x-kom hosting

IExplorer.exe

Wotoo
utworzono
utworzono

Mam problem bo od wczoraj mi sie pojawia taki blad:
[URL=http://img390.imageshack.us/i/bladie.png/][IMG]http://img390.imageshack.us/img390/5179/bladie.png[/IMG][/URL]
Ja korzystam z Google Chrome, bo IE to badziew, ale moj tata tylko IE wiec pomoglby mi ktos?
Pozdrawiam

Wielki.M
komentarz
komentarz

Witam!

Masz zapewne Nortona lub jakiś pokrewny program ze stajni Symantec'a - zablokował skrypt chcący użyć procesu IExplorer.exe gdyż uzał go za niebezpieczny.
Przeskanuj kompa na obecność wirusów, ad-ware, trojanów i innego syfu.

Wotoo
komentarz
komentarz

[quote name='Wielki.M' date='13 październik 2009 - 11:05 ' timestamp='1255428311' post='879501']
Witam!

Masz zapewne Nortona lub jakiś pokrewny program ze stajni Symantec'a - zablokował skrypt chcący użyć procesu IExplorer.exe gdyż uzał go za niebezpieczny.
Przeskanuj kompa na obecność wirusów, ad-ware, trojanów i innego syfu.
[/quote]

Mam Noda i skanowałem i nic nie było.

Wielki.M
komentarz
komentarz

Samo skanowanie NOD32 to za mało. Komunikat wskazuje wyraźnie, że jakiś produkt Symantec'a robi blokadę, więc sprawdź dokładnie co masz w kompie.
Szukaj Symantec Script Blocking.

Psycholandia
komentarz
komentarz

Daj loga z OTL: http://www.forumpc.pl/index.php?showtopic=104338

Wotoo
komentarz
komentarz (edytowane)

[log]OTL logfile created on: 2009-10-13 14:57:45 - Run 1
OTL by OldTimer - Version 3.0.20.0 Folder = C:\Documents and Settings\admin\Moje dokumenty\Downloads
Windows XP Home Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

2,00 Gb Total Physical Memory | 1,15 Gb Available Physical Memory | 57,69% Memory free
3,85 Gb Paging File | 2,97 Gb Available in Paging File | 77,14% Paging File free
Paging file location(s): c:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 97,65 Gb Total Space | 19,09 Gb Free Space | 19,54% Space Free | Partition Type: NTFS
Drive D: | 184,05 Gb Total Space | 179,96 Gb Free Space | 97,78% Space Free | Partition Type: NTFS
Drive E: | 184,06 Gb Total Space | 183,96 Gb Free Space | 99,95% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: 7BA1946DA37145B
Current User Name: admin
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2009-10-13 14:57:00 | 00,520,704 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\admin\Moje dokumenty\Downloads\OTL.exe
PRC - [2009-10-13 14:06:52 | 00,086,077 | ---- | M] (Valve) -- c:\program files\steam\steamapps\woteq\counter-strike\hl.exe
PRC - [2009-10-13 11:14:02 | 01,066,232 | ---- | M] (Valve Corporation) -- C:\Program Files\Steam\GameOverlayUI.exe
PRC - [2009-10-06 19:40:40 | 00,942,064 | ---- | M] (Google Inc.) -- C:\Documents and Settings\admin\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe
PRC - [2009-06-30 14:11:13 | 00,133,104 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\1.2.183.7\GoogleCrashHandler.exe
PRC - [2009-06-28 14:04:20 | 00,133,104 | ---- | M] (Google Inc.) -- C:\Documents and Settings\admin\Ustawienia lokalne\Dane aplikacji\Google\Update\1.2.183.7\GoogleCrashHandler.exe
PRC - [2009-06-10 20:51:04 | 01,217,784 | ---- | M] (Valve Corporation) -- C:\Program Files\Steam\Steam.exe
PRC - [2009-02-06 20:17:38 | 03,325,952 | ---- | M] (Electronic Arts) -- C:\Program Files\Electronic Arts\EADM\Core.exe
PRC - [2009-02-04 13:27:34 | 23,975,720 | R--- | M] (Skype Technologies S.A.) -- C:\Program Files\Skype\Phone\Skype.exe
PRC - [2009-02-04 13:27:34 | 00,077,360 | R--- | M] (Skype Technologies) -- C:\Program Files\Skype\Plugin Manager\skypePM.exe
PRC - [2008-12-03 16:13:32 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2008-11-12 15:54:00 | 00,163,908 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvsvc32.exe
PRC - [2008-07-01 10:02:28 | 00,468,224 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
PRC - [2008-07-01 10:01:04 | 01,447,168 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
PRC - [2008-04-14 19:21:16 | 01,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007-05-14 11:54:36 | 00,272,024 | ---- | M] () -- C:\Program Files\CyberLink\Shared Files\RichVideo.exe
PRC - [2007-03-06 10:35:02 | 00,198,168 | ---- | M] (InterVideo Inc.) -- C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
PRC - [2007-03-03 13:48:28 | 00,067,056 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
PRC - [2004-11-02 20:24:46 | 00,032,768 | ---- | M] (Cyberlink Corp.) -- D:\Program Files\Nowy folder\PDVDServ.exe

[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - File not found -- -- (NMIndexingService [On_Demand | Stopped])
SRV - File not found -- -- (navapsvc [Auto | Stopped])
SRV - File not found -- -- (CacheBoost Service [Auto | Stopped])
SRV - [2009-07-20 11:51:52 | 00,935,208 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0 [Auto | Stopped])
SRV - [2009-05-18 17:17:29 | 00,133,104 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\GoogleUpdate.exe -- (gupdate1c9d7cbc3c466f2 [Auto | Stopped])
SRV - [2009-03-27 17:00:03 | 00,183,280 | ---- | M] (Google) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc [Auto | Stopped])
SRV - [2008-12-03 16:13:32 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService [Auto | Running])
SRV - [2008-11-12 15:54:00 | 00,163,908 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvsvc32.exe -- (NVSvc [Auto | Running])
SRV - [2008-07-29 21:10:04 | 00,046,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0 [On_Demand | Stopped])
SRV - [2008-07-29 19:24:50 | 00,881,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc [Unknown | Stopped])
SRV - [2008-07-29 19:16:38 | 00,132,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing [Disabled | Stopped])
SRV - [2008-07-25 11:17:02 | 00,069,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
SRV - [2008-07-25 11:16:40 | 00,034,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped])
SRV - [2008-07-01 10:08:00 | 00,019,200 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -- (EhttpSrv [On_Demand | Stopped])
SRV - [2008-07-01 10:02:28 | 00,468,224 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe -- (ekrn [Auto | Running])
SRV - [2008-04-14 19:20:44 | 00,038,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc [Auto | Running])
SRV - [2007-08-24 07:59:20 | 00,068,464 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe -- (Microsoft Office Groove Audit Service [On_Demand | Stopped])
SRV - [2007-08-24 04:19:12 | 00,443,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv [On_Demand | Stopped])
SRV - [2007-05-14 11:54:36 | 00,272,024 | ---- | M] () -- C:\Program Files\CyberLink\Shared Files\RichVideo.exe -- (RichVideo [Auto | Running])
SRV - [2007-03-06 10:35:02 | 00,198,168 | ---- | M] (InterVideo Inc.) -- C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe -- (Capture Device Service [Auto | Running])
SRV - [2007-03-03 13:48:28 | 00,067,056 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper [Auto | Running])
SRV - [2006-12-01 12:46:28 | 00,918,016 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\WMPNetwk.exe -- (WMPNetworkSvc [On_Demand | Stopped])
SRV - [2006-10-26 13:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped])
SRV - [2005-04-04 00:41:10 | 00,069,632 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT [On_Demand | Stopped])
SRV - [2004-08-11 01:45:04 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wdfmgr.exe -- (UMWdf [On_Demand | Stopped])
SRV - [2004-08-04 13:00:00 | 00,003,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\regedt32.exe -- (NOD32FiXTemDono [Auto | Stopped])
SRV - [2001-08-14 00:18:36 | 00,054,408 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\Script Blocking\SBServ.exe -- (SBService [Auto | Stopped])

[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - [2009-07-22 21:13:20 | 00,028,592 | ---- | M] (The OpenVPN Project) -- C:\WINDOWS\System32\DRIVERS\tap0901.sys -- (tap0901 [On_Demand | Stopped])
DRV - [2009-07-02 04:34:30 | 00,033,840 | ---- | M] (AnchorFree Inc.) -- C:\WINDOWS\System32\DRIVERS\HssDrv.sys -- (HssDrv [On_Demand | Running])
DRV - [2009-06-14 17:47:21 | 00,025,280 | ---- | M] (LogMeIn, Inc.) -- C:\WINDOWS\System32\DRIVERS\hamachi.sys -- (hamachi [On_Demand | Stopped])
DRV - [2008-11-12 15:54:00 | 06,188,320 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\DRIVERS\nv4_mini.sys -- (nv [On_Demand | Running])
DRV - [2008-07-31 15:07:25 | 00,717,296 | ---- | M] (Duplex Secure Ltd.) -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd [Boot | Stopped])
DRV - [2008-07-28 13:11:40 | 00,016,608 | ---- | M] (Windows (R) 2000 DDK provider) -- C:\WINDOWS\gdrv.sys -- (gdrv [On_Demand | Stopped])
DRV - [2008-07-01 10:04:38 | 00,054,280 | ---- | M] (ESET) -- C:\WINDOWS\System32\DRIVERS\epfwtdi.sys -- (epfwtdi [System | Running])
DRV - [2008-07-01 10:04:36 | 00,030,728 | ---- | M] (ESET) -- C:\WINDOWS\System32\DRIVERS\Epfwndis.sys -- (Epfwndis [On_Demand | Running])
DRV - [2008-07-01 10:04:34 | 00,071,688 | ---- | M] (ESET) -- C:\WINDOWS\System32\DRIVERS\epfw.sys -- (epfw [Auto | Running])
DRV - [2008-07-01 09:57:14 | 00,053,256 | ---- | M] (ESET) -- C:\WINDOWS\System32\DRIVERS\easdrv.sys -- (easdrv [System | Running])
DRV - [2008-07-01 09:56:22 | 00,039,944 | ---- | M] (ESET) -- C:\WINDOWS\System32\DRIVERS\eamon.sys -- (eamon [Auto | Running])
DRV - [2008-06-10 18:56:10 | 00,034,312 | ---- | M] () -- C:\WINDOWS\System32\DRIVERS\epfwtdir.sys -- (epfwtdir [System | Running])
DRV - [2008-04-13 23:06:06 | 00,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) -- C:\WINDOWS\System32\DRIVERS\HDAudBus.sys -- (HDAudBus [On_Demand | Running])
DRV - [2008-04-13 18:39:16 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\System32\DRIVERS\secdrv.sys -- (Secdrv [On_Demand | Stopped])
DRV - [2008-01-23 23:25:32 | 00,027,136 | ---- | M] (The OpenVPN Project) -- C:\WINDOWS\System32\DRIVERS\tapvpn.sys -- (tapvpn [On_Demand | Running])
DRV - [2007-10-11 11:10:52 | 00,030,008 | ---- | M] (Windows (R) 2000 DDK provider) -- C:\WINDOWS\System32\Drivers\ET5Drv.sys -- (ET5Drv [On_Demand | Stopped])
DRV - [2007-09-29 07:30:52 | 00,065,024 | R--- | M] (JMicron Technology Corp.) -- C:\WINDOWS\system32\DRIVERS\jraid.sys -- (JRAID [Boot | Running])
DRV - [2007-09-19 15:44:46 | 00,101,504 | R--- | M] (Realtek Semiconductor Corporation ) -- C:\WINDOWS\System32\DRIVERS\Rtenicxp.sys -- (RTLE8023xp [On_Demand | Running])
DRV - [2007-09-19 11:16:32 | 04,617,728 | R--- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\drivers\RtkHDAud.sys -- (IntcAzAudAddService [On_Demand | Running])
DRV - [2007-03-08 01:51:00 | 00,043,528 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20 [Boot | Running])
DRV - [2004-08-04 13:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\System32\DRIVERS\ptilink.sys -- (Ptilink [On_Demand | Running])
DRV - [2003-12-08 11:53:48 | 00,053,600 | ---- | M] (THOMSON) -- C:\WINDOWS\System32\DRIVERS\alcan5wn.sys -- (alcan5wn [On_Demand | Stopped])
DRV - [2003-12-08 11:53:46 | 00,070,688 | ---- | M] (THOMSON) -- C:\WINDOWS\System32\DRIVERS\alcaudsl.sys -- (alcaudsl [On_Demand | Stopped])
DRV - [2002-02-26 18:00:00 | 00,585,792 | ---- | M] () -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20020227.005\NAVEX15.SYS -- (NAVEX15 [On_Demand | Stopped])
DRV - [2002-02-26 18:00:00 | 00,065,920 | ---- | M] () -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20020227.005\NAVENG.SYS -- (NAVENG [On_Demand | Stopped])
DRV - [2002-02-26 11:40:24 | 00,058,224 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\SYMEVENT.SYS -- (SymEvent [On_Demand | Stopped])
DRV - [2001-12-12 15:55:02 | 00,157,984 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\Drivers\SYMTDI.SYS -- (SYMTDI [Auto | Running])
DRV - [2001-12-12 15:54:36 | 00,014,632 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\Drivers\SYMREDRV.SYS -- (SYMREDRV [On_Demand | Stopped])
DRV - [2001-12-08 16:00:00 | 00,183,872 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\Drivers\NAVAP.SYS -- (NAVAP [On_Demand | Stopped])

[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7SUNA
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.shareazaweb.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\..\URLSearchHook: {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\Neostrada TP\SearchPageURL.dll ()
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.defaultenginename: "Shareaza Web Search"
FF - prefs.js..browser.search.defaultthis.engineName: "Hotspot Shield Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT1561552&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.order.1: "Shareaza Web Search"
FF - prefs.js..browser.search.selectedEngine: "Shareaza Web Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://search.shareazaweb.com/"
FF - prefs.js..extensions.enabledItems: {c95a4e8e-816d-4655-8c79-d736da1adb6d}:2.1.0.19
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}:6.0.07
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}:6.0.11
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:1.1
FF - prefs.js..extensions.enabledItems: {D238F46A-64EC-11DE-9C5A-D54056D89593}:3.0
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.3
FF - prefs.js..keyword.URL: "http://search.shareazaweb.com/webResults.html?src=ffb&q="

FF - HKLM\software\mozilla\Firefox\extensions\\jqs@sun.com: C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2008-12-03 16:13:33 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009-09-02 09:48:35 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009-09-18 14:12:23 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009-09-18 14:12:23 | 00,000,000 | ---D | M]

[2008-07-28 17:31:08 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\mozilla\Extensions
[2008-07-28 17:31:08 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009-10-12 12:12:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\mozilla\Firefox\Profiles\u8bj7vmy.default\extensions
[2009-09-06 13:28:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\mozilla\Firefox\Profiles\u8bj7vmy.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009-03-19 13:38:48 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\mozilla\Firefox\Profiles\u8bj7vmy.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2009-07-24 20:17:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\mozilla\Firefox\Profiles\u8bj7vmy.default\extensions\{c95a4e8e-816d-4655-8c79-d736da1adb6d}
[2009-10-12 12:12:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\mozilla\Firefox\Profiles\u8bj7vmy.default\extensions\{D238F46A-64EC-11DE-9C5A-D54056D89593}
[2009-03-03 21:27:12 | 00,000,681 | ---- | M] () -- C:\Documents and Settings\admin\Dane aplikacji\Mozilla\FireFox\Profiles\u8bj7vmy.default\searchplugins\ask.xml
[2009-07-01 14:20:48 | 00,000,890 | ---- | M] () -- C:\Documents and Settings\admin\Dane aplikacji\Mozilla\FireFox\Profiles\u8bj7vmy.default\searchplugins\conduit.xml
[2008-07-31 15:09:07 | 00,002,921 | ---- | M] () -- C:\Documents and Settings\admin\Dane aplikacji\Mozilla\FireFox\Profiles\u8bj7vmy.default\searchplugins\daemon-search.xml
[2009-07-18 01:02:48 | 00,002,480 | ---- | M] () -- C:\Documents and Settings\admin\Dane aplikacji\Mozilla\FireFox\Profiles\u8bj7vmy.default\searchplugins\ShareazaWebSearch.xml
[2008-12-12 15:52:57 | 00,001,196 | ---- | M] () -- C:\Documents and Settings\admin\Dane aplikacji\Mozilla\FireFox\Profiles\u8bj7vmy.default\searchplugins\winamp-search.xml
[2008-11-10 15:21:19 | 00,001,994 | ---- | M] () -- C:\Documents and Settings\admin\Dane aplikacji\Mozilla\FireFox\Profiles\u8bj7vmy.default\searchplugins\wrzuta.xml
[2009-10-06 18:31:27 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2009-09-18 14:12:23 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2008-09-21 14:12:15 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
[2008-12-03 16:13:43 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
[2009-09-18 14:12:17 | 00,023,544 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll
[2009-09-18 14:12:17 | 00,137,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll
[2007-04-10 17:21:08 | 00,163,256 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\np-mswmp.dll
[2007-04-30 16:29:22 | 00,049,152 | ---- | M] (Adobe Systems, Inc.) -- C:\Program Files\mozilla firefox\plugins\np32dsw.dll
[2008-12-03 16:13:32 | 00,410,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeploytk.dll
[2009-09-18 14:12:19 | 00,065,016 | ---- | M] (mozilla.org) -- C:\Program Files\mozilla firefox\plugins\npnul32.dll
[2006-10-26 20:12:16 | 00,016,192 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL
[2009-06-07 09:57:15 | 00,239,432 | ---- | M] (Pando Networks) -- C:\Program Files\mozilla firefox\plugins\npPandoWebInst.dll
[2009-07-30 20:51:00 | 00,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml
[2009-07-30 20:51:00 | 00,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml
[2009-07-30 20:51:00 | 00,002,371 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2009-07-30 20:51:00 | 00,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml
[2009-07-30 20:51:00 | 00,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml
[2009-07-18 01:02:48 | 00,002,480 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\ShareazaWebSearch.xml
[2009-07-30 20:51:00 | 00,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml
[2009-07-30 20:51:00 | 00,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml

O1 HOSTS File: (742 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Yahoo! Toolbar Helper) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (AskBar BHO) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O2 - BHO: (no name) - {3E1500AC-87A5-416b-A211-82E848649DA9} - No CLSID value found.
O2 - BHO: (UrlHelper Class) - {6D023EBF-70B8-45A6-9ED5-556515FA0FE4} - C:\Program Files\BearShare Applications\BearShare MediaBar\BearShareIEHelper.dll ()
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll (Google Inc.)
O2 - BHO: (no name) - {BDF3E430-B101-42AD-A544-FADC6B084872} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O2 - BHO: (MediaBar) - {EE9A4208-64EC-11DE-8440-204256D89593} - C:\Program Files\ShareazaTb\ShareazaDx.dll ()
O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Documents and Settings\admin\Dane aplikacji\Nowe Gadu-Gadu\_userdata\ggbho.1.dll (GG Network S.A.)
O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKLM\..\Toolbar: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKLM\..\Toolbar: (BearShare MediaBar) - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - C:\Program Files\BearShare Applications\BearShare MediaBar\BSMediaBar.dll (BearShare)
O3 - HKLM\..\Toolbar: (MediaBar) - {EE9A4208-64EC-11DE-8440-204256D89593} - C:\Program Files\ShareazaTb\ShareazaDx.dll ()
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\ShellBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll (Google Inc.)
O3 - HKCU\..\Toolbar\ShellBrowser: (BearShare MediaBar) - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - C:\Program Files\BearShare Applications\BearShare MediaBar\BSMediaBar.dll (BearShare)
O3 - HKCU\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {3041D03E-FD4B-44E0-B742-2D9B88305F98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O3 - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (BearShare MediaBar) - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - C:\Program Files\BearShare Applications\BearShare MediaBar\BSMediaBar.dll (BearShare)
O3 - HKCU\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [1] c:\avmon.com File not found
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4 - HKLM..\Run: [KernelFaultCheck] File not found
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [QuickTime Task] C:\WINDOWS\System32\qttask.exe (Apple Computer, Inc.)
O4 - HKLM..\Run: [RemoteControl] D:\Program Files\Nowy folder\PDVDServ.exe (Cyberlink Corp.)
O4 - HKLM..\Run: [UVS11 Preload] D:\Program Files\VideoStudio\uvPL.exe (InterVideo Digital Technology Corporation)
O4 - HKCU..\Run: [ALLUpdate] C:\Program Files\ALLPlayer\ALLUpdate.exe ()
O4 - HKCU..\Run: [Google Update] C:\Documents and Settings\admin\Ustawienia lokalne\Dane aplikacji\Google\Update\GoogleUpdate.exe (Google Inc.)
O4 - HKCU..\Run: [Hattric] C:\WINDOWS\System32\hattric\smss.exe File not found
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKLM..\RunOnce: [CleanSetup] File not found
O4 - HKLM..\RunOnce: [InstallShieldSetup] C:\PROGRA~1\INSTAL~1\{2BF2E~1\Setup.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 95 00 00 00 [binary data]
O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\yinsthelper.dll (YInstStarter Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: Microsoft XML Parser for Java file:///C:/WINDOWS/Java/classes/xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter: - text/xml - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008-07-28 12:46:46 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found
O35 - comfile [open] -- "%1" %* File not found
O35 - exefile [open] -- "%1" %* File not found

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2009-10-13 13:06:23 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Nero
[2009-10-13 13:08:02 | 00,000,000 | ---D | C] -- C:\Documents and Settings\admin\Dane aplikacji\Nero
[2009-10-12 12:11:59 | 00,000,000 | ---D | C] -- C:\Documents and Settings\admin\Dane aplikacji\ShareazaTb
[2009-10-13 13:06:22 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Nero
[2009-10-13 13:06:32 | 00,000,000 | ---D | C] -- C:\Program Files\Nero
[2009-10-12 12:11:59 | 00,000,000 | ---D | C] -- C:\Program Files\ShareazaTb
[2009-10-13 13:12:29 | 00,000,000 | ---D | C] -- C:\Documents and Settings\admin\Moje dokumenty\CyberLink
[2009-10-12 12:16:14 | 00,289,072 | ---- | C] (BitTorrent, Inc.) -- C:\Documents and Settings\admin\Moje dokumenty\utorrent.exe
[2009-10-12 12:12:05 | 00,000,000 | ---D | C] -- C:\Documents and Settings\admin\Moje dokumenty\Shareaza
[2009-10-12 12:12:05 | 00,000,000 | ---D | C] -- C:\Documents and Settings\admin\Moje dokumenty\My Received Files
[2009-10-12 12:09:23 | 12,953,310 | ---- | C] (Discordia, LTD) -- C:\Documents and Settings\admin\Moje dokumenty\ShareazaV6pl.exe
[2009-10-04 17:57:22 | 00,000,000 | ---D | C] -- C:\Documents and Settings\admin\Pulpit\natalia
[2009-09-14 14:32:08 | 00,000,000 | ---D | C] -- C:\Documents and Settings\admin\Pulpit\nana zdjecia

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[1 C:\WINDOWS\System32\*.tmp files]
[12 C:\WINDOWS\*.tmp files]
[2009-10-13 14:16:00 | 00,001,036 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2009-10-13 14:16:00 | 00,001,032 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2009-10-13 14:09:00 | 00,001,132 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1708537768-1482476501-839522115-1004UA.job
[2009-10-13 14:09:00 | 00,001,080 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1708537768-1482476501-839522115-1004Core.job
[2009-10-13 14:03:10 | 00,000,972 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2009-10-13 13:15:56 | 00,000,687 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\CyberLink PowerDVD.lnk
[2009-10-13 13:10:04 | 00,505,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcp71.dll
[2009-10-13 13:10:04 | 00,029,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msxml3a.dll
[2009-10-13 13:07:02 | 00,002,351 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Nero StartSmart Essentials.lnk
[2009-10-13 11:19:29 | 00,239,466 | ---- | M] () -- C:\Documents and Settings\admin\Pulpit\blad ie.bmp
[2009-10-13 10:14:56 | 00,002,267 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Skype.lnk
[2009-10-13 10:14:54 | 00,671,018 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009-10-13 10:14:54 | 00,411,388 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009-10-13 10:14:54 | 00,154,548 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat
[2009-10-13 10:14:54 | 00,061,072 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2009-10-13 10:14:54 | 00,034,228 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat
[2009-10-13 10:14:42 | 00,199,207 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2009-10-13 10:14:39 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009-10-13 10:14:38 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009-10-13 10:12:41 | 00,002,193 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Steam.lnk
[2009-10-12 19:42:57 | 00,033,792 | ---- | M] () -- C:\Documents and Settings\admin\Moje dokumenty\raport dzienny.xls
[2009-10-12 18:17:03 | 00,028,160 | ---- | M] () -- C:\Documents and Settings\admin\Pulpit\Sprawdzian diagnostyczny przeznaczony dla uczniów mających trudności w czytaniu i pisaniu.doc
[2009-10-12 15:59:10 | 00,002,513 | ---- | M] () -- C:\Documents and Settings\admin\Pulpit\Microsoft Office Word 2007.lnk
[2009-10-12 15:55:55 | 03,706,840 | -H-- | M] () -- C:\Documents and Settings\admin\Ustawienia lokalne\Dane aplikacji\IconCache.db
[2009-10-12 13:32:09 | 00,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn
[2009-10-12 12:16:18 | 00,289,072 | ---- | M] (BitTorrent, Inc.) -- C:\Documents and Settings\admin\Moje dokumenty\utorrent.exe
[2009-10-12 12:11:20 | 12,953,310 | ---- | M] (Discordia, LTD) -- C:\Documents and Settings\admin\Moje dokumenty\ShareazaV6pl.exe
[2009-10-11 22:34:48 | 00,027,430 | ---- | M] () -- C:\Documents and Settings\admin\Moje dokumenty\Ewidencja_tygodniowa_Andrzej1.xlsx
[2009-10-11 21:19:23 | 00,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009-10-10 19:23:20 | 00,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2009-10-10 18:26:23 | 00,055,296 | ---- | M] () -- C:\Documents and Settings\admin\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009-10-10 14:07:02 | 00,160,424 | ---- | M] () -- C:\Documents and Settings\admin\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT
[2009-10-07 21:09:39 | 00,002,362 | ---- | M] () -- C:\Documents and Settings\admin\Pulpit\Google Chrome.lnk
[2009-10-06 15:28:37 | 00,039,424 | ---- | M] () -- C:\Documents and Settings\admin\Moje dokumenty\Bartek_S_pr-plan_i_liter.doc
[2009-10-05 09:12:39 | 00,103,936 | ---- | M] () -- C:\Documents and Settings\admin\Moje dokumenty\Kopia 33822062,zalacznik.xls PHlista.xls
[2009-10-04 09:20:06 | 00,000,662 | ---- | M] () -- C:\Documents and Settings\admin\Pulpit\Robin Hood.lnk
[2009-09-30 17:57:59 | 00,001,312 | ---- | M] () -- C:\Documents and Settings\admin\Pulpit\Chrome bez sledzika.lnk
[2009-09-23 17:23:19 | 00,000,664 | ---- | M] () -- C:\WINDOWS\win.ini
[2009-09-21 20:43:09 | 00,030,720 | ---- | M] () -- C:\Documents and Settings\admin\Pulpit\Plan zajęć korekcyjno.doc
[2009-09-21 17:52:44 | 00,035,328 | ---- | M] () -- C:\Documents and Settings\admin\Pulpit\Opinie.doc
[2009-09-19 20:05:07 | 00,088,576 | ---- | M] () -- C:\Documents and Settings\admin\Pulpit\joanna papuga cv.doc
[2009-09-17 08:04:23 | 21,453,86496 | ---- | M] () -- C:\WINDOWS\MEMORY.DMP
[2009-09-14 16:48:17 | 01,193,366 | ---- | M] () -- C:\Documents and Settings\admin\Moje dokumenty\xD.jpg

[color=#E56717]========== Files - No Company Name ==========[/color]
[2009-10-13 13:15:56 | 00,000,687 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\CyberLink PowerDVD.lnk
[2009-10-13 13:07:02 | 00,002,351 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Nero StartSmart Essentials.lnk
[2009-10-13 11:19:29 | 00,239,466 | ---- | C] () -- C:\Documents and Settings\admin\Pulpit\blad ie.bmp
[2009-10-12 18:17:02 | 00,028,160 | ---- | C] () -- C:\Documents and Settings\admin\Pulpit\Sprawdzian diagnostyczny przeznaczony dla uczniów mających trudności w czytaniu i pisaniu.doc
[2009-10-06 15:28:36 | 00,039,424 | ---- | C] () -- C:\Documents and Settings\admin\Moje dokumenty\Bartek_S_pr-plan_i_liter.doc
[2009-10-05 09:12:39 | 00,103,936 | ---- | C] () -- C:\Documents and Settings\admin\Moje dokumenty\Kopia 33822062,zalacznik.xls PHlista.xls
[2009-10-04 09:20:06 | 00,000,662 | ---- | C] () -- C:\Documents and Settings\admin\Pulpit\Robin Hood.lnk
[2009-09-30 17:55:25 | 00,001,312 | ---- | C] () -- C:\Documents and Settings\admin\Pulpit\Chrome bez sledzika.lnk
[2009-09-21 20:43:09 | 00,030,720 | ---- | C] () -- C:\Documents and Settings\admin\Pulpit\Plan zajęć korekcyjno.doc
[2009-09-21 17:35:02 | 00,035,328 | ---- | C] () -- C:\Documents and Settings\admin\Pulpit\Opinie.doc
[2009-09-19 20:05:07 | 00,088,576 | ---- | C] () -- C:\Documents and Settings\admin\Pulpit\joanna papuga cv.doc
[2009-09-14 16:48:06 | 01,193,366 | ---- | C] () -- C:\Documents and Settings\admin\Moje dokumenty\xD.jpg
[2009-09-13 15:16:47 | 00,034,816 | ---- | C] () -- C:\Documents and Settings\admin\Pulpit\Kopia Reliv Multiple Sclerosis Hoyd O'Neill.doc
[2009-06-22 09:40:22 | 00,210,456 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2009-06-22 09:40:22 | 00,198,168 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2009-06-22 09:40:22 | 00,198,168 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2009-06-22 09:40:22 | 00,194,072 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2009-06-22 09:40:21 | 00,206,360 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2009-06-22 09:40:21 | 00,026,136 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2009-05-05 21:01:53 | 00,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2009-04-22 00:19:06 | 00,172,173 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat
[2009-02-03 17:29:12 | 00,000,050 | ---- | C] () -- C:\WINDOWS\shell.ini
[2009-01-19 21:45:31 | 00,013,312 | ---- | C] () -- C:\WINDOWS\System32\BASSMOD.dll
[2008-12-03 00:11:00 | 01,703,936 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2008-12-03 00:11:00 | 01,486,848 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2008-11-12 15:54:00 | 01,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2008-11-12 15:54:00 | 00,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2008-10-07 10:13:30 | 00,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll
[2008-10-07 10:13:22 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2008-10-07 10:13:20 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2008-10-07 10:13:20 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2008-10-07 10:13:20 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2008-10-07 10:13:20 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2008-10-07 10:13:20 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2008-10-07 10:13:20 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2008-10-07 10:13:20 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2008-10-07 10:13:20 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2008-09-04 15:14:02 | 00,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2008-08-11 14:37:10 | 00,055,296 | ---- | C] () -- C:\Documents and Settings\admin\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008-07-28 17:14:41 | 00,005,606 | ---- | C] () -- C:\WINDOWS\System32\stci.dll
[2008-07-28 14:37:57 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\desktop.ini
[2008-07-28 13:17:53 | 00,000,761 | ---- | C] () -- C:\WINDOWS\m3jp2k.ini
[2008-07-28 13:17:53 | 00,000,714 | ---- | C] () -- C:\WINDOWS\m3jpeg.ini
[2008-07-28 13:17:53 | 00,000,702 | ---- | C] () -- C:\WINDOWS\mmtvmj.ini
[2008-07-28 13:17:51 | 00,019,968 | ---- | C] () -- C:\WINDOWS\System32\cpuinf32.dll
[2008-07-28 13:17:50 | 00,152,064 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2008-07-28 13:17:49 | 00,795,648 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2008-07-28 12:56:37 | 03,706,840 | -H-- | C] () -- C:\Documents and Settings\admin\Ustawienia lokalne\Dane aplikacji\IconCache.db
[2008-07-28 12:50:47 | 00,160,424 | ---- | C] () -- C:\Documents and Settings\admin\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT
[2008-07-28 12:50:15 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\admin\Dane aplikacji\desktop.ini
[2008-06-10 18:56:10 | 00,034,312 | ---- | C] () -- C:\WINDOWS\System32\drivers\epfwtdir.sys
[2004-08-04 14:00:00 | 00,009,415 | ---- | C] () -- C:\WINDOWS\system.ini
[2004-08-04 14:00:00 | 00,000,664 | ---- | C] () -- C:\WINDOWS\win.ini
[2002-03-17 02:00:00 | 00,007,420 | ---- | C] () -- C:\WINDOWS\UA000088.DLL

[color=#E56717]========== Alternate Data Streams ==========[/color]

@Alternate Data Stream - 487 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:05EE1EEF
@Alternate Data Stream - 169 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:0CE7F3C9
@Alternate Data Stream - 112 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:E41EAF13
< End of report >[/log]

Psycholandia
komentarz
komentarz

W okienko OTL wklej poniższy skrypt i klik na Run Fix:

[code]:Processes
explorer.exe

:OTL
O2 - BHO: (Yahoo! Toolbar Helper) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (AskBar BHO) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O2 - BHO: (no name) - {3E1500AC-87A5-416b-A211-82E848649DA9} - No CLSID value found.
O2 - BHO: (UrlHelper Class) - {6D023EBF-70B8-45A6-9ED5-556515FA0FE4} - C:\Program Files\BearShare Applications\BearShare MediaBar\BearShareIEHelper.dll ()
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll (Google Inc.)
O2 - BHO: (no name) - {BDF3E430-B101-42AD-A544-FADC6B084872} - No CLSID value found.
O2 - BHO: (MediaBar) - {EE9A4208-64EC-11DE-8440-204256D89593} - C:\Program Files\ShareazaTb\ShareazaDx.dll ()
O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKLM\..\Toolbar: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKLM\..\Toolbar: (BearShare MediaBar) - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - C:\Program Files\BearShare Applications\BearShare MediaBar\BSMediaBar.dll (BearShare)
O3 - HKLM\..\Toolbar: (MediaBar) - {EE9A4208-64EC-11DE-8440-204256D89593} - C:\Program Files\ShareazaTb\ShareazaDx.dll ()
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\ShellBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll (Google Inc.)
O3 - HKCU\..\Toolbar\ShellBrowser: (BearShare MediaBar) - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - C:\Program Files\BearShare Applications\BearShare MediaBar\BSMediaBar.dll (BearShare)
O3 - HKCU\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {3041D03E-FD4B-44E0-B742-2D9B88305F98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O3 - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (BearShare MediaBar) - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - C:\Program Files\BearShare Applications\BearShare MediaBar\BSMediaBar.dll (BearShare)
O3 - HKCU\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [1] c:\avmon.com File not found
O4 - HKLM..\Run: [KernelFaultCheck] File not found
O4 - HKCU..\Run: [Hattric] C:\WINDOWS\System32\hattric\smss.exe File not found
O4 - HKLM..\RunOnce: [CleanSetup] File not found
O4 - HKLM..\RunOnce: [InstallShieldSetup] C:\PROGRA~1\INSTAL~1\{2BF2E~1\Setup.exe File not found
O16 - DPF: Microsoft XML Parser for Java file:///C:/WINDOWS/Java/classes/xmldso.cab (Reg Error: Key error.)

:Files
C:\Program Files\Yahoo!
C:\Program Files\AskBarDis
C:\Program Files\BearShare Applications
C:\Program Files\Google\GoogleToolbarNotifier
C:\Program Files\DAEMON Tools Toolbar
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1708537768-1482476501-839522115-1004UA.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1708537768-1482476501-839522115-1004Core. job
C:\WINDOWS\tasks\Google Software Updater.job
C:\WINDOWS\QTFont.qfn
C:\WINDOWS\UA000088.DLL

:Commands
[emptytemp]
[start explorer]
[Reboot][/code]

Przeskanuj komputer tym: [url="http://www.programosy.pl/program,malwarebytes-anti-malware.html"]Malware[/url] usuń wszystko co znajdzie i daj loga po kasowaniu (loga z Malware)

Wotoo
komentarz
komentarz (edytowane)

[code]Zainfekowane pliki rejestru: 1
Zainfekowane foldery: 2
Zainfekowane pliki: 1

Zainfekowane procesy w pamięci:
(Nie wykryto groźnych plików)

Zainfekowane moduły pamięci:
(Nie wykryto groźnych plików)

Zainfekowane klucze rejestru:
HKEY_CLASSES_ROOT\CLSID\{e7467507-dd40-4123-be49-7b7df5db80c6} (Trojan.Clicker) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{3e1500ac-87a5-416b-a211-82e848649da9} (Trojan.Clicker) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3e1500ac-87a5-416b-a211-82e848649da9} (Trojan.Clicker) -> Quarantined and deleted successfully.

Zainfekowane wartości rejestru:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Hattric (Backdoor.Agent) -> Quarantined and deleted successfully.

Zainfekowane pliki rejestru:
HKEY_CLASSES_ROOT\regfile\shell\open\command\(default) (Broken.OpenCommand) -> Bad: ("regedit.exe" "%1") Good: (regedit.exe "%1") -> Quarantined and deleted successfully.

Zainfekowane foldery:
C:\Program Files\Ofb1 (Adware.OwlForce) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\hattric (Backdoor.Agent) -> Quarantined and deleted successfully.

Zainfekowane pliki:
C:\Program Files\Ofb1\Ofb1s.dll (Adware.OwlForce) -> Quarantined and deleted successfully.[/code]


Problem jest nadal!

Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!

Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.

×
×
  • Dodaj nową pozycję...

Powiadomienie o plikach cookie

Strona wykorzystuje pliki cookies w celu prawidłowego świadczenia usług i wygody użytkowników. Warunki przechowywania i dostępu do plików cookies możesz zmienić w ustawieniach przeglądarki.