Antywirus Protection 2012- jak usunąć?

Bardzo proszę o pomoc w usunięciu tego antyvirusa.

Oto mój OTL:

http://wklej.to/UK8Dl

i mój Exyras:

http://wklej.to/uVGog

Z góry serdecznie dziękuje za pomoc !

Odinstaluj free-downloads.net Toolbar.Uruchom OTL i w okno (Własne opcje skanowania/Script)wklej:

Kliknij Wykonaj skrypt.Zatwierdź restart komputera. Zapisz raport, który pokaże się po restarcie. Następnie uruchom OTL ponownie, tym razem kliknij (Skanuj).

Pokaż nowy log OTL.txt oraz raport z usuwania.

http://wklej.to/zRcbl - raport

http://wklej.to/uI9IY- OTL log

Niema logu na tej stronie http://wklej.to/uI9IY-

OTL logfile created on: 2012-03-06 20:04:55 - Run 2

OTL by OldTimer - Version 3.2.35.1 Folder = C:\Documents and Settings\User\Moje dokumenty\Pobieranie

Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 7.0.5730.11)

Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

478,61 Mb Total Physical Memory | 112,56 Mb Available Physical Memory | 23,52% Memory free

1,80 Gb Paging File | 1,53 Gb Available in Paging File | 85,26% Paging File free

Paging file location(s): C:\pagefile.sys 1440 2880 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 9,76 Gb Total Space | 3,61 Gb Free Space | 37,04% Space Free | Partition Type: FAT32

Drive E: | 39,06 Gb Total Space | 13,13 Gb Free Space | 33,62% Space Free | Partition Type: NTFS

Drive F: | 25,69 Gb Total Space | 25,59 Gb Free Space | 99,61% Space Free | Partition Type: NTFS

Computer Name: SM-BD043193BF5E | User Name: User | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012-03-06 17:20:00 | 000,584,704 | ---- | M] (OldTimer Tools) – C:\Documents and Settings\User\Moje dokumenty\Pobieranie\OTL.exe

PRC - [2012-02-18 18:07:16 | 000,912,344 | ---- | M] (Mozilla Corporation) – C:\Program Files\Mozilla Firefox\firefox.exe

PRC - [2008-12-10 11:02:30 | 000,216,520 | ---- | M] (DT Soft Ltd) – C:\Documents and Settings\User\Pulpit\DAEMON Tools Lite\daemon.exe

PRC - [2007-03-22 15:50:06 | 001,431,552 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\explorer.exe

========== Modules (No Company Name) ==========

MOD - [2012-02-18 18:07:18 | 001,014,744 | ---- | M] () – C:\Program Files\Mozilla Firefox\js3250.dll

MOD - [2009-02-27 20:04:20 | 000,311,296 | ---- | M] () – C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\pdfshell.POL

MOD - [2008-12-10 11:02:30 | 000,593,352 | ---- | M] () – C:\Documents and Settings\User\Pulpit\DAEMON Tools Lite\DaemonPlugin.dll

MOD - [2006-11-17 17:29:00 | 000,212,992 | ---- | M] () – C:\WINDOWS\system32\nvapi.dll

========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] – -- (HidServ)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] – -- (WDICA)

DRV - File not found [Kernel | On_Demand | Stopped] – -- (USBAAPL)

DRV - File not found [Kernel | On_Demand | Stopped] – -- (PDRFRAME)

DRV - File not found [Kernel | On_Demand | Stopped] – -- (PDRELI)

DRV - File not found [Kernel | On_Demand | Stopped] – -- (PDFRAME)

DRV - File not found [Kernel | On_Demand | Stopped] – -- (PDCOMP)

DRV - File not found [Kernel | System | Stopped] – -- (PCIDump)

DRV - File not found [Kernel | System | Stopped] – -- (lbrtfdc)

DRV - File not found [Kernel | System | Stopped] – -- (i2omgmt)

DRV - File not found [Kernel | System | Stopped] – -- (Changer)

DRV - File not found [Kernel | On_Demand | Unknown] – -- (axnynuaf)

DRV - [2012-02-28 09:36:04 | 000,050,704 | ---- | M] (CACE Technologies, Inc.) [Kernel | On_Demand | Stopped] – C:\WINDOWS\system32\drivers\npf.sys – (NPF) WinPcap Packet Driver (NPF)

DRV - [2011-10-07 15:58:50 | 000,436,792 | ---- | M] () [Kernel | Boot | Running] – C:\WINDOWS\System32\Drivers\sptd.sys – (sptd)

DRV - [2010-05-22 13:31:22 | 000,005,632 | ---- | M] () [File_System | System | Running] – C:\WINDOWS\System32\drivers\StarOpen.sys – (StarOpen)

DRV - [2006-10-05 00:00:00 | 000,054,528 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] – C:\WINDOWS\system32\drivers\nvefd2k.sys – (NVENETFD)

DRV - [2006-04-17 00:00:00 | 004,262,912 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] – C:\WINDOWS\system32\drivers\RtkHDAud.Sys – (IntcAzAudAddService) Service for Realtek HD Audio (WDM)

DRV - [2005-12-06 16:11:20 | 000,035,328 | ---- | M] (Protection Technology) [Kernel | Boot | Running] – C:\WINDOWS\System32\drivers\sfsync03.sys – (sfsync03) StarForce Protection Synchronization Driver (version 3.x)

DRV - [2005-11-03 15:40:08 | 000,063,488 | ---- | M] (Protection Technology) [Kernel | Boot | Running] – C:\WINDOWS\System32\drivers\sfvfs02.sys – (sfvfs02) StarForce Protection VFS Driver (version 2.x)

DRV - [2005-08-10 13:44:06 | 000,050,688 | ---- | M] (Protection Technology) [Kernel | Boot | Running] – C:\WINDOWS\System32\drivers\sfdrv01.sys – (sfdrv01) StarForce Protection Environment Driver (version 1.x)

DRV - [2005-05-16 15:23:40 | 000,019,968 | ---- | M] (Protection Technology) [Kernel | Boot | Running] – C:\WINDOWS\System32\drivers\sfsync02.sys – (sfsync02) StarForce Protection Synchronization Driver (version 2.x)

DRV - [2005-05-16 15:20:40 | 000,006,656 | ---- | M] (Protection Technology) [Kernel | Boot | Running] – C:\WINDOWS\System32\drivers\sfhlp02.sys – (sfhlp02) StarForce Protection Helper Driver (version 2.x)

DRV - [2005-01-07 17:07:16 | 000,145,920 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Stopped] – C:\WINDOWS\system32\drivers\Hdaudio.sys – (HdAudAddService)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com/?barid={FFB4B897-2495-4DC3-B615-CEBAB8FB472B}

IE - HKLM…\SearchScopes,DefaultScope = {EEE6C360-6118-11DC-9C72-001320C79847}

IE - HKLM…\SearchScopes{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: “URL” = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}

IE - HKLM…\SearchScopes{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: “URL” = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7

IE - HKLM…\SearchScopes{EEE6C360-6118-11DC-9C72-001320C79847}: “URL” = http://search.sweetim.com/search.asp?src=6&q={searchTerms}&barid={FFB4B897-2495-4DC3-B615-CEBAB8FB472B}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com/?barid={FFB4B897-2495-4DC3-B615-CEBAB8FB472B}

IE - HKCU…\SearchScopes,DefaultScope = {EEE6C360-6118-11DC-9C72-001320C79847}

IE - HKCU…\SearchScopes{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: “URL” = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}

IE - HKCU…\SearchScopes{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: “URL” = http://search.babylon.com/?q={searchTerms}&AF=109980&babsrc=SP_ss&mntrId=e4debf120000000000000019990cc052

IE - HKCU…\SearchScopes{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: “URL” = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ADSA_plPL367

IE - HKCU…\SearchScopes{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB9}: “URL” = http://www.daemon-search.com/search?q={searchTerms}

IE - HKCU…\SearchScopes{afdbddaa-5d3f-42ee-b79c-185a7020515b}: “URL” = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT1098640

IE - HKCU…\SearchScopes{EEE6C360-6118-11DC-9C72-001320C79847}: “URL” = http://search.sweetim.com/search.asp?src=6&q={searchTerms}&barid={FFB4B897-2495-4DC3-B615-CEBAB8FB472B}

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: “ProxyEnable” = 0

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: “ProxyOverride” = *.local

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: “ProxyServer” =

========== FireFox ==========

FF - prefs.js…browser.search.defaultenginename: “Search the web (Babylon)”

FF - prefs.js…browser.search.defaultthis.engineName: “free-downloads.net Customized Web Search”

FF - prefs.js…browser.search.defaulturl: “http://search.conduit.com/ResultsExt.aspx?ctid=CT1098640&SearchSource=3&q={searchTerms}

FF - prefs.js…browser.search.order.1: “Search the web (Babylon)”

FF - prefs.js…browser.search.selectedEngine: “Search the web (Babylon)”

FF - prefs.js…browser.search.useDBForOrder: true

FF - prefs.js…browser.startup.homepage: “http://pl.start3.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:pl:official

FF - prefs.js…extensions.enabledItems: {c86eb8a9-ccc2-4b6c-b75d-73576ed591bf}:3.3.3.2

FF - prefs.js…extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21

FF - prefs.js…extensions.enabledItems: jqs@sun.com:1.0

FF - prefs.js…extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23

FF - prefs.js…extensions.enabledItems: engine@conduit.com:3.3.3.2

FF - prefs.js…extensions.enabledItems: {ecdee021-0d17-467f-a1ff-c7a115230949}:2.5.6.0

FF - prefs.js…extensions.enabledItems: ffxtlbr@babylon.com:1.2.0

FF - prefs.js…extensions.enabledItems: {EEE6C361-6118-11DC-9C72-001320C79847}:1.4.0.0

FF - prefs.js…keyword.URL: “http://search.sweetim.com/search.asp?src=2&q=

FF - prefs.js…sweetim.toolbar.previous.browser.search.selectedEngine: “Search the web (Babylon)”

FF - prefs.js…browser.startup.homepage: “http://www.google.pl/#hl=pl&q=jakie+materia%C5%82y+podlegaj%C4%85+zwrotowi+podatku+VAT&oq=jakie+materia%C5%82y+podlegaj%C4%85+zwrotowi+podatku+VAT&aq=f&aqi=&aql=&gs_sm=e&gs_upl=4864l5456l0l2l2l0l0l0l0l251l465l2-2l2&bav=on.2,or.r_gc.r_pw.&fp=6380a1922ddfd3a7&biw=1280&bih=804

FF - prefs.js…sweetim.toolbar.previous.keyword.URL: “http://search.babylon.com/?AF=109980&babsrc=adbartrp&mntrId=e4debf120000000000000019990cc052&q=

FF - HKLM\Software\MozillaPlugins@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()

FF - HKLM\Software\MozillaPlugins@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)

FF - HKLM\Software\MozillaPlugins@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)

FF - HKLM\Software\MozillaPlugins@real.com/nppl3260;version=6.0.12.450: C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins@real.com/nprpjplug;version=6.0.12.448: C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins@real.com/nsJSRealPlayerPlugin;version=: File not found

FF - HKLM\Software\MozillaPlugins@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.27\extensions\Components: C:\Program Files\Mozilla Firefox\components [2010-03-06 12:32:48 | 000,000,000 | —D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.27\extensions\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010-03-06 12:32:48 | 000,000,000 | —D | M]

[2010-03-06 12:33:30 | 000,000,000 | —D | M] (No name found) – C:\Documents and Settings\User\Dane aplikacji\Mozilla\Extensions

[2010-03-06 12:33:30 | 000,000,000 | —D | M] (No name found) – C:\Documents and Settings\User\Dane aplikacji\Mozilla\Firefox\Profiles\65vx65w9.default\extensions

[2011-05-28 22:04:04 | 000,000,000 | —D | M] (Softonic-Polska Community Toolbar) – C:\Documents and Settings\User\Dane aplikacji\Mozilla\Firefox\Profiles\65vx65w9.default\extensions{c86eb8a9-ccc2-4b6c-b75d-73576ed591bf}

[2011-10-07 16:01:52 | 000,000,000 | —D | M] (free-downloads.net Toolbar) – C:\Documents and Settings\User\Dane aplikacji\Mozilla\Firefox\Profiles\65vx65w9.default\extensions{ecdee021-0d17-467f-a1ff-c7a115230949}

[2012-03-06 14:12:50 | 000,000,000 | —D | M] (SweetIM Toolbar for Firefox) – C:\Documents and Settings\User\Dane aplikacji\Mozilla\Firefox\Profiles\65vx65w9.default\extensions{EEE6C361-6118-11DC-9C72-001320C79847}

[2011-05-28 22:04:04 | 000,000,000 | —D | M] (Conduit Engine) – C:\Documents and Settings\User\Dane aplikacji\Mozilla\Firefox\Profiles\65vx65w9.default\extensions\engine@conduit.com

[2012-01-24 12:51:10 | 000,000,000 | —D | M] (Babylon) – C:\Documents and Settings\User\Dane aplikacji\Mozilla\Firefox\Profiles\65vx65w9.default\extensions\ffxtlbr@babylon.com

[2010-10-14 21:41:30 | 000,000,523 | ---- | M] () – C:\Documents and Settings\User\Dane aplikacji\Mozilla\Firefox\Profiles\65vx65w9.default\searchplugins\daemon-search.xml

[2010-01-20 12:16:28 | 000,000,939 | ---- | M] () – C:\Documents and Settings\User\Dane aplikacji\Mozilla\Firefox\Profiles\65vx65w9.default\searchplugins\conduit.xml

[2012-03-06 14:12:42 | 000,003,915 | ---- | M] () – C:\Documents and Settings\User\Dane aplikacji\Mozilla\Firefox\Profiles\65vx65w9.default\searchplugins\sweetim.xml

[2012-03-06 16:53:12 | 000,003,959 | ---- | M] () – C:\Documents and Settings\User\Dane aplikacji\Mozilla\Firefox\Profiles\65vx65w9.default\searchplugins\sweetim-search.xml

[2010-03-06 12:32:48 | 000,000,000 | —D | M] (No name found) – C:\Program Files\Mozilla Firefox\extensions

[2010-09-25 14:24:38 | 000,000,000 | —D | M] (Java Console) – C:\Program Files\Mozilla Firefox\extensions{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}

[2011-02-11 21:25:44 | 000,000,000 | —D | M] (Java Console) – C:\Program Files\Mozilla Firefox\extensions{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}

[2010-09-25 14:24:30 | 000,000,000 | —D | M] (Java Quick Starter) – C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF

[2010-11-12 18:53:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) – C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll

[2010-01-16 02:08:36 | 000,002,767 | ---- | M] () – C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml

[2010-01-16 02:08:36 | 000,001,406 | ---- | M] () – C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml

[2010-01-16 02:08:36 | 000,000,917 | ---- | M] () – C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml

[2010-01-16 02:08:36 | 000,000,858 | ---- | M] () – C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml

[2010-01-16 02:08:36 | 000,001,183 | ---- | M] () – C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml

[2010-01-16 02:08:36 | 000,001,683 | ---- | M] () – C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml

[2012-03-03 19:18:14 | 000,002,310 | ---- | M] () – C:\Program Files\mozilla firefox\searchplugins\babylon.xml

O1 HOSTS File: ([2001-10-26 14:45:16 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O4 - HKLM…\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)

O4 - HKLM…\Run: [High Definition Audio Property Page Shortcut] C:\WINDOWS\System32\HdAShCut.exe (Windows ® Server 2003 DDK provider)

O4 - HKLM…\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)

O4 - HKLM…\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)

O4 - HKLM…\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()

O4 - HKCU…\Run: [DAEMON Tools Lite] C:\Documents and Settings\User\Pulpit\DAEMON Tools Lite\daemon.exe (DT Soft Ltd)

O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoInternetOpenWith = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableStatusMessages = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: VerboseStatus = 0

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 1

O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)

O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shoc … tor/sw.cab (Shockwave ActiveX Control)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta … s-i586.cab (Java Plug-in 1.6.0_23)

O16 - DPF: {B4891BE9-835D-471B-B495-F5F3E6A8BBD7} http://cdn.vod4net.pl/1791/viv-3.5.27.1 … r_ocx.jpeg (VPlayer Control)

O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta … s-i586.cab (Java Plug-in 1.6.0_23)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta … s-i586.cab (Java Plug-in 1.6.0_23)

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 208.67.222.222 208.67.220.220

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces{E7137544-979E-49FA-8B74-5631A1ECF238}: DhcpNameServer = 208.67.222.222 208.67.220.220

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (c:\windows\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)

O20 - HKCU Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)

O20 - HKCU Winlogon: Shell - (“C:\Documents and Settings\User\winlogon.exe”) - File not found

O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home

O24 - Desktop WallPaper: C:\Documents and Settings\User\Dane aplikacji\Mozilla\Firefox\Tapeta pulpitu.bmp

O24 - Desktop BackupWallPaper: C:\Documents and Settings\User\Dane aplikacji\Mozilla\Firefox\Tapeta pulpitu.bmp

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2010-02-06 17:44:46 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT – [FAT32]

O34 - HKLM BootExecute: (autocheck autochk *)

O35 - HKLM…comfile [open] – “%1” %*

O35 - HKLM…exefile [open] – “%1” %*

O37 - HKLM…com [@ = comfile] – “%1” %*

O37 - HKLM…exe [@ = exefile] – “%1” %*

O37 - HKCU…exe [@ = exefile] – Reg Error: Key error. File not found

========== Files/Folders - Created Within 30 Days ==========

[2012-03-06 17:20:55 | 000,000,000 | —D | C] – C:_OTL

[2012-03-06 16:59:05 | 000,000,000 | -HSD | C] – C:\Config.Msi

[2012-03-06 16:54:31 | 000,000,000 | —D | C] – C:\Documents and Settings\User\Menu Start\Programy\Antivirus Protection 2012

[2012-03-06 14:12:35 | 000,000,000 | —D | C] – C:\Program Files\SweetIM

[2012-03-06 14:08:10 | 000,000,000 | —D | C] – C:\Documents and Settings\All Users\Dane aplikacji\529C5411000083BB6448881F8DB91C90

[2012-03-03 20:59:55 | 000,000,000 | —D | C] – C:\Documents and Settings\All Users\Dane aplikacji\PC Tools

[2012-03-03 20:59:54 | 000,000,000 | —D | C] – C:\Documents and Settings\User\Dane aplikacji\TestApp

[2012-03-03 18:47:42 | 000,000,000 | —D | C] – C:\Documents and Settings\All Users\Menu Start\Programy\GridinSoft Trojan Killer

[2012-03-03 18:47:35 | 000,000,000 | —D | C] – C:\Program Files\GridinSoft Trojan Killer

[2012-03-03 17:33:28 | 000,000,000 | —D | C] – C:\Documents and Settings\User\Dane aplikacji\Antivirus Protection 2012

[2012-02-28 09:36:02 | 000,281,104 | ---- | C] (CACE Technologies, Inc.) – C:\WINDOWS\System32\wpcap.dll

[2012-02-28 09:36:02 | 000,100,880 | ---- | C] (CACE Technologies, Inc.) – C:\WINDOWS\System32\Packet.dll

[2012-02-28 09:36:02 | 000,050,704 | ---- | C] (CACE Technologies, Inc.) – C:\WINDOWS\System32\drivers\npf.sys

========== Files - Modified Within 30 Days ==========

[2012-03-06 20:02:44 | 000,000,000 | ---- | M] () – C:\WINDOWS\System32\NvApps.xml

[2012-03-06 20:02:42 | 000,001,032 | ---- | M] () – C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job

[2012-03-06 20:02:32 | 000,002,048 | --S- | M] () – C:\WINDOWS\bootstat.dat

[2012-03-06 19:46:02 | 000,001,036 | ---- | M] () – C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

[2012-03-06 16:46:02 | 000,193,776 | ---- | M] () – C:\WINDOWS\System32\FNTCACHE.DAT

[2012-03-06 12:03:34 | 000,002,791 | ---- | M] () – C:\Documents and Settings\User\Pulpit\PIT-37(17)_v1-0E.xml

[2012-03-03 19:18:52 | 000,000,474 | ---- | M] () – C:\user.js

[2012-03-02 12:29:36 | 000,002,184 | ---- | M] () – C:\WINDOWS\System32\wpa.dbl

[2012-02-28 09:36:04 | 000,281,104 | ---- | M] (CACE Technologies, Inc.) – C:\WINDOWS\System32\wpcap.dll

[2012-02-28 09:36:04 | 000,100,880 | ---- | M] (CACE Technologies, Inc.) – C:\WINDOWS\System32\Packet.dll

[2012-02-28 09:36:04 | 000,050,704 | ---- | M] (CACE Technologies, Inc.) – C:\WINDOWS\System32\drivers\npf.sys

========== Files Created - No Company Name ==========

[2012-03-06 16:54:32 | 000,001,853 | ---- | C] () – C:\Documents and Settings\User\Menu Start\Programy\Antivirus Protection 2012.lnk

[2012-03-06 12:03:32 | 000,002,791 | ---- | C] () – C:\Documents and Settings\User\Pulpit\PIT-37(17)_v1-0E.xml

[2012-01-24 17:13:12 | 000,707,504 | ---- | C] () – C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\unins000.exe

[2012-01-24 17:13:12 | 000,011,761 | ---- | C] () – C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\unins000.msg

[2012-01-24 17:13:12 | 000,002,165 | ---- | C] () – C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\unins000.dat

[2012-01-24 16:51:05 | 000,000,036 | ---- | C] () – C:\Documents and Settings\User\Dane aplikacji\AVSDVDPlayer.m3u

[2012-01-24 16:41:14 | 000,524,288 | ---- | C] () – C:\WINDOWS\System32\xvidcore.dll

[2012-01-24 16:41:14 | 000,139,264 | ---- | C] () – C:\WINDOWS\System32\xvidvfw.dll

[2011-02-12 10:51:39 | 000,011,560 | -H-- | C] () – C:\WINDOWS\System32\mlfcache.dat

[2010-05-22 13:32:10 | 000,000,000 | ---- | C] () – C:\Documents and Settings\All Users\Dane aplikacji\LauncherAccess.dt

[2010-05-22 13:12:27 | 000,005,632 | ---- | C] () – C:\WINDOWS\System32\drivers\StarOpen.sys

[2010-03-18 16:50:59 | 000,000,556 | ---- | C] () – C:\WINDOWS\ODBC.INI

< End of report >

Uruchom OTL i w okno (Własne opcje skanowania/Script)wklej:

Kliknij Wykonaj skrypt.W OTL użyj opcji Sprzątanie.Wyłącz i włącz przywracanie systemu.

http://www.searchengines.pl/Czyszczenie … 41981.html

Przeskanuj progr.Malwarebytes Anti-Malware

http://www.dobreprogramy.pl/Malwarebyte … 13117.html

Przed skanowaniem wykonaj RĘCZNĄ AKTUALIZACJĘ BAZY SYGNATUR WIRUSÓW

Zainstaluj aktualizacje do programow wskazanych przez: http://screen317.spywareinfoforum.org/SecurityCheck.exe jako out of date.

RĘCZNA AKTUALIZACJA BAZY SYGNATUR WIRUSÓW-- jak to zrobić??:)… jestem zupełnym laikiem w tych sprawach…

W Malwarebytesie kliknij Aktualizacja i aktualizuj.

Wielkie dzięki za pomoc.

SZacunek !!

Co to, jakaś epidemia czy co?

To chyba 17 taki temat… pfff…

można powiedzieć że epidemia! !!

Ale czym spowodowana, wirus, robak, trojan??

nie wiem czym spowodowana natomiast wiem że blokuje praktycznie każde działanie na komp.

Nie mozna tego usunąć przez panel sterowania.