Trojany cafeini oraz isobar439

**Posty:** 190 · przez **mirekg1963** 27 Maj 2009, 19:22

Witam szanowne grono w tych jakże ciężkich dla mnie czasach. Załapałem coś co mi zablokowało kompletnie pasek zadań. Nie działa nic na nim ani start ani antywirusy z tej pozycji. Nawet jak stronę wrzuciłem na pasek bo chciałem skopiować logi żeby wkleić to juz było po ptokach. Tylko menadżerem mogę zamknąć. Skanowałem mks online i mi to wykrł
c:\documents and settings\admin\dipetozo.exe
c:\windows\system32\actskn45.ocx
ten drugi skasowałem ręcznie bo gdzieś tak wyczytałem

Daje logi z OTListIt2 i bardzo proszę o pomoc !

Kod: Zaznacz wszystko: OTListIt logfile created on: 2009-05-27 18:47:04 - Run 1 OTListIt2 by OldTimer - Version 2.0.15.8 Folder = C:\Documents and Settings\admin\Pulpit Windows XP Home Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.5512) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 447.48 Mb Total Physical Memory | 115.10 Mb Available Physical Memory | 25.72% Memory free 1.03 Gb Paging File | 0.61 Gb Available in Paging File | 59.46% Paging File free Paging file location(s): C:\pagefile.sys 672 1344 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 29.29 Gb Total Space | 22.07 Gb Free Space | 75.33% Space Free | Partition Type: NTFS Drive D: | 39.06 Gb Total Space | 36.95 Gb Free Space | 94.60% Space Free | Partition Type: NTFS Drive E: | 6.15 Gb Total Space | 6.15 Gb Free Space | 99.97% Space Free | Partition Type: FAT32 F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: XPN33 Current User Name: admin Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Output = Standard File Age = 30 Days Company Name Whitelist: On [color=orange]========== Processes (SafeList) ==========[/color] PRC - [2008-04-14 19:21:16 | 01,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Explorer.EXE PRC - [2009-04-14 12:52:58 | 00,086,016 | ---- | M] (alch) -- C:\Program Files\ClamWin\bin\ClamTray.exe PRC - [2009-04-10 19:29:08 | 00,037,888 | ---- | M] () -- C:\Program Files\Winamp\winampa.exe PRC - [2005-10-26 16:17:24 | 00,159,744 | R--- | M] (Sony Ericsson Mobile Communications AB) -- C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe PRC - [2009-05-27 15:34:27 | 00,148,888 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exe PRC - [2003-10-15 16:24:34 | 00,165,888 | ---- | M] () -- C:\Documents and Settings\admin\Dipetozo.exe PRC - [2009-05-27 15:34:26 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe PRC - [2006-10-31 08:35:00 | 00,155,715 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe PRC - [2005-01-28 13:44:28 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wdfmgr.exe PRC - [2005-06-08 16:45:04 | 00,278,528 | ---- | M] (Teleca Software Solutions AB) -- C:\Program Files\Common Files\Teleca Shared\CapabilityManager.exe PRC - [2005-08-10 07:54:34 | 00,385,024 | R--- | M] (Teleca Software Solutions) -- C:\Program Files\Common Files\Teleca Shared\Generic.exe PRC - [2006-02-24 11:58:14 | 00,868,352 | R--- | M] (Sony Ericsson Mobile Communications AB) -- C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe PRC - [2008-04-14 19:21:50 | 00,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wscntfy.exe PRC - [2009-04-24 11:54:23 | 00,307,704 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2009-02-06 12:10:02 | 00,227,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiprvse.exe PRC - [2009-05-27 17:49:05 | 01,005,904 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe PRC - [2006-03-02 14:00:00 | 00,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\unsecapp.exe PRC - [2009-05-27 17:49:06 | 00,518,488 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe PRC - [2009-05-27 18:46:46 | 00,501,248 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\admin\Pulpit\OTListIt2.exe [color=orange]========== Win32 Services (SafeList) ==========[/color] SRV - File not found -- -- (gusvc [Disabled | Stopped]) SRV - [2008-04-14 19:20:44 | 00,038,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc [Auto | Running]) SRV - [2009-05-27 15:34:26 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService [Auto | Running]) SRV - [2009-05-27 17:49:05 | 01,005,904 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service [On_Demand | Running]) SRV - [2006-10-31 08:35:00 | 00,155,715 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe -- (NVSvc [Auto | Running]) SRV - [2005-01-28 13:44:28 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wdfmgr.exe -- (UMWdf [Auto | Running]) [color=orange]========== Driver Services (SafeList) ==========[/color] DRV - [2006-06-18 23:51:32 | 00,043,520 | ---- | M] (Advanced Micro Devices) -- C:\WINDOWS\system32\DRIVERS\AmdK8.sys -- (AmdK8 [System | Running]) DRV - [2008-09-04 13:09:24 | 00,014,656 | ---- | M] (Windows (R) Codename Longhorn DDK provider) -- C:\WINDOWS\gdrv.sys -- (gdrv [On_Demand | Stopped]) DRV - [2008-04-13 18:36:05 | 00,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) -- C:\WINDOWS\system32\DRIVERS\HDAudBus.sys -- (HDAudBus [On_Demand | Running]) DRV - [2007-01-30 12:57:50 | 04,474,368 | R--- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService [On_Demand | Running]) DRV - [2005-06-03 13:46:52 | 00,055,216 | R--- | M] (MCCI) -- C:\WINDOWS\system32\DRIVERS\k750bus.sys -- (k750bus [On_Demand | Stopped]) DRV - [2005-06-03 13:46:58 | 00,006,576 | R--- | M] (MCCI) -- C:\WINDOWS\system32\DRIVERS\k750mdfl.sys -- (k750mdfl [On_Demand | Stopped]) DRV - [2005-06-03 13:47:00 | 00,089,872 | R--- | M] (MCCI) -- C:\WINDOWS\system32\DRIVERS\k750mdm.sys -- (k750mdm [On_Demand | Stopped]) DRV - [2005-06-03 13:47:04 | 00,081,728 | R--- | M] (MCCI) -- C:\WINDOWS\system32\DRIVERS\k750mgmt.sys -- (k750mgmt [On_Demand | Stopped]) DRV - [2005-06-03 13:47:06 | 00,079,488 | R--- | M] (MCCI) -- C:\WINDOWS\system32\DRIVERS\k750obex.sys -- (k750obex [On_Demand | Stopped]) DRV - [2009-05-25 11:45:16 | 00,064,160 | ---- | M] (Lavasoft AB) -- C:\WINDOWS\system32\DRIVERS\Lbd.sys -- (Lbd [Boot | Running]) DRV - [2006-10-31 08:35:00 | 03,964,256 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\DRIVERS\nv4_mini.sys -- (nv [On_Demand | Running]) DRV - [2006-10-18 16:31:38 | 00,105,472 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\DRIVERS\nvata.sys -- (nvata [Boot | Running]) DRV - [2006-11-27 16:33:50 | 00,058,368 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\DRIVERS\NVENETFD.sys -- (NVENETFD [On_Demand | Running]) DRV - [2006-11-27 16:33:54 | 00,019,968 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\DRIVERS\nvnetbus.sys -- (nvnetbus [On_Demand | Running]) DRV - [2006-03-02 14:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\system32\DRIVERS\ptilink.sys -- (Ptilink [On_Demand | Running]) DRV - [2008-08-20 19:58:58 | 00,044,944 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20 [Boot | Running]) DRV - [2008-04-13 18:39:16 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\system32\DRIVERS\secdrv.sys -- (Secdrv [On_Demand | Stopped]) DRV - [2006-11-04 00:45:48 | 00,178,913 | R--- | M] (Creative Technology Ltd.) -- C:\WINDOWS\system32\DRIVERS\V0260Vid.sys -- (V0260VID [On_Demand | Stopped]) [color=orange]========== Standard Registry (SafeList) ==========[/color] [color=orange]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm IE - URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll File not found IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/firefox IE - URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll File not found IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = local [color=orange]========== FireFox ==========[/color] FF - prefs.js..browser.search.defaultenginename: "Winamp Search" FF - prefs.js..browser.search.defaulturl: "http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&invocationType=tb50ffwinampie7&query=" FF - prefs.js..browser.search.selectedEngine: "Winamp Search" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "http://www.google.pl/" FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}:6.0.11 FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: {0b38152b-1b20-484d-a11f-5e04a9b0661f}:5.6.10.1 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}:6.0.13 FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.10 FF - prefs.js..keyword.URL: "http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&invocationType=tb50ffwinampab&query=" FF - HKLM\software\mozilla\Firefox\extensions\\jqs@sun.com: C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF [2009-05-27 15:34:27 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.0.10\extensions\\Components: C:\PROGRAM FILES\MOZILLA FIREFOX\COMPONENTS [2009-05-11 16:46:51 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.0.10\extensions\\Plugins: C:\PROGRAM FILES\MOZILLA FIREFOX\PLUGINS [2009-05-25 11:24:28 | 00,000,000 | ---D | M] [2009-03-12 18:00:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\mozilla\Extensions [2009-03-12 18:00:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384} [2009-05-25 20:42:25 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\mozilla\Firefox\Profiles\nv9uoa91.default\extensions [2009-05-25 20:43:48 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\mozilla\Firefox\Profiles\nv9uoa91.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f} [2009-05-25 20:43:55 | 00,001,196 | ---- | M] () -- C:\Documents and Settings\admin\Dane aplikacji\Mozilla\FireFox\Profiles\nv9uoa91.default\searchplugins\winamp-search.xml [2009-05-27 16:07:07 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions [2009-05-11 16:46:51 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [2009-03-12 19:21:07 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} [2009-05-27 15:34:40 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} [2009-04-24 11:54:25 | 00,023,032 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll [2009-04-24 11:54:25 | 00,134,648 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll [2006-06-03 18:43:22 | 00,000,896 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml [2008-04-03 19:19:08 | 00,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml [2008-04-16 06:08:20 | 00,001,706 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml [2007-03-31 19:11:54 | 00,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml [2006-06-03 18:43:22 | 00,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml [2008-03-28 23:36:04 | 00,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml [2007-01-05 13:40:56 | 00,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml O1 HOSTS File: (27 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.) O2 - BHO: (Winamp Toolbar Loader) - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll File not found O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.) O3 - HKLM\..\Toolbar: (Winamp Toolbar) - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll File not found O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - Reg Error: Key error. File not found O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe (Lavasoft) O4 - HKLM..\Run: [ClamWin] "C:\Program Files\ClamWin\bin\ClamTray.exe" --logon (alch) O4 - HKLM..\Run: [CreativeTaskScheduler] "C:\Program Files\Creative\Shared Files\CTSched.exe" /logon File not found O4 - HKLM..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup (NVIDIA Corporation) O4 - HKLM..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions (Sony Ericsson Mobile Communications AB) O4 - HKLM..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" (Sun Microsystems, Inc.) O4 - HKLM..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe" () O4 - HKCU..\Run: [Dipetozo] C:\Documents and Settings\admin\Dipetozo.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O8 - Extra context menu item: &Winamp Search - C:\Documents and Settings\All Users\Dane aplikacji\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html () O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation) O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation) O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone. O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} http://www.mks.com.pl/skaner/SkanerOnline.cab (MksSkanerOnline Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13) O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05) O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13) O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2008-09-04 12:56:41 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O33 - MountPoints2\{00dbbf5a-461b-11de-8d6b-001a4d80ed78}\Shell\aUtoPlAy\commANd - "" = G:\lxrh.pif -- File not found O33 - MountPoints2\{00dbbf5a-461b-11de-8d6b-001a4d80ed78}\Shell\AutoRun\command - "" = G:\lxrh.pif -- File not found O33 - MountPoints2\{00dbbf5a-461b-11de-8d6b-001a4d80ed78}\Shell\exPLoRE\COMmaNd - "" = G:\lxrh.pif -- File not found O33 - MountPoints2\{00dbbf5a-461b-11de-8d6b-001a4d80ed78}\Shell\oPEN\ComMAND - "" = G:\lxrh.pif -- File not found O33 - MountPoints2\{135af8e2-139b-11de-8c2a-001a4d80ed78}\Shell\AuTopLaY\coMMaND - "" = G:\fetp.exe -- File not found O33 - MountPoints2\{135af8e2-139b-11de-8c2a-001a4d80ed78}\Shell\AutoRun\command - "" = G:\fetp.exe -- File not found O33 - MountPoints2\{135af8e2-139b-11de-8c2a-001a4d80ed78}\Shell\eXPloRE\CommanD - "" = G:\fetp.exe -- File not found O33 - MountPoints2\{135af8e2-139b-11de-8c2a-001a4d80ed78}\Shell\opEn\cOmmanD - "" = G:\fetp.exe -- File not found O33 - MountPoints2\{135af8e3-139b-11de-8c2a-001a4d80ed78}\Shell\Autoplay\cOMmANd - "" = H:\glca.exe -- File not found O33 - MountPoints2\{135af8e3-139b-11de-8c2a-001a4d80ed78}\Shell\AutoRun\command - "" = H:\glca.exe -- File not found O33 - MountPoints2\{135af8e3-139b-11de-8c2a-001a4d80ed78}\Shell\explore\COmMand - "" = H:\glca.exe -- File not found O33 - MountPoints2\{135af8e3-139b-11de-8c2a-001a4d80ed78}\Shell\opEn\COmmand - "" = H:\glca.exe -- File not found O33 - MountPoints2\{225c2a04-46c8-11de-8d6f-001a4d80ed78}\Shell\autOplaY\CommaNd - "" = G:\xtlrx.exe -- File not found O33 - MountPoints2\{225c2a04-46c8-11de-8d6f-001a4d80ed78}\Shell\AutoRun\command - "" = G:\xtlrx.exe -- File not found O33 - MountPoints2\{225c2a04-46c8-11de-8d6f-001a4d80ed78}\Shell\eXPlORe\command - "" = G:\xtlrx.exe -- File not found O33 - MountPoints2\{225c2a04-46c8-11de-8d6f-001a4d80ed78}\Shell\open\COMmAND - "" = G:\xtlrx.exe -- File not found O33 - MountPoints2\{225c2a08-46c8-11de-8d6f-001a4d80ed78}\Shell\AutOPlay\CommanD - "" = G:\jxgmar.pif -- File not found O33 - MountPoints2\{225c2a08-46c8-11de-8d6f-001a4d80ed78}\Shell\AutoRun\command - "" = G:\jxgmar.pif -- File not found O33 - MountPoints2\{225c2a08-46c8-11de-8d6f-001a4d80ed78}\Shell\expLoRE\COMmaNd - "" = G:\jxgmar.pif -- File not found O33 - MountPoints2\{225c2a08-46c8-11de-8d6f-001a4d80ed78}\Shell\OPen\CommAnd - "" = G:\jxgmar.pif -- File not found O33 - MountPoints2\{76d32ffc-14a4-11de-8c31-001a4d80ed78}\Shell\AUtopLay\cOMMand - "" = H:\whut.cmd -- File not found O33 - MountPoints2\{76d32ffc-14a4-11de-8c31-001a4d80ed78}\Shell\AutoRun\command - "" = H:\whut.cmd -- File not found O33 - MountPoints2\{76d32ffc-14a4-11de-8c31-001a4d80ed78}\Shell\expLore\Command - "" = H:\whut.cmd -- File not found O33 - MountPoints2\{76d32ffc-14a4-11de-8c31-001a4d80ed78}\Shell\OPen\COMmaNd - "" = H:\whut.cmd -- File not found O33 - MountPoints2\{b6c57ec6-0f1a-11de-8c0c-001a4d80ed78}\Shell\AutoRun\command - "" = RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\isee.exe O33 - MountPoints2\{b6c57ec6-0f1a-11de-8c0c-001a4d80ed78}\Shell\open\command - "" = RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\isee.exe O33 - MountPoints2\{ee64aee6-45e7-11de-8d67-001a4d80ed78}\Shell\autoPlAy\cOMMaNd - "" = G:\jenw.exe -- File not found O33 - MountPoints2\{ee64aee6-45e7-11de-8d67-001a4d80ed78}\Shell\AutoRun\command - "" = G:\jenw.exe -- File not found O33 - MountPoints2\{ee64aee6-45e7-11de-8d67-001a4d80ed78}\Shell\ExPlORe\Command - "" = G:\jenw.exe -- File not found O33 - MountPoints2\{ee64aee6-45e7-11de-8d67-001a4d80ed78}\Shell\open\CommanD - "" = G:\jenw.exe -- File not found O33 - MountPoints2\{f8752a69-4ab6-11de-8d8a-001a4d80ed78}\Shell\AutoRun\command - "" = G:\upw.bat -- File not found O33 - MountPoints2\{f8752a69-4ab6-11de-8d8a-001a4d80ed78}\Shell\open\Command - "" = G:\upw.bat -- File not found O33 - MountPoints2\{f9dd1636-1d31-11de-8c57-001a4d80ed78}\Shell - "" = AutoRun O33 - MountPoints2\{f9dd1636-1d31-11de-8c57-001a4d80ed78}\Shell\AutoRun\command - "" = I:\LaunchU3.exe -- File not found O33 - MountPoints2\{f9dd1637-1d31-11de-8c57-001a4d80ed78}\Shell\AutoRun\command - "" = J:\lc.exe -- File not found O33 - MountPoints2\{f9dd1637-1d31-11de-8c57-001a4d80ed78}\Shell\open\Command - "" = J:\lc.exe -- File not found O33 - MountPoints2\G\Shell - "" = AutoRun O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\LaunchU3.exe -- File not found O34 - HKLM BootExecute: (autocheck) - File not found O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation) O34 - HKLM BootExecute: (*) - * [2009-05-27 18:46:45 | 00,000,000 | ---D | M] O34 - HKLM BootExecute: (lsdelete) - C:\WINDOWS\System32\lsdelete.exe () [color=orange]========== Files/Folders - Created Within 30 Days ==========[/color] [2009-05-27 18:46:42 | 00,501,248 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\admin\Pulpit\OTListIt2.exe [2009-05-27 17:02:53 | 00,000,000 | ---D | C] -- C:\Program Files\SkanerOnline [2009-05-27 15:47:24 | 00,000,653 | ---- | C] () -- C:\Documents and Settings\admin\Pulpit\Gadu-Gadu.lnk [2009-05-27 14:07:49 | 00,000,000 | ---D | C] -- C:\Documents and Settings\admin\Dane aplikacji\Teleca [2009-05-27 14:07:39 | 00,001,958 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Sony Ericsson PC Suite.lnk [2009-05-27 14:07:27 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Sony Ericsson [2009-05-27 14:07:23 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Teleca Shared [2009-05-27 14:07:19 | 00,000,000 | ---D | C] -- C:\Program Files\Sony Ericsson [2009-05-27 14:07:19 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Teleca [2009-05-27 14:04:52 | 00,005,744 | ---- | C] (MCCI) -- C:\WINDOWS\System32\drivers\k750wh.sys [2009-05-27 14:04:51 | 00,006,144 | ---- | C] (MCCI) -- C:\WINDOWS\System32\drivers\k750cm.sys [2009-05-27 14:04:38 | 00,000,000 | ---D | C] -- C:\WINDOWS\Downloaded Installations [2009-05-27 14:03:14 | 00,054,156 | -H-- | C] () -- C:\WINDOWS\QTFont.qfn [2009-05-27 14:03:14 | 00,001,409 | ---- | C] () -- C:\WINDOWS\QTFont.for [2009-05-26 11:10:21 | 00,001,374 | ---- | C] () -- C:\WINDOWS\imsins.BAK [2009-05-25 21:17:39 | 00,000,000 | ---D | C] -- C:\Program Files\WinAce [2009-05-25 20:42:28 | 00,000,664 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Winamp.lnk [2009-05-25 20:42:21 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Winamp Toolbar [2009-05-25 20:42:01 | 00,000,000 | ---D | C] -- C:\WINDOWS\RegisteredPackages [2009-05-25 20:41:10 | 00,000,000 | ---D | C] -- C:\Program Files\Winamp [2009-05-25 20:41:10 | 00,000,000 | ---D | C] -- C:\Documents and Settings\admin\Dane aplikacji\Winamp [2009-05-25 20:39:36 | 09,915,072 | ---- | C] (Nullsoft, Inc.) -- C:\Documents and Settings\admin\Pulpit\winamp5552_full_emusic-7plus_en-us-[www.legalne.info].exe [2009-05-25 13:50:51 | 00,000,697 | ---- | C] () -- C:\Documents and Settings\admin\Pulpit\Metin2 PL.lnk [2009-05-25 13:49:56 | 00,000,000 | ---D | C] -- C:\Program Files\Metin2_PL [2009-05-25 13:35:28 | 00,000,000 | ---D | C] -- C:\Program Files\Valve [2009-05-25 13:35:27 | 00,001,369 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Counter-Strike 1.6.lnk [2009-05-25 12:08:39 | 00,000,000 | ---D | C] -- C:\Program Files\OpenOffice.org 3 [2009-05-25 11:43:48 | 00,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\{83C91755-2546-441D-AC40-9A6B4B860800} [2009-05-25 11:43:42 | 00,000,000 | ---D | C] -- C:\Program Files\Lavasoft [2009-05-25 11:41:39 | 00,000,000 | ---D | C] -- C:\Documents and Settings\admin\Dane aplikacji\.clamwin [2009-05-25 11:41:30 | 00,000,000 | ---D | C] -- C:\Program Files\ClamWin [2009-05-25 11:23:19 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\OpenFM [2009-05-25 11:23:10 | 00,000,000 | ---D | C] -- C:\Documents and Settings\admin\Dane aplikacji\OpenFM [2009-05-23 10:55:03 | 00,389,382 | ---- | C] () -- C:\Documents and Settings\admin\Moje dokumenty\dokument pruss.odt [2009-05-23 10:52:11 | 00,014,638 | ---- | C] () -- C:\Documents and Settings\admin\Moje dokumenty\Dokument666.rtf [2009-05-22 17:25:45 | 00,000,434 | ---- | C] () -- C:\Documents and Settings\admin\Moje dokumenty\Skrót do Dokumenty udostępnione.lnk [2009-05-22 12:33:10 | 00,000,717 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\OpenFM.lnk [2009-05-22 12:32:28 | 00,000,000 | ---D | C] -- C:\Program Files\Nowe Gadu-Gadu [2009-05-20 17:18:00 | 00,000,000 | -HSD | C] -- C:\RECYCLER [2009-05-20 16:56:45 | 00,000,000 | ---D | C] -- C:\Documents and Settings\admin\Ustawienia lokalne\temp [2009-05-20 16:51:08 | 00,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe [2009-05-20 16:51:08 | 00,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe [2009-05-20 16:51:08 | 00,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe [2009-05-20 16:51:08 | 00,117,248 | ---- | C] () -- C:\WINDOWS\vFind.exe [2009-05-20 16:51:08 | 00,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe [2009-05-20 16:51:08 | 00,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe [2009-05-20 16:51:08 | 00,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe [2009-05-20 16:51:08 | 00,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe [2009-05-18 19:56:13 | 00,000,000 | ---D | C] -- C:\Documents and Settings\admin\Moje dokumenty\GoD [2009-05-18 16:32:28 | 00,010,630 | ---- | C] () -- C:\Documents and Settings\admin\Moje dokumenty\lista.odt [2009-05-16 10:17:37 | 00,483,328 | ---- | C] (SoftShape Development) -- C:\WINDOWS\System32\actskn45.ocx [2009-05-16 10:07:27 | 00,000,000 | ---D | C] -- C:\Program Files\WapSter [2009-05-14 15:26:50 | 00,000,000 | ---D | C] -- C:\Documents and Settings\admin\Dane aplikacji\Help [2009-05-07 20:30:22 | 00,000,000 | ---D | C] -- C:\WINDOWS\ERUNT [2009-05-06 20:32:00 | 00,051,232 | ---- | C] (gkweb) -- C:\Documents and Settings\All Users\Dokumenty\wwdc_[www.programosy.pl].exe [2009-03-12 11:44:30 | 00,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI [2006-10-31 08:35:00 | 01,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll [2006-10-31 08:35:00 | 01,470,464 | ---- | C] () -- C:\WINDOWS\System32\nview.dll [2006-10-31 08:35:00 | 01,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll [2006-10-31 08:35:00 | 00,581,632 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll [2006-10-31 08:35:00 | 00,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll [2006-10-31 08:35:00 | 00,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll [2006-10-31 08:35:00 | 00,196,608 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll [2006-03-02 14:00:00 | 00,000,477 | ---- | C] () -- C:\WINDOWS\win.ini [2006-03-02 14:00:00 | 00,000,263 | ---- | C] () -- C:\WINDOWS\system.ini [color=orange]========== Files - Modified Within 30 Days ==========[/color] [7 C:\WINDOWS\System32\*.tmp files] [2009-05-27 18:46:46 | 00,501,248 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\admin\Pulpit\OTListIt2.exe [2009-05-27 17:49:27 | 00,015,688 | ---- | M] () -- C:\WINDOWS\System32\lsdelete.exe [2009-05-27 16:58:44 | 00,081,496 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml [2009-05-27 16:58:35 | 00,000,062 | -HS- | M] () -- C:\Documents and Settings\admin\Ustawienia lokalne\desktop.ini [2009-05-27 16:58:32 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2009-05-27 15:47:24 | 00,000,653 | ---- | M] () -- C:\Documents and Settings\admin\Pulpit\Gadu-Gadu.lnk [2009-05-27 14:07:39 | 00,001,958 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Sony Ericsson PC Suite.lnk [2009-05-27 14:04:52 | 00,005,744 | ---- | M] (MCCI) -- C:\WINDOWS\System32\drivers\k750wh.sys [2009-05-27 14:04:51 | 00,006,144 | ---- | M] (MCCI) -- C:\WINDOWS\System32\drivers\k750cm.sys [2009-05-27 14:04:10 | 00,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn [2009-05-27 14:04:10 | 00,001,409 | ---- | M] () -- C:\WINDOWS\QTFont.for [2009-05-26 11:10:21 | 00,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2009-05-25 20:42:28 | 00,000,664 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Winamp.lnk [2009-05-25 20:42:15 | 00,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx [2009-05-25 20:40:18 | 09,915,072 | ---- | M] (Nullsoft, Inc.) -- C:\Documents and Settings\admin\Pulpit\winamp5552_full_emusic-7plus_en-us-[www.legalne.info].exe [2009-05-25 13:50:51 | 00,000,697 | ---- | M] () -- C:\Documents and Settings\admin\Pulpit\Metin2 PL.lnk [2009-05-25 13:35:28 | 00,001,369 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Counter-Strike 1.6.lnk [2009-05-25 13:32:24 | 00,112,584 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2009-05-25 11:45:47 | 00,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job [2009-05-25 11:45:16 | 00,064,160 | ---- | M] (Lavasoft AB) -- C:\WINDOWS\System32\drivers\Lbd.sys [2009-05-25 11:21:56 | 00,002,259 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Skype.lnk [2009-05-25 11:17:43 | 00,000,477 | ---- | M] () -- C:\WINDOWS\win.ini [2009-05-25 11:17:43 | 00,000,293 | RHS- | M] () -- C:\boot.ini [2009-05-25 11:17:43 | 00,000,263 | ---- | M] () -- C:\WINDOWS\system.ini [2009-05-25 10:00:28 | 00,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2009-05-23 11:05:13 | 00,000,434 | ---- | M] () -- C:\Documents and Settings\admin\Moje dokumenty\Skrót do Dokumenty udostępnione.lnk [2009-05-23 10:56:31 | 00,000,754 | ---- | M] () -- C:\WINDOWS\WORDPAD.INI [2009-05-23 10:55:04 | 00,389,382 | ---- | M] () -- C:\Documents and Settings\admin\Moje dokumenty\dokument pruss.odt [2009-05-23 10:52:11 | 00,014,638 | ---- | M] () -- C:\Documents and Settings\admin\Moje dokumenty\Dokument666.rtf [2009-05-22 12:33:10 | 00,000,717 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\OpenFM.lnk [2009-05-20 20:16:46 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2009-05-20 16:54:03 | 00,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts [2009-05-18 16:32:28 | 00,010,630 | ---- | M] () -- C:\Documents and Settings\admin\Moje dokumenty\lista.odt [2009-05-14 17:50:08 | 00,117,248 | ---- | M] () -- C:\WINDOWS\vFind.exe [2009-05-11 16:46:54 | 00,001,602 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Mozilla Firefox.lnk [2009-05-07 09:16:29 | 24,699,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MRT.exe [2009-05-06 20:32:00 | 00,051,232 | ---- | M] (gkweb) -- C:\Documents and Settings\All Users\Dokumenty\wwdc_[www.programosy.pl].exe < End of report >

**Posty:** 8001 · przez **Okocza** 27 Maj 2009, 19:34

Wykonaj to co jest podane w tym temacie

Zastosuj SDFix . Po pobraniu uruchom go a rozpakuje się do C:\SDFix. Uruchom komputer w trybie awaryjnym (F8 przy stracie systemu). Będąc w awaryjnym uruchom plik RunThis.bat z folderu SDFixa. Zatwierdź czyszczenie przez Y. Poczekaj aż ukończy i komputer zresetuje

Potem wejdz do folderu C:\SDFix wrzuc zawartość pliku Report.txt + log z dss'a oraz daj loga z hijacka

**Posty:** 190 · przez **mirekg1963** 27 Maj 2009, 20:12

Hej ! Daje logi z HiJackthis muszę to robić na raty bo pasek zadań nie działa. Więc zaraz dam następne

Kod: Zaznacz wszystko: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 20:10, on 2009-05-27 Platform: Windows XP Dodatek SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\ClamWin\bin\ClamTray.exe C:\Program Files\Winamp\winampa.exe C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Documents and Settings\admin\Dipetozo.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Common Files\Teleca Shared\CapabilityManager.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\Program Files\Common Files\Teleca Shared\Generic.exe C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\wscntfy.exe C:\Documents and Settings\admin\Pulpit\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/firefox R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 127.0.0.1:8080 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza R3 - URLSearchHook: Winamp Search Class - {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll (file missing) O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll (file missing) O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (file missing) O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [CreativeTaskScheduler] "C:\Program Files\Creative\Shared Files\CTSched.exe" /logon O4 - HKLM\..\Run: [ClamWin] "C:\Program Files\ClamWin\bin\ClamTray.exe" --logon O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe" O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKCU\..\Run: [Dipetozo] C:\Documents and Settings\admin\Dipetozo.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: &Winamp Search - C:\Documents and Settings\All Users\Dane aplikacji\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} (MksSkanerOnline Class) - http://www.mks.com.pl/skaner/SkanerOnline.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe -- End of file - 5126 bytes

**Posty:** 8001 · przez **Okocza** 27 Maj 2009, 20:15

mirekg1963, wykonaj napierw SDFix potem dopiero hijack this!

**Posty:** 190 · przez **mirekg1963** 27 Maj 2009, 20:33

No przykro mi ale nie mogę go uruchomić w trybie awarii, ale może Ci pomoże to:

Kod: Zaznacz wszystko: DDS (Ver_09-05-14.01) - NTFSx86 Run by admin at 20:27:48.43 on 2009-05-27 Internet Explorer: 6.0.2900.5512 BrowserJavaVersion: 1.6.0_13 Microsoft Windows XP Home Edition 5.1.2600.3.1250.1.1045.18.447.209 [GMT 2:00] ============== Running Processes =============== C:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe C:\WINDOWS\System32\svchost.exe -k netsvcs svchost.exe svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\ClamWin\bin\ClamTray.exe C:\Program Files\Winamp\winampa.exe C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Documents and Settings\admin\Dipetozo.exe svchost.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe -k imgsvc C:\Program Files\Common Files\Teleca Shared\CapabilityManager.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\Program Files\Common Files\Teleca Shared\Generic.exe C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe C:\WINDOWS\system32\wscntfy.exe C:\Documents and Settings\admin\Pulpit\dds.scr ============== Pseudo HJT Report =============== uStart Page = hxxp://www.google.pl/firefox mStart Page = hxxp://www.yahoo.com uInternet Connection Wizard,ShellNext = iexplore uInternet Settings,ProxyServer = 127.0.0.1:8080 uInternet Settings,ProxyOverride = local uSearchURL,(Default) = hxxp://www.google.com/search?q=%s uURLSearchHooks: Winamp Search Class: {57bca5fa-5dbb-45a2-b558-1755c3f6253b} - c:\program files\winamp toolbar\winamptb.dll mURLSearchHooks: Winamp Search Class: {57bca5fa-5dbb-45a2-b558-1755c3f6253b} - c:\program files\winamp toolbar\winamptb.dll BHO: Skype add-on (mastermind): {22bf413b-c6d2-4d91-82a9-a0f997ba588c} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll BHO: Winamp Toolbar Loader: {25cee8ec-5730-41bc-8b58-22ddc8ab8c20} - c:\program files\winamp toolbar\winamptb.dll BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll TB: Winamp Toolbar: {ebf2ba02-9094-4c5a-858b-bb198f3d8de2} - c:\program files\winamp toolbar\winamptb.dll TB: {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - No File uRun: [Dipetozo] c:\documents and settings\admin\Dipetozo.exe mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup mRun: [CreativeTaskScheduler] "c:\program files\creative\shared files\CTSched.exe" /logon mRun: [ClamWin] "c:\program files\clamwin\bin\ClamTray.exe" --logon mRun: [Ad-Watch] c:\program files\lavasoft\ad-aware\AAWTray.exe mRun: [WinampAgent] "c:\program files\winamp\winampa.exe" mRun: [<NO NAME>] mRun: [Sony Ericsson PC Suite] "c:\program files\sony ericsson\mobile2\application launcher\Application Launcher.exe" /startoptions mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe" dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE mPolicies-explorer: NoResolveTrack = 1 (0x1) mPolicies-system: EnableLUA = 0 (0x0) IE: &Winamp Search - c:\documents and settings\all users\dane aplikacji\winamp toolbar\ietoolbar\resources\en-us\local\search.html IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe IE: {77BF5300-1474-4EC7-9980-D32B190E9B07} - {77BF5300-1474-4EC7-9980-D32B190E9B07} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll DPF: {68282C51-9459-467B-95BF-3C0E89627E55} - hxxp://www.mks.com.pl/skaner/SkanerOnline.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL ================= FIREFOX =================== FF - ProfilePath - c:\docume~1\admin\daneap~1\mozilla\firefox\profiles\nv9uoa91.default\ FF - prefs.js: browser.search.defaulturl - hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&invocationType=tb50ffwinampie7&query= FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - hxxp://www.google.pl/ FF - prefs.js: keyword.URL - hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&invocationType=tb50ffwinampab&query= FF - component: c:\documents and settings\admin\dane aplikacji\mozilla\firefox\profiles\nv9uoa91.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}\components\WinampTBPlayer.dll ============= SERVICES / DRIVERS =============== R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2009-3-12 64160] S3 asc3360pr;asc3360pr;\??\c:\windows\system32\drivers\rhgmrn.sys --> c:\windows\system32\drivers\rhgmrn.sys [?] S3 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\AAWService.exe [2009-1-18 1005904] S3 V0260VID;Live! Cam Vista IM;c:\windows\system32\drivers\V0260Vid.sys [2008-9-4 178913] =============== Created Last 30 ================ 2009-05-27 20:14 <DIR> --d----- C:\SDFix 2009-05-27 15:34 0 a------- c:\windows\system32\RENF.tmp 2009-05-27 15:34 0 a------- c:\windows\system32\RENE.tmp 2009-05-27 15:34 0 a------- c:\windows\system32\REND.tmp 2009-05-27 15:24 0 a------- c:\windows\system32\REN47.tmp 2009-05-27 15:24 0 a------- c:\windows\system32\REN46.tmp 2009-05-27 15:24 0 a------- c:\windows\system32\REN45.tmp 2009-05-27 14:07 <DIR> --d----- c:\docume~1\admin\daneap~1\Teleca 2009-05-27 14:07 <DIR> --d----- c:\documents and settings\all users\Documents 2009-05-27 14:07 <DIR> --d----- c:\docume~1\alluse~1\daneap~1\Sony Ericsson 2009-05-27 14:07 <DIR> --d----- c:\program files\common files\Teleca Shared 2009-05-27 14:07 <DIR> --d----- c:\program files\Sony Ericsson 2009-05-27 14:07 <DIR> --d----- c:\docume~1\alluse~1\daneap~1\Teleca 2009-05-27 14:04 5,744 a------- c:\windows\system32\drivers\k750wh.sys 2009-05-27 14:04 6,144 a------- c:\windows\system32\drivers\k750cm.sys 2009-05-27 14:04 <DIR> --d----- c:\windows\Downloaded Installations 2009-05-27 14:03 54,156 a---h--- c:\windows\QTFont.qfn 2009-05-27 14:03 1,409 a------- c:\windows\QTFont.for 2009-05-26 17:30 165,888 a------- c:\documents and settings\admin\Dipetozo.exe 2009-05-25 21:17 <DIR> --d----- c:\program files\WinAce 2009-05-25 20:42 <DIR> --d----- c:\docume~1\alluse~1\daneap~1\Winamp Toolbar 2009-05-25 20:42 <DIR> --d----- c:\windows\RegisteredPackages 2009-05-25 13:49 <DIR> --d----- c:\program files\Metin2_PL 2009-05-25 13:35 <DIR> --d----- c:\program files\Valve 2009-05-25 12:08 <DIR> --d----- c:\program files\OpenOffice.org 3 2009-05-25 11:43 <DIR> -cd-h--- c:\docume~1\alluse~1\daneap~1\{83C91755-2546-441D-AC40-9A6B4B860800} 2009-05-25 11:43 <DIR> --d----- c:\program files\Lavasoft 2009-05-25 11:41 <DIR> --d----- c:\docume~1\admin\daneap~1\.clamwin 2009-05-25 11:41 <DIR> --d----- c:\program files\ClamWin 2009-05-25 11:41 <DIR> --d----- c:\documents and settings\all users\.clamwin 2009-05-25 11:23 <DIR> --d----- c:\docume~1\alluse~1\daneap~1\OpenFM 2009-05-25 11:23 <DIR> --d----- c:\docume~1\admin\daneap~1\OpenFM 2009-05-22 12:32 <DIR> --d----- c:\program files\Nowe Gadu-Gadu 2009-05-20 16:51 161,792 a------- c:\windows\SWREG.exe 2009-05-20 16:51 98,816 a------- c:\windows\sed.exe 2009-05-16 10:07 <DIR> --d----- c:\program files\WapSter 2009-05-07 20:30 <DIR> --d----- c:\windows\ERUNT ==================== Find3M ==================== 2009-05-27 17:49 15,688 a------- c:\windows\system32\lsdelete.exe 2009-05-27 15:34 410,984 a------- c:\windows\system32\deploytk.dll 2009-05-25 11:45 64,160 a------- c:\windows\system32\drivers\Lbd.sys 2009-04-17 14:40 355,830 a------- c:\windows\system32\perfh015.dat 2009-04-17 14:40 49,712 a------- c:\windows\system32\perfc015.dat 2009-04-10 19:10 76,487 a------- c:\windows\pchealth\helpctr\offlinecache\index.dat 2009-04-08 10:32 1,060,864 a------- c:\windows\system32\MFC71.dll 2009-04-08 10:32 499,712 a------- c:\windows\system32\msvcp71.dll 2009-04-08 10:32 348,160 a------- c:\windows\system32\msvcr71.dll 2009-03-06 16:22 285,696 a------- c:\windows\system32\pdh.dll ============= FINISH: 20:28:00.48 ===============

a to sie też przyda??

Kod: Zaznacz wszystko: UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT DDS (Ver_09-05-14.01) Microsoft Windows XP Home Edition Boot Device: \Device\HarddiskVolume1 Install Date: 2008-09-04 12:58:49 System Uptime: 2009-05-27 20:21:01 (0 hours ago) Motherboard: Gigabyte Technology Co., Ltd. | | M61SME-S2 Processor: AMD Sempron(tm) Processor 3400+ | Socket M2 | 1808/200mhz ==== Disk Partitions ========================= A: is Removable C: is FIXED (NTFS) - 29 GiB total, 22.125 GiB free. D: is FIXED (NTFS) - 39 GiB total, 36.952 GiB free. E: is FIXED (FAT32) - 6 GiB total, 6.153 GiB free. F: is CDROM () ==== Disabled Device Manager Items ============= ==== System Restore Points =================== RP3: 2009-05-13 11:19:28 - Software Distribution Service 3.0 RP4: 2009-05-18 18:48:28 - Created By FixIEDef RP5: 2009-05-20 16:51:21 - ComboFix created restore point RP6: 2009-05-25 11:24:27 - Usunięto: Adobe Reader 6.0.2 CE RP7: 2009-05-25 11:25:35 - Usunięto: OpenOffice.org 3.0 RP8: 2009-05-25 12:08:34 - Zainstalowano: OpenOffice.org 3.0 RP9: 2009-05-25 13:35:13 - ????????? Counter-Strike 1.6 RP10: 2009-05-25 13:35:27 - ??????????? Counter-Strike 1.6 RP11: 2009-05-25 20:42:00 - Installed Windows Media Format Runtime RP12: 2009-05-26 11:09:54 - Software Distribution Service 3.0 RP13: 2009-05-27 14:06:10 - Installed Sony Ericsson PC Suite 1.20.173 RP14: 2009-05-27 15:24:42 - Installed Java(TM) 6 Update 13 RP15: 2009-05-27 15:34:04 - Removed Java(TM) 6 Update 11 RP16: 2009-05-27 15:34:19 - Installed Java(TM) 6 Update 13 ==== Installed Programs ====================== Ad-Aware Adobe Flash Player 10 ActiveX Adobe Flash Player 10 Plugin Aktualizacja dla systemu Windows XP (KB951978) Aktualizacja dla systemu Windows XP (KB955839) Aktualizacja dla systemu Windows XP (KB967715) Aktualizacja zabezpieczeń dla programu Windows Media Player (KB952069) Aktualizacja zabezpieczeń dla systemu Windows XP (KB923561) Aktualizacja zabezpieczeń dla systemu Windows XP (KB923789) Aktualizacja zabezpieczeń dla systemu Windows XP (KB938464-v2) Aktualizacja zabezpieczeń dla systemu Windows XP (KB946648) Aktualizacja zabezpieczeń dla systemu Windows XP (KB950760) Aktualizacja zabezpieczeń dla systemu Windows XP (KB950762) Aktualizacja zabezpieczeń dla systemu Windows XP (KB950974) Aktualizacja zabezpieczeń dla systemu Windows XP (KB951066) Aktualizacja zabezpieczeń dla systemu Windows XP (KB951376-v2) Aktualizacja zabezpieczeń dla systemu Windows XP (KB951698) Aktualizacja zabezpieczeń dla systemu Windows XP (KB951748) Aktualizacja zabezpieczeń dla systemu Windows XP (KB952004) Aktualizacja zabezpieczeń dla systemu Windows XP (KB952954) Aktualizacja zabezpieczeń dla systemu Windows XP (KB954459) Aktualizacja zabezpieczeń dla systemu Windows XP (KB954600) Aktualizacja zabezpieczeń dla systemu Windows XP (KB955069) Aktualizacja zabezpieczeń dla systemu Windows XP (KB956572) Aktualizacja zabezpieczeń dla systemu Windows XP (KB956802) Aktualizacja zabezpieczeń dla systemu Windows XP (KB956803) Aktualizacja zabezpieczeń dla systemu Windows XP (KB956841) Aktualizacja zabezpieczeń dla systemu Windows XP (KB957097) Aktualizacja zabezpieczeń dla systemu Windows XP (KB958215) Aktualizacja zabezpieczeń dla systemu Windows XP (KB958644) Aktualizacja zabezpieczeń dla systemu Windows XP (KB958687) Aktualizacja zabezpieczeń dla systemu Windows XP (KB958690) Aktualizacja zabezpieczeń dla systemu Windows XP (KB959426) Aktualizacja zabezpieczeń dla systemu Windows XP (KB960225) Aktualizacja zabezpieczeń dla systemu Windows XP (KB960714) Aktualizacja zabezpieczeń dla systemu Windows XP (KB960715) Aktualizacja zabezpieczeń dla systemu Windows XP (KB960803) Aktualizacja zabezpieczeń dla systemu Windows XP (KB961373) Aktualizacja zabezpieczeń dla systemu Windows XP (KB963027) Aktualizacja zabezpieczeń dla Windows XP (KB923689) Aktualizacja zabezpieczeń dla Windows XP (KB941569) ClamWin Free Antivirus 0.95.1 Counter-Strike 1.6 Creative Live! Cam Vista IM Driver (1.01.03.1104) Creative Live! Cam Vista IM User's Guide (English) Creative Software AutoUpdate Creative System Information Creative WebCam Center Gadu-Gadu 7.7 High Definition Audio Driver Package - KB888111 HijackThis 2.0.2 Java(TM) 6 Update 13 Java(TM) 6 Update 5 Microsoft Visual C++ 2005 Redistributable Mozilla Firefox (3.0.10) Nowe Gadu-Gadu NVIDIA Drivers Odkurzacz 11.3 OpenOffice.org 3.0 Pakiet sterowników systemu Windows - Advanced Micro Devices (AmdK8) Processor (05/27/2006 1.3.2.0) Poprawka dla systemu Windows XP (KB952287) Realtek High Definition Audio Driver Skaner on-line mks_vir Skype™ 3.8 Sony Ericsson PC Suite 1.20.173 Tibia Tlen.pl Visual C++ 2008 x86 Runtime - (v9.0.30729) Visual C++ 2008 x86 Runtime - v9.0.30729.01 WebFldrs XP WinAce Archiver Winamp Winamp Toolbar Windows Genuine Advantage Validation Tool (KB892130) Windows Media Format Runtime Windows XP Service Pack 3 WinRAR archiver ==== End Of File ===========================

**Posty:** 18165 · przez **wojtas** 28 Maj 2009, 10:29

Uruchom OTListIt2 i w oknie Custom Scans/Fixes wklej :

:OTLI
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O2 - BHO: (Winamp Toolbar Loader) - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll File not found
O3 - HKLM\..\Toolbar: (Winamp Toolbar) - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll File not found
O4 - HKLM..\Run: [] File not found
O4 - HKCU..\Run: [Dipetozo] C:\Documents and Settings\admin\Dipetozo.exe ()
O33 - MountPoints2\{00dbbf5a-461b-11de-8d6b-001a4d80ed78}\Shell\aUtoPlAy\commANd - "" = G:\lxrh.pif -- File not found
O33 - MountPoints2\{00dbbf5a-461b-11de-8d6b-001a4d80ed78}\Shell\AutoRun\command - "" = G:\lxrh.pif -- File not found
O33 - MountPoints2\{00dbbf5a-461b-11de-8d6b-001a4d80ed78}\Shell\exPLoRE\COMmaNd - "" = G:\lxrh.pif -- File not found
O33 - MountPoints2\{00dbbf5a-461b-11de-8d6b-001a4d80ed78}\Shell\oPEN\ComMAND - "" = G:\lxrh.pif -- File not found
O33 - MountPoints2\{135af8e2-139b-11de-8c2a-001a4d80ed78}\Shell\AuTopLaY\coMMaND - "" = G:\fetp.exe -- File not found
O33 - MountPoints2\{135af8e2-139b-11de-8c2a-001a4d80ed78}\Shell\AutoRun\command - "" = G:\fetp.exe -- File not found
O33 - MountPoints2\{135af8e2-139b-11de-8c2a-001a4d80ed78}\Shell\eXPloRE\CommanD - "" = G:\fetp.exe -- File not found
O33 - MountPoints2\{135af8e2-139b-11de-8c2a-001a4d80ed78}\Shell\opEn\cOmmanD - "" = G:\fetp.exe -- File not found
O33 - MountPoints2\{135af8e3-139b-11de-8c2a-001a4d80ed78}\Shell\Autoplay\cOMmANd - "" = H:\glca.exe -- File not found
O33 - MountPoints2\{135af8e3-139b-11de-8c2a-001a4d80ed78}\Shell\AutoRun\command - "" = H:\glca.exe -- File not found
O33 - MountPoints2\{135af8e3-139b-11de-8c2a-001a4d80ed78}\Shell\explore\COmMand - "" = H:\glca.exe -- File not found
O33 - MountPoints2\{135af8e3-139b-11de-8c2a-001a4d80ed78}\Shell\opEn\COmmand - "" = H:\glca.exe -- File not found
O33 - MountPoints2\{225c2a04-46c8-11de-8d6f-001a4d80ed78}\Shell\autOplaY\CommaNd - "" = G:\xtlrx.exe -- File not found
O33 - MountPoints2\{225c2a04-46c8-11de-8d6f-001a4d80ed78}\Shell\AutoRun\command - "" = G:\xtlrx.exe -- File not found
O33 - MountPoints2\{225c2a04-46c8-11de-8d6f-001a4d80ed78}\Shell\eXPlORe\command - "" = G:\xtlrx.exe -- File not found
O33 - MountPoints2\{225c2a04-46c8-11de-8d6f-001a4d80ed78}\Shell\open\COMmAND - "" = G:\xtlrx.exe -- File not found
O33 - MountPoints2\{225c2a08-46c8-11de-8d6f-001a4d80ed78}\Shell\AutOPlay\CommanD - "" = G:\jxgmar.pif -- File not found
O33 - MountPoints2\{225c2a08-46c8-11de-8d6f-001a4d80ed78}\Shell\AutoRun\command - "" = G:\jxgmar.pif -- File not found
O33 - MountPoints2\{225c2a08-46c8-11de-8d6f-001a4d80ed78}\Shell\expLoRE\COMmaNd - "" = G:\jxgmar.pif -- File not found
O33 - MountPoints2\{225c2a08-46c8-11de-8d6f-001a4d80ed78}\Shell\OPen\CommAnd - "" = G:\jxgmar.pif -- File not found
O33 - MountPoints2\{76d32ffc-14a4-11de-8c31-001a4d80ed78}\Shell\AUtopLay\cOMMand - "" = H:\whut.cmd -- File not found
O33 - MountPoints2\{76d32ffc-14a4-11de-8c31-001a4d80ed78}\Shell\AutoRun\command - "" = H:\whut.cmd -- File not found
O33 - MountPoints2\{76d32ffc-14a4-11de-8c31-001a4d80ed78}\Shell\expLore\Command - "" = H:\whut.cmd -- File not found
O33 - MountPoints2\{76d32ffc-14a4-11de-8c31-001a4d80ed78}\Shell\OPen\COMmaNd - "" = H:\whut.cmd -- File not found
O33 - MountPoints2\{b6c57ec6-0f1a-11de-8c0c-001a4d80ed78}\Shell\AutoRun\command - "" = RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\isee.exe
O33 - MountPoints2\{b6c57ec6-0f1a-11de-8c0c-001a4d80ed78}\Shell\open\command - "" = RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\isee.exe
O33 - MountPoints2\{ee64aee6-45e7-11de-8d67-001a4d80ed78}\Shell\autoPlAy\cOMMaNd - "" = G:\jenw.exe -- File not found
O33 - MountPoints2\{ee64aee6-45e7-11de-8d67-001a4d80ed78}\Shell\AutoRun\command - "" = G:\jenw.exe -- File not found
O33 - MountPoints2\{ee64aee6-45e7-11de-8d67-001a4d80ed78}\Shell\ExPlORe\Command - "" = G:\jenw.exe -- File not found
O33 - MountPoints2\{ee64aee6-45e7-11de-8d67-001a4d80ed78}\Shell\open\CommanD - "" = G:\jenw.exe -- File not found
O33 - MountPoints2\{f8752a69-4ab6-11de-8d8a-001a4d80ed78}\Shell\AutoRun\command - "" = G:\upw.bat -- File not found
O33 - MountPoints2\{f8752a69-4ab6-11de-8d8a-001a4d80ed78}\Shell\open\Command - "" = G:\upw.bat -- File not found
O33 - MountPoints2\{f9dd1636-1d31-11de-8c57-001a4d80ed78}\Shell - "" = AutoRun
O33 - MountPoints2\{f9dd1636-1d31-11de-8c57-001a4d80ed78}\Shell\AutoRun\command - "" = I:\LaunchU3.exe -- File not found
O33 - MountPoints2\{f9dd1637-1d31-11de-8c57-001a4d80ed78}\Shell\AutoRun\command - "" = J:\lc.exe -- File not found
O33 - MountPoints2\{f9dd1637-1d31-11de-8c57-001a4d80ed78}\Shell\open\Command - "" = J:\lc.exe -- File not found

:Files
C:\Documents and Settings\admin\Dipetozo.exe
C:\RECYCLER

:Commands
[emptytemp]
[start explorer]
[Reboot]

Kliknij w Run Fix. I potwierdz reset kompa .

Następnie uruchamiasz OTListIt2 z opcją Run Scan. Pokazujesz nowy log OTListIt.txt (czyszczenie i skan )

**Posty:** 190 · przez **mirekg1963** 28 Maj 2009, 16:57

O wielkie dzięki już pasek zadań ruszył , a poniżej przedstawiam log

Kod: Zaznacz wszystko: OTListIt logfile created on: 2009-05-28 16:50:32 - Run 2 OTListIt2 by OldTimer - Version 2.0.15.8 Folder = C:\Documents and Settings\admin\Pulpit Windows XP Home Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.5512) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 447.48 Mb Total Physical Memory | 212.10 Mb Available Physical Memory | 47.40% Memory free 1.03 Gb Paging File | 0.86 Gb Available in Paging File | 83.68% Paging File free Paging file location(s): C:\pagefile.sys 672 1344 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 29.29 Gb Total Space | 22.22 Gb Free Space | 75.86% Space Free | Partition Type: NTFS Drive D: | 39.06 Gb Total Space | 36.95 Gb Free Space | 94.60% Space Free | Partition Type: NTFS Drive E: | 6.15 Gb Total Space | 6.15 Gb Free Space | 99.97% Space Free | Partition Type: FAT32 F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: XPN33 Current User Name: admin Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Output = Standard File Age = 30 Days Company Name Whitelist: On [color=orange]========== Processes (SafeList) ==========[/color] PRC - [2008-04-14 19:21:16 | 01,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Explorer.EXE PRC - [2009-05-27 15:34:26 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe PRC - [2006-10-31 08:35:00 | 00,155,715 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe PRC - [2005-01-28 13:44:28 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wdfmgr.exe PRC - [2009-02-06 12:10:02 | 00,227,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiprvse.exe PRC - [2009-02-06 12:10:02 | 00,227,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiprvse.exe PRC - [2009-04-14 12:52:58 | 00,086,016 | ---- | M] (alch) -- C:\Program Files\ClamWin\bin\ClamTray.exe PRC - [2009-04-10 19:29:08 | 00,037,888 | ---- | M] () -- C:\Program Files\Winamp\winampa.exe PRC - [2005-10-26 16:17:24 | 00,159,744 | ---- | M] (Sony Ericsson Mobile Communications AB) -- C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe PRC - [2009-05-27 15:34:27 | 00,148,888 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exe PRC - [2008-04-14 19:21:50 | 00,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wscntfy.exe PRC - [2005-06-08 16:45:04 | 00,278,528 | ---- | M] (Teleca Software Solutions AB) -- C:\Program Files\Common Files\Teleca Shared\CapabilityManager.exe PRC - [2005-08-10 07:54:34 | 00,385,024 | R--- | M] (Teleca Software Solutions) -- C:\Program Files\Common Files\Teleca Shared\Generic.exe PRC - [2006-02-24 11:58:14 | 00,868,352 | R--- | M] (Sony Ericsson Mobile Communications AB) -- C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe PRC - [2009-05-28 16:46:59 | 00,501,248 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\admin\Pulpit\OTListIt2.exe [color=orange]========== Win32 Services (SafeList) ==========[/color] SRV - File not found -- -- (gusvc [Disabled | Stopped]) SRV - [2008-04-14 19:20:44 | 00,038,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc [Auto | Running]) SRV - [2009-05-27 15:34:26 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService [Auto | Running]) SRV - [2009-05-27 17:49:05 | 01,005,904 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service [On_Demand | Stopped]) SRV - [2006-10-31 08:35:00 | 00,155,715 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe -- (NVSvc [Auto | Running]) SRV - [2005-01-28 13:44:28 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wdfmgr.exe -- (UMWdf [Auto | Running]) [color=orange]========== Driver Services (SafeList) ==========[/color] DRV - [2006-06-18 23:51:32 | 00,043,520 | ---- | M] (Advanced Micro Devices) -- C:\WINDOWS\system32\DRIVERS\AmdK8.sys -- (AmdK8 [System | Running]) DRV - [2008-09-04 13:09:24 | 00,014,656 | ---- | M] (Windows (R) Codename Longhorn DDK provider) -- C:\WINDOWS\gdrv.sys -- (gdrv [On_Demand | Stopped]) DRV - [2008-04-13 18:36:05 | 00,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) -- C:\WINDOWS\system32\DRIVERS\HDAudBus.sys -- (HDAudBus [On_Demand | Running]) DRV - [2007-01-30 12:57:50 | 04,474,368 | R--- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService [On_Demand | Running]) DRV - [2005-06-03 13:46:52 | 00,055,216 | R--- | M] (MCCI) -- C:\WINDOWS\system32\DRIVERS\k750bus.sys -- (k750bus [On_Demand | Stopped]) DRV - [2005-06-03 13:46:58 | 00,006,576 | R--- | M] (MCCI) -- C:\WINDOWS\system32\DRIVERS\k750mdfl.sys -- (k750mdfl [On_Demand | Stopped]) DRV - [2005-06-03 13:47:00 | 00,089,872 | R--- | M] (MCCI) -- C:\WINDOWS\system32\DRIVERS\k750mdm.sys -- (k750mdm [On_Demand | Stopped]) DRV - [2005-06-03 13:47:04 | 00,081,728 | R--- | M] (MCCI) -- C:\WINDOWS\system32\DRIVERS\k750mgmt.sys -- (k750mgmt [On_Demand | Stopped]) DRV - [2005-06-03 13:47:06 | 00,079,488 | R--- | M] (MCCI) -- C:\WINDOWS\system32\DRIVERS\k750obex.sys -- (k750obex [On_Demand | Stopped]) DRV - [2009-05-25 11:45:16 | 00,064,160 | ---- | M] (Lavasoft AB) -- C:\WINDOWS\system32\DRIVERS\Lbd.sys -- (Lbd [Boot | Running]) DRV - [2006-10-31 08:35:00 | 03,964,256 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\DRIVERS\nv4_mini.sys -- (nv [On_Demand | Running]) DRV - [2006-10-18 16:31:38 | 00,105,472 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\DRIVERS\nvata.sys -- (nvata [Boot | Running]) DRV - [2006-11-27 16:33:50 | 00,058,368 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\DRIVERS\NVENETFD.sys -- (NVENETFD [On_Demand | Running]) DRV - [2006-11-27 16:33:54 | 00,019,968 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\DRIVERS\nvnetbus.sys -- (nvnetbus [On_Demand | Running]) DRV - [2006-03-02 14:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\system32\DRIVERS\ptilink.sys -- (Ptilink [On_Demand | Running]) DRV - [2008-08-20 19:58:58 | 00,044,944 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20 [Boot | Running]) DRV - [2008-04-13 18:39:16 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\system32\DRIVERS\secdrv.sys -- (Secdrv [On_Demand | Stopped]) DRV - [2006-11-04 00:45:48 | 00,178,913 | R--- | M] (Creative Technology Ltd.) -- C:\WINDOWS\system32\DRIVERS\V0260Vid.sys -- (V0260VID [On_Demand | Stopped]) [color=orange]========== Standard Registry (SafeList) ==========[/color] [color=orange]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm IE - URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll File not found IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/firefox IE - URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll File not found IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = local [color=orange]========== FireFox ==========[/color] FF - prefs.js..browser.search.defaultenginename: "Winamp Search" FF - prefs.js..browser.search.defaulturl: "http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&invocationType=tb50ffwinampie7&query=" FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "http://www.google.pl/" FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}:6.0.11 FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: {0b38152b-1b20-484d-a11f-5e04a9b0661f}:5.6.10.1 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}:6.0.13 FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.10 FF - prefs.js..keyword.URL: "http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&invocationType=tb50ffwinampab&query=" FF - HKLM\software\mozilla\Firefox\extensions\\jqs@sun.com: C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF [2009-05-27 15:34:27 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.0.10\extensions\\Components: C:\PROGRAM FILES\MOZILLA FIREFOX\COMPONENTS [2009-05-11 16:46:51 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.0.10\extensions\\Plugins: C:\PROGRAM FILES\MOZILLA FIREFOX\PLUGINS [2009-05-25 11:24:28 | 00,000,000 | ---D | M] [2009-03-12 18:00:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\mozilla\Extensions [2009-03-12 18:00:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384} [2009-05-25 20:42:25 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\mozilla\Firefox\Profiles\nv9uoa91.default\extensions [2009-05-25 20:43:48 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\mozilla\Firefox\Profiles\nv9uoa91.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f} [2009-05-25 20:43:55 | 00,001,196 | ---- | M] () -- C:\Documents and Settings\admin\Dane aplikacji\Mozilla\FireFox\Profiles\nv9uoa91.default\searchplugins\winamp-search.xml [2009-05-27 16:07:07 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions [2009-05-11 16:46:51 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [2009-03-12 19:21:07 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} [2009-05-27 15:34:40 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} [2009-04-24 11:54:25 | 00,023,032 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll [2009-04-24 11:54:25 | 00,134,648 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll [2006-06-03 18:43:22 | 00,000,896 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml [2008-04-03 19:19:08 | 00,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml [2008-04-16 06:08:20 | 00,001,706 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml [2007-03-31 19:11:54 | 00,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml [2006-06-03 18:43:22 | 00,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml [2008-03-28 23:36:04 | 00,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml [2007-01-05 13:40:56 | 00,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml O1 HOSTS File: (27 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.) O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - Reg Error: Key error. File not found O4 - HKLM..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe (Lavasoft) O4 - HKLM..\Run: [ClamWin] "C:\Program Files\ClamWin\bin\ClamTray.exe" --logon (alch) O4 - HKLM..\Run: [CreativeTaskScheduler] "C:\Program Files\Creative\Shared Files\CTSched.exe" /logon File not found O4 - HKLM..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup (NVIDIA Corporation) O4 - HKLM..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions (Sony Ericsson Mobile Communications AB) O4 - HKLM..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" (Sun Microsystems, Inc.) O4 - HKLM..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe" () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O8 - Extra context menu item: &Winamp Search - C:\Documents and Settings\All Users\Dane aplikacji\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html () O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation) O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation) O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone. O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} http://www.mks.com.pl/skaner/SkanerOnline.cab (MksSkanerOnline Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13) O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05) O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13) O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2008-09-04 12:56:41 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O33 - MountPoints2\G\Shell - "" = AutoRun O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\LaunchU3.exe -- File not found O34 - HKLM BootExecute: (autocheck) - File not found O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation) O34 - HKLM BootExecute: (*) - * [2009-05-28 16:50:14 | 00,000,000 | ---D | M] O34 - HKLM BootExecute: (lsdelete) - C:\WINDOWS\System32\lsdelete.exe () [color=orange]========== Files/Folders - Created Within 30 Days ==========[/color] [2009-05-28 16:47:41 | 00,000,000 | -HSD | C] -- C:\RECYCLER [2009-05-28 16:47:19 | 00,000,000 | ---D | C] -- C:\_OTListIt [2009-05-28 16:46:51 | 00,501,248 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\admin\Pulpit\OTListIt2.exe [2009-05-27 20:14:34 | 00,000,000 | ---D | C] -- C:\SDFix [2009-05-27 15:47:24 | 00,000,653 | ---- | C] () -- C:\Documents and Settings\admin\Pulpit\Gadu-Gadu.lnk [2009-05-27 14:07:49 | 00,000,000 | ---D | C] -- C:\Documents and Settings\admin\Dane aplikacji\Teleca [2009-05-27 14:07:27 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Sony Ericsson [2009-05-27 14:07:23 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Teleca Shared [2009-05-27 14:07:19 | 00,000,000 | ---D | C] -- C:\Program Files\Sony Ericsson [2009-05-27 14:07:19 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Teleca [2009-05-27 14:04:52 | 00,005,744 | ---- | C] (MCCI) -- C:\WINDOWS\System32\drivers\k750wh.sys [2009-05-27 14:04:51 | 00,006,144 | ---- | C] (MCCI) -- C:\WINDOWS\System32\drivers\k750cm.sys [2009-05-27 14:04:38 | 00,000,000 | ---D | C] -- C:\WINDOWS\Downloaded Installations [2009-05-27 14:03:14 | 00,054,156 | -H-- | C] () -- C:\WINDOWS\QTFont.qfn [2009-05-27 14:03:14 | 00,001,409 | ---- | C] () -- C:\WINDOWS\QTFont.for [2009-05-26 11:10:21 | 00,001,374 | ---- | C] () -- C:\WINDOWS\imsins.BAK [2009-05-25 21:17:39 | 00,000,000 | ---D | C] -- C:\Program Files\WinAce [2009-05-25 20:42:28 | 00,000,664 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Winamp.lnk [2009-05-25 20:42:21 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Winamp Toolbar [2009-05-25 20:42:01 | 00,000,000 | ---D | C] -- C:\WINDOWS\RegisteredPackages [2009-05-25 20:41:10 | 00,000,000 | ---D | C] -- C:\Program Files\Winamp [2009-05-25 20:41:10 | 00,000,000 | ---D | C] -- C:\Documents and Settings\admin\Dane aplikacji\Winamp [2009-05-25 20:39:36 | 09,915,072 | ---- | C] (Nullsoft, Inc.) -- C:\Documents and Settings\admin\Pulpit\winamp5552_full_emusic-7plus_en-us-[www.legalne.info].exe [2009-05-25 13:50:51 | 00,000,697 | ---- | C] () -- C:\Documents and Settings\admin\Pulpit\Metin2 PL.lnk [2009-05-25 13:49:56 | 00,000,000 | ---D | C] -- C:\Program Files\Metin2_PL [2009-05-25 13:35:28 | 00,000,000 | ---D | C] -- C:\Program Files\Valve [2009-05-25 13:35:27 | 00,001,369 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Counter-Strike 1.6.lnk [2009-05-25 12:08:39 | 00,000,000 | ---D | C] -- C:\Program Files\OpenOffice.org 3 [2009-05-25 11:43:48 | 00,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\{83C91755-2546-441D-AC40-9A6B4B860800} [2009-05-25 11:43:42 | 00,000,000 | ---D | C] -- C:\Program Files\Lavasoft [2009-05-25 11:41:39 | 00,000,000 | ---D | C] -- C:\Documents and Settings\admin\Dane aplikacji\.clamwin [2009-05-25 11:41:30 | 00,000,000 | ---D | C] -- C:\Program Files\ClamWin [2009-05-25 11:23:19 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\OpenFM [2009-05-25 11:23:10 | 00,000,000 | ---D | C] -- C:\Documents and Settings\admin\Dane aplikacji\OpenFM [2009-05-22 17:25:45 | 00,000,434 | ---- | C] () -- C:\Documents and Settings\admin\Moje dokumenty\Skrót do Dokumenty udostępnione.lnk [2009-05-22 12:33:10 | 00,000,717 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\OpenFM.lnk [2009-05-22 12:32:28 | 00,000,000 | ---D | C] -- C:\Program Files\Nowe Gadu-Gadu [2009-05-20 16:56:45 | 00,000,000 | ---D | C] -- C:\Documents and Settings\admin\Ustawienia lokalne\temp [2009-05-20 16:51:08 | 00,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe [2009-05-20 16:51:08 | 00,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe [2009-05-20 16:51:08 | 00,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe [2009-05-20 16:51:08 | 00,117,248 | ---- | C] () -- C:\WINDOWS\vFind.exe [2009-05-20 16:51:08 | 00,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe [2009-05-20 16:51:08 | 00,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe [2009-05-20 16:51:08 | 00,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe [2009-05-20 16:51:08 | 00,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe [2009-05-16 10:07:27 | 00,000,000 | ---D | C] -- C:\Program Files\WapSter [2009-05-14 15:26:50 | 00,000,000 | ---D | C] -- C:\Documents and Settings\admin\Dane aplikacji\Help [2009-05-07 20:30:22 | 00,000,000 | ---D | C] -- C:\WINDOWS\ERUNT [2009-05-06 20:32:00 | 00,051,232 | ---- | C] (gkweb) -- C:\Documents and Settings\All Users\Dokumenty\wwdc_[www.programosy.pl].exe [2009-03-12 11:44:30 | 00,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI [2006-10-31 08:35:00 | 01,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll [2006-10-31 08:35:00 | 01,470,464 | ---- | C] () -- C:\WINDOWS\System32\nview.dll [2006-10-31 08:35:00 | 01,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll [2006-10-31 08:35:00 | 00,581,632 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll [2006-10-31 08:35:00 | 00,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll [2006-10-31 08:35:00 | 00,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll [2006-10-31 08:35:00 | 00,196,608 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll [2006-03-02 14:00:00 | 00,000,477 | ---- | C] () -- C:\WINDOWS\win.ini [2006-03-02 14:00:00 | 00,000,263 | ---- | C] () -- C:\WINDOWS\system.ini [color=orange]========== Files - Modified Within 30 Days ==========[/color] [7 C:\WINDOWS\System32\*.tmp files] [2009-05-28 16:49:38 | 00,081,496 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml [2009-05-28 16:48:33 | 00,000,062 | -HS- | M] () -- C:\Documents and Settings\admin\Ustawienia lokalne\desktop.ini [2009-05-28 16:48:30 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2009-05-28 16:46:59 | 00,501,248 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\admin\Pulpit\OTListIt2.exe [2009-05-27 17:49:27 | 00,015,688 | ---- | M] () -- C:\WINDOWS\System32\lsdelete.exe [2009-05-27 15:47:24 | 00,000,653 | ---- | M] () -- C:\Documents and Settings\admin\Pulpit\Gadu-Gadu.lnk [2009-05-27 14:04:52 | 00,005,744 | ---- | M] (MCCI) -- C:\WINDOWS\System32\drivers\k750wh.sys [2009-05-27 14:04:51 | 00,006,144 | ---- | M] (MCCI) -- C:\WINDOWS\System32\drivers\k750cm.sys [2009-05-27 14:04:10 | 00,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn [2009-05-27 14:04:10 | 00,001,409 | ---- | M] () -- C:\WINDOWS\QTFont.for [2009-05-26 11:10:21 | 00,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2009-05-25 20:42:28 | 00,000,664 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Winamp.lnk [2009-05-25 20:42:15 | 00,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx [2009-05-25 20:40:18 | 09,915,072 | ---- | M] (Nullsoft, Inc.) -- C:\Documents and Settings\admin\Pulpit\winamp5552_full_emusic-7plus_en-us-[www.legalne.info].exe [2009-05-25 13:50:51 | 00,000,697 | ---- | M] () -- C:\Documents and Settings\admin\Pulpit\Metin2 PL.lnk [2009-05-25 13:35:28 | 00,001,369 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Counter-Strike 1.6.lnk [2009-05-25 13:32:24 | 00,112,584 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2009-05-25 11:45:47 | 00,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job [2009-05-25 11:45:16 | 00,064,160 | ---- | M] (Lavasoft AB) -- C:\WINDOWS\System32\drivers\Lbd.sys [2009-05-25 11:21:56 | 00,002,259 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Skype.lnk [2009-05-25 11:17:43 | 00,000,477 | ---- | M] () -- C:\WINDOWS\win.ini [2009-05-25 11:17:43 | 00,000,293 | RHS- | M] () -- C:\boot.ini [2009-05-25 11:17:43 | 00,000,263 | ---- | M] () -- C:\WINDOWS\system.ini [2009-05-25 10:00:28 | 00,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2009-05-23 11:05:13 | 00,000,434 | ---- | M] () -- C:\Documents and Settings\admin\Moje dokumenty\Skrót do Dokumenty udostępnione.lnk [2009-05-23 10:56:31 | 00,000,754 | ---- | M] () -- C:\WINDOWS\WORDPAD.INI [2009-05-22 12:33:10 | 00,000,717 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\OpenFM.lnk [2009-05-20 20:16:46 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2009-05-20 16:54:03 | 00,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts [2009-05-14 17:50:08 | 00,117,248 | ---- | M] () -- C:\WINDOWS\vFind.exe [2009-05-11 16:46:54 | 00,001,602 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Mozilla Firefox.lnk [2009-05-07 09:16:29 | 24,699,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MRT.exe [2009-05-06 20:32:00 | 00,051,232 | ---- | M] (gkweb) -- C:\Documents and Settings\All Users\Dokumenty\wwdc_[www.programosy.pl].exe < End of report >

**Posty:** 18165 · przez **wojtas** 28 Maj 2009, 19:40

1.Uruchom OTListIt2 z opcji CleanUp
2. wykonaj optymalizację windowsa
3.Wyłącz przywracanie systemu ( właściwości mój komputer-zakładka przywracanie - wyłącz przywracanie na wszystkich dyskach). Po chwili włącz je powrotem
4. Wykonaj skan Dr. Web CureIt
5. Przeskanuj obszar mojego komputera http://www.kaspersky.pl/virusscanner.html (uruchom przez IE) Daj raport z niego na forum.

i tym (skasuj co znajdzie)

Malwarebytes Anti-Malware

Jeśli masz Adobe Reader to zaaktualizuj go do najnowszej wersji

**Posty:** 190 · przez **mirekg1963** 29 Maj 2009, 13:35

Daje logi z Malwarebytes' Anti-Malware i kaspra

Kod: Zaznacz wszystko: Malwarebytes' Anti-Malware 1.37 Wersja bazy definicji: 2191 Windows 5.1.2600 Dodatek Service Pack 3 2009-05-29 13:23:11 mbam-log-2009-05-29 (13-23-11).txt Typ skanowania: Szybkie skanowanie Przeskanowane obiekty: 74299 Upłynęło: 2 minute(s), 37 second(s) Zainfekowane procesy w pamięci: 0 Zainfekowane moduły pamięci: 0 Zainfekowane klucze rejestru: 3 Zainfekowane wartości rejestru: 0 Zainfekowane pliki rejestru: 0 Zainfekowane foldery: 0 Zainfekowane pliki: 0 Zainfekowane procesy w pamięci: (Nie wykryto groźnych plików) Zainfekowane moduły pamięci: (Nie wykryto groźnych plików) Zainfekowane klucze rejestru: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{37b85a21-692b-4205-9cad-2626e4993404} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{37b85a29-692b-4205-9cad-2626e4993404} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\MyGlobalSearch (Adware.BookedSpace) -> Quarantined and deleted successfully. Zainfekowane wartości rejestru: (Nie wykryto groźnych plików) Zainfekowane pliki rejestru: (Nie wykryto groźnych plików) Zainfekowane foldery: (Nie wykryto groźnych plików) Zainfekowane pliki: (Nie wykryto groźnych plików)

Kod: Zaznacz wszystko: -------------------------------------------------------------------------------- RAPORT KASPERSKY ONLINE SCANNER 7.0 piątek, 29 maj 2009 System operacyjny: Microsoft Windows XP Home Edition Dodatek Service Pack 3 (build 2600) Wersja Kaspersky Online Scanner: 7.0.26.12 Data ostatniej aktualizacji bazy danych: Friday, May 29, 2009 12:02:16 Liczba wpisów: 2270889 -------------------------------------------------------------------------------- Ustawienia skanowania: Typ bazy danych użytej do skanowania: rozszerzona Skanuj archiwa: tak Skanuj pocztowe bazy danych: tak Obszar skanowania - Mój komputer: A:\ C:\ D:\ E:\ F:\ Statystyki skanowania: Przeskanowanych plików: 36299 Nazwa zagrożenia: 0 Zainfekowanych obiektów: 0 Podejrzanych obiektów: 0 Czas skanowania: 00:49:27 Nie wykryto zagrożeń. Obszar skanowania jest czysty. Wybrany obszar został przeskanowany.

chyba jest już wporzo, co?

**Posty:** 18165 · przez **wojtas** 29 Maj 2009, 13:57