Problem z wyczyszczeniem autouzupełniania
Witam, mam problem z czyszczeniem historii autouzupełnienia. W momencie wybrania tej opcji zuźycie procesora wskakuje na 100 % i proces: Isass.exe wzrasta na 95–98% zuźycia CPU. Czyźby sasser czy mam inny problem?...
Mam Win XP + MKS Vir + Outpost Firewall
Pozdrawiam
Mam Win XP + MKS Vir + Outpost Firewall
Pozdrawiam
Odpowiedzi: 6
Witam, udało mi się to poprawić.
Sciągnełem program: System Security Suite i wyczysciłem te formularze, potem spróbowałem normalnie w systemie i działa. Dzieki za zainteresownie, Pozdrawiam
Sciągnełem program: System Security Suite i wyczysciłem te formularze, potem spróbowałem normalnie w systemie i działa. Dzieki za zainteresownie, Pozdrawiam
czy próbowałeś podmienić ten plik w konsoli odzyskiwania za pomoca komendy expand
Sprawdziłem i usunełem nieporządane rejestry. Nie pomogło. Kompa mam czystego. Ten proces to Lsass,exe a nie Isass.exe. Pomocy ...
http://forum.centrumxp.pl/viewtopic.php?t=37513
Logfile of HijackThis v1.99.1
Scan saved at 15:57:29, on 2006–03–30
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ArcaBit\ArcaVir\netmonsv.exe
C:\Program Files\ArcaBit\Common\ArcaBit.Core.Configurator2.exe
C:\Program Files\ArcaBit\ArcaVir\AvMon.exe
C:\WINDOWS\System32\CCPkiWNT.exe
C:\WINDOWS\system32\hpb2ksrv.exe
C:\WINDOWS\system32\hpbhksrv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\PROGRA~1\Agnitum\OUTPOS~1\outpost.exe
C:\Program Files\RVS\WCOM\SYSTEM\RVSINST.EXE
C:\WINDOWS\system32\r_server.exe
C:\Program Files\CheckPoint\SecuRemote\bin\SR_Service.exe
C:\Program Files\CheckPoint\SecuRemote\bin\SR_WatchDog.exe
C:\Program Files\UltraVNC\WinVNC.exe
C:\Program Files\ArcaBit\Common\TaskScheduler.exe
C:\Program Files\RVS\WCOM\SYSTEM\RVSCC.EXE
C:\Program Files\RVS\WCOM\SYSTEM\CCSRV.EXE
C:\Program Files\ArcaBit\Common\ArcaBit.Core.LoggingService.exe
C:\Program Files\CheckPoint\SecuRemote\bin\SR_GUI.Exe
C:\Program Files\ArcaBit\ArcaVir\abregmon.exe
C:\Program Files\ArcaBit\ArcaVir\AVMenu.exe
C:\WINDOWS\system32\hpstatus.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Hewlett–Packard\Toolbox\StatusClient\StatusClient.exe
C:\Program Files\Hewlett–Packard\HP Software Update\HPWuSchd2.exe
C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe
C:\WINDOWS\system32\HPBSPSVR.EXE
C:\WINDOWS\system32\HPBJDSNT.EXE
C:\Program Files\Hewlett–Packard\Toolbox\jre\bin\javaw.exe
C:\Program Files\Gadu–Gadu\gg.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\FlashGet\flashget.exe
C:\totalcmdD\TOTALCMD.EXE
C:\DOCUME~1\bs\USTAWI~1\Temp\_tc0\HijackThis.exe
R1 – HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.onet.pl
R0 – HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.onet.pl/
R1 – HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.onet.pl
R0 – HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.onet.pl/
R1 – HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://crackspider.net/ie/assist.php
R0 – HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
O1 – Hosts: 127
O2 – BHO: AcroIEHlprObj Class – {06849E9F–C8D7–4D59–B87D–784B7D6BE0B3} – C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 – BHO: IeCatch2 Class – {A5366673–E8CA–11D3–9CD9–0090271D075B} – C:\PROGRA~1\FlashGet\jccatch.dll
O2 – BHO: AcroIEToolbarHelper Class – {AE7CD045–E861–484f–8273–0445EE161910} – C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 – Toolbar: FlashGet Bar – {E0E899AB–F487–11D5–8D29–0050BA6940E3} – C:\PROGRA~1\FlashGet\fgiebar.dll
O3 – Toolbar: Adobe PDF – {47833539–D0C5–4125–9FA8–0819E2EAAC93} – C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O4 – HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 – HKLM\..\Run: [Outpost Firewall] C:\Program Files\Agnitum\Outpost Firewall\outpost.exe /waitservice
O4 – HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 – HKLM\..\Run: [nwiz] nwiz.exe /install
O4 – HKLM\..\Run: [HP Status] C:\WINDOWS\system32\hpstatus.exe
O4 – HKLM\..\Run: [HP SchedIndexer] C:\Program Files\Hewlett–Packard\LaserJet All–in–one\hppschedindexer.exe
O4 – HKLM\..\Run: [HP AutoIndexer] C:\Program Files\Hewlett–Packard\LaserJet All–in–one\hppautoindexer.exe
O4 – HKLM\..\Run: [Tweak UI] RUNDLL32.EXE TWEAKUI.CPL,TweakMeUp
O4 – HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 – HKLM\..\Run: [StatusClient 2.6] C:\Program Files\Hewlett–Packard\Toolbox\StatusClient\StatusClient.exe /auto
O4 – HKLM\..\Run: [TomcatStartup 2.5] C:\Program Files\Hewlett–Packard\Toolbox\hpbpsttp.exe
O4 – HKLM\..\Run: [WinVNC] "C:\Program Files\UltraVNC\WinVNC.exe" –servicehelper
O4 – HKLM\..\Run: [HP Software Update] C:\Program Files\Hewlett–Packard\HP Software Update\HPWuSchd2.exe
O4 – HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 – HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"
O4 – HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 –k
O4 – HKLM\..\Run: [AVMenu] C:\Program Files\ArcaBit\ArcaVir\AVMenu.exe
O4 – HKLM\..\Run: [abregmon] C:\Program Files\ArcaBit\ArcaVir\ABregmon.exe
O4 – HKLM\..\Run: [ArcaCheck] C:\Program Files\ArcaBit\ArcaVir\ArcaCheck.exe /startup
O4 – Startup: ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE
O4 – Startup: SecuRemote.lnk = C:\Program Files\CheckPoint\SecuRemote\bin\SR_GUI.exe
O4 – Startup: Skrót do startuj.lnk = ?
O4 – Global Startup: Adobe Acrobat Speed Launcher.lnk = ?
O4 – Global Startup: HP LaserJet Director.lnk = C:\Program Files\Hewlett–Packard\LaserJet All–in–one\hppdirector.exe
O4 – Global Startup: Microsoft Office.lnk = Office\OSA9.EXE
O8 – Extra context menu item: Convert link target to Adobe PDF – res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 – Extra context menu item: Convert link target to existing PDF – res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 – Extra context menu item: Convert selected links to Adobe PDF – res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 – Extra context menu item: Convert selected links to existing PDF – res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 – Extra context menu item: Convert selection to Adobe PDF – res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 – Extra context menu item: Convert selection to existing PDF – res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 – Extra context menu item: Convert to Adobe PDF – res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 – Extra context menu item: Convert to existing PDF – res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 – Extra context menu item: Pobierz uźywając Download &Express'a – C:\Program Files\Download Express\Add_Url.htm
O8 – Extra context menu item: Ściągnij przy pomocy FlashGet'a – C:\Program Files\FlashGet\jc_link.htm
O8 – Extra context menu item: Ściągnij wszystko przy pomocy FlashGet'a – C:\Program Files\FlashGet\jc_all.htm
O9 – Extra button: FlashGet – {D6E814A0–E0C5–11d4–8D29–0050BA6940E3} – C:\PROGRA~1\FlashGet\flashget.exe
O9 – Extra 'Tools' menuitem: &FlashGet – {D6E814A0–E0C5–11d4–8D29–0050BA6940E3} – C:\PROGRA~1\FlashGet\flashget.exe
O9 – Extra button: Trashcan – {072F3B8A–2DA2–40e2–B841–88899F240200} – C:\Program Files\Agnitum\Outpost Firewall\TRASH.EXE (HKCU)
O9 – Extra 'Tools' menuitem: Show Trashcan – {072F3B8A–2DA2–40e2–B841–88899F240200} – C:\Program Files\Agnitum\Outpost Firewall\TRASH.EXE (HKCU)
O16 – DPF: {14DF37B4–B1AD–4BD4–A855–56930AF822FF} (SIGIIFAX Control) – https://www.giif.mofnet.gov.pl/giif/SIGIIFAX.cab
O16 – DPF: {17492023–C23A–453E–A040–C7C580BBF700} (Windows Genuine Advantage Validation Tool) – http://go.microsoft.com/fwlink/?linkid=39204
O16 – DPF: {31B7EB4E–8B4B–11D1–A789–00A0CC6651A8} (Cult3D ActiveX Player) – http://www.cult3d.com/download/cult.cab
O16 – DPF: {4E888414–DB8F–11D1–9CD9–00C04F98436A} (Microsoft.WinRep) – https://webresponse.one.microsoft.com/oas/ActiveX/winrep.cab
O16 – DPF: {6414512B–B978–451D–A0D8–FCFDF33E833C} (WUWebControl Class) – http://v5.windowsupdate.microsoft.com/v5co...b?1094204399468
O16 – DPF: {70BA88C8–DAE8–4CE9–92BB–979C4A75F53B} (GSDACtl Class) – http://launch.gamespyarcade.com/software/launch/alaunch.cab
O16 – DPF: {A7E092C3–692A–11D0–A7E5–08002B322F3B} (WebResponseAttachments Control) – https://webresponse.one.microsoft.com/oas/A...eX/FileXfer.cab
O17 – HKLM\System\CCS\Services\Tcpip\..\{3758CE0F–999C–4EBE–A9F6–98B7267FA07F}: NameServer = 192.168.1.8
O17 – HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 127.0.0.1
O17 – HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 127.0.0.1
O20 – Winlogon Notify: ckpNotify – C:\WINDOWS\SYSTEM32\ckpNotify.dll
O20 – Winlogon Notify: PCANotify – C:\WINDOWS\SYSTEM32\PCANotify.dll
O20 – Winlogon Notify: TS_LogonListener – C:\WINDOWS\SYSTEM32\TS_LogonListener.dll
O23 – Service: ArcaBit NetMonitor (ABNetMon) – ArcaBit – C:\Program Files\ArcaBit\ArcaVir\netmonsv.exe
O23 – Service: Adobe LM Service – Adobe Systems – C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 – Service: ArcaBit.Core.Configurator – ArcaBit – C:\Program Files\ArcaBit\Common\ArcaBit.Core.Configurator2.exe
O23 – Service: ArcaBit.Core.LoggingService – ArcaBit – C:\Program Files\ArcaBit\Common\ArcaBit.Core.LoggingService.exe
O23 – Service: ArcaBit.TaskScheduler – ArcaBit sp. z o.o. – C:\Program Files\ArcaBit\Common\TaskScheduler.exe
O23 – Service: ArcaVir Antivirus Monitor Service (ArcaVirMonitor) – ArcaBit – C:\Program Files\ArcaBit\ArcaVir\AvMon.exe
O23 – Service: pcAnywhere Host Service (awhost32) – Symantec Corporation – C:\Program Files\Symantec\pcAnywhere\awhost32.exe
O23 – Service: CryptoCard Service (CCPkiWNT) – CryptoTech Sp. z o.o. – C:\WINDOWS\System32\CCPkiWNT.exe
O23 – Service: HP Status – Hewlett–Packard Company – C:\WINDOWS\system32\hpb2ksrv.exe
O23 – Service: HP Status Print – Hewlett–Packard Company – C:\WINDOWS\system32\hpbhksrv.exe
O23 – Service: InstallDriver Table Manager (IDriverT) – Macrovision Corporation – C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 – Service: MkSRegisterSrv – Unknown owner – C:\Program Files\MKS\bin\MksRegisterSrv.exe (file missing)
O23 – Service: NVIDIA Display Driver Service (NVSvc) – NVIDIA Corporation – C:\WINDOWS\system32\nvsvc32.exe
O23 – Service: Outpost Firewall Service (OutpostFirewall) – Agnitum – C:\PROGRA~1\Agnitum\OUTPOS~1\outpost.exe
O23 – Service: Pml Driver HPZ12 – HP – C:\WINDOWS\system32\HPZipm12.exe
O23 – Service: RVS CommCenter (RvsCC) – RVS Datentechnik GmbH, Munich – C:\Program Files\RVS\WCOM\SYSTEM\RVSCC.EXE
O23 – Service: RvscomSv – RVS Datentechnik GmbH, Munich – C:\Program Files\RVS\WCOM\SYSTEM\RVSCOMSV.EXE
O23 – Service: RVS Installer (RVSINST) – RVS Datentechnik GmbH, Munich – C:\Program Files\RVS\WCOM\SYSTEM\RVSINST.EXE
O23 – Service: Remote Administrator Service (r_server) – Unknown owner – C:\WINDOWS\system32\r_server.exe" /service (file missing)
O23 – Service: Check Point SecuRemote Service (SR_Service) – Check Point Software Technologies – C:\Program Files\CheckPoint\SecuRemote\bin\SR_Service.exe
O23 – Service: Check Point SecuRemote WatchDog (SR_WatchDog) – Check Point Software Technologies – C:\Program Files\CheckPoint\SecuRemote\bin\SR_WatchDog.exe
O23 – Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) – TuneUp Software GmbH – C:\Program Files\TuneUp Utilities 2004\WinStylerThemeSvc.exe
O23 – Service: VNC Server (winvnc) – Unknown owner – C:\Program Files\UltraVNC\WinVNC.exe" –service (file missing)
Scan saved at 15:57:29, on 2006–03–30
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ArcaBit\ArcaVir\netmonsv.exe
C:\Program Files\ArcaBit\Common\ArcaBit.Core.Configurator2.exe
C:\Program Files\ArcaBit\ArcaVir\AvMon.exe
C:\WINDOWS\System32\CCPkiWNT.exe
C:\WINDOWS\system32\hpb2ksrv.exe
C:\WINDOWS\system32\hpbhksrv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\PROGRA~1\Agnitum\OUTPOS~1\outpost.exe
C:\Program Files\RVS\WCOM\SYSTEM\RVSINST.EXE
C:\WINDOWS\system32\r_server.exe
C:\Program Files\CheckPoint\SecuRemote\bin\SR_Service.exe
C:\Program Files\CheckPoint\SecuRemote\bin\SR_WatchDog.exe
C:\Program Files\UltraVNC\WinVNC.exe
C:\Program Files\ArcaBit\Common\TaskScheduler.exe
C:\Program Files\RVS\WCOM\SYSTEM\RVSCC.EXE
C:\Program Files\RVS\WCOM\SYSTEM\CCSRV.EXE
C:\Program Files\ArcaBit\Common\ArcaBit.Core.LoggingService.exe
C:\Program Files\CheckPoint\SecuRemote\bin\SR_GUI.Exe
C:\Program Files\ArcaBit\ArcaVir\abregmon.exe
C:\Program Files\ArcaBit\ArcaVir\AVMenu.exe
C:\WINDOWS\system32\hpstatus.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Hewlett–Packard\Toolbox\StatusClient\StatusClient.exe
C:\Program Files\Hewlett–Packard\HP Software Update\HPWuSchd2.exe
C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe
C:\WINDOWS\system32\HPBSPSVR.EXE
C:\WINDOWS\system32\HPBJDSNT.EXE
C:\Program Files\Hewlett–Packard\Toolbox\jre\bin\javaw.exe
C:\Program Files\Gadu–Gadu\gg.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\FlashGet\flashget.exe
C:\totalcmdD\TOTALCMD.EXE
C:\DOCUME~1\bs\USTAWI~1\Temp\_tc0\HijackThis.exe
R1 – HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.onet.pl
R0 – HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.onet.pl/
R1 – HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.onet.pl
R0 – HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.onet.pl/
R1 – HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://crackspider.net/ie/assist.php
R0 – HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
O1 – Hosts: 127
O2 – BHO: AcroIEHlprObj Class – {06849E9F–C8D7–4D59–B87D–784B7D6BE0B3} – C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 – BHO: IeCatch2 Class – {A5366673–E8CA–11D3–9CD9–0090271D075B} – C:\PROGRA~1\FlashGet\jccatch.dll
O2 – BHO: AcroIEToolbarHelper Class – {AE7CD045–E861–484f–8273–0445EE161910} – C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 – Toolbar: FlashGet Bar – {E0E899AB–F487–11D5–8D29–0050BA6940E3} – C:\PROGRA~1\FlashGet\fgiebar.dll
O3 – Toolbar: Adobe PDF – {47833539–D0C5–4125–9FA8–0819E2EAAC93} – C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O4 – HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 – HKLM\..\Run: [Outpost Firewall] C:\Program Files\Agnitum\Outpost Firewall\outpost.exe /waitservice
O4 – HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 – HKLM\..\Run: [nwiz] nwiz.exe /install
O4 – HKLM\..\Run: [HP Status] C:\WINDOWS\system32\hpstatus.exe
O4 – HKLM\..\Run: [HP SchedIndexer] C:\Program Files\Hewlett–Packard\LaserJet All–in–one\hppschedindexer.exe
O4 – HKLM\..\Run: [HP AutoIndexer] C:\Program Files\Hewlett–Packard\LaserJet All–in–one\hppautoindexer.exe
O4 – HKLM\..\Run: [Tweak UI] RUNDLL32.EXE TWEAKUI.CPL,TweakMeUp
O4 – HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 – HKLM\..\Run: [StatusClient 2.6] C:\Program Files\Hewlett–Packard\Toolbox\StatusClient\StatusClient.exe /auto
O4 – HKLM\..\Run: [TomcatStartup 2.5] C:\Program Files\Hewlett–Packard\Toolbox\hpbpsttp.exe
O4 – HKLM\..\Run: [WinVNC] "C:\Program Files\UltraVNC\WinVNC.exe" –servicehelper
O4 – HKLM\..\Run: [HP Software Update] C:\Program Files\Hewlett–Packard\HP Software Update\HPWuSchd2.exe
O4 – HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 – HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"
O4 – HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 –k
O4 – HKLM\..\Run: [AVMenu] C:\Program Files\ArcaBit\ArcaVir\AVMenu.exe
O4 – HKLM\..\Run: [abregmon] C:\Program Files\ArcaBit\ArcaVir\ABregmon.exe
O4 – HKLM\..\Run: [ArcaCheck] C:\Program Files\ArcaBit\ArcaVir\ArcaCheck.exe /startup
O4 – Startup: ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE
O4 – Startup: SecuRemote.lnk = C:\Program Files\CheckPoint\SecuRemote\bin\SR_GUI.exe
O4 – Startup: Skrót do startuj.lnk = ?
O4 – Global Startup: Adobe Acrobat Speed Launcher.lnk = ?
O4 – Global Startup: HP LaserJet Director.lnk = C:\Program Files\Hewlett–Packard\LaserJet All–in–one\hppdirector.exe
O4 – Global Startup: Microsoft Office.lnk = Office\OSA9.EXE
O8 – Extra context menu item: Convert link target to Adobe PDF – res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 – Extra context menu item: Convert link target to existing PDF – res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 – Extra context menu item: Convert selected links to Adobe PDF – res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 – Extra context menu item: Convert selected links to existing PDF – res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 – Extra context menu item: Convert selection to Adobe PDF – res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 – Extra context menu item: Convert selection to existing PDF – res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 – Extra context menu item: Convert to Adobe PDF – res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 – Extra context menu item: Convert to existing PDF – res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 – Extra context menu item: Pobierz uźywając Download &Express'a – C:\Program Files\Download Express\Add_Url.htm
O8 – Extra context menu item: Ściągnij przy pomocy FlashGet'a – C:\Program Files\FlashGet\jc_link.htm
O8 – Extra context menu item: Ściągnij wszystko przy pomocy FlashGet'a – C:\Program Files\FlashGet\jc_all.htm
O9 – Extra button: FlashGet – {D6E814A0–E0C5–11d4–8D29–0050BA6940E3} – C:\PROGRA~1\FlashGet\flashget.exe
O9 – Extra 'Tools' menuitem: &FlashGet – {D6E814A0–E0C5–11d4–8D29–0050BA6940E3} – C:\PROGRA~1\FlashGet\flashget.exe
O9 – Extra button: Trashcan – {072F3B8A–2DA2–40e2–B841–88899F240200} – C:\Program Files\Agnitum\Outpost Firewall\TRASH.EXE (HKCU)
O9 – Extra 'Tools' menuitem: Show Trashcan – {072F3B8A–2DA2–40e2–B841–88899F240200} – C:\Program Files\Agnitum\Outpost Firewall\TRASH.EXE (HKCU)
O16 – DPF: {14DF37B4–B1AD–4BD4–A855–56930AF822FF} (SIGIIFAX Control) – https://www.giif.mofnet.gov.pl/giif/SIGIIFAX.cab
O16 – DPF: {17492023–C23A–453E–A040–C7C580BBF700} (Windows Genuine Advantage Validation Tool) – http://go.microsoft.com/fwlink/?linkid=39204
O16 – DPF: {31B7EB4E–8B4B–11D1–A789–00A0CC6651A8} (Cult3D ActiveX Player) – http://www.cult3d.com/download/cult.cab
O16 – DPF: {4E888414–DB8F–11D1–9CD9–00C04F98436A} (Microsoft.WinRep) – https://webresponse.one.microsoft.com/oas/ActiveX/winrep.cab
O16 – DPF: {6414512B–B978–451D–A0D8–FCFDF33E833C} (WUWebControl Class) – http://v5.windowsupdate.microsoft.com/v5co...b?1094204399468
O16 – DPF: {70BA88C8–DAE8–4CE9–92BB–979C4A75F53B} (GSDACtl Class) – http://launch.gamespyarcade.com/software/launch/alaunch.cab
O16 – DPF: {A7E092C3–692A–11D0–A7E5–08002B322F3B} (WebResponseAttachments Control) – https://webresponse.one.microsoft.com/oas/A...eX/FileXfer.cab
O17 – HKLM\System\CCS\Services\Tcpip\..\{3758CE0F–999C–4EBE–A9F6–98B7267FA07F}: NameServer = 192.168.1.8
O17 – HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 127.0.0.1
O17 – HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 127.0.0.1
O20 – Winlogon Notify: ckpNotify – C:\WINDOWS\SYSTEM32\ckpNotify.dll
O20 – Winlogon Notify: PCANotify – C:\WINDOWS\SYSTEM32\PCANotify.dll
O20 – Winlogon Notify: TS_LogonListener – C:\WINDOWS\SYSTEM32\TS_LogonListener.dll
O23 – Service: ArcaBit NetMonitor (ABNetMon) – ArcaBit – C:\Program Files\ArcaBit\ArcaVir\netmonsv.exe
O23 – Service: Adobe LM Service – Adobe Systems – C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 – Service: ArcaBit.Core.Configurator – ArcaBit – C:\Program Files\ArcaBit\Common\ArcaBit.Core.Configurator2.exe
O23 – Service: ArcaBit.Core.LoggingService – ArcaBit – C:\Program Files\ArcaBit\Common\ArcaBit.Core.LoggingService.exe
O23 – Service: ArcaBit.TaskScheduler – ArcaBit sp. z o.o. – C:\Program Files\ArcaBit\Common\TaskScheduler.exe
O23 – Service: ArcaVir Antivirus Monitor Service (ArcaVirMonitor) – ArcaBit – C:\Program Files\ArcaBit\ArcaVir\AvMon.exe
O23 – Service: pcAnywhere Host Service (awhost32) – Symantec Corporation – C:\Program Files\Symantec\pcAnywhere\awhost32.exe
O23 – Service: CryptoCard Service (CCPkiWNT) – CryptoTech Sp. z o.o. – C:\WINDOWS\System32\CCPkiWNT.exe
O23 – Service: HP Status – Hewlett–Packard Company – C:\WINDOWS\system32\hpb2ksrv.exe
O23 – Service: HP Status Print – Hewlett–Packard Company – C:\WINDOWS\system32\hpbhksrv.exe
O23 – Service: InstallDriver Table Manager (IDriverT) – Macrovision Corporation – C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 – Service: MkSRegisterSrv – Unknown owner – C:\Program Files\MKS\bin\MksRegisterSrv.exe (file missing)
O23 – Service: NVIDIA Display Driver Service (NVSvc) – NVIDIA Corporation – C:\WINDOWS\system32\nvsvc32.exe
O23 – Service: Outpost Firewall Service (OutpostFirewall) – Agnitum – C:\PROGRA~1\Agnitum\OUTPOS~1\outpost.exe
O23 – Service: Pml Driver HPZ12 – HP – C:\WINDOWS\system32\HPZipm12.exe
O23 – Service: RVS CommCenter (RvsCC) – RVS Datentechnik GmbH, Munich – C:\Program Files\RVS\WCOM\SYSTEM\RVSCC.EXE
O23 – Service: RvscomSv – RVS Datentechnik GmbH, Munich – C:\Program Files\RVS\WCOM\SYSTEM\RVSCOMSV.EXE
O23 – Service: RVS Installer (RVSINST) – RVS Datentechnik GmbH, Munich – C:\Program Files\RVS\WCOM\SYSTEM\RVSINST.EXE
O23 – Service: Remote Administrator Service (r_server) – Unknown owner – C:\WINDOWS\system32\r_server.exe" /service (file missing)
O23 – Service: Check Point SecuRemote Service (SR_Service) – Check Point Software Technologies – C:\Program Files\CheckPoint\SecuRemote\bin\SR_Service.exe
O23 – Service: Check Point SecuRemote WatchDog (SR_WatchDog) – Check Point Software Technologies – C:\Program Files\CheckPoint\SecuRemote\bin\SR_WatchDog.exe
O23 – Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) – TuneUp Software GmbH – C:\Program Files\TuneUp Utilities 2004\WinStylerThemeSvc.exe
O23 – Service: VNC Server (winvnc) – Unknown owner – C:\Program Files\UltraVNC\WinVNC.exe" –service (file missing)
Czyźby? Nie dowiemy się dopuki np. nie zrobisz loga HJT. Opis i download masz w dziale "Bezpieczeństwo". Przyklejone tematy.
8) Pozdro.
8) Pozdro.
Strona 1 / 1