Mam pewien problem. Więc tak kiedy włączam komputer i wyświetla się logo Windows wraz z paskiem “ładującym”. No i czekam czekam lecz komputer nadal się nie uruchamia. A ten pasek ciągle sobie tak lata. Można go uruchomić tylko w trybie awaryjnym. Mam logi z ComboFix i hijackthis ale nie za bardzo wiem o co w nich chodzi. Prosze o pomoc w rozwiązaniu mojego problemu.
ComboFix:
ComboFix 09-01-05.02 - Komputerek 2009-01-05 18:12:27.1 - FAT32 x86 NETWORK
Microsoft Windows XP Professional 5.1.2600.2.1250.1.1045.18.511.330 [GMT 1:00]
Uruchomiony z: E:\ComboFix.exe
.
((((((((((((((((((((((((((((((((((((((( Usunięto )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\windows\system32\pthreadGC2.dll
.
((((((((((((((((((((((((( Pliki utworzone od 2008-12-05 do 2009-01-05 )))))))))))))))))))))))))))))))
.
2009-01-05 17:16 . 2009-01-05 17:16
2009-01-03 15:41 . 2009-01-03 15:41
2009-01-03 15:20 . 2004-08-03 23:08 26,496 --a------ c:\windows\system32\dllcache\usbstor.sys
2009-01-03 14:19 . 2009-01-03 14:20
2009-01-03 14:19 . 2007-03-12 16:42 1,123,696 --a------ c:\windows\system32\D3DCompiler_33.dll
2009-01-03 14:19 . 2007-03-15 16:57 443,752 --a------ c:\windows\system32\d3dx10_33.dll
2009-01-03 14:19 . 2007-04-04 18:55 261,480 --a------ c:\windows\system32\xactengine2_7.dll
2009-01-03 14:19 . 2007-01-24 15:27 255,848 --a------ c:\windows\system32\xactengine2_6.dll
2009-01-03 14:19 . 2006-12-08 12:02 251,672 --a------ c:\windows\system32\xactengine2_5.dll
2009-01-03 14:19 . 2006-09-28 16:05 237,848 --a------ c:\windows\system32\xactengine2_4.dll
2009-01-03 14:19 . 2007-03-05 12:42 15,128 --a------ c:\windows\system32\x3daudio1_1.dll
2009-01-03 11:34 . 2009-01-03 11:34
2009-01-03 11:22 . 2008-08-08 07:04 545 --a------ c:\windows\UC.PIF
2009-01-03 11:22 . 2008-08-08 07:04 545 --a------ c:\windows\RAR.PIF
2009-01-03 11:22 . 2008-08-08 07:04 545 --a------ c:\windows\PKZIP.PIF
2009-01-03 11:22 . 2008-08-08 07:04 545 --a------ c:\windows\PKUNZIP.PIF
2009-01-03 11:22 . 2008-08-08 07:04 545 --a------ c:\windows\NOCLOSE.PIF
2009-01-03 11:22 . 2008-08-08 07:04 545 --a------ c:\windows\LHA.PIF
2009-01-03 11:22 . 2008-08-08 07:04 545 --a------ c:\windows\ARJ.PIF
2009-01-03 11:22 . 2009-01-03 11:23 403 --a------ c:\windows\wincmd.ini
2009-01-03 11:18 . 2009-01-03 11:18
2009-01-03 11:10 . 2009-01-03 11:10
2009-01-03 11:06 . 2009-01-03 11:06
2009-01-02 19:37 . 2009-01-02 19:37
2009-01-02 19:26 . 2009-01-02 19:26
2009-01-01 18:23 . 2009-01-01 18:23
2009-01-01 14:19 . 2006-07-28 09:30 236,824 --a------ c:\windows\system32\xactengine2_3.dll
2009-01-01 14:19 . 2006-07-28 09:30 62,744 --a------ c:\windows\system32\xinput1_2.dll
2009-01-01 13:41 . 2009-01-01 13:41
2009-01-01 13:10 . 2008-10-17 19:10 7,680 --a------ c:\windows\system32\ff_vfw.dll
2009-01-01 13:10 . 2008-01-01 00:00 547 --a------ c:\windows\system32\ff_vfw.dll.manifest
2009-01-01 01:28 . 2009-01-01 01:28
2008-12-31 22:44 . 2008-12-31 22:44 107,888 --a------ c:\windows\system32\CmdLineExt.dll
2008-12-31 22:40 . 2008-12-31 22:40
2008-12-31 22:22 . 2008-03-05 15:56 3,786,760 --a------ c:\windows\system32\D3DX9_37.dll
2008-12-31 22:22 . 2007-07-19 18:14 3,727,720 --a------ c:\windows\system32\d3dx9_35.dll
2008-12-31 22:22 . 2007-05-16 16:45 3,497,832 --a------ c:\windows\system32\d3dx9_34.dll
2008-12-31 22:22 . 2007-03-12 16:42 3,495,784 --a------ c:\windows\system32\d3dx9_33.dll
2008-12-31 22:22 . 2006-11-29 13:06 3,426,072 --a------ c:\windows\system32\d3dx9_32.dll
2008-12-31 22:22 . 2007-04-04 18:53 81,768 --a------ c:\windows\system32\xinput1_3.dll
2008-12-31 22:21 . 2006-09-28 16:05 2,414,360 --a------ c:\windows\system32\d3dx9_31.dll
2008-12-31 22:21 . 2005-05-26 15:34 2,297,552 --a------ c:\windows\system32\d3dx9_26.dll
2008-12-31 20:04 . 2008-12-31 20:04 4,767 --a------ c:\windows\Irremote.ini
2008-12-31 19:56 . 2008-12-31 19:56
2008-12-31 19:06 . 2008-12-31 19:06
2008-12-31 19:03 . 2008-12-31 19:03
2008-12-31 19:03 . 2008-12-31 19:03
2008-12-31 19:02 . 2008-12-31 19:02
2008-12-31 19:02 . 2008-12-31 19:02
2008-12-31 15:51 . 2008-12-31 15:51
2008-12-31 15:51 . 2008-12-31 15:51 717,296 --a------ c:\windows\system32\drivers\sptd.sys
2008-12-31 14:25 . 2008-12-31 14:25
2008-12-31 14:23 . 2008-12-31 14:23
2008-12-31 14:23 . 2008-12-31 14:23
2008-12-30 22:38 . 2008-12-30 22:38
2008-12-30 18:57 . 2008-12-30 18:57
2008-12-30 18:55 . 2008-12-30 18:55
2008-12-30 18:54 . 2008-12-30 18:54
2008-12-30 18:48 . 2008-12-30 18:48
2008-12-30 18:47 . 2008-12-30 18:47 0 --a------ c:\windows\nsreg.dat
2008-12-30 18:46 . 2003-03-18 21:20 1,060,864 --a------ c:\windows\system32\MFC71.dll
2008-12-30 18:46 . 2003-02-21 04:42 348,160 --a------ c:\windows\system32\MSVCR71.dll
2008-12-30 18:20 . 2006-10-26 19:56 32,592 --a------ c:\windows\system32\msonpmon.dll
2008-12-30 18:17 . 2008-12-30 18:17
2008-12-30 18:16 . 2008-12-30 18:17
2008-12-30 18:15 . 2008-12-30 18:15
2008-12-30 18:12 . 2008-12-30 18:12
2008-12-30 18:11 . 2008-12-30 18:12
2008-12-30 18:11 . 2008-12-30 18:11
2008-12-30 18:11 . 2008-12-30 18:11
2008-12-30 18:09 . 2008-12-30 18:09
2008-12-30 18:01 . 2008-12-30 18:50 316,640 --a------ c:\windows\WMSysPr9.prx
2008-12-30 17:58 . 2008-12-30 17:58
2008-12-30 17:56 . 2004-07-17 11:40 19,528 --a------ c:\windows\002314_.tmp
2008-12-30 17:56 . 2004-08-03 22:43 15,872 --a------ c:\windows\system32\spupdsvc.exe
2008-12-30 17:54 . 2008-12-30 17:55
2008-12-30 17:52 . 2008-12-30 17:52
2008-12-30 17:52 . 2008-12-30 17:52
2008-12-30 17:09 . 2008-12-30 17:09
2008-12-30 17:08 . 2008-12-30 17:08
2008-12-30 17:07 . 2008-12-30 17:07
2008-12-30 17:06 . 2008-12-30 17:06
2008-12-30 17:06 . 2008-12-30 17:06
2008-12-30 17:06 . 2006-12-15 17:19 258,048 -ra------ c:\windows\system32\hpzids01.dll
2008-12-30 17:06 . 2006-12-30 15:49 117,760 --a------ c:\windows\system32\hpzll4v2.dll
2008-12-30 17:05 . 2008-12-30 17:05
2008-12-30 17:05 . 2004-08-03 23:01 25,856 --a------ c:\windows\system32\drivers\usbprint.sys
2008-12-30 17:03 . 2008-12-30 17:52 140,685 --a------ c:\windows\HPHins13.dat
2008-12-30 17:03 . 2007-01-22 17:05 2,977 --------- c:\windows\hphmdl13.dat
2008-12-30 17:00 . 2008-12-30 17:00
2008-12-30 17:00 . 2008-12-30 17:00
2008-12-30 17:00 . 2008-12-30 17:00 0 --a------ c:\windows\ativpsrm.bin
2008-12-30 16:59 . 2008-12-30 16:59
2008-12-30 16:48 . 2008-12-30 16:48
2008-12-30 16:42 . 2007-09-14 21:05 593,920 --------- c:\windows\system32\ati2sgag.exe
2008-12-30 16:42 . 2007-09-14 15:06 356,352 -ra------ c:\windows\system32\ATIDEMGX.dll
2008-12-30 16:42 . 2007-09-14 14:57 307,200 -ra------ c:\windows\system32\atiiiexx.dll
2008-12-30 16:42 . 2007-08-16 22:56 11,557 -ra------ c:\windows\atiogl.xml
2008-12-30 16:42 . 2007-04-11 14:33 7,069 -ra------ c:\windows\system32\atifglpf.xml
2008-12-30 16:41 . 2008-12-30 16:41
2008-12-30 16:41 . 2007-09-14 14:34 3,107,788 -ra------ c:\windows\system32\ativvaxx.dat
2008-12-30 16:41 . 2007-09-14 14:34 3,107,788 -ra------ c:\windows\system32\ativva5x.dat
2008-12-30 16:41 . 2007-04-18 01:19 1,311,202 -ra------ c:\windows\system32\drivers\ativcaxx.cpa
2008-12-30 16:41 . 2007-09-14 14:34 972,072 -ra------ c:\windows\system32\ativva6x.dat
2008-12-30 16:41 . 2007-08-14 10:11 156,671 -ra------ c:\windows\system32\atiicdxx.dat
2008-12-30 16:41 . 2007-09-14 15:42 47,424 -ra------ c:\windows\system32\drivers\ativvpxx.vp
2008-12-30 16:41 . 2007-04-18 01:19 2,096 -ra------ c:\windows\system32\drivers\ativdkxx.vp
2008-12-30 16:41 . 2007-05-30 05:43 2,096 -ra------ c:\windows\system32\drivers\ativckxx.vp
2008-12-30 16:41 . 2007-04-18 01:19 929 -ra------ c:\windows\system32\drivers\ativcaxx.vp
2008-12-30 16:30 . 2004-08-03 23:08 142,976 --a------ c:\windows\system32\drivers\usbport.sys
2008-12-30 16:30 . 2004-08-03 22:59 95,360 --a------ c:\windows\system32\drivers\atapi.sys
2008-12-30 16:30 . 2004-08-04 00:44 77,312 --a------ c:\windows\system32\usbui.dll
2008-12-30 16:30 . 2004-08-04 00:34 68,608 --a------ c:\windows\system32\drivers\pci.sys
2008-12-30 16:30 . 2004-08-03 23:08 57,600 --a------ c:\windows\system32\drivers\usbhub.sys
2008-12-30 16:30 . 2001-10-26 16:47 36,224 --a------ c:\windows\system32\drivers\isapnp.sys
2008-12-30 16:30 . 2001-10-26 16:47 36,224 --a------ c:\windows\system32\dllcache\isapnp.sys
2008-12-30 16:30 . 2004-08-03 23:08 26,624 --a------ c:\windows\system32\drivers\usbehci.sys
2008-12-30 16:30 . 2004-08-03 22:59 25,088 --a------ c:\windows\system32\drivers\pciidex.sys
2008-12-30 16:30 . 2004-08-03 23:08 20,480 --a------ c:\windows\system32\drivers\usbuhci.sys
2008-12-30 16:30 . 2001-10-26 16:56 3,456 --a------ c:\windows\system32\drivers\pciide.sys
2008-12-30 16:30 . 2001-10-26 16:56 3,456 --a------ c:\windows\system32\dllcache\pciide.sys
2008-12-30 16:29 . 2008-12-30 16:29
2008-12-30 16:29 . 2008-12-30 16:29
2008-12-30 16:29 . 2005-03-04 04:10 74,496 --a------ c:\windows\system32\drivers\Rtlnicxp.sys
2008-12-30 16:29 . 2004-08-03 23:07 42,368 --a------ c:\windows\system32\drivers\agp440.sys
.
(((((((((((((((((((((((((((((((((((((((( Sekcja Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-01-02 19:07 163,644 ----a-w c:\windows\system32\drivers\secdrv.sys
2008-12-30 14:18 --------- d-----w c:\program files\microsoft frontpage
2008-12-30 14:13 --------- d-----w c:\program files\Usługi online
.
((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
“CTFMON.EXE”=“c:\windows\system32\ctfmon.exe” [2004-08-04 15360]
“BitComet”=“d:\program files\BitComet\BitComet.exe” [2008-12-03 2514744]
“Nowe Gadu-Gadu”=“d:\program files\Nowe Gadu-Gadu\gg.exe” [2008-12-22 8966760]
“ALLUpdate”=“d:\program files\ALLPlayer\ALLUpdate.exe” [2008-11-24 869888]
“DAEMON Tools Lite”=“d:\program files\DAEMON Tools Lite\daemon.exe” [2008-12-10 216520]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
“StartCCC”=“c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe” [2006-11-10 90112]
“HP Software Update”=“c:\program files\HP\HP Software Update\HPWuSchd2.exe” [2006-12-10 49152]
“GrooveMonitor”=“c:\program files\Microsoft Office\Office12\GrooveMonitor.exe” [2006-10-27 31016]
“avast!”=“d:\progra~1\ALWILS~1\Avast4\ashDisp.exe” [2008-11-26 81000]
“WinampAgent”=“d:\program files\Winamp\winampa.exe” [2008-09-12 36352]
[HKEY_USERS.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
“CTFMON.EXE”=“c:\windows\System32\CTFMON.EXE” [2004-08-04 15360]
c:\documents and settings\All Users\Menu Start\Programy\Autostart\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-01-02 210520]
[HKLM~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
“EnableFirewall”= 0 (0x0)
[HKLM~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
“%windir%\system32\sessmgr.exe”=
“c:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE”=
“c:\Program Files\Microsoft Office\Office12\groove.exe”=
“c:\Program Files\Microsoft Office\Office12\ONENOTE.EXE”=
“d:\Program Files\BitComet\BitComet.exe”=
[HKLM~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
“10323:TCP”= 10323:TCP:BitComet 10323 TCP
“10323:UDP”= 10323:UDP:BitComet 10323 UDP
S1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2009-01-02 111184]
S4 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2009-01-02 20560]
S4 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0;c:\program files\Common Files\Nero\Nero BackItUp 4\NBService.exe [2008-12-05 935208]
— Other Services/Drivers In Memory —
*NewlyCreated* - ASWFSBLK
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2{273f0778-d765-11dd-bc10-00196652af40}]
\Shell\AutoRun\command - H:\autorun.exe
.
-
-
-
- USUNIĘTO PUSTE WPISY - - - -
-
-
HKLM-Run-Cmaudio - cmicnfg.cpl
.
------- Skan uzupełniający -------
.
uStart Page = hxxp://www.daemon-search.com/startpage
uInternet Connection Wizard,ShellNext = iexplore
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Pobierz wszystkie VIdeo za pomocą BitComet - d:\program files\BitComet\BitComet.exe/AddVideo.htm
IE: Pobierz wszystko za pomocą BitComet - d:\program files\BitComet\BitComet.exe/AddAllLink.htm
IE: Pobierz za pomocą BitComet - d:\program files\BitComet\BitComet.exe/AddLink.htm
FF - ProfilePath - c:\documents and settings\Komputerek\Dane aplikacji\Mozilla\Firefox\Profiles\x5014bwc.default\
FF - prefs.js: browser.search.selectedEngine - DAEMON Search
FF - prefs.js: browser.startup.homepage - hxxp://google.pl/
FF - component: c:\documents and settings\Komputerek\Dane aplikacji\Mozilla\Firefox\Profiles\x5014bwc.default\extensions{0b38152b-1b20-484d-a11f-5e04a9b0661f}\components\WinampTBPlayer.dll
FF - component: c:\program files\DAEMON Tools Toolbar\FirefoxDTT\components\DTToolbarFF.dll
FF - plugin: c:\program files\Microsoft Silverlight\2.0.31005.0\npctrl.dll
FF - plugin: d:\program files\Adobe\Acrobat 6.0 CE\Reader\browser\nppdf32.dll
.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-01-05 18:14:08
Windows 5.1.2600 Dodatek Service Pack 2 FAT NTAPI
skanowanie ukrytych procesów …
skanowanie ukrytych wpisów autostartu …
skanowanie ukrytych plików …
skanowanie pomyślnie ukończone
ukryte pliki: 0
**************************************************************************
.
--------------------- Pliki DLL ładowane pod uruchomionymi procesami ---------------------
-
-
-
-
-
-
- > ‘winlogon.exe’(512)
-
-
-
-
-
c:\windows\system32\Ati2evxx.dll
.
Czas ukończenia: 2009-01-05 18:14:51
ComboFix-quarantined-files.txt 2009-01-05 17:14:50
Przed: 4 989 403 136 bajtów wolnych
Po: 6,967,894,016 bajtów wolnych
WindowsXP-KB310994-SP2-Pro-BootDisk-PLK.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT=“Microsoft Windows Recovery Console” /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS=“Microsoft Windows XP Professional” /fastdetect /NoExecute=OptIn
229
Hijackthis
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:23:00, on 2009-01-05
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Safe mode with network support
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
E:\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.daemon-search.com/startpage
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - D:\Program Files\BitComet\tools\BitCometBHO_1.2.8.7.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: HP Smart Web Printing 1.0 - {AE84A6AA-A333-4B92-B276-C11E2212E4FE} - C:\Program Files\HP\Smart Web Printing\SmartWebPrinting.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O4 - HKLM…\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM…\Run: [startCCC] “C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe”
O4 - HKLM…\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM…\Run: [GrooveMonitor] “C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe”
O4 - HKLM…\Run: [avast!] D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM…\Run: [WinampAgent] “D:\Program Files\Winamp\winampa.exe”
O4 - HKLM…\RunOnce: [aswAhAScr.dll] D:\PROGRA~1\ALWILS~1\Avast4\ASWREG~1.EXE “D:\Program Files\Alwil Software\Avast4\AhAScr.dll”
O4 - HKCU…\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU…\Run: [bitComet] “D:\Program Files\BitComet\BitComet.exe” /tray
O4 - HKCU…\Run: [Nowe Gadu-Gadu] “D:\Program Files\Nowe Gadu-Gadu\gg.exe”
O4 - HKCU…\Run: [ALLUpdate] “D:\Program Files\ALLPlayer\ALLUpdate.exe” “sleep”
O4 - HKCU…\Run: [DAEMON Tools Lite] “D:\Program Files\DAEMON Tools Lite\daemon.exe” -autorun
O4 - HKUS\S-1-5-19…\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User ‘USŁUGA LOKALNA’)
O4 - HKUS\S-1-5-20…\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User ‘USŁUGA SIECIOWA’)
O4 - HKUS\S-1-5-18…\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User ‘SYSTEM’)
O4 - HKUS.DEFAULT…\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User ‘Default user’)
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Pobierz wszystkie VIdeo za pomocą BitComet - res://D:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: Pobierz wszystko za pomocą BitComet - res://D:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: Pobierz za pomocą BitComet - res://D:\Program Files\BitComet\BitComet.exe/AddLink.htm
O9 - Extra button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra ‘Tools’ menuitem: Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://D:\Program Files\BitComet\tools\BitCometBHO_1.2.8.7.dll/206 (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra ‘Tools’ menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - D:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - D:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: PsExec (PSEXESVC) - Unknown owner - C:\WINDOWS\PSEXESVC.EXE (file missing)
–
End of file - 5096 bytes