Zacinający się komputer. proszę o sprawdzenia loga

Dla specjalistów Bezpieczeństwo
#1

Jak w temacie proszę o sprawdzenie loga z combofixa:

ComboFix 09-01-21.04 - Admin 2009-01-25 13:59:50.2 - NTFSx86

Microsoft Windows XP Professional 5.1.2600.3.1250.1.1045.18.2047.1633 [GMT 1:00]

Uruchomiony z: c:\documents and settings\Admin\Pulpit\ComboFix.exe

AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated)

* Utworzono nowy punkt przywracania

UWAGA - TEN KOMPUTER NIE MA ZAINSTALOWANEJ KONSOLI ODZYSKIWANIA !!

.

((((((((((((((((((((((((( Pliki utworzone od 2008-12-25 do 2009-01-25 )))))))))))))))))))))))))))))))

.

2009-01-25 12:08 . 2009-01-25 12:08

2009-01-23 14:17 . 2009-01-23 14:17

2009-01-23 11:49 . 2009-01-23 11:49

2009-01-19 10:53 . 2009-01-19 10:53

2009-01-18 22:06 . 2009-01-25 12:57

2009-01-18 22:06 . 2009-01-18 22:06

2009-01-17 20:43 . 2009-01-19 13:10

2009-01-13 14:36 . 2009-01-13 14:36

2009-01-12 22:19 . 2009-01-12 22:19

2009-01-12 19:39 . 2009-01-12 19:39

2009-01-12 19:37 . 2009-01-12 19:37

2009-01-12 19:37 . 2009-01-12 19:37

2009-01-12 19:37 . 2006-06-29 13:07 14,048 --------- c:\windows\system32\spmsg2.dll

2009-01-12 19:14 . 2009-01-12 19:14

2009-01-12 19:03 . 2009-01-12 19:03

2009-01-12 18:46 . 2009-01-12 18:46

2009-01-12 18:42 . 2009-01-12 18:42

2009-01-12 18:42 . 2009-01-12 18:49 107,888 --a------ c:\windows\system32\CmdLineExt.dll

2009-01-12 18:41 . 2009-01-12 18:42

2009-01-12 18:40 . 2009-01-12 18:40

2009-01-12 18:40 . 2009-01-12 19:52

2009-01-12 17:27 . 2008-06-14 18:36 273,024 -----c— c:\windows\system32\dllcache\bthport.sys

2009-01-12 17:26 . 2008-10-16 02:02 1,499,136 -----c— c:\windows\system32\dllcache\shdocvw.dll

2009-01-12 17:26 . 2008-10-16 02:02 668,672 -----c— c:\windows\system32\dllcache\wininet.dll

2009-01-12 17:26 . 2008-10-16 02:02 619,520 -----c— c:\windows\system32\dllcache\urlmon.dll

2009-01-12 17:26 . 2008-09-08 11:41 333,824 -----c— c:\windows\system32\dllcache\srv.sys

2009-01-12 17:26 . 2008-08-14 11:04 138,496 -----c— c:\windows\system32\dllcache\afd.sys

2009-01-12 17:24 . 2008-09-15 16:27 1,846,656 -----c— c:\windows\system32\dllcache\win32k.sys

2009-01-12 17:23 . 2008-08-14 14:26 2,190,464 -----c— c:\windows\system32\dllcache\ntoskrnl.exe

2009-01-12 17:23 . 2008-08-14 14:26 2,146,816 -----c— c:\windows\system32\dllcache\ntkrnlmp.exe

2009-01-12 17:23 . 2008-08-14 14:26 2,067,328 -----c— c:\windows\system32\dllcache\ntkrnlpa.exe

2009-01-12 17:23 . 2008-08-14 14:26 2,025,472 -----c— c:\windows\system32\dllcache\ntkrpamp.exe

2009-01-12 17:22 . 2009-01-12 17:22

2009-01-12 17:22 . 2009-01-12 17:22

2009-01-12 17:22 . 2008-12-12 18:03 3,088,896 -----c— c:\windows\system32\dllcache\mshtml.dll

2009-01-12 17:22 . 2008-04-11 20:06 691,712 -----c— c:\windows\system32\dllcache\inetcomm.dll

2009-01-12 17:22 . 2008-10-24 12:21 455,296 -----c— c:\windows\system32\dllcache\mrxsmb.sys

2009-01-12 17:22 . 2008-05-01 15:37 331,776 -----c— c:\windows\system32\dllcache\msadce.dll

2009-01-12 17:22 . 2008-05-08 15:02 203,136 -----c— c:\windows\system32\dllcache\rmcast.sys

2009-01-12 17:21 . 2008-09-04 18:17 1,106,944 -----c— c:\windows\system32\dllcache\msxml3.dll

2009-01-12 17:21 . 2008-10-15 17:36 337,408 -----c— c:\windows\system32\dllcache\netapi32.dll

2009-01-12 17:20 . 2009-01-12 17:20

2009-01-12 17:20 . 2009-01-12 17:20

2009-01-12 17:19 . 2009-01-12 19:18

2009-01-12 17:16 . 2009-01-13 17:05

2009-01-12 17:13 . 2009-01-12 17:23

2009-01-12 17:13 . 2009-01-12 17:13 717,296 --a------ c:\windows\system32\drivers\sptd.sys

2009-01-12 17:03 . 2009-01-12 17:03

2009-01-12 17:03 . 2008-04-14 22:51 294,912 -----c— c:\windows\system32\dllcache\dlimport.exe

2009-01-12 17:01 . 2006-12-29 00:31 19,569 --a------ c:\windows\002703_.tmp

2009-01-12 16:59 . 2009-01-12 16:59

.

(((((((((((((((((((((((((((((((((((((((( Sekcja Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2009-01-25 13:02 --------- d-----w c:\program files\neostrada tp

2009-01-24 16:38 --------- d-----w c:\program files\BitComet

2009-01-23 13:17 --------- d–h--w c:\program files\InstallShield Installation Information

2009-01-12 18:03 --------- d-----w c:\program files\Yahoo!

2009-01-12 15:59 --------- d-----w c:\documents and settings\Admin\Dane aplikacji\AVGTOOLBAR

2008-12-22 14:02 --------- d-----w c:\program files\BitTorrent

2008-12-22 14:00 --------- d-----w c:\documents and settings\Admin\Dane aplikacji\BitTorrent

2008-12-15 21:26 --------- d-----w c:\documents and settings\Admin\Dane aplikacji\gtk-2.0

2008-12-15 21:02 --------- d-----w c:\documents and settings\All Users\Dane aplikacji\FLEXnet

2008-12-15 19:58 --------- d-----w c:\program files\Bonjour

2008-12-15 19:52 --------- d-----w c:\program files\Common Files\Macrovision Shared

2008-12-10 18:17 --------- d-----w c:\documents and settings\All Users\Dane aplikacji\WEBREG

2008-12-10 18:17 --------- d-----w c:\documents and settings\All Users\Dane aplikacji\Hewlett-Packard

2008-12-10 18:15 --------- d-----w c:\program files\HP

2008-12-10 18:15 --------- d-----w c:\documents and settings\All Users\Dane aplikacji\HPSSUPPLY

2008-12-10 18:15 --------- d-----w c:\documents and settings\Admin\Dane aplikacji\HPAppData

2008-12-10 18:14 --------- d-----w c:\program files\Hewlett-Packard

2008-12-10 18:14 --------- d-----w c:\program files\Common Files\HP

2008-12-10 18:14 --------- d-----w c:\program files\Common Files\Hewlett-Packard

2008-12-10 18:14 --------- d-----w c:\documents and settings\All Users\Dane aplikacji\HP Product Assistant

2008-12-10 18:14 --------- d-----w c:\documents and settings\All Users\Dane aplikacji\HP

2008-12-09 15:09 --------- d-----w c:\program files\GIMP-2.0

2008-12-09 14:26 --------- d-----w c:\documents and settings\Admin\Dane aplikacji\Gadu-Gadu

2008-12-07 08:54 --------- d-----w c:\program files\K-Lite Codec Pack

2008-12-07 08:54 --------- d-----w c:\documents and settings\Admin\Dane aplikacji\Media Player Classic

2008-12-05 07:48 --------- d-----w c:\documents and settings\All Users\Dane aplikacji\Sports Interactive

2008-12-05 07:35 --------- d–h--w c:\program files\Zero G Registry

2008-12-05 07:31 --------- d-----w c:\documents and settings\Admin\Dane aplikacji\Sports Interactive

2008-12-04 19:53 --------- d-----w c:\program files\Gadu-Gadu

2008-12-04 19:44 --------- d-----w c:\program files\Thomson

2008-12-04 19:34 --------- d-----w c:\program files\Java

2008-12-04 19:28 --------- d-----w c:\program files\Kaspersky Lab

2008-12-04 19:27 --------- d-----w c:\documents and settings\All Users\Dane aplikacji\Kaspersky Lab Setup Files

2008-12-02 12:36 --------- d-----w c:\program files\Realtek

2008-12-02 12:19 315,392 ----a-w c:\windows\HideWin.exe

2008-12-02 12:19 --------- d-----w c:\program files\Common Files\InstallShield

2008-12-02 12:19 --------- d-----w c:\documents and settings\Admin\Dane aplikacji\InstallShield

2008-12-02 12:18 --------- d-----w c:\program files\ASUS

2008-12-02 11:55 --------- d-----w c:\program files\microsoft frontpage

2008-12-02 11:54 --------- d-----w c:\program files\Usługi online

.

((((((((((((((((((((((((((((( snapshot@2009-01-19_10.49.09,65 )))))))))))))))))))))))))))))))))))))))))

.

  • 2005-10-20 19:02:28 163,328 ----a-w c:\windows\ERDNT\subs\ERDNT.EXE

.

((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane

REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

“WOOWATCH”=“c:\progra~1\NEOSTR~1\Watch.exe” [2004-08-23 20480]

“WOOTASKBARICON”=“c:\progra~1\NEOSTR~1\GestMaj.exe” [2004-10-14 32768]

“SpeedTouch USB Diagnostics”=“c:\program files\Thomson\SpeedTouch USB\Dragdiag.exe” [2004-01-26 866816]

[HKEY_USERS.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

“CTFMON.EXE”=“c:\windows\system32\CTFMON.EXE” [2008-04-14 15360]

[HKLM~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^HP Digital Imaging Monitor.lnk]

path=c:\documents and settings\All Users\Menu Start\Programy\Autostart\HP Digital Imaging Monitor.lnk

backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AVG8_TRAY]

–a------ 2002-12-28 16:33 1261336 c:\progra~1\AVG\AVG8\avgtray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]

–a------ 2008-04-14 22:51 15360 c:\windows\system32\ctfmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]

–a------ 2008-12-29 11:40 687560 c:\program files\DAEMON Tools Lite\daemon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]

–a------ 2007-07-05 15:08 16380416 c:\windows\RTHDCPL.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel]

–a------ 2007-06-15 15:45 1826816 c:\windows\SkyTel.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center]

“AntiVirusDisableNotify”=dword:00000001

“UpdatesDisableNotify”=dword:00000001

[HKLM~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

“%windir%\system32\sessmgr.exe”=

“c:\Program Files\AVG\AVG8\avgemc.exe”=

“c:\Program Files\AVG\AVG8\avgupd.exe”=

“c:\Program Files\Gadu-Gadu\gg.exe”=

“%windir%\Network Diagnostic\xpnetdiag.exe”=

“c:\Program Files\BitComet\BitComet.exe”=

[HKLM~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]

“14604:TCP”= 14604:TCP:BitComet 14604 TCP

“14604:UDP”= 14604:UDP:BitComet 14604 UDP

R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2002-12-28 97928]

R4 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [2002-12-28 875288]

R4 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [2002-12-28 231704]

R4 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2002-12-28 76040]

.

Zawartość folderu ‘Zaplanowane zadania’

2009-01-18 c:\windows\Tasks\Norton Security Scan for Admin.job

  • c:\program files\Norton Security Scan\Nss.exe [2008-09-19 04:18]

.

.

------- Skan uzupełniający -------

.

uStart Page = hxxp://google.atcomet.com/b/

IE: Append Link Target to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

IE: Append to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html

IE: Convert Link Target to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

IE: Convert to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html

IE: Pobierz wszystkie VIdeo za pomocą BitComet - c:\program files\BitComet\BitComet.exe/AddVideo.htm

IE: Pobierz wszystko za pomocą BitComet - c:\program files\BitComet\BitComet.exe/AddAllLink.htm

IE: Pobierz za pomocą BitComet - c:\program files\BitComet\BitComet.exe/AddLink.htm

IE: { - c:\program files\Messenger\msmsgs.exe

TCP: {95DC4B1D-C836-4122-86CB-8DEFE32740BD} = 194.204.159.1 217.98.63.164

FF - ProfilePath - c:\documents and settings\Admin\Dane aplikacji\Mozilla\Firefox\Profiles\gfy721vj.default\

FF - prefs.js: browser.startup.homepage - hxxp://google.atcomet.com/b/

FF - component: c:\program files\AVG\AVG8\Firefox\components\avgssff.dll

FF - component: c:\program files\AVG\AVG8\ToolbarFF\components\vmAVGConnector.dll

FF - component: c:\program files\DAEMON Tools Toolbar\FirefoxDTT\components\DTToolbarFF.dll

FF - plugin: c:\program files\Java\j2re1.4.0_03\bin\NPJava11.dll

FF - plugin: c:\program files\Java\j2re1.4.0_03\bin\NPJava12.dll

FF - plugin: c:\program files\Java\j2re1.4.0_03\bin\NPJava13.dll

FF - plugin: c:\program files\Java\j2re1.4.0_03\bin\NPJava32.dll

FF - plugin: c:\program files\Java\j2re1.4.0_03\bin\NPJPI140_03.dll

FF - plugin: c:\program files\Java\j2re1.4.0_03\bin\NPOJI610.dll

FF - plugin: c:\program files\Mozilla Firefox\plugins\npbittorrent.dll

.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2009-01-25 14:03:03

Windows 5.1.2600 Dodatek Service Pack 3 NTFS

skanowanie ukrytych procesów …

skanowanie ukrytych wpisów autostartu …

skanowanie ukrytych plików …

skanowanie pomyślnie ukończone

ukryte pliki: 0

**************************************************************************

.

--------------------- ZABLOKOWANE KLUCZE REJESTRU ---------------------

[HKEY_USERS\S-1-5-21-606747145-1450960922-682003330-1003\Software\SecuROM\License information*]

“datasecu”=hex:74,d0,f7,af,57,e2,f2,6d,da,74,c8,5b,c1,cf,29,af,5c,e8,e6,c1,87,

fe,73,eb,9f,dd,57,42,46,67,5e,61,d4,d7,03,30,9d,46,b1,00,9c,89,5d,6b,ff,ab,\

“rkeysecu”=hex:29,23,be,84,e1,6c,d6,ae,52,90,49,f1,f1,bb,e9,eb

.

--------------------- Pliki DLL ładowane pod uruchomionymi procesami ---------------------

              • ‘winlogon.exe’(712)

c:\windows\system32\Ati2evxx.dll

.

------------------------ Pozostałe uruchomione procesy ------------------------

.

c:\windows\system32\ati2evxx.exe

c:\windows\system32\ati2evxx.exe

c:\windows\system32\FTRTSVC.exe

c:\program files\AVG\AVG8\avgrsx.exe

c:\progra~1\NEOSTR~1\TaskBarIcon.exe

.

**************************************************************************

.

Czas ukończenia: 2009-01-25 14:05:52 - komputer został uruchomiony ponownie

ComboFix-quarantined-files.txt 2009-01-25 13:05:50

ComboFix2.txt 2009-01-19 09:50:47

Przed: 40 068 669 440 bajtów wolnych

Po: 40,011,411,456 bajtów wolnych

216 — E O F — 2009-01-13 22:04:34

#2

Pobierz ComboFix, ale nie uruchamiaj

Wklej do notatnika:

File::

c:\windows\002703_.tmp

Plik -> zapisz jako -> CFScript.txt.

Przeciągnij i upuść ikonkę CFScript.txt na ikonkę ComboFix.exe tak jak tu->

cfscript10uc2.gif

Rozpocznie się usuwanie i powstanie log, który dasz na forum.

Logi dajesz na http://wklej.eu lub na http://wklej.org a w poście dajesz tylko link

#3

jak mam program wkleic do notatnika??

Dodane 25.01.2009 (N) 15:09

Proszę jeszcze log z Hijackthis

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 15:09:17, on 2009-01-25

Platform: Windows XP Dodatek SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\System32\FTRTSVC.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe

C:\PROGRA~1\AVG\AVG8\avgtray.exe

C:\PROGRA~1\NEOSTR~1\TaskBarIcon.exe

C:\PROGRA~1\AVG\AVG8\avgrsx.exe

C:\PROGRA~1\AVG\AVG8\avgemc.exe

C:\Program Files\Mozilla Firefox\firefox.exe

D:\Nowy folder\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.atcomet.com/b/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza

R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\NEOSTR~1\SEARCH~1.DLL

R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll

O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll

O2 - BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.3.1.15.dll

O2 - BHO: AVG Safe Search - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll

O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL

O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

O2 - BHO: SmartSelect Class - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL

O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll

O4 - HKLM…\Run: [WOOWATCH] C:\PROGRA~1\NEOSTR~1\Watch.exe

O4 - HKLM…\Run: [WOOTASKBARICON] C:\PROGRA~1\NEOSTR~1\GestMaj.exe TaskBarIcon.exe

O4 - HKLM…\Run: [speedTouch USB Diagnostics] “C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe” /icon

O4 - HKLM…\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe

O4 - HKUS\S-1-5-18…\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘SYSTEM’)

O4 - HKUS.DEFAULT…\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘Default user’)

O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

O8 - Extra context menu item: Append to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html

O8 - Extra context menu item: Convert Link Target to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html

O8 - Extra context menu item: Pobierz wszystkie VIdeo za pomocą BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm

O8 - Extra context menu item: Pobierz wszystko za pomocą BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm

O8 - Extra context menu item: Pobierz za pomocą BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm

O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra ‘Tools’ menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.3.1.15.dll/206 (file missing)

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra ‘Tools’ menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra ‘Tools’ menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll

O17 - HKLM\System\CCS\Services\Tcpip…{95DC4B1D-C836-4122-86CB-8DEFE32740BD}: NameServer = 194.204.159.1 217.98.63.164

O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe

O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe

O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe

O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe

End of file - 6474 bytes

#4

wklejasz tylko to:

File::

c:\windows\002703_.tmp
#5

Proszę o to login

http://wklej.org/id/44274/

Dodane 26.01.2009 (Pn) 15:27

To jak pomożecie mi?? Bardzo was prosze