Logi - Przekierowywanie na niechciane strony

Witam. Mam prośbe o to aby ktoś sprawdził moje logi. Prawie wogole sie na tym nie znam a mam problem bo google przekierowuje mnie na inne strony. Postępowałem zgodnie z jakas instrukcją znalejziona na necie i doszlem do punktu przeskanowac system i wrzucic logi na forum. Z gory dziekuje za cenne uwagi.

Logfile of Trend Micro HijackThis v2.0.2Scan saved at 21:28:12, on 2008-01-31Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Intel\Wireless\Bin\EvtEng.exeC:\Program Files\Intel\Wireless\Bin\S24EvMon.exeC:\WINDOWS\system32\spoolsv.exeC:\Program Files\Dassault Systemes\B14\intel_a\code\bin\CATSysDemon.exeC:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exeC:\WINDOWS\system32\IFXSPMGT.exeC:\WINDOWS\system32\IFXTCS.exeC:\Program Files\Common Files\LightScribe\LSSrvc.exeC:\WINDOWS\system32\nvsvc32.exeC:\Program Files\Infineon\Security Platform Software\PSDsrvc.EXEC:\Program Files\Intel\Wireless\Bin\RegSrvc.exeC:\Program Files\Compal Electronics, INC\Smart Watchdog\SWDsvc.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\system32\wscntfy.exeC:\Program Files\Infineon\Security Platform Software\PSDrt.exeC:\Program Files\Infineon\Security Platform Software\SpTna.exeC:\WINDOWS\RTHDCPL.EXEC:\WINDOWS\AGRSMMSG.exeC:\Program Files\Elantech\ktp.exeC:\WINDOWS\system32\tsnp2std.exeC:\WINDOWS\vsnp2std.exeC:\Program Files\Intel\Wireless\bin\ZCfgSvc.exeC:\Program Files\Intel\Wireless\Bin\ifrmewrk.exeC:\Program Files\Intel\Wireless\Bin\EOUWiz.exeC:\Program Files\Compal Electronics, INC\Wireless Select Switch\Wireless Select Switch.exeC:\Program Files\Compal Electronics, INC\Sidewalker\CSWalker.exeC:\PROGRA~1\NEOSTR~1\CnxMon.exeC:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exeC:\PROGRA~1\NEOSTR~1\TaskbarIcon.exeC:\WINDOWS\system32\ctfmon.exeC:\Program Files\DAEMON Tools\daemon.exeC:\Program Files\Spybot - Search & Destroy\TeaTimer.exeC:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exeC:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exeC:\Program Files\Neostrada TP\NeostradaTP.exeC:\Program Files\Neostrada TP\ComComp.exeC:\Program Files\Neostrada TP\Watch.exeC:\Program Files\Mozilla Firefox\firefox.exeC:\WINDOWS\system32\wuauclt.exeC:\Program Files\Trend Micro\HijackThis\HijackThis.exeR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = [url="http://szukaj.wp.pl"]http://szukaj.wp.pl[/url]R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [url="http://www.neostrada.pl"]http://www.neostrada.pl[/url]R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Neostrada TPR0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = ŁączaR3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\NEOSTR~1\SEARCH~1.DLLO2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dllO2 - BHO: My Global Search Bar BHO - {37B85A21-692B-4205-9CAD-2626E4993404} - C:\Program Files\MyGlobalSearch\bar\1.bin\MGSBAR.DLLO2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dllO3 - Toolbar: My Global Search Bar - {37B85A29-692B-4205-9CAD-2626E4993404} - C:\Program Files\MyGlobalSearch\bar\1.bin\MGSBAR.DLLO4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXEO4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXEO4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartupO4 - HKLM\..\Run: [nwiz] nwiz.exe /installO4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exeO4 - HKLM\..\Run: [KTPWare] C:\Program Files\Elantech\ktp.exeO4 - HKLM\..\Run: [tsnp2std] C:\WINDOWS\system32\tsnp2std.exeO4 - HKLM\..\Run: [snp2std] C:\WINDOWS\vsnp2std.exeO4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/WirelessO4 - HKLM\..\Run: [EOUApp] "C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe"O4 - HKLM\..\Run: [Smart Watch Dog] -C:\Program Files\Compal Electronics, INC\Smart Watchdog\SmartWD.exeO4 - HKLM\..\Run: [CASS] C:\Program Files\Compal Electronics, INC\Wireless Select Switch\Wireless Select Switch.exeO4 - HKLM\..\Run: [Sidewalker] C:\Program Files\Compal Electronics, INC\Sidewalker\CSWalker.exeO4 - HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\NEOSTR~1\CnxMon.exeO4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /iconO4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\NEOSTR~1\Watch.exeO4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\NEOSTR~1\TaskbarIcon.exeO4 - HKLM\..\Run: [BearShare] "C:\Program Files\BearShare\BearShare.exe" /pauseO4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exeO4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exeO4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA LOKALNA')O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA SIECIOWA')O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')O4 - Global Startup: BTTray.lnk = ?O4 - Global Startup: Przyspieszenie uruchomienia programu AutoCAD.lnk = C:\Program Files\Common Files\Autodesk Shared\acstart17.exeO8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000O8 - Extra context menu item: Wyślij do urządzenia &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htmO9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dllO9 - Extra button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLLO9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htmO9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htmO9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dllO9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dllO17 - HKLM\System\CCS\Services\Tcpip\..\{26041BDC-D4E2-4A81-BACA-1470721B325E}: NameServer = 208.67.220.220,208.67.222.222 O17 - HKLM\System\CCS\Services\Tcpip\..\{2BC92D5B-D35D-4529-9755-8DC630A73B41}: NameServer = 208.67.220.220,208.67.222.222 O17 - HKLM\System\CCS\Services\Tcpip\..\{3ABFD513-8048-4860-8358-D046AC46D03B}: NameServer = 208.67.220.220,208.67.222.222 O17 - HKLM\System\CCS\Services\Tcpip\..\{70B376EB-C695-4A6C-B373-32010C223B4D}: NameServer = 194.204.159.1 217.98.63.164O17 - HKLM\System\CCS\Services\Tcpip\..\{80A22F2D-7844-4AC7-9217-7A4A2E127553}: NameServer = 208.67.220.220,208.67.222.222 O17 - HKLM\System\CCS\Services\Tcpip\..\{F5608EA5-49C9-4DCD-97C7-3685DE5AF367}: NameServer = 208.67.220.220,208.67.222.222 O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222 O17 - HKLM\System\CS1\Services\Tcpip\..\{26041BDC-D4E2-4A81-BACA-1470721B325E}: NameServer = 208.67.220.220,208.67.222.222 O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222 O17 - HKLM\System\CS2\Services\Tcpip\..\{26041BDC-D4E2-4A81-BACA-1470721B325E}: NameServer = 208.67.220.220,208.67.222.222 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222 O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLLO23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exeO23 - Service: Backbone Service (BBDemon) - Dassault Systemes - C:\Program Files\Dassault Systemes\B14\intel_a\code\bin\CATSysDemon.exeO23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exeO23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exeO23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exeO23 - Service: Security Platform Management Service (IFXSpMgtSrv) - Infineon Technologies AG - C:\WINDOWS\system32\IFXSPMGT.exeO23 - Service: Trusted Platform Core Service (IFXTCS) - Infineon Technologies AG - C:\WINDOWS\system32\IFXTCS.exeO23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exeO23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exeO23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exeO23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exeO23 - Service: Personal Secure Drive Service (PersonalSecureDriveService) - Infineon Technologies AG - C:\Program Files\Infineon\Security Platform Software\PSDsrvc.EXEO23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exeO23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation  - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exeO23 - Service: Smart Watchdog Service (Smart Watchdog) - Unknown owner - C:\Program Files\Compal Electronics, INC\Smart Watchdog\SWDsvc.exe--End of file - 10192 bytes

208.67.220.220
Address: 50 Freemont St.
Address: 16 Floor

prawdopodobnie rokita.Dla tego zrobiłbym tak użył Fixwareut w celu przywrócenia dns prawidłowych

ściągnij do z tąd

opis jak przywrócić prawidłowe dns prawidłowe dns.

Po wykonaniu tego

Odpal hjt wybierz opcję do a system scan only.Zrobi Ci się log i zaznacz kwadraty obok poniższych wpisów i daj fix

O2 - BHO: My Global Search Bar BHO - {37B85A21-692B-4205-9CAD-2626E4993404} - C:\Program Files\MyGlobalSearch\bar\1.bin\MGSBAR.DLL

O3 - Toolbar: My Global Search Bar - {37B85A29-692B-4205-9CAD-2626E4993404} - C:\Program Files\MyGlobalSearch\bar\1.bin\MGSBAR.DLL

O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE


Po wykonaniu tego daj loga z combofixa

Dzieki bardzo z odpowiedz. Twoje rady mogą jednak okazac się zbyt skomplikowane dla mnie. Popróbuje ale wątpie żeby cos z tego wyszło. Nie ma prostrzego sposobu ??

Napisz co nie jasne wyjaśnię bardziej.Ale to jest b.łatwy sposób;)

Nie no coś tam czaje ;p cos tu robie. Zrobiłem tym programem fixwereout. Dam na razie loga z HJT bo tego drogiego programu jeszcze nie mam jak by cos było nie tak to zrobie jeszcze raz. Z gory dzieki z ponowne sprawdzenie

Logfile of Trend Micro HijackThis v2.0.2Scan saved at 17:51:18, on 2008-02-01Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Intel\Wireless\Bin\EvtEng.exeC:\Program Files\Intel\Wireless\Bin\S24EvMon.exeC:\WINDOWS\system32\spoolsv.exeC:\Program Files\Dassault Systemes\B14\intel_a\code\bin\CATSysDemon.exeC:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exeC:\WINDOWS\system32\IFXSPMGT.exeC:\WINDOWS\system32\IFXTCS.exeC:\Program Files\Common Files\LightScribe\LSSrvc.exeC:\WINDOWS\system32\nvsvc32.exeC:\Program Files\Infineon\Security Platform Software\PSDsrvc.EXEC:\Program Files\Intel\Wireless\Bin\RegSrvc.exeC:\Program Files\Compal Electronics, INC\Smart Watchdog\SWDsvc.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\Explorer.EXEC:\Program Files\Infineon\Security Platform Software\PSDrt.exeC:\Program Files\Infineon\Security Platform Software\SpTna.exeC:\WINDOWS\system32\wscntfy.exeC:\WINDOWS\RTHDCPL.EXEC:\WINDOWS\AGRSMMSG.exeC:\Program Files\Elantech\ktp.exeC:\WINDOWS\system32\tsnp2std.exeC:\WINDOWS\vsnp2std.exeC:\Program Files\Intel\Wireless\bin\ZCfgSvc.exeC:\Program Files\Intel\Wireless\Bin\ifrmewrk.exeC:\Program Files\Intel\Wireless\Bin\EOUWiz.exeC:\Program Files\Compal Electronics, INC\Wireless Select Switch\Wireless Select Switch.exeC:\Program Files\Compal Electronics, INC\Sidewalker\CSWalker.exeC:\PROGRA~1\NEOSTR~1\CnxMon.exeC:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exeC:\PROGRA~1\NEOSTR~1\TaskbarIcon.exeC:\WINDOWS\system32\ctfmon.exeC:\Program Files\DAEMON Tools\daemon.exeC:\Program Files\Spybot - Search & Destroy\TeaTimer.exeC:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exeC:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exeC:\Program Files\Neostrada TP\NeostradaTP.exeC:\Program Files\Neostrada TP\ComComp.exeC:\Program Files\Neostrada TP\Watch.exeC:\Program Files\Mozilla Firefox\firefox.exeC:\Program Files\Trend Micro\HijackThis\HijackThis.exeR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = [url="http://szukaj.wp.pl"]http://szukaj.wp.pl[/url]R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [url="http://www.neostrada.pl"]http://www.neostrada.pl[/url]R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Neostrada TPR0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = ŁączaR3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\NEOSTR~1\SEARCH~1.DLLO2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dllO2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dllO4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXEO4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartupO4 - HKLM\..\Run: [nwiz] nwiz.exe /installO4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exeO4 - HKLM\..\Run: [KTPWare] C:\Program Files\Elantech\ktp.exeO4 - HKLM\..\Run: [tsnp2std] C:\WINDOWS\system32\tsnp2std.exeO4 - HKLM\..\Run: [snp2std] C:\WINDOWS\vsnp2std.exeO4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/WirelessO4 - HKLM\..\Run: [EOUApp] "C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe"O4 - HKLM\..\Run: [Smart Watch Dog] -C:\Program Files\Compal Electronics, INC\Smart Watchdog\SmartWD.exeO4 - HKLM\..\Run: [CASS] C:\Program Files\Compal Electronics, INC\Wireless Select Switch\Wireless Select Switch.exeO4 - HKLM\..\Run: [Sidewalker] C:\Program Files\Compal Electronics, INC\Sidewalker\CSWalker.exeO4 - HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\NEOSTR~1\CnxMon.exeO4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /iconO4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\NEOSTR~1\Watch.exeO4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\NEOSTR~1\TaskbarIcon.exeO4 - HKLM\..\Run: [BearShare] "C:\Program Files\BearShare\BearShare.exe" /pauseO4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exeO4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exeO4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA LOKALNA')O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA SIECIOWA')O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')O4 - Global Startup: BTTray.lnk = ?O4 - Global Startup: Przyspieszenie uruchomienia programu AutoCAD.lnk = C:\Program Files\Common Files\Autodesk Shared\acstart17.exeO8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000O8 - Extra context menu item: Wyślij do urządzenia &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htmO9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dllO9 - Extra button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLLO9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htmO9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htmO9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dllO9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dllO16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - [url="http://www.kaspersky.pl/resources/virusscanner/kavwebscan_unicode.cab"]http://www.kaspersky.pl/resources/virussca...can_unicode.cab[/url]O17 - HKLM\System\CCS\Services\Tcpip\..\{26041BDC-D4E2-4A81-BACA-1470721B325E}: NameServer = 208.67.220.220,208.67.222.222 O17 - HKLM\System\CCS\Services\Tcpip\..\{2BC92D5B-D35D-4529-9755-8DC630A73B41}: NameServer = 208.67.220.220,208.67.222.222 O17 - HKLM\System\CCS\Services\Tcpip\..\{3ABFD513-8048-4860-8358-D046AC46D03B}: NameServer = 208.67.220.220,208.67.222.222 O17 - HKLM\System\CCS\Services\Tcpip\..\{70B376EB-C695-4A6C-B373-32010C223B4D}: NameServer = 194.204.159.1 217.98.63.164O17 - HKLM\System\CCS\Services\Tcpip\..\{80A22F2D-7844-4AC7-9217-7A4A2E127553}: NameServer = 208.67.220.220,208.67.222.222 O17 - HKLM\System\CCS\Services\Tcpip\..\{F5608EA5-49C9-4DCD-97C7-3685DE5AF367}: NameServer = 208.67.220.220,208.67.222.222 O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222 O17 - HKLM\System\CS1\Services\Tcpip\..\{26041BDC-D4E2-4A81-BACA-1470721B325E}: NameServer = 208.67.220.220,208.67.222.222 O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222 O17 - HKLM\System\CS2\Services\Tcpip\..\{26041BDC-D4E2-4A81-BACA-1470721B325E}: NameServer = 208.67.220.220,208.67.222.222 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222 O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLLO23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exeO23 - Service: Backbone Service (BBDemon) - Dassault Systemes - C:\Program Files\Dassault Systemes\B14\intel_a\code\bin\CATSysDemon.exeO23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exeO23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exeO23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exeO23 - Service: Security Platform Management Service (IFXSpMgtSrv) - Infineon Technologies AG - C:\WINDOWS\system32\IFXSPMGT.exeO23 - Service: Trusted Platform Core Service (IFXTCS) - Infineon Technologies AG - C:\WINDOWS\system32\IFXTCS.exeO23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exeO23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exeO23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exeO23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exeO23 - Service: Personal Secure Drive Service (PersonalSecureDriveService) - Infineon Technologies AG - C:\Program Files\Infineon\Security Platform Software\PSDsrvc.EXEO23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exeO23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation  - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exeO23 - Service: Smart Watchdog Service (Smart Watchdog) - Unknown owner - C:\Program Files\Compal Electronics, INC\Smart Watchdog\SWDsvc.exe--End of file - 10000 bytes

Cz te dns są z Twojej sieci?

Nie za bardzo wiem o co sie pytasz bo jak juz mowiłem słabo sie znam. Ale robie postępy bo juz mam tego loga z combofixa:

ComboFix 08-02.01.6 - Krzysiek 2008-02-01 18:01:34.1 - NTFSx86Microsoft Windows XP Professional  5.1.2600.2.1250.1.1045.18.1591 [GMT 1:00]Running from: C:\Documents and Settings\Krzysiek\Pulpit\ComboFix.exe * Created a new restore point<strong class='bbc'>WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED </strong>.(((((((((((((((((((((((((((((((((((((((   Other Deletions   ))))))))))))))))))))))))))))))))))))))))))))))))).C:\Documents and Settings\All Users\Dane aplikacji\Microsoft\Network\Downloader\qmgr0.datC:\Documents and Settings\All Users\Dane aplikacji\Microsoft\Network\Downloader\qmgr1.datC:\Program Files\myglobalsearchC:\Program Files\myglobalsearch\bar\Settings\prevcfg.htm----- BITS: Possible infected sites -----hxxp://au.download.windowsupdate.com.(((((((((((((((((((((((((   Files Created from 2008-01-01 to 2008-02-01  ))))))))))))))))))))))))))))))).2008-02-01 13:08 . 2008-02-01 13:08	<DIR>	d--------	C:\WINDOWS\system32\Kaspersky Lab2008-02-01 13:08 . 2008-02-01 13:08	<DIR>	d--------	C:\Documents and Settings\All Users\Dane aplikacji\Kaspersky Lab2008-01-31 21:28 . 2008-01-31 21:28	<DIR>	d--------	C:\Program Files\Trend Micro2008-01-31 19:06 . 2008-01-31 20:18	<DIR>	d--------	C:\Program Files\BearShare2008-01-30 17:48 . 2008-01-30 22:55	<DIR>	d--------	C:\Documents and Settings\All Users\Dane aplikacji\Spybot - Search & Destroy2008-01-29 00:07 . 2008-01-29 00:07	<DIR>	d--------	C:\Program Files\AnswerWorks 4.02008-01-29 00:04 . 2008-01-29 00:07	<DIR>	d--------	C:\Program Files\AutoCAD 20072008-01-29 00:04 . 2008-01-29 00:09	<DIR>	d--------	C:\Documents and Settings\Krzysiek\Dane aplikacji\Autodesk2008-01-29 00:04 . 2008-01-29 00:04	<DIR>	d--------	C:\Documents and Settings\All Users\Dane aplikacji\Autodesk2008-01-29 00:02 . 2008-01-29 00:07	<DIR>	d--------	C:\Program Files\Common Files\Autodesk Shared2008-01-29 00:02 . 2008-01-29 00:02	<DIR>	d--------	C:\Program Files\Autodesk2008-01-26 12:21 . 2008-01-26 12:21	<DIR>	d--------	C:\Program Files\Dassault Systemes2008-01-26 12:20 . 2008-01-26 12:20	<DIR>	d--------	C:\Documents and Settings\Krzysiek\Dane aplikacji\DassaultSystemes2008-01-26 12:20 . 2008-01-26 12:21	<DIR>	d--------	C:\Documents and Settings\All Users\Dane aplikacji\DassaultSystemes2008-01-21 20:05 . 2008-01-24 22:03	<DIR>	d--------	C:\Temp2008-01-21 11:51 . 2008-01-21 11:51	319	--a------	C:\WINDOWS\game.ini2008-01-21 11:32 . 2008-01-21 11:32	<DIR>	d--------	C:\Program Files\Activision2008-01-19 18:34 . 2008-01-19 18:34	<DIR>	d--------	C:\Q3Ademo2008-01-19 18:34 . 1999-11-14 15:41	86,016	--a------	C:\WINDOWS\unvise32.exe2008-01-19 14:58 . 2008-01-31 19:27	<DIR>	d--------	C:\My Downloads2008-01-19 11:48 . 2008-01-19 11:48	<DIR>	d--------	C:\Program Files\Common Files\NSV2008-01-02 13:49 . 2008-01-02 13:49	<DIR>	d--------	C:\Documents and Settings\All Users\Dane aplikacji\Azureus.((((((((((((((((((((((((((((((((((((((((   Find3M Report   )))))))))))))))))))))))))))))))))))))))))))))))))))).2008-02-01 16:43	---------	d-----w	C:\Program Files\Neostrada TP2008-02-01 16:40	---------	d-----w	C:\Documents and Settings\Krzysiek\Dane aplikacji\Azureus2008-01-22 11:13	---------	d-----w	C:\Program Files\Google2008-01-21 10:51	---------	d--h--w	C:\Program Files\InstallShield Installation Information2008-01-21 10:41	---------	d-----w	C:\Program Files\DC++2008-01-19 11:13	---------	d-----w	C:\Program Files\Winamp2008-01-05 15:40	---------	d-----w	C:\Program Files\Gadu-Gadu2008-01-02 12:46	---------	d-----w	C:\Program Files\Azureus2007-12-19 20:06	---------	d-----w	C:\Program Files\SopCast2007-12-17 19:34	---------	d-----w	C:\Documents and Settings\Krzysiek\Dane aplikacji\Skype2007-12-15 11:20	---------	d-----w	C:\Program Files\totalcmd2007-12-08 21:37	---------	d-----w	C:\Program Files\Thomson2007-12-08 21:37	---------	d-----w	C:\Program Files\Java2007-12-08 21:37	---------	d-----w	C:\Program Files\Common Files\InstallShield.(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))..*Note* empty entries & legit default entries are not shown REGEDIT4[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-03 23:44 15360]"DAEMON Tools"="C:\Program Files\DAEMON Tools\daemon.exe" [2007-08-29 16:09 171464]"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-01-28 11:43 2097488][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"RTHDCPL"="RTHDCPL.EXE" [2006-04-17 07:34 16143872 C:\WINDOWS\RTHDCPL.exe]"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-02-08 22:06 7405568]"nwiz"="nwiz.exe" [2006-02-08 22:06 1519616 C:\WINDOWS\system32\nwiz.exe]"AGRSMMSG"="AGRSMMSG.exe" [2005-12-12 06:50 88204 C:\WINDOWS\AGRSMMSG.exe]"KTPWare"="C:\Program Files\Elantech\ktp.exe" [2006-03-28 11:36 512000]"tsnp2std"="C:\WINDOWS\system32\tsnp2std.exe" [2006-06-14 18:20 331776]"snp2std"="C:\WINDOWS\vsnp2std.exe" [2006-05-15 14:52 675840]"IntelZeroConfig"="C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe" [2006-04-14 10:51 667718]"IntelWireless"="C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" [2006-04-14 10:52 602182]"EOUApp"="C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe" [2006-04-14 10:56 569413]"Smart Watch Dog"="-C:\Program Files\Compal Electronics" [ ]"CASS"="C:\Program Files\Compal Electronics" [ ]"Sidewalker"="C:\Program Files\Compal Electronics" [ ]"WooCnxMon"="C:\PROGRA~1\NEOSTR~1\CnxMon.exe" [2003-10-16 18:07 24576]"SpeedTouch USB Diagnostics"="C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" [2004-01-26 11:38 866816]"WOOWATCH"="C:\PROGRA~1\NEOSTR~1\Watch.exe" [2003-10-16 18:07 20480]"WOOTASKBARICON"="C:\PROGRA~1\NEOSTR~1\TaskbarIcon.exe" [2003-10-16 18:07 53248]"BearShare"="C:\Program Files\BearShare\BearShare.exe" [ ][HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-03 23:44 15360]C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\BTTray.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe [2006-04-24 22:02:56 622653]Przyspieszenie uruchomienia programu AutoCAD.lnk - C:\Program Files\Common Files\Autodesk Shared\acstart17.exe [2006-03-05 14:43:54 11000][HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\IfxWlxEN]IfxWlxEN.dll 2005-11-29 09:43 393216 C:\WINDOWS\system32\IfxWlxEN.dll[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^Adobe Reader Speed Launch.lnk]path=C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Adobe Reader Speed Launch.lnkbackup=C:\WINDOWS\pss\Adobe Reader Speed Launch.lnkCommon Startup[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^Adobe Reader Synchronizer.lnk]path=C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Adobe Reader Synchronizer.lnkbackup=C:\WINDOWS\pss\Adobe Reader Synchronizer.lnkCommon Startup[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdVantage]C:\Program Files\AdVantage\AdVantage.exe[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AzMixerSel]--------- 2005-08-25 06:21 53248 C:\Program Files\Realtek\InstallShield\AzMixerSel.exe[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BearShare]C:\Program Files\BearShare\BearShare.exe[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]--a------ 2006-01-12 14:40 155648 C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OmniPass]C:\Program Files\Softex\OmniPass\scureapp.exe[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]-ra------ 2007-09-13 12:31 22880040 C:\Program Files\Skype\Phone\Skype.exe[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]--a------ 2003-12-13 01:50 33792 C:\Program Files\Winamp\winampa.exe[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]"omniserv"=2 (0x2)R1 CPEb;CPEB;C:\WINDOWS\system32\drivers\CPEb.sys [2006-02-23 17:21]R1 LUMDriver;LUMDriver;C:\WINDOWS\system32\drivers\LUMDriver.sys [2003-07-11 15:22]R1 PersonalSecureDrive;PersonalSecureDrive;C:\WINDOWS\system32\drivers\psd.sys [2005-11-29 10:50]R2 BBDemon;Backbone Service;C:\Program Files\Dassault Systemes\B14\intel_a\code\bin\CATSysDemon.exe [2004-05-08 08:56]R2 Smart Watchdog;Smart Watchdog Service;C:\Program Files\Compal Electronics, INC\Smart Watchdog\SWDsvc.exe [2006-06-27 10:49]R3 CamFilter;CamFilter;C:\WINDOWS\system32\Drivers\CamFilter.sys [2007-10-04 21:17]R3 IFXTPM;IFXTPM;C:\WINDOWS\system32\DRIVERS\IFXTPM.SYS [2005-10-21 03:19]R3 Ktp;Elantech Touchpad;C:\WINDOWS\system32\DRIVERS\Ktp.sys [2006-03-17 18:03]R3 SNP2STD;USB2.0 PC Camera (SNP2STD);C:\WINDOWS\system32\DRIVERS\snp2sxp.sys [2006-05-23 14:39].**************************************************************************catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [url="http://www.gmer.net"]http://www.gmer.net[/url]Rootkit scan 2008-02-01 18:04:40Windows 5.1.2600 Dodatek Service Pack 2 NTFSscanning hidden processes ... scanning hidden autostart entries ...scanning hidden files ... scan completed successfully hidden files: 0 **************************************************************************.Completion time: 2008-02-01 18:05:03ComboFix-quarantined-files.txt  2008-02-01 17:04:55.2007-11-14 20:00:41	--- E O F ---

Daj raport z Fixwareut.

Username "Krzysiek" - 2008-02-01 17:38:33 [Fixwareout edited 9/01/2007]~~~~~ Prerun checkPomyślnie opróżniono pamięć podręczną programu rozpoznawania nazw DNS.System was rebooted successfully.  ~~~~~ Postrun check HKLM\SOFTWARE\~\Winlogon\ "system"="" ........~~~~~ Misc files. ....~~~~~ Checking for older varients.....~~~~~ Current runs (hklm hkcu "run" Keys Only)[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"RTHDCPL"="RTHDCPL.EXE""Alcmtr"="ALCMTR.EXE""NvCplDaemon"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvCpl.dll,NvStartup""nwiz"="nwiz.exe /install""AGRSMMSG"="AGRSMMSG.exe""KTPWare"="C:\\Program Files\\Elantech\\ktp.exe""tsnp2std"="C:\\WINDOWS\\system32\\tsnp2std.exe""snp2std"="C:\\WINDOWS\\vsnp2std.exe""IntelZeroConfig"="\"C:\\Program Files\\Intel\\Wireless\\bin\\ZCfgSvc.exe\"""IntelWireless"="\"C:\\Program Files\\Intel\\Wireless\\Bin\\ifrmewrk.exe\" /tf Intel PROSet/Wireless""EOUApp"="\"C:\\Program Files\\Intel\\Wireless\\Bin\\EOUWiz.exe\"""Smart Watch Dog"="-C:\\Program Files\\Compal Electronics, INC\\Smart Watchdog\\SmartWD.exe""CASS"="C:\\Program Files\\Compal Electronics, INC\\Wireless Select Switch\\Wireless Select Switch.exe""Sidewalker"="C:\\Program Files\\Compal Electronics, INC\\Sidewalker\\CSWalker.exe""WooCnxMon"="C:\\PROGRA~1\\NEOSTR~1\\CnxMon.exe""SpeedTouch USB Diagnostics"="\"C:\\Program Files\\Thomson\\SpeedTouch USB\\Dragdiag.exe\" /icon""WOOWATCH"="C:\\PROGRA~1\\NEOSTR~1\\Watch.exe""WOOTASKBARICON"="C:\\PROGRA~1\\NEOSTR~1\\TaskbarIcon.exe""[url="http://www.download.net.pl/44/BearShare-Free/"]BearShare[/url]"="\"C:\\Program Files\\[url="http://www.download.net.pl/44/BearShare-Free/"]BearShare[/url]\\[url="http://www.download.net.pl/44/BearShare-Free/"]BearShare[/url].exe\" /pause"[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"CTFMON.EXE"="C:\\WINDOWS\\system32\\ctfmon.exe""DAEMON Tools"="\"C:\\Program Files\\DAEMON Tools\\daemon.exe\" -lang 1033""SpybotSD TeaTimer"="C:\\Program Files\\Spybot - Search & Destroy\\TeaTimer.exe"....Hosts file was reset, If you use a custom hosts file please replace it...~~~~~ End report ~~~~~

Sfixuj te wpisy 017 z loga hjt.I zrób nowego loga

Logfile of Trend Micro HijackThis v2.0.2Scan saved at 11:04:32, on 2008-02-04Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Intel\Wireless\Bin\EvtEng.exeC:\Program Files\Intel\Wireless\Bin\S24EvMon.exeC:\WINDOWS\system32\spoolsv.exeC:\Program Files\Dassault Systemes\B14\intel_a\code\bin\CATSysDemon.exeC:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exeC:\WINDOWS\system32\IFXSPMGT.exeC:\WINDOWS\system32\IFXTCS.exeC:\Program Files\Common Files\LightScribe\LSSrvc.exeC:\WINDOWS\system32\nvsvc32.exeC:\Program Files\Infineon\Security Platform Software\PSDsrvc.EXEC:\Program Files\Intel\Wireless\Bin\RegSrvc.exeC:\Program Files\Compal Electronics, INC\Smart Watchdog\SWDsvc.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\Explorer.EXEC:\Program Files\Infineon\Security Platform Software\PSDrt.exeC:\Program Files\Infineon\Security Platform Software\SpTna.exeC:\WINDOWS\system32\wscntfy.exeC:\WINDOWS\RTHDCPL.EXEC:\WINDOWS\AGRSMMSG.exeC:\Program Files\Elantech\ktp.exeC:\WINDOWS\system32\tsnp2std.exeC:\WINDOWS\vsnp2std.exeC:\Program Files\Intel\Wireless\bin\ZCfgSvc.exeC:\Program Files\Intel\Wireless\Bin\ifrmewrk.exeC:\Program Files\Intel\Wireless\Bin\EOUWiz.exeC:\Program Files\Compal Electronics, INC\Wireless Select Switch\Wireless Select Switch.exeC:\Program Files\Compal Electronics, INC\Sidewalker\CSWalker.exeC:\PROGRA~1\NEOSTR~1\CnxMon.exeC:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exeC:\PROGRA~1\NEOSTR~1\TaskbarIcon.exeC:\WINDOWS\system32\ctfmon.exeC:\Program Files\DAEMON Tools\daemon.exeC:\Program Files\Spybot - Search & Destroy\TeaTimer.exeC:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exeC:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exeC:\Program Files\Neostrada TP\NeostradaTP.exeC:\Program Files\Neostrada TP\ComComp.exeC:\Program Files\Neostrada TP\Watch.exeC:\Program Files\Mozilla Firefox\firefox.exeC:\Program Files\Gadu-Gadu\gg.exeC:\Program Files\Azureus\Azureus.exeC:\Program Files\Internet Explorer\IEXPLORE.EXEC:\Program Files\Trend Micro\HijackThis\HijackThis.exeR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = [url="http://szukaj.wp.pl"]http://szukaj.wp.pl[/url]R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [url="http://www.neostrada.pl"]http://www.neostrada.pl[/url]R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = ŁączaR3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\NEOSTR~1\SEARCH~1.DLLO2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dllO2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dllO4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXEO4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartupO4 - HKLM\..\Run: [nwiz] nwiz.exe /installO4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exeO4 - HKLM\..\Run: [KTPWare] C:\Program Files\Elantech\ktp.exeO4 - HKLM\..\Run: [tsnp2std] C:\WINDOWS\system32\tsnp2std.exeO4 - HKLM\..\Run: [snp2std] C:\WINDOWS\vsnp2std.exeO4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/WirelessO4 - HKLM\..\Run: [EOUApp] "C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe"O4 - HKLM\..\Run: [Smart Watch Dog] -C:\Program Files\Compal Electronics, INC\Smart Watchdog\SmartWD.exeO4 - HKLM\..\Run: [CASS] C:\Program Files\Compal Electronics, INC\Wireless Select Switch\Wireless Select Switch.exeO4 - HKLM\..\Run: [Sidewalker] C:\Program Files\Compal Electronics, INC\Sidewalker\CSWalker.exeO4 - HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\NEOSTR~1\CnxMon.exeO4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /iconO4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\NEOSTR~1\Watch.exeO4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\NEOSTR~1\TaskbarIcon.exeO4 - HKLM\..\Run: [BearShare] "C:\Program Files\BearShare\BearShare.exe" /pauseO4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exeO4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exeO4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA LOKALNA')O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA SIECIOWA')O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')O4 - Global Startup: BTTray.lnk = ?O4 - Global Startup: Przyspieszenie uruchomienia programu AutoCAD.lnk = C:\Program Files\Common Files\Autodesk Shared\acstart17.exeO8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000O8 - Extra context menu item: Wyślij do urządzenia &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htmO9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dllO9 - Extra button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLLO9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htmO9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htmO9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dllO9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dllO18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLLO23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exeO23 - Service: Backbone Service (BBDemon) - Dassault Systemes - C:\Program Files\Dassault Systemes\B14\intel_a\code\bin\CATSysDemon.exeO23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exeO23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exeO23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exeO23 - Service: Security Platform Management Service (IFXSpMgtSrv) - Infineon Technologies AG - C:\WINDOWS\system32\IFXSPMGT.exeO23 - Service: Trusted Platform Core Service (IFXTCS) - Infineon Technologies AG - C:\WINDOWS\system32\IFXTCS.exeO23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exeO23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exeO23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exeO23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exeO23 - Service: Personal Secure Drive Service (PersonalSecureDriveService) - Infineon Technologies AG - C:\Program Files\Infineon\Security Platform Software\PSDsrvc.EXEO23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exeO23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation  - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exeO23 - Service: Smart Watchdog Service (Smart Watchdog) - Unknown owner - C:\Program Files\Compal Electronics, INC\Smart Watchdog\SWDsvc.exe--End of file - 8618 bytes

Według mnie czysty log

Ok dzięki wncvirus jestem bardzo wdzieczny. Pozdrawiam