[Aby zobaczyć linki, zarejestruj się tutaj]
.:OTL
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\XDva391.sys -- (XDva391)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgvmodem.sys -- (LGVMODEM)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgbtbus.sys -- (lgbusenum)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgbtport.sys -- (LgBttPort)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\Andzia\USTAWI~1\Temp\catchme.sys -- (catchme)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgandnetndis.sys -- (andnetndis)
DRV - File not found [Kernel | On_Demand | Unknown] ---- (aknicwcw)
DRV - File not found [Kernel | On_Demand | Unknown] ---- (a6wspqdh)
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.v9.com/?utm_source=b&utm_medium=vlt&from=vlt&uid=ST3250410AS_6RY1Q5AJ____6RY1Q5AJ&ts=1356540412
IE - HKU\S-1-5-21-1614895754-1935655697-682003330-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.v9.com/?utm_source=b&utm_medium=vlt&from=vlt&uid=ST3250410AS_6RY1Q5AJ____6RY1Q5AJ&ts=1356540412
IE - HKU\S-1-5-21-1614895754-1935655697-682003330-1004\..\SearchScopes,bProtectorDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKU\S-1-5-21-1614895754-1935655697-682003330-1004\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-1614895754-1935655697-682003330-1004\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/?q={searchTerms}&affID=110824&tt=4912_4&babsrc=SP_ss&mntrId=a8cd14ed000000000000001bfcaa6f0d
IE - HKU\S-1-5-21-1614895754-1935655697-682003330-1004\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=CPUID&o=14654&src=crm&q={searchTerms}&locale=&apn_ptnrs=^CV&apn_dtid=^YYYYYY^YY^PL&apn_uid=409ff221-1a67-40e6-88e6-6a681d017c09&apn_sauid=B2B145F5-5331-48E6-8B6B-A56248433374
IE - HKU\S-1-5-21-1614895754-1935655697-682003330-1004\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://search.v9.com/web/?q={searchTerms}
IE - HKU\S-1-5-21-1614895754-1935655697-682003330-1004\..\SearchScopes\{AC129BF9-68BF-4bc4-A1DC-ECB62712FF99}: "URL" = http://search.kikin.com/search/?q={searchTerms}
IE - HKU\S-1-5-21-1614895754-1935655697-682003330-1004\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2304157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
FF - prefs.js..browser.search.defaultthis.engineName: "Free Lunch Design Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT1708250&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.selectedEngine: "Ask.com"
FF - prefs.js..browser.startup.homepage: "http://www.ask.com/?l=dis&o=14656"
FF - prefs.js..extensions.enabledAddons: {6d96bb5e-1175-4ebf-8ab5-5f56f1c79f65}:0.9.6
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: {57cc715d-37ca-44e4-9ec2-8c2cbddb25ec}:2.5.6.0
FF - prefs.js..extensions.enabledItems: {AA994882-F391-4d2e-806F-8908DA4814ED}:2.11.19
FF - prefs.js..extensions.enabledItems: {66871bd1-5ba2-4739-b485-2a15f5969bd8}:2.20100123
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..keyword.URL: "http://search.babylon.com/?affID=110824&tt=4912_4&babsrc=KW_ss&mntrId=a8cd14ed000000000000001bfcaa6f0d&q="
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
O2 - BHO: (HistoryTriggerBHO Class) - {21A88CB9-84D2-4020-A2D1-B25A21034884} - C:\Documents and Settings\Andzia\Pulpit\LG PC Suite IV\LinkAir\LinkAirBrowserHelper.dll File not found
O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Documents and Settings\Andzia\Dane aplikacji\Nowe Gadu-Gadu\_userdata\ggbho.1.dll File not found
O3 - HKLM\..\Toolbar: (no name) - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - No CLSID value found.
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1614895754-1935655697-682003330-1004\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1614895754-1935655697-682003330-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-1614895754-1935655697-682003330-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-1614895754-1935655697-682003330-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: LG Air Sync (R-Click) - Save as Mobile Image - res://C:\Documents and Settings\Andzia\Pulpit\LG PC Suite IV\LinkAir\IEContextMenu.dll/206 File not found
O8 - Extra context menu item: LG Air Sync (R-Click) - Save as Mobile Memo - res://C:\Documents and Settings\Andzia\Pulpit\LG PC Suite IV\LinkAir\IEContextMenu.dll/208 File not found
O8 - Extra context menu item: LG Air Sync (R-Click) - Save as Mobile Text file - res://C:\Documents and Settings\Andzia\Pulpit\LG PC Suite IV\LinkAir\IEContextMenu.dll/210 File not found
O8 - Extra context menu item: LG Air Sync (R-Click) - Set as Mobile Wallpaper - res://C:\Documents and Settings\Andzia\Pulpit\LG PC Suite IV\LinkAir\IEContextMenu.dll/205 File not found
O8 - Extra context menu item: LG Air Sync Option - res://C:\Documents and Settings\Andzia\Pulpit\LG PC Suite IV\LinkAir\IEContextMenu.dll/209 File not found
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab (Java Plug-in 1.6.0_32)
O16 - DPF: {CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab (Java Plug-in 1.6.0_32)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab (Java Plug-in 1.6.0_32)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} https://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Reg Error: Key error.)
O24 - Desktop Components:0 () - file:///C:/DOCUME~1/Andzia/USTAWI~1/Temp/msohtml1/01/clip_image001.gif
[2012-12-04 19:43:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Babylon
[2012-12-04 19:43:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andzia\Dane aplikacji\Babylon
[2011-09-30 18:56:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andzia\Dane aplikacji\OpenCandy
[2011-12-17 12:41:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xx\Dane aplikacji\PriceGong
:reg
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="aboutblank"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main]
"Start Page"="aboutblank"
:Files
AUTORUN.INF /alldrives
$RECYCLE.BIN /alldrives
RECYCLER /alldrives
C:\Documents and Settings\Andzia\Dane aplikacji\Mozilla\Firefox\Profiles\8z6a59zw.default\searchplugins\askcom.xml
C:\Documents and Settings\Andzia\Dane aplikacji\Mozilla\Firefox\Profiles\8z6a59zw.default\searchplugins\babylon1.xml
C:\Documents and Settings\Andzia\Dane aplikacji\Mozilla\Firefox\Profiles\8z6a59zw.default\searchplugins\conduit.xml
C:\Program Files\mozilla firefox\searchplugins\babylon.xml
C:\Documents and Settings\Andzia\Pulpit\photothumb.db
:Commands
[EMPTYTEMP][Aby zobaczyć linki, zarejestruj się tutaj]
i uruchom AdwCleanerz opcji Delete .[Aby zobaczyć linki, zarejestruj się tutaj]
do najnowszej wersji,lub ją odinstaluj jeśli nie używasz.