UA: Opera/9.80 (Windows NT 6.1; U; pl) Presto/2.9.168 Version/11.52
UA: Mozilla/5.0 (Windows NT 5.1; rv:8.0) Gecko/20100101 Firefox/8.0
:OTL
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bigseekpro.com/acala3gp/{EBA2DD85-D3CE-4DC4-A276-AB603B8C590A}
IE - HKLM\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-3643617085-1303910138-3836052459-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKU\S-1-5-21-3643617085-1303910138-3836052459-1000\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-3643617085-1303910138-3836052459-1000\..\URLSearchHook: {CA3EB689-8F09-4026-AA10-B9534C691CE0} - C:\Program Files (x86)\Acala 3GP Movies FileBulldog Toolbar\tbhelper.dll ()
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2786678&SearchSource=3&q={searchTerms}"
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=8: C:\Program Files (x86)\Google\Update\1.2.183.39\npGoogleOneClick8.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\kamil\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\kamil\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
[2011-09-19 21:21:24 | 000,000,000 | ---D | M] (Acala 3GP Movies FileBulldog Toolbar) -- C:\Users\kamil\AppData\Roaming\mozilla\Firefox\Profiles\iqj9abix.default\extensions\{75656794-AB59-4712-BFBC-5D816D56F3BC}
[2011-11-09 17:07:37 | 000,000,000 | ---D | M] (uTorrentBar Community Toolbar) -- C:\Users\kamil\AppData\Roaming\mozilla\Firefox\Profiles\iqj9abix.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}
[2011-06-25 18:41:12 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\kamil\AppData\Roaming\mozilla\Firefox\Profiles\iqj9abix.default\extensions\[email protected]
[2011-06-20 13:07:48 | 000,000,863 | ---- | M] () -- C:\Users\kamil\AppData\Roaming\Mozilla\Firefox\Profiles\iqj9abix.default\searchplugins\conduit.xml
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
@Alternate Data Stream - 149 bytes -> C:\ProgramData\Temp:981884E7
@Alternate Data Stream - 146 bytes -> C:\ProgramData\Temp:81F83028
@Alternate Data Stream - 141 bytes -> C:\ProgramData\Temp:52DBE86F
@Alternate Data Stream - 139 bytes -> C:\ProgramData\Temp:5D458568
@Alternate Data Stream - 134 bytes -> C:\ProgramData\Temp:BFE23423
@Alternate Data Stream - 133 bytes -> C:\ProgramData\Temp:D20FFA63
@Alternate Data Stream - 120 bytes -> C:\ProgramData\Temp:3E7393FC
:Files
C:\Program Files (x86)\Google\Update
C:\Users\kamil\AppData\Local\Google\Update
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3643617085-1303910138-3836052459-1000UA.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\SA.DAT
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3643617085-1303910138-3836052459-1000Core.job
:Reg
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ATKMEDIA"=-
"ATKOSD2"=-
"HControlUser"=-
"HDAudDeck"=-
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Samsung.PCSync"=-
[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run]
"Samsung.PCSync"=-
:Commands
[clearallrestorepoints]
[emptytemp]
UA: Opera/9.80 (Windows NT 6.1; U; pl) Presto/2.9.168 Version/11.52
UA: Mozilla/5.0 (Windows NT 5.1; rv:8.0) Gecko/20100101 Firefox/8.0
Wejdź w START Uruchom Msconfig Usługi Odznacz tam usługę WinDefend
:OTL
@Alternate Data Stream - 149 bytes C:\ProgramData\Temp:981884E7
@Alternate Data Stream - 146 bytes C:\ProgramData\Temp:81F83028
@Alternate Data Stream - 141 bytes C:\ProgramData\Temp:52DBE86F
@Alternate Data Stream - 139 bytes C:\ProgramData\Temp:5D458568
@Alternate Data Stream - 134 bytes C:\ProgramData\Temp:BFE23423
@Alternate Data Stream - 133 bytes C:\ProgramData\Temp:D20FFA63
@Alternate Data Stream - 120 bytes C:\ProgramData\Temp:3E7393FC
:Files
C:\Windows\tasks\SA.DAT
:Commands
[clearallrestorepoints]
[emptytemp]
UA: Opera/9.80 (Windows NT 6.1; U; pl) Presto/2.9.168 Version/11.52
UA: Mozilla/5.0 (Windows NT 5.1; rv:8.0) Gecko/20100101 Firefox/8.0
UA: Opera/9.80 (Windows NT 6.1; U; pl) Presto/2.9.168 Version/11.52
UA: Mozilla/5.0 (Windows NT 5.1; rv:8.0) Gecko/20100101 Firefox/8.0
UA: Opera/9.80 (Windows NT 6.1; U; pl) Presto/2.9.168 Version/11.52
UA: Mozilla/5.0 (Windows NT 5.1; rv:8.0) Gecko/20100101 Firefox/8.0
UA: Opera/9.80 (Windows NT 6.1; U; pl) Presto/2.9.168 Version/11.52
UA: Mozilla/5.0 (Windows NT 5.1; rv:8.0) Gecko/20100101 Firefox/8.0
UA: Opera/9.80 (Windows NT 6.1; U; pl) Presto/2.9.168 Version/11.52
UA: Mozilla/5.0 (Windows NT 5.1; rv:8.0) Gecko/20100101 Firefox/8.0
UA: Opera/9.80 (Windows NT 6.1; U; pl) Presto/2.9.168 Version/11.52
Zarejestrowani użytkownicy: Brak zarejestrowanych użytkowników