przez TOM8220 20 Cze 2014, 08:37
Extras.Txt OTL.Txtprzez ordynat 20 Cze 2014, 09:09
:OTL
DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys -- (esgiguard)
DRV:64bit: - [2014-05-22 18:27:42 | 000,061,112 | ---- | M] (StdLib) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\{9edd0ea8-2819-47c2-8320-b007d5996f8a}Gw64.sys -- ({9edd0ea8-2819-47c2-8320-b007d5996f8a}Gw64)
DRV:64bit: - [2014-05-22 18:24:44 | 000,061,120 | ---- | M] (StdLib) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\{8ce1c375-1e13-43f7-a4fd-6530f47c4fde}Gw64.sys -- ({8ce1c375-1e13-43f7-a4fd-6530f47c4fde}Gw64)
IE - HKLM\..\URLSearchHook: {b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14} - SOFTWARE\Classes\CLSID\{b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14}\InprocServer32 File not found
IE - HKCU\..\URLSearchHook: {b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14} - SOFTWARE\Classes\CLSID\{b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14}\InprocServer32 File not found
FF - prefs.js..browser.search.defaultenginename: "BitTorrentControl_v12 Customized Web Search"
FF - prefs.js..browser.search.defaultthis.engineName: "BitTorrentControl_v12 Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT3225826&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.order.1: "v9"
FF - prefs.js..extensions.enabledAddons: {9edd0ea8-2819-47c2-8320-b007d5996f8a}:1.0.1
[2014-05-04 10:48:34 | 000,000,000 | ---D | M] (BitTorrentControl_v12) -- C:\Users\Tomek\AppData\Roaming\mozilla\Firefox\Profiles\w6mpsi87.default\extensions\{b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14}
[2013-03-17 15:14:44 | 000,000,945 | ---- | M] () -- C:\Users\Tomek\AppData\Roaming\mozilla\firefox\profiles\w6mpsi87.default\searchplugins\conduit.xml
[2012-10-25 08:34:54 | 000,001,999 | ---- | M] () -- C:\Users\Tomek\AppData\Roaming\mozilla\firefox\profiles\w6mpsi87.default\searchplugins\myplaycity.xml
File not found (No name found) -- C:\USERS\TOMEK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W6MPSI87.DEFAULT\EXTENSIONS\{9EDD0EA8-2819-47C2-8320-B007D5996F8A}.XPI
[2013-09-19 11:39:21 | 000,000,402 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\v9.xml
O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No CLSID value found.
O2 - BHO: (BitTorrentControl_v12 Toolbar) - {b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14} - C:\Program Files (x86)\BitTorrentControl_v12\prxtbBitT.dll File not found
O3 - HKLM\..\Toolbar: (BitTorrentControl_v12 Toolbar) - {b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14} - C:\Program Files (x86)\BitTorrentControl_v12\prxtbBitT.dll File not found
O3 - HKCU\..\Toolbar\WebBrowser: (BitTorrentControl_v12 Toolbar) - {B6AC5E3C-5CEB-4E72-B451-F0E1BA983C14} - C:\Program Files (x86)\BitTorrentControl_v12\prxtbBitT.dll File not found
O3:HKU - HKCU\..\Toolbar\WebBrowser: (BitTorrentControl_v12 Toolbar) - {B6AC5E3C-5CEB-4E72-B451-F0E1BA983C14} - C:\Users\Tomek\AppData\LocalLow\BitTorrentControl_v12\prxtbBit0.dll File not found
O4 - HKCU..\Run: [BackgroundContainerV2] "C:\Windows\SysWOW64\Rundll32.exe" "C:\Users\Tomek\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll",DllRun File not found
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 10.55.2)
O16 - DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 1.6.0_33)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 10.55.2)
[2014-05-31 13:45:05 | 000,061,120 | ---- | C] (StdLib) -- C:\Windows\SysNative\drivers\{8ce1c375-1e13-43f7-a4fd-6530f47c4fde}Gw64.sys
[2014-05-24 19:42:19 | 000,000,000 | ---D | C] -- C:\Users\Tomek\AppData\Roaming\eCyber
[2014-05-24 19:42:09 | 000,043,520 | ---- | C] (Elex do Brasil cenzura!ções Ltda) -- C:\Windows\SysNative\drivers\iSafeKrnlBoot.sys
[2014-05-24 19:42:08 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\log
[2014-05-24 19:42:01 | 000,000,000 | ---D | C] -- C:\Users\Tomek\AppData\Roaming\iSafe
[2014-05-24 16:03:29 | 000,061,112 | ---- | C] (StdLib) -- C:\Windows\SysNative\drivers\{9edd0ea8-2819-47c2-8320-b007d5996f8a}Gw64.sys
[2014-05-24 19:42:19 | 000,000,000 | ---D | M] -- C:\Users\Tomek\AppData\Roaming\eCyber
[2014-05-24 19:58:23 | 000,000,000 | ---D | M] -- C:\Users\Tomek\AppData\Roaming\iSafe
:Files
C:\Users\Tomek\AppData\Local\Google\Chrome\User Data\Default\Extensions\dknkjnkhedbanphkkpbpcgoblmkbfhlf
C:\Windows\SysNative\drivers\{8ce1c375-1e13-43f7-a4fd-6530f47c4fde}Gw64.sys
C:\Windows\SysNative\drivers\{9edd0ea8-2819-47c2-8320-b007d5996f8a}Gw64.sys
:Reg
[-HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{28BD3ACD-9B8E-479D-914B-CDC7DE94C3A6}]
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2]
:Commands
[emptytemp]
[2013-02-14 21:09:49 | 000,000,080 | RHS- | C] () -- C:\Windows\SysWow64\3FA5F597EF.dll
przez TOM8220 20 Cze 2014, 10:52
Użytkownicy przeglądający to forum: Brak zarejestrowanych użytkowników oraz 6 gości
