
1.sciagnelam Kaspersky Antywirus , skanowanie i wykryl jakies wirusy i trojany.

2. zrobilam wszystko co "zalecane", niby usunięto ale co dalej? bo wczoraj obilam to samo a dzis wyskoczylo mi tyle tego ze nie wiedzialam co klikac.
pomocy!! prosze!!

"BearShare 2 MediaBar" = MediaBar
:OTL
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PavTPK.sys)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (IpInIp)
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD22}: "URL" = http://search.bearshare.com//web?src=ieb&appid=0&systemid=2&sr=0&q={searchTerms}
IE - HKLM\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://search.sweetim.com/search.asp?src=6&q={searchTerms}
IE - HKU\S-1-5-21-2967673108-3909171859-83400821-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&rlz=1I7ADFA_pl
IE - HKU\S-1-5-21-2967673108-3909171859-83400821-1000\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD22}: "URL" = http://search.bearshare.com//web?src=ieb&appid=0&systemid=2&sr=0&q={searchTerms}
IE - HKU\S-1-5-21-2967673108-3909171859-83400821-1000\..\SearchScopes\{AC854C16-CA1E-43f1-8513-0D2F36C726ED}: "URL" = http://www.ffsearching.com/search/?q={searchTerms}&ie=utf-8&oe=utf-8&aq=t
IE - HKU\S-1-5-21-2967673108-3909171859-83400821-1000\..\Se
O2 - BHO: (no name) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKU\S-1-5-21-2967673108-3909171859-83400821-1000\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" File not found
O4 - Startup: C:\Users\Grzesiek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rejestracja FIFA 09.lnk = File not found
O4 - HKLM..\Run: [LanzarP2012tmp] C:\Users\Grzesiek\AppData\Local\Temp\P2012tmp\Install.exe (Panda Security, S.L.)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O33 - MountPoints2\{03c3dc7a-171e-11e0-b2dc-001e3306c627}\Shell\AutoRun\command - "" = D:\w9.exe
O33 - MountPoints2\{03c3dc7a-171e-11e0-b2dc-001e3306c627}\Shell\open\Command - "" = D:\w9.exe
O33 - MountPoints2\{1a16e070-0db2-11de-91ba-001e3306c627}\Shell - "" = AutoRun
O33 - MountPoints2\{1a16e070-0db2-11de-91ba-001e3306c627}\Shell\AutoRun\command - "" = D:\setup.exe AUTORUN=1
O33 - MountPoints2\{75d3ca5b-ce48-11e0-9bd8-001e3306c627}\Shell - "" = AutoRun
O33 - MountPoints2\{75d3ca5b-ce48-11e0-9bd8-001e3306c627}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{75d3ca86-ce48-11e0-9bd8-001e101faa49}\Shell - "" = AutoRun
O33 - MountPoints2\{75d3ca86-ce48-11e0-9bd8-001e101faa49}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{ed40ec22-c1ac-11de-b68a-00f1d000f1d0}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL D:\Recycled\ctfmon.exe
O33 - MountPoints2\{ed40ec22-c1ac-11de-b68a-00f1d000f1d0}\Shell\Open(&0)\command - "" = D:\Recycled\ctfmon.exe
O33 - MountPoints2\{ef3d87eb-a85f-11de-9472-001e3306c627}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL D:\Recycled\ctfmon.exe
O33 - MountPoints2\{ef3d87eb-a85f-11de-9472-001e3306c627}\Shell\Open(&0)\command - "" = D:\Recycled\ctfmon.exe
[2012-03-06 01:07:41 | 000,000,352 | -HS- | C] () -- C:\Users\Grzesiek\Documents\desktop (3).ini
[2012-03-06 01:07:40 | 000,000,282 | -HS- | C] () -- C:\Users\Grzesiek\Documents\desktop (2).ini
:Files
C:\Users\Grzesiek\AppData\Local\Temp*.html
:Reg
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2]
:Commands
[emptytemp]
[resethosts]
[emptyflash]
rmonika5 napisał(a):wiadomoscią ze plik Inicio.exe nie dziala,
:OTL
O2 - BHO: (no name) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - No CLSID value found.
O2 - BHO: (UrlHelper Class) - {74322BF9-DF26-493f-B0DA-6D2FC5E6429E} - C:\Program Files\BearShare Applications\MediaBar\Datamngr\IEBHO.dll (MusicLab, LLC)
O2 - BHO: (MediaBar) - {c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} - C:\Program Files\BearShare Applications\MediaBar\Datamngr\ToolBar\bsdtxmltbpi.dll ()
O3 - HKLM\..\Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O3 - HKLM\..\Toolbar: (MediaBar) - {c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} - C:\Program Files\BearShare Applications\MediaBar\Datamngr\ToolBar\bsdtxmltbpi.dll ()
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKU\S-1-5-21-2967673108-3909171859-83400821-1000\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [LanzarP2012tmp] C:\Users\Grzesiek\AppData\Local\Temp\P2012tmp\Install.exe (Panda Security, S.L.)
O4 - Startup: C:\Users\Grzesiek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rejestracja FIFA 09.lnk = File not found
O20 - AppInit_DLLs: (C:\PROGRA~1\BEARSH~1\MediaBar\Datamngr\datamngr.dll) - C:\Program Files\BearShare Applications\MediaBar\Datamngr\datamngr.dll (MusicLab, LLC)
O20 - AppInit_DLLs: (C:\PROGRA~1\BEARSH~1\MediaBar\Datamngr\IEBHO.dll) - C:\Program Files\BearShare Applications\MediaBar\Datamngr\IEBHO.dll (MusicLab, LLC)
O33 - MountPoints2\{03c3dc7a-171e-11e0-b2dc-001e3306c627}\Shell\AutoRun\command - "" = D:\w9.exe
O33 - MountPoints2\{03c3dc7a-171e-11e0-b2dc-001e3306c627}\Shell\open\Command - "" = D:\w9.exe
O33 - MountPoints2\{1a16e070-0db2-11de-91ba-001e3306c627}\Shell - "" = AutoRun
O33 - MountPoints2\{1a16e070-0db2-11de-91ba-001e3306c627}\Shell\AutoRun\command - "" = D:\setup.exe AUTORUN=1
O33 - MountPoints2\{75d3ca5b-ce48-11e0-9bd8-001e3306c627}\Shell - "" = AutoRun
O33 - MountPoints2\{75d3ca5b-ce48-11e0-9bd8-001e3306c627}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{75d3ca86-ce48-11e0-9bd8-001e101faa49}\Shell - "" = AutoRun
O33 - MountPoints2\{75d3ca86-ce48-11e0-9bd8-001e101faa49}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{ed40ec22-c1ac-11de-b68a-00f1d000f1d0}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL D:\Recycled\ctfmon.exe
O33 - MountPoints2\{ed40ec22-c1ac-11de-b68a-00f1d000f1d0}\Shell\Open(&0)\command - "" = D:\Recycled\ctfmon.exe
O33 - MountPoints2\{ef3d87eb-a85f-11de-9472-001e3306c627}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL D:\Recycled\ctfmon.exe
O33 - MountPoints2\{ef3d87eb-a85f-11de-9472-001e3306c627}\Shell\Open(&0)\command - "" = D:\Recycled\ctfmon.exe
[2012-03-06 01:07:41 | 000,000,352 | -HS- | C] () -- C:\Users\Grzesiek\Documents\desktop (3).ini
[2012-03-06 01:07:40 | 000,000,282 | -HS- | C] () -- C:\Users\Grzesiek\Documents\desktop (2).ini
[2012-02-06 14:42:00 | 000,000,406 | ---- | M] () -- C:\Windows\Tasks\EasyShare Registration Task.job
:Files
C:\Users\Grzesiek\AppData\Local\Temp*.html
C:\Program Files\BearShare Applications\MediaBar
:Reg
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2]
:Commands
[emptytemp]
[emptyflash]
:OTL
SRV - [2011-03-15 15:03:28 | 000,157,504 | ---- | M] (Panda Security, S.L.) [Auto | Stopped] -- C:\Program Files\Panda Security\Panda Antivirus Pro 2012\TPSrv.exe -- (TPSrv)
SRV - [2010-10-20 15:49:18 | 000,202,048 | ---- | M] (Panda Security, S.L.) [Auto | Stopped] -- C:\Program Files\Panda Security\Panda Antivirus Pro 2012\PavFnSvr.exe -- (PAVFNSVR)
SRV - [2010-08-16 14:54:46 | 000,028,992 | ---- | M] (Panda Security, S.L.) [Auto | Running] -- C:\Program Files\Panda Security\Panda Antivirus Pro 2012\PskSvc.exe -- (PskSvcRetail)
SRV - [2010-06-04 10:37:50 | 000,314,176 | ---- | M] (Panda Security, S.L.) [Auto | Stopped] -- C:\Program Files\Panda Security\Panda Antivirus Pro 2012\pavsrvx86.exe -- (PAVSRV)
SRV - [2009-08-10 14:46:08 | 000,173,312 | ---- | M] (Panda Security, S.L.) [Auto | Stopped] -- C:\Program Files\Panda Security\Panda Antivirus Pro 2012\PsCtrls.exe -- (Panda Software Controller)
SRV - [2008-06-19 12:59:50 | 000,108,288 | ---- | M] (Panda Security S.L.) [Auto | Stopped] -- C:\Program Files\Panda Security\Panda Antivirus Pro 2012\PsImSvc.exe -- (PSIMSVC)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PavTPK.sys)
DRV - [2011-02-21 14:38:32 | 000,037,448 | ---- | M] (Panda Security, S.L.) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\ShlDrv51.sys -- (ShldDrv)
DRV - [2010-06-22 18:13:00 | 000,026,696 | ---- | M] (Panda Security, S.L.) [File_System | Boot | Stopped] -- C:\Windows\system32\Drivers\pavboot.sys -- (pavboot)
DRV - [2010-05-21 13:50:40 | 000,054,344 | ---- | M] (Panda Security, S.L.) [File_System | Auto | Stopped] -- C:\Windows\System32\drivers\amm8660.sys -- (AmFSM)
DRV - [2010-05-06 17:11:58 | 000,163,848 | ---- | M] (Panda Security, S.L.) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\PavProc.sys -- (PavProc)
O4 - HKLM..\Run: [SCANINICIO] C:\Program Files\Panda Security\Panda Antivirus Pro 2012\Inicio.exe (Panda Security, S.L.)
O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\ProgramData\Gadu-Gadu 10\_userdata\ggbho.2.dll File not found
O4 - HKLM..\Run: [APVXDWIN] C:\Program Files\Panda Security\Panda Antivirus Pro 2012\APVXDWIN.EXE (Panda Security, S.L.)
2012-03-03 23:21:44 | 000,026,696 | ---- | C] (Panda Security, S.L.) -- C:\Windows\System32\drivers\pavboot.sys
[2012-03-03 23:21:44 | 000,026,696 | ---- | C] (Panda Security, S.L.) -- C:\Windows\System32\drivers\pavboot(6085).sys
[2012-03-03 23:20:46 | 000,054,832 | ---- | C] (Panda Software) -- C:\Windows\System32\pavcpl.cpl
[2012-03-03 23:20:46 | 000,054,832 | ---- | C] (Panda Software) -- C:\Windows\System32\pavcpl(6090).cpl
[2012-03-03 23:20:39 | 000,446,464 | ---- | C] (eHelp Corporation.) -- C:\Windows\System32\HHActiveX.dll
[2012-03-03 23:20:36 | 000,193,344 | ---- | C] (Panda Security, S.L.) -- C:\Windows\System32\TpUtil.dll
[2012-03-03 23:20:36 | 000,193,344 | ---- | C] (Panda Security, S.L.) -- C:\Windows\System32\TpUtil(6095).dll
[2012-03-03 23:20:36 | 000,107,568 | ---- | C] (Panda Software) -- C:\Windows\System32\SYSTOOLS.DLL
[2012-03-03 23:20:36 | 000,107,568 | ---- | C] (Panda Software) -- C:\Windows\System32\SYSTOOLS(6094).DLL
[2012-03-03 23:20:36 | 000,087,360 | ---- | C] (Panda Security, S.L.) -- C:\Windows\System32\PavLspHook.dll
[2012-03-03 23:20:36 | 000,087,360 | ---- | C] (Panda Security, S.L.) -- C:\Windows\System32\PavLspHook(6092).dll
[2012-03-03 23:20:36 | 000,055,616 | ---- | C] (Panda Security, S.L.) -- C:\Windows\System32\pavipc.dll
[2012-03-03 23:20:36 | 000,055,616 | ---- | C] (Panda Security, S.L.) -- C:\Windows\System32\pavipc(6091).dll
[2012-03-03 23:20:35 | 000,520,000 | ---- | C] (Panda Security, S.L.) -- C:\Windows\System32\PavSHook.dll
[2012-03-03 23:20:35 | 000,520,000 | ---- | C] (Panda Security, S.L.) -- C:\Windows\System32\PavSHook(6093).dll
[2012-03-03 23:20:33 | 000,054,344 | ---- | C] (Panda Security, S.L.) -- C:\Windows\System32\drivers\amm8660.sys
[2012-03-03 23:20:33 | 000,054,344 | ---- | C] (Panda Security, S.L.) -- C:\Windows\System32\drivers\amm8660(6084).sys
[2012-03-03 23:20:33 | 000,000,000 | ---D | C] -- C:\Program Files\Panda Security(6076)
[2012-03-03 23:20:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Panda Security
[2012-03-03 23:20:33 | 000,000,000 | ---D | C] -- C:\Program Files\Panda Security
[2012-03-03 23:19:54 | 000,163,848 | ---- | C] (Panda Security, S.L.) -- C:\Windows\System32\drivers\PavProc.sys
[2012-03-03 23:19:54 | 000,163,848 | ---- | C] (Panda Security, S.L.) -- C:\Windows\System32\drivers\PavProc(6086).sys
[2012-03-03 23:19:54 | 000,037,448 | ---- | C] (Panda Security, S.L.) -- C:\Windows\System32\drivers\ShlDrv51.sys
[2012-03-03 23:19:54 | 000,037,448 | ---- | C] (Panda Security, S.L.) -- C:\Windows\System32\drivers\ShlDrv51(6087).sys
[2012-03-03 23:19:54 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Panda Security(6074)
[2012-03-03 23:19:54 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Panda Security
:Services
(TPSrv
PAVFNSVR
PskSvcRetail
PAVSRV
Panda Software Controller
PSIMSVC
PavTPK.sys
ShldDrv
pavboot
AmFSM
PavProc
:Commands
[emptytemp]
[emptyflash]
:OTL
O4 - HKLM..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" File not found
:Services
PavPrSrv
:Commands
[emptytemp]
[emptyflash]
Użytkownicy przeglądający to forum: Brak zarejestrowanych użytkowników oraz 5 gości