Otwierajace sie strony

**Posty:** 7 · przez **mati771** 12 Gru 2009, 14:35

Witam. Zlapalem jakiegos syfa i otwieraja mi sie same okna przegladarki firefox z jakimis reklamami.
Oto tagi
OTL.txt:
http://www.wklej.org/id/232933/
Extras.txt:
http://www.wklej.org/id/232929/
Prosze o pomoc

**Posty:** 2183 · przez **NieWiem** 12 Gru 2009, 14:47

Jakaś plaga tego badziewia ostatnio... Po jakich stronkach wy chodzicie?

Przeczytaj uważnie instrukcję programu ComboFix, po czym wyłącz swój program antywirusowy, firewall i inne programy, które mogą zakłócać nawet pobieranie ComboFixa twierdząc, że jest wirusem. Nie jest! Spokojnie go ściągnij i zapisz na pulpicie.
Pobierz z któregoś poniższego linku:
- LINK #1
- LINK #2
Pozamykaj wszystkie otwarte okna, komunikatory, programy. ComboFixowi nie powinno sie przeszkadzać.
Uruchom program z dwukliku (VISTA: prawoklik i 'uruchom jako administrator').
Pozwól mu spokojnie działać, nie klikaj ani nie stukaj w klawiaturę - to może spwodować zawieszenie się komputera.
Zalecane jest też instalowanie konsoli odzyskiwania, jeśli ComboFix o nią poprosi. Dzięki niej można odrolować zmiany w przypadku pomyłki narzędzia.
Jeśli będzie potrzeba - zgódź się na restart.
Kiedy program skończy, wytworzy loga (będzie on także w pliku C:\ComboFix.txt), którego wklej w odpowiedzi, pamiętając o tagach [code] lub na http://www.wklej.org.

Pobierz program DDS:
Kliknij dwukrotnie na ikonę, aby uruchomić program (użytkownicy systemów Vista oraz Se7en => prawoklik oraz wybrać opcję Uruchom jako Administrator).
Wyskoczy DOSowe okienko informujące, że w tle odbywa się nieingerencyjne skanowanie. Gdy zostanie zakończone, zostanie pokazane okno z komunikatem.
Wygenerowane przez program logi DDS.txt oraz Attach.txt proszę załączyć w poście w tagach [code] lub wkleić na stronie http://www.wklej.org.

**Posty:** 7 · przez **mati771** 12 Gru 2009, 14:57

DDS.txt

Kod: Zaznacz wszystko: DDS (Ver_09-09-29.01) - NTFSx86 Run by Administrator at 13:54:10,82 on 2009-12-12 Internet Explorer: 8.0.6001.18702 Microsoft Windows XP Professional 5.1.2600.3.1250.48.1045.18.2047.1126 [GMT 1:00] AV: COMODO Antivirus *On-access scanning enabled* (Updated) {043803A5-4F86-4ef7-AFC5-F6E02A79969B} AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF} FW: COMODO Firewall *enabled* {043803A3-4F86-4ef6-AFC5-F6E02A79969B} ============== Running Processes =============== C:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe C:\WINDOWS\system32\svchost.exe -k netsvcs svchost.exe svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE svchost.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\WINDOWS\RTHDCPL.EXE C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\Java\jre6\bin\jusched.exe C:\PROGRA~1\AVG\AVG8\avgtray.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe C:\Program Files\COMODO\COMODO Internet Security\cfp.exe C:\Program Files\Internet Today\1.1.0.1260\InternetToday.exe C:\Program Files\Internet Today\1.1.0.1260\InternetToday.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Gadu-Gadu 10\gg.exe C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe C:\Program Files\Gadu-Gadu 10\spellchecker_gg.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe C:\PROGRA~1\AVG\AVG8\avgrsx.exe C:\PROGRA~1\AVG\AVG8\avgnsx.exe C:\PROGRA~1\AVG\AVG8\avgemc.exe C:\Program Files\AVG\AVG8\avgcsrvx.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Documents and Settings\Administrator.KOWALIK-AF65614\Pulpit\dds.com ============== Pseudo HJT Report =============== uStart Page = hxxp://www.onet.pl/ uURLSearchHooks: H - No File uURLSearchHooks: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg8\toolbar\IEToolbar.dll mURLSearchHooks: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg8\toolbar\IEToolbar.dll BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: Automated Content Enhancer: {1d74e9dd-8987-448b-b2cb-67fff2b8a932} - c:\program files\automated content enhancer\4.1.0.5260\ACEIEAddOn.dll BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg8\avgssie.dll BHO: Customized Platform Advancer: {42c7c39f-3128-4a17-bdb7-91c46032b5b9} - c:\program files\customized platform advancer\4.1.0.1850\CPAIEAddOn.dll BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll BHO: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg8\toolbar\IEToolbar.dll BHO: Content Management Wizard: {b72681c0-a222-4b21-a0e2-53a5a5ca3d41} - c:\program files\content management wizard\1.1.0.1990\CMWIE.dll BHO: Textual Content Provider: {cac89ff9-34a9-4431-8cfe-292a47f843bc} - c:\program files\textual content provider\1.1.0.1810\TCPIE.dll BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll BHO: Web Search Operator: {eb4a577d-bcad-4b1c-8af2-9a74b8dd3431} - c:\program files\web search operator\4.1.0.1990\wso.dll BHO: IEPluginBHO Class: {f5cc7f02-6f4e-4462-b5b1-394a57fd3e0d} - c:\documents and settings\administrator.kowalik-af65614\dane aplikacji\gadu-gadu 10\_userdata\ggbho.2.dll TB: AVG Security Toolbar: {ccc7a320-b3ca-4199-b1a6-9f516dd69829} - c:\program files\avg\avg8\toolbar\IEToolbar.dll TB: {A057A204-BACC-4D26-9990-79A187E2698E} - No File TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File TB: {32099AAC-C132-4136-9E9A-4E364A424E17} - No File TB: {D45817B8-3EAD-4D1D-8FCA-EC63A8E35DE2} - No File uRun: [CTFMON.EXE] c:\windows\system32\ctfmon.exe uRun: [Gadu-Gadu 10] "c:\program files\gadu-gadu 10\gg.exe" uRun: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "c:\program files\common files\ahead\lib\NMBgMonitor.exe" uRun: [DAEMON Tools Lite] "c:\program files\daemon tools lite\DTLite.exe" -autorun uRun: [cdoosoft] c:\docume~1\admini~1.kow\ustawi~1\temp\herss.exe mRun: [RTHDCPL] RTHDCPL.EXE mRun: [Alcmtr] ALCMTR.EXE mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup mRun: [nwiz] nwiz.exe /install mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe" mRun: [AVG8_TRAY] c:\progra~1\avg\avg8\avgtray.exe mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe" mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe" mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe" mRun: [NeroFilterCheck] c:\program files\common files\ahead\lib\NeroCheck.exe mRun: [ISUSPM Startup] c:\progra~1\common~1\instal~1\update~1\isuspm.exe -startup mRun: [ISUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start mRun: [COMODO Internet Security] "c:\program files\comodo\comodo internet security\cfp.exe" -h mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime mRun: [Internet Today Task] "c:\program files\internet today\1.1.0.1260\InternetToday.exe" dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE IE: E&ksportuj do programu Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000 IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab TCP: {29F39C21-4DA4-4EC9-9E38-A2D08947EB98} = 172.20.1.1,213.134.134.134 Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg8\avgpp.dll Notify: avgrsstarter - avgrsstx.dll AppInit_DLLs: c:\windows\system32\guard32.dll SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll ================= FIREFOX =================== FF - ProfilePath - c:\docume~1\admini~1.kow\daneap~1\mozilla\firefox\profiles\f3c8f6oq.default\ FF - prefs.js: browser.startup.homepage - hxxp://onet.pl FF - component: c:\program files\automated content enhancer\4.1.0.5260\ff\components\ACEFFAddOn.dll FF - component: c:\program files\avg\avg8\toolbar\firefox\avg@igeared\components\IGeared_tavgp_xputils2.dll FF - component: c:\program files\avg\avg8\toolbar\firefox\avg@igeared\components\IGeared_tavgp_xputils3.dll FF - component: c:\program files\avg\avg8\toolbar\firefox\avg@igeared\components\IGeared_tavgp_xputils35.dll FF - component: c:\program files\avg\avg8\toolbar\firefox\avg@igeared\components\xpavgtbapi.dll FF - component: c:\program files\customized platform advancer\4.1.0.1850\ff\components\CPAFFAddOn.dll FF - component: c:\program files\web search operator\4.1.0.1990\ff\components\WSOFFAddOn.dll FF - plugin: c:\documents and settings\administrator.kowalik-af65614\dane aplikacji\gadu-gadu 10\_userdata\npgg.2.dll FF - plugin: c:\program files\opera\program\plugins\nppl3260.dll FF - plugin: c:\program files\opera\program\plugins\nprpjplug.dll ---- FIREFOX POLICIES ---- c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true); ============= SERVICES / DRIVERS =============== R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2009-11-26 335240] R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2009-11-26 27784] R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-11-26 108552] R1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\drivers\cmdguard.sys [2009-12-4 133064] R1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\drivers\cmdhlp.sys [2009-12-4 25160] R2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\avg\avg8\avgemc.exe [2009-11-27 908056] R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\avg\avg8\avgwdsvc.exe [2009-11-27 297752] R2 cmdAgent;COMODO Internet Security Helper Service;c:\program files\comodo\comodo internet security\cmdagent.exe [2009-12-4 723632] R3 AtcL001;NDIS Miniport Driver for Attansic L1 Gigabit Ethernet Controller;c:\windows\system32\drivers\atl01_xp.sys [2009-11-26 38656] =============== Created Last 30 ================ 2009-12-12 10:17 <DIR> --d----- c:\windows\system32\appmgmt 2009-12-12 10:13 <DIR> --d----- c:\docume~1\alluse~1.win\daneap~1\AVG Security Toolbar 2009-12-12 01:50 <DIR> --d----- c:\program files\Textual Content Provider 2009-12-12 01:50 <DIR> --d----- c:\program files\Content Management Wizard 2009-12-12 01:49 <DIR> --d----- c:\program files\Internet Today 2009-12-12 01:49 <DIR> --d----- c:\program files\Customized Platform Advancer 2009-12-12 01:49 <DIR> --d----- c:\program files\Automated Content Enhancer 2009-12-12 01:49 <DIR> --d----- c:\program files\Web Search Operator 2009-12-12 01:48 <DIR> --d----- c:\program files\HottieStar Toolbar 2009-12-07 16:24 69 a------- c:\windows\NeroDigital.ini 2009-12-05 13:32 <DIR> --d----- c:\program files\SystemRequirementsLab 2009-12-05 13:32 <DIR> --d----- c:\documents and settings\administrator.kowalik-af65614\SystemRequirementsLab 2009-12-04 16:10 <DIR> --d----- c:\docume~1\alluse~1.win\daneap~1\Comodo 2009-12-04 16:10 171,552 a------- c:\windows\system32\guard32.dll 2009-12-04 16:10 133,064 a------- c:\windows\system32\drivers\cmdguard.sys 2009-12-04 16:10 25,160 a------- c:\windows\system32\drivers\cmdhlp.sys 2009-12-04 16:06 130 a------- c:\windows\cfplogvw.INI 2009-12-04 15:58 1,474,832 a------- c:\windows\system32\drivers\sfi.dat 2009-12-04 15:57 <DIR> --d----- c:\docume~1\admini~1.kow\daneap~1\Comodo 2009-12-04 15:56 <DIR> --d----- c:\program files\COMODO 2009-12-02 22:12 <DIR> --d----- c:\docume~1\alluse~1.win\daneap~1\OpenFM 2009-12-02 22:12 <DIR> --d----- c:\docume~1\admini~1.kow\daneap~1\OpenFM 2009-12-02 10:05 <DIR> --d----- c:\docume~1\alluse~1.win\daneap~1\ipla 2009-12-02 10:05 <DIR> --d----- c:\docume~1\admini~1.kow\daneap~1\ipla 2009-12-02 10:05 <DIR> --d----- c:\program files\ipla 2009-12-02 10:05 1,700,352 a------- c:\windows\system32\gdiplus.dll 2009-12-02 10:05 1,060,864 a------- c:\windows\system32\mfc71.dll 2009-12-01 09:46 <DIR> --d----- c:\docume~1\alluse~1.win\daneap~1\Farm Frenzy 2009-12-01 09:46 <DIR> --d----- c:\docume~1\alluse~1.win\daneap~1\AlawarWrapper 2009-11-30 15:42 73,728 a------- c:\windows\system32\ISUSPM.cpl 2009-11-30 15:35 2,297,552 a------- c:\windows\system32\d3dx9_26.dll 2009-11-30 15:35 <DIR> --d----- c:\windows\Logs 2009-11-30 15:24 271,360 a------- c:\windows\system32\drivers\atksgt.sys 2009-11-30 15:24 18,048 a------- c:\windows\system32\drivers\lirsgt.sys 2009-11-30 15:14 691,696 a------- c:\windows\system32\drivers\sptd.sys 2009-11-30 15:14 <DIR> --d----- c:\program files\DAEMON Tools Lite 2009-11-30 15:14 <DIR> --d----- c:\docume~1\admini~1.kow\daneap~1\DAEMON Tools Lite 2009-11-30 15:14 <DIR> --d----- c:\docume~1\alluse~1.win\daneap~1\DAEMON Tools Lite 2009-11-28 12:48 26,368 ac------ c:\windows\system32\dllcache\usbstor.sys 2009-11-28 12:01 <DIR> --d-h--- C:\$AVG8.VAULT$ 2009-11-28 11:40 <DIR> --d----- c:\program files\Nero 2009-11-28 11:40 <DIR> --d----- c:\docume~1\alluse~1.win\daneap~1\Nero 2009-11-28 11:06 274,288 a------- c:\windows\system32\mucltui.dll 2009-11-28 11:06 215,920 a------- c:\windows\system32\muweb.dll 2009-11-28 11:06 17,776 a------- c:\windows\system32\mucltui.dll.mui 2009-11-28 11:05 32,592 a------- c:\windows\system32\msonpmon.dll 2009-11-28 11:02 <DIR> --d----- c:\windows\SHELLNEW 2009-11-28 10:39 <DIR> --d----- c:\program files\uTorrent 2009-11-28 10:38 <DIR> --d----- c:\docume~1\admini~1.kow\daneap~1\uTorrent 2009-11-28 10:27 118,784 a------- c:\windows\system32\ac3acm.acm 2009-11-28 10:27 130,048 a------- c:\windows\system32\xvidvfw.dll 2009-11-28 10:25 499,712 a------- c:\windows\system32\msvcp71.dll 2009-11-28 10:25 348,160 a------- c:\windows\system32\msvcr71.dll 2009-11-28 10:25 <DIR> --d----- c:\program files\Real Alternative 2009-11-28 10:14 892,928 a------- c:\windows\system32\iconv.dll 2009-11-28 10:14 881,664 a------- c:\windows\system32\xvidcore.dll 2009-11-28 10:14 675,840 a------- c:\windows\system32\ac3filter.ax 2009-11-28 10:04 493,080 a------- c:\windows\system32\evr.dll 2009-11-28 10:04 207,360 a------- c:\windows\system32\evrprop.dll 2009-11-28 10:04 73,752 a------- c:\windows\system32\dxva2.dll 2009-11-28 10:04 258,048 a------- c:\windows\system32\libFLAC.dll 2009-11-28 10:04 79,360 a------- c:\windows\system32\mkzlib.dll 2009-11-28 10:04 23,552 a------- c:\windows\system32\mkunicode.dll 2009-11-28 09:39 <DIR> --d----- c:\program files\NAPI-PROJEKT 2009-11-28 09:39 <DIR> --d----- c:\program files\ALLPlayer 2009-11-28 09:26 <DIR> --d----- c:\windows\RegisteredPackages 2009-11-27 15:13 <DIR> --d----- c:\windows\SxsCaPendDel 2009-11-27 15:13 <DIR> --d----- c:\docume~1\admini~1.kow\daneap~1\Gadu-Gadu 10 2009-11-27 15:13 <DIR> --d----- c:\program files\Gadu-Gadu 10 2009-11-27 15:09 <DIR> --dsh--- c:\documents and settings\administrator.kowalik-af65614\IECompatCache 2009-11-27 15:08 <DIR> --dsh--- c:\documents and settings\administrator.kowalik-af65614\PrivacIE 2009-11-27 15:07 <DIR> --dsh--- c:\documents and settings\administrator.kowalik-af65614\IETldCache 2009-11-27 15:06 92,160 -c------ c:\windows\system32\dllcache\iecompat.dll 2009-11-27 15:06 <DIR> --d----- c:\windows\ie8updates 2009-11-27 15:05 11,069,952 -c------ c:\windows\system32\dllcache\ieframe.dll 2009-11-27 15:05 1,985,536 -c------ c:\windows\system32\dllcache\iertutil.dll 2009-11-27 15:05 594,432 -c------ c:\windows\system32\dllcache\msfeeds.dll 2009-11-27 15:05 246,272 -c------ c:\windows\system32\dllcache\ieproxy.dll 2009-11-27 15:05 55,296 -c------ c:\windows\system32\dllcache\msfeedsbs.dll 2009-11-27 15:05 12,800 -c------ c:\windows\system32\dllcache\xpshims.dll 2009-11-27 15:05 <DIR> -cd-h--- c:\windows\ie8 2009-11-27 14:52 <DIR> --d----- c:\windows\system32\pl-pl 2009-11-27 14:52 <DIR> --d----- c:\windows\system32\pl 2009-11-27 14:52 <DIR> --d----- c:\windows\system32\bits 2009-11-27 14:52 <DIR> --d----- c:\windows\l2schemas 2009-11-27 14:48 <DIR> --d----- c:\windows\network diagnostic 2009-11-27 09:17 <DIR> --dsh--- c:\documents and settings\administrator.kowalik-af65614\UserData 2009-11-27 09:01 701,440 -------- c:\windows\system32\drivers\ati2mtag.sys 2009-11-27 08:52 273,024 -c------ c:\windows\system32\dllcache\bthport.sys 2009-11-27 08:52 273,024 -------- c:\windows\system32\drivers\bthport.sys 2009-11-27 08:47 203,136 -c------ c:\windows\system32\dllcache\rmcast.sys 2009-11-27 08:47 455,296 -c------ c:\windows\system32\dllcache\mrxsmb.sys 2009-11-27 08:47 333,952 -c------ c:\windows\system32\dllcache\srv.sys 2009-11-27 08:47 1,315,328 -c------ c:\windows\system32\dllcache\msoe.dll 2009-11-27 08:47 691,712 -c------ c:\windows\system32\dllcache\inetcomm.dll 2009-11-27 08:46 337,408 -c------ c:\windows\system32\dllcache\netapi32.dll 2009-11-27 08:46 218,112 -c------ c:\windows\system32\dllcache\wordpad.exe 2009-11-26 22:22 <DIR> --d----- c:\windows\system32\PreInstall 2009-11-26 22:22 <DIR> --d-h--- c:\windows\$hf_mig$ 2009-11-26 21:57 <DIR> --d----- c:\windows\system32\SoftwareDistribution 2009-11-26 21:57 108,552 a------- c:\windows\system32\drivers\avgtdix.sys 2009-11-26 21:57 11,952 a------- c:\windows\system32\avgrsstx.dll 2009-11-26 21:57 335,240 a------- c:\windows\system32\drivers\avgldx86.sys 2009-11-26 21:57 <DIR> --d----- c:\windows\system32\drivers\Avg 2009-11-26 21:57 <DIR> --d----- c:\docume~1\admini~1.kow\daneap~1\AVGTOOLBAR 2009-11-26 21:56 <DIR> --d----- c:\program files\AVG 2009-11-26 21:56 <DIR> --d----- c:\docume~1\alluse~1.win\daneap~1\avg8 2009-11-26 19:20 411,368 a------- c:\windows\system32\deploytk.dll 2009-11-26 19:20 73,728 a------- c:\windows\system32\javacpl.cpl 2009-11-26 17:53 13,646 a------- c:\windows\system32\wpa.bak 2009-11-26 15:51 3,072 a------- c:\windows\system32\drivers\audstub.sys 2009-11-26 15:50 58,880 a------- c:\windows\system32\drivers\redbook.sys 2009-11-26 15:50 77,312 a------- c:\windows\system32\usbui.dll 2009-11-26 15:49 <DIR> --d----- c:\program files\common files\ODBC 2009-11-26 15:49 <DIR> --d----- c:\program files\common files\SpeechEngines 2009-11-26 15:48 <DIR> --d--r-- C:\Program Files 2009-11-26 15:48 <DIR> --d-h--- c:\documents and settings\all users.windows\Szablony 2009-11-26 15:48 <DIR> --d--r-- c:\documents and settings\all users.windows\Menu Start 2009-11-26 15:48 <DIR> --d--r-- c:\documents and settings\all users.windows\Dokumenty 2009-11-26 15:48 <DIR> --d----- c:\documents and settings\all users.windows\Ulubione 2009-11-26 15:48 <DIR> --d----- c:\documents and settings\all users.windows\Pulpit 2009-11-26 15:47 37,509 ac------ c:\windows\system32\dllcache\MW770.CAT 2009-11-26 15:47 13,497 ac------ c:\windows\system32\dllcache\HPCRDP.CAT 2009-11-26 15:47 8,599 ac------ c:\windows\system32\dllcache\IASNT4.CAT 2009-11-26 15:47 7,407 ac------ c:\windows\system32\dllcache\OEMBIOS.CAT 2009-11-26 15:47 7,334 ac------ c:\windows\system32\dllcache\wmerrenu.cat 2009-11-26 15:47 1,014,483 ac------ c:\windows\system32\dllcache\SP2.CAT 2009-11-26 15:47 808,524 ac------ c:\windows\system32\dllcache\NT5IIS.CAT 2009-11-26 15:47 399,670 ac------ c:\windows\system32\dllcache\MAPIMIG.CAT 2009-11-26 15:46 14,043 a----r-- c:\windows\SET8.tmp 2009-11-26 15:46 1,086,058 a----r-- c:\windows\SET4.tmp 2009-11-26 15:46 1,014,483 a----r-- c:\windows\SET3.tmp 2009-11-26 15:46 <DIR> --d----- c:\windows\system32\CatRoot2 2009-11-26 15:46 <DIR> --d----- c:\windows\system32\CatRoot 2009-11-26 15:46 <DIR> --d-hr-- c:\documents and settings\all users.windows\Dane aplikacji 2009-11-26 15:45 560 a------- c:\windows\system32\$winnt$.inf 2009-11-26 15:28 <DIR> --d----- c:\docume~1\admini~1.kow\daneap~1\Gadu-Gadu 2009-11-26 15:27 <DIR> --d----- c:\documents and settings\administrator.kowalik-af65614\Gadu-Gadu 2009-11-26 15:17 <DIR> --d----- c:\program files\Attansic 2009-11-26 15:14 <DIR> --d----- c:\program files\Realtek 2009-11-26 15:03 <DIR> --d-hr-- c:\documents and settings\administrator.kowalik-af65614\Dane aplikacji 2009-11-26 15:03 <DIR> --d-h--- c:\documents and settings\administrator.kowalik-af65614\Ustawienia lokalne 2009-11-26 15:03 <DIR> --d-h--- c:\documents and settings\administrator.kowalik-af65614\Szablony 2009-11-26 15:03 <DIR> --d--r-- c:\documents and settings\administrator.kowalik-af65614\Ulubione 2009-11-26 15:03 <DIR> --d--r-- c:\documents and settings\administrator.kowalik-af65614\Moje dokumenty 2009-11-26 15:03 <DIR> --d--r-- c:\documents and settings\administrator.kowalik-af65614\Menu Start 2009-11-26 15:03 <DIR> --d----- c:\documents and settings\administrator.kowalik-af65614\Pulpit 2009-11-26 14:58 <DIR> --dsh--- c:\documents and settings\all users.windows\DRM 2009-11-26 14:58 <DIR> --d-h--- c:\program files\WindowsUpdate 2009-11-26 14:58 <DIR> --d----- c:\program files\Usługi online 2009-11-26 14:56 <DIR> --d----- c:\program files\common files\MSSoap 2009-11-26 14:54 <DIR> --d----- c:\program files\Messenger 2009-11-26 14:54 <DIR> --d----- c:\program files\MSN Gaming Zone 2009-11-26 14:53 <DIR> --d----- c:\program files\Windows NT ==================== Find3M ==================== 2009-11-28 10:07 355,830 a------- c:\windows\system32\perfh015.dat 2009-11-28 10:07 49,712 a------- c:\windows\system32\perfc015.dat 2009-11-27 14:55 86,327 a------- c:\windows\pchealth\helpctr\offlinecache\index.dat 2009-11-26 15:13 315,392 a------- c:\windows\HideWin.exe 2009-11-26 14:54 21,856 a------- c:\windows\system32\emptyregdb.dat 2009-10-29 08:43 916,480 a------- c:\windows\system32\wininet.dll 2009-10-21 06:40 75,776 a------- c:\windows\system32\strmfilt.dll 2009-10-21 06:40 25,088 a------- c:\windows\system32\httpapi.dll 2009-10-20 17:20 265,728 a------- c:\windows\system32\drivers\http.sys 2009-10-13 11:34 271,360 a------- c:\windows\system32\oakley.dll 2009-10-12 14:40 150,016 a------- c:\windows\system32\rastls.dll 2009-10-12 14:40 79,872 a------- c:\windows\system32\raschap.dll 2006-06-23 07:48 32,768 a----r-- c:\windows\inf\UpdateUSB.exe ============= FINISH: 13:55:49,84 ===============

Attach.txt

Kod: Zaznacz wszystko: UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT DDS (Ver_09-09-29.01) Microsoft Windows XP Professional Boot Device: \Device\HarddiskVolume1 Install Date: 2009-11-26 15:02:18 System Uptime: 2009-12-12 10:09:24 (3 hours ago) Motherboard: ASUSTeK Computer INC. | | P5K SE Processor: Intel(R) Core(TM)2 Duo CPU E4500 @ 2.20GHz | LGA775 | 2200/200mhz ==== Disk Partitions ========================= A: is Removable C: is FIXED (NTFS) - 29 GiB total, 14,349 GiB free. D: is FIXED (NTFS) - 102 GiB total, 41,262 GiB free. E: is FIXED (NTFS) - 102 GiB total, 39,022 GiB free. F: is CDROM () H: is CDROM () ==== Disabled Device Manager Items ============= ==== System Restore Points =================== RP17: 2009-11-27 15:03:50 - Software Distribution Service 3.0 RP18: 2009-11-28 09:23:14 - Software Distribution Service 3.0 RP19: 2009-11-28 09:26:40 - Installed Windows Media Format Runtime RP20: 2009-11-28 10:05:06 - Software Distribution Service 3.0 RP21: 2009-11-28 10:52:36 - Installed Adobe Reader 9.2 - Polish. RP22: 2009-11-28 11:01:47 - Installed Microsoft Office Enterprise 2007 RP23: 2009-11-28 11:05:18 - Zainstalowane sterowniki drukarek: Send To Microsoft OneNote Dr RP24: 2009-11-28 11:40:21 - Zainstalowano: Nero 7 Essentials RP25: 2009-11-29 09:46:41 - Software Distribution Service 3.0 RP26: 2009-11-30 09:00:04 - Software Distribution Service 3.0 RP27: 2009-11-30 15:14:59 - SPTD setup V1.62 RP28: 2009-11-30 15:19:38 - Zainstalowane Gothic III RP29: 2009-11-30 15:24:28 - Zainstalowano: Microsoft Visual C++ 2005 Redistributable RP30: 2009-11-30 15:35:54 - Zainstalowany program DirectX RP31: 2009-11-30 15:42:27 - Installed Gothic III Release Update RP32: 2009-12-02 11:46:19 - Punkt kontrolny systemu RP33: 2009-12-05 09:36:52 - Punkt kontrolny systemu RP34: 2009-12-07 14:17:43 - Punkt kontrolny systemu RP35: 2009-12-08 20:33:52 - Punkt kontrolny systemu RP36: 2009-12-10 09:35:59 - Avg8 Update RP37: 2009-12-11 07:52:36 - Zainstalowano: QuickTime RP38: 2009-12-11 11:45:50 - Software Distribution Service 3.0 RP39: 2009-12-12 10:11:40 - Avg8 Update RP40: 2009-12-12 10:13:02 - Avg8 Update RP41: 2009-12-12 10:17:35 - Removed Ask Toolbar. RP42: 2009-12-12 10:18:18 - Removed Ask Toolbar. ==== Installed Programs ====================== 2007 Microsoft Office Suite Service Pack 1 (SP1) Adobe Flash Player 10 ActiveX Adobe Flash Player 10 Plugin Adobe Reader 9.2 - Polish Aktualizacja dla systemu Windows Internet Explorer 8 (KB975364) Aktualizacja dla systemu Windows Internet Explorer 8 (KB976749) Aktualizacja dla systemu Windows XP (KB951978) Aktualizacja dla systemu Windows XP (KB967715) Aktualizacja dla systemu Windows XP (KB968389) Aktualizacja dla systemu Windows XP (KB971737) Aktualizacja dla systemu Windows XP (KB973687) Aktualizacja dla systemu Windows XP (KB973815) Aktualizacja zabezpieczeń dla programu Windows Media Player (KB952069) Aktualizacja zabezpieczeń dla programu Windows Media Player (KB954155) Aktualizacja zabezpieczeń dla programu Windows Media Player (KB968816) Aktualizacja zabezpieczeń dla programu Windows Media Player (KB973540) Aktualizacja zabezpieczeń dla systemu Windows Internet Explorer 8 (KB971961) Aktualizacja zabezpieczeń dla systemu Windows Internet Explorer 8 (KB974455) Aktualizacja zabezpieczeń dla systemu Windows Internet Explorer 8 (KB976325) Aktualizacja zabezpieczeń dla systemu Windows XP (KB923561) Aktualizacja zabezpieczeń dla systemu Windows XP (KB923789) Aktualizacja zabezpieczeń dla systemu Windows XP (KB946648) Aktualizacja zabezpieczeń dla systemu Windows XP (KB950762) Aktualizacja zabezpieczeń dla systemu Windows XP (KB950974) Aktualizacja zabezpieczeń dla systemu Windows XP (KB951066) Aktualizacja zabezpieczeń dla systemu Windows XP (KB951376-v2) Aktualizacja zabezpieczeń dla systemu Windows XP (KB951748) Aktualizacja zabezpieczeń dla systemu Windows XP (KB952004) Aktualizacja zabezpieczeń dla systemu Windows XP (KB952954) Aktualizacja zabezpieczeń dla systemu Windows XP (KB955069) Aktualizacja zabezpieczeń dla systemu Windows XP (KB956572) Aktualizacja zabezpieczeń dla systemu Windows XP (KB956744) Aktualizacja zabezpieczeń dla systemu Windows XP (KB956802) Aktualizacja zabezpieczeń dla systemu Windows XP (KB956803) Aktualizacja zabezpieczeń dla systemu Windows XP (KB956844) Aktualizacja zabezpieczeń dla systemu Windows XP (KB957097) Aktualizacja zabezpieczeń dla systemu Windows XP (KB958644) Aktualizacja zabezpieczeń dla systemu Windows XP (KB958687) Aktualizacja zabezpieczeń dla systemu Windows XP (KB958869) Aktualizacja zabezpieczeń dla systemu Windows XP (KB959426) Aktualizacja zabezpieczeń dla systemu Windows XP (KB960225) Aktualizacja zabezpieczeń dla systemu Windows XP (KB960803) Aktualizacja zabezpieczeń dla systemu Windows XP (KB960859) Aktualizacja zabezpieczeń dla systemu Windows XP (KB961371-v2) Aktualizacja zabezpieczeń dla systemu Windows XP (KB961501) Aktualizacja zabezpieczeń dla systemu Windows XP (KB969059) Aktualizacja zabezpieczeń dla systemu Windows XP (KB969947) Aktualizacja zabezpieczeń dla systemu Windows XP (KB970238) Aktualizacja zabezpieczeń dla systemu Windows XP (KB970430) Aktualizacja zabezpieczeń dla systemu Windows XP (KB971486) Aktualizacja zabezpieczeń dla systemu Windows XP (KB971557) Aktualizacja zabezpieczeń dla systemu Windows XP (KB971633) Aktualizacja zabezpieczeń dla systemu Windows XP (KB971657) Aktualizacja zabezpieczeń dla systemu Windows XP (KB973354) Aktualizacja zabezpieczeń dla systemu Windows XP (KB973507) Aktualizacja zabezpieczeń dla systemu Windows XP (KB973525) Aktualizacja zabezpieczeń dla systemu Windows XP (KB973869) Aktualizacja zabezpieczeń dla systemu Windows XP (KB973904) Aktualizacja zabezpieczeń dla systemu Windows XP (KB974112) Aktualizacja zabezpieczeń dla systemu Windows XP (KB974318) Aktualizacja zabezpieczeń dla systemu Windows XP (KB974392) Aktualizacja zabezpieczeń dla systemu Windows XP (KB974455) Aktualizacja zabezpieczeń dla systemu Windows XP (KB974571) Aktualizacja zabezpieczeń dla systemu Windows XP (KB975025) Aktualizacja zabezpieczeń dla systemu Windows XP (KB975467) Aktualizacja zabezpieczeń dla Windows XP (KB941569) ALLPlayer V4.X Apple Application Support Apple Software Update Archiwizator WinRAR µTorrent Attansic Ethernet Utility Attansic L1 Gigabit Ethernet Driver AVG Free 8.5 COMODO Internet Security Gadu-Gadu 10 Gothic III Gothic III Release Update High Definition Audio Driver Package - KB888111 ipla 2.0.3 Java(TM) 6 Update 17 Microsoft Office Access MUI (Polish) 2007 Microsoft Office Enterprise 2007 Microsoft Office Excel MUI (Polish) 2007 Microsoft Office Groove MUI (Polish) 2007 Microsoft Office InfoPath MUI (Polish) 2007 Microsoft Office OneNote MUI (Polish) 2007 Microsoft Office Outlook MUI (Polish) 2007 Microsoft Office PowerPoint MUI (Polish) 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (German) 2007 Microsoft Office Proof (Polish) 2007 Microsoft Office Proofing (Polish) 2007 Microsoft Office Publisher MUI (Polish) 2007 Microsoft Office Shared MUI (Polish) 2007 Microsoft Office Word MUI (Polish) 2007 Microsoft Software Update for Web Folders (Polish) 12 Microsoft Visual C++ 2005 Redistributable Mozilla Firefox (3.5.5) Nero 7 Essentials Opera 9.52 Poprawka dla systemu Windows XP (KB952287) Poprawka dla systemu Windows XP (KB976098-v2) QuickTime Real Alternative 2.0.1 Lite Realtek High Definition Audio Driver Security Update for 2007 Microsoft Office System (KB951550) Security Update for 2007 Microsoft Office System (KB951944) Security Update for 2007 Microsoft Office System (KB969559) Security Update for 2007 Microsoft Office System (KB973704) Security Update for Microsoft Office Excel 2007 (KB973593) Security Update for Microsoft Office OneNote 2007 (KB950130) Security Update for Microsoft Office Outlook 2007 (KB972363) Security Update for Microsoft Office PowerPoint 2007 (KB957789) Security Update for Microsoft Office Publisher 2007 (KB969693) Security Update for Microsoft Office system 2007 (972581) Security Update for Microsoft Office system 2007 (KB969613) Security Update for Microsoft Office system 2007 (KB974234) Security Update for Microsoft Office Visio Viewer 2007 (KB973709) Security Update for Microsoft Office Word 2007 (KB969604) System Requirements Lab Update for 2007 Microsoft Office System (KB967642) Update for Microsoft Office InfoPath 2007 (KB976416) Update for Outlook 2007 Junk Email Filter (kb976884) WebFldrs XP Winamp Windows Genuine Advantage Notifications (KB905474) Windows Internet Explorer 8 Windows Media Format Runtime Windows XP Service Pack 3 WinFast(R) Display Driver ==== End Of File ===========================

**Posty:** 2183 · przez **NieWiem** 12 Gru 2009, 14:58

Miał być najpierw ComboFix, a potem DDS...

**Posty:** 7 · przez **mati771** 12 Gru 2009, 15:10

Po dwukrotnym kliknieciu myszka na ikone Combofixa pojawia sie blad 32788R22FWJFw\iexplorer.exe. System windows nie moze uzyskac dostepu do okreslonego urzadzenia, sciezki lub pliku

**Posty:** 2183 · przez **NieWiem** 12 Gru 2009, 15:23

Na pewno powyłączałeś AV?

Usuń z dysku poprzednie wersje ComboFixa
Pobierz nową:
- LINK #1
- LINK #2
zapisz ją na pulpicie i nazwij plik lol.exe. Nie uruchamiaj!
Wciśnij naraz przycisk z symbolem Windowsa i klawisz R - pojawi się okno, w którym wkleisz następującą komendę:
Kod: Zaznacz wszystko
"%userprofile%\desktop\lol.exe /killall"
powinno uruchomić tygryska.

Jak nie to napisz, spróbujemy jeszcze inaczej ;]

**Posty:** 7 · przez **mati771** 12 Gru 2009, 15:34

Podczas uruchamiania tego kodu wyskoczyl blad:
C:\Documents and Settings\...\dektop odwoluje sie do lokalizacji, ktora jest niedostepna.Moze ona znajdowac sie na dysku twardym tego komputera albo w sieci.Upewnij sie ze dysk jest wlasciwie wlozony i ze masz polaczenie z internetem lub siecia a nastepnie sprobuj ponownie.Jesli nadal nie bedzie mozna zlokalizowac informacji, byc moze zostaly one przeniesione w inne polozenie

Dodano Dzisiaj, 14:36:
a antywirus wylaczony jest

Dodano Dzisiaj, 14:44:
dodam jeszcze ze na dysku C powstaly mi foldery z dziwna zawartoscia 32788R22FWJFW ,32788R22FWJFW.0.tmp, 32788R22FWJFW.1.tmp, 32788R22FWJFW.2.tmp, 32788R22FWJFW.3.tmp, 32788R22FWJFW.4.tmp, 32788R22FWJFW.5.tmp, 32788R22FWJFW.6.tmp

**Posty:** 2183 · przez **NieWiem** 12 Gru 2009, 16:05

Heh, jestem pewien, że coś źle zrobiłeś... na pewno zapisałeś go na pulpicie i nazwałeś tak, jak mówiłem?

Odpuść, bo mi się nie chce użerać. Po prostu pokażesz mi później jeszcze innego loga.

Uruchom ponownie program OTL
W okienku na dole Custom Scans / Fixes wklej to, co poniżej w ramce:
:OTL
PRC - [2008-04-14 18:21:16 | 01,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
IE - HKU\S-1-5-21-527237240-448539723-725345543-500\..\URLSearchHook: *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - Reg Error: Key error. File not found
FF - HKLM\software\mozilla\Firefox\Extensions\\{E63605FC-D583-4C81-867F-9457BDB3EA1B}: C:\Program Files\Web Search Operator\4.1.0.1990\FF [2009-12-12 01:49:01 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{8141440E-08F0-4339-9959-5C31C6A69F23}: C:\Program Files\Automated Content Enhancer\4.1.0.5260\FF [2009-12-12 01:49:14 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{E889F097-B0BE-471B-89AD-B86B6F04B506}: C:\Program Files\Customized Platform Advancer\4.1.0.1850\FF [2009-12-12 01:49:30 | 00,000,000 | ---D | M]
O2 - BHO: (Automated Content Enhancer) - {1D74E9DD-8987-448b-B2CB-67FFF2B8A932} - C:\Program Files\Automated Content Enhancer\4.1.0.5260\ACEIEAddOn.dll ()
O2 - BHO: (Customized Platform Advancer) - {42C7C39F-3128-4a17-BDB7-91C46032B5B9} - C:\Program Files\Customized Platform Advancer\4.1.0.1850\CPAIEAddOn.dll ()
O2 - BHO: (Content Management Wizard) - {B72681C0-A222-4b21-A0E2-53A5A5CA3D41} - C:\Program Files\Content Management Wizard\1.1.0.1990\CMWIE.dll ()
O2 - BHO: (Textual Content Provider) - {CAC89FF9-34A9-4431-8CFE-292A47F843BC} - C:\Program Files\Textual Content Provider\1.1.0.1810\TCPIE.dll ()
O2 - BHO: (Web Search Operator) - {EB4A577D-BCAD-4b1c-8AF2-9A74B8DD3431} - C:\Program Files\Web Search Operator\4.1.0.1990\WSO.dll ()
O3 - HKU\S-1-5-21-527237240-448539723-725345543-500\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O3 - HKU\S-1-5-21-527237240-448539723-725345543-500\..\Toolbar\WebBrowser: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - No CLSID value found.
O4 - HKLM..\Run: [Internet Today Task] C:\Program Files\Internet Today\1.1.0.1260\InternetToday.exe ()
O4 - HKU\S-1-5-21-527237240-448539723-725345543-500..\Run: [cdoosoft] C:\DOCUME~1\ADMINI~1.KOW\USTAWI~1\Temp\herss.exe File not found
:Files
C:\Documents and Settings\Administrator.KOWALIK-AF65614\Ustawienia lokalne\Dane aplikacji\Textual Content Provider
C:\Program Files\Textual Content Provider
C:\Program Files\Content Management Wizard
C:\Documents and Settings\Administrator.KOWALIK-AF65614\Ustawienia lokalne\Dane aplikacji\Internet Today
C:\Program Files\Internet Today
C:\Documents and Settings\Administrator.KOWALIK-AF65614\Ustawienia lokalne\Dane aplikacji\Customized Platform Advancer
C:\Program Files\Customized Platform Advancer
C:\Documents and Settings\Administrator.KOWALIK-AF65614\Ustawienia lokalne\Dane aplikacji\Automated Content Enhancer
C:\Program Files\Automated Content Enhancer
C:\Documents and Settings\Administrator.KOWALIK-AF65614\Ustawienia lokalne\Dane aplikacji\Web Search Operator
C:\Program Files\Web Search Operator
C:\Program Files\HottieStar Toolbar
C:\Documents and Settings\Administrator.KOWALIK-AF65614\Ustawienia lokalne\Dane aplikacji\HottieStar Toolbar
:Commands
[purity]
[emptytemp]
[clearrestorepoints]
[start explorer]
[reboot]
Upewnij się, że wszystkie inne okna, programy, komunikatory są wyłączone.
Kliknij przycisk Run Fix i poczekaj cierpliwie. To może chwilę potrwać!
Na prośbę komputera o restart zgódź się.
Po restarcie program automatycznie wyświetli raport z czyszczenia, który należy zapisać i wkleić w poście w tagach [code], lub na stronie http://www.wklej.org
Wykonaj także nowego loga OTL.txt z OTL z opcji Run Scan i także go dołącz. Plik extras.txt nie będzie potrzebny.

Autor postu otrzymał pochwałę

**Posty:** 7 · przez **mati771** 12 Gru 2009, 16:23

czyszczenie

Kod: Zaznacz wszystko: All processes killed ========== OTL ========== No active process named explorer.exe was found! Registry value HKEY_USERS\S-1-5-21-527237240-448539723-725345543-500\Software\Microsoft\Internet Explorer\URLSearchHooks\\*{CFBFAE00-17A6-11D0-99CB-00C04FD64497} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\*{CFBFAE00-17A6-11D0-99CB-00C04FD64497}\ not found. Registry value HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{E63605FC-D583-4C81-867F-9457BDB3EA1B} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E63605FC-D583-4C81-867F-9457BDB3EA1B}\ not found. C:\Program Files\Web Search Operator\4.1.0.1990\FF\components folder moved successfully. C:\Program Files\Web Search Operator\4.1.0.1990\FF\chrome\content folder moved successfully. C:\Program Files\Web Search Operator\4.1.0.1990\FF\chrome folder moved successfully. C:\Program Files\Web Search Operator\4.1.0.1990\FF folder moved successfully. Registry value HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{8141440E-08F0-4339-9959-5C31C6A69F23} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8141440E-08F0-4339-9959-5C31C6A69F23}\ not found. C:\Program Files\Automated Content Enhancer\4.1.0.5260\FF\components folder moved successfully. C:\Program Files\Automated Content Enhancer\4.1.0.5260\FF\chrome\content folder moved successfully. C:\Program Files\Automated Content Enhancer\4.1.0.5260\FF\chrome folder moved successfully. C:\Program Files\Automated Content Enhancer\4.1.0.5260\FF folder moved successfully. Registry value HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{E889F097-B0BE-471B-89AD-B86B6F04B506} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E889F097-B0BE-471B-89AD-B86B6F04B506}\ not found. C:\Program Files\Customized Platform Advancer\4.1.0.1850\FF\components folder moved successfully. C:\Program Files\Customized Platform Advancer\4.1.0.1850\FF\chrome\content folder moved successfully. C:\Program Files\Customized Platform Advancer\4.1.0.1850\FF\chrome folder moved successfully. C:\Program Files\Customized Platform Advancer\4.1.0.1850\FF folder moved successfully. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1D74E9DD-8987-448b-B2CB-67FFF2B8A932}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1D74E9DD-8987-448b-B2CB-67FFF2B8A932}\ deleted successfully. C:\Program Files\Automated Content Enhancer\4.1.0.5260\ACEIEAddOn.dll moved successfully. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{42C7C39F-3128-4a17-BDB7-91C46032B5B9}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{42C7C39F-3128-4a17-BDB7-91C46032B5B9}\ deleted successfully. C:\Program Files\Customized Platform Advancer\4.1.0.1850\CPAIEAddOn.dll moved successfully. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B72681C0-A222-4b21-A0E2-53A5A5CA3D41}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B72681C0-A222-4b21-A0E2-53A5A5CA3D41}\ deleted successfully. C:\Program Files\Content Management Wizard\1.1.0.1990\CMWIE.dll moved successfully. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CAC89FF9-34A9-4431-8CFE-292A47F843BC}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAC89FF9-34A9-4431-8CFE-292A47F843BC}\ deleted successfully. C:\Program Files\Textual Content Provider\1.1.0.1810\TCPIE.dll moved successfully. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EB4A577D-BCAD-4b1c-8AF2-9A74B8DD3431}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EB4A577D-BCAD-4b1c-8AF2-9A74B8DD3431}\ deleted successfully. C:\Program Files\Web Search Operator\4.1.0.1990\WSO.dll moved successfully. Registry value HKEY_USERS\S-1-5-21-527237240-448539723-725345543-500\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ not found. Registry value HKEY_USERS\S-1-5-21-527237240-448539723-725345543-500\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{A057A204-BACC-4D26-9990-79A187E2698E} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A057A204-BACC-4D26-9990-79A187E2698E}\ not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Internet Today Task deleted successfully. C:\Program Files\Internet Today\1.1.0.1260\InternetToday.exe moved successfully. Registry value HKEY_USERS\S-1-5-21-527237240-448539723-725345543-500\Software\Microsoft\Windows\CurrentVersion\Run\\cdoosoft deleted successfully. ========== FILES ========== C:\Documents and Settings\Administrator.KOWALIK-AF65614\Ustawienia lokalne\Dane aplikacji\Textual Content Provider\1.1.0.1810\Data folder moved successfully. C:\Documents and Settings\Administrator.KOWALIK-AF65614\Ustawienia lokalne\Dane aplikacji\Textual Content Provider\1.1.0.1810 folder moved successfully. C:\Documents and Settings\Administrator.KOWALIK-AF65614\Ustawienia lokalne\Dane aplikacji\Textual Content Provider folder moved successfully. C:\Program Files\Textual Content Provider\1.1.0.1810\data folder moved successfully. C:\Program Files\Textual Content Provider\1.1.0.1810 folder moved successfully. C:\Program Files\Textual Content Provider folder moved successfully. C:\Program Files\Content Management Wizard\1.1.0.1990 folder moved successfully. C:\Program Files\Content Management Wizard folder moved successfully. C:\Documents and Settings\Administrator.KOWALIK-AF65614\Ustawienia lokalne\Dane aplikacji\Internet Today folder moved successfully. C:\Program Files\Internet Today\1.1.0.1260 folder moved successfully. C:\Program Files\Internet Today folder moved successfully. C:\Documents and Settings\Administrator.KOWALIK-AF65614\Ustawienia lokalne\Dane aplikacji\Customized Platform Advancer\4.1.0.1850 folder moved successfully. C:\Documents and Settings\Administrator.KOWALIK-AF65614\Ustawienia lokalne\Dane aplikacji\Customized Platform Advancer folder moved successfully. C:\Program Files\Customized Platform Advancer\4.1.0.1850\Data folder moved successfully. C:\Program Files\Customized Platform Advancer\4.1.0.1850 folder moved successfully. C:\Program Files\Customized Platform Advancer folder moved successfully. C:\Documents and Settings\Administrator.KOWALIK-AF65614\Ustawienia lokalne\Dane aplikacji\Automated Content Enhancer\4.1.0.5260 folder moved successfully. C:\Documents and Settings\Administrator.KOWALIK-AF65614\Ustawienia lokalne\Dane aplikacji\Automated Content Enhancer folder moved successfully. C:\Program Files\Automated Content Enhancer\4.1.0.5260\Data folder moved successfully. C:\Program Files\Automated Content Enhancer\4.1.0.5260 folder moved successfully. C:\Program Files\Automated Content Enhancer folder moved successfully. C:\Documents and Settings\Administrator.KOWALIK-AF65614\Ustawienia lokalne\Dane aplikacji\Web Search Operator\4.1.0.1990 folder moved successfully. C:\Documents and Settings\Administrator.KOWALIK-AF65614\Ustawienia lokalne\Dane aplikacji\Web Search Operator folder moved successfully. C:\Program Files\Web Search Operator\4.1.0.1990\Data folder moved successfully. C:\Program Files\Web Search Operator\4.1.0.1990 folder moved successfully. C:\Program Files\Web Search Operator folder moved successfully. C:\Program Files\HottieStar Toolbar folder moved successfully. C:\Documents and Settings\Administrator.KOWALIK-AF65614\Ustawienia lokalne\Dane aplikacji\HottieStar Toolbar folder moved successfully. ========== COMMANDS ========== [EMPTYTEMP] User: Administrator User: Administrator.KOWALIK-AF65614 ->Temp folder emptied: 132520482 bytes ->Temporary Internet Files folder emptied: 118185482 bytes ->Java cache emptied: 14169284 bytes ->FireFox cache emptied: 76420421 bytes ->Opera cache emptied: 148625996 bytes User: All Users User: All Users.WINDOWS User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Default User.WINDOWS ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: LocalService ->Temp folder emptied: 66129 bytes ->Temporary Internet Files folder emptied: 2923163 bytes User: LocalService.ZARZĄDZANIE NT ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: LocalService.ZARZĄDZANIE NT.000 ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: LocalService.ZARZĄDZANIE NT.001 ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: LocalService.ZARZĄDZANIE NT.002 ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: NetworkService ->Temp folder emptied: 49600 bytes ->Temporary Internet Files folder emptied: 35961 bytes User: NetworkService.ZARZĄDZANIE NT ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 402 bytes User: NetworkService.ZARZĄDZANIE NT.000 ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 402 bytes User: NetworkService.ZARZĄDZANIE NT.001 ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 402 bytes User: NetworkService.ZARZĄDZANIE NT.002 ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes %systemdrive% .tmp files removed: 45718224 bytes %systemroot% .tmp files removed: 2134153 bytes %systemroot%\System32 .tmp files removed: 2596 bytes Windows Temp folder emptied: 18215 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 516,00 mb Error: Unable to interpret <[clearrestorepoints]> in the current context! OTL by OldTimer - Version 3.1.16.0 log created on 12122009_151608 Files\Folders moved on Reboot... File move failed. C:\32788R22FWJFW.0.tmp\hidec.exe scheduled to be moved on reboot. File move failed. C:\32788R22FWJFW.0.tmp\iexplore.exe scheduled to be moved on reboot. File move failed. C:\32788R22FWJFW.0.tmp\n.pif scheduled to be moved on reboot. File move failed. C:\32788R22FWJFW.0.tmp\NirCmd.cfxxe scheduled to be moved on reboot. C:\32788R22FWJFW.0.tmp folder moved successfully. File move failed. C:\32788R22FWJFW.1.tmp\hidec.exe scheduled to be moved on reboot. File move failed. C:\32788R22FWJFW.1.tmp\iexplore.exe scheduled to be moved on reboot. File move failed. C:\32788R22FWJFW.1.tmp\n.pif scheduled to be moved on reboot. File move failed. C:\32788R22FWJFW.1.tmp\NirCmd.cfxxe scheduled to be moved on reboot. C:\32788R22FWJFW.1.tmp folder moved successfully. File move failed. C:\32788R22FWJFW.10.tmp\hidec.exe scheduled to be moved on reboot. File move failed. C:\32788R22FWJFW.10.tmp\iexplore.exe scheduled to be moved on reboot. File move failed. C:\32788R22FWJFW.10.tmp\n.pif scheduled to be moved on reboot. File move failed. C:\32788R22FWJFW.10.tmp\NirCmd.cfxxe scheduled to be moved on reboot. C:\32788R22FWJFW.10.tmp folder moved successfully. File move failed. C:\32788R22FWJFW.11.tmp\hidec.exe scheduled to be moved on reboot. File move failed. C:\32788R22FWJFW.11.tmp\iexplore.exe scheduled to be moved on reboot. File move failed. C:\32788R22FWJFW.11.tmp\n.pif scheduled to be moved on reboot. File move failed. C:\32788R22FWJFW.11.tmp\NirCmd.cfxxe scheduled to be moved on reboot. C:\32788R22FWJFW.11.tmp folder moved successfully. File move failed. C:\32788R22FWJFW.2.tmp\hidec.exe scheduled to be moved on reboot. File move failed. C:\32788R22FWJFW.2.tmp\iexplore.exe scheduled to be moved on reboot. File move failed. C:\32788R22FWJFW.2.tmp\n.pif scheduled to be moved on reboot. File move failed. C:\32788R22FWJFW.2.tmp\NirCmd.cfxxe scheduled to be moved on reboot. C:\32788R22FWJFW.2.tmp folder moved successfully. File move failed. C:\32788R22FWJFW.3.tmp\hidec.exe scheduled to be moved on reboot. File move failed. C:\32788R22FWJFW.3.tmp\iexplore.exe scheduled to be moved on reboot. File move failed. C:\32788R22FWJFW.3.tmp\n.pif scheduled to be moved on reboot. File move failed. C:\32788R22FWJFW.3.tmp\NirCmd.cfxxe scheduled to be moved on reboot. C:\32788R22FWJFW.3.tmp folder moved successfully. File move failed. C:\32788R22FWJFW.4.tmp\hidec.exe scheduled to be moved on reboot. File move failed. C:\32788R22FWJFW.4.tmp\iexplore.exe scheduled to be moved on reboot. File move failed. C:\32788R22FWJFW.4.tmp\n.pif scheduled to be moved on reboot. File move failed. C:\32788R22FWJFW.4.tmp\NirCmd.cfxxe scheduled to be moved on reboot. C:\32788R22FWJFW.4.tmp folder moved successfully. File move failed. C:\32788R22FWJFW.5.tmp\hidec.exe scheduled to be moved on reboot. File move failed. C:\32788R22FWJFW.5.tmp\iexplore.exe scheduled to be moved on reboot. File move failed. C:\32788R22FWJFW.5.tmp\n.pif scheduled to be moved on reboot. File move failed. C:\32788R22FWJFW.5.tmp\NirCmd.cfxxe scheduled to be moved on reboot. C:\32788R22FWJFW.5.tmp folder moved successfully. File move failed. C:\32788R22FWJFW.6.tmp\hidec.exe scheduled to be moved on reboot. File move failed. C:\32788R22FWJFW.6.tmp\iexplore.exe scheduled to be moved on reboot. File move failed. C:\32788R22FWJFW.6.tmp\n.pif scheduled to be moved on reboot. File move failed. C:\32788R22FWJFW.6.tmp\NirCmd.cfxxe scheduled to be moved on reboot. C:\32788R22FWJFW.6.tmp folder moved successfully. File move failed. C:\32788R22FWJFW.7.tmp\hidec.exe scheduled to be moved on reboot. File move failed. C:\32788R22FWJFW.7.tmp\iexplore.exe scheduled to be moved on reboot. File move failed. C:\32788R22FWJFW.7.tmp\n.pif scheduled to be moved on reboot. File move failed. C:\32788R22FWJFW.7.tmp\NirCmd.cfxxe scheduled to be moved on reboot. C:\32788R22FWJFW.7.tmp folder moved successfully. File move failed. C:\32788R22FWJFW.8.tmp\hidec.exe scheduled to be moved on reboot. File move failed. C:\32788R22FWJFW.8.tmp\iexplore.exe scheduled to be moved on reboot. File move failed. C:\32788R22FWJFW.8.tmp\n.pif scheduled to be moved on reboot. File move failed. C:\32788R22FWJFW.8.tmp\NirCmd.cfxxe scheduled to be moved on reboot. C:\32788R22FWJFW.8.tmp folder moved successfully. File move failed. C:\32788R22FWJFW.9.tmp\hidec.exe scheduled to be moved on reboot. File move failed. C:\32788R22FWJFW.9.tmp\iexplore.exe scheduled to be moved on reboot. File move failed. C:\32788R22FWJFW.9.tmp\n.pif scheduled to be moved on reboot. File move failed. C:\32788R22FWJFW.9.tmp\NirCmd.cfxxe scheduled to be moved on reboot. C:\32788R22FWJFW.9.tmp folder moved successfully. Registry entries deleted on Reboot...

Dodano Dzisiaj, 15:31:
OTL.txt

http://www.wklej.org/id/233036/

Dodano Dzisiaj, 15:33:
A z tym combofixem zrobilem tak jak kazales ... na pulpicie , nazwalem go tak jak chciales nie otwieralem ... nie wiem chyba wszystko zrobilem tak jak pisales

Dodano Dzisiaj, 15:49:
15 minut serfowania i nic nie wyskoczylo

chyba pomoglo

**Posty:** 18165 · przez **wojtas** 12 Gru 2009, 18:52

1.Uruchom OTL z opcji CleanUp
2. wykonaj optymalizację windowsa
3.Wyłącz przywracanie systemu ( właściwości mój komputer-zakładka przywracanie - wyłącz przywracanie na wszystkich dyskach). Po chwili włącz je powrotem]
4. zrób skan Malwarebytes Anti-Malware (usuń co znajdzie ) i daj raport ze skanu

**Posty:** 7 · przez **mati771** 13 Gru 2009, 01:02

Tak jak napisales zrobilem
oto log ze skanu

Kod: Zaznacz wszystko: Malwarebytes' Anti-Malware 1.42 Wersja bazy definicji: 3350 Windows 5.1.2600 Dodatek Service Pack 3 Internet Explorer 8.0.6001.18702 2009-12-13 00:00:17 mbam-log-2009-12-13 (00-00-17).txt Typ skanowania: Szybkie skanowanie Przeskanowane obiekty: 152062 Upłynęło: 4 minute(s), 10 second(s) Zainfekowane procesy w pamięci: 0 Zainfekowane moduły pamięci: 0 Zainfekowane klucze rejestru: 43 Zainfekowane wartości rejestru: 1 Zainfekowane pliki rejestru: 0 Zainfekowane foldery: 1 Zainfekowane pliki: 1 Zainfekowane procesy w pamięci: (Nie wykryto groźnych plików) Zainfekowane moduły pamięci: (Nie wykryto groźnych plików) Zainfekowane klucze rejestru: HKEY_CLASSES_ROOT\explorerbar.cmw (Adware.Agent) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\explorerbar.cmw.1 (Adware.Agent) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\explorerbar.funexplorer (Adware.Agent) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\explorerbar.funexplorer.1 (Adware.Agent) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\explorerbar.funredirector (Adware.Agent) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\explorerbar.funredirector.1 (Adware.Agent) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\explorerbar.tcp (Adware.Agent) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\explorerbar.tcp.1 (Adware.Agent) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{480098c6-f6ad-4c61-9b5c-2bae228a34d1} (Adware.DoubleD) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{6160f76a-1992-4b17-a32d-0c706d159105} (Adware.DoubleD) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{3de88beb-f271-484a-ba71-01d30f439f0c} (Adware.DoubleD) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{50ad41d2-b1f0-47cc-9ea7-395355eaeebd} (Adware.DoubleD) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{8ceb185e-81a5-46d3-bc20-c555d605afbd} (Adware.DoubleD) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{a72522ba-9ff3-4c83-abc6-9b476728a396} (Adware.DoubleD) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{c5762628-ae15-4ca6-96c4-b00dd17f3419} (Adware.DoubleD) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{d062e03e-65ca-49e4-9b15-31938ba98922} (Adware.DoubleD) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Typelib\{883dfc00-8a21-411d-956c-73a4e4b7d16f} (Adware.DoubleD) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Typelib\{ac5ab953-ed25-4f9c-87f0-b086b0178ffa} (Adware.DoubleD) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Explorer\Bars\{cac89ff9-34a9-4431-8cfe-292a47f843bc} (Adware.Agent) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Explorer\Bars\{b72681c0-a222-4b21-a0e2-53a5a5ca3d411} (Adware.DoubleD) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{42c7c39f-3128-4a17-bdb7-91c46032b5b9} (Adware.Agent) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1d74e9dd-8987-448b-b2cb-67fff2b8a932} (Adware.Agent) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{b72681c0-a222-4b21-a0e2-53a5a5ca3d41} (Adware.Agent) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{cac89ff9-34a9-4431-8cfe-292a47f843bc} (Adware.Agent) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{eb4a577d-bcad-4b1c-8af2-9a74b8dd3431} (Adware.Agent) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{d45817b8-3ead-4d1d-8fca-ec63a8e35de2} (Adware.DoubleD) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{42c7c39f-3128-4a17-bdb7-91c46032b5b9} (Adware.Agent) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{1d74e9dd-8987-448b-b2cb-67fff2b8a932} (Adware.Agent) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{b72681c0-a222-4b21-a0e2-53a5a5ca3d41} (Adware.Agent) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{cac89ff9-34a9-4431-8cfe-292a47f843bc} (Adware.Agent) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{eb4a577d-bcad-4b1c-8af2-9a74b8dd3431} (Adware.Agent) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{d45817b8-3ead-4d1d-8fca-ec63a8e35de2} (Adware.DoubleD) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2} (Adware.DoubleD) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Web Search Operator (Adware.DoubleD) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\AppDataLow\SOFTWARE\Internet Today (Adware.DoubleD) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Automated Content Enhancer (Adware.DoubleD) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Customized Platform Advancer (Adware.DoubleD) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Web Search Operator (Adware.DoubleD) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Automated Content Enhancer (Adware.DoubleD) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Customized Platform Advancer (Adware.DoubleD) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\MADOWN (Worm.Magania) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Media Access Startup (Adware.DoubleD) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Media Access Startup (Adware.DoubleD) -> Quarantined and deleted successfully. Zainfekowane wartości rejestru: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{d45817b8-3ead-4d1d-8fca-ec63a8e35de2} (Adware.DoubleD) -> Quarantined and deleted successfully. Zainfekowane pliki rejestru: (Nie wykryto groźnych plików) Zainfekowane foldery: C:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013 (Trojan.Agent) -> Quarantined and deleted successfully. Zainfekowane pliki: C:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\Desktop.ini (Trojan.Agent) -> Quarantined and deleted successfully.

**Posty:** 18165 · przez **wojtas** 13 Gru 2009, 16:58

juz powinno być ok

Autor postu otrzymał pochwałę

**Posty:** 7 · przez **mati771** 14 Gru 2009, 11:29

smiga teraz windows znacznie szybciej

Dzieki za pomoc !!

Kto jest na forum