Do aktualizacji:
Java(TM) 6 Update 26 -> www.java.com
Mozilla Firefox 7.0.1 (x86 pl)
Odinstaluj:
Bing Bar
Bing Bar Platform
Adobe Reader 9.1 - Polish, zmien na Foxit (nie instaluj "dodatkow" przy instalacji).
Babylon toolbar on IE
MediaBar
Conduit Engine
DealPly
Dll-Files.com Fixer
Facemoods Toolbar
SFT_Polska Toolbar
Softonic-Polska Toolbar
Zrob skan przy pomocy mbam oraz cureit.
W Chrome zmien wyszukiwarke na google.
Wykonaj skrypt w OTL:
:OTL
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = pl.v9.com/pbr/pbr_1327331720_688390
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = pl.v9.com/pbr/pbr_1327331720_688390
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
http://search.bearshare.com//web?src=ieb&appid=133&systemid=2&sr=0&q= {searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = pl.v9.com/pbr/pbr_1327331720_688390
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
http://search.bearshare.com/sidebar.html?src=ssb
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://search.babylon.com/?AF=100482&babsrc=HP_ss&mntrId=d43e54540000000000006cf049dd5be3
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
http://search.bearshare.com//web?src=ieb&appid=133&systemid=2&sr=0&q= {searchTerms}
IE - HKCU\..\URLSearchHook: {5c5b9468-d672-4eb7-b52f-b5afabf28c5b} - C:\Program Files\SFT_Polska\prxtbSFT_.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - C:\Program Files\DeviceVM\Browser Configuration Utility\AddressBarSearch.dll (DeviceVM, Inc.)
IE - HKCU\..\URLSearchHook: {c86eb8a9-ccc2-4b6c-b75d-73576ed591bf} - C:\Program Files\Softonic-Polska\prxtbSof0.dll (Conduit Ltd.)
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Search the web (Babylon)"
FF - prefs.js..browser.search.defaultthis.engineName: "SFT_Polska Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT3031817&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.order.1: "Search the web (Babylon)"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=685749&ilc=12"
FF - prefs.js..browser.search.selectedEngine: "Search the web (Babylon)"
FF - prefs.js..browser.startup.homepage: "http://search.babylon.com/?AF=100482&babsrc=HP_ss&mntrId=d43e54540000000000006cf049dd5be3"
FF - prefs.js..keyword.URL: "http://search.babylon.com/?AF=100482&babsrc=adbartrp&mntrId=d43e54540000000000006cf049dd5be3&q="
FF - user.js..browser.search.selectedEngine: "Search the web"
FF - user.js..browser.search.order.1: "Search the web"
FF - user.js..browser.search.defaultenginename: "Search the web"
FF - user.js..keyword.URL: "http://www.browsersafesearch.com?client=mozilla-firefox&cd=UTF-8&search=1&q="
[2012-01-10 14:00:43 | 000,000,000 | ---D | M] (SFT_Polska Community Toolbar) -- C:\Documents and Settings\USER\Dane aplikacji\Mozilla\Firefox\Profiles\6z2igo50.default\extensions\{5c5b9468-d672-4eb7-b52f-b5afabf28c5b}
[2011-09-06 17:42:14 | 000,000,000 | ---D | M] (MediaBar) -- C:\Documents and Settings\USER\Dane aplikacji\Mozilla\Firefox\Profiles\6z2igo50.default\extensions\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}
[2012-02-17 17:18:10 | 000,000,000 | ---D | M] (Softonic-Polska Community Toolbar) -- C:\Documents and Settings\USER\Dane aplikacji\Mozilla\Firefox\Profiles\6z2igo50.default\extensions\{c86eb8a9-ccc2-4b6c-b75d-73576ed591bf}
[2012-01-11 17:26:06 | 000,000,000 | ---D | M] (DealPly) -- C:\Documents and Settings\USER\Dane aplikacji\Mozilla\Firefox\Profiles\6z2igo50.default\extensions\{EB9394A3-4AD6-4918-9537-31A1FD8E8EDF}
[2011-07-30 19:01:56 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Documents and Settings\USER\Dane aplikacji\Mozilla\Firefox\Profiles\6z2igo50.default\extensions\engine@conduit.com
[2011-12-31 10:10:31 | 000,000,000 | ---D | M] (Babylon) -- C:\Documents and Settings\USER\Dane aplikacji\Mozilla\Firefox\Profiles\6z2igo50.default\extensions\ffxtlbr@babylon.com
[2011-10-10 19:33:16 | 000,000,000 | ---D | M] (toolplugin) -- C:\Documents and Settings\USER\Dane aplikacji\Mozilla\Firefox\Profiles\6z2igo50.default\extensions\welcome@toolmin.com
[2012-02-17 13:55:50 | 000,002,568 | ---- | M] () -- C:\Documents and Settings\USER\Dane aplikacji\Mozilla\Firefox\Profiles\6z2igo50.default\searchplugins\askcom.xml
[2011-09-27 12:54:44 | 000,000,923 | ---- | M] () -- C:\Documents and Settings\USER\Dane aplikacji\Mozilla\Firefox\Profiles\6z2igo50.default\searchplugins\conduit.xml
[2011-09-06 17:42:03 | 000,002,507 | ---- | M] () -- C:\Documents and Settings\USER\Dane aplikacji\Mozilla\Firefox\Profiles\6z2igo50.default\searchplugins\SearchResults.xml
[2011-07-11 19:04:02 | 000,000,633 | ---- | M] () -- C:\Documents and Settings\USER\Dane aplikacji\Mozilla\Firefox\Profiles\6z2igo50.default\searchplugins\startsear.xml
[2012-01-23 16:06:44 | 000,000,000 | ---D | M] (BearShare MediaBar) -- C:\Program Files\Mozilla Firefox\extensions\{D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A}
() (No name found) -- C:\DOCUMENTS AND SETTINGS\USER\DANE APLIKACJI\MOZILLA\FIREFOX\PROFILES\6Z2IGO50.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
() (No name found) -- C:\DOCUMENTS AND SETTINGS\USER\DANE APLIKACJI\MOZILLA\FIREFOX\PROFILES\6Z2IGO50.DEFAULT\EXTENSIONS\FFXTLBR@FACEMOODS.COM.XPI
[2012-01-26 17:19:31 | 000,002,310 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
[2011-07-20 17:34:18 | 000,002,046 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fcmdSrchvsl.xml
[2011-10-10 19:33:16 | 000,000,158 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\Search the web.src
[2011-09-06 17:42:03 | 000,002,507 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\SearchResults.xml
[2012-01-23 16:15:34 | 000,002,415 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\v9.xml
O2 - BHO: (Babylon toolbar helper) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll (Babylon BHO)
O2 - BHO: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (SFT_Polska Toolbar) - {5c5b9468-d672-4eb7-b52f-b5afabf28c5b} - C:\Program Files\SFT_Polska\prxtbSFT_.dll (Conduit Ltd.)
O2 - BHO: (CescrtHlpr Object) - {64182481-4F71-486b-A045-B233BD0DA8FC} - C:\Program Files\facemoods.com\facemoods\1.4.17.8\bh\facemoods.dll (facemoods.com BHO)
O2 - BHO: (no name) - {74322BF9-DF26-493f-B0DA-6D2FC5E6429E} - No CLSID value found.
O2 - BHO: (IE5BarLauncherBHO Class) - {78F3A323-798E-4AEA-9A57-88F4B05FD5DD} - C:\Program Files\vShare.tv plugin\BarLcher.dll (VShare Inc.)
O2 - BHO: (DealPly) - {A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} - C:\Program Files\DealPly\DealPlyIE.dll (DealPly Technologies Ltd)
O2 - BHO: (MediaBar) - {c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} - C:\Program Files\BearShare Applications\MediaBar\Datamngr\ToolBar\bsdtxmltbpi.dll ()
O2 - BHO: (Softonic-Polska Toolbar) - {c86eb8a9-ccc2-4b6c-b75d-73576ed591bf} - C:\Program Files\Softonic-Polska\prxtbSof0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (SFT_Polska Toolbar) - {5c5b9468-d672-4eb7-b52f-b5afabf28c5b} - C:\Program Files\SFT_Polska\prxtbSFT_.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (VShareToolBar) - {7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} - C:\Program Files\vShare.tv plugin\BarLcher.dll (VShare Inc.)
O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll (Babylon Ltd.)
O3 - HKLM\..\Toolbar: (MediaBar) - {c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} - C:\Program Files\BearShare Applications\MediaBar\Datamngr\ToolBar\bsdtxmltbpi.dll ()
O3 - HKLM\..\Toolbar: (Softonic-Polska Toolbar) - {c86eb8a9-ccc2-4b6c-b75d-73576ed591bf} - C:\Program Files\Softonic-Polska\prxtbSof0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (no name) - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - No CLSID value found.
O3 - HKLM\..\Toolbar: (facemoods Toolbar) - {DB4E9724-F518-4dfd-9C7C-78B52103CAB9} - C:\Program Files\facemoods.com\facemoods\1.4.17.8\facemoodsTlbr.dll (facemoods.com)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (SFT_Polska Toolbar) - {5C5B9468-D672-4EB7-B52F-B5AFABF28C5B} - C:\Program Files\SFT_Polska\prxtbSFT_.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (VShareToolBar) - {7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} - C:\Program Files\vShare.tv plugin\BarLcher.dll (VShare Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Softonic-Polska Toolbar) - {C86EB8A9-CCC2-4B6C-B75D-73576ED591BF} - C:\Program Files\Softonic-Polska\prxtbSof0.dll (Conduit Ltd.)
O4 - HKLM..\Run: [DATAMNGR] C:\Program Files\BearShare Applications\MediaBar\Datamngr\datamngrUI.exe (MusicLab, LLC)
O4 - HKLM..\Run: [facemoods] C:\Program Files\facemoods.com\facemoods\1.4.17.8\facemoodssrv.exe (facemoods.com)
O4 - HKCU..\Run: [RDReminder] C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe (Dll-FIles.com)
O20 - AppInit_DLLs: (C:\PROGRA~1\BEARSH~1\MediaBar\Datamngr\datamngr.dll) -C:\Program Files\BearShare Applications\MediaBar\Datamngr\datamngr.dll (MusicLab, LLC)
O20 - AppInit_DLLs: (C:\PROGRA~1\BEARSH~1\MediaBar\Datamngr\IEBHO.dll) -C:\Program Files\BearShare Applications\MediaBar\Datamngr\IEBHO.dll (MusicLab, LLC)
O33 - MountPoints2\{27d3bf8c-aef0-11e0-997a-6cf049dd5be3}\Shell - "" = AutoRun
O33 - MountPoints2\{27d3bf8c-aef0-11e0-997a-6cf049dd5be3}\Shell\1\Command - "" = H:\Recycle.exe
O33 - MountPoints2\{27d3bf8c-aef0-11e0-997a-6cf049dd5be3}\Shell\2\Command - "" = H:\Recycle.exe
O33 - MountPoints2\{27d3bf8c-aef0-11e0-997a-6cf049dd5be3}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Recycle.exe
[2012-01-26 17:19:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\USER\Dane aplikacji\BabylonToolbar
[2012-01-26 17:19:33 | 000,000,000 | ---D | C] -- C:\Program Files\BabylonToolbar
[2012-01-25 21:02:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\12EA
[2012-01-25 21:00:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\BF
[2012-01-25 20:40:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\201D4
[2012-01-25 08:32:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\ECB
[2012-01-25 07:41:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\271C5
[2012-01-24 23:37:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\3A2CE
[2012-01-24 23:00:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\24203
[2012-01-24 21:04:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\9148
[2012-01-24 14:43:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\32119
[2012-01-24 12:30:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\13280
[2012-01-24 09:55:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\93E
[2012-01-24 08:28:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\1E3E
[2012-01-24 07:38:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\1931C
[2012-01-23 20:15:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\392BF
[2012-01-23 17:43:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\223A9
[2011-12-31 10:11:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\DealPly
[2011-12-31 10:11:07 | 000,000,000 | ---D | C] -- C:\Program Files\DealPly
[2011-12-31 10:10:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\USER\Ustawienia lokalne\Dane aplikacji\Babylon
[2011-12-31 10:10:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\USER\Dane aplikacji\Babylon
[2011-12-31 10:10:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Babylon
[2011-12-31 09:57:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\35109
[2012-01-26 14:00:03 | 000,000,478 | ---- | M] () -- C:\WINDOWS\tasks\At4.job
[2012-01-26 10:10:00 | 000,000,478 | ---- | M] () -- C:\WINDOWS\tasks\At1.job
[2012-01-25 19:31:00 | 000,000,478 | ---- | M] () -- C:\WINDOWS\tasks\At3.job
[2012-01-24 20:40:00 | 000,000,478 | ---- | M] () -- C:\WINDOWS\tasks\At2.job
[2012-01-11 18:27:08 | 000,000,278 | ---- | M] () -- C:\WINDOWS\tasks\DLL-files.com Fixer_UPDATES.job
[2012-01-11 18:27:08 | 000,000,258 | ---- | M] () -- C:\WINDOWS\tasks\DLL-files.com Fixer_MONTHLY.job
[2012-01-25 21:02:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\12EA
[2012-01-24 12:30:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\13280
[2012-01-24 07:38:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\1931C
[2012-01-24 08:28:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\1E3E
[2012-01-25 20:40:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\201D4
[2012-01-23 17:43:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\223A9
[2012-01-24 23:00:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\24203
[2012-01-25 07:41:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\271C5
[2011-08-11 08:55:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\292E
[2012-01-24 14:43:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\32119
[2011-12-31 09:57:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\35109
[2011-08-18 14:28:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\360safe
[2012-01-23 20:15:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\392BF
[2012-01-24 23:37:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\3A2CE
[2012-01-24 21:04:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\9148
[2012-01-24 09:55:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\93E
[2011-12-31 10:10:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Babylon
[2011-12-31 10:10:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\USER\Dane aplikacji\Babylon
[2012-01-26 17:19:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\USER\Dane aplikacji\BabylonToolbar
[2011-07-19 12:41:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\USER\Dane aplikacji\dll-files.com
[2011-07-21 07:40:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\USER\Dane aplikacji\facemoods.com
[2012-02-16 20:51:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\USER\Dane aplikacji\PriceGong
[2012-01-26 10:10:00 | 000,000,478 | ---- | M] () -- C:\WINDOWS\Tasks\At1.job
[2012-01-24 20:40:00 | 000,000,478 | ---- | M] () -- C:\WINDOWS\Tasks\At2.job
[2012-01-25 19:31:00 | 000,000,478 | ---- | M] () -- C:\WINDOWS\Tasks\At3.job
[2012-01-26 14:00:03 | 000,000,478 | ---- | M] () -- C:\WINDOWS\Tasks\At4.job
[2012-01-11 18:27:08 | 000,000,258 | ---- | M] () -- C:\WINDOWS\Tasks\DLL-files.com Fixer_MONTHLY.job
[2012-01-11 18:27:08 | 000,000,278 | ---- | M] () -- C:\WINDOWS\Tasks\DLL-files.com Fixer_UPDATES.job
[2012-01-25 20:44:42 | 000,000,258 | ---- | M] () -- C:\WINDOWS\Tasks\DriverScanner.job
:Commands
[emptytemp]
Po wykonaniu daj nowy log oraz log z TDSSKiller.