Logi - ustawienia spersonalizowane systemu

[Atime]

Witam,

Mam problem z okienkiem ustawień spersonalizowanych systemu, które mi wyskakuje co kilka minut. Przy okazji znika pasek zadań i zamykane są wszystkie okienka windowsa.

Log z HiJackThis:

Kod: Zaznacz wszystko

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:41:15, on 2009-08-27
Platform: Windows XP Dodatek SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16876)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
E:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
E:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
E:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
E:\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\system32\IoctlSvc.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\SearchIndexer.exe
E:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
E:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\RTHDCPL.EXE
E:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\WINDOWS\V0470Mon.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
E:\Program Files\iTunes\iTunesHelper.exe
E:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
E:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\DNA\btdna.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\iPod\bin\iPodService.exe
E:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
E:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
C:\Program Files\Java\jre6\bin\jucheck.exe
E:\Program Files\Mozilla Firefox\firefox.exe
E:\OTL.exe
C:\WINDOWS\notepad.exe
C:\WINDOWS\notepad.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\explorer.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - E:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - E:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [GrooveMonitor] "E:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [V0470Mon.exe] C:\WINDOWS\V0470Mon.exe
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "E:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [avast!] E:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] E:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Advanced Uninstaller PRO Installation Monitor] "E:\Program Files\Innovative Solutions\Advanced Uninstaller PRO - Version 9\monitor.exe"
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA LOKALNA')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA SIECIOWA')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Tworzenie wycinków ekranu i uruchamianie programu OneNote 2007.lnk = E:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: Logitech Desktop Messenger.lnk = E:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Logitech SetPoint.lnk = E:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: Wowhead Client.lnk = C:\Documents and Settings\Ja\Ustawienia lokalne\Temp\Rar$EX00.219\Wowhead_Client.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://E:\PROGRA~1\MICROS~1\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://E:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - E:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - E:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - E:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - E:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/softwareupdate/su2/ocx/15106/CTPID.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - E:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - E:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - E:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - E:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - E:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Eset HTTP Server (EHttpSrv) - ESET - E:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - E:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Usługa iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - E:\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: VNC Server Version 4 (WinVNC4) - RealVNC Ltd. - E:\Program Files\RealVNC\VNC4\WinVNC4.exe

--
End of file - 10385 bytes


Log z OTL:

Kod: Zaznacz wszystko

OTL logfile created on: 2009-08-27 13:27:31 - Run 1
OTL by OldTimer - Version 3.0.10.7     Folder = E:\
Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

2,00 Gb Total Physical Memory | 1,24 Gb Available Physical Memory | 61,94% Memory free
3,85 Gb Paging File | 3,13 Gb Available in Paging File | 81,33% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 19,53 Gb Total Space | 2,73 Gb Free Space | 13,99% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 278,55 Gb Total Space | 94,12 Gb Free Space | 33,79% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: JA
Current User Name: Ja
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2008-10-29 04:09:10 | 00,585,728 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\Ati2evxx.exe
PRC - [2008-07-19 16:25:06 | 00,016,056 | ---- | M] (ALWIL Software) -- E:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
PRC - [2008-07-19 16:38:28 | 00,147,640 | ---- | M] (ALWIL Software) -- E:\Program Files\Alwil Software\Avast4\ashServ.exe
PRC - [2008-10-29 04:09:10 | 00,585,728 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\Ati2evxx.exe
PRC - [2009-06-05 11:48:14 | 00,144,712 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
PRC - [2008-12-12 12:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe
PRC - [2008-02-20 12:08:46 | 00,472,320 | ---- | M] (ESET) -- E:\Program Files\ESET\ESET Smart Security\ekrn.exe
PRC - [2009-03-09 05:19:15 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2001-02-23 10:07:30 | 00,270,336 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
PRC - [2008-06-08 09:31:04 | 00,877,864 | ---- | M] (Nero AG) -- E:\Nero\Nero8\Nero BackItUp\NBService.exe
PRC - [2006-12-19 10:30:26 | 00,081,920 | ---- | M] (Prolific Technology Inc.) -- C:\WINDOWS\System32\IoctlSvc.exe
PRC - [2009-07-12 09:07:06 | 00,075,064 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrA.exe
PRC - [2008-07-19 16:38:04 | 00,250,040 | ---- | M] (ALWIL Software) -- E:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
PRC - [2008-07-23 16:25:45 | 00,348,344 | ---- | M] (ALWIL Software) -- E:\Program Files\Alwil Software\Avast4\ashWebSv.exe
PRC - [2008-04-14 22:51:52 | 00,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wscntfy.exe
PRC - [2008-01-29 09:47:50 | 16,859,648 | R--- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTHDCPL.EXE
PRC - [2007-08-24 07:00:48 | 00,033,648 | ---- | M] (Microsoft Corporation) -- E:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
PRC - [2007-04-11 19:00:00 | 00,032,768 | ---- | M] (Creative Technology Ltd.) -- C:\WINDOWS\V0470Mon.exe
PRC - [2008-06-10 13:56:32 | 01,406,024 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft IntelliPoint\ipoint.exe
PRC - [2009-03-09 05:19:17 | 00,148,888 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exe
PRC - [2008-09-02 11:48:12 | 00,049,152 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
PRC - [2009-06-05 13:39:22 | 00,292,136 | ---- | M] (Apple Inc.) -- E:\Program Files\iTunes\iTunesHelper.exe
PRC - [2008-07-19 16:38:34 | 00,078,008 | ---- | M] (ALWIL Software) -- E:\Program Files\Alwil Software\Avast4\ashDisp.exe
PRC - [2009-01-26 16:31:16 | 02,144,088 | RHS- | M] (Safer Networking Limited) -- E:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2008-09-03 18:48:12 | 00,920,976 | ---- | M] (Innovative Solutions GRUP SRL) -- E:\Program Files\Innovative Solutions\Advanced Uninstaller PRO - Version 9\monitor.exe
PRC - [2009-07-11 21:22:59 | 00,318,272 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\DNA\btdna.exe
PRC - [2008-09-02 11:40:46 | 00,049,152 | ---- | M] (ATI Technologies Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
PRC - [2009-06-05 13:39:14 | 00,541,992 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe
PRC - [2008-12-28 19:53:46 | 00,067,128 | ---- | M] (Logitech Inc.) -- E:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
PRC - [2008-05-02 03:44:08 | 00,805,392 | ---- | M] (Logitech, Inc.) -- E:\Program Files\Logitech\SetPoint\SetPoint.exe
PRC - [2008-05-02 03:40:56 | 00,076,304 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
PRC - [2009-03-09 05:19:24 | 00,386,480 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jucheck.exe
PRC - [2009-08-25 09:50:57 | 00,908,280 | ---- | M] (Mozilla Corporation) -- E:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2008-04-14 22:51:18 | 01,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2009-08-27 13:27:23 | 00,514,048 | ---- | M] (OldTimer Tools) -- E:\OTL.exe

[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - [2009-06-05 11:48:14 | 00,144,712 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device [Auto | Running])
SRV - [2008-07-25 12:16:40 | 00,034,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped])
SRV - [2008-07-19 16:25:06 | 00,016,056 | ---- | M] (ALWIL Software) -- E:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv [Auto | Running])
SRV - [2008-10-29 04:09:10 | 00,585,728 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\Ati2evxx.exe -- (Ati HotKey Poller [Auto | Running])
SRV - [2008-10-28 22:05:00 | 00,593,920 | ---- | M] () -- C:\WINDOWS\System32\ati2sgag.exe -- (ATI Smart [Auto | Stopped])
SRV - [2008-07-19 16:38:28 | 00,147,640 | ---- | M] (ALWIL Software) -- E:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus [Auto | Running])
SRV - [2008-07-19 16:38:04 | 00,250,040 | ---- | M] (ALWIL Software) -- E:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner [On_Demand | Running])
SRV - [2008-07-23 16:25:45 | 00,348,344 | ---- | M] (ALWIL Software) -- E:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner [On_Demand | Running])
SRV - [2008-12-12 12:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service [Auto | Running])
SRV - [2008-07-25 12:17:02 | 00,069,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
SRV - [2008-02-20 12:14:52 | 00,019,200 | ---- | M] (ESET) -- E:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe -- (EHttpSrv [On_Demand | Stopped])
SRV - [2008-02-20 12:08:46 | 00,472,320 | ---- | M] (ESET) -- E:\Program Files\ESET\ESET Smart Security\ekrn.exe -- (ekrn [Auto | Running])
SRV - [2008-07-29 22:10:04 | 00,046,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0 [On_Demand | Stopped])
SRV - [2009-03-26 02:46:16 | 00,183,280 | ---- | M] (Google) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc [Auto | Stopped])
SRV - [2008-04-14 22:50:46 | 00,038,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc [Auto | Running])
SRV - [2005-04-04 00:41:10 | 00,069,632 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT [On_Demand | Stopped])
SRV - [2008-07-29 20:24:50 | 00,881,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc [Unknown | Stopped])
SRV - [2009-06-05 13:39:14 | 00,541,992 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service [On_Demand | Running])
SRV - [2009-03-09 05:19:15 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService [Auto | Running])
SRV - [2008-05-02 03:42:06 | 00,121,360 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ [On_Demand | Stopped])
SRV - [2001-02-23 10:07:30 | 00,270,336 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe -- (MDM [Auto | Running])
SRV - [2007-08-24 06:59:20 | 00,068,464 | ---- | M] (Microsoft Corporation) -- E:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe -- (Microsoft Office Groove Audit Service [On_Demand | Stopped])
SRV - [2008-06-08 09:31:04 | 00,877,864 | ---- | M] (Nero AG) -- E:\Nero\Nero8\Nero BackItUp\NBService.exe -- (Nero BackItUp Scheduler 3 [Auto | Running])
SRV - [2008-07-29 20:16:38 | 00,132,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing [Disabled | Stopped])
SRV - [2008-06-24 16:05:56 | 00,537,896 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe -- (NMIndexingService [On_Demand | Stopped])
SRV - [2004-08-04 14:00:00 | 00,003,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\regedt32.exe -- (NOD32FiXTemDono [Auto | Stopped])
SRV - [2007-08-24 03:19:12 | 00,443,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv [On_Demand | Stopped])
SRV - [2006-10-26 13:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped])
SRV - [2006-12-19 10:30:26 | 00,081,920 | ---- | M] (Prolific Technology Inc.) -- C:\WINDOWS\System32\IoctlSvc.exe -- (PLFlash DeviceIoControl Service [Auto | Running])
SRV - [2009-07-12 09:07:06 | 00,075,064 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrA.exe -- (PnkBstrA [Auto | Running])
SRV - [2008-10-15 18:13:58 | 00,439,632 | ---- | M] (RealVNC Ltd.) -- E:\Program Files\RealVNC\VNC4\WinVNC4.exe -- (WinVNC4 [Auto | Stopped])
SRV - [2006-12-01 11:46:28 | 00,918,016 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\WMPNetwk.exe -- (WMPNetworkSvc [On_Demand | Stopped])

[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - [2008-07-19 16:32:15 | 00,026,944 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4 [System | Running])
DRV - [2007-03-11 22:39:46 | 00,043,936 | ---- | M] (Alfa Corporation) -- C:\WINDOWS\System32\Drivers\AFPAnsi.sys -- (AFPAnsi [Boot | Running])
DRV - [2008-07-19 16:37:42 | 00,020,560 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\DRIVERS\aswFsBlk.sys -- (aswFsBlk [Auto | Running])
DRV - [2008-07-19 16:37:21 | 00,094,416 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2 [Auto | Running])
DRV - [2008-07-19 16:33:42 | 00,023,152 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr [On_Demand | Running])
DRV - [2008-07-19 16:35:18 | 00,078,416 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP [System | Running])
DRV - [2008-07-19 16:32:36 | 00,042,912 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi [System | Running])
DRV - [2008-10-29 05:10:58 | 03,341,824 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\DRIVERS\ati2mtag.sys -- (ati2mtag [On_Demand | Running])
DRV - [2008-05-21 01:53:36 | 00,093,696 | R--- | M] (ATI Research Inc.) -- C:\WINDOWS\System32\drivers\AtiHdmi.sys -- (AtiHdmiService [On_Demand | Stopped])
DRV - [2005-05-09 20:08:40 | 00,033,792 | ---- | M] (Team H2O) -- C:\WINDOWS\System32\DRIVERS\cledx.sys -- (CLEDX [On_Demand | Running])
DRV - [2008-02-20 12:11:12 | 00,030,728 | ---- | M] (ESET) -- C:\WINDOWS\System32\DRIVERS\Epfwndis.sys -- (Epfwndis [On_Demand | Stopped])
DRV - [2009-03-19 16:32:48 | 00,023,400 | ---- | M] (GEAR Software Inc.) -- C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys -- (GEARAspiWDM [On_Demand | Running])
DRV - [2008-04-13 22:06:06 | 00,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) -- C:\WINDOWS\System32\DRIVERS\HDAudBus.sys -- (HDAudBus [On_Demand | Running])
DRV - [2008-01-30 05:28:36 | 04,725,760 | R--- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\drivers\RtkHDAud.sys -- (IntcAzAudAddService [On_Demand | Running])
DRV - [2007-09-21 04:10:20 | 00,020,240 | ---- | M] (Logitech, Inc.) -- C:\WINDOWS\System32\DRIVERS\L8042Kbd.sys -- (L8042Kbd [On_Demand | Stopped])
DRV - [2007-09-21 04:10:26 | 00,063,120 | ---- | M] (Logitech, Inc.) -- C:\WINDOWS\System32\DRIVERS\L8042mou.Sys -- (L8042mou [On_Demand | Stopped])
DRV - [2008-02-29 04:13:16 | 00,035,344 | ---- | M] (Logitech, Inc.) -- C:\WINDOWS\System32\DRIVERS\LHidFilt.Sys -- (LHidFilt [On_Demand | Running])
DRV - [2008-02-29 04:13:24 | 00,036,880 | ---- | M] (Logitech, Inc.) -- C:\WINDOWS\System32\DRIVERS\LMouFilt.Sys -- (LMouFilt [On_Demand | Running])
DRV - [2007-09-21 04:10:54 | 00,078,992 | ---- | M] (Logitech, Inc.) -- C:\WINDOWS\System32\DRIVERS\LMouKE.Sys -- (LMouKE [On_Demand | Stopped])
DRV - [2008-02-29 04:13:46 | 00,028,944 | ---- | M] (Logitech, Inc.) -- C:\WINDOWS\System32\Drivers\LUsbFilt.Sys -- (LUsbFilt [On_Demand | Running])
DRV - [2009-06-05 11:42:28 | 00,017,408 | ---- | M] (Apple Inc.) -- C:\WINDOWS\System32\DRIVERS\netaapl.sys -- (Netaapl [On_Demand | Stopped])
DRV - [2008-06-10 14:04:28 | 00,031,048 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\DRIVERS\point32.sys -- (Point32 [On_Demand | Stopped])
DRV - [2004-08-04 14:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\System32\DRIVERS\ptilink.sys -- (Ptilink [On_Demand | Running])
DRV - [2008-11-20 21:19:06 | 00,043,872 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20 [Boot | Running])
DRV - [2008-08-26 12:28:10 | 03,684,352 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\drivers\RtHDMI.sys -- (RTHDMIAzAudService [On_Demand | Running])
DRV - [2008-01-03 16:10:16 | 00,105,856 | R--- | M] (Realtek Semiconductor Corporation                           ) -- C:\WINDOWS\System32\DRIVERS\Rtenicxp.sys -- (RTLE8023xp [On_Demand | Running])
DRV - [2008-04-13 22:09:18 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\System32\DRIVERS\secdrv.sys -- (Secdrv [Auto | Running])
DRV - [2008-08-27 17:05:03 | 00,717,296 | ---- | M] () -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd [Boot | Running])
DRV - [2009-06-05 11:42:38 | 00,039,424 | ---- | M] (Apple, Inc.) -- C:\WINDOWS\System32\Drivers\usbaapl.sys -- (USBAAPL [On_Demand | Stopped])
DRV - [2008-04-14 01:15:14 | 00,060,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbaudio.sys -- (usbaudio [On_Demand | Stopped])
DRV - [2007-04-20 19:00:00 | 00,146,368 | R--- | M] (Creative Technology Ltd.) -- C:\WINDOWS\System32\DRIVERS\V0470Vid.sys -- (VF0470Vid [On_Demand | Stopped])

[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =  [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.0.2
FF - prefs.js..extensions.enabledItems: {DDC359D1-844A-42a7-9AA1-88A850A938A8}:1.1.4
FF - prefs.js..extensions.enabledItems: {44d0a1b4-9c90-4f86-ac92-8680b5d6549e}:0.6.3.11
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}:6.0.07
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}:6.0.11
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}:6.0.13
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:1.1
FF - prefs.js..extensions.enabledItems: {B13721C7-F507-4982-B2E5-502A71474FED}:2.2.0.102
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.2

FF - HKLM\software\mozilla\Firefox\extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009-06-24 03:00:36 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\jqs@sun.com: C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2008-12-08 05:27:13 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.2\extensions\\Components: E:\Program Files\Mozilla Firefox\components [2009-08-25 09:51:19 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.2\extensions\\Plugins: E:\Program Files\Mozilla Firefox\plugins [2009-08-25 09:51:19 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.16\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2009-06-10 08:24:01 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.16\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2009-06-10 08:24:01 | 00,000,000 | ---D | M]

[2009-02-27 10:59:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Ja\Dane aplikacji\mozilla\Extensions
[2009-02-27 10:59:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Ja\Dane aplikacji\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009-08-27 00:58:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Ja\Dane aplikacji\mozilla\Firefox\Profiles\s78quejp.default\extensions
[2009-06-30 22:50:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Ja\Dane aplikacji\mozilla\Firefox\Profiles\s78quejp.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009-02-11 20:39:59 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Ja\Dane aplikacji\mozilla\Firefox\Profiles\s78quejp.default\extensions\{44d0a1b4-9c90-4f86-ac92-8680b5d6549e}
[2009-04-16 06:16:55 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Ja\Dane aplikacji\mozilla\Firefox\Profiles\s78quejp.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2009-07-11 19:18:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Ja\Dane aplikacji\mozilla\Firefox\Profiles\s78quejp.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}

O1 HOSTS File: (297258 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: 127.0.0.1   www.007guard.com
O1 - Hosts: 127.0.0.1   007guard.com
O1 - Hosts: 127.0.0.1   008i.com
O1 - Hosts: 127.0.0.1   www.008k.com
O1 - Hosts: 127.0.0.1   008k.com
O1 - Hosts: 127.0.0.1   www.00hq.com
O1 - Hosts: 127.0.0.1   00hq.com
O1 - Hosts: 127.0.0.1   010402.com
O1 - Hosts: 127.0.0.1   www.032439.com
O1 - Hosts: 127.0.0.1   032439.com
O1 - Hosts: 127.0.0.1   www.0scan.com
O1 - Hosts: 127.0.0.1   0scan.com
O1 - Hosts: 127.0.0.1   1000gratisproben.com
O1 - Hosts: 127.0.0.1   www.1000gratisproben.com
O1 - Hosts: 127.0.0.1   www.1001namen.com
O1 - Hosts: 127.0.0.1   1001namen.com
O1 - Hosts: 127.0.0.1   100888290cs.com
O1 - Hosts: 127.0.0.1   www.100888290cs.com
O1 - Hosts: 127.0.0.1   100sexlinks.com
O1 - Hosts: 127.0.0.1   www.100sexlinks.com
O1 - Hosts: 127.0.0.1   10sek.com
O1 - Hosts: 127.0.0.1   www.10sek.com
O1 - Hosts: 127.0.0.1   www.123haustiereundmehr.com
O1 - Hosts: 127.0.0.1   123haustiereundmehr.com
O1 - Hosts: 10268 more lines...
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - E:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - E:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll (Google Inc.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [avast!] E:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [GrooveMonitor] E:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
O4 - HKLM..\Run: [IntelliPoint] C:\Program Files\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation)
O4 - HKLM..\Run: [iTunesHelper] E:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\WINDOWS\KHALMNPR.EXE (Logitech, Inc.)
O4 - HKLM..\Run: [Logitech Hardware Abstraction Layer] C:\WINDOWS\KHALMNPR.EXE (Logitech, Inc.)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
O4 - HKLM..\Run: [RTHDCPL] C:\WINDOWS\RTHDCPL.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [V0470Mon.exe] C:\WINDOWS\V0470Mon.exe (Creative Technology Ltd.)
O4 - HKCU..\Run: [Advanced Uninstaller PRO Installation Monitor] E:\Program Files\Innovative Solutions\Advanced Uninstaller PRO - Version 9\monitor.exe (Innovative Solutions GRUP SRL)
O4 - HKCU..\Run: [BitTorrent DNA] C:\Program Files\DNA\btdna.exe (BitTorrent, Inc.)
O4 - HKCU..\Run: [SpybotSD TeaTimer] E:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Logitech Desktop Messenger.lnk = E:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe (Logitech Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Logitech SetPoint.lnk = E:\Program Files\Logitech\SetPoint\SetPoint.exe (Logitech, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Wowhead Client.lnk = C:\Documents and Settings\Ja\Ustawienia lokalne\Temp\Rar$EX00.219\Wowhead_Client.exe File not found
O4 - Startup: C:\Documents and Settings\Ja\Menu Start\Programy\Autostart\Tworzenie wycinków ekranu i uruchamianie programu OneNote 2007.lnk = E:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: E&ksport do programu Microsoft Excel - E:\PROGRA~1\MICROS~1\Office10\EXCEL.EXE File not found
O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - E:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - E:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - E:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - E:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKLM\..Trusted Domains: 49 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Domains: 48 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://www.creative.com/softwareupdate/su2/ocx/15106/CTPID.cab (Creative Software AutoUpdate Support Package)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 83.243.39.61
O18 - Protocol\Handler\bwfile-8876480 {9462A756-7B47-47BC-8C80-C34B9B80B32B} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll (Logitech Inc.)
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - E:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter:  - text/xml - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\Ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\LBTWlgn: DllName - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - E:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008-11-24 17:41:17 | 00,000,050 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{4d8ced5a-8767-11de-8d2a-001d92dafa13}\Shell\AutoRun\command - "" = G:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\ine32.exe -- File not found
O33 - MountPoints2\{4d8ced5a-8767-11de-8d2a-001d92dafa13}\Shell\open\command - "" = G:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\ine32.exe -- File not found
O34 - HKLM BootExecute: (autocheck) -  File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) -  File not found

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2009-08-27 12:44:05 | 00,000,000 | ---D | C] -- C:\Avenger
[2009-08-27 12:35:12 | 00,361,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\TCPIP.SYS.ORIGINAL
[2009-08-26 22:33:05 | 00,023,152 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2009-08-26 22:33:05 | 00,000,789 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\avast! Antivirus.lnk
[2009-08-26 22:33:04 | 00,042,912 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2009-08-26 22:33:04 | 00,026,944 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2009-08-26 22:33:02 | 00,094,416 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2009-08-26 22:33:02 | 00,094,392 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\AvastSS.scr
[2009-08-26 22:33:02 | 00,093,264 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2009-08-26 22:33:02 | 00,078,416 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2009-08-26 22:33:02 | 00,020,560 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2009-08-26 22:32:50 | 01,163,960 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\aswBoot.exe
[2009-08-26 22:32:50 | 01,060,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MFC71.dll
[2009-08-26 22:32:50 | 00,380,928 | ---- | C] () -- C:\WINDOWS\System32\actskin4.ocx
[2009-08-26 22:20:35 | 00,005,702 | -H-- | C] () -- C:\WINDOWS\nod32restoretemdono.reg
[2009-08-26 22:20:35 | 00,000,568 | -H-- | C] () -- C:\WINDOWS\nod32fixtemdono.reg
[2009-08-25 20:51:08 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Ja\Moje dokumenty\SightSpeed Recordings
[2009-08-20 19:26:02 | 00,196,653 | ---- | C] () -- C:\sdrs.exe
[2009-08-13 09:18:36 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Ja\Moje dokumenty\NFS Most Wanted
[2009-08-13 00:09:09 | 01,315,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msoe.dll
[2009-08-01 21:18:20 | 00,000,536 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\mIRC.lnk
[2009-08-01 21:18:20 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Ja\Dane aplikacji\mIRC
[2009-08-01 10:24:28 | 00,000,966 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Wowhead Client.lnk
[2009-08-01 10:24:14 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Marginal Team
[2009-03-20 07:23:14 | 00,003,082 | ---- | C] () -- C:\WINDOWS\System32\affv208325p1now.sys
[2008-12-14 14:21:30 | 01,867,776 | ---- | C] () -- C:\WINDOWS\System32\python24.dll
[2008-12-14 14:20:57 | 01,867,776 | ---- | C] () -- C:\WINDOWS\python24.dll
[2008-12-14 12:59:54 | 00,000,036 | ---- | C] () -- C:\WINDOWS\ezmacros.INI
[2008-12-14 12:59:47 | 00,000,562 | ---- | C] () -- C:\WINDOWS\unezmac.ini
[2008-11-30 14:20:23 | 00,000,081 | ---- | C] () -- C:\WINDOWS\xptools.ini
[2008-11-30 14:14:22 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\bn.dll
[2008-11-30 14:14:16 | 00,259,584 | ---- | C] () -- C:\WINDOWS\System32\xtsupermenuhook.dll
[2008-11-30 14:14:14 | 00,089,088 | ---- | C] () -- C:\WINDOWS\System32\Shreder.dll
[2008-11-30 14:14:14 | 00,006,144 | ---- | C] () -- C:\WINDOWS\System32\SuperRes.dll
[2008-11-13 19:22:01 | 00,000,023 | -HS- | C] () -- C:\WINDOWS\System32\fdefcadcd3_z.dll
[2008-08-30 23:19:43 | 00,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2008-08-29 23:01:54 | 00,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2008-08-27 23:50:26 | 00,137,888 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2008-08-27 19:23:18 | 00,000,427 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2008-08-27 17:05:03 | 00,717,296 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2008-08-27 16:39:07 | 00,000,761 | ---- | C] () -- C:\WINDOWS\m3jp2k.ini
[2008-08-27 16:39:07 | 00,000,702 | ---- | C] () -- C:\WINDOWS\mmtvmj.ini
[2008-08-27 16:39:06 | 00,000,714 | ---- | C] () -- C:\WINDOWS\m3jpeg.ini
[2008-08-27 16:39:05 | 00,019,968 | ---- | C] () -- C:\WINDOWS\System32\cpuinf32.dll
[2008-08-27 16:39:04 | 00,152,064 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2008-08-27 16:39:03 | 00,761,856 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2008-05-26 22:22:36 | 00,016,222 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2008-05-26 22:22:34 | 00,021,728 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2008-05-26 22:22:32 | 00,016,164 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2004-08-04 14:00:00 | 00,009,419 | ---- | C] () -- C:\WINDOWS\system.ini
[2004-08-04 14:00:00 | 00,000,624 | ---- | C] () -- C:\WINDOWS\win.ini

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[19 C:\WINDOWS\System32\*.tmp files]
[4 C:\WINDOWS\*.tmp files]
[2009-08-27 12:55:26 | 00,000,260 | ---- | M] () -- C:\WINDOWS\tasks\WGASetup.job
[2009-08-27 12:52:52 | 00,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009-08-27 12:50:35 | 00,000,972 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2009-08-27 12:50:16 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009-08-27 12:50:11 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009-08-27 12:50:10 | 00,060,452 | ---- | M] () -- C:\WINDOWS\System32\ativvaxx.cap
[2009-08-27 12:35:12 | 00,361,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\TCPIP.SYS.ORIGINAL
[2009-08-27 12:35:12 | 00,361,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\TCPIP.SYS
[2009-08-27 12:35:12 | 00,361,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\TCPIP.SYS
[2009-08-26 22:33:05 | 00,000,789 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\avast! Antivirus.lnk
[2009-08-26 22:33:04 | 00,002,645 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2009-08-26 22:17:47 | 00,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2009-08-25 20:50:53 | 00,000,081 | ---- | M] () -- C:\WINDOWS\xptools.ini
[2009-08-25 20:50:47 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\bn.dll
[2009-08-25 13:07:31 | 00,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2009-08-25 10:45:14 | 00,196,653 | ---- | M] () -- C:\sdrs.exe
[2009-08-22 16:41:03 | 00,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2009-08-20 23:48:17 | 00,000,584 | ---- | M] () -- C:\Documents and Settings\Ja\Pulpit\HTSK.lnk
[2009-08-15 03:07:27 | 01,155,752 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009-08-15 03:07:27 | 00,525,426 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat
[2009-08-15 03:07:27 | 00,443,724 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009-08-15 03:07:27 | 00,099,234 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat
[2009-08-15 03:07:27 | 00,071,982 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2009-08-12 17:43:56 | 00,040,448 | ---- | M] () -- C:\Documents and Settings\Ja\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009-08-05 11:01:12 | 00,205,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mswebdvd.dll
[2009-08-05 11:01:12 | 00,205,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mswebdvd.dll
[2009-08-01 21:18:20 | 00,000,536 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\mIRC.lnk
[2009-08-01 10:24:28 | 00,000,966 | ---- | M] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Wowhead Client.lnk
[2009-07-30 02:49:14 | 24,281,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MRT.exe
< End of report >


Z góry dzięki za pomoc

[wojtas]

Uruchom OTL i w oknie Custom Scans/Fixes wklej :

:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O33 - MountPoints2\{4d8ced5a-8767-11de-8d2a-001d92dafa13}\Shell\AutoRun\command - "" = G:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\ine32.exe -- File not found
O33 - MountPoints2\{4d8ced5a-8767-11de-8d2a-001d92dafa13}\Shell\open\command - "" = G:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\ine32.exe -- File not found

:Files
C:\sdrs.exe

:Commands
[emptytemp]
[start explorer]
[Reboot]

Kliknij w Run Fix. I potwierdz reset kompa .

wejdź na dysk na którym masz windows zainstalowany, tam w katalog WINDOWS -> system 32 -> drivers -> etc
i tam za pomocą notatnika otwórz plik hosts

Jeśli są jakieś wpisy pod

# 102.54.94.97 rhino.acme.com # serwer źródłowy
# 38.25.63.10 x.acme.com # komputer kliencki x
127.0.0.1 localhost

to usun tylko zostaw te pokazane przeze mnie wyzej zapisz edytowany plik

1.Uruchom OTL z opcji CleanUp
2. wykonaj optymalizację windowsa
3.Wyłącz przywracanie systemu ( właściwości mój komputer-zakładka przywracanie - wyłącz przywracanie na wszystkich dyskach). Po chwili włącz je powrotem]
4. zrób skan Malwarebytes Anti-Malware (usuń co znajdzie )



Przeskanuj obszar mojego komputera http://www.kaspersky.pl/virusscanner.html (uruchom przez IE) Daj raport z niego na forum.
i pokaz screena z okienkiem

[Atime]

Tu jest raport z Kaspersky:

Kod: Zaznacz wszystko

--------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER 7.0: raport skanowania
piątek, 28 sierpień 2009
System operacyjny: Microsoft Windows XP Professional Dodatek Service Pack 3 (build 2600)
Wersja Kaspersky Online Scanner: 7.0.26.13
Data ostatniej aktualizacji baz danych: Thursday, August 27, 2009 20:39:15
Liczba wpisów: 2692678
--------------------------------------------------------------------------------

Ustawienia skanowania:
   typ baz danych użytych do skanowania: rozszerzone
   Skanuj archiwa: tak
   Skanuj pocztowe bazy danych: tak

Obszar skanowania - Mój komputer:
   A:\
   C:\
   D:\
   E:\
   F:\

Statystyki skanowania:
   Przeskanowanych obiektów: 127348
   Wykrytych zagrożeń: 5
   Wyykrytych zainfekowanych obiektów: 11
   Wykrytych podejrzanych obiektów: 0
   Czas skanowania: 02:48:16


Nazwa pliku / Zagrożenie / Liczba zagrożeń
E:\Program Files\RealVNC\VNC4\WinVNC4.exe/E:\Program Files\RealVNC\VNC4\WinVNC4.exe   Zainfekowanych: not-a-virus:RemoteAdmin.Win32.WinVNC.ad   1
C:\Documents and Settings\Ja\Dane aplikacji\Microsoft\Document Building Blocks\1025\Build\index\hasc.exe   Zainfekowanych: not-a-virus:NetTool.Win32.Sniffer.c   1
C:\Documents and Settings\Ja\Dane aplikacji\Microsoft\Document Building Blocks\1025\Build\index\ritu.exe   Zainfekowanych: not-a-virus:PSWTool.Win32.PassView.162   1
C:\Documents and Settings\Ja\Moje dokumenty\vnc-4_1_3-x86_win32.exe   Zainfekowanych: not-a-virus:RemoteAdmin.Win32.WinVNC.ad   2
E:\mirc635.exe   Zainfekowanych: not-a-virus:Client-IRC.Win32.mIRC.g   1
E:\Program Files\mIRC\mirc.exe   Zainfekowanych: not-a-virus:Client-IRC.Win32.mIRC.g   1
E:\Program Files\RealVNC\VNC4\vncconfig.exe   Zainfekowanych: not-a-virus:RemoteAdmin.Win32.WinVNC.ad   1
E:\Program Files\RealVNC\VNC4\winvnc4.exe   Zainfekowanych: not-a-virus:RemoteAdmin.Win32.WinVNC.ad   1
E:\TibiaBot.NG.v4.8.4.WinAll.Cracked-CRD\Setup\setup-4.8.4.exe   Zainfekowanych: Trojan.Win32.Pasta.als   1
E:\TibiaBot.NG.v4.8.4.WinAll.Cracked-CRD.rar   Zainfekowanych: Trojan.Win32.Pasta.als   1

Wybrany obszar został przeskanowany.


A screena nie pokażę bo problem przestał występować już podczas którejś z początkowych czynności.

Rozumiem że te trojany kasować? Pytanie tylko czy ręcznie czy za pomocą jakiegoś programu?

[wojtas]

zostaw nic nie kasuj powinno byc ok

Autor postu otrzymał pochwałę