:OTL
PRC - [2008-04-14 21:51:18 | 01,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2009-12-30 16:18:00 | 00,024,688 | ---- | M] (MyWebSearch.com) -- C:\Program Files\MyWebSearch\bar\2.bin\M3SRCHMN.EXE
MOD - [2009-12-30 16:18:00 | 00,024,685 | ---- | M] (MyWebSearch.com) -- C:\Program Files\MyWebSearch\bar\2.bin\F3HKSTUB.DLL
SRV - [2009-12-23 16:10:48 | 00,058,744 | ---- | M] () [Auto | Stopped] -- C:\Documents and Settings\All Users\Dane aplikacji\QuestService\questservice113.exe -- (QuestService Service)
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.theprizeday.com/today.phpIE - HKCU\..\URLSearchHook: {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\bar\2.bin\MWSSRCAS.DLL (MyWebSearch.com)
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.1.2
FF - prefs.js..extensions.enabledItems: {E889F097-B0BE-471B-89AD-B86B6F04B506}:4.1.0.1960
FF - prefs.js..extensions.enabledItems: {de5809e0-2b07-11dd-bd0b-0800200c9a66}:1.1.2
FF - prefs.js..keyword.URL: "http://www.mywebsearch.com/jsp/cfg_redir2.jsp?id=ZNfox000&fl=0&ptb=HtNk665GcIEWcRKHBBxZiw&url=http://search.mywebsearch.com/mywebsearch/dft_redir.jhtml&st=kwd&searchfor="
FF - HKLM\software\mozilla\Firefox\Extensions\\{E63605FC-D583-4C81-867F-9457BDB3EA1B}: C:\Program Files\Web Search Operator\4.1.0.2080\FF [2009-12-20 15:01:31 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{8141440E-08F0-4339-9959-5C31C6A69F23}: C:\Program Files\Web Search Operator\4.1.0.2080\FF [2009-12-20 15:01:31 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{E889F097-B0BE-471B-89AD-B86B6F04B506}: C:\Program Files\Customized Platform Advancer\4.1.0.1960\FF [2009-12-20 15:01:52 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\
[email protected]: C:\Program Files\MyWebSearch\bar\firefox\ [2010-01-12 21:24:01 | 00,000,000 | ---D | M]
[2009-12-28 19:49:23 | 00,000,000 | ---D | M] (QuestService) -- C:\Program Files\Mozilla Firefox\extensions\{AAF6454A-4000-4015-84C1-6CD844C06B19}
[2009-12-20 15:03:23 | 00,002,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\questservice110.xml
[2009-12-28 19:49:25 | 00,002,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\questservice113.xml
O2 - BHO: (MyWebSearch Search Assistant BHO) - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\bar\2.bin\MWSSRCAS.DLL (MyWebSearch.com)
O2 - BHO: (mwsBar BHO) - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\2.bin\MWSBAR.DLL (MyWebSearch.com)
O2 - BHO: (no name) - {1D74E9DD-8987-448b-B2CB-67FFF2B8A932} - No CLSID value found.
O2 - BHO: (Customized Platform Advancer) - {42C7C39F-3128-4a17-BDB7-91C46032B5B9} - C:\Program Files\Customized Platform Advancer\4.1.0.1960\CPAIEAddOn.dll ()
O2 - BHO: (no name) - {B72681C0-A222-4b21-A0E2-53A5A5CA3D41} - No CLSID value found.
O2 - BHO: (Textual Content Provider) - {CAC89FF9-34A9-4431-8CFE-292A47F843BC} - C:\Program Files\Textual Content Provider\1.1.0.1810\TCPIE.dll ()
O2 - BHO: (Web Search Operator) - {EB4A577D-BCAD-4b1c-8AF2-9A74B8DD3431} - C:\Program Files\Web Search Operator\4.1.0.2080\WSO.dll ()
O3 - HKLM\..\Toolbar: (My Web Search) - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\2.bin\MWSBAR.DLL (MyWebSearch.com)
O3 - HKCU\..\Toolbar\WebBrowser: (My Web Search) - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\2.bin\MWSBAR.DLL (MyWebSearch.com)
O4 - HKLM..\Run: [My Web Search Bar Search Scope Monitor] C:\Program Files\MyWebSearch\bar\2.bin\M3SRCHMN.EXE (MyWebSearch.com)
:Files
C:\Program Files\MyWebSearch
C:\Documents and Settings\All Users\Dane aplikacji\QuestService
C:\Program Files\Web Search Operator
C:\Program Files\Customized Platform Advancer
C:\Program Files\Textual Content Provider
C:\Documents and Settings\komputer\Menu Start\Programy\Autostart\Tworzenie wycinków ekranu i uruchamianie programu OneNote 2007.lnk
C:\Program Files\FunWebProducts
:Reg
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"=-
"GrooveMonitor"=-
"HDAudDeck"=-
"HotKeysCmds"=-
"HP Software Update"=-
"hpqSRMon"=-
"IgfxTray"=-
"NeroFilterCheck"=-
"Persistence"=-
"SunJavaUpdateSched"=-
:Commands
[emptytemp]
[start explorer]