astrIX utworzono 22 marca 2010 utworzono 22 marca 2010 (edytowane) Witam,otóż mam problem z internetem.Posiadam 1MB z Neostrady i od ok.4dni mam potężne lagi i internet ogólnie bardzo wolno chodzi.W grach mam ping [b]150-1000ms[/b],skanowałem komputer w poszukiwaniu wirusów i owszem znalazł cos ale szybko skasował a problem dalej jest.Skanowałem również [b]combofixem[/b] lecz nic nie znalazł.Czy to coś z komputerem czy może dostawca ? Podam log z hijack'a [log]Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 19:38:01, on 2010-03-22 Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe C:\WINDOWS\system32\fsproflt.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe C:\WINDOWS\system32\PnkBstrA.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Analog Devices\Core\smax4pnp.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\WINDOWS\ZSSnp211.exe C:\WINDOWS\Domino.exe C:\PROGRA~1\NEOSTR~1\CnxMon.exe C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe C:\PROGRA~1\NEOSTR~1\TaskbarIcon.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\RocketDock\RocketDock.exe C:\Program Files\Logitech\SetPoint\SetPoint.exe C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\PROGRA~1\NEOSTR~1\NeostradaTP.exe C:\PROGRA~1\NEOSTR~1\ComComp.exe C:\PROGRA~1\NEOSTR~1\Watch.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Analog Devices\SoundMAX\smax4.exe D:\Gry\Counter Strike Steam™\steam.exe C:\Program Files\Teamspeak2_RC2\TeamSpeak.exe d:\gry\counter strike steam™\steamapps\dr01_1710\counter-strike\hl.exe D:\Gry\Counter Strike Steam™\GameOverlayUI.exe C:\Program Files\Windows Media Player\wmplayer.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = [url="http://szukaj.wp.pl"]http://szukaj.wp.pl[/url] R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [url="http://www.neostrada.pl"]http://www.neostrada.pl[/url] R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [url="http://go.microsoft.com/fwlink/?LinkId=69157"]http://go.microsoft....k/?LinkId=69157[/url] R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [url="http://go.microsoft.com/fwlink/?LinkId=54896"]http://go.microsoft....k/?LinkId=54896[/url] R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [url="http://go.microsoft.com/fwlink/?LinkId=54896"]http://go.microsoft....k/?LinkId=54896[/url] R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\NEOSTR~1\SEARCH~1.DLL O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\ievkbd.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL O2 - BHO: Expressivo - {85F685C3-20D9-4943-95E4-EB4224056C3F} - C:\Program Files\ivo\Expressivo\integr\ih-iexplorer\IH_iexplorer.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (file missing) O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll (file missing) O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: StylerToolBar - {D2F8F919-690B-4EA2-9FA7-A203D1E04F75} - C:\Program Files\Styler\TB\StylerTB.dll O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (file missing) O3 - Toolbar: Expressivo - {85F685C3-20D9-4943-95E4-EB4224056C3F} - C:\Program Files\ivo\Expressivo\integr\ih-iexplorer\IH_iexplorer.dll O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe" O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [ZSSnp211] C:\WINDOWS\ZSSnp211.exe O4 - HKLM\..\Run: [Domino] C:\WINDOWS\Domino.exe O4 - HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\NEOSTR~1\CnxMon.exe O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\NEOSTR~1\Watch.exe O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\NEOSTR~1\TaskbarIcon.exe O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [SoundMax] "C:\Program Files\Analog Devices\SoundMAX\smax4.exe" /tray O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe O4 - Global Startup: McAfee Security Scan Plus.lnk = ? O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Funkcja Google Sidewiki - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: Web traffic protection statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\SCIEPlgn.dll O9 - Extra button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll O17 - HKLM\System\CCS\Services\Tcpip\..\{A90FE873-E64F-457A-94D0-E6CC44913E79}: NameServer = 194.204.159.1 194.204.152.34 O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: Kaspersky Anti-Virus (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Apache Software Foundation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe O23 - Service: FSPro Filter Service (fsproflt) - FSPro Labs - C:\WINDOWS\system32\fsproflt.exe O23 - Service: Usługa Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe (file missing) O23 - Service: Google Software Updater (gusvc) - Unknown owner - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (file missing) O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe O23 - Service: ForceWare IP service (nSvcIp) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe -- End of file - 11330 bytes [/log] [color="#ff0000"]//przenoszę do Bezpieczeństwa //dan[/color]
astrIX komentarz 23 marca 2010 Autor komentarz 23 marca 2010 [quote]OTL logfile created on: 2010-03-23 09:52:53 - Run 1 OTL by OldTimer - Version 3.1.37.3 Folder = C:\Documents and Settings\Seba\Pulpit Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.2180) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 1 023,00 Mb Total Physical Memory | 432,00 Mb Available Physical Memory | 42,00% Memory free 2,00 Gb Paging File | 2,00 Gb Available in Paging File | 81,00% Paging File free Paging file location(s): C:\pagefile.sys 1536 3072 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 102,77 Gb Total Space | 55,26 Gb Free Space | 53,77% Space Free | Partition Type: NTFS Drive D: | 195,31 Gb Total Space | 108,17 Gb Free Space | 55,38% Space Free | Partition Type: NTFS E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: ASSEL-5E6F2ED4F Current User Name: Seba Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Standard [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2010-03-23 09:52:35 | 000,555,520 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Seba\Pulpit\OTL.exe PRC - [2010-03-01 16:46:45 | 000,524,632 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe PRC - [2010-03-01 16:46:38 | 001,029,456 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe PRC - [2010-01-16 04:18:19 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla FireFOX\firefox.exe PRC - [2009-07-20 12:30:50 | 000,813,584 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Logitech\SetPoint\SetPoint.exe PRC - [2009-07-10 12:42:32 | 000,055,824 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.exe PRC - [2009-06-29 15:57:12 | 000,198,160 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe PRC - [2009-05-03 11:22:28 | 000,073,392 | ---- | M] (FSPro Labs) -- C:\WINDOWS\system32\fsproflt.exe PRC - [2007-09-02 12:58:52 | 000,495,616 | ---- | M] () -- C:\Program Files\RocketDock\RocketDock.exe PRC - [2007-04-06 11:06:58 | 000,057,344 | ---- | M] (ZSMCSNAP) -- C:\WINDOWS\ZSSnp211.exe PRC - [2006-12-18 14:34:36 | 000,868,352 | R--- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\Core\smax4pnp.exe PRC - [2006-08-18 16:58:14 | 000,049,152 | ---- | M] () -- C:\WINDOWS\Domino.exe PRC - [2006-07-13 16:59:48 | 000,131,131 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe PRC - [2006-07-13 16:59:32 | 000,065,599 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe PRC - [2006-07-13 07:12:26 | 000,729,088 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\SoundMAX\SMax4.exe PRC - [2006-04-03 18:04:02 | 000,020,543 | ---- | M] (Apache Software Foundation) -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe PRC - [2004-08-03 23:44:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2004-04-13 05:07:18 | 000,069,632 | ---- | M] (InstallShield Software Corporation) -- C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe PRC - [2004-01-26 11:38:38 | 000,866,816 | ---- | M] (THOMSON Telecom Belgium) -- C:\Program Files\Thomson\SpeedTouch USB\dragdiag.exe PRC - [2003-10-16 18:07:12 | 000,626,688 | ---- | M] (France Télécom R&D) -- C:\Program Files\Neostrada TP\NeostradaTP.exe PRC - [2003-10-16 18:07:12 | 000,053,248 | ---- | M] (France Télécom R&D) -- C:\Program Files\Neostrada TP\TaskBarIcon.exe PRC - [2003-10-16 18:07:12 | 000,020,480 | ---- | M] (France Télécom R&D) -- C:\Program Files\Neostrada TP\Watch.exe PRC - [2003-10-16 18:07:10 | 000,200,704 | ---- | M] (France Télécom R&D) -- C:\Program Files\Neostrada TP\ComComp.exe PRC - [2003-10-16 18:07:10 | 000,024,576 | ---- | M] () -- C:\Program Files\Neostrada TP\CnxMon.exe [color=#E56717]========== Modules (SafeList) ==========[/color] MOD - [2010-03-23 09:52:35 | 000,555,520 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Seba\Pulpit\OTL.exe MOD - [2009-11-18 20:12:06 | 000,070,960 | ---- | M] (Stardock.net, Inc) -- C:\Program Files\Stardock\Object Desktop\IconPackager\iprepair.dll MOD - [2009-07-20 12:29:06 | 000,045,584 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Logitech\SetPoint\lgscroll.dll MOD - [2009-07-20 12:25:22 | 000,064,016 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Logitech\SetPoint\GameHook.dll MOD - [2009-07-12 00:12:06 | 000,632,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcr80.dll MOD - [2007-09-02 12:57:36 | 000,069,632 | ---- | M] () -- C:\Program Files\RocketDock\RocketDock.dll MOD - [2006-05-03 21:53:54 | 000,174,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\framedyn.dll MOD - [2004-08-03 23:42:34 | 001,050,624 | R--- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - File not found [Auto | Stopped] -- -- (gusvc) SRV - File not found [Auto | Stopped] -- -- (gupdate) Usługa Google Update (gupdate) SRV - [2010-03-01 16:46:38 | 001,029,456 | ---- | M] (Lavasoft) [Auto | Running] -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service) SRV - [2009-07-21 11:59:10 | 000,208,616 | ---- | M] (Kaspersky Lab) [Auto | Running] -- C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe -- (AVP) SRV - [2009-07-20 12:28:10 | 000,121,360 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ) SRV - [2009-07-16 10:50:33 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2009-05-03 11:22:28 | 000,073,392 | ---- | M] (FSPro Labs) [Auto | Running] -- C:\WINDOWS\system32\fsproflt.exe -- (fsproflt) SRV - [2006-07-13 16:59:48 | 000,131,131 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe -- (nSvcIp) SRV - [2006-07-13 16:59:32 | 000,065,599 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe -- (nSvcLog) SRV - [2006-04-03 18:04:02 | 000,020,543 | ---- | M] (Apache Software Foundation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe -- (ForcewareWebInterface) SRV - [2005-08-02 22:18:49 | 000,086,016 | ---- | M] (CACE Technologies) [On_Demand | Stopped] -- C:\Program Files\WinPcap\rpcapd.exe -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2010-01-12 05:03:33 | 010,276,768 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv) DRV - [2009-11-14 16:45:51 | 000,064,160 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\Lbd.sys -- (Lbd) DRV - [2009-10-20 14:58:38 | 000,023,512 | ---- | M] (Turtle Entertainment GmbH) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ESLvnic.sys -- (ESLvnic1) DRV - [2009-09-23 13:12:31 | 000,226,832 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\klif.sys -- (KLIF) DRV - [2009-09-23 13:12:31 | 000,033,808 | ---- | M] (Kaspersky Lab) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\klbg.sys -- (klbg) DRV - [2009-09-22 14:37:20 | 000,721,904 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd) DRV - [2009-06-17 17:56:32 | 000,028,560 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LUsbFilt.sys -- (LUsbFilt) DRV - [2009-06-17 17:56:16 | 000,037,392 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LMouFilt.Sys -- (LMouFilt) DRV - [2009-06-17 17:56:06 | 000,035,472 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LHidFilt.Sys -- (LHidFilt) DRV - [2009-06-17 17:55:34 | 000,010,384 | ---- | M] (Logitech, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\LBeepKE.sys -- (LBeepKE) DRV - [2009-06-17 17:55:18 | 000,020,240 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\L8042Kbd.sys -- (L8042Kbd) DRV - [2008-09-26 18:01:00 | 000,101,376 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbmdm.sys -- (hwdatacard) DRV - [2008-08-14 06:57:42 | 000,074,720 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\adfs.sys -- (adfs) DRV - [2008-07-21 16:34:36 | 000,121,872 | ---- | M] (Kaspersky Lab) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\kl1.sys -- (kl1) DRV - [2008-06-05 17:37:54 | 000,043,792 | ---- | M] (FSPro Labs) [File_System | Boot | Running] -- C:\WINDOWS\System32\Drivers\FSPFltd.sys -- (FSProFilter) DRV - [2008-04-30 16:06:48 | 000,024,592 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\klim5.sys -- (klim5) DRV - [2007-12-13 10:17:58 | 001,472,000 | ---- | M] (ZSMC.Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ZS211.sys -- (ZSMC30x) DRV - [2007-12-10 18:15:34 | 000,480,128 | ---- | M] (Vimicro Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\vvftav211.sys -- (vvftav211) DRV - [2007-05-02 10:11:18 | 000,109,704 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_mdm.sys -- (ss_mdm) DRV - [2007-05-02 10:11:18 | 000,015,112 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_mdfl.sys -- (ss_mdfl) DRV - [2007-05-02 10:11:16 | 000,083,592 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bus.sys -- (ss_bus) SAMSUNG Mobile USB Device 1.0 driver (WDM) DRV - [2007-01-16 02:09:06 | 000,293,888 | R--- | M] (Analog Devices, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ADIHdAud.sys -- (ADIHdAudAddService) DRV - [2006-08-14 07:51:28 | 000,105,344 | R--- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\nvata.sys -- (nvata) DRV - [2006-08-12 19:21:38 | 000,008,320 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\RenameMe.sys -- (RenameMe) DRV - [2006-07-24 15:05:00 | 000,005,632 | ---- | M] () [File_System | System | Running] -- C:\WINDOWS\system32\drivers\StarOpen.sys -- (StarOpen) DRV - [2006-07-11 14:38:30 | 000,020,480 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus) DRV - [2006-07-11 14:38:28 | 000,057,856 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD) DRV - [2006-06-18 23:51:32 | 000,043,520 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8) DRV - [2006-03-17 10:18:58 | 000,392,960 | R--- | M] (Sensaura) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\senfilt.sys -- (SenFiltService) DRV - [2006-03-01 19:53:54 | 000,032,128 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\pcandis5.sys -- (PCANDIS5) DRV - [2005-08-02 22:10:13 | 000,032,512 | ---- | M] (CACE Technologies) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\npf.sys -- (NPF) DRV - [2004-10-27 15:21:36 | 000,138,240 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Hdaudbus.sys -- (HDAudBus) DRV - [2004-08-12 01:00:00 | 000,005,810 | R--- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor) DRV - [2004-08-03 21:59:52 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmnt.sys -- (nm) DRV - [2004-04-30 09:37:02 | 000,160,640 | ---- | M] ( ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\a347bus.sys -- (a347bus) DRV - [2004-04-30 09:33:00 | 000,005,248 | ---- | M] ( ) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\a347scsi.sys -- (a347scsi) DRV - [2003-12-08 11:53:46 | 000,070,688 | ---- | M] (THOMSON) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\alcaudsl.sys -- (alcaudsl) DRV - [2003-12-08 10:53:48 | 000,053,600 | ---- | M] (THOMSON) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\alcan5wn.sys -- (alcan5wn) SpeedTouch USB ADSL PPP Networking Driver (NDISWAN) DRV - [2003-09-23 11:38:34 | 000,034,688 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\pcampr5.sys -- (PCAMPR5) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.neostrada.pl IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie IE - HKCU\..\URLSearchHook: {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\Neostrada TP\SearchPageURL.dll () IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.startup.homepage: "www.google.pl" FF - prefs.js..extensions.enabledItems: {8EE3A590-0E3F-4234-A41A-9F112F488999}:1.0 FF - prefs.js..extensions.enabledItems: {ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}:1.3 FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: {73a6fe31-595d-460b-a920-fcc0f8843232}:1.9.9.57 FF - prefs.js..extensions.enabledItems: pagehacker-nico@nc:1.2 FF - prefs.js..extensions.enabledItems: NPDyyno@dyyno.com:1.0.0.26 FF - prefs.js..extensions.enabledItems: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20091028 FF - prefs.js..extensions.enabledItems: {5c8bfb7c-9a54-11dc-8314-0800200c9a66}:3.6.3 FF - prefs.js..extensions.enabledItems: {241aae70-0022-11de-87af-0800200c9a66}:3.6.30.01.10 FF - prefs.js..extensions.enabledItems: nasanightlaunch@example.com:0.6.20100314 FF - prefs.js..network.proxy.type: 4 FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Program Files\RealPlayer\browserrecord [2009-06-29 15:57:19 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\Extensions\\{3112ca9c-de6d-4884-a869-9855de68056c}: C:\Documents and Settings\All Users\Dane aplikacji\Google\Toolbar for Firefox\{3112ca9c-de6d-4884-a869-9855de68056c} [2009-12-31 14:35:44 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\Extensions\\FFToolbar@bitdefender.com: C:\Program Files\BitDefender\BitDefender 2010\bdaphffext\ [2010-03-03 15:00:11 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6\extensions\\Components: C:\Program Files\Mozilla FireFOX\components [2010-03-22 12:04:11 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6\extensions\\Plugins: C:\Program Files\Mozilla FireFOX\plugins [2010-03-22 15:07:40 | 000,000,000 | ---D | M] [2009-06-28 12:31:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Seba\Dane aplikacji\Mozilla\Extensions [2010-03-22 18:59:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Seba\Dane aplikacji\Mozilla\Firefox\Profiles\qzt5zc5y.default\extensions [2010-02-08 17:15:33 | 000,000,000 | ---D | M] (Blue Fox) -- C:\Documents and Settings\Seba\Dane aplikacji\Mozilla\Firefox\Profiles\qzt5zc5y.default\extensions\{241aae70-0022-11de-87af-0800200c9a66} [2009-06-28 14:01:03 | 000,000,000 | ---D | M] (Blue Fox) -- C:\Documents and Settings\Seba\Dane aplikacji\Mozilla\Firefox\Profiles\qzt5zc5y.default\extensions\{241aae70-0022-11de-87af-0800200c9a66}(2) [2009-11-21 12:53:21 | 000,000,000 | ---D | M] (Bloody Red) -- C:\Documents and Settings\Seba\Dane aplikacji\Mozilla\Firefox\Profiles\qzt5zc5y.default\extensions\{2458abc0-f443-11dd-87af-0800200c9a66} [2010-01-01 21:34:26 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Documents and Settings\Seba\Dane aplikacji\Mozilla\Firefox\Profiles\qzt5zc5y.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c} [2010-02-22 12:00:53 | 000,000,000 | ---D | M] (Aero Fox) -- C:\Documents and Settings\Seba\Dane aplikacji\Mozilla\Firefox\Profiles\qzt5zc5y.default\extensions\{5c8bfb7c-9a54-11dc-8314-0800200c9a66} [2010-03-20 17:57:43 | 000,000,000 | ---D | M] (NoScript) -- C:\Documents and Settings\Seba\Dane aplikacji\Mozilla\Firefox\Profiles\qzt5zc5y.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232} [2009-11-14 20:00:51 | 000,000,000 | ---D | M] (Bez Ĺšledzika) -- C:\Documents and Settings\Seba\Dane aplikacji\Mozilla\Firefox\Profiles\qzt5zc5y.default\extensions\{8EE3A590-0E3F-4234-A41A-9F112F488999} [2010-03-22 12:34:41 | 000,000,000 | ---D | M] (WOT) -- C:\Documents and Settings\Seba\Dane aplikacji\Mozilla\Firefox\Profiles\qzt5zc5y.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2010-03-20 17:57:43 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\Seba\Dane aplikacji\Mozilla\Firefox\Profiles\qzt5zc5y.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2010-01-23 21:06:07 | 000,000,000 | ---D | M] (FoxTab) -- C:\Documents and Settings\Seba\Dane aplikacji\Mozilla\Firefox\Profiles\qzt5zc5y.default\extensions\{ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a} [2010-03-15 15:36:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Seba\Dane aplikacji\Mozilla\Firefox\Profiles\qzt5zc5y.default\extensions\nasanightlaunch@example.com [2009-11-21 12:54:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Seba\Dane aplikacji\Mozilla\Firefox\Profiles\qzt5zc5y.default\extensions\pagehacker-nico@nc [2010-02-22 12:01:00 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Seba\Dane aplikacji\Mozilla\Firefox\Profiles\qzt5zc5y.default\extensions\{5c8bfb7c-9a54-11dc-8314-0800200c9a66}\chrome\mac\browser\extensions [2010-02-22 12:01:00 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Seba\Dane aplikacji\Mozilla\Firefox\Profiles\qzt5zc5y.default\extensions\{5c8bfb7c-9a54-11dc-8314-0800200c9a66}\chrome\mac\mozapps\extensions [2010-02-22 12:01:00 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Seba\Dane aplikacji\Mozilla\Firefox\Profiles\qzt5zc5y.default\extensions\{5c8bfb7c-9a54-11dc-8314-0800200c9a66}\chrome\win\browser\extensions [2010-02-22 12:01:00 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Seba\Dane aplikacji\Mozilla\Firefox\Profiles\qzt5zc5y.default\extensions\{5c8bfb7c-9a54-11dc-8314-0800200c9a66}\chrome\win\mozapps\extensions [2009-09-22 14:39:48 | 000,002,399 | ---- | M] () -- C:\Documents and Settings\Seba\Dane aplikacji\Mozilla\Firefox\Profiles\qzt5zc5y.default\searchplugins\daemon-search.xml [2010-03-22 18:59:55 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla FireFOX\extensions [2008-11-11 08:38:54 | 000,663,552 | ---- | M] (BitComet) -- C:\Program Files\Mozilla FireFOX\plugins\npBitCometAgent.dll [2010-01-16 02:08:36 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla FireFOX\searchplugins\allegro-pl.xml [2010-01-16 02:08:36 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla FireFOX\searchplugins\fbc-pl.xml [2010-01-16 02:08:36 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla FireFOX\searchplugins\merlin-pl.xml [2010-01-16 02:08:36 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla FireFOX\searchplugins\pwn-pl.xml [2010-01-16 02:08:36 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla FireFOX\searchplugins\wikipedia-pl.xml [2010-01-16 02:08:36 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla FireFOX\searchplugins\wp-pl.xml O1 HOSTS File: ([2009-09-24 16:59:52 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.) O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer) O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\ievkbd.dll (Kaspersky Lab) O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) O2 - BHO: (Expressivo) - {85F685C3-20D9-4943-95E4-EB4224056C3F} - C:\Program Files\ivo\Expressivo\integr\ih-iexplorer\IH_iexplorer.dll (IVO Software Sp. z o.o.) O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll File not found O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll File not found O3 - HKLM\..\Toolbar: (no name) - - No CLSID value found. O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll File not found O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll () O3 - HKLM\..\Toolbar: (Expressivo) - {85F685C3-20D9-4943-95E4-EB4224056C3F} - C:\Program Files\ivo\Expressivo\integr\ih-iexplorer\IH_iexplorer.dll (IVO Software Sp. z o.o.) O3 - HKLM\..\Toolbar: (StylerToolBar) - {D2F8F919-690B-4EA2-9FA7-A203D1E04F75} - C:\Program Files\Styler\TB\StylerTB.dll (StyleFantasist) O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll File not found O3 - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll () O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe (Lavasoft) O4 - HKLM..\Run: [AVP] C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe (Kaspersky Lab) O4 - HKLM..\Run: [Domino] C:\WINDOWS\Domino.exe () O4 - HKLM..\Run: [ISUSPM Startup] C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (InstallShield Software Corporation) O4 - HKLM..\Run: [ISUSScheduler] C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation) O4 - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\WINDOWS\KHALMNPR.Exe (Logitech, Inc.) O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh) O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [SoundMax] C:\Program Files\Analog Devices\SoundMAX\smax4.exe (Analog Devices, Inc.) O4 - HKLM..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.) O4 - HKLM..\Run: [SpeedTouch USB Diagnostics] C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe (THOMSON Telecom Belgium) O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.) O4 - HKLM..\Run: [WooCnxMon] C:\Program Files\Neostrada TP\CnxMon.exe () O4 - HKLM..\Run: [WOOTASKBARICON] C:\Program Files\Neostrada TP\TaskBarIcon.exe (France Télécom R&D) O4 - HKLM..\Run: [WOOWATCH] C:\Program Files\Neostrada TP\Watch.exe (France Télécom R&D) O4 - HKLM..\Run: [ZSSnp211] C:\WINDOWS\ZSSnp211.exe (ZSMCSNAP) O4 - HKCU..\Run: [RocketDock] C:\Program Files\RocketDock\RocketDock.exe () O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated) O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe (Logitech, Inc.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation) O9 - Extra Button: Web traffic protection statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\SCIEPlgn.dll (Kaspersky Lab) O9 - Extra Button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.) O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18) O16 - DPF: {CAFEEFAC-0014-0000-0003-ABCDEFFEDCBA} http://java.sun.com/products/plugin/autodl/jinstall-1_4_0_03-win.cab (Java Plug-in 1.4.0_03) O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\klogon: DllName - C:\WINDOWS\system32\klogon.dll - C:\WINDOWS\system32\klogon.dll (Kaspersky Lab) O20 - Winlogon\Notify\LBTWlgn: DllName - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll - c:\Program Files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.) O20 - Winlogon\Notify\WgaLogon: DllName - WgaLogon.dll - File not found O21 - SSODL: IconPackager Repair - {1799460C-0BC8-4865-B9DF-4A36CD703FF0} - C:\Program Files\Stardock\Object Desktop\IconPackager\iprepair.dll (Stardock.net, Inc) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O24 - Desktop WallPaper: C:\Documents and Settings\Seba\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\Seba\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009-01-02 16:44:08 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O34 - HKLM BootExecute: (lsdelete) - C:\WINDOWS\System32\lsdelete.exe () O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2010-03-23 09:52:34 | 000,555,520 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Seba\Pulpit\OTL.exe [2010-03-22 16:55:46 | 000,000,000 | -HSD | C] -- C:\RECYCLER [2010-03-22 16:42:10 | 000,000,000 | ---D | C] -- C:\Qoobox [2010-03-22 12:39:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\McAfee [2010-03-18 18:20:01 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Seba\Moje dokumenty\Moja muzyka [2010-03-18 18:07:42 | 000,000,000 | ---D | C] -- C:\Program Files\ConvertHelper [2010-03-18 18:00:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Seba\dwhelper [2010-03-16 17:59:34 | 000,000,000 | ---D | C] -- C:\uspackja [2010-03-07 18:02:37 | 000,000,000 | ---D | C] -- C:\Program Files\Lavalys [2010-03-07 08:54:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Seba\Moje dokumenty\NFS SHIFT [2010-03-05 20:24:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\Sun [2010-03-05 20:22:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Sun [2010-03-05 20:22:20 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java [2010-03-05 20:21:46 | 000,411,368 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deploytk.dll [2010-03-05 20:21:46 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe [2010-03-05 20:21:46 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe [2010-03-05 20:21:46 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe [2010-03-05 20:21:46 | 000,073,728 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl [2010-03-05 20:19:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Seba\Dane aplikacji\Sun [2010-03-04 20:12:18 | 000,000,000 | ---D | C] -- C:\Program Files\VDOWNLOADER [2010-03-04 20:12:18 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\eBay [2010-03-04 12:28:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Real [2010-03-03 15:03:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Seba\Dane aplikacji\BitDefender [2010-03-02 18:45:54 | 000,000,000 | ---D | C] -- C:\Program Files\BitDefender [2010-03-02 18:45:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\BitDefender [2010-03-02 18:43:23 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\BitDefender [2010-03-02 17:37:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10 [2010-03-02 17:37:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Seba\Dane aplikacji\Gadu-Gadu 10 [2010-03-02 17:36:59 | 000,000,000 | ---D | C] -- C:\Program Files\Gadu-Gadu 10 [2010-03-01 19:07:12 | 000,000,000 | ---D | C] -- C:\Program Files\IDoser v4 [2010-03-01 18:34:52 | 000,000,000 | ---D | C] -- C:\Program Files\ProXoft [2010-02-26 13:47:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Seba\Dane aplikacji\Publish Providers [2010-02-26 13:47:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Seba\Ustawienia lokalne\Dane aplikacji\Sony [2010-02-26 13:47:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Seba\Dane aplikacji\Sony [2010-02-26 13:40:03 | 000,000,000 | ---D | C] -- C:\Program Files\Vstplugins [2010-02-26 13:39:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Sony [2010-02-26 13:39:42 | 000,000,000 | ---D | C] -- C:\Program Files\Sony [2010-02-26 13:30:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\XPSViewer [2010-02-26 13:30:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en-us [2010-02-26 13:29:42 | 000,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies [2010-02-26 13:29:23 | 000,014,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg2.dll [2010-02-26 13:29:11 | 000,014,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg.dll [2010-02-26 13:14:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Seba\Dane aplikacji\Sony Setup [2010-02-26 13:14:15 | 000,000,000 | ---D | C] -- C:\Program Files\Sony Vegas Pro 8.0 [2010-02-25 12:47:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp [2010-02-23 18:27:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Seba\Dane aplikacji\Foxit [2010-02-23 18:27:05 | 000,000,000 | ---D | C] -- C:\Program Files\Foxit Software [2010-02-23 11:37:29 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\{1C533CDB-BAC7-4600-B3DE-0B628D9AC643} [2009-12-31 11:29:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Microsoft [2009-12-31 11:17:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Google [2009-12-31 11:12:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Microsoft [2009-12-31 11:12:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Google [2009-12-26 14:02:26 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Dane aplikacji\Microsoft [2009-01-02 17:55:43 | 000,160,640 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\a347bus.sys [2009-01-02 17:55:43 | 000,005,248 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\a347scsi.sys [2009-01-02 16:47:52 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Dane aplikacji\Microsoft [5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [1 C:\Documents and Settings\Seba\*.tmp files -> C:\Documents and Settings\Seba\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2010-03-23 09:52:35 | 000,555,520 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Seba\Pulpit\OTL.exe [2010-03-23 09:38:28 | 000,272,244 | ---- | M] () -- C:\WINDOWS\System32\NvApps.xml [2010-03-23 09:38:20 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2010-03-23 09:38:18 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2010-03-22 21:02:08 | 017,297,408 | ---- | M] () -- C:\Documents and Settings\Seba\NTUSER.DAT [2010-03-22 21:02:06 | 008,107,040 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox.dat [2010-03-22 21:02:06 | 001,425,440 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox2.dat [2010-03-22 21:02:06 | 000,065,464 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox.idx [2010-03-22 21:02:06 | 000,007,000 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox2.idx [2010-03-22 16:52:31 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini [2010-03-22 16:20:16 | 003,897,377 | R--- | M] () -- C:\Documents and Settings\Seba\Pulpit\ComboFix.exe [2010-03-22 15:25:42 | 000,000,927 | ---- | M] () -- C:\Documents and Settings\Seba\Moje dokumenty\Immunity_DUO.rar [2010-03-22 12:32:37 | 000,029,770 | ---- | M] () -- C:\Documents and Settings\Seba\Pulpit\LUq.wpl [2010-03-22 12:04:11 | 000,001,602 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Mozilla Firefox.lnk [2010-03-21 21:49:33 | 000,001,137 | ---- | M] () -- C:\WINDOWS\win.ini [2010-03-21 10:46:12 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini [2010-03-20 16:46:37 | 000,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job [2010-03-17 19:33:54 | 000,000,293 | RHS- | M] () -- C:\boot.ini [2010-03-17 19:24:22 | 000,000,122 | ---- | M] () -- C:\Documents and Settings\Seba\Moje dokumenty\zamykanie portow.reg [2010-03-16 18:50:17 | 003,703,578 | -H-- | M] () -- C:\Documents and Settings\Seba\Ustawienia lokalne\Dane aplikacji\IconCache.db [2010-03-15 17:10:50 | 000,062,608 | -H-- | M] () -- C:\WINDOWS\System32\anpcush.sys [2010-03-13 21:55:34 | 000,000,188 | -HS- | M] () -- C:\Documents and Settings\Seba\ntuser.ini [2010-03-12 18:02:38 | 000,261,632 | ---- | M] () -- C:\WINDOWS\PEV.exe [2010-03-11 18:20:22 | 000,002,284 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2010-03-08 14:39:55 | 000,070,656 | ---- | M] () -- C:\Documents and Settings\Seba\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010-03-07 18:02:38 | 000,000,767 | ---- | M] () -- C:\Documents and Settings\Seba\Pulpit\EVEREST Home Edition.lnk [2010-03-05 20:21:29 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deploytk.dll [2010-03-05 20:21:29 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe [2010-03-05 20:21:29 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe [2010-03-05 20:21:29 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe [2010-03-05 20:21:29 | 000,073,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl [2010-03-05 19:39:39 | 000,003,823 | ---- | M] () -- C:\Documents and Settings\Seba\.plugin140_03.trace [2010-03-03 14:22:15 | 000,000,376 | ---- | M] () -- C:\Documents and Settings\Seba\Dane aplikacjiprivacy.xml [2010-03-03 13:56:56 | 000,000,052 | ---- | M] () -- C:\WINDOWS\System32\ashttpstats.csv [2010-03-03 12:00:24 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\wsbl.dat [2010-03-03 12:00:24 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\phar_unmip.dat [2010-03-03 12:00:24 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\phar_histprot.dat [2010-03-03 12:00:24 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\ph_white.dat [2010-03-03 12:00:24 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\ph_summ.dat [2010-03-03 12:00:24 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\ph_spoof.sig [2010-03-03 12:00:24 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\ph_sign.slf [2010-03-03 12:00:24 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\ph_fuzzy.sig [2010-03-03 12:00:24 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\ph_black.dat [2010-03-03 12:00:24 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\pcwords2.dat [2010-03-03 12:00:24 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\pcwords.dat [2010-03-03 12:00:24 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\pc_webproxy.dat [2010-03-03 12:00:24 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\pc_video.dat [2010-03-03 12:00:24 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\pc_tabloids.dat [2010-03-03 12:00:24 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\pc_socialnetworks.dat [2010-03-03 12:00:24 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\pc_sign.slf [2010-03-03 12:00:24 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\pc_searchengines.dat [2010-03-03 12:00:24 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\pc_regionaltlds.dat [2010-03-03 12:00:24 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\pc_pornography.dat [2010-03-03 12:00:24 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\pc_onlineshop.dat [2010-03-03 12:00:24 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\pc_onlinepay.dat [2010-03-03 12:00:24 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\pc_onlinedating.dat [2010-03-03 12:00:24 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\pc_news.dat [2010-03-03 12:00:24 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\pc_im.dat [2010-03-03 12:00:24 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\pc_illegal.dat [2010-03-03 12:00:24 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\pc_hate.dat [2010-03-03 12:00:24 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\pc_games.dat [2010-03-03 12:00:24 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\pc_gambling.dat [2010-03-03 12:00:24 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\pc_drugs.dat [2010-03-03 12:00:24 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\ab_sbl.sig [2010-03-03 12:00:24 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\ab_bl.sig [2010-03-01 16:49:30 | 000,015,688 | ---- | M] () -- C:\WINDOWS\System32\lsdelete.exe [2010-02-26 17:37:03 | 002,151,776 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2010-02-26 13:50:21 | 000,072,344 | ---- | M] () -- C:\Documents and Settings\Seba\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT [2010-02-26 13:47:13 | 000,009,728 | ---- | M] () -- C:\WINDOWS\System32\BASSMOD.dll [2010-02-26 13:40:08 | 000,001,621 | ---- | M] () -- C:\Documents and Settings\Seba\Pulpit\Vegas Pro 8.0.lnk [2010-02-26 13:34:10 | 001,105,074 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI [2010-02-26 13:34:10 | 000,497,552 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat [2010-02-26 13:34:10 | 000,438,960 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2010-02-26 13:34:10 | 000,088,642 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat [2010-02-26 13:34:10 | 000,071,046 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2010-02-25 12:07:29 | 000,009,278 | ---- | M] () -- C:\WINDOWS\System32\ocx32 [2010-02-24 19:59:16 | 000,095,744 | ---- | M] () -- C:\WINDOWS\System32\firefoxS.dll [2010-02-24 19:57:04 | 000,108,544 | ---- | M] () -- C:\WINDOWS\System32\PwS.dll [2010-02-24 19:55:30 | 000,180,736 | ---- | M] () -- C:\WINDOWS\System32\Optix_ScreenCapS.dll [2010-02-24 19:54:57 | 000,086,528 | ---- | M] () -- C:\WINDOWS\System32\GetSteamS.dll [5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [1 C:\Documents and Settings\Seba\*.tmp files -> C:\Documents and Settings\Seba\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2010-03-22 16:14:04 | 003,897,377 | R--- | C] () -- C:\Documents and Settings\Seba\Pulpit\ComboFix.exe [2010-03-22 12:04:11 | 000,001,602 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Mozilla Firefox.lnk [2010-03-19 14:30:43 | 000,000,927 | ---- | C] () -- C:\Documents and Settings\Seba\Moje dokumenty\Immunity_DUO.rar [2010-03-17 19:24:22 | 000,000,122 | ---- | C] () -- C:\Documents and Settings\Seba\Moje dokumenty\zamykanie portow.reg [2010-03-15 17:10:50 | 000,062,608 | -H-- | C] () -- C:\WINDOWS\System32\anpcush.sys [2010-03-07 18:02:38 | 000,000,767 | ---- | C] () -- C:\Documents and Settings\Seba\Pulpit\EVEREST Home Edition.lnk [2010-03-03 14:22:15 | 000,000,376 | ---- | C] () -- C:\Documents and Settings\Seba\Dane aplikacjiprivacy.xml [2010-03-03 12:26:16 | 000,000,052 | ---- | C] () -- C:\WINDOWS\System32\ashttpstats.csv [2010-03-03 12:00:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\wsbl.dat [2010-03-03 12:00:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\phar_unmip.dat [2010-03-03 12:00:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\phar_histprot.dat [2010-03-03 12:00:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\ph_white.dat [2010-03-03 12:00:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\ph_summ.dat [2010-03-03 12:00:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\ph_spoof.sig [2010-03-03 12:00:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\ph_sign.slf [2010-03-03 12:00:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\ph_fuzzy.sig [2010-03-03 12:00:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\ph_black.dat [2010-03-03 12:00:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\pcwords2.dat [2010-03-03 12:00:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\pcwords.dat [2010-03-03 12:00:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\pc_webproxy.dat [2010-03-03 12:00:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\pc_video.dat [2010-03-03 12:00:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\pc_tabloids.dat [2010-03-03 12:00:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\pc_socialnetworks.dat [2010-03-03 12:00:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\pc_sign.slf [2010-03-03 12:00:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\pc_searchengines.dat [2010-03-03 12:00:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\pc_regionaltlds.dat [2010-03-03 12:00:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\pc_pornography.dat [2010-03-03 12:00:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\pc_onlineshop.dat [2010-03-03 12:00:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\pc_onlinepay.dat [2010-03-03 12:00:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\pc_onlinedating.dat [2010-03-03 12:00:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\pc_news.dat [2010-03-03 12:00:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\pc_im.dat [2010-03-03 12:00:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\pc_illegal.dat [2010-03-03 12:00:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\pc_hate.dat [2010-03-03 12:00:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\pc_games.dat [2010-03-03 12:00:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\pc_gambling.dat [2010-03-03 12:00:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\pc_drugs.dat [2010-03-03 12:00:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\ab_sbl.sig [2010-03-03 12:00:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\ab_bl.sig [2010-02-26 13:44:08 | 000,001,621 | ---- | C] () -- C:\Documents and Settings\Seba\Pulpit\Vegas Pro 8.0.lnk [2010-02-26 13:33:42 | 000,189,976 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\FontCache3.0.0.0.dat [2010-02-26 13:13:47 | 000,009,728 | ---- | C] () -- C:\WINDOWS\System32\BASSMOD.dll [2010-02-25 12:39:36 | 000,077,312 | ---- | C] () -- C:\WINDOWS\MBR.exe [2010-02-24 19:59:16 | 000,095,744 | ---- | C] () -- C:\WINDOWS\System32\firefoxS.dll [2010-02-24 19:57:04 | 000,108,544 | ---- | C] () -- C:\WINDOWS\System32\PwS.dll [2010-02-24 19:55:30 | 000,180,736 | ---- | C] () -- C:\WINDOWS\System32\Optix_ScreenCapS.dll [2010-02-24 19:54:57 | 000,086,528 | ---- | C] () -- C:\WINDOWS\System32\GetSteamS.dll [2010-02-24 19:52:30 | 000,009,278 | ---- | C] () -- C:\WINDOWS\System32\ocx32 [2010-01-29 15:49:21 | 000,008,320 | ---- | C] () -- C:\WINDOWS\System32\RenameMe.sys [2010-01-13 15:06:30 | 000,000,290 | ---- | C] () -- C:\WINDOWS\game.ini [2009-12-31 21:01:52 | 000,000,088 | ---- | C] () -- C:\WINDOWS\Patch.ini [2009-12-21 16:18:52 | 000,000,180 | ---- | C] () -- C:\Documents and Settings\Seba\Dane aplikacji\setup.log [2009-12-21 16:18:49 | 000,000,760 | ---- | C] () -- C:\Documents and Settings\Seba\Dane aplikacji\setup_ldm.iss [2009-11-10 17:08:15 | 000,062,608 | -H-- | C] () -- C:\WINDOWS\System32\ciszkt.sys [2009-11-01 13:15:03 | 000,000,067 | ---- | C] () -- C:\WINDOWS\SpeederXP.INI [2009-09-23 12:49:50 | 000,019,040 | ---- | C] () -- C:\Program Files\Common Files\mukofo.lib [2009-09-22 14:47:04 | 000,022,328 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys [2009-09-22 14:47:03 | 000,022,328 | ---- | C] () -- C:\Documents and Settings\Seba\Dane aplikacji\PnkBstrK.sys [2009-09-22 14:37:20 | 000,721,904 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys [2009-08-17 11:55:55 | 001,388,544 | ---- | C] () -- C:\WINDOWS\System32\pingreducer32-steam.dll [2009-08-17 11:55:55 | 001,388,544 | ---- | C] () -- C:\WINDOWS\System32\pingreducer32.dll [2009-08-17 11:55:39 | 001,388,544 | ---- | C] () -- C:\WINDOWS\pingreducer32-steam.dll [2009-08-17 11:55:20 | 001,388,544 | ---- | C] () -- C:\WINDOWS\pingreducer32.dll [2009-08-17 11:54:28 | 001,388,544 | ---- | C] () -- C:\WINDOWS\System32\pingreducer-steam.dll [2009-08-17 11:54:28 | 001,388,544 | ---- | C] () -- C:\WINDOWS\System32\pingreducer.dll [2009-07-31 14:01:47 | 000,000,129 | ---- | C] () -- C:\Documents and Settings\Seba\Ustawienia lokalne\Dane aplikacji\fusioncache.dat [2009-07-03 18:40:52 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\LauncherAccess.dt [2009-07-03 18:39:52 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys [2009-07-02 11:38:18 | 000,000,000 | ---- | C] () -- C:\WINDOWS\WB.ini [2009-06-29 15:59:11 | 000,000,025 | ---- | C] () -- C:\WINDOWS\cdplayer.ini [2009-06-28 11:56:32 | 000,005,606 | ---- | C] () -- C:\WINDOWS\System32\stci.dll [2009-06-28 11:55:55 | 000,041,068 | ---- | C] () -- C:\WINDOWS\System32\ActPanel.dll [2009-06-19 20:06:22 | 000,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll [2009-06-19 20:06:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll [2009-06-19 20:06:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll [2009-06-19 20:06:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll [2009-06-19 20:06:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll [2009-06-19 20:06:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll [2009-06-19 20:06:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll [2009-06-19 20:06:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll [2009-06-19 20:06:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll [2009-06-19 20:06:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll [2009-01-03 11:20:53 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2009-01-02 17:35:54 | 000,070,656 | ---- | C] () -- C:\Documents and Settings\Seba\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009-01-02 17:24:10 | 000,013,881 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini [2009-01-02 17:18:12 | 000,000,804 | R--- | C] () -- C:\WINDOWS\System32\AsusSetup.ini [2009-01-02 17:18:12 | 000,000,276 | R--- | C] () -- C:\WINDOWS\System32\raidmgmt.ini [2009-01-02 17:17:42 | 000,014,129 | ---- | C] () -- C:\WINDOWS\Ascd_log.ini [2009-01-02 16:50:43 | 000,005,810 | R--- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys [2009-01-02 16:50:28 | 000,010,288 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS [2005-08-02 22:24:01 | 000,053,299 | ---- | C] () -- C:\WINDOWS\System32\pthreadVC.dll [2004-08-03 23:44:00 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\ieencode.dll [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 149 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:CFD318D0 @Alternate Data Stream - 136 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:5D68E797 @Alternate Data Stream - 110 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:888AFB86 < End of report > [/quote]
Psycholandia komentarz 23 marca 2010 komentarz 23 marca 2010 Wykonaj: - przeskanuj komputer tym: [url="http://www.programosy.pl/program,malwarebytes-anti-malware.html"]Malware[/url] usuń wszystko co znajdzie i daj loga po kasowaniu (loga z Malware) - http://andziorka.wordpress.com/2009/10/15/wysoki-ping/ - http://andziorka.wordpress.com/2009/10/07/powolny-internet/ - uruchom OTL i kliknij na CleanUP
astrIX komentarz 25 marca 2010 Autor komentarz 25 marca 2010 Dobra problem rozwiązany,jak ręką odjął problem zniknął wina leżała chyba po stronie operatora.Dzięki na chęci temat do zamknięcia
Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!
Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.