x-kom hosting

Problem z internetem

astrIX
utworzono
utworzono (edytowane)

Witam,otóż mam problem z internetem.Posiadam 1MB z Neostrady i od ok.4dni mam potężne lagi i internet ogólnie bardzo wolno chodzi.W grach mam ping [b]150-1000ms[/b],skanowałem komputer w poszukiwaniu wirusów i owszem znalazł cos ale szybko skasował a problem dalej jest.Skanowałem również [b]combofixem[/b] lecz nic nie znalazł.Czy to coś z komputerem czy może dostawca ? Podam log z hijack'a

[log]Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:38:01, on 2010-03-22
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\WINDOWS\system32\fsproflt.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\WINDOWS\ZSSnp211.exe
C:\WINDOWS\Domino.exe
C:\PROGRA~1\NEOSTR~1\CnxMon.exe
C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe
C:\PROGRA~1\NEOSTR~1\TaskbarIcon.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\RocketDock\RocketDock.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\PROGRA~1\NEOSTR~1\NeostradaTP.exe
C:\PROGRA~1\NEOSTR~1\ComComp.exe
C:\PROGRA~1\NEOSTR~1\Watch.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Analog Devices\SoundMAX\smax4.exe
D:\Gry\Counter Strike Steam™\steam.exe
C:\Program Files\Teamspeak2_RC2\TeamSpeak.exe
d:\gry\counter strike steam™\steamapps\dr01_1710\counter-strike\hl.exe
D:\Gry\Counter Strike Steam™\GameOverlayUI.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = [url="http://szukaj.wp.pl"]http://szukaj.wp.pl[/url]
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [url="http://www.neostrada.pl"]http://www.neostrada.pl[/url]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [url="http://go.microsoft.com/fwlink/?LinkId=69157"]http://go.microsoft....k/?LinkId=69157[/url]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [url="http://go.microsoft.com/fwlink/?LinkId=54896"]http://go.microsoft....k/?LinkId=54896[/url]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [url="http://go.microsoft.com/fwlink/?LinkId=54896"]http://go.microsoft....k/?LinkId=54896[/url]
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\NEOSTR~1\SEARCH~1.DLL
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\ievkbd.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: Expressivo - {85F685C3-20D9-4943-95E4-EB4224056C3F} - C:\Program Files\ivo\Expressivo\integr\ih-iexplorer\IH_iexplorer.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (file missing)
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll (file missing)
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: StylerToolBar - {D2F8F919-690B-4EA2-9FA7-A203D1E04F75} - C:\Program Files\Styler\TB\StylerTB.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (file missing)
O3 - Toolbar: Expressivo - {85F685C3-20D9-4943-95E4-EB4224056C3F} - C:\Program Files\ivo\Expressivo\integr\ih-iexplorer\IH_iexplorer.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [ZSSnp211] C:\WINDOWS\ZSSnp211.exe
O4 - HKLM\..\Run: [Domino] C:\WINDOWS\Domino.exe
O4 - HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\NEOSTR~1\CnxMon.exe
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\NEOSTR~1\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\NEOSTR~1\TaskbarIcon.exe
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [SoundMax] "C:\Program Files\Analog Devices\SoundMAX\smax4.exe" /tray
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: McAfee Security Scan Plus.lnk = ?
O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Funkcja Google Sidewiki - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Web traffic protection statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\SCIEPlgn.dll
O9 - Extra button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{A90FE873-E64F-457A-94D0-E6CC44913E79}: NameServer = 194.204.159.1 194.204.152.34
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Kaspersky Anti-Virus (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Apache Software Foundation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
O23 - Service: FSPro Filter Service (fsproflt) - FSPro Labs - C:\WINDOWS\system32\fsproflt.exe
O23 - Service: Usługa Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe (file missing)
O23 - Service: Google Software Updater (gusvc) - Unknown owner - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (file missing)
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe
O23 - Service: ForceWare IP service (nSvcIp) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe

--
End of file - 11330 bytes
[/log]

[color="#ff0000"]//przenoszę do Bezpieczeństwa
//dan[/color]

Psycholandia
komentarz
komentarz

Daj loga z OTL.

astrIX
komentarz
komentarz

[quote]OTL logfile created on: 2010-03-23 09:52:53 - Run 1
OTL by OldTimer - Version 3.1.37.3 Folder = C:\Documents and Settings\Seba\Pulpit
Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

1 023,00 Mb Total Physical Memory | 432,00 Mb Available Physical Memory | 42,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 81,00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 102,77 Gb Total Space | 55,26 Gb Free Space | 53,77% Space Free | Partition Type: NTFS
Drive D: | 195,31 Gb Total Space | 108,17 Gb Free Space | 55,38% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: ASSEL-5E6F2ED4F
Current User Name: Seba
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2010-03-23 09:52:35 | 000,555,520 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Seba\Pulpit\OTL.exe
PRC - [2010-03-01 16:46:45 | 000,524,632 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
PRC - [2010-03-01 16:46:38 | 001,029,456 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
PRC - [2010-01-16 04:18:19 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla FireFOX\firefox.exe
PRC - [2009-07-20 12:30:50 | 000,813,584 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Logitech\SetPoint\SetPoint.exe
PRC - [2009-07-10 12:42:32 | 000,055,824 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.exe
PRC - [2009-06-29 15:57:12 | 000,198,160 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe
PRC - [2009-05-03 11:22:28 | 000,073,392 | ---- | M] (FSPro Labs) -- C:\WINDOWS\system32\fsproflt.exe
PRC - [2007-09-02 12:58:52 | 000,495,616 | ---- | M] () -- C:\Program Files\RocketDock\RocketDock.exe
PRC - [2007-04-06 11:06:58 | 000,057,344 | ---- | M] (ZSMCSNAP) -- C:\WINDOWS\ZSSnp211.exe
PRC - [2006-12-18 14:34:36 | 000,868,352 | R--- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\Core\smax4pnp.exe
PRC - [2006-08-18 16:58:14 | 000,049,152 | ---- | M] () -- C:\WINDOWS\Domino.exe
PRC - [2006-07-13 16:59:48 | 000,131,131 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
PRC - [2006-07-13 16:59:32 | 000,065,599 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
PRC - [2006-07-13 07:12:26 | 000,729,088 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\SoundMAX\SMax4.exe
PRC - [2006-04-03 18:04:02 | 000,020,543 | ---- | M] (Apache Software Foundation) -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe
PRC - [2004-08-03 23:44:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2004-04-13 05:07:18 | 000,069,632 | ---- | M] (InstallShield Software Corporation) -- C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
PRC - [2004-01-26 11:38:38 | 000,866,816 | ---- | M] (THOMSON Telecom Belgium) -- C:\Program Files\Thomson\SpeedTouch USB\dragdiag.exe
PRC - [2003-10-16 18:07:12 | 000,626,688 | ---- | M] (France Télécom R&D) -- C:\Program Files\Neostrada TP\NeostradaTP.exe
PRC - [2003-10-16 18:07:12 | 000,053,248 | ---- | M] (France Télécom R&D) -- C:\Program Files\Neostrada TP\TaskBarIcon.exe
PRC - [2003-10-16 18:07:12 | 000,020,480 | ---- | M] (France Télécom R&D) -- C:\Program Files\Neostrada TP\Watch.exe
PRC - [2003-10-16 18:07:10 | 000,200,704 | ---- | M] (France Télécom R&D) -- C:\Program Files\Neostrada TP\ComComp.exe
PRC - [2003-10-16 18:07:10 | 000,024,576 | ---- | M] () -- C:\Program Files\Neostrada TP\CnxMon.exe


[color=#E56717]========== Modules (SafeList) ==========[/color]

MOD - [2010-03-23 09:52:35 | 000,555,520 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Seba\Pulpit\OTL.exe
MOD - [2009-11-18 20:12:06 | 000,070,960 | ---- | M] (Stardock.net, Inc) -- C:\Program Files\Stardock\Object Desktop\IconPackager\iprepair.dll
MOD - [2009-07-20 12:29:06 | 000,045,584 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Logitech\SetPoint\lgscroll.dll
MOD - [2009-07-20 12:25:22 | 000,064,016 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Logitech\SetPoint\GameHook.dll
MOD - [2009-07-12 00:12:06 | 000,632,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcr80.dll
MOD - [2007-09-02 12:57:36 | 000,069,632 | ---- | M] () -- C:\Program Files\RocketDock\RocketDock.dll
MOD - [2006-05-03 21:53:54 | 000,174,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\framedyn.dll
MOD - [2004-08-03 23:42:34 | 001,050,624 | R--- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - File not found [Auto | Stopped] -- -- (gusvc)
SRV - File not found [Auto | Stopped] -- -- (gupdate) Usługa Google Update (gupdate)
SRV - [2010-03-01 16:46:38 | 001,029,456 | ---- | M] (Lavasoft) [Auto | Running] -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2009-07-21 11:59:10 | 000,208,616 | ---- | M] (Kaspersky Lab) [Auto | Running] -- C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe -- (AVP)
SRV - [2009-07-20 12:28:10 | 000,121,360 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV - [2009-07-16 10:50:33 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2009-05-03 11:22:28 | 000,073,392 | ---- | M] (FSPro Labs) [Auto | Running] -- C:\WINDOWS\system32\fsproflt.exe -- (fsproflt)
SRV - [2006-07-13 16:59:48 | 000,131,131 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe -- (nSvcIp)
SRV - [2006-07-13 16:59:32 | 000,065,599 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe -- (nSvcLog)
SRV - [2006-04-03 18:04:02 | 000,020,543 | ---- | M] (Apache Software Foundation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe -- (ForcewareWebInterface)
SRV - [2005-08-02 22:18:49 | 000,086,016 | ---- | M] (CACE Technologies) [On_Demand | Stopped] -- C:\Program Files\WinPcap\rpcapd.exe -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - [2010-01-12 05:03:33 | 010,276,768 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2009-11-14 16:45:51 | 000,064,160 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\Lbd.sys -- (Lbd)
DRV - [2009-10-20 14:58:38 | 000,023,512 | ---- | M] (Turtle Entertainment GmbH) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ESLvnic.sys -- (ESLvnic1)
DRV - [2009-09-23 13:12:31 | 000,226,832 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\klif.sys -- (KLIF)
DRV - [2009-09-23 13:12:31 | 000,033,808 | ---- | M] (Kaspersky Lab) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\klbg.sys -- (klbg)
DRV - [2009-09-22 14:37:20 | 000,721,904 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2009-06-17 17:56:32 | 000,028,560 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LUsbFilt.sys -- (LUsbFilt)
DRV - [2009-06-17 17:56:16 | 000,037,392 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LMouFilt.Sys -- (LMouFilt)
DRV - [2009-06-17 17:56:06 | 000,035,472 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2009-06-17 17:55:34 | 000,010,384 | ---- | M] (Logitech, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\LBeepKE.sys -- (LBeepKE)
DRV - [2009-06-17 17:55:18 | 000,020,240 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\L8042Kbd.sys -- (L8042Kbd)
DRV - [2008-09-26 18:01:00 | 000,101,376 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2008-08-14 06:57:42 | 000,074,720 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\adfs.sys -- (adfs)
DRV - [2008-07-21 16:34:36 | 000,121,872 | ---- | M] (Kaspersky Lab) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\kl1.sys -- (kl1)
DRV - [2008-06-05 17:37:54 | 000,043,792 | ---- | M] (FSPro Labs) [File_System | Boot | Running] -- C:\WINDOWS\System32\Drivers\FSPFltd.sys -- (FSProFilter)
DRV - [2008-04-30 16:06:48 | 000,024,592 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\klim5.sys -- (klim5)
DRV - [2007-12-13 10:17:58 | 001,472,000 | ---- | M] (ZSMC.Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ZS211.sys -- (ZSMC30x)
DRV - [2007-12-10 18:15:34 | 000,480,128 | ---- | M] (Vimicro Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\vvftav211.sys -- (vvftav211)
DRV - [2007-05-02 10:11:18 | 000,109,704 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_mdm.sys -- (ss_mdm)
DRV - [2007-05-02 10:11:18 | 000,015,112 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_mdfl.sys -- (ss_mdfl)
DRV - [2007-05-02 10:11:16 | 000,083,592 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bus.sys -- (ss_bus) SAMSUNG Mobile USB Device 1.0 driver (WDM)
DRV - [2007-01-16 02:09:06 | 000,293,888 | R--- | M] (Analog Devices, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ADIHdAud.sys -- (ADIHdAudAddService)
DRV - [2006-08-14 07:51:28 | 000,105,344 | R--- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\nvata.sys -- (nvata)
DRV - [2006-08-12 19:21:38 | 000,008,320 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\RenameMe.sys -- (RenameMe)
DRV - [2006-07-24 15:05:00 | 000,005,632 | ---- | M] () [File_System | System | Running] -- C:\WINDOWS\system32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2006-07-11 14:38:30 | 000,020,480 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2006-07-11 14:38:28 | 000,057,856 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2006-06-18 23:51:32 | 000,043,520 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2006-03-17 10:18:58 | 000,392,960 | R--- | M] (Sensaura) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\senfilt.sys -- (SenFiltService)
DRV - [2006-03-01 19:53:54 | 000,032,128 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\pcandis5.sys -- (PCANDIS5)
DRV - [2005-08-02 22:10:13 | 000,032,512 | ---- | M] (CACE Technologies) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\npf.sys -- (NPF)
DRV - [2004-10-27 15:21:36 | 000,138,240 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Hdaudbus.sys -- (HDAudBus)
DRV - [2004-08-12 01:00:00 | 000,005,810 | R--- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor)
DRV - [2004-08-03 21:59:52 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmnt.sys -- (nm)
DRV - [2004-04-30 09:37:02 | 000,160,640 | ---- | M] ( ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\a347bus.sys -- (a347bus)
DRV - [2004-04-30 09:33:00 | 000,005,248 | ---- | M] ( ) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\a347scsi.sys -- (a347scsi)
DRV - [2003-12-08 11:53:46 | 000,070,688 | ---- | M] (THOMSON) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\alcaudsl.sys -- (alcaudsl)
DRV - [2003-12-08 10:53:48 | 000,053,600 | ---- | M] (THOMSON) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\alcan5wn.sys -- (alcan5wn) SpeedTouch USB ADSL PPP Networking Driver (NDISWAN)
DRV - [2003-09-23 11:38:34 | 000,034,688 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\pcampr5.sys -- (PCAMPR5)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.neostrada.pl
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\..\URLSearchHook: {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\Neostrada TP\SearchPageURL.dll ()
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.startup.homepage: "www.google.pl"
FF - prefs.js..extensions.enabledItems: {8EE3A590-0E3F-4234-A41A-9F112F488999}:1.0
FF - prefs.js..extensions.enabledItems: {ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}:1.3
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {73a6fe31-595d-460b-a920-fcc0f8843232}:1.9.9.57
FF - prefs.js..extensions.enabledItems: pagehacker-nico@nc:1.2
FF - prefs.js..extensions.enabledItems: NPDyyno@dyyno.com:1.0.0.26
FF - prefs.js..extensions.enabledItems: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20091028
FF - prefs.js..extensions.enabledItems: {5c8bfb7c-9a54-11dc-8314-0800200c9a66}:3.6.3
FF - prefs.js..extensions.enabledItems: {241aae70-0022-11de-87af-0800200c9a66}:3.6.30.01.10
FF - prefs.js..extensions.enabledItems: nasanightlaunch@example.com:0.6.20100314
FF - prefs.js..network.proxy.type: 4

FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Program Files\RealPlayer\browserrecord [2009-06-29 15:57:19 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{3112ca9c-de6d-4884-a869-9855de68056c}: C:\Documents and Settings\All Users\Dane aplikacji\Google\Toolbar for Firefox\{3112ca9c-de6d-4884-a869-9855de68056c} [2009-12-31 14:35:44 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\FFToolbar@bitdefender.com: C:\Program Files\BitDefender\BitDefender 2010\bdaphffext\ [2010-03-03 15:00:11 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6\extensions\\Components: C:\Program Files\Mozilla FireFOX\components [2010-03-22 12:04:11 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6\extensions\\Plugins: C:\Program Files\Mozilla FireFOX\plugins [2010-03-22 15:07:40 | 000,000,000 | ---D | M]

[2009-06-28 12:31:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Seba\Dane aplikacji\Mozilla\Extensions
[2010-03-22 18:59:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Seba\Dane aplikacji\Mozilla\Firefox\Profiles\qzt5zc5y.default\extensions
[2010-02-08 17:15:33 | 000,000,000 | ---D | M] (Blue Fox) -- C:\Documents and Settings\Seba\Dane aplikacji\Mozilla\Firefox\Profiles\qzt5zc5y.default\extensions\{241aae70-0022-11de-87af-0800200c9a66}
[2009-06-28 14:01:03 | 000,000,000 | ---D | M] (Blue Fox) -- C:\Documents and Settings\Seba\Dane aplikacji\Mozilla\Firefox\Profiles\qzt5zc5y.default\extensions\{241aae70-0022-11de-87af-0800200c9a66}(2)
[2009-11-21 12:53:21 | 000,000,000 | ---D | M] (Bloody Red) -- C:\Documents and Settings\Seba\Dane aplikacji\Mozilla\Firefox\Profiles\qzt5zc5y.default\extensions\{2458abc0-f443-11dd-87af-0800200c9a66}
[2010-01-01 21:34:26 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Documents and Settings\Seba\Dane aplikacji\Mozilla\Firefox\Profiles\qzt5zc5y.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2010-02-22 12:00:53 | 000,000,000 | ---D | M] (Aero Fox) -- C:\Documents and Settings\Seba\Dane aplikacji\Mozilla\Firefox\Profiles\qzt5zc5y.default\extensions\{5c8bfb7c-9a54-11dc-8314-0800200c9a66}
[2010-03-20 17:57:43 | 000,000,000 | ---D | M] (NoScript) -- C:\Documents and Settings\Seba\Dane aplikacji\Mozilla\Firefox\Profiles\qzt5zc5y.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}
[2009-11-14 20:00:51 | 000,000,000 | ---D | M] (Bez Ĺšledzika) -- C:\Documents and Settings\Seba\Dane aplikacji\Mozilla\Firefox\Profiles\qzt5zc5y.default\extensions\{8EE3A590-0E3F-4234-A41A-9F112F488999}
[2010-03-22 12:34:41 | 000,000,000 | ---D | M] (WOT) -- C:\Documents and Settings\Seba\Dane aplikacji\Mozilla\Firefox\Profiles\qzt5zc5y.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2010-03-20 17:57:43 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\Seba\Dane aplikacji\Mozilla\Firefox\Profiles\qzt5zc5y.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2010-01-23 21:06:07 | 000,000,000 | ---D | M] (FoxTab) -- C:\Documents and Settings\Seba\Dane aplikacji\Mozilla\Firefox\Profiles\qzt5zc5y.default\extensions\{ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}
[2010-03-15 15:36:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Seba\Dane aplikacji\Mozilla\Firefox\Profiles\qzt5zc5y.default\extensions\nasanightlaunch@example.com
[2009-11-21 12:54:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Seba\Dane aplikacji\Mozilla\Firefox\Profiles\qzt5zc5y.default\extensions\pagehacker-nico@nc
[2010-02-22 12:01:00 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Seba\Dane aplikacji\Mozilla\Firefox\Profiles\qzt5zc5y.default\extensions\{5c8bfb7c-9a54-11dc-8314-0800200c9a66}\chrome\mac\browser\extensions
[2010-02-22 12:01:00 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Seba\Dane aplikacji\Mozilla\Firefox\Profiles\qzt5zc5y.default\extensions\{5c8bfb7c-9a54-11dc-8314-0800200c9a66}\chrome\mac\mozapps\extensions
[2010-02-22 12:01:00 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Seba\Dane aplikacji\Mozilla\Firefox\Profiles\qzt5zc5y.default\extensions\{5c8bfb7c-9a54-11dc-8314-0800200c9a66}\chrome\win\browser\extensions
[2010-02-22 12:01:00 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Seba\Dane aplikacji\Mozilla\Firefox\Profiles\qzt5zc5y.default\extensions\{5c8bfb7c-9a54-11dc-8314-0800200c9a66}\chrome\win\mozapps\extensions
[2009-09-22 14:39:48 | 000,002,399 | ---- | M] () -- C:\Documents and Settings\Seba\Dane aplikacji\Mozilla\Firefox\Profiles\qzt5zc5y.default\searchplugins\daemon-search.xml
[2010-03-22 18:59:55 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla FireFOX\extensions
[2008-11-11 08:38:54 | 000,663,552 | ---- | M] (BitComet) -- C:\Program Files\Mozilla FireFOX\plugins\npBitCometAgent.dll
[2010-01-16 02:08:36 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla FireFOX\searchplugins\allegro-pl.xml
[2010-01-16 02:08:36 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla FireFOX\searchplugins\fbc-pl.xml
[2010-01-16 02:08:36 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla FireFOX\searchplugins\merlin-pl.xml
[2010-01-16 02:08:36 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla FireFOX\searchplugins\pwn-pl.xml
[2010-01-16 02:08:36 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla FireFOX\searchplugins\wikipedia-pl.xml
[2010-01-16 02:08:36 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla FireFOX\searchplugins\wp-pl.xml

O1 HOSTS File: ([2009-09-24 16:59:52 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\ievkbd.dll (Kaspersky Lab)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (Expressivo) - {85F685C3-20D9-4943-95E4-EB4224056C3F} - C:\Program Files\ivo\Expressivo\integr\ih-iexplorer\IH_iexplorer.dll (IVO Software Sp. z o.o.)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll File not found
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll File not found
O3 - HKLM\..\Toolbar: (no name) - - No CLSID value found.
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll File not found
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKLM\..\Toolbar: (Expressivo) - {85F685C3-20D9-4943-95E4-EB4224056C3F} - C:\Program Files\ivo\Expressivo\integr\ih-iexplorer\IH_iexplorer.dll (IVO Software Sp. z o.o.)
O3 - HKLM\..\Toolbar: (StylerToolBar) - {D2F8F919-690B-4EA2-9FA7-A203D1E04F75} - C:\Program Files\Styler\TB\StylerTB.dll (StyleFantasist)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll File not found
O3 - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe (Lavasoft)
O4 - HKLM..\Run: [AVP] C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe (Kaspersky Lab)
O4 - HKLM..\Run: [Domino] C:\WINDOWS\Domino.exe ()
O4 - HKLM..\Run: [ISUSPM Startup] C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [ISUSScheduler] C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\WINDOWS\KHALMNPR.Exe (Logitech, Inc.)
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [SoundMax] C:\Program Files\Analog Devices\SoundMAX\smax4.exe (Analog Devices, Inc.)
O4 - HKLM..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.)
O4 - HKLM..\Run: [SpeedTouch USB Diagnostics] C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe (THOMSON Telecom Belgium)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [WooCnxMon] C:\Program Files\Neostrada TP\CnxMon.exe ()
O4 - HKLM..\Run: [WOOTASKBARICON] C:\Program Files\Neostrada TP\TaskBarIcon.exe (France Télécom R&D)
O4 - HKLM..\Run: [WOOWATCH] C:\Program Files\Neostrada TP\Watch.exe (France Télécom R&D)
O4 - HKLM..\Run: [ZSSnp211] C:\WINDOWS\ZSSnp211.exe (ZSMCSNAP)
O4 - HKCU..\Run: [RocketDock] C:\Program Files\RocketDock\RocketDock.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe (Logitech, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Web traffic protection statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\SCIEPlgn.dll (Kaspersky Lab)
O9 - Extra Button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-0014-0000-0003-ABCDEFFEDCBA} http://java.sun.com/products/plugin/autodl/jinstall-1_4_0_03-win.cab (Java Plug-in 1.4.0_03)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\klogon: DllName - C:\WINDOWS\system32\klogon.dll - C:\WINDOWS\system32\klogon.dll (Kaspersky Lab)
O20 - Winlogon\Notify\LBTWlgn: DllName - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll - c:\Program Files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O20 - Winlogon\Notify\WgaLogon: DllName - WgaLogon.dll - File not found
O21 - SSODL: IconPackager Repair - {1799460C-0BC8-4865-B9DF-4A36CD703FF0} - C:\Program Files\Stardock\Object Desktop\IconPackager\iprepair.dll (Stardock.net, Inc)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Seba\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Seba\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009-01-02 16:44:08 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (lsdelete) - C:\WINDOWS\System32\lsdelete.exe ()
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2010-03-23 09:52:34 | 000,555,520 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Seba\Pulpit\OTL.exe
[2010-03-22 16:55:46 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2010-03-22 16:42:10 | 000,000,000 | ---D | C] -- C:\Qoobox
[2010-03-22 12:39:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\McAfee
[2010-03-18 18:20:01 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Seba\Moje dokumenty\Moja muzyka
[2010-03-18 18:07:42 | 000,000,000 | ---D | C] -- C:\Program Files\ConvertHelper
[2010-03-18 18:00:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Seba\dwhelper
[2010-03-16 17:59:34 | 000,000,000 | ---D | C] -- C:\uspackja
[2010-03-07 18:02:37 | 000,000,000 | ---D | C] -- C:\Program Files\Lavalys
[2010-03-07 08:54:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Seba\Moje dokumenty\NFS SHIFT
[2010-03-05 20:24:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\Sun
[2010-03-05 20:22:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Sun
[2010-03-05 20:22:20 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2010-03-05 20:21:46 | 000,411,368 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deploytk.dll
[2010-03-05 20:21:46 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2010-03-05 20:21:46 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2010-03-05 20:21:46 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2010-03-05 20:21:46 | 000,073,728 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2010-03-05 20:19:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Seba\Dane aplikacji\Sun
[2010-03-04 20:12:18 | 000,000,000 | ---D | C] -- C:\Program Files\VDOWNLOADER
[2010-03-04 20:12:18 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\eBay
[2010-03-04 12:28:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Real
[2010-03-03 15:03:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Seba\Dane aplikacji\BitDefender
[2010-03-02 18:45:54 | 000,000,000 | ---D | C] -- C:\Program Files\BitDefender
[2010-03-02 18:45:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\BitDefender
[2010-03-02 18:43:23 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\BitDefender
[2010-03-02 17:37:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10
[2010-03-02 17:37:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Seba\Dane aplikacji\Gadu-Gadu 10
[2010-03-02 17:36:59 | 000,000,000 | ---D | C] -- C:\Program Files\Gadu-Gadu 10
[2010-03-01 19:07:12 | 000,000,000 | ---D | C] -- C:\Program Files\IDoser v4
[2010-03-01 18:34:52 | 000,000,000 | ---D | C] -- C:\Program Files\ProXoft
[2010-02-26 13:47:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Seba\Dane aplikacji\Publish Providers
[2010-02-26 13:47:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Seba\Ustawienia lokalne\Dane aplikacji\Sony
[2010-02-26 13:47:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Seba\Dane aplikacji\Sony
[2010-02-26 13:40:03 | 000,000,000 | ---D | C] -- C:\Program Files\Vstplugins
[2010-02-26 13:39:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Sony
[2010-02-26 13:39:42 | 000,000,000 | ---D | C] -- C:\Program Files\Sony
[2010-02-26 13:30:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\XPSViewer
[2010-02-26 13:30:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en-us
[2010-02-26 13:29:42 | 000,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies
[2010-02-26 13:29:23 | 000,014,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg2.dll
[2010-02-26 13:29:11 | 000,014,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg.dll
[2010-02-26 13:14:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Seba\Dane aplikacji\Sony Setup
[2010-02-26 13:14:15 | 000,000,000 | ---D | C] -- C:\Program Files\Sony Vegas Pro 8.0
[2010-02-25 12:47:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2010-02-23 18:27:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Seba\Dane aplikacji\Foxit
[2010-02-23 18:27:05 | 000,000,000 | ---D | C] -- C:\Program Files\Foxit Software
[2010-02-23 11:37:29 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\{1C533CDB-BAC7-4600-B3DE-0B628D9AC643}
[2009-12-31 11:29:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Microsoft
[2009-12-31 11:17:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Google
[2009-12-31 11:12:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Microsoft
[2009-12-31 11:12:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Google
[2009-12-26 14:02:26 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Dane aplikacji\Microsoft
[2009-01-02 17:55:43 | 000,160,640 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\a347bus.sys
[2009-01-02 17:55:43 | 000,005,248 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\a347scsi.sys
[2009-01-02 16:47:52 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Dane aplikacji\Microsoft
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\Documents and Settings\Seba\*.tmp files -> C:\Documents and Settings\Seba\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2010-03-23 09:52:35 | 000,555,520 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Seba\Pulpit\OTL.exe
[2010-03-23 09:38:28 | 000,272,244 | ---- | M] () -- C:\WINDOWS\System32\NvApps.xml
[2010-03-23 09:38:20 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010-03-23 09:38:18 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010-03-22 21:02:08 | 017,297,408 | ---- | M] () -- C:\Documents and Settings\Seba\NTUSER.DAT
[2010-03-22 21:02:06 | 008,107,040 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox.dat
[2010-03-22 21:02:06 | 001,425,440 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox2.dat
[2010-03-22 21:02:06 | 000,065,464 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox.idx
[2010-03-22 21:02:06 | 000,007,000 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox2.idx
[2010-03-22 16:52:31 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2010-03-22 16:20:16 | 003,897,377 | R--- | M] () -- C:\Documents and Settings\Seba\Pulpit\ComboFix.exe
[2010-03-22 15:25:42 | 000,000,927 | ---- | M] () -- C:\Documents and Settings\Seba\Moje dokumenty\Immunity_DUO.rar
[2010-03-22 12:32:37 | 000,029,770 | ---- | M] () -- C:\Documents and Settings\Seba\Pulpit\LUq.wpl
[2010-03-22 12:04:11 | 000,001,602 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Mozilla Firefox.lnk
[2010-03-21 21:49:33 | 000,001,137 | ---- | M] () -- C:\WINDOWS\win.ini
[2010-03-21 10:46:12 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010-03-20 16:46:37 | 000,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2010-03-17 19:33:54 | 000,000,293 | RHS- | M] () -- C:\boot.ini
[2010-03-17 19:24:22 | 000,000,122 | ---- | M] () -- C:\Documents and Settings\Seba\Moje dokumenty\zamykanie portow.reg
[2010-03-16 18:50:17 | 003,703,578 | -H-- | M] () -- C:\Documents and Settings\Seba\Ustawienia lokalne\Dane aplikacji\IconCache.db
[2010-03-15 17:10:50 | 000,062,608 | -H-- | M] () -- C:\WINDOWS\System32\anpcush.sys
[2010-03-13 21:55:34 | 000,000,188 | -HS- | M] () -- C:\Documents and Settings\Seba\ntuser.ini
[2010-03-12 18:02:38 | 000,261,632 | ---- | M] () -- C:\WINDOWS\PEV.exe
[2010-03-11 18:20:22 | 000,002,284 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010-03-08 14:39:55 | 000,070,656 | ---- | M] () -- C:\Documents and Settings\Seba\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-03-07 18:02:38 | 000,000,767 | ---- | M] () -- C:\Documents and Settings\Seba\Pulpit\EVEREST Home Edition.lnk
[2010-03-05 20:21:29 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deploytk.dll
[2010-03-05 20:21:29 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2010-03-05 20:21:29 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2010-03-05 20:21:29 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2010-03-05 20:21:29 | 000,073,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2010-03-05 19:39:39 | 000,003,823 | ---- | M] () -- C:\Documents and Settings\Seba\.plugin140_03.trace
[2010-03-03 14:22:15 | 000,000,376 | ---- | M] () -- C:\Documents and Settings\Seba\Dane aplikacjiprivacy.xml
[2010-03-03 13:56:56 | 000,000,052 | ---- | M] () -- C:\WINDOWS\System32\ashttpstats.csv
[2010-03-03 12:00:24 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\wsbl.dat
[2010-03-03 12:00:24 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\phar_unmip.dat
[2010-03-03 12:00:24 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\phar_histprot.dat
[2010-03-03 12:00:24 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\ph_white.dat
[2010-03-03 12:00:24 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\ph_summ.dat
[2010-03-03 12:00:24 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\ph_spoof.sig
[2010-03-03 12:00:24 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\ph_sign.slf
[2010-03-03 12:00:24 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\ph_fuzzy.sig
[2010-03-03 12:00:24 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\ph_black.dat
[2010-03-03 12:00:24 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\pcwords2.dat
[2010-03-03 12:00:24 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\pcwords.dat
[2010-03-03 12:00:24 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\pc_webproxy.dat
[2010-03-03 12:00:24 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\pc_video.dat
[2010-03-03 12:00:24 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\pc_tabloids.dat
[2010-03-03 12:00:24 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\pc_socialnetworks.dat
[2010-03-03 12:00:24 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\pc_sign.slf
[2010-03-03 12:00:24 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\pc_searchengines.dat
[2010-03-03 12:00:24 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\pc_regionaltlds.dat
[2010-03-03 12:00:24 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\pc_pornography.dat
[2010-03-03 12:00:24 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\pc_onlineshop.dat
[2010-03-03 12:00:24 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\pc_onlinepay.dat
[2010-03-03 12:00:24 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\pc_onlinedating.dat
[2010-03-03 12:00:24 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\pc_news.dat
[2010-03-03 12:00:24 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\pc_im.dat
[2010-03-03 12:00:24 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\pc_illegal.dat
[2010-03-03 12:00:24 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\pc_hate.dat
[2010-03-03 12:00:24 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\pc_games.dat
[2010-03-03 12:00:24 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\pc_gambling.dat
[2010-03-03 12:00:24 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\pc_drugs.dat
[2010-03-03 12:00:24 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\ab_sbl.sig
[2010-03-03 12:00:24 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\ab_bl.sig
[2010-03-01 16:49:30 | 000,015,688 | ---- | M] () -- C:\WINDOWS\System32\lsdelete.exe
[2010-02-26 17:37:03 | 002,151,776 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010-02-26 13:50:21 | 000,072,344 | ---- | M] () -- C:\Documents and Settings\Seba\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT
[2010-02-26 13:47:13 | 000,009,728 | ---- | M] () -- C:\WINDOWS\System32\BASSMOD.dll
[2010-02-26 13:40:08 | 000,001,621 | ---- | M] () -- C:\Documents and Settings\Seba\Pulpit\Vegas Pro 8.0.lnk
[2010-02-26 13:34:10 | 001,105,074 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010-02-26 13:34:10 | 000,497,552 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat
[2010-02-26 13:34:10 | 000,438,960 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010-02-26 13:34:10 | 000,088,642 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat
[2010-02-26 13:34:10 | 000,071,046 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010-02-25 12:07:29 | 000,009,278 | ---- | M] () -- C:\WINDOWS\System32\ocx32
[2010-02-24 19:59:16 | 000,095,744 | ---- | M] () -- C:\WINDOWS\System32\firefoxS.dll
[2010-02-24 19:57:04 | 000,108,544 | ---- | M] () -- C:\WINDOWS\System32\PwS.dll
[2010-02-24 19:55:30 | 000,180,736 | ---- | M] () -- C:\WINDOWS\System32\Optix_ScreenCapS.dll
[2010-02-24 19:54:57 | 000,086,528 | ---- | M] () -- C:\WINDOWS\System32\GetSteamS.dll
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\Documents and Settings\Seba\*.tmp files -> C:\Documents and Settings\Seba\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2010-03-22 16:14:04 | 003,897,377 | R--- | C] () -- C:\Documents and Settings\Seba\Pulpit\ComboFix.exe
[2010-03-22 12:04:11 | 000,001,602 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Mozilla Firefox.lnk
[2010-03-19 14:30:43 | 000,000,927 | ---- | C] () -- C:\Documents and Settings\Seba\Moje dokumenty\Immunity_DUO.rar
[2010-03-17 19:24:22 | 000,000,122 | ---- | C] () -- C:\Documents and Settings\Seba\Moje dokumenty\zamykanie portow.reg
[2010-03-15 17:10:50 | 000,062,608 | -H-- | C] () -- C:\WINDOWS\System32\anpcush.sys
[2010-03-07 18:02:38 | 000,000,767 | ---- | C] () -- C:\Documents and Settings\Seba\Pulpit\EVEREST Home Edition.lnk
[2010-03-03 14:22:15 | 000,000,376 | ---- | C] () -- C:\Documents and Settings\Seba\Dane aplikacjiprivacy.xml
[2010-03-03 12:26:16 | 000,000,052 | ---- | C] () -- C:\WINDOWS\System32\ashttpstats.csv
[2010-03-03 12:00:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\wsbl.dat
[2010-03-03 12:00:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\phar_unmip.dat
[2010-03-03 12:00:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\phar_histprot.dat
[2010-03-03 12:00:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\ph_white.dat
[2010-03-03 12:00:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\ph_summ.dat
[2010-03-03 12:00:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\ph_spoof.sig
[2010-03-03 12:00:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\ph_sign.slf
[2010-03-03 12:00:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\ph_fuzzy.sig
[2010-03-03 12:00:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\ph_black.dat
[2010-03-03 12:00:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\pcwords2.dat
[2010-03-03 12:00:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\pcwords.dat
[2010-03-03 12:00:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\pc_webproxy.dat
[2010-03-03 12:00:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\pc_video.dat
[2010-03-03 12:00:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\pc_tabloids.dat
[2010-03-03 12:00:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\pc_socialnetworks.dat
[2010-03-03 12:00:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\pc_sign.slf
[2010-03-03 12:00:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\pc_searchengines.dat
[2010-03-03 12:00:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\pc_regionaltlds.dat
[2010-03-03 12:00:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\pc_pornography.dat
[2010-03-03 12:00:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\pc_onlineshop.dat
[2010-03-03 12:00:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\pc_onlinepay.dat
[2010-03-03 12:00:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\pc_onlinedating.dat
[2010-03-03 12:00:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\pc_news.dat
[2010-03-03 12:00:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\pc_im.dat
[2010-03-03 12:00:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\pc_illegal.dat
[2010-03-03 12:00:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\pc_hate.dat
[2010-03-03 12:00:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\pc_games.dat
[2010-03-03 12:00:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\pc_gambling.dat
[2010-03-03 12:00:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\pc_drugs.dat
[2010-03-03 12:00:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\ab_sbl.sig
[2010-03-03 12:00:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\ab_bl.sig
[2010-02-26 13:44:08 | 000,001,621 | ---- | C] () -- C:\Documents and Settings\Seba\Pulpit\Vegas Pro 8.0.lnk
[2010-02-26 13:33:42 | 000,189,976 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\FontCache3.0.0.0.dat
[2010-02-26 13:13:47 | 000,009,728 | ---- | C] () -- C:\WINDOWS\System32\BASSMOD.dll
[2010-02-25 12:39:36 | 000,077,312 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2010-02-24 19:59:16 | 000,095,744 | ---- | C] () -- C:\WINDOWS\System32\firefoxS.dll
[2010-02-24 19:57:04 | 000,108,544 | ---- | C] () -- C:\WINDOWS\System32\PwS.dll
[2010-02-24 19:55:30 | 000,180,736 | ---- | C] () -- C:\WINDOWS\System32\Optix_ScreenCapS.dll
[2010-02-24 19:54:57 | 000,086,528 | ---- | C] () -- C:\WINDOWS\System32\GetSteamS.dll
[2010-02-24 19:52:30 | 000,009,278 | ---- | C] () -- C:\WINDOWS\System32\ocx32
[2010-01-29 15:49:21 | 000,008,320 | ---- | C] () -- C:\WINDOWS\System32\RenameMe.sys
[2010-01-13 15:06:30 | 000,000,290 | ---- | C] () -- C:\WINDOWS\game.ini
[2009-12-31 21:01:52 | 000,000,088 | ---- | C] () -- C:\WINDOWS\Patch.ini
[2009-12-21 16:18:52 | 000,000,180 | ---- | C] () -- C:\Documents and Settings\Seba\Dane aplikacji\setup.log
[2009-12-21 16:18:49 | 000,000,760 | ---- | C] () -- C:\Documents and Settings\Seba\Dane aplikacji\setup_ldm.iss
[2009-11-10 17:08:15 | 000,062,608 | -H-- | C] () -- C:\WINDOWS\System32\ciszkt.sys
[2009-11-01 13:15:03 | 000,000,067 | ---- | C] () -- C:\WINDOWS\SpeederXP.INI
[2009-09-23 12:49:50 | 000,019,040 | ---- | C] () -- C:\Program Files\Common Files\mukofo.lib
[2009-09-22 14:47:04 | 000,022,328 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2009-09-22 14:47:03 | 000,022,328 | ---- | C] () -- C:\Documents and Settings\Seba\Dane aplikacji\PnkBstrK.sys
[2009-09-22 14:37:20 | 000,721,904 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2009-08-17 11:55:55 | 001,388,544 | ---- | C] () -- C:\WINDOWS\System32\pingreducer32-steam.dll
[2009-08-17 11:55:55 | 001,388,544 | ---- | C] () -- C:\WINDOWS\System32\pingreducer32.dll
[2009-08-17 11:55:39 | 001,388,544 | ---- | C] () -- C:\WINDOWS\pingreducer32-steam.dll
[2009-08-17 11:55:20 | 001,388,544 | ---- | C] () -- C:\WINDOWS\pingreducer32.dll
[2009-08-17 11:54:28 | 001,388,544 | ---- | C] () -- C:\WINDOWS\System32\pingreducer-steam.dll
[2009-08-17 11:54:28 | 001,388,544 | ---- | C] () -- C:\WINDOWS\System32\pingreducer.dll
[2009-07-31 14:01:47 | 000,000,129 | ---- | C] () -- C:\Documents and Settings\Seba\Ustawienia lokalne\Dane aplikacji\fusioncache.dat
[2009-07-03 18:40:52 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\LauncherAccess.dt
[2009-07-03 18:39:52 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2009-07-02 11:38:18 | 000,000,000 | ---- | C] () -- C:\WINDOWS\WB.ini
[2009-06-29 15:59:11 | 000,000,025 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2009-06-28 11:56:32 | 000,005,606 | ---- | C] () -- C:\WINDOWS\System32\stci.dll
[2009-06-28 11:55:55 | 000,041,068 | ---- | C] () -- C:\WINDOWS\System32\ActPanel.dll
[2009-06-19 20:06:22 | 000,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll
[2009-06-19 20:06:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2009-06-19 20:06:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2009-06-19 20:06:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2009-06-19 20:06:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2009-06-19 20:06:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2009-06-19 20:06:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2009-06-19 20:06:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2009-06-19 20:06:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2009-06-19 20:06:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2009-01-03 11:20:53 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2009-01-02 17:35:54 | 000,070,656 | ---- | C] () -- C:\Documents and Settings\Seba\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009-01-02 17:24:10 | 000,013,881 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2009-01-02 17:18:12 | 000,000,804 | R--- | C] () -- C:\WINDOWS\System32\AsusSetup.ini
[2009-01-02 17:18:12 | 000,000,276 | R--- | C] () -- C:\WINDOWS\System32\raidmgmt.ini
[2009-01-02 17:17:42 | 000,014,129 | ---- | C] () -- C:\WINDOWS\Ascd_log.ini
[2009-01-02 16:50:43 | 000,005,810 | R--- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys
[2009-01-02 16:50:28 | 000,010,288 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2005-08-02 22:24:01 | 000,053,299 | ---- | C] () -- C:\WINDOWS\System32\pthreadVC.dll
[2004-08-03 23:44:00 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\ieencode.dll

[color=#E56717]========== Alternate Data Streams ==========[/color]

@Alternate Data Stream - 149 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:CFD318D0
@Alternate Data Stream - 136 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:5D68E797
@Alternate Data Stream - 110 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:888AFB86
< End of report >
[/quote]

Psycholandia
komentarz
komentarz

Wykonaj:
- przeskanuj komputer tym: [url="http://www.programosy.pl/program,malwarebytes-anti-malware.html"]Malware[/url] usuń wszystko co znajdzie i daj loga po kasowaniu (loga z Malware)
- http://andziorka.wordpress.com/2009/10/15/wysoki-ping/
- http://andziorka.wordpress.com/2009/10/07/powolny-internet/
- uruchom OTL i kliknij na CleanUP

astrIX
komentarz
komentarz

Dobra problem rozwiązany,jak ręką odjął problem zniknął wina leżała chyba po stronie operatora.Dzięki na chęci :D temat do zamknięcia

Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!

Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.

×
×
  • Dodaj nową pozycję...

Powiadomienie o plikach cookie

Strona wykorzystuje pliki cookies w celu prawidłowego świadczenia usług i wygody użytkowników. Warunki przechowywania i dostępu do plików cookies możesz zmienić w ustawieniach przeglądarki.