brak internetu, pingi przechodzą.

[sbuli]

Witam,
Na lapalku znajomego ( ACER 5720z) jest zainstalowana VISTA.
Przeskanowałem AVASTEM i COMBOFIXEM było troszkę śmieci ale nadal nie otwierają się strony.
Przeglądarka IE i FIREFOX.
Sieć skonfigurowana poprawnie z DHCP.
Pingi do wp.pl czy google.pl przechodzą a po wpisaniu adresy do przeglądarki stron brak.
Po wpisaniu adresów IP do przeglądarki stron brak.
Firewall wyłączony.
Brak pomysłów
Pozdr.

[Dzi@dek]

http://forum.programosy.pl/hijackthis-amp-silent-runners-gtobsuga-i-umieszczanie-vt9452.html
http://forum.programosy.pl/jak-generujemy-logi-z-combofixa-oraz-dssa-vt95026.html

Dwa logi:
Combo + HJ

[sbuli]

Dzięki za zainteresowanie,

ComboFix 08-06-20.4 - Patora 2008-06-30 12:36:49.3 - NTFSx86

MicrosoftŽ Windows Vista™ Home Premium 6.0.6001.1.1250.1.1045.18.361 [GMT 2:00]

Running from: F:\antywir\ComboFix.exe

((((((((((((((((((((((((( Files Created from 2008-05-28 to 2008-06-30 )))))))))))))))))))))))))))))))

2008-06-30 12:34 . 2008-06-30 12:34 6,736 --a------ C:\Windows\System32\drivers\PROCEXP90.SYS

2008-06-30 12:17 . 2008-06-30 12:17 <DIR> d-------- C:\Program Files\Trend Micro

2008-06-29 10:51 . 2008-06-29 10:51 <DIR> d-------- C:\Program Files\Alwil Software

2008-06-29 10:48 . 2008-06-29 10:48 0 --ah----- C:\Windows\System32\drivers\Msft_User_WpdFs_01_00_00.Wdf

2008-06-28 15:40 . 2008-06-28 15:40 27,240 --a------ C:\Users\Goœć\AppData\Roaming\nvModes.dat

2008-06-28 15:37 . 2008-06-28 15:37 <DIR> d-------- C:\Users\Goœć\AppData\Roaming\Winamp

2008-06-27 21:46 . 2008-06-27 21:46 <DIR> d-------- C:\Program Files\Thomson

2008-06-21 15:59 . 2008-06-27 21:55 <DIR> d-------- C:\Program Files\Neostrada TP

2008-06-21 15:10 . 2000-08-19 19:29 268,048 --a------ C:\Windows\System32\dxtmeta2.dll

2008-06-21 12:10 . 2008-06-21 12:10 <DIR> d-------- C:\PerfLogs

2008-06-21 09:37 . 2008-01-19 09:43 3,600,440 --a------ C:\Windows\System32\ntkrnlpa.exe

2008-06-21 09:37 . 2008-01-19 09:43 3,548,728 --a------ C:\Windows\System32\ntoskrnl.exe

2008-06-21 09:37 . 2008-01-19 09:33 2,623,488 --a------ C:\Windows\System32\SLsvc.exe

2008-06-21 09:37 . 2008-01-19 09:36 1,541,120 --a------ C:\Windows\System32\onex.dll

2008-06-21 09:37 . 2008-01-19 09:29 705,536 --a------ C:\Windows\System32\imagesp1.dll

2008-06-21 09:37 . 2008-01-19 06:10 681,984 --a------ C:\Windows\System32\drivers\spsys.sys

2008-06-21 09:37 . 2008-01-19 09:42 51,768 --a------ C:\Windows\System32\PSHED.DLL

2008-06-21 09:35 . 2008-01-19 07:31 8,322,048 --a------ C:\Windows\System32\spwizimg.dll

2008-06-21 09:33 . 2008-01-19 09:35 4,875,776 --a------ C:\Windows\System32\NlsData0009.dll

2008-06-21 09:32 . 2008-01-19 09:35 9,847,296 --a------ C:\Windows\System32\NlsData000a.dll

2008-06-21 09:31 . 2008-01-19 09:32 5,714,432 --a------ C:\Windows\System32\logon.scr

2008-06-21 09:30 . 2008-01-19 08:06 8,147,456 --a------ C:\Windows\System32\wmploc.DLL

2008-06-21 09:29 . 2008-01-19 09:36 357,888 --a------ C:\Windows\System32\wbemcomn.dll

2008-06-21 09:28 . 2008-01-19 09:36 704,512 --a------ C:\Windows\System32\SmiEngine.dll

2008-06-21 09:28 . 2008-01-19 09:36 218,624 --a------ C:\Windows\System32\wdscore.dll

2008-06-21 09:28 . 2008-01-19 09:36 139,264 --a------ C:\Windows\System32\SmiInstaller.dll

2008-06-21 09:28 . 2008-01-19 09:33 130,560 --a------ C:\Windows\System32\PkgMgr.exe

2008-06-21 09:27 . 2008-06-21 09:27 <DIR> d-------- C:\Users\Goœć\AppData\Roaming\Google

2008-06-21 09:25 . 2008-06-21 09:25 <DIR> d-------- C:\Users\Goœć\AppData\Roaming\Macromedia

2008-06-21 09:25 . 2008-01-19 09:34 305,152 --a------ C:\Windows\System32\msdelta.dll

2008-06-21 09:25 . 2008-01-19 09:34 258,560 --a------ C:\Windows\System32\dpx.dll

2008-06-21 09:25 . 2008-01-19 09:34 246,784 --a------ C:\Windows\System32\drvstore.dll

2008-06-21 09:25 . 2008-01-19 09:35 35,328 --a------ C:\Windows\System32\mspatcha.dll

2008-06-21 09:24 . 2008-06-21 09:24 <DIR> dr------- C:\Users\Goœć\Searches

2008-06-21 09:24 . 2008-06-21 09:24 <DIR> dr------- C:\Users\Goœć\Searches

2008-06-21 09:24 . 2008-06-21 09:24 <DIR> dr------- C:\Users\Goœć\Contacts

2008-06-21 09:24 . 2008-06-21 09:24 <DIR> dr------- C:\Users\Goœć\Contacts

2008-06-21 09:24 . 2008-06-21 09:24 <DIR> d-------- C:\Users\Goœć\AppData\Roaming\Identities

2008-06-21 09:24 . 2006-11-02 11:39 6,656 --a------ C:\Windows\System32\kbd106.dll

2008-06-21 09:23 . 2008-06-21 09:24 <DIR> dr------- C:\Users\Goœć\Videos

2008-06-21 09:23 . 2008-06-21 09:24 <DIR> dr------- C:\Users\Goœć\Videos

2008-06-21 09:23 . 2008-06-21 09:24 <DIR> dr------- C:\Users\Goœć\Saved Games

2008-06-21 09:23 . 2008-06-21 09:24 <DIR> dr------- C:\Users\Goœć\Saved Games

2008-06-21 09:23 . 2008-06-21 09:24 <DIR> dr------- C:\Users\Goœć\Pictures



2008-06-21 09:23 . 2008-06-21 09:24 <DIR> dr------- C:\Users\Goœć\Pictures

2008-06-21 09:23 . 2008-06-21 09:24 <DIR> dr------- C:\Users\Goœć\Music

2008-06-21 09:23 . 2008-06-21 09:24 <DIR> dr------- C:\Users\Goœć\Music

2008-06-21 09:23 . 2008-06-21 09:24 <DIR> dr------- C:\Users\Goœć\Links

2008-06-21 09:23 . 2008-06-21 09:24 <DIR> dr------- C:\Users\Goœć\Links

2008-06-21 09:23 . 2008-06-21 09:24 <DIR> dr------- C:\Users\Goœć\Favorites

2008-06-21 09:23 . 2008-06-21 09:24 <DIR> dr------- C:\Users\Goœć\Favorites

2008-06-21 09:23 . 2008-06-21 09:24 <DIR> dr------- C:\Users\Goœć\Downloads

2008-06-21 09:23 . 2008-06-21 09:24 <DIR> dr------- C:\Users\Goœć\Downloads

2008-06-21 09:23 . 2008-06-21 09:24 <DIR> dr------- C:\Users\Goœć\Documents

2008-06-21 09:23 . 2008-06-21 09:24 <DIR> dr------- C:\Users\Goœć\Documents

2008-06-21 09:23 . 2008-06-30 12:17 <DIR> dr------- C:\Users\Goœć\Desktop

2008-06-21 09:23 . 2008-06-30 12:17 <DIR> dr------- C:\Users\Goœć\Desktop

2008-06-21 09:23 . 2008-06-21 09:25 <DIR> d---s---- C:\Users\Goœć\AppData\Roaming\Microsoft

2008-06-21 09:23 . 2006-11-02 14:37 <DIR> d-------- C:\Users\Goœć\AppData\Roaming\Media Center Programs

2008-06-21 09:23 . 2008-06-21 09:24 <DIR> d--h----- C:\Users\Goœć\AppData

2008-06-21 09:23 . 2008-06-21 09:24 <DIR> d--h----- C:\Users\Goœć\AppData

2008-06-21 09:23 . 2008-06-28 21:03 <DIR> d-------- C:\Users\Goœć

2008-06-21 09:23 . 2008-06-30 08:49 786,432 --ahs---- C:\Users\Goœć\ntuser.dat

2008-06-21 09:23 . 2008-06-30 08:49 786,432 --ahs---- C:\Users\Goœć\ntuser.dat

2008-06-14 08:54 . 2008-04-23 06:42 428,544 --a------ C:\Windows\System32\EncDec.dll

2008-06-14 08:54 . 2008-04-23 06:42 293,376 --a------ C:\Windows\System32\psisdecd.dll

2008-06-14 08:54 . 2008-04-23 06:41 218,624 --a------ C:\Windows\System32\psisrndr.ax

2008-06-14 08:54 . 2008-01-19 09:33 80,896 --a------ C:\Windows\System32\MSNP.ax

2008-06-14 08:54 . 2008-01-19 09:33 69,632 --a------ C:\Windows\System32\Mpeg2Data.ax

2008-06-14 08:54 . 2008-04-23 06:41 57,856 --a------ C:\Windows\System32\MSDvbNP.ax

2008-06-11 17:49 . 2008-06-28 22:24 <DIR> d-------- C:\Users\All Users\eMule

2008-06-11 17:49 . 2008-06-28 22:24 <DIR> d-------- C:\ProgramData\eMule

2008-06-11 17:11 . 2008-06-11 17:11 <DIR> d-------- C:\Program Files\GoD

2008-06-11 06:06 . 2008-04-25 04:12 1,383,424 --a------ C:\Windows\System32\mshtml.tlb

2008-06-11 06:06 . 2008-04-26 10:08 1,314,816 --a------ C:\Windows\System32\quartz.dll

2008-06-11 06:06 . 2008-04-25 06:35 826,880 --a------ C:\Windows\System32\wininet.dll

2008-06-11 06:06 . 2008-05-10 03:33 113,664 --a------ C:\Windows\System32\drivers\rmcast.sys

2008-06-06 14:51 . 2008-06-28 21:03 <DIR> d-------- C:\Users\Patora\AppData\Roaming\gtk-2.0

2008-06-06 14:51 . 2008-06-06 14:51 <DIR> d-------- C:\Users\Patora\.thumbnails

2008-06-06 14:47 . 2008-06-27 15:32 <DIR> d-------- C:\Users\Patora\.gimp-2.4

2008-06-06 14:46 . 2008-06-06 14:46 <DIR> d-------- C:\Program Files\GIMP-2.0

2008-05-28 16:50 . 2008-03-08 04:08 4,240,384 --a------ C:\Windows\System32\GameUXLegacyGDFs.dll

2008-05-28 16:50 . 2008-03-08 06:21 1,695,744 --a------ C:\Windows\System32\gameux.dll

2008-05-25 11:16 . 2008-05-25 11:16 <DIR> d-------- C:\Program Files\Gadu-Gadu

2008-05-22 09:56 . 2008-05-22 09:56 <DIR> d-------- C:\Program Files\Picasa2

2008-05-22 09:56 . 2006-10-05 04:42 2,560 --------- C:\Windows\System32\drivers\cdralw2k.sys

2008-05-22 09:56 . 2006-10-05 04:42 2,432 --------- C:\Windows\System32\drivers\cdr4_xp.sys

2008-05-22 09:12 . 2008-05-22 09:12 <DIR> d-------- C:\Program Files\DAEMON Tools Lite

2008-05-22 09:08 . 2008-05-22 09:08 <DIR> d-------- C:\Users\Patora\AppData\Roaming\DAEMON Tools

2008-05-22 09:08 . 2008-05-22 09:08 717,296 --a------ C:\Windows\System32\drivers\sptd.sys

2008-05-19 16:31 . 2008-05-19 16:34 <DIR> d-------- C:\Program Files\IrfanView

2008-05-15 18:52 . 2008-05-15 18:55 <DIR> d-------- C:\Program Files\Football Generation

2008-05-11 17:51 . 2008-06-21 12:39 <DIR> d-------- C:\Users\Patora\AppData\Roaming\Skype

2008-05-11 17:48 . 2008-05-11 17:48 <DIR> d-------- C:\Program Files\Skype

2008-05-11 17:48 . 2008-05-11 17:48 <DIR> d-------- C:\Program Files\Common Files\Skype



.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2008-06-30 07:41 --------- d-----w C:\ProgramData\Symantec

2008-06-30 07:41 --------- d-----w C:\Program Files\Common Files\Symantec Shared

2008-06-30 06:54 --------- d-----w C:\Program Files\Acer Arcade Deluxe

2008-06-30 06:49 786,432 --sha-w C:\Users\Goœć\ntuser.dat

2008-06-30 06:49 786,432 --sha-w C:\Users\Goœć\ntuser.dat

2008-06-28 20:32 --------- d-----w C:\Program Files\BitComet

2008-06-28 20:01 --------- d-----w C:\Program Files\Winamp

2008-06-28 20:01 --------- d-----w C:\Program Files\Symantec

2008-06-28 19:39 91,582 ----a-w C:\Users\Patora\AppData\Roaming\nvModes.dat

2008-06-28 19:03 --------- d-----w C:\Users\Patora\AppData\Roaming\Winamp

2008-06-28 17:18 --------- d-----w C:\Program Files\Warcraft III

2008-06-28 13:40 27,240 ----a-w C:\Users\Goœć\AppData\Roaming\nvModes.dat

2008-06-28 13:37 --------- d-----w C:\Users\Goœć\AppData\Roaming\Winamp

2008-06-27 19:46 --------- d--h--w C:\Program Files\InstallShield Installation Information

2008-06-21 10:20 174 --sha-w C:\Program Files\desktop.ini

2008-06-21 10:12 --------- d-----w C:\Program Files\Windows Sidebar

2008-06-21 10:12 --------- d-----w C:\Program Files\Windows Photo Gallery

2008-06-21 10:12 --------- d-----w C:\Program Files\Windows Mail

2008-06-21 10:12 --------- d-----w C:\Program Files\Windows Journal

2008-06-21 10:12 --------- d-----w C:\Program Files\Windows Defender

2008-06-21 10:12 --------- d-----w C:\Program Files\Windows Collaboration

2008-06-21 10:12 --------- d-----w C:\Program Files\Windows Calendar

2008-06-21 09:25 82,432 ----a-w C:\Windows\System32\axaltocm.dll

2008-06-21 09:25 101,888 ----a-w C:\Windows\System32\ifxcardm.dll

2008-06-21 07:27 --------- d-----w C:\Users\Goœć\AppData\Roaming\Google

2008-06-21 07:25 --------- d-s---w C:\Users\Goœć\AppData\Roaming\Microsoft

2008-06-21 07:25 --------- d-----w C:\Users\Goœć\AppData\Roaming\Macromedia

2008-06-21 07:24 --------- d-----w C:\Users\Goœć\AppData\Roaming\Identities

2008-05-25 08:57 --------- d-----w C:\Program Files\WapSter

2008-05-15 23:18 50,768 ----a-w C:\Windows\system32\drivers\aswMonFlt.sys

2008-05-11 15:48 --------- d-----w C:\ProgramData\Skype

2008-04-30 11:35 --------- d-----w C:\Program Files\Common Files\Adobe

2008-04-29 15:39 --------- d-----w C:\Program Files\Corel

2008-04-29 15:33 --------- d-----w C:\Program Files\KalOnlineEng

2008-04-29 15:30 --------- d-----w C:\Program Files\Intel

2008-04-29 15:29 --------- d-----w C:\Program Files\Hamachi

2008-04-29 14:07 --------- d-----w C:\Users\Patora\AppData\Roaming\Hamachi

2008-04-28 14:14 --------- d-----w C:\Users\Patora\AppData\Roaming\CCPublisher

2008-04-28 14:14 --------- d-----w C:\ProgramData\CodedColor

2008-04-28 13:32 --------- d-----w C:\Users\Patora\AppData\Roaming\GanymedeNet

2008-04-28 12:15 --------- d-----w C:\Users\Patora\AppData\Roaming\skypePM

2008-04-27 09:06 2,516 --sha-w C:\Windows\System32\KGyGaAvL.sys

2008-04-10 15:19 476,752 ----a-w C:\Users\All Users\pswi_preloaded.exe

2008-04-10 15:19 476,752 ----a-w C:\ProgramData\pswi_preloaded.exe

2008-03-22 11:05 2,829 ----a-w C:\Windows\War3Unin.pif

2008-03-22 11:05 139,264 ----a-w C:\Windows\War3Unin.exe

2008-03-22 07:30 2,560 ----a-w C:\Windows\_MSRSTRT.EXE

2008-03-08 04:19 540,672 ----a-w C:\Windows\AppPatch\AcLayers.dll

2008-03-08 04:19 458,752 ----a-w C:\Windows\AppPatch\AcSpecfc.dll

2008-03-08 04:19 2,153,984 ----a-w C:\Windows\AppPatch\AcGenral.dll

2008-03-08 04:19 173,056 ----a-w C:\Windows\AppPatch\AcXtrnal.dll

2008-03-08 01:58 2,560 ----a-w C:\Windows\AppPatch\AcRes.dll

2008-02-26 21:20 32 ----a-w C:\Users\All Users\ezsid.dat

2008-02-26 21:20 32 ----a-w C:\ProgramData\ezsid.dat

.



((((((((((((((((((((((((((((( snapshot@2008-06-30_ 8.58.16,57 )))))))))))))))))))))))))))))))))))))))))

.

- 2008-06-30 06:36:44 67,584 --s-a-w C:\Windows\bootstat.dat

+ 2008-06-30 10:25:47 67,584 --s-a-w C:\Windows\bootstat.dat

- 2008-06-29 09:52:55 2,048 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat

+ 2008-06-30 10:25:48 2,048 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat

- 2008-06-29 09:52:55 2,048 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat

+ 2008-06-30 10:25:48 2,048 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat

- 2008-06-28 18:30:29 16,384 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

+ 2008-06-30 07:05:03 16,384 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

- 2008-06-28 18:30:29 32,768 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat

+ 2008-06-30 07:05:03 32,768 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat

- 2008-06-28 18:30:29 16,384 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

+ 2008-06-30 07:05:03 16,384 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

- 2008-06-29 09:56:59 262,144 --sha-w C:\Windows\ServiceProfiles\LocalService\ntuser.dat

+ 2008-06-30 10:27:34 262,144 --sha-w C:\Windows\ServiceProfiles\LocalService\ntuser.dat

+ 2008-06-30 10:27:34 262,144 ---ha-w C:\Windows\ServiceProfiles\LocalService\ntuser.dat.LOG1

- 2008-06-29 09:57:04 262,144 --sha-w C:\Windows\ServiceProfiles\NetworkService\ntuser.dat

+ 2008-06-30 10:28:25 262,144 --sha-w C:\Windows\ServiceProfiles\NetworkService\ntuser.dat

+ 2008-06-30 10:28:25 262,144 ---ha-w C:\Windows\ServiceProfiles\NetworkService\ntuser.dat.LOG1

- 2008-06-29 18:13:04 16,384 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

+ 2008-06-30 10:28:39 16,384 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

- 2008-06-29 18:13:04 49,152 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat

+ 2008-06-30 10:28:39 49,152 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat

- 2008-06-29 18:13:04 16,384 --sha-w C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

+ 2008-06-30 10:28:39 16,384 --sha-w C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

- 2008-06-30 06:44:03 101,250 ----a-w C:\Windows\System32\perfc009.dat

+ 2008-06-30 10:30:08 101,250 ----a-w C:\Windows\System32\perfc009.dat

- 2008-06-30 06:44:03 126,908 ----a-w C:\Windows\System32\perfc015.dat

+ 2008-06-30 10:30:08 126,908 ----a-w C:\Windows\System32\perfc015.dat

- 2008-06-30 06:44:03 587,178 ----a-w C:\Windows\System32\perfh009.dat

+ 2008-06-30 10:30:08 587,178 ----a-w C:\Windows\System32\perfh009.dat

- 2008-06-30 06:44:03 662,112 ----a-w C:\Windows\System32\perfh015.dat

+ 2008-06-30 10:30:08 662,112 ----a-w C:\Windows\System32\perfh015.dat

- 2008-06-29 09:58:03 12,512 ----a-w C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-1538729772-1818477208-3453795745-1000_UserData.bin

+ 2008-06-30 10:29:02 12,908 ----a-w C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-1538729772-1818477208-3453795745-1000_UserData.bin

- 2008-06-29 09:58:02 85,236 ----a-w C:\Windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin

+ 2008-06-30 10:29:01 85,836 ----a-w C:\Windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin

- 2008-06-29 09:58:01 56,318 ----a-w C:\Windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin

+ 2008-06-30 10:28:59 58,056 ----a-w C:\Windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin

- 2008-06-29 22:15:58 270,402 ----a-w C:\Windows\System32\WDI\SuspendPerformanceDiagnostics_SystemData_S3.bin

+ 2008-06-30 10:15:09 272,004 ----a-w C:\Windows\System32\WDI\SuspendPerformanceDiagnostics_SystemData_S3.bin

.

-- Snapshot reset to current date --

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4



[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Gadu-Gadu"="C:\Program Files\Gadu-Gadu\gg.exe" [2008-03-20 12:04 2127296]



[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Acer Tour"="" []

"eRecoveryService"="" []

"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2008-05-16 01:19 79224]



[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"Acer Tour Reminder"="C:\Acer\AcerTour\Reminder.exe" [2007-05-22 15:49 151552]



[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"EnableUIADesktopToggle"= 0 (0x0)



[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

@="Driver"



[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Empowering Technology Launcher.lnk]

path=C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Empowering Technology Launcher.lnk

backup=C:\Windows\pss\Empowering Technology Launcher.lnk.CommonStartup

backupExtension=.CommonStartup



[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acer Tour Reminder]

--a------ 2007-05-22 15:49 151552 C:\Acer\AcerTour\Reminder.exe



[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]

--a------ 2008-01-11 22:16 39792 C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe



[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Apoint]

--a------ 2007-06-06 10:06 159744 C:\Program Files\Apoint2K\Apoint.exe



[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AQQ]

C:\PROGRA~1\WapSter\WAPSTE~1\AQQ.exe



[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BearShare]

C:\Program Files\BearShare\BearShare.exe



[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitComet]

C:\Program Files\BitComet\BitComet.exe



[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ccApp]

--a------ 2006-11-21 06:44 107112 C:\Program Files\Common Files\Symantec Shared\ccApp.exe



[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CollaborationHost]

--a------ 2008-01-19 09:33 192000 C:\Windows\system32\p2phost.exe



[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]

--a------ 2008-04-01 11:39 486856 C:\Program Files\DAEMON Tools Lite\daemon.exe



[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eAudio]

--------- 2007-06-11 15:54 1286144 C:\Acer\Empowering Technology\eAudio\eAudio.exe



[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eDataSecurity Loader]

--a------ 2007-04-25 16:33 457216 C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe



[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray.exe]

--a------ 2008-01-19 09:33 125952 C:\Windows\ehome\ehTray.exe



[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Gadu-Gadu]

--a------ 2008-03-20 12:04 2127296 C:\Program Files\Gadu-Gadu\gg.exe



[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]

C:\Windows\system32\hkcmd.exe



[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]

C:\Windows\system32\igfxtray.exe



[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LManager]

--a------ 2007-06-27 11:15 752136 C:\PROGRA~1\LAUNCH~1\LManager.exe



[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]

--a------ 2007-07-25 17:39 8470528 C:\Windows\system32\NvCpl.dll



[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]

--a------ 2007-07-25 17:39 81920 C:\Windows\system32\NvMcTray.dll



[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvSvc]

--a------ 2007-07-25 17:39 86016 C:\Windows\system32\nvsvc.dll



[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Orb]

--a------ 2008-01-07 22:02 495616 C:\Program Files\Winamp Remote\bin\OrbTray.exe



[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\osCheck]

C:\Program Files\Norton Internet Security\osCheck.exe



[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]

C:\Windows\system32\igfxpers.exe



[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Picasa Media Detector]

--a------ 2008-02-26 03:23 443968 C:\Program Files\Picasa2\PicasaMediaDetector.exe



[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PlayMovie]

--------- 2007-05-24 14:38 206952 C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe



[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PLFSetL]

--a------ 2007-07-05 13:35 94208 C:\Windows\PLFSetL.exe



[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE]

--a------ 2008-01-20 09:05 217088 C:\Program Files\PowerISO\PWRISOVM.EXE



[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]

--a------ 2007-07-06 05:06 4669440 C:\Windows\RtHDVCpl.exe



[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SetPanel]

C:\Acer\APanel\APanel.cmd



[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]

--a------ 2008-01-19 09:33 1233920 C:\Program Files\Windows Sidebar\sidebar.exe



[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]

-ra------ 2008-04-30 17:17 22058792 C:\Program Files\Skype\Phone\Skype.exe



[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skytel]

--a------ 2007-06-15 10:45 1826816 C:\Windows\SkyTel.exe



[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]

--a------ 2007-09-25 02:11 132496 C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe



[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\svcshare]

C:\Windows\system32\drivers\spoclsv.exe



[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]

--a------ 2008-02-02 18:48 171448 C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe



[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Symantec PIF AlertEng]

C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe



[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WarReg_PopUp]

--a------ 2006-11-05 22:48 57344 C:\Acer\WR_PopUp\WarReg_PopUp.exe



[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]

--a------ 2007-12-20 17:16 37376 C:\Program Files\Winamp\winampa.exe



[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]

--a------ 2008-01-19 09:38 1008184 C:\Program Files\Windows Defender\MSASCui.exe



[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]

--a------ 2008-01-19 09:33 202240 C:\Program Files\Windows Media Player\WMPNSCFG.exe



[HKEY_LOCAL_MACHINE\software\microsoft\security center]

"UacDisableNotify"=dword:00000001

"InternetSettingsDisableNotify"=dword:00000001

"AutoUpdateDisableNotify"=dword:00000001



[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]

"DisableMonitoring"=dword:00000001



[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]

"DisableMonitoring"=dword:00000001



[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]

"DisableMonitoring"=dword:00000001



[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]

"{24368811-638E-4AA5-AC42-291E8DD2CCB0}"= C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Acer Arcade Deluxe.exe:Acer Arcade Deluxe

"{4ADF2998-3DCA-4A32-B24A-D5D7B7C20A99}"= C:\Program Files\Acer Arcade Deluxe\VideoMagician\VideoMagician.exe:VideoMagician

"{F2C39C05-B469-48A7-A9EA-1771F3F8B48D}"= C:\Program Files\Acer Arcade Deluxe\HomeMedia\HomeMedia.exe:HomeMedia

"{4E6EF43B-D83E-4170-8E22-AF1DA496E04C}"= C:\Program Files\Acer Arcade Deluxe\DV Wizard\DV Wizard.exe:DV Wizard

"{F378526B-E04B-4BB0-A11C-93A5B918C177}"= UDP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote

"{4D95F76E-2B5B-49AF-91F1-701BB17D6956}"= TCP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote

"{207A6E29-1DAE-4F6D-8BE9-E5F37E8E03B1}"= C:\Program Files\Acer Arcade Deluxe\DVDivine\DVDivine.exe:DVDivine

"{1A7CA101-5B71-44F6-8FDB-9DDB8D254CF0}"= C:\Program Files\Acer Arcade Deluxe\Play Movie\PlayMovie.exe:Play Movie

"{84A33F48-A56D-4ED0-BC86-3A4983D345DE}"= C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe:Play Movie Resident Program

"{F46545DA-1C2E-47A1-AE54-ABD97CED1839}"= UDP:C:\Program Files\Winamp Remote\bin\Orb.exe:Orb

"{A08D7842-7FBB-42F8-AB68-CDF093E58F6D}"= TCP:C:\Program Files\Winamp Remote\bin\Orb.exe:Orb

"{3F5E736F-2376-46F9-8A95-2DF1A894EF5E}"= UDP:C:\Program Files\Winamp Remote\bin\OrbTray.exe:OrbTray

"{32EAD5C1-A7C7-4D2F-B135-CF0248DDA97E}"= TCP:C:\Program Files\Winamp Remote\bin\OrbTray.exe:OrbTray

"{2F98C458-FA6C-4545-8C57-4555F59BB41A}"= UDP:C:\Program Files\Winamp Remote\bin\OrbIR.exe:OrbIR

"{2514C3A4-6E2B-431E-AB1A-3D69737E2BE4}"= TCP:C:\Program Files\Winamp Remote\bin\OrbIR.exe:OrbIR

"{F4F7BBE0-D67F-4071-AAF8-D70298FA97D3}"= UDP:C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe:Orb Stream Client

"{230FE77D-05BA-41F9-8C24-A2C166A72962}"= TCP:C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe:Orb Stream Client

"{7362EE43-38F2-4993-9C74-6B421B5CCD5A}"= UDP:C:\Program Files\Electronic Arts\Bitwa o Œródziemie II\game.dat:Bitwa o Œródziemie™ II

"{279B225F-11D1-46F7-ABE8-BBDB077B2363}"= TCP:C:\Program Files\Electronic Arts\Bitwa o Œródziemie II\game.dat:Bitwa o Œródziemie™ II

"{661CC565-F16F-40BE-AEA9-B8E0AC46C66E}"= C:\Program Files\Skype\Phone\Skype.exe:Skype

"TCP Query User{9E4DED99-96E6-4311-A42B-84E8F03DDFE9}C:\\program files\\bitcomet\\bitcomet.exe"= UDP:C:\program files\bitcomet\bitcomet.exe:BitComet - a BitTorrent Client

"UDP Query User{A689DD38-9709-4030-88E9-F5A2B658F169}C:\\program files\\bitcomet\\bitcomet.exe"= TCP:C:\program files\bitcomet\bitcomet.exe:BitComet - a BitTorrent Client



[HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]

"EnableFirewall"= 0 (0x0)



[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\AuthorizedApplications\List]

"C:\\Acer\\Empowering Technology\\eDataSecurity\\eDSfsu.exe"= C:\Acer\Empowering Technology\eDataSecurity\eDSfsu.exe:*:Enabled:eDSfsu

"C:\\Acer\\Empowering Technology\\eDataSecurity\\encryption.exe"= C:\Acer\Empowering Technology\eDataSecurity\encryption.exe:*:Enabled:encryption

"C:\\Acer\\Empowering Technology\\eDataSecurity\\decryption.exe"= C:\Acer\Empowering Technology\eDataSecurity\decryption.exe:*:Enabled:decryption

"C:\\Program Files\\WapSter\\AQQ\\AQQ.exe"= C:\Program Files\WapSter\AQQ\AQQ.exe:*:Enabled:P2P AQQ



R1 aswSP;avast! Self Protection;C:\Windows\system32\drivers\aswSP.sys [2008-05-16 01:20]

R1 IDSvix86;Symantec Intrusion Prevention Driver;C:\PROGRA~2\Symantec\DEFINI~1\SymcData\idsdefs\20080314.001\IDSvix86.sys [2008-02-13 18:18]

R2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796};{49DE1C67-83F8-4102-99E0-C16DCC7EEC796};C:\Program Files\Acer Arcade Deluxe\Play Movie\000.fcl [2006-11-02 17:51]

R2 aswFsBlk;aswFsBlk;C:\Windows\system32\DRIVERS\aswFsBlk.sys [2008-05-16 01:16]

R2 aswMonFlt;aswMonFlt;C:\Windows\system32\DRIVERS\aswMonFlt.sys [2008-05-16 01:18]

R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;C:\Windows\system32\DRIVERS\b57nd60x.sys [2007-06-05 10:57]
R3 enecir;ENE CIR Receiver;C:\Windows\system32\DRIVERS\enecir.sys [2007-03-07 10:26]
R3 SYMNDISV;SYMNDISV;C:\Windows\system32\Drivers\SYMNDISV.SYS [2007-10-30 20:55]
S2 RPCM;Remote Procedure Manager(TPM);C:\Program Files\Common Files\Microsoft Shared\Speech\csvde.exe []
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\F]
\shell\AutoRun\command - F:\autoplay.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\G]
\shell\AutoRun\command - G:\autoplay.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c536a040-32f6-11dd-9c77-d26cbfa530f2}]

\shell\Auto\command - I:\setup.exe

\shell\AutoRun\command - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL I:\setup.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e6568553-45b7-11dd-ac68-806e6f6e6963}]

\shell\AutoRun\command - xn1i9x.com

\shell\explore\Command - xn1i9x.com

\shell\open\Command - xn1i9x.com



[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f4749a20-b231-11dc-9ee9-806e6f6e6963}]

\shell\AutoRun\command - E:\start.exe



*Newly Created Service* - COMHOST

.

Contents of the 'Scheduled Tasks' folder

"2008-06-30 06:40:27 C:\Windows\Tasks\User_Feed_Synchronization-{DDC08D24-6648-4111-A5FE-F54E989FF0DE}.job"

- C:\Windows\system32\msfeedssync.exe

.

**************************************************************************



catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2008-06-30 12:40:09

Windows 6.0.6001 Service Pack 1 NTFS



scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully

hidden files: 0

**************************************************************************
.
Completion time: 2008-06-30 12:41:40

ComboFix-quarantined-files.txt 2008-06-30 10:41:26

ComboFix2.txt 2008-06-30 06:58:48

Pre-Run: 22,277,914,624 bajtów wolnych

Post-Run: 22,242,463,744 bajtów wolnych

387 --- E O F --- 2008-06-21 09:30:01

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 13:05:44, on 2008-06-30

Platform: Windows Vista SP1 (WinNT 6.00.1905)

MSIE: Internet Explorer v7.00 (7.00.6001.18000)

Boot mode: Normal



Running processes:

C:\Windows\system32\taskeng.exe

C:\Windows\system32\Dwm.exe

C:\Program Files\Alwil Software\Avast4\ashDisp.exe

C:\Program Files\Gadu-Gadu\gg.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Windows\system32\conime.exe

C:\Windows\Explorer.exe

C:\Windows\system32\taskeng.exe

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe



R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://pl.intl.acer.yahoo.com

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

O1 - Hosts: ::1 localhost

O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\NppBho.dll

O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll

O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

O4 - HKCU\..\Run: [Gadu-Gadu] "C:\Program Files\Gadu-Gadu\gg.exe" /tray

O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'USŁUGA LOKALNA')

O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'USŁUGA SIECIOWA')

O4 - HKUS\S-1-5-18\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe (User 'Default user')

O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

O9 - Extra button: Wyœlij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: Wyœlij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL

O13 - Gopher Prefix:

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe

O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe

O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe

O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe

O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe

O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Unknown owner - C:\Program Files\Norton Internet Security\isPwdSvc.exe (file missing)

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe

O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe

O23 - Service: ProtexisLicensing - Unknown owner - C:\Windows\system32\PSIService.exe

O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe

O23 - Service: Remote Procedure Manager(TPM) (RPCM) - Unknown owner - C:\Program Files\Common Files\Microsoft Shared\Speech\csvde.exe (file missing)

O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe

O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe

O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe



--

End of file - 6485 bytes

Pozdr.

[ Dodano: Dzisiaj o 22:44 ]
Witam ponownie
Czy coś wynika z tych logów?
Proszę o podpowiedź co dalej sprawdzić bo wieczorkiem mam więcej czasu aby podziałać
Pozdrawiam.