Regulamin forum
1. Każdy temat powinien odzwierciedlać treść wątku.2. W przypadku wklejania logów; należy je wykonać od razu przynajmniej z dwóch narzędzi: FRST oraz z GMER
3. Wszelkie logi proszę publikować na przeznaczonych do tego stronach a w poście wklejać tylko link.
4. Nie wskazane jest skracanie logów, należy wkleić cały - od początku, do końca.
5. Nie wskazane jest podczepianie się do tematów innych użytkowników - proszę założyć nowy temat w dziale Bezpieczeństwo, ułatwi to pomoc sprawdzającemu.
6. Osoby nie posiadające odpowiedniej wiedzy, nie powinny sprawdzać logów, ponieważ grozi to poważnym uszkodzeniem systemu lub aplikacji zainstalowanych na komputerze.
7. Należy dokładnie opisać problem, występujące objawy oraz wszelkie podjęte działania.
8. Każdy skrypt jest unikatowy, napisany dla każdego przypadku z osobna, więc nie może być stosowany przez innych.
9. W przypadku zamieszczenia zrzutu ekranu (screenshot'a) proszę korzystać z zewnętrznego serwisu oferującego hosting zdjęć.
[WOLNY NET 2MB ] Sprawdzenie Loga
01 Gru 2007, 15:39
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:37, on 2007-12-01
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\WarRock\System\Warrock.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Anti-Virus 6.0\avp.exe"
O4 - HKLM\..\Run: [CBitSpirit] "C:\Program Files\BitSpirit\BitSpirit.exe" /start
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Kalendarz XP.lnk = C:\Program Files\Kalendarz XP\Kalendarz.exe
O8 - Extra context menu item: Pobierz z &BitSpirit - C:\Program Files\BitSpirit\bsurl.htm
O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} (MksSkanerOnline Class) - http://www.mks.com.pl/skaner/SkanerOnline.cab
O18 - Protocol: bw+0 - {0EDA41B3-80AD-45ED-9ED6-7B83A1FAD6C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {0EDA41B3-80AD-45ED-9ED6-7B83A1FAD6C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {0EDA41B3-80AD-45ED-9ED6-7B83A1FAD6C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {0EDA41B3-80AD-45ED-9ED6-7B83A1FAD6C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {0EDA41B3-80AD-45ED-9ED6-7B83A1FAD6C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {0EDA41B3-80AD-45ED-9ED6-7B83A1FAD6C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {0EDA41B3-80AD-45ED-9ED6-7B83A1FAD6C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {0EDA41B3-80AD-45ED-9ED6-7B83A1FAD6C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {0EDA41B3-80AD-45ED-9ED6-7B83A1FAD6C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {0EDA41B3-80AD-45ED-9ED6-7B83A1FAD6C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {0EDA41B3-80AD-45ED-9ED6-7B83A1FAD6C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {0EDA41B3-80AD-45ED-9ED6-7B83A1FAD6C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {0EDA41B3-80AD-45ED-9ED6-7B83A1FAD6C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {0EDA41B3-80AD-45ED-9ED6-7B83A1FAD6C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {0EDA41B3-80AD-45ED-9ED6-7B83A1FAD6C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {0EDA41B3-80AD-45ED-9ED6-7B83A1FAD6C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {0EDA41B3-80AD-45ED-9ED6-7B83A1FAD6C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {0EDA41B3-80AD-45ED-9ED6-7B83A1FAD6C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {0EDA41B3-80AD-45ED-9ED6-7B83A1FAD6C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {0EDA41B3-80AD-45ED-9ED6-7B83A1FAD6C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {0EDA41B3-80AD-45ED-9ED6-7B83A1FAD6C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {0EDA41B3-80AD-45ED-9ED6-7B83A1FAD6C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {0EDA41B3-80AD-45ED-9ED6-7B83A1FAD6C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {0EDA41B3-80AD-45ED-9ED6-7B83A1FAD6C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {0EDA41B3-80AD-45ED-9ED6-7B83A1FAD6C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {0EDA41B3-80AD-45ED-9ED6-7B83A1FAD6C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {0EDA41B3-80AD-45ED-9ED6-7B83A1FAD6C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {0EDA41B3-80AD-45ED-9ED6-7B83A1FAD6C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {0EDA41B3-80AD-45ED-9ED6-7B83A1FAD6C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {0EDA41B3-80AD-45ED-9ED6-7B83A1FAD6C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {0EDA41B3-80AD-45ED-9ED6-7B83A1FAD6C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {0EDA41B3-80AD-45ED-9ED6-7B83A1FAD6C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {0EDA41B3-80AD-45ED-9ED6-7B83A1FAD6C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {0EDA41B3-80AD-45ED-9ED6-7B83A1FAD6C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {0EDA41B3-80AD-45ED-9ED6-7B83A1FAD6C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {0EDA41B3-80AD-45ED-9ED6-7B83A1FAD6C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {0EDA41B3-80AD-45ED-9ED6-7B83A1FAD6C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {0EDA41B3-80AD-45ED-9ED6-7B83A1FAD6C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {0EDA41B3-80AD-45ED-9ED6-7B83A1FAD6C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {0EDA41B3-80AD-45ED-9ED6-7B83A1FAD6C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {0EDA41B3-80AD-45ED-9ED6-7B83A1FAD6C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {0EDA41B3-80AD-45ED-9ED6-7B83A1FAD6C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {0EDA41B3-80AD-45ED-9ED6-7B83A1FAD6C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {0EDA41B3-80AD-45ED-9ED6-7B83A1FAD6C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {0EDA41B3-80AD-45ED-9ED6-7B83A1FAD6C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {0EDA41B3-80AD-45ED-9ED6-7B83A1FAD6C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {0EDA41B3-80AD-45ED-9ED6-7B83A1FAD6C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {0EDA41B3-80AD-45ED-9ED6-7B83A1FAD6C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {0EDA41B3-80AD-45ED-9ED6-7B83A1FAD6C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {0EDA41B3-80AD-45ED-9ED6-7B83A1FAD6C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {0EDA41B3-80AD-45ED-9ED6-7B83A1FAD6C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {0EDA41B3-80AD-45ED-9ED6-7B83A1FAD6C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {0EDA41B3-80AD-45ED-9ED6-7B83A1FAD6C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {0EDA41B3-80AD-45ED-9ED6-7B83A1FAD6C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {0EDA41B3-80AD-45ED-9ED6-7B83A1FAD6C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {0EDA41B3-80AD-45ED-9ED6-7B83A1FAD6C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {0EDA41B3-80AD-45ED-9ED6-7B83A1FAD6C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {0EDA41B3-80AD-45ED-9ED6-7B83A1FAD6C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {0EDA41B3-80AD-45ED-9ED6-7B83A1FAD6C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {0EDA41B3-80AD-45ED-9ED6-7B83A1FAD6C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {0EDA41B3-80AD-45ED-9ED6-7B83A1FAD6C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {0EDA41B3-80AD-45ED-9ED6-7B83A1FAD6C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {0EDA41B3-80AD-45ED-9ED6-7B83A1FAD6C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {0EDA41B3-80AD-45ED-9ED6-7B83A1FAD6C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {0EDA41B3-80AD-45ED-9ED6-7B83A1FAD6C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {0EDA41B3-80AD-45ED-9ED6-7B83A1FAD6C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {0EDA41B3-80AD-45ED-9ED6-7B83A1FAD6C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {0EDA41B3-80AD-45ED-9ED6-7B83A1FAD6C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {0EDA41B3-80AD-45ED-9ED6-7B83A1FAD6C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {0EDA41B3-80AD-45ED-9ED6-7B83A1FAD6C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {0EDA41B3-80AD-45ED-9ED6-7B83A1FAD6C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {0EDA41B3-80AD-45ED-9ED6-7B83A1FAD6C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {0EDA41B3-80AD-45ED-9ED6-7B83A1FAD6C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {0EDA41B3-80AD-45ED-9ED6-7B83A1FAD6C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {0EDA41B3-80AD-45ED-9ED6-7B83A1FAD6C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {0EDA41B3-80AD-45ED-9ED6-7B83A1FAD6C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {0EDA41B3-80AD-45ED-9ED6-7B83A1FAD6C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Kaspersky Anti-Virus 6.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Anti-Virus 6.0\avp.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
--
End of file - 14259 bytes
Scan saved at 14:37, on 2007-12-01
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\WarRock\System\Warrock.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Anti-Virus 6.0\avp.exe"
O4 - HKLM\..\Run: [CBitSpirit] "C:\Program Files\BitSpirit\BitSpirit.exe" /start
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Kalendarz XP.lnk = C:\Program Files\Kalendarz XP\Kalendarz.exe
O8 - Extra context menu item: Pobierz z &BitSpirit - C:\Program Files\BitSpirit\bsurl.htm
O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} (MksSkanerOnline Class) - http://www.mks.com.pl/skaner/SkanerOnline.cab
O18 - Protocol: bw+0 - {0EDA41B3-80AD-45ED-9ED6-7B83A1FAD6C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {0EDA41B3-80AD-45ED-9ED6-7B83A1FAD6C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {0EDA41B3-80AD-45ED-9ED6-7B83A1FAD6C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {0EDA41B3-80AD-45ED-9ED6-7B83A1FAD6C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {0EDA41B3-80AD-45ED-9ED6-7B83A1FAD6C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {0EDA41B3-80AD-45ED-9ED6-7B83A1FAD6C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {0EDA41B3-80AD-45ED-9ED6-7B83A1FAD6C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {0EDA41B3-80AD-45ED-9ED6-7B83A1FAD6C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {0EDA41B3-80AD-45ED-9ED6-7B83A1FAD6C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {0EDA41B3-80AD-45ED-9ED6-7B83A1FAD6C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {0EDA41B3-80AD-45ED-9ED6-7B83A1FAD6C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {0EDA41B3-80AD-45ED-9ED6-7B83A1FAD6C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {0EDA41B3-80AD-45ED-9ED6-7B83A1FAD6C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {0EDA41B3-80AD-45ED-9ED6-7B83A1FAD6C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {0EDA41B3-80AD-45ED-9ED6-7B83A1FAD6C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {0EDA41B3-80AD-45ED-9ED6-7B83A1FAD6C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {0EDA41B3-80AD-45ED-9ED6-7B83A1FAD6C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {0EDA41B3-80AD-45ED-9ED6-7B83A1FAD6C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {0EDA41B3-80AD-45ED-9ED6-7B83A1FAD6C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {0EDA41B3-80AD-45ED-9ED6-7B83A1FAD6C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {0EDA41B3-80AD-45ED-9ED6-7B83A1FAD6C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {0EDA41B3-80AD-45ED-9ED6-7B83A1FAD6C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {0EDA41B3-80AD-45ED-9ED6-7B83A1FAD6C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {0EDA41B3-80AD-45ED-9ED6-7B83A1FAD6C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {0EDA41B3-80AD-45ED-9ED6-7B83A1FAD6C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {0EDA41B3-80AD-45ED-9ED6-7B83A1FAD6C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {0EDA41B3-80AD-45ED-9ED6-7B83A1FAD6C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {0EDA41B3-80AD-45ED-9ED6-7B83A1FAD6C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {0EDA41B3-80AD-45ED-9ED6-7B83A1FAD6C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {0EDA41B3-80AD-45ED-9ED6-7B83A1FAD6C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {0EDA41B3-80AD-45ED-9ED6-7B83A1FAD6C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {0EDA41B3-80AD-45ED-9ED6-7B83A1FAD6C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {0EDA41B3-80AD-45ED-9ED6-7B83A1FAD6C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {0EDA41B3-80AD-45ED-9ED6-7B83A1FAD6C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {0EDA41B3-80AD-45ED-9ED6-7B83A1FAD6C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {0EDA41B3-80AD-45ED-9ED6-7B83A1FAD6C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {0EDA41B3-80AD-45ED-9ED6-7B83A1FAD6C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {0EDA41B3-80AD-45ED-9ED6-7B83A1FAD6C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {0EDA41B3-80AD-45ED-9ED6-7B83A1FAD6C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {0EDA41B3-80AD-45ED-9ED6-7B83A1FAD6C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {0EDA41B3-80AD-45ED-9ED6-7B83A1FAD6C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {0EDA41B3-80AD-45ED-9ED6-7B83A1FAD6C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {0EDA41B3-80AD-45ED-9ED6-7B83A1FAD6C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {0EDA41B3-80AD-45ED-9ED6-7B83A1FAD6C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {0EDA41B3-80AD-45ED-9ED6-7B83A1FAD6C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {0EDA41B3-80AD-45ED-9ED6-7B83A1FAD6C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {0EDA41B3-80AD-45ED-9ED6-7B83A1FAD6C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {0EDA41B3-80AD-45ED-9ED6-7B83A1FAD6C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {0EDA41B3-80AD-45ED-9ED6-7B83A1FAD6C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {0EDA41B3-80AD-45ED-9ED6-7B83A1FAD6C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {0EDA41B3-80AD-45ED-9ED6-7B83A1FAD6C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {0EDA41B3-80AD-45ED-9ED6-7B83A1FAD6C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {0EDA41B3-80AD-45ED-9ED6-7B83A1FAD6C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {0EDA41B3-80AD-45ED-9ED6-7B83A1FAD6C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {0EDA41B3-80AD-45ED-9ED6-7B83A1FAD6C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {0EDA41B3-80AD-45ED-9ED6-7B83A1FAD6C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {0EDA41B3-80AD-45ED-9ED6-7B83A1FAD6C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {0EDA41B3-80AD-45ED-9ED6-7B83A1FAD6C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {0EDA41B3-80AD-45ED-9ED6-7B83A1FAD6C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {0EDA41B3-80AD-45ED-9ED6-7B83A1FAD6C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {0EDA41B3-80AD-45ED-9ED6-7B83A1FAD6C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {0EDA41B3-80AD-45ED-9ED6-7B83A1FAD6C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {0EDA41B3-80AD-45ED-9ED6-7B83A1FAD6C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {0EDA41B3-80AD-45ED-9ED6-7B83A1FAD6C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {0EDA41B3-80AD-45ED-9ED6-7B83A1FAD6C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {0EDA41B3-80AD-45ED-9ED6-7B83A1FAD6C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {0EDA41B3-80AD-45ED-9ED6-7B83A1FAD6C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {0EDA41B3-80AD-45ED-9ED6-7B83A1FAD6C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {0EDA41B3-80AD-45ED-9ED6-7B83A1FAD6C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {0EDA41B3-80AD-45ED-9ED6-7B83A1FAD6C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {0EDA41B3-80AD-45ED-9ED6-7B83A1FAD6C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {0EDA41B3-80AD-45ED-9ED6-7B83A1FAD6C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {0EDA41B3-80AD-45ED-9ED6-7B83A1FAD6C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {0EDA41B3-80AD-45ED-9ED6-7B83A1FAD6C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {0EDA41B3-80AD-45ED-9ED6-7B83A1FAD6C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {0EDA41B3-80AD-45ED-9ED6-7B83A1FAD6C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {0EDA41B3-80AD-45ED-9ED6-7B83A1FAD6C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Kaspersky Anti-Virus 6.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Anti-Virus 6.0\avp.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
--
End of file - 14259 bytes
01 Gru 2007, 16:14
Odinstaluj Logitech Desktop z panelu sterowania->dodaj/usuń.
01 Gru 2007, 16:24
hmm ale to do kamerki sterowniki 
internetowej
odinstalowałem program net przyspieszył
nowy problem
znowu mi sie zrobiła NIEMIECKA KLAWIATURA
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:32, on 2007-12-01
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Gadu-Gadu\gg.exe
C:\Program Files\Kaspersky Anti-Virus 6.0\avp.exe
C:\Program Files\Kaspersky Anti-Virus 6.0\avp.exe
C:\Program Files\Kalendarz XP\Kalendarz.exe
C:\Program Files\BitSpirit\BitSpirit.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Common Files\Adobe\Installers\719d6f144d0c086a0dfa7ff76bb9ac1\Setup.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\msiexec.exe
C:\WINDOWS\system32\MsiExec.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Anti-Virus 6.0\avp.exe"
O4 - HKLM\..\Run: [CBitSpirit] "C:\Program Files\BitSpirit\BitSpirit.exe" /start
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Kalendarz XP.lnk = C:\Program Files\Kalendarz XP\Kalendarz.exe
O8 - Extra context menu item: Pobierz z &BitSpirit - C:\Program Files\BitSpirit\bsurl.htm
O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} (MksSkanerOnline Class) - http://www.mks.com.pl/skaner/SkanerOnline.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Kaspersky Anti-Virus 6.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Anti-Virus 6.0\avp.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
--
End of file - 2569 bytes
internetowej
odinstalowałem program net przyspieszył
nowy problem
znowu mi sie zrobiła NIEMIECKA KLAWIATURA
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:32, on 2007-12-01
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Gadu-Gadu\gg.exe
C:\Program Files\Kaspersky Anti-Virus 6.0\avp.exe
C:\Program Files\Kaspersky Anti-Virus 6.0\avp.exe
C:\Program Files\Kalendarz XP\Kalendarz.exe
C:\Program Files\BitSpirit\BitSpirit.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Common Files\Adobe\Installers\719d6f144d0c086a0dfa7ff76bb9ac1\Setup.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\msiexec.exe
C:\WINDOWS\system32\MsiExec.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Anti-Virus 6.0\avp.exe"
O4 - HKLM\..\Run: [CBitSpirit] "C:\Program Files\BitSpirit\BitSpirit.exe" /start
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Kalendarz XP.lnk = C:\Program Files\Kalendarz XP\Kalendarz.exe
O8 - Extra context menu item: Pobierz z &BitSpirit - C:\Program Files\BitSpirit\bsurl.htm
O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} (MksSkanerOnline Class) - http://www.mks.com.pl/skaner/SkanerOnline.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Kaspersky Anti-Virus 6.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Anti-Virus 6.0\avp.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
--
End of file - 2569 bytes
01 Gru 2007, 19:44
02 Gru 2007, 01:03
ComboFix 07-12-02.4 - VampirLord 2007-12-01 23:53:35.5 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1250.1.1045.18.1448 [GMT 1:00]
Running from: C:\Documents and Settings\VampirLord\Pulpit\ComboFix.exe
* Created a new restore point
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Program Files\myglobalsearch
.
((((((((((((((((((((((((( Files Created from 2007-11-02 to 2007-12-02 )))))))))))))))))))))))))))))))
.
2007-12-01 17:30 . 2007-12-01 17:32 <DIR> d-------- C:\Documents and Settings\VampirLord\Contacts
2007-12-01 17:17 . 2007-12-01 17:53 <DIR> d-------- C:\Program Files\MSN Messenger
2007-11-30 23:44 . 2007-11-30 23:44 <DIR> d-------- C:\Documents and Settings\LocalService\Dane aplikacji\Xfire
2007-11-30 23:25 . 2007-11-30 23:25 <DIR> d-------- C:\Documents and Settings\NetworkService\Dane aplikacji\Xfire
2007-11-29 23:46 . 2007-12-01 15:24 <DIR> d-------- C:\Program Files\Logitech
2007-11-29 23:46 . 2007-11-29 23:46 <DIR> d-------- C:\Documents and Settings\All Users\Dane aplikacji\Logitech
2007-11-29 23:27 . 2007-11-29 23:27 <DIR> d-------- C:\Program Files\Common Files\Skype
2007-11-29 23:27 . 2007-11-30 11:40 <DIR> d-------- C:\Documents and Settings\VampirLord\Dane aplikacji\skypePM
2007-11-29 23:27 . 2007-11-29 23:27 32 --a------ C:\Documents and Settings\All Users\Dane aplikacji\ezsid.dat
2007-11-29 16:29 . 2007-11-30 15:12 <DIR> d-------- C:\Program Files\WarRock
2007-11-29 16:29 . 2007-11-29 16:29 <DIR> d-------- C:\Documents and Settings\VampirLord\Dane aplikacji\InstallShield
2007-11-28 19:04 . 2007-12-01 21:56 103,736 --a------ C:\WINDOWS\system32\PnkBstrB.exe
2007-11-28 19:04 . 2007-12-01 21:57 22,328 --a------ C:\WINDOWS\system32\drivers\PnkBstrK.sys
2007-11-28 19:03 . 2007-12-01 18:11 <DIR> d-------- C:\WINDOWS\system32\LogFiles
2007-11-28 19:03 . 2007-11-28 19:03 66,872 --a------ C:\WINDOWS\system32\PnkBstrA.exe
2007-11-27 16:11 . 2007-11-27 15:43 684,377 --a------ C:\WINDOWS\unins000.exe
2007-11-27 16:11 . 2007-11-27 16:11 3,442 --a------ C:\WINDOWS\unins000.dat
2007-11-14 22:19 . 2007-11-14 22:20 <DIR> d-------- C:\Documents and Settings\All Users\Dane aplikacji\FLEXnet
2007-11-14 22:01 . 2007-12-01 15:34 <DIR> d-------- C:\Program Files\Common Files\Adobe
2007-11-13 19:40 . 2007-11-13 19:40 42 --a------ C:\WINDOWS\Zakk Wylde.pls
2007-11-13 19:40 . 2007-11-13 19:40 42 --a------ C:\WINDOWS\mdv736.pls
2007-11-11 20:33 . 1997-07-06 20:37 756,736 --------- C:\WINDOWS\system32\ir41_32.dll
2007-11-11 20:12 . 1996-11-06 19:11 69,632 --a------ C:\WINDOWS\RAUNINST.EXE
2007-11-11 19:48 . 2007-11-11 19:48 <DIR> d-------- C:\Program Files\RegSupreme Pro
2007-11-07 19:44 . 2007-11-07 19:44 <DIR> d-------- C:\Documents and Settings\All Users\Dane aplikacji\nView_Profiles
2007-11-07 16:14 . 2007-11-07 16:14 <DIR> d-------- C:\Program Files\AVIConverter
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-12-02 22:55 21,989,664 --sha-w C:\WINDOWS\system32\drivers\fidbox.dat
2007-12-02 22:55 1,239,840 --sha-w C:\WINDOWS\system32\drivers\fidbox2.dat
2007-12-01 22:21 --------- d-----w C:\Program Files\Kalendarz XP
2007-12-01 22:12 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\Kaspersky Lab
2007-12-01 21:42 301,004 --sha-w C:\WINDOWS\system32\drivers\fidbox.idx
2007-12-01 21:42 122,240 --sha-w C:\WINDOWS\system32\drivers\fidbox2.idx
2007-12-01 21:19 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\Spybot - Search & Destroy
2007-12-01 21:05 --------- d-----w C:\Program Files\NetMeter
2007-12-01 17:00 --------- d-----w C:\Program Files\Aegisub
2007-12-01 16:59 --------- d-----w C:\Program Files\AviSynth 2.5
2007-11-30 10:47 --------- d-----w C:\Documents and Settings\VampirLord\Dane aplikacji\Skype
2007-11-29 21:52 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\Skype
2007-11-29 15:29 --------- d--h--w C:\Program Files\InstallShield Installation Information
2007-11-26 12:35 --------- d-----w C:\Program Files\SkanerOnline
2007-11-26 12:09 --------- d-----w C:\Program Files\Gadu-Gadu
2007-11-26 12:04 --------- d-----w C:\Program Files\Opera
2007-11-12 18:05 --------- d-----w C:\Program Files\Common Files\Teleca Shared
2007-10-28 22:21 --------- d-----w C:\Documents and Settings\VampirLord\Dane aplikacji\Teleca
2007-10-28 22:19 6,176 ----a-w C:\WINDOWS\system32\drivers\w810cm.sys
2007-10-28 22:19 5,808 ----a-w C:\WINDOWS\system32\drivers\w810wh.sys
2007-10-28 22:08 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
2006-05-03 10:06 163,328 --sh--r C:\WINDOWS\system32\flvDX.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AVP"="C:\Program Files\Kaspersky Anti-Virus 6.0\avp.exe" [2007-03-09 19:50]
"CBitSpirit"="C:\Program Files\BitSpirit\BitSpirit.exe" [2007-08-10 22:09]
C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\
Kalendarz XP.lnk - C:\Program Files\Kalendarz XP\Kalendarz.exe [2007-07-10 23:33:06]
S3 usbscan;Sterownik skanera USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys
S3 USBSTOR;Sterownik magazynu masowego USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7ab395c3-8585-11dc-a0a3-0016176b877e}]
\Shell\AutoRun\command - G:\setupSNK.exe
.
Contents of the 'Scheduled Tasks' folder
"2007-11-30 16:15:00 C:\WINDOWS\Tasks\1-Click Maintenance.job"
- C:\Program Files\TuneUp Utilities 2007\SystemOptimizer.exe
"2007-09-24 06:06:00 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
.
**************************************************************************
catchme 0.3.1318 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-12-02 23:55:40
Windows 5.1.2600 Dodatek Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2007-12-03 0:02:32
.
--- E O F ---
Microsoft Windows XP Professional 5.1.2600.2.1250.1.1045.18.1448 [GMT 1:00]
Running from: C:\Documents and Settings\VampirLord\Pulpit\ComboFix.exe
* Created a new restore point
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Program Files\myglobalsearch
.
((((((((((((((((((((((((( Files Created from 2007-11-02 to 2007-12-02 )))))))))))))))))))))))))))))))
.
2007-12-01 17:30 . 2007-12-01 17:32 <DIR> d-------- C:\Documents and Settings\VampirLord\Contacts
2007-12-01 17:17 . 2007-12-01 17:53 <DIR> d-------- C:\Program Files\MSN Messenger
2007-11-30 23:44 . 2007-11-30 23:44 <DIR> d-------- C:\Documents and Settings\LocalService\Dane aplikacji\Xfire
2007-11-30 23:25 . 2007-11-30 23:25 <DIR> d-------- C:\Documents and Settings\NetworkService\Dane aplikacji\Xfire
2007-11-29 23:46 . 2007-12-01 15:24 <DIR> d-------- C:\Program Files\Logitech
2007-11-29 23:46 . 2007-11-29 23:46 <DIR> d-------- C:\Documents and Settings\All Users\Dane aplikacji\Logitech
2007-11-29 23:27 . 2007-11-29 23:27 <DIR> d-------- C:\Program Files\Common Files\Skype
2007-11-29 23:27 . 2007-11-30 11:40 <DIR> d-------- C:\Documents and Settings\VampirLord\Dane aplikacji\skypePM
2007-11-29 23:27 . 2007-11-29 23:27 32 --a------ C:\Documents and Settings\All Users\Dane aplikacji\ezsid.dat
2007-11-29 16:29 . 2007-11-30 15:12 <DIR> d-------- C:\Program Files\WarRock
2007-11-29 16:29 . 2007-11-29 16:29 <DIR> d-------- C:\Documents and Settings\VampirLord\Dane aplikacji\InstallShield
2007-11-28 19:04 . 2007-12-01 21:56 103,736 --a------ C:\WINDOWS\system32\PnkBstrB.exe
2007-11-28 19:04 . 2007-12-01 21:57 22,328 --a------ C:\WINDOWS\system32\drivers\PnkBstrK.sys
2007-11-28 19:03 . 2007-12-01 18:11 <DIR> d-------- C:\WINDOWS\system32\LogFiles
2007-11-28 19:03 . 2007-11-28 19:03 66,872 --a------ C:\WINDOWS\system32\PnkBstrA.exe
2007-11-27 16:11 . 2007-11-27 15:43 684,377 --a------ C:\WINDOWS\unins000.exe
2007-11-27 16:11 . 2007-11-27 16:11 3,442 --a------ C:\WINDOWS\unins000.dat
2007-11-14 22:19 . 2007-11-14 22:20 <DIR> d-------- C:\Documents and Settings\All Users\Dane aplikacji\FLEXnet
2007-11-14 22:01 . 2007-12-01 15:34 <DIR> d-------- C:\Program Files\Common Files\Adobe
2007-11-13 19:40 . 2007-11-13 19:40 42 --a------ C:\WINDOWS\Zakk Wylde.pls
2007-11-13 19:40 . 2007-11-13 19:40 42 --a------ C:\WINDOWS\mdv736.pls
2007-11-11 20:33 . 1997-07-06 20:37 756,736 --------- C:\WINDOWS\system32\ir41_32.dll
2007-11-11 20:12 . 1996-11-06 19:11 69,632 --a------ C:\WINDOWS\RAUNINST.EXE
2007-11-11 19:48 . 2007-11-11 19:48 <DIR> d-------- C:\Program Files\RegSupreme Pro
2007-11-07 19:44 . 2007-11-07 19:44 <DIR> d-------- C:\Documents and Settings\All Users\Dane aplikacji\nView_Profiles
2007-11-07 16:14 . 2007-11-07 16:14 <DIR> d-------- C:\Program Files\AVIConverter
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-12-02 22:55 21,989,664 --sha-w C:\WINDOWS\system32\drivers\fidbox.dat
2007-12-02 22:55 1,239,840 --sha-w C:\WINDOWS\system32\drivers\fidbox2.dat
2007-12-01 22:21 --------- d-----w C:\Program Files\Kalendarz XP
2007-12-01 22:12 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\Kaspersky Lab
2007-12-01 21:42 301,004 --sha-w C:\WINDOWS\system32\drivers\fidbox.idx
2007-12-01 21:42 122,240 --sha-w C:\WINDOWS\system32\drivers\fidbox2.idx
2007-12-01 21:19 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\Spybot - Search & Destroy
2007-12-01 21:05 --------- d-----w C:\Program Files\NetMeter
2007-12-01 17:00 --------- d-----w C:\Program Files\Aegisub
2007-12-01 16:59 --------- d-----w C:\Program Files\AviSynth 2.5
2007-11-30 10:47 --------- d-----w C:\Documents and Settings\VampirLord\Dane aplikacji\Skype
2007-11-29 21:52 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\Skype
2007-11-29 15:29 --------- d--h--w C:\Program Files\InstallShield Installation Information
2007-11-26 12:35 --------- d-----w C:\Program Files\SkanerOnline
2007-11-26 12:09 --------- d-----w C:\Program Files\Gadu-Gadu
2007-11-26 12:04 --------- d-----w C:\Program Files\Opera
2007-11-12 18:05 --------- d-----w C:\Program Files\Common Files\Teleca Shared
2007-10-28 22:21 --------- d-----w C:\Documents and Settings\VampirLord\Dane aplikacji\Teleca
2007-10-28 22:19 6,176 ----a-w C:\WINDOWS\system32\drivers\w810cm.sys
2007-10-28 22:19 5,808 ----a-w C:\WINDOWS\system32\drivers\w810wh.sys
2007-10-28 22:08 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
2006-05-03 10:06 163,328 --sh--r C:\WINDOWS\system32\flvDX.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AVP"="C:\Program Files\Kaspersky Anti-Virus 6.0\avp.exe" [2007-03-09 19:50]
"CBitSpirit"="C:\Program Files\BitSpirit\BitSpirit.exe" [2007-08-10 22:09]
C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\
Kalendarz XP.lnk - C:\Program Files\Kalendarz XP\Kalendarz.exe [2007-07-10 23:33:06]
S3 usbscan;Sterownik skanera USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys
S3 USBSTOR;Sterownik magazynu masowego USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7ab395c3-8585-11dc-a0a3-0016176b877e}]
\Shell\AutoRun\command - G:\setupSNK.exe
.
Contents of the 'Scheduled Tasks' folder
"2007-11-30 16:15:00 C:\WINDOWS\Tasks\1-Click Maintenance.job"
- C:\Program Files\TuneUp Utilities 2007\SystemOptimizer.exe
"2007-09-24 06:06:00 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
.
**************************************************************************
catchme 0.3.1318 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-12-02 23:55:40
Windows 5.1.2600 Dodatek Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2007-12-03 0:02:32
.
--- E O F ---
02 Gru 2007, 01:08
Dobra wtrącę tutaj bo coś mnie zainteresowało a nie chce zakładać nowego tematu.
Dobra czyli oprogramowanie Logitecha spowalnia działanie internetu ? Mam zainstalowane sterowniki do klawiatury bo bez nich nie działają dodatkowe przyciski.....
Dobra czyli oprogramowanie Logitecha spowalnia działanie internetu ? Mam zainstalowane sterowniki do klawiatury bo bez nich nie działają dodatkowe przyciski.....
02 Gru 2007, 01:15
nie sterowniki logitecha do kamerki odinstalowalem program do kamery i net przyspieszyl dziwne ale prawdziwe ...
klawiature mam standardowa 102/ps2 jak resetne kompa to znika niemiecka klawiatura
net znowu mi muli mam 2MB a ledwo mi torrent 30KB wyciaga ;(
nie wina SEEDOW/PEEOW bo jest ich od hu**
zapora(widosowska) mi powiedzial z blokowala mi Bitspirita odblokowalem i ciagle net wolny
HELP
klawiature mam standardowa 102/ps2 jak resetne kompa to znika niemiecka klawiatura
net znowu mi muli mam 2MB a ledwo mi torrent 30KB wyciaga ;(
nie wina SEEDOW/PEEOW bo jest ich od hu**
zapora(widosowska) mi powiedzial z blokowala mi Bitspirita odblokowalem i ciagle net wolny
HELP
02 Gru 2007, 11:37
Czysto.