x-kom hosting

Problem - zbyt duże użycie procesora

Jammin69
utworzono
utworzono

Witam.
Mam taki problem, że cały czas w menadżerze zadań pokazuje mi, że moje użycie procka to ok. 60 %, mimo iż nie mam włączonych żadnych programów. Skanowałem kompa i wykryło mi 3 wirusy. Zostały usunięte, ale po ponownym uruchomieniu kompa problem jest ten sam. Znów ok. 60 % użycia procka. Czy ktoś mógłby mi coś poradzić ???

Log z OTL.
[log]OTL logfile created on: 2010-08-22 13:11:43 - Run 5
OTL by OldTimer - Version 3.2.10.0 Folder = C:\Documents and Settings\Kuba\Pulpit
Windows XP Home Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 64,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 83,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 200,01 Gb Total Space | 104,47 Gb Free Space | 52,23% Space Free | Partition Type: NTFS
Drive D: | 396,16 Gb Total Space | 88,58 Gb Free Space | 22,36% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: OEM-E13E86E67EE
Current User Name: Kuba
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 60 Days
Output = Standard

[color=#E56717]========== Processes (All) ==========[/color]

PRC - [2010-08-22 13:10:59 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Kuba\Pulpit\OTL.exe
PRC - [2010-08-22 13:08:07 | 003,820,698 | ---- | M] () -- C:\Documents and Settings\Kuba\Pulpit\ComboFix.exe
PRC - [2010-08-16 10:20:58 | 000,783,016 | ---- | M] (F-Secure Corporation) -- C:\Program Files\F-Secure Internet Security\Anti-Virus\fssm32.exe
PRC - [2010-08-16 10:20:58 | 000,492,200 | ---- | M] (F-Secure Corporation) -- C:\Program Files\F-Secure Internet Security\Anti-Virus\fsgk32.exe
PRC - [2010-08-10 17:09:15 | 000,056,992 | ---- | M] (F-Secure Corporation) -- C:\Program Files\F-Secure Internet Security\ORSP Client\fsorsp.exe
PRC - [2010-07-26 23:04:44 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010-07-17 18:09:44 | 000,365,248 | ---- | M] (F-Secure Corporation) -- C:\Program Files\F-Secure Internet Security\Anti-Virus\fsav32.exe
PRC - [2010-07-17 05:00:15 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2010-05-14 11:44:46 | 000,248,552 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe
PRC - [2010-04-21 10:19:37 | 000,075,064 | ---- | M] () -- C:\WINDOWS\system32\PnkBstrA.exe
PRC - [2009-10-14 15:02:02 | 000,522,848 | ---- | M] (F-Secure Corporation) -- C:\Program Files\F-Secure Internet Security\FWES\program\fsdfwd.exe
PRC - [2009-07-09 11:34:54 | 000,199,264 | ---- | M] (F-Secure Corporation) -- C:\Program Files\F-Secure Internet Security\Common\FSM32.EXE
PRC - [2009-07-09 11:34:54 | 000,186,976 | ---- | M] (F-Secure Corporation) -- C:\Program Files\F-Secure Internet Security\Common\FSMA32.EXE
PRC - [2009-07-09 11:34:52 | 000,088,672 | ---- | M] (F-Secure Corporation) -- C:\Program Files\F-Secure Internet Security\Common\FSHDLL32.EXE
PRC - [2009-07-09 11:31:20 | 000,215,648 | ---- | M] (F-Secure Corporation) -- C:\Program Files\F-Secure Internet Security\Anti-Virus\fsgk32st.exe
PRC - [2009-02-09 13:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe
PRC - [2009-01-26 15:31:12 | 005,365,592 | RHS- | M] (Safer Networking Limited) -- C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
PRC - [2008-12-04 14:24:30 | 000,665,424 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files\Epson Software\Event Manager\EEventManager.exe
PRC - [2008-11-06 01:00:00 | 000,199,680 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\E_FATIFDE.EXE
PRC - [2008-08-21 04:05:57 | 000,573,440 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\ati2evxx.exe
PRC - [2008-06-03 02:06:34 | 005,964,800 | ---- | M] () -- C:\Program Files\ASUS\Six Engine\SixEngine.exe
PRC - [2008-05-16 08:39:00 | 016,862,720 | R--- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTHDCPL.exe
PRC - [2008-04-14 22:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe
PRC - [2008-04-14 22:51:44 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe
PRC - [2008-04-14 22:51:44 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [RPCSS]
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETWORKSERVICE]
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETSVCS]
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE]
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE]
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [IMGSVC]
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [DCOMLAUNCH]
PRC - [2008-04-14 22:51:24 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe
PRC - [2008-04-14 22:51:18 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008-04-14 22:51:12 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ctfmon.exe
PRC - [2008-04-14 22:51:12 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\csrss.exe
PRC - [2008-04-14 22:51:04 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\alg.exe
PRC - [2007-07-17 11:13:56 | 000,049,152 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
PRC - [2007-07-17 11:13:34 | 000,049,152 | ---- | M] (ATI Technologies Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
PRC - [2006-05-16 10:58:18 | 000,213,936 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
PRC - [2003-06-20 00:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE


[color=#E56717]========== Modules (All) ==========[/color]

MOD - [2010-08-22 13:10:59 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Kuba\Pulpit\OTL.exe
MOD - [2010-07-27 08:30:33 | 008,491,008 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shell32.dll
MOD - [2009-12-08 11:25:45 | 000,474,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shlwapi.dll
MOD - [2009-07-09 11:34:16 | 000,330,336 | ---- | M] () -- \\?\c:\program files\f-secure internet security\hips\fshook32.dll
MOD - [2009-06-25 10:27:54 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\secur32.dll
MOD - [2009-04-15 16:54:38 | 000,585,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcrt4.dll
MOD - [2009-03-21 16:08:59 | 001,018,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kernel32.dll
MOD - [2009-02-09 12:53:44 | 000,686,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advapi32.dll
MOD - [2009-02-09 12:53:43 | 000,722,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdll.dll
MOD - [2008-10-23 14:42:41 | 000,286,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\gdi32.dll
MOD - [2008-04-14 22:51:58 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winspool.drv
MOD - [2008-04-14 22:50:58 | 000,732,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\userenv.dll
MOD - [2008-04-14 22:50:58 | 000,580,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\user32.dll
MOD - [2008-04-14 22:50:58 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uxtheme.dll
MOD - [2008-04-14 22:50:58 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wldap32.dll
MOD - [2008-04-14 22:50:58 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srclient.dll
MOD - [2008-04-14 22:50:58 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\version.dll
MOD - [2008-04-14 22:50:48 | 000,997,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\setupapi.dll
MOD - [2008-04-14 22:50:46 | 001,287,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ole32.dll
MOD - [2008-04-14 22:50:46 | 000,551,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleaut32.dll
MOD - [2008-04-14 22:50:46 | 000,084,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\olepro32.dll
MOD - [2008-04-14 22:50:46 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\samlib.dll
MOD - [2008-04-14 22:50:46 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psapi.dll
MOD - [2008-04-14 22:50:42 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntmarta.dll
MOD - [2008-04-14 22:50:40 | 000,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcrt.dll
MOD - [2008-04-14 22:50:38 | 000,297,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msctf.dll
MOD - [2008-04-14 22:50:32 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll
MOD - [2008-04-14 22:50:16 | 000,822,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comres.dll
MOD - [2008-04-14 22:50:14 | 000,280,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comdlg32.dll
MOD - [2008-04-14 22:50:12 | 000,498,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\clbcatq.dll
MOD - [2008-04-14 22:46:34 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
MOD - [2008-04-14 22:29:10 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- C:\WINDOWS\System32\appmgmts.dll -- (AppMgmt)
SRV - [2010-08-10 17:09:15 | 000,056,992 | ---- | M] (F-Secure Corporation) [On_Demand | Running] -- C:\Program Files\F-Secure Internet Security\ORSP Client\fsorsp.exe -- (FSORSPClient)
SRV - [2010-06-20 17:41:00 | 003,813,096 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\WINDOWS\System32\GameMon.des -- (npggsvc)
SRV - [2009-10-14 15:02:02 | 000,522,848 | ---- | M] (F-Secure Corporation) [On_Demand | Running] -- C:\Program Files\F-Secure Internet Security\FWES\Program\fsdfwd.exe -- (FSDFWD)
SRV - [2009-07-09 11:34:54 | 000,186,976 | ---- | M] (F-Secure Corporation) [Auto | Running] -- C:\Program Files\F-Secure Internet Security\Common\FSMA32.EXE -- (FSMA)
SRV - [2009-07-09 11:31:20 | 000,215,648 | ---- | M] (F-Secure Corporation) [Auto | Running] -- C:\Program Files\F-Secure Internet Security\Anti-Virus\fsgk32st.exe -- (F-Secure Gatekeeper Handler Starter)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\Kuba\USTAWI~1\Temp\gel90xne.sys -- (gel90xne)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\EagleNT.sys -- (EagleNT)
DRV - [2010-08-22 13:11:52 | 000,758,272 | ---- | M] () [Kernel | Unknown | Stopped] -- C:\WINDOWS\System32\drivers\aec.sys -- (aec)
DRV - [2010-08-03 13:43:46 | 000,124,072 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files\F-Secure Internet Security\Anti-Virus\minifilter\fsgk.sys -- (F-Secure Gatekeeper)
DRV - [2010-07-13 18:39:24 | 000,041,256 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\Drivers\fsbts.sys -- (fsbts)
DRV - [2010-06-24 19:14:03 | 000,281,504 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt)
DRV - [2010-06-24 19:14:03 | 000,025,888 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2009-08-16 14:07:03 | 000,721,904 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2009-07-09 11:34:18 | 000,068,064 | ---- | M] (F-Secure Corporation) [Kernel | System | Running] -- C:\Program Files\F-Secure Internet Security\HIPS\drivers\fshs.sys -- (F-Secure HIPS)
DRV - [2009-07-09 11:33:14 | 000,080,000 | ---- | M] (F-Secure Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\fsdfw.sys -- (FSFW)
DRV - [2009-07-09 11:31:24 | 000,039,776 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Program Files\F-Secure Internet Security\Anti-Virus\win2k\fsfilter.sys -- (F-Secure Filter)
DRV - [2009-07-09 11:31:24 | 000,025,184 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Program Files\F-Secure Internet Security\Anti-Virus\win2k\fsrec.sys -- (F-Secure Recognizer)
DRV - [2008-08-21 06:52:41 | 003,299,840 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2008-07-26 12:48:00 | 006,097,536 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2008-06-25 18:47:00 | 000,036,864 | R--- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\l1e51x86.sys -- (L1e)
DRV - [2008-06-24 00:21:48 | 000,150,568 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\mv61xx.sys -- (mv61xx)
DRV - [2008-05-21 01:53:36 | 000,093,696 | R--- | M] (ATI Research Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV - [2008-05-20 11:53:00 | 004,800,000 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2008-04-14 00:15:30 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2008-04-14 00:15:14 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbaudio.sys -- (usbaudio) Sterownik audio USB (WDM)
DRV - [2008-04-13 22:06:06 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2007-12-17 11:14:06 | 000,012,400 | R--- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AsIO.sys -- (AsIO)
DRV - [2004-08-13 12:56:20 | 000,005,810 | R--- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor)
DRV - [2004-08-03 22:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Sterownik NT karty Realtek RTL8139(A/B/C)
DRV - [2001-08-17 22:00:04 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\msmpu401.sys -- (ms_mpu401)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = file:///c:/oem/podziekowania/podziekowania.html
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm


IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = file:///c:/oem/podziekowania/podziekowania.html
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


IE - HKU\PE_C_OEM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = file:///c:/oem/podziekowania/podziekowania.html
IE - HKU\PE_C_OEM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = file:///c:/oem/podziekowania/podziekowania.html
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = file:///c:/oem/podziekowania/podziekowania.html

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = file:///c:/oem/podziekowania/podziekowania.html

IE - HKU\S-1-5-21-3390725344-390941599-3079006289-1008\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = file:///c:/oem/podziekowania/podziekowania.html
IE - HKU\S-1-5-21-3390725344-390941599-3079006289-1008\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..extensions.enabledItems: battlefieldheroespatcher@ea.com:4.0.53.0
FF - prefs.js..extensions.enabledItems: {46551EC9-40F0-4e47-8E18-8E5CF550CFB8}:1.0.9
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21

FF - HKLM\software\mozilla\Firefox\extensions\\litmus-ff@f-secure.com: C:\Program Files\F-Secure Internet Security\NRS\litmus-ff@f-secure.com [2010-08-18 16:28:46 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010-08-01 23:33:28 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010-07-26 23:04:50 | 000,000,000 | ---D | M]

[2009-01-20 18:50:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kuba\Dane aplikacji\Mozilla\Extensions
[2010-08-22 10:36:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kuba\Dane aplikacji\Mozilla\Firefox\Profiles\qimmvudc.default\extensions
[2010-07-27 23:09:42 | 000,000,000 | ---D | M] (Stylish) -- C:\Documents and Settings\Kuba\Dane aplikacji\Mozilla\Firefox\Profiles\qimmvudc.default\extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}
[2010-04-21 10:16:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kuba\Dane aplikacji\Mozilla\Firefox\Profiles\qimmvudc.default\extensions\battlefieldheroespatcher@ea.com
[2010-07-27 23:09:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kuba\Dane aplikacji\Mozilla\Firefox\Profiles\qimmvudc.default\extensions\personas@christopher.beard
[2010-08-22 10:36:47 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010-04-15 16:19:55 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010-08-18 11:04:15 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010-07-17 05:00:04 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010-03-27 21:33:09 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml
[2010-03-27 21:33:09 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml
[2010-03-27 21:33:09 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml
[2010-03-27 21:33:09 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml
[2010-03-27 21:33:09 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml
[2010-03-27 21:33:09 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml

O1 HOSTS File: ([2010-02-04 16:22:22 | 000,000,036 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O2 - BHO: (Browsing Protection Class) - {C6867EB7-8350-4856-877F-93CF8AE3DC9C} - C:\Program Files\F-Secure Internet Security\NRS\iescript\baselitmus.dll (F-Secure Corporation)
O2 - BHO: (EpsonToolBandKicker Class) - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10\_userdata\ggbho.2.dll File not found
O3 - HKLM\..\Toolbar: (Browsing Protection Toolbar) - {265EEE8E-3228-44D3-AEA5-F7FDF5860049} - C:\Program Files\F-Secure Internet Security\NRS\iescript\baselitmus.dll (F-Secure Corporation)
O3 - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O3 - HKLM\..\Toolbar: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O3 - HKU\S-1-5-21-3390725344-390941599-3079006289-1008\..\Toolbar\WebBrowser: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [CorelDRAW Graphics Suite 11b] D:\Program Files\Corel\Corel Graphics 12\Languages\PL\Programs\Registration.exe (Corel Corporation)
O4 - HKLM..\Run: [EEventManager] C:\Program Files\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [F-Secure Manager] C:\Program Files\F-Secure Internet Security\Common\FSM32.EXE (F-Secure Corporation)
O4 - HKLM..\Run: [F-Secure TNB] C:\Program Files\F-Secure Internet Security\FSGUI\TNBUtil.exe (F-Secure Corporation)
O4 - HKLM..\Run: [ISUSPM] C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe (Macrovision Corporation)
O4 - HKLM..\Run: [ISUSPM Startup] C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (Macrovision Corporation)
O4 - HKLM..\Run: [ISUSScheduler] C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (Macrovision Corporation)
O4 - HKLM..\Run: [KernelFaultCheck] File not found
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe File not found
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [Six Engine] C:\Program Files\ASUS\Six Engine\SixEngine.exe ()
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKU\S-1-5-21-3390725344-390941599-3079006289-1008..\Run: [EA Core] C:\Program Files\Electronic Arts\EADM\Core.exe File not found
O4 - HKU\S-1-5-21-3390725344-390941599-3079006289-1008..\Run: [EPSON SX210 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIFDE.EXE (SEIKO EPSON CORPORATION)
O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
O4 - Startup: C:\Documents and Settings\Kuba\Menu Start\Programy\Autostart\PandaUSBVaccine.lnk = G:\Panda USB Vaccine\USBVaccine.exe File not found
O4 - Startup: C:\Documents and Settings\Kuba\Menu Start\Programy\Autostart\updpxe32.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\control panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 [2010-03-21 21:18:12 | 000,000,000 | ---D | M]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1 [2010-03-21 21:18:12 | 000,000,000 | ---D | M]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1 [2010-03-21 21:18:12 | 000,000,000 | ---D | M]
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\PE_C_ALL USERS\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\PE_C_ALL USERS\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKU\PE_C_OEM\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\PE_C_OEM\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKU\PE_C_OEM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-3390725344-390941599-3079006289-1008\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\S-1-5-21-3390725344-390941599-3079006289-1008\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKU\S-1-5-21-3390725344-390941599-3079006289-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-3390725344-390941599-3079006289-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisallowRun = 1 [2010-03-21 21:18:12 | 000,000,000 | ---D | M]
O7 - HKU\S-1-5-21-3390725344-390941599-3079006289-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowRun: msconfig.exe = msconfig.exe
O7 - HKU\S-1-5-21-3390725344-390941599-3079006289-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableProfileQuota = 1 [2010-03-21 21:18:12 | 000,000,000 | ---D | M]
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\F-Secure Internet Security\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\F-Secure Internet Security\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\F-Secure Internet Security\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Program Files\F-Secure Internet Security\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 62.179.1.63 62.179.1.62
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

[color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color]

[2010-08-22 13:10:53 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Kuba\Pulpit\OTL.exe
[2010-08-22 13:10:06 | 000,000,000 | ---D | C] -- C:\Qoobox
[2010-08-22 13:00:31 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2010-08-22 12:59:30 | 016,409,960 | ---- | C] (Safer Networking Limited ) -- C:\Documents and Settings\Kuba\Pulpit\spybotsd162.exe
[2010-08-22 12:53:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2010-08-18 11:04:39 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2010-08-16 18:05:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kuba\Dane aplikacji\Tibia
[2010-08-16 18:05:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kuba\Pulpit\atania
[2010-08-16 14:07:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kuba\Dane aplikacji\ValuSoft
[2010-08-06 18:36:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Trymedia
[2010-08-06 18:32:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dokumenty\Monolith Productions
[2010-08-01 23:36:48 | 003,813,096 | ---- | C] (INCA Internet Co., Ltd.) -- C:\WINDOWS\System32\GameMon.des
[2010-08-01 23:36:26 | 000,004,682 | ---- | C] (INCA Internet Co., Ltd.) -- C:\WINDOWS\System32\npptNT2.sys
[2010-08-01 23:36:17 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\INCA Shared
[2010-07-21 14:29:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\ATI
[2010-07-21 13:46:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\kaneandlynch
[2010-07-21 13:28:10 | 000,000,000 | ---D | C] -- C:\Program Files\OpenAL
[2010-06-26 11:49:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\storage
[2010-06-24 19:15:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kuba\Dane aplikacji\Games
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 60 Days ==========[/color]

[2010-08-22 13:15:11 | 000,758,272 | ---- | M] () -- C:\WINDOWS\System32\drivers\aec.sys
[2010-08-22 13:10:59 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Kuba\Pulpit\OTL.exe
[2010-08-22 13:08:07 | 003,820,698 | ---- | M] () -- C:\Documents and Settings\Kuba\Pulpit\ComboFix.exe
[2010-08-22 13:01:15 | 000,000,933 | ---- | M] () -- C:\Documents and Settings\Kuba\Pulpit\Spybot - Search & Destroy.lnk
[2010-08-22 12:59:52 | 016,409,960 | ---- | M] (Safer Networking Limited ) -- C:\Documents and Settings\Kuba\Pulpit\spybotsd162.exe
[2010-08-22 12:57:33 | 001,117,824 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010-08-22 12:57:33 | 000,500,628 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat
[2010-08-22 12:57:33 | 000,442,388 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010-08-22 12:57:33 | 000,088,160 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat
[2010-08-22 12:57:33 | 000,071,400 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010-08-22 12:53:13 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010-08-22 12:53:12 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010-08-22 12:53:11 | 000,044,964 | ---- | M] () -- C:\WINDOWS\System32\ativvaxx.cap
[2010-08-22 12:52:13 | 006,815,744 | -H-- | M] () -- C:\Documents and Settings\Kuba\NTUSER.DAT
[2010-08-22 12:52:09 | 000,000,292 | -HS- | M] () -- C:\Documents and Settings\Kuba\ntuser.ini
[2010-08-22 12:50:30 | 000,002,441 | ---- | M] () -- C:\Documents and Settings\Kuba\Pulpit\HiJackThis.lnk
[2010-08-22 12:49:00 | 001,402,880 | ---- | M] () -- C:\Documents and Settings\Kuba\Pulpit\HiJackThis.msi
[2010-08-22 12:34:41 | 000,000,004 | ---- | M] () -- C:\Documents and Settings\Kuba\Dane aplikacji\avdrn.dat
[2010-08-21 23:12:20 | 000,159,744 | ---- | M] () -- C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-08-21 16:57:07 | 000,118,261 | ---- | M] () -- C:\Documents and Settings\Kuba\Pulpit\tornado_of_souls_ver6.gp3
[2010-08-19 16:11:09 | 000,114,519 | ---- | M] () -- C:\Documents and Settings\Kuba\Pulpit\scream_aim_fire_ver4.gp5
[2010-08-18 21:24:59 | 000,356,768 | ---- | M] () -- C:\Documents and Settings\Kuba\Pulpit\50128277.gif
[2010-08-18 21:20:36 | 010,486,436 | ---- | M] () -- C:\Documents and Settings\Kuba\Moje dokumenty\Black Label Society In This River LIVE.mp4
[2010-08-18 21:18:01 | 000,000,666 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\YouTube Downloader.lnk
[2010-08-18 21:17:39 | 004,295,346 | ---- | M] () -- C:\Documents and Settings\Kuba\Pulpit\YouTubeDownloaderSetup26_[www.programosy.pl].exe
[2010-08-18 08:41:01 | 000,020,078 | ---- | M] () -- C:\Documents and Settings\Kuba\Pulpit\little_wing.gp3
[2010-08-16 23:23:26 | 003,180,626 | -H-- | M] () -- C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\IconCache.db
[2010-08-16 18:04:17 | 019,807,282 | ---- | M] () -- C:\Documents and Settings\Kuba\Pulpit\atania.rar
[2010-08-16 15:04:47 | 000,002,141 | ---- | M] () -- C:\Documents and Settings\Kuba\.recently-used.xbel
[2010-08-16 13:42:57 | 000,015,061 | ---- | M] () -- C:\Documents and Settings\Kuba\Pulpit\been_a_long_time.gp3
[2010-08-15 18:11:25 | 000,279,744 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010-08-15 18:07:54 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010-08-15 17:44:08 | 000,012,598 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010-08-06 18:38:38 | 000,000,716 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\F.E.A.R. Multiplayer.lnk
[2010-08-06 18:38:38 | 000,000,704 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\F.E.A.R. Single Player.lnk
[2010-08-06 16:50:19 | 000,018,282 | ---- | M] () -- C:\Documents and Settings\Kuba\Pulpit\beat_the_bastards.gp3
[2010-08-06 12:18:17 | 000,031,258 | ---- | M] () -- C:\Documents and Settings\Kuba\Pulpit\floods.gp4
[2010-08-05 18:12:14 | 000,000,850 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Mat Hoffman's Pro BMX.lnk
[2010-08-05 18:12:12 | 000,000,915 | ---- | M] () -- C:\WINDOWS\MHPB.ini
[2010-08-03 14:49:05 | 000,000,741 | ---- | M] () -- C:\Documents and Settings\Kuba\Pulpit\Uruchom Sky Bubbles.lnk
[2010-08-03 10:45:43 | 000,000,487 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\The Guild II.lnk
[2010-08-02 00:51:18 | 000,000,761 | ---- | M] () -- C:\Documents and Settings\Kuba\Pulpit\Start CABAL.lnk
[2010-08-02 00:29:53 | 000,073,536 | ---- | M] () -- C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT
[2010-07-22 11:25:04 | 000,000,012 | ---- | M] () -- C:\Documents and Settings\Kuba\intlname.ols
[2010-07-21 13:28:09 | 000,413,696 | ---- | M] (Creative Labs) -- C:\WINDOWS\System32\wrap_oal.dll
[2010-07-21 13:28:08 | 000,110,592 | ---- | M] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\WINDOWS\System32\OpenAL32.dll
[2010-07-21 10:16:04 | 000,000,886 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Age of Mythology - The Titans.lnk
[2010-07-21 10:15:07 | 000,000,881 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Age of Mythology.lnk
[2010-07-18 21:39:22 | 000,000,927 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\The Sims 2 University.lnk
[2010-07-13 18:39:24 | 000,041,256 | ---- | M] () -- C:\WINDOWS\System32\drivers\fsbts.sys
[2010-07-13 18:34:08 | 000,002,561 | ---- | M] () -- C:\Documents and Settings\Kuba\Pulpit\Microsoft Office Outlook 2003.lnk
[2010-07-09 21:04:40 | 000,041,872 | ---- | M] () -- C:\WINDOWS\System32\xfcodec.dll
[2010-07-01 20:27:21 | 000,001,075 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\The Sims™ 2 Rezydencje i ogrody Akcesoria.lnk
[2010-07-01 20:22:50 | 000,000,983 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\The Sims™ 2 Impreza! Akcesoria.lnk
[2010-06-30 20:58:27 | 000,000,977 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\The Sims™ 2 Osiedlowe życie.lnk
[2010-06-29 20:06:06 | 000,107,888 | ---- | M] (Sony DADC Austria AG.) -- C:\WINDOWS\System32\CmdLineExt.dll
[2010-06-29 20:01:05 | 000,000,921 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\The Sims™ 2 Podróże.lnk
[2010-06-29 15:42:09 | 000,000,771 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Titan Quest.lnk
[2010-06-28 22:47:46 | 000,138,464 | ---- | M] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2010-06-24 19:14:03 | 000,281,504 | ---- | M] () -- C:\WINDOWS\System32\drivers\atksgt.sys
[2010-06-24 19:14:03 | 000,025,888 | ---- | M] () -- C:\WINDOWS\System32\drivers\lirsgt.sys
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2010-08-22 13:07:59 | 003,820,698 | ---- | C] () -- C:\Documents and Settings\Kuba\Pulpit\ComboFix.exe
[2010-08-22 13:01:15 | 000,000,933 | ---- | C] () -- C:\Documents and Settings\Kuba\Pulpit\Spybot - Search & Destroy.lnk
[2010-08-22 12:50:05 | 000,002,441 | ---- | C] () -- C:\Documents and Settings\Kuba\Pulpit\HiJackThis.lnk
[2010-08-22 12:49:00 | 001,402,880 | ---- | C] () -- C:\Documents and Settings\Kuba\Pulpit\HiJackThis.msi
[2010-08-22 12:35:15 | 000,000,016 | ---- | C] () -- C:\Documents and Settings\NetworkService\Dane aplikacji\bawuho.dat
[2010-08-22 12:34:41 | 000,000,004 | ---- | C] () -- C:\Documents and Settings\Kuba\Dane aplikacji\avdrn.dat
[2010-08-21 16:57:08 | 000,118,261 | ---- | C] () -- C:\Documents and Settings\Kuba\Pulpit\tornado_of_souls_ver6.gp3
[2010-08-19 16:11:09 | 000,114,519 | ---- | C] () -- C:\Documents and Settings\Kuba\Pulpit\scream_aim_fire_ver4.gp5
[2010-08-18 21:24:58 | 000,356,768 | ---- | C] () -- C:\Documents and Settings\Kuba\Pulpit\50128277.gif
[2010-08-18 21:20:36 | 010,486,436 | ---- | C] () -- C:\Documents and Settings\Kuba\Moje dokumenty\Black Label Society In This River LIVE.mp4
[2010-08-18 21:18:01 | 000,000,666 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\YouTube Downloader.lnk
[2010-08-18 21:17:35 | 004,295,346 | ---- | C] () -- C:\Documents and Settings\Kuba\Pulpit\YouTubeDownloaderSetup26_[www.programosy.pl].exe
[2010-08-18 08:41:03 | 000,020,078 | ---- | C] () -- C:\Documents and Settings\Kuba\Pulpit\little_wing.gp3
[2010-08-16 18:03:56 | 019,807,282 | ---- | C] () -- C:\Documents and Settings\Kuba\Pulpit\atania.rar
[2010-08-16 15:04:47 | 000,002,141 | ---- | C] () -- C:\Documents and Settings\Kuba\.recently-used.xbel
[2010-08-16 13:42:58 | 000,015,061 | ---- | C] () -- C:\Documents and Settings\Kuba\Pulpit\been_a_long_time.gp3
[2010-08-06 18:38:38 | 000,000,704 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\F.E.A.R. Single Player.lnk
[2010-08-06 18:38:18 | 000,000,716 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\F.E.A.R. Multiplayer.lnk
[2010-08-06 16:50:20 | 000,018,282 | ---- | C] () -- C:\Documents and Settings\Kuba\Pulpit\beat_the_bastards.gp3
[2010-08-06 12:18:18 | 000,031,258 | ---- | C] () -- C:\Documents and Settings\Kuba\Pulpit\floods.gp4
[2010-08-05 18:12:14 | 000,000,850 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Mat Hoffman's Pro BMX.lnk
[2010-08-05 18:11:28 | 000,000,915 | ---- | C] () -- C:\WINDOWS\MHPB.ini
[2010-08-03 14:49:05 | 000,000,741 | ---- | C] () -- C:\Documents and Settings\Kuba\Pulpit\Uruchom Sky Bubbles.lnk
[2010-08-03 10:45:43 | 000,000,487 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\The Guild II.lnk
[2010-08-02 00:51:18 | 000,000,761 | ---- | C] () -- C:\Documents and Settings\Kuba\Pulpit\Start CABAL.lnk
[2010-08-01 23:36:25 | 000,005,174 | ---- | C] () -- C:\WINDOWS\System32\nppt9x.vxd
[2010-07-21 14:24:46 | 000,593,920 | ---- | C] () -- C:\WINDOWS\System32\ati2sgag.exe
[2010-07-21 10:16:04 | 000,000,886 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Age of Mythology - The Titans.lnk
[2010-07-21 10:07:41 | 000,000,881 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Age of Mythology.lnk
[2010-07-18 21:39:22 | 000,000,927 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\The Sims 2 University.lnk
[2010-07-09 21:04:40 | 000,041,872 | ---- | C] () -- C:\WINDOWS\System32\xfcodec.dll
[2010-07-01 20:27:21 | 000,001,075 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\The Sims™ 2 Rezydencje i ogrody Akcesoria.lnk
[2010-07-01 20:22:50 | 000,000,983 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\The Sims™ 2 Impreza! Akcesoria.lnk
[2010-06-30 20:58:27 | 000,000,977 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\The Sims™ 2 Osiedlowe życie.lnk
[2010-06-29 20:01:05 | 000,000,921 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\The Sims™ 2 Podróże.lnk
[2010-06-29 15:42:09 | 000,000,771 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Titan Quest.lnk
[2010-06-29 15:35:55 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\psfind.dll
[2010-05-03 12:49:30 | 000,000,533 | ---- | C] () -- C:\WINDOWS\Tcsofla.INI
[2010-04-02 21:23:30 | 000,000,010 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2010-04-02 17:17:34 | 000,179,091 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat
[2010-03-07 22:57:39 | 000,000,000 | ---- | C] () -- C:\WINDOWS\EEventManager.INI
[2010-03-07 15:05:06 | 000,000,097 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini
[2009-12-21 21:21:58 | 000,138,464 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2009-12-21 21:21:57 | 000,138,056 | ---- | C] () -- C:\Documents and Settings\Kuba\Dane aplikacji\PnkBstrK.sys
[2009-10-07 18:14:44 | 000,000,000 | ---- | C] () -- C:\WINDOWS\CorelDrw.INI
[2009-09-06 14:41:53 | 000,000,760 | ---- | C] () -- C:\WINDOWS\Thps3.INI
[2009-08-26 08:44:22 | 000,000,291 | ---- | C] () -- C:\WINDOWS\thug2.ini
[2009-08-16 14:07:03 | 000,721,904 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2009-06-19 20:06:22 | 000,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll
[2009-06-19 20:06:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2009-06-19 20:06:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2009-06-19 20:06:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2009-06-19 20:06:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2009-06-19 20:06:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2009-06-19 20:06:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2009-06-19 20:06:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2009-06-19 20:06:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2009-06-19 20:06:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2009-05-07 19:52:38 | 000,000,004 | ---- | C] () -- C:\Documents and Settings\Kuba\Dane aplikacji\wiaserva.log
[2009-02-01 16:39:19 | 000,159,744 | ---- | C] () -- C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009-01-31 20:11:01 | 000,000,917 | ---- | C] () -- C:\WINDOWS\GTA-SA_Trn_Settings.ini
[2009-01-30 16:14:37 | 000,281,504 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys
[2009-01-30 16:14:37 | 000,025,888 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys
[2009-01-29 11:23:29 | 000,168,448 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2009-01-29 11:23:26 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2009-01-29 11:23:26 | 000,795,648 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2009-01-29 11:23:26 | 000,130,048 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2009-01-29 11:23:25 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2009-01-29 11:23:25 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2009-01-28 01:29:53 | 000,000,421 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009-01-22 21:29:23 | 000,041,256 | ---- | C] () -- C:\WINDOWS\System32\drivers\fsbts.sys
[2009-01-20 19:10:24 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2009-01-16 14:12:01 | 000,024,576 | R--- | C] () -- C:\WINDOWS\System32\AsIO.dll
[2009-01-16 14:12:01 | 000,012,400 | R--- | C] () -- C:\WINDOWS\System32\drivers\AsIO.sys
[2009-01-16 14:11:59 | 000,011,832 | ---- | C] () -- C:\WINDOWS\System32\drivers\AsInsHelp64.sys
[2009-01-16 14:11:59 | 000,010,216 | ---- | C] () -- C:\WINDOWS\System32\drivers\AsInsHelp32.sys
[2009-01-16 13:57:06 | 000,037,636 | ---- | C] () -- C:\WINDOWS\Ascd_log.ini
[2009-01-16 13:56:52 | 000,005,810 | R--- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys
[2009-01-16 13:56:43 | 000,037,245 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2009-01-16 13:56:43 | 000,010,296 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2008-11-16 11:11:06 | 000,002,045 | -H-- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\whlb32g.dll
[2008-09-06 12:26:07 | 000,003,972 | ---- | C] () -- C:\WINDOWS\System32\drivers\PciBus.sys
[2008-09-06 12:11:38 | 000,758,272 | ---- | C] () -- C:\WINDOWS\System32\drivers\aec.sys
[2008-09-06 12:11:38 | 000,142,592 | ---- | C] () -- C:\WINDOWS\System32\drivers\aec.sys.bak
[2008-07-26 12:48:00 | 001,724,416 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2008-07-26 12:48:00 | 001,499,136 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2008-07-26 12:48:00 | 001,101,824 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2008-07-26 12:48:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2008-07-26 12:48:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2007-11-21 18:18:56 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2007-11-21 17:31:23 | 000,000,226 | ---- | C] () -- C:\WINDOWS\WINCMD.INI
[2003-04-08 12:40:22 | 000,005,679 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2002-12-31 14:00:00 | 000,000,477 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini

[color=#E56717]========== LOP Check ==========[/color]

[2009-08-16 14:09:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite
[2010-04-06 18:37:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Electronic Arts
[2010-03-07 15:14:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\EPSON
[2009-01-22 21:20:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\f-secure
[2009-07-03 12:46:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\FileOpen
[2009-09-26 07:54:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\fssg
[2010-03-25 16:23:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10
[2010-03-23 17:34:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Last.fm
[2009-11-07 22:30:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Native Instruments
[2009-11-12 23:16:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Panda Security
[2009-07-04 19:18:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\SITEguard
[2009-07-04 20:56:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\STOPzilla!
[2010-01-15 23:29:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Test Drive Unlimited
[2010-06-28 21:43:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Ubisoft
[2010-03-07 15:11:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\UDL
[2009-02-16 16:02:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kuba\Dane aplikacji\BSplayer
[2009-01-29 11:19:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kuba\Dane aplikacji\BSplayer Pro
[2009-05-17 20:06:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kuba\Dane aplikacji\com.imeem.DesktopUploader.6C3F108F466C0F04F30B58747CAA4DF34281133B.1
[2009-08-16 16:13:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kuba\Dane aplikacji\DAEMON Tools Lite
[2009-08-23 23:30:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kuba\Dane aplikacji\DAEMON Tools Pro
[2010-05-24 17:15:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kuba\Dane aplikacji\Epson
[2009-09-26 08:01:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kuba\Dane aplikacji\F-Secure
[2009-07-03 12:46:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kuba\Dane aplikacji\FileOpen
[2010-08-21 13:05:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kuba\Dane aplikacji\foobar2000
[2009-01-21 08:39:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kuba\Dane aplikacji\fretsonfire
[2009-01-20 19:59:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kuba\Dane aplikacji\Gadu-Gadu
[2010-03-25 16:23:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kuba\Dane aplikacji\Gadu-Gadu 10
[2010-06-24 19:15:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kuba\Dane aplikacji\Games
[2010-08-16 15:04:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kuba\Dane aplikacji\gtk-2.0
[2010-04-02 23:05:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kuba\Dane aplikacji\Lionhead Studios
[2010-01-24 13:14:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kuba\Dane aplikacji\Nowe Gadu-Gadu
[2009-10-06 18:14:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kuba\Dane aplikacji\Thinstall
[2010-08-16 18:05:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kuba\Dane aplikacji\Tibia
[2010-04-02 16:11:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kuba\Dane aplikacji\Ubisoft
[2010-08-22 11:16:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kuba\Dane aplikacji\uTorrent
[2010-08-16 14:07:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kuba\Dane aplikacji\ValuSoft

[color=#E56717]========== Purity Check ==========[/color]


< End of report >
[/log]

Tomek01
komentarz
komentarz

Odinstaluj poniższe toolbary, jeśli ich nie korzystasz.

W OTL, w oknie Custom scan/fixes wklej:
[code]:Processes
Explorer.exe

:OTL
O3 - HKLM\..\Toolbar: (Browsing Protection Toolbar) - {265EEE8E-3228-44D3-AEA5-F7FDF5860049} - C:\Program Files\F-Secure Internet Security\NRS\iescript\baselitmus.dll (F-Secure Corporation)
O3 - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O3 - HKLM\..\Toolbar: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O3 - HKU\S-1-5-21-3390725344-390941599-3079006289-1008\..\Toolbar\WebBrowser: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O4 - Startup: C:\Documents and Settings\Kuba\Menu Start\Programy\Autostart\updpxe32.exe ()

:Files
C:\Documents and Settings\Kuba\Dane aplikacji\avdrn.dat

:Commands
[emptytemp]
[start explorer]
[Reboot][/code]

Klikasz run fix, komputer uruchamia się ponownie.


Wrzucasz log z usuwania oraz nowe logi OTL i RSIT.

Jammin69
komentarz
komentarz (edytowane)

Skanowałem kompa anty-wirem i cały czas wyskakuje mi coś takiego : Variant.Bubnix.1 i nie mogę tego usunąć.
Jest na to jakiś sposób ?

log :
[log]ll processes killed
========== PROCESSES ==========
No active process named Explorer.exe was found!
========== OTL ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{265EEE8E-3228-44D3-AEA5-F7FDF5860049} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{265EEE8E-3228-44D3-AEA5-F7FDF5860049}\ deleted successfully.
File Secure Internet Security\NRS\iescript\baselitmus.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{9421DD08-935F-4701-A9CA-22DF90AC4EA6} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9421DD08-935F-4701-A9CA-22DF90AC4EA6}\ deleted successfully.
C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{EE5D279F-081B-4404-994D-C6B60AAEBA6D} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EE5D279F-081B-4404-994D-C6B60AAEBA6D}\ deleted successfully.
File To-Page\EPSON Web-To-Page.dll not found.
Registry value HKEY_USERS\S-1-5-21-3390725344-390941599-3079006289-1008\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{EE5D279F-081B-4404-994D-C6B60AAEBA6D} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EE5D279F-081B-4404-994D-C6B60AAEBA6D}\ not found.
File To-Page\EPSON Web-To-Page.dll not found.
File C:\Documents and Settings\Kuba\Menu Start\Programy\Autostart\updpxe32.exe not found.
========== FILES ==========
File\Folder C:\Documents and Settings\Kuba\Dane aplikacji\avdrn.dat not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Kuba
->Temp folder emptied: 1332240 bytes
->Temporary Internet Files folder emptied: 1540230 bytes
->Java cache emptied: 39183795 bytes
->FireFox cache emptied: 38925901 bytes
->Flash cache emptied: 254132 bytes

User: LocalService
->Temp folder emptied: 65984 bytes
->Temporary Internet Files folder emptied: 32902 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: oem
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 356352 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 667221 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 79,00 mb


OTL by OldTimer - Version 3.2.10.0 log created on 08222010_202046

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...
[/log]

Tomek01
komentarz
komentarz

W jakiej lokalizacji wykrywa to zagrożenie ?

Czekam na pozostałe logi.


[color="#FF0000"]Ps. A drugi wątek który niepotrzebnie założyłeś, usuwam i mam nadzieję, że wiesz dlaczego.[/color]

Jammin69
komentarz
komentarz

Teraz to już i tak po fakcie, bo zrobiłem formata, który nie było robiony przez jakieś półtora roku i zainstalowałem Windowsa. ( wtedy kupiłem komputer )

Tomek01
komentarz
komentarz

Kogoś praca idzie na marne.
Zamykam.

Gość
Ten temat został zamknięty. Brak możliwości dodania odpowiedzi.
Zarejestruj się lub zaloguj, aby dodać nowy temat albo zadaj pytanie bez logowania
×
×
  • Dodaj nową pozycję...

Powiadomienie o plikach cookie

Strona wykorzystuje pliki cookies w celu prawidłowego świadczenia usług i wygody użytkowników. Warunki przechowywania i dostępu do plików cookies możesz zmienić w ustawieniach przeglądarki.