:OTL MOD - [2011-08-22 20:36:01 | 000,137,728 | ---- | M] () – C:\WINDOWS\systemup.exe MOD - [2011-08-21 20:43:55 | 000,355,840 | ---- | M] () – C:\WINDOWS\update.5.0\svchost.exe MOD - [2011-08-21 20:14:55 | 000,382,464 | ---- | M] () – C:\WINDOWS\update.7.1\svchostdriver.exe MOD - [2011-08-21 20:11:08 | 001,213,440 | ---- | M] () – C:\WINDOWS\services32.exe SRV - File not found [Auto | Stopped] – -- (wxpdrivers) SRV - File not found [Auto | Stopped] – -- (srviecheck) SRV - File not found [On_Demand | Stopped] – -- (McComponentHostService) SRV - File not found [Auto | Stopped] – -- (appdrvrem01) Application Driver Auto Removal Service (01) SRV - [2011-08-21 20:43:55 | 000,355,840 | ---- | M] () [Auto | Running] – C:\WINDOWS\update.5.0\svchost.exe – (srvbtcclient) SRV - [2011-08-21 20:14:55 | 000,382,464 | ---- | M] () [Auto | Running] – C:\WINDOWS\update.7.1\svchostdriver.exe – (ddservice) IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.ask.com/?l=dis&o=15183 IE - HKCU…\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask) FF - prefs.js…browser.search.defaultengine: “Ask.com” FF - prefs.js…browser.search.defaultenginename: “Ask.com” FF - prefs.js…browser.search.order.1: “Ask.com” FF - prefs.js…keyword.URL: “http://websearch.ask.com/redirect?client=ff&src=kw&tb=PF&o=15180&locale=en_US&apn_uid=dffd20a6-92a6-4583-a964-4ae847212b29&apn_ptnrs=RX&apn_sauid=04037C2D-0B39-4AC6-B423-ACCBB02340C1&apn_dtid=YYYYYYYYPL&q=” [2011-07-31 17:53:07 | 000,000,000 | —D | M] (“Ask Toolbar”) – C:\Documents and Settings\Admin\Dane aplikacji\Mozilla\Firefox\Profiles\k0mg3k1l.default\extensions\toolbar@ask.com [2011-09-03 10:17:56 | 000,002,566 | ---- | M] () – C:\Documents and Settings\Admin\Dane aplikacji\Mozilla\Firefox\Profiles\k0mg3k1l.default\searchplugins\askcom.xml [2011-02-07 17:37:00 | 000,002,059 | ---- | M] () – C:\Documents and Settings\Admin\Dane aplikacji\Mozilla\Firefox\Profiles\k0mg3k1l.default\searchplugins\daemon-search.xml O4 - HKLM…\Run: [] File not found O4 - HKLM…\Run: [7004246.exe] C:\WINDOWS\system32\config\systemprofile\Ustawienia lokalne\Temp\7004246.exe () O4 - HKLM…\Run: [ApnUpdater] C:\Program Files\Ask.com\Updater\Updater.exe (Ask) O4 - HKLM…\Run: [bMISR] File not found O4 - HKLM…\Run: [NBKeyScan] File not found O4 - HKLM…\Run: [systemup] C:\WINDOWS\systemup.exe () O4 - HKLM…\Run: [tray_ico] File not found O4 - HKLM…\Run: [tray_ico1] File not found O4 - HKLM…\Run: [tray_ico2] File not found O4 - HKLM…\Run: [tray_ico3] File not found O4 - HKLM…\Run: [tray_ico4] File not found O4 - HKLM…\Run: [wxpdrv] C:\WINDOWS\services32.exe () O4 - HKCU…\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] File not found O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\McAfee Security Scan Plus.lnk = File not found MsConfig - StartUpReg: IROElauncher - hkey= - key= - File not found MsConfig - StartUpReg: IVONA ControlCenter - hkey= - key= - File not found MsConfig - StartUpReg: IVONA Reader - hkey= - key= - File not found MsConfig - StartUpReg: LogMeIn Hamachi Ui - hkey= - key= - File not found [2011-08-21 20:21:30 | 000,000,000 | —D | C] – C:\WINDOWS\av_ico [2011-08-21 20:19:41 | 000,000,000 | -H-D | C] – C:\WINDOWS\update.tray-9-0-lnk [2011-08-21 20:19:41 | 000,000,000 | -H-D | C] – C:\WINDOWS\update.tray-9-0 [2011-08-21 20:15:32 | 000,000,000 | —D | C] – C:\WINDOWS\ufa [2011-08-21 20:15:32 | 000,000,000 | —D | C] – C:\WINDOWS\rpcminer [2011-08-21 20:15:32 | 000,000,000 | —D | C] – C:\WINDOWS\phoenix [2011-08-21 20:14:56 | 000,000,000 | -H-D | C] – C:\WINDOWS\update.7.1 [2011-08-21 20:14:49 | 000,000,000 | -H-D | C] – C:\WINDOWS\update.2 [2011-08-21 20:14:41 | 000,000,000 | -H-D | C] – C:\WINDOWS\update.5.0 [2011-08-21 20:11:12 | 000,000,000 | -H-D | C] – C:\WINDOWS\update.1 [2011-09-03 10:01:01 | 000,000,234 | ---- | M] () – C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job [2011-08-23 16:27:50 | 000,000,202 | ---- | M] () – C:\WINDOWS\info1 [2011-08-22 20:36:01 | 000,137,728 | ---- | M] () – C:\WINDOWS\systemup.exe [2011-08-21 20:15:31 | 005,589,370 | ---- | M] () – C:\WINDOWS\phoenix.rar [2011-08-21 20:15:31 | 000,246,272 | ---- | M] () – C:\WINDOWS\unrar.exe [2011-08-21 20:15:31 | 000,182,617 | ---- | M] () – C:\WINDOWS\ufa.rar [2011-08-21 20:15:29 | 001,075,284 | ---- | M] () – C:\WINDOWS\rpcminer.rar [2011-08-21 20:13:24 | 000,904,792 | ---- | M] () – C:\WINDOWS\geoiplist.rar [2011-08-21 20:11:54 | 000,000,000 | ---- | M] () – C:\WINDOWS\loader2.exe_ok [2011-08-21 20:11:08 | 001,213,440 | ---- | M] () – C:\WINDOWS\services32.exe [2011-02-03 19:01:12 | 000,003,504 | ---- | C] () – C:\WINDOWS\System32\secustat.dat [2011-01-29 23:30:44 | 000,021,987 | ---- | C] () – C:\WINDOWS\System32\secushr.dat :Reg [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot] “AlternateShell”=“cmd.exe” [-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2] :Commands [emptytemp] [resethosts]
