Antywirus Protection 2012- jak usunąć?

Dla specjalistów Bezpieczeństwo
#1

Bardzo proszę o pomoc w usunięciu tego antyvirusa.

Oto mój OTL:

http://wklej.to/UK8Dl

i mój Exyras:

http://wklej.to/uVGog

Z góry serdecznie dziękuje za pomoc !

#2

Odinstaluj free-downloads.net Toolbar.Uruchom OTL i w okno (Własne opcje skanowania/Script)wklej:

Kliknij Wykonaj skrypt.Zatwierdź restart komputera. Zapisz raport, który pokaże się po restarcie. Następnie uruchom OTL ponownie, tym razem kliknij (Skanuj).

Pokaż nowy log OTL.txt oraz raport z usuwania.

#3

http://wklej.to/zRcbl - raport

http://wklej.to/uI9IY- OTL log

#4

Niema logu na tej stronie http://wklej.to/uI9IY-

#5

OTL logfile created on: 2012-03-06 20:04:55 - Run 2

OTL by OldTimer - Version 3.2.35.1 Folder = C:\Documents and Settings\User\Moje dokumenty\Pobieranie

Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 7.0.5730.11)

Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

478,61 Mb Total Physical Memory | 112,56 Mb Available Physical Memory | 23,52% Memory free

1,80 Gb Paging File | 1,53 Gb Available in Paging File | 85,26% Paging File free

Paging file location(s): C:\pagefile.sys 1440 2880 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 9,76 Gb Total Space | 3,61 Gb Free Space | 37,04% Space Free | Partition Type: FAT32

Drive E: | 39,06 Gb Total Space | 13,13 Gb Free Space | 33,62% Space Free | Partition Type: NTFS

Drive F: | 25,69 Gb Total Space | 25,59 Gb Free Space | 99,61% Space Free | Partition Type: NTFS

Computer Name: SM-BD043193BF5E | User Name: User | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012-03-06 17:20:00 | 000,584,704 | ---- | M] (OldTimer Tools) – C:\Documents and Settings\User\Moje dokumenty\Pobieranie\OTL.exe

PRC - [2012-02-18 18:07:16 | 000,912,344 | ---- | M] (Mozilla Corporation) – C:\Program Files\Mozilla Firefox\firefox.exe

PRC - [2008-12-10 11:02:30 | 000,216,520 | ---- | M] (DT Soft Ltd) – C:\Documents and Settings\User\Pulpit\DAEMON Tools Lite\daemon.exe

PRC - [2007-03-22 15:50:06 | 001,431,552 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\explorer.exe

========== Modules (No Company Name) ==========

MOD - [2012-02-18 18:07:18 | 001,014,744 | ---- | M] () – C:\Program Files\Mozilla Firefox\js3250.dll

MOD - [2009-02-27 20:04:20 | 000,311,296 | ---- | M] () – C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\pdfshell.POL

MOD - [2008-12-10 11:02:30 | 000,593,352 | ---- | M] () – C:\Documents and Settings\User\Pulpit\DAEMON Tools Lite\DaemonPlugin.dll

MOD - [2006-11-17 17:29:00 | 000,212,992 | ---- | M] () – C:\WINDOWS\system32\nvapi.dll

========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] – -- (HidServ)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] – -- (WDICA)

DRV - File not found [Kernel | On_Demand | Stopped] – -- (USBAAPL)

DRV - File not found [Kernel | On_Demand | Stopped] – -- (PDRFRAME)

DRV - File not found [Kernel | On_Demand | Stopped] – -- (PDRELI)

DRV - File not found [Kernel | On_Demand | Stopped] – -- (PDFRAME)

DRV - File not found [Kernel | On_Demand | Stopped] – -- (PDCOMP)

DRV - File not found [Kernel | System | Stopped] – -- (PCIDump)

DRV - File not found [Kernel | System | Stopped] – -- (lbrtfdc)

DRV - File not found [Kernel | System | Stopped] – -- (i2omgmt)

DRV - File not found [Kernel | System | Stopped] – -- (Changer)

DRV - File not found [Kernel | On_Demand | Unknown] – -- (axnynuaf)

DRV - [2012-02-28 09:36:04 | 000,050,704 | ---- | M] (CACE Technologies, Inc.) [Kernel | On_Demand | Stopped] – C:\WINDOWS\system32\drivers\npf.sys – (NPF) WinPcap Packet Driver (NPF)

DRV - [2011-10-07 15:58:50 | 000,436,792 | ---- | M] () [Kernel | Boot | Running] – C:\WINDOWS\System32\Drivers\sptd.sys – (sptd)

DRV - [2010-05-22 13:31:22 | 000,005,632 | ---- | M] () [File_System | System | Running] – C:\WINDOWS\System32\drivers\StarOpen.sys – (StarOpen)

DRV - [2006-10-05 00:00:00 | 000,054,528 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] – C:\WINDOWS\system32\drivers\nvefd2k.sys – (NVENETFD)

DRV - [2006-04-17 00:00:00 | 004,262,912 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] – C:\WINDOWS\system32\drivers\RtkHDAud.Sys – (IntcAzAudAddService) Service for Realtek HD Audio (WDM)

DRV - [2005-12-06 16:11:20 | 000,035,328 | ---- | M] (Protection Technology) [Kernel | Boot | Running] – C:\WINDOWS\System32\drivers\sfsync03.sys – (sfsync03) StarForce Protection Synchronization Driver (version 3.x)

DRV - [2005-11-03 15:40:08 | 000,063,488 | ---- | M] (Protection Technology) [Kernel | Boot | Running] – C:\WINDOWS\System32\drivers\sfvfs02.sys – (sfvfs02) StarForce Protection VFS Driver (version 2.x)

DRV - [2005-08-10 13:44:06 | 000,050,688 | ---- | M] (Protection Technology) [Kernel | Boot | Running] – C:\WINDOWS\System32\drivers\sfdrv01.sys – (sfdrv01) StarForce Protection Environment Driver (version 1.x)

DRV - [2005-05-16 15:23:40 | 000,019,968 | ---- | M] (Protection Technology) [Kernel | Boot | Running] – C:\WINDOWS\System32\drivers\sfsync02.sys – (sfsync02) StarForce Protection Synchronization Driver (version 2.x)

DRV - [2005-05-16 15:20:40 | 000,006,656 | ---- | M] (Protection Technology) [Kernel | Boot | Running] – C:\WINDOWS\System32\drivers\sfhlp02.sys – (sfhlp02) StarForce Protection Helper Driver (version 2.x)

DRV - [2005-01-07 17:07:16 | 000,145,920 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Stopped] – C:\WINDOWS\system32\drivers\Hdaudio.sys – (HdAudAddService)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com/?barid={FFB4B897-2495-4DC3-B615-CEBAB8FB472B}

IE - HKLM…\SearchScopes,DefaultScope = {EEE6C360-6118-11DC-9C72-001320C79847}

IE - HKLM…\SearchScopes{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: “URL” = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}

IE - HKLM…\SearchScopes{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: “URL” = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7

IE - HKLM…\SearchScopes{EEE6C360-6118-11DC-9C72-001320C79847}: “URL” = http://search.sweetim.com/search.asp?src=6&q={searchTerms}&barid={FFB4B897-2495-4DC3-B615-CEBAB8FB472B}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com/?barid={FFB4B897-2495-4DC3-B615-CEBAB8FB472B}

IE - HKCU…\SearchScopes,DefaultScope = {EEE6C360-6118-11DC-9C72-001320C79847}

IE - HKCU…\SearchScopes{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: “URL” = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}

IE - HKCU…\SearchScopes{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: “URL” = http://search.babylon.com/?q={searchTerms}&AF=109980&babsrc=SP_ss&mntrId=e4debf120000000000000019990cc052

IE - HKCU…\SearchScopes{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: “URL” = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ADSA_plPL367

IE - HKCU…\SearchScopes{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB9}: “URL” = http://www.daemon-search.com/search?q={searchTerms}

IE - HKCU…\SearchScopes{afdbddaa-5d3f-42ee-b79c-185a7020515b}: “URL” = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT1098640

IE - HKCU…\SearchScopes{EEE6C360-6118-11DC-9C72-001320C79847}: “URL” = http://search.sweetim.com/search.asp?src=6&q={searchTerms}&barid={FFB4B897-2495-4DC3-B615-CEBAB8FB472B}

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: “ProxyEnable” = 0

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: “ProxyOverride” = *.local

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: “ProxyServer” =

========== FireFox ==========

FF - prefs.js…browser.search.defaultenginename: “Search the web (Babylon)”

FF - prefs.js…browser.search.defaultthis.engineName: “free-downloads.net Customized Web Search”

FF - prefs.js…browser.search.defaulturl: “http://search.conduit.com/ResultsExt.aspx?ctid=CT1098640&SearchSource=3&q={searchTerms}

FF - prefs.js…browser.search.order.1: “Search the web (Babylon)”

FF - prefs.js…browser.search.selectedEngine: “Search the web (Babylon)”

FF - prefs.js…browser.search.useDBForOrder: true

FF - prefs.js…browser.startup.homepage: “http://pl.start3.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:pl:official

FF - prefs.js…extensions.enabledItems: {c86eb8a9-ccc2-4b6c-b75d-73576ed591bf}:3.3.3.2

FF - prefs.js…extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21

FF - prefs.js…extensions.enabledItems: jqs@sun.com:1.0

FF - prefs.js…extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23

FF - prefs.js…extensions.enabledItems: engine@conduit.com:3.3.3.2

FF - prefs.js…extensions.enabledItems: {ecdee021-0d17-467f-a1ff-c7a115230949}:2.5.6.0

FF - prefs.js…extensions.enabledItems: ffxtlbr@babylon.com:1.2.0

FF - prefs.js…extensions.enabledItems: {EEE6C361-6118-11DC-9C72-001320C79847}:1.4.0.0

FF - prefs.js…keyword.URL: “http://search.sweetim.com/search.asp?src=2&q=

FF - prefs.js…sweetim.toolbar.previous.browser.search.selectedEngine: “Search the web (Babylon)”

FF - prefs.js…browser.startup.homepage: “http://www.google.pl/#hl=pl&q=jakie+materia%C5%82y+podlegaj%C4%85+zwrotowi+podatku+VAT&oq=jakie+materia%C5%82y+podlegaj%C4%85+zwrotowi+podatku+VAT&aq=f&aqi=&aql=&gs_sm=e&gs_upl=4864l5456l0l2l2l0l0l0l0l251l465l2-2l2&bav=on.2,or.r_gc.r_pw.&fp=6380a1922ddfd3a7&biw=1280&bih=804

FF - prefs.js…sweetim.toolbar.previous.keyword.URL: “http://search.babylon.com/?AF=109980&babsrc=adbartrp&mntrId=e4debf120000000000000019990cc052&q=

FF - HKLM\Software\MozillaPlugins@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()

FF - HKLM\Software\MozillaPlugins@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)

FF - HKLM\Software\MozillaPlugins@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)

FF - HKLM\Software\MozillaPlugins@real.com/nppl3260;version=6.0.12.450: C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins@real.com/nprpjplug;version=6.0.12.448: C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins@real.com/nsJSRealPlayerPlugin;version=: File not found

FF - HKLM\Software\MozillaPlugins@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.27\extensions\Components: C:\Program Files\Mozilla Firefox\components [2010-03-06 12:32:48 | 000,000,000 | —D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.27\extensions\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010-03-06 12:32:48 | 000,000,000 | —D | M]

[2010-03-06 12:33:30 | 000,000,000 | —D | M] (No name found) – C:\Documents and Settings\User\Dane aplikacji\Mozilla\Extensions

[2010-03-06 12:33:30 | 000,000,000 | —D | M] (No name found) – C:\Documents and Settings\User\Dane aplikacji\Mozilla\Firefox\Profiles\65vx65w9.default\extensions

[2011-05-28 22:04:04 | 000,000,000 | —D | M] (Softonic-Polska Community Toolbar) – C:\Documents and Settings\User\Dane aplikacji\Mozilla\Firefox\Profiles\65vx65w9.default\extensions{c86eb8a9-ccc2-4b6c-b75d-73576ed591bf}

[2011-10-07 16:01:52 | 000,000,000 | —D | M] (free-downloads.net Toolbar) – C:\Documents and Settings\User\Dane aplikacji\Mozilla\Firefox\Profiles\65vx65w9.default\extensions{ecdee021-0d17-467f-a1ff-c7a115230949}

[2012-03-06 14:12:50 | 000,000,000 | —D | M] (SweetIM Toolbar for Firefox) – C:\Documents and Settings\User\Dane aplikacji\Mozilla\Firefox\Profiles\65vx65w9.default\extensions{EEE6C361-6118-11DC-9C72-001320C79847}

[2011-05-28 22:04:04 | 000,000,000 | —D | M] (Conduit Engine) – C:\Documents and Settings\User\Dane aplikacji\Mozilla\Firefox\Profiles\65vx65w9.default\extensions\engine@conduit.com

[2012-01-24 12:51:10 | 000,000,000 | —D | M] (Babylon) – C:\Documents and Settings\User\Dane aplikacji\Mozilla\Firefox\Profiles\65vx65w9.default\extensions\ffxtlbr@babylon.com

[2010-10-14 21:41:30 | 000,000,523 | ---- | M] () – C:\Documents and Settings\User\Dane aplikacji\Mozilla\Firefox\Profiles\65vx65w9.default\searchplugins\daemon-search.xml

[2010-01-20 12:16:28 | 000,000,939 | ---- | M] () – C:\Documents and Settings\User\Dane aplikacji\Mozilla\Firefox\Profiles\65vx65w9.default\searchplugins\conduit.xml

[2012-03-06 14:12:42 | 000,003,915 | ---- | M] () – C:\Documents and Settings\User\Dane aplikacji\Mozilla\Firefox\Profiles\65vx65w9.default\searchplugins\sweetim.xml

[2012-03-06 16:53:12 | 000,003,959 | ---- | M] () – C:\Documents and Settings\User\Dane aplikacji\Mozilla\Firefox\Profiles\65vx65w9.default\searchplugins\sweetim-search.xml

[2010-03-06 12:32:48 | 000,000,000 | —D | M] (No name found) – C:\Program Files\Mozilla Firefox\extensions

[2010-09-25 14:24:38 | 000,000,000 | —D | M] (Java Console) – C:\Program Files\Mozilla Firefox\extensions{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}

[2011-02-11 21:25:44 | 000,000,000 | —D | M] (Java Console) – C:\Program Files\Mozilla Firefox\extensions{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}

[2010-09-25 14:24:30 | 000,000,000 | —D | M] (Java Quick Starter) – C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF

[2010-11-12 18:53:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) – C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll

[2010-01-16 02:08:36 | 000,002,767 | ---- | M] () – C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml

[2010-01-16 02:08:36 | 000,001,406 | ---- | M] () – C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml

[2010-01-16 02:08:36 | 000,000,917 | ---- | M] () – C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml

[2010-01-16 02:08:36 | 000,000,858 | ---- | M] () – C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml

[2010-01-16 02:08:36 | 000,001,183 | ---- | M] () – C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml

[2010-01-16 02:08:36 | 000,001,683 | ---- | M] () – C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml

[2012-03-03 19:18:14 | 000,002,310 | ---- | M] () – C:\Program Files\mozilla firefox\searchplugins\babylon.xml

O1 HOSTS File: ([2001-10-26 14:45:16 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O4 - HKLM…\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)

O4 - HKLM…\Run: [High Definition Audio Property Page Shortcut] C:\WINDOWS\System32\HdAShCut.exe (Windows ® Server 2003 DDK provider)

O4 - HKLM…\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)

O4 - HKLM…\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)

O4 - HKLM…\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()

O4 - HKCU…\Run: [DAEMON Tools Lite] C:\Documents and Settings\User\Pulpit\DAEMON Tools Lite\daemon.exe (DT Soft Ltd)

O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoInternetOpenWith = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableStatusMessages = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: VerboseStatus = 0

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 1

O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)

O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shoc … tor/sw.cab (Shockwave ActiveX Control)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta … s-i586.cab (Java Plug-in 1.6.0_23)

O16 - DPF: {B4891BE9-835D-471B-B495-F5F3E6A8BBD7} http://cdn.vod4net.pl/1791/viv-3.5.27.1 … r_ocx.jpeg (VPlayer Control)

O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta … s-i586.cab (Java Plug-in 1.6.0_23)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta … s-i586.cab (Java Plug-in 1.6.0_23)

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 208.67.222.222 208.67.220.220

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces{E7137544-979E-49FA-8B74-5631A1ECF238}: DhcpNameServer = 208.67.222.222 208.67.220.220

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (c:\windows\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)

O20 - HKCU Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)

O20 - HKCU Winlogon: Shell - (“C:\Documents and Settings\User\winlogon.exe”) - File not found

O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home

O24 - Desktop WallPaper: C:\Documents and Settings\User\Dane aplikacji\Mozilla\Firefox\Tapeta pulpitu.bmp

O24 - Desktop BackupWallPaper: C:\Documents and Settings\User\Dane aplikacji\Mozilla\Firefox\Tapeta pulpitu.bmp

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2010-02-06 17:44:46 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT – [FAT32]

O34 - HKLM BootExecute: (autocheck autochk *)

O35 - HKLM…comfile [open] – “%1” %*

O35 - HKLM…exefile [open] – “%1” %*

O37 - HKLM…com [@ = comfile] – “%1” %*

O37 - HKLM…exe [@ = exefile] – “%1” %*

O37 - HKCU…exe [@ = exefile] – Reg Error: Key error. File not found

========== Files/Folders - Created Within 30 Days ==========

[2012-03-06 17:20:55 | 000,000,000 | —D | C] – C:_OTL

[2012-03-06 16:59:05 | 000,000,000 | -HSD | C] – C:\Config.Msi

[2012-03-06 16:54:31 | 000,000,000 | —D | C] – C:\Documents and Settings\User\Menu Start\Programy\Antivirus Protection 2012

[2012-03-06 14:12:35 | 000,000,000 | —D | C] – C:\Program Files\SweetIM

[2012-03-06 14:08:10 | 000,000,000 | —D | C] – C:\Documents and Settings\All Users\Dane aplikacji\529C5411000083BB6448881F8DB91C90

[2012-03-03 20:59:55 | 000,000,000 | —D | C] – C:\Documents and Settings\All Users\Dane aplikacji\PC Tools

[2012-03-03 20:59:54 | 000,000,000 | —D | C] – C:\Documents and Settings\User\Dane aplikacji\TestApp

[2012-03-03 18:47:42 | 000,000,000 | —D | C] – C:\Documents and Settings\All Users\Menu Start\Programy\GridinSoft Trojan Killer

[2012-03-03 18:47:35 | 000,000,000 | —D | C] – C:\Program Files\GridinSoft Trojan Killer

[2012-03-03 17:33:28 | 000,000,000 | —D | C] – C:\Documents and Settings\User\Dane aplikacji\Antivirus Protection 2012

[2012-02-28 09:36:02 | 000,281,104 | ---- | C] (CACE Technologies, Inc.) – C:\WINDOWS\System32\wpcap.dll

[2012-02-28 09:36:02 | 000,100,880 | ---- | C] (CACE Technologies, Inc.) – C:\WINDOWS\System32\Packet.dll

[2012-02-28 09:36:02 | 000,050,704 | ---- | C] (CACE Technologies, Inc.) – C:\WINDOWS\System32\drivers\npf.sys

========== Files - Modified Within 30 Days ==========

[2012-03-06 20:02:44 | 000,000,000 | ---- | M] () – C:\WINDOWS\System32\NvApps.xml

[2012-03-06 20:02:42 | 000,001,032 | ---- | M] () – C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job

[2012-03-06 20:02:32 | 000,002,048 | --S- | M] () – C:\WINDOWS\bootstat.dat

[2012-03-06 19:46:02 | 000,001,036 | ---- | M] () – C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

[2012-03-06 16:46:02 | 000,193,776 | ---- | M] () – C:\WINDOWS\System32\FNTCACHE.DAT

[2012-03-06 12:03:34 | 000,002,791 | ---- | M] () – C:\Documents and Settings\User\Pulpit\PIT-37(17)_v1-0E.xml

[2012-03-03 19:18:52 | 000,000,474 | ---- | M] () – C:\user.js

[2012-03-02 12:29:36 | 000,002,184 | ---- | M] () – C:\WINDOWS\System32\wpa.dbl

[2012-02-28 09:36:04 | 000,281,104 | ---- | M] (CACE Technologies, Inc.) – C:\WINDOWS\System32\wpcap.dll

[2012-02-28 09:36:04 | 000,100,880 | ---- | M] (CACE Technologies, Inc.) – C:\WINDOWS\System32\Packet.dll

[2012-02-28 09:36:04 | 000,050,704 | ---- | M] (CACE Technologies, Inc.) – C:\WINDOWS\System32\drivers\npf.sys

========== Files Created - No Company Name ==========

[2012-03-06 16:54:32 | 000,001,853 | ---- | C] () – C:\Documents and Settings\User\Menu Start\Programy\Antivirus Protection 2012.lnk

[2012-03-06 12:03:32 | 000,002,791 | ---- | C] () – C:\Documents and Settings\User\Pulpit\PIT-37(17)_v1-0E.xml

[2012-01-24 17:13:12 | 000,707,504 | ---- | C] () – C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\unins000.exe

[2012-01-24 17:13:12 | 000,011,761 | ---- | C] () – C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\unins000.msg

[2012-01-24 17:13:12 | 000,002,165 | ---- | C] () – C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\unins000.dat

[2012-01-24 16:51:05 | 000,000,036 | ---- | C] () – C:\Documents and Settings\User\Dane aplikacji\AVSDVDPlayer.m3u

[2012-01-24 16:41:14 | 000,524,288 | ---- | C] () – C:\WINDOWS\System32\xvidcore.dll

[2012-01-24 16:41:14 | 000,139,264 | ---- | C] () – C:\WINDOWS\System32\xvidvfw.dll

[2011-02-12 10:51:39 | 000,011,560 | -H-- | C] () – C:\WINDOWS\System32\mlfcache.dat

[2010-05-22 13:32:10 | 000,000,000 | ---- | C] () – C:\Documents and Settings\All Users\Dane aplikacji\LauncherAccess.dt

[2010-05-22 13:12:27 | 000,005,632 | ---- | C] () – C:\WINDOWS\System32\drivers\StarOpen.sys

[2010-03-18 16:50:59 | 000,000,556 | ---- | C] () – C:\WINDOWS\ODBC.INI

< End of report >

#6

Uruchom OTL i w okno (Własne opcje skanowania/Script)wklej:

Kliknij Wykonaj skrypt.W OTL użyj opcji Sprzątanie.Wyłącz i włącz przywracanie systemu.

http://www.searchengines.pl/Czyszczenie … 41981.html

Przeskanuj progr.Malwarebytes Anti-Malware

http://www.dobreprogramy.pl/Malwarebyte … 13117.html

Przed skanowaniem wykonaj RĘCZNĄ AKTUALIZACJĘ BAZY SYGNATUR WIRUSÓW

Zainstaluj aktualizacje do programow wskazanych przez: http://screen317.spywareinfoforum.org/SecurityCheck.exe jako out of date.

#7

RĘCZNA AKTUALIZACJA BAZY SYGNATUR WIRUSÓW-- jak to zrobić??:)… jestem zupełnym laikiem w tych sprawach…

#8

W Malwarebytesie kliknij Aktualizacja i aktualizuj.

#9

Wielkie dzięki za pomoc.

SZacunek !!

#10

Co to, jakaś epidemia czy co?

To chyba 17 taki temat… pfff…

#11

można powiedzieć że epidemia! !!

#12

Ale czym spowodowana, wirus, robak, trojan??

#13

nie wiem czym spowodowana natomiast wiem że blokuje praktycznie każde działanie na komp.

Nie mozna tego usunąć przez panel sterowania.