100% użycia procesora - nieproszony gość ?

[Gorgoy]

Witam! Nie mam pojęcia co mogło sie stać, ale non stop użycie procesora jest na poziomie 100%. Podaje logi, które pewnie przydadzą sie w rozwiązaniu problemu.

Kod: Zaznacz wszystko

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:35:18, on 2009-01-21
Platform: Windows XP Dodatek SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Razer\Copperhead\razerhid.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb03.exe
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
D:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\oodtray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
D:\Program Files\Nokia\Nokia PC Suite 7\PCSync2.exe
D:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\system32\oodag.exe
C:\Program Files\Razer\Copperhead\razerofa.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Nokia\MPAPI\MPAPI3s.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\notepad.exe
D:\Program Files\Last.fm\LastFM.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\VeSsLaN\Pulpit\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.bearshare.com/pl/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL
O4 - HKLM\..\Run: [razer] C:\Program Files\Razer\Copperhead\razerhid.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb03.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [LogonStudio] "C:\Program Files\WinCustomize\LogonStudio\logonstudio.exe" /RANDOM
O4 - HKLM\..\Run: [Vistadrv] C:\Program Files\VistaDrives\vsdrv.exe
O4 - HKLM\..\Run: [BootSkin Startup Jobs] "C:\Program Files\Stardock\WinCustomize\BootSkin\BootSkin.exe" /StartupJobs
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "D:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [OODefragTray] C:\WINDOWS\system32\oodtray.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [Nokia.PCSync] "D:\Program Files\Nokia\Nokia PC Suite 7\PCSync2.exe" /NoDialog
O4 - HKCU\..\Run: [PC Suite Tray] "D:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [RGSC] D:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent
O4 - HKCU\..\Run: [AdobeUpdater] "C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe"
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Pobierz z &BitSpirit - D:\Program Files\BitSpirit\bsurl.htm
O9 - Extra button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1201388844008
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1201388821446
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Usługa iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset  - C:\Program Files\Eset\nod32krn.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

--
End of file - 9391 bytes


Kod: Zaznacz wszystko

ComboFix 09-01-21.01 - VeSs 2009-01-21 22:03:24.1 - NTFSx86
Microsoft Windows XP Professional  5.1.2600.3.1250.1.1045.18.2047.1490 [GMT 1:00]
Uruchomiony z: c:\documents and settings\VeSsLaN\Pulpit\ComboFix.exe
AV: ESET NOD32 antivirus system 2.70 *On-access scanning disabled* (Updated)
.

(((((((((((((((((((((((((((((((((((((((   Usunięto   )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\All Users\Dane aplikacji\Microsoft\ipdll.dll
C:\kmd.exe
c:\program files\NetProject
c:\recycler\S-1-5-21-1482476501-1644491937-682003330-1013
c:\recycler\S-1-5-21-1482476501-1644491937-682003330-1013\Desktop.ini
c:\recycler\S-1-5-21-1482476501-1644491937-682003330-1013\xop32.exe

.
(((((((((((((((((((((((((((((((((((((((   Sterowniki/Usługi   )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_OREANS32
-------\Service_oreans32


(((((((((((((((((((((((((   Pliki utworzone od 2008-12-21 do 2009-01-21  )))))))))))))))))))))))))))))))
.

2009-01-21 18:48 . 2009-01-21 22:13   6,385   --a------   c:\windows\system32\oodbs.lor
2009-01-21 17:39 . 2009-01-21 17:39   <DIR>   d--------   c:\program files\OO Software
2009-01-19 17:05 . 1998-10-07 13:54   327,168   --a------   c:\windows\IsUn0415.exe
2009-01-17 10:25 . 2009-01-17 10:26   <DIR>   d--------   c:\documents and settings\VeSsLaN\Dane aplikacji\Crayon Physics Deluxe
2009-01-14 18:30 . 2009-01-14 18:30   <DIR>   d--------   c:\program files\AVIcodec
2009-01-12 08:32 . 2009-01-12 08:32   <DIR>   d--------   c:\program files\iPod
2009-01-12 08:31 . 2009-01-12 08:32   <DIR>   d--------   c:\documents and settings\All Users\Dane aplikacji\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2009-01-12 08:29 . 2009-01-12 08:29   <DIR>   d--------   c:\program files\QuickTime
2009-01-02 12:00 . 2009-01-02 12:00   <DIR>   d--------   c:\documents and settings\VeSsLaN\Dane aplikacji\Mount&Blade
2009-01-01 20:57 . 2009-01-01 20:57   <DIR>   d--------   c:\documents and settings\All Users\Dane aplikacji\Ubisoft
2009-01-01 20:57 . 2008-10-10 04:52   4,379,984   --a------   c:\windows\system32\D3DX9_40.dll
2009-01-01 20:57 . 2008-10-10 04:52   2,036,576   --a------   c:\windows\system32\D3DCompiler_40.dll
2009-01-01 20:57 . 2008-10-27 10:04   514,384   --a------   c:\windows\system32\XAudio2_3.dll
2009-01-01 20:57 . 2008-10-10 04:52   452,440   --a------   c:\windows\system32\d3dx10_40.dll
2009-01-01 20:57 . 2008-10-27 10:04   235,856   --a------   c:\windows\system32\xactengine3_3.dll
2009-01-01 20:57 . 2008-10-27 10:04   70,992   --a------   c:\windows\system32\XAPOFX1_2.dll
2009-01-01 20:57 . 2008-10-27 10:04   23,376   --a------   c:\windows\system32\X3DAudio1_5.dll
2008-12-31 00:43 . 2008-12-31 00:43   <DIR>   d--------   c:\program files\Combined Community Codec Pack
2008-12-30 18:05 . 2008-04-14 18:21   61,440   --a------   c:\windows\system32\svchost.exe
2008-12-28 13:44 . 2008-12-28 13:44   <DIR>   d--------   c:\documents and settings\VeSsLaN\Gadu-Gaduuuu
2008-12-23 18:55 . 2008-12-23 18:55   410,984   --a------   c:\windows\system32\deploytk.dll
2008-12-22 12:41 . 2009-01-11 23:47   7,168   --ahs----   c:\windows\Thumbs.db
2008-12-22 12:36 . 2008-12-22 12:36   <DIR>   d--------   c:\documents and settings\All Users\Dane aplikacji\Last.fm

.
((((((((((((((((((((((((((((((((((((((((   Sekcja Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-01-20 19:17   ---------   d-----w   c:\documents and settings\VeSsLaN\Dane aplikacji\Skype
2009-01-20 18:20   ---------   d-----w   c:\documents and settings\VeSsLaN\Dane aplikacji\skypePM
2009-01-12 07:31   ---------   d-----w   c:\program files\Common Files\Apple
2009-01-01 21:43   ---------   d--h--w   c:\program files\InstallShield Installation Information
2008-12-23 17:54   ---------   d-----w   c:\program files\Java
2008-12-19 20:51   ---------   d-----w   c:\documents and settings\All Users\Dane aplikacji\Microsoft Help
2008-12-11 10:57   333,952   ----a-w   c:\windows\system32\drivers\srv.sys
2008-12-04 19:29   ---------   d-----w   c:\program files\Microsoft Games for Windows - LIVE
2008-12-04 18:50   ---------   d--h--r   c:\documents and settings\VeSsLaN\Dane aplikacji\SecuROM
2008-12-03 17:52   ---------   d-----w   c:\program files\Zylom Games
2008-12-02 20:27   183,112   ----a-w   c:\windows\system32\PnkBstrB.exe
2008-12-02 20:27   138,184   ----a-w   c:\windows\system32\drivers\PnkBstrK.sys
2008-12-01 07:17   ---------   d-----w   c:\documents and settings\VeSsLaN\Dane aplikacji\Nokia
2008-12-01 07:14   ---------   d-----w   c:\documents and settings\VeSsLaN\Dane aplikacji\PC Suite
2008-12-01 07:14   ---------   d-----w   c:\documents and settings\All Users\Dane aplikacji\PC Suite
2008-12-01 07:13   ---------   d-----w   c:\documents and settings\All Users\Dane aplikacji\Installations
2008-12-01 07:12   ---------   d-----w   c:\program files\Common Files\PCSuite
2008-12-01 07:12   ---------   d-----w   c:\program files\Common Files\Nokia
2008-12-01 07:11   ---------   d-----w   c:\program files\PC Connectivity Solution
2008-12-01 07:11   ---------   d-----w   c:\program files\DIFX
2008-12-01 07:05   0   ---ha-w   c:\windows\system32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf
2008-12-01 07:05   0   ---ha-w   c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01007.Wdf
2008-11-29 19:11   ---------   d-----w   c:\documents and settings\All Users\Dane aplikacji\Nokia
2008-11-29 18:03   ---------   d-----w   c:\program files\Common Files\Adobe
2008-11-29 11:37   ---------   d-----w   c:\program files\Nokia
2008-11-27 15:03   ---------   d-----w   c:\program files\PhotoRescue Pro
2008-11-26 18:24   66,872   ----a-w   c:\windows\system32\PnkBstrA.exe
2008-11-26 13:03   ---------   d-----w   c:\program files\Age Of Emerald
2008-11-23 11:16   ---------   d-----w   c:\program files\ReflexiveArcade
2008-11-03 10:46   1,307,904   ----a-w   c:\windows\system32\ooscrsav.scr
2008-11-03 10:45   730,368   ----a-w   c:\windows\system32\oodsvct.exe
2008-11-03 10:45   2,540,800   ----a-w   c:\windows\system32\oodtray.exe
2008-11-03 10:45   1,332,480   ----a-w   c:\windows\system32\oodag.exe
2008-11-03 10:44   194,816   ----a-w   c:\windows\system32\oodbs.exe
2008-11-03 10:42   951,552   ----a-w   c:\windows\system32\oodtrrs.dll
2008-11-03 10:41   9,984   ----a-w   c:\windows\system32\oodbsrs.dll
2008-11-03 10:41   8,448   ----a-w   c:\windows\system32\oodagrs.dll
2008-11-03 10:41   541,952   ----a-w   c:\windows\system32\oodssrs.dll
2008-11-03 10:41   15,616   ----a-w   c:\windows\system32\oodagmg.dll
2008-11-01 07:50   682,280   ----a-w   c:\windows\system32\pbsvc.exe
2008-11-01 07:50   22,328   ----a-w   c:\documents and settings\VeSsLaN\Dane aplikacji\PnkBstrK.sys
2008-10-28 16:41   14,303,392   ----a-w   c:\windows\system32\xlive.dll
2008-10-28 16:41   13,643,936   ----a-w   c:\windows\system32\xlivefnt.dll
2008-10-27 14:21   15,104   ----a-w   c:\windows\system32\ootmapi.dll
2008-10-23 12:42   286,720   ----a-w   c:\windows\system32\gdi32.dll
.

------- Sigcheck -------

2008-06-20 12:51  361600  9aefa14bd6b182d61e3119fa5f436d3d   c:\windows\$hf_mig$\KB951748\SP3GDR\tcpip.sys
2008-06-20 12:59  361600  ad978a1b783b5719720cff204b666c8e   c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip.sys
2008-06-20 11:44  360960  72d05abbe1d3a793e819ff06f4b51113   c:\windows\$NtServicePackUninstall$\tcpip.sys
2008-04-13 20:20  361344  93ea8d04ec73a85db02eb8805988f733   c:\windows\$NtUninstallKB951748$\tcpip.sys
2008-04-13 20:20  361344  93ea8d04ec73a85db02eb8805988f733   c:\windows\ServicePackFiles\i386\tcpip.sys
2008-06-20 12:51  361600  9aefa14bd6b182d61e3119fa5f436d3d   c:\windows\system32\dllcache\tcpip.sys
2008-06-20 12:51  361600  4afb3b0919649f95c1964aa1fad27d73   c:\windows\system32\drivers\tcpip.sys
.
(((((((((((((((((((((((((((((((((((((   Wpisy startowe rejestru   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane 
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" [2007-12-13 1688872]
"H/PC Connection Agent"="c:\program files\Microsoft ActiveSync\wcescomm.exe" [2006-11-13 1289000]
"Nokia.PCSync"="d:\program files\Nokia\Nokia PC Suite 7\PCSync2.exe" [2008-06-17 1249280]
"PC Suite Tray"="d:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" [2008-10-02 1124352]
"RGSC"="d:\program files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe" [2008-12-13 306088]
"AdobeUpdater"="c:\program files\Common Files\Adobe\Updater5\AdobeUpdater.exe" [2008-11-29 2356088]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"razer"="c:\program files\Razer\Copperhead\razerhid.exe" [2005-10-08 155648]
"HPDJ Taskbar Utility"="c:\windows\System32\spool\drivers\w32x86\3\hpztsb03.exe" [2001-07-17 200704]
"ATICCC"="c:\program files\ATI Technologies\ATI.ACE\CLIStart.exe" [2006-09-25 90112]
"nod32kui"="c:\program files\Eset\nod32kui.exe" [2008-01-26 950664]
"LogonStudio"="c:\program files\WinCustomize\LogonStudio\logonstudio.exe" [2002-09-03 987187]
"Vistadrv"="c:\program files\VistaDrives\vsdrv.exe" [2006-07-30 121089]
"BootSkin Startup Jobs"="c:\program files\Stardock\WinCustomize\BootSkin\BootSkin.exe" [2004-04-26 270336]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2007-08-24 33648]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2008-12-23 136600]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2008-11-04 413696]
"iTunesHelper"="d:\program files\iTunes\iTunesHelper.exe" [2008-11-20 290088]
"OODefragTray"="c:\windows\system32\oodtray.exe" [2008-11-03 2540800]
"RTHDCPL"="RTHDCPL.EXE" [2006-05-27 c:\windows\RTHDCPL.EXE]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"ForceClassicControlPanel"= 1 (0x1)
"NoSMConfigurePrograms"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.XFR1"= xfcodec.dll
"vidc.ffds"= c:\progra~1\COMBIN~1\Filters\FFDShow\ff_vfw.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute   REG_MULTI_SZ      autocheck autochk *\[u]0[/u]OODBS

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKLM\~\startupfolder\C:^Documents and Settings^VeSsLaN^Menu Start^Programy^Autostart^Rejestracja FIFA 09.lnk]
path=c:\documents and settings\VeSsLaN\Menu Start\Programy\Autostart\Rejestracja FIFA 09.lnk
backup=c:\windows\pss\Rejestracja FIFA 09.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
--a------ 2008-07-24 16:02 490952 c:\program files\DAEMON Tools Lite\daemon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
--a------ 2008-11-20 13:20 290088 d:\program files\iTunes\iTunesHelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
--------- 2008-04-14 18:21 1695232 c:\program files\Messenger\msmsgs.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
--a------ 2007-03-01 14:57 153136 c:\program files\Common Files\Nero\Lib\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
--a------ 2008-10-08 06:23 1410296 d:\program files\Steam\steam.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel]
-ra------ 2006-05-16 11:04 2879488 c:\windows\SkyTel.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"iPod Service"=3 (0x3)
"Bonjour Service"=2 (0x2)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Gadu-Gadu\\gg.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"d:\\Program Files\\BearShare\\BearShare.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"d:\\Program Files\\Hamachi\\hamachi.exe"=
"d:\\Program Files\\Steam\\steamapps\\sliwek90\\counter-strike\\hl.exe"=
"d:\\Program Files\\Steam\\Steam.exe"=
"c:\\totalcmd\\TOTALCMD.EXE"=
"c:\\Program Files\\Common Files\\Nero\\Nero Web\\SetupX.exe"=
"c:\\Program Files\\Nero\\Nero8\\Nero Home\\NeroHome.exe"=
"d:\\Program Files\\Steam\\steamapps\\sliwek90\\dedicated server\\hlds.exe"=
"c:\\Program Files\\Xfire\\xfire.exe"=
"d:\\Program Files\\MotoGP URT 3\\motogp.exe"=
"d:\\Program Files\\BitSpirit\\BitSpirit.exe"=
"c:\\Program Files\\Aspyr\\Tony Hawks Pro Skater 4\\Game\\Skate4.exe"=
"c:\\Program Files\\GameSpy Arcade\\Aphex.exe"=
"c:\\Program Files\\Nowe Gadu-Gadu\\gg.exe"=
"c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"d:\\Program Files\\Aspyr\\Guitar Hero III\\GH3.exe"=
"d:\\Program Files\\MoorHunt\\Downloads\\Race.Driver.GRID.Multi-5.Full-Rip.Skullptura_by_neo1992\\Race.Driver.GRID.Multi-5.Full-Rip.Skullptura\\Race.Driver.GRID.Multi-5.Full-Rip.Skullptura\\Grid\\GRID.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Java\\jre1.6.0_07\\launch4j-tmp\\JDownloader.exe"=
"c:\\WINDOWS\\system32\\java.exe"=
"c:\\Program Files\\Java\\jre1.6.0_07\\bin\\java.exe"=
"c:\\Program Files\\Common Files\\Nokia\\Service Layer\\A\\nsl_host_process.exe"=
"c:\\Program Files\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe"=
"d:\\Program Files\\Rockstar Games\\Rockstar Games Social Club\\RGSCLauncher.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"d:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service

R1 nod32drv;nod32drv;c:\windows\system32\drivers\nod32drv.sys [2008-01-26 15424]
S0 BootScreen;BootScreen;\SystemRoot\\SystemRoot\System32\drivers\vidstub.sys --> \SystemRoot\\SystemRoot\System32\drivers\vidstub.sys [?]
S3 DCamUSBET151;StarCam Sports Football 100K;c:\windows\system32\drivers\et151.sys [2008-07-18 589669]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [2008-10-27 138112]
S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [2008-10-27 8320]
S3 Razerlow;Razer Copperhead Driver;c:\windows\system32\drivers\Razerlow.sys [2008-01-26 19020]

--- Inne Usługi/Sterowniki w Pamięci ---

*Deregistered* - Nero BackItUp Scheduler 3
*Deregistered* - Netman
*Deregistered* - Nla
*Deregistered* - NMIndexingService
*Deregistered* - NOD32krn
*Deregistered* - O&O Defrag
*Deregistered* - PnkBstrA
*Deregistered* - PolicyAgent
*Deregistered* - ProtectedStorage
*Deregistered* - RasMan
*Deregistered* - RemoteRegistry
*Deregistered* - RpcSs
*Deregistered* - SamSs
*Deregistered* - Schedule
*Deregistered* - seclogon
*Deregistered* - SENS
*Deregistered* - ServiceLayer
*Deregistered* - SharedAccess
*Deregistered* - ShellHWDetection
*Deregistered* - Spooler
*Deregistered* - srservice
*Deregistered* - SSDPSRV
*Deregistered* - stisvc
*Deregistered* - TapiSrv
*Deregistered* - TermService
*Deregistered* - Themes
*Deregistered* - TrkWks
*Deregistered* - WebClient
*Deregistered* - winmgmt
*Deregistered* - WmiApSrv
*Deregistered* - wscsvc
*Deregistered* - wuauserv
*Deregistered* - WudfSvc
*Deregistered* - WZCSVC
.
Zawartość folderu 'Zaplanowane zadania'

2009-01-13 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]
.
- - - - USUNIĘTO PUSTE WPISY - - - -

HKCU-RunOnce-Shockwave Updater - c:\windows\system32\Adobe\SHOCKW~1\SWHELP~2.EXE -Update -1100465 -Mozilla/5.0 (Windows; U; Windows NT 5.1; pl; rv:1.9.0.5) Gecko/2008120122 Firefox/3.0.5
MSConfigStartUp-AdVantage - c:\program files\AdVantage\AdVantage.exe


.
------- Skan uzupełniający -------
.
uStart Page = hxxp://search.bearshare.com/pl/
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = *.local
IE: E&ksportuj do programu Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Pobierz z &BitSpirit - d:\program files\BitSpirit\bsurl.htm
IE: ÓñČĚŘľ«ÁéĎÂÔŘ(&B)
LSP: c:\windows\System32\imon.dll
FF - ProfilePath - c:\documents and settings\VeSsLaN\Dane aplikacji\Mozilla\Firefox\Profiles\z61op0mx.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.onet.pl/
FF - component: c:\program files\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\components\NPComponent.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Opera\program\plugins\npdivx32.dll
FF - plugin: d:\program files\iTunes\Mozilla Plugins\npitunes.dll
.
.
------- Skojarzenia plików -------
.
regfile\shell\edit\command=%SystemRoot%\system32\NOTEPAD.EXE %1
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-01-21 22:15:48
Windows 5.1.2600 Dodatek Service Pack 3 NTFS

skanowanie ukrytych procesów ... 

skanowanie ukrytych wpisów autostartu ...

skanowanie ukrytych plików ... 


**************************************************************************
.
--------------------- ZABLOKOWANE KLUCZE REJESTRU ---------------------

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG10.00.00.01WORKSTATION"="63E507741BF6DCCDA616B3550095029CC4E204AA7584499B1AFEA49F6151B73480A300BB6DDB27E6D2A00973C01318CD74BD1F90D5FD9767E9EBF5645E8C3AB383411B50B4C99E9F1D50FC155C4E08C1624311F9178BFCE7A9D0FA4108620972E576506D610EF70095FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA6A0AC4980AC7933A2D97226D213B555C038D530D6EB34528EDD5E5BE2F6E6675F4BDD729B521E0E8932C60A680C84D8ADDB9D3C8A666FE7D3A5F174F4E639F017851327137B1669E2C75C02ADBEBF03896240B02C4FF4B09B4F342F13B4C643A37BE0A7E25A30971BC7A9EC419186CCC4147EF5EBA9370FC7E0817406974FF41FFBFB75ADA8DBE660BF2214E7CE961D4661A83DD673DE25904CA600BE5C897FBB1A4E736826FDCC7905EC24BEC79F02057DC29BCBAB8A38C5C8A4EF0555A2043AAB75685D146F61BCAD63AC324F472D90E1828A00D8CBB2C9CB2FC66FD7B742724A42012A3AFA5E9514142306BCA6F109C956677983A9A2121630E96ABE5C2450D4BA4A40E261250758C2DD50EBCACA2436DA7315361D3A282642A5B76618B2D26C19BA65DC5539A25DE41C7D3C34D32B6B65D40304144E2D42B626EB31659D8CF7C928B4FA804493CA25FCCA9259CCF9707C15460072D9507312FEEE0533B7A6A16E4C1A93FE0F140B6204CB55211D8492DB9F36430C7959078D267F4A65F7D957DDC95880DE8C74CD2F1AE6F0E9CBCDE074C7006A2C70A10E94772CEED1F7F6CB9FA205A1264F1907510CD7D38486EF30E7C22296902399DD482F5B65C378617472BD89D9CC8D7BEB438A2B73369D17980EA8716CEA9DC08E7D7145A37A5B0F0B47E6258FBC2626F7B4A9C6C5378607F5F3F81514618C307E3C43F6A1A9288D8FC44DE7ABD797BA6B87615E4736D913695713083A0F418F4EC090D0DE7789F9C14305389FF1066D49D28F7E78D2D4A4D52CBD1C8F80B21F637CA607DB00CE88AA5185CF5C53B706586072065B22D73A631B22F24938F82F679337239E51E901122F293C58371BE0A3AEAFA6782DE7E3007E4D061FABD42846DDDA82B16E71BD06532F600FCD3F6D7B70CF685B712EC759E5B0204E462782B1698AD4A0CDA1AD5A673DF0FE3B5831EF0D3E2593DF781EE594A1E117E474CD9FF3A420FD5C5955A4C7D777AA183DC4DB9D4C8BB4DCB5B45C83D9BDBEDA67AB47F5EB3B60771A4C3E87ECD2196FE95358F0AE9F56C2FCECB85D76FB8EEB4E53A894865461728C3B46EB49B4D4C2FE9DC58A7DB595DD843C3C02F83A51549A0D82AE7FEC1D15F9641E6C2321EA044177C5A0B3FB8F6E2C2CEA04C6E5D84263B95AD24557B699D21A6C3910F4709C16C9409CB36EE8AAF2588BAB29C279D460C9F946A8BED32F29C21BB20BDAFA69"
"OODEFRAG11.00.00.01WORKSTATION"="69EACE88063F359C53D6C6E4E2B774D16B8A376AC9891054D23EA5934F81932608EB5EC1583CA3508653EC7CF1BCD3FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA6A0AC4980AC7933A6A0AC4980AC7933A9C6AECB7A5D1407A6171C11EC38DE3DED612D9C564B8E6DE3EECD880FDA17086AF2A940079BCC2CBCAE157036A5EA14D0C88B5B256D695D4971BA45A71489D9F65A16312989F0B6EB82FCE904F9DDEE9ECE71646E1260921D6E5F66F58B2DD54C1772878311F97B3C8C7D7A016E6B878CF76EAB780D94425D91DA2C5449060DCF990DF02D12EB899B9F34DB9A55BA0A319C95192847EED769D7504DC66C5EC9CA253D11DE7D90265C66CA3DE598355787EBFB088A3D9971059569F070A43F07EBD0D8FB775A754AB6DD68C198300987ED67BCC9D07F84625A71CE349A387B72C20A3FBCF6C2EAA142D4BA010DADA9E02A65F6A14DB1623174E533293100A4F2458E4FD10664868C7F71F40643B3CBE3620F4E47F78C2A17C4C0C8D4C6E9169C4EF36D2CEC8221214F2CCB4E5D7869BFA2E1E667ED5B96839EA6C6B00F75693C1A2104B198F258A6F952F7CEA249C2DB59AFED22EDFE28983B0D6927E3BAFED1C851FEBC9D9F8C992783396DFD83D6505B1F118ADC6CA12D373FF01C4260FB126216CD9CAF87E32B68364F05FD9BEE6B5E290229412B094C91DB9F6349A4C8E04E51E6132A3B473F2EB101E5D51913AE7E9CF77A48572BB3AFD4BDC53F59905DD93C41D38964636E4F1318D1DB9691CFBA19AE6E412295D6D97318010D62C3D438615B0B70B92A0686CBE0010D42FD387896E3E8204F9CD93DCF7CC5403B16CCFDA13556258B4F85719FAD9C8561AD04FBDDD9C07CB6571A68D94039876F01FAA3AF524790BBCDA113A8D5C50A4B3A86F30D5845924520A55254B9743A20BF4B0814BB64C2C0E043D152AF8E00E803C56C162932C2F916BC5155C4044F04525D6B2AFEA76A248B0777DD9CFC743CA878DBBE1BBE11EB9E58A14941E86562FC8574A2AC7F5F85113D33E07A0E9357920F189F819124405D2265EC1499BB1BC7CAAA80584C1C157CE917C3323033E0E929DCA732C64935407920D4A27DB89D00E87C1C1CE5BC1B9A479AC1AB4548159D1E499808EE6E9A756FB9665AF1E46F344DBC20941605F07BBF166E54256EC260F56008E10E2A546F4BFEDDA9C86C2A3A9E1E8CE019D90475F5C8AB1F1BE3CD276E8A5F211B32DA6608A0C8054621FA29B33C36A5A3C45920BB563481660C2DAC78925D2F04633AD5D1B20A6423F6A2DB1692440D597404DA1CC393F339ED6BEEBBA992F3A53E147B8FAD58428C87F675078433C3D6BA3044527B2CF4BA3428301060655F58651A5A53ED3F9EA40F62D77A55D0F8A70D1CC3CFCCB007062E97F5042F"
.
--------------------- Pliki DLL ładowane pod uruchomionymi procesami ---------------------

- - - - - - - > 'winlogon.exe'(768)
c:\windows\system32\Ati2evxx.dll

- - - - - - - > 'lsass.exe'(832)
c:\windows\System32\imon.dll
.
------------------------ Pozostałe uruchomione procesy ------------------------
.
c:\windows\system32\ati2evxx.exe
c:\windows\system32\ati2evxx.exe
c:\program files\ATI Technologies\ATI.ACE\CLI.exe
c:\progra~1\MI3AA1~1\rapimgr.exe
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Nero\Nero8\Nero BackItUp\NBService.exe
c:\program files\Eset\nod32krn.exe
c:\windows\system32\oodag.exe
c:\program files\Razer\Copperhead\razerofa.exe
c:\windows\system32\PnkBstrA.exe
c:\program files\Common Files\Nokia\MPAPI\MPAPI3s.exe
c:\program files\ATI Technologies\ATI.ACE\CLI.exe
c:\program files\ATI Technologies\ATI.ACE\CLI.exe
c:\program files\Common Files\Nero\Lib\NMIndexingService.exe
c:\program files\iPod\bin\iPodService.exe
c:\program files\PC Connectivity Solution\ServiceLayer.exe
c:\windows\system32\wbem\wmiapsrv.exe
c:\program files\PC Connectivity Solution\Transports\NclUSBSrv.exe
c:\program files\PC Connectivity Solution\Transports\NclRSSrv.exe
c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
.
**************************************************************************
.
Czas ukończenia: 2009-01-21 22:24:50 - komputer został uruchomiony ponownie [VeSs]
ComboFix-quarantined-files.txt  2009-01-21 21:23:12

Przed: 855,764,992 bajtów wolnych
Po: 3,951,783,936 bajtów wolnych

WindowsXP-KB310994-SP2-Pro-BootDisk-PLK.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /fastdetect /NoExecute=OptIn /usepmtimer

Current=2 Default=2 Failed=3 LastKnownGood=5 Sets=1,2,3,4,5
329   --- E O F ---   2009-01-19 16:36:04


Z góry dzieki.
Pozdro.

[wojtas]

jaki proces zuzywa tyle procka:

1. Ściągnij OTMoveIt i go włacz i odpal go z opcji CleanUp oraz skasuj folder C:\Qoobox
2. wykonaj optymalizację windowsa
3.sciagnij ATF_Cleaner
zaznacz
Windows Temp
All users Temp
Temporary internet files
Recycle Bin
i wcisnij EMPTY SELECTED
4.Wyłącz przywracanie systemu ( właściwości mój komputer-zakładka przywracanie - wyłącz przywracanie na wszystkich dyskach). Po chwili włącz je powrotem
5. Wykonaj skan Dr. Web CureIt
6. Przeskanuj obszar mojego komputera http://www.kaspersky.pl/virusscanner.html (uruchom przez IE) Daj raport z niego na forum.

i tym:

FixIEDef.

[Gorgoy]

Proces to PresentationFontCache.exe.
Za moment podam reszte Logów.

Kod: Zaznacz wszystko

********************************************************************************
*                                                                              *
*                                 FixIEDef Log                                 *
*                              Version 1.7.22.7283                             *
*                                                                              *
********************************************************************************

Created at 17:46:42 on Thursday, January 22, 2009

Time Zone            :

Logged On User       : VeSs

Operating System     : Microsoft Windows XP Professional Dodatek Service Pack 3
OS Architecture      : X86
System Langauge      : Polish
Keyboard Layout      : Polish
Processor            : X64 AMD Athlon(tm) 64 Processor 3500+

System Drive         : C:\
Windows Directory    : C:\WINDOWS
System Directory     : C:\WINDOWS\system32

System Drive Type    : Fixed
System Drive Status  : READY
System Drive Label   :
System Drive Size    : 42.58 GB
System Drive Free    : 3.83 GB

Total Physical Memory: 2047 MB
Free Physical Memory : 1175 MB
Total Page File      : 2047 MB
Free Page File       : 3419 MB
Total Virtual Memory : 2048 MB
Free Virtual Memory  : 1970 MB

Boot State           : Normal boot

--------------------------------------------------------------------------------

!!! userinit.exe is Clean !!!

--------------------------------------------------------------------------------

!!! Files that have been deleted !!!

C:\WINDOWS\system32\OODBS.lor

--------------------------------------------------------------------------------

!!! Directories that have been removed !!!

No malicious directories to be removed

--------------------------------------------------------------------------------

!!! Registry entries that have been removed !!!

No malicious Registry entries found

================================================================================

All Done :)

ShadowPuterDude

Safe Surfing!!!

[wojtas]

odinstaluj:

NET Framework

i zainstaluj to:

http://www.programosy.pl/program,net-framework.html

[Gorgoy]

Dzięki wielkie. Chyba już wszystko w porządku.