Strasznie zwolniony net

Przez ostatnie 4/5 dni, internet strasznie zwolnił (np. normalna prędkość pobierania 50kb/s, teraz maxymalnie 10kb/s), więc prosiłbym o sprawdzenie loga :

Logfile of HijackThis v1.99.1

Scan saved at 18:52:47, on 2007-02-22

Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)


Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\ATKKBService.exe

C:\Program Files\cFosSpeed\spd.exe

C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe

C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\Program Files\Analog Devices\SoundMAX\Smax4.exe

C:\PROGRA~1\DrWeb\SpiderNT.exe

C:\Program Files\Analog Devices\Core\smax4pnp.exe

C:\WINDOWS\system32\RUNDLL32.EXE

C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe

C:\PROGRA~1\NEOSTR~1\CnxMon.exe

C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe

C:\PROGRA~1\NEOSTR~1\TaskbarIcon.exe

C:\Program Files\cFosSpeed\cFosSpeed.exe

C:\PROGRA~1\DrWeb\spidernt.exe

C:\Program Files\DrWeb\spiderml.exe

C:\Program Files\DrWeb\DRWEBSCD.EXE

C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe

C:\Program Files\Neostrada TP\NeostradaTP.exe

C:\Program Files\Neostrada TP\ComComp.exe

C:\Program Files\Neostrada TP\Watch.exe

C:\Program Files\Gadu-Gadu\gg.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Documents and Settings\komp\Pulpit\hijackthis\HijackThis.exe


R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Neostrada TP

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza

R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\NEOSTR~1\SEARCH~1.DLL

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\NEOSTR~1\CnxMon.exe

O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon

O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\NEOSTR~1\Watch.exe

O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\NEOSTR~1\TaskbarIcon.exe

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [cFosSpeed] C:\Program Files\cFosSpeed\cFosSpeed.exe

O4 - HKLM\..\Run: [SpIDerNT] C:\PROGRA~1\DrWeb\spidernt.exe /agent

O4 - HKLM\..\Run: [SpIDerMail] "C:\Program Files\DrWeb\spiderml.exe"

O4 - HKLM\..\Run: [DrWebScheduler] "C:\Program Files\DrWeb\DRWEBSCD.EXE"

O4 - Startup: Registration Heroes of Might & Magic 5 - Hammers of Fate.LNK = E:\Program Files\Ubisoft\Heroes of Might and Magic V\registrationa1\RegistrationReminder.exe

O4 - Startup: Registration Heroes of Might & Magic 5.LNK = E:\Program Files\Ubisoft\Heroes of Might and Magic V\registration\RegistrationReminder.exe

O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe

O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE

O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O10 - Unknown file in Winsock LSP: c:\windows\system32\drwebsp.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\drwebsp.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\drwebsp.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\drwebsp.dll

O17 - HKLM\System\CCS\Services\Tcpip\..\{DAB9205F-6282-42D2-9C82-A5835E2A237F}: NameServer = 194.204.159.1 217.98.63.164

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe

O23 - Service: cFosSpeed System Service (cFosSpeedS) - Unknown owner - C:\Program Files\cFosSpeed\spd.exe" -service (file missing)

O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe" -k runservice (file missing)

O23 - Service: ForceWare IP service (nSvcIp) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe

O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: SpIDer Guard for Windows NT (spidernt) - Doctor Web, Ltd. - C:\PROGRA~1\DrWeb\SpiderNT.exe

Log czysty.

Może chwilowe problemy? Poczekaj kilka dni a jeśli nic się nie zmieni - skontaktuj się z prowiderem w tej sprawie.

Dzisiaj skanując kompa Avastem trafiłem na dwa pliki, które jak określił program są : “Bombą dekompresyjną”. Co to jest, i czy to może jest przyczyną?

Sądzę, że to coś nie tak z moim komputerem, bo znajomi w okolicy również korzystają z neostrady i podobnych problemów nie mają.

edit :

Skanując Ad-aware trafił na 3 pliki, które skasował. Po restarcie kompa znów włączyłem skanowanie i pojawił się 1, które wcześniej ‘powinien’ zostać usunięty. Log z Ad-aware (daje cały, nie wiem która część jest najbardziej istotna.)

Ad-Aware SE Build 1.06r1

Logfile Created on:23 lutego 2007 17:02:35

Created with Ad-Aware SE Personal, free for private use.

Using definitions file:SE1R154 19.02.2007

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»


References detected during the scan:

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

MRU List(TAC index:0):13 total references

Tracking Cookie(TAC index:3):1 total references

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»


Ad-Aware SE Settings

===========================

Set : Search for negligible risk entries

Set : Safe mode (always request confirmation)

Set : Scan active processes

Set : Scan registry

Set : Deep-scan registry

Set : Scan my IE Favorites for banned URLs

Set : Scan within archives

Set : Scan my Hosts file


Extended Ad-Aware SE Settings

===========================

Set : Unload recognized processes & modules during scan

Set : Scan registry for all users instead of current user only

Set : Always try to unload modules before deletion

Set : During removal, unload Explorer and IE if necessary

Set : Let Windows remove files in use at next reboot

Set : Delete quarantined objects after restoring

Set : Include basic Ad-Aware settings in log file

Set : Include additional Ad-Aware settings in log file

Set : Include reference summary in log file

Set : Include alternate data stream details in log file

Set : Play sound at scan completion if scan locates critical objects



2007-02-23 17:02:35 - Scan started. (Custom mode)


Listing running processes

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»


#:1 [smss.exe]

    FilePath : \SystemRoot\System32\

    ProcessID : 700

    ThreadCreationTime : 2007-02-23 15:58:57

    BasePriority : Normal



#:2 [csrss.exe]

    FilePath : \??\C:\WINDOWS\system32\

    ProcessID : 752

    ThreadCreationTime : 2007-02-23 15:59:04

    BasePriority : Normal



#:3 [winlogon.exe]

    FilePath : \??\C:\WINDOWS\system32\

    ProcessID : 784

    ThreadCreationTime : 2007-02-23 15:59:04

    BasePriority : High



#:4 [services.exe]

    FilePath : C:\WINDOWS\system32\

    ProcessID : 828

    ThreadCreationTime : 2007-02-23 15:59:05

    BasePriority : Normal

    FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)

    ProductVersion : 5.1.2600.2180

    ProductName : System operacyjny Microsoft® Windows®

    CompanyName : Microsoft Corporation

    FileDescription : Usługi i aplikacja Kontroler

    InternalName : services.exe

    LegalCopyright : © Microsoft Corporation. Wszelkie prawa zastrzeżone.

    OriginalFilename : services.exe


#:5 [lsass.exe]

    FilePath : C:\WINDOWS\system32\

    ProcessID : 840

    ThreadCreationTime : 2007-02-23 15:59:05

    BasePriority : Normal

    FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)

    ProductVersion : 5.1.2600.2180

    ProductName : Microsoft® Windows® Operating System

    CompanyName : Microsoft Corporation

    FileDescription : LSA Shell (Export Version)

    InternalName : lsass.exe

    LegalCopyright : © Microsoft Corporation. All rights reserved.

    OriginalFilename : lsass.exe


#:6 [svchost.exe]

    FilePath : C:\WINDOWS\system32\

    ProcessID : 988

    ThreadCreationTime : 2007-02-23 15:59:05

    BasePriority : Normal

    FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)

    ProductVersion : 5.1.2600.2180

    ProductName : Microsoft® Windows® Operating System

    CompanyName : Microsoft Corporation

    FileDescription : Generic Host Process for Win32 Services

    InternalName : svchost.exe

    LegalCopyright : © Microsoft Corporation. All rights reserved.

    OriginalFilename : svchost.exe


#:7 [svchost.exe]

    FilePath : C:\WINDOWS\system32\

    ProcessID : 1044

    ThreadCreationTime : 2007-02-23 15:59:05

    BasePriority : Normal

    FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)

    ProductVersion : 5.1.2600.2180

    ProductName : Microsoft® Windows® Operating System

    CompanyName : Microsoft Corporation

    FileDescription : Generic Host Process for Win32 Services

    InternalName : svchost.exe

    LegalCopyright : © Microsoft Corporation. All rights reserved.

    OriginalFilename : svchost.exe


#:8 [svchost.exe]

    FilePath : C:\WINDOWS\System32\

    ProcessID : 1076

    ThreadCreationTime : 2007-02-23 15:59:05

    BasePriority : Normal

    FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)

    ProductVersion : 5.1.2600.2180

    ProductName : Microsoft® Windows® Operating System

    CompanyName : Microsoft Corporation

    FileDescription : Generic Host Process for Win32 Services

    InternalName : svchost.exe

    LegalCopyright : © Microsoft Corporation. All rights reserved.

    OriginalFilename : svchost.exe


#:9 [svchost.exe]

    FilePath : C:\WINDOWS\system32\

    ProcessID : 1128

    ThreadCreationTime : 2007-02-23 15:59:05

    BasePriority : Normal

    FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)

    ProductVersion : 5.1.2600.2180

    ProductName : Microsoft® Windows® Operating System

    CompanyName : Microsoft Corporation

    FileDescription : Generic Host Process for Win32 Services

    InternalName : svchost.exe

    LegalCopyright : © Microsoft Corporation. All rights reserved.

    OriginalFilename : svchost.exe


#:10 [svchost.exe]

    FilePath : C:\WINDOWS\system32\

    ProcessID : 1236

    ThreadCreationTime : 2007-02-23 15:59:05

    BasePriority : Normal

    FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)

    ProductVersion : 5.1.2600.2180

    ProductName : Microsoft® Windows® Operating System

    CompanyName : Microsoft Corporation

    FileDescription : Generic Host Process for Win32 Services

    InternalName : svchost.exe

    LegalCopyright : © Microsoft Corporation. All rights reserved.

    OriginalFilename : svchost.exe


#:11 [spoolsv.exe]

    FilePath : C:\WINDOWS\system32\

    ProcessID : 1496

    ThreadCreationTime : 2007-02-23 15:59:06

    BasePriority : Normal

    FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)

    ProductVersion : 5.1.2600.2180

    ProductName : Microsoft® Windows® Operating System

    CompanyName : Microsoft Corporation

    FileDescription : Spooler SubSystem App

    InternalName : spoolsv.exe

    LegalCopyright : © Microsoft Corporation. All rights reserved.

    OriginalFilename : spoolsv.exe


#:12 [explorer.exe]

    FilePath : C:\WINDOWS\

    ProcessID : 1508

    ThreadCreationTime : 2007-02-23 15:59:06

    BasePriority : Normal

    FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)

    ProductVersion : 6.00.2900.2180

    ProductName : System operacyjny Microsoft® Windows®

    CompanyName : Microsoft Corporation

    FileDescription : Eksplorator Windows

    InternalName : explorer

    LegalCopyright : © Microsoft Corporation. Wszelkie prawa zastrzeżone.

    OriginalFilename : EXPLORER.EXE


#:13 [aswupdsv.exe]

    FilePath : C:\Program Files\Alwil Software\Avast4\

    ProcessID : 1664

    ThreadCreationTime : 2007-02-23 15:59:06

    BasePriority : Normal



#:14 [atkkbservice.exe]

    FilePath : C:\WINDOWS\

    ProcessID : 1676

    ThreadCreationTime : 2007-02-23 15:59:06

    BasePriority : Normal

    FileVersion : 1, 0, 0, 0

    ProductVersion : 1, 0, 0, 0

    ProductName : ASUS Keyboard Service 

    CompanyName : ASUSTeK COMPUTER INC.

    FileDescription : ASUS Keyboard Service 

    InternalName : ATKKBService

    LegalCopyright : Copyright (C) 2004 @ASUSTeK COMPUTER INC.

    OriginalFilename : ATKKBService.exe


#:15 [ashserv.exe]

    FilePath : C:\Program Files\Alwil Software\Avast4\

    ProcessID : 1692

    ThreadCreationTime : 2007-02-23 15:59:06

    BasePriority : High

    FileVersion : 4, 7, 936, 0

    ProductVersion : 4, 7, 0, 0

    ProductName : avast! Antivirus 

    FileDescription : avast! antivirus service

    InternalName : aswServ

    LegalCopyright : Copyright (c) 2007 ALWIL Software

    OriginalFilename : aswServ.exe


#:16 [guard.exe]

    FilePath : C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\

    ProcessID : 1728

    ThreadCreationTime : 2007-02-23 15:59:06

    BasePriority : Normal

    FileVersion : 7, 5, 0, 47

    ProductVersion : 7, 5, 0, 47

    ProductName : AVG Anti-Spyware

    CompanyName : Anti-Malware Development a.s.

    FileDescription : AVG Anti-Spyware guard

    InternalName : AVG Anti-Spyware guard

    LegalCopyright : Copyright © 2006 Anti-Malware Development a.s.

    OriginalFilename : guard.exe


#:17 [cfosspeed.exe]

    FilePath : C:\Program Files\cFosSpeed\

    ProcessID : 1736

    ThreadCreationTime : 2007-02-23 15:59:06

    BasePriority : Normal

    FileVersion : 3.12.1184

    ProductVersion : 3.12.1184

    ProductName : cFosSpeed Window

    CompanyName : cFos Software GmbH

    FileDescription : cFosSpeed Window

    InternalName : cfosspeed

    LegalCopyright : Copyright © Lueders/Winkler 2003-2006

    OriginalFilename : cfosspeed.exe


#:18 [ashdisp.exe]

    FilePath : C:\PROGRA~1\ALWILS~1\Avast4\

    ProcessID : 1744

    ThreadCreationTime : 2007-02-23 15:59:06

    BasePriority : Normal

    FileVersion : 4, 7, 936, 0

    ProductVersion : 4, 7, 0, 0

    ProductName : avast! Antivirus 

    FileDescription : avast! service GUI component

    InternalName : aswDisp

    LegalCopyright : Copyright (c) 2007 ALWIL Software

    OriginalFilename : aswDisp.exe


#:19 [avgas.exe]

    FilePath : C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\

    ProcessID : 1760

    ThreadCreationTime : 2007-02-23 15:59:06

    BasePriority : Normal

    FileVersion : 7, 5, 0, 50

    ProductVersion : 7, 5, 0, 50

    ProductName : AVG Anti-Spyware

    CompanyName : Anti-Malware Development a.s.

    FileDescription : AVG Anti-Spyware

    InternalName : AVG Anti-Spyware

    LegalCopyright : Copyright © 2006 Anti-Malware Development a.s.

    OriginalFilename : avgas.exe


#:20 [spd.exe]

    FilePath : C:\Program Files\cFosSpeed\

    ProcessID : 1772

    ThreadCreationTime : 2007-02-23 15:59:06

    BasePriority : Normal

    FileVersion : 3.12.1184

    ProductVersion : 3.12.1184

    ProductName : cFosSpeed Service

    CompanyName : cFos Software GmbH

    FileDescription : cFosSpeed Service

    InternalName : spd

    LegalCopyright : Copyright © Lueders/Winkler 2003-2006

    OriginalFilename : spd.exe


#:21 [reader_sl.exe]

    FilePath : C:\Program Files\Adobe\Acrobat 7.0\Reader\

    ProcessID : 1852

    ThreadCreationTime : 2007-02-23 15:59:06

    BasePriority : Normal

    FileVersion : 7.0.5.2005092300

    ProductVersion : 7.0.5.2005092300

    ProductName : Adobe Acrobat

    CompanyName : Adobe Systems Incorporated

    FileDescription : Adobe Acrobat SpeedLauncher

    LegalCopyright : Copyright 1984-2005 Adobe Systems Incorporated and its licensors. All rights reserved.

    OriginalFilename : AcroSpeedLaunch.exe


#:22 [apache.exe]

    FilePath : C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\

    ProcessID : 1864

    ThreadCreationTime : 2007-02-23 15:59:06

    BasePriority : Normal

    FileVersion : 2.0.52

    ProductVersion : 2.0.52

    ProductName : Apache HTTP Server

    CompanyName : Apache Software Foundation

    FileDescription : Apache HTTP Server

    InternalName : Apache.exe

    LegalCopyright : Copyright © 2000-2004 The Apache Software Foundation.

    OriginalFilename : Apache.exe.exe

    Comments : All rights reserved. The license is available at . The Apache HTTP Server project pages are at .


#:23 [nsvclog.exe]

    FilePath : C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\

    ProcessID : 1952

    ThreadCreationTime : 2007-02-23 15:59:07

    BasePriority : Normal

    FileVersion : 2, 2, 0, 464

    ProductVersion : 2, 2, 0, 464

    ProductName : Network Access Manager

    CompanyName : NVIDIA Corporation

    FileDescription : nSvcLog

    InternalName : nSvcLog

    LegalCopyright : Copyright (C) 2004-2005

    OriginalFilename : nSvcLog.exe


#:24 [nvsvc32.exe]

    FilePath : C:\WINDOWS\system32\

    ProcessID : 1984

    ThreadCreationTime : 2007-02-23 15:59:07

    BasePriority : Normal

    FileVersion : 6.14.10.8391

    ProductVersion : 6.14.10.8391

    ProductName : NVIDIA Driver Helper Service, Version 83.91

    CompanyName : NVIDIA Corporation

    FileDescription : NVIDIA Driver Helper Service, Version 83.91

    InternalName : NVSVC

    LegalCopyright : (C) NVIDIA Corporation. All rights reserved.

    OriginalFilename : nvsvc32.exe


#:25 [nsvcip.exe]

    FilePath : C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\

    ProcessID : 284

    ThreadCreationTime : 2007-02-23 15:59:08

    BasePriority : Normal

    FileVersion : 2, 2, 0, 464

    ProductVersion : 2, 2, 0, 464

    ProductName : ActiveArmor Firewall

    CompanyName : NVIDIA Corporation

    FileDescription : ActiveArmor Firewall IP Service

    InternalName : nSvcIp

    LegalCopyright : Copyright 2002-2006 NVIDIA Corporation

    OriginalFilename : nSvcIp.exe


#:26 [apache.exe]

    FilePath : C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\

    ProcessID : 404

    ThreadCreationTime : 2007-02-23 15:59:08

    BasePriority : Normal

    FileVersion : 2.0.52

    ProductVersion : 2.0.52

    ProductName : Apache HTTP Server

    CompanyName : Apache Software Foundation

    FileDescription : Apache HTTP Server

    InternalName : Apache.exe

    LegalCopyright : Copyright © 2000-2004 The Apache Software Foundation.

    OriginalFilename : Apache.exe.exe

    Comments : All rights reserved. The license is available at . The Apache HTTP Server project pages are at .


#:27 [ashmaisv.exe]

    FilePath : C:\Program Files\Alwil Software\Avast4\

    ProcessID : 1156

    ThreadCreationTime : 2007-02-23 15:59:12

    BasePriority : Normal



#:28 [wscntfy.exe]

    FilePath : C:\WINDOWS\system32\

    ProcessID : 1444

    ThreadCreationTime : 2007-02-23 15:59:13

    BasePriority : Normal

    FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)

    ProductVersion : 5.1.2600.2180

    ProductName : Microsoft® Windows® Operating System

    CompanyName : Microsoft Corporation

    FileDescription : Windows Security Center Notification App

    InternalName : wscntfy.exe

    LegalCopyright : © Microsoft Corporation. All rights reserved.

    OriginalFilename : wscntfy.exe


#:29 [ashwebsv.exe]

    FilePath : C:\Program Files\Alwil Software\Avast4\

    ProcessID : 1716

    ThreadCreationTime : 2007-02-23 15:59:13

    BasePriority : Normal



#:30 [alg.exe]

    FilePath : C:\WINDOWS\System32\

    ProcessID : 2144

    ThreadCreationTime : 2007-02-23 15:59:13

    BasePriority : Normal

    FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)

    ProductVersion : 5.1.2600.2180

    ProductName : Microsoft® Windows® Operating System

    CompanyName : Microsoft Corporation

    FileDescription : Application Layer Gateway Service

    InternalName : ALG.exe

    LegalCopyright : © Microsoft Corporation. All rights reserved.

    OriginalFilename : ALG.exe


#:31 [neostradatp.exe]

    FilePath : C:\Program Files\Neostrada TP\

    ProcessID : 2620

    ThreadCreationTime : 2007-02-23 15:59:39

    BasePriority : Normal

    FileVersion : 5.6 (213)

    ProductVersion : 5.6 (213)

    ProductName : Kit de Connexion et de Services

    CompanyName : France Télécom R&D

    FileDescription : Espace Client

    InternalName : EspaceClient

    LegalCopyright : Copyright (C) France Télécom R&D 1999-2003

    OriginalFilename : EspaceClient.exe


#:32 [comcomp.exe]

    FilePath : C:\Program Files\Neostrada TP\

    ProcessID : 2640

    ThreadCreationTime : 2007-02-23 15:59:40

    BasePriority : Normal

    FileVersion : 5.5 (391)

    ProductVersion : 5.5 (391)

    ProductName : Kit de Connexion et de Services

    CompanyName : France Télécom R&D

    FileDescription : Module de communication

    InternalName : ComComp

    LegalCopyright : Copyright (C) France Télécom R&D 1999- 2002

    OriginalFilename : ComComp.exe


#:33 [watch.exe]

    FilePath : C:\Program Files\Neostrada TP\

    ProcessID : 2728

    ThreadCreationTime : 2007-02-23 15:59:40

    BasePriority : Normal

    FileVersion : 5.5 (81)

    ProductVersion : 5.5 (81)

    ProductName : Kit de Connexion et de Services

    CompanyName : France Télécom R&D

    FileDescription : Surveillance des modifications

    InternalName : Watch

    LegalCopyright : Copyright (C) France Télécom R&D 1999-2002

    OriginalFilename : Watch.exe


#:34 [wuauclt.exe]

    FilePath : C:\WINDOWS\system32\

    ProcessID : 2844

    ThreadCreationTime : 2007-02-23 15:59:54

    BasePriority : Normal

    FileVersion : 5.8.0.2469 built by: lab01_n(wmbla)

    ProductVersion : 5.8.0.2469

    ProductName : System operacyjny Microsoft® Windows®

    CompanyName : Microsoft Corporation

    FileDescription : Aktualizacje automatyczne

    InternalName : wuauclt.exe

    LegalCopyright : © Microsoft Corporation. Wszelkie prawa zastrzeżone.

    OriginalFilename : wuauclt.exe


#:35 [ad-aware.exe]

    FilePath : C:\Program Files\Lavasoft\Ad-Aware SE Personal\

    ProcessID : 3344

    ThreadCreationTime : 2007-02-23 16:02:25

    BasePriority : Normal

    FileVersion : 6.2.0.236

    ProductVersion : SE 106

    ProductName : Lavasoft Ad-Aware SE

    CompanyName : Lavasoft Sweden

    FileDescription : Ad-Aware SE Core application

    InternalName : Ad-Aware.exe

    LegalCopyright : Copyright © Lavasoft AB Sweden

    OriginalFilename : Ad-Aware.exe

    Comments : All Rights Reserved


Memory scan result:

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

New critical objects: 0

Objects found so far: 0



Started registry scan

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»


Registry Scan result:

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

New critical objects: 0

Objects found so far: 0



Started deep registry scan

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»


Deep registry scan result:

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

New critical objects: 0

Objects found so far: 0


 MRU List Object Recognized!

    Location: : C:\Documents and Settings\komp\recent

    Description : list of recently opened documents



 MRU List Object Recognized!

    Location: : software\microsoft\directdraw\mostrecentapplication

    Description : most recent application to use microsoft directdraw



 MRU List Object Recognized!

    Location: : S-1-5-21-1614895754-884357618-725345543-1003\software\microsoft\internet explorer

    Description : last download directory used in microsoft internet explorer



 MRU List Object Recognized!

    Location: : S-1-5-21-1614895754-884357618-725345543-1003\software\microsoft\internet explorer\typedurls

    Description : list of recently entered addresses in microsoft internet explorer



 MRU List Object Recognized!

    Location: : S-1-5-21-1614895754-884357618-725345543-1003\software\microsoft\mediaplayer\medialibraryui

    Description : last selected node in the microsoft windows media player media library



 MRU List Object Recognized!

    Location: : S-1-5-21-1614895754-884357618-725345543-1003\software\microsoft\mediaplayer\preferences

    Description : last playlist index loaded in microsoft windows media player



 MRU List Object Recognized!

    Location: : S-1-5-21-1614895754-884357618-725345543-1003\software\microsoft\mediaplayer\preferences

    Description : last playlist loaded in microsoft windows media player



 MRU List Object Recognized!

    Location: : S-1-5-21-1614895754-884357618-725345543-1003\software\microsoft\windows\currentversion\applets\regedit

    Description : last key accessed using the microsoft registry editor



 MRU List Object Recognized!

    Location: : S-1-5-21-1614895754-884357618-725345543-1003\software\microsoft\windows\currentversion\explorer\comdlg32\lastvisitedmru

    Description : list of recent programs opened



 MRU List Object Recognized!

    Location: : S-1-5-21-1614895754-884357618-725345543-1003\software\microsoft\windows\currentversion\explorer\comdlg32\opensavemru

    Description : list of recently saved files, stored according to file extension



 MRU List Object Recognized!

    Location: : S-1-5-21-1614895754-884357618-725345543-1003\software\microsoft\windows\currentversion\explorer\recentdocs

    Description : list of recent documents opened



 MRU List Object Recognized!

    Location: : S-1-5-21-1614895754-884357618-725345543-1003\software\microsoft\windows\currentversion\explorer\runmru

    Description : mru list for items opened in start | run



 MRU List Object Recognized!

    Location: : S-1-5-21-1614895754-884357618-725345543-1003\software\microsoft\windows media\wmsdk\general

    Description : windows media sdk 




Started Tracking Cookie scan

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»



 Tracking Cookie Object Recognized!

    Type : IECache Entry

    Data : komp@msnportal.112.2o7[1].txt

    TAC Rating : 3

    Category : Data Miner

    Comment : Hits:1

    Value : Cookie:komp@msnportal.112.2o7.net/

    Expires : 2012-02-22 17:00:28

    LastSync : Hits:1

    UseCount : 0

    Hits : 1


Tracking cookie scan result:

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

New critical objects: 1

Objects found so far: 14




Deep scanning and examining files (C:)

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»


Disk Scan Result for C:\

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

New critical objects: 0

Objects found so far: 14



Deep scanning and examining files (E:)

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»


Disk Scan Result for E:\

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

New critical objects: 0

Objects found so far: 14



Scanning Hosts file......

Hosts file location:"C:\WINDOWS\system32\drivers\etc\hosts".

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»


Hosts file scan result:

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

1 entries scanned.

New critical objects:0

Objects found so far: 14





Performing conditional scans...

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»


Conditional scan result:

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

New critical objects: 0

Objects found so far: 14


17:04:52 Scan Complete


Summary Of This Scan

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Total scanning time:00:02:17.437

Objects scanned:109727

Objects identified:1

Objects ignored:0

New critical objects:1

Edit : kolejny :slight_smile:

Dzwoniłem do pomocy technicznej Neostrady, i powiedziano mi tam, żeby :

wejść w rejestr > Local Machine > Software > Microsoft > Windwos > Current Version > Run, skasować wszystko co tam jest (oprócz domyślne), ale za każdym razem, kiedy uruchamiam komputer, pojawia się tam plik, który niby usunąłem.

Nazwa : NvCplDaemon

Typ : REG_SZ

Dane : RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

Może tu tkwi przyczyna ?