Jak usunąć wyszukiwarkę "fast browser search"?

[nomik]

Mam problem z usunięciem uporczywej w/w wyszukiwarki.Nie wiem jak to zrobić.

[Andziorka]

Daj loga z OTL.

[nomik]

log z OTL:

Kod: Zaznacz wszystko

OTL logfile created on: 2009-11-20 19:59:35 - Run 4
OTL by OldTimer - Version 3.1.6.0     Folder = C:\Documents and Settings\BX\Pulpit
Windows XP Professional Edition Dodatek Service Pack. 1 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2800.1106)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

255,48 Mb Total Physical Memory | 41,38 Mb Available Physical Memory | 16,20% Memory free
618,23 Mb Paging File | 355,98 Mb Available in Paging File | 57,58% Paging File free
Paging file location(s): C:\pagefile.sys 384 768 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 24,41 Gb Total Space | 2,52 Gb Free Space | 10,33% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 24,90 Gb Total Space | 2,30 Gb Free Space | 9,25% Space Free | Partition Type: NTFS
Drive F: | 25,20 Gb Total Space | 1,39 Gb Free Space | 5,52% Space Free | Partition Type: NTFS
Drive G: | 319,37 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: BX
Current User Name: BX
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: On
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2009-11-19 19:38:00 | 00,529,408 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\BX\Pulpit\OTL.exe
PRC - [2009-10-28 16:06:27 | 00,307,704 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2008-12-12 19:11:03 | 00,185,872 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe
PRC - [2008-07-30 09:36:56 | 01,361,192 | ---- | M] (Sunbelt Software, Inc.) -- C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe
PRC - [2008-07-30 09:36:54 | 01,705,256 | ---- | M] (Sunbelt Software, Inc.) -- C:\Program Files\Sunbelt Software\Personal Firewall\SbPFCl.exe
PRC - [2008-06-10 03:27:04 | 00,144,784 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
PRC - [2008-03-20 11:04:46 | 02,127,296 | ---- | M] (Gadu-Gadu S.A.) -- C:\Program Files\Gadu-Gadu\gg.exe
PRC - [2006-03-03 20:03:10 | 00,069,632 | ---- | M] (HP) -- C:\WINDOWS\system32\HPZipm12.exe
PRC - [2006-01-17 14:59:33 | 00,126,976 | ---- | M] () -- C:\WINDOWS\system32\UAService7.exe
PRC - [2005-01-28 12:44:28 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wdfmgr.exe
PRC - [2004-10-29 15:50:00 | 00,127,043 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe
PRC - [2002-09-20 18:05:24 | 01,005,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe


[color=#E56717]========== Modules (SafeList) ==========[/color]

MOD - [2009-11-19 19:38:00 | 00,529,408 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\BX\Pulpit\OTL.exe
MOD - [2006-05-03 21:53:54 | 00,174,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\framedyn.dll
MOD - [2002-09-20 18:03:32 | 00,921,600 | R--- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.10.0_x-ww_f7fb5805\comctl32.dll


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - [2009-09-24 17:39:26 | 00,000,000 | ---- | M] () -- C:\WINDOWS\system32\UTSCSI.EXE -- (UTSCSI)
SRV - [2008-07-30 09:36:56 | 01,361,192 | ---- | M] (Sunbelt Software, Inc.) -- C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe -- (SPF4)
SRV - [2008-07-30 09:36:54 | 00,095,528 | ---- | M] (Sunbelt Software, Inc.) -- C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe -- (SbPF.Launcher)
SRV - [2006-03-03 20:03:10 | 00,069,632 | ---- | M] (HP) -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)
SRV - [2006-01-17 14:59:33 | 00,126,976 | ---- | M] () -- C:\WINDOWS\system32\UAService7.exe -- (UserAccess7)
SRV - [2005-11-14 01:06:04 | 00,069,632 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2005-09-23 06:28:56 | 00,066,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2005-09-23 06:28:32 | 00,029,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state)
SRV - [2005-01-28 12:44:28 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wdfmgr.exe -- (UMWdf)
SRV - [2004-10-29 15:50:00 | 00,127,043 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe -- (NVSvc)
SRV - [2004-08-25 12:26:56 | 00,389,120 | ---- | M] () -- C:\WINDOWS\system32\ati2evxx.exe -- (Ati HotKey Poller)
SRV - [2004-08-25 11:52:00 | 00,516,096 | ---- | M] () -- C:\WINDOWS\system32\ati2sgag.exe -- (ATI Smart)
SRV - [2002-09-20 18:04:38 | 00,029,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (uploadmgr)
SRV - [2002-09-20 18:04:38 | 00,029,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - [2009-04-28 21:20:06 | 00,044,944 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20)
DRV - [2008-10-16 22:00:53 | 00,005,632 | ---- | M] () -- C:\WINDOWS\system32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2008-07-16 08:57:40 | 00,269,736 | R--- | M] (Sunbelt Software, Inc.) -- C:\WINDOWS\system32\drivers\SbFw.sys -- (SbFw)
DRV - [2008-07-08 13:54:02 | 00,148,496 | ---- | M] (Kaspersky Lab) -- C:\WINDOWS\system32\drivers\86456500.sys -- (is-S8MR5drv)
DRV - [2008-07-04 22:35:54 | 00,163,644 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv)
DRV - [2008-06-21 03:54:54 | 00,066,600 | R--- | M] (Sunbelt Software, Inc.) -- C:\WINDOWS\system32\drivers\sbhips.sys -- (sbhips)
DRV - [2008-06-21 03:54:54 | 00,065,576 | ---- | M] (Sunbelt Software, Inc.) -- C:\WINDOWS\system32\drivers\SbFwIm.sys -- (SBFWIMCL)
DRV - [2006-11-30 15:14:22 | 00,090,800 | R--- | M] (MCCI) -- C:\WINDOWS\system32\drivers\se45unic.sys -- (se45unic)
DRV - [2006-11-30 15:14:14 | 00,086,432 | R--- | M] (MCCI) -- C:\WINDOWS\system32\drivers\se45obex.sys -- (se45obex)
DRV - [2006-11-30 15:14:10 | 00,088,624 | R--- | M] (MCCI) -- C:\WINDOWS\system32\drivers\se45mgmt.sys -- (se45mgmt)
DRV - [2006-11-30 15:14:10 | 00,018,704 | R--- | M] (MCCI) -- C:\WINDOWS\system32\drivers\se45nd5.sys -- (se45nd5)
DRV - [2006-11-30 15:14:04 | 00,097,088 | R--- | M] (MCCI) -- C:\WINDOWS\system32\drivers\se45mdm.sys -- (se45mdm)
DRV - [2006-11-30 15:14:04 | 00,009,360 | R--- | M] (MCCI) -- C:\WINDOWS\system32\drivers\se45mdfl.sys -- (se45mdfl)
DRV - [2006-11-30 15:13:56 | 00,061,536 | R--- | M] (MCCI) -- C:\WINDOWS\system32\drivers\se45bus.sys -- (se45bus)
DRV - [2006-04-12 11:04:39 | 00,049,664 | R--- | M] (HP) -- C:\WINDOWS\system32\drivers\HPZid412.sys -- (HPZid412)
DRV - [2006-04-12 11:04:39 | 00,021,568 | R--- | M] (HP) -- C:\WINDOWS\system32\drivers\HPZius12.sys -- (HPZius12)
DRV - [2006-04-12 11:04:39 | 00,016,496 | R--- | M] (HP) -- C:\WINDOWS\system32\drivers\HPZipr12.sys -- (HPZipr12)
DRV - [2005-08-30 00:49:38 | 00,094,000 | ---- | M] (MCCI) -- C:\WINDOWS\system32\drivers\ssm_mdm.sys -- (ssm_mdm)
DRV - [2005-08-30 00:49:34 | 00,008,336 | ---- | M] (MCCI) -- C:\WINDOWS\system32\drivers\ssm_mdfl.sys -- (ssm_mdfl)
DRV - [2005-08-30 00:47:38 | 00,058,320 | ---- | M] (MCCI) -- C:\WINDOWS\system32\drivers\ssm_bus.sys -- (ssm_bus)
DRV - [2004-10-29 15:50:00 | 02,826,944 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2004-08-25 12:28:46 | 00,787,456 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2004-08-23 16:21:12 | 00,821,760 | ---- | M] (C-Media Inc) -- C:\WINDOWS\system32\drivers\cmuda.sys -- (cmuda)
DRV - [2004-08-22 15:31:48 | 00,005,248 | ---- | M] ( ) -- C:\WINDOWS\System32\Drivers\d347prt.sys -- (d347prt)
DRV - [2004-08-22 15:31:10 | 00,155,136 | ---- | M] ( ) -- C:\WINDOWS\System32\DRIVERS\d347bus.sys -- (d347bus)
DRV - [2004-03-08 12:55:50 | 00,013,567 | ---- | M] (B.H.A Corporation) -- C:\WINDOWS\system32\drivers\CDRBSDRV.SYS -- (cdrbsdrv)
DRV - [2003-11-11 11:41:08 | 00,041,984 | R--- | M] (VIA Technologies, Inc.              ) -- C:\WINDOWS\system32\drivers\fetnd5b.sys -- (FETNDISB)
DRV - [2003-10-31 04:22:38 | 00,077,312 | R--- | M] (VIA Technologies inc,.ltd) -- C:\WINDOWS\System32\DRIVERS\viasraid.sys -- (viasraid)
DRV - [2003-07-17 09:10:06 | 00,007,040 | R--- | M] (VIA Networking Technologies, Inc.       ) -- C:\WINDOWS\system32\ntsim.sys -- (NTSIM)
DRV - [2003-07-02 03:42:00 | 00,027,904 | ---- | M] (VIA Technologies, Inc.) -- C:\WINDOWS\System32\DRIVERS\viaagp1.sys -- (viaagp1)
DRV - [2002-08-29 01:32:44 | 00,009,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2002-08-29 01:32:32 | 00,056,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio)
DRV - [2002-08-26 20:24:14 | 00,015,872 | ---- | M] () -- C:\Documents and Settings\BX\Ustawienia lokalne\Temp\gsplittm.sys -- (gsplittm)
DRV - [2001-10-26 16:05:44 | 00,006,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\serscan.sys -- (StillCam)
DRV - [2001-08-17 22:49:56 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink)
DRV - [2001-08-17 22:00:04 | 00,002,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\msmpu401.sys -- (ms_mpu401)
DRV - [2001-08-17 20:13:08 | 00,027,165 | ---- | M] (VIA Technologies, Inc.              ) -- C:\WINDOWS\system32\drivers\fetnd5.sys -- (FETNDIS)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Local Page = http://www.Google.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm


IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-20\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-2000478354-1958367476-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-2000478354-1958367476-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\System32\blank.htm
IE - HKU\S-1-5-21-2000478354-1958367476-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-2000478354-1958367476-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKU\S-1-5-21-2000478354-1958367476-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-2000478354-1958367476-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-2000478354-1958367476-725345543-1003\S-1-5-21-2000478354-1958367476-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.defaultenginename: "Fast Browser Search"
FF - prefs.js..browser.search.defaultthis.engineName: "Fast Browser Search"
FF - prefs.js..browser.search.defaulturl: "http://www.fastbrowsersearch.com/results/results.aspx?s=DEF&v=19&q="
FF - prefs.js..browser.search.order.1: "Fast Browser Search"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.onet.pl/"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}:6.0.07
FF - prefs.js..extensions.enabledItems: {46551EC9-40F0-4e47-8E18-8E5CF550CFB8}:1.0.6
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.15
FF - prefs.js..keyword.URL: "http://www.fastbrowsersearch.com/results/results.aspx?s=NAUS&v=19&tid={DF8D665E-37CD-D33F-1366-7C1123175934}&q="

FF - HKLM\software\mozilla\Mozilla Firefox 3.0.15\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009-10-29 20:14:29 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.15\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009-10-28 16:06:31 | 00,000,000 | ---D | M]

[2008-08-20 18:00:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\BX\Dane aplikacji\Mozilla\Extensions
[2008-08-20 18:00:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\BX\Dane aplikacji\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009-11-20 19:35:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\BX\Dane aplikacji\Mozilla\Firefox\Profiles\opo2ppz3.default\extensions
[2009-10-21 17:09:13 | 00,000,000 | ---D | M] -- C:\Documents and Settings\BX\Dane aplikacji\Mozilla\Firefox\Profiles\opo2ppz3.default\extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}
[2009-11-13 15:48:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\BX\Dane aplikacji\Mozilla\Firefox\Profiles\opo2ppz3.default\extensions\{C2DCA7EB-22D2-4FD2-86A9-F99FCC8122BB}
[2009-06-02 14:45:10 | 00,000,892 | ---- | M] () -- C:\Documents and Settings\BX\Dane aplikacji\Mozilla\Firefox\Profiles\opo2ppz3.default\searchplugins\conduit.xml
[2008-12-10 18:07:28 | 00,001,823 | ---- | M] () -- C:\Documents and Settings\BX\Dane aplikacji\Mozilla\Firefox\Profiles\opo2ppz3.default\searchplugins\skapiecpl.xml
[2009-11-20 19:35:14 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2009-10-28 16:06:31 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2008-08-21 19:36:16 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}
[2008-08-22 21:21:32 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
[2009-10-28 16:06:27 | 00,023,032 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browserdirprovider.dll
[2009-10-28 16:06:27 | 00,134,648 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\brwsrcmp.dll
[2008-09-30 14:03:24 | 00,120,296 | ---- | M] ( ) -- C:\Program Files\Mozilla Firefox\plugins\npganymedenet.dll
[2009-10-28 16:06:28 | 00,065,528 | ---- | M] (mozilla.org) -- C:\Program Files\Mozilla Firefox\plugins\npnul32.dll
[2008-12-12 19:11:12 | 00,144,960 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll
[2008-12-12 19:11:26 | 00,008,192 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\nprjplug.dll
[2008-12-12 19:11:10 | 00,094,208 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll
[2008-06-24 18:04:54 | 00,636,400 | ---- | M] (Ganymede Technologies) -- C:\Program Files\Mozilla Firefox\plugins\NPSNOOKER.dll
[2009-07-25 08:04:04 | 00,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml
[2009-11-12 22:57:26 | 00,003,700 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fast.png
[2009-11-12 22:57:26 | 00,001,963 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fast.xml
[2009-02-05 20:50:47 | 00,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml
[2009-02-05 20:50:47 | 00,001,706 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\google.xml
[2009-02-05 20:50:47 | 00,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml
[2009-02-05 20:50:47 | 00,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml
[2009-02-05 20:50:47 | 00,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml
[2009-02-05 20:50:47 | 00,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml

O1 HOSTS File: (742 bytes) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll (Sun Microsystems, Inc.)
O3 - HKU\S-1-5-21-2000478354-1958367476-725345543-1003\..\Toolbar\ShellBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll File not found
O3 - HKU\S-1-5-21-2000478354-1958367476-725345543-1003\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll File not found
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe (NVIDIA Corporation)
O4 - HKLM..\Run: [SGPUpdater] C:\Program Files\Search Guard PlusU\sgpUpdaters.exe ()
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [WMC_AutoUpdate]  File not found
O4 - HKU\S-1-5-21-2000478354-1958367476-725345543-1003..\Run: [Gadu-Gadu] C:\Program Files\Gadu-Gadu\gg.exe (Gadu-Gadu S.A.)
O4 - HKU\S-1-5-21-2000478354-1958367476-725345543-1003..\Run: [Skype] C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.)
O7 - HKU\S-1-5-21-2000478354-1958367476-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 91 00 00 00  [binary data]
O7 - HKU\S-1-5-21-2000478354-1958367476-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-2000478354-1958367476-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideLegacyLogonScripts = 0
O7 - HKU\S-1-5-21-2000478354-1958367476-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideLogoffScripts = 0
O7 - HKU\S-1-5-21-2000478354-1958367476-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: RunLogonScriptSync = 1
O7 - HKU\S-1-5-21-2000478354-1958367476-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: RunStartupScriptSync = 0
O7 - HKU\S-1-5-21-2000478354-1958367476-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideStartupScripts = 0
O7 - HKU\S-1-5-21-2000478354-1958367476-725345543-1003_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: Translate into English - C:\Program Files\Google\GoogleToolbar1.dll File not found
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\npjpi160_07.dll (Sun Microsystems, Inc.)
O15 - HKU\S-1-5-21-2000478354-1958367476-725345543-1003\..Trusted Domains:   ([]msn in Mój komputer)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 172.24.128.1
O18 - Protocol\Handler\cdo {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\vnd.ms.radio {3DA2AA3B-3D96-11D2-9BD2-204C4F4F5020} - C:\WINDOWS\system32\msdxm.ocx (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll ()
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [1999-09-02 20:48:08 | 00,000,914 | R--- | M] () - G:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck) -  File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) -  File not found
O35 - comfile [open] -- "%1" %* File not found
O35 - exefile [open] -- "%1" %* File not found

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2009-11-20 18:14:22 | 00,000,000 | ---D | C] -- C:\Documents and Settings\BX\Dane aplikacji\Malwarebytes
[2009-11-20 18:14:15 | 00,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009-11-20 18:14:13 | 00,018,520 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009-11-20 18:14:13 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009-11-20 18:14:13 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Malwarebytes
[2009-11-20 18:13:19 | 04,045,544 | ---- | C] (Malwarebytes Corporation                                    ) -- C:\Documents and Settings\BX\Pulpit\mbam-setup.exe
[2009-11-19 20:11:44 | 00,000,000 | ---D | C] -- C:\ERDNT
[2009-11-19 20:11:43 | 00,000,000 | ---D | C] -- C:\WINDOWS\ERUNT
[2009-11-19 20:11:37 | 00,000,000 | ---D | C] -- C:\!FixIEDef
[2009-11-19 20:11:12 | 01,130,036 | ---- | C] (Malwareteks.com) -- C:\Documents and Settings\BX\Pulpit\FixIEDef.exe
[2009-11-19 19:37:59 | 00,529,408 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\BX\Pulpit\OTL.exe
[2009-11-14 20:19:19 | 01,826,608 | ---- | C] (Emsi Software GmbH                                          ) -- C:\Documents and Settings\BX\Pulpit\a2HiJackFreeSetup.exe
[2009-11-12 22:58:27 | 00,000,000 | ---D | C] -- C:\Program Files\Search Guard PlusU
[2009-11-12 22:58:24 | 00,000,000 | ---D | C] -- C:\Program Files\SGPSA
[2009-10-30 21:50:11 | 00,000,000 | ---D | C] -- C:\Documents and Settings\BX\Dane aplikacji\Audacity
[2009-10-30 21:49:52 | 00,000,000 | ---D | C] -- C:\Program Files\Audacity 1.3 Beta (Unicode)
[2009-10-30 21:48:31 | 08,250,308 | ---- | C] (Audacity Team                                               ) -- C:\Documents and Settings\BX\Pulpit\audacity-win-unicode-1.3.9.exe
[2009-05-17 09:21:24 | 00,155,136 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\d347bus.sys
[2009-05-17 09:21:24 | 00,005,248 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\d347prt.sys
[2008-08-20 17:58:56 | 08,215,056 | ---- | C] (Mozilla) -- C:\Program Files\Firefox Setup 3.0.1.exe
[2004-08-25 13:22:08 | 00,151,552 | ---- | C] ( ) -- C:\WINDOWS\System32\ATIDEMGR.dll
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2009-11-20 19:23:47 | 00,017,145 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2009-11-20 19:23:19 | 05,242,880 | -H-- | M] () -- C:\Documents and Settings\BX\NTUSER.DAT
[2009-11-20 19:23:17 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009-11-20 19:22:11 | 00,000,190 | -HS- | M] () -- C:\Documents and Settings\BX\ntuser.ini
[2009-11-20 18:14:18 | 00,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Malwarebytes' Anti-Malware.lnk
[2009-11-20 18:13:50 | 04,045,544 | ---- | M] (Malwarebytes Corporation                                    ) -- C:\Documents and Settings\BX\Pulpit\mbam-setup.exe
[2009-11-20 17:28:30 | 00,083,968 | ---- | M] () -- C:\Documents and Settings\BX\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009-11-20 15:50:47 | 00,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2009-11-19 20:11:28 | 01,130,036 | ---- | M] (Malwareteks.com) -- C:\Documents and Settings\BX\Pulpit\FixIEDef.exe
[2009-11-19 19:38:50 | 00,524,660 | ---- | M] () -- C:\Documents and Settings\BX\Pulpit\OTL.rar
[2009-11-19 19:38:00 | 00,529,408 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\BX\Pulpit\OTL.exe
[2009-11-15 20:41:54 | 00,000,767 | ---- | M] () -- C:\Documents and Settings\BX\Pulpit\EVEREST Home Edition.lnk
[2009-11-15 20:40:21 | 04,157,804 | ---- | M] () -- C:\Documents and Settings\BX\Pulpit\everesthome220_[www.programosy.pl].zip
[2009-11-15 00:12:36 | 00,000,192 | ---- | M] () -- C:\WINDOWS\winamp.ini
[2009-11-14 20:19:30 | 01,826,608 | ---- | M] (Emsi Software GmbH                                          ) -- C:\Documents and Settings\BX\Pulpit\a2HiJackFreeSetup.exe
[2009-11-12 23:15:19 | 03,188,928 | -H-- | M] () -- C:\Documents and Settings\BX\Ustawienia lokalne\Dane aplikacji\IconCache.db
[2009-11-12 21:37:03 | 00,009,297 | ---- | M] () -- C:\WINDOWS\System32\QuickTime.qtp
[2009-10-30 21:54:09 | 01,453,614 | ---- | M] () -- C:\Documents and Settings\BX\Pulpit\lame3.98-2_[www.programosy.pl.zip
[2009-10-30 21:50:05 | 00,000,729 | ---- | M] () -- C:\Documents and Settings\BX\Pulpit\Audacity 1.3 Beta (Unicode).lnk
[2009-10-30 21:49:36 | 08,250,308 | ---- | M] (Audacity Team                                               ) -- C:\Documents and Settings\BX\Pulpit\audacity-win-unicode-1.3.9.exe
[2009-10-25 09:05:44 | 01,012,668 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009-10-25 09:05:44 | 00,457,678 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat
[2009-10-25 09:05:44 | 00,401,064 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009-10-25 09:05:44 | 00,079,188 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat
[2009-10-25 09:05:44 | 00,062,344 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2009-10-24 20:00:33 | 00,000,000 | ---- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\LauncherAccess.dt
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2009-11-20 18:14:18 | 00,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Malwarebytes' Anti-Malware.lnk
[2009-11-19 19:38:50 | 00,524,660 | ---- | C] () -- C:\Documents and Settings\BX\Pulpit\OTL.rar
[2009-11-15 20:41:54 | 00,000,767 | ---- | C] () -- C:\Documents and Settings\BX\Pulpit\EVEREST Home Edition.lnk
[2009-11-15 20:39:44 | 04,157,804 | ---- | C] () -- C:\Documents and Settings\BX\Pulpit\everesthome220_[www.programosy.pl].zip
[2009-10-30 21:53:58 | 01,453,614 | ---- | C] () -- C:\Documents and Settings\BX\Pulpit\lame3.98-2_[www.programosy.pl.zip
[2009-10-30 21:50:05 | 00,000,729 | ---- | C] () -- C:\Documents and Settings\BX\Pulpit\Audacity 1.3 Beta (Unicode).lnk
[2009-01-21 23:08:40 | 03,188,928 | -H-- | C] () -- C:\Documents and Settings\BX\Ustawienia lokalne\Dane aplikacji\IconCache.db
[2008-11-14 18:43:54 | 00,028,672 | ---- | C] () -- C:\WINDOWS\System32\cmirmdrv.dll
[2008-10-13 16:27:33 | 00,007,680 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2008-10-13 16:27:33 | 00,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2008-09-22 22:10:35 | 00,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2008-09-22 22:10:33 | 00,755,027 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2008-09-22 22:10:33 | 00,159,839 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2008-09-22 22:10:32 | 03,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2008-07-04 22:32:30 | 00,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2008-06-04 19:03:10 | 00,000,000 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\LauncherAccess.dt
[2008-06-04 19:02:18 | 00,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2008-06-04 18:46:32 | 00,000,355 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\hpzinstall.log
[2008-06-04 18:46:22 | 00,077,824 | R--- | C] () -- C:\WINDOWS\System32\HPZIDS01.dll
[2008-02-17 18:15:36 | 00,000,127 | ---- | C] () -- C:\Documents and Settings\BX\Ustawienia lokalne\Dane aplikacji\fusioncache.dat
[2007-06-29 12:43:44 | 00,000,169 | ---- | C] () -- C:\WINDOWS\SCRANTIC.INI
[2007-06-29 12:40:22 | 00,000,034 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2007-06-29 12:31:16 | 00,000,066 | ---- | C] () -- C:\WINDOWS\Media Jukebox.INI
[2007-06-29 12:27:53 | 00,000,066 | ---- | C] () -- C:\WINDOWS\MEDIAJ~1.INI
[2007-06-29 12:27:23 | 00,122,880 | ---- | C] () -- C:\WINDOWS\System32\libsnd.dll
[2007-06-29 12:27:14 | 00,000,000 | ---- | C] () -- C:\WINDOWS\PROTOCOL.INI
[2006-11-04 18:10:45 | 00,164,352 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2006-11-04 17:58:40 | 00,019,968 | ---- | C] () -- C:\WINDOWS\System32\cpuinf32.dll
[2006-08-14 19:21:03 | 00,499,832 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll
[2006-08-14 19:20:59 | 00,345,088 | ---- | C] () -- C:\WINDOWS\System32\ShrLk21.dll
[2006-08-14 19:20:57 | 00,547,328 | ---- | C] () -- C:\WINDOWS\System32\DGVorbis.dll
[2006-01-17 14:59:33 | 00,090,112 | ---- | C] () -- C:\WINDOWS\System32\CmdLineExt.dll
[2005-11-28 17:53:46 | 00,258,048 | ---- | C] () -- C:\Documents and Settings\BX\Dane aplikacji\face2faceDB-Elementary.MDB
[2005-11-20 12:51:32 | 00,001,104 | ---- | C] () -- C:\WINDOWS\bestplayer.ini
[2005-08-13 16:54:06 | 00,028,736 | ---- | C] () -- C:\Documents and Settings\BX\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT
[2004-12-21 19:15:56 | 00,000,192 | ---- | C] () -- C:\WINDOWS\winamp.ini
[2004-11-29 17:25:57 | 00,028,736 | ---- | C] () -- C:\Documents and Settings\BX\Dane aplikacji\GDIPFONTCACHEV1.DAT
[2004-10-08 08:50:11 | 00,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2004-09-25 21:58:21 | 00,210,032 | ---- | C] () -- C:\WINDOWS\System32\DBCLIENT.DLL
[2004-09-25 10:20:13 | 00,083,968 | ---- | C] () -- C:\Documents and Settings\BX\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2004-09-25 10:14:26 | 00,000,532 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2004-09-25 10:09:06 | 00,000,092 | ---- | C] () -- C:\WINDOWS\CMISETUP.INI
[2004-09-25 10:09:06 | 00,000,026 | ---- | C] () -- C:\WINDOWS\CMCDPLAY.INI
[2004-09-25 10:09:05 | 00,000,000 | ---- | C] () -- C:\WINDOWS\Wininit.ini
[2004-09-25 10:08:58 | 00,028,672 | ---- | C] () -- C:\WINDOWS\CMIRmDriver.dll
[2004-09-25 10:05:41 | 00,002,783 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2004-09-25 10:05:40 | 00,005,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2004-09-25 10:02:25 | 00,056,320 | ---- | C] () -- C:\WINDOWS\System32\iyvu9_32.dll
[2004-09-25 10:01:44 | 00,003,050 | ---- | C] () -- C:\WINDOWS\VPlayer.INI
[2004-09-25 08:28:38 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\desktop.ini
[2004-09-25 07:42:08 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\BX\Dane aplikacji\desktop.ini
[2004-08-31 10:32:48 | 00,327,680 | ---- | C] () -- C:\WINDOWS\System32\QFClient2.dll
[2004-08-25 12:27:00 | 00,086,016 | ---- | C] () -- C:\WINDOWS\System32\ati2evxx.dll
[2004-08-22 16:04:56 | 00,069,120 | ---- | C] () -- C:\WINDOWS\daemon.dll
[2002-03-26 20:18:27 | 00,091,136 | ---- | C] () -- C:\WINDOWS\System32\mp4fil32.dll
[2001-07-21 23:16:20 | 00,000,538 | ---- | C] () -- C:\WINDOWS\win.ini
[2001-07-21 23:15:52 | 00,000,227 | ---- | C] () -- C:\WINDOWS\system.ini
[2001-07-07 02:00:02 | 00,003,234 | ---- | C] () -- C:\WINDOWS\System32\HPTCPMON.INI
[1997-08-23 10:33:24 | 00,022,064 | ---- | C] () -- C:\WINDOWS\System32\tntlvr.dll

[color=#E56717]========== LOP Check ==========[/color]

[2007-08-07 12:15:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\muvee Technologies
[2008-11-30 22:23:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Recisio
[2008-02-17 18:06:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Teleca
[2009-10-30 21:50:28 | 00,000,000 | ---D | M] -- C:\Documents and Settings\BX\Dane aplikacji\Audacity
[2008-10-08 21:01:48 | 00,000,000 | ---D | M] -- C:\Documents and Settings\BX\Dane aplikacji\ConvertTemp
[2009-11-20 19:21:13 | 00,000,000 | ---D | M] -- C:\Documents and Settings\BX\Dane aplikacji\Desktopicon
[2007-07-01 14:39:50 | 00,000,000 | ---D | M] -- C:\Documents and Settings\BX\Dane aplikacji\FUJIFILM
[2008-08-20 18:31:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\BX\Dane aplikacji\Gadu-Gadu
[2009-09-20 13:12:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\BX\Dane aplikacji\GanymedeNet
[2008-08-09 13:38:43 | 00,000,000 | ---D | M] -- C:\Documents and Settings\BX\Dane aplikacji\Image Zone Express
[2004-12-22 14:15:12 | 00,000,000 | ---D | M] -- C:\Documents and Settings\BX\Dane aplikacji\InterVideo
[2006-01-17 15:01:13 | 00,000,000 | ---D | M] -- C:\Documents and Settings\BX\Dane aplikacji\ldoce4
[2008-02-17 18:39:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\BX\Dane aplikacji\Leadertech
[2007-08-12 20:23:04 | 00,000,000 | ---D | M] -- C:\Documents and Settings\BX\Dane aplikacji\muvee Technologies
[2009-09-24 17:35:58 | 00,000,000 | ---D | M] -- C:\Documents and Settings\BX\Dane aplikacji\OTi
[2009-09-24 17:36:01 | 00,000,000 | ---D | M] -- C:\Documents and Settings\BX\Dane aplikacji\PLAux
[2008-10-08 21:01:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\BX\Dane aplikacji\Samsung
[2006-01-17 14:59:34 | 00,000,000 | ---D | M] -- C:\Documents and Settings\BX\Dane aplikacji\SecuROM
[2008-02-17 18:23:47 | 00,000,000 | ---D | M] -- C:\Documents and Settings\BX\Dane aplikacji\Teleca
[2008-10-08 21:01:47 | 00,000,000 | ---D | M] -- C:\Documents and Settings\BX\Dane aplikacji\Temporary
[2008-11-12 22:32:50 | 00,000,000 | ---D | M] -- C:\Documents and Settings\BX\Dane aplikacji\Toolbars
[2008-10-08 21:01:47 | 00,000,000 | ---D | M] -- C:\Documents and Settings\BX\Dane aplikacji\TransRender
[2007-04-17 09:41:58 | 00,000,000 | ---D | M] -- C:\Documents and Settings\BX\Dane aplikacji\Vulcan
[2001-07-21 23:17:50 | 00,000,065 | RH-- | M] () -- C:\WINDOWS\Tasks\desktop.ini
[2004-09-25 10:46:36 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\Tasks\SA.DAT

[color=#E56717]========== Purity Check ==========[/color]


< End of report >

[NieWiem]

Masz na dysku Malwarebytes'. Jak skończysz robić moje instrukcje poniżej to uaktualnij jego bazy danych i zrób pełne skanowanie, oraz dołącz później z niego raport, razem z logami.

Swoją drogą - dziwne, że nie odpaliłeś MBAM wcześniej, może sam by sobie poradził.

• Uruchom ponownie program OTL
• W okienku na dole Custom Scans / Fixes wklej to, co poniżej w ramce:
  

  Kod: Zaznacz wszystko

  :OTL
PRC - [2002-09-20 18:05:24 | 01,005,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
FF - prefs.js..browser.search.defaultenginename: "Fast Browser Search"
FF - prefs.js..browser.search.defaultthis.engineName: "Fast Browser Search"
FF - prefs.js..browser.search.defaulturl: "http://www.fastbrowsersearch.com/results/results.aspx?s=DEF&v=19&q="
FF - prefs.js..browser.search.order.1: "Fast Browser Search"
FF - prefs.js..keyword.URL: "http://www.fastbrowsersearch.com/results/results.aspx?s=NAUS&v=19&tid={DF8D665E-37CD-D33F-1366-7C1123175934}&q="
[2009-06-02 14:45:10 | 00,000,892 | ---- | M] () -- C:\Documents and Settings\BX\Dane aplikacji\Mozilla\Firefox\Profiles\opo2ppz3.default\searchplugins\conduit.xml
[2008-12-10 18:07:28 | 00,001,823 | ---- | M] () -- C:\Documents and Settings\BX\Dane aplikacji\Mozilla\Firefox\Profiles\opo2ppz3.default\searchplugins\skapiecpl.xml
O3 - HKU\S-1-5-21-2000478354-1958367476-725345543-1003\..\Toolbar\ShellBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll File not found
O3 - HKU\S-1-5-21-2000478354-1958367476-725345543-1003\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll File not found
O4 - HKLM..\Run: [SGPUpdater] C:\Program Files\Search Guard PlusU\sgpUpdaters.exe ()
O4 - HKLM..\Run: [WMC_AutoUpdate]  File not found
O8 - Extra context menu item: Translate into English - C:\Program Files\Google\GoogleToolbar1.dll File not found
:Files
C:\!FixIEDef
:Commands
[purity]
[emptytemp]
[clearrestorepoints]
[start explorer]
[reboot]

• Upewnij się, że wszystkie inne okna, programy, komunikatory są wyłączone.
• Kliknij przycisk Run Fix i poczekaj cierpliwie. To może chwilę potrwać!
• Na prośbę komputera o restart zgódź się.
• Po restarcie program automatycznie wyświetli raport z czyszczenia, który należy zapisać i wkleić w poście w tagach [code], lub na stronie http://www.wklej.org
• Wykonaj także nowego loga OTL.txt z OTL z opcji Run Scan i także go dołącz. Plik extras.txt nie będzie potrzebny.

[nomik]

użyłem wcześniej tego "Malware..." -nie pomógł, po wykonaniu instrukcji z OTL wyszukiwarka dalej jest a to log po odpaleniu OTL FiX:

Kod: Zaznacz wszystko

All processes killed
Error: Unable to interpret <OTL> in the current context!
Error: Unable to interpret <PRC - [2002-09-20 18:05:24 | 01,005,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe> in the current context!
Error: Unable to interpret <FF - prefs.js..browser.search.defaultenginename: "Fast Browser Search"> in the current context!
Error: Unable to interpret <FF - prefs.js..browser.search.defaultthis.engineName: "Fast Browser Search"> in the current context!
Error: Unable to interpret <FF - prefs.js..browser.search.defaulturl: "http://www.fastbrowsersearch.com/results/results.aspx?s=DEF&v=19&q="> in the current context!
Error: Unable to interpret <FF - prefs.js..browser.search.order.1: "Fast Browser Search"> in the current context!
Error: Unable to interpret <FF - prefs.js..keyword.URL: "http://www.fastbrowsersearch.com/results/results.aspx?s=NAUS&v=19&tid={DF8D665E-37CD-D33F-1366-7C1123175934}&q="> in the current context!
Error: Unable to interpret <[2009-06-02 14:45:10 | 00,000,892 | ---- | M] () -- C:\Documents and Settings\BX\Dane aplikacji\Mozilla\Firefox\Profiles\opo2ppz3.default\searchplugins\conduit.xml> in the current context!
Error: Unable to interpret <[2008-12-10 18:07:28 | 00,001,823 | ---- | M] () -- C:\Documents and Settings\BX\Dane aplikacji\Mozilla\Firefox\Profiles\opo2ppz3.default\searchplugins\skapiecpl.xml> in the current context!
Error: Unable to interpret <O3 - HKU\S-1-5-21-2000478354-1958367476-725345543-1003\..\Toolbar\ShellBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll File not found> in the current context!
Error: Unable to interpret <O3 - HKU\S-1-5-21-2000478354-1958367476-725345543-1003\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll File not found> in the current context!
Error: Unable to interpret <O4 - HKLM..\Run: [SGPUpdater] C:\Program Files\Search Guard PlusU\sgpUpdaters.exe ()> in the current context!
Error: Unable to interpret <O4 - HKLM..\Run: [WMC_AutoUpdate]  File not found> in the current context!
Error: Unable to interpret <O8 - Extra context menu item: Translate into English - C:\Program Files\Google\GoogleToolbar1.dll File not found> in the current context!
========== FILES ==========
C:\!FixIEDef\Temp folder moved successfully.
C:\!FixIEDef folder moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: All Users

User: BX
->Temp folder emptied: 346 bytes
->Temporary Internet Files folder emptied: 176800 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 92343996 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 88,27 mb

Error: Unable to interpret <[clearrestorepoints]> in the current context!

OTL by OldTimer - Version 3.1.6.0 log created on 11212009_163425

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...


[NieWiem]

Albo mi się wydaje, albo OTL zgłupiał


Pobierz OTM.

• Zapisz na pulpicie i uruchom.
• W okienku "Paste Instructions for Items to be Moved" wklej to, co poniżej w ramce:
  

  Kod: Zaznacz wszystko

  :Processes
explorer.exe
:Files
C:\Documents and Settings\BX\Dane aplikacji\Mozilla\Firefox\Profiles\opo2ppz3.default\searchplugins\conduit.xml
C:\Documents and Settings\BX\Dane aplikacji\Mozilla\Firefox\Profiles\opo2ppz3.default\searchplugins\skapiecpl.xml
C:\Program Files\Search Guard PlusU\sgpUpdaters.exe
:Reg
FF - prefs.js..browser.search.defaultenginename: "Fast Browser Search"
FF - prefs.js..browser.search.defaultthis.engineName: "Fast Browser Search"
FF - prefs.js..browser.search.defaulturl: "http://www.fastbrowsersearch.com/results/results.aspx?s=DEF&v=19&q="
FF - prefs.js..browser.search.order.1: "Fast Browser Search"
FF - prefs.js..keyword.URL: "http://www.fastbrowsersearch.com/results/results.aspx?s=NAUS&v=19&tid={DF8D665E-37CD-D33F-1366-7C1123175934}&q="
O3 - HKU\S-1-5-21-2000478354-1958367476-725345543-1003\..\Toolbar\ShellBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll File not found
O3 - HKU\S-1-5-21-2000478354-1958367476-725345543-1003\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll File not found
O4 - HKLM..\Run: [SGPUpdater] C:\Program Files\Search Guard PlusU\sgpUpdaters.exe ()
O4 - HKLM..\Run: [WMC_AutoUpdate]  File not found
O8 - Extra context menu item: Translate into English - C:\Program Files\Google\GoogleToolbar1.dll File not found
:Commands
[start explorer]
[reboot]

• Wciśnij przycisk Move It!
• zatwierdź restart komputera.
• po restarcie w folderze C:\_OTM\MovedFiles znajdź plik z rozszerzeniem *.log i wklej na forum w tagach [code].

Plus nowy log z OTL.

[nomik]

mam pytanie: czy usuwanie podanego wpisu za pomocą OTM może trwać ponad 30 minut?

[NieWiem]

zdecydowanie nie ;]

OK, inaczej. Zrób mi nowego loga z OTL. Spróbujemy jeszcze raz, a jak nie da rady, to pozamiatamy cięższym kalibrem ;]