Bardzo proszę o pomoc w usunięciu tego antyvirusa.
Oto mój OTL:
i mój Exyras:
Z góry serdecznie dziękuje za pomoc !
Bardzo proszę o pomoc w usunięciu tego antyvirusa.
Oto mój OTL:
i mój Exyras:
Z góry serdecznie dziękuje za pomoc !
Odinstaluj free-downloads.net Toolbar.Uruchom OTL i w okno (Własne opcje skanowania/Script)wklej:
Kliknij Wykonaj skrypt.Zatwierdź restart komputera. Zapisz raport, który pokaże się po restarcie. Następnie uruchom OTL ponownie, tym razem kliknij (Skanuj).
Pokaż nowy log OTL.txt oraz raport z usuwania.
OTL logfile created on: 2012-03-06 20:04:55 - Run 2
OTL by OldTimer - Version 3.2.35.1 Folder = C:\Documents and Settings\User\Moje dokumenty\Pobieranie
Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
478,61 Mb Total Physical Memory | 112,56 Mb Available Physical Memory | 23,52% Memory free
1,80 Gb Paging File | 1,53 Gb Available in Paging File | 85,26% Paging File free
Paging file location(s): C:\pagefile.sys 1440 2880 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 9,76 Gb Total Space | 3,61 Gb Free Space | 37,04% Space Free | Partition Type: FAT32
Drive E: | 39,06 Gb Total Space | 13,13 Gb Free Space | 33,62% Space Free | Partition Type: NTFS
Drive F: | 25,69 Gb Total Space | 25,59 Gb Free Space | 99,61% Space Free | Partition Type: NTFS
Computer Name: SM-BD043193BF5E | User Name: User | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012-03-06 17:20:00 | 000,584,704 | ---- | M] (OldTimer Tools) – C:\Documents and Settings\User\Moje dokumenty\Pobieranie\OTL.exe
PRC - [2012-02-18 18:07:16 | 000,912,344 | ---- | M] (Mozilla Corporation) – C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2008-12-10 11:02:30 | 000,216,520 | ---- | M] (DT Soft Ltd) – C:\Documents and Settings\User\Pulpit\DAEMON Tools Lite\daemon.exe
PRC - [2007-03-22 15:50:06 | 001,431,552 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\explorer.exe
========== Modules (No Company Name) ==========
MOD - [2012-02-18 18:07:18 | 001,014,744 | ---- | M] () – C:\Program Files\Mozilla Firefox\js3250.dll
MOD - [2009-02-27 20:04:20 | 000,311,296 | ---- | M] () – C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\pdfshell.POL
MOD - [2008-12-10 11:02:30 | 000,593,352 | ---- | M] () – C:\Documents and Settings\User\Pulpit\DAEMON Tools Lite\DaemonPlugin.dll
MOD - [2006-11-17 17:29:00 | 000,212,992 | ---- | M] () – C:\WINDOWS\system32\nvapi.dll
========== Win32 Services (SafeList) ==========
SRV - File not found [Disabled | Stopped] – -- (HidServ)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] – -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] – -- (USBAAPL)
DRV - File not found [Kernel | On_Demand | Stopped] – -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] – -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] – -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] – -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] – -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] – -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] – -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] – -- (Changer)
DRV - File not found [Kernel | On_Demand | Unknown] – -- (axnynuaf)
DRV - [2012-02-28 09:36:04 | 000,050,704 | ---- | M] (CACE Technologies, Inc.) [Kernel | On_Demand | Stopped] – C:\WINDOWS\system32\drivers\npf.sys – (NPF) WinPcap Packet Driver (NPF)
DRV - [2011-10-07 15:58:50 | 000,436,792 | ---- | M] () [Kernel | Boot | Running] – C:\WINDOWS\System32\Drivers\sptd.sys – (sptd)
DRV - [2010-05-22 13:31:22 | 000,005,632 | ---- | M] () [File_System | System | Running] – C:\WINDOWS\System32\drivers\StarOpen.sys – (StarOpen)
DRV - [2006-10-05 00:00:00 | 000,054,528 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] – C:\WINDOWS\system32\drivers\nvefd2k.sys – (NVENETFD)
DRV - [2006-04-17 00:00:00 | 004,262,912 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] – C:\WINDOWS\system32\drivers\RtkHDAud.Sys – (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2005-12-06 16:11:20 | 000,035,328 | ---- | M] (Protection Technology) [Kernel | Boot | Running] – C:\WINDOWS\System32\drivers\sfsync03.sys – (sfsync03) StarForce Protection Synchronization Driver (version 3.x)
DRV - [2005-11-03 15:40:08 | 000,063,488 | ---- | M] (Protection Technology) [Kernel | Boot | Running] – C:\WINDOWS\System32\drivers\sfvfs02.sys – (sfvfs02) StarForce Protection VFS Driver (version 2.x)
DRV - [2005-08-10 13:44:06 | 000,050,688 | ---- | M] (Protection Technology) [Kernel | Boot | Running] – C:\WINDOWS\System32\drivers\sfdrv01.sys – (sfdrv01) StarForce Protection Environment Driver (version 1.x)
DRV - [2005-05-16 15:23:40 | 000,019,968 | ---- | M] (Protection Technology) [Kernel | Boot | Running] – C:\WINDOWS\System32\drivers\sfsync02.sys – (sfsync02) StarForce Protection Synchronization Driver (version 2.x)
DRV - [2005-05-16 15:20:40 | 000,006,656 | ---- | M] (Protection Technology) [Kernel | Boot | Running] – C:\WINDOWS\System32\drivers\sfhlp02.sys – (sfhlp02) StarForce Protection Helper Driver (version 2.x)
DRV - [2005-01-07 17:07:16 | 000,145,920 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Stopped] – C:\WINDOWS\system32\drivers\Hdaudio.sys – (HdAudAddService)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com/?barid={FFB4B897-2495-4DC3-B615-CEBAB8FB472B}
IE - HKLM…\SearchScopes,DefaultScope = {EEE6C360-6118-11DC-9C72-001320C79847}
IE - HKLM…\SearchScopes{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: “URL” = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM…\SearchScopes{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: “URL” = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM…\SearchScopes{EEE6C360-6118-11DC-9C72-001320C79847}: “URL” = http://search.sweetim.com/search.asp?src=6&q={searchTerms}&barid={FFB4B897-2495-4DC3-B615-CEBAB8FB472B}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com/?barid={FFB4B897-2495-4DC3-B615-CEBAB8FB472B}
IE - HKCU…\SearchScopes,DefaultScope = {EEE6C360-6118-11DC-9C72-001320C79847}
IE - HKCU…\SearchScopes{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: “URL” = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKCU…\SearchScopes{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: “URL” = http://search.babylon.com/?q={searchTerms}&AF=109980&babsrc=SP_ss&mntrId=e4debf120000000000000019990cc052
IE - HKCU…\SearchScopes{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: “URL” = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ADSA_plPL367
IE - HKCU…\SearchScopes{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB9}: “URL” = http://www.daemon-search.com/search?q={searchTerms}
IE - HKCU…\SearchScopes{afdbddaa-5d3f-42ee-b79c-185a7020515b}: “URL” = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT1098640
IE - HKCU…\SearchScopes{EEE6C360-6118-11DC-9C72-001320C79847}: “URL” = http://search.sweetim.com/search.asp?src=6&q={searchTerms}&barid={FFB4B897-2495-4DC3-B615-CEBAB8FB472B}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: “ProxyEnable” = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: “ProxyOverride” = *.local
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: “ProxyServer” =
========== FireFox ==========
FF - prefs.js…browser.search.defaultenginename: “Search the web (Babylon)”
FF - prefs.js…browser.search.defaultthis.engineName: “free-downloads.net Customized Web Search”
FF - prefs.js…browser.search.defaulturl: “http://search.conduit.com/ResultsExt.aspx?ctid=CT1098640&SearchSource=3&q={searchTerms}”
FF - prefs.js…browser.search.order.1: “Search the web (Babylon)”
FF - prefs.js…browser.search.selectedEngine: “Search the web (Babylon)”
FF - prefs.js…browser.search.useDBForOrder: true
FF - prefs.js…browser.startup.homepage: “http://pl.start3.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:pl:official”
FF - prefs.js…extensions.enabledItems: {c86eb8a9-ccc2-4b6c-b75d-73576ed591bf}:3.3.3.2
FF - prefs.js…extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js…extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js…extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js…extensions.enabledItems: engine@conduit.com:3.3.3.2
FF - prefs.js…extensions.enabledItems: {ecdee021-0d17-467f-a1ff-c7a115230949}:2.5.6.0
FF - prefs.js…extensions.enabledItems: ffxtlbr@babylon.com:1.2.0
FF - prefs.js…extensions.enabledItems: {EEE6C361-6118-11DC-9C72-001320C79847}:1.4.0.0
FF - prefs.js…keyword.URL: “http://search.sweetim.com/search.asp?src=2&q=”
FF - prefs.js…sweetim.toolbar.previous.browser.search.selectedEngine: “Search the web (Babylon)”
FF - prefs.js…browser.startup.homepage: “http://www.google.pl/#hl=pl&q=jakie+materia%C5%82y+podlegaj%C4%85+zwrotowi+podatku+VAT&oq=jakie+materia%C5%82y+podlegaj%C4%85+zwrotowi+podatku+VAT&aq=f&aqi=&aql=&gs_sm=e&gs_upl=4864l5456l0l2l2l0l0l0l0l251l465l2-2l2&bav=on.2,or.r_gc.r_pw.&fp=6380a1922ddfd3a7&biw=1280&bih=804”
FF - prefs.js…sweetim.toolbar.previous.keyword.URL: “http://search.babylon.com/?AF=109980&babsrc=adbartrp&mntrId=e4debf120000000000000019990cc052&q=”
FF - HKLM\Software\MozillaPlugins@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins@real.com/nppl3260;version=6.0.12.450: C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins@real.com/nprpjplug;version=6.0.12.448: C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.27\extensions\Components: C:\Program Files\Mozilla Firefox\components [2010-03-06 12:32:48 | 000,000,000 | —D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.27\extensions\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010-03-06 12:32:48 | 000,000,000 | —D | M]
[2010-03-06 12:33:30 | 000,000,000 | —D | M] (No name found) – C:\Documents and Settings\User\Dane aplikacji\Mozilla\Extensions
[2010-03-06 12:33:30 | 000,000,000 | —D | M] (No name found) – C:\Documents and Settings\User\Dane aplikacji\Mozilla\Firefox\Profiles\65vx65w9.default\extensions
[2011-05-28 22:04:04 | 000,000,000 | —D | M] (Softonic-Polska Community Toolbar) – C:\Documents and Settings\User\Dane aplikacji\Mozilla\Firefox\Profiles\65vx65w9.default\extensions{c86eb8a9-ccc2-4b6c-b75d-73576ed591bf}
[2011-10-07 16:01:52 | 000,000,000 | —D | M] (free-downloads.net Toolbar) – C:\Documents and Settings\User\Dane aplikacji\Mozilla\Firefox\Profiles\65vx65w9.default\extensions{ecdee021-0d17-467f-a1ff-c7a115230949}
[2012-03-06 14:12:50 | 000,000,000 | —D | M] (SweetIM Toolbar for Firefox) – C:\Documents and Settings\User\Dane aplikacji\Mozilla\Firefox\Profiles\65vx65w9.default\extensions{EEE6C361-6118-11DC-9C72-001320C79847}
[2011-05-28 22:04:04 | 000,000,000 | —D | M] (Conduit Engine) – C:\Documents and Settings\User\Dane aplikacji\Mozilla\Firefox\Profiles\65vx65w9.default\extensions\engine@conduit.com
[2012-01-24 12:51:10 | 000,000,000 | —D | M] (Babylon) – C:\Documents and Settings\User\Dane aplikacji\Mozilla\Firefox\Profiles\65vx65w9.default\extensions\ffxtlbr@babylon.com
[2010-10-14 21:41:30 | 000,000,523 | ---- | M] () – C:\Documents and Settings\User\Dane aplikacji\Mozilla\Firefox\Profiles\65vx65w9.default\searchplugins\daemon-search.xml
[2010-01-20 12:16:28 | 000,000,939 | ---- | M] () – C:\Documents and Settings\User\Dane aplikacji\Mozilla\Firefox\Profiles\65vx65w9.default\searchplugins\conduit.xml
[2012-03-06 14:12:42 | 000,003,915 | ---- | M] () – C:\Documents and Settings\User\Dane aplikacji\Mozilla\Firefox\Profiles\65vx65w9.default\searchplugins\sweetim.xml
[2012-03-06 16:53:12 | 000,003,959 | ---- | M] () – C:\Documents and Settings\User\Dane aplikacji\Mozilla\Firefox\Profiles\65vx65w9.default\searchplugins\sweetim-search.xml
[2010-03-06 12:32:48 | 000,000,000 | —D | M] (No name found) – C:\Program Files\Mozilla Firefox\extensions
[2010-09-25 14:24:38 | 000,000,000 | —D | M] (Java Console) – C:\Program Files\Mozilla Firefox\extensions{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2011-02-11 21:25:44 | 000,000,000 | —D | M] (Java Console) – C:\Program Files\Mozilla Firefox\extensions{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2010-09-25 14:24:30 | 000,000,000 | —D | M] (Java Quick Starter) – C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2010-11-12 18:53:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) – C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2010-01-16 02:08:36 | 000,002,767 | ---- | M] () – C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml
[2010-01-16 02:08:36 | 000,001,406 | ---- | M] () – C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml
[2010-01-16 02:08:36 | 000,000,917 | ---- | M] () – C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml
[2010-01-16 02:08:36 | 000,000,858 | ---- | M] () – C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml
[2010-01-16 02:08:36 | 000,001,183 | ---- | M] () – C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml
[2010-01-16 02:08:36 | 000,001,683 | ---- | M] () – C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml
[2012-03-03 19:18:14 | 000,002,310 | ---- | M] () – C:\Program Files\mozilla firefox\searchplugins\babylon.xml
O1 HOSTS File: ([2001-10-26 14:45:16 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O4 - HKLM…\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM…\Run: [High Definition Audio Property Page Shortcut] C:\WINDOWS\System32\HdAShCut.exe (Windows ® Server 2003 DDK provider)
O4 - HKLM…\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM…\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM…\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKCU…\Run: [DAEMON Tools Lite] C:\Documents and Settings\User\Pulpit\DAEMON Tools Lite\daemon.exe (DT Soft Ltd)
O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoInternetOpenWith = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableStatusMessages = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: VerboseStatus = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 1
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shoc … tor/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta … s-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {B4891BE9-835D-471B-B495-F5F3E6A8BBD7} http://cdn.vod4net.pl/1791/viv-3.5.27.1 … r_ocx.jpeg (VPlayer Control)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta … s-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta … s-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 208.67.222.222 208.67.220.220
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces{E7137544-979E-49FA-8B74-5631A1ECF238}: DhcpNameServer = 208.67.222.222 208.67.220.220
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (c:\windows\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKCU Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKCU Winlogon: Shell - (“C:\Documents and Settings\User\winlogon.exe”) - File not found
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\User\Dane aplikacji\Mozilla\Firefox\Tapeta pulpitu.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\User\Dane aplikacji\Mozilla\Firefox\Tapeta pulpitu.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010-02-06 17:44:46 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT – [FAT32]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM…comfile [open] – “%1” %*
O35 - HKLM…exefile [open] – “%1” %*
O37 - HKLM…com [@ = comfile] – “%1” %*
O37 - HKLM…exe [@ = exefile] – “%1” %*
O37 - HKCU…exe [@ = exefile] – Reg Error: Key error. File not found
========== Files/Folders - Created Within 30 Days ==========
[2012-03-06 17:20:55 | 000,000,000 | —D | C] – C:_OTL
[2012-03-06 16:59:05 | 000,000,000 | -HSD | C] – C:\Config.Msi
[2012-03-06 16:54:31 | 000,000,000 | —D | C] – C:\Documents and Settings\User\Menu Start\Programy\Antivirus Protection 2012
[2012-03-06 14:12:35 | 000,000,000 | —D | C] – C:\Program Files\SweetIM
[2012-03-06 14:08:10 | 000,000,000 | —D | C] – C:\Documents and Settings\All Users\Dane aplikacji\529C5411000083BB6448881F8DB91C90
[2012-03-03 20:59:55 | 000,000,000 | —D | C] – C:\Documents and Settings\All Users\Dane aplikacji\PC Tools
[2012-03-03 20:59:54 | 000,000,000 | —D | C] – C:\Documents and Settings\User\Dane aplikacji\TestApp
[2012-03-03 18:47:42 | 000,000,000 | —D | C] – C:\Documents and Settings\All Users\Menu Start\Programy\GridinSoft Trojan Killer
[2012-03-03 18:47:35 | 000,000,000 | —D | C] – C:\Program Files\GridinSoft Trojan Killer
[2012-03-03 17:33:28 | 000,000,000 | —D | C] – C:\Documents and Settings\User\Dane aplikacji\Antivirus Protection 2012
[2012-02-28 09:36:02 | 000,281,104 | ---- | C] (CACE Technologies, Inc.) – C:\WINDOWS\System32\wpcap.dll
[2012-02-28 09:36:02 | 000,100,880 | ---- | C] (CACE Technologies, Inc.) – C:\WINDOWS\System32\Packet.dll
[2012-02-28 09:36:02 | 000,050,704 | ---- | C] (CACE Technologies, Inc.) – C:\WINDOWS\System32\drivers\npf.sys
========== Files - Modified Within 30 Days ==========
[2012-03-06 20:02:44 | 000,000,000 | ---- | M] () – C:\WINDOWS\System32\NvApps.xml
[2012-03-06 20:02:42 | 000,001,032 | ---- | M] () – C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012-03-06 20:02:32 | 000,002,048 | --S- | M] () – C:\WINDOWS\bootstat.dat
[2012-03-06 19:46:02 | 000,001,036 | ---- | M] () – C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012-03-06 16:46:02 | 000,193,776 | ---- | M] () – C:\WINDOWS\System32\FNTCACHE.DAT
[2012-03-06 12:03:34 | 000,002,791 | ---- | M] () – C:\Documents and Settings\User\Pulpit\PIT-37(17)_v1-0E.xml
[2012-03-03 19:18:52 | 000,000,474 | ---- | M] () – C:\user.js
[2012-03-02 12:29:36 | 000,002,184 | ---- | M] () – C:\WINDOWS\System32\wpa.dbl
[2012-02-28 09:36:04 | 000,281,104 | ---- | M] (CACE Technologies, Inc.) – C:\WINDOWS\System32\wpcap.dll
[2012-02-28 09:36:04 | 000,100,880 | ---- | M] (CACE Technologies, Inc.) – C:\WINDOWS\System32\Packet.dll
[2012-02-28 09:36:04 | 000,050,704 | ---- | M] (CACE Technologies, Inc.) – C:\WINDOWS\System32\drivers\npf.sys
========== Files Created - No Company Name ==========
[2012-03-06 16:54:32 | 000,001,853 | ---- | C] () – C:\Documents and Settings\User\Menu Start\Programy\Antivirus Protection 2012.lnk
[2012-03-06 12:03:32 | 000,002,791 | ---- | C] () – C:\Documents and Settings\User\Pulpit\PIT-37(17)_v1-0E.xml
[2012-01-24 17:13:12 | 000,707,504 | ---- | C] () – C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\unins000.exe
[2012-01-24 17:13:12 | 000,011,761 | ---- | C] () – C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\unins000.msg
[2012-01-24 17:13:12 | 000,002,165 | ---- | C] () – C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\unins000.dat
[2012-01-24 16:51:05 | 000,000,036 | ---- | C] () – C:\Documents and Settings\User\Dane aplikacji\AVSDVDPlayer.m3u
[2012-01-24 16:41:14 | 000,524,288 | ---- | C] () – C:\WINDOWS\System32\xvidcore.dll
[2012-01-24 16:41:14 | 000,139,264 | ---- | C] () – C:\WINDOWS\System32\xvidvfw.dll
[2011-02-12 10:51:39 | 000,011,560 | -H-- | C] () – C:\WINDOWS\System32\mlfcache.dat
[2010-05-22 13:32:10 | 000,000,000 | ---- | C] () – C:\Documents and Settings\All Users\Dane aplikacji\LauncherAccess.dt
[2010-05-22 13:12:27 | 000,005,632 | ---- | C] () – C:\WINDOWS\System32\drivers\StarOpen.sys
[2010-03-18 16:50:59 | 000,000,556 | ---- | C] () – C:\WINDOWS\ODBC.INI
< End of report >
Uruchom OTL i w okno (Własne opcje skanowania/Script)wklej:
Kliknij Wykonaj skrypt.W OTL użyj opcji Sprzątanie.Wyłącz i włącz przywracanie systemu.
http://www.searchengines.pl/Czyszczenie … 41981.html
Przeskanuj progr.Malwarebytes Anti-Malware
http://www.dobreprogramy.pl/Malwarebyte … 13117.html
Przed skanowaniem wykonaj RĘCZNĄ AKTUALIZACJĘ BAZY SYGNATUR WIRUSÓW
Zainstaluj aktualizacje do programow wskazanych przez: http://screen317.spywareinfoforum.org/SecurityCheck.exe jako out of date.
RĘCZNA AKTUALIZACJA BAZY SYGNATUR WIRUSÓW-- jak to zrobić??:)… jestem zupełnym laikiem w tych sprawach…
W Malwarebytesie kliknij Aktualizacja i aktualizuj.
Wielkie dzięki za pomoc.
SZacunek
Co to, jakaś epidemia czy co?
To chyba 17 taki temat… pfff…
można powiedzieć że epidemia!
Ale czym spowodowana, wirus, robak, trojan??
nie wiem czym spowodowana natomiast wiem że blokuje praktycznie każde działanie na komp.
Nie mozna tego usunąć przez panel sterowania.