[Agmas]

witam.
chciałbym prosić o pomoc w analizie skanu hijack'a ponieważ nie znam się na tym.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:31:32, on 2009-11-09
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16915)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
C:\Program Files\PC Tools AntiVirus\PCTAVSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\CNYHKey.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\explorer.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: IEPluginBHO - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Documents and Settings\Andrzej\Dane aplikacji\Nowe Gadu-Gadu\_userdata\ggbho.1.dll
O4 - HKLM\..\Run: [CHotkey] mHotkey.exe
O4 - HKLM\..\Run: [ledpointer] CNYHKey.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Apache Software Foundation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: ForceWare IP service (nSvcIp) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PC Tools AntiVirus Engine (PCTAVSvc) - PC Tools Research Pty Ltd - C:\Program Files\PC Tools AntiVirus\PCTAVSvc.exe

--
End of file - 5589 bytes

[kris]

To na pewno

O4 - HKLM\..\Run: [CHotkey] mHotkey.exe
O4 - HKLM\..\Run: [ledpointer] CNYHKey.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE

co do tego jesli ci to przeszkadza to zapraszam Lektura

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

[Agmas]

bardzo dziękuję

[AdrianoFranco]

Witam
Chciałbym też prosić o pomoc w tej sprawie.


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:59:55, w 2009-12-16
Platforma: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C: \ WINDOWS \ System32 \ smss.exe
C: \ WINDOWS \ system32 \ csrss.exe
C: \ WINDOWS \ system32 \ winlogon.exe
C: \ WINDOWS \ system32 \ services.exe
C: \ WINDOWS \ system32 \ lsass.exe
C: \ WINDOWS \ system32 \ svchost.exe
C: \ WINDOWS \ system32 \ svchost.exe
C: \ WINDOWS \ system32 \ svchost.exe
C: \ WINDOWS \ system32 \ svchost.exe
C: \ WINDOWS \ system32 \ svchost.exe
C: \ Program Files \ Common Files \ Microsoft Shared \ ccSvcHst.exe
C: \ Program Files \ Software \ Avast4 \ aswUpdSv.exe
C: \ Program Files \ Software \ Avast4 \ ashServ.exe
C: \ WINDOWS \ Explorer.EXE
C: \ WINDOWS \ system32 \ RUNDLL32.EXE
C: \ WINDOWS \ system32 \ WF2K.EXE
C: \ WINDOWS \ ALCMTR.EXE
C: \ Program Files \ Google Desktop Search \ GoogleDesktop.exe
C: \ Program Files \ jre6 bin \ jusched.exe
C: \ Program Files \ Microsoft Office \ Office12 \ GrooveMonitor.exe
C: \ Program Files \ Common Files \ Microsoft Shared \ ccSvcHst.exe
C: \ Program Files \ Common Files \ InstallShield \ UpdateService \ isuspm.exe
C: \ Program Files \ Quick Search Box \ GoogleQuickSearchBox.exe
C: \ PROGRA ~ 1 \ ALWILS ~ 1 \ Avast4 \ ashDisp.exe
C: \ Program Files \ Spyware Doctor \ pctsTray.exe
C: \ WINDOWS \ system32 \ ctfmon.exe
C: \ Program Files \ Common Files \ LightScribe \ LightScribeControlPanel.exe
C: \ Program Files \ Common Files \ Lib \ NMBgMonitor.exe
C: \ Program Files \ Messenger \ msmsgs.exe
C: \ Program Files \ Google \ GoogleToolbarNotifier \ GoogleToolbarNotifier.exe
C: \ WINDOWS \ system32 \ spoolsv.exe
C: \ Program Files \ Skype \ Phone \ Skype.exe
C: \ Program Files \ Spybot - Search & Destroy \ teatimer.exe
C: \ Program Files \ Microsoft Office \ Office12 \ Onenotem.exe
C: \ WINDOWS \ system32 \ svchost.exe
C: \ Program Files \ LiveUpdate \ AluSchedulerSvc.exe
C: \ Program Files \ Spyware Doctor \ BDT \ BDTUpdateService.exe
C: \ Program Files \ jre6 \ bin \ jqs.exe
C: \ Program Files \ Common Files \ LightScribe \ LSSrvc.exe
C: \ WINDOWS \ system32 \ nvsvc32.exe
C: \ WINDOWS \ system32 \ PnkBstrA.exe
C: \ Program Files \ Spyware Doctor \ pctsAuxs.exe
C: \ Program Files \ Spyware Doctor \ pctsSvc.exe
C: \ Program Files \ \ Wtyczka Manager \ skypePM.exe
C: \ Program Files \ Software \ Avast4 \ ashMaiSv.exe
C: \ Program Files \ Software \ Avast4 \ ashWebSv.exe
C: \ Program Files \ Common Files \ Lib \ NMIndexingService.exe
C: \ Program Files \ Common Files \ Lib \ NMIndexStoreSvr.exe
C: \ WINDOWS \ system32 \ wbem \ wmiapsrv.exe
C: \ WINDOWS \ System32 \ alg.exe
C: \ WINDOWS \ system32 \ wuauclt.exe
C: \ WINDOWS \ system32 \ PnkBstrB.exe
C: \ Program Files \ Internet Explorer \ iexplore.exe
C: \ Program Files \ Internet Explorer \ iexplore.exe
C: \ Program Files \ Nowe Gadu-Gadu \ gg.exe
C: \ Program Files \ Nowe Gadu-Gadu \ spellchecker_gg.exe
C: \ Program Files \ Internet Explorer \ iexplore.exe
C: \ Program Files \ Internet Explorer \ iexplore.exe
C: \ Program Files \ Trend Micro \ HijackThis \ HijackThis.exe
C: \ WINDOWS \ system32 \ wbem \ Wmiprvse.exe
C: \ Program Files \ Skype \ Toolbars \ Shared \ SkypeNames.exe

R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = http://www.msn.pl
R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://www.onet.pl/
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Page_URL =

wyborcza.pl / 0,0. html? p = 020
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Start Page =

http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Start Page =

http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Window Title = Program Windows Internet

Explorer dostarczony przez Microsoft i partnerzy
R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Toolbar, LinksFolderName = Łącza
O2 - BHO: Adobe PDF Reader Link Helper - (06849E9F-C8D7-4D59-B87D-784B7D6BE0B3) --

C: \ Program Files \ Common Files \ Adobe \ Acrobat \ ActiveX \ AcroIEHelper.ocx
O2 - BHO: Skype add-on (mastermind) - (22BF413B-C6D2-4d91-82A9-A0F997BA588C) --

C: \ Program Files \ Skype \ Toolbars \ Internet Explorer \ SkypeIEPlugin.dll
O2 - BHO: Browser Defender BHO - (2A0F3D1B-0909-4FF4-B272-609CCE6054E7) - C: \ Program

Files \ Spyware Doctor \ BDT \ PCTBrowserDefender.dll
O2 - BHO: dymanet - (39f3528e-41cf-a302-19da-4490aa8deeb3) --

C: \ WINDOWS \ system32 \ b202cf7c-4fe9-2cf8-6403-10700d17d5e6.dll
O2 - BHO: Spybot-S & D IE Protection - (53707962-6F74-2D53-2644-206D7942484F) --

C: \ PROGRA ~ 1 \ SPYBOT ~ 1 \ SDHelper.dll
O2 - BHO: NCO 2.0 IE BHO - (602ADB0E-4AFF-4217-8AA1-95DAC4DFA408) - (no file)
O2 - BHO: Groove GFS Browser Helper - (72853161-30C5-4D22-B7F9-0BBC1D38A37E) --

C: \ Program Files \ Microsoft Office \ Office12 \ GrooveShellExtensions.dll
O2 - BHO: Java ™ Plug-In SSV Helper - (761497BB-D6F0-462C-B6EB-D4DAF1D92D43) --

C: \ Program Files \ jre6 \ bin \ ssv.dll
O2 - BHO: Google Toolbar Helper - (AA58ED58-01DD-4d91-8333-CF10577473F7) - C: \ Program

Files \ Google Toolbar \ GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - (AF69DE43-7D58-4638-B6FA-CE66B5AD205D) --

C: \ Program Files \ Google \ GoogleToolbarNotifier \ 5.4.4525.1752 \ swg.dll
O2 - BHO: Ask Toolbar BHO - (D4027C7F-154a-4066-A1AD-4243D8127440) - C: \ Program

Files \ Ask.com \ GenericAskToolbar.dll
O2 - BHO: Java ™ Plug-In 2 SSV Helper - (DBC80044-A445-435b-BC74-9C25C1C588A9) --

C: \ Program Files \ jre6 \ bin \ jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - (E7E6F031-17CE-4C07-BC86-EABFE594F69C) - C: \ Program

Files \ jre6 \ lib \ rozmieścić \ jqs \ ie \ jqs_plugin.dll
O2 - BHO: IEPluginBHO - (F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D) - C: \ Documents and

Settings \ Przemek \ Dane aplikacji \ Nowe Gadu-Gadu \ _userdata \ ggbho.1.dll
O3 - Toolbar: DAEMON Tools Toolbar - (32099AAC-C132-4136-9E9A-4E364A424E17) - C: \ Program

Files \ DAEMON Tools Toolbar \ DTToolbar.dll
O3 - Toolbar: & Tłumaczenie - (2F7DB8D7-9BE7-4666-901E-F380555BCAC7) - C: \ Program

Files \ Russkij Translator \ InternetTranslatorRusPol.dll
O3 - Toolbar: (no name) - (7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA) - (no file)
O3 - Toolbar: BearShare MediaBar - (D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A) - C: \ Program

Files \ BearShare Applications \ BearShare MediaBar \ BearShareMediaBar.dll
O3 - Toolbar: Ask Toolbar - (D4027C7F-154a-4066-A1AD-4243D8127440) - C: \ Program

Files \ Ask.com \ GenericAskToolbar.dll
O3 - Toolbar: Google Toolbar - (2318C2B1-4965-11d4-9B18-009027A5CD4F) - C: \ Program

Files \ Google Toolbar \ GoogleToolbar_32.dll
O3 - Toolbar: PC Tools Przeglądarka Guard - (472734EA-242A-422B-ADF8-83D1E48CC825) --

C: \ Program Files \ Spyware Doctor \ BDT \ PCTBrowserDefender.dll
O4 - HKLM \ .. \ Run: [NvMediaCenter] RUNDLL32.EXE C: \ WINDOWS \ system32 \ ctfmon.exe
O4 - HKLM \ .. \ Run: [avast!] Winampa.exe
O4 - HKLM \ .. \ Run: [NvMediaCenter] RUNDLL32.EXE

C: \ WINDOWS \ system32 \ ctfmon.exe
O4 - HKLM \ .. \ Run: [WinFoxV2] C: \ WINDOWS \ system32 \ WF2K.EXE początkowe
O4 - HKLM \ .. \ Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM \ .. \ Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM \ .. \ Run: [GEST] m? '| \ U?
O4 - HKLM \ .. \ Run: [avast!] C: \ Program Files \ Common Files \ Lib \ NeroCheck.exe
O4 - HKLM \ .. \ Run: [Google Desktop Search] "C: \ Program Files \ Google Desktop

Search \ GoogleDesktop.exe "/ startup
O4 - HKLM \ .. \ Run: [avast!] "C: \ Program Files \ jre6 bin \ jusched.exe"
O4 - HKLM \ .. \ Run: [PDF Converter Registry Controller] "C: \ Program Files \ PDF

Płyta \ RegistryController.exe "
O4 - HKLM \ .. \ Run: [GrooveMonitor] "C: \ Program Files \ Microsoft Office \ Office12 \ GrooveMonitor.exe"
O4 - HKLM \ .. \ Run: [avast!] "C: \ Program Files \ Common Files \ Microsoft Shared \ ccApp.exe"
O4 - HKLM \ .. \ Run: [avast!] "C: \ Program Files \ Adobe \ Reader

8.0 \ Reader \ Reader_sl.exe "
O4 - HKLM \ .. \ Run: [avast!] "C: \ Program Files \ Common

Files \ InstallShield \ UpdateService \ isuspm.exe "-scheduler
O4 - HKLM \ .. \ Run: [Google Quick Search Box] "C: \ Program Files \ Quick Search

Box \ GoogleQuickSearchBox.exe "/ autorun
O4 - HKLM \ .. \ Run: [avast!] C: \ PROGRA ~ 1 \ ALWILS ~ 1 \ Avast4 \ ashDisp.exe
O4 - HKLM \ .. \ Run: [Gadu-Gadu] "C: \ Program Files \ Winamp \ daemon.exe"
O4 - HKLM \ .. \ Run: [ISTray] "C: \ Program Files \ Spyware Doctor \ pctsTray.exe"
O4 - HKLM \ .. \ Run: [CTFMON.EXE] C: \ WINDOWS \ system32 \ ctfmon.exe
O4 - HKLM \ .. \ Run: [LightScribe Control Panel] C: \ Program Files \ Common

Files \ LightScribe \ LightScribeControlPanel.exe-hidden
O4 - HKLM \ .. \ Run: [BgMonitor_ (79662E04-7C6C-4d9f-84C7-88D8A56B10AA)] "C: \ Program

Files \ Common Files \ Lib \ NMBgMonitor.exe "
O4 - HKLM \ .. \ Run: [Skype] "C: \ Program Files \ Messenger \ msmsgs.exe" / background
O4 - HKLM \ .. \ Run: [Gadu-Gadu] "C: \ Program Files \ Google \ GoogleToolbarNotifier \ GoogleToolbarNotifier.exe"
O4 - HKLM \ .. \ Run: [RGSC] C: \ Program Files \ Rockstar Games \ Rockstar Games Social

Club \ RGSCLauncher.exe / cichy
O4 - HKLM \ .. \ Run: [Skype] "C: \ Program Files \ Skype \ Phone \ Skype.exe" / płytkę
O4 - HKLM \ .. \ Run: [CTFMON.EXE] C: \ Program Files \ Spybot - Search &

Destroy \ teatimer.exe
O4 - HKLM \ .. \ Run: [Shockwave Updater]

C: \ WINDOWS \ system32 \ Adobe \ SHOCKW ~ 1 \ SWHELP ~ 1.EXE-Update -1103472 - "Mozilla/4.0

(InfoPath.2 Windows NT 8.0, Windows NT 5.1; Trident/4.0; GTB6.3;;. NET CLR 2.0.50727;

. NET CLR 3.0.04506.30;. NET CLR 3.0.4506.2152;. NET CLR 3.5.30729; AskTB5.4) "

- "Http://www.miniclip.com/games/insane-ski-jump/en/"
O4 - HKLM \ S-1-5-19 \ .. \ Run: [CTFMON.EXE] C: \ WINDOWS \ system32 \ CTFMON.EXE (User

'USŁUGA LOKALNA')
O4 - HKLM \ S-1-5-20 \ .. \ Run: [CTFMON.EXE] C: \ WINDOWS \ system32 \ CTFMON.EXE (User

'USŁUGA SIECIOWA')
O4 - HKLM \ S-1-5-18 \ .. \ Run: [CTFMON.EXE] C: \ WINDOWS \ system32 \ CTFMON.EXE (User

'SYSTEM')
O4 - HKLM \. DEFAULT \ .. \ Run: [CTFMON.EXE] C: \ WINDOWS \ system32 \ CTFMON.EXE (User

'Default user')
O4 - Startup: Rejestracja. Lnk = K: \ Support \ EAregister.exe
O4 - Startup: Tworzenie wycinków ekranu i uruchamianie programu OneNote 2007.lnk = C: \ Program

Files \ Microsoft Office \ Office12 \ Onenotem.exe
O8 - Extra context menu item: E & ksportuj do programu Microsoft Excel --

res: / / C: \ PROGRA ~ 1 \ MICROS ~ 2 \ Office12 \ EXCEL.EXE/3000
O8 - Extra context menu item: E & ksport do programu Microsoft Excel --

res: / / C: \ PROGRA ~ 1 \ MICROS ~ 2 \ OFFICE11 \ EXCEL.EXE/3000
O8 - Extra context menu item: Funkcja Google Sidewiki - res: / / C: \ Program Files \

Toolbar \ Component \ GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
O8 - Extra context menu item: Otwórz PDF w programie Word - res: / / C: \ Program Files \ PDF

Płyta \ IEShellExt.dll / 100
O9 - Extra button: Wyślij do programu OneNote - (2670000A-7350-4f3c-8081-5663EE0C6C49) --

C: \ PROGRA ~ 1 \ MICROS ~ 2 \ Office12 \ ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Wyślij & do programu OneNote --

(2670000A-7350-4f3c-8081-5663EE0C6C49) - C: \ PROGRA ~ 1 \ MICROS ~ 2 \ Office12 \ ONBttnIE.dll
O9 - Extra button: ArcaVir>> - (40525A66-DB98-480D-BCF9-7AF88C1AF438) - C: \ Program

Files \ ArcaBit \ WebExtensions \ ie \ ArcaIEExt.dll (file missing)
O9 - Extra 'Tools' menuitem: ArcaVir>> - (40525A66-DB98-480D-BCF9-7AF88C1AF438) --

C: \ Program Files \ ArcaBit \ WebExtensions \ ie \ ArcaIEExt.dll (file missing)
O9 - Extra button: (no name) - (5067A26B-1337-4436-8AFE-EE169C2DA79F) - C: \ Program

Files \ Skype \ Toolbars \ Internet Explorer \ SkypeIEPlugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on dla Internet Explorer --

(5067A26B-1337-4436-8AFE-EE169C2DA79F) - C: \ Program Files \ Skype \ Toolbars \ Internet

Explorer \ SkypeIEPlugin.dll
O9 - Extra button: Skype - (77BF5300-1474-4EC7-9980-D32B190E9B07) - C: \ Program

Files \ Skype \ Toolbars \ Internet Explorer \ SkypeIEPlugin.dll
O9 - Extra button: Research - (92780B25-18CC-41C8-B9BE-3C9C571A8263) --

C: \ PROGRA ~ 1 \ MICROS ~ 2 \ Office12 \ REFIEBAR.DLL
O9 - Extra button: (no name) - (94C70A96-012C-4171-98FC-C1971511F20D) - C: \ Program

Files \ Russkij Translator \ InternetTranslatorRusPol.dll
O9 - Extra 'Tools' menuitem: @ C: \ Program Files \ Russkij Translator \ InternetTranslatorRusPol.dll, -103

- (94C70A96-012C-4171-98FC-C1971511F20D) - C: \ Program Files \ Russkij

Tłumacz \ InternetTranslatorRusPol.dll
O9 - Extra button: (no name) - (DFB852A3-47F8-48C4-A200-58CAB36FD2A2) --

C: \ PROGRA ~ 1 \ SPYBOT ~ 1 \ SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration --

(DFB852A3-47F8-48C4-A200-58CAB36FD2A2) - C: \ PROGRA ~ 1 \ SPYBOT ~ 1 \ SDHelper.dll
O9 - Extra button: (no name) - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network

Diagnostic \ xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @ xpsp3res.dll, -20001 - (e2e2dd38-d088-4134-82b7-f2ba38496583) --

C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe
O9 - Extra button: Messenger - (FB5F1910-F110-11d2-BB9E-00C04F795683) - C: \ Program

Files \ Messenger \ msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - (FB5F1910-F110-11d2-BB9E-00C04F795683) --

C: \ Program Files \ Messenger \ msmsgs.exe
O16 - Service: (1A781DED-C22D-4153-3213-A3211E29DF13) (GameDesire Card Games) --

http://cached.gamedesire.com/g_bin/pl/cards_2_0_0_77.cab
O16 - Service: (1E53EA77-34F2-474E-9046-B2B0C86F1821) (OggX Control) --

http://www.eska.pl/streamplayers/OggX.ocx
O16 - Service: (784797A8-342D-4072-9486-03C8D0F2F0A1) (Battlefield Heroes Updater) --

https: / / www.battlefieldheroes.com/static/updater/BFHUpdater_4.0.27.0.cab
O16 - Service: (BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B) (Zylom Games Player) --

http://game07.zylom.com/activex/zylomgamesplayer.cab
O16 - Service: (D27CDB6E-AE6D-11CF-96B8-444553540000) (Shockwave Flash Object) --

http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab
O18 - Protocol: grooveLocalGWS - (88FED34C-F0CA-4636-A375-3CB6248B04CD) - C: \ Program

Files \ Microsoft Office \ Office12 \ GrooveSystemServices.dll
O18 - Protocol: skype4com - (FFC8B962-9B40-4DFF-9458-1830C7DD7F5D) --

C: \ PROGRA ~ 1 \ COMMON ~ 1 \ Skype \ SKYPE4 ~ 1.DLL
O20 - AppInit_DLLs: C: \ PROGRA ~ 1 \ Google \ GOOGLE ~ 2 \ GOEC62 ~ 1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C: \ Program Files \

Software \ Avast4 \ aswUpdSv.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C: \ Program

Files \ LiveUpdate \ AluSchedulerSvc.exe
O23 - Service: avast! Antivirus - ALWIL Software - C: \ Program Files \

Software \ Avast4 \ ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C: \ Program Files \

Software \ Avast4 \ ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C: \ Program Files \

Software \ Avast4 \ ashWebSv.exe
O23 - Service: Browser Defender Update Service - Threat Expert Ltd. - C: \ Program Files \

Doctor \ BDT \ BDTUpdateService.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C: \ Program

Files \ Common Files \ Microsoft Shared \ ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C: \ Program

Files \ Common Files \ Microsoft Shared \ ccSvcHst.exe
O23 - Service: Menedżer Google Desktop 5.9.911.3589 (GoogleDesktopManager-110309-193829) --

Google - C: \ Program Files \ Google Desktop Search \ GoogleDesktop.exe
O23 - Service: Google Software Updater (gusvc) - Google - C: \ Program

Files \ Common \ Google Updater \ GoogleUpdaterService.exe
O23 - Service: Harmonogram automatycznej usługi LiveUpdate - Symantec Corporation --

C: \ Program Files \ LiveUpdate \ ALUSchedulerSvc.exe
O23 - Service: (NVSvc) - NVIDIA Corporation - C: \ Program

Files \ Common Files \ InstallShield \ Driver \ 11 \ Intel 32 \ IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc - C: \ Program

Files \ jre6 \ bin \ jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) --

Hewlett-Packard Company - C: \ Program Files \ Common Files \ LightScribe \ LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C: \ Program

Files \ LiveUpdate \ LuComServer_3_4.EXE
O23 - Service: NBService - Nero AG - C: \ Program Files \ Nero \ Nero 7 \ Nero BackItUp \ NBService.exe
O23 - Service: NMIndexingService - Nero AG - C: \ Program Files \ Common

Files \ Lib \ NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation --

C: \ WINDOWS \ system32 \ nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C: \ WINDOWS \ system32 \ PnkBstrA.exe
O23 - Service: PnkBstrB - ALWIL Software - C: \ WINDOWS \ system32 \ PnkBstrB.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C: \ Program Files \

Doctor \ pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C: \ Program Files \

Doctor \ pctsSvc.exe

--
End of file - 16167 bytes

[kris]

Na poczatek tak sie zastanawiam czy ci to potrzebne

C: \ Program Files \ Google Desktop Search \ GoogleDesktop.exe

C: \ Program Files \ Quick Search Box \ GoogleQuickSearchBox.exe

C: \ Program Files \ Google \ GoogleToolbarNotifier \ GoogleToolbarNotifier.exe

Progamy spyware po co tyle

C: \ Program Files \ Spyware Doctor \ pctsTray.exe

C: \ Program Files \ Spybot - Search & Destroy \ teatimer.exe

zostaw sobie jakis konkretny jeden

czy to potrzebne

O3 - Toolbar: & Tłumaczenie - (2F7DB8D7-9BE7-4666-901E-F380555BCAC7) - C: \ Program

Files \ Russkij Translator \ InternetTranslatorRusPol.dll

usunac

O3 - Toolbar: (no name) - (7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA) - (no file)

2 antywirusy po co masz tez avasta zdecyduj na jeden

(2670000A-7350-4f3c-8081-5663EE0C6C49) - C: \ PROGRA ~ 1 \ MICROS ~ 2 \ Office12 \ ONBttnIE.dll
O9 - Extra button: ArcaVir>> - (40525A66-DB98-480D-BCF9-7AF88C1AF438) - C: \ Program

Files \ ArcaBit \ WebExtensions \ ie \ ArcaIEExt.dll (file missing)
O9 - Extra 'Tools' menuitem: ArcaVir>> - (40525A66-DB98-480D-BCF9-7AF88C1AF438) --

C: \ Program Files \ ArcaBit \ WebExtensions \ ie \ ArcaIEExt.dll (file missing)

do czego to słuzy

C: \ Program Files \ Messenger \ msmsgs.exe
O16 - Service: (1A781DED-C22D-4153-3213-A3211E29DF13) (GameDesire Card Games) --

http://cached.gamedesire.com/g_bin/pl/cards_2_0_0_77.cab
O16 - Service: (1E53EA77-34F2-474E-9046-B2B0C86F1821) (OggX Control) --

http://www.eska.pl/streamplayers/OggX.ocx
O16 - Service: (784797A8-342D-4072-9486-03C8D0F2F0A1) (Battlefield Heroes Updater) --

https: / / www.battlefieldheroes.com/static/updater/BFHUpdater_4.0.27.0.cab
O16 - Service: (BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B) (Zylom Games Player) -

reszta jest o.k trochę pomieszane w programach ale to twój wybór co do reszty musisz zdecydować z czego chcesz skorzystać.Po wszystkim prosze o loga mieszcząc w tagach.

[AdrianoFranco]

Dziękuje bardzo za pomoc