Witam!jestem zielona w programach komputerowych, a mój komp płata mi nie lada figle.Mam spyware doctora i za każdym skanowaniem kompa wykrywa mi ok 66 zagrozen i infekcji trojanem buzus oraz net worm colabc.zawsze jest to trojan buzus.internet bardzo wolno chodzi, strony przegladarki internetowej same sie zamykaja.dodam,ze zanim w ogóle moge rozpoczac prace na kompie mija czasem nawet 30 minut co doprowadza mnie do szalu.bardzo prosze o pomoc.czytalam o combofixie, ale sama sobie nie poradze.bardzo prosze o wskazowki.z gory dziekuje za pomoc.

Zainstalowałam OTL. przeskanowałam i mam 2 notatki

OTL Extras logfile created on: 2010-01-02 13:33:41 - Run 1

OTL by OldTimer - Version 3.1.20.1 Folder = D:_kopia_c\Moje dokumenty

Windows XP Home Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 7.0.5730.13)

Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

190,00 Mb Total Physical Memory | 48,00 Mb Available Physical Memory | 25,00% Memory free

597,00 Mb Paging File | 107,00 Mb Available in Paging File | 18,00% Paging File free

Paging file location(s): C:\pagefile.sys 288 576 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 18,62 Gb Total Space | 12,92 Gb Free Space | 69,38% Space Free | Partition Type: NTFS

Drive D: | 18,62 Gb Total Space | 6,44 Gb Free Space | 34,57% Space Free | Partition Type: NTFS

E: Drive not present or media not loaded

F: Drive not present or media not loaded

G: Drive not present or media not loaded

H: Drive not present or media not loaded

I: Drive not present or media not loaded

oraz

OTL logfile created on: 2010-01-02 13:33:41 - Run 1

OTL by OldTimer - Version 3.1.20.1 Folder = D:_kopia_c\Moje dokumenty

Windows XP Home Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 7.0.5730.13)

Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

190,00 Mb Total Physical Memory | 48,00 Mb Available Physical Memory | 25,00% Memory free

597,00 Mb Paging File | 107,00 Mb Available in Paging File | 18,00% Paging File free

Paging file location(s): C:\pagefile.sys 288 576 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 18,62 Gb Total Space | 12,92 Gb Free Space | 69,38% Space Free | Partition Type: NTFS

Drive D: | 18,62 Gb Total Space | 6,44 Gb Free Space | 34,57% Space Free | Partition Type: NTFS

E: Drive not present or media not loaded

F: Drive not present or media not loaded

G: Drive not present or media not loaded

H: Drive not present or media not loaded

I: Drive not present or media not loaded

Z góry przepraszam za chaotycznosc, ale nie jestem biegła w komputerze…

to nie są całe logi

zasady-wklejania-logow-forum-tytulowania-tematow-t253052.html

Current Boot Mode: Normal

Scan Mode: All users

Company Name Whitelist: Off

Skip Microsoft Files: Off

File Age = 30 Days

Output = Standard

========== Extra Registry (All) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes]

.chm [@ = chm.file] – C:\WINDOWS\hh.exe (Microsoft Corporation)

.cpl [@ = cplfile] – C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)

.hlp [@ = hlpfile] – C:\WINDOWS\System32\winhlp32.exe (Microsoft Corporation)

.hta [@ = htafile] – C:\WINDOWS\System32\mshta.exe (Microsoft Corporation)

.html [@ = FirefoxHTML] – C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

.inf [@ = inffile] – C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)

.ini [@ = inifile] – C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)

.url [@ = InternetShortcut] – C:\WINDOWS\System32\ieframe.dll (Microsoft Corporation)

.js [@ = JSFile] – C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)

.jse [@ = JSEFile] – C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)

.reg [@ = regfile] – C:\WINDOWS\regedit.exe (Microsoft Corporation)

.txt [@ = txtfile] – C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)

.vbe [@ = VBEFile] – C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)

.vbs [@ = VBSFile] – C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)

.wsf [@ = WSFFile] – C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)

.wsh [@ = WSHFile] – C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-1060284298-261903793-682003330-1004\SOFTWARE\Classes]

.html [@ = FirefoxHTML] – C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\shell[command]\command]

batfile [edit] – %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)

batfile [open] – “%1” %*

batfile [print] – %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)

chm.file [open] – “C:\WINDOWS\hh.exe” %1 (Microsoft Corporation)

cmdfile [edit] – %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)

cmdfile [open] – “%1” %*

cmdfile [print] – %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)

comfile [open] – “%1” %*

cplfile [cplopen] – rundll32.exe shell32.dll,Control_RunDLL “%1”,%* (Microsoft Corporation)

exefile [open] – “%1” %*

helpfile [open] – winhlp32.exe %1 (Microsoft Corporation)

hlpfile [open] – %SystemRoot%\System32\winhlp32.exe %1 (Microsoft Corporation)

htafile [open] – C:\WINDOWS\system32\mshta.exe “%1” %* (Microsoft Corporation)

htmlfile [edit] – Reg Error: Key error.

htmlfile [open] – “C:\Program Files\Internet Explorer\IEXPLORE.EXE” -nohome (Microsoft Corporation)

htmlfile [opennew] – “C:\Program Files\Internet Explorer\IEXPLORE.EXE” %1 (Microsoft Corporation)

htmlfile [print] – rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML “%1” (Microsoft Corporation)

http [open] – “C:\Program Files\Mozilla Firefox\firefox.exe” -requestPending -osint -url “%1” (Mozilla Corporation)

https [open] – “C:\Program Files\Mozilla Firefox\firefox.exe” -requestPending -osint -url “%1” (Mozilla Corporation)

inffile [install] – %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)

inffile [open] – %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)

inffile [print] – %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)

inifile [open] – %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)

inifile [print] – %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)

InternetShortcut [open] – rundll32.exe ieframe.dll,OpenURL %l (Microsoft Corporation)

InternetShortcut [print] – rundll32.exe C:\WINDOWS\system32\mshtml.dll,PrintHTML “%1” (Microsoft Corporation)

jsfile [edit] – %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)

jsfile [open] – %SystemRoot%\System32\WScript.exe “%1” %* (Microsoft Corporation)

jsfile [print] – %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)

jsefile [edit] – %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)

jsefile [open] – %SystemRoot%\System32\WScript.exe “%1” %* (Microsoft Corporation)

jsefile [print] – %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)

piffile [open] – “%1” %*

regfile [edit] – %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)

regfile [open] – regedit.exe “%1” (Microsoft Corporation)

regfile [merge] – Reg Error: Key error.

regfile [print] – %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)

scrfile [config] – “%1”

scrfile [install] – rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)

scrfile [open] – “%1” /S

txtfile [edit] – Reg Error: Key error.

txtfile [open] – %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)

txtfile [print] – %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)

txtfile [printto] – %SystemRoot%\system32\notepad.exe /pt “%1” “%2” “%3” “%4” (Microsoft Corporation)

vbefile [edit] – %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)

vbefile [open] – %SystemRoot%\System32\WScript.exe “%1” %* (Microsoft Corporation)

vbefile [print] – %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)

vbsfile [edit] – %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)

vbsfile [open] – %SystemRoot%\System32\WScript.exe “%1” %* (Microsoft Corporation)

vbsfile [print] – %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)

wsffile [edit] – %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)

wsffile [open] – %SystemRoot%\System32\WScript.exe “%1” %* (Microsoft Corporation)

wsffile [print] – %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)

wshfile [open] – %SystemRoot%\System32\WScript.exe “%1” %* (Microsoft Corporation)

Unknown [openas] – %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [find] – %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [Odkurz tutaj] – C:\Program Files\Odkurzacz\odkurzacz.exe %1 (Franmo Software)

Directory [Winamp.Bookmark] – “C:\Program Files\Winamp\winamp.exe” /BOOKMARK “%1” (Nullsoft)

Directory [Winamp.Enqueue] – “C:\Program Files\Winamp\winamp.exe” /ADD “%1” (Nullsoft)

Directory [Winamp.Play] – “C:\Program Files\Winamp\winamp.exe” “%1” (Nullsoft)

Folder [open] – %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)

Folder [explore] – %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)

Drive [find] – %SystemRoot%\Explorer.exe (Microsoft Corporation)

Applications\iexplore.exe [open] – “C:\Program Files\Internet Explorer\IEXPLORE.EXE” %1 (Microsoft Corporation)

CLSID{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] – “C:\Program Files\Internet Explorer\iexplore.exe” (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

“FirstRunDisabled” = 1

“AntiVirusDisableNotify” = 0

“FirewallDisableNotify” = 0

“UpdatesDisableNotify” = 0

“AntiVirusOverride” = 0

“FirewallOverride” = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

“DisableMonitoring” = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

“DisableMonitoring” = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

“DisableMonitoring” = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

“139:TCP” = 139:TCP:*:Enabled:@xpsp2res.dll,-22004

“445:TCP” = 445:TCP:*:Enabled:@xpsp2res.dll,-22005

“137:UDP” = 137:UDP:*:Enabled:@xpsp2res.dll,-22001

“138:UDP” = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

“EnableFirewall” = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

“1900:UDP” = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007

“2869:TCP” = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008

“139:TCP” = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004

“445:TCP” = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005

“137:UDP” = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001

“138:UDP” = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

“%windir%\system32\sessmgr.exe” = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 – (Microsoft Corporation)

“%windir%\Network Diagnostic\xpnetdiag.exe” = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 – (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

“%windir%\system32\sessmgr.exe” = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 – (Microsoft Corporation)

“C:\Program Files\Gadu-Gadu\gg.exe” = C:\Program Files\Gadu-Gadu\gg.exe:*:Enabled:Gadu-Gadu - program główny – (Gadu-Gadu S.A.)

“%windir%\Network Diagnostic\xpnetdiag.exe” = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 – (Microsoft Corporation)

“C:\Soldat\Soldat.exe” = C:\Soldat\Soldat.exe:*:Enabled:Soldat – File not found

“C:\Program Files\Mozilla Firefox\firefox.exe” = C:\Program Files\Mozilla Firefox\firefox.exe:*:Disabled:Firefox – (Mozilla Corporation)

“C:\Program Files\Messenger\msmsgs.exe” = C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger – File not found

“C:\DOCUME~1\Operator\USTAWI~1\Temp\223.exe” = C:\DOCUME~1\Operator\USTAWI~1\Temp\223.exe:*:Enabled:BNDMSS – File not found

“C:\DOCUME~1\Operator\USTAWI~1\Temp\321.exe” = C:\DOCUME~1\Operator\USTAWI~1\Temp\321.exe:*:Enabled:BNDMSS – File not found

“C:\DOCUME~1\Operator\USTAWI~1\Temp\382.exe” = C:\DOCUME~1\Operator\USTAWI~1\Temp\382.exe:*:Enabled:BNDMSS – File not found

“C:\DOCUME~1\Operator\USTAWI~1\Temp\690.exe” = C:\DOCUME~1\Operator\USTAWI~1\Temp\690.exe:*:Enabled:BNDMSS – File not found

“C:\DOCUME~1\Operator\USTAWI~1\Temp\755.exe” = C:\DOCUME~1\Operator\USTAWI~1\Temp\755.exe:*:Enabled:BNDMSS – File not found

“C:\DOCUME~1\Operator\USTAWI~1\Temp\568.exe” = C:\DOCUME~1\Operator\USTAWI~1\Temp\568.exe:*:Enabled:BNDMSS – File not found

“C:\DOCUME~1\Operator\USTAWI~1\Temp\029.exe” = C:\DOCUME~1\Operator\USTAWI~1\Temp\029.exe:*:Enabled:BNDMSS – File not found

“C:\Documents and Settings\Operator\Ustawienia lokalne\Temp\419.exe” = C:\Documents and Settings\Operator\Ustawienia lokalne\Temp\419.exe:*:Disabled:419 – File not found

“C:\Program Files\NetMeeting\conf.exe” = C:\Program Files\NetMeeting\conf.exe:*:Enabled:Windows® NetMeeting® – (Microsoft Corporation)

“C:\WINDOWS\system32\bndmss.exe” = C:\WINDOWS\system32\bndmss.exe:*:Enabled:BNDMSS – ()

“C:\DOCUME~1\Operator\USTAWI~1\Temp\470.exe” = C:\DOCUME~1\Operator\USTAWI~1\Temp\470.exe:*:Enabled:BNDMSS – File not found

“C:\DOCUME~1\Operator\USTAWI~1\Temp\724.exe” = C:\DOCUME~1\Operator\USTAWI~1\Temp\724.exe:*:Enabled:BNDMSS – File not found

“C:\DOCUME~1\Operator\USTAWI~1\Temp\789.exe” = C:\DOCUME~1\Operator\USTAWI~1\Temp\789.exe:*:Enabled:BNDMSS – File not found

“C:\DOCUME~1\Operator\USTAWI~1\Temp\126.exe” = C:\DOCUME~1\Operator\USTAWI~1\Temp\126.exe:*:Enabled:BNDMSS – File not found

“C:\WINDOWS\system32\mmc.exe” = C:\WINDOWS\system32\mmc.exe:*:Enabled:Microsoft Management Console – (Microsoft Corporation)

“C:\DOCUME~1\Operator\USTAWI~1\Temp\784.exe” = C:\DOCUME~1\Operator\USTAWI~1\Temp\784.exe:*:Enabled:BNDMSS – File not found

“C:\DOCUME~1\Operator\USTAWI~1\Temp\617.exe” = C:\DOCUME~1\Operator\USTAWI~1\Temp\617.exe:*:Enabled:BNDMSS – File not found

“C:\DOCUME~1\Operator\USTAWI~1\Temp\764.exe” = C:\DOCUME~1\Operator\USTAWI~1\Temp\764.exe:*:Enabled:BNDMSS – File not found

“C:\DOCUME~1\Operator\USTAWI~1\Temp\832.exe” = C:\DOCUME~1\Operator\USTAWI~1\Temp\832.exe:*:Enabled:BNDMSS – File not found

“C:\DOCUME~1\Operator\USTAWI~1\Temp\152.exe” = C:\DOCUME~1\Operator\USTAWI~1\Temp\152.exe:*:Enabled:BNDMSS – File not found

“C:\Documents and Settings\Operator\Ustawienia lokalne\Temp\614.exe” = C:\Documents and Settings\Operator\Ustawienia lokalne\Temp\614.exe:*:Disabled:614 – File not found

“C:\Documents and Settings\Operator\Ustawienia lokalne\Temp\687.exe” = C:\Documents and Settings\Operator\Ustawienia lokalne\Temp\687.exe:*:Disabled:687 – File not found

“C:\Documents and Settings\Operator\Ustawienia lokalne\Temp\964.exe” = C:\Documents and Settings\Operator\Ustawienia lokalne\Temp\964.exe:*:Disabled:964 – File not found

“C:\Documents and Settings\Operator\Ustawienia lokalne\Temp\362.exe” = C:\Documents and Settings\Operator\Ustawienia lokalne\Temp\362.exe:*:Disabled:362 – File not found

“C:\Documents and Settings\Operator\Ustawienia lokalne\Temp\539.exe” = C:\Documents and Settings\Operator\Ustawienia lokalne\Temp\539.exe:*:Disabled:539 – File not found

“C:\Documents and Settings\Operator\Ustawienia lokalne\Temp\289.exe” = C:\Documents and Settings\Operator\Ustawienia lokalne\Temp\289.exe:*:Disabled:289 – File not found

“E:\fsrv\fileserver.exe” = E:\fsrv\fileserver.exe:*:Disabled:fileserver – File not found

“C:\Program Files\Skype\Plugin Manager\skypePM.exe” = C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager – (Skype Technologies)

“C:\Program Files\Skype\Phone\Skype.exe” = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype. Take a deep breath – (Skype Technologies S.A.)

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

““SubEdit-Player”” = “SubEdit-Player”

“{00010415-78E1-11D2-B60F-006097C998E7}” = Microsoft Office 2000 Professional

“{00040415-78E1-11D2-B60F-006097C998E7}” = Microsoft Office 2000 Dysk 2

“{11964613-805F-432D-A12B-169554B793E7}” = Nokia Connectivity Cable Driver

“{2318C2B1-4965-11d4-9B18-009027A5CD4F}” = Google Toolbar for Internet Explorer

“{26A24AE4-039D-4CA4-87B4-2F83216011FF}” = Java 6 Update 17

“{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}” = WebFldrs XP

“{4BDFD2CE-6329-42E4-9801-9B3D1F10D79B}” = Adobe® Photoshop® Album Starter Edition 3.0

“{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}” = Skype web features

“{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}” = PowerDVD

“{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}” = Windows Media Player Firefox Plugin

“{7131646D-CD3C-40F4-97B9-CD9E4E6262EF}” = Microsoft .NET Framework 2.0

“{99A40651-0BC2-4095-8F9A-A40FAB224FEF}” = PC Connectivity Solution

“{A982E6CC-9F0D-4948-9B18-BDFD55DE4A72}” = Nokia PC Suite

“{AC76BA86-7AD7-1033-7B44-A71000000002}” = Adobe Reader 7.1.0

“{B7E0C767-2F7F-4A9C-82F9-DBA8FE435692}” = PC CIF Camer@

“{CD95F661-A5C4-44F5-A6AA-ECDD91C240B6}” = WinZip 11.2

“{D103C4BA-F905-437A-8049-DB24763BBE36}” = Skype™ 4.1

“{DBA4DB9D-EE51-4944-A419-98AB1F1249C8}” = LiveUpdate Notice (Symantec Corporation)

“{DBEA1034-5882-4A88-8033-81C4EF0CFA29}” = Google Toolbar for Internet Explorer

“{FB08F381-6533-4108-B7DD-039E11FBC27E}” = Realtek AC’97 Audio

“0C5EDC3653FED5B121F464339EAC12534D253B25” = Pakiet sterowników systemu Windows - Nokia Modem (02/15/2007 3.1)

“4077F884D1BB007055BDB83B621D87220A73F30F” = Pakiet sterowników systemu Windows - Nokia (WUDFRd) WPD (06/01/2007 6.84.33.0)

“7-Zip” = 7-Zip 4.57

“Adobe Flash Player ActiveX” = Adobe Flash Player ActiveX

“Adobe Flash Player Plugin” = Adobe Flash Player 10 Plugin

“B726756F5B5A5AA9D798B399386FC6205A45F19E” = Pakiet sterowników systemu Windows - Nokia Modem (02/15/2007 3.1)

“CD8424B9400BFF7D34AA18F816C71322AC4BDAA7” = Pakiet sterowników systemu Windows - Nokia Modem (05/24/2007 6.84.0.1)

“ET3” = English Translator 3

“Gadu-Gadu” = Gadu-Gadu 7.7

“IDNMitigationAPIs” = Microsoft Internationalized Domain Names Mitigation APIs

“ie7” = Windows Internet Explorer 7

“InstallShield_{B7E0C767-2F7F-4A9C-82F9-DBA8FE435692}” = PC CIF Camer@

“KLiteCodecPack_is1” = K-Lite Codec Pack 3.5.7 Full

“Microsoft .NET Framework 2.0” = Microsoft .NET Framework 2.0

“moikrewni.pl - Wersja Domowa_is1” = moikrewni.pl - Wersja Domowa 1.01

“Mozilla Firefox (3.5.6)” = Mozilla Firefox (3.5.6)

“MSCompPackV1” = Microsoft Compression Client Pack 1.0 for Windows XP

“MyWebSearch bar Uninstall” = My Web Search (Smiley Central)

“Nero - Burning Rom!UninstallKey” = Nero OEM

“NLSDownlevelMapping” = Microsoft National Language Support Downlevel APIs

“Nokia PC Suite” = Nokia PC Suite

“Odkurzacz 11.3_is1” = Odkurzacz 11.3

“Picasa 3” = Picasa 3

“RealAlt_is1” = Real Alternative 1.60

“SMSERIAL” = Motorola SM56 Data Fax Modem

“Spyware Doctor” = Spyware Doctor 6.0

“VIA/S3G UniChrome Family Win2K/XP Display” = VIA/S3G Display Driver

“VN_VUIns_Rhine_VIA” = VIA Rhine-Family Fast Ethernet Adapter

“Winamp” = Winamp (remove only)

“Windows Media Format Runtime” = Windows Media Format 11 runtime

“Windows Media Player” = Windows Media Player 11

– Dodane 02.01.2010 (So) 14:17 –

ok, wkleiłam na stronie -http://www.wklej.org/.co dalej?

na forum podajesz tylko link do strony na którą wkleiłeś log

P.S log nadal obcięty

http://www.wklejto.pl/52213

– Dodane 02.01.2010 (So) 14:33 –

http://www.wklejto.pl/52214

OTL w oknie Custom Scans-Fixes wklej następujący skrypt:

Kliknij w Run Fix. Zatwierdź restart komputera.

potem nowy log OTL

http://www.wklejto.pl/52221- to pierwsza notatka w trakcie działania .zrobiłam tak jak wskazałeś.następnie komp się zrestartował i ponownie zrobiłam skan OTL.To notatki po skanie…

– Dodane 02.01.2010 (So) 15:50 –

http://www.wklejto.pl/52222

– Dodane 02.01.2010 (So) 15:54 –

zginął mi gdzieś ten pierwszy tekst-tzn pierwsza notatka ,która ukazała się po wklejeniu powyższego tekstu w OTl i po zeskanowaniu.

OTL w oknie Custom Scans-Fixes wklej następujący skrypt:

Kliknij w Run Fix. Zatwierdź restart komputera.

Pobierz CCleaner http://www.filehippo.com/download_ccleaner/

przeskanuj nim i wyczyść rejestr.

zrób optymalizacje uruchamiania

http://cybertrash.netarteria.pl/cyber/i … 378.0.html

W OTL kilknij CleanUp

Wyłącz I włącz przywracanie systemu na wszystkich dyskach.http://support.microsoft.com/kb/310405/pl

przeskanuj obszar Mój komputer http://www.kaspersky.pl/virusscanner.html gdy będą wirusy pokaż raport

lub

Dr.WEB CureIt! http://www.dobreprogramy.pl/DrWEB-CureI … 12976.html

Wielkie dzięki.Internet zdecydowanie szybciej i sprawniej “Lata”, jeśli można tak to określić.Zrobie jeszcze raz pełny skan spyware doctor by zobaczyć czy coś mi znajdzie-tzn.trojana buzusa.Mam jeszcze jedno pytanie-nie wiem, czy teraz ten problem będzie się pojawiał, ale wcześniej tzn przed Twoja porada czesto pojawiał się komunikat w ramce, że mało pamięci czyba wirtualnej i nie wyświetlał wszystkich obrazków na stronach.to było ostrzeżenie.czy jest też na to sposób?przepraszam,ze dopiero teraz o tym wspominam, ale dopiero teraz sobie o tym przypomniałam.I bardzo dziękuje za pomoc!

– Dodane 02.01.2010 (So) 16:33 –

aż mnie głowa rozbolała!ale nie poddam się!jestem na etapie wyczyszczenia rejestru co było łatwe.ale teraz to już prawdziwa jazda!pracuje dalej, choć nie jest to proste :o

– Dodane 03.01.2010 (N) 0:03 –

http://www.wklejto.pl/52280 to raport z Kasperskiego.Porażka!nie udało mi sie wykasować trojana buzusa.Dopiero skończyłam skanowanie.i co dalej?dziś życzę słodkich snów a jutro czekam na dlasze instrukcje.

– Dodane 03.01.2010 (N) 13:34 –

Witam!dziś miałam problem z odpaleniem ompa, ale po kilku próbach i zresetowaniu udało się.Była czarna strona.Wykonałam dziś szybkie skanowanie i pełne.a to raport z dzisiejszego dnia.http://www.wklejto.pl/52312.Co dalej mam zrobić? a co powinnam teraz zrobić z pendrivami czy płytami których używałam?czy też są zainfekowane?mama korzystała z mojego kompa i przeniosła na pendrivie trojana do pracy na komputer.Proszę o pomoc…i dziękuję z góry