mój problem polega na tym, że mam wirusy w internet temporry files. Mks mi wykrywa. Ale za nic nie mogę się dosta do tego folderu i usunąc jego zawartości... w opcjach folderów jak odznacze "ukryj chronione plikisystemu operacyjnego" to nawet po zastosuj od nowa się zaznacza ta opcja.. heh... trochę syfu się napewno nazbierało w tym tempie. no i w content.ie5 też... proszę o pomoc. a przy okazji czy może mi ktoś poleci dobrego antywirusa? Najlepiej darmowy:) ten mks już mnie denerwuje..Poniżej przedstawiam logi z ComboFix i HijackThis...
ComboFix:
- Kod: Zaznacz wszystko
Microsoft Windows XP Professional 5.1.2600.2.1250.1.1045.18.573 [GMT 2:00]
Running from: E:\download\ComboFix.exe
* Created a new restore point
[color=red][b]WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !![/b][/color]
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\autorun.inf
C:\WINDOWS\system32\amvo.exe
C:\WINDOWS\system32\amvo0.dll
C:\WINDOWS\system32\Dvbpws.dll
C:\WINDOWS\system32\setup.ini
D:\Autorun.inf
E:\Autorun.inf
.
((((((((((((((((((((((((( Files Created from 2008-05-21 to 2008-06-21 )))))))))))))))))))))))))))))))
.
2008-06-21 18:16 . 2008-06-21 18:16 <DIR> d-------- C:\WFDB
2008-06-21 18:16 . 2008-06-21 18:16 <DIR> d-------- C:\Program Files\WinFast
2008-06-21 18:09 . 2006-10-18 11:37 162,944 --a------ C:\WINDOWS\system32\drivers\cx88vid.sys
2008-06-21 18:09 . 2006-10-18 11:37 50,816 --a------ C:\WINDOWS\system32\drivers\cx88tune.sys
2008-06-21 18:09 . 2006-10-18 11:38 9,728 --a------ C:\WINDOWS\system32\drivers\cxavxbar.sys
2008-06-21 17:39 . 2008-06-21 17:40 0 --a------ C:\WINDOWS\wcx_ftp.ini
2008-06-21 17:37 . 2008-06-21 17:40 1,386 --a------ C:\WINDOWS\WINCMD.INI
2008-06-21 16:55 . 2008-06-21 16:55 323 --a------ C:\WINDOWS\system32\WFD_List.ini
2008-06-21 16:48 . 2004-08-03 23:10 15,360 --a------ C:\WINDOWS\system32\drivers\MPE.sys
2008-06-21 16:48 . 2004-08-03 23:10 15,360 --a------ C:\WINDOWS\system32\dllcache\mpe.sys
2008-06-21 16:43 . 2008-06-21 16:43 <DIR> d-------- C:\Documents and Settings\All Users\Dane aplikacji\Ulead Systems
2008-06-21 15:27 . 2004-08-04 00:44 363,520 --a------ C:\WINDOWS\system32\PsisDecd.dll
2008-06-21 15:27 . 2004-08-04 00:44 363,520 --a------ C:\WINDOWS\system32\dllcache\psisdecd.dll
2008-06-21 15:27 . 2004-08-04 00:44 56,832 --a------ C:\WINDOWS\system32\MSDvbNP.ax
2008-06-21 15:27 . 2004-08-04 00:44 56,832 --a------ C:\WINDOWS\system32\dllcache\msdvbnp.ax
2008-06-21 15:27 . 2004-08-04 00:44 33,280 --a------ C:\WINDOWS\system32\PsisRndr.ax
2008-06-21 15:27 . 2004-08-04 00:44 33,280 --a------ C:\WINDOWS\system32\dllcache\psisrndr.ax
2008-06-21 15:27 . 2004-08-04 00:44 18,432 --a------ C:\WINDOWS\system32\dllcache\bdaplgin.ax
2008-06-21 15:27 . 2004-08-04 00:44 18,432 --a------ C:\WINDOWS\system32\BdaPlgIn.ax
2008-06-21 15:27 . 2004-08-03 23:10 11,776 --a------ C:\WINDOWS\system32\drivers\BdaSup.sys
2008-06-21 15:27 . 2004-08-03 23:10 11,776 --a------ C:\WINDOWS\system32\dllcache\bdasup.sys
2008-06-20 19:03 . 2008-06-20 19:03 <DIR> d-------- C:\Program Files\Leadtek Research Inc
2008-06-17 09:02 . 2004-08-04 00:44 21,504 --a------ C:\WINDOWS\system32\hidserv.dll
2008-06-17 09:02 . 2004-08-04 00:44 21,504 --a------ C:\WINDOWS\system32\dllcache\hidserv.dll
2008-06-17 09:02 . 2001-10-26 16:57 12,160 --a------ C:\WINDOWS\system32\drivers\mouhid.sys
2008-06-17 09:02 . 2001-10-26 16:57 12,160 --a------ C:\WINDOWS\system32\dllcache\mouhid.sys
2008-06-17 09:02 . 2001-08-17 22:02 9,600 --a------ C:\WINDOWS\system32\drivers\hidusb.sys
2008-06-17 09:02 . 2001-08-17 22:02 9,600 --a------ C:\WINDOWS\system32\dllcache\hidusb.sys
2008-06-15 22:39 . <DIR> C:\Documents and Settings\KsiŽt‘•niczka
2008-06-15 16:48 . 2008-06-15 16:48 197 --a------ C:\WINDOWS\system32\MRT.INI
2008-06-15 13:57 . 2008-06-15 13:57 56 --ah----- C:\WINDOWS\system32\ezsidmv.dat
2008-06-15 13:55 . 2008-06-15 13:55 <DIR> d-------- C:\Program Files\Skype
2008-06-15 13:55 . 2008-06-15 13:55 <DIR> d-------- C:\Program Files\Common Files\Skype
2008-06-15 13:55 . 2008-06-15 13:55 <DIR> d-------- C:\Documents and Settings\All Users\Dane aplikacji\Skype
2008-06-15 11:29 . 2008-06-15 11:29 <DIR> d-------- C:\Program Files\GIMP-2.0
2008-06-15 11:24 . 2008-06-15 11:26 848 --ahs---- C:\WINDOWS\system32\KGyGaAvL.sys
2008-06-15 11:20 . 2008-06-15 11:20 721 --a------ C:\WINDOWS\unins000.dat
2008-06-14 20:58 . 2004-08-04 00:44 221,184 --a------ C:\WINDOWS\system32\wmpns.dll
2008-06-14 20:49 . 2006-08-21 11:14 128,896 --------- C:\WINDOWS\system32\dllcache\fltmgr.sys
2008-06-14 20:49 . 2006-08-21 11:14 23,040 --------- C:\WINDOWS\system32\dllcache\fltmc.exe
2008-06-14 20:49 . 2006-08-21 14:28 16,896 --------- C:\WINDOWS\system32\dllcache\fltlib.dll
2008-06-14 20:40 . 2008-06-14 20:40 <DIR> d-------- C:\Program Files\MSXML 4.0
2008-06-14 19:32 . 2008-06-14 19:32 <DIR> d-------- C:\Documents and Settings\KSINIC~1\.jpi_cache
2008-06-14 19:32 . 2008-06-14 19:32 <DIR> d-------- C:\Documents and Settings\KSINIC~1\.java
2008-06-14 19:32 . 2008-06-14 19:32 <DIR> d-------- C:\Documents and Settings\Ksi?niczka
2008-06-13 17:03 . 2007-07-09 15:11 584,192 --------- C:\WINDOWS\system32\dllcache\rpcrt4.dll
2008-06-13 16:51 . 2008-05-08 14:28 202,752 --------- C:\WINDOWS\system32\dllcache\rmcast.sys
2008-06-13 16:41 . 2008-04-14 17:53 273,024 --------- C:\WINDOWS\system32\drivers\bthport.sys
2008-06-13 16:41 . 2008-04-14 17:53 273,024 --------- C:\WINDOWS\system32\dllcache\bthport.sys
2008-06-13 14:14 . 2008-06-13 14:14 <DIR> d--h----- C:\WINDOWS\$hf_mig$
2008-06-12 18:53 . 2008-06-12 18:53 <DIR> d-------- C:\Program Files\SAGEM
2008-06-12 18:22 . 2008-06-12 18:22 0 --a------ C:\WINDOWS\nsreg.dat
2008-06-12 18:03 . 2008-06-12 18:03 <DIR> d-------- C:\Program Files\MKS
2008-06-12 18:00 . 2008-06-12 18:00 265 --a------ C:\WINDOWS\mks.bat
2008-06-10 19:50 . 2008-06-10 19:50 <DIR> d-------- C:\Program Files\neostrada tp
2008-06-09 12:25 . 2008-06-03 14:59 106,440 -r-hs---- C:\nby.bat
2008-06-07 16:47 . 2008-06-07 16:47 <DIR> d-------- C:\Program Files\Common Files\Adobe
2008-05-25 21:02 . 2008-05-25 21:02 83 --a------ C:\WINDOWS\WWP.INI
2008-05-23 10:59 . 2004-08-23 13:50 32,768 --a------ C:\WINDOWS\system32\WooDial2000.dll
2008-05-23 10:56 . 2008-05-23 10:56 <DIR> d-------- C:\Program Files\Java
2008-05-23 10:56 . 2006-06-02 17:38 425,984 --a------ C:\WINDOWS\system32\stmcfg32.dll
2008-05-23 10:56 . 2006-06-02 10:01 151,552 --a------ C:\WINDOWS\system32\stmctrl.dll
2008-05-23 10:56 . 2003-08-04 13:22 94,208 --a------ C:\WINDOWS\system32\W32n50.dll
2008-05-23 10:56 . 2002-11-01 20:15 45,175 --------- C:\WINDOWS\system32\plugincpl140_03.cpl
2008-05-23 10:56 . 2002-11-01 20:15 41,068 --------- C:\WINDOWS\system32\ActPanel.dll
2008-05-23 10:56 . 2003-08-04 13:22 16,128 --------- C:\WINDOWS\system32\PCANDIS5.SYS
2008-05-23 10:55 . 2008-05-23 10:55 <DIR> d--hs---- C:\WINDOWS\ftpcache
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-06-12 16:54 33 ----a-w C:\WINDOWS\system32\drivers\adidsl.cfg
2008-05-18 12:09 --------- d-----w C:\Program Files\Common Files\Ulead Systems
2008-05-08 12:28 202,752 ----a-w C:\WINDOWS\system32\drivers\RMCast.sys
2008-05-07 05:16 1,291,264 ----a-w C:\WINDOWS\system32\quartz.dll
2008-05-07 05:16 1,291,264 ------w C:\WINDOWS\system32\dllcache\quartz.dll
2008-04-21 07:04 662,016 ----a-w C:\WINDOWS\system32\wininet.dll
2008-04-21 07:04 662,016 ------w C:\WINDOWS\system32\dllcache\wininet.dll
2008-04-19 16:34 315,392 ----a-w C:\WINDOWS\HideWin.exe
2008-04-17 10:52 18,432 ------w C:\WINDOWS\system32\dllcache\iedw.exe
2008-03-25 04:52 621,344 ----a-w C:\WINDOWS\system32\mswstr10.dll
2008-03-25 04:52 621,344 ------w C:\WINDOWS\system32\dllcache\mswstr10.dll
2008-03-25 04:52 178,976 ----a-w C:\WINDOWS\system32\msjint40.dll
2008-03-25 04:52 178,976 ------w C:\WINDOWS\system32\dllcache\msjint40.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AutoConnect"="d:\Program Files\AutoConnect\AutoConnect.exe" [2004-08-28 20:27 295424]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 12:35 90112]
"RTHDCPL"="RTHDCPL.EXE" [2007-07-05 10:08 16380416 C:\WINDOWS\RTHDCPL.exe]
"SkyTel"="SkyTel.EXE" [2007-06-15 10:45 1826816 C:\WINDOWS\SkyTel.exe]
"DAEMON Tools-1033"="D:\Program Files\D-Tools\daemon.exe" [2004-08-22 17:05 81920]
"AdslTaskBar"="stmctrl.dll" [2006-06-02 10:01 151552 C:\WINDOWS\system32\stmctrl.dll]
"MKS_MENU"="d:\Program Files\MKS\Bin\mks_menu.exe" [2008-06-12 18:00 125952]
"ABREGMON"="D:\Program Files\MKS\Bin\ABregmon.exe" [2008-06-12 18:00 70656]
"WinampAgent"="d:\Program Files\Winamp\winampa.exe" [2003-12-13 02:50 33792]
"WinFastDTV"="C:\Program Files\WinFast\WFDTV\DTVSchdl.exe" [2007-11-16 16:13 90112]
"WinFast Schedule"="C:\Program Files\WinFast\WFDTV\WFWIZ.exe" [2007-11-15 15:55 2850816]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-03 22:44 15360]
C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\
Adobe Reader Speed Launch.lnk - D:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-24 07:05:26 29696]
DSLMON.lnk - C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe [2008-06-12 18:54:09 839680]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.YV12"= yv12vfw.dll
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\amva]
C:\WINDOWS\system32\amvo.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
--a------ 2006-03-10 16:15 1249280 C:\Program Files\Steam\Steam.exe
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
"UpdatesDisableNotify"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"d:\\Program Files\\Wapster\\AQQ\\AQQ.exe"=
"D:\\PROGRA~1\\Wapster\\AQQ\\AQQ.exe"=
"C:\\Program Files\\Skype\\Phone\\Skype.exe"=
R1 ABTDI;ABTDI;d:\Program Files\MKS\Bin\ABTDI.sys [2008-06-12 18:00]
R3 e4usbaw;USB ADSL2 WAN Adapter;C:\WINDOWS\system32\DRIVERS\e4usbaw.sys [2006-09-19 11:03]
R3 MksMonEn;MkS_Mon Kernel Engine;d:\Program Files\MKS\Bin\MksMonEn.sys [2008-06-12 18:00]
R3 MksMonEv;MkS_Mon Kernel Events;d:\Program Files\MKS\Bin\MksMonEv.sys [2008-06-12 18:00]
R3 MksMonFd;MkS_Mon Kernel Filter Driver;d:\Program Files\MKS\Bin\MksMonFd.sys [2008-06-12 18:00]
S2 IKANLOADER2;General Purpose USB Driver (e4ldr.sys);C:\WINDOWS\system32\Drivers\e4ldr.sys [2006-09-15 11:07]
S3 w200bus;Sony Ericsson W200 driver (WDM);C:\WINDOWS\system32\DRIVERS\w200bus.sys [2006-11-07 09:42]
S3 w200mdfl;Sony Ericsson W200 USB WMC Modem Filter;C:\WINDOWS\system32\DRIVERS\w200mdfl.sys [2006-11-07 09:42]
S3 w200mdm;Sony Ericsson W200 USB WMC Modem Driver;C:\WINDOWS\system32\DRIVERS\w200mdm.sys [2006-11-07 09:42]
S3 w200mgmt;Sony Ericsson W200 USB WMC Device Management Drivers (WDM);C:\WINDOWS\system32\DRIVERS\w200mgmt.sys [2006-11-07 09:42]
S3 w200obex;Sony Ericsson W200 USB WMC OBEX Interface;C:\WINDOWS\system32\DRIVERS\w200obex.sys [2006-11-07 09:42]
S3 WFIOCTL;WFIOCTL;d:\Program Files\WinFast\WFDTV\WFIOCTL.SYS []
S3 WFLR6654;WinFast TV2000 XP Global/Global TV (Video);C:\WINDOWS\system32\drivers\wfeaglxt.sys []
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\C]
\Shell\AutoRun\command - C:\nby.bat
\Shell\explore\Command - C:\nby.bat
\Shell\open\Command - C:\nby.bat
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\D]
\Shell\AutoRun\command - D:\nby.bat
\Shell\explore\Command - D:\nby.bat
\Shell\open\Command - D:\nby.bat
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\E]
\Shell\AutoRun\command - E:\nby.bat
\Shell\explore\Command - E:\nby.bat
\Shell\open\Command - E:\nby.bat
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\G]
\Shell\AutoRun\command - G:\Autorun.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3194a9da-3ad8-11dd-813e-4d6564696130}]
\Shell\AutoRun\command - H:\nby.bat
\Shell\explore\Command - H:\nby.bat
\Shell\open\Command - H:\nby.bat
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{6f588f8c-13a2-11dd-80d1-8bce68e7b33b}]
\Shell\AutoRun\command - H:\nby.bat
\Shell\explore\Command - H:\nby.bat
\Shell\open\Command - H:\nby.bat
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{6f588f8d-13a2-11dd-80d1-8bce68e7b33b}]
\Shell\AutoRun\command - I:\nby.bat
\Shell\explore\Command - I:\nby.bat
\Shell\open\Command - I:\nby.bat
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e46a197a-0efd-11dd-80cb-edce69984d3f}]
\Shell\AutoRun\command - H:\nby.bat
\Shell\explore\Command - H:\nby.bat
\Shell\open\Command - H:\nby.bat
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e46a197b-0efd-11dd-80cb-edce69984d3f}]
\Shell\AutoRun\command - I:\nby.bat
\Shell\explore\Command - I:\nby.bat
\Shell\open\Command - I:\nby.bat
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f0b05ad8-13ac-11dd-80d4-d6b736604127}]
\Shell\AutoRun\command - H:\nby.bat
\Shell\explore\Command - H:\nby.bat
\Shell\open\Command - H:\nby.bat
.
Contents of the 'Scheduled Tasks' folder
"2008-06-21 16:03:02 C:\WINDOWS\Tasks\MkSUpdate.job"
- d:\Program Files\MKS\bin\mks_upd.exe
.
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-06-21 18:30:00
Windows 5.1.2600 Dodatek Service Pack 2 FAT NTAPI
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
**************************************************************************
.
HijackThis:
- Kod: Zaznacz wszystko
Logfile of HijackThis v1.99.1
Scan saved at 16:09:17, on 2008-05-16
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
H:\instalki\hijackthis1.99.1\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://sms.orange.pl/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - F:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AtiPTA] atiptaxx.exe
O4 - HKLM\..\Run: [MKS_MENU] f:\Program Files\MKS\Bin\mks_menu.exe
O4 - HKLM\..\Run: [ABREGMON] F:\Program Files\MKS\Bin\ABregmon.exe
O4 - HKLM\..\Run: [WinampAgent] f:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [DAEMON Tools-1033] "F:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKCU\..\Run: [AutoConnect] f:\Program Files\AutoConnect\AutoConnect.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [amva] C:\WINDOWS\system32\amvo.exe
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://F:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - F:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {1A781DED-C22D-4153-3213-A3211E29DF13} (GameDesire Card Games) - http://67.15.101.33/g_bin/pl/cards_2_0_0_77.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{C379DEE5-330D-4B16-AC1B-04367BBBF62C}: NameServer = 194.204.159.1 217.98.63.164
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: ArcaBit NetMonitor (ABNetMon) - ArcaBit sp. z o.o. - f:\Program Files\MKS\Bin\NetMonSV.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: MkSUpdateInt - MkS Sp. z o. o. - f:\Program Files\MKS\bin\MkSUpdateInt.exe
O23 - Service: MkS_Vir Monitor (MksVirMonSvc) - Unknown owner - f:\Program Files\MKS\Bin\mksmonsv.exe
O23 - Service: MkS_Scan - Unknown owner - f:\Program Files\MKS\Bin\mks_scan.exe
