Problemy ze stroną byteseeker.com

[mirekg1963]

Witam! Od jakiegoś czasu mam problemy z pojawiającą się, wraz ze stroną startową, witrynką byteseeker.com. Troszkę liznąłem jakiegoś postu na ten temat ale rozumiem, że jest to w każdym przypadku problem indywidualny ?? W panelu sterowania usunąłem co było konieczne a teraz podaje logi z OTL, proszę zerknijcie w nie i pokierujcie biednego misia

Kod: Zaznacz wszystko

OTL logfile created on: 2010-01-19 10:54:23 - Run 1
OTL by OldTimer - Version 3.1.25.2     Folder = C:\Documents and Settings\admin.XPN19\Pulpit
Windows XP Home Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

447,00 Mb Total Physical Memory | 208,00 Mb Available Physical Memory | 47,00% Memory free
1,00 Gb Paging File | 1,00 Gb Available in Paging File | 79,00% Paging File free
Paging file location(s): C:\pagefile.sys 672 1344 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 39,06 Gb Total Space | 22,28 Gb Free Space | 57,04% Space Free | Partition Type: NTFS
Drive D: | 29,29 Gb Total Space | 26,33 Gb Free Space | 89,90% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: XPN19
Current User Name: admin
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2010-01-19 10:53:51 | 00,547,328 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\admin.XPN19\Pulpit\OTL.exe
PRC - [2009-07-21 13:34:33 | 00,185,089 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2009-05-13 15:48:22 | 00,108,289 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2009-03-02 12:08:47 | 00,209,153 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2008-04-14 18:21:16 | 01,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2005-03-31 10:18:49 | 00,790,528 | ---- | M] (sms-express.com) -- C:\Program Files\Gadu-Gadu\gg.exe


[color=#E56717]========== Modules (SafeList) ==========[/color]

MOD - [2010-01-19 10:53:51 | 00,547,328 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\admin.XPN19\Pulpit\OTL.exe


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - [2009-11-27 16:21:10 | 00,153,376 | ---- | M] (Sun Microsystems, Inc.) [Disabled | Stopped] -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2009-07-21 13:34:33 | 00,185,089 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2009-05-13 15:48:22 | 00,108,289 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2006-10-31 07:35:00 | 00,155,715 | ---- | M] (NVIDIA Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\nvsvc32.exe -- (NVSvc)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - [2009-12-08 10:34:01 | 00,056,816 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2009-05-11 09:12:24 | 00,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009-03-30 09:33:07 | 00,096,104 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2009-02-21 10:21:56 | 00,025,280 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)
DRV - [2009-02-13 11:35:05 | 00,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2009-01-02 15:41:39 | 00,014,656 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\gdrv.sys -- (gdrv)
DRV - [2008-08-20 18:58:58 | 00,044,944 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20)
DRV - [2008-04-13 17:39:16 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv)
DRV - [2008-04-13 17:36:05 | 00,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2007-01-30 11:57:50 | 04,474,368 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2006-11-27 16:33:54 | 00,019,968 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2006-11-27 16:33:50 | 00,058,368 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2006-10-31 07:35:00 | 03,964,256 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2006-10-18 16:31:38 | 00,105,472 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\nvata.sys -- (nvata)
DRV - [2006-06-18 23:51:32 | 00,043,520 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2006-03-02 13:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://home.myquickfinder.com
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 127.0.0.1

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.startup.homepage: "http://www.theprizeday.com/today.php|www.google.pl"
FF - prefs.js..extensions.enabledItems: {8141440E-08F0-4339-9959-5C31C6A69F23}:4.1.0.5290
FF - prefs.js..extensions.enabledItems: {E889F097-B0BE-471B-89AD-B86B6F04B506}:4.1.0.1960
FF - prefs.js..extensions.enabledItems: {40f1eb95-4de4-4f36-a826-054ee36bb905}:2.1.3.0
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20090920.2
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {E63605FC-D583-4C81-867F-9457BDB3EA1B}:4.1.0.2080

FF - HKLM\software\mozilla\Firefox\extensions\\{40f1eb95-4de4-4f36-a826-054ee36bb905}: C:\Program Files\Gameztar Toolbar\2.1.3.6670\FFToolbar [2009-12-18 15:11:49 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\{E63605FC-D583-4C81-867F-9457BDB3EA1B}: C:\Program Files\Web Search Operator\4.1.0.2080\FF [2009-12-18 15:12:22 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\{8141440E-08F0-4339-9959-5C31C6A69F23}: C:\Program Files\Automated Content Enhancer\4.1.0.5290\FF [2009-12-18 15:12:45 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\{E889F097-B0BE-471B-89AD-B86B6F04B506}: C:\Program Files\Customized Platform Advancer\4.1.0.1960\FF [2009-12-18 15:13:24 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.17\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010-01-14 18:46:04 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.17\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010-01-06 11:38:22 | 00,000,000 | ---D | M]

[2009-03-11 12:05:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin.XPN19\Dane aplikacji\Mozilla\Extensions
[2010-01-18 13:20:15 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin.XPN19\Dane aplikacji\Mozilla\Firefox\Profiles\as0k3bd3.default\extensions
[2009-12-07 17:04:05 | 00,000,000 | ---D | M] (Greasemonkey) -- C:\Documents and Settings\admin.XPN19\Dane aplikacji\Mozilla\Firefox\Profiles\as0k3bd3.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2009-09-02 14:52:02 | 00,002,257 | ---- | M] () -- C:\Documents and Settings\admin.XPN19\Dane aplikacji\Mozilla\Firefox\Profiles\as0k3bd3.default\searchplugins\askcom.xml
[2010-01-18 13:20:15 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2008-01-23 07:20:30 | 00,491,520 | ---- | M] (BitComet) -- C:\Program Files\Mozilla Firefox\plugins\npBitCometAgent.dll
[2009-01-09 10:34:24 | 00,120,296 | ---- | M] ( ) -- C:\Program Files\Mozilla Firefox\plugins\npganymedenet.dll
[2009-08-31 13:10:22 | 00,550,400 | ---- | M] (Ganymede Technologies) -- C:\Program Files\Mozilla Firefox\plugins\NPSLOTS70.dll
[2009-07-22 16:35:48 | 00,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml
[2009-02-06 19:43:51 | 00,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml
[2009-02-06 19:43:51 | 00,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml
[2009-02-06 19:43:51 | 00,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml
[2009-02-06 19:43:51 | 00,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml
[2009-02-06 19:43:51 | 00,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml

O1 HOSTS File: ([2009-04-03 08:43:11 | 00,000,686 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\HOSTS
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Documents and Settings\admin.XPN19\Dane aplikacji\Nowe Gadu-Gadu\_userdata\ggbho.1.dll (GG Network S.A.)
O3 - HKLM\..\Toolbar: (no name) - {37B85A29-692B-4205-9CAD-2626E4993404} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Gameztar Toolbar) - {D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2} - C:\Program Files\Gameztar Toolbar\2.1.3.6670\mvb0.dll ()
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {37B85A29-692B-4205-9CAD-2626E4993404} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Gameztar Toolbar) - {D45817B8-3EAD-4D1D-8FCA-EC63A8E35DE2} - C:\Program Files\Gameztar Toolbar\2.1.3.6670\mvb0.dll ()
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKCU..\Run: [Gadu-Gadu] C:\Program Files\Gadu-Gadu\gg.exe (sms-express.com)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 36
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = FF FF FF FF  [binary data]
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {31435657-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/e/2/f/e2fcec4b-6c8b-48b7-adab-ab9c403a978f/wvc1dmo.cab (Reg Error: Key error.)
O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} http://www.mks.com.pl/skaner/SkanerOnline.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {FDDBE2B8-6602-4AD8-946D-94C5A32FA6C5} http://cached.gamedesire.com/g_bin/pl/snooker_2_0_0_35.cab (GameDesire Snooker)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - AppInit_DLLs: (⇫粀��Ề쳀P) -  File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009-01-02 15:30:11 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2009-01-24 10:12:30 | 00,000,000 | ---D | M] - C:\Automap -- [ NTFS ]
O32 - AutoRun File - [2009-06-04 19:42:33 | 00,000,000 | RHSD | M] - C:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2009-06-04 19:42:33 | 00,000,000 | RHSD | M] - D:\autorun.inf -- [ NTFS ]
O33 - MountPoints2\{1ba52f6d-a38e-11de-8a15-001a4d7a076b}\Shell\AutoRun\command - "" = E:\ukvr.bat -- File not found
O33 - MountPoints2\{1ba52f6d-a38e-11de-8a15-001a4d7a076b}\Shell\open\Command - "" = E:\ukvr.bat -- File not found
O33 - MountPoints2\{1c46f444-7c49-11de-892e-001a4d7a076b}\Shell - "" = AutoRun
O33 - MountPoints2\{21cf3667-e985-11de-8b80-001a4d7a076b}\Shell\AutoRun\command - "" = E:\jedna\stvar.exe -- File not found
O33 - MountPoints2\{21cf3667-e985-11de-8b80-001a4d7a076b}\Shell\explore\command - "" = E:\jedna\stvar.exe -- File not found
O33 - MountPoints2\{21cf3667-e985-11de-8b80-001a4d7a076b}\Shell\open\command - "" = E:\jedna\stvar.exe -- File not found
O33 - MountPoints2\{27dbfbe2-3fae-11de-87ed-001a4d7a076b}\Shell - "" = AutoRun
O33 - MountPoints2\{27dbfbe2-3fae-11de-87ed-001a4d7a076b}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -- File not found
O33 - MountPoints2\{34df0488-04f8-11de-86c7-001a4d7a076b}\Shell - "" = AutoRun
O33 - MountPoints2\{39dfb602-8da0-11de-8995-001a4d7a076b}\Shell\AutoRun\command - "" = I:\b00ijwpu.exe -- File not found
O33 - MountPoints2\{39dfb602-8da0-11de-8995-001a4d7a076b}\Shell\open\Command - "" = I:\b00ijwpu.exe -- File not found
O33 - MountPoints2\{3de1f2a0-6a4d-11de-88c4-001a4d7a076b}\Shell\Ouvrir\command - "" = E:\log.exe -- File not found
O33 - MountPoints2\{499e90a6-64b0-11de-88a1-001a4d7a076b}\Shell\AutOplAy\cOMmAnd - "" = E:\gdcfjg.cmd -- File not found
O33 - MountPoints2\{499e90a6-64b0-11de-88a1-001a4d7a076b}\Shell\AutoRun\command - "" = E:\gdcfjg.cmd -- File not found
O33 - MountPoints2\{499e90a6-64b0-11de-88a1-001a4d7a076b}\Shell\exploRe\COmMaND - "" = E:\gdcfjg.cmd -- File not found
O33 - MountPoints2\{499e90a6-64b0-11de-88a1-001a4d7a076b}\Shell\OpEn\commaND - "" = E:\gdcfjg.cmd -- File not found
O33 - MountPoints2\{57750b95-7089-11de-88e1-001a4d7a076b}\Shell\AutoRun\command - "" = F:\cj1m.com -- File not found
O33 - MountPoints2\{57750b95-7089-11de-88e1-001a4d7a076b}\Shell\open\Command - "" = F:\cj1m.com -- File not found
O33 - MountPoints2\{5eff7bce-60df-11de-888e-001a4d7a076b}\Shell - "" = AutoRun
O33 - MountPoints2\{7d9b8a46-4c2b-11de-882c-001a4d7a076b}\Shell\AUtoPlaY\ComMAnd - "" = E:\husev.pif -- File not found
O33 - MountPoints2\{7d9b8a46-4c2b-11de-882c-001a4d7a076b}\Shell\AutoRun\command - "" = E:\husev.pif -- File not found
O33 - MountPoints2\{7d9b8a46-4c2b-11de-882c-001a4d7a076b}\Shell\eXploRe\CommanD - "" = E:\husev.pif -- File not found
O33 - MountPoints2\{7d9b8a46-4c2b-11de-882c-001a4d7a076b}\Shell\oPen\commaND - "" = E:\husev.pif -- File not found
O33 - MountPoints2\{7e17cf8c-5407-11de-8854-001a4d7a076b}\Shell\AutoRun\command - "" = E:\eaywxx.cmd -- File not found
O33 - MountPoints2\{7e17cf8c-5407-11de-8854-001a4d7a076b}\Shell\open\Command - "" = E:\eaywxx.cmd -- File not found
O33 - MountPoints2\{80577b62-46c9-11de-8811-001a4d7a076b}\Shell\AutoRun\command - "" = E:\em8tqm.cmd -- File not found
O33 - MountPoints2\{80577b62-46c9-11de-8811-001a4d7a076b}\Shell\open\Command - "" = E:\em8tqm.cmd -- File not found
O33 - MountPoints2\{88a02643-f5f2-11de-8bae-001a4d7a076b}\Shell\AutoRun\command - "" = F:\9g86.exe -- File not found
O33 - MountPoints2\{88a02643-f5f2-11de-8bae-001a4d7a076b}\Shell\open\Command - "" = F:\9g86.exe -- File not found
O33 - MountPoints2\{9014f952-cf96-11de-8b01-001a4d7a076b}\Shell - "" = AutoRun
O33 - MountPoints2\{9014f952-cf96-11de-8b01-001a4d7a076b}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -- File not found
O33 - MountPoints2\{9055c5e1-2032-11de-8761-001a4d7a076b}\Shell\AutoRun\command - "" = E:\SYSTEM\S-1-5-21-1482476501-1644491937-682003330-1013\system32.exe -- File not found
O33 - MountPoints2\{9055c5e1-2032-11de-8761-001a4d7a076b}\Shell\open\command - "" = E:\SYSTEM\S-1-5-21-1482476501-1644491937-682003330-1013\system32.exe -- File not found
O33 - MountPoints2\{90e55327-e365-11de-8b63-001a4d7a076b}\Shell\AutoRun\command - "" = E:\m9ma.exe -- File not found
O33 - MountPoints2\{90e55327-e365-11de-8b63-001a4d7a076b}\Shell\explore\Command - "" = E:\m9ma.exe -- File not found
O33 - MountPoints2\{90e55327-e365-11de-8b63-001a4d7a076b}\Shell\open\Command - "" = E:\m9ma.exe -- File not found
O33 - MountPoints2\{9398bd4c-9088-11de-89a1-001a4d7a076b}\Shell\AutoRun\command - "" = E:\wx8o0bt1.com -- File not found
O33 - MountPoints2\{9398bd4c-9088-11de-89a1-001a4d7a076b}\Shell\open\Command - "" = E:\wx8o0bt1.com -- File not found
O33 - MountPoints2\{951b5bc8-1e00-11de-8746-001a4d7a076b}\Shell - "" = AutoRun
O33 - MountPoints2\{951b5bc9-1e00-11de-8746-001a4d7a076b}\Shell - "" = AutoRun
O33 - MountPoints2\{951b5bc9-1e00-11de-8746-001a4d7a076b}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -- File not found
O33 - MountPoints2\{99816816-e244-11dd-8621-001a4d7a076b}\Shell - "" = AutoRun
O33 - MountPoints2\{99816816-e244-11dd-8621-001a4d7a076b}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -- File not found
O33 - MountPoints2\{99d0314c-e0c6-11dd-8619-001a4d7a076b}\Shell\AutoRun\command - "" = E:\uvsqfgwd.cmd -- File not found
O33 - MountPoints2\{99d0314c-e0c6-11dd-8619-001a4d7a076b}\Shell\open\Command - "" = E:\uvsqfgwd.cmd -- File not found
O33 - MountPoints2\{9d9d88e4-107b-11de-8702-001a4d7a076b}\Shell\AutoRun\command - "" = E:\i.cmd -- File not found
O33 - MountPoints2\{9d9d88e4-107b-11de-8702-001a4d7a076b}\Shell\open\Command - "" = E:\i.cmd -- File not found
O33 - MountPoints2\{ace221c6-8e3d-11de-8998-001a4d7a076b}\Shell - "" = AutoRun
O33 - MountPoints2\{bd1cb91a-5b18-11de-8871-001a4d7a076b}\Shell\AutoRun\command - "" = E:\gpcdt.cmd -- File not found
O33 - MountPoints2\{bd1cb91a-5b18-11de-8871-001a4d7a076b}\Shell\open\Command - "" = E:\gpcdt.cmd -- File not found
O33 - MountPoints2\{c514ecf8-0410-11df-8bee-001a4d7a076b}\Shell\AutoRun\command - "" = E:\RECYCLER\autorun.exe -- File not found
O33 - MountPoints2\{c514ecf8-0410-11df-8bee-001a4d7a076b}\Shell\open\command - "" = E:\RECYCLER\autorun.exe -- File not found
O33 - MountPoints2\{c514ecf9-0410-11df-8bee-001a4d7a076b}\Shell\AutoRun\command - "" = E:\RECYCLER\autorun.exe -- File not found
O33 - MountPoints2\{c514ecf9-0410-11df-8bee-001a4d7a076b}\Shell\open\command - "" = E:\RECYCLER\autorun.exe -- File not found
O33 - MountPoints2\{c89277bc-17ce-11de-8729-001a4d7a076b}\Shell - "" = AutoRun
O33 - MountPoints2\{c89277bc-17ce-11de-8729-001a4d7a076b}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -- File not found
O33 - MountPoints2\{c9723cce-b8c5-11de-8a95-001a4d7a076b}\Shell\AutoRun\command - "" = E:\ctu8r.exe -- File not found
O33 - MountPoints2\{c9723cce-b8c5-11de-8a95-001a4d7a076b}\Shell\open\Command - "" = E:\ctu8r.exe -- File not found
O33 - MountPoints2\{cfc5a06a-7384-11de-88f7-001a4d7a076b}\Shell\AutoRun\command - "" = E:\RECYCLER32\dmgr.exe -- File not found
O33 - MountPoints2\{cfc5a06a-7384-11de-88f7-001a4d7a076b}\Shell\open\command - "" = E:\RECYCLER32\dmgr.exe -- File not found
O33 - MountPoints2\{d2391c4b-5778-11de-8867-001a4d7a076b}\Shell - "" = AutoRun
O33 - MountPoints2\{d2391c4c-5778-11de-8867-001a4d7a076b}\Shell - "" = AutoRun
O33 - MountPoints2\{d3e4704c-acf3-11de-8a43-001a4d7a076b}\Shell\AutoRun\command - "" = E:\2o1ajagt.exe -- File not found
O33 - MountPoints2\{d3e4704c-acf3-11de-8a43-001a4d7a076b}\Shell\open\Command - "" = E:\2o1ajagt.exe -- File not found
O33 - MountPoints2\{deafe105-9273-11de-89af-001a4d7a076b}\Shell\AUtopLAy\comMaND - "" = E:\pituyb.exe -- File not found
O33 - MountPoints2\{deafe105-9273-11de-89af-001a4d7a076b}\Shell\AutoRun\command - "" = E:\pituyb.exe -- File not found
O33 - MountPoints2\{deafe105-9273-11de-89af-001a4d7a076b}\Shell\ExPlorE\COmManD - "" = E:\pituyb.exe -- File not found
O33 - MountPoints2\{deafe105-9273-11de-89af-001a4d7a076b}\Shell\oPeN\CommAnd - "" = E:\pituyb.exe -- File not found
O33 - MountPoints2\{e30c1a65-51b6-11de-8849-001a4d7a076b}\Shell\AutoRun\command - "" = E:\3.cmd -- File not found
O33 - MountPoints2\{e30c1a65-51b6-11de-8849-001a4d7a076b}\Shell\open\Command - "" = E:\3.cmd -- File not found
O33 - MountPoints2\{e5690a16-2397-11de-8772-001a4d7a076b}\Shell\AutoRun\command - "" = E:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\ise32.exe -- File not found
O33 - MountPoints2\{e5690a16-2397-11de-8772-001a4d7a076b}\Shell\open\command - "" = E:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\ise32.exe -- File not found
O33 - MountPoints2\{f28fadac-4080-11de-87f1-001a4d7a076b}\Shell\AutoRun\command - "" = E:\dbrxubcw.com -- File not found
O33 - MountPoints2\{f28fadac-4080-11de-87f1-001a4d7a076b}\Shell\open\Command - "" = E:\dbrxubcw.com -- File not found
O33 - MountPoints2\{fb9f7f50-5f50-11de-8886-001a4d7a076b}\Shell - "" = AutoRun
O33 - MountPoints2\{ff40dc79-e3d1-11dd-862a-001a4d7a076b}\Shell\AutoRun\command - "" = E:\sv8c2bjw.bat -- File not found
O33 - MountPoints2\{ff40dc79-e3d1-11dd-862a-001a4d7a076b}\Shell\open\Command - "" = E:\sv8c2bjw.bat -- File not found
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\LaunchU3.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2010-01-19 10:53:39 | 00,547,328 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\admin.XPN19\Pulpit\OTL.exe
[2010-01-19 10:02:26 | 00,000,000 | ---D | C] -- C:\Program Files\Eusing Free Registry Cleaner
[2010-01-19 09:58:10 | 00,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Dokumenty\Eusing Free Registry Cleaner 2.5
[2010-01-16 10:18:24 | 00,000,000 | ---D | C] -- C:\Program Files\Odkurzacz
[2010-01-13 21:11:42 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\NCH Software
[2010-01-13 21:11:34 | 00,000,000 | ---D | C] -- C:\Program Files\NCH Software
[2010-01-13 10:28:50 | 00,471,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aclayers.dll
[2010-01-11 20:43:23 | 00,000,000 | ---D | C] -- C:\Program Files\Dragon Ball Z Online 2 v1.988
[2010-01-02 14:21:34 | 00,000,000 | ---D | C] -- C:\Program Files\VirtualBus
[2009-11-27 12:52:24 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Dane aplikacji\Adobe
[2009-09-30 19:23:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Google
[2009-09-30 19:18:28 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Google
[2009-03-10 17:42:26 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Microsoft
[2009-02-23 10:36:44 | 00,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Dane aplikacji\Microsoft
[2009-01-02 15:32:58 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Microsoft
[2009-01-02 15:30:03 | 00,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Dane aplikacji\Microsoft
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2010-01-19 10:56:57 | 00,000,462 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{ADD848C3-9C1F-4533-90AE-10FC110C0051}.job
[2010-01-19 10:56:00 | 00,001,144 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1275210071-308236825-725345543-1004UA.job
[2010-01-19 10:53:51 | 00,547,328 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\admin.XPN19\Pulpit\OTL.exe
[2010-01-19 10:51:33 | 00,081,496 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2010-01-19 10:51:29 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010-01-19 10:51:25 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010-01-19 10:50:40 | 04,194,304 | ---- | M] () -- C:\Documents and Settings\admin.XPN19\NTUSER.DAT
[2010-01-19 10:50:40 | 00,000,188 | -HS- | M] () -- C:\Documents and Settings\admin.XPN19\ntuser.ini
[2010-01-19 10:50:35 | 03,729,718 | -H-- | M] () -- C:\Documents and Settings\admin.XPN19\Ustawienia lokalne\Dane aplikacji\IconCache.db
[2010-01-18 20:56:02 | 00,001,092 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1275210071-308236825-725345543-1004Core.job
[2010-01-18 10:05:37 | 00,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010-01-16 12:20:50 | 00,000,653 | ---- | M] () -- C:\Documents and Settings\admin.XPN19\Pulpit\Gadu-Gadu.lnk
[2010-01-16 10:30:06 | 00,000,542 | ---- | M] () -- C:\WINDOWS\win.ini
[2010-01-16 10:30:06 | 00,000,293 | RHS- | M] () -- C:\boot.ini
[2010-01-16 10:30:06 | 00,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2010-01-15 17:32:00 | 00,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2010-01-15 11:14:40 | 00,017,672 | ---- | M] () -- C:\Documents and Settings\admin.XPN19\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT
[2010-01-12 09:50:58 | 00,115,768 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010-01-07 17:19:29 | 00,002,267 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Skype.lnk
[2009-12-21 21:19:56 | 01,529,938 | ---- | M] () -- C:\Documents and Settings\admin.XPN19\Pulpit\gg6.zip
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2009-12-21 21:19:51 | 01,529,938 | ---- | C] () -- C:\Documents and Settings\admin.XPN19\Pulpit\gg6.zip
[2009-08-10 10:19:43 | 00,000,479 | ---- | C] () -- C:\WINDOWS\WINCMD.INI
[2009-05-09 09:49:43 | 00,000,666 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2009-05-05 18:31:18 | 00,000,161 | ---- | C] () -- C:\WINDOWS\l33td.ini
[2009-03-20 10:32:20 | 00,044,544 | ---- | C] () -- C:\Documents and Settings\admin.XPN19\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009-03-11 11:15:11 | 00,076,407 | ---- | C] () -- C:\Documents and Settings\admin.XPN19\Dane aplikacji\Smiley.ico
[2009-03-03 20:18:53 | 00,164,352 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2009-03-03 20:18:52 | 00,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2009-03-03 20:18:48 | 00,815,104 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2009-03-03 20:18:47 | 00,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2009-03-03 20:18:46 | 03,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2009-03-03 20:18:44 | 00,007,680 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2009-03-03 20:18:44 | 00,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2009-02-23 10:14:48 | 00,000,197 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2009-02-17 17:16:59 | 00,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2006-10-31 07:35:00 | 01,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2006-10-31 07:35:00 | 01,470,464 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2006-10-31 07:35:00 | 01,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2006-10-31 07:35:00 | 00,581,632 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[2006-10-31 07:35:00 | 00,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2006-10-31 07:35:00 | 00,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2006-10-31 07:35:00 | 00,196,608 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll
[2006-04-07 13:23:51 | 00,074,240 | ---- | C] () -- C:\WINDOWS\System32\zlib.dll

[color=#E56717]========== Alternate Data Streams ==========[/color]

@Alternate Data Stream - 134 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:671329E4
@Alternate Data Stream - 121 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:CF778051
< End of report >


[wojtas]

Uruchom OTL i w oknie Custom Scans/Fixes wklej :

:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://home.myquickfinder.com
FF - prefs.js..browser.startup.homepage: "http://www.theprizeday.com/today.php|www.google.pl"
FF - prefs.js..extensions.enabledItems: {8141440E-08F0-4339-9959-5C31C6A69F23}:4.1.0.5290
FF - prefs.js..extensions.enabledItems: {E889F097-B0BE-471B-89AD-B86B6F04B506}:4.1.0.1960
FF - prefs.js..extensions.enabledItems: {40f1eb95-4de4-4f36-a826-054ee36bb905}:2.1.3.0
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20090920.2
FF - prefs.js..extensions.enabledItems: {E63605FC-D583-4C81-867F-9457BDB3EA1B}:4.1.0.2080
FF - HKLM\software\mozilla\Firefox\extensions\\{40f1eb95-4de4-4f36-a826-054ee36bb905}: C:\Program Files\Gameztar Toolbar\2.1.3.6670\FFToolbar [2009-12-18 15:11:49 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\{E63605FC-D583-4C81-867F-9457BDB3EA1B}: C:\Program Files\Web Search Operator\4.1.0.2080\FF [2009-12-18 15:12:22 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\{8141440E-08F0-4339-9959-5C31C6A69F23}: C:\Program Files\Automated Content Enhancer\4.1.0.5290\FF [2009-12-18 15:12:45 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\{E889F097-B0BE-471B-89AD-B86B6F04B506}: C:\Program Files\Customized Platform Advancer\4.1.0.1960\FF [2009-12-18 15:13:24 | 00,000,000 | ---D | M]
O3 - HKLM\..\Toolbar: (no name) - {37B85A29-692B-4205-9CAD-2626E4993404} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Gameztar Toolbar) - {D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2} - C:\Program Files\Gameztar Toolbar\2.1.3.6670\mvb0.dll ()
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {37B85A29-692B-4205-9CAD-2626E4993404} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Gameztar Toolbar) - {D45817B8-3EAD-4D1D-8FCA-EC63A8E35DE2} - C:\Program Files\Gameztar Toolbar\2.1.3.6670\mvb0.dll ()
O32 - AutoRun File - [2009-01-24 10:12:30 | 00,000,000 | ---D | M] - C:\Automap -- [ NTFS ]
O32 - AutoRun File - [2009-06-04 19:42:33 | 00,000,000 | RHSD | M] - C:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2009-06-04 19:42:33 | 00,000,000 | RHSD | M] - D:\autorun.inf -- [ NTFS ]
O33 - MountPoints2\{1ba52f6d-a38e-11de-8a15-001a4d7a076b}\Shell\AutoRun\command - "" = E:\ukvr.bat -- File not found
O33 - MountPoints2\{1ba52f6d-a38e-11de-8a15-001a4d7a076b}\Shell\open\Command - "" = E:\ukvr.bat -- File not found
O33 - MountPoints2\{1c46f444-7c49-11de-892e-001a4d7a076b}\Shell - "" = AutoRun
O33 - MountPoints2\{21cf3667-e985-11de-8b80-001a4d7a076b}\Shell\AutoRun\command - "" = E:\jedna\stvar.exe -- File not found
O33 - MountPoints2\{21cf3667-e985-11de-8b80-001a4d7a076b}\Shell\explore\command - "" = E:\jedna\stvar.exe -- File not found
O33 - MountPoints2\{21cf3667-e985-11de-8b80-001a4d7a076b}\Shell\open\command - "" = E:\jedna\stvar.exe -- File not found
O33 - MountPoints2\{27dbfbe2-3fae-11de-87ed-001a4d7a076b}\Shell - "" = AutoRun
O33 - MountPoints2\{27dbfbe2-3fae-11de-87ed-001a4d7a076b}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -- File not found
O33 - MountPoints2\{34df0488-04f8-11de-86c7-001a4d7a076b}\Shell - "" = AutoRun
O33 - MountPoints2\{39dfb602-8da0-11de-8995-001a4d7a076b}\Shell\AutoRun\command - "" = I:\b00ijwpu.exe -- File not found
O33 - MountPoints2\{39dfb602-8da0-11de-8995-001a4d7a076b}\Shell\open\Command - "" = I:\b00ijwpu.exe -- File not found
O33 - MountPoints2\{3de1f2a0-6a4d-11de-88c4-001a4d7a076b}\Shell\Ouvrir\command - "" = E:\log.exe -- File not found
O33 - MountPoints2\{499e90a6-64b0-11de-88a1-001a4d7a076b}\Shell\AutOplAy\cOMmAnd - "" = E:\gdcfjg.cmd -- File not found
O33 - MountPoints2\{499e90a6-64b0-11de-88a1-001a4d7a076b}\Shell\AutoRun\command - "" = E:\gdcfjg.cmd -- File not found
O33 - MountPoints2\{499e90a6-64b0-11de-88a1-001a4d7a076b}\Shell\exploRe\COmMaND - "" = E:\gdcfjg.cmd -- File not found
O33 - MountPoints2\{499e90a6-64b0-11de-88a1-001a4d7a076b}\Shell\OpEn\commaND - "" = E:\gdcfjg.cmd -- File not found
O33 - MountPoints2\{57750b95-7089-11de-88e1-001a4d7a076b}\Shell\AutoRun\command - "" = F:\cj1m.com -- File not found
O33 - MountPoints2\{57750b95-7089-11de-88e1-001a4d7a076b}\Shell\open\Command - "" = F:\cj1m.com -- File not found
O33 - MountPoints2\{5eff7bce-60df-11de-888e-001a4d7a076b}\Shell - "" = AutoRun
O33 - MountPoints2\{7d9b8a46-4c2b-11de-882c-001a4d7a076b}\Shell\AUtoPlaY\ComMAnd - "" = E:\husev.pif -- File not found
O33 - MountPoints2\{7d9b8a46-4c2b-11de-882c-001a4d7a076b}\Shell\AutoRun\command - "" = E:\husev.pif -- File not found
O33 - MountPoints2\{7d9b8a46-4c2b-11de-882c-001a4d7a076b}\Shell\eXploRe\CommanD - "" = E:\husev.pif -- File not found
O33 - MountPoints2\{7d9b8a46-4c2b-11de-882c-001a4d7a076b}\Shell\oPen\commaND - "" = E:\husev.pif -- File not found
O33 - MountPoints2\{7e17cf8c-5407-11de-8854-001a4d7a076b}\Shell\AutoRun\command - "" = E:\eaywxx.cmd -- File not found
O33 - MountPoints2\{7e17cf8c-5407-11de-8854-001a4d7a076b}\Shell\open\Command - "" = E:\eaywxx.cmd -- File not found
O33 - MountPoints2\{80577b62-46c9-11de-8811-001a4d7a076b}\Shell\AutoRun\command - "" = E:\em8tqm.cmd -- File not found
O33 - MountPoints2\{80577b62-46c9-11de-8811-001a4d7a076b}\Shell\open\Command - "" = E:\em8tqm.cmd -- File not found
O33 - MountPoints2\{88a02643-f5f2-11de-8bae-001a4d7a076b}\Shell\AutoRun\command - "" = F:\9g86.exe -- File not found
O33 - MountPoints2\{88a02643-f5f2-11de-8bae-001a4d7a076b}\Shell\open\Command - "" = F:\9g86.exe -- File not found
O33 - MountPoints2\{9014f952-cf96-11de-8b01-001a4d7a076b}\Shell - "" = AutoRun
O33 - MountPoints2\{9014f952-cf96-11de-8b01-001a4d7a076b}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -- File not found
O33 - MountPoints2\{9055c5e1-2032-11de-8761-001a4d7a076b}\Shell\AutoRun\command - "" = E:\SYSTEM\S-1-5-21-1482476501-1644491937-682003330-1013\system32.exe -- File not found
O33 - MountPoints2\{9055c5e1-2032-11de-8761-001a4d7a076b}\Shell\open\command - "" = E:\SYSTEM\S-1-5-21-1482476501-1644491937-682003330-1013\system32.exe -- File not found
O33 - MountPoints2\{90e55327-e365-11de-8b63-001a4d7a076b}\Shell\AutoRun\command - "" = E:\m9ma.exe -- File not found
O33 - MountPoints2\{90e55327-e365-11de-8b63-001a4d7a076b}\Shell\explore\Command - "" = E:\m9ma.exe -- File not found
O33 - MountPoints2\{90e55327-e365-11de-8b63-001a4d7a076b}\Shell\open\Command - "" = E:\m9ma.exe -- File not found
O33 - MountPoints2\{9398bd4c-9088-11de-89a1-001a4d7a076b}\Shell\AutoRun\command - "" = E:\wx8o0bt1.com -- File not found
O33 - MountPoints2\{9398bd4c-9088-11de-89a1-001a4d7a076b}\Shell\open\Command - "" = E:\wx8o0bt1.com -- File not found
O33 - MountPoints2\{951b5bc8-1e00-11de-8746-001a4d7a076b}\Shell - "" = AutoRun
O33 - MountPoints2\{951b5bc9-1e00-11de-8746-001a4d7a076b}\Shell - "" = AutoRun
O33 - MountPoints2\{951b5bc9-1e00-11de-8746-001a4d7a076b}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -- File not found
O33 - MountPoints2\{99816816-e244-11dd-8621-001a4d7a076b}\Shell - "" = AutoRun
O33 - MountPoints2\{99816816-e244-11dd-8621-001a4d7a076b}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -- File not found
O33 - MountPoints2\{99d0314c-e0c6-11dd-8619-001a4d7a076b}\Shell\AutoRun\command - "" = E:\uvsqfgwd.cmd -- File not found
O33 - MountPoints2\{99d0314c-e0c6-11dd-8619-001a4d7a076b}\Shell\open\Command - "" = E:\uvsqfgwd.cmd -- File not found
O33 - MountPoints2\{9d9d88e4-107b-11de-8702-001a4d7a076b}\Shell\AutoRun\command - "" = E:\i.cmd -- File not found
O33 - MountPoints2\{9d9d88e4-107b-11de-8702-001a4d7a076b}\Shell\open\Command - "" = E:\i.cmd -- File not found
O33 - MountPoints2\{ace221c6-8e3d-11de-8998-001a4d7a076b}\Shell - "" = AutoRun
O33 - MountPoints2\{bd1cb91a-5b18-11de-8871-001a4d7a076b}\Shell\AutoRun\command - "" = E:\gpcdt.cmd -- File not found
O33 - MountPoints2\{bd1cb91a-5b18-11de-8871-001a4d7a076b}\Shell\open\Command - "" = E:\gpcdt.cmd -- File not found
O33 - MountPoints2\{c514ecf8-0410-11df-8bee-001a4d7a076b}\Shell\AutoRun\command - "" = E:\RECYCLER\autorun.exe -- File not found
O33 - MountPoints2\{c514ecf8-0410-11df-8bee-001a4d7a076b}\Shell\open\command - "" = E:\RECYCLER\autorun.exe -- File not found
O33 - MountPoints2\{c514ecf9-0410-11df-8bee-001a4d7a076b}\Shell\AutoRun\command - "" = E:\RECYCLER\autorun.exe -- File not found
O33 - MountPoints2\{c514ecf9-0410-11df-8bee-001a4d7a076b}\Shell\open\command - "" = E:\RECYCLER\autorun.exe -- File not found
O33 - MountPoints2\{c89277bc-17ce-11de-8729-001a4d7a076b}\Shell - "" = AutoRun
O33 - MountPoints2\{c89277bc-17ce-11de-8729-001a4d7a076b}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -- File not found
O33 - MountPoints2\{c9723cce-b8c5-11de-8a95-001a4d7a076b}\Shell\AutoRun\command - "" = E:\ctu8r.exe -- File not found
O33 - MountPoints2\{c9723cce-b8c5-11de-8a95-001a4d7a076b}\Shell\open\Command - "" = E:\ctu8r.exe -- File not found
O33 - MountPoints2\{cfc5a06a-7384-11de-88f7-001a4d7a076b}\Shell\AutoRun\command - "" = E:\RECYCLER32\dmgr.exe -- File not found
O33 - MountPoints2\{cfc5a06a-7384-11de-88f7-001a4d7a076b}\Shell\open\command - "" = E:\RECYCLER32\dmgr.exe -- File not found
O33 - MountPoints2\{d2391c4b-5778-11de-8867-001a4d7a076b}\Shell - "" = AutoRun
O33 - MountPoints2\{d2391c4c-5778-11de-8867-001a4d7a076b}\Shell - "" = AutoRun
O33 - MountPoints2\{d3e4704c-acf3-11de-8a43-001a4d7a076b}\Shell\AutoRun\command - "" = E:\2o1ajagt.exe -- File not found
O33 - MountPoints2\{d3e4704c-acf3-11de-8a43-001a4d7a076b}\Shell\open\Command - "" = E:\2o1ajagt.exe -- File not found
O33 - MountPoints2\{deafe105-9273-11de-89af-001a4d7a076b}\Shell\AUtopLAy\comMaND - "" = E:\pituyb.exe -- File not found
O33 - MountPoints2\{deafe105-9273-11de-89af-001a4d7a076b}\Shell\AutoRun\command - "" = E:\pituyb.exe -- File not found
O33 - MountPoints2\{deafe105-9273-11de-89af-001a4d7a076b}\Shell\ExPlorE\COmManD - "" = E:\pituyb.exe -- File not found
O33 - MountPoints2\{deafe105-9273-11de-89af-001a4d7a076b}\Shell\oPeN\CommAnd - "" = E:\pituyb.exe -- File not found
O33 - MountPoints2\{e30c1a65-51b6-11de-8849-001a4d7a076b}\Shell\AutoRun\command - "" = E:\3.cmd -- File not found
O33 - MountPoints2\{e30c1a65-51b6-11de-8849-001a4d7a076b}\Shell\open\Command - "" = E:\3.cmd -- File not found
O33 - MountPoints2\{e5690a16-2397-11de-8772-001a4d7a076b}\Shell\AutoRun\command - "" = E:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\ise32.exe -- File not found
O33 - MountPoints2\{e5690a16-2397-11de-8772-001a4d7a076b}\Shell\open\command - "" = E:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\ise32.exe -- File not found
O33 - MountPoints2\{f28fadac-4080-11de-87f1-001a4d7a076b}\Shell\AutoRun\command - "" = E:\dbrxubcw.com -- File not found
O33 - MountPoints2\{f28fadac-4080-11de-87f1-001a4d7a076b}\Shell\open\Command - "" = E:\dbrxubcw.com -- File not found
O33 - MountPoints2\{fb9f7f50-5f50-11de-8886-001a4d7a076b}\Shell - "" = AutoRun
O33 - MountPoints2\{ff40dc79-e3d1-11dd-862a-001a4d7a076b}\Shell\AutoRun\command - "" = E:\sv8c2bjw.bat -- File not found
O33 - MountPoints2\{ff40dc79-e3d1-11dd-862a-001a4d7a076b}\Shell\open\Command - "" = E:\sv8c2bjw.bat -- File not found
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\LaunchU3.exe -- File not found

:Files
C:\Program Files\Gameztar Toolbar
C:\Documents and Settings\admin.XPN19\Dane aplikacji\Mozilla\Firefox\Profiles\as0k3bd3.default\searchplugins\askcom.xml
C:\Program Files\Web Search Operator
C:\Program Files\Automated Content Enhancer
C:\Program Files\Customized Platform Advancer

:Reg
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced]
"SuperHidden"=dword:00000001
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced]
"Hidden"=dword:00000001
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced]
"ShowSuperHidden"=dword:00000001
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL]
"CheckedValue"=dword:00000001
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\SuperHidden\Policy\DontShowSuperHidden]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\SuperHidden\Policy\DontShowSuperHidden]
@=""

:Commands
[emptytemp]

Kliknij w Run Fix. I potwierdz reset kompa .

Następnie uruchamiasz OTL z opcją Run Scan. Pokazujesz nowy log OTL.txt oraz raport z czyszczenia komputera

[mirekg1963]

Witam! Przesyłam logi z czyszczenia

Kod: Zaznacz wszystko

All processes killed
========== OTL ==========
No active process named explorer.exe was found!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Prefs.js: "http://www.theprizeday.com/today.php|www.google.pl" removed from browser.startup.homepage
Prefs.js: {8141440E-08F0-4339-9959-5C31C6A69F23}:4.1.0.5290 removed from extensions.enabledItems
Prefs.js: {E889F097-B0BE-471B-89AD-B86B6F04B506}:4.1.0.1960 removed from extensions.enabledItems
Prefs.js: {40f1eb95-4de4-4f36-a826-054ee36bb905}:2.1.3.0 removed from extensions.enabledItems
Prefs.js: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20090920.2 removed from extensions.enabledItems
Prefs.js: {E63605FC-D583-4C81-867F-9457BDB3EA1B}:4.1.0.2080 removed from extensions.enabledItems
Registry value HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{40f1eb95-4de4-4f36-a826-054ee36bb905} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{40f1eb95-4de4-4f36-a826-054ee36bb905}\ not found.
C:\Program Files\Gameztar Toolbar\2.1.3.6670\FFToolbar\searchplugins folder moved successfully.
C:\Program Files\Gameztar Toolbar\2.1.3.6670\FFToolbar\components folder moved successfully.
C:\Program Files\Gameztar Toolbar\2.1.3.6670\FFToolbar\chrome\locale\en-US folder moved successfully.
C:\Program Files\Gameztar Toolbar\2.1.3.6670\FFToolbar\chrome\locale folder moved successfully.
C:\Program Files\Gameztar Toolbar\2.1.3.6670\FFToolbar\chrome folder moved successfully.
C:\Program Files\Gameztar Toolbar\2.1.3.6670\FFToolbar folder moved successfully.
Registry value HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{E63605FC-D583-4C81-867F-9457BDB3EA1B} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E63605FC-D583-4C81-867F-9457BDB3EA1B}\ not found.
Folder move failed. C:\Program Files\Web Search Operator\4.1.0.2080\FF scheduled to be moved on reboot.
Registry value HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{8141440E-08F0-4339-9959-5C31C6A69F23} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8141440E-08F0-4339-9959-5C31C6A69F23}\ not found.
Folder move failed. C:\Program Files\Automated Content Enhancer\4.1.0.5290\FF scheduled to be moved on reboot.
Registry value HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{E889F097-B0BE-471B-89AD-B86B6F04B506} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E889F097-B0BE-471B-89AD-B86B6F04B506}\ not found.
Folder move failed. C:\Program Files\Customized Platform Advancer\4.1.0.1960\FF scheduled to be moved on reboot.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{37B85A29-692B-4205-9CAD-2626E4993404} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{37B85A29-692B-4205-9CAD-2626E4993404}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\ not found.
File C:\Program Files\Gameztar Toolbar\2.1.3.6670\mvb0.dll not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\\{D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{37B85A29-692B-4205-9CAD-2626E4993404} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{37B85A29-692B-4205-9CAD-2626E4993404}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D45817B8-3EAD-4D1D-8FCA-EC63A8E35DE2} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D45817B8-3EAD-4D1D-8FCA-EC63A8E35DE2}\ not found.
File C:\Program Files\Gameztar Toolbar\2.1.3.6670\mvb0.dll not found.
File  not found.
File  not found.
File  not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1ba52f6d-a38e-11de-8a15-001a4d7a076b}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1ba52f6d-a38e-11de-8a15-001a4d7a076b}\ not found.
File E:\ukvr.bat not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1ba52f6d-a38e-11de-8a15-001a4d7a076b}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1ba52f6d-a38e-11de-8a15-001a4d7a076b}\ not found.
File E:\ukvr.bat not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1c46f444-7c49-11de-892e-001a4d7a076b}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1c46f444-7c49-11de-892e-001a4d7a076b}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{21cf3667-e985-11de-8b80-001a4d7a076b}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{21cf3667-e985-11de-8b80-001a4d7a076b}\ not found.
File E:\jedna\stvar.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{21cf3667-e985-11de-8b80-001a4d7a076b}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{21cf3667-e985-11de-8b80-001a4d7a076b}\ not found.
File E:\jedna\stvar.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{21cf3667-e985-11de-8b80-001a4d7a076b}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{21cf3667-e985-11de-8b80-001a4d7a076b}\ not found.
File E:\jedna\stvar.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{27dbfbe2-3fae-11de-87ed-001a4d7a076b}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{27dbfbe2-3fae-11de-87ed-001a4d7a076b}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{27dbfbe2-3fae-11de-87ed-001a4d7a076b}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{27dbfbe2-3fae-11de-87ed-001a4d7a076b}\ not found.
File E:\LaunchU3.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{34df0488-04f8-11de-86c7-001a4d7a076b}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{34df0488-04f8-11de-86c7-001a4d7a076b}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{39dfb602-8da0-11de-8995-001a4d7a076b}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{39dfb602-8da0-11de-8995-001a4d7a076b}\ not found.
File I:\b00ijwpu.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{39dfb602-8da0-11de-8995-001a4d7a076b}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{39dfb602-8da0-11de-8995-001a4d7a076b}\ not found.
File I:\b00ijwpu.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3de1f2a0-6a4d-11de-88c4-001a4d7a076b}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3de1f2a0-6a4d-11de-88c4-001a4d7a076b}\ not found.
File E:\log.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{499e90a6-64b0-11de-88a1-001a4d7a076b}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{499e90a6-64b0-11de-88a1-001a4d7a076b}\ not found.
File E:\gdcfjg.cmd not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{499e90a6-64b0-11de-88a1-001a4d7a076b}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{499e90a6-64b0-11de-88a1-001a4d7a076b}\ not found.
File E:\gdcfjg.cmd not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{499e90a6-64b0-11de-88a1-001a4d7a076b}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{499e90a6-64b0-11de-88a1-001a4d7a076b}\ not found.
File E:\gdcfjg.cmd not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{499e90a6-64b0-11de-88a1-001a4d7a076b}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{499e90a6-64b0-11de-88a1-001a4d7a076b}\ not found.
File E:\gdcfjg.cmd not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{57750b95-7089-11de-88e1-001a4d7a076b}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{57750b95-7089-11de-88e1-001a4d7a076b}\ not found.
File F:\cj1m.com not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{57750b95-7089-11de-88e1-001a4d7a076b}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{57750b95-7089-11de-88e1-001a4d7a076b}\ not found.
File F:\cj1m.com not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5eff7bce-60df-11de-888e-001a4d7a076b}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5eff7bce-60df-11de-888e-001a4d7a076b}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7d9b8a46-4c2b-11de-882c-001a4d7a076b}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7d9b8a46-4c2b-11de-882c-001a4d7a076b}\ not found.
File E:\husev.pif not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7d9b8a46-4c2b-11de-882c-001a4d7a076b}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7d9b8a46-4c2b-11de-882c-001a4d7a076b}\ not found.
File E:\husev.pif not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7d9b8a46-4c2b-11de-882c-001a4d7a076b}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7d9b8a46-4c2b-11de-882c-001a4d7a076b}\ not found.
File E:\husev.pif not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7d9b8a46-4c2b-11de-882c-001a4d7a076b}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7d9b8a46-4c2b-11de-882c-001a4d7a076b}\ not found.
File E:\husev.pif not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7e17cf8c-5407-11de-8854-001a4d7a076b}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7e17cf8c-5407-11de-8854-001a4d7a076b}\ not found.
File E:\eaywxx.cmd not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7e17cf8c-5407-11de-8854-001a4d7a076b}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7e17cf8c-5407-11de-8854-001a4d7a076b}\ not found.
File E:\eaywxx.cmd not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{80577b62-46c9-11de-8811-001a4d7a076b}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{80577b62-46c9-11de-8811-001a4d7a076b}\ not found.
File E:\em8tqm.cmd not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{80577b62-46c9-11de-8811-001a4d7a076b}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{80577b62-46c9-11de-8811-001a4d7a076b}\ not found.
File E:\em8tqm.cmd not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{88a02643-f5f2-11de-8bae-001a4d7a076b}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{88a02643-f5f2-11de-8bae-001a4d7a076b}\ not found.
File F:\9g86.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{88a02643-f5f2-11de-8bae-001a4d7a076b}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{88a02643-f5f2-11de-8bae-001a4d7a076b}\ not found.
File F:\9g86.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9014f952-cf96-11de-8b01-001a4d7a076b}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9014f952-cf96-11de-8b01-001a4d7a076b}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9014f952-cf96-11de-8b01-001a4d7a076b}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9014f952-cf96-11de-8b01-001a4d7a076b}\ not found.
File E:\LaunchU3.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9055c5e1-2032-11de-8761-001a4d7a076b}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9055c5e1-2032-11de-8761-001a4d7a076b}\ not found.
File E:\SYSTEM\S-1-5-21-1482476501-1644491937-682003330-1013\system32.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9055c5e1-2032-11de-8761-001a4d7a076b}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9055c5e1-2032-11de-8761-001a4d7a076b}\ not found.
File E:\SYSTEM\S-1-5-21-1482476501-1644491937-682003330-1013\system32.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{90e55327-e365-11de-8b63-001a4d7a076b}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{90e55327-e365-11de-8b63-001a4d7a076b}\ not found.
File E:\m9ma.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{90e55327-e365-11de-8b63-001a4d7a076b}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{90e55327-e365-11de-8b63-001a4d7a076b}\ not found.
File E:\m9ma.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{90e55327-e365-11de-8b63-001a4d7a076b}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{90e55327-e365-11de-8b63-001a4d7a076b}\ not found.
File E:\m9ma.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9398bd4c-9088-11de-89a1-001a4d7a076b}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9398bd4c-9088-11de-89a1-001a4d7a076b}\ not found.
File E:\wx8o0bt1.com not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9398bd4c-9088-11de-89a1-001a4d7a076b}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9398bd4c-9088-11de-89a1-001a4d7a076b}\ not found.
File E:\wx8o0bt1.com not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{951b5bc8-1e00-11de-8746-001a4d7a076b}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{951b5bc8-1e00-11de-8746-001a4d7a076b}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{951b5bc9-1e00-11de-8746-001a4d7a076b}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{951b5bc9-1e00-11de-8746-001a4d7a076b}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{951b5bc9-1e00-11de-8746-001a4d7a076b}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{951b5bc9-1e00-11de-8746-001a4d7a076b}\ not found.
File F:\LaunchU3.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{99816816-e244-11dd-8621-001a4d7a076b}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{99816816-e244-11dd-8621-001a4d7a076b}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{99816816-e244-11dd-8621-001a4d7a076b}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{99816816-e244-11dd-8621-001a4d7a076b}\ not found.
File E:\LaunchU3.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{99d0314c-e0c6-11dd-8619-001a4d7a076b}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{99d0314c-e0c6-11dd-8619-001a4d7a076b}\ not found.
File E:\uvsqfgwd.cmd not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{99d0314c-e0c6-11dd-8619-001a4d7a076b}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{99d0314c-e0c6-11dd-8619-001a4d7a076b}\ not found.
File E:\uvsqfgwd.cmd not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9d9d88e4-107b-11de-8702-001a4d7a076b}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9d9d88e4-107b-11de-8702-001a4d7a076b}\ not found.
File E:\i.cmd not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9d9d88e4-107b-11de-8702-001a4d7a076b}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9d9d88e4-107b-11de-8702-001a4d7a076b}\ not found.
File E:\i.cmd not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ace221c6-8e3d-11de-8998-001a4d7a076b}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ace221c6-8e3d-11de-8998-001a4d7a076b}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{bd1cb91a-5b18-11de-8871-001a4d7a076b}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{bd1cb91a-5b18-11de-8871-001a4d7a076b}\ not found.
File E:\gpcdt.cmd not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{bd1cb91a-5b18-11de-8871-001a4d7a076b}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{bd1cb91a-5b18-11de-8871-001a4d7a076b}\ not found.
File E:\gpcdt.cmd not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c514ecf8-0410-11df-8bee-001a4d7a076b}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c514ecf8-0410-11df-8bee-001a4d7a076b}\ not found.
File E:\RECYCLER\autorun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c514ecf8-0410-11df-8bee-001a4d7a076b}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c514ecf8-0410-11df-8bee-001a4d7a076b}\ not found.
File E:\RECYCLER\autorun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c514ecf9-0410-11df-8bee-001a4d7a076b}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c514ecf9-0410-11df-8bee-001a4d7a076b}\ not found.
File E:\RECYCLER\autorun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c514ecf9-0410-11df-8bee-001a4d7a076b}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c514ecf9-0410-11df-8bee-001a4d7a076b}\ not found.
File E:\RECYCLER\autorun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c89277bc-17ce-11de-8729-001a4d7a076b}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c89277bc-17ce-11de-8729-001a4d7a076b}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c89277bc-17ce-11de-8729-001a4d7a076b}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c89277bc-17ce-11de-8729-001a4d7a076b}\ not found.
File E:\LaunchU3.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c9723cce-b8c5-11de-8a95-001a4d7a076b}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c9723cce-b8c5-11de-8a95-001a4d7a076b}\ not found.
File E:\ctu8r.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c9723cce-b8c5-11de-8a95-001a4d7a076b}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c9723cce-b8c5-11de-8a95-001a4d7a076b}\ not found.
File E:\ctu8r.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{cfc5a06a-7384-11de-88f7-001a4d7a076b}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{cfc5a06a-7384-11de-88f7-001a4d7a076b}\ not found.
File E:\RECYCLER32\dmgr.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{cfc5a06a-7384-11de-88f7-001a4d7a076b}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{cfc5a06a-7384-11de-88f7-001a4d7a076b}\ not found.
File E:\RECYCLER32\dmgr.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d2391c4b-5778-11de-8867-001a4d7a076b}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d2391c4b-5778-11de-8867-001a4d7a076b}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d2391c4c-5778-11de-8867-001a4d7a076b}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d2391c4c-5778-11de-8867-001a4d7a076b}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d3e4704c-acf3-11de-8a43-001a4d7a076b}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d3e4704c-acf3-11de-8a43-001a4d7a076b}\ not found.
File E:\2o1ajagt.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d3e4704c-acf3-11de-8a43-001a4d7a076b}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d3e4704c-acf3-11de-8a43-001a4d7a076b}\ not found.
File E:\2o1ajagt.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{deafe105-9273-11de-89af-001a4d7a076b}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{deafe105-9273-11de-89af-001a4d7a076b}\ not found.
File E:\pituyb.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{deafe105-9273-11de-89af-001a4d7a076b}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{deafe105-9273-11de-89af-001a4d7a076b}\ not found.
File E:\pituyb.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{deafe105-9273-11de-89af-001a4d7a076b}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{deafe105-9273-11de-89af-001a4d7a076b}\ not found.
File E:\pituyb.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{deafe105-9273-11de-89af-001a4d7a076b}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{deafe105-9273-11de-89af-001a4d7a076b}\ not found.
File E:\pituyb.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e30c1a65-51b6-11de-8849-001a4d7a076b}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{e30c1a65-51b6-11de-8849-001a4d7a076b}\ not found.
File E:\3.cmd not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e30c1a65-51b6-11de-8849-001a4d7a076b}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{e30c1a65-51b6-11de-8849-001a4d7a076b}\ not found.
File E:\3.cmd not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e5690a16-2397-11de-8772-001a4d7a076b}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{e5690a16-2397-11de-8772-001a4d7a076b}\ not found.
File E:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\ise32.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e5690a16-2397-11de-8772-001a4d7a076b}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{e5690a16-2397-11de-8772-001a4d7a076b}\ not found.
File E:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\ise32.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f28fadac-4080-11de-87f1-001a4d7a076b}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f28fadac-4080-11de-87f1-001a4d7a076b}\ not found.
File E:\dbrxubcw.com not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f28fadac-4080-11de-87f1-001a4d7a076b}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f28fadac-4080-11de-87f1-001a4d7a076b}\ not found.
File E:\dbrxubcw.com not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{fb9f7f50-5f50-11de-8886-001a4d7a076b}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{fb9f7f50-5f50-11de-8886-001a4d7a076b}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ff40dc79-e3d1-11dd-862a-001a4d7a076b}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ff40dc79-e3d1-11dd-862a-001a4d7a076b}\ not found.
File E:\sv8c2bjw.bat not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ff40dc79-e3d1-11dd-862a-001a4d7a076b}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ff40dc79-e3d1-11dd-862a-001a4d7a076b}\ not found.
File E:\sv8c2bjw.bat not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\E\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\E\ not found.
File E:\LaunchU3.exe not found.
========== FILES ==========
C:\Program Files\Gameztar Toolbar\2.1.3.6670\Skins folder moved successfully.
C:\Program Files\Gameztar Toolbar\2.1.3.6670\Icons folder moved successfully.
C:\Program Files\Gameztar Toolbar\2.1.3.6670\Data folder moved successfully.
C:\Program Files\Gameztar Toolbar\2.1.3.6670 folder moved successfully.
C:\Program Files\Gameztar Toolbar folder moved successfully.
C:\Documents and Settings\admin.XPN19\Dane aplikacji\Mozilla\Firefox\Profiles\as0k3bd3.default\searchplugins\askcom.xml moved successfully.
File\Folder C:\Program Files\Web Search Operator not found.
File\Folder C:\Program Files\Automated Content Enhancer not found.
File\Folder C:\Program Files\Customized Platform Advancer not found.
========== REGISTRY ==========
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\\"SuperHidden"|dword:00000001 /E : value set successfully!
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\\"Hidden"|dword:00000001 /E : value set successfully!
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\\"ShowSuperHidden"|dword:00000001 /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL\\"CheckedValue"|dword:00000001 /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\SuperHidden\Policy\DontShowSuperHidden\ deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\SuperHidden\Policy\DontShowSuperHidden\\@|"" /E : value set successfully!
========== COMMANDS ==========

[EMPTYTEMP]

User: admin.XPN19
->Temp folder emptied: 2149465088 bytes
->Temporary Internet Files folder emptied: 78227027 bytes
->Java cache emptied: 46528398 bytes
->FireFox cache emptied: 62357768 bytes
->Google Chrome cache emptied: 23322624 bytes

User: ADMIN~1~XPN

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 39376 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: TEMP
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: TEMP.XPN19

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 2596 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1928209 bytes
RecycleBin emptied: 3144900444 bytes

Total Files Cleaned = 5 252,00 mb


OTL by OldTimer - Version 3.1.25.2 log created on 01202010_092351

Files\Folders moved on Reboot...
File\Folder C:\Program Files\Web Search Operator\4.1.0.2080\FF not found!
File\Folder C:\Program Files\Automated Content Enhancer\4.1.0.5290\FF not found!
File\Folder C:\Program Files\Customized Platform Advancer\4.1.0.1960\FF not found!

Registry entries deleted on Reboot...


oraz nowy log

Kod: Zaznacz wszystko

OTL logfile created on: 2010-01-20 09:28:49 - Run 2
OTL by OldTimer - Version 3.1.25.2     Folder = C:\Documents and Settings\admin.XPN19\Pulpit
Windows XP Home Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

447,00 Mb Total Physical Memory | 204,00 Mb Available Physical Memory | 46,00% Memory free
1,00 Gb Paging File | 1,00 Gb Available in Paging File | 79,00% Paging File free
Paging file location(s): C:\pagefile.sys 672 1344 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 39,06 Gb Total Space | 24,46 Gb Free Space | 62,63% Space Free | Partition Type: NTFS
Drive D: | 29,29 Gb Total Space | 28,65 Gb Free Space | 97,82% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: XPN19
Current User Name: admin
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2010-01-19 10:53:51 | 00,547,328 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\admin.XPN19\Pulpit\OTL.exe
PRC - [2009-07-21 13:34:33 | 00,185,089 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2009-05-13 15:48:22 | 00,108,289 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2009-03-02 12:08:47 | 00,209,153 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2008-04-14 18:21:16 | 01,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2005-03-31 10:18:49 | 00,790,528 | ---- | M] (sms-express.com) -- C:\Program Files\Gadu-Gadu\gg.exe


[color=#E56717]========== Modules (SafeList) ==========[/color]

MOD - [2010-01-19 10:53:51 | 00,547,328 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\admin.XPN19\Pulpit\OTL.exe


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - [2009-11-27 16:21:10 | 00,153,376 | ---- | M] (Sun Microsystems, Inc.) [Disabled | Stopped] -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2009-07-21 13:34:33 | 00,185,089 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2009-05-13 15:48:22 | 00,108,289 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2006-10-31 07:35:00 | 00,155,715 | ---- | M] (NVIDIA Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\nvsvc32.exe -- (NVSvc)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - [2009-12-08 10:34:01 | 00,056,816 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2009-05-11 09:12:24 | 00,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009-03-30 09:33:07 | 00,096,104 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2009-02-21 10:21:56 | 00,025,280 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)
DRV - [2009-02-13 11:35:05 | 00,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2009-01-02 15:41:39 | 00,014,656 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\gdrv.sys -- (gdrv)
DRV - [2008-08-20 18:58:58 | 00,044,944 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20)
DRV - [2008-04-13 17:39:16 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv)
DRV - [2008-04-13 17:36:05 | 00,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2007-01-30 11:57:50 | 04,474,368 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2006-11-27 16:33:54 | 00,019,968 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2006-11-27 16:33:50 | 00,058,368 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2006-10-31 07:35:00 | 03,964,256 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2006-10-18 16:31:38 | 00,105,472 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\nvata.sys -- (nvata)
DRV - [2006-06-18 23:51:32 | 00,043,520 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2006-03-02 13:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 127.0.0.1

[color=#E56717]========== FireFox ==========[/color]


FF - HKLM\software\mozilla\Mozilla Firefox 3.0.17\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010-01-14 18:46:04 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.17\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010-01-06 11:38:22 | 00,000,000 | ---D | M]

[2009-03-11 12:05:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin.XPN19\Dane aplikacji\Mozilla\Extensions
[2010-01-19 13:34:27 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin.XPN19\Dane aplikacji\Mozilla\Firefox\Profiles\as0k3bd3.default\extensions
[2009-12-07 17:04:05 | 00,000,000 | ---D | M] (Greasemonkey) -- C:\Documents and Settings\admin.XPN19\Dane aplikacji\Mozilla\Firefox\Profiles\as0k3bd3.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2010-01-19 13:34:27 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2008-01-23 07:20:30 | 00,491,520 | ---- | M] (BitComet) -- C:\Program Files\Mozilla Firefox\plugins\npBitCometAgent.dll
[2009-01-09 10:34:24 | 00,120,296 | ---- | M] ( ) -- C:\Program Files\Mozilla Firefox\plugins\npganymedenet.dll
[2009-08-31 13:10:22 | 00,550,400 | ---- | M] (Ganymede Technologies) -- C:\Program Files\Mozilla Firefox\plugins\NPSLOTS70.dll
[2009-07-22 16:35:48 | 00,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml
[2009-02-06 19:43:51 | 00,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml
[2009-02-06 19:43:51 | 00,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml
[2009-02-06 19:43:51 | 00,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml
[2009-02-06 19:43:51 | 00,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml
[2009-02-06 19:43:51 | 00,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml

O1 HOSTS File: ([2009-04-03 08:43:11 | 00,000,686 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\HOSTS
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Documents and Settings\admin.XPN19\Dane aplikacji\Nowe Gadu-Gadu\_userdata\ggbho.1.dll (GG Network S.A.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKCU..\Run: [Gadu-Gadu] C:\Program Files\Gadu-Gadu\gg.exe (sms-express.com)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 36
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = FF FF FF FF  [binary data]
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {31435657-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/e/2/f/e2fcec4b-6c8b-48b7-adab-ab9c403a978f/wvc1dmo.cab (Reg Error: Key error.)
O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} http://www.mks.com.pl/skaner/SkanerOnline.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {FDDBE2B8-6602-4AD8-946D-94C5A32FA6C5} http://cached.gamedesire.com/g_bin/pl/snooker_2_0_0_35.cab (GameDesire Snooker)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - AppInit_DLLs: (⇫粀��Ề쳀P) -  File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009-01-02 15:30:11 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2009-01-24 10:12:30 | 00,000,000 | ---D | M] - C:\Automap -- [ NTFS ]
O32 - AutoRun File - [2009-06-04 19:42:33 | 00,000,000 | RHSD | M] - C:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2009-06-04 19:42:33 | 00,000,000 | RHSD | M] - D:\autorun.inf -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2010-01-20 09:23:51 | 00,000,000 | ---D | C] -- C:\_OTL
[2010-01-19 14:28:44 | 00,000,000 | ---D | C] -- C:\Documents and Settings\admin.XPN19\Ustawienia lokalne\Dane aplikacji\0.0.0.0
[2010-01-19 13:45:44 | 00,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010-01-19 13:45:41 | 00,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010-01-19 13:45:41 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010-01-19 13:44:07 | 05,115,824 | ---- | C] (Malwarebytes Corporation                                    ) -- C:\Documents and Settings\admin.XPN19\Pulpit\mbam-setup.exe
[2010-01-19 10:53:39 | 00,547,328 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\admin.XPN19\Pulpit\OTL.exe
[2010-01-19 10:02:26 | 00,000,000 | ---D | C] -- C:\Program Files\Eusing Free Registry Cleaner
[2010-01-19 09:58:10 | 00,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Dokumenty\Eusing Free Registry Cleaner 2.5
[2010-01-16 10:18:24 | 00,000,000 | ---D | C] -- C:\Program Files\Odkurzacz
[2010-01-13 21:11:42 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\NCH Software
[2010-01-13 21:11:34 | 00,000,000 | ---D | C] -- C:\Program Files\NCH Software
[2010-01-13 10:28:50 | 00,471,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aclayers.dll
[2010-01-11 20:43:23 | 00,000,000 | ---D | C] -- C:\Program Files\Dragon Ball Z Online 2 v1.988
[2010-01-02 14:21:34 | 00,000,000 | ---D | C] -- C:\Program Files\VirtualBus
[2009-11-27 12:52:24 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Dane aplikacji\Adobe
[2009-09-30 19:23:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Google
[2009-09-30 19:18:28 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Google
[2009-03-10 17:42:26 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Microsoft
[2009-02-23 10:36:44 | 00,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Dane aplikacji\Microsoft
[2009-01-02 15:32:58 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Microsoft
[2009-01-02 15:30:03 | 00,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Dane aplikacji\Microsoft

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2010-01-20 09:27:51 | 00,081,496 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2010-01-20 09:26:35 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010-01-20 09:26:32 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010-01-20 09:25:53 | 04,194,304 | ---- | M] () -- C:\Documents and Settings\admin.XPN19\NTUSER.DAT
[2010-01-20 09:25:53 | 00,000,188 | -HS- | M] () -- C:\Documents and Settings\admin.XPN19\ntuser.ini
[2010-01-20 09:20:46 | 00,000,462 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{ADD848C3-9C1F-4533-90AE-10FC110C0051}.job
[2010-01-19 20:58:03 | 04,261,426 | -H-- | M] () -- C:\Documents and Settings\admin.XPN19\Ustawienia lokalne\Dane aplikacji\IconCache.db
[2010-01-19 20:56:00 | 00,001,144 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1275210071-308236825-725345543-1004UA.job
[2010-01-19 20:56:00 | 00,001,092 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1275210071-308236825-725345543-1004Core.job
[2010-01-19 13:45:46 | 00,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Malwarebytes' Anti-Malware.lnk
[2010-01-19 13:45:06 | 05,115,824 | ---- | M] (Malwarebytes Corporation                                    ) -- C:\Documents and Settings\admin.XPN19\Pulpit\mbam-setup.exe
[2010-01-19 10:53:51 | 00,547,328 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\admin.XPN19\Pulpit\OTL.exe
[2010-01-18 10:05:37 | 00,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010-01-16 12:20:50 | 00,000,653 | ---- | M] () -- C:\Documents and Settings\admin.XPN19\Pulpit\Gadu-Gadu.lnk
[2010-01-16 10:30:06 | 00,000,542 | ---- | M] () -- C:\WINDOWS\win.ini
[2010-01-16 10:30:06 | 00,000,293 | RHS- | M] () -- C:\boot.ini
[2010-01-16 10:30:06 | 00,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2010-01-15 17:32:00 | 00,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2010-01-15 11:14:40 | 00,017,672 | ---- | M] () -- C:\Documents and Settings\admin.XPN19\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT
[2010-01-12 09:50:58 | 00,115,768 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010-01-07 17:19:29 | 00,002,267 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Skype.lnk
[2010-01-07 16:07:14 | 00,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010-01-07 16:07:04 | 00,019,160 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009-12-21 21:19:56 | 01,529,938 | ---- | M] () -- C:\Documents and Settings\admin.XPN19\Pulpit\gg6.zip

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2010-01-19 13:45:46 | 00,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Malwarebytes' Anti-Malware.lnk
[2009-12-21 21:19:51 | 01,529,938 | ---- | C] () -- C:\Documents and Settings\admin.XPN19\Pulpit\gg6.zip
[2009-08-10 10:19:43 | 00,000,479 | ---- | C] () -- C:\WINDOWS\WINCMD.INI
[2009-05-09 09:49:43 | 00,000,666 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2009-05-05 18:31:18 | 00,000,161 | ---- | C] () -- C:\WINDOWS\l33td.ini
[2009-03-20 10:32:20 | 00,044,544 | ---- | C] () -- C:\Documents and Settings\admin.XPN19\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009-03-11 11:15:11 | 00,076,407 | ---- | C] () -- C:\Documents and Settings\admin.XPN19\Dane aplikacji\Smiley.ico
[2009-03-03 20:18:53 | 00,164,352 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2009-03-03 20:18:52 | 00,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2009-03-03 20:18:48 | 00,815,104 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2009-03-03 20:18:47 | 00,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2009-03-03 20:18:46 | 03,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2009-03-03 20:18:44 | 00,007,680 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2009-03-03 20:18:44 | 00,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2009-02-23 10:14:48 | 00,000,197 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2009-02-17 17:16:59 | 00,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2006-10-31 07:35:00 | 01,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2006-10-31 07:35:00 | 01,470,464 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2006-10-31 07:35:00 | 01,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2006-10-31 07:35:00 | 00,581,632 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[2006-10-31 07:35:00 | 00,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2006-10-31 07:35:00 | 00,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2006-10-31 07:35:00 | 00,196,608 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll
[2006-04-07 13:23:51 | 00,074,240 | ---- | C] () -- C:\WINDOWS\System32\zlib.dll

[color=#E56717]========== Alternate Data Streams ==========[/color]

@Alternate Data Stream - 134 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:671329E4
@Alternate Data Stream - 121 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:CF778051
< End of report >


[NieWiem]

Start => uruchom => regedit

znajdź klucz

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows

Odnajdź w nim wartośc

AppInit_DLLs

I tam poszukaj czegoś, co ja w logu widzę jako ciąg jakichś dziwnych znaczków

Kod: Zaznacz wszystko

20 - AppInit_DLLs: (⇫粀��Ề쳀P) -  File not found

Usuń to coś (nie całą wartość AppInit - tylko te krzaczki!!) z prawokliku.

Usuń C:\_OTL, potem raport z Malwarebytes. W logu nic więcej nie widać.

[mirekg1963]

tak jak w instrukcji zrobiłem z prawokliku usuń wartość ale jeden kwadracik został
Mam nadzieje że okaże się nie szkodliwy albo po restarcie zginie ?? Acha, kiedy robiłem prawoklikiem na tych krzaczkacj to miałem tylko do wyboru nowy klucz itp dopiero gdy naprowadziłem na AppInit_DLLs wtedy miałem do wyboru usuń ale rozumiem że to cały klucz bym usunął i zmień wartość wtedy krzaczki usuwałem no oprócz tego jednego który w wartości jest zerem a w kluczu kwadracikiem

[NieWiem]

Pokaż mi tutaj zawartość tego klucza i tą wartość.

[mirekg1963]

[NieWiem]

Wywal całą wartość AppInit_DLLs.

Plus miał być jakiś raport z Malwarebytes'.

[mirekg1963]

Ja zrozumiałem żeby razem z wartością tego klucza wywalić raport z malwarebytes
Piękny numer ale trzeba sie śmiać z siebie. A pomyślałem tak bo po pierwszym scanie OTL samowolnie przeskanowałem malwarebytes. Wyszło bardzo dużo złych rzeczy więc je usunąłem...pomyślałem że w logach z 2 scanowania OTL dojrzałeś log ze scanu malwarebytes i że trzeba to wywalić. No cóż wyglądam teraz jak ten
Usunąłem całe to AppInit_DLLs??

[NieWiem]

Zobaczę dzisiaj tego nowego loga z Malwarebytes'??

[mirekg1963]

Postaram się pokazać nowego loga!!

Kod: Zaznacz wszystko

Malwarebytes' Anti-Malware 1.44
Wersja bazy definicji: 3597
Windows 5.1.2600 Dodatek Service Pack 3
Internet Explorer 8.0.6001.18702

2010-01-21 14:22:26
mbam-log-2010-01-21 (14-22-26).txt

Typ skanowania: Pełne skanowanie (C:\|D:\|)
Przeskanowane obiekty: 180843
Upłynęło: 29 minute(s), 33 second(s)

Zainfekowane procesy w pamięci: 0
Zainfekowane moduły pamięci: 0
Zainfekowane klucze rejestru: 0
Zainfekowane wartości rejestru: 0
Zainfekowane pliki rejestru: 0
Zainfekowane foldery: 0
Zainfekowane pliki: 10

Zainfekowane procesy w pamięci:
(Nie wykryto groźnych plików)

Zainfekowane moduły pamięci:
(Nie wykryto groźnych plików)

Zainfekowane klucze rejestru:
(Nie wykryto groźnych plików)

Zainfekowane wartości rejestru:
(Nie wykryto groźnych plików)

Zainfekowane pliki rejestru:
(Nie wykryto groźnych plików)

Zainfekowane foldery:
(Nie wykryto groźnych plików)

Zainfekowane pliki:
C:\System Volume Information\_restore{A0B9F165-C327-489E-98D7-12D2233DBAD1}\RP159\A0161044.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{A0B9F165-C327-489E-98D7-12D2233DBAD1}\RP159\A0161045.exe (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{A0B9F165-C327-489E-98D7-12D2233DBAD1}\RP159\A0161046.exe (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{A0B9F165-C327-489E-98D7-12D2233DBAD1}\RP159\A0161047.exe (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{A0B9F165-C327-489E-98D7-12D2233DBAD1}\RP159\A0161048.exe (BackDoor.Bifrost) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{A0B9F165-C327-489E-98D7-12D2233DBAD1}\RP159\A0161049.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{A0B9F165-C327-489E-98D7-12D2233DBAD1}\RP159\A0161050.exe (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{A0B9F165-C327-489E-98D7-12D2233DBAD1}\RP159\A0161051.exe (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{A0B9F165-C327-489E-98D7-12D2233DBAD1}\RP159\A0161052.exe (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{A0B9F165-C327-489E-98D7-12D2233DBAD1}\RP159\A0161054.dll (Adware.DoubleD) -> Quarantined and deleted successfully.


W trakcie skanowania malwarebytes włączył mi się antywirus avira i nie chciał dać z wygraną tylko miauczał że jest wirus
TR/Trash.Gen - Trojan ścieżka C:\System Volume Information\...\A0161079.exe
???

[NieWiem]

• Pobierz program OTC
• Kliknij dwukrotnie na ikonę, aby uruchomić program (użytkownicy systemów Vista oraz Se7en => prawoklik oraz wybrać opcję Uruchom jako Administrator).
• Wciśnij przycisk Clean Up!
• Na pytanie "Begin cleanup Process?" wciśnij Yes.
• Jeśli padnie prośba o restart - zgódź się.

• Pobierz program TFC
• Zamknij wszystkie otwarte programy - inaczej TFC zrobi to za Ciebie
• Kliknij dwukrotnie na ikonę, aby uruchomić program (użytkownicy systemów Vista oraz Se7en => prawoklik oraz wybrać opcję Uruchom jako Administrator).
• Kliknij przycisk Start
• Czyszczenie lokalizacji tymczasowych może chwilę potrwać (ale znowu bez przesady), uzbrój się w cierpliwość.
• Jeśli padnie prośba o restart - zgódź się.

• Wyłączenie przywracania systemu
  • Na pulpicie => prawoklik na Mój Komputer
  • opcja Właściwości
  • zakładka Przywracanie systemu
  • Zaznaczyć opcję Wyłącz przywracanie systemu
  • Kliknąć Zastosuj, a potem OK.
• Zrestartować komputer!
• Włączanie przywracania systemu
  • Na pulpicie => prawoklik na Mój Komputer
  • opcja Właściwości
  • zakładka Przywracanie systemu
  • Odznaczyć opcję Wyłącz przywracanie systemu
  • Kliknąć Zastosuj, a potem OK.

Oraz mówisz jak objawy

[mirekg1963]

Chyba jest na razie ok. Komputer stoi niby w tym samym miejscu gdzie stał, ale już się tak złowieszczo nie uśmiecha do mnie Wyczuwam w tym jakąś formę uległości i to mi się mimo wszystko podoba!! Dzięki, jakby coś nie grało to pozwolę sobie odezwać jeszcze. Teraz zauważyłem !!! Mam antywirusa avira darmówka ale do tej pory byłem zadowolony i po tych działaniach na OTL malwarebytes straciłem możliwość update załączam screena. Co charakterystyczne to samo mam na kompie u mojej koleżanki ten sam problem był ze stroną byteseeker.com. Prowadzony byłem podobnie OTL, malwarebytes itp. U niej odinstalowałem avire i zainstalowałem ponownie i to samo jest???


Niby skanuje ale przecież w ten sposób to chyba baz wirusów nie odnawia??

[wojtas]

odinstaluj , przeczyść rejestr, i od nowa zainstaluj z nowego źródła.

Autor postu otrzymał pochwałę