co kilkanascie mintu predkosc internetu spada do zera, nie mozna wejsc na jakakolwiek stronke, trwa to kilka minut okolo 3, pozniej wraca wszystko do normy na jakis czas i tak w kolko, daje logi z combo i hja, jak by cos bylo w nich nie tak prore o podpowiedz co usunac, dzieki z gory pozdrawiam.
- Kod: Zaznacz wszystko
ComboFix 08-11-29.03 - Woytas 2008-11-30 1:06:50.24 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1250.1.1045.18.1456 [GMT 1:00]
Uruchomiony z: e:\pobieralnia\DA plus\ComboFix.exe
[COLOR=RED][B]UWAGA - TEN KOMPUTER NIE MA ZAINSTALOWANEJ KONSOLI ODZYSKIWANIA !![/B][/COLOR]
.
((((((((((((((((((((((((( Pliki utworzone od 2008-10-28 do 2008-11-30 )))))))))))))))))))))))))))))))
.
2008-11-27 01:30 . 2008-11-28 18:50 54,156 --ah----- c:\windows\QTFont.qfn
2008-11-27 01:30 . 2008-11-27 01:30 1,409 --a------ c:\windows\QTFont.for
2008-11-24 17:42 . 2008-11-23 20:53 733,686,634 --a------ C:\24-Redemption.HDTV.XviD-LOL.avi
2008-11-20 21:44 . 2008-11-20 21:44 <DIR> d-------- c:\program files\Avanquest update
2008-11-20 21:43 . 2008-11-20 21:43 <DIR> d-------- c:\program files\Common Files\Motorola Shared
2008-11-20 21:43 . 2006-11-13 15:45 1,419,232 --a------ c:\windows\system32\wdfcoinstaller01005.dll
2008-11-20 21:43 . 2007-06-18 15:18 23,680 --a------ c:\windows\system32\drivers\motmodem.sys
2008-11-20 21:43 . 2008-11-20 21:43 0 --ah----- c:\windows\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
2008-11-20 21:43 . 2008-11-20 21:43 0 --ah----- c:\windows\system32\drivers\Msft_Kernel_motmodem_01005.Wdf
2008-11-20 21:42 . 2008-11-20 21:44 <DIR> d-------- c:\program files\Motorola Phone Tools
2008-11-20 21:42 . 2008-11-20 21:53 <DIR> d-------- c:\documents and settings\All Users\Dane aplikacji\BVRP Software
2008-11-20 14:03 . 2008-11-20 14:10 <DIR> d-------- c:\windows\NV30603064.TMP
2008-11-20 02:09 . 2008-11-20 02:09 <DIR> d-------- c:\windows\system32\Futuremark
2008-11-20 02:09 . 2008-11-20 02:09 <DIR> d-------- c:\program files\Futuremark
2008-11-20 02:09 . 2004-10-25 20:02 21,664 --a------ c:\windows\system32\drivers\Entech.sys
2008-11-20 02:09 . 2001-11-19 18:05 3,972 --------- c:\windows\system32\drivers\PciBus.sys
2008-11-17 20:31 . 2008-10-07 13:33 201,157 --a------ c:\windows\system32\nvapps.nvb
2008-11-13 22:12 . 2008-11-13 22:17 <DIR> d-------- c:\program files\mp3DirectCut
2008-11-12 21:25 . 2008-11-12 21:25 172,032 --a------ c:\windows\system32\AniGIF.ocx
2008-11-10 13:11 . 2008-11-10 13:11 <DIR> d-------- c:\documents and settings\Woytas\Dane aplikacji\Red Alert 3
2008-10-31 22:24 . 2008-10-31 22:24 <DIR> d-------- c:\program files\DownloadToolz
2008-10-31 19:05 . 2008-11-12 21:26 <DIR> d-------- c:\program files\DAP
2008-10-31 14:58 . 2008-11-21 13:10 1,145,910 --a------ c:\windows\Tapeta z ACDSee.cmp
2008-10-24 16:10 . 2008-05-30 14:11 3,850,760 --a------ c:\windows\system32\D3DX9_38.dll
2008-10-24 16:10 . 2008-05-30 14:11 1,491,992 --a------ c:\windows\system32\D3DCompiler_38.dll
2008-10-24 16:10 . 2008-05-30 13:19 507,400 --a------ c:\windows\system32\XAudio2_1.dll
2008-10-24 16:10 . 2008-05-30 14:11 467,984 --a------ c:\windows\system32\d3dx10_38.dll
2008-10-24 16:10 . 2008-05-30 13:18 238,088 --a------ c:\windows\system32\xactengine3_1.dll
2008-10-24 16:10 . 2008-05-30 13:17 65,032 --a------ c:\windows\system32\XAPOFX1_0.dll
2008-10-24 16:10 . 2008-05-30 13:17 25,608 --a------ c:\windows\system32\X3DAudio1_4.dll
2008-10-24 16:09 . 2008-10-24 16:09 <DIR> d-------- c:\windows\Logs
2008-10-21 13:02 . 2008-10-21 13:02 <DIR> d-------- c:\documents and settings\All Users\Dane aplikacji\2DBoy
2008-10-16 18:26 . 2008-11-12 21:25 <DIR> d-------- c:\documents and settings\All Users\Dane aplikacji\SpeedBit
2008-10-16 18:26 . 2008-10-16 18:26 479,298 --a------ c:\windows\system32\wbocx.ocx
2008-10-16 18:26 . 2008-10-16 18:26 50,688 --a------ c:\windows\system32\wbhelp2.dll
2008-10-13 19:06 . 2008-10-13 19:06 7,118 --a------ c:\windows\system32\ealregsnapshot1.reg
2008-10-13 19:05 . 2008-10-13 19:05 <DIR> d-------- c:\documents and settings\Woytas\Dane aplikacji\Leadertech
2008-10-12 00:03 . 2008-10-12 00:03 <DIR> d--h----- c:\windows\PIF
2008-10-07 19:51 . 2008-10-07 19:51 <DIR> d-------- c:\documents and settings\Woytas\Dane aplikacji\Activision
2008-10-07 19:51 . 2008-10-07 19:51 <DIR> d-------- c:\documents and settings\All Users\Dane aplikacji\Activision
2008-10-07 13:33 . 2008-10-07 13:33 1,368,064 --a------ c:\windows\system32\nvcuda.dll
.
(((((((((((((((((((((((((((((((((((((((( Sekcja Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-11-30 00:03 --------- d-----w c:\documents and settings\Woytas\Dane aplikacji\MegauploadToolbar
2008-11-29 13:06 --------- d-----w c:\documents and settings\Woytas\Dane aplikacji\uTorrent
2008-11-28 17:46 --------- d-----w c:\documents and settings\Woytas\Dane aplikacji\GetRight
2008-11-20 20:44 --------- d--h--w c:\program files\InstallShield Installation Information
2008-11-20 13:09 --------- d-----w c:\program files\Common Files\Wise Installation Wizard
2008-11-20 13:08 --------- d-----w c:\program files\AGEIA Technologies
2008-11-13 16:05 --------- d-----w c:\program files\AIDA32 - Personal System Information
2008-11-12 20:26 --------- d---a-w c:\documents and settings\All Users\Dane aplikacji\TEMP
2008-10-16 21:14 --------- d-----w c:\program files\K-Lite Codec Pack
2008-10-02 09:07 453,152 ----a-w c:\windows\system32\NVUNINST.EXE
2008-09-15 18:10 111,928 ----a-w c:\windows\system32\PnkBstrB.exe
2008-09-04 08:31 288,024 ----a-w c:\windows\system32\PhysXCplUI.exe
2008-08-31 18:11 107,888 ----a-w c:\windows\system32\CmdLineExt.dll
2008-08-29 07:57 70,936 ----a-w c:\windows\system32\PhysXLoader.dll
2008-05-25 17:31 22,328 ----a-w c:\documents and settings\Woytas\Dane aplikacji\PnkBstrK.sys
2007-11-18 19:04 32 ----a-w c:\documents and settings\All Users\Dane aplikacji\ezsid.dat
2008-11-12 20:25 251,392 ----a-w c:\program files\opera\program\plugins\dapop.dll
.
((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane
REGEDIT4
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{F4F10C1D-87C7-404A-B4B3-000000000000}"= "c:\progra~1\DAP\SBSearch.dll" [2008-11-12 38384]
[HKEY_CLASSES_ROOT\clsid\{f4f10c1d-87c7-404a-b4b3-000000000000}]
[HKEY_CLASSES_ROOT\SearchHook.SrchHook.1]
[HKEY_CLASSES_ROOT\TypeLib\{95EFB171-F3DF-4BEC-9EF7-829A800203E6}]
[HKEY_CLASSES_ROOT\SearchHook.SrchHook]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2004-08-04 1667584]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" [2008-07-24 490952]
"DownloadAccelerator"="c:\program files\DAP\DAP.EXE" [2008-12-16 6782976]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-10-07 13574144]
"SpeedTouch USB Diagnostics"="c:\program files\Thomson\SpeedTouch USB\Dragdiag.exe" [2004-01-26 866816]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2008-07-19 78008]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-10-07 86016]
"RTHDCPL"="RTHDCPL.EXE" [2006-12-19 c:\windows\RTHDCPL.exe]
"SkyTel"="SkyTel.EXE" [2006-05-16 c:\windows\SkyTel.exe]
"nwiz"="nwiz.exe" [2008-10-07 c:\windows\system32\nwiz.exe]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-03 15360]
c:\documents and settings\All Users\Menu Start\Programy\Autostart\
Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2008-03-07 113664]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"vidc.I420"= i263_32.drv
"VIDC.X264"= x264vfw.dll
"msacm.ac3filter"= ac3filter.acm
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\!AVG Anti-Spyware]
--a------ 2007-06-11 10:25 6731312 c:\program files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
--a------ 2005-05-11 23:12 49152 c:\program files\HP\HP Software Update\hpwuSchd2.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
--a------ 2001-07-09 11:50 155648 c:\windows\system32\NeroCheck.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
-ra------ 2007-11-12 15:48 21760296 c:\program files\Skype\Phone\Skype.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite]
-ra------ 2005-10-26 16:17 159744 c:\program files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"d:\\e\\utorrent.exe"=
"c:\\Program Files\\Gadu-Gadu\\gg.exe"=
"c:\\Program Files\\SopCast\\SopCast.exe"=
"c:\\Program Files\\Ares\\Ares.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Program Files\\SopCast\\adv\\SopAdver.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Documents and Settings\\All Users\\Dane aplikacji\\NexonUS\\NGM\\NGM.exe"=
"c:\\Program Files\\DAP\\DAP.exe"=
"e:\\Gry\\Call of Duty - World at War\\CoDWaW.exe"=
"e:\\Gry\\Left 4 Dead\\left4dead.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3478:UDP"= 3478:UDP:stun
"3479:UDP"= 3479:UDP:stun 2
"6112:UDP"= 6112:UDP:stun 3
"5730:UDP"= 5730:UDP:game
"5739:UDP"= 5739:UDP:game 1
"9001:TCP"= 9001:TCP:game 2
"11881:TCP"= 11881:TCP:game 3
"8461:TCP"= 8461:TCP:GoD High Port
"8462:TCP"= 8462:TCP:GoD Low Port
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2008-09-04 78416]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\DRIVERS\aswFsBlk.sys [2008-09-04 20560]
S3 k510bus;Sony Ericsson K510 Driver driver (WDM);c:\windows\system32\DRIVERS\k510bus.sys [2008-01-20 58288]
S3 k510mdfl;Sony Ericsson K510 USB WMC Modem Filter;c:\windows\system32\DRIVERS\k510mdfl.sys [2008-01-20 8336]
S3 k510mdm;Sony Ericsson K510 USB WMC Modem Driver;c:\windows\system32\DRIVERS\k510mdm.sys [2008-01-20 94064]
S3 k510mgmt;Sony Ericsson K510 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\k510mgmt.sys [2008-01-20 85408]
S3 k510obex;Sony Ericsson K510 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\k510obex.sys [2008-01-20 83344]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{253f67fa-799f-11dd-a9ad-000e50f4bcb8}]
\Shell\AutoRun\command - I:\setup.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{fdaac578-e913-11dc-a865-000e50f4bcb8}]
\Shell\AutoRun\command - F:\Autorun.exe /run
\Shell\Shell00\Command - F:\Autorun.exe /run
\Shell\Shell01\Command - F:\Autorun.exe /action
\Shell\Shell02\Command - F:\Autorun.exe /uninstall
.
.
------- Skan uzupełniający -------
.
FireFox -: Profile - c:\documents and settings\Woytas\Dane aplikacji\Mozilla\Firefox\Profiles\hiagxd7g.default\
FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp://search.speedbit.com/
FF -: plugin - c:\program files\Adobe\Acrobat 6.0 CE\Reader\browser\nppdf32.dll
FF -: plugin - c:\program files\Java\j2re1.4.0_03\bin\NPJava11.dll
FF -: plugin - c:\program files\Java\j2re1.4.0_03\bin\NPJava12.dll
FF -: plugin - c:\program files\Java\j2re1.4.0_03\bin\NPJava13.dll
FF -: plugin - c:\program files\Java\j2re1.4.0_03\bin\NPJava32.dll
FF -: plugin - c:\program files\Java\j2re1.4.0_03\bin\NPJPI140_03.dll
FF -: plugin - c:\program files\Java\j2re1.4.0_03\bin\NPOJI610.dll
.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-11-30 01:08:33
Windows 5.1.2600 Dodatek Service Pack 2 NTFS
skanowanie ukrytych procesów ...
skanowanie ukrytych wpisów autostartu ...
skanowanie ukrytych plików ...
**************************************************************************
.
Czas ukończenia: 2008-11-30 1:10:16
ComboFix-quarantined-files.txt 2008-11-30 00:08:59
Przed: 59 584 512 bajtów wolnych
Po: 527,593,472 bajtów wolnych
186
- Kod: Zaznacz wszystko
Logfile of HijackThis v1.99.1
Scan saved at 01:10:58, on 2008-11-30
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\DAP\DAP.EXE
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\totalcmd\TOTALCMD.EXE
C:\WINDOWS\system32\notepad.exe
C:\WINDOWS\explorer.exe
D:\e\Programy\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.speedbit.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
R3 - URLSearchHook: SrchHook Class - {F4F10C1D-87C7-404A-B4B3-000000000000} - C:\PROGRA~1\DAP\SBSearch.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: IE to GetRight Helper - {31FF080D-12A3-439A-A2EF-4BA95A3148E8} - C:\Program Files\GetRight\xx2gr.dll
O2 - BHO: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL
O3 - Toolbar: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [DownloadAccelerator] "C:\Program Files\DAP\DAP.EXE" /STARTUP
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm
O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm
O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm
O8 - Extra context menu item: Download with GetRight - C:\Program Files\GetRight\GRdownload.htm
O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Open with GetRight Browser - C:\Program Files\GetRight\GRbrowse.htm
O9 - Extra button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\prxernsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\prxerdrv.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\prxerdrv.dll
O16 - DPF: {070CA17A-4BD2-4612-83B4-32B1B9159B47} (ULiveCtrl Control) - http://uc.sina.com.cn/download/live/weblive2.4.0.0.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.pl/resources/virusscanner/kavwebscan_unicode.cab
O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} (MksSkanerOnline Class) - http://www.mks.com.pl/skaner/SkanerOnline.cab
O16 - DPF: {DB7BF79A-FC51-4B5A-92BC-A65731174380} (InstantAction Game Launcher) - http://www.instantaction.com/download/iaplayer.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{38FBEEF6-FD6D-44EE-BD2C-9DE546F7D68F}: NameServer = 194.204.159.1 217.98.63.164
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe" -k runservice (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: ForceWare IP service (nSvcIp) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe