Elbzyku
(B Sl)
23 Październik 2007 19:57
#1
Witam
Proszę o sprawdzenie moich logów.Mam problem z połączenie komp-komp za pomocą kabla.Kabel,konfiguracja,udostępnianie itd są w porządku.Internet z routera Dialogu śmiga ale przy połączniu jak w temacie brak albo natychmiastowe zerwanie połączenia.Słyszałem ,że powodem być może jakaś wirusowa infekcja.Z góry dzięki za poświęcony czas.
Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 21:16:49, on 2007-10-23 Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Logitech\Video\CameraAssistant.exe C:\WINDOWS\system32\ElkCtrl.exe C:\Program Files\Eset\nod32kui.exe D:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\WINDOWS\system32\lvcomsx.exe D:\Program Files\Nero 7\InCD\InCD.exe C:\WINDOWS\system32\ctfmon.exe D:\Program Files\eMule\emule.exe C:\Program Files\RALINK\Common\RaUI.exe C:\WINDOWS\system32\E_S00RP1.EXE D:\Program Files\Nero 7\InCD\InCDsrv.exe C:\Program Files\Eset\nod32krn.exe d:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindService.exe C:\WINDOWS\system32\SAgent4.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Canon\CAL\CALMAIN.exe C:\WINDOWS\System32\svchost.exe D:\Program Files\foobar2000\foobar2000.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.onet.pl/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O4 - HKLM…\Run: [LogitechCameraAssistant] C:\Program Files\Logitech\Video\CameraAssistant.exe O4 - HKLM…\Run: [LogitechVideo[inspector]] C:\Program Files\Logitech\Video\InstallHelper.exe /inspect O4 - HKLM…\Run: [LogitechCameraService(E)] C:\WINDOWS\system32\ElkCtrl.exe /automation O4 - HKLM…\Run: [nod32kui] “C:\Program Files\Eset\nod32kui.exe” /WAITSERVICE O4 - HKLM…\Run: [GrooveMonitor] “D:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe” O4 - HKLM…\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe O4 - HKLM…\Run: [inCD] D:\Program Files\Nero 7\InCD\InCD.exe O4 - HKCU…\Run: [Odkurzacz-MCD] D:\Program Files\Odkurzacz\Odkurzacz\odk_mcd.exe O4 - HKCU…\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU…\Run: [MsgCenterExe] “C:\Program Files\Common Files\Real\Update_OB\RealOneMessageCenter.exe” -osboot O4 - HKCU…\Run: [eMuleAutoStart] D:\Program Files\eMule\emule.exe -AutoStart O4 - HKUS\S-1-5-19…\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘USŁUGA LOKALNA’) O4 - HKUS\S-1-5-20…\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘USŁUGA SIECIOWA’) O4 - HKUS\S-1-5-18…\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘SYSTEM’) O4 - HKUS.DEFAULT…\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘Default user’) O4 - Global Startup: Ralink Wireless Utility.lnk = C:\Program Files\RALINK\Common\RaUI.exe O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://D:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra ‘Tools’ menuitem: Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra ‘Tools’ menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: ING Bank Online - https://ssl.bsk.com.pl/bskonlreg/component/INGOnl.cab O16 - DPF: {631FF594-EC25-4CFF-B869-402DF294E1D6} (Instalator oprogramowania Onet.pl) - http://slimak.onet.pl/_m/kamerzysta/One … or012s.ocx O17 - HKLM\System\CCS\Services\Tcpip…{DE55BC8A-D3EA-4FD7-B751-B6378AD5B396}: NameServer = 192.168.1.1 O18 - Protocol: bw+0 - {F57D8B65-3256-4A2A-830B-A2A0E2359288} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw+0s - {F57D8B65-3256-4A2A-830B-A2A0E2359288} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0 - {F57D8B65-3256-4A2A-830B-A2A0E2359288} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0s - {F57D8B65-3256-4A2A-830B-A2A0E2359288} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00 - {F57D8B65-3256-4A2A-830B-A2A0E2359288} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00s - {F57D8B65-3256-4A2A-830B-A2A0E2359288} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10 - {F57D8B65-3256-4A2A-830B-A2A0E2359288} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10s - {F57D8B65-3256-4A2A-830B-A2A0E2359288} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20 - {F57D8B65-3256-4A2A-830B-A2A0E2359288} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20s - {F57D8B65-3256-4A2A-830B-A2A0E2359288} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30 - {F57D8B65-3256-4A2A-830B-A2A0E2359288} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30s - {F57D8B65-3256-4A2A-830B-A2A0E2359288} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40 - {F57D8B65-3256-4A2A-830B-A2A0E2359288} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40s - {F57D8B65-3256-4A2A-830B-A2A0E2359288} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50 - {F57D8B65-3256-4A2A-830B-A2A0E2359288} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50s - {F57D8B65-3256-4A2A-830B-A2A0E2359288} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60 - {F57D8B65-3256-4A2A-830B-A2A0E2359288} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60s - {F57D8B65-3256-4A2A-830B-A2A0E2359288} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70 - {F57D8B65-3256-4A2A-830B-A2A0E2359288} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70s - {F57D8B65-3256-4A2A-830B-A2A0E2359288} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80 - {F57D8B65-3256-4A2A-830B-A2A0E2359288} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80s - {F57D8B65-3256-4A2A-830B-A2A0E2359288} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90 - {F57D8B65-3256-4A2A-830B-A2A0E2359288} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90s - {F57D8B65-3256-4A2A-830B-A2A0E2359288} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0 - {F57D8B65-3256-4A2A-830B-A2A0E2359288} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0s - {F57D8B65-3256-4A2A-830B-A2A0E2359288} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0 - {F57D8B65-3256-4A2A-830B-A2A0E2359288} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0s - {F57D8B65-3256-4A2A-830B-A2A0E2359288} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0 - {F57D8B65-3256-4A2A-830B-A2A0E2359288} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0s - {F57D8B65-3256-4A2A-830B-A2A0E2359288} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0 - {F57D8B65-3256-4A2A-830B-A2A0E2359288} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0s - {F57D8B65-3256-4A2A-830B-A2A0E2359288} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0 - {F57D8B65-3256-4A2A-830B-A2A0E2359288} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0s - {F57D8B65-3256-4A2A-830B-A2A0E2359288} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0 - {F57D8B65-3256-4A2A-830B-A2A0E2359288} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0s - {F57D8B65-3256-4A2A-830B-A2A0E2359288} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll O18 - Protocol: bwg0 - {F57D8B65-3256-4A2A-830B-A2A0E2359288} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwg0s - {F57D8B65-3256-4A2A-830B-A2A0E2359288} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0 - {F57D8B65-3256-4A2A-830B-A2A0E2359288} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0s - {F57D8B65-3256-4A2A-830B-A2A0E2359288} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0 - {F57D8B65-3256-4A2A-830B-A2A0E2359288} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0s - {F57D8B65-3256-4A2A-830B-A2A0E2359288} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0 - {F57D8B65-3256-4A2A-830B-A2A0E2359288} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0s - {F57D8B65-3256-4A2A-830B-A2A0E2359288} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0 - {F57D8B65-3256-4A2A-830B-A2A0E2359288} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0s - {F57D8B65-3256-4A2A-830B-A2A0E2359288} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0 - {F57D8B65-3256-4A2A-830B-A2A0E2359288} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0s - {F57D8B65-3256-4A2A-830B-A2A0E2359288} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0 - {F57D8B65-3256-4A2A-830B-A2A0E2359288} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0s - {F57D8B65-3256-4A2A-830B-A2A0E2359288} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0 - {F57D8B65-3256-4A2A-830B-A2A0E2359288} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0s - {F57D8B65-3256-4A2A-830B-A2A0E2359288} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0 - {F57D8B65-3256-4A2A-830B-A2A0E2359288} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0s - {F57D8B65-3256-4A2A-830B-A2A0E2359288} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0 - {F57D8B65-3256-4A2A-830B-A2A0E2359288} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0s - {F57D8B65-3256-4A2A-830B-A2A0E2359288} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0 - {F57D8B65-3256-4A2A-830B-A2A0E2359288} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0s - {F57D8B65-3256-4A2A-830B-A2A0E2359288} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0 - {F57D8B65-3256-4A2A-830B-A2A0E2359288} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0s - {F57D8B65-3256-4A2A-830B-A2A0E2359288} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0 - {F57D8B65-3256-4A2A-830B-A2A0E2359288} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0s - {F57D8B65-3256-4A2A-830B-A2A0E2359288} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0 - {F57D8B65-3256-4A2A-830B-A2A0E2359288} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0s - {F57D8B65-3256-4A2A-830B-A2A0E2359288} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0 - {F57D8B65-3256-4A2A-830B-A2A0E2359288} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0s - {F57D8B65-3256-4A2A-830B-A2A0E2359288} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0 - {F57D8B65-3256-4A2A-830B-A2A0E2359288} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0s - {F57D8B65-3256-4A2A-830B-A2A0E2359288} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0 - {F57D8B65-3256-4A2A-830B-A2A0E2359288} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0s - {F57D8B65-3256-4A2A-830B-A2A0E2359288} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0 - {F57D8B65-3256-4A2A-830B-A2A0E2359288} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0s - {F57D8B65-3256-4A2A-830B-A2A0E2359288} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0 - {F57D8B65-3256-4A2A-830B-A2A0E2359288} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0s - {F57D8B65-3256-4A2A-830B-A2A0E2359288} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0 - {F57D8B65-3256-4A2A-830B-A2A0E2359288} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0s - {F57D8B65-3256-4A2A-830B-A2A0E2359288} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - D:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL O18 - Protocol: offline-8876480 - {F57D8B65-3256-4A2A-830B-A2A0E2359288} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe O23 - Service: EPSON V3 Service2(03) (EPSON_PM_RPCV2_01) - SEIKO EPSON CORPORATION - C:\WINDOWS\system32\E_S00RP1.EXE O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: InCD Helper (InCDsrv) - Nero AG - D:\Program Files\Nero 7\InCD\InCDsrv.exe O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe O23 - Service: NBService - Nero AG - D:\Program Files\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - d:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindService.exe O23 - Service: Epson Printer Status Agent4 (StatusAgent4) - SEIKO EPSON CORPORATION - C:\WINDOWS\system32\SAgent4.exe – End of file - 18313 bytes
“Silent Runners.vbs”, revision 52, http://www.silentrunners.org/ Operating System: Windows XP SP2 Output limited to non-default values, except where indicated by “{++}” Startup items buried in registry: --------------------------------- HKCU\Software\Microsoft\Windows\CurrentVersion\Run\ {++} “Odkurzacz-MCD” = “D:\Program Files\Odkurzacz\Odkurzacz\odk_mcd.exe” [“Franmo Software”] “ctfmon.exe” = “C:\WINDOWS\system32\ctfmon.exe” [MS] “MsgCenterExe” = ““C:\Program Files\Common Files\Real\Update_OB\RealOneMessageCenter.exe” -osboot” [file not found] “eMuleAutoStart” = “D:\Program Files\eMule\emule.exe -AutoStart” [“http://www.emule-project.net ”] HKLM\Software\Microsoft\Windows\CurrentVersion\Run\ {++} “LogitechCameraAssistant” = “C:\Program Files\Logitech\Video\CameraAssistant.exe” [“Logitech Inc.”] “LogitechVideo[inspector]” = “C:\Program Files\Logitech\Video\InstallHelper.exe /inspect” [“Logitech Inc.”] “LogitechCameraService(E)” = “C:\WINDOWS\system32\ElkCtrl.exe /automation” [“Logitech Inc.”] “nod32kui” = ““C:\Program Files\Eset\nod32kui.exe” /WAITSERVICE” ["Eset "] “GrooveMonitor” = ““D:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe”” [MS] “NeroFilterCheck” = “C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe” [“Nero AG”] “InCD” = “D:\Program Files\Nero 7\InCD\InCD.exe” [“Nero AG”] HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}(Default) = (no title provided) -> {HKLM…CLSID} = “AcroIEHlprObj Class” \InProcServer32(Default) = “C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll” [“Adobe Systems Incorporated”] {72853161-30C5-4D22-B7F9-0BBC1D38A37E}(Default) = (no title provided) -> {HKLM…CLSID} = “Groove GFS Browser Helper” \InProcServer32(Default) = “D:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL” [MS] {AA58ED58-01DD-4d91-8333-CF10577473F7}(Default) = (no title provided) -> {HKLM…CLSID} = “Google Toolbar Helper” \InProcServer32(Default) = “c:\program files\google\googletoolbar1.dll” [“Google Inc.”] {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A}(Default) = (no title provided) -> {HKLM…CLSID} = “EpsonToolBandKicker Class” \InProcServer32(Default) = “C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll” [“SEIKO EPSON CORPORATION”] HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\ “{42071714-76d4-11d1-8b24-00a0c9068ff3}” = “Rozszerzenie CPL kadrowania wyświetlania” -> {HKLM…CLSID} = “Rozszerzenie CPL kadrowania wyświetlania” \InProcServer32(Default) = “deskpan.dll” [file not found] “{88895560-9AA2-1069-930E-00AA0030EBC8}” = “Rozszerzenie ikony HyperTerminalu” -> {HKLM…CLSID} = “HyperTerminal Icon Ext” \InProcServer32(Default) = “C:\WINDOWS\system32\hticons.dll” [“Hilgraeve, Inc.”] “{B41DB860-8EE4-11D2-9906-E49FADC173CA}” = “WinRAR shell extension” -> {HKLM…CLSID} = “WinRAR” \InProcServer32(Default) = “C:\Program Files\WinRAR\rarext.dll” [null data] “{e57ce731-33e8-4c51-8354-bb4de9d215d1}” = “Uniwersalne urządzenia Plug and Play” -> {HKLM…CLSID} = “Uniwersalne urządzenia Plug and Play” \InProcServer32(Default) = “C:\WINDOWS\system32\upnpui.dll” [MS] “{B089FE88-FB52-11D3-BDF1-0050DA34150D}” = “NOD32 Context Menu Shell Extension” -> {HKLM…CLSID} = “NOD32 Context Menu Shell Extension” \InProcServer32(Default) = “C:\Program Files\Eset\nodshex.dll” [null data] “{32020A01-506E-484D-A2A8-BE3CF17601C3}” = “AlcoholShellEx” -> {HKLM…CLSID} = “AlcoholShellEx” \InProcServer32(Default) = “d:\PROGRA~1\ALCOHO~1\ALCOHO~1\axshlex.dll” [“Alcohol Soft Development Team”] “{416651E4-9C3C-11D9-8BDE-F66BAD1E3F3A}” = “Nokia Phone Browser” -> {HKLM…CLSID} = “Nokia Phone Browser” \InProcServer32(Default) = “D:\Program Files\Nokia\Nokia PC Suite 6\PhoneBrowser.dll” [“Nokia”] “{72853161-30C5-4D22-B7F9-0BBC1D38A37E}” = “Groove GFS Browser Helper” -> {HKLM…CLSID} = “Groove GFS Browser Helper” \InProcServer32(Default) = “D:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL” [MS] “{2A541AE1-5BF6-4665-A8A3-CFA9672E4291}” = “Groove GFS Explorer Bar” -> {HKLM…CLSID} = “Groove Folder Synchronization” \InProcServer32(Default) = “D:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL” [MS] “{A449600E-1DC6-4232-B948-9BD794D62056}” = “Groove GFS Stub Icon Handler” -> {HKLM…CLSID} = “Groove GFS Stub Icon Handler” \InProcServer32(Default) = “D:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL” [MS] “{B5A7F190-DDA6-4420-B3BA-52453494E6CD}” = “Groove GFS Stub Execution Hook” -> {HKLM…CLSID} = “Groove GFS Stub Execution Hook” \InProcServer32(Default) = “D:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL” [MS] “{6C467336-8281-4E60-8204-430CED96822D}” = “Groove GFS Context Menu Handler” -> {HKLM…CLSID} = “Groove GFS Context Menu Handler” \InProcServer32(Default) = “D:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL” [MS] “{387E725D-DC16-4D76-B310-2C93ED4752A0}” = “Groove XML Icon Handler” -> {HKLM…CLSID} = “Groove XML Icon Handler” \InProcServer32(Default) = “D:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL” [MS] “{16F3DD56-1AF5-4347-846D-7C10C4192619}” = “Groove Explorer Icon Overlay 3 (GFS Folder)” -> {HKLM…CLSID} = “Groove Explorer Icon Overlay 3 (GFS Folder)” \InProcServer32(Default) = “D:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL” [MS] “{AB5C5600-7E6E-4B06-9197-9ECEF74D31CC}” = “Groove Explorer Icon Overlay 2 (GFS Stub)” -> {HKLM…CLSID} = “Groove Explorer Icon Overlay 2 (GFS Stub)” \InProcServer32(Default) = “D:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL” [MS] “{2916C86E-86A6-43FE-8112-43ABE6BF8DCC}” = “Groove Explorer Icon Overlay 4 (GFS Unread Mark)” -> {HKLM…CLSID} = “Groove Explorer Icon Overlay 4 (GFS Unread Mark)” \InProcServer32(Default) = “D:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL” [MS] “{99FD978C-D287-4F50-827F-B2C658EDA8E7}” = “Groove Explorer Icon Overlay 1 (GFS Unread Stub)” -> {HKLM…CLSID} = “Groove Explorer Icon Overlay 1 (GFS Unread Stub)” \InProcServer32(Default) = “D:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL” [MS] “{920E6DB1-9907-4370-B3A0-BAFC03D81399}” = “Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)” -> {HKLM…CLSID} = “Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)” \InProcServer32(Default) = “D:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL” [MS] “{0006F045-0000-0000-C000-000000000046}” = “Microsoft Office Outlook Custom Icon Handler” -> {HKLM…CLSID} = “Outlook File Icon Extension” \InProcServer32(Default) = “D:\PROGRA~1\MICROS~2\Office12\OLKFSTUB.DLL” [MS] “{00020D75-0000-0000-C000-000000000046}” = “Microsoft Office Outlook Desktop Icon Handler” -> {HKLM…CLSID} = “Microsoft Office Outlook” \InProcServer32(Default) = “D:\PROGRA~1\MICROS~2\Office12\MLSHEXT.DLL” [MS] “{5858A72C-C2B4-4dd7-B2BF-B76DB1BD9F6C}” = “Microsoft Office OneNote Namespace Extension for Windows Desktop Search” -> {HKLM…CLSID} = “Microsoft Office OneNote Namespace Extension for Windows Desktop Search” \InProcServer32(Default) = “D:\PROGRA~1\MICROS~2\Office12\ONFILTER.DLL” [MS] “{42042206-2D85-11D3-8CFF-005004838597}” = “Microsoft Office HTML Icon Handler” -> {HKLM…CLSID} = (no title provided) \InProcServer32(Default) = “D:\Program Files\Microsoft Office\Office12\msohevi.dll” [MS] “{993BE281-6695-4BA5-8A2A-7AACBFAAB69E}” = “Microsoft Office Metadata Handler” -> {HKLM…CLSID} = “Microsoft Office Metadata Handler” \InProcServer32(Default) = “C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll” [MS] “{C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97}” = “Microsoft Office Thumbnail Handler” -> {HKLM…CLSID} = “Microsoft Office Thumbnail Handler” \InProcServer32(Default) = “C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll” [MS] “{B327765E-D724-4347-8B16-78AE18552FC3}” = “NeroDigitalIconHandler” -> {HKLM…CLSID} = “NeroDigitalIconHandler Class” \InProcServer32(Default) = “C:\Program Files\Common Files\Ahead\Lib\NeroDigitalExt.dll” [“Nero AG”] “{7F1CF152-04F8-453A-B34C-E609530A9DC8}” = “NeroDigitalPropSheetHandler” -> {HKLM…CLSID} = “NeroDigitalPropSheetHandler Class” \InProcServer32(Default) = “C:\Program Files\Common Files\Ahead\Lib\NeroDigitalExt.dll” [“Nero AG”] HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\ <> “{B5A7F190-DDA6-4420-B3BA-52453494E6CD}” = “Groove GFS Stub Execution Hook” -> {HKLM…CLSID} = “Groove GFS Stub Execution Hook” \InProcServer32(Default) = “D:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL” [MS] HKLM\Software\Classes\PROTOCOLS\Filter\ <> text/xml\CLSID = “{807563E5-5146-11D5-A672-00B0D022E945}” -> {HKLM…CLSID} = “Microsoft Office InfoPath XML Mime Filter” \InProcServer32(Default) = “C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL” [MS] HKLM\Software\Classes\Folder\shellex\ColumnHandlers\ {7D4D6379-F301-4311-BEBA-E26EB0561882}(Default) = “NeroDigitalExt.NeroDigitalColumnHandler” -> {HKLM…CLSID} = “NeroDigitalColumnHandler Class” \InProcServer32(Default) = “C:\Program Files\Common Files\Ahead\Lib\NeroDigitalExt.dll” [“Nero AG”] HKLM\Software\Classes*\shellex\ContextMenuHandlers\ NOD32 Context Menu Shell Extension(Default) = “{B089FE88-FB52-11D3-BDF1-0050DA34150D}” -> {HKLM…CLSID} = “NOD32 Context Menu Shell Extension” \InProcServer32(Default) = “C:\Program Files\Eset\nodshex.dll” [null data] WinRAR(Default) = “{B41DB860-8EE4-11D2-9906-E49FADC173CA}” -> {HKLM…CLSID} = “WinRAR” \InProcServer32(Default) = “C:\Program Files\WinRAR\rarext.dll” [null data] XXX Groove GFS Context Menu Handler XXX(Default) = “{6C467336-8281-4E60-8204-430CED96822D}” -> {HKLM…CLSID} = “Groove GFS Context Menu Handler” \InProcServer32(Default) = “D:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL” [MS] HKLM\Software\Classes\Directory\shellex\ContextMenuHandlers\ WinRAR(Default) = “{B41DB860-8EE4-11D2-9906-E49FADC173CA}” -> {HKLM…CLSID} = “WinRAR” \InProcServer32(Default) = “C:\Program Files\WinRAR\rarext.dll” [null data] XXX Groove GFS Context Menu Handler XXX(Default) = “{6C467336-8281-4E60-8204-430CED96822D}” -> {HKLM…CLSID} = “Groove GFS Context Menu Handler” \InProcServer32(Default) = “D:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL” [MS] HKLM\Software\Classes\Folder\shellex\ContextMenuHandlers\ NOD32 Context Menu Shell Extension(Default) = “{B089FE88-FB52-11D3-BDF1-0050DA34150D}” -> {HKLM…CLSID} = “NOD32 Context Menu Shell Extension” \InProcServer32(Default) = “C:\Program Files\Eset\nodshex.dll” [null data] WinRAR(Default) = “{B41DB860-8EE4-11D2-9906-E49FADC173CA}” -> {HKLM…CLSID} = “WinRAR” \InProcServer32(Default) = “C:\Program Files\WinRAR\rarext.dll” [null data] XXX Groove GFS Context Menu Handler XXX(Default) = “{6C467336-8281-4E60-8204-430CED96822D}” -> {HKLM…CLSID} = “Groove GFS Context Menu Handler” \InProcServer32(Default) = “D:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL” [MS] HKLM\Software\Classes\AllFilesystemObjects\shellex\ContextMenuHandlers\ XXX Groove GFS Context Menu Handler XXX(Default) = “{6C467336-8281-4E60-8204-430CED96822D}” -> {HKLM…CLSID} = “Groove GFS Context Menu Handler” \InProcServer32(Default) = “D:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL” [MS] Group Policies {GPedit.msc branch and setting}: ----------------------------------------------- Note: detected settings may not have any effect. HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System\ “shutdownwithoutlogon” = (REG_DWORD) hex:0x00000001 {Computer Configuration|Windows Settings|Security Settings|Local Policies|Security Options| Shutdown: Allow system to be shut down without having to log on} “undockwithoutlogon” = (REG_DWORD) hex:0x00000001 {Computer Configuration|Windows Settings|Security Settings|Local Policies|Security Options| Devices: Allow undock without having to log on} Active Desktop and Wallpaper: ----------------------------- Active Desktop may be disabled at this entry: HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellState Displayed if Active Desktop enabled and wallpaper not set by Group Policy: HKCU\Software\Microsoft\Internet Explorer\Desktop\General\ “Wallpaper” = “C:\WINDOWS\system32\config\systemprofile\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp” Displayed if Active Desktop disabled and wallpaper not set by Group Policy: HKCU\Control Panel\Desktop\ “Wallpaper” = “C:\Documents and Settings\Ela i Sławek\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp” Enabled Screen Saver: --------------------- HKCU\Control Panel\Desktop\ “SCRNSAVE.EXE” = “C:\WINDOWS\System32\logon.scr” [MS] Startup items in “Ela i Sławek” & “All Users” startup folders: -------------------------------------------------------------- C:\Documents and Settings\All Users\Menu Start\Programy\Autostart “Ralink Wireless Utility” -> shortcut to: “C:\Program Files\RALINK\Common\RaUI.exe” [“Ralink Technology, Corp.”] Winsock2 Service Provider DLLs: ------------------------------- Namespace Service Providers HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries\ {++} 000000000001\LibraryPath = “%SystemRoot%\System32\mswsock.dll” [MS] 000000000002\LibraryPath = “%SystemRoot%\System32\winrnr.dll” [MS] 000000000003\LibraryPath = “%SystemRoot%\System32\mswsock.dll” [MS] Transport Service Providers HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\ {++} 0000000000##\PackedCatalogItem (contains) DLL [Company Name], (at) ## range: C:\WINDOWS\system32\imon.dll ["Eset "], 01 - 05, 11 %SystemRoot%\system32\mswsock.dll [MS], 06 - 08, 12 - 27 %SystemRoot%\system32\rsvpsp.dll [MS], 09 - 10 Toolbars, Explorer Bars, Extensions: ------------------------------------ Toolbars HKCU\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\ “{2318C2B1-4965-11D4-9B18-009027A5CD4F}” -> {HKLM…CLSID} = “&Google” \InProcServer32(Default) = “c:\program files\google\googletoolbar1.dll” [“Google Inc.”] HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\ “{2318C2B1-4965-11D4-9B18-009027A5CD4F}” -> {HKLM…CLSID} = “&Google” \InProcServer32(Default) = “c:\program files\google\googletoolbar1.dll” [“Google Inc.”] “{EE5D279F-081B-4404-994D-C6B60AAEBA6D}” -> {HKLM…CLSID} = “EPSON Web-To-Page” \InProcServer32(Default) = “C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll” [“SEIKO EPSON CORPORATION”] HKLM\Software\Microsoft\Internet Explorer\Toolbar\ “{2318C2B1-4965-11D4-9B18-009027A5CD4F}” = (no title provided) -> {HKLM…CLSID} = “&Google” \InProcServer32(Default) = “c:\program files\google\googletoolbar1.dll” [“Google Inc.”] “{EE5D279F-081B-4404-994D-C6B60AAEBA6D}” = (no title provided) -> {HKLM…CLSID} = “EPSON Web-To-Page” \InProcServer32(Default) = “C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll” [“SEIKO EPSON CORPORATION”] Explorer Bars HKLM\Software\Microsoft\Internet Explorer\Explorer Bars\ HKLM\Software\Classes\CLSID{2A541AE1-5BF6-4665-A8A3-CFA9672E4291}(Default) = “Groove Folder Synchronization” Implemented Categories{00021493-0000-0000-C000-000000000046}\ [vertical bar] InProcServer32(Default) = “D:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL” [MS] HKLM\Software\Classes\CLSID{FF059E31-CC5A-4E2E-BF3B-96E929D65503}(Default) = “&Poszukaj” Implemented Categories{00021493-0000-0000-C000-000000000046}\ [vertical bar] InProcServer32(Default) = “D:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL” [MS] Extensions (Tools menu items, main toolbar menu buttons) HKLM\Software\Microsoft\Internet Explorer\Extensions\ {2670000A-7350-4F3C-8081-5663EE0C6C49}\ “ButtonText” = “Wyślij do programu OneNote” “MenuText” = “Wyślij &do programu OneNote” “CLSIDExtension” = “{48E73304-E1D6-4330-914C-F5F514E3486C}” -> {HKLM…CLSID} = “Send to OneNote from Internet Explorer button” \InProcServer32(Default) = “D:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll” [MS] {92780B25-18CC-41C8-B9BE-3C9C571A8263}\ “ButtonText” = “Research” {FB5F1910-F110-11D2-BB9E-00C04F795683}\ “ButtonText” = “Messenger” “MenuText” = “Windows Messenger” “Exec” = “C:\Program Files\Messenger\msmsgs.exe” [MS] Running Services (Display Name, Service Name, Path {Service DLL}): ------------------------------------------------------------------ Canon Camera Access Library 8, CCALib8, “C:\Program Files\Canon\CAL\CALMAIN.exe” [“Canon Inc.”] Epson Printer Status Agent4, StatusAgent4, “C:\WINDOWS\system32\SAgent4.exe” [“SEIKO EPSON CORPORATION”] EPSON V3 Service2(03), EPSON_PM_RPCV2_01, “C:\WINDOWS\system32\E_S00RP1.EXE” [“SEIKO EPSON CORPORATION”] InCD Helper, InCDsrv, “D:\Program Files\Nero 7\InCD\InCDsrv.exe” [“Nero AG”] Logitech Process Monitor, LVPrcSrv, “c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe” [“Logitech Inc.”] NOD32 Kernel Service, NOD32krn, ““C:\Program Files\Eset\nod32krn.exe”” ["Eset "] StarWind iSCSI Service, StarWindService, “d:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindService.exe” [“Rocket Division Software”] Windows User Mode Driver Framework, UMWdf, “C:\WINDOWS\system32\wdfmgr.exe” [MS] Print Monitors: --------------- HKLM\System\CurrentControlSet\Control\Print\Monitors\ EPSON Stylus DX3800 Series 2KMonitor5E\Driver = “E_FLMACE.DLL” [“SEIKO EPSON CORPORATION”] Send To Microsoft OneNote Monitor\Driver = “msonpmon.dll” [MS] ---------- (launch time: 2007-10-23 21:52:47) <>: Suspicious data at a malware launch point. + This report excludes default entries except where indicated. + To see *everywhere* the script checks and *everything* it finds, launch it from a command prompt or a shortcut with the -all parameter. + The search for DESKTOP.INI DLL launch points on all local fixed drives took 35 seconds. ---------- (total run time: 127 seconds)
Gutek
(Gutek)
23 Październik 2007 22:27
#2
Elbzyku
(B Sl)
24 Październik 2007 06:56
#3
Dzięki kolego za zainteresowanie,jestem początujący w tym temacie,więc pytam.Drugim kompem jest laptop na również na XP i w jego przypadk zastosować tą samą procedure?
Krzychuu
(Krzychuu)
24 Październik 2007 12:14
#4
Elbzyku jeśli chcesz to możesz oczywiście na drugim kompie przeczyścić rejestr oraz wykonać optymalizację