log Prosze o sprawdzenie i co zbednego usunac ? Dzieki !!
Logfile of HijackThis v1.98.2
Scan saved at 22:27:03, on 2004–08–21
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32spoolsv.exe
C:Program FilesCommon FilesSymantec SharedccSetMgr.exe
C:Program FilesNorton AntiVirus avapsvc.exe
C:Program FilesNorton AntiVirusAdvToolsNPROTECT.EXE
C:WINDOWSSystem32 vsvc32.exe
C:WINDOWSExplorer.EXE
C:Program FilesWinampWinampa.exe
C:Program FilesCommon FilesSymantec SharedCCPD–LCsymlcsvc.exe
C:Program FilesCommon FilesSymantec SharedccEvtMgr.exe
C:Program FilesRaxcoPerfectDiskPDSched.exe
C:Program FilesNorton AntiVirusSAVScan.exe
C:Program FilesWinampwinamp.exe
C:PROGRA~1GADU–G~1gg.exe
C:Documents and SettingsxxxPulpithijackthishijackthis1982.exe
R1 – HKCUSoftwareMicrosoftInternet ExplorerMain,Search Bar = res://C:WINDOWSwhqkr.dll/sp.html#29620
R1 – HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page = res://C:WINDOWSwhqkr.dll/sp.html#29620
R1 – HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = about:blank
R1 – HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = res://C:WINDOWSwhqkr.dll/sp.html#29620
R1 – HKLMSoftwareMicrosoftInternet ExplorerMain,Search Bar = res://C:WINDOWSwhqkr.dll/sp.html#29620
R1 – HKCUSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant = res://C:WINDOWSwhqkr.dll/sp.html#29620
R1 – HKCUSoftwareMicrosoftInternet ExplorerSearch,CustomizeSearch = http://minisearch.startnow.com
R1 – HKLMSoftwareMicrosoftInternet ExplorerSearch,Default_Search_URL = http://minisearch.startnow.com
R0 – HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant = res://C:WINDOWSwhqkr.dll/sp.html#29620
R0 – HKLMSoftwareMicrosoftInternet ExplorerSearch,CustomizeSearch = http://minisearch.startnow.com
R0 – HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Łącza
R3 – Default URLSearchHook is missing
O2 – BHO: AcroIEHlprObj Class – {06849E9F–C8D7–4D59–B87D–784B7D6BE0B3} – C:Program FilesAdobeAcrobat 6.0ReaderActiveXAcroIEHelper.dll
O2 – BHO: (no name) – {368141D4–591D–E735–C971–27E5E649F293} – C:WINDOWSd3tr.dll
O2 – BHO: (no name) – {5C4938F7–4F76–B565–345B–F5460D9DB10E} – C:WINDOWSmsnk.dll
O2 – BHO: (no name) – {5DCA52E2–C6CC–D757–97C2–47BA9343E89D} – C:WINDOWSsystem32crvl.dll
O2 – BHO: (no name) – {A0EA3DBC–1C42–9C3C–FF47–58A371550D9B} – C:WINDOWSaddlf32.dll
O2 – BHO: IeCatch2 Class – {A5366673–E8CA–11D3–9CD9–0090271D075B} – C:PROGRA~1FlashGetjccatch.dll
O2 – BHO: NAV Helper – {BDF3E430–B101–42AD–A544–FADC6B084872} – C:Program FilesNorton AntiVirusNavShExt.dll
O2 – BHO: (no name) – {E090AF9D–5BB5–11AF–EDC8–3CFC8DED11EC} – C:WINDOWSsystem32apirb.dll
O3 – Toolbar: FlashGet Bar – {E0E899AB–F487–11D5–8D29–0050BA6940E3} – C:PROGRA~1FlashGetfgiebar.dll
O3 – Toolbar: Norton AntiVirus – {42CDD1BF–3FFB–4238–8AD1–7859DF00B1D6} – C:Program FilesNorton AntiVirusNavShExt.dll
O3 – Toolbar: &Radio – {8E718888–423F–11D2–876E–00A0C9082467} – C:WINDOWSSystem32msdxm.ocx
O4 – HKLM..Run: [NvCplDaemon] RUNDLL32.EXE C:WINDOWSSystem32NvCpl.dll,NvStartup
O4 – HKLM..Run: [nwiz] nwiz.exe /install
O4 – HKLM..Run: [WinampAgent] "C:Program FilesWinampWinampa.exe"
O4 – HKLM..Run: [NeroCheck] C:WINDOWSSystem32\NeroCheck.exe
O4 – HKLM..Run: [NvMediaCenter] RUNDLL32.EXE C:WINDOWSSystem32NvMcTray.dll,NvTaskbarInit
O4 – HKLM..Run: [mszb32.exe] C:WINDOWSmszb32.exe
O4 – HKLM..Run: [NAV CfgWiz] C:Program FilesCommon FilesSymantec SharedCfgWiz.exe /GUID NAV /CMDLINE "REBOOT"
O4 – HKLM..Run: [ccApp] "C:Program FilesCommon FilesSymantec SharedccApp.exe"
O4 – HKLM..Run: [Advanced Tools Check] C:PROGRA~1NORTON~1AdvToolsADVCHK.EXE
O4 – HKLM..Run: [SSC_UserPrompt] C:Program FilesCommon FilesSymantec SharedSecurity CenterUsrPrmpt.exe
O4 – HKLM..RunOnce: [kdecm] C:WINDOWSKawa.bmp:kdecm
O4 – HKCU..Run: [Gadu–Gadu] "C:PROGRA~1GADU–G~1gg.exe" /tray
O4 – Global Startup: Microsoft Office.lnk = C:Program FilesMicrosoft OfficeOfficeOSA9.EXE
O8 – Extra context menu item: E&ksport do programu Microsoft Excel – res://C:PROGRA~1MICROS~2Office10EXCEL.EXE/3000
O8 – Extra context menu item: Ściągnij przy pomocy FlashGet'a – C:PROGRA~1FlashGetjc_link.htm
O8 – Extra context menu item: Ściągnij wszystko przy pomocy FlashGet'a – C:PROGRA~1FlashGetjc_all.htm
O9 – Extra button: Related – {c95fe080–8f5d–11d2–a20b–00aa003c157a} – C:WINDOWSweb elated.htm
O9 – Extra 'Tools' menuitem: Show &Related Links – {c95fe080–8f5d–11d2–a20b–00aa003c157a} – C:WINDOWSweb elated.htm
Scan saved at 22:27:03, on 2004–08–21
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32spoolsv.exe
C:Program FilesCommon FilesSymantec SharedccSetMgr.exe
C:Program FilesNorton AntiVirus avapsvc.exe
C:Program FilesNorton AntiVirusAdvToolsNPROTECT.EXE
C:WINDOWSSystem32 vsvc32.exe
C:WINDOWSExplorer.EXE
C:Program FilesWinampWinampa.exe
C:Program FilesCommon FilesSymantec SharedCCPD–LCsymlcsvc.exe
C:Program FilesCommon FilesSymantec SharedccEvtMgr.exe
C:Program FilesRaxcoPerfectDiskPDSched.exe
C:Program FilesNorton AntiVirusSAVScan.exe
C:Program FilesWinampwinamp.exe
C:PROGRA~1GADU–G~1gg.exe
C:Documents and SettingsxxxPulpithijackthishijackthis1982.exe
R1 – HKCUSoftwareMicrosoftInternet ExplorerMain,Search Bar = res://C:WINDOWSwhqkr.dll/sp.html#29620
R1 – HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page = res://C:WINDOWSwhqkr.dll/sp.html#29620
R1 – HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = about:blank
R1 – HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = res://C:WINDOWSwhqkr.dll/sp.html#29620
R1 – HKLMSoftwareMicrosoftInternet ExplorerMain,Search Bar = res://C:WINDOWSwhqkr.dll/sp.html#29620
R1 – HKCUSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant = res://C:WINDOWSwhqkr.dll/sp.html#29620
R1 – HKCUSoftwareMicrosoftInternet ExplorerSearch,CustomizeSearch = http://minisearch.startnow.com
R1 – HKLMSoftwareMicrosoftInternet ExplorerSearch,Default_Search_URL = http://minisearch.startnow.com
R0 – HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant = res://C:WINDOWSwhqkr.dll/sp.html#29620
R0 – HKLMSoftwareMicrosoftInternet ExplorerSearch,CustomizeSearch = http://minisearch.startnow.com
R0 – HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Łącza
R3 – Default URLSearchHook is missing
O2 – BHO: AcroIEHlprObj Class – {06849E9F–C8D7–4D59–B87D–784B7D6BE0B3} – C:Program FilesAdobeAcrobat 6.0ReaderActiveXAcroIEHelper.dll
O2 – BHO: (no name) – {368141D4–591D–E735–C971–27E5E649F293} – C:WINDOWSd3tr.dll
O2 – BHO: (no name) – {5C4938F7–4F76–B565–345B–F5460D9DB10E} – C:WINDOWSmsnk.dll
O2 – BHO: (no name) – {5DCA52E2–C6CC–D757–97C2–47BA9343E89D} – C:WINDOWSsystem32crvl.dll
O2 – BHO: (no name) – {A0EA3DBC–1C42–9C3C–FF47–58A371550D9B} – C:WINDOWSaddlf32.dll
O2 – BHO: IeCatch2 Class – {A5366673–E8CA–11D3–9CD9–0090271D075B} – C:PROGRA~1FlashGetjccatch.dll
O2 – BHO: NAV Helper – {BDF3E430–B101–42AD–A544–FADC6B084872} – C:Program FilesNorton AntiVirusNavShExt.dll
O2 – BHO: (no name) – {E090AF9D–5BB5–11AF–EDC8–3CFC8DED11EC} – C:WINDOWSsystem32apirb.dll
O3 – Toolbar: FlashGet Bar – {E0E899AB–F487–11D5–8D29–0050BA6940E3} – C:PROGRA~1FlashGetfgiebar.dll
O3 – Toolbar: Norton AntiVirus – {42CDD1BF–3FFB–4238–8AD1–7859DF00B1D6} – C:Program FilesNorton AntiVirusNavShExt.dll
O3 – Toolbar: &Radio – {8E718888–423F–11D2–876E–00A0C9082467} – C:WINDOWSSystem32msdxm.ocx
O4 – HKLM..Run: [NvCplDaemon] RUNDLL32.EXE C:WINDOWSSystem32NvCpl.dll,NvStartup
O4 – HKLM..Run: [nwiz] nwiz.exe /install
O4 – HKLM..Run: [WinampAgent] "C:Program FilesWinampWinampa.exe"
O4 – HKLM..Run: [NeroCheck] C:WINDOWSSystem32\NeroCheck.exe
O4 – HKLM..Run: [NvMediaCenter] RUNDLL32.EXE C:WINDOWSSystem32NvMcTray.dll,NvTaskbarInit
O4 – HKLM..Run: [mszb32.exe] C:WINDOWSmszb32.exe
O4 – HKLM..Run: [NAV CfgWiz] C:Program FilesCommon FilesSymantec SharedCfgWiz.exe /GUID NAV /CMDLINE "REBOOT"
O4 – HKLM..Run: [ccApp] "C:Program FilesCommon FilesSymantec SharedccApp.exe"
O4 – HKLM..Run: [Advanced Tools Check] C:PROGRA~1NORTON~1AdvToolsADVCHK.EXE
O4 – HKLM..Run: [SSC_UserPrompt] C:Program FilesCommon FilesSymantec SharedSecurity CenterUsrPrmpt.exe
O4 – HKLM..RunOnce: [kdecm] C:WINDOWSKawa.bmp:kdecm
O4 – HKCU..Run: [Gadu–Gadu] "C:PROGRA~1GADU–G~1gg.exe" /tray
O4 – Global Startup: Microsoft Office.lnk = C:Program FilesMicrosoft OfficeOfficeOSA9.EXE
O8 – Extra context menu item: E&ksport do programu Microsoft Excel – res://C:PROGRA~1MICROS~2Office10EXCEL.EXE/3000
O8 – Extra context menu item: Ściągnij przy pomocy FlashGet'a – C:PROGRA~1FlashGetjc_link.htm
O8 – Extra context menu item: Ściągnij wszystko przy pomocy FlashGet'a – C:PROGRA~1FlashGetjc_all.htm
O9 – Extra button: Related – {c95fe080–8f5d–11d2–a20b–00aa003c157a} – C:WINDOWSweb elated.htm
O9 – Extra 'Tools' menuitem: Show &Related Links – {c95fe080–8f5d–11d2–a20b–00aa003c157a} – C:WINDOWSweb elated.htm
Odpowiedzi: 4
No super Dzieki EL NINO teraz wszystko dziala !!
IMO moglbys jeszcze usunac
O4 – HKLM..RunOnce: [Regsister WScript] wscript –regserver
chyba ze uzywasz jakichs skryptow
i
R3 – Default URLSearchHook is missing
O4 – HKLM..RunOnce: [Regsister WScript] wscript –regserver
chyba ze uzywasz jakichs skryptow
i
R3 – Default URLSearchHook is missing
Dzeki! EL NINOdalem rade :) mozesz teraz spojrzec czy jest czysto
Logfile of HijackThis v1.98.2
Scan saved at 10:59:31, on 2004–08–22
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:Program FilesCommon FilesSymantec SharedccSetMgr.exe
C:Program FilesNorton AntiVirus avapsvc.exe
C:Program FilesNorton AntiVirusAdvToolsNPROTECT.EXE
C:WINDOWSSystem32 vsvc32.exe
C:Program FilesCommon FilesSymantec SharedccEvtMgr.exe
C:Program FilesRaxcoPerfectDiskPDSched.exe
C:Program FilesNorton AntiVirusSAVScan.exe
C:WINDOWSExplorer.EXE
C:Program FilesWinampWinampa.exe
C:Program FilesCommon FilesSymantec SharedccApp.exe
C:WINDOWSSystem32 askmgr.exe
C:PROGRA~1FlashGetflashget.exe
C:Documents and SettingsxxxPulpithijackthishijackthis1982.exe
R0 – HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Łącza
R3 – Default URLSearchHook is missing
O2 – BHO: AcroIEHlprObj Class – {06849E9F–C8D7–4D59–B87D–784B7D6BE0B3} – C:Program FilesAdobeAcrobat 6.0ReaderActiveXAcroIEHelper.dll
O2 – BHO: IeCatch2 Class – {A5366673–E8CA–11D3–9CD9–0090271D075B} – C:PROGRA~1FlashGetjccatch.dll
O2 – BHO: NAV Helper – {BDF3E430–B101–42AD–A544–FADC6B084872} – C:Program FilesNorton AntiVirusNavShExt.dll
O3 – Toolbar: FlashGet Bar – {E0E899AB–F487–11D5–8D29–0050BA6940E3} – C:PROGRA~1FlashGetfgiebar.dll
O3 – Toolbar: Norton AntiVirus – {42CDD1BF–3FFB–4238–8AD1–7859DF00B1D6} – C:Program FilesNorton AntiVirusNavShExt.dll
O4 – HKLM..Run: [NvCplDaemon] RUNDLL32.EXE C:WINDOWSSystem32NvCpl.dll,NvStartup
O4 – HKLM..Run: [WinampAgent] "C:Program FilesWinampWinampa.exe"
O4 – HKLM..Run: [NeroCheck] C:WINDOWSSystem32\NeroCheck.exe
O4 – HKLM..Run: [NAV CfgWiz] C:Program FilesCommon FilesSymantec SharedCfgWiz.exe /GUID NAV /CMDLINE "REBOOT"
O4 – HKLM..Run: [ccApp] "C:Program FilesCommon FilesSymantec SharedccApp.exe"
O4 – HKLM..Run: [Advanced Tools Check] C:PROGRA~1NORTON~1AdvToolsADVCHK.EXE
O4 – HKLM..Run: [SSC_UserPrompt] C:Program FilesCommon FilesSymantec SharedSecurity CenterUsrPrmpt.exe
O4 – HKLM..RunOnce: [Regsister WScript] wscript –regserver
O4 – HKCU..Run: [Gadu–Gadu] "C:Program FilesGadu–Gadugg.exe" /tray
O4 – Global Startup: Microsoft Office.lnk = C:Program FilesMicrosoft OfficeOfficeOSA9.EXE
O8 – Extra context menu item: E&ksport do programu Microsoft Excel – res://C:PROGRA~1MICROS~2Office10EXCEL.EXE/3000
O8 – Extra context menu item: Ściągnij przy pomocy FlashGet'a – C:PROGRA~1FlashGetjc_link.htm
O8 – Extra context menu item: Ściągnij wszystko przy pomocy FlashGet'a – C:PROGRA~1FlashGetjc_all.htm
Logfile of HijackThis v1.98.2
Scan saved at 10:59:31, on 2004–08–22
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:Program FilesCommon FilesSymantec SharedccSetMgr.exe
C:Program FilesNorton AntiVirus avapsvc.exe
C:Program FilesNorton AntiVirusAdvToolsNPROTECT.EXE
C:WINDOWSSystem32 vsvc32.exe
C:Program FilesCommon FilesSymantec SharedccEvtMgr.exe
C:Program FilesRaxcoPerfectDiskPDSched.exe
C:Program FilesNorton AntiVirusSAVScan.exe
C:WINDOWSExplorer.EXE
C:Program FilesWinampWinampa.exe
C:Program FilesCommon FilesSymantec SharedccApp.exe
C:WINDOWSSystem32 askmgr.exe
C:PROGRA~1FlashGetflashget.exe
C:Documents and SettingsxxxPulpithijackthishijackthis1982.exe
R0 – HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Łącza
R3 – Default URLSearchHook is missing
O2 – BHO: AcroIEHlprObj Class – {06849E9F–C8D7–4D59–B87D–784B7D6BE0B3} – C:Program FilesAdobeAcrobat 6.0ReaderActiveXAcroIEHelper.dll
O2 – BHO: IeCatch2 Class – {A5366673–E8CA–11D3–9CD9–0090271D075B} – C:PROGRA~1FlashGetjccatch.dll
O2 – BHO: NAV Helper – {BDF3E430–B101–42AD–A544–FADC6B084872} – C:Program FilesNorton AntiVirusNavShExt.dll
O3 – Toolbar: FlashGet Bar – {E0E899AB–F487–11D5–8D29–0050BA6940E3} – C:PROGRA~1FlashGetfgiebar.dll
O3 – Toolbar: Norton AntiVirus – {42CDD1BF–3FFB–4238–8AD1–7859DF00B1D6} – C:Program FilesNorton AntiVirusNavShExt.dll
O4 – HKLM..Run: [NvCplDaemon] RUNDLL32.EXE C:WINDOWSSystem32NvCpl.dll,NvStartup
O4 – HKLM..Run: [WinampAgent] "C:Program FilesWinampWinampa.exe"
O4 – HKLM..Run: [NeroCheck] C:WINDOWSSystem32\NeroCheck.exe
O4 – HKLM..Run: [NAV CfgWiz] C:Program FilesCommon FilesSymantec SharedCfgWiz.exe /GUID NAV /CMDLINE "REBOOT"
O4 – HKLM..Run: [ccApp] "C:Program FilesCommon FilesSymantec SharedccApp.exe"
O4 – HKLM..Run: [Advanced Tools Check] C:PROGRA~1NORTON~1AdvToolsADVCHK.EXE
O4 – HKLM..Run: [SSC_UserPrompt] C:Program FilesCommon FilesSymantec SharedSecurity CenterUsrPrmpt.exe
O4 – HKLM..RunOnce: [Regsister WScript] wscript –regserver
O4 – HKCU..Run: [Gadu–Gadu] "C:Program FilesGadu–Gadugg.exe" /tray
O4 – Global Startup: Microsoft Office.lnk = C:Program FilesMicrosoft OfficeOfficeOSA9.EXE
O8 – Extra context menu item: E&ksport do programu Microsoft Excel – res://C:PROGRA~1MICROS~2Office10EXCEL.EXE/3000
O8 – Extra context menu item: Ściągnij przy pomocy FlashGet'a – C:PROGRA~1FlashGetjc_link.htm
O8 – Extra context menu item: Ściągnij wszystko przy pomocy FlashGet'a – C:PROGRA~1FlashGetjc_all.htm
Zaznacz i usun HiJackiem a pozniej z dysku wszystkie wymienione w logu pliki exe, dll i sp.html (na forum podalem narzedzie do usuwania sp.html). Byc moze bedziesz musial wylaczyc proces mszb32.exe
R1 – HKCUSoftwareMicrosoftInternet ExplorerMain,Search Bar = res://C:WINDOWSwhqkr.dll/sp.html#29620
R1 – HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page = res://C:WINDOWSwhqkr.dll/sp.html#29620
R1 – HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = about:blank
R1 – HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = res://C:WINDOWSwhqkr.dll/sp.html#29620
R1 – HKLMSoftwareMicrosoftInternet ExplorerMain,Search Bar = res://C:WINDOWSwhqkr.dll/sp.html#29620
R1 – HKCUSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant = res://C:WINDOWSwhqkr.dll/sp.html#29620
R1 – HKCUSoftwareMicrosoftInternet ExplorerSearch,CustomizeSearch = http://minisearch.startnow.com
R1 – HKLMSoftwareMicrosoftInternet ExplorerSearch,Default_Search_URL = http://minisearch.startnow.com
R0 – HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant = res://C:WINDOWSwhqkr.dll/sp.html#29620
R0 – HKLMSoftwareMicrosoftInternet ExplorerSearch,CustomizeSearch = http://minisearch.startnow.com
O2 – BHO: (no name) – {368141D4–591D–E735–C971–27E5E649F293} – C:WINDOWSd3tr.dll
O2 – BHO: (no name) – {5C4938F7–4F76–B565–345B–F5460D9DB10E} – C:WINDOWSmsnk.dll
O2 – BHO: (no name) – {5DCA52E2–C6CC–D757–97C2–47BA9343E89D} – C:WINDOWSsystem32crvl.dll
O2 – BHO: (no name) – {A0EA3DBC–1C42–9C3C–FF47–58A371550D9B} – C:WINDOWSaddlf32.dll
O2 – BHO: (no name) – {E090AF9D–5BB5–11AF–EDC8–3CFC8DED11EC} – C:WINDOWSsystem32apirb.dll
O4 – HKLM..Run: [mszb32.exe] C:WINDOWSmszb32.exe
O4 – HKLM..RunOnce: [kdecm] C:WINDOWSKawa.bmp:kdecm
O9 – Extra button: Related – {c95fe080–8f5d–11d2–a20b–00aa003c157a} – C:WINDOWSweb elated.htm
O9 – Extra 'Tools' menuitem: Show &Related Links – {c95fe080–8f5d–11d2–a20b–00aa003c157a} – C:WINDOWSweb elated.htm
Strona 1 / 1