ComFix
-----------------
- Kod: Zaznacz wszystko
ComboFix 08-07-17.4 - Administrator 2008-07-18 15:17:42.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1250.1.1045.18.1337 [GMT 2:00]
Running from: H:\Documents and Settings\Administrator\Pulpit\ComboFix.exe
* Created a new restore point
* Resident AV is active
[color=red][b]WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !![/b][/color]
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
H:\WINDOWS\lsass.exe
H:\WINDOWS\system32\avi.dll
H:\WINDOWS\system32\cpuinf32.dll
H:\WINDOWS\system32\DivXsm.exe
H:\WINDOWS\system32\ff_liba52.dll
H:\WINDOWS\system32\ff_libdts.dll
H:\WINDOWS\system32\ff_libfaad2.dll
H:\WINDOWS\system32\ff_libmad.dll
H:\WINDOWS\system32\ff_realaac.dll
H:\WINDOWS\system32\ff_samplerate.dll
H:\WINDOWS\system32\ff_tremor.dll
H:\WINDOWS\system32\ff_unrar.dll
H:\WINDOWS\system32\ff_wmv9.dll
H:\WINDOWS\system32\iconv.dll
H:\WINDOWS\system32\libavcodec.dll
H:\WINDOWS\system32\libmpeg2_ff.dll
H:\WINDOWS\system32\libmplayer.dll
H:\WINDOWS\system32\mkunicode.dll
H:\WINDOWS\system32\mkx.dll
H:\WINDOWS\system32\mkzlib.dll
H:\WINDOWS\system32\mmfinfo.dll
H:\WINDOWS\system32\mp4.dll
H:\WINDOWS\system32\mplvpx.dll
H:\WINDOWS\system32\ogg.dll
H:\WINDOWS\system32\OggDS.dll
H:\WINDOWS\system32\ogm.dll
H:\WINDOWS\system32\ts.dll
H:\WINDOWS\system32\vorbis.dll
H:\WINDOWS\system32\vorbisenc.dll
H:\WINDOWS\system32\WMV9VCM.dll
H:\WINDOWS\system32\xvidcore.dll
H:\WINDOWS\system32\xvidvfw.dll
.
((((((((((((((((((((((((( Files Created from 2008-06-18 to 2008-07-18 )))))))))))))))))))))))))))))))
.
2008-07-17 16:29 . 2006-06-26 02:49 1,867,776 --a------ H:\WINDOWS\system32\python24.dll
2008-07-17 16:28 . 2008-07-18 07:28 5,120 --ahs---- H:\WINDOWS\system32\Thumbs.db
2008-07-17 14:23 . 2008-07-17 14:23 <DIR> d-------- H:\Program Files\Asprate
2008-07-16 15:10 . 2008-07-16 15:11 <DIR> d-------- H:\DVDVideoSoft
2008-07-16 15:09 . 2008-07-16 15:09 <DIR> d-------- H:\Program Files\DVDVideoSoft
2008-07-16 15:09 . 2008-07-16 15:09 <DIR> d-------- H:\Program Files\Common Files\DVDVideoSoft
2008-07-16 15:09 . 2002-01-05 15:37 344,064 --a------ H:\WINDOWS\system32\msvcr70.dll
2008-07-11 19:43 . 2008-07-15 22:22 <DIR> d-------- H:\Program Files\Belt Generator
2008-07-11 18:45 . 2008-07-11 18:50 <DIR> d-------- H:\Program Files\Valve
2008-07-04 20:20 . 2004-08-04 00:44 159,232 --a------ H:\WINDOWS\system32\ptpusd.dll
2008-07-04 20:20 . 2004-08-03 22:58 15,104 --a------ H:\WINDOWS\system32\drivers\usbscan.sys
2008-07-04 20:20 . 2004-08-03 22:58 15,104 --a--c--- H:\WINDOWS\system32\dllcache\usbscan.sys
2008-07-04 20:20 . 2001-10-26 17:29 5,632 --a------ H:\WINDOWS\system32\ptpusb.dll
2008-07-04 18:05 . 2008-07-04 18:05 <DIR> d-------- H:\Program Files\Common Files\Symantec Shared
2008-07-04 11:28 . 2008-07-16 18:00 <DIR> d-------- H:\Program Files\Norton Security Scan
2008-07-04 11:27 . 2008-07-04 11:28 <DIR> d-------- H:\WINDOWS\system32\Adobe
2008-07-03 19:56 . 2008-07-11 14:02 <DIR> d-------- H:\Program Files\TibiaCam TV Lite
2008-07-03 17:34 . 2008-07-12 06:19 <DIR> d-------- H:\Program Files\Tibia
2008-07-03 17:34 . 2008-07-07 15:29 <DIR> d-------- H:\Documents and Settings\Administrator\Dane aplikacji\Tibia
2008-07-02 19:25 . 2008-07-02 19:25 <DIR> d-------- H:\Program Files\DAEMON Tools Lite
2008-07-02 19:24 . 2008-07-02 19:24 <DIR> d-------- H:\Documents and Settings\Administrator\Dane aplikacji\DAEMON Tools
2008-07-02 19:24 . 2008-07-02 19:24 717,296 --a------ H:\WINDOWS\system32\drivers\sptd.sys
2008-07-02 08:37 . 2008-07-02 08:37 <DIR> d-------- H:\Program Files\ffdshow
2008-07-02 08:37 . 2008-06-22 20:33 499,712 --a------ H:\WINDOWS\system32\msvcp71.dll
2008-07-02 08:37 . 2008-06-22 20:33 348,160 --a------ H:\WINDOWS\system32\msvcr71.dll
2008-07-02 08:37 . 2008-06-22 20:33 60,273 --a------ H:\WINDOWS\system32\pthreadGC2.dll
2008-07-02 08:37 . 2008-06-22 20:33 7,680 --a------ H:\WINDOWS\system32\ff_vfw.dll
2008-07-02 08:37 . 2008-06-22 20:33 547 --a------ H:\WINDOWS\system32\ff_vfw.dll.manifest
2008-07-02 06:43 . 2008-07-14 20:22 <DIR> d-------- H:\Documents and Settings\Administrator\Dane aplikacji\gtk-2.0
2008-07-02 06:43 . 2008-07-02 06:43 <DIR> d-------- H:\Documents and Settings\Administrator\.thumbnails
2008-07-02 06:28 . 2008-07-02 06:28 <DIR> d-------- H:\Documents and Settings\All Users\Dane aplikacji\nView_Profiles
2008-07-01 21:03 . 2008-07-01 21:03 <DIR> d-------- H:\Documents and Settings\Administrator\Dane aplikacji\Apple Computer
2008-07-01 21:01 . 2008-07-01 21:01 <DIR> d-------- H:\Program Files\QuickTime
2008-07-01 21:01 . 2008-07-01 21:01 <DIR> d-------- H:\Program Files\Apple Software Update
2008-07-01 21:01 . 2008-07-01 21:01 <DIR> d-------- H:\Documents and Settings\All Users\Dane aplikacji\Apple Computer
2008-07-01 21:01 . 2008-07-01 21:01 <DIR> d-------- H:\Documents and Settings\All Users\Dane aplikacji\Apple
2008-07-01 20:45 . 2008-07-01 20:45 <DIR> d-------- H:\Documents and Settings\Administrator\Dane aplikacji\Gadu-Gadu
2008-07-01 20:40 . 2008-07-12 21:36 <DIR> d-------- H:\Documents and Settings\Administrator\Gadu-Gadu
2008-07-01 20:39 . 2008-07-05 08:34 <DIR> d-------- H:\Program Files\Gadu-Gadu
2008-07-01 17:09 . 2008-07-01 17:09 <DIR> d-------- H:\Program Files\MarBit
2008-07-01 08:24 . 2001-10-26 16:57 12,160 --a------ H:\WINDOWS\system32\drivers\mouhid.sys
2008-07-01 08:24 . 2001-10-26 16:57 12,160 --a--c--- H:\WINDOWS\system32\dllcache\mouhid.sys
2008-07-01 08:24 . 2001-08-17 22:02 9,600 --a------ H:\WINDOWS\system32\drivers\hidusb.sys
2008-07-01 08:24 . 2001-08-17 22:02 9,600 --a--c--- H:\WINDOWS\system32\dllcache\hidusb.sys
2008-07-01 08:21 . 2008-07-04 15:29 <DIR> d-------- H:\Program Files\EA SPORTS
2008-07-01 07:59 . 2008-07-01 08:01 <DIR> d-------- H:\Program Files\Winamp
2008-07-01 07:59 . 2008-07-01 08:01 <DIR> d-------- H:\Documents and Settings\Administrator\Dane aplikacji\Winamp
2008-07-01 07:19 . 2008-07-01 07:19 <DIR> d-------- H:\Automap
2008-07-01 06:51 . 2008-07-01 06:52 <DIR> d-------- H:\Program Files\GIMP-2.0
2008-06-30 22:37 . 2008-06-30 22:37 7,168 --ahs---- H:\WINDOWS\Thumbs.db
2008-06-30 22:20 . 2008-07-18 11:19 69 --a------ H:\WINDOWS\NeroDigital.ini
2008-06-30 22:10 . 2004-02-04 07:17 184,576 -ra------ H:\WINDOWS\system32\drivers\RTL8180.sys
2008-06-30 22:08 . 2008-06-30 22:08 <DIR> d-------- H:\Program Files\PLANET
2008-06-30 22:08 . 2003-11-26 14:40 159,744 --a------ H:\WINDOWS\system32\RtlLib.dll
2008-06-30 22:08 . 2003-11-18 09:27 155,648 --a------ H:\WINDOWS\system32\IpLib.dll
2008-06-30 22:08 . 2004-03-15 18:33 118,784 --a------ H:\WINDOWS\system32\WakeResDll.dll
2008-06-30 22:08 . 2004-03-29 09:45 118,784 --a------ H:\WINDOWS\system32\RtWLanRes.dll
2008-06-30 22:08 . 2003-10-16 20:20 110,592 --a------ H:\WINDOWS\system32\EnumDevLib.dll
2008-06-30 22:08 . 2002-10-02 08:57 13,532 --a------ H:\WINDOWS\system32\drivers\SjyPkt.sys
2008-06-30 22:08 . 2003-12-10 15:06 8,576 --a------ H:\WINDOWS\system32\drivers\EAPPkt.sys
2008-06-30 22:06 . 2008-06-30 22:06 <DIR> d-------- H:\Documents and Settings\All Users\Dane aplikacji\LightScribe
2008-06-30 22:05 . 2008-06-30 22:05 <DIR> d-------- H:\Program Files\Common Files\LightScribe
2008-06-30 22:04 . 2008-06-30 22:04 <DIR> d-------- H:\Documents and Settings\All Users\Dane aplikacji\Ahead
2008-06-30 22:04 . 2008-07-01 07:56 <DIR> d-------- H:\Documents and Settings\Administrator\Dane aplikacji\Ahead
2008-06-30 22:01 . 2008-06-30 22:01 <DIR> d-------- H:\Program Files\Nero
2008-06-30 22:01 . 2008-06-30 22:04 <DIR> d-------- H:\Program Files\Common Files\Ahead
2008-06-30 22:01 . 2008-06-30 22:01 <DIR> d-------- H:\Documents and Settings\All Users\Dane aplikacji\Nero
2008-06-30 20:34 . 2008-07-15 22:20 <DIR> d-------- H:\Program Files\WapSter
2008-06-30 20:34 . 2008-06-30 20:34 <DIR> d-------- H:\Documents and Settings\Administrator\WapSter
2008-06-30 20:33 . 2008-07-14 20:26 <DIR> d-------- H:\Documents and Settings\Administrator\.gimp-2.4
2008-06-30 20:27 . 2004-08-03 23:08 31,616 --a------ H:\WINDOWS\system32\drivers\usbccgp.sys
2008-06-30 20:27 . 2004-08-03 23:08 31,616 --a--c--- H:\WINDOWS\system32\dllcache\usbccgp.sys
2008-06-30 19:48 . 2008-06-30 19:48 0 --a------ H:\WINDOWS\nsreg.dat
2008-06-30 19:45 . 2008-06-30 19:45 <DIR> d-------- H:\Program Files\Lavalys
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-07-18 13:17 --------- d-----w H:\Program Files\ESET
2008-07-10 06:08 --------- d--h--w H:\Program Files\InstallShield Installation Information
2008-06-30 19:56 502,368 ----a-w H:\WINDOWS\system32\drivers\amon.sys
2008-06-30 19:56 270,336 ----a-w H:\WINDOWS\system32\imon.dll
2008-06-30 19:46 --------- d-----w H:\Documents and Settings\Administrator\Dane aplikacji\InstallShield
2008-06-30 19:41 15,600 ----a-w H:\WINDOWS\gdrv.sys
2008-06-30 19:40 315,392 ----a-w H:\WINDOWS\HideWin.exe
2008-06-30 19:40 --------- d-----w H:\Program Files\Realtek
2008-06-30 19:39 --------- d-----w H:\Program Files\Common Files\InstallShield
2008-06-30 19:31 --------- d-----w H:\Program Files\Yahoo!
2008-06-30 19:23 --------- d-----w H:\Program Files\microsoft frontpage
2008-06-30 19:22 --------- d-----w H:\Program Files\Usługi online
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="H:\WINDOWS\system32\ctfmon.exe" [2004-08-04 00:44 15360]
"LightScribe Control Panel"="H:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe" [2007-07-18 17:55 451872]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="H:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-06-01 10:21 153136]
"MSMSGS"="H:\Program Files\Messenger\msmsgs.exe" [2004-08-04 00:55 1667584]
"Gadu-Gadu"="H:\Program Files\Gadu-Gadu\gg.exe" [2008-03-20 12:04 2127296]
"DAEMON Tools Lite"="H:\Program Files\DAEMON Tools Lite\daemon.exe" [2008-04-01 11:39 486856]
"AQQ"="H:\PROGRA~1\WapSter\AQQ\AQQ.exe" [2007-02-28 14:18 2351864]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="H:\WINDOWS\system32\NvCpl.dll" [2007-09-16 19:07 8491008]
"NvMediaCenter"="H:\WINDOWS\system32\NvMcTray.dll" [2007-09-16 19:07 81920]
"nod32kui"="H:\Program Files\Eset\nod32kui.exe" [2008-06-30 21:56 921600]
"NeroFilterCheck"="H:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-01 15:57 153136]
"WinampAgent"="H:\Program Files\Winamp\winampa.exe" [2008-04-01 20:49 36352]
"QuickTime Task"="H:\Program Files\QuickTime\QTTask.exe" [2008-05-27 10:50 413696]
"RTHDCPL"="RTHDCPL.EXE" [2007-07-05 10:08 16380416 H:\WINDOWS\RTHDCPL.exe]
"SkyTel"="SkyTel.EXE" [2007-06-15 10:45 1826816 H:\WINDOWS\SkyTel.exe]
"nwiz"="nwiz.exe" [2007-09-16 19:07 1626112 H:\WINDOWS\system32\nwiz.exe]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="H:\WINDOWS\system32\CTFMON.EXE" [2004-08-04 00:44 15360]
H:\Documents and Settings\All Users\Menu Start\Programy\Autostart\
PLANET WL-8303.lnk - H:\Program Files\PLANET\WL-8303\RtlWake.exe [2008-06-30 22:08:57 720896]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"vidc.I420"= i263_32.drv
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
"UpdatesDisableNotify"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"H:\\Program Files\\WapSter\\AQQ\\AQQ.exe"=
"H:\\Program Files\\Tibia\\Tibia.exe"=
"H:\\PROGRA~1\\WapSter\\AQQ\\AQQ.exe"=
"J:\\Program Files\\Tibia\\Tibia.exe"=
"H:\\Documents and Settings\\Administrator\\Pulpit\\AQQ.exe"=
R2 EAPPkt;Realtek EAPPkt Protocol;H:\WINDOWS\system32\DRIVERS\EAPPkt.sys [2003-12-10 15:06]
R3 rtl8180;PLANET WL-8303 Wireless PCI Adapter NT Driver;H:\WINDOWS\system32\DRIVERS\RTL8180.SYS [2004-02-04 07:17]
*Newly Created Service* - CATCHME
*Newly Created Service* - PROCEXP90
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
"H:\Program Files\Common Files\LightScribe\LSRunOnce.exe"
.
Contents of the 'Scheduled Tasks' folder
"2008-07-17 12:45:00 H:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- H:\Program Files\Apple Software Update\SoftwareUpdate.exe
"2008-07-16 16:00:08 H:\WINDOWS\Tasks\Norton Security Scan.job"
- H:\Program Files\Norton Security Scan\Nss.exe
.
- - - - ORPHANS REMOVED - - - -
HKLM-Run-lsass.exe - H:\WINDOWS\lsass.exe
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-07-18 15:18:11
Windows 5.1.2600 Dodatek Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
lsass.exe = H:\WINDOWS\lsass.exe?????????????????????????????
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
PROCESS: H:\WINDOWS\system32\lsass.exe
-> H:\Program Files\Eset\pr_imon.dll
.
Completion time: 2008-07-18 15:18:32
ComboFix-quarantined-files.txt 2008-07-18 13:18:30
Pre-Run: 37,728,538,624 bajtów wolnych
Post-Run: 38,158,749,696 bajtów wolnych
209
HiJackThis
----------------
- Kod: Zaznacz wszystko
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:22:16, on 2008-07-18
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
H:\WINDOWS\System32\smss.exe
H:\WINDOWS\system32\winlogon.exe
H:\WINDOWS\system32\services.exe
H:\WINDOWS\system32\lsass.exe
H:\WINDOWS\system32\svchost.exe
H:\WINDOWS\System32\svchost.exe
H:\WINDOWS\system32\spoolsv.exe
H:\WINDOWS\RTHDCPL.EXE
H:\Program Files\Eset\nod32kui.exe
H:\Program Files\Winamp\winampa.exe
H:\Program Files\Common Files\LightScribe\LSSrvc.exe
H:\Program Files\Eset\nod32krn.exe
H:\WINDOWS\system32\nvsvc32.exe
H:\WINDOWS\system32\ctfmon.exe
H:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
H:\Program Files\Messenger\msmsgs.exe
H:\WINDOWS\system32\svchost.exe
H:\Program Files\PLANET\WL-8303\RtlWake.exe
H:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
H:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
H:\Documents and Settings\Administrator\Pulpit\AQQ.exe
H:\Program Files\Mozilla Firefox\firefox.exe
H:\WINDOWS\explorer.exe
H:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.daemon-search.com/default
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.yahoo.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - H:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_6_2_0.dll
O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - H:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_6_2_0.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE H:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE H:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [nod32kui] "H:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [NeroFilterCheck] H:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [WinampAgent] "H:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [QuickTime Task] "H:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [CTFMON.EXE] H:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LightScribe Control Panel] H:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "H:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [MSMSGS] "H:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Gadu-Gadu] "H:\Program Files\Gadu-Gadu\gg.exe" /tray
O4 - HKCU\..\Run: [DAEMON Tools Lite] "H:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [AQQ] H:\PROGRA~1\WapSter\AQQ\AQQ.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] H:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA LOKALNA')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] H:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA SIECIOWA')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] H:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] H:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: PLANET WL-8303.lnk = ?
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Program Files\Messenger\msmsgs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - H:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - H:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - H:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - H:\Program Files\Eset\nod32krn.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - H:\WINDOWS\system32\nvsvc32.exe
--
End of file - 4696 bytes
Proszę o szybką odpowiedź
