Log do sprawdzenia

SPERMEN · 17 Czerwiec 2006 16:03

Logfile of HijackThis v1.99.1

Scan saved at 18:06:26, on 2006-06-17

Platform: Windows XP (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 (6.00.2600.0000)


Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\ArcaVir\Bin\ABmenu.exe

C:\WINDOWS\SOUNDMAN.EXE

C:\Program Files\Netropa\Multimedia Keyboard\MMKeybd.exe

D:\Programy\OM- Counter 2.5 Beta\OMCounterApp.exe

D:\Programy\cFosSpeed\cFosSpeed.exe

C:\Program Files\D-Tools\daemon.exe

C:\Program Files\Netropa\Multimedia Keyboard\TrayMon.exe

C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe

C:\Program Files\Netropa\Onscreen Display\OSD.exe

C:\Program Files\ArcaVir\Bin\netsvst.exe

D:\Programy\AQQ\AQQ.exe

C:\Program Files\Netropa\Multimedia Keyboard\nhksrv.exe

C:\Program Files\ArcaVir\Bin\NetMonSv.exe

C:\Program Files\PeerGuardian2\pg2.exe

C:\Program Files\ArcaVir\Bin\avmonsv.exe

D:\Programy\RoboFrom\RoboTaskBarIcon.exe

D:\Programy\emule\emule.exe

D:\Programy\cFosSpeed\spd.exe

C:\Program Files\Executive Software\Diskeeper\DkService.exe

C:\WINDOWS\System32\nvsvc32.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\ArcaVir\Bin\arcascan.exe

D:\Programy\eSkiMoS R2\eSkiMoS.exe

C:\Program Files\Windows Media Player\wmplayer.exe

C:\Program Files\FlashGet\flashget.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\The Bat!\thebat.exe

D:\Programy\HijackThis.exe


R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - D:\Programy\RoboFrom\roboform.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll

O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - C:\PROGRA~1\FlashGet\jccatch.dll

O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\PROGRA~1\FlashFXP\IEFlash.dll

O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx

O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\fgiebar.dll

O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - D:\Programy\RoboFrom\roboform.dll

O4 - HKLM\..\Run: [ABmenu] C:\Program Files\ArcaVir\Bin\ABmenu.exe

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE

O4 - HKLM\..\Run: [MULTIMEDIA KEYBOARD] C:\Program Files\Netropa\Multimedia Keyboard\MMKeybd.exe

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [OM- Counter 2.5 Beta] "D:\Programy\OM- Counter 2.5 Beta\OMCounterApp.exe"

O4 - HKLM\..\Run: [cFosSpeed] D:\Programy\cFosSpeed\cFosSpeed.exe

O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033

O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe

O4 - HKLM\..\Run: [Odkurzacz-MCD] C:\Program Files\Odkurzacz 10.1 Pro\odk_mcd.exe

O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background

O4 - HKCU\..\Run: [NetMonSVStat] C:\Program Files\ArcaVir\Bin\netsvst.exe

O4 - HKCU\..\Run: [AQQ] D:\Programy\AQQ\AQQ.exe

O4 - HKCU\..\Run: [PeerGuardian] C:\Program Files\PeerGuardian2\pg2.exe

O4 - HKCU\..\Run: [RoboForm] "D:\Programy\RoboFrom\RoboTaskBarIcon.exe"

O4 - HKCU\..\Run: [eMuleAutoStart] D:\Programy\emule\emule.exe -AutoStart

O4 - HKCU\..\Run: [eSkiMoS R2] "D:\Programy\eSkiMoS R2\eSkiMoS.exe" tray

O4 - Startup: PowerReg Scheduler.exe

O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe

O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

O8 - Extra context menu item: Pasek Narzędzi RoboForm - file://D:\Programy\RoboFrom\RoboFormComShowToolbar.html

O8 - Extra context menu item: Personalizuj Menu - file://D:\Programy\RoboFrom\RoboFormComCustomizeIEMenu.html

O8 - Extra context menu item: Wypełnij Pola - file://D:\Programy\RoboFrom\RoboFormComFillForms.html

O8 - Extra context menu item: Zapisz Pola - file://D:\Programy\RoboFrom\RoboFormComSavePass.html

O8 - Extra context menu item: Ściągnij przy pomocy FlashGet'a - C:\Program Files\FlashGet\jc_link.htm

O8 - Extra context menu item: Ściągnij wszystko przy pomocy FlashGet'a - C:\Program Files\FlashGet\jc_all.htm

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll

O9 - Extra button: Wypełnij pola - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://D:\Programy\RoboFrom\RoboFormComFillForms.html

O9 - Extra 'Tools' menuitem: Wypełnij Pola - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://D:\Programy\RoboFrom\RoboFormComFillForms.html

O9 - Extra button: Zapisz - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://D:\Programy\RoboFrom\RoboFormComSavePass.html

O9 - Extra 'Tools' menuitem: Zapisz Pola - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://D:\Programy\RoboFrom\RoboFormComSavePass.html

O9 - Extra button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://D:\Programy\RoboFrom\RoboFormComShowToolbar.html

O9 - Extra 'Tools' menuitem: Pasek Narzędzi RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://D:\Programy\RoboFrom\RoboFormComShowToolbar.html

O9 - Extra button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm

O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm

O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe

O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe

O17 - HKLM\System\CCS\Services\Tcpip\..\{D3A54361-FC78-42C4-8D62-49A170B252E6}: NameServer = 194.204.152.34,192.204.159.1

O23 - Service: ArcaBit NetMonitor (ABNetMon) - ArcaBit sp. z o.o. - C:\Program Files\ArcaVir\Bin\NetMonSv.exe

O23 - Service: ArcaVir Monitor (ArcaMonSvc) - ArcaBit - C:\Program Files\ArcaVir\Bin\avmonsv.exe

O23 - Service: ArcaScan - ArcaBit - C:\Program Files\ArcaVir\Bin\arcascan.exe

O23 - Service: arcaserv - ArcaBit Sp. z o. o. - C:\Program Files\ArcaVir\bin\arcaserv.exe

O23 - Service: cFosSpeed System Service (cFosSpeedS) - Unknown owner - D:\Programy\cFosSpeed\spd.exe" -service (file missing)

O23 - Service: Diskeeper - Executive Software International, Inc. - C:\Program Files\Executive Software\Diskeeper\DkService.exe

O23 - Service: Netropa NHK Server (nhksrv) - Unknown owner - C:\Program Files\Netropa\Multimedia Keyboard\nhksrv.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe

===================================

Prosze zmienić tytuł tematu na konkretny, inaczej temat poleci do śmietnika

Gdzie jest opis problemu :?

Pozdrawiam kuz5

Bieniol · 17 Czerwiec 2006 16:06

W trybie awaryjnym z wyłączonym przywracaniem systemu usuwasz (wpisy Hijackiem, pliki/foldery na czerwono ręcznie z dysku (w razie problemów z usuwaniem plików użyj narzędzia KillBox ):

Jaki jest problem?

SPERMEN · 17 Czerwiec 2006 16:08

mointor sam mi się wyłancza i włancza i zawiesza komp ale jak wyjołem jedną kosc ramu to mam spokój

Bieniol · 17 Czerwiec 2006 16:08

Przeczyść rejestr (polecam do tego jv16 PowerTools 1.3.0.195), zrób defragmentację, oraz przejrzyj: Optymalizacja XP

Wejdź: Start --> uruchom --> msconfig i w zakładce uruchamianie odznacz (według Ciebie) niepotrzbne przy autostarcie programy

Sprawdź RAM programem --> Memtest86

Sprawdź temperatury programem --> EVEREST Home Edition

SPERMEN · 17 Czerwiec 2006 16:10

ten folder to mam cały usunąć

Szuprycz · 17 Czerwiec 2006 16:10

Jeśli nie masz już cFosSpeed to kosmetycznie ciachnij.

SPERMEN · 17 Czerwiec 2006 16:12

mam go zainstalowanego bo daje bardzo dużo

Bieniol · 17 Czerwiec 2006 16:12

To jest plik

Jak się dobrze przyjrzysz, to jest:

Tak więc nic więcej nie usuwasz

SPERMEN · 17 Czerwiec 2006 16:14

do rejestru używam RegClener 4.3

A do kasowania plików takich jak pisałeś wcześniej dodatku do odkurzacza

Złączono Posta : 17.06.2006 (Sob) 18:16

Logfile of HijackThis v1.99.1

Scan saved at 18:20:04, on 2006-06-17

Platform: Windows XP (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 (6.00.2600.0000)


Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\ArcaVir\Bin\ABmenu.exe

C:\WINDOWS\SOUNDMAN.EXE

C:\Program Files\Netropa\Multimedia Keyboard\MMKeybd.exe

D:\Programy\OM- Counter 2.5 Beta\OMCounterApp.exe

D:\Programy\cFosSpeed\cFosSpeed.exe

C:\Program Files\D-Tools\daemon.exe

C:\Program Files\Netropa\Multimedia Keyboard\TrayMon.exe

C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe

C:\Program Files\Netropa\Onscreen Display\OSD.exe

C:\Program Files\ArcaVir\Bin\netsvst.exe

D:\Programy\AQQ\AQQ.exe

C:\Program Files\Netropa\Multimedia Keyboard\nhksrv.exe

C:\Program Files\ArcaVir\Bin\NetMonSv.exe

C:\Program Files\PeerGuardian2\pg2.exe

C:\Program Files\ArcaVir\Bin\avmonsv.exe

D:\Programy\RoboFrom\RoboTaskBarIcon.exe

D:\Programy\emule\emule.exe

D:\Programy\cFosSpeed\spd.exe

C:\Program Files\Executive Software\Diskeeper\DkService.exe

C:\WINDOWS\System32\nvsvc32.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\ArcaVir\Bin\arcascan.exe

D:\Programy\eSkiMoS R2\eSkiMoS.exe

C:\Program Files\Windows Media Player\wmplayer.exe

C:\Program Files\FlashGet\flashget.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\The Bat!\thebat.exe

D:\Programy\HijackThis.exe


R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - D:\Programy\RoboFrom\roboform.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll

O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - C:\PROGRA~1\FlashGet\jccatch.dll

O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\PROGRA~1\FlashFXP\IEFlash.dll

O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx

O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\fgiebar.dll

O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - D:\Programy\RoboFrom\roboform.dll

O4 - HKLM\..\Run: [ABmenu] C:\Program Files\ArcaVir\Bin\ABmenu.exe

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE

O4 - HKLM\..\Run: [MULTIMEDIA KEYBOARD] C:\Program Files\Netropa\Multimedia Keyboard\MMKeybd.exe

O4 - HKLM\..\Run: [OM- Counter 2.5 Beta] "D:\Programy\OM- Counter 2.5 Beta\OMCounterApp.exe"

O4 - HKLM\..\Run: [cFosSpeed] D:\Programy\cFosSpeed\cFosSpeed.exe

O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033

O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe

O4 - HKCU\..\Run: [NetMonSVStat] C:\Program Files\ArcaVir\Bin\netsvst.exe

O4 - HKCU\..\Run: [AQQ] D:\Programy\AQQ\AQQ.exe

O4 - HKCU\..\Run: [PeerGuardian] C:\Program Files\PeerGuardian2\pg2.exe

O4 - HKCU\..\Run: [RoboForm] "D:\Programy\RoboFrom\RoboTaskBarIcon.exe"

O4 - HKCU\..\Run: [eMuleAutoStart] D:\Programy\emule\emule.exe -AutoStart

O4 - HKCU\..\Run: [eSkiMoS R2] "D:\Programy\eSkiMoS R2\eSkiMoS.exe" tray

O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

O8 - Extra context menu item: Pasek Narzędzi RoboForm - file://D:\Programy\RoboFrom\RoboFormComShowToolbar.html

O8 - Extra context menu item: Personalizuj Menu - file://D:\Programy\RoboFrom\RoboFormComCustomizeIEMenu.html

O8 - Extra context menu item: Wypełnij Pola - file://D:\Programy\RoboFrom\RoboFormComFillForms.html

O8 - Extra context menu item: Zapisz Pola - file://D:\Programy\RoboFrom\RoboFormComSavePass.html

O8 - Extra context menu item: Ściągnij przy pomocy FlashGet'a - C:\Program Files\FlashGet\jc_link.htm

O8 - Extra context menu item: Ściągnij wszystko przy pomocy FlashGet'a - C:\Program Files\FlashGet\jc_all.htm

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll

O9 - Extra button: Wypełnij pola - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://D:\Programy\RoboFrom\RoboFormComFillForms.html

O9 - Extra 'Tools' menuitem: Wypełnij Pola - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://D:\Programy\RoboFrom\RoboFormComFillForms.html

O9 - Extra button: Zapisz - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://D:\Programy\RoboFrom\RoboFormComSavePass.html

O9 - Extra 'Tools' menuitem: Zapisz Pola - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://D:\Programy\RoboFrom\RoboFormComSavePass.html

O9 - Extra button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://D:\Programy\RoboFrom\RoboFormComShowToolbar.html

O9 - Extra 'Tools' menuitem: Pasek Narzędzi RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://D:\Programy\RoboFrom\RoboFormComShowToolbar.html

O9 - Extra button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm (file missing)

O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm (file missing)

O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe

O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe

O17 - HKLM\System\CCS\Services\Tcpip\..\{D3A54361-FC78-42C4-8D62-49A170B252E6}: NameServer = 194.204.152.34,192.204.159.1

O23 - Service: ArcaBit NetMonitor (ABNetMon) - ArcaBit sp. z o.o. - C:\Program Files\ArcaVir\Bin\NetMonSv.exe

O23 - Service: ArcaVir Monitor (ArcaMonSvc) - ArcaBit - C:\Program Files\ArcaVir\Bin\avmonsv.exe

O23 - Service: ArcaScan - ArcaBit - C:\Program Files\ArcaVir\Bin\arcascan.exe

O23 - Service: arcaserv - ArcaBit Sp. z o. o. - C:\Program Files\ArcaVir\bin\arcaserv.exe

O23 - Service: cFosSpeed System Service (cFosSpeedS) - Unknown owner - D:\Programy\cFosSpeed\spd.exe" -service (file missing)

O23 - Service: Diskeeper - Executive Software International, Inc. - C:\Program Files\Executive Software\Diskeeper\DkService.exe

O23 - Service: Netropa NHK Server (nhksrv) - Unknown owner - C:\Program Files\Netropa\Multimedia Keyboard\nhksrv.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe

Teraz jest dobrze

Bieniol · 17 Czerwiec 2006 16:21

Odpalasz Hijacka --> Do a system scan only i zaznaczasz wpisy:

I klikasz na dole “fix checked”

SPERMEN · 17 Czerwiec 2006 16:53

Mam nadzieję że teraz już będzie wszystko ok

Logfile of HijackThis v1.99.1

Scan saved at 18:56:23, on 2006-06-17

Platform: Windows XP (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 (6.00.2600.0000)


Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\ArcaVir\Bin\ABmenu.exe

C:\WINDOWS\SOUNDMAN.EXE

C:\Program Files\Netropa\Multimedia Keyboard\MMKeybd.exe

D:\Programy\OM- Counter 2.5 Beta\OMCounterApp.exe

D:\Programy\cFosSpeed\cFosSpeed.exe

C:\Program Files\D-Tools\daemon.exe

C:\Program Files\Netropa\Multimedia Keyboard\TrayMon.exe

C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe

C:\Program Files\Netropa\Onscreen Display\OSD.exe

C:\Program Files\ArcaVir\Bin\netsvst.exe

D:\Programy\AQQ\AQQ.exe

C:\Program Files\Netropa\Multimedia Keyboard\nhksrv.exe

C:\Program Files\ArcaVir\Bin\NetMonSv.exe

C:\Program Files\PeerGuardian2\pg2.exe

C:\Program Files\ArcaVir\Bin\avmonsv.exe

D:\Programy\RoboFrom\RoboTaskBarIcon.exe

D:\Programy\emule\emule.exe

D:\Programy\cFosSpeed\spd.exe

C:\Program Files\Executive Software\Diskeeper\DkService.exe

C:\WINDOWS\System32\nvsvc32.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\ArcaVir\Bin\arcascan.exe

D:\Programy\eSkiMoS R2\eSkiMoS.exe

C:\Program Files\FlashGet\flashget.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\The Bat!\thebat.exe

C:\Program Files\Windows Media Player\wmplayer.exe

D:\Programy\HijackThis.exe


R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - D:\Programy\RoboFrom\roboform.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll

O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - C:\PROGRA~1\FlashGet\jccatch.dll

O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\PROGRA~1\FlashFXP\IEFlash.dll

O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx

O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\fgiebar.dll

O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - D:\Programy\RoboFrom\roboform.dll

O4 - HKLM\..\Run: [ABmenu] C:\Program Files\ArcaVir\Bin\ABmenu.exe

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE

O4 - HKLM\..\Run: [MULTIMEDIA KEYBOARD] C:\Program Files\Netropa\Multimedia Keyboard\MMKeybd.exe

O4 - HKLM\..\Run: [OM- Counter 2.5 Beta] "D:\Programy\OM- Counter 2.5 Beta\OMCounterApp.exe"

O4 - HKLM\..\Run: [cFosSpeed] D:\Programy\cFosSpeed\cFosSpeed.exe

O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033

O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe

O4 - HKCU\..\Run: [NetMonSVStat] C:\Program Files\ArcaVir\Bin\netsvst.exe

O4 - HKCU\..\Run: [AQQ] D:\Programy\AQQ\AQQ.exe

O4 - HKCU\..\Run: [PeerGuardian] C:\Program Files\PeerGuardian2\pg2.exe

O4 - HKCU\..\Run: [RoboForm] "D:\Programy\RoboFrom\RoboTaskBarIcon.exe"

O4 - HKCU\..\Run: [eMuleAutoStart] D:\Programy\emule\emule.exe -AutoStart

O4 - HKCU\..\Run: [eSkiMoS R2] "D:\Programy\eSkiMoS R2\eSkiMoS.exe" tray

O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

O8 - Extra context menu item: Pasek Narzędzi RoboForm - file://D:\Programy\RoboFrom\RoboFormComShowToolbar.html

O8 - Extra context menu item: Personalizuj Menu - file://D:\Programy\RoboFrom\RoboFormComCustomizeIEMenu.html

O8 - Extra context menu item: Wypełnij Pola - file://D:\Programy\RoboFrom\RoboFormComFillForms.html

O8 - Extra context menu item: Zapisz Pola - file://D:\Programy\RoboFrom\RoboFormComSavePass.html

O8 - Extra context menu item: Ściągnij przy pomocy FlashGet'a - C:\Program Files\FlashGet\jc_link.htm

O8 - Extra context menu item: Ściągnij wszystko przy pomocy FlashGet'a - C:\Program Files\FlashGet\jc_all.htm

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll

O9 - Extra button: Wypełnij pola - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://D:\Programy\RoboFrom\RoboFormComFillForms.html

O9 - Extra 'Tools' menuitem: Wypełnij Pola - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://D:\Programy\RoboFrom\RoboFormComFillForms.html

O9 - Extra button: Zapisz - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://D:\Programy\RoboFrom\RoboFormComSavePass.html

O9 - Extra 'Tools' menuitem: Zapisz Pola - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://D:\Programy\RoboFrom\RoboFormComSavePass.html

O9 - Extra button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://D:\Programy\RoboFrom\RoboFormComShowToolbar.html

O9 - Extra 'Tools' menuitem: Pasek Narzędzi RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://D:\Programy\RoboFrom\RoboFormComShowToolbar.html

O9 - Extra button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe

O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe

O17 - HKLM\System\CCS\Services\Tcpip\..\{D3A54361-FC78-42C4-8D62-49A170B252E6}: NameServer = 194.204.152.34,192.204.159.1

O23 - Service: ArcaBit NetMonitor (ABNetMon) - ArcaBit sp. z o.o. - C:\Program Files\ArcaVir\Bin\NetMonSv.exe

O23 - Service: ArcaVir Monitor (ArcaMonSvc) - ArcaBit - C:\Program Files\ArcaVir\Bin\avmonsv.exe

O23 - Service: ArcaScan - ArcaBit - C:\Program Files\ArcaVir\Bin\arcascan.exe

O23 - Service: arcaserv - ArcaBit Sp. z o. o. - C:\Program Files\ArcaVir\bin\arcaserv.exe

O23 - Service: cFosSpeed System Service (cFosSpeedS) - Unknown owner - D:\Programy\cFosSpeed\spd.exe" -service (file missing)

O23 - Service: Diskeeper - Executive Software International, Inc. - C:\Program Files\Executive Software\Diskeeper\DkService.exe

O23 - Service: Netropa NHK Server (nhksrv) - Unknown owner - C:\Program Files\Netropa\Multimedia Keyboard\nhksrv.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe

Bieniol · 17 Czerwiec 2006 16:54

Czysto

Proponuje zainstalować SP2

SPERMEN · 17 Czerwiec 2006 19:10

A co mi da ten SP2

InfinityToJa · 17 Czerwiec 2006 19:12

to że będziesz rzadziej zgłaszał się do nas z logiem

https://www.microsoft.com/poland/window … fault.mspx

ddr94 · 17 Czerwiec 2006 19:12

Wiele poprawek i przedewszystkim bezpieczestwo.

Myszak · 17 Czerwiec 2006 19:12

http://www.microsoft.com/poland/windows … fault.mspx :):)

boczi · 17 Czerwiec 2006 19:13

http://xp.net.pl/art/xpsp2.html

http://xp.net.pl/art/windowsxp_sp2.html

i inne.

Było miliony razy mówione o tym na forum.

Między innymi zabezpieczenia. Załatanie dziur.

SPERMEN · 18 Czerwiec 2006 08:14

Chybana znów cos mam oby nie.

Logfile of HijackThis v1.99.1

Scan saved at 10:17:17, on 2006-06-18

Platform: Windows XP (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 (6.00.2600.0000)


Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\csrss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Netropa\Multimedia Keyboard\nhksrv.exe

C:\Program Files\ArcaVir\Bin\NetMonSv.exe

C:\Program Files\ArcaVir\Bin\avmonsv.exe

D:\Programy\cFosSpeed\spd.exe

C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe

C:\WINDOWS\System32\nvsvc32.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\System32\wdfmgr.exe

C:\Program Files\ArcaVir\Bin\arcascan.exe

C:\Program Files\ArcaVir\Bin\ABmenu.exe

C:\WINDOWS\SOUNDMAN.EXE

C:\Program Files\Netropa\Multimedia Keyboard\MMKeybd.exe

D:\Programy\OM- Counter 2.5 Beta\OMCounterApp.exe

C:\Program Files\D-Tools\daemon.exe

C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe

D:\Programy\cFosSpeed\cFosSpeed.exe

C:\Program Files\ArcaVir\Bin\netsvst.exe

D:\Programy\AQQ\AQQ.exe

C:\Program Files\PeerGuardian2\pg2.exe

D:\Programy\eSkiMoS R2\eSkiMoS.exe

D:\Programy\emule\emule.exe

C:\Program Files\Netropa\Multimedia Keyboard\TrayMon.exe

C:\Program Files\Netropa\Onscreen Display\OSD.exe

C:\PROGRA~1\MOZILL~1\FIREFOX.EXE

C:\Program Files\Odkurzacz 10.1 Pro\odkurzacz.exe

C:\Program Files\MoneyCashBAR\MoneyCashBAR.exe

D:\Programy\HijackThis.exe


R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll

O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~1\tools\iesdsg.dll (file missing)

O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - (no file)

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll

O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - C:\PROGRA~1\FlashGet\jccatch.dll

O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll (file missing)

O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\PROGRA~1\FlashFXP\IEFlash.dll

O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx

O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\fgiebar.dll

O3 - Toolbar: (no name) - {724d43a0-0d85-11d4-9908-00400523e39a} - (no file)

O4 - HKLM\..\Run: [ABmenu] C:\Program Files\ArcaVir\Bin\ABmenu.exe

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE

O4 - HKLM\..\Run: [MULTIMEDIA KEYBOARD] C:\Program Files\Netropa\Multimedia Keyboard\MMKeybd.exe

O4 - HKLM\..\Run: [OM- Counter 2.5 Beta] "D:\Programy\OM- Counter 2.5 Beta\OMCounterApp.exe"

O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033

O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe

O4 - HKLM\..\Run: [Firewall.exe] C:\WINDOWS\system32\Firewall.exe

O4 - HKLM\..\Run: [cFosSpeed] D:\Programy\cFosSpeed\cFosSpeed.exe

O4 - HKCU\..\Run: [NetMonSVStat] C:\Program Files\ArcaVir\Bin\netsvst.exe

O4 - HKCU\..\Run: [AQQ] D:\Programy\AQQ\AQQ.exe

O4 - HKCU\..\Run: [PeerGuardian] C:\Program Files\PeerGuardian2\pg2.exe

O4 - HKCU\..\Run: [eSkiMoS R2] "D:\Programy\eSkiMoS R2\eSkiMoS.exe" tray

O4 - HKCU\..\Run: [Spyware Doctor] "C:\Program Files\Spyware Doctor\swdoctor.exe" /Q

O4 - HKCU\..\Run: [eMuleAutoStart] D:\Programy\emule\emule.exe -AutoStart

O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

O8 - Extra context menu item: Pasek Narzędzi RoboForm - file://D:\Programy\RoboFrom\RoboFormComShowToolbar.html

O8 - Extra context menu item: Personalizuj Menu - file://D:\Programy\RoboFrom\RoboFormComCustomizeIEMenu.html

O8 - Extra context menu item: Wypełnij Pola - file://D:\Programy\RoboFrom\RoboFormComFillForms.html

O8 - Extra context menu item: Zapisz Pola - file://D:\Programy\RoboFrom\RoboFormComSavePass.html

O8 - Extra context menu item: Ściągnij przy pomocy FlashGet'a - C:\Program Files\FlashGet\jc_link.htm

O8 - Extra context menu item: Ściągnij wszystko przy pomocy FlashGet'a - C:\Program Files\FlashGet\jc_all.htm

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll

O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll (file missing)

O9 - Extra button: Wypełnij pola - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://D:\Programy\RoboFrom\RoboFormComFillForms.html (file missing)

O9 - Extra 'Tools' menuitem: Wypełnij Pola - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://D:\Programy\RoboFrom\RoboFormComFillForms.html (file missing)

O9 - Extra button: Zapisz - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://D:\Programy\RoboFrom\RoboFormComSavePass.html (file missing)

O9 - Extra 'Tools' menuitem: Zapisz Pola - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://D:\Programy\RoboFrom\RoboFormComSavePass.html (file missing)

O9 - Extra button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://D:\Programy\RoboFrom\RoboFormComShowToolbar.html (file missing)

O9 - Extra 'Tools' menuitem: Pasek Narzędzi RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://D:\Programy\RoboFrom\RoboFormComShowToolbar.html (file missing)

O9 - Extra button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe

O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe

O17 - HKLM\System\CCS\Services\Tcpip\..\{D3A54361-FC78-42C4-8D62-49A170B252E6}: NameServer = 194.204.152.34,192.204.159.1

O23 - Service: ArcaBit NetMonitor (ABNetMon) - ArcaBit sp. z o.o. - C:\Program Files\ArcaVir\Bin\NetMonSv.exe

O23 - Service: ArcaVir Monitor (ArcaMonSvc) - ArcaBit - C:\Program Files\ArcaVir\Bin\avmonsv.exe

O23 - Service: ArcaScan - ArcaBit - C:\Program Files\ArcaVir\Bin\arcascan.exe

O23 - Service: arcaserv - ArcaBit Sp. z o. o. - C:\Program Files\ArcaVir\bin\arcaserv.exe

O23 - Service: cFosSpeed System Service (cFosSpeedS) - Unknown owner - D:\Programy\cFosSpeed\spd.exe" -service (file missing)

O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe

O23 - Service: Netropa NHK Server (nhksrv) - Unknown owner - C:\Program Files\Netropa\Multimedia Keyboard\nhksrv.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe

O23 - Service: PC Tools Spyware Doctor (SDhelper) - Unknown owner - C:\Program Files\Spyware Doctor\sdhelp.exe (file missing)

Bieniol · 18 Czerwiec 2006 08:19

W trybie awaryjnym z wyłączonym przywracaniem systemu usuwasz (wpisy Hijackiem, pliki/foldery na czerwono ręcznie z dysku (w razie problemów z usuwaniem plików użyj narzędzia KillBox ):

Jeżeli nie masz już RoboFrom , to usuń resztki po nim:

O8 - Extra context menu item: Pasek Narzędzi RoboForm - file://D:\Programy\RoboFrom\RoboFormComShowToolbar.html O8 - Extra context menu item: Personalizuj Menu - file://D:\Programy\RoboFrom\RoboFormComCustomizeIEMenu.html O8 - Extra context menu item: Wypełnij Pola - file://D:\Programy\RoboFrom\RoboFormComFillForms.html O8 - Extra context menu item: Zapisz Pola - file://D:\Programy\RoboFrom\RoboFormComSavePass.html O9 - Extra button: Wypełnij pola - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://D:\Programy\RoboFrom\RoboFormComFillForms.html (file missing) O9 - Extra ‘Tools’ menuitem: Wypełnij Pola - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://D:\Programy\RoboFrom\RoboFormComFillForms.html (file missing) O9 - Extra button: Zapisz - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://D:\Programy\RoboFrom\RoboFormComSavePass.html (file missing) O9 - Extra ‘Tools’ menuitem: Zapisz Pola - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://D:\Programy\RoboFrom\RoboFormComSavePass.html (file missing) O9 - Extra button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://D:\Programy\RoboFrom\RoboFormComShowToolbar.html (file missing) O9 - Extra ‘Tools’ menuitem: Pasek Narzędzi RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://D:\Programy\RoboFrom\RoboFormComShowToolbar.html (file missing)

Jeżeli nie masz już Spyware Doctor , to usuń resztki po nim:

Start --> uruchom --> services.msc --> zatrzymaj i wyłącz usługe PC Tools Spyware Doctor

Następnie Hijackiem wpisy + folder:

SPERMEN · 18 Czerwiec 2006 09:26

A czy teraz jest dobrze ?? Bo muszę mieć czysty system ponieważ chcę zrobić backup.

Logfile of HijackThis v1.99.1

Scan saved at 11:29:02, on 2006-06-18

Platform: Windows XP (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 (6.00.2600.0000)


Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\csrss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Netropa\Multimedia Keyboard\nhksrv.exe

C:\Program Files\ArcaVir\Bin\NetMonSv.exe

C:\Program Files\ArcaVir\Bin\avmonsv.exe

D:\Programy\cFosSpeed\spd.exe

C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe

C:\WINDOWS\System32\nvsvc32.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\System32\wdfmgr.exe

C:\Program Files\ArcaVir\Bin\arcascan.exe

C:\Program Files\ArcaVir\Bin\ABmenu.exe

C:\WINDOWS\SOUNDMAN.EXE

C:\Program Files\Netropa\Multimedia Keyboard\MMKeybd.exe

D:\Programy\OM- Counter 2.5 Beta\OMCounterApp.exe

C:\Program Files\D-Tools\daemon.exe

C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe

D:\Programy\cFosSpeed\cFosSpeed.exe

C:\Program Files\ArcaVir\Bin\netsvst.exe

C:\Program Files\PeerGuardian2\pg2.exe

D:\Programy\eSkiMoS R2\eSkiMoS.exe

D:\Programy\emule\emule.exe

C:\Program Files\Netropa\Multimedia Keyboard\TrayMon.exe

C:\Program Files\Netropa\Onscreen Display\OSD.exe

C:\PROGRA~1\MOZILL~1\FIREFOX.EXE

C:\Program Files\MoneyCashBAR\MoneyCashBAR.exe

C:\Program Files\FlashGet\flashget.exe

C:\Program Files\Spyware Doctor\swdoctor.exe

C:\Program Files\Registry Mechanic\RegMech.exe

D:\Programy\HijackThis.exe


R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll

O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~1\tools\iesdsg.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll

O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - C:\PROGRA~1\FlashGet\jccatch.dll

O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll

O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\PROGRA~1\FlashFXP\IEFlash.dll

O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx

O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\fgiebar.dll

O4 - HKLM\..\Run: [ABmenu] C:\Program Files\ArcaVir\Bin\ABmenu.exe

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE

O4 - HKLM\..\Run: [MULTIMEDIA KEYBOARD] C:\Program Files\Netropa\Multimedia Keyboard\MMKeybd.exe

O4 - HKLM\..\Run: [OM- Counter 2.5 Beta] "D:\Programy\OM- Counter 2.5 Beta\OMCounterApp.exe"

O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033

O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe

O4 - HKLM\..\Run: [cFosSpeed] D:\Programy\cFosSpeed\cFosSpeed.exe

O4 - HKCU\..\Run: [NetMonSVStat] C:\Program Files\ArcaVir\Bin\netsvst.exe

O4 - HKCU\..\Run: [AQQ] D:\Programy\AQQ\AQQ.exe

O4 - HKCU\..\Run: [PeerGuardian] C:\Program Files\PeerGuardian2\pg2.exe

O4 - HKCU\..\Run: [eSkiMoS R2] "D:\Programy\eSkiMoS R2\eSkiMoS.exe" tray

O4 - HKCU\..\Run: [Spyware Doctor] "C:\Program Files\Spyware Doctor\swdoctor.exe" /Q

O4 - HKCU\..\Run: [eMuleAutoStart] D:\Programy\emule\emule.exe -AutoStart

O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

O8 - Extra context menu item: Ściągnij przy pomocy FlashGet'a - C:\Program Files\FlashGet\jc_link.htm

O8 - Extra context menu item: Ściągnij wszystko przy pomocy FlashGet'a - C:\Program Files\FlashGet\jc_all.htm

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll

O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll

O9 - Extra button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe

O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe

O17 - HKLM\System\CCS\Services\Tcpip\..\{D3A54361-FC78-42C4-8D62-49A170B252E6}: NameServer = 194.204.152.34,192.204.159.1

O23 - Service: ArcaBit NetMonitor (ABNetMon) - ArcaBit sp. z o.o. - C:\Program Files\ArcaVir\Bin\NetMonSv.exe

O23 - Service: ArcaVir Monitor (ArcaMonSvc) - ArcaBit - C:\Program Files\ArcaVir\Bin\avmonsv.exe

O23 - Service: ArcaScan - ArcaBit - C:\Program Files\ArcaVir\Bin\arcascan.exe

O23 - Service: arcaserv - ArcaBit Sp. z o. o. - C:\Program Files\ArcaVir\bin\arcaserv.exe

O23 - Service: cFosSpeed System Service (cFosSpeedS) - Unknown owner - D:\Programy\cFosSpeed\spd.exe" -service (file missing)

O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe

O23 - Service: Netropa NHK Server (nhksrv) - Unknown owner - C:\Program Files\Netropa\Multimedia Keyboard\nhksrv.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe