Problem ze skrzynką mailową!

[Barty]

Witam
mam strasznie denerwujący problem ze wszystkimi skrzynkami jakie mam czy jest to o2, gmail czy op. Otóż wysyłanie wiadomości to masakra cały czas wyskakuje, że system napotkał problem, ponawianie próby itd na każdej skrzynce, trzeba klikać do skutku aż wyśle zajmuje czasami to sporo czasu. Wydaję mi się że to pewnie sprawa konfiguracji gdzieś(?) Maile też otwierają się powoli i wszystko działa strasznie wolno. Czy ktoś wie o co może chodzić? co sprawdzić?
Będę wdzięczny za każdą pomoc

[Palacio]

Jakiej przeglądarki używasz, i dlaczego jest to akurat IE

Spróbuj zainstalować Operę

[Barty]

Problem jest na każdy przeglądarkach Opera, IE, Mozilla. Obecnie nie moge otworzyć nawet maila (Ups System naptkoła problem) Może to jakis wirus załączam loga z hijacka licząc że ktoś zorientowany zobaczy problem:

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\BufferZone\ClntSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\PROGRA~1\MULTIM~1\MMKBD.exe
C:\WINDOWS\V0220Mon.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\WINDOWS\System32\alg.exe
C:\Documents and Settings\user\Pulpit\Bartek folder\rapget141\rapget.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\Eset\nod32krn.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Gadu-Gadu\gg.exe
C:\Program Files\Winamp\winamp.exe
C:\Program Files\Winamp\winamp.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Opera\opera.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Documents and Settings\user\Pulpit\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0 CE\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: ShoppingReport - {100EB1FD-D03E-47FD-81F3-EE91287F9465} - (no file)
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.2.6.26.dll
O2 - BHO: TBSB07374 - {58A81167-4ED6-495B-B0D6-D791D95DA342} - C:\Program Files\LING Toolbar\Slownik LING\toolbar2.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: (no name) - {C2A1C5CB-C0EF-4689-9436-F62CCA1C5383} - C:\Program Files\NetProject\sbmdl.dll (file missing)
O3 - Toolbar: Web Application - {81705D67-3F73-4983-859B-97D0922E5ABE} - C:\Program Files\NetProject\wamdl.dll (file missing)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Slownik LING - {6D53ADB7-6AD5-4A59-BFE4-7B57D2F4AA89} - C:\Program Files\LING Toolbar\Slownik LING\toolbar2.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Multimedir KBD] C:\PROGRA~1\MULTIM~1\MMKBD.exe
O4 - HKLM\..\Run: [V0220Mon.exe] C:\WINDOWS\V0220Mon.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Gadu-Gadu] "C:\Program Files\Gadu-Gadu\gg.exe" /tray
O4 - HKCU\..\Run: [AWMON] "C:\PROGRA~1\Lavasoft\AD-AWA~2\Ad-Watch.exe"
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BitComet] "C:\Program Files\BitComet\BitComet.exe" /tray
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKLM\..\Policies\Explorer\Run: [some] C:\Program Files\NetProject\scit.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA LOKALNA')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA SIECIOWA')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Picture Motion Browser Media Check Tool.lnk = C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: BlueSoleil.lnk = C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: KODAK Software Updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: Download with Rapget - C:\Documents and Settings\user\Pulpit\Bartek folder\rapget141\rapget.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: (no name) - {9034A523-D068-4BE8-A284-9DF278BE776E} - http://www.explorertool.net/redirect.php (file missing)
O9 - Extra 'Tools' menuitem: IE Anti-Spyware - {9034A523-D068-4BE8-A284-9DF278BE776E} - http://www.explorertool.net/redirect.php (file missing)
O9 - Extra button: ShopperReports - Compare product prices - {C5428486-50A0-4a02-9D20-520B59A9F9B2} - C:\Program Files\ShoppingReport\Bin\2.0.22\ShoppingReport.dll (file missing)
O9 - Extra button: ShopperReports - Compare travel rates - {C5428486-50A0-4a02-9D20-520B59A9F9B3} - C:\Program Files\ShoppingReport\Bin\2.0.22\ShoppingReport.dll (file missing)
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.2.6.26.dll/206 (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://arcaonline.arcabit.com
O15 - Trusted Zone: http://www.mks.com.pl
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.pl/resources/virus ... nicode.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {3D8700FB-86A4-4CB4-B738-6F0FC016AC7D} (MainControl Class) - http://arcaonline.arcabit.com/ArcaOnline.cab
O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} (MksSkanerOnline Class) - http://www.mks.com.pl/skaner/SkanerOnline.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 3212432468
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: epistylar - {917f93bf-6714-4e11-8982-59db2e0f88fc} - C:\WINDOWS\system32\eeioq.dll (file missing)
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: BufferZone Service (BufferZoneSvc) - Unknown owner - C:\Program Files\BufferZone\ClntSvc.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

[huber2t]

fix w hijackthis

O2 - BHO: ShoppingReport - {100EB1FD-D03E-47FD-81F3-EE91287F9465} - (no file)
O2 - BHO: (no name) - {C2A1C5CB-C0EF-4689-9436-F62CCA1C5383} - C:\Program Files\NetProject\sbmdl.dll (file missing)
O3 - Toolbar: Web Application - {81705D67-3F73-4983-859B-97D0922E5ABE} - C:\Program Files\NetProject\wamdl.dll (file missing)
O4 - HKLM\..\Policies\Explorer\Run: [some] C:\Program Files\NetProject\scit.exe
O9 - Extra button: (no name) - {9034A523-D068-4BE8-A284-9DF278BE776E} - http://www.explorertool.net/redirect.php (file missing)
O9 - Extra 'Tools' menuitem: IE Anti-Spyware - {9034A523-D068-4BE8-A284-9DF278BE776E} - http://www.explorertool.net/redirect.php (file missing)
O9 - Extra button: ShopperReports - Compare product prices - {C5428486-50A0-4a02-9D20-520B59A9F9B2} - C:\Program Files\ShoppingReport\Bin\2.0.22\ShoppingReport.dll (file missing)
O9 - Extra button: ShopperReports - Compare travel rates - {C5428486-50A0-4a02-9D20-520B59A9F9B3} - C:\Program Files\ShoppingReport\Bin\2.0.22\ShoppingReport.dll (file missing)
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.2.6.26.dll/206 (file missing)
O22 - SharedTaskScheduler: epistylar - {917f93bf-6714-4e11-8982-59db2e0f88fc} - C:\WINDOWS\system32\eeioq.dll (file missing)

Podaj log z Combofix

[Barty]

log z Combofix

008-08-10 19:29 . 2008-08-10 19:29 <DIR> d-------- C:\Documents and Settings\LocalService\Pulpit
2008-08-10 19:29 . 2008-08-10 19:29 <DIR> d-------- C:\Documents and Settings\LocalService\Dane aplikacji\SiteAdvisor
2008-08-10 19:28 . 2008-08-10 19:28 <DIR> d-------- C:\Program Files\SiteAdvisor
2008-08-10 19:28 . 2008-08-10 19:29 <DIR> d-------- C:\Documents and Settings\user\Dane aplikacji\SiteAdvisor
2008-08-10 19:28 . 2008-08-10 19:28 <DIR> d-------- C:\Documents and Settings\All Users\Dane aplikacji\SiteAdvisor
2008-08-10 19:28 . 2008-08-10 19:29 <DIR> d-------- C:\Documents and Settings\All Users\Dane aplikacji\McAfee
2008-08-10 14:21 . 2008-08-10 14:21 <DIR> d-------- C:\Program Files\Trymedia
2008-08-10 14:20 . 2008-08-10 14:20 <DIR> d-------- C:\Program Files\Global Star Software
2008-08-10 12:20 . 2008-08-10 12:20 <DIR> d-------- C:\Program Files\Monte Cristo
2008-08-10 12:14 . 2008-08-10 12:14 <DIR> d-------- C:\WINDOWS\Downloaded Installations
2008-08-10 12:08 . 2008-08-10 12:08 <DIR> d-------- C:\Program Files\7-Zip
2008-08-05 01:39 . 2008-08-05 01:39 214 --a------ C:\WINDOWS\HP_48BitScanUpdatePatch.ini
2008-08-03 09:48 . 2004-08-03 23:08 25,600 --a------ C:\WINDOWS\system32\drivers\usbser.sys
2008-08-03 09:48 . 2004-08-03 23:08 25,600 --a--c--- C:\WINDOWS\system32\dllcache\usbser.sys
2008-08-03 09:48 . 2008-08-03 09:48 0 --ah----- C:\WINDOWS\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
2008-08-03 09:48 . 2008-08-03 09:48 0 --ah----- C:\WINDOWS\system32\drivers\Msft_Kernel_ccdcmb_01005.Wdf
2008-08-03 09:45 . 2008-08-03 09:45 <DIR> d-------- C:\Program Files\PC Connectivity Solution
2008-08-03 09:45 . 2008-08-03 09:45 <DIR> d-------- C:\Program Files\DIFX
2008-08-03 09:45 . 2008-08-03 09:45 <DIR> d-------- C:\Program Files\Common Files\PCSuite
2008-08-03 09:45 . 2008-08-03 09:45 <DIR> d-------- C:\Program Files\Common Files\Nokia
2008-08-03 09:45 . 2008-08-03 09:48 <DIR> d-------- C:\Documents and Settings\user\Dane aplikacji\PC Suite
2008-08-03 09:45 . 2008-08-03 09:55 <DIR> d-------- C:\Documents and Settings\user\Dane aplikacji\Nokia
2008-08-03 09:45 . 2008-08-03 09:45 <DIR> d-------- C:\Documents and Settings\All Users\Dane aplikacji\PC Suite
2008-08-03 09:45 . 2007-09-17 15:53 21,632 --a------ C:\WINDOWS\system32\drivers\pccsmcfd.sys
2008-08-03 09:44 . 2008-08-03 09:45 <DIR> d----c--- C:\WINDOWS\system32\DRVSTORE
2008-08-03 09:44 . 2008-08-03 09:45 <DIR> d-------- C:\Program Files\Nokia
2008-08-03 09:44 . 2008-05-07 07:39 1,419,232 --a------ C:\WINDOWS\system32\wdfcoinstaller01005.dll
2008-08-03 09:44 . 2008-05-07 07:38 659,968 --a------ C:\WINDOWS\system32\nmwcdcocls.dll
2008-08-03 09:44 . 2008-05-07 07:38 90,624 --a------ C:\WINDOWS\system32\nmwcdcls.dll
2008-08-03 09:44 . 2008-05-07 07:38 20,864 --a------ C:\WINDOWS\system32\drivers\ccdcmbo.sys
2008-08-03 09:44 . 2008-05-07 07:38 17,536 --a------ C:\WINDOWS\system32\drivers\ccdcmb.sys
2008-08-03 09:44 . 2008-05-07 07:38 8,064 --a------ C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys
2008-08-03 09:44 . 2008-06-06 09:24 8,064 --a------ C:\WINDOWS\system32\drivers\usbser_lowerflt.sys
2008-08-03 09:43 . 2008-08-03 09:43 <DIR> d-------- C:\Documents and Settings\All Users\Dane aplikacji\Installations
2008-08-02 23:23 . 2008-08-10 19:28 <DIR> d-------- C:\Downloads
2008-07-30 18:18 . 2008-07-30 18:18 0 --a------ C:\WINDOWS\nsreg.dat
2008-07-30 11:53 . 2008-07-30 11:53 <DIR> d-------- C:\Program Files\AVIcodec
2008-07-28 15:08 . 2008-07-28 15:08 <DIR> d-------- C:\Program Files\Real Alternative
2008-07-27 13:38 . 2008-08-02 23:23 <DIR> d-------- C:\Program Files\BitComet
2008-07-23 12:38 . 2008-08-10 23:27 <DIR> d-------- C:\download
2008-07-23 12:30 . 2008-07-23 12:38 <DIR> d-------- C:\Program Files\FlashGet
2008-07-20 11:10 . 2008-07-20 11:10 <DIR> d-------- C:\Program Files\QuickTime Alternative
2008-07-20 11:10 . 2008-07-20 11:10 <DIR> d-------- C:\Documents and Settings\All Users\Dane aplikacji\Apple Computer
2008-07-20 11:10 . 2008-05-27 10:50 90,112 --a------ C:\WINDOWS\system32\QuickTimeVR.qtx
2008-07-20 11:10 . 2008-05-27 10:50 57,344 --a------ C:\WINDOWS\system32\QuickTime.qts
2008-07-15 22:58 . 2008-07-15 22:58 <DIR> d-------- C:\WINDOWS\WinAVI Video Converter 9.0
2008-07-15 22:58 . 2008-07-15 22:58 <DIR> d-------- C:\Program Files\WinAVI Video Converter 9.0
2008-07-15 11:51 . 2008-07-15 11:51 <DIR> d-------- C:\Program Files\LING Toolbar
2008-07-14 21:58 . 2008-07-14 21:58 <DIR> d-------- C:\Documents and Settings\user\Dane aplikacji\Media Player Classic
2008-07-13 10:53 . 2008-05-31 01:22 683,520 --a------ C:\WINDOWS\system32\divx.dll
2008-07-13 10:48 . 2008-07-13 10:53 <DIR> d-------- C:\Program Files\K-Lite Codec Pack
2008-07-13 10:48 . 2008-07-04 08:34 860,160 --a------ C:\WINDOWS\system32\lameACM.acm
2008-07-13 10:48 . 2004-01-25 18:18 217,088 --a------ C:\WINDOWS\system32\yv12vfw.dll
2008-07-13 10:48 . 2008-01-10 14:16 159,839 --a------ C:\WINDOWS\system32\xvidvfw.dll
2008-07-13 10:48 . 2007-09-21 02:52 118,784 --a------ C:\WINDOWS\system32\ac3acm.acm
2008-07-13 10:48 . 2008-06-12 20:36 7,680 --a------ C:\WINDOWS\system32\ff_vfw.dll
2008-07-13 10:48 . 2007-07-10 18:10 547 --a------ C:\WINDOWS\system32\ff_vfw.dll.manifest
2008-07-13 10:48 . 2007-10-03 17:03 414 --a------ C:\WINDOWS\system32\lame_acm.xml
2008-07-11 21:02 . 2008-07-11 21:02 30 --a------ C:\WINDOWS\TextSpy.ini
2008-07-11 18:08 . 2008-07-11 18:08 <DIR> d-------- C:\Program Files\MSN Messenger
2008-07-10 13:29 . 2008-08-10 18:51 <DIR> d-------- C:\Program Files\Opera

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-08-10 21:36 --------- d-----w C:\Documents and Settings\user\Dane aplikacji\Skype
2008-08-10 17:20 --------- d-----w C:\Program Files\BufferZone
2008-08-10 12:24 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-08-10 12:21 --------- d-----w C:\Program Files\eMule
2008-07-25 23:18 --------- d-----w C:\Program Files\Java
2008-07-20 09:09 --------- d-----w C:\Program Files\QuickTime
2008-07-15 09:46 --------- d-----w C:\Program Files\Google
2008-07-15 09:37 --------- d-----w C:\Documents and Settings\user\Dane aplikacji\Image Zone Express
2008-07-13 08:47 --------- d-----w C:\Program Files\DivX
2008-06-20 17:42 246,784 ----a-w C:\WINDOWS\system32\mswsock.dll
2008-06-20 10:45 360,320 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys
2008-06-20 10:44 138,368 ----a-w C:\WINDOWS\system32\drivers\afd.sys
2008-06-20 09:52 225,920 ----a-w C:\WINDOWS\system32\drivers\tcpip6.sys
2008-06-14 18:01 273,024 ------w C:\WINDOWS\system32\drivers\bthport.sys
2008-06-13 15:12 --------- d-----w C:\Program Files\Tomb Raider - Legend
2008-05-30 23:22 593,920 ----a-w C:\WINDOWS\system32\dpuGUI11.dll
2008-05-30 23:22 57,344 ----a-w C:\WINDOWS\system32\dpv11.dll
2008-05-30 23:22 53,248 ----a-w C:\WINDOWS\system32\dpuGUI10.dll
2008-05-30 23:22 344,064 ----a-w C:\WINDOWS\system32\dpus11.dll
2008-05-30 23:22 294,912 ----a-w C:\WINDOWS\system32\dpu11.dll
2008-05-30 23:22 294,912 ----a-w C:\WINDOWS\system32\dpu10.dll
2008-05-22 22:22 3,596,288 ----a-w C:\WINDOWS\system32\qt-dx331.dll
2008-05-22 22:22 129,784 ------w C:\WINDOWS\system32\pxafs.dll
2008-05-22 22:22 120,056 ------w C:\WINDOWS\system32\PxCpyI64.exe
2008-05-22 22:22 118,520 ------w C:\WINDOWS\system32\PxInsI64.exe
2008-05-22 22:20 200,704 ----a-w C:\WINDOWS\system32\ssldivx.dll
2008-05-22 22:20 1,044,480 ----a-w C:\WINDOWS\system32\libdivx.dll
2008-05-22 22:19 81,920 ----a-w C:\WINDOWS\system32\dpl100.dll
2008-05-22 22:19 196,608 ----a-w C:\WINDOWS\system32\dtu100.dll
2008-05-22 22:19 161,096 ----a-w C:\WINDOWS\system32\DivXCodecVersionChecker.exe
2008-03-11 02:58 102,728,147 ----a-w C:\Documents and Settings\user\PSX.Ps1.Scooby.doo.playstation.zip
2008-02-17 23:18 36 ----a-w C:\Documents and Settings\user\klextlock.dat
2007-06-26 08:47 401 ----a-w C:\Program Files\INSTALL.LOG
2007-03-19 18:13 6,422,611 ----a-w C:\Program Files\frostwire-4.13.1.6.windows.exe
2004-10-01 13:00 40,960 ----a-w C:\Program Files\Uninstall_CDS.exe
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{58A81167-4ED6-495B-B0D6-D791D95DA342}]
2008-06-08 00:55 2404352 --a------ C:\Program Files\LING Toolbar\Slownik LING\toolbar2.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SxBzBufferZoneOverlay]
@="{37ADBD0B-11EC-4A2C-9F93-5C3ACC7994DF}"
[HKEY_CLASSES_ROOT\CLSID\{37ADBD0B-11EC-4A2C-9F93-5C3ACC7994DF}]
2006-11-09 16:07 1580032 --a------ C:\WINDOWS\system32\rlshellext.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SxBzConfidentialOverlay]
@="{F594B094-8768-4632-8143-12852EBBD688}"
[HKEY_CLASSES_ROOT\CLSID\{F594B094-8768-4632-8143-12852EBBD688}]
2006-11-09 16:07 1580032 --a------ C:\WINDOWS\system32\rlshellext.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SxBzForbiddenOverlay]
@="{F1A1DA12-E651-4AD0-A1A0-6214546B2F9D}"
[HKEY_CLASSES_ROOT\CLSID\{F1A1DA12-E651-4AD0-A1A0-6214546B2F9D}]
2006-11-09 16:07 1580032 --a------ C:\WINDOWS\system32\rlshellext.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SxBzUnknownOverlay]
@="{E4FC4B31-8A4F-45E6-BDAC-28F612371FE3}"
[HKEY_CLASSES_ROOT\CLSID\{E4FC4B31-8A4F-45E6-BDAC-28F612371FE3}]
2006-11-09 16:07 1580032 --a------ C:\WINDOWS\system32\rlshellext.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="C:\Program Files\Skype\Phone\Skype.exe" [2007-05-28 14:57 23561256]
"Gadu-Gadu"="C:\Program Files\Gadu-Gadu\gg.exe" [2007-07-09 09:39 2119104]
"AWMON"="C:\PROGRA~1\Lavasoft\AD-AWA~2\Ad-Watch.exe" [2005-05-25 13:12 517632]
"NBJ"="C:\Program Files\Ahead\Nero BackItUp\NBJ.exe" [2006-02-10 21:40 2048000]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 18:24 1694208]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 00:44 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-08-11 15:43 7630848]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2006-08-11 15:43 86016]
"RemoteControl"="C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe" [2004-11-02 20:24 32768]
"InCD"="C:\Program Files\Ahead\InCD\InCD.exe" [2006-07-12 11:58 1397760]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 11:50 155648]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2005-05-11 23:12 49152]
"Multimedir KBD"="C:\PROGRA~1\MULTIM~1\MMKBD.exe" [1999-09-06 18:23 270336]
"V0220Mon.exe"="C:\WINDOWS\V0220Mon.exe" [2006-06-28 19:01 32768]
"ISUSPM Startup"="C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-04-17 12:41 196608]
"ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [2004-04-13 06:07 69632]
"nod32kui"="C:\Program Files\Eset\nod32kui.exe" [2008-02-03 00:44 950664]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 02:11 132496]
"WinampAgent"="C:\Program Files\Winamp\winampa.exe" [2006-06-09 02:17 35328]
"RTHDCPL"="RTHDCPL.EXE" [2006-11-14 11:21 16270848 C:\WINDOWS\RTHDCPL.exe]
"SkyTel"="SkyTel.EXE" [2006-05-16 12:04 2879488 C:\WINDOWS\SkyTel.exe]
"nwiz"="nwiz.exe" [2006-08-11 15:43 1519616 C:\WINDOWS\system32\nwiz.exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-04 00:44 15360]

C:\Documents and Settings\user\Menu Start\Programy\Autostart\
Picture Motion Browser Media Check Tool.lnk - C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe [2007-06-10 11:24:48 344064]

C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2004-12-14 14:44:06 29696]
BlueSoleil.lnk - C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe [2007-06-13 18:14:08 1183744]
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2005-05-11 23:23:26 282624]
KODAK Software Updater.lnk - C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe [2004-02-13 14:12:08 16423]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.YV12"= yv12vfw.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer]
@="Service"

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^Kodak EasyShare software.lnk]
path=C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Kodak EasyShare software.lnk
backup=C:\WINDOWS\pss\Kodak EasyShare software.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^Kodak software updater.lnk]
path=C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Kodak software updater.lnk
backup=C:\WINDOWS\pss\Kodak software updater.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^Microsoft Office.lnk]
path=C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Microsoft Office.lnk
backup=C:\WINDOWS\pss\Microsoft Office.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BufferZone]
--a------ 2006-11-09 16:07 3274537 C:\Program Files\BufferZone\ClientGUI.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PowerDVD]
--a------ 2005-02-24 20:29 512000 C:\Program Files\CyberLink DVD Solution\PowerDVD\PowerDVD.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
"AntiVirusOverride"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"C:\\WINDOWS\\system32\\sessmgr.exe"=
"C:\\Program Files\\Kodak\\KODAK Software Updater\\7288971\\Program\\Kodak Software Updater.exe"=
"C:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"=
"C:\\Program Files\\Gadu-Gadu\\gg.exe"=
"C:\\Program Files\\Kodak\\Kodak EasyShare software\\bin\\EasyShare.exe"=
"C:\\Program Files\\Team17 Software Ltd\\WormsForts\\WF.exe"=
"C:\\Seven Kingdoms\\7k.exe"=
"C:\\Program Files\\Quake III Arena\\quake3.exe"=
"C:\\WINDOWS\\system32\\dpnsvr.exe"=
"C:\\Program Files\\No Man's Land\\Run\\NML.exe"=
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"C:\\Program Files\\BitComet\\BitComet.exe"=
"C:\\Program Files\\Skype\\Phone\\Skype.exe"=
"C:\\Program Files\\Global Star Software\\Airport Tycoon 3\\at3.exe"=
"D:\\opera.exe"=
"C:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"4662:TCP"= 4662:TCP:ssssssss
"4672:UDP"= 4672:UDP:ssssssssrr
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
"13461:TCP"= 13461:TCP:BitComet 13461 TCP
"13461:UDP"= 13461:UDP:BitComet 13461 UDP


*Newly Created Service* - CATCHME
*Newly Created Service* - PROCEXP90
*Newly Created Service* - SITEADVISOR_SERVICE
.
- - - - ORPHANS REMOVED - - - -

HKCU-Run-PowerBar - (no file)
HKLM-Run-QuickTime Task - C:\Program Files\QuickTime\qttask.exe


.
------- Supplementary Scan -------
.
FireFox -: Profile - C:\Documents and Settings\user\Dane aplikacji\Mozilla\Firefox\Profiles\ejzwd8uh.default\
FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp://www.google.pl/
FF -: plugin - C:\Program Files\Adobe\Acrobat 7.0\Reader\browser\nppdf32.dll
FF -: plugin - C:\Program Files\Opera\program\plugins\nppl3260.dll
FF -: plugin - C:\Program Files\Opera\program\plugins\nprpjplug.dll
FF -: plugin - D:\program\plugins\npdsplay.dll
FF -: plugin - D:\program\plugins\npwmsdrm.dll

[huber2t]

Logi zawsze podawaj z nagłówkami

Log wyglada na czysty

usuń ręcznie folder C: \Qoobox , usuń instalkę Combofix z dysku.

Przeczyść komputer Ccleanerem

Wykonaj optymalizację autostartu

Wyłącz i włącz przywracanie systemu na wszystkich dyskach. Instrukcja

Przeskanuj obszar mojego komputera http://www.kaspersky.pl/virusscanner.html (uruchom przez IE) Daj raport z niego na forum

lub

Dr.WEB CureIt!