04-03 19:16:24 eventlog Brak 6006 Brak 666-FF46DC3B989
Błąd 2008-04-03 19:16:21 DCOM Brak 10005 SYSTEM 666-FF46DC3B989
Błąd 2008-04-03 19:15:31 Service Control Manager Brak 7026 Brak 666-FF46DC3B989
Błąd 2008-04-03 19:15:31 Service Control Manager Brak 7001 Brak 666-FF46DC3B989
Błąd 2008-04-03 19:15:31 Service Control Manager Brak 7001 Brak 666-FF46DC3B989
Błąd 2008-04-03 19:15:31 Service Control Manager Brak 7001 Brak 666-FF46DC3B989
Błąd 2008-04-03 19:15:31 Service Control Manager Brak 7001 Brak 666-FF46DC3B989
Błąd 2008-04-03 19:14:26 DCOM Brak 10005 SYSTEM 666-FF46DC3B989
Informacje 2008-04-03 19:13:56 eventlog Brak 6005 Brak 666-FF46DC3B989
Informacje 2008-04-03 19:13:56 eventlog Brak 6009 Brak 666-FF46DC3B989
Informacje 2008-04-03 19:11:35 Service Control Manager Brak 7036 Brak 666-FF46DC3B989
Informacje 2008-04-03 19:11:31 Service Control Manager Brak 7036 Brak 666-FF46DC3B989
Informacje 2008-04-03 19:11:30 Service Control Manager Brak 7036 Brak 666-FF46DC3B989
Informacje 2008-04-03 19:11:30 Service Control Manager Brak 7035 SYSTEM 666-FF46DC3B989
Informacje 2008-04-03 19:11:30 Service Control Manager Brak 7035 SYSTEM 666-FF46DC3B989
Informacje 2008-04-03 19:11:30 Service Control Manager Brak 7036 Brak 666-FF46DC3B989
Informacje 2008-04-03 19:11:30 Service Control Manager Brak 7036 Brak 666-FF46DC3B989
Informacje 2008-04-03 19:11:30 Service Control Manager Brak 7035 SYSTEM 666-FF46DC3B989
Informacje 2008-04-03 19:11:30 Service Control Manager Brak 7035 SYSTEM 666-FF46DC3B989
Informacje 2008-04-03 19:11:30 Service Control Manager Brak 7036 Brak 666-FF46DC3B989
Informacje 2008-04-03 19:11:30 Service Control Manager Brak 7035 SYSTEM 666-FF46DC3B989
Informacje 2008-04-03 19:11:30 Service Control Manager Brak 7036 Brak 666-FF46DC3B989
Informacje 2008-04-03 19:11:04 eventlog Brak 6005 Brak 666-FF46DC3B989
Informacje 2008-04-03 19:11:04 eventlog Brak 6009 Brak 666-FF46DC3B989
Informacje 2008-04-03 18:34:42 eventlog Brak 6006 Brak 666-FF46DC3B989
Błąd 2008-04-03 18:34:38 DCOM Brak 10005 SYSTEM 666-FF46DC3B989
Błąd 2008-04-03 18:30:07 Service Control Manager Brak 7026 Brak 666-FF46DC3B989
Błąd 2008-04-03 18:30:07 Service Control Manager Brak 7001 Brak 666-FF46DC3B989
Błąd 2008-04-03 18:30:07 Service Control Manager Brak 7001 Brak 666-FF46DC3B989
Błąd 2008-04-03 18:30:07 Service Control Manager Brak 7001 Brak 666-FF46DC3B989
Błąd 2008-04-03 18:30:07 Service Control Manager Brak 7001 Brak 666-FF46DC3B989
Błąd 2008-04-03 18:29:07 DCOM Brak 10005 SYSTEM 666-FF46DC3B989
Informacje 2008-04-03 18:28:34 eventlog Brak 6005 Brak 666-FF46DC3B989
Informacje 2008-04-03 18:28:34 eventlog Brak 6009 Brak 666-FF46DC3B989
Informacje 2008-04-03 18:05:31 Service Control Manager Brak 7036 Brak 666-FF46DC3B989
Informacje 2008-04-03 18:05:25 Service Control Manager Brak 7036 Brak 666-FF46DC3B989
Informacje 2008-04-03 18:05:25 Service Control Manager Brak 7035 SYSTEM 666-FF46DC3B989
Informacje 2008-04-03 18:05:14 Windows Update Agent Instalacja 19 Brak 666-FF46DC3B989
Informacje 2008-04-03 18:05:11 Service Control Manager Brak 7036 Brak 666-FF46DC3B989
Informacje 2008-04-03 18:05:11 Service Control Manager Brak 7035 SYSTEM 666-FF46DC3B989
Informacje 2008-04-03 18:05:09 Service Control Manager Brak 7036 Brak 666-FF46DC3B989
Informacje 2008-04-03 18:04:48 Service Control Manager Brak 7036 Brak 666-FF46DC3B989
Informacje 2008-04-03 18:04:48 Service Control Manager Brak 7035 SYSTEM 666-FF46DC3B989
Informacje 2008-04-03 18:04:48 Service Control Manager Brak 7036 Brak 666-FF46DC3B989
Informacje 2008-04-03 18:04:10 Service Control Manager Brak 7036 Brak 666-FF46DC3B989
Informacje 2008-04-03 18:04:09 Service Control Manager Brak 7035 SYSTEM 666-FF46DC3B989
Informacje 2008-04-03 18:04:09 Service Control Manager Brak 7036 Brak 666-FF46DC3B989
Informacje 2008-04-03 18:04:09 Service Control Manager Brak 7035 SYSTEM 666-FF46DC3B989
Informacje 2008-04-03 18:03:22 Service Control Manager Brak 7036 Brak 666-FF46DC3B989
Informacje 2008-04-03 18:03:22 Service Control Manager Brak 7036 Brak 666-FF46DC3B989
Informacje 2008-04-03 18:03:22 Service Control Manager Brak 7035 SYSTEM 666-FF46DC3B989
Informacje 2008-04-03 18:03:22 Service Control Manager Brak 7036 Brak 666-FF46DC3B989
Informacje 2008-04-03 18:03:22 Service Control Manager Brak 7035 SYSTEM 666-FF46DC3B989
Informacje 2008-04-03 18:03:22 Service Control Manager Brak 7035 SYSTEM 666-FF46DC3B989
Informacje 2008-04-03 18:03:22 Service Control Manager Brak 7035 SYSTEM 666-FF46DC3B989
Informacje 2008-04-03 18:03:11 srservice Brak 115 Brak 666-FF46DC3B989
Informacje 2008-04-03 18:02:59 eventlog Brak 6005 Brak 666-FF46DC3B989
Informacje 2008-04-03 18:02:59 eventlog Brak 6009 Brak 666-FF46DC3B989
Informacje 2008-04-03 17:59:41 Setup Brak 60054 Brak 666-FF46DC3B989
Informacje 2008-04-03 17:53:20 Http Brak 15007 Brak 666-FF46DC3B989
Konfiguracja sprzętowa + wersje sterowników + podstawowe programy + info o aktualizacjach <-- Gdzie to znajde :P
Zresztą to sprawa jest dla mnie obca więc nie mam zielonego pojęcia co widzę i co mam zrobić... Co mogę zrobić z tymi błędami i Ostrzeżeniami?
Typ Data Godzina Źródło Kategoria Zdarzenie Użytkownik Komputer
Informacje 2008-04-03 19:11:25 SecurityCenter Brak 1800 Brak 666-FF46DC3B989
Informacje 2008-04-03 18:05:15 MsiInstaller Brak 11707 Matrixen 666-FF46DC3B989
Informacje 2008-04-03 18:05:11 LoadPerf Brak 1000 Brak 666-FF46DC3B989
Informacje 2008-04-03 18:05:10 LoadPerf Brak 1001 Brak 666-FF46DC3B989
Informacje 2008-04-03 18:05:07 ESENT Ogólne 101 Brak 666-FF46DC3B989
Informacje 2008-04-03 18:05:07 ESENT Ogólne 103 Brak 666-FF46DC3B989
Informacje 2008-04-03 18:03:59 ESENT Ogólne 102 Brak 666-FF46DC3B989
Informacje 2008-04-03 18:03:59 ESENT Ogólne 100 Brak 666-FF46DC3B989
Informacje 2008-04-03 18:03:22 SecurityCenter Brak 1800 Brak 666-FF46DC3B989
Informacje 2008-04-03 17:56:01 SceCli Brak 1500 Brak 666-FF46DC3B989
Informacje 2008-04-03 17:55:18 WmdmPmSN Brak 100 Brak 666-FF46DC3B989
Informacje 2008-04-03 17:54:58 COM+ (113) 4156 Brak 666-FF46DC3B989
Informacje 2008-04-03 17:54:58 COM+ (113) 4156 Brak 666-FF46DC3B989
Informacje 2008-04-03 17:54:58 COM+ (113) 4156 Brak 666-FF46DC3B989
Informacje 2008-04-03 17:54:58 COM+ (113) 4156 Brak 666-FF46DC3B989
Ostrzeżenie 2008-04-03 17:54:53 WinMgmt Brak 5603 SYSTEM 666-FF46DC3B989
Ostrzeżenie 2008-04-03 17:54:53 WinMgmt Brak 5603 SYSTEM 666-FF46DC3B989
Informacje 2008-04-03 17:52:01 LoadPerf Brak 1000 Brak 666-FF46DC3B989
Informacje 2008-04-03 17:52:01 LoadPerf Brak 1000 Brak 666-FF46DC3B989
Informacje 2008-04-03 17:52:01 LoadPerf Brak 1000 Brak 666-FF46DC3B989
Ostrzeżenie 2008-04-03 17:51:53 WinMgmt Brak 63 SYSTEM 666-FF46DC3B989
Ostrzeżenie 2008-04-03 17:51:53 WinMgmt Brak 63 SYSTEM 666-FF46DC3B989
Ostrzeżenie 2008-04-03 17:51:48 WinMgmt Brak 63 SYSTEM 666-FF46DC3B989
Informacje 2008-04-03 17:51:29 LoadPerf Brak 1000 Brak 666-FF46DC3B989
Informacje 2008-04-03 17:51:29 LoadPerf Brak 1001 Brak 666-FF46DC3B989
Informacje 2008-04-03 17:51:28 LoadPerf Brak 1000 Brak 666-FF46DC3B989
Informacje 2008-04-03 17:51:02 MSDTC Dysk 2444 Brak 666-FF46DC3B989
Informacje 2008-04-03 17:51:02 MSDTC Urządzenia 4104 Brak 666-FF46DC3B989
Informacje 2008-04-03 17:50:58 LoadPerf Brak 1000 Brak 666-FF46DC3B989
Informacje 2008-04-03 17:50:54 LoadPerf Brak 1000 Brak 666-FF46DC3B989
Informacje 2008-04-03 17:49:46 LoadPerf Brak 1000 Brak 666-FF46DC3B989
Informacje 2008-04-03 17:49:08 LoadPerf Brak 1000 Brak 666-FF46DC3B989
Informacje 2008-04-03 17:49:07 LoadPerf Brak 1000 Brak 666-FF46DC3B989
---------------
Typ Data Godzina Źródło Kategoria Zdarzenie Użytkownik Komputer
Informacje 2008-04-03 19:17:09 eventlog Brak 6005 Brak 666-FF46DC3B989
Informacje 2008-04-03 19:17:09 eventlog Brak 6009 Brak 666-FF46DC3B989
Informacje 2008-04-03 19:16:24 eventlog Brak 6006 Brak 666-FF46DC3B989
Błąd 2008-04-03 19:16:21 DCOM Brak 10005 SYSTEM 666-FF46DC3B989
Błąd 2008-04-03 19:15:31 Service Control Manager Brak 7026 Brak 666-FF46DC3B989
Błąd 2008-04-03 19:15:31 Service Control Manager Brak 7001 Brak 666-FF46DC3B989
Błąd 2008-04-03 19:15:31 Service Control Manager Brak 7001 Brak 666-FF46DC3B989
Błąd 2008-04-03 19:15:31 Service Control Manager Brak 7001 Brak 666-FF46DC3B989
Błąd 2008-04-03 19:15:31 Service Control Manager Brak 7001 Brak 666-FF46DC3B989
Błąd 2008-04-03 19:14:26 DCOM Brak 10005 SYSTEM 666-FF46DC3B989
Informacje 2008-04-03 19:13:56 eventlog Brak 6005 Brak 666-FF46DC3B989
Informacje 2008-04-03 19:13:56 eventlog Brak 6009 Brak 666-FF46DC3B989
Informacje 2008-04-03 19:11:35 Service Control Manager Brak 7036 Brak 666-FF46DC3B989
Informacje 2008-04-03 19:11:31 Service Control Manager Brak 7036 Brak 666-FF46DC3B989
Informacje 2008-04-03 19:11:30 Service Control Manager Brak 7036 Brak 666-FF46DC3B989
Informacje 2008-04-03 19:11:30 Service Control Manager Brak 7035 SYSTEM 666-FF46DC3B989
Informacje 2008-04-03 19:11:30 Service Control Manager Brak 7035 SYSTEM 666-FF46DC3B989
Informacje 2008-04-03 19:11:30 Service Control Manager Brak 7036 Brak 666-FF46DC3B989
Informacje 2008-04-03 19:11:30 Service Control Manager Brak 7036 Brak 666-FF46DC3B989
Informacje 2008-04-03 19:11:30 Service Control Manager Brak 7035 SYSTEM 666-FF46DC3B989
Informacje 2008-04-03 19:11:30 Service Control Manager Brak 7035 SYSTEM 666-FF46DC3B989
Informacje 2008-04-03 19:11:30 Service Control Manager Brak 7036 Brak 666-FF46DC3B989
Informacje 2008-04-03 19:11:30 Service Control Manager Brak 7035 SYSTEM 666-FF46DC3B989
Informacje 2008-04-03 19:11:30 Service Control Manager Brak 7036 Brak 666-FF46DC3B989
Informacje 2008-04-03 19:11:04 eventlog Brak 6005 Brak 666-FF46DC3B989
Informacje 2008-04-03 19:11:04 eventlog Brak 6009 Brak 666-FF46DC3B989
Informacje 2008-04-03 18:34:42 eventlog Brak 6006 Brak 666-FF46DC3B989
Błąd 2008-04-03 18:34:38 DCOM Brak 10005 SYSTEM 666-FF46DC3B989
Błąd 2008-04-03 18:30:07 Service Control Manager Brak 7026 Brak 666-FF46DC3B989
Błąd 2008-04-03 18:30:07 Service Control Manager Brak 7001 Brak 666-FF46DC3B989
Błąd 2008-04-03 18:30:07 Service Control Manager Brak 7001 Brak 666-FF46DC3B989
Błąd 2008-04-03 18:30:07 Service Control Manager Brak 7001 Brak 666-FF46DC3B989
Błąd 2008-04-03 18:30:07 Service Control Manager Brak 7001 Brak 666-FF46DC3B989
Błąd 2008-04-03 18:29:07 DCOM Brak 10005 SYSTEM 666-FF46DC3B989
Informacje 2008-04-03 18:28:34 eventlog Brak 6005 Brak 666-FF46DC3B989
Informacje 2008-04-03 18:28:34 eventlog Brak 6009 Brak 666-FF46DC3B989
Informacje 2008-04-03 18:05:31 Service Control Manager Brak 7036 Brak 666-FF46DC3B989
Informacje 2008-04-03 18:05:25 Service Control Manager Brak 7036 Brak 666-FF46DC3B989
Informacje 2008-04-03 18:05:25 Service Control Manager Brak 7035 SYSTEM 666-FF46DC3B989
Informacje 2008-04-03 18:05:14 Windows Update Agent Instalacja 19 Brak 666-FF46DC3B989
Informacje 2008-04-03 18:05:11 Service Control Manager Brak 7036 Brak 666-FF46DC3B989
Informacje 2008-04-03 18:05:11 Service Control Manager Brak 7035 SYSTEM 666-FF46DC3B989
Informacje 2008-04-03 18:05:09 Service Control Manager Brak 7036 Brak 666-FF46DC3B989
Informacje 2008-04-03 18:04:48 Service Control Manager Brak 7036 Brak 666-FF46DC3B989
Informacje 2008-04-03 18:04:48 Service Control Manager Brak 7035 SYSTEM 666-FF46DC3B989
Informacje 2008-04-03 18:04:48 Service Control Manager Brak 7036 Brak 666-FF46DC3B989
Informacje 2008-04-03 18:04:10 Service Control Manager Brak 7036 Brak 666-FF46DC3B989
Informacje 2008-04-03 18:04:09 Service Control Manager Brak 7035 SYSTEM 666-FF46DC3B989
Informacje 2008-04-03 18:04:09 Service Control Manager Brak 7036 Brak 666-FF46DC3B989
Informacje 2008-04-03 18:04:09 Service Control Manager Brak 7035 SYSTEM 666-FF46DC3B989
Informacje 2008-04-03 18:03:22 Service Control Manager Brak 7036 Brak 666-FF46DC3B989
Informacje 2008-04-03 18:03:22 Service Control Manager Brak 7036 Brak 666-FF46DC3B989
Informacje 2008-04-03 18:03:22 Service Control Manager Brak 7035 SYSTEM 666-FF46DC3B989
Informacje 2008-04-03 18:03:22 Service Control Manager Brak 7036 Brak 666-FF46DC3B989
Informacje 2008-04-03 18:03:22 Service Control Manager Brak 7035 SYSTEM 666-FF46DC3B989
Informacje 2008-04-03 18:03:22 Service Control Manager Brak 7035 SYSTEM 666-FF46DC3B989
Informacje 2008-04-03 18:03:22 Service Control Manager Brak 7035 SYSTEM 666-FF46DC3B989
Informacje 2008-04-03 18:03:11 srservice Brak 115 Brak 666-FF46DC3B989
Informacje 2008-04-03 18:02:59 eventlog Brak 6005 Brak 666-FF46DC3B989
Informacje 2008-04-03 18:02:59 eventlog Brak 6009 Brak 666-FF46DC3B989
Informacje 2008-04-03 17:59:41 Setup Brak 60054 Brak 666-FF46DC3B989
Informacje 2008-04-03 17:53:20 Http Brak 15007 Brak 666-FF46DC3B989
Konfiguracja sprzętowa + wersje sterowników + podstawowe programy + info o aktualizacjach <-- Gdzie to znajde :P
Zresztą to sprawa jest dla mnie obca więc nie mam zielonego pojęcia co widzę i co mam zrobić... Co mogę zrobić z tymi błędami i Ostrzeżeniami?
A moze jednak po bożemu:
Konfiguracja sprzetowa + wersje sterowników + podstawowe programy + info o aktualizacjach.
Do tego dane z PZS - eventvwr.msc w uruchom i przejrzenie, pod kątem błedow, sekcji System oraz Aplikacja.
Dopiero potem kombinowanie czy i co ew. taki objaw daje.
PS.
Format bez repartycjonowania to dość często złudna nadzieja na rozwiązanie problemów, o ile dysku mają one dotyczyć.
Zdecydowałem się na format dysku w którym miałem zainstalowane programy windows itd ... No i co się okazało nic nie dało... Ja już naprawdę nie wiem co jest zgrane...
Ja już nie wiem co jest zgrane :/ Podczas szukania znowu zaczął mi się częściej blokować więc chciałem zrobić czysty rozruch ... Ale nie da rady bo Moje system.ini. , win.ini boot.ini jest puste i nic nie widzi ...
Czy da się coś jeszcze zrobić czy niestety, albo robić format ??
trudno trafić na takiego winnego, ale chyba mi się udało ...
No to jak wszystko działa to znaczy sie że któryś program z autostartu cos miesza - właczaj pojedynczo elementy aż trafisz winnego.
Zrobiłem. Na razie wszystko ładnie działa. Mam nadzieję, że problem nie wróci....
Dzięki
Albom ślepy albo w logach już nic nie widze.
Próbowałs czystego rozruchu ?? [url]http://support.microsoft.com/kb/310353[/url]
ComboFix 08-03-30.3 - matrix 2008-04-01 7:18:54.3 - NTFSx86 NETWORK
Microsoft Windows XP Professional 5.1.2600.2.1250.1.1045.18.318 [GMT 2:00]
Running from: D:\ComboFix.exe
[color=red][b]WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !![/b][/color]
.
((((((((((((((((((((((((( Files Created from 2008-03-01 to 2008-04-01 )))))))))))))))))))))))))))))))
.
2008-03-29 22:01 . 2008-03-29 22:01 d-------- C:\Program Files\Trend Micro
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-03-27 21:36 --------- d-----w C:\Program Files\Save
2008-03-27 21:20 --------- d-----w C:\Program Files\SkanerOnline
2008-03-12 19:39 --------- d-----w C:\Documents and Settings\matrix\Dane aplikacji\Skype
2008-02-24 17:27 --------- d-----w C:\Program Files\DivX
2008-02-21 02:05 200,704 ----a-w C:\WINDOWS\system32\ssldivx.dll
2008-02-21 02:05 1,044,480 ----a-w C:\WINDOWS\system32\libdivx.dll
2008-02-16 14:59 --------- d-----w C:\Program Files\Transas
2008-02-16 14:59 --------- d-----w C:\Program Files\Common Files\Transas Shared
2008-02-04 14:54 --------- d-----w C:\Program Files\Creative
2001-11-23 04:08 712,704 ----a-w C:\WINDOWS\inf\OTHER\AUDIO3D.DLL
.
((((((((((((((((((((((((((((( snapshot@2008-03-31_14.02.25,48 )))))))))))))))))))))))))))))))))))))))))
.
+ 2004-08-04 07:44:18 15,360 -c--a-w C:\WINDOWS\system32\dllcache\ctfmon.exe
- 2007-12-23 19:35:07 209,696 ----a-w C:\WINDOWS\system32\FNTCACHE.DAT
+ 2008-03-31 19:27:33 200,936 ----a-w C:\WINDOWS\system32\FNTCACHE.DAT
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-06-03 10:49 68856]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 18:24 1694208]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"FFTI"="C:\Documents and Settings\matrix\Dane aplikacji\Mozilla\Firefox\Profiles\pjil1fgk.default\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\ffti.exe" [2007-03-30 13:31 2526784]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WinampAgent"="C:\program files\Winamp\winampa.exe" [2007-12-20 17:16 37376]
"Sony Ericsson PC Suite"="C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" [2005-10-26 17:17 159744]
"SiSUSBRG"="C:\WINDOWS\SiSUSBrg.exe" [2002-07-12 12:15 106496]
"PHIME2002ASync"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2004-08-04 07:32 455168]
"PHIME2002A"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2004-08-04 07:32 455168]
"NvMediaCenter"="C:\WINDOWS\System32\NvMcTray.dll" [2006-06-01 17:22 86016]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-06-01 17:22 7618560]
"MSPY2002"="C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe" [2004-08-04 07:31 59392]
"IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.exe" [2004-08-04 07:31 208952]
"Cmaudio"="cmicnfg.cpl" []
"avgnt"="C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" [2007-10-11 19:06 249896]
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"D:\\Warcraft III\\War3.exe"=
"C:\\Program Files\\DC++\\DCPlusPlus.exe"=
"C:\\Program Files\\Internet Explorer\\iexplore.exe"=
"D:\\Warcraft III\\Warcraft III.exe"=
"D:\\Steam\\SteamApps\\matrix@poczta.pl\\counter-strike\\hl.exe"=
"D:\\Steam\\SteamApps\\matrix@poczta.pl\\team fortress classic\\hl.exe"=
"D:\\Gadu-Gadu\\ggphone\\ggphone.exe"=
"D:\\Steam\\SteamApps\\matrix@poczta.pl\\half-life\\hl.exe"=
"D:\\DC++\\DCPlusPlus.exe"=
"D:\\Steam\\SteamApps\\matrix@poczta.pl\\opposing force\\hl.exe"=
"C:\\Program Files\\The All-Seeing Eye\\eye.exe"=
"D:\\Wolfenstein - Enemy Territory\\ET.exe"=
"D:\\EA Games\\Command and Conquer Generals\\patchget.dat"=
"D:\\EA Games\\Command & Conquer Generals Zero Hour\\patchget.dat"=
"D:\\EA Games\\Command & Conquer Generals Zero Hour\\game.dat"=
"D:\\Soldat\\Soldat.exe"=
"D:\\Warcraft III ORg\\Warcraft III.exe"=
"C:\\Program Files\\Gadu-Gadu\\gg.exe"=
"C:\\Program Files\\Turbo Torrent\\ttorrent.exe"=
"C:\\Program Files\\mIRC\\mirc.exe"=
"D:\\Steam\\SteamApps\\matrix@poczta.pl\\day of defeat\\hl.exe"=
"D:\\Steam\\steam.exe"=
"C:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"C:\\Program Files\\Skype\\Phone\\Skype.exe"=
"D:\\Gadu-Gadu\\Gadu-Gadu.exe"=
R0 avgntmgr;avgntmgr;C:\WINDOWS\system32\drivers\avgntmgr.sys [2007-09-07 14:23]
R1 avgntdd;avgntdd;C:\WINDOWS\system32\DRIVERS\avgntdd.sys [2007-09-07 14:23]
R1 SSHDRV65;SSHDRV65;C:\WINDOWS\system32\drivers\SSHDRV65.sys [2007-01-06 01:07]
R3 axvbusx;axvbusx;C:\WINDOWS\system32\DRIVERS\axvbusx.sys [2003-01-31 21:43]
R3 axvscsi;axvscsi;C:\WINDOWS\system32\DRIVERS\axvscsi.sys [2003-01-31 21:43]
S2 UxTuneUp;TuneUp Design Expansion;C:\WINDOWS\System32\svchost.exe [2004-08-04 09:44]
S3 k600bus;Sony Ericsson 600i driver (WDM);C:\WINDOWS\system32\DRIVERS\k600bus.sys [2005-03-04 19:08]
S3 k600mdfl;Sony Ericsson 600i USB WMC Modem Filter;C:\WINDOWS\system32\DRIVERS\k600mdfl.sys [2005-03-04 19:11]
S3 k600mdm;Sony Ericsson 600i USB WMC Modem Drivers;C:\WINDOWS\system32\DRIVERS\k600mdm.sys [2005-03-04 19:11]
S3 k600mgmt;Sony Ericsson 600i USB WMC Device Management Drivers;C:\WINDOWS\system32\DRIVERS\k600mgmt.sys [2005-03-04 19:13]
S3 k600obex;Sony Ericsson 600i USB WMC OBEX Interface Drivers;C:\WINDOWS\system32\DRIVERS\k600obex.sys [2005-03-04 19:15]
S3 siusbmod;siusbmod;C:\WINDOWS\system32\DRIVERS\siusbmod.sys [2005-07-28 16:20]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Contents of the 'Scheduled Tasks' folder
"2008-03-14 16:15:43 C:\WINDOWS\Tasks\1-Click Maintenance.job"
- C:\Program Files\TuneUp Utilities 2007\SystemOptimizer.exe
.
**************************************************************************
catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-04-01 07:21:02
Windows 5.1.2600 Dodatek Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2008-04-01 7:21:55
ComboFix-quarantined-files.txt 2008-04-01 05:21:40
ComboFix2.txt 2008-03-31 12:35:45
ComboFix3.txt 2008-03-31 12:02:53
Pre-Run: 1,998,315,520 bajtów wolnych
Post-Run: 1,987,956,736 bajtów wolnych
.
2008-03-12 19:41:49 --- E O F ---
Combofixa pokaż
Usunięte i brak skutków ( usunąłem także ctfmon)
Oto Jak teraz wygląda log
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:24:31, on 2008-03-31
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Safe mode with network support
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\WgaTray.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files\Mozilla Firefox\firefox.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.onet.pl/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL
O4 - HKLM\..\Run: [WinampAgent] C:\program files\Winamp\winampa.exe
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\RunOnce: [FFTI] C:\Documents and Settings\matrix\Dane aplikacji\Mozilla\Firefox\Profiles\pjil1fgk.default\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\ffti.exe /VERYSILENT /SUPPRESSMSGBOXES /NORESTART /DestPath="C:\Documents and Settings\matrix\Dane aplikacji\Mozilla\Firefox\Profiles/pjil1fgk.default\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}"
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {1E53EA77-34F2-474E-9046-B2B0C86F1821} (OggX Control) - http://www.eska.pl/streamplayers/OggX.ocx
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1156499633862
O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} (MksSkanerOnline Class) - http://www.mks.com.pl/skaner/SkanerOnline.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
--
End of file - 5057 bytes
S3 iMSPCLOj;iMSPCLOj;C:\DOCUME~1\matrix\USTAWI~1\Temp\iMSPCLOj.sys []
Uruchom wiersz polecenia i wydaj tam dwa polecenia
sc stop iMSPCLOj
sc delete iMSPCLOj
Skasuj plik C:\DOCUME~1\matrix\USTAWI~1\Temp\iMSPCLOj.sys
Problem się powtórzył :/
ComboFix 08-03-30.3 - matrix 2008-03-31 13:59:50.1 - NTFSx86 NETWORK
Microsoft Windows XP Professional 5.1.2600.2.1250.48.1045.18.351 [GMT 2:00]
Running from: D:\ComboFix.exe
[color=red][b]WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !![/b][/color]
.
((((((((((((((((((((((((( Files Created from 2008-02-28 to 2008-03-31 )))))))))))))))))))))))))))))))
.
2008-03-29 22:01 . 2008-03-29 22:01 d-------- C:\Program Files\Trend Micro
2008-02-21 04:05 . 2008-02-21 04:05 1,044,480 --a------ C:\WINDOWS\system32\libdivx.dll
2008-02-21 04:05 . 2008-02-21 04:05 200,704 --a------ C:\WINDOWS\system32\ssldivx.dll
2008-02-16 16:59 . 2008-02-16 16:59 d-------- C:\Program Files\Transas
2008-02-16 16:59 . 2008-02-16 16:59 d-------- C:\Program Files\Common Files\Transas Shared
2008-02-04 16:54 . 2008-02-04 16:54 d-------- C:\Program Files\Creative
2008-02-04 16:54 . 2002-06-06 15:38 139,264 --a------ C:\WINDOWS\system32\eax.dll
2008-02-04 16:30 . 2002-10-22 17:51 319,488 -ra------ C:\WINDOWS\system32\MafiaSetup.exe
2008-02-03 21:17 . 2008-02-03 21:22 20,480 --ahs---- C:\Thumbs.db
2008-02-03 21:17 . 2008-02-03 21:17 7,168 --ahs---- C:\WINDOWS\Thumbs.db
2008-02-03 21:07 . 2008-02-03 21:08 337,256 --a------ C:\PICT7735.JPG
2008-02-03 20:20 . 2008-02-03 20:21 427,627 --a------ C:\PICT7360.JPG
2008-02-03 20:20 . 2006-12-13 13:52 146,136 --a------ C:\PICT6459.JPG
2008-02-03 20:19 . 2006-12-08 13:28 165,276 --a------ C:\PICT6389.JPG
2008-02-03 20:13 . 2008-02-03 20:21 336,079 --a------ C:\PICT7368.JPG
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-03-27 21:36 --------- d-----w C:\Program Files\Save
2008-03-27 21:20 --------- d-----w C:\Program Files\SkanerOnline
2008-03-12 19:39 --------- d-----w C:\Documents and Settings\matrix\Dane aplikacji\Skype
2008-02-24 17:27 --------- d-----w C:\Program Files\DivX
2007-12-07 01:08 662,016 ----a-w C:\WINDOWS\system32\wininet.dll
2007-12-04 18:42 550,912 ----a-w C:\WINDOWS\system32\oleaut32.dll
2001-11-23 04:08 712,704 ----a-w C:\WINDOWS\inf\OTHER\AUDIO3D.DLL
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-06-03 10:49 68856]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 18:24 1694208]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 09:44 15360]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"FFTI"="C:\Documents and Settings\matrix\Dane aplikacji\Mozilla\Firefox\Profiles\pjil1fgk.default\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\ffti.exe" [2007-03-30 13:31 2526784]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WinampAgent"="C:\program files\Winamp\winampa.exe" [2007-12-20 17:16 37376]
"Sony Ericsson PC Suite"="C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" [2005-10-26 17:17 159744]
"SiSUSBRG"="C:\WINDOWS\SiSUSBrg.exe" [2002-07-12 12:15 106496]
"PHIME2002ASync"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2004-08-04 07:32 455168]
"PHIME2002A"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2004-08-04 07:32 455168]
"NvMediaCenter"="C:\WINDOWS\System32\NvMcTray.dll" [2006-06-01 17:22 86016]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-06-01 17:22 7618560]
"MSPY2002"="C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe" [2004-08-04 07:31 59392]
"IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.exe" [2004-08-04 07:31 208952]
"Cmaudio"="cmicnfg.cpl" []
"avgnt"="C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" [2007-10-11 19:06 249896]
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"D:\\Warcraft III\\War3.exe"=
"C:\\Program Files\\DC++\\DCPlusPlus.exe"=
"C:\\Program Files\\Internet Explorer\\iexplore.exe"=
"D:\\Warcraft III\\Warcraft III.exe"=
"D:\\Steam\\SteamApps\\matrix@poczta.pl\\counter-strike\\hl.exe"=
"D:\\Steam\\SteamApps\\matrix@poczta.pl\\team fortress classic\\hl.exe"=
"D:\\Gadu-Gadu\\ggphone\\ggphone.exe"=
"D:\\Steam\\SteamApps\\matrix@poczta.pl\\half-life\\hl.exe"=
"D:\\DC++\\DCPlusPlus.exe"=
"D:\\Steam\\SteamApps\\matrix@poczta.pl\\opposing force\\hl.exe"=
"C:\\Program Files\\The All-Seeing Eye\\eye.exe"=
"D:\\Wolfenstein - Enemy Territory\\ET.exe"=
"D:\\EA Games\\Command and Conquer Generals\\patchget.dat"=
"D:\\EA Games\\Command & Conquer Generals Zero Hour\\patchget.dat"=
"D:\\EA Games\\Command & Conquer Generals Zero Hour\\game.dat"=
"D:\\Soldat\\Soldat.exe"=
"D:\\Warcraft III ORg\\Warcraft III.exe"=
"C:\\Program Files\\Gadu-Gadu\\gg.exe"=
"C:\\Program Files\\Turbo Torrent\\ttorrent.exe"=
"C:\\Program Files\\mIRC\\mirc.exe"=
"D:\\Steam\\SteamApps\\matrix@poczta.pl\\day of defeat\\hl.exe"=
"D:\\Steam\\steam.exe"=
"C:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"C:\\Program Files\\Skype\\Phone\\Skype.exe"=
R0 avgntmgr;avgntmgr;C:\WINDOWS\system32\drivers\avgntmgr.sys [2007-09-07 14:23]
R1 avgntdd;avgntdd;C:\WINDOWS\system32\DRIVERS\avgntdd.sys [2007-09-07 14:23]
R1 SSHDRV65;SSHDRV65;C:\WINDOWS\system32\drivers\SSHDRV65.sys [2007-01-06 01:07]
R3 axvbusx;axvbusx;C:\WINDOWS\system32\DRIVERS\axvbusx.sys [2003-01-31 21:43]
R3 axvscsi;axvscsi;C:\WINDOWS\system32\DRIVERS\axvscsi.sys [2003-01-31 21:43]
S2 UxTuneUp;TuneUp Design Expansion;C:\WINDOWS\System32\svchost.exe [2004-08-04 09:44]
S3 iMSPCLOj;iMSPCLOj;C:\DOCUME~1\matrix\USTAWI~1\Temp\iMSPCLOj.sys []
S3 k600bus;Sony Ericsson 600i driver (WDM);C:\WINDOWS\system32\DRIVERS\k600bus.sys [2005-03-04 19:08]
S3 k600mdfl;Sony Ericsson 600i USB WMC Modem Filter;C:\WINDOWS\system32\DRIVERS\k600mdfl.sys [2005-03-04 19:11]
S3 k600mdm;Sony Ericsson 600i USB WMC Modem Drivers;C:\WINDOWS\system32\DRIVERS\k600mdm.sys [2005-03-04 19:11]
S3 k600mgmt;Sony Ericsson 600i USB WMC Device Management Drivers;C:\WINDOWS\system32\DRIVERS\k600mgmt.sys [2005-03-04 19:13]
S3 k600obex;Sony Ericsson 600i USB WMC OBEX Interface Drivers;C:\WINDOWS\system32\DRIVERS\k600obex.sys [2005-03-04 19:15]
S3 siusbmod;siusbmod;C:\WINDOWS\system32\DRIVERS\siusbmod.sys [2005-07-28 16:20]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Contents of the 'Scheduled Tasks' folder
"2008-03-14 16:15:43 C:\WINDOWS\Tasks\1-Click Maintenance.job"
- C:\Program Files\TuneUp Utilities 2007\SystemOptimizer.exe
.
**************************************************************************
catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-03-31 14:02:02
Windows 5.1.2600 Dodatek Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2008-03-31 14:02:52
ComboFix-quarantined-files.txt 2008-03-31 12:02:37
Pre-Run: 1,809,170,432 bajtów wolnych
Post-Run: 1,808,363,520 bajtów wolnych
.
2008-03-12 19:41:49 --- E O F ---
[u][b]
"Silent Runners[/b][/u]
"Silent Runners.vbs", revision 56, http://www.silentrunners.org/
Operating System: Windows XP SP2
Output limited to non-default values, except where indicated by "{++}"
Startup items buried in registry:
---------------------------------
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\ {++}
"swg" = "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" ["Google Inc."]
"MSMSGS" = ""C:\Program Files\Messenger\msmsgs.exe" /background" [MS]
"ctfmon.exe" = "C:\WINDOWS\system32\ctfmon.exe" [MS]
HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce\ {++}
"FFTI" = "C:\Documents and Settings\matrix\Dane aplikacji\Mozilla\Firefox\Profiles\pjil1fgk.default\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\ffti.exe /VERYSILENT /SUPPRESSMSGBOXES /NORESTART /DestPath="C:\Documents and Settings\matrix\Dane aplikacji\Mozilla\Firefox\Profiles/pjil1fgk.default\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}"" [" "]
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ {++}
"WinampAgent" = "C:\program files\Winamp\winampa.exe" [null data]
"Sony Ericsson PC Suite" = ""C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions" ["Sony Ericsson Mobile Communications AB"]
"SiSUSBRG" = "C:\WINDOWS\SiSUSBrg.exe" ["Silicon Integrated Systems Corp."]
"PHIME2002ASync" = "C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC" [MS]
"PHIME2002A" = "C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName" [MS]
"NvMediaCenter" = "RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit" [MS]
"NvCplDaemon" = "RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup" [MS]
"MSPY2002" = "C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC" [null data]
"KernelFaultCheck" = "%systemroot%\system32\dumprep 0 -k" [MS]
"IMJPMIG8.1" = ""C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32" [MS]
"Cmaudio" = "RunDll32 cmicnfg.cpl,CMICtrlWnd" [MS]
"avgnt" = ""C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min" ["Avira GmbH"]
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}\(Default) = (no title provided)
-> {HKLM...CLSID} = "AcroIEHlprObj Class"
\InProcServer32\(Default) = "C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll" ["Adobe Systems Incorporated"]
{4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C}\(Default) = (no title provided)
-> {HKLM...CLSID} = "Megaupload Toolbar"
\InProcServer32\(Default) = "C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL" ["MEGAUPLOAD "]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\(Default) = (no title provided)
-> {HKLM...CLSID} = "SSVHelper Class"
\InProcServer32\(Default) = "C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll" ["Sun Microsystems, Inc."]
{AA58ED58-01DD-4d91-8333-CF10577473F7}\(Default) = (no title provided)
-> {HKLM...CLSID} = "Google Toolbar Helper"
\InProcServer32\(Default) = "c:\program files\google\googletoolbar2.dll" ["Google Inc."]
{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}\(Default) = (no title provided)
-> {HKLM...CLSID} = "Google Toolbar Notifier BHO"
\InProcServer32\(Default) = "C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll" ["Google Inc."]
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved"{42071714-76d4-11d1-8b24-00a0c9068ff3}" = "Rozszerzenie CPL kadrowania wyświetlania"
-> {HKLM...CLSID} = "Rozszerzenie CPL kadrowania wyświetlania"
\InProcServer32\(Default) = "deskpan.dll" [file not found]
"{88895560-9AA2-1069-930E-00AA0030EBC8}" = "Rozszerzenie ikony HyperTerminalu"
-> {HKLM...CLSID} = "HyperTerminal Icon Ext"
\InProcServer32\(Default) = "C:\WINDOWS\System32\hticons.dll" ["Hilgraeve, Inc."]
"{B41DB860-8EE4-11D2-9906-E49FADC173CA}" = "WinRAR shell extension"
-> {HKLM...CLSID} = "WinRAR"
\InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data]
"{A70C977A-BF00-412C-90B7-034C51DA2439}" = "NvCpl DesktopContext Class"
-> {HKLM...CLSID} = "DesktopContext Class"
\InProcServer32\(Default) = "C:\WINDOWS\System32\nvcpl.dll" ["NVIDIA Corporation"]
"{FFB699E0-306A-11d3-8BD1-00104B6F7516}" = "Play on my TV helper"
-> {HKLM...CLSID} = "NVIDIA CPL Extension"
\InProcServer32\(Default) = "C:\WINDOWS\System32\nvcpl.dll" ["NVIDIA Corporation"]
"{1CDB2949-8F65-4355-8456-263E7C208A5D}" = "Desktop Explorer"
-> {HKLM...CLSID} = "Desktop Explorer"
\InProcServer32\(Default) = "C:\WINDOWS\System32\nvshell.dll" ["NVIDIA Corporation"]
"{1E9B04FB-F9E5-4718-997B-B8DA88302A47}" = "Desktop Explorer Menu"
-> {HKLM...CLSID} = (no title provided)
\InProcServer32\(Default) = "C:\WINDOWS\System32\nvshell.dll" ["NVIDIA Corporation"]
"{1E9B04FB-F9E5-4718-997B-B8DA88302A48}" = "nView Desktop Context Menu"
-> {HKLM...CLSID} = "nView Desktop Context Menu"
\InProcServer32\(Default) = "C:\WINDOWS\System32\nvshell.dll" ["NVIDIA Corporation"]
"{45AC2688-0253-4ED8-97DE-B5370FA7D48A}" = "Shell Extension for Malware scanning"
-> {HKLM...CLSID} = "Shell Extension for Malware scanning"
\InProcServer32\(Default) = "C:\Program Files\AntiVir PersonalEdition Classic\shlext.dll" ["Avira GmbH"]
"{cc86590a-b60a-48e6-996b-41d25ed39a1e}" = "Portable Media Devices Menu"
-> {HKLM...CLSID} = "Portable Media Devices Menu"
\InProcServer32\(Default) = "C:\WINDOWS\system32\Audiodev.dll" [MS]
"{32020A01-506E-484D-A2A8-BE3CF17601C3}" = "AlcoholShellEx"
-> {HKLM...CLSID} = "AlcoholShellEx"
\InProcServer32\(Default) = "C:\PROGRA~1\ALCOHO~1\ALCOHO~1\AXShlEx.dll" ["Alcohol Soft Development Team"]
"{00020D75-0000-0000-C000-000000000046}" = "Microsoft Office Outlook Desktop Icon Handler"
-> {HKLM...CLSID} = "Microsoft Office Outlook"
\InProcServer32\(Default) = "C:\PROGRA~1\MICROS~2\OFFICE11\MLSHEXT.DLL" [MS]
"{0006F045-0000-0000-C000-000000000046}" = "Microsoft Office Outlook Custom Icon Handler"
-> {HKLM...CLSID} = "Rozszerzenie ikon plików programu Outlook"
\InProcServer32\(Default) = "C:\PROGRA~1\MICROS~2\OFFICE11\OLKFSTUB.DLL" [MS]
"{42042206-2D85-11D3-8CFF-005004838597}" = "Microsoft Office HTML Icon Handler"
-> {HKLM...CLSID} = (no title provided)
\InProcServer32\(Default) = "C:\Program Files\Microsoft Office\OFFICE11\msohev.dll" [MS]
"{FED7043D-346A-414D-ACD7-550D052499A7}" = "dBpowerAMP Music Converter 1"
-> {HKLM...CLSID} = "dBpShell Class"
\InProcServer32\(Default) = "D:\dBpoweramp2\dBShell.dll" ["Illustrate"]
"{2C49B5D0-ACE7-4D17-9DF0-A254A6C5A0C5}" = "dBpoweramp Music Converter"
-> {HKLM...CLSID} = "dMCIShell Class"
\InProcServer32\(Default) = "D:\dBpoweramp2\dMCShell.dll" ["Illustrate"]
"{44440D00-FF19-4AFC-B765-9A0970567D97}" = "TuneUp Theme Extension"
-> {HKLM...CLSID} = "TuneUp Theme Extension"
\InProcServer32\(Default) = "C:\WINDOWS\system32\uxtuneup.dll" ["TuneUp Software GmbH"]
"{4858E7D9-8E12-45a3-B6A3-1CD128C9D403}" = "TuneUp Shredder Shell Extension"
-> {HKLM...CLSID} = "TuneUp Shredder Shell Extension"
\InProcServer32\(Default) = "C:\PROGRA~1\TUNEUP~1\SDShelEx-win32.dll" ["TuneUp Software GmbH"]
"{A5110426-177D-4e08-AB3F-785F10B4439C}" = "Sony Ericsson File Manager"
-> {HKLM...CLSID} = "Sony Ericsson File Manager"
\InProcServer32\(Default) = "C:\Program Files\Sony Ericsson\Mobile2\File Manager\fmgrgui.dll" ["Sony Ericsson Mobile Communications AB"]
HKLM\SOFTWARE\Classes\PROTOCOLS\Filter<> text/xml\CLSID = "{807553E5-5146-11D5-A672-00B0D022E945}"
-> {HKLM...CLSID} = (no title provided)
\InProcServer32\(Default) = "C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL" [MS]
HKLM\SOFTWARE\Classes\Folder\shellex\ColumnHandlers{F9DB5320-233E-11D1-9F84-707F02C10627}\(Default) = "PDF Column Info"
-> {HKLM...CLSID} = "PDF Shell Extension"
\InProcServer32\(Default) = "C:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll" ["Adobe Systems, Inc."]
{FED7043D-346A-414D-ACD7-550D052499A7}\(Default) = "dBpoweramp Column Handler"
-> {HKLM...CLSID} = "dBpShell Class"
\InProcServer32\(Default) = "D:\dBpoweramp2\dBShell.dll" ["Illustrate"]
HKLM\SOFTWARE\Classes\*\shellex\ContextMenuHandlersShell Extension for Malware scanning\(Default) = "{45AC2688-0253-4ED8-97DE-B5370FA7D48A}"
-> {HKLM...CLSID} = "Shell Extension for Malware scanning"
\InProcServer32\(Default) = "C:\Program Files\AntiVir PersonalEdition Classic\shlext.dll" ["Avira GmbH"]
TuneUp Shredder Shell Extension\(Default) = "{4858E7D9-8E12-45a3-B6A3-1CD128C9D403}"
-> {HKLM...CLSID} = "TuneUp Shredder Shell Extension"
\InProcServer32\(Default) = "C:\PROGRA~1\TUNEUP~1\SDShelEx-win32.dll" ["TuneUp Software GmbH"]
WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"
-> {HKLM...CLSID} = "WinRAR"
\InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data]
HKLM\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlersTuneUp Shredder Shell Extension\(Default) = "{4858E7D9-8E12-45a3-B6A3-1CD128C9D403}"
-> {HKLM...CLSID} = "TuneUp Shredder Shell Extension"
\InProcServer32\(Default) = "C:\PROGRA~1\TUNEUP~1\SDShelEx-win32.dll" ["TuneUp Software GmbH"]
WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"
-> {HKLM...CLSID} = "WinRAR"
\InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data]
HKLM\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlersShell Extension for Malware scanning\(Default) = "{45AC2688-0253-4ED8-97DE-B5370FA7D48A}"
-> {HKLM...CLSID} = "Shell Extension for Malware scanning"
\InProcServer32\(Default) = "C:\Program Files\AntiVir PersonalEdition Classic\shlext.dll" ["Avira GmbH"]
WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"
-> {HKLM...CLSID} = "WinRAR"
\InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data]
Group Policies {GPedit.msc branch and setting}:
-----------------------------------------------
Note: detected settings may not have any effect.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System
"shutdownwithoutlogon" = (REG_DWORD) dword:0x00000001
{Computer Configuration|Windows Settings|Security Settings|Local Policies|Security Options|
Shutdown: Allow system to be shut down without having to log on}
"undockwithoutlogon" = (REG_DWORD) dword:0x00000001
{Computer Configuration|Windows Settings|Security Settings|Local Policies|Security Options|
Devices: Allow undock without having to log on}
Active Desktop and Wallpaper:
-----------------------------
Active Desktop may be disabled at this entry:
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellState
Displayed if Active Desktop enabled and wallpaper not set by Group Policy:
HKCU\Software\Microsoft\Internet Explorer\Desktop\General"Wallpaper" = "C:\WINDOWS\Web\Wallpaper\Idylla.bmp"
Displayed if Active Desktop disabled and wallpaper not set by Group Policy:
HKCU\Control Panel\Desktop"Wallpaper" = "C:\Documents and Settings\matrix\Dane aplikacji\Mozilla\Firefox\Tapeta pulpitu.bmp"
Enabled Screen Saver:
---------------------
HKCU\Control Panel\Desktop"SCRNSAVE.EXE" = "C:\WINDOWS\System32\logon.scr" [MS]
Startup items in "matrix" & "All Users" startup folders:
--------------------------------------------------------
C:\Documents and Settings\All Users\Menu Start\Programy\Autostart
"Adobe Reader Speed Launch" -> shortcut to: "C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe" ["Adobe Systems Incorporated"]
Enabled Scheduled Tasks:
------------------------
"1-Click Maintenance" -> launches: "C:\Program Files\TuneUp Utilities 2007\SystemOptimizer.exe /schedulestart" ["TuneUp Software GmbH"]
Winsock2 Service Provider DLLs:
-------------------------------
Namespace Service Providers
HKLM\SYSTEM\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries\ {++}
000000000001\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS]
000000000002\LibraryPath = "%SystemRoot%\System32\winrnr.dll" [MS]
000000000003\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS]
Transport Service Providers
HKLM\SYSTEM\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\ {++}
0000000000##\PackedCatalogItem (contains) DLL [Company Name], (at) ## range:
%SystemRoot%\system32\mswsock.dll [MS], 01 - 03, 06 - 13
%SystemRoot%\system32\rsvpsp.dll [MS], 04 - 05
Toolbars, Explorer Bars, Extensions:
------------------------------------
Toolbars
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser"{2318C2B1-4965-11D4-9B18-009027A5CD4F}"
-> {HKLM...CLSID} = "&Google"
\InProcServer32\(Default) = "c:\program files\google\googletoolbar2.dll" ["Google Inc."]
"{4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C}"
-> {HKLM...CLSID} = "Megaupload Toolbar"
\InProcServer32\(Default) = "C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL" ["MEGAUPLOAD "]
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar"{2318C2B1-4965-11D4-9B18-009027A5CD4F}" = (no title provided)
-> {HKLM...CLSID} = "&Google"
\InProcServer32\(Default) = "c:\program files\google\googletoolbar2.dll" ["Google Inc."]
"{4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C}" = (no title provided)
-> {HKLM...CLSID} = "Megaupload Toolbar"
\InProcServer32\(Default) = "C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL" ["MEGAUPLOAD "]
Explorer Bars
HKLM\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars
HKLM\SOFTWARE\Classes\CLSID\{FF059E31-CC5A-4E2E-BF3B-96E929D65503}\(Default) = "&Badanie"
Implemented Categories\{00021493-0000-0000-C000-000000000046}\ [vertical bar]
InProcServer32\(Default) = "C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL" [MS]
Extensions (Tools menu items, main toolbar menu buttons)
HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions{08B0E5C0-4FCB-11CF-AAA5-00401C608501}"MenuText" = "Sun Java Console"
"CLSIDExtension" = "{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBC}"
-> {HKCU...CLSID} = "Java Plug-in 1.6.0_03"
\InProcServer32\(Default) = "C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll" ["Sun Microsystems, Inc."]
-> {HKLM...CLSID} = "Java Plug-in 1.6.0_03"
\InProcServer32\(Default) = "C:\Program Files\Java\jre1.6.0_03\bin\npjpi160_03.dll" ["Sun Microsystems, Inc."]
{92780B25-18CC-41C8-B9BE-3C9C571A8263}"ButtonText" = "Badanie"
Miscellaneous IE Hijack Points
------------------------------
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs<> "TuneUp" = "file://C|/Documents and Settings/All Users/Dane aplikacji/TuneUp Software/Common/base.css" [file not found]
<> "Tabs" = "C:\Documents and Settings\matrix\Dane aplikacji\MEGAUPLOADTOOLBAR\tabwelcome.html" [null data]
All Non-Disabled Services (Display Name, Service Name, Path {Service DLL}):
---------------------------------------------------------------------------
AntiVir PersonalEdition Classic Guard, AntiVirService, "C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe" ["Avira GmbH"]
AntiVir PersonalEdition Classic Scheduler, AntiVirScheduler, "C:\Program Files\AntiVir PersonalEdition Classic\sched.exe" ["Avira GmbH"]
Karta wydajności WMI, WmiApSrv, "C:\WINDOWS\System32\wbem\wmiapsrv.exe" [MS]
[u][i][b]hijack[/b][/i][/u]
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:15:55, on 2008-03-31
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Safe mode with network support
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.onet.pl/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL
O4 - HKLM\..\Run: [WinampAgent] C:\program files\Winamp\winampa.exe
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\RunOnce: [FFTI] C:\Documents and Settings\matrix\Dane aplikacji\Mozilla\Firefox\Profiles\pjil1fgk.default\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\ffti.exe /VERYSILENT /SUPPRESSMSGBOXES /NORESTART /DestPath="C:\Documents and Settings\matrix\Dane aplikacji\Mozilla\Firefox\Profiles/pjil1fgk.default\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}"
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {1E53EA77-34F2-474E-9046-B2B0C86F1821} (OggX Control) - http://www.eska.pl/streamplayers/OggX.ocx
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1156499633862
O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} (MksSkanerOnline Class) - http://www.mks.com.pl/skaner/SkanerOnline.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
--
End of file - 5300 bytes
A te "t" to gadu-gadu.exe :P właśnie teraz to zauważyłem
A co do loga to chyb a dałem cały ale jeszcze raz kopiuje
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:32:37, on 2008-03-29
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\program files\Winamp\winampa.exe
C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
C:\WINDOWS\system32\RunDll32.exe
C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Common Files\Teleca Shared\CapabilityManager.exe
C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Common Files\Teleca Shared\Generic.exe
C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://search.bearshare.com/sidebar.html?src=ssb
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.onet.pl/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL
O4 - HKLM\..\Run: [WinampAgent] C:\program files\Winamp\winampa.exe
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\RunOnce: [FFTI] C:\Documents and Settings\matrix\Dane aplikacji\Mozilla\Firefox\Profiles\pjil1fgk.default\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\ffti.exe /VERYSILENT /SUPPRESSMSGBOXES /NORESTART /DestPath="C:\Documents and Settings\matrix\Dane aplikacji\Mozilla\Firefox\Profiles/pjil1fgk.default\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}"
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {1E53EA77-34F2-474E-9046-B2B0C86F1821} (OggX Control) - http://www.eska.pl/streamplayers/OggX.ocx
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1156499633862
O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} (MksSkanerOnline Class) - http://www.mks.com.pl/skaner/SkanerOnline.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
--
End of file - 6003 bytes
Combofixa i SilentRunners, ściągne bo nie mam tylko że jutro bo idę wcześniej spać :P
Zresztą już usunąłem szkodliwe rzeczy po pytałem też na drugim forum i póki co chyba wszystko Ok jest
Tylko czasem na sekundę robi się czarny ekran
Nie ma całości loga.
Ale co to:
D:\Gadu-Gadu\t.exe
??
Znasz ??
Pokaz jeszcze profilaktycznie i ku spokojności sumienia logi Combofixa i SilentRunners ...
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\WgaTray.exe
C:\Program Files\Mozilla Firefox\firefox.exe
D:\Gadu-Gadu\t.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://search.bearshare.com/sidebar.html?src=ssb
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.onet.pl/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL
O4 - HKLM\..\Run: [WinampAgent] C:\program files\Winamp\winampa.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\RunOnce: [FFTI] C:\Documents and Settings\matrix\Dane aplikacji\Mozilla\Firefox\Profiles\pjil1fgk.default\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\ffti.exe /VERYSILENT /SUPPRESSMSGBOXES /NORESTART /DestPath="C:\Documents and Settings\matrix\Dane aplikacji\Mozilla\Firefox\Profiles/pjil1fgk.default\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'USŁUGA LOKALNA')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'USŁUGA SIECIOWA')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {1E53EA77-34F2-474E-9046-B2B0C86F1821} (OggX Control) - http://www.eska.pl/streamplayers/OggX.ocx
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/c...
O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} (MksSkanerOnline Class) - http://www.mks.com.pl/skaner/SkanerOnline.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
Syfów niet ??
Pokaz loga Hijacka ...
Strona 1 / 1