Strona startowa qooqlle - jak usunąć?


(Mulensja) #1

Witam

Prosze o info jak usunac cos co mi notorycznie zmienia strone startową na http://www.qooqlle.com.

Oto log z OTL

http://wklej.org/id/492799/

OTL logfile created on: 2011-03-14 19:28:28 - Run 1

OTL by OldTimer - Version 3.2.22.3 Folder = E:\Programy

Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18702)

Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

1 022,00 Mb Total Physical Memory | 704,00 Mb Available Physical Memory | 69,00% Memory free

2,00 Gb Paging File | 2,00 Gb Available in Paging File | 85,00% Paging File free

Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files

Drive C: | 19,53 Gb Total Space | 0,85 Gb Free Space | 4,38% Space Free | Partition Type: NTFS

Drive D: | 64,75 Gb Total Space | 18,37 Gb Free Space | 28,37% Space Free | Partition Type: NTFS

Drive E: | 64,75 Gb Total Space | 19,34 Gb Free Space | 29,86% Space Free | Partition Type: NTFS

Computer Name: PG | User Name: PAwel | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011-03-12 20:58:03 | 000,580,608 | ---- | M] (OldTimer Tools) -- E:\Programy\OTL_3.2.22.3(dobreprogramy.pl).exe

PRC - [2011-02-23 16:04:20 | 003,451,496 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe

PRC - [2011-02-23 16:04:19 | 000,042,184 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe

PRC - [2010-12-06 08:31:48 | 001,238,408 | ---- | M] (LogMeIn Inc.) -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe

PRC - [2010-05-14 11:44:46 | 000,501,480 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jucheck.exe

PRC - [2010-04-01 10:16:20 | 000,357,696 | ---- | M] (DT Soft Ltd) -- C:\Program Files\DAEMON Tools Lite\DTLite.exe

PRC - 2010-03-04 22:38:00 | 000,071,096 | ---- | M -- C:\Program Files\CDBurnerXP\NMSAccessU.exe

PRC - [2009-03-05 16:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

PRC - 2008-10-07 01:41:48 | 001,331,200 | ---- | M -- C:\Program Files\D-Link\AirPlus XtremeG DWL-G520\AirPlusCFG.exe

PRC - [2008-04-14 22:51:18 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\windows\explorer.exe

PRC - [2007-01-19 11:49:04 | 000,049,152 | ---- | M] (Wireless Service) -- C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe

PRC - [2006-11-13 14:57:16 | 001,289,000 | ---- | M] (Microsoft Corporation) -- D:\PAweł\Navi\wcescomm.exe

PRC - [2006-11-13 14:57:06 | 000,199,464 | ---- | M] (Microsoft Corporation) -- D:\PAweł\Navi\rapimgr.exe

========== Modules (SafeList) ==========

MOD - [2011-03-12 20:58:03 | 000,580,608 | ---- | M] (OldTimer Tools) -- E:\Programy\OTL_3.2.22.3(dobreprogramy.pl).exe

MOD - [2011-02-23 16:04:17 | 000,197,208 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\snxhk.dll

MOD - [2010-08-23 17:12:53 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll

========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- -- (HidServ)

SRV - [2011-02-23 16:04:19 | 000,042,184 | ---- | M] (AVAST Software) [Auto | Start_Pending] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)

SRV - [2010-12-06 08:31:48 | 001,238,408 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)

SRV - 2010-03-04 22:38:00 | 000,071,096 | ---- | M [Auto | Running] -- C:\Program Files\CDBurnerXP\NMSAccessU.exe -- (NMSAccess)

SRV - [2007-01-19 11:49:26 | 000,049,152 | ---- | M] (Wireless Service) [Auto | Stopped] -- C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe -- (ANIWZCSdService)

========== Driver Services (SafeList) ==========

DRV - [2011-02-23 15:56:55 | 000,371,544 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\windows\System32\drivers\aswSnx.sys -- (aswSnx)

DRV - [2011-02-23 15:56:45 | 000,301,528 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\windows\System32\drivers\aswSP.sys -- (aswSP)

DRV - [2011-02-23 15:55:49 | 000,049,240 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\windows\System32\drivers\aswTdi.sys -- (aswTdi)

DRV - [2011-02-23 15:55:47 | 000,102,232 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\windows\System32\drivers\aswmon2.sys -- (aswMon2)

DRV - [2011-02-23 15:55:10 | 000,025,432 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\windows\System32\drivers\aswRdr.sys -- (aswRdr)

DRV - [2011-02-23 15:54:57 | 000,030,680 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\windows\System32\drivers\aavmker4.sys -- (Aavmker4)

DRV - [2011-02-23 15:54:55 | 000,019,544 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)

DRV - [2010-02-20 18:07:56 | 000,691,696 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Running] -- C:\windows\System32\Drivers\sptd.sys -- (sptd)

DRV - [2010-02-05 23:45:03 | 000,016,608 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\windows\gdrv.sys -- (gdrv)

DRV - [2010-02-03 14:56:56 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\windows\system32\drivers\hamachi.sys -- (hamachi)

DRV - 2009-11-12 13:48:56 | 000,007,168 | ---- | M [File_System | On_Demand | Stopped] -- C:\windows\System32\drivers\StarOpen.sys -- (StarOpen)

DRV - [2009-07-20 19:08:26 | 005,795,328 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\windows\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)

DRV - [2008-10-30 14:14:20 | 000,117,888 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\windows\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)

DRV - 2008-08-05 20:10:12 | 001,684,736 | ---- | M [Kernel | On_Demand | Stopped] -- C:\windows\system32\drivers\ambfilt.sys -- (Ambfilt)

DRV - [2008-04-14 00:11:00 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\windows\System32\drivers\changer.sys -- (Changer)

DRV - [2007-05-25 10:15:00 | 000,547,744 | ---- | M] (D-Link Corporation) [Kernel | On_Demand | Running] -- C:\windows\system32\drivers\A3AB.sys -- (A3AB) D-Link AirPro 802.11a/b Wireless Adapter Service(A3AB)

DRV - [2007-05-12 16:39:32 | 000,028,195 | ---- | M] (Alpha Networks Inc.) [Kernel | Auto | Running] -- C:\windows\system32\ANIO.sys -- (ANIO)

DRV - [2006-07-01 23:32:26 | 000,043,520 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\windows\system32\drivers\AmdK8.sys -- (AmdK8)

DRV - 2006-03-17 11:18:58 | 000,392,960 | R--- | M [Kernel | On_Demand | Stopped] -- C:\windows\system32\drivers\senfilt.sys -- (SenFiltService)

DRV - [2006-01-04 15:41:48 | 001,389,056 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\windows\system32\drivers\monfilt.sys -- (Monfilt)

DRV - 2004-07-23 14:02:54 | 000,082,048 | ---- | M [Kernel | On_Demand | Stopped] -- C:\windows\system32\drivers\SaiNtHid.sys -- (SaiNtHid)

DRV - [2004-04-22 10:57:34 | 000,062,848 | ---- | M] (Ralink Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\windows\system32\drivers\RT2400.sys -- (RT2400)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.qooqlle.com/

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.selectedEngine: "qooqlle"

FF - prefs.js..browser.search.useDBForOrder: true

FF - prefs.js..browser.startup.homepage: "http://www.qooqlle.com/"

FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0

FF - prefs.js..extensions.enabledItems: {888d99e7-e8b5-46a3-851e-1ec45da1e644}:4.0.0

FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2.2

FF - prefs.js..extensions.enabledItems: cssreloader@kenneth.io:1.0.2

FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20100408.6

FF - prefs.js..network.proxy.backup.ftp: "127.0.0.1"

FF - prefs.js..network.proxy.backup.ftp_port: 9666

FF - prefs.js..network.proxy.backup.gopher: "127.0.0.1"

FF - prefs.js..network.proxy.backup.gopher_port: 9666

FF - prefs.js..network.proxy.backup.socks: "127.0.0.1"

FF - prefs.js..network.proxy.backup.socks_port: 9666

FF - prefs.js..network.proxy.backup.ssl: "127.0.0.1"

FF - prefs.js..network.proxy.backup.ssl_port: 9666

FF - prefs.js..network.proxy.ftp: "127.0.0.1"

FF - prefs.js..network.proxy.ftp_port: 9666

FF - prefs.js..network.proxy.gopher: "127.0.0.1"

FF - prefs.js..network.proxy.gopher_port: 9666

FF - prefs.js..network.proxy.http: "127.0.0.1"

FF - prefs.js..network.proxy.http_port: 9666

FF - prefs.js..network.proxy.share_proxy_settings: true

FF - prefs.js..network.proxy.socks: "127.0.0.1"

FF - prefs.js..network.proxy.socks_port: 9666

FF - prefs.js..network.proxy.ssl: "127.0.0.1"

FF - prefs.js..network.proxy.ssl_port: 9666

FF - prefs.js..network.proxy.type: 0

FF - HKLM\software\mozilla\Firefox\extensions\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2011-03-11 18:30:21 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.15\extensions\Components: C:\Program Files\Mozilla Firefox\components [2011-03-05 19:54:22 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.15\extensions\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011-03-05 14:54:23 | 000,000,000 | ---D | M]

[2010-03-14 21:56:40 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\PAwel\Dane aplikacji\Mozilla\Extensions

[2011-03-14 17:51:43 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\PAwel\Dane aplikacji\Mozilla\Firefox\Profiles\a8q5h4qz.default\extensions

[2010-11-03 20:21:50 | 000,000,000 | ---D | M] (Winamp Toolbar) -- C:\Documents and Settings\PAwel\Dane aplikacji\Mozilla\Firefox\Profiles\a8q5h4qz.default\extensions{0b38152b-1b20-484d-a11f-5e04a9b0661f}

[2010-07-08 15:43:46 | 000,000,000 | ---D | M] (Free Lunch Design Toolbar) -- C:\Documents and Settings\PAwel\Dane aplikacji\Mozilla\Firefox\Profiles\a8q5h4qz.default\extensions{57cc715d-37ca-44e4-9ec2-8c2cbddb25ec}

[2011-01-07 17:23:08 | 000,000,000 | ---D | M] (uTorrentBar Community Toolbar) -- C:\Documents and Settings\PAwel\Dane aplikacji\Mozilla\Firefox\Profiles\a8q5h4qz.default\extensions{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}

[2010-05-29 18:37:25 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\PAwel\Dane aplikacji\Mozilla\Firefox\Profiles\a8q5h4qz.default\extensions{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}

[2011-01-07 17:23:09 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Documents and Settings\PAwel\Dane aplikacji\Mozilla\Firefox\Profiles\a8q5h4qz.default\extensions\engine@conduit.com

2010-05-29 18:21:16 | 000,002,059 | ---- | M -- C:\Documents and Settings\PAwel\Dane aplikacji\Mozilla\Firefox\Profiles\a8q5h4qz.default\searchplugins\daemon-search.xml

2011-03-14 17:02:09 | 000,001,860 | ---- | M -- C:\Documents and Settings\PAwel\Dane aplikacji\Mozilla\Firefox\Profiles\a8q5h4qz.default\searchplugins\search.xml

2011-03-12 20:00:43 | 000,001,244 | ---- | M -- C:\Documents and Settings\PAwel\Dane aplikacji\Mozilla\Firefox\Profiles\a8q5h4qz.default\searchplugins\winamp-search.xml

[2011-03-14 17:51:43 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions

[2010-04-27 20:30:02 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}

[2011-01-23 19:58:58 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}

[2011-03-11 18:30:21 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF

[2009-05-11 09:48:50 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF

[2010-12-10 17:06:25 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION

[2010-11-12 18:53:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll

2010-01-16 02:08:36 | 000,002,767 | ---- | M -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml

2010-01-16 02:08:36 | 000,001,406 | ---- | M -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml

2010-01-16 02:08:36 | 000,000,917 | ---- | M -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml

2010-01-16 02:08:36 | 000,000,858 | ---- | M -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml

2010-01-16 02:08:36 | 000,001,183 | ---- | M -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml

2010-01-16 02:08:36 | 000,001,683 | ---- | M -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml

O1 HOSTS File: ([2011-03-12 21:10:14 | 000,380,462 | ---- | M]) - C:\windows\System32\Drivers\etc\HOSTS

O1 - Hosts: 127.0.0.1 localhost

O1 - Hosts: 127.0.0.1 http://www.007guard.com

O1 - Hosts: 127.0.0.1 007guard.com

O1 - Hosts: 127.0.0.1 008i.com

O1 - Hosts: 127.0.0.1 http://www.008k.com

O1 - Hosts: 127.0.0.1 008k.com

O1 - Hosts: 127.0.0.1 http://www.00hq.com

O1 - Hosts: 127.0.0.1 00hq.com

O1 - Hosts: 127.0.0.1 010402.com

O1 - Hosts: 127.0.0.1 http://www.032439.com

O1 - Hosts: 127.0.0.1 032439.com

O1 - Hosts: 127.0.0.1 http://www.0scan.com

O1 - Hosts: 127.0.0.1 0scan.com

O1 - Hosts: 127.0.0.1 http://www.1000gratisproben.com

O1 - Hosts: 127.0.0.1 1000gratisproben.com

O1 - Hosts: 127.0.0.1 http://www.1001namen.com

O1 - Hosts: 127.0.0.1 1001namen.com

O1 - Hosts: 127.0.0.1 http://www.100888290cs.com

O1 - Hosts: 127.0.0.1 100888290cs.com

O1 - Hosts: 127.0.0.1 http://www.100sexlinks.com

O1 - Hosts: 127.0.0.1 100sexlinks.com

O1 - Hosts: 127.0.0.1 10sek.com

O1 - Hosts: 127.0.0.1 http://www.10sek.com

O1 - Hosts: 127.0.0.1 1-2005-search.com

O1 - Hosts: 127.0.0.1 http://www.1-2005-search.com

O1 - Hosts: 13110 more lines...

O2 - BHO: (no name) - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - No CLSID value found.

O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)

O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll ()

O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\Gadu-Gadu 10_userdata\ggbho.2.dll (GG Network S.A.)

O3 - HKLM..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll ()

O3 - HKCU..\Toolbar\WebBrowser: (no name) - {00000000-0000-0000-0000-000000000000} - No CLSID value found.

O3 - HKCU..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.

O4 - HKLM..\Run: [ANIWZCS2Service] C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe (Wireless Service)

O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)

O4 - HKLM..\Run: [D-Link AirPlus XtremeG DWL-G520] C:\Program Files\D-Link\AirPlus XtremeG DWL-G520\AirPlusCFG.exe (D-Link)

O4 - HKLM..\Run: [GProton] C:\Documents and Settings\All Users.WINDOWS\GProton.exe ()

O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)

O4 - HKLM..\Run: [NvCplDaemon] C:\windows\System32\NvCpl.dll (NVIDIA Corporation)

O4 - HKLM..\Run: [NvMediaCenter] C:\windows\System32\NvMcTray.dll (NVIDIA Corporation)

O4 - HKLM..\Run: [nwiz] File not found

O4 - HKCU..\Run: [ALLUpdate] File not found

O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)

O4 - HKCU..\Run: [H/PC Connection Agent] D:\PAweł\Navi\Wcescomm.exe (Microsoft Corporation)

O4 - HKCU..\Run: [Rubin] File not found

O4 - HKCU..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1

O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149

O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\windows\System32\GPhotos.scr (Google Inc.)

O9 - Extra Button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - D:\PAweł\Navi\INetRepl.dll (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : Utwórz Ulubione dla urządzenia przenośnego... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - D:\PAweł\Navi\INetRepl.dll (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_23)

O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_23)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_23)

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shoc ... wflash.cab (Shockwave Flash Object)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)

O24 - Desktop WallPaper: C:\Documents and Settings\PAwel\Moje dokumenty\Moje obrazy\parowóz 1.bmp

O24 - Desktop BackupWallPaper: C:\Documents and Settings\PAwel\Moje dokumenty\Moje obrazy\parowóz 1.bmp

O32 - HKLM CDRom: AutoRun - 1

O33 - MountPoints2{93292d00-3a50-11de-9120-0018f3f4b921}\Shell - "" = AutoRun

O33 - MountPoints2{93292d00-3a50-11de-9120-0018f3f4b921}\Shell\AutoRun\command - "" = H:\start.exe

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

O35 - HKLM..comfile [open] -- "%1" %*

O35 - HKLM..exefile [open] -- "%1" %*

O37 - HKLM...com [@ = comfile] -- "%1" %*

O37 - HKLM...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

2011-03-12 21:09:24 | 000,078,336 | ---- | C -- C:\windows\System32\Agent.OMZ.Fix.exe

2011-03-12 21:09:23 | 000,087,552 | ---- | C -- C:\windows\System32\VACFix.exe

2011-03-12 21:09:23 | 000,082,944 | ---- | C -- C:\windows\System32\IEDFix.exe

2011-03-12 21:09:23 | 000,082,944 | ---- | C -- C:\windows\System32\IEDFix.C.exe

2011-03-12 21:09:23 | 000,082,432 | ---- | C -- C:\windows\System32\404Fix.exe

2011-03-12 21:09:23 | 000,080,384 | ---- | C -- C:\windows\System32\o4Patch.exe

[2011-03-11 18:30:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Menu Start\Programy\avast! Free Antivirus

[2011-03-11 18:30:35 | 000,371,544 | ---- | C] (AVAST Software) -- C:\windows\System32\drivers\aswSnx.sys

[2011-03-11 18:30:20 | 000,040,648 | ---- | C] (AVAST Software) -- C:\windows\avastSS.scr

[2011-03-11 18:30:12 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software

[2011-03-11 18:29:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\AVAST Software

[2011-03-11 18:08:16 | 000,000,000 | -HSD | C] -- C:\Config.Msi

[2011-03-05 17:00:27 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight

[2011-03-04 21:35:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\PAwel\Moje dokumenty\Dokumenty AFi

[2011-03-03 22:10:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Menu Start\Programy\NapiProjekt

[2011-03-01 20:58:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\PAwel\Pulpit\Veetle

2011-02-27 09:54:54 | 000,839,680 | ---- | C -- C:\windows\System32\lameACM.acm

2011-02-27 09:54:54 | 000,151,552 | ---- | C -- C:\windows\System32\ac3acm.acm

2011-02-27 09:54:53 | 000,217,088 | ---- | C -- C:\windows\System32\yv12vfw.dll

[2011-02-27 09:54:49 | 000,000,000 | ---D | C] -- C:\Program Files\K-Lite Codec Pack

[2011-02-27 01:32:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\PAwel\Moje dokumenty\The KMPlayer

[2011-02-27 01:32:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\PAwel\Menu Start\Programy\The KMPlayer

[2011-02-27 01:32:00 | 000,000,000 | ---D | C] -- C:\Program Files\The KMPlayer

[2011-02-27 01:29:02 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\PAwel\IECompatCache

[2011-02-27 01:20:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Menu Start\Programy\MarBit

[2011-02-27 01:20:14 | 000,000,000 | ---D | C] -- C:\Program Files\MarBit

[2011-02-21 19:34:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\PAwel\Pulpit\Pawel

[2011-02-21 19:32:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\PAwel\Pulpit\Ania

[2011-02-21 19:31:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\PAwel\Pulpit\Hubert

[4 C:\windows*.tmp files -> C:\windows*.tmp ->]

[3 C:\windows\System32*.tmp files -> C:\windows\System32*.tmp ->]

========== Files - Modified Within 30 Days ==========

2011-03-14 19:11:00 | 000,001,034 | ---- | M -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job

2011-03-14 17:06:35 | 000,000,006 | ---- | M -- C:\windows\System32\ANIWZCSUSERNAME{969522EB-7803-4ED2-A11F-F91EC65F725B}

2011-03-14 17:01:55 | 000,276,202 | ---- | M -- C:\windows\System32\NvApps.xml

2011-03-14 17:01:37 | 000,002,048 | --S- | M -- C:\windows\bootstat.dat

2011-03-14 15:47:36 | 000,000,462 | -H-- | M -- C:\windows\tasks\User_Feed_Synchronization-{B64B3354-62DA-4537-BBB1-BAEDEC550361}.job

2011-03-13 21:11:21 | 000,001,030 | ---- | M -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job

2011-03-12 21:10:20 | 000,003,544 | ---- | M -- C:\windows\System32\tmp.reg

2011-03-11 18:30:35 | 000,002,644 | ---- | M -- C:\windows\System32\CONFIG.NT

2011-03-06 20:24:37 | 000,030,208 | ---- | M -- C:\Documents and Settings\PAwel\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

2011-03-05 19:53:56 | 000,002,206 | ---- | M -- C:\windows\System32\wpa.dbl

2011-02-27 13:01:15 | 000,001,667 | ---- | M -- C:\Documents and Settings\PAwel\Pulpit\PITy 2010.lnk

2011-02-27 09:53:24 | 007,793,152 | RHS- | M -- C:\Documents and Settings\All Users.WINDOWS\GProton.exe

2011-02-26 14:54:08 | 000,063,228 | ---- | M -- C:\log.html

2011-02-23 22:53:52 | 002,233,538 | ---- | M -- C:\Documents and Settings\PAwel\Pulpit\IMG_1983.JPG

[2011-02-23 16:04:21 | 000,040,648 | ---- | M] (AVAST Software) -- C:\windows\avastSS.scr

[2011-02-23 16:04:17 | 000,190,016 | ---- | M] (AVAST Software) -- C:\windows\System32\aswBoot.exe

[2011-02-23 15:56:55 | 000,371,544 | ---- | M] (AVAST Software) -- C:\windows\System32\drivers\aswSnx.sys

[2011-02-23 15:56:45 | 000,301,528 | ---- | M] (AVAST Software) -- C:\windows\System32\drivers\aswSP.sys

[2011-02-23 15:55:49 | 000,049,240 | ---- | M] (AVAST Software) -- C:\windows\System32\drivers\aswTdi.sys

[2011-02-23 15:55:47 | 000,102,232 | ---- | M] (AVAST Software) -- C:\windows\System32\drivers\aswmon2.sys

[2011-02-23 15:55:44 | 000,096,344 | ---- | M] (AVAST Software) -- C:\windows\System32\drivers\aswmon.sys

[2011-02-23 15:55:10 | 000,025,432 | ---- | M] (AVAST Software) -- C:\windows\System32\drivers\aswRdr.sys

[2011-02-23 15:54:57 | 000,030,680 | ---- | M] (AVAST Software) -- C:\windows\System32\drivers\aavmker4.sys

[2011-02-23 15:54:55 | 000,019,544 | ---- | M] (AVAST Software) -- C:\windows\System32\drivers\aswFsBlk.sys

2011-02-19 21:05:09 | 000,050,113 | ---- | M -- C:\lma_log.html

2011-02-12 21:16:48 | 000,000,043 | ---- | M -- C:\windows\papatka.cfg

[4 C:\windows*.tmp files -> C:\windows*.tmp ->]

[3 C:\windows\System32*.tmp files -> C:\windows\System32*.tmp ->]

========== Files Created - No Company Name ==========

2011-03-06 20:04:12 | 000,000,462 | -H-- | C -- C:\windows\tasks\User_Feed_Synchronization-{B64B3354-62DA-4537-BBB1-BAEDEC550361}.job

2011-02-27 13:01:15 | 000,001,667 | ---- | C -- C:\Documents and Settings\PAwel\Pulpit\PITy 2010.lnk

2011-02-27 09:54:56 | 000,000,038 | ---- | C -- C:\windows\avisplitter.ini

2011-02-27 09:54:54 | 000,000,414 | ---- | C -- C:\windows\System32\lame_acm.xml

2011-02-27 09:54:53 | 000,790,528 | ---- | C -- C:\windows\System32\xvidcore.dll

2011-02-27 09:54:53 | 000,134,144 | ---- | C -- C:\windows\System32\xvidvfw.dll

2011-02-27 09:54:52 | 000,108,032 | ---- | C -- C:\windows\System32\ff_vfw.dll

2011-02-27 09:53:26 | 007,793,152 | RHS- | C -- C:\Documents and Settings\All Users.WINDOWS\GProton.exe

2011-02-23 22:53:50 | 002,233,538 | ---- | C -- C:\Documents and Settings\PAwel\Pulpit\IMG_1983.JPG

2011-02-19 19:25:09 | 000,050,113 | ---- | C -- C:\lma_log.html

2011-02-12 21:16:48 | 000,000,043 | ---- | C -- C:\windows\papatka.cfg

2010-09-09 20:45:58 | 000,354,816 | ---- | C -- C:\windows\System32\psisdecd.dll

2010-05-01 09:35:49 | 000,002,528 | ---- | C -- C:\Documents and Settings\PAwel\Dane aplikacji\$_hpcst$.hpc

2010-03-31 14:08:18 | 002,183,470 | ---- | C -- C:\windows\System32\nvdata.bin

2010-03-18 18:56:17 | 000,007,168 | ---- | C -- C:\windows\System32\drivers\StarOpen.sys

2010-03-14 22:46:34 | 000,075,776 | ---- | C -- C:\windows\System32\WS2Fix.exe

2010-03-14 22:46:34 | 000,051,200 | ---- | C -- C:\windows\System32\dumphive.exe

2010-03-14 22:46:34 | 000,040,960 | ---- | C -- C:\windows\System32\swsc.exe

2010-03-11 21:31:11 | 000,000,004 | ---- | C -- C:\Documents and Settings\PAwel\Dane aplikacji\avdrn.dat

2010-03-10 14:57:08 | 000,000,056 | -H-- | C -- C:\windows\System32\ezsidmv.dat

2010-02-10 17:34:55 | 000,262,144 | ---- | C -- C:\windows\System32\wlanapp.dll

2010-02-10 17:34:55 | 000,049,152 | ---- | C -- C:\windows\System32\JJAKEn.dll

2010-02-09 17:45:06 | 000,000,151 | ---- | C -- C:\Documents and Settings\PAwel\Dane aplikacji\default.rss

2010-01-15 18:08:56 | 000,000,000 | ---- | C -- C:\windows\nsreg.dat

2009-12-09 21:43:02 | 000,000,069 | ---- | C -- C:\windows\NeroDigital.ini

2009-12-02 16:50:57 | 000,000,804 | R--- | C -- C:\windows\System32\AsusSetup.ini

2009-12-02 16:50:57 | 000,000,396 | R--- | C -- C:\windows\System32\raidmgmt.ini

2009-12-02 16:50:07 | 000,005,810 | R--- | C -- C:\windows\System32\drivers\asacpi.sys.bak

2009-12-02 16:50:01 | 000,024,965 | ---- | C -- C:\windows\Ascd_tmp.ini

2009-12-02 16:49:47 | 000,005,824 | ---- | C -- C:\windows\System32\drivers\ASUSHWIO.SYS

2009-12-02 16:46:20 | 000,023,040 | R--- | C -- C:\windows\System32\drivers\GVCplDrv.sys.bak

2009-12-01 19:12:58 | 000,004,293 | ---- | C -- C:\windows\ODBCINST.INI

2009-12-01 19:11:39 | 000,271,784 | ---- | C -- C:\windows\System32\FNTCACHE.DAT

2009-12-01 19:09:15 | 000,019,968 | ---- | C -- C:\windows\System32\cpuinf32.dll

2009-12-01 19:09:14 | 000,165,376 | ---- | C -- C:\windows\System32\unrar.dll

2009-12-01 18:50:53 | 000,110,592 | ---- | C -- C:\windows\System32\AegisI5.exe

2009-12-01 18:50:53 | 000,086,016 | ---- | C -- C:\windows\System32\install.dll

2009-12-01 18:50:53 | 000,045,056 | ---- | C -- C:\windows\System32\DEDriverDLL.dll

2009-12-01 18:50:53 | 000,036,864 | ---- | C -- C:\windows\System32\WRLSetup.exe

2009-12-01 18:50:53 | 000,032,768 | ---- | C -- C:\windows\System32\SmartInstallCfg2.dll

2009-12-01 18:50:53 | 000,028,672 | ---- | C -- C:\windows\System32\CCS24.exe

2009-12-01 18:42:52 | 000,000,427 | ---- | C -- C:\windows\ODBC.INI

2009-12-01 18:36:51 | 000,030,208 | ---- | C -- C:\Documents and Settings\PAwel\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

2009-12-01 18:26:38 | 000,002,048 | --S- | C -- C:\windows\bootstat.dat

2009-12-01 18:20:34 | 000,021,856 | ---- | C -- C:\windows\System32\emptyregdb.dat

2009-04-25 21:26:38 | 000,040,960 | ---- | C -- C:\Program Files\Uninstall_CDS.exe

2004-08-03 23:56:48 | 000,001,804 | ---- | C -- C:\windows\System32\dcache.bin

2004-08-02 13:20:40 | 000,004,569 | ---- | C -- C:\windows\System32\secupd.dat

2001-10-26 15:15:16 | 000,493,632 | ---- | C -- C:\windows\System32\perfh015.dat

2001-10-26 15:15:16 | 000,313,828 | ---- | C -- C:\windows\System32\perfi015.dat

2001-10-26 15:15:16 | 000,084,916 | ---- | C -- C:\windows\System32\perfc015.dat

2001-10-26 15:15:16 | 000,034,990 | ---- | C -- C:\windows\System32\perfd015.dat

2001-08-23 12:00:00 | 013,107,200 | ---- | C -- C:\windows\System32\oembios.bin

2001-08-23 12:00:00 | 000,004,463 | ---- | C -- C:\windows\System32\oembios.dat

2001-08-17 20:30:24 | 000,435,260 | ---- | C -- C:\windows\System32\perfh009.dat

2001-08-17 20:30:24 | 000,272,128 | ---- | C -- C:\windows\System32\perfi009.dat

2001-08-17 20:30:24 | 000,028,626 | ---- | C -- C:\windows\System32\perfd009.dat

2001-08-17 20:30:22 | 000,068,156 | ---- | C -- C:\windows\System32\perfc009.dat

2001-08-17 20:15:38 | 000,046,258 | ---- | C -- C:\windows\System32\mib.bin

2001-07-21 21:36:48 | 000,218,003 | ---- | C -- C:\windows\System32\dssec.dat

2001-07-21 21:36:04 | 000,673,088 | ---- | C -- C:\windows\System32\mlang.dat

2001-07-21 21:24:16 | 000,000,741 | ---- | C -- C:\windows\System32\noise.dat

========== LOP Check ==========

[2009-12-19 18:10:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PAwel\Dane aplikacji\Ashampoo

[2010-02-08 16:24:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PAwel\Dane aplikacji\Azureus

[2010-03-18 18:56:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PAwel\Dane aplikacji\Canneverbe Limited

[2010-02-20 18:12:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PAwel\Dane aplikacji\DAEMON Tools Lite

[2010-04-09 19:04:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PAwel\Dane aplikacji\e-Deklaracje.A1909296681C7ACEFE45687D3A64758C8659BF46.1

[2009-12-02 20:06:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PAwel\Dane aplikacji\Gadu-Gadu

[2010-07-07 22:09:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PAwel\Dane aplikacji\Gadu-Gadu 10

[2010-12-29 11:16:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PAwel\Dane aplikacji\GameRanger

[2010-12-11 11:50:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PAwel\Dane aplikacji\GHISLER

[2010-12-05 16:00:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PAwel\Dane aplikacji\ImTOO

[2010-01-25 20:26:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PAwel\Dane aplikacji\ipla

[2010-07-13 19:30:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PAwel\Dane aplikacji\OpenFM

[2010-05-10 20:46:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PAwel\Dane aplikacji\TS3Client

[2011-02-27 12:53:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PAwel\Dane aplikacji\uTorrent

[2009-12-19 18:07:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\ashampoo

[2011-03-11 18:29:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\AVAST Software

[2010-02-07 19:29:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\Azureus

[2009-12-19 17:39:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\Canneverbe Limited

[2010-02-20 18:07:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\DAEMON Tools Lite

[2011-01-09 19:44:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\EA Core

[2010-09-14 18:23:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\Electronic Arts

[2010-04-21 18:26:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\Gadu-Gadu 10

[2009-12-27 17:17:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\ipla

[2010-07-13 19:30:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\OpenFM

[2011-01-09 16:51:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\Solidshield

[2011-01-27 19:54:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\Test Drive Unlimited

2011-03-14 15:47:36 | 000,000,462 | -H-- | M -- C:\windows\Tasks\User_Feed_Synchronization-{B64B3354-62DA-4537-BBB1-BAEDEC550361}.job

========== Purity Check ==========

< End of report >


(Acorus) #2

Uruchom OTL i w okno (Własne opcje skanowania/Script)wklej:

Kliknij Wykonaj skrypt..Zatwierdź restart komputera. Zapisz raport, który pokaże się po restarcie. Następnie uruchom OTL ponownie, tym razem kliknij (Skanuj).

Pokaż nowy log OTL.txt oraz raport z usuwania.

Odinstaluj Spybota,Winamp Toolbar,Free Lunch Design Toolbar,uTorrentBar Community Toolbar.Nowy log wrzuć na wklej.org


(Mulensja) #3

Zrobiłem, ale nie było pytania o restart kompa

pokazał się log:

========== OTL ==========

HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\Start Page| /E : value set successfully!

Prefs.js: "qooqlle" removed from browser.search.selectedEngine

Prefs.js: "http://www.qooqlle.com/" removed from browser.startup.homepage

C:\Documents and Settings\PAwel\Dane aplikacji\Mozilla\Firefox\Profiles\a8q5h4qz.default\extensions{0b38152b-1b20-484d-a11f-5e04a9b0661f}\META-INF folder moved successfully.

C:\Documents and Settings\PAwel\Dane aplikacji\Mozilla\Firefox\Profiles\a8q5h4qz.default\extensions{0b38152b-1b20-484d-a11f-5e04a9b0661f}\components folder moved successfully.

C:\Documents and Settings\PAwel\Dane aplikacji\Mozilla\Firefox\Profiles\a8q5h4qz.default\extensions{0b38152b-1b20-484d-a11f-5e04a9b0661f}\chrome folder moved successfully.

C:\Documents and Settings\PAwel\Dane aplikacji\Mozilla\Firefox\Profiles\a8q5h4qz.default\extensions{0b38152b-1b20-484d-a11f-5e04a9b0661f} folder moved successfully.

C:\Documents and Settings\PAwel\Dane aplikacji\Mozilla\Firefox\Profiles\a8q5h4qz.default\extensions{57cc715d-37ca-44e4-9ec2-8c2cbddb25ec}\searchplugin folder moved successfully.

C:\Documents and Settings\PAwel\Dane aplikacji\Mozilla\Firefox\Profiles\a8q5h4qz.default\extensions{57cc715d-37ca-44e4-9ec2-8c2cbddb25ec}\META-INF folder moved successfully.

C:\Documents and Settings\PAwel\Dane aplikacji\Mozilla\Firefox\Profiles\a8q5h4qz.default\extensions{57cc715d-37ca-44e4-9ec2-8c2cbddb25ec}\lib folder moved successfully.

C:\Documents and Settings\PAwel\Dane aplikacji\Mozilla\Firefox\Profiles\a8q5h4qz.default\extensions{57cc715d-37ca-44e4-9ec2-8c2cbddb25ec}\defaults folder moved successfully.

C:\Documents and Settings\PAwel\Dane aplikacji\Mozilla\Firefox\Profiles\a8q5h4qz.default\extensions{57cc715d-37ca-44e4-9ec2-8c2cbddb25ec}\components folder moved successfully.

C:\Documents and Settings\PAwel\Dane aplikacji\Mozilla\Firefox\Profiles\a8q5h4qz.default\extensions{57cc715d-37ca-44e4-9ec2-8c2cbddb25ec}\chrome folder moved successfully.

C:\Documents and Settings\PAwel\Dane aplikacji\Mozilla\Firefox\Profiles\a8q5h4qz.default\extensions{57cc715d-37ca-44e4-9ec2-8c2cbddb25ec} folder moved successfully.

C:\Documents and Settings\PAwel\Dane aplikacji\Mozilla\Firefox\Profiles\a8q5h4qz.default\extensions{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\searchplugin folder moved successfully.

C:\Documents and Settings\PAwel\Dane aplikacji\Mozilla\Firefox\Profiles\a8q5h4qz.default\extensions{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\META-INF folder moved successfully.

C:\Documents and Settings\PAwel\Dane aplikacji\Mozilla\Firefox\Profiles\a8q5h4qz.default\extensions{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\lib folder moved successfully.

C:\Documents and Settings\PAwel\Dane aplikacji\Mozilla\Firefox\Profiles\a8q5h4qz.default\extensions{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\defaults folder moved successfully.

C:\Documents and Settings\PAwel\Dane aplikacji\Mozilla\Firefox\Profiles\a8q5h4qz.default\extensions{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\components folder moved successfully.

C:\Documents and Settings\PAwel\Dane aplikacji\Mozilla\Firefox\Profiles\a8q5h4qz.default\extensions{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\chrome folder moved successfully.

C:\Documents and Settings\PAwel\Dane aplikacji\Mozilla\Firefox\Profiles\a8q5h4qz.default\extensions{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} folder moved successfully.

C:\Documents and Settings\PAwel\Dane aplikacji\Mozilla\Firefox\Profiles\a8q5h4qz.default\extensions\engine@conduit.com\searchplugin folder moved successfully.

C:\Documents and Settings\PAwel\Dane aplikacji\Mozilla\Firefox\Profiles\a8q5h4qz.default\extensions\engine@conduit.com\META-INF folder moved successfully.

C:\Documents and Settings\PAwel\Dane aplikacji\Mozilla\Firefox\Profiles\a8q5h4qz.default\extensions\engine@conduit.com\lib folder moved successfully.

C:\Documents and Settings\PAwel\Dane aplikacji\Mozilla\Firefox\Profiles\a8q5h4qz.default\extensions\engine@conduit.com\DualPackage folder moved successfully.

C:\Documents and Settings\PAwel\Dane aplikacji\Mozilla\Firefox\Profiles\a8q5h4qz.default\extensions\engine@conduit.com\defaults folder moved successfully.

C:\Documents and Settings\PAwel\Dane aplikacji\Mozilla\Firefox\Profiles\a8q5h4qz.default\extensions\engine@conduit.com\components folder moved successfully.

C:\Documents and Settings\PAwel\Dane aplikacji\Mozilla\Firefox\Profiles\a8q5h4qz.default\extensions\engine@conduit.com\chrome folder moved successfully.

C:\Documents and Settings\PAwel\Dane aplikacji\Mozilla\Firefox\Profiles\a8q5h4qz.default\extensions\engine@conduit.com folder moved successfully.

C:\Documents and Settings\PAwel\Dane aplikacji\Mozilla\FireFox\Profiles\a8q5h4qz.default\searchplugins\daemon-search.xml moved successfully.

C:\Documents and Settings\PAwel\Dane aplikacji\Mozilla\FireFox\Profiles\a8q5h4qz.default\searchplugins\search.xml moved successfully.

C:\Documents and Settings\PAwel\Dane aplikacji\Mozilla\FireFox\Profiles\a8q5h4qz.default\searchplugins\winamp-search.xml moved successfully.

Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{0FB6A909-6086-458F-BD92-1F8EE10042A0}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID{0FB6A909-6086-458F-BD92-1F8EE10042A0}\ not found.

Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{00000000-0000-0000-0000-000000000000} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID{00000000-0000-0000-0000-000000000000}\ not found.

Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID{32099AAC-C132-4136-9E9A-4E364A424E17}\ not found.

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\GProton deleted successfully.

C:\Documents and Settings\All Users.WINDOWS\GProton.exe moved successfully.

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\nwiz deleted successfully.

Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\ALLUpdate deleted successfully.

Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\Rubin deleted successfully.

File C:\Documents and Settings\All Users.WINDOWS\GProton.exe not found.

C:\Documents and Settings\PAwel\Dane aplikacji\avdrn.dat moved successfully.

========== COMMANDS ==========

Error: Unable to interpret <[emptytemp> in the current context!

C:\windows\System32\drivers\etc\Hosts moved successfully.

HOSTS file reset successfully

OTL by OldTimer - Version 3.2.22.3 log created on 03142011_214326

Restertowac ?

-- Dodane 14.03.2011 (Pn) 22:04 --

http://wklej.org/id/492966/

to nowy log

Odinstalowalem Spybota,Winamp Toolbar, ale tych kolejnych juz nie widzialem w dodaj / usuń programy :Free Lunch Design Toolbar,uTorrentBar Community Toolbar.


(Acorus) #4

To nie jest nowy log po usuwaniu.


(Mulensja) #5

http://wklej.org/id/493016/

to nie wiem co źle zrobilem, może teraz ?

-- Dodane 14.03.2011 (Pn) 22:39 --

Po powtórnym wykonaniu skryptu:

http://wklej.org/id/493017/

program nie pyta o restart ....


(Acorus) #6

Pokaż nowy log z opcji Skanuj.


(Mulensja) #7

Witam, oto nowy scan.

Dziś strona qooqlle już się nie pojawiła jako startowa i za to serdecznie dziękuję, natomias pojawił sie inny problem. Komp się uruchamia, ale trwa kilka minut zanim znajdzie połączenie sieciowe, czy w ogóle połączy się z siecią (napasku przez te kilka minut nie ma nawet ikon "telewizorków" - pracuje na wireless.

czy na to coś tez poradzisz ?

Dzięki

http://wklej.org/id/493344/


(Acorus) #8

W porządku.W OTL użyj opcji Sprzątanie.Przeskanuj progr.Malwarebytes Anti-Malware.


(Mulensja) #9

Dziękuję, niestety pomimo uzycia opcji sprzatanie i zapuszczenia podanego programu .... komputer uruchamia się (od momentu pojawienia się zegara systemowego do pojawienia się wszystkich ikon na pasku /...6 minut !!

Aha, progam nie znalzał zainfekowanych plików, a po sprzątaniu zrobilem rsetart