Witam !
Mam problem z pojawiającym się folderem moje dokumenty po uruchomieniu systemu Windows XP Professional .Udało mi się 1 usunąć ale pozostał jeszcze drugi.Proszę o pomoc
Oto logi:
ComboFix 11-06-17.04 - Administrator 2011-06-18 15:18:20.1.1 - x86
Microsoft Windows XP Professional 5.1.2600.3.1250.48.1045.18.2047.1588 [GMT 2:00]
Uruchomiony z: c:\documents and settings\Administrator.PIOTREK.000\Pulpit\ComboFix.exe
AV: System antywirusowy NOD32 2.70 *Enabled/Updated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
* Rezydentny antywirus jest aktywny
.
.
UWAGA - TEN KOMPUTER NIE MA ZAINSTALOWANEJ KONSOLI ODZYSKIWANIA
.
.
((((((((((((((((((((((((((((((((((((((( Usunięto )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\Bakus\Ustawienia lokalne\Dane aplikacji\Bron.tok-16-17
c:\documents and settings\Bakus\Ustawienia lokalne\Dane aplikacji\Kosong.Bron.Tok.txt
.
.
((((((((((((((((((((((((( Pliki utworzone od 2011-05-18 do 2011-06-18 )))))))))))))))))))))))))))))))
.
.
2011-06-18 13:00 . 2011-06-18 13:00 -------- d-----w- c:\program files\Trend Micro
2011-06-18 11:20 . 2011-06-18 11:30 -------- d-----w- c:\program files\RegCleaner
2011-06-17 22:22 . 2011-06-17 22:22 -------- d-----w- c:\program files\ToniArts
2011-06-17 19:42 . 2011-06-17 19:41 512096 ----a-w- c:\windows\system32\drivers\amon.sys
2011-06-17 19:42 . 2011-06-17 19:41 15424 ----a-w- c:\windows\system32\drivers\nod32drv.sys
2011-06-17 19:39 . 2011-06-17 19:39 -------- d-----w- c:\windows\system32\wbem\Repository
2011-06-17 19:19 . 2011-06-17 19:19 -------- d-----w- c:\documents and settings\Bakus\Ustawienia lokalne\Dane aplikacji\Ok-SendMail-Bron-tok
2011-06-17 19:17 . 2011-06-17 19:17 -------- d-----w- c:\documents and settings\Bakus\Ustawienia lokalne\Dane aplikacji\Loc.Mail.Bron.Tok
2011-06-17 11:55 . 2011-06-17 19:39 -------- d-s---w- c:\documents and settings\Administrator
2011-06-15 22:27 . 2011-06-15 22:27 -------- d-----w- c:\program files\Jasc Software Inc
2011-06-15 20:26 . 2011-06-17 21:37 -------- d-----w- c:\documents and settings\Bakus\Dane aplikacji\Toolbar4
2011-06-12 14:30 . 2011-06-12 14:30 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\96D
2011-06-12 09:16 . 2011-06-12 09:17 -------- d-----w- c:\documents and settings\Bakus\Ustawienia lokalne\Dane aplikacji\Ahead
2011-06-12 09:16 . 2011-06-12 09:16 -------- d-----w- c:\documents and settings\Bakus\Dane aplikacji\Nero
2011-06-12 09:13 . 2011-06-12 09:15 -------- d-----w- c:\program files\Common Files\Nero
2011-06-12 09:13 . 2011-06-12 09:13 -------- d-----w- c:\program files\Nero
2011-06-12 09:13 . 2011-06-12 09:13 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\Nero
2011-06-12 09:00 . 2011-06-12 09:00 -------- d-----w- c:\program files\AskTBar
2011-06-10 18:26 . 2011-06-17 22:26 -------- d-----w- c:\documents and settings\Bakus\Ustawienia lokalne\Dane aplikacji\gctmp
2011-06-10 18:26 . 2011-06-10 18:26 -------- d-----w- c:\documents and settings\Bakus\Ustawienia lokalne\Dane aplikacji\Xenocode
2011-06-08 20:05 . 2011-06-08 20:05 -------- d-----w- c:\program files\Microsoft.NET
2011-06-08 20:03 . 2011-06-17 22:28 -------- d-----w- c:\windows\SHELLNEW
2011-06-08 20:03 . 2011-06-08 20:03 -------- d-----w- c:\documents and settings\Bakus\Ustawienia lokalne\Dane aplikacji\Microsoft Help
2011-06-08 20:03 . 2011-06-18 10:08 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\Microsoft Help
2011-06-08 20:02 . 2011-06-08 20:02 -------- d-----r- C:\MSOCache
2011-06-08 18:57 . 2011-06-08 18:57 -------- d-----w- c:\documents and settings\Bakus\Ustawienia lokalne\Dane aplikacji\Ares
2011-06-08 18:50 . 2011-06-08 18:50 -------- d-----w- c:\program files\JRE
2011-06-08 18:48 . 2011-06-08 18:50 -------- d-----w- c:\program files\OpenOffice.org 3
2011-06-07 20:03 . 2011-06-07 20:04 -------- d-----w- c:\documents and settings\Bakus\Dane aplikacji\OpenOffice.org2
2011-06-07 20:02 . 2011-06-07 20:05 -------- d-----w- c:\program files\OpenOffice.org 2.4
2011-06-07 19:42 . 2011-06-07 19:42 -------- d-----w- c:\documents and settings\Bakus\Dane aplikacji\TP
2011-06-06 18:44 . 2011-06-18 10:30 -------- d-----w- c:\documents and settings\Bakus\Dane aplikacji\Winamp
2011-06-06 18:44 . 2011-06-06 18:44 -------- d-----w- c:\program files\Winamp
2011-06-05 19:58 . 2006-09-28 14:05 2414360 ----a-w- c:\windows\system32\d3dx9_31.dll
2011-06-05 19:57 . 2011-06-05 20:03 -------- d-----w- c:\program files\mp3DirectCut
2011-06-05 19:53 . 2011-06-05 20:15 -------- d-----w- c:\program files\Audioblast
2011-06-05 19:42 . 2011-06-05 19:42 -------- d-----w- c:\documents and settings\Bakus\Dane aplikacji\Ahead
2011-06-05 19:41 . 2003-07-22 14:29 57344 ----a-w- c:\windows\system32\ImageDrive.cpl
2011-06-05 19:41 . 2003-03-29 14:45 89184 ----a-w- c:\windows\system32\drivers\imagedrv.sys
2011-06-05 19:41 . 2001-07-06 16:24 283920 ----a-w- c:\windows\system32\ImagXpr5.dll
2011-06-05 19:41 . 2001-07-06 12:41 569344 ----a-w- c:\windows\system32\imagr5.dll
2011-06-05 19:41 . 2001-07-06 10:44 544768 ----a-w- c:\windows\system32\imagx5.dll
2011-06-05 19:41 . 2001-06-26 06:15 38912 ----a-w- c:\windows\system32\picn20.dll
2011-06-05 19:41 . 2001-07-09 09:50 155648 ----a-w- c:\windows\system32\NeroCheck.exe
2011-06-03 22:15 . 2011-06-17 21:36 -------- d-----w- C:\Fraps
2011-06-02 18:19 . 2011-06-02 18:24 -------- d-----w- c:\documents and settings\Bakus\Dane aplikacji\MountBlade Warband
2011-06-02 18:18 . 2009-09-04 15:29 1974616 ----a-w- c:\windows\system32\D3DCompiler_42.dll
2011-06-02 18:18 . 2009-09-04 15:29 1892184 ----a-w- c:\windows\system32\D3DX9_42.dll
2011-06-02 18:18 . 2009-03-09 13:27 4178264 ----a-w- c:\windows\system32\D3DX9_41.dll
2011-06-02 18:18 . 2011-06-02 18:18 -------- d-----w- c:\windows\Logs
2011-06-02 14:05 . 2011-06-02 14:05 -------- d-----w- c:\windows\Sun
2011-06-01 16:52 . 2011-06-01 16:52 73728 ----a-w- c:\windows\system32\javacpl.cpl
2011-06-01 16:52 . 2011-06-01 16:52 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-05-29 18:32 . 2011-05-29 18:35 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\DAEMON Tools Lite
2011-05-29 18:32 . 2011-05-29 18:35 -------- d-----w- c:\documents and settings\Bakus\Dane aplikacji\DAEMON Tools Lite
2011-05-29 18:23 . 2011-05-29 18:24 -------- d-----w- c:\documents and settings\Bakus\Ustawienia lokalne\Dane aplikacji\NFS Underground 2
2011-05-28 12:56 . 2011-05-28 12:56 65536 ----a-w- c:\windows\system32\frapsvid.dll
2011-05-22 11:52 . 2011-05-22 11:53 -------- d-----w- c:\program files\Gadu-Gadu 10
.
.
.
(((((((((((((((((((((((((((((((((((((((( Sekcja Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-06-17 19:41 . 2011-05-01 11:01 298104 ----a-w- c:\windows\system32\imon.dll
2011-05-15 17:48 . 2011-05-14 08:52 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-04-29 20:20 . 2011-04-29 20:20 319488 ----a-w- c:\windows\HideWin.exe
2011-04-14 16:59 . 2011-04-29 16:38 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" [2008-02-28 1828136]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WooCnxMon"="c:\progra~1\NEOSTR~1\CnxMon.exe" [2003-10-16 24576]
"WOOWATCH"="c:\progra~1\NEOSTR~1\Watch.exe" [2003-10-16 20480]
"WOOTASKBARICON"="c:\progra~1\NEOSTR~1\taskbaricon.exe" [2003-10-16 53248]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-08-29 61440]
"RTHDCPL"="RTHDCPL.EXE" [2008-07-23 16804864]
"NeroCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"WinampAgent"="c:\program files\Winamp\winampa.exe" [2011-03-22 74752]
"NeroFilterCheck"="c:\program files\Common Files\Nero\Lib\NeroCheck.exe" [2008-03-25 570664]
"NBKeyScan"="c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2008-02-18 2221352]
"nod32kui"="c:\program files\Eset\nod32kui.exe" [2011-06-17 949376]
"UpdateReminder"="c:\program files\Eset\UpdateReminder.exe" [2011-06-17 434176]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Gadu-Gadu 10\\gg.exe"=
"c:\\Program Files\\Steam\\Steam.exe"=
"c:\\Program Files\\Steam\\steamapps\\ctb_bakus\\team fortress classic\\hl.exe"=
"c:\\Program Files\\Steam\\steamapps\\ctb_bakus\\deathmatch classic\\hl.exe"=
"c:\\Program Files\\Steam\\steamapps\\ctb_bakus\\opposing force\\hl.exe"=
"c:\\Program Files\\Steam\\steamapps\\ctb_bakus\\ricochet\\hl.exe"=
"c:\\Program Files\\Steam\\steamapps\\ctb_bakus\\half-life\\hl.exe"=
"d:\\Pulpit\\Gry\\Counter-Strike 1.6\\Counter-Strike 1.6\\hl.exe"=
"d:\\Pulpit\\Gry\\Kopia (2) Counter-Strike 1.6\\Counter-Strike 1.6\\hl.exe"=
"c:\\Program Files\\Steam\\steamapps\\ctb_bakus\\day of defeat\\hl.exe"=
"d:\\SunAge\\SunAge.exe"=
"c:\\Program Files\\Winamp\\winamp.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Steam\\steamapps\\ctb_bakus\\counter-strike\\hl.exe"=
.
R1 nod32drv;nod32drv;c:\windows\system32\drivers\nod32drv.sys [2011-06-17 15424]
R2 JavaQuickStarterService;Java Quick Starter;c:\program files\Java\jre6\bin\jqs.exe [2011-04-29 153376]
R2 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service;c:\windows\system32\IoctlSvc.exe [2006-12-19 81920]
R3 adiusbaw;USB ADSL WAN Adapter;c:\windows\system32\drivers\adiusbaw.sys [2011-04-29 127065]
R3 AtiHdmiService;ATI Function Driver for HDMI Service;c:\windows\system32\drivers\AtiHdmi.sys [2011-04-29 89600]
R3 NMIndexingService;NMIndexingService;c:\program files\Common Files\Nero\Lib\NMIndexingService.exe [2008-02-28 529704]
S2 ADILOADER;General Purpose USB Driver (adildr.sys);c:\windows\system32\drivers\adildr.sys [2011-04-29 50007]
S3 odserv;Microsoft Office Diagnostics Service;c:\program files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
.
Zawartość folderu 'Zaplanowane zadania'
.
2011-06-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1606980848-583907252-682003330-1003Core.job
- c:\documents and settings\Bakus\Ustawienia lokalne\Dane aplikacji\Google\Update\GoogleUpdate.exe [2011-04-29 16:58]
.
2011-06-18 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1606980848-583907252-682003330-1003UA.job
- c:\documents and settings\Bakus\Ustawienia lokalne\Dane aplikacji\Google\Update\GoogleUpdate.exe [2011-04-29 16:58]
.
.
------- Skan uzupełniający -------
.
uStart Page = hxxp://www.google.pl
IE: Exportar para o Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: { - c:\program files\Messenger\msmsgs.exe
LSP: c:\windows\system32\imon.dll
TCP: Interfaces\{5C8900FF-8E8D-4491-AF5F-90AA04BDA3D4}: NameServer = 194.204.159.1 194.204.152.34
FF - ProfilePath -
.
- - - - USUNIĘTO PUSTE WPISY - - - -
.
BHO-{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} - (no file)
Toolbar-{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} - (no file)
Toolbar-10 - (no file)
HKLM-Run-autoclk - autoclk.exe
HKLM-Run-adiras - adiras.exe
AddRemove-Wave Editor_is1 - c:\program files\Wave Editor\unins000.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-06-18 15:21
Windows 5.1.2600 Dodatek Service Pack 3 NTFS
.
skanowanie ukrytych procesów ...
.
skanowanie ukrytych wpisów autostartu ...
.
skanowanie ukrytych plików ...
.
skanowanie pomyślnie ukończone
ukryte pliki: 0
.
**************************************************************************
.
--------------------- Pliki DLL ładowane pod uruchomionymi procesami ---------------------
.
- - - - - - - 'winlogon.exe'(508)
c:\windows\system32\Ati2evxx.dll
.
- - - - - - - 'lsass.exe'(564)
c:\windows\system32\imon.dll
c:\program files\Eset\pr_imon.dll
.
Czas ukończenia: 2011-06-18 15:22:54
ComboFix-quarantined-files.txt 2011-06-18 13:22
.
Przed: 33 678 594 048 bajtów wolnych
Po: 34 006 335 488 bajtów wolnych
.
WindowsXP-KB310994-SP2-Pro-BootDisk-PLK.exe
.
- - End Of File - - 8BB728B2DB6FB9245055BA2BBC8AE916[/code]
ORAZ
[code]Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 15:28:18, on 2011-06-18 Platform: Windows XP Dodatek SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe C:\Program Files\Eset\nod32krn.exe C:\WINDOWS\system32\IoctlSvc.exe C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\userinit.exe C:\WINDOWS\Explorer.EXE C:\PROGRA~1\NEOSTR~1\CnxMon.exe C:\PROGRA~1\NEOSTR~1\taskbaricon.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Program Files\Winamp\winampa.exe C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe C:\Program Files\Eset\nod32kui.exe C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe C:\WINDOWS\system32\wuauclt.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://szukaj.wp.pl R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\NEOSTR~1\SEARCH~1.DLL O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: Ask Search Assistant BHO - {9CB65201-89C4-402c-BA80-02D8C59F9B1D} - (no file) O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O2 - BHO: Ask Toolbar BHO - {FE063DB1-4EC0-403e-8DD8-394C54984B2C} - (no file) O3 - Toolbar: (no name) - {FE063DB9-4EC0-403e-8DD8-394C54984B2C} - (no file) O4 - HKLM…\Run: [WooCnxMon] C:\PROGRA~1\NEOSTR~1\CnxMon.exe O4 - HKLM…\Run: [WOOWATCH] C:\PROGRA~1\NEOSTR~1\Watch.exe O4 - HKLM…\Run: [WOOTASKBARICON] C:\PROGRA~1\NEOSTR~1\taskbaricon.exe O4 - HKLM…\Run: [StartCCC] “C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe” MSRun O4 - HKLM…\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM…\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM…\Run: [WinampAgent] “C:\Program Files\Winamp\winampa.exe” O4 - HKLM…\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe O4 - HKLM…\Run: [NBKeyScan] “C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe” O4 - HKLM…\Run: [nod32kui] “C:\Program Files\Eset\nod32kui.exe” /WAITSERVICE O4 - HKLM…\Run: [UpdateReminder] C:\Program Files\Eset\UpdateReminder.exe O4 - HKCU…\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] “C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe” ASO-616B5711-6DAE-4795-A05F-39A1E5104020 O4 - HKUS\S-1-5-18…\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘SYSTEM’) O4 - HKUS.DEFAULT…\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘Default user’) O8 - Extra context menu item: Exportar para o Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra ‘Tools’ menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll O9 - Extra ‘Tools’ menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra ‘Tools’ menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O22 - SharedTaskScheduler: Moduł wstępnego ładowania interfejsu Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Demon buforu kategorii składników - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe – End of file - 5829 bytes
regedit oraz msconfig: