Log do sprawdzenia. internet poważnie zwolnił

[paroslav]

Witajcie, no to daje wam tu dwa logi:
hijackthis

Kod: Zaznacz wszystko

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:08:15, on 2008-11-29
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
D:\Program Files\Java\jre6\bin\jqs.exe
D:\Program Files\Java\jre6\bin\jusched.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe
C:\Program Files\EPoX\EPTP\EPTP.EXE
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
D:\program files\Gadu-Gadu\gg.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
D:\program files\RALINK\RT2400 Wireless LAN Card\Installer\WINXP\RaConfig.exe
D:\program files\JetAudio\JetAudio.exe
D:\Moje dokumenty\Pulpit\Downloads\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = wmplayer.exe //ICWLaunch
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - D:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [NVMixerTray] "C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
O4 - HKLM\..\Run: [AcronisTimounterMonitor] C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [StormCodec_Helper] "C:\Program Files\Ringz Studio\Storm Codec\StormSet.exe" /S /opti
O4 - HKLM\..\Run: [SunJavaUpdateSched] "D:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [hwmdr] "C:\Program Files\EPoX\EPTP\EPTP.EXE" "5000"
O4 - HKLM\..\Run: [NVIDIA nTune] "D:\Program Files\NVIDIA Corporation\nTune\\nTune.exe" clear
O4 - HKCU\..\Run: [Odkurzacz-MCD] C:\Program Files\Odkurzacz\odk_mcd.exe
O4 - HKCU\..\Run: [Gadu-Gadu] "D:\program files\Gadu-Gadu\gg.exe" /tray
O4 - HKCU\..\Run: [Skype] "D:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA LOKALNA')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA SIECIOWA')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Raconfig.lnk = D:\program files\RALINK\RT2400 Wireless LAN Card\Installer\WINXP\RaConfig.exe
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - D:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - D:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Acronis Try And Decide Service (TryAndDecideService) - Unknown owner - C:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe

--
End of file - 5358 bytes


rsit

Kod: Zaznacz wszystko

Logfile of random's system information tool 1.04 (written by random/random)
Run by Paro at 2008-11-29 13:21:19
Microsoft Windows XP Professional Dodatek Service Pack 2
System drive C: has 16 GB (81%) free of 20 GB
Total RAM: 511 MB (50% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:21:23, on 2008-11-29
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
D:\Program Files\Java\jre6\bin\jqs.exe
D:\Program Files\Java\jre6\bin\jusched.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe
C:\Program Files\EPoX\EPTP\EPTP.EXE
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
D:\program files\Gadu-Gadu\gg.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
D:\program files\RALINK\RT2400 Wireless LAN Card\Installer\WINXP\RaConfig.exe
D:\program files\JetAudio\JetAudio.exe
C:\Program Files\Opera\opera.exe
D:\Moje dokumenty\Pulpit\Downloads\RSIT.exe
D:\Moje dokumenty\Pulpit\Downloads\Paro.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = wmplayer.exe //ICWLaunch
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - D:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [NVMixerTray] "C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
O4 - HKLM\..\Run: [AcronisTimounterMonitor] C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [StormCodec_Helper] "C:\Program Files\Ringz Studio\Storm Codec\StormSet.exe" /S /opti
O4 - HKLM\..\Run: [SunJavaUpdateSched] "D:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [hwmdr] "C:\Program Files\EPoX\EPTP\EPTP.EXE" "5000"
O4 - HKLM\..\Run: [NVIDIA nTune] "D:\Program Files\NVIDIA Corporation\nTune\\nTune.exe" clear
O4 - HKCU\..\Run: [Odkurzacz-MCD] C:\Program Files\Odkurzacz\odk_mcd.exe
O4 - HKCU\..\Run: [Gadu-Gadu] "D:\program files\Gadu-Gadu\gg.exe" /tray
O4 - HKCU\..\Run: [Skype] "D:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA LOKALNA')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA SIECIOWA')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Raconfig.lnk = D:\program files\RALINK\RT2400 Wireless LAN Card\Installer\WINXP\RaConfig.exe
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - D:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - D:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Acronis Try And Decide Service (TryAndDecideService) - Unknown owner - C:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe

--
End of file - 5431 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - D:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll [2003-11-03 54248]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG8\avgssie.dll [2005-10-21 455960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - D:\Program Files\Java\jre6\bin\ssv.dll [2008-11-24 320920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - D:\Program Files\Java\jre6\bin\jp2ssv.dll [2008-11-24 34816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - D:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2008-11-24 73728]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NVMixerTray"=C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe [2004-12-20 131072]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2007-12-05 8523776]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2007-12-05 81920]
"TrueImageMonitor.exe"=C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe [2007-10-30 2595616]
"AcronisTimounterMonitor"=C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe [2007-10-30 909208]
"Acronis Scheduler2 Service"=C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe [2007-10-30 140568]
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
"StormCodec_Helper"=C:\Program Files\Ringz Studio\Storm Codec\StormSet.exe [2006-11-26 97357]
"SunJavaUpdateSched"=D:\Program Files\Java\jre6\bin\jusched.exe [2008-11-24 136600]
"AVG8_TRAY"=C:\PROGRA~1\AVG\AVG8\avgtray.exe [2008-11-28 1261336]
"hwmdr"=C:\Program Files\EPoX\EPTP\EPTP.EXE [2005-09-06 22713344]
""= []
"NVIDIA nTune"=D:\Program Files\NVIDIA Corporation\nTune\\nTune.exe [2005-03-11 589824]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Odkurzacz-MCD"=C:\Program Files\Odkurzacz\odk_mcd.exe [2008-03-03 266240]
"Gadu-Gadu"=D:\program files\Gadu-Gadu\gg.exe [2008-03-20 2127296]
"Skype"=D:\Program Files\Skype\Phone\Skype.exe [2008-08-12 21741864]

C:\Documents and Settings\All Users\Menu Start\Programy\Autostart
Raconfig.lnk - D:\program files\RALINK\RT2400 Wireless LAN Card\Installer\WINXP\RaConfig.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="avgrsstx.dll"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"authentication packages"=msv1_0
relog_ap

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\AVG\AVG8\avgupd.exe"="C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe"
"C:\Program Files\AVG\AVG8\avgemc.exe"="C:\Program Files\AVG\AVG8\avgemc.exe:*:Enabled:avgemc.exe"
"C:\Program Files\Winamp Remote\bin\Orb.exe"="C:\Program Files\Winamp Remote\bin\Orb.exe:*:Enabled:Orb"
"C:\Program Files\Winamp Remote\bin\OrbTray.exe"="C:\Program Files\Winamp Remote\bin\OrbTray.exe:*:Enabled:OrbTray"
"C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe"="C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe:*:Enabled:Orb Stream Client"
"D:\Gry\Team17 Software Ltd\Worms Forts Under Siege\WF.exe"="D:\Gry\Team17 Software Ltd\Worms Forts Under Siege\WF.exe:*:Enabled:WF"
"E:\winbox.exe"="E:\winbox.exe:*:Enabled:winbox"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"D:\program files\uTorrent\uTorrent.exe"="D:\program files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"D:\program files\Gadu-Gadu\gg.exe"="D:\program files\Gadu-Gadu\gg.exe:*:Enabled:Gadu-Gadu - program główny"
"D:\Moje dokumenty\Pulpit\Downloads\utorrent.exe"="D:\Moje dokumenty\Pulpit\Downloads\utorrent.exe:*:Enabled:µTorrent"
"D:\Program Files\Skype\Phone\Skype.exe"="D:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

======List of files/folders created in the last 1 months======

2008-11-29 13:21:19 ----D---- C:\rsit
2008-11-29 13:07:55 ----D---- C:\WINDOWS\LastGood
2008-11-29 12:10:44 ----N---- C:\WINDOWS\system32\spmsg.dll
2008-11-29 12:10:43 ----HDC---- C:\WINDOWS\$NtUninstallKB894391$
2008-11-29 12:10:41 ----HD---- C:\WINDOWS\$hf_mig$
2008-11-24 17:14:31 ----A---- C:\WINDOWS\system32\deploytk.dll
2008-11-11 20:07:10 ----HD---- C:\$AVG8.VAULT$
2008-11-06 19:51:24 ----D---- C:\Documents and Settings\Paro\Dane aplikacji\COWON
2008-11-06 19:50:19 ----D---- D:\Program Files\Common Files\COWON
2008-11-06 19:50:18 ----D---- D:\Program Files\JetAudio
2008-11-06 19:50:03 ----D---- C:\Documents and Settings\Paro\Dane aplikacji\InstallShield
2008-10-31 13:26:11 ----D---- C:\Documents and Settings\Paro\Dane aplikacji\ImgBurn
2008-10-31 13:24:44 ----D---- D:\Program Files\ImgBurn

======List of files/folders modified in the last 1 months======

2008-11-29 13:08:00 ----HD---- C:\WINDOWS\inf
2008-11-29 13:07:56 ----D---- C:\WINDOWS\system32\CatRoot2
2008-11-29 13:07:55 ----D---- C:\WINDOWS
2008-11-29 12:14:48 ----D---- C:\Documents and Settings\Paro\Dane aplikacji\Skype
2008-11-29 12:11:56 ----D---- C:\WINDOWS\system32
2008-11-29 12:11:06 ----A---- C:\WINDOWS\SchedLgU.Txt
2008-11-29 12:10:45 ----RSHDC---- C:\WINDOWS\system32\dllcache
2008-11-29 12:08:15 ----D---- C:\WINDOWS\Temp
2008-11-29 12:02:26 ----D---- C:\Documents and Settings\Paro\Dane aplikacji\skypePM
2008-11-24 17:14:24 ----A---- C:\WINDOWS\system32\javaws.exe
2008-11-24 17:14:24 ----A---- C:\WINDOWS\system32\javaw.exe
2008-11-24 17:14:24 ----A---- C:\WINDOWS\system32\java.exe
2008-11-24 17:14:23 ----SHD---- C:\WINDOWS\Installer
2008-11-24 17:14:22 ----D---- D:\Program Files\Java
2008-11-20 18:12:13 ----D---- C:\Documents and Settings\Paro\Dane aplikacji\uTorrent
2008-11-16 17:12:18 ----A---- C:\WINDOWS\wincmd.ini
2008-11-16 17:09:09 ----D---- D:\Program Files\eMule
2008-11-12 17:32:24 ----D---- C:\Documents and Settings\Paro\Dane aplikacji\Hamachi
2008-11-11 19:16:59 ----D---- D:\Program Files\SpeedFan
2008-11-11 19:16:59 ----D---- D:\Program Files\SopCast
2008-11-11 19:12:32 ----D---- C:\WINDOWS\Minidump
2008-11-10 12:33:18 ----A---- C:\WINDOWS\NeroDigital.ini
2008-11-06 19:50:18 ----HD---- D:\Program Files\InstallShield Installation Information

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AmdK8;Sterownik procesora AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2005-03-09 43008]
R1 AvgLdx86;AVG AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2005-10-21 97928]
R1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2008-07-18 26824]
R2 AvgTdiX;AVG8 Network Redirector; C:\WINDOWS\System32\Drivers\avgtdix.sys [2008-07-18 76040]
R2 epcpuid;epcpuid; C:\WINDOWS\system32\drivers\epcpuid.sys [2005-03-18 2176]
R2 GetBINFile;GetBINFile; C:\WINDOWS\system32\drivers\GetBINFile.sys [2004-11-26 3200]
R2 hwmdr;hwmdr; C:\WINDOWS\system32\drivers\hwmdr.sys [2005-08-02 5632]
R2 MDC8021X;AEGIS Protocol (IEEE 802.1x) v2.3.1.9; C:\WINDOWS\system32\DRIVERS\mdc8021x.sys [2008-08-19 15781]
R2 tifsfilter;Acronis True Image FS Filter; C:\WINDOWS\system32\DRIVERS\tifsfilt.sys [2008-06-17 44384]
R3 EPScanMemory;EPScanMemory; \??\C:\Program Files\EPoX\EPTP\ScanMemory32.sys []
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2007-12-05 7435392]
R3 nvax;Service for NVIDIA(R) nForce(TM) Audio Enumerator; C:\WINDOWS\system32\drivers\nvax.sys [2005-04-13 53376]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2005-02-25 33408]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2005-02-25 12928]
R3 nvnforce;Service for NVIDIA(R) nForce(TM) Audio; C:\WINDOWS\system32\drivers\nvapu.sys [2005-04-13 414464]
R3 RT2400;RT2400 Wireless Driver; C:\WINDOWS\system32\DRIVERS\RT2400.sys [2004-04-22 62848]
R3 usbehci;Sterownik Miniport rozszerzonego kontrolera hosta USB 2.0 Microsoft; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-03 26624]
R3 usbhub;Koncentrator z obsługą USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-03 57600]
R3 usbohci;Sterownik Miniport otwartego kontrolera hosta USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2004-08-03 17024]
S3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2008-09-17 25280]
S3 USBSTOR;Sterownik magazynu masowego USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2005-01-28 18944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
S4 sr;Sterownik filtru Przywracania systemu; C:\WINDOWS\system32\DRIVERS\sr.sys [2004-08-03 73472]
S4 WS2IFSL;Środowisko wspomagające dostawcę usług innych niż IFS - Windows Socket 2.0; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-08-17 12032]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 aawservice;Ad-Aware 2007 Service; C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe [2008-01-04 587096]
R2 AcrSch2Svc;Acronis Scheduler2 Service; C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe [2007-10-30 427288]
R2 avg8emc;AVG8 E-mail Scanner; C:\PROGRA~1\AVG\AVG8\avgemc.exe [2005-10-21 875288]
R2 avg8wd;AVG8 WatchDog; C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2005-10-21 231704]
R2 JavaQuickStarterService;Java Quick Starter; D:\Program Files\Java\jre6\bin\jqs.exe [2008-11-24 152984]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2007-12-05 155716]
R2 TryAndDecideService;Acronis Try And Decide Service; C:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe [2007-10-30 492720]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]

-----------------EOF-----------------


Czuje ze zlapalem jakiegos syfa, bo komputer zwolnił, ale to nic w porównaniu z tym co sie stało z internetem. Predkosc spadla 5 krotnie co najmniej, i musze wiedzieć czy to wina mojego komputera, czy mnie dostawca internetu ładuje w banana ( ).

Proszę więc o pomoc, dzięki

P.S.
tu jeszcze info z rsit, nie wiem czy to do czegos potrzebne, ale dac moge nie

Kod: Zaznacz wszystko

info.txt logfile of random's system information tool 1.04 2008-11-29 13:21:25

======Uninstall list======

-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Acronis True Image Home-->MsiExec.exe /X{633A06C3-B709-479A-AAB3-5EE94AD9EE4B}
Ad-Aware 2007-->MsiExec.exe /I{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}
Adobe Flash Player ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 6.0.2 CE-->MsiExec.exe /I{AC76BA86-7AD7-1038-7B44-CEA000000001}
Adobe Shockwave Player-->C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
Aktualizacja dla systemu Windows XP (KB894391)-->"C:\WINDOWS\$NtUninstallKB894391$\spuninst\spuninst.exe"
Archiwizator WinRAR-->C:\Program Files\WinRAR\uninstall.exe
Athlon 64 Processor Driver-->RunDll32 D:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "D:\program files\InstallShield Installation Information\{C151CE54-E7EA-4804-854B-F515368B0798}\setup.exe" -l0x15
AVG Free 8.0-->C:\Program Files\AVG\AVG8\setup.exe /UNINSTALL
Combat Wings - Bitwa o Anglię-->"D:\Gry\City Interactive\Combat Wings - Bitwa o Anglię\unins000.exe"
Conquer 2.0-->D:\program files\InstallShield Installation Information\{B6060381-5C28-4F86-A31A-B5ADA7A1BD8D}\setup.exe -runfromtemp -l0x0009 -removeonly
CWK (Czasowy Wyłącznik Komputera)-->"D:\Program Files\CWK\CWK.exe" /uninstall
DVD Shrink 3.1.6-->"C:\Program Files\DVD Shrink\unins000.exe"
EA SPORTS online 2008-->D:\Gry\EA Sports\EA SPORTS online\EASOUNInstaller.exe
eMule-->"D:\program files\eMule\Uninstall.exe"
EPoX Thunder Probe (EPTP)-->"C:\Program Files\EPoX\EPTP\INSTALL.EXE" "-UNINSTALL"
Europa Universalis III-->RunDll32 D:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "D:\Program Files\InstallShield Installation Information\{59C80C5E-8C92-40FF-B910-2BB5C7281F61}\setup.exe" -l0x15
EVEREST Home Edition v2.20-->"D:\Program Files\Lavalys\EVEREST Home Edition\unins000.exe"
Gadu-Gadu 7.7-->D:\Program Files\Gadu-Gadu\Setup.exe
GTA San Andreas-->RunDll32 D:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "D:\program files\InstallShield Installation Information\{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}\setup.exe" -l0x9  -removeonly
GTAIII-->RunDll32 D:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "D:\Program Files\InstallShield Installation Information\{92B94569-6683-4617-8C54-EB27A1B51B30}\Setup.exe" -l0x15
HijackThis 2.0.2-->"D:\Moje dokumenty\Pulpit\Downloads\HijackThis.exe" /uninstall
Hitman: Kontrakty-->D:\Gry\HITMAN~1\UNWISE.EXE D:\Gry\HITMAN~1\INSTALL.LOG
ImgBurn-->"D:\Program Files\ImgBurn\uninstall.exe"
Java(TM) 6 Update 10-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216010FF}
Java(TM) 6 Update 3-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
jetAudio Basic-->D:\program files\InstallShield Installation Information\{DF8195AF-8E6F-4487-A0EE-196F7E3F4B8A}\setup.exe -runfromtemp -l0x0015 -removeonly
Microsoft .NET Framework 2.0-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Morrowind-->RunDll32 D:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "D:\Gry\Morrowind\MWUninstall\setup.exe"
Nero 6 Enterprise Edition-->C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL
NHL® 08-->MsiExec.exe /X{A7AA93B6-6909-4073-B4EC-45CCDEFD4665}
NVIDIA Drivers-->C:\WINDOWS\system32\NVUNINST.EXE UninstallGUI
NVIDIA nTune-->D:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{7C7F30F4-94E7-4AA8-8941-90C4A80C68BF} /l1045
NvMixer-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D7A6C517-11F2-419F-B5BB-27772B939698}\Setup.exe"  -uninstall
Odkurzacz 11.2 Pro-->"C:\Program Files\Odkurzacz\unins000.exe"
OpenOffice.org Installer 1.0-->MsiExec.exe /X{0D499481-22C6-4B25-8AC2-6D3F6C885FB9}
Opera 9.50-->MsiExec.exe /X{7472B5B4-3FB7-446F-BC78-6BBA506EC473}
Panzer Elite Action-->"D:\Gry\Panzer Elite Action\\uninstall.exe" "/U:D:\Gry\Panzer Elite Action\uninstall.xml"
RT2400 Wireless LAN Card-->RunDll32 D:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "D:\program files\InstallShield Installation Information\{9198A23F-C33C-4907-9715-96DE7D4AF27D}\Setup.exe" -l0x9
Skype™ 3.8-->MsiExec.exe /X{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}
SopCast 3.0.3-->D:\Program Files\SopCast\uninst.exe
SpeedFan (remove only)-->"D:\Program Files\SpeedFan\uninstall.exe"
Storm Codec-->C:\Program Files\Ringz Studio\Storm Codec\uninst7.01.19.exe
Total Commander (Remove or Repair)-->C:\Program Files\totalcmd\tcuninst.exe
TVUPlayer 2.3.7.1-->D:\Program Files\TVUPlayer\uninst.exe
Tweak UI-->"C:\WINDOWS\system32\mshta.exe" "res://C:\WINDOWS\system32\TweakUI.exe/uninstall.hta"
Winamp-->"C:\Program Files\Winamp\UninstWA.exe"
Windows Media Format Runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Worms Forts Under Siege-->MsiExec.exe /X{917E73C2-C7DA-4C12-9774-A6A2730BCAAB}

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"NUMBER_OF_PROCESSORS"=1
"OS"=Windows_NT
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 39 Stepping 1, AuthenticAMD
"PROCESSOR_LEVEL"=15
"PROCESSOR_REVISION"=2701
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"windir"=%SystemRoot%

-----------------EOF-----------------


[wojtas]

Wykonaj to co jest podane w tym temacie

Zastosuj SDFix . Po pobraniu uruchom go a rozpakuje się do C:\SDFix. Uruchom komputer w trybie awaryjnym (F8 przy stracie systemu). Będąc w awaryjnym uruchom plik RunThis.bat z folderu SDFixa. Zatwierdź czyszczenie przez Y. Poczekaj aż ukończy i komputer zresetuje

Potem wejdz do folderu C:\SDFix wrzuc zawartość pliku Report.txt + log z combofixa oraz daj loga z hijacka

[paroslav]

combofix

Kod: Zaznacz wszystko

ComboFix 08-11-29.03 - Paro 2008-11-30 17:11:31.1 - NTFSx86
Microsoft Windows XP Professional  5.1.2600.2.1250.1.1045.18.132 [GMT 1:00]
Uruchomiony z: d:\moje dokumenty\Pulpit\Downloads\ComboFix.exe
* Utworzono nowy punkt przywracania

[COLOR=RED][B]UWAGA - TEN KOMPUTER NIE MA ZAINSTALOWANEJ KONSOLI ODZYSKIWANIA !![/B][/COLOR]
.

(((((((((((((((((((((((((   Pliki utworzone od 2008-10-28 do 2008-11-30  )))))))))))))))))))))))))))))))
.

2008-11-29 13:21 . 2008-11-29 13:21   <DIR>   d--------   C:\rsit
2008-11-29 12:10 . 2008-11-29 12:10   <DIR>   d--h-----   c:\windows\$hf_mig$
2008-11-24 17:14 . 2008-11-24 17:14   410,976   --a------   c:\windows\system32\deploytk.dll
2008-11-11 20:07 . 2008-11-14 15:46   <DIR>   d--h-----   C:\$AVG8.VAULT$
2008-11-06 19:51 . 2008-11-06 19:51   <DIR>   d--------   c:\documents and settings\Paro\Dane aplikacji\COWON
2008-11-06 19:50 . 2008-11-23 16:36   <DIR>   d--------   d:\program files\JetAudio
2008-11-06 19:50 . 2008-11-06 19:50   <DIR>   d--------   d:\program files\common files\COWON
2008-11-06 19:50 . 2008-11-06 19:50   <DIR>   d--------   c:\documents and settings\Paro\Dane aplikacji\InstallShield
2008-10-31 13:26 . 2008-10-31 13:26   <DIR>   d--------   c:\documents and settings\Paro\Dane aplikacji\ImgBurn
2008-10-31 13:24 . 2008-10-31 13:25   <DIR>   d--------   d:\program files\ImgBurn

.
((((((((((((((((((((((((((((((((((((((((   Sekcja Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-11-30 14:55   ---------   d-----w   c:\documents and settings\Paro\Dane aplikacji\Skype
2008-11-29 22:52   ---------   d-----w   c:\documents and settings\Paro\Dane aplikacji\skypePM
2008-11-24 16:14   ---------   d-----w   d:\program files\Java
2008-11-20 17:12   ---------   d-----w   c:\documents and settings\Paro\Dane aplikacji\uTorrent
2008-11-16 16:09   ---------   d-----w   d:\program files\eMule
2008-11-12 16:32   ---------   d-----w   c:\documents and settings\Paro\Dane aplikacji\Hamachi
2008-11-11 18:16   ---------   d-----w   d:\program files\SpeedFan
2008-11-11 18:16   ---------   d-----w   d:\program files\SopCast
2008-11-06 18:50   ---------   d--h--w   d:\program files\InstallShield Installation Information
.

(((((((((((((((((((((((((((((((((((((   Wpisy startowe rejestru   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Odkurzacz-MCD"="c:\program files\Odkurzacz\odk_mcd.exe" [2008-03-03 266240]
"Gadu-Gadu"="d:\program files\Gadu-Gadu\gg.exe" [2008-03-20 2127296]
"Skype"="d:\program files\Skype\Phone\Skype.exe" [2008-08-12 21741864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NVMixerTray"="c:\program files\NVIDIA Corporation\NvMixer\NVMixerTray.exe" [2004-12-20 131072]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-12-05 8523776]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-12-05 81920]
"TrueImageMonitor.exe"="c:\program files\Acronis\TrueImageHome\TrueImageMonitor.exe" [2007-10-30 2595616]
"AcronisTimounterMonitor"="c:\program files\Acronis\TrueImageHome\TimounterMonitor.exe" [2007-10-30 909208]
"Acronis Scheduler2 Service"="c:\program files\Common Files\Acronis\Schedule2\schedhlp.exe" [2007-10-30 140568]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"StormCodec_Helper"="c:\program files\Ringz Studio\Storm Codec\StormSet.exe" [2006-11-26 97357]
"SunJavaUpdateSched"="d:\program files\Java\jre6\bin\jusched.exe" [2008-11-24 136600]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2008-11-28 1261336]
"hwmdr"="c:\program files\EPoX\EPTP\EPTP.EXE" [2005-09-06 22713344]
"NVIDIA nTune"="d:\program files\NVIDIA Corporation\nTune\\nTune.exe" [2005-03-11 589824]
"nwiz"="nwiz.exe" [2007-12-05 c:\windows\system32\nwiz.exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-03 15360]

c:\documents and settings\All Users\Menu Start\Programy\Autostart\
Raconfig.lnk - d:\program files\RALINK\RT2400 Wireless LAN Card\Installer\WINXP\RaConfig.exe [2008-08-19 479232]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=avgrsstx.dll

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgemc.exe"=
"d:\\Gry\\Team17 Software Ltd\\Worms Forts Under Siege\\WF.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"d:\\program files\\uTorrent\\uTorrent.exe"=
"d:\\program files\\Gadu-Gadu\\gg.exe"=
"d:\\Moje dokumenty\\Pulpit\\Downloads\\utorrent.exe"=
"d:\\Program Files\\Skype\\Phone\\Skype.exe"=

R0 nvcchflt;NVIDIA Disk Cache Filter Driver;c:\windows\system32\DRIVERS\nvcchflt.sys [2008-08-15 16640]
R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\Drivers\avgldx86.sys [2008-06-17 97928]
R2 avg8emc;AVG8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [2008-07-18 875288]
R2 avg8wd;AVG8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [2008-07-18 231704]
R2 AvgTdiX;AVG8 Network Redirector;c:\windows\system32\Drivers\avgtdix.sys [2008-06-17 76040]
R2 epcpuid;epcpuid;c:\windows\system32\drivers\epcpuid.sys [2008-08-15 2176]
R2 GetBINFile;GetBINFile;c:\windows\system32\drivers\GetBINFile.sys [2008-08-15 3200]
R2 hwmdr;hwmdr;c:\windows\system32\drivers\hwmdr.sys [2008-08-15 5632]
R3 EPScanMemory;EPScanMemory;\??\c:\program files\EPoX\EPTP\ScanMemory32.sys [2008-08-15 2432]
R3 RT2400;RT2400 Wireless Driver;c:\windows\system32\DRIVERS\RT2400.sys [2008-08-19 62848]

*Newly Created Service* - EPSCANMEMORY
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-11-30 17:14:08
Windows 5.1.2600 Dodatek Service Pack 2 NTFS

skanowanie ukrytych procesów ...

skanowanie ukrytych wpisów autostartu ...

skanowanie ukrytych plików ...

skanowanie pomyślnie ukończone
ukryte pliki: 0

**************************************************************************
.
--------------------- Pliki DLL ładowane pod uruchomionymi procesami ---------------------

- - - - - - - > 'lsass.exe'(976)
c:\windows\system32\relog_ap.dll
.
------------------------ Pozostałe uruchomione procesy ------------------------
.
c:\program files\Lavasoft\Ad-Aware 2007\aawservice.exe
c:\program files\Common Files\Acronis\Schedule2\schedul2.exe
d:\program files\Java\jre6\bin\jqs.exe
c:\windows\system32\nvsvc32.exe
c:\program files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe
c:\windows\system32\wdfmgr.exe
c:\program files\AVG\AVG8\avgrsx.exe
c:\windows\system32\rundll32.exe
c:\windows\system32\wscntfy.exe
d:\program files\Skype\Plugin Manager\skypePM.exe
.
**************************************************************************
.
Czas ukończenia: 2008-11-30 17:15:54 - komputer został uruchomiony ponownie
ComboFix-quarantined-files.txt  2008-11-30 16:15:49

Przed: 16 928 550 912 bajtów wolnych
Po: 16,898,269,184 bajtów wolnych

118


potem wrzuce jeszcze tego ostatniego, i nowego hijacka.
Z tego tematu zrobilem to 1. potem moge jeszcze zrobic 2.
ale teraz musze lecieć

[wojtas]

wydaje sie byc czysto

[paroslav]

no prawda, internet zdaje sie ze działa prędzej. Chyba ten bloker portow zadziałał

Nawet bardzo chyba. Bo sie pojawił bład generic host problem for win32.