Moja zawartość
to wynik pracy Combofix:
ComboFix 08-12-11.06 - Mariusz Hartman 2008-12-12 19:27:54.1 - FAT32x86
Microsoft Windows XP Professional 5.1.2600.1.1250.1.1045.18.129 [GMT 1:00]
Uruchomiony z: c:\documents and settings\Mariusz Hartman\Pulpit\ComboFix.exe
.
((((((((((((((((((((((((((((((((((((((( Usunięto )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\Gość\Dane aplikacji\install.dat
c:\documents and settings\Mariusz Hartman\Dane aplikacji\ICROSO~1
c:\documents and settings\Mariusz Hartman\Dane aplikacji\Install.dat
c:\documents and settings\Mariusz Hartman\Dane aplikacji\RACLE~1
c:\documents and settings\Mariusz Hartman\Moje dokumenty\SSTEM3~1
c:\program files\Common Files\fnts~1
c:\program files\Common Files\wnsxs~1
c:\program files\Common Files\wnsxs~1\W?nSxS\
c:\program files\INSTALL.LOG
c:\program files\Mozilla Firefox\plugins\NPMyGlSh.dll
c:\program files\pppatc~1
c:\program files\pppatc~1\wuaclt.exe
c:\windows\emdat.tm
c:\windows\start.exe
c:\windows\system32\dlh9jkdq1.exe
c:\windows\system32\dlh9jkdq2.exe
c:\windows\system32\dlh9jkdq5.exe
c:\windows\system32\dlh9jkdq6.exe
c:\windows\system32\dlh9jkdq7.exe
c:\windows\system32\icroso~1
c:\windows\system32\ksl48.bin
c:\windows\system32\sstem3~1
c:\windows\system32\sstem3~1\SSTEM3~1\ctxad-528.0000
c:\windows\system32\sstem3~1\SSTEM3~1\ctxad-528.0001
c:\windows\system32\sstem3~1\SSTEM3~1\ctxad-528.0002
c:\windows\system32\sstem3~1\SSTEM3~1\ctxad-528.0003
c:\windows\system32\sstem3~1\SSTEM3~1\ctxad-528.0004
c:\windows\system32\sstem3~1\SSTEM3~1\ctxad-528.0005
c:\windows\system32\sstem3~1\SSTEM3~1\ctxad-528.0006
c:\windows\system32\wnscpsu.exe
c:\windows\Web\default.htt
.
((((((((((((((((((((((((( Pliki utworzone od 2008-11-12 do 2008-12-12 )))))))))))))))))))))))))))))))
.
2008-12-07 12:57 . 2008-12-07 12:57 <DIR> d-------- C:\Intel
2008-12-06 20:45 . 2008-12-12 18:33 664 --a------ c:\windows\SYSTEM32\d3d9caps.dat
2008-12-06 20:44 . 2008-12-06 20:44 <DIR> d-------- c:\program files\SystemRequirementsLab
2008-12-04 21:44 . 2008-12-04 21:44 <DIR> dr------- c:\documents and settings\Mariusz Hartman\Dane aplikacji\Brother
2008-12-04 20:56 . 2008-12-04 20:56 <DIR> d--hs---- C:\FOUND.183
2008-12-04 20:28 . 2008-12-04 20:28 <DIR> d--hs---- C:\FOUND.182
2008-12-04 20:14 . 2008-12-04 20:14 <DIR> d--hs---- C:\FOUND.181
2008-12-04 19:47 . 2008-12-04 21:52 404 --a------ c:\windows\BRWMARK.INI
2008-12-04 19:47 . 2008-12-04 21:52 27 --a------ c:\windows\BRPP2KA.INI
2008-12-04 19:39 . 2008-12-04 19:55 50 --a------ c:\windows\SYSTEM32\bridf07a.dat
2008-12-04 19:38 . 2008-12-04 19:38 <DIR> d-------- c:\windows\SYSTEM32\DRVSTORE
2008-12-04 19:38 . 2007-02-02 14:22 55,808 --a------ c:\windows\SYSTEM32\brinsstr.dll
2008-12-04 19:37 . 2008-12-04 19:37 <DIR> d-------- c:\program files\Brother
2008-12-04 19:37 . 2007-02-15 13:54 131,072 --------- c:\windows\brunin03.dll
2008-12-04 19:36 . 2008-12-04 19:36 <DIR> d-------- c:\documents and settings\Mariusz Hartman\Dane aplikacji\InstallShield
2008-12-04 19:28 . 2008-12-04 19:28 <DIR> d-------- c:\documents and settings\All Users\Dane aplikacji\Brother
2008-11-29 13:56 . 2008-11-29 13:56 <DIR> d--hs---- C:\FOUND.180
2008-11-22 10:07 . 2008-11-22 10:07 <DIR> d-------- c:\documents and settings\Mariusz Hartman\Dane aplikacji\Onet
2008-11-22 10:07 . 2008-11-22 10:07 <DIR> d-------- c:\documents and settings\Mariusz Hartman\Dane aplikacji\MozillaControl
2008-11-22 10:07 . 2008-11-22 10:07 <DIR> d-------- c:\documents and settings\Mariusz Hartman\Dane aplikacji\Listonosz
2008-11-22 10:07 . 2008-11-22 10:07 <DIR> d-------- c:\documents and settings\Mariusz Hartman\Dane aplikacji\AutoUpdate
.
(((((((((((((((((((((((((((((((((((((((( Sekcja Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2060-08-18 18:02 1,496,064 ------w c:\windows\SYSTEM32\CC3250MT.DLL
2060-08-18 17:40 909,824 ------w c:\windows\SYSTEM32\CP3245MT.DLL
2008-12-05 13:04 5,852 --sha-w c:\windows\SYSTEM32\KGyGaAvL.sys
2008-11-09 10:28 --------- d-----w c:\documents and settings\xxx\Dane aplikacji\skypePM
2008-11-09 10:26 --------- d-----w c:\documents and settings\All Users\Dane aplikacji\Skype
2008-10-14 08:14 --------- d-----w c:\documents and settings\xxx\Dane aplikacji\Nowe Gadu-Gadu
2006-06-23 15:24 93,664 --sha-w c:\program files\Common Files\Y1304OU.exe
2006-06-22 21:24 248 ----a-w c:\documents and settings\Mariusz Hartman\n.bat
2006-06-21 12:22 248 ----a-w c:\documents and settings\xxx\n.bat
2006-06-19 12:50 128 ----a-w c:\documents and settings\xxx\dr.exe
2004-03-17 21:41 266 --sh--w c:\program files\desktop.ini
2004-03-17 21:41 11,232 ---h--w c:\program files\folder.htt
1998-04-30 13:56 129,024 ----a-w c:\program files\UNWISE.EXE
.
((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane
REGEDIT4
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SlowFile Icon Overlay]
@="{7D688A77-C613-11D0-999B-00C04FD655E1}"
[HKEY_CLASSES_ROOT\CLSID\{7D688A77-C613-11D0-999B-00C04FD655E1}]
2002-09-29 00:00 8365056 --a------ c:\windows\SYSTEM32\SHELL32.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Smapp"="c:\program files\Analog Devices\SoundMAX\Smtray.exe" [2002-03-19 90112]
"IgfxTray"="c:\windows\System32\igfxtray.exe" [2002-07-26 155648]
"HotKeysCmds"="c:\windows\System32\hkcmd.exe" [2002-07-26 114688]
"LXSUPMON"="c:\windows\System32\LXSUPMON.EXE" [2002-01-28 885760]
"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2002-09-29 208953]
"IMEKRMIG6.1"="c:\windows\ime\imkr6_1\IMEKRMIG.EXE" [2002-09-29 44032]
"MSPY2002"="c:\windows\System32\IME\PINTLGNT\ImScInst.exe" [2002-09-29 59392]
"avgnt"="c:\program files\AntiVir PersonalEdition Classic\avgnt.exe" [2008-07-19 266497]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2006-07-30 180269]
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Gtuufa"="c:\program files\?ppPatch\wuaclt.exe" [?]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2002-09-29 13312]
c:\documents and settings\xxx\Menu Start\Programy\Autostart\
OpenOffice.ux.pl 2.3.1.lnk - d:\open office\program\quickstart.exe [2007-12-07 17408]
c:\documents and settings\All Users\Menu Start\Programy\Autostart\
Raconfig.lnk - c:\program files\RALINK\RT2400 Wireless LAN Card\Installer\WINXP\RaConfig.exe [2008-09-01 479232]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.l3codecp"= l3codecp.acm
"vidc.ir41"= c:\windows\System32\ir41_32.ax
[HKLM\~\startupfolder\C:^Documents and Settings^Mariusz Hartman^Menu Start^Programy^Autostart^OpenOffice.ux.pl 2.3.1.lnk]
path=c:\documents and settings\Mariusz Hartman\Menu Start\Programy\Autostart\OpenOffice.ux.pl 2.3.1.lnk
backup=c:\windows\pss\OpenOffice.ux.pl 2.3.1.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
--a------ 2008-01-11 22:16 39792 e:\acrobat reader\Reader\reader_sl.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ares]
--a------ 2007-05-08 05:48 963072 d:\ares\Ares.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
--a------ 2002-09-29 00:00 13312 c:\windows\SYSTEM32\ctfmon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Desktop Architect]
--a------ 2001-05-07 18:35 53248 d:\program files\datray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search]
--a------ 2006-10-19 16:40 190464 c:\program files\Google\Google Desktop Search\GoogleDesktop.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
--a------ 2006-02-23 16:45 278528 d:\quicktime\iTunesHelper.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
--------- 2002-08-20 15:08 1511453 c:\program files\Messenger\msmsgs.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
--a------ 2001-07-09 10:50 155648 c:\windows\SYSTEM32\NeroCheck.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002A]
--a------ 2002-09-29 00:00 455168 c:\windows\SYSTEM32\IME\TINTLGNT\TINTSETP.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002ASync]
--a------ 2002-09-29 00:00 455168 c:\windows\SYSTEM32\IME\TINTLGNT\TINTSETP.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2006-08-18 22:43 98304 c:\program files\QuickTime\qttask.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
--a------ 2007-05-15 00:22 35328 d:\winamp\winampa.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SystemTray]
--a------ 2002-09-29 00:00 3072 c:\windows\SYSTEM32\systray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\setup\disabledrunkeys]
"LoadPowerProfile"=Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
R0 avgntmgr;avgntmgr;c:\windows\System32\drivers\avgntmgr.sys [2006-05-25 22336]
R1 avgntdd;avgntdd;c:\windows\System32\DRIVERS\avgntdd.sys [2006-05-25 45376]
R1 eusk2par;EUTRON SmartKey Parallel Driver;\??\c:\windows\System32\Drivers\eusk2par.sys [2006-07-25 24786]
R2 pgsql-8.2;PostgreSQL Database Server 8.2;"c:\program files\PostgreSQL\8.2\bin\pg_ctl.exe" runservice -N "pgsql-8.2" -D "c:\program files\PostgreSQL\8.2\data\" []
R3 RT2400;RT2400 Wireless Driver;c:\windows\System32\DRIVERS\RT2400.sys [2008-09-01 62848]
S3 AvFlt;Antivirus Filter Driver;c:\windows\System32\drivers\av5flt.sys []
S3 eusk3usb;SmartKey 3 USB;c:\windows\System32\Drivers\eusk3usb.sys [2006-07-25 45534]
S3 iMSPCLOj;iMSPCLOj;\??\c:\docume~1\xxx\USTAWI~1\Temp\iMSPCLOj.sys []
S3 MSSQL$BETASI;MSSQL$BETASI;c:\program files\Microsoft SQL Server\MSSQL$BETASI\Binn\sqlservr.exe -sBETASI []
S3 PCIDATA;PCIDATA;\??\F:\PCIDATA.sys []
S3 SQLAgent$BETASI;SQLAgent$BETASI;c:\program files\Microsoft SQL Server\MSSQL$BETASI\Binn\sqlagent.EXE -i BETASI []
.
- - - - USUNIĘTO PUSTE WPISY - - - -
URLSearchHooks-{8010C082-5531-2AEF-13D2-74F2C85117B8} - (no file)
Toolbar-{1E634697-3A49-47CA-89DF-C70E11F5C730} - (no file)
HKLM-Run-Onet.pl AutoUpdate - c:\program files\Common Files\Onet.pl\AutoUpdate.exe
HKLM-Run-iamapp - (no file)
HKU-Default-Run-Cctr - c:\progra~1\COMMON~1\WNSXS~1\ati2evxx.exe
Notify-= - (no file)
MSConfigStartUp-internat - internat.exe
.
------- Skan uzupełniający -------
.
uStart Page = hxxp://google.bearshare.com/pl/
uDefault_Search_URL = hxxp://ie.search.msn.com
mStart Page = hxxp://www.msn.com
uInternet Connection Wizard,ShellNext = iexplore
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Otwórz obraz w programie &Microsoft PhotoDraw - d:\micros~1\Office\1045\phdintl.dll/phdContext.htm
TCP: {B3FEE78A-72A3-4D9A-9CB8-B074C642A0BD} = 195.136.250.200,10.10.10.1
TCP: {F778DCEC-852D-44AD-876A-F06B36C9400A} = 10.10.10.1,213.172.186.4
O16 -: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
c:\windows\Downloaded Program Files\DirectAnimation Java Classes.osd
O16 -: Internet Explorer Classes for Java - file://c:\windows\SYSTEM\iejava.cab
c:\windows\Downloaded Program Files\Internet Explorer Classes for Java.osd
O16 -: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
c:\windows\Downloaded Program Files\Microsoft XML Parser for Java.osd
FF - ProfilePath - c:\documents and settings\Mariusz Hartman\Dane aplikacji\Mozilla\Firefox\Profiles\bb1wudes.default\
FF - plugin: c:\program files\Mozilla Firefox\plugins\NPCARDS.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npganymedenet.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\NPMyGlSh.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\NPPOKER.dll
FF - plugin: c:\program files\Odtwarzacz multimedialny\npdrmv2.dll
FF - plugin: c:\program files\Odtwarzacz multimedialny\npwmsdrm.dll
FF - plugin: d:\opera\Program\Plugins\npdrmv2.dll
FF - plugin: d:\opera\Program\Plugins\NPSWF32.dll
FF - plugin: d:\opera\Program\Plugins\npwmsdrm.dll
FF - plugin: d:\programy\Netscape6\nppl3260.dll
FF - plugin: d:\programy\Netscape6\nprjplug.dll
FF - plugin: d:\programy\Netscape6\nprpjplug.dll
FF - plugin: e:\acrobat reader\Reader\browser\nppdf32.dll
.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-12-12 19:32:34
Windows 5.1.2600 Dodatek Service Pack. 1 FAT NTAPI
skanowanie ukrytych procesów ...
skanowanie ukrytych wpisów autostartu ...
skanowanie ukrytych plików ...
skanowanie pomyślnie ukończone
ukryte pliki: 0
**************************************************************************
.
--------------------- Pliki DLL ładowane pod uruchomionymi procesami ---------------------
- - - - - - - > 'winlogon.exe'(464)
c:\windows\System32\ODBC32.dll
- - - - - - - > 'lsass.exe'(520)
c:\windows\System32\dssenh.dll
.
------------------------ Pozostałe uruchomione procesy ------------------------
.
c:\program files\ANTIVIR PERSONALEDITION CLASSIC\SCHED.EXE
c:\program files\ANTIVIR PERSONALEDITION CLASSIC\AVGUARD.EXE
c:\program files\POSTGRESQL\8.2\BIN\PG_CTL.EXE
c:\windows\SYSTEM32\PSISERVICE.EXE
c:\windows\SYSTEM32\WDFMGR.EXE
c:\program files\POSTGRESQL\8.2\BIN\POSTGRES.EXE
c:\program files\POSTGRESQL\8.2\BIN\POSTGRES.EXE
c:\program files\POSTGRESQL\8.2\BIN\POSTGRES.EXE
c:\program files\POSTGRESQL\8.2\BIN\POSTGRES.EXE
.
**************************************************************************
.
Czas ukończenia: 2008-12-12 19:35:01 - komputer został uruchomiony ponownie
ComboFix-quarantined-files.txt 2008-12-12 18:34:58
Przed: 1 027 428 352 bajtów wolnych
Po: 1,343,373,312 bajtów wolnych
WinXP_PL_PRO_BF.EXE
[boot loader]
timeout = 30
default = multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS = "Microsoft Windows XP Professional" /fastdetect
Co do Everesta:
W KARTA VIDEO PCI/AGP pojawia się "Intel Extreme Graphics"
w PROCESORZE GRAFICZNYM: Intel 82845G/GL/GV Graphics Controller
- Forum komputerowe
- → Przeglądanie profilu: Posty: mario425
Statystyki
- Grupa: Użytkownik
- Całość postów: 4
- Odwiedzin: 536
- Tytuł: Nowy
- Wiek: Wiek nie został ustalony
- Urodziny: Data urodzin nie została podana
-
Płeć
Nie podano
O mnie
-
Jaki posiadasz system operacyjny?
XP Professional
0
Neutralna
Moje posty
W temacie: Jak zmienić rozdzielczość ekranu w win xp
12 12 2008 - 20:39
W temacie: Jak zmienić rozdzielczość ekranu w win xp
12 12 2008 - 20:11
To co powstało po sprawdzeniu Hijackthis: <nie chcę sam nic usuwać>
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:08:04, on 2008-12-12
Platform: Windows XP Dodatek SP. 1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\PostgreSQL\8.2\bin\pg_ctl.exe
C:\Program Files\Analog Devices\SoundMAX\Smtray.exe
C:\WINDOWS\System32\PSIService.exe
C:\Program Files\PostgreSQL\8.2\bin\postgres.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\LXSUPMON.EXE
C:\Program Files\PostgreSQL\8.2\bin\postgres.exe
C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\PostgreSQL\8.2\bin\postgres.exe
C:\Program Files\PostgreSQL\8.2\bin\postgres.exe
C:\Program Files\RALINK\RT2400 Wireless LAN Card\Installer\WINXP\RaConfig.exe
E:\gg\Gadu-Gadu\gg.exe
C:\Program Files\Mozilla Firefox\firefox.exe
D:\Program Files\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://search.bearshare.com/sidebar.html?src=ssb
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.bearshare.com/sidebar.html?src=ssb
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.bearshare.com/sidebar.html?src=ssb
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.bearshare.com/pl/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.idg.pl
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.bearshare.com/sidebar.html?src=ssb
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Program Microsoft Internet Explorer dostarczony przez IDG.pl
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
R3 - URLSearchHook: (no name) - {8010C082-5531-2AEF-13D2-74F2C85117B8} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {31FF080D-12A3-439A-A2EF-4BA95A3148E8} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: (no name) - {1E634697-3A49-47CA-89DF-C70E11F5C730} - (no file)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: (no name) - {37B85A29-692B-4205-9CAD-2626E4993404} - (no file)
O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\Smtray.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [LXSUPMON] C:\WINDOWS\System32\LXSUPMON.EXE RUN
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [Onet.pl AutoUpdate] C:\Program Files\Common Files\Onet.pl\AutoUpdate.exe /tsr
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'USŁUGA LOKALNA')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'USŁUGA SIECIOWA')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Raconfig.lnk = C:\Program Files\RALINK\RT2400 Wireless LAN Card\Installer\WINXP\RaConfig.exe
O8 - Extra context menu item: Otwórz obraz w programie &Microsoft PhotoDraw - res://D:\MICROS~1\Office\1045\phdintl.dll/phdContext.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.idg.pl
O16 - DPF: {83AFB5CA-ED35-11D4-A452-0080C8D85045} (GameDesire Poker Games) - http://67.15.101.3/g_bin/pl/poker_2_0_0_39.cab
O16 - DPF: {C68AE9C0-0909-4DDC-B661-C1AFB9F5AE53} (IEHelperObject) - http://sexlista.vex.pl/kodeki/avicodec.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{B3FEE78A-72A3-4D9A-9CB8-B074C642A0BD}: NameServer = 195.136.250.200,10.10.10.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{F778DCEC-852D-44AD-876A-F06B36C9400A}: NameServer = 10.10.10.1,213.172.186.4
O20 - AppInit_DLLs: C:\WINDOWS\System32\services.dll C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - D:\Ares\chatServer.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: MSSQL$BETASI - Unknown owner - C:\Program Files\Microsoft SQL Server\MSSQL$BETASI\Binn\sqlservr.exe (file missing)
O23 - Service: MSSQLServerADHelper - Unknown owner - C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe (file missing)
O23 - Service: PostgreSQL Database Server 8.2 (pgsql-8.2) - PostgreSQL Global Development Group - C:\Program Files\PostgreSQL\8.2\bin\pg_ctl.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\System32\PSIService.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\Sptisrv.exe
O23 - Service: SQLAgent$BETASI - Unknown owner - C:\Program Files\Microsoft SQL Server\MSSQL$BETASI\Binn\sqlagent.EXE (file missing)
hmm...a propos Everestu: Jak wchodzę w EKRAN i kartę video Windows - to nie wyskakuje mi NIC. Pusto - szare tło...
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:08:04, on 2008-12-12
Platform: Windows XP Dodatek SP. 1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\PostgreSQL\8.2\bin\pg_ctl.exe
C:\Program Files\Analog Devices\SoundMAX\Smtray.exe
C:\WINDOWS\System32\PSIService.exe
C:\Program Files\PostgreSQL\8.2\bin\postgres.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\LXSUPMON.EXE
C:\Program Files\PostgreSQL\8.2\bin\postgres.exe
C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\PostgreSQL\8.2\bin\postgres.exe
C:\Program Files\PostgreSQL\8.2\bin\postgres.exe
C:\Program Files\RALINK\RT2400 Wireless LAN Card\Installer\WINXP\RaConfig.exe
E:\gg\Gadu-Gadu\gg.exe
C:\Program Files\Mozilla Firefox\firefox.exe
D:\Program Files\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://search.bearshare.com/sidebar.html?src=ssb
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.bearshare.com/sidebar.html?src=ssb
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.bearshare.com/sidebar.html?src=ssb
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.bearshare.com/pl/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.idg.pl
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.bearshare.com/sidebar.html?src=ssb
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Program Microsoft Internet Explorer dostarczony przez IDG.pl
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
R3 - URLSearchHook: (no name) - {8010C082-5531-2AEF-13D2-74F2C85117B8} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {31FF080D-12A3-439A-A2EF-4BA95A3148E8} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: (no name) - {1E634697-3A49-47CA-89DF-C70E11F5C730} - (no file)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: (no name) - {37B85A29-692B-4205-9CAD-2626E4993404} - (no file)
O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\Smtray.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [LXSUPMON] C:\WINDOWS\System32\LXSUPMON.EXE RUN
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [Onet.pl AutoUpdate] C:\Program Files\Common Files\Onet.pl\AutoUpdate.exe /tsr
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'USŁUGA LOKALNA')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'USŁUGA SIECIOWA')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Raconfig.lnk = C:\Program Files\RALINK\RT2400 Wireless LAN Card\Installer\WINXP\RaConfig.exe
O8 - Extra context menu item: Otwórz obraz w programie &Microsoft PhotoDraw - res://D:\MICROS~1\Office\1045\phdintl.dll/phdContext.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.idg.pl
O16 - DPF: {83AFB5CA-ED35-11D4-A452-0080C8D85045} (GameDesire Poker Games) - http://67.15.101.3/g_bin/pl/poker_2_0_0_39.cab
O16 - DPF: {C68AE9C0-0909-4DDC-B661-C1AFB9F5AE53} (IEHelperObject) - http://sexlista.vex.pl/kodeki/avicodec.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{B3FEE78A-72A3-4D9A-9CB8-B074C642A0BD}: NameServer = 195.136.250.200,10.10.10.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{F778DCEC-852D-44AD-876A-F06B36C9400A}: NameServer = 10.10.10.1,213.172.186.4
O20 - AppInit_DLLs: C:\WINDOWS\System32\services.dll C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - D:\Ares\chatServer.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: MSSQL$BETASI - Unknown owner - C:\Program Files\Microsoft SQL Server\MSSQL$BETASI\Binn\sqlservr.exe (file missing)
O23 - Service: MSSQLServerADHelper - Unknown owner - C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe (file missing)
O23 - Service: PostgreSQL Database Server 8.2 (pgsql-8.2) - PostgreSQL Global Development Group - C:\Program Files\PostgreSQL\8.2\bin\pg_ctl.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\System32\PSIService.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\Sptisrv.exe
O23 - Service: SQLAgent$BETASI - Unknown owner - C:\Program Files\Microsoft SQL Server\MSSQL$BETASI\Binn\sqlagent.EXE (file missing)
hmm...a propos Everestu: Jak wchodzę w EKRAN i kartę video Windows - to nie wyskakuje mi NIC. Pusto - szare tło...
W temacie: Jak zmienić rozdzielczość ekranu w win xp
12 12 2008 - 19:58
tylko, że to tak się zrobiło i jest cały czas.... poza tym nie mogę zlokalizować karty graficznej. <nie mam zielonego pojęcia o budowie komputera>. zainstalowalem everesta, ale nadal nie wiem jak zlokalizowac karte graficzna. jakies wskazowki?
- Forum Komputerowe Tweaks.pl
- → Przeglądanie profilu: Posty: mario425
- Polityka prywatności
- Szukaj
- Regulamin Forum ·
