Wolno działający internet (załączone logi do weryfikacji)

[pitersid]

Witam,
Ostatnio komputer mi strasznie muli. Najbardziej jest to odczuwalne przy pracy w internecie gdzie strony zaczęły się wczytywać "masakrycznie" długo. Wyczyściłem tempy przeglądarek, tymczasowe itp a problem dalej pozostaje.

Poniżej log z Hijack, byłbym wdzięczny, gdyby ktoś mądrzejszy ode mnie zechciał rzucić na niego okiem.:

Kod: Zaznacz wszystko

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 01:46:54, on 2010-02-02
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\cexplorer.exe
C:\WINDOWS\vsnpstd3.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Gadu-Gadu\gg.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Program Files\Skype\Phone\Skype.exe
D:\gry\steam\steam.exe
C:\Program Files\Microsoft ActiveSync\Wcescomm.exe
C:\PROGRA~1\MICROS~4\rapimgr.exe
C:\Program Files\Thunderbird-Tray\TBTray.exe
C:\Program Files\Mozilla Thunderbird\thunderbird.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Microsoft ActiveSync\WCESMgr.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\TotalCmd\TOTALCMD.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
D:\GRY\CS - dodatki\Gamma Control _ muonline.org.pl.exe
d:\gry\steam\steamapps\birkoff82\counter-strike\hl.exe
D:\gry\steam\GameOverlayUI.exe
C:\Install\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
R3 - URLSearchHook: DeviceVM Url Search Hook - {0063BF63-BFFF-4B8F-9D26-4267DF7F17DD} - C:\WINDOWS\system32\dvmurl.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.3.7.16.dll
O2 - BHO: TBSB07218 - {3AF93A29-A296-4AB0-9011-D85A559203B3} - C:\Program Files\TurboUpload\TurboUpload Toolbar\turboupload.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: TurboUpload Toolbar - {01E69986-A054-4C52-ABE8-EF63DF1C5211} - C:\Program Files\TurboUpload\TurboUpload Toolbar\turboupload.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Hamachi] C:\WINDOWS\system32\cexplorer.exe -run
O4 - HKLM\..\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe
O4 - HKLM\..\Run: [Regedit32] C:\WINDOWS\system32\regedit.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [Gadu-Gadu] "C:\Program Files\Gadu-Gadu\gg.exe" /tray
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [av_md] C:\Documents and Settings\Kuba\av_md.exe
O4 - HKCU\..\Run: [Steam] "d:\gry\steam\steam.exe" -silent
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\Wcescomm.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\RunOnce: [WiseStubReboot] MSIEXEC /quiet SKIP_PPU_DRIVER_INSTALL=1 /I "C:\Program Files\Common Files\Wise Installation Wizard\WISB83FC356B7C0441F8A4DD71E088E7974_9_09_0428.MSI" TRANSFORMS="C:\Program Files\Common Files\Wise Installation Wizard\WISB83FC356B7C0441F8A4DD71E088E7974_9_09_0428.MST" WISE_SETUP_EXE_PATH="c:\nvidia\displaydriver\186.18\international\PhysX_9.09.0428_SystemSoftware.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA LOKALNA')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA SIECIOWA')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: TB-Tray.lnk = C:\Program Files\Thunderbird-Tray\TBTray.exe
O4 - Global Startup: Przyspieszenie uruchomienia programu AutoCAD.lnk = C:\Program Files\Common Files\Autodesk Shared\acstart17.exe
O4 - Global Startup: TB-Tray.lnk = C:\Program Files\Thunderbird-Tray\TBTray.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: Pobierz wszystkie VIdeo za pomocą BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: Pobierz wszystko za pomocą BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: Pobierz za pomocą BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra 'Tools' menuitem: Utwórz Ulubione dla urządzenia przenośnego... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.3.7.16.dll/206 (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} (MksSkanerOnline Class) - http://www.mks.com.pl/skaner/SkanerOnline.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{B8B1057A-74A4-45FD-9940-1077025DFE58}: NameServer = 80.244.128.2 80.244.128.1
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

--
End of file - 9100 bytes


OTL:

Kod: Zaznacz wszystko

OTL logfile created on: 2010-02-02 17:23:11 - Run 1
OTL by OldTimer - Version 3.1.27.1     Folder = C:\Install
Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 58,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 87,00% Paging File free
Paging file location(s): [Binary data over 100 bytes]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 97,65 Gb Total Space | 63,18 Gb Free Space | 64,70% Space Free | Partition Type: NTFS
Drive D: | 195,31 Gb Total Space | 152,46 Gb Free Space | 78,06% Space Free | Partition Type: NTFS
Drive E: | 172,79 Gb Total Space | 130,01 Gb Free Space | 75,24% Space Free | Partition Type: NTFS
Drive F: | 565,59 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive J: | 7,45 Gb Total Space | 0,39 Gb Free Space | 5,25% Space Free | Partition Type: FAT32

Computer Name: AMD
Current User Name: Kuba
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2010-02-02 17:22:49 | 000,548,864 | ---- | M] (OldTimer Tools) -- C:\Install\OTL.exe
PRC - [2010-01-06 23:25:15 | 000,908,248 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2009-11-30 20:10:11 | 008,318,056 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Thunderbird\thunderbird.exe
PRC - [2009-11-19 23:02:39 | 001,217,808 | ---- | M] (Valve Corporation) -- D:\GRY\Steam\Steam.exe
PRC - [2009-10-11 04:17:36 | 000,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exe
PRC - [2009-10-11 04:17:35 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2009-10-09 12:11:12 | 025,623,336 | R--- | M] (Skype Technologies S.A.) -- C:\Program Files\Skype\Phone\Skype.exe
PRC - [2009-10-09 12:11:12 | 000,078,008 | R--- | M] (Skype Technologies) -- C:\Program Files\Skype\Plugin Manager\skypePM.exe
PRC - [2009-06-10 07:28:50 | 000,168,004 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe
PRC - [2009-01-13 07:37:06 | 018,084,864 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTHDCPL.EXE
PRC - [2007-12-04 14:36:33 | 000,017,272 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
PRC - [2007-12-04 13:00:23 | 000,079,224 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashDisp.exe
PRC - [2007-12-04 13:00:16 | 000,140,664 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe
PRC - [2007-12-04 12:59:53 | 000,247,160 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
PRC - [2007-12-04 12:59:01 | 000,345,464 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
PRC - [2006-11-13 15:57:16 | 001,289,000 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft ActiveSync\wcescomm.exe
PRC - [2006-11-13 15:57:06 | 000,199,464 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft ActiveSync\rapimgr.exe
PRC - [2006-02-28 11:42:38 | 000,229,376 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe
PRC - [2005-11-08 21:02:44 | 000,038,912 | ---- | M] (Felix 'SniperBeamer' Geyer) -- C:\Program Files\Thunderbird-Tray\TBTray.exe
PRC - [2005-03-31 10:18:49 | 000,790,528 | ---- | M] (sms-express.com) -- C:\Program Files\Gadu-Gadu\gg.exe
PRC - [2005-01-14 10:00:24 | 000,339,968 | ---- | M] (Sonix) -- C:\WINDOWS\vsnpstd3.exe
PRC - [2004-08-03 23:44:30 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wscntfy.exe
PRC - [2004-08-03 23:44:22 | 000,093,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\IEXPLORE.EXE
PRC - [2004-08-03 23:44:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2004-03-23 11:06:12 | 000,888,832 | ---- | M] (THOMSON Telecom Belgium) -- C:\Program Files\Thomson\SpeedTouch USB\dragdiag.exe


[color=#E56717]========== Modules (SafeList) ==========[/color]

MOD - [2010-02-02 17:22:49 | 000,548,864 | ---- | M] (OldTimer Tools) -- C:\Install\OTL.exe
MOD - [2004-08-03 23:42:34 | 001,050,624 | R--- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
MOD - [2000-07-07 17:42:56 | 000,032,768 | ---- | M] () -- C:\Program Files\Gadu-Gadu\ggwhook.dll


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - [2009-12-12 19:12:52 | 000,072,704 | ---- | M] (Adobe Systems) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe -- (Adobe LM Service)
SRV - [2009-11-30 19:32:28 | 000,077,944 | ---- | M] (Autodesk) [On_Demand | Stopped] -- C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe -- (Autodesk Licensing Service)
SRV - [2009-10-11 04:17:35 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) [Auto | Running] -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2009-08-20 18:57:19 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2009-06-10 07:28:50 | 000,168,004 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\WINDOWS\system32\nvsvc32.exe -- (nvsvc)
SRV - [2009-06-02 09:10:08 | 000,637,952 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2008-11-20 20:18:52 | 000,136,120 | ---- | M] (Google) [On_Demand | Stopped] -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc)
SRV - [2007-12-04 14:36:33 | 000,017,272 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv)
SRV - [2007-12-04 13:00:16 | 000,140,664 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus)
SRV - [2007-12-04 12:59:53 | 000,247,160 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner)
SRV - [2007-12-04 12:59:01 | 000,345,464 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner)
SRV - [2006-02-28 11:42:38 | 000,229,376 | ---- | M] (Apple Computer, Inc.) [Auto | Running] -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - [2009-11-30 20:08:16 | 000,043,744 | ---- | M] () [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\efe575d.sys -- (efe575d)
DRV - [2009-08-28 17:45:01 | 000,012,400 | ---- | M] (Macrovision Europe Ltd) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv)
DRV - [2009-08-11 18:26:29 | 000,016,608 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\gdrv.sys -- (gdrv)
DRV - [2009-06-10 17:33:00 | 008,087,712 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2009-04-28 21:20:06 | 000,044,944 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20)
DRV - [2009-03-19 13:48:18 | 000,136,704 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdnsu.sys -- (nmwcdnsu)
DRV - [2009-03-19 13:48:12 | 000,008,320 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdnsuc.sys -- (nmwcdnsuc)
DRV - [2009-02-09 07:37:56 | 000,007,808 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2009-02-09 07:37:48 | 000,007,808 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2009-02-09 07:37:46 | 000,022,016 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2009-02-09 07:37:46 | 000,017,664 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2009-01-20 11:53:06 | 005,027,840 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2008-10-30 14:14:20 | 000,117,888 | R--- | M] (Realtek Semiconductor Corporation                           ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2008-08-26 09:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2007-12-04 14:55:46 | 000,094,544 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2007-12-04 14:53:39 | 000,023,152 | ---- | M] (ALWIL Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2007-12-04 14:51:52 | 000,042,912 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2007-12-04 14:49:02 | 000,026,624 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2007-04-16 15:46:34 | 000,033,792 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdPPM.sys -- (AmdPPM)
DRV - [2006-11-06 18:04:56 | 000,028,672 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wceusbsh.sys -- (wceusbsh)
DRV - [2006-09-24 14:28:46 | 000,005,248 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | Boot | Running] -- C:\WINDOWS\system32\speedfan.sys -- (speedfan)
DRV - [2006-09-18 13:05:30 | 000,041,984 | ---- | M] (Samsung Electronics Co., Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\DGIVECP.SYS -- (DgiVecp)
DRV - [2005-02-21 16:48:38 | 000,452,992 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\snpstd3.sys -- (SNPSTD3) USB PC Camera (SNPSTD3)
DRV - [2005-01-07 16:07:18 | 000,138,752 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Hdaudbus.sys -- (HDAudBus)
DRV - [2004-10-25 20:02:58 | 000,021,664 | ---- | M] (EnTech Taiwan) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Entech.sys -- (ENTECH)
DRV - [2004-08-03 22:08:44 | 000,025,600 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser.sys -- (usbser)
DRV - [2004-08-03 21:59:44 | 000,095,360 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\atapi.sys -- (atapi)
DRV - [2004-04-30 08:37:02 | 000,160,640 | ---- | M] ( ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\a347bus.sys -- (a347bus)
DRV - [2004-04-30 08:33:00 | 000,005,248 | ---- | M] ( ) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\a347scsi.sys -- (a347scsi)
DRV - [2003-12-08 10:53:48 | 000,053,600 | ---- | M] (THOMSON) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\alcan5wn.sys -- (alcan5wn) SpeedTouch USB ADSL PPP Networking Driver (NDISWAN)
DRV - [2003-12-08 10:53:46 | 000,070,688 | ---- | M] (THOMSON) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\alcaudsl.sys -- (alcaudsl)
DRV - [2001-08-17 20:49:56 | 000,017,792 | ---- | M] (Parallel Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink)
DRV - [1996-04-03 20:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\giveio.sys -- (giveio)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/
IE - HKCU\..\URLSearchHook: {0063BF63-BFFF-4B8F-9D26-4267DF7F17DD} - C:\WINDOWS\system32\dvmurl.dll (DeviceVM Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.startup.homepage: "http://www.google.pl"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.1.3
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {B13721C7-F507-4982-B2E5-502A71474FED}:3.3.0.3971


FF - HKLM\software\mozilla\Firefox\Extensions\\bkmrksync@nokia.com: C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\ [2009-09-06 13:59:34 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010-01-17 21:56:48 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010-01-19 16:27:27 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.23\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2009-11-30 20:10:13 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.23\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins

[2009-08-11 18:05:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kuba\Dane aplikacji\Mozilla\Extensions
[2010-02-01 21:53:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kuba\Dane aplikacji\Mozilla\Firefox\Profiles\dqtx0j5n.default\extensions
[2009-08-11 21:47:17 | 000,000,000 | ---D | M] (BitComet Video Downloader) -- C:\Documents and Settings\Kuba\Dane aplikacji\Mozilla\Firefox\Profiles\dqtx0j5n.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}
[2010-01-08 14:40:52 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\Kuba\Dane aplikacji\Mozilla\Firefox\Profiles\dqtx0j5n.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010-02-02 04:55:14 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2009-07-17 09:40:12 | 000,704,512 | ---- | M] (BitComet) -- C:\Program Files\Mozilla Firefox\plugins\npBitCometAgent.dll
[2009-06-15 10:14:40 | 000,120,296 | ---- | M] ( ) -- C:\Program Files\Mozilla Firefox\plugins\npganymedenet.dll
[2009-08-31 13:40:12 | 000,636,408 | ---- | M] (Ganymede Technologies) -- C:\Program Files\Mozilla Firefox\plugins\NPSNOOKER.dll
[2009-07-30 23:44:16 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml
[2009-07-30 23:44:16 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml
[2009-07-30 23:44:16 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml
[2009-07-30 23:44:16 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml
[2009-07-30 23:44:16 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml
[2009-07-30 23:44:16 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml

O1 HOSTS File: ([2001-10-26 14:45:16 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (BitComet Helper) - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.3.7.16.dll (BitComet)
O2 - BHO: (TBSB07218 Class) - {3AF93A29-A296-4AB0-9011-D85A559203B3} - C:\Program Files\TurboUpload\TurboUpload Toolbar\turboupload.dll ()
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (TurboUpload Toolbar) - {01E69986-A054-4C52-ABE8-EF63DF1C5211} - C:\Program Files\TurboUpload\TurboUpload Toolbar\turboupload.dll ()
O3 - HKCU\..\Toolbar\ShellBrowser: (TurboUpload Toolbar) - {01E69986-A054-4C52-ABE8-EF63DF1C5211} - C:\Program Files\TurboUpload\TurboUpload Toolbar\turboupload.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (TurboUpload Toolbar) - {01E69986-A054-4C52-ABE8-EF63DF1C5211} - C:\Program Files\TurboUpload\TurboUpload Toolbar\turboupload.dll ()
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [RTHDCPL] C:\WINDOWS\RTHDCPL.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe (Sonix)
O4 - HKLM..\Run: [SpeedTouch USB Diagnostics] C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe (THOMSON Telecom Belgium)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKCU..\Run: [Gadu-Gadu] C:\Program Files\Gadu-Gadu\gg.exe (sms-express.com)
O4 - HKCU..\Run: [H/PC Connection Agent] C:\Program Files\Microsoft ActiveSync\Wcescomm.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Skype] C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.)
O4 - HKCU..\Run: [Steam] d:\gry\steam\steam.exe (Valve Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Przyspieszenie uruchomienia programu AutoCAD.lnk = C:\Program Files\Common Files\Autodesk Shared\acstart17.exe (Autodesk, Inc)
O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\TB-Tray.lnk = C:\Program Files\Thunderbird-Tray\TBTray.exe (Felix 'SniperBeamer' Geyer)
O4 - Startup: C:\Documents and Settings\Kuba\Menu Start\Programy\Autostart\TB-Tray.lnk = C:\Program Files\Thunderbird-Tray\TBTray.exe (Felix 'SniperBeamer' Geyer)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 181
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Pobierz wszystkie VIdeo za pomocą BitComet - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: Pobierz wszystko za pomocą BitComet - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: Pobierz za pomocą BitComet - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O9 - Extra Button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Utwórz Ulubione dla urządzenia przenośnego... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - C:\Program Files\BitComet\tools\BitCometBHO_1.3.7.16.dll (BitComet)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Domains: 8 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab (System Requirements Lab Class)
O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} http://www.mks.com.pl/skaner/SkanerOnline.cab (MksSkanerOnline Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} https://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Kuba\Dane aplikacji\ACD Systems\ACDSee\ACD Wallpaper.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Kuba\Dane aplikacji\ACD Systems\ACDSee\ACD Wallpaper.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009-08-11 17:03:17 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2010-01-14 09:50:50 | 000,000,000 | ---D | M] - J:\AutoCAD 2007 ENG -- [ FAT32 ]
O32 - AutoRun File - [2010-01-14 09:52:48 | 000,000,000 | ---D | M] - J:\AutoCAD 2007 PL -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2010-02-02 04:51:33 | 000,000,000 | ---D | C] -- C:\Program Files\IObit
[2010-02-02 04:51:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kuba\Dane aplikacji\IObit
[2010-02-01 23:50:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kuba\Moje dokumenty\Any Video Converter
[2010-02-01 23:50:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kuba\Dane aplikacji\AnvSoft
[2010-02-01 23:50:34 | 000,000,000 | ---D | C] -- C:\Program Files\AnvSoft
[2010-02-01 22:56:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kuba\Dane aplikacji\TeamViewer
[2010-02-01 22:56:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kuba\temp
[2010-02-01 22:34:27 | 000,000,000 | -H-D | C] -- C:\WINDOWS\System32\GroupPolicy
[2010-01-31 23:46:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kuba\Moje dokumenty\Downloads
[2010-01-31 23:28:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Temp
[2010-01-31 23:27:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Deployment
[2010-01-23 00:05:19 | 000,049,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cdrom.sys
[2010-01-19 16:28:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kuba\Dane aplikacji\OpenOffice.org
[2010-01-19 16:27:47 | 000,000,000 | ---D | C] -- C:\Program Files\JRE
[2010-01-19 16:27:42 | 000,000,000 | ---D | C] -- C:\Program Files\OpenOffice.org 3
[2010-01-19 16:27:27 | 000,411,368 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deploytk.dll
[2010-01-19 16:27:27 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2010-01-19 16:27:27 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2010-01-19 16:27:27 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2010-01-19 16:27:27 | 000,073,728 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2010-01-19 16:27:18 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2010-01-19 16:27:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kuba\Dane aplikacji\Sun
[2010-01-19 11:54:59 | 000,000,000 | ---D | C] -- C:\Program Files\Bytescout XLS Viewer
[2010-01-19 11:49:43 | 000,000,000 | ---D | C] -- C:\Program Files\Sun
[2010-01-19 11:49:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kuba\Pulpit\Sun ODF Plugin for Microsoft Office 3.1 (en-US) Installation Files
[2010-01-17 21:54:36 | 000,000,000 | ---D | C] -- C:\Program Files\AVI MPEG WMV RM to MP3 Converter
[2010-01-17 21:44:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kuba\Dane aplikacji\Eltima Software
[2010-01-17 21:44:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP
[2010-01-17 21:44:41 | 000,000,000 | ---D | C] -- C:\Program Files\Eltima Software
[2010-01-17 20:28:13 | 000,030,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rndismpx.sys
[2010-01-17 20:28:13 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usb8023x.sys
[2010-01-17 20:28:07 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft ActiveSync
[2010-01-10 14:49:30 | 000,000,000 | ---D | C] -- C:\Program Files\teamspeak3-server_win32
[2010-01-09 21:55:38 | 000,262,144 | ---- | C] (Creative Labs) -- C:\WINDOWS\System32\wrap_oal.dll
[2010-01-09 21:55:37 | 000,086,016 | ---- | C] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\WINDOWS\System32\OpenAL32.dll
[2010-01-09 21:55:24 | 000,005,632 | ---- | C] (EnTech Taiwan) -- C:\WINDOWS\System32\drivers\Entech64.sys
[2010-01-09 21:55:23 | 000,021,664 | ---- | C] (EnTech Taiwan) -- C:\WINDOWS\System32\drivers\Entech.sys
[2010-01-09 21:55:23 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Futuremark
[2010-01-09 21:54:42 | 000,000,000 | ---D | C] -- C:\Program Files\Futuremark
[2010-01-03 20:51:16 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbuhci.sys
[2009-10-22 17:39:17 | 000,061,440 | ---- | C] ( ) -- C:\WINDOWS\System32\csnpstd3.dll
[2009-10-22 17:39:17 | 000,057,344 | ---- | C] ( ) -- C:\WINDOWS\System32\rsnpstd3.dll
[2009-10-22 17:39:17 | 000,036,864 | ---- | C] ( ) -- C:\WINDOWS\System32\vsnpstd3.dll
[2009-08-28 17:40:38 | 000,160,640 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\a347bus.sys
[2009-08-28 17:40:38 | 000,005,248 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\a347scsi.sys
[2009-08-28 15:52:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Apple
[2009-08-11 17:06:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Microsoft
[2009-08-11 17:05:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Microsoft
[2009-08-11 17:03:15 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Dane aplikacji\Microsoft
[2009-08-11 17:03:15 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Dane aplikacji\Microsoft
[1999-02-14 12:31:44 | 000,099,840 | ---- | C] (Symantec Corp.) -- C:\Program Files\Common Files\IRAABOUT.DLL
[1998-12-09 02:53:54 | 000,186,368 | ---- | C] (Symantec Corp., Peter Norton Computing Group) -- C:\Program Files\Common Files\IRAREG.DLL
[1998-12-09 02:53:54 | 000,070,144 | ---- | C] (Symantec Corp., Peter Norton Computing Group) -- C:\Program Files\Common Files\IRAMDMTR.DLL
[1998-12-09 02:53:54 | 000,048,640 | ---- | C] (Symantec Corp., Peter Norton Computing Group) -- C:\Program Files\Common Files\IRALPTTR.DLL
[1998-12-09 02:53:54 | 000,031,744 | ---- | C] (Symantec Corp., Peter Norton Computing Group) -- C:\Program Files\Common Files\IRAWEBTR.DLL
[1998-12-09 02:53:54 | 000,017,920 | ---- | C] (Symantec Corp.) -- C:\Program Files\Common Files\IRASRIAL.DLL
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2010-02-02 16:33:00 | 000,001,128 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2000478354-1343024091-725345543-1003UA.job
[2010-02-02 05:28:38 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010-02-02 05:28:37 | 000,235,380 | ---- | M] () -- C:\WINDOWS\System32\NvApps.xml
[2010-02-02 05:28:33 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010-02-02 05:27:40 | 006,291,456 | -H-- | M] () -- C:\Documents and Settings\Kuba\NTUSER.DAT
[2010-02-02 05:27:30 | 000,000,188 | -HS- | M] () -- C:\Documents and Settings\Kuba\ntuser.ini
[2010-02-02 05:27:25 | 000,002,341 | ---- | M] () -- C:\WINDOWS\wincmd.ini
[2010-02-02 05:27:21 | 007,502,882 | -H-- | M] () -- C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\IconCache.db
[2010-02-02 04:51:37 | 000,000,880 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Advanced SystemCare.lnk
[2010-02-02 03:06:39 | 000,000,507 | ---- | M] () -- C:\WINDOWS\wcx_ftp.ini
[2010-02-02 01:36:10 | 000,000,596 | RHS- | M] () -- C:\Documents and Settings\All Users\ntuser.pol
[2010-02-01 23:50:41 | 000,000,805 | ---- | M] () -- C:\Documents and Settings\Kuba\Pulpit\Any Video Converter.lnk
[2010-02-01 23:33:00 | 000,001,076 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2000478354-1343024091-725345543-1003Core.job
[2010-02-01 22:47:16 | 000,000,049 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010-01-31 18:34:26 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010-01-31 01:31:24 | 005,540,400 | ---- | M] () -- C:\de_blue.zip
[2010-01-29 16:52:01 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010-01-28 17:13:14 | 000,000,881 | ---- | M] () -- C:\WINDOWS\win.ini
[2010-01-27 02:02:02 | 000,019,456 | ---- | M] () -- C:\Documents and Settings\Kuba\Moje dokumenty\ruskie nicki.doc
[2010-01-27 02:01:57 | 000,025,600 | ---- | M] () -- C:\Documents and Settings\Kuba\Moje dokumenty\marta - angielski.doc
[2010-01-26 19:27:16 | 001,440,024 | ---- | M] () -- C:\img2-001.raw
[2010-01-23 00:05:38 | 000,006,144 | ---- | M] () -- C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-01-22 19:10:14 | 000,002,521 | ---- | M] () -- C:\Documents and Settings\Kuba\Pulpit\Microsoft Word.lnk
[2010-01-21 16:04:47 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2010-01-21 16:04:47 | 000,000,223 | RHS- | M] () -- C:\boot.ini
[2010-01-21 11:31:26 | 000,000,001 | ---- | M] () -- C:\Documents and Settings\Kuba\oashdihasidhasuidhiasdhiashdiuasdhasd
[2010-01-21 11:26:44 | 001,074,588 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010-01-21 11:26:44 | 000,484,964 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat
[2010-01-21 11:26:44 | 000,427,728 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010-01-21 11:26:44 | 000,082,214 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat
[2010-01-21 11:26:44 | 000,066,512 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010-01-20 17:25:58 | 000,060,528 | ---- | M] () -- C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT
[2010-01-20 13:11:46 | 002,128,104 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010-01-19 16:28:28 | 000,000,967 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\OpenOffice.org 3.1.lnk
[2010-01-19 11:54:59 | 000,000,701 | ---- | M] () -- C:\Documents and Settings\Kuba\Pulpit\Bytescout XLS Viewer.lnk
[2010-01-17 21:54:37 | 000,000,876 | ---- | M] () -- C:\Documents and Settings\Kuba\Pulpit\AVI MPEG WMV RM to MP3 Converter.lnk
[2010-01-17 21:44:42 | 000,001,088 | ---- | M] () -- C:\Documents and Settings\Kuba\Pulpit\SWF & FLV Toolbox 3.5.lnk
[2010-01-17 20:28:44 | 000,002,528 | ---- | M] () -- C:\Documents and Settings\Kuba\Dane aplikacji\$_hpcst$.hpc
[2010-01-09 21:55:56 | 000,001,699 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\3DMark06.lnk
[2010-01-09 21:55:38 | 000,262,144 | ---- | M] (Creative Labs) -- C:\WINDOWS\System32\wrap_oal.dll
[2010-01-09 21:55:38 | 000,086,016 | ---- | M] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\WINDOWS\System32\OpenAL32.dll
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2010-02-02 04:51:37 | 000,000,880 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Advanced SystemCare.lnk
[2010-02-01 23:50:41 | 000,000,805 | ---- | C] () -- C:\Documents and Settings\Kuba\Pulpit\Any Video Converter.lnk
[2010-02-01 22:34:55 | 000,000,596 | RHS- | C] () -- C:\Documents and Settings\All Users\ntuser.pol
[2010-01-31 23:28:06 | 000,001,128 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2000478354-1343024091-725345543-1003UA.job
[2010-01-31 23:28:06 | 000,001,076 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2000478354-1343024091-725345543-1003Core.job
[2010-01-31 01:24:00 | 005,540,400 | ---- | C] () -- C:\de_blue.zip
[2010-01-27 02:02:02 | 000,019,456 | ---- | C] () -- C:\Documents and Settings\Kuba\Moje dokumenty\ruskie nicki.doc
[2010-01-27 02:01:56 | 000,025,600 | ---- | C] () -- C:\Documents and Settings\Kuba\Moje dokumenty\marta - angielski.doc
[2010-01-26 19:25:36 | 001,440,024 | ---- | C] () -- C:\img2-001.raw
[2010-01-22 19:10:14 | 000,002,521 | ---- | C] () -- C:\Documents and Settings\Kuba\Pulpit\Microsoft Word.lnk
[2010-01-19 16:28:28 | 000,000,967 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\OpenOffice.org 3.1.lnk
[2010-01-19 11:54:59 | 000,000,701 | ---- | C] () -- C:\Documents and Settings\Kuba\Pulpit\Bytescout XLS Viewer.lnk
[2010-01-17 21:54:37 | 000,000,876 | ---- | C] () -- C:\Documents and Settings\Kuba\Pulpit\AVI MPEG WMV RM to MP3 Converter.lnk
[2010-01-17 21:44:42 | 000,040,960 | ---- | C] () -- C:\WINDOWS\wavdest.ax
[2010-01-17 21:44:42 | 000,001,088 | ---- | C] () -- C:\Documents and Settings\Kuba\Pulpit\SWF & FLV Toolbox 3.5.lnk
[2010-01-17 20:28:44 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\Kuba\Dane aplikacji\$_hpcst$.hpc
[2010-01-09 21:55:56 | 000,001,699 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\3DMark06.lnk
[2010-01-09 21:55:24 | 000,006,173 | ---- | C] () -- C:\WINDOWS\System32\drivers\Entech.vxd
[2010-01-09 21:55:24 | 000,003,972 | ---- | C] () -- C:\WINDOWS\System32\drivers\PciBus.sys
[2009-12-25 01:24:59 | 000,178,176 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2009-12-25 01:24:59 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2009-12-25 01:24:57 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2009-12-25 01:24:56 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2009-12-25 01:24:55 | 000,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2009-11-30 20:08:16 | 000,043,744 | ---- | C] () -- C:\WINDOWS\System32\drivers\efe575d.sys
[2009-11-30 20:07:39 | 000,000,012 | ---- | C] () -- C:\Documents and Settings\NetworkService\Dane aplikacji\fqpdsw.dat
[2009-11-30 20:07:33 | 000,000,004 | ---- | C] () -- C:\Documents and Settings\Kuba\Dane aplikacji\avdrn.dat
[2009-11-30 20:07:32 | 000,000,004 | ---- | C] () -- C:\Documents and Settings\Kuba\Dane aplikacji\wiaservg.log
[2009-11-08 02:54:24 | 000,000,049 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2009-10-22 17:39:18 | 000,452,992 | ---- | C] () -- C:\WINDOWS\System32\drivers\snpstd3.sys
[2009-10-22 17:39:18 | 000,015,498 | ---- | C] () -- C:\WINDOWS\snpstd3.ini
[2009-10-18 20:45:16 | 000,034,308 | ---- | C] () -- C:\WINDOWS\System32\BASSMOD.dll
[2009-10-14 16:40:40 | 000,000,427 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009-10-14 16:40:39 | 000,000,063 | ---- | C] () -- C:\WINDOWS\mdm.ini
[2009-10-14 16:40:31 | 000,000,000 | ---- | C] () -- C:\WINDOWS\NSREX.INI
[2009-09-17 19:02:19 | 000,000,507 | ---- | C] () -- C:\WINDOWS\wcx_ftp.ini
[2009-09-14 19:45:27 | 008,676,883 | ---- | C] () -- C:\WINDOWS\System32\NCMedia2.dll
[2009-09-14 19:45:27 | 000,881,664 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2009-09-14 19:45:27 | 000,205,824 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2009-09-14 19:34:37 | 000,006,144 | ---- | C] () -- C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009-09-14 19:19:18 | 000,215,760 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\FontCache3.0.0.0.dat
[2009-09-06 10:37:16 | 000,043,520 | ---- | C] () -- C:\WINDOWS\System32\CmdLineExt03.dll
[2009-08-11 18:32:49 | 000,002,341 | ---- | C] () -- C:\WINDOWS\wincmd.ini
[2009-08-11 17:18:24 | 000,005,606 | ---- | C] () -- C:\WINDOWS\System32\stci.dll
[2009-06-10 07:29:34 | 001,724,416 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2009-06-10 07:29:34 | 001,101,824 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2009-06-10 07:29:34 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2009-06-10 07:29:32 | 001,507,328 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2006-09-18 13:04:14 | 000,106,496 | ---- | C] () -- C:\WINDOWS\System32\WIAIPH.dll
[2006-09-18 13:04:14 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\WIAEH.dll
[2006-09-18 13:04:14 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\Sswiadrv.dll
[2006-09-18 13:04:14 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\WIASTIIO.dll
[2004-08-03 23:44:00 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\ieencode.dll
[2004-08-03 21:59:44 | 000,095,360 | ---- | C] () -- C:\WINDOWS\System32\drivers\atapi.sys
[1999-01-22 18:46:58 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL
[1996-04-03 20:33:26 | 000,005,248 | ---- | C] () -- C:\WINDOWS\System32\giveio.sys
< End of report >


Pozdrawiam

[NieWiem]

Proszę zmienić nazwę tematu na bardziej dokładną, mówiącą więcej o problemie. Tak, aby przeglądający forum zanim kliknie w Twój temat wiedział o czym on jest, aby zmienić temat kliknij w pierwszym swoim poście
Inaczej temat zostanie usunięty.

Do czasu poprawienia tematu przez autora nie odpowiadamy.

Proszę zastosować się do zasad wstawiania logów i edytować swój post zgodnie z zasadami

[pitersid]

Temat poprawiony, dziękuję za zwrócenie uwagi. Proszę "mądre głowy" o opinię

[wojtas]

1.Uruchom OTL z opcji CleanUp
2. wykonaj optymalizację windowsa
3.Wyłącz przywracanie systemu ( właściwości mój komputer-zakładka przywracanie - wyłącz przywracanie na wszystkich dyskach). Po chwili włącz je powrotem]
4. zrób skan Malwarebytes Anti-Malware (zaktualizuj, usuń co znajdzie ) i daj raport ze skanu

[pitersid]

Wynik skanu Malwarebytes' Anti-Malware 1.44:

Kod: Zaznacz wszystko

Malwarebytes' Anti-Malware 1.44
Wersja bazy definicji: 3681
Windows 5.1.2600 Dodatek Service Pack 2
Internet Explorer 6.0.2900.2180

2010-02-03 00:21:07
mbam-log-2010-02-03 (00-20-57).txt

Typ skanowania: Pełne skanowanie (C:\|D:\|E:\|J:\|)
Przeskanowane obiekty: 315382
Upłynęło: 43 minute(s), 22 second(s)

Zainfekowane procesy w pamięci: 0
Zainfekowane moduły pamięci: 0
Zainfekowane klucze rejestru: 17
Zainfekowane wartości rejestru: 3
Zainfekowane pliki rejestru: 0
Zainfekowane foldery: 0
Zainfekowane pliki: 6

Zainfekowane procesy w pamięci:
(Nie wykryto groźnych plików)

Zainfekowane moduły pamięci:
(Nie wykryto groźnych plików)

Zainfekowane klucze rejestru:
HKEY_CLASSES_ROOT\tbsb07218.ietoolbar (Adware.Softomate) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{80d6fb4c-cb64-4d15-8d2e-60eaa27e6a8c} (Adware.Softomate) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{90bb679a-397b-4e5b-82b7-15b3b82ee9ea} (Adware.Softomate) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{db5c32ae-46b0-4bc3-ba3f-bac10848437d} (Adware.Softomate) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{01e69986-a054-4c52-abe8-ef63df1c5211} (Adware.Softomate) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{01e69986-a054-4c52-abe8-ef63df1c5211} (Adware.Softomate) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{3af93a29-a296-4ab0-9011-d85a559203b3} (Adware.Softomate) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{3af93a29-a296-4ab0-9011-d85a559203b3} (Adware.Softomate) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3af93a29-a296-4ab0-9011-d85a559203b3} (Adware.Softomate) -> No action taken.
HKEY_CLASSES_ROOT\tbsb07218.ietoolbar.1 (Adware.Softomate) -> No action taken.
HKEY_CLASSES_ROOT\tbsb07218.tbsb07218 (Adware.Softomate) -> No action taken.
HKEY_CLASSES_ROOT\tbsb07218.tbsb07218.3 (Adware.Softomate) -> No action taken.
HKEY_CLASSES_ROOT\urlsearchhook.toolbarurlsearchhook (Adware.Ecobar) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{4509d3cc-b642-4745-b030-645b79522c6d} (Adware.Ecobar) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{4897bba6-48d9-468c-8efa-846275d7701b} (Adware.Ecobar) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{ca3eb689-8f09-4026-aa10-b9534c691ce0} (Adware.Ecobar) -> No action taken.
HKEY_CLASSES_ROOT\urlsearchhook.toolbarurlsearchhook.1 (Adware.Ecobar) -> No action taken.

Zainfekowane wartości rejestru:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\ShellBrowser\{01e69986-a054-4c52-abe8-ef63df1c5211} (Adware.Softomate) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{01e69986-a054-4c52-abe8-ef63df1c5211} (Adware.Softomate) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{01e69986-a054-4c52-abe8-ef63df1c5211} (Adware.Softomate) -> No action taken.

Zainfekowane pliki rejestru:
(Nie wykryto groźnych plików)

Zainfekowane foldery:
(Nie wykryto groźnych plików)

Zainfekowane pliki:
C:\Program Files\TurboUpload\TurboUpload Toolbar\turboupload.dll (Adware.Softomate) -> No action taken.
C:\Program Files\TurboUpload\TurboUpload Toolbar\tbhelper.dll (Adware.Ecobar) -> No action taken.
C:\Install\Sony Vegas Pro 9.0 32bit\Sony Vegas Pro 9 Patch\Keygen.exe (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Kuba\Dane aplikacji\wiaservg.log (Malware.Trace) -> No action taken.
C:\Documents and Settings\Kuba\oashdihasidhasuidhiasdhiashdiuasdhasd (Malware.Trace) -> No action taken.
C:\Documents and Settings\Kuba\Dane aplikacji\avdrn.dat (Malware.Trace) -> No action taken.


Dodano 03.02.2010 07:38:08:
Dodam, że te wszystkie czynności nic nie poprawiły w funkcjonowaniu internetu (dodam, że nie mam limitów ilości DL).

Dodano 03.02.2010 12:25:40:
Dodam jeszcze, że AVAST co chwile blokuje mi jakieś ataki przez EXPLOIT (DCOM i LSASS). W ciągu dwóch godzin wyświetlił mi 10 powiadomień o zablokowanych atakach?! WTF?!!

[wojtas]

Uruchom OTL i w oknie Custom Scans/Fixes wklej :

:OTL

:Files
C:\Documents and Settings\NetworkService\Dane aplikacji\fqpdsw.dat
C:\Documents and Settings\Kuba\Dane aplikacji\avdrn.dat
C:\Documents and Settings\Kuba\Dane aplikacji\wiaservg.log
C:\WINDOWS\System32\drivers\efe575d.sys
C:\Documents and Settings\Kuba\oashdihasidhasuidhiasdhiashdiuasdhasd
C:\Program Files\TurboUpload\TurboUpload Toolbar

:Services
efe575d

:Commands
[emptytemp]

Kliknij w Run Fix. I potwierdz reset kompa .

Następnie uruchamiasz OTL z opcją Run Scan. Pokazujesz nowy log OTL.txt oraz raport z czyszczenia komputera