Hi, I have a serious problem with google getting redirected. I've completed 8 step process and I will paste the logs. I would like to add that my old internet explorer remained unaffected but google chrome and mozilla redirects to strange pages after google search.
I would like to thank for Your help in advance.
Here are tyhe logs:
Malwarebytes' Anti-Malware 1.50
www.malwarebytes.org
Database version: 5216
Windows 5.1.2600 Dodatek Service Pack 2
Internet Explorer 6.0.2900.2180
2010-11-30 10:17:01
mbam-log-2010-11-30 (10-17-01).txt
Scan type: Quick scan
Objects scanned: 130490
Time elapsed: 50 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
GMER 1.0.15.15530 - http://www.gmer.net
Rootkit quick scan 2010-11-30 10:22:16
Windows 5.1.2600 Dodatek Service Pack 2 Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0 TOSHIBA_ rev.DK02
Running: 4jgp3z70.exe; Driver: C:\DOCUME~1\MICHA~1\USTAWI~1\Temp\pxtdqpow.sys
---- Devices - GMER 1.0.15 ----
Device Ntfs.sys (NT File System Driver/Microsoft Corporation)
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)
---- EOF - GMER 1.0.15 ----
DDS (Ver_10-11-27.01) - NTFSx86
Run by michał at 10:23:44,53 on 2010-11-30
Internet Explorer: 6.0.2900.2180
Microsoft Windows XP Professional 5.1.2600.2.1250.48.1045.18.2046.1341 [GMT 1:00]
AV: AntiVir Desktop *On-access scanning enabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}
============== Running Processes ===============
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Documents and Settings\michał\Ustawienia lokalne\Dane aplikacji\Google\Update\GoogleUpdate.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\ERA\GlobeTrotter Connect\GlobeTrotter Connect.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\ERA\GlobeTrotter Connect\GtDetectSc.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\oracle\ora92\bin\omtsreco.exe
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\oracle\ora92\bin\agntsrvc.exe
C:\oracle\ora92\Apache\Apache\apache.exe
C:\oracle\ora92\BIN\TNSLSNR.exe
c:\oracle\ora92\bin\ORACLE.EXE
C:\oracle\ora92\bin\dbsnmp.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\oracle\ora92\Apache\Apache\apache.exe
C:\oracle\ora92\jdk\bin\java.exe
C:\oracle\ora92\jdk\bin\java.exe
c:\oracle\ora92\bin\isqlplus
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Java\jre6\bin\jucheck.exe
C:\Documents and Settings\michał\Pulpit\dds.scr
============== Pseudo HJT Report ===============
uStart Page = hxxp://www.google.pl/
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Skype add-on (mastermind): {22bf413b-c6d2-4d91-82a9-a0f997ba588c} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
uRun: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "c:\program files\common files\ahead\lib\NMBgMonitor.exe"
uRun: [Google Update] "c:\documents and settings\michał\ustawienia lokalne\dane aplikacji\google\update\GoogleUpdate.exe" /c
uRun: [ctfmon.exe] c:\windows\system32\CTFMON.EXE
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [nwiz] nwiz.exe /install
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [NeroFilterCheck] c:\program files\common files\ahead\lib\NeroCheck.exe
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [SMSERIAL] c:\program files\motorola\smserial\sm56hlpr.exe
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRunOnce: [Malwarebytes' Anti-Malware] c:\program files\malwarebytes' anti-malware\mbamgui.exe /install /silent
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
StartupFolder: c:\docume~1\alluse~1\menust~1\programy\autost~1\globet~1.lnk - c:\program files\era\globetrotter connect\GlobeTrotter Connect.exe
IE: E&ksport do programu Microsoft Excel - c:\progra~1\micros~1\office11\EXCEL.EXE/3000
IE: E&ksportuj do programu Microsoft Excel - c:\progra~1\micros~1\office12\EXCEL.EXE/3000
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~1\office12\ONBttnIE.dll
IE: {77BF5300-1474-4EC7-9980-D32B190E9B07} - {77BF5300-1474-4EC7-9980-D32B190E9B07} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~1\office11\REFIEBAR.DLL
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {33564D57-0000-0010-8000-00AA00389B71} - hxxp://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
================= FIREFOX ===================
FF - ProfilePath - c:\docume~1\micha~1\daneap~1\mozilla\firefox\profiles\pjbj1hhy.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.pl/
FF - prefs.js: network.proxy.type - 0
FF - plugin: c:\documents and settings\michaĺ‚\dane aplikacji\mozilla\plugins\npgoogletalk.dll
FF - plugin: c:\documents and settings\michaĺ‚\dane aplikacji\mozilla\plugins\npgtpo3dautoplugin.dll
FF - plugin: c:\documents and settings\michaĺ‚\ustawienia lokalne\dane aplikacji\google\update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: c:\program files\k-lite codec pack\real\browser\plugins\nppl3260.dll
FF - plugin: c:\program files\k-lite codec pack\real\browser\plugins\nprpjplug.dll
FF - Extension: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
============= SERVICES / DRIVERS ===============
R1 avgio;avgio;c:\program files\avira\antivir desktop\avgio.sys [2009-8-9 11608]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\avira\antivir desktop\sched.exe [2009-8-9 135336]
R2 AntiVirService;Avira AntiVir Guard;c:\program files\avira\antivir desktop\avguard.exe [2009-8-9 267944]
R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2009-8-9 61960]
R2 GtDetectSc;GtDetectSc;c:\program files\era\globetrotter connect\GtDetectSc.exe [2007-11-5 204915]
R2 OracleOraHome92Agent;OracleOraHome92Agent;c:\oracle\ora92\bin\agntsrvc.exe [2002-4-26 28944]
R2 OracleOraHome92HTTPServer;OracleOraHome92HTTPServer;c:\oracle\ora92\apache\apache\Apache.exe [2002-4-18 4096]
R2 OracleServiceTIGER;OracleServiceTIGER;c:\oracle\ora92\bin\oracle.exe tiger --> c:\oracle\ora92\bin\ORACLE.EXE TIGER [?]
S0 fpagfa;fpagfa;c:\windows\system32\drivers\mfiu.sys --> c:\windows\system32\drivers\mfiu.sys [?]
S3 a2acc;a2acc;\??\c:\program files\mamutu\a2accx86.sys --> c:\program files\mamutu\a2accx86.sys [?]
S3 GT72NDISIPXP;GT 72 IP NDIS;c:\windows\system32\drivers\Gt51Ip.sys [2007-7-9 95744]
S3 GT72UBUS;GT 72 U BUS;c:\windows\system32\drivers\gt72ubus.sys [2007-6-26 51968]
S3 OracleOraHome92SNMPPeerEncapsulator;OracleOraHome92SNMPPeerEncapsulator;c:\oracle\ora92\bin\encsvc.exe [2002-2-13 187392]
S3 OracleOraHome92SNMPPeerMasterAgent;OracleOraHome92SNMPPeerMasterAgent;c:\oracle\ora92\bin\agntsvc.exe [2002-2-13 254464]
=============== Created Last 30 ================
2010-11-30 09:14:53 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-11-30 09:14:49 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-11-30 09:14:49 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-11-30 08:00:49 -------- d-----w- c:\docume~1\alluse~1\daneap~1\SecTaskMan
2010-11-26 09:05:50 16968 ----a-w- c:\windows\system32\drivers\hitmanpro35.sys
2010-11-26 09:04:51 -------- d-----w- c:\docume~1\alluse~1\daneap~1\Hitman Pro
2010-11-25 11:10:00 -------- d-----w- C:\ComboFix
2010-11-25 08:59:56 98816 ----a-w- c:\windows\sed.exe
2010-11-25 08:59:56 89088 ----a-w- c:\windows\MBR.exe
2010-11-25 08:59:56 256512 ----a-w- c:\windows\PEV.exe
2010-11-25 08:59:56 161792 ----a-w- c:\windows\SWREG.exe
2010-11-24 11:08:13 -------- d-----w- c:\windows\system32\NtmsData
2010-11-24 07:32:38 -------- d-----w- c:\docume~1\micha~1\daneap~1\Avira
2010-11-19 23:06:30 -------- d-----w- c:\docume~1\micha~1\ustawi~1\daneap~1\LEd
2010-11-19 21:32:31 -------- d-----w- c:\program files\LEd
2010-11-06 10:37:34 103864 ----a-w- c:\program files\mozilla firefox\plugins\nppdf32.dll
2010-11-06 10:37:34 103864 ----a-w- c:\program files\internet explorer\plugins\nppdf32.dll
==================== Find3M ====================
============= FINISH: 10:24:18,64 ===============
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
DDS (Ver_10-11-27.01)
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 2010-09-17 14:36:42
System Uptime: 2010-11-30 09:56:32 (1 hours ago)
Motherboard: Quanta | | 30D2
Processor: Intel(R) Core(TM)2 Duo CPU T7300 @ 2.00GHz | U2E1 | 1995/800mhz
Processor: Intel(R) Core(TM)2 Duo CPU T7300 @ 2.00GHz | U2E1 | 1995/800mhz
==== Disk Partitions =========================
C: is FIXED (NTFS) - 88 GiB total, 59,528 GiB free.
D: is FIXED (NTFS) - 90 GiB total, 0,754 GiB free.
E: is FIXED (NTFS) - 8 GiB total, 1,033 GiB free.
F: is CDROM ()
==== Disabled Device Manager Items =============
Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Description: Kontroler Ethernet
Device ID: PCI\VEN_10EC&DEV_8136&SUBSYS_30CC103C&REV_01\4&C308017&0&00E5
Manufacturer:
Name: Kontroler Ethernet
PNP Device ID: PCI\VEN_10EC&DEV_8136&SUBSYS_30CC103C&REV_01\4&C308017&0&00E5
Service:
==== System Restore Points ===================
RP6: 2010-11-25 09:54:30 - Punkt kontrolny systemu
RP7: 2010-11-26 19:32:14 - Punkt kontrolny systemu
RP8: 2010-11-29 09:17:43 - Punkt kontrolny systemu
==== Installed Programs ======================
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 9.4.1
Adobe Shockwave Player 11.5
µTorrent
AuthenTec Fingerprint Sensor Minimum Install
Avira AntiVir Personal - Free Antivirus
Dodatek Zapisywanie jako PDF lub XPS firmy Microsoft dla programów pakietu Microsoft Office 2007
e-Deklaracje Desktop
Gadu-Gadu 7.7
GlobeTrotter Connect
Google Talk Plugin
GPL Ghostscript 8.64
GSview 4.9
hp deskjet 5100 series
HP Quick Launch Buttons 6.20 B1
HP Update
Java(TM) 6 Update 17
Java(TM) 6 Update 2
Java(TM) 6 Update 7
K-Lite Mega Codec Pack 4.2.5
LEd Beta 0.53
Lizardtech DjVu Control
Malwarebytes' Anti-Malware
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0
Microsoft Office Excel MUI (Polish) 2007
Microsoft Office Home and Student 2007
Microsoft Office OneNote MUI (Polish) 2007
Microsoft Office PowerPoint MUI (Polish) 2007
Microsoft Office Professional Edition 2003
Microsoft Office Proof (English) 2007
Microsoft Office Proof (German) 2007
Microsoft Office Proof (Polish) 2007
Microsoft Office Proofing (Polish) 2007
Microsoft Office Shared MUI (Polish) 2007
Microsoft Office Word MUI (Polish) 2007
Microsoft Silverlight
Microsoft Software Update for Web Folders (Polish) 12
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
MiKTeX 2.7
MLwiN 2.12 Teaching Version
Motorola SM56 Speakerphone Modem
Mozilla Firefox (3.6.12)
MSXML 6 Service Pack 2 (KB973686)
Nero 7 Ultra Edition
Norton Security Scan
NVIDIA Drivers
PITy 2008 dla Windows kompilacja:1.0.2.10
R for Windows 2.8.1
Realtek High Definition Audio Driver
SAS 9.1
SAS Private JRE (J2SE(tm) Java Runtime Environment 1.4.2_09)
SAS/STAT Experimental Bayesian Procedures
SecureW2 EAP Suite 1.1.1 for Windows
Security Update for 2007 Microsoft Office System (KB951550)
Security Update for 2007 Microsoft Office System (KB951944)
Security Update for 2007 Microsoft Office System (KB960003)
Security Update for Microsoft Office Excel 2007 (KB959997)
Security Update for Microsoft Office OneNote 2007 (KB950130)
Security Update for Microsoft Office PowerPoint 2007 (KB951338)
Security Update for Microsoft Office system 2007 (KB954326)
Security Update for Microsoft Office system 2007 (KB956828)
Security Update for Microsoft Office Word 2007 (KB956358)
Security Update for Step By Step Interactive Training (KB898458)
Skype™ 3.8
SubEdit-Player
Synaptics Pointing Device Driver
Update for 2007 Microsoft Office System (KB967642)
Update for Office 2007 (KB934391)
WebFldrs XP
Winamp
Windows Communication Foundation
Windows Driver Package - Intel (NETw4x32) net (09/26/2007 11.5.0.32)
Windows Driver Package - Intel (w29n51) net (07/25/2007 9.0.4.37)
Windows Driver Package - Intel net (09/26/2007 11.5.0.32)
Windows Media Format 11 runtime
Windows Media Format Runtime
Windows Media Player Firefox Plugin
Windows Presentation Foundation
Windows Workflow Foundation
WinRAR archiver
XML Paper Specification Shared Components Pack 1.0
==== End Of File ===========================
I would like to thank for Your help in advance.
Here are tyhe logs:
Malwarebytes' Anti-Malware 1.50
www.malwarebytes.org
Database version: 5216
Windows 5.1.2600 Dodatek Service Pack 2
Internet Explorer 6.0.2900.2180
2010-11-30 10:17:01
mbam-log-2010-11-30 (10-17-01).txt
Scan type: Quick scan
Objects scanned: 130490
Time elapsed: 50 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
GMER 1.0.15.15530 - http://www.gmer.net
Rootkit quick scan 2010-11-30 10:22:16
Windows 5.1.2600 Dodatek Service Pack 2 Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0 TOSHIBA_ rev.DK02
Running: 4jgp3z70.exe; Driver: C:\DOCUME~1\MICHA~1\USTAWI~1\Temp\pxtdqpow.sys
---- Devices - GMER 1.0.15 ----
Device Ntfs.sys (NT File System Driver/Microsoft Corporation)
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)
---- EOF - GMER 1.0.15 ----
DDS (Ver_10-11-27.01) - NTFSx86
Run by michał at 10:23:44,53 on 2010-11-30
Internet Explorer: 6.0.2900.2180
Microsoft Windows XP Professional 5.1.2600.2.1250.48.1045.18.2046.1341 [GMT 1:00]
AV: AntiVir Desktop *On-access scanning enabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}
============== Running Processes ===============
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Documents and Settings\michał\Ustawienia lokalne\Dane aplikacji\Google\Update\GoogleUpdate.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\ERA\GlobeTrotter Connect\GlobeTrotter Connect.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\ERA\GlobeTrotter Connect\GtDetectSc.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\oracle\ora92\bin\omtsreco.exe
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\oracle\ora92\bin\agntsrvc.exe
C:\oracle\ora92\Apache\Apache\apache.exe
C:\oracle\ora92\BIN\TNSLSNR.exe
c:\oracle\ora92\bin\ORACLE.EXE
C:\oracle\ora92\bin\dbsnmp.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\oracle\ora92\Apache\Apache\apache.exe
C:\oracle\ora92\jdk\bin\java.exe
C:\oracle\ora92\jdk\bin\java.exe
c:\oracle\ora92\bin\isqlplus
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Java\jre6\bin\jucheck.exe
C:\Documents and Settings\michał\Pulpit\dds.scr
============== Pseudo HJT Report ===============
uStart Page = hxxp://www.google.pl/
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Skype add-on (mastermind): {22bf413b-c6d2-4d91-82a9-a0f997ba588c} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
uRun: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "c:\program files\common files\ahead\lib\NMBgMonitor.exe"
uRun: [Google Update] "c:\documents and settings\michał\ustawienia lokalne\dane aplikacji\google\update\GoogleUpdate.exe" /c
uRun: [ctfmon.exe] c:\windows\system32\CTFMON.EXE
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [nwiz] nwiz.exe /install
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [NeroFilterCheck] c:\program files\common files\ahead\lib\NeroCheck.exe
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [SMSERIAL] c:\program files\motorola\smserial\sm56hlpr.exe
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRunOnce: [Malwarebytes' Anti-Malware] c:\program files\malwarebytes' anti-malware\mbamgui.exe /install /silent
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
StartupFolder: c:\docume~1\alluse~1\menust~1\programy\autost~1\globet~1.lnk - c:\program files\era\globetrotter connect\GlobeTrotter Connect.exe
IE: E&ksport do programu Microsoft Excel - c:\progra~1\micros~1\office11\EXCEL.EXE/3000
IE: E&ksportuj do programu Microsoft Excel - c:\progra~1\micros~1\office12\EXCEL.EXE/3000
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~1\office12\ONBttnIE.dll
IE: {77BF5300-1474-4EC7-9980-D32B190E9B07} - {77BF5300-1474-4EC7-9980-D32B190E9B07} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~1\office11\REFIEBAR.DLL
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {33564D57-0000-0010-8000-00AA00389B71} - hxxp://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
================= FIREFOX ===================
FF - ProfilePath - c:\docume~1\micha~1\daneap~1\mozilla\firefox\profiles\pjbj1hhy.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.pl/
FF - prefs.js: network.proxy.type - 0
FF - plugin: c:\documents and settings\michaĺ‚\dane aplikacji\mozilla\plugins\npgoogletalk.dll
FF - plugin: c:\documents and settings\michaĺ‚\dane aplikacji\mozilla\plugins\npgtpo3dautoplugin.dll
FF - plugin: c:\documents and settings\michaĺ‚\ustawienia lokalne\dane aplikacji\google\update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: c:\program files\k-lite codec pack\real\browser\plugins\nppl3260.dll
FF - plugin: c:\program files\k-lite codec pack\real\browser\plugins\nprpjplug.dll
FF - Extension: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
============= SERVICES / DRIVERS ===============
R1 avgio;avgio;c:\program files\avira\antivir desktop\avgio.sys [2009-8-9 11608]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\avira\antivir desktop\sched.exe [2009-8-9 135336]
R2 AntiVirService;Avira AntiVir Guard;c:\program files\avira\antivir desktop\avguard.exe [2009-8-9 267944]
R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2009-8-9 61960]
R2 GtDetectSc;GtDetectSc;c:\program files\era\globetrotter connect\GtDetectSc.exe [2007-11-5 204915]
R2 OracleOraHome92Agent;OracleOraHome92Agent;c:\oracle\ora92\bin\agntsrvc.exe [2002-4-26 28944]
R2 OracleOraHome92HTTPServer;OracleOraHome92HTTPServer;c:\oracle\ora92\apache\apache\Apache.exe [2002-4-18 4096]
R2 OracleServiceTIGER;OracleServiceTIGER;c:\oracle\ora92\bin\oracle.exe tiger --> c:\oracle\ora92\bin\ORACLE.EXE TIGER [?]
S0 fpagfa;fpagfa;c:\windows\system32\drivers\mfiu.sys --> c:\windows\system32\drivers\mfiu.sys [?]
S3 a2acc;a2acc;\??\c:\program files\mamutu\a2accx86.sys --> c:\program files\mamutu\a2accx86.sys [?]
S3 GT72NDISIPXP;GT 72 IP NDIS;c:\windows\system32\drivers\Gt51Ip.sys [2007-7-9 95744]
S3 GT72UBUS;GT 72 U BUS;c:\windows\system32\drivers\gt72ubus.sys [2007-6-26 51968]
S3 OracleOraHome92SNMPPeerEncapsulator;OracleOraHome92SNMPPeerEncapsulator;c:\oracle\ora92\bin\encsvc.exe [2002-2-13 187392]
S3 OracleOraHome92SNMPPeerMasterAgent;OracleOraHome92SNMPPeerMasterAgent;c:\oracle\ora92\bin\agntsvc.exe [2002-2-13 254464]
=============== Created Last 30 ================
2010-11-30 09:14:53 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-11-30 09:14:49 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-11-30 09:14:49 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-11-30 08:00:49 -------- d-----w- c:\docume~1\alluse~1\daneap~1\SecTaskMan
2010-11-26 09:05:50 16968 ----a-w- c:\windows\system32\drivers\hitmanpro35.sys
2010-11-26 09:04:51 -------- d-----w- c:\docume~1\alluse~1\daneap~1\Hitman Pro
2010-11-25 11:10:00 -------- d-----w- C:\ComboFix
2010-11-25 08:59:56 98816 ----a-w- c:\windows\sed.exe
2010-11-25 08:59:56 89088 ----a-w- c:\windows\MBR.exe
2010-11-25 08:59:56 256512 ----a-w- c:\windows\PEV.exe
2010-11-25 08:59:56 161792 ----a-w- c:\windows\SWREG.exe
2010-11-24 11:08:13 -------- d-----w- c:\windows\system32\NtmsData
2010-11-24 07:32:38 -------- d-----w- c:\docume~1\micha~1\daneap~1\Avira
2010-11-19 23:06:30 -------- d-----w- c:\docume~1\micha~1\ustawi~1\daneap~1\LEd
2010-11-19 21:32:31 -------- d-----w- c:\program files\LEd
2010-11-06 10:37:34 103864 ----a-w- c:\program files\mozilla firefox\plugins\nppdf32.dll
2010-11-06 10:37:34 103864 ----a-w- c:\program files\internet explorer\plugins\nppdf32.dll
==================== Find3M ====================
============= FINISH: 10:24:18,64 ===============
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
DDS (Ver_10-11-27.01)
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 2010-09-17 14:36:42
System Uptime: 2010-11-30 09:56:32 (1 hours ago)
Motherboard: Quanta | | 30D2
Processor: Intel(R) Core(TM)2 Duo CPU T7300 @ 2.00GHz | U2E1 | 1995/800mhz
Processor: Intel(R) Core(TM)2 Duo CPU T7300 @ 2.00GHz | U2E1 | 1995/800mhz
==== Disk Partitions =========================
C: is FIXED (NTFS) - 88 GiB total, 59,528 GiB free.
D: is FIXED (NTFS) - 90 GiB total, 0,754 GiB free.
E: is FIXED (NTFS) - 8 GiB total, 1,033 GiB free.
F: is CDROM ()
==== Disabled Device Manager Items =============
Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Description: Kontroler Ethernet
Device ID: PCI\VEN_10EC&DEV_8136&SUBSYS_30CC103C&REV_01\4&C308017&0&00E5
Manufacturer:
Name: Kontroler Ethernet
PNP Device ID: PCI\VEN_10EC&DEV_8136&SUBSYS_30CC103C&REV_01\4&C308017&0&00E5
Service:
==== System Restore Points ===================
RP6: 2010-11-25 09:54:30 - Punkt kontrolny systemu
RP7: 2010-11-26 19:32:14 - Punkt kontrolny systemu
RP8: 2010-11-29 09:17:43 - Punkt kontrolny systemu
==== Installed Programs ======================
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 9.4.1
Adobe Shockwave Player 11.5
µTorrent
AuthenTec Fingerprint Sensor Minimum Install
Avira AntiVir Personal - Free Antivirus
Dodatek Zapisywanie jako PDF lub XPS firmy Microsoft dla programów pakietu Microsoft Office 2007
e-Deklaracje Desktop
Gadu-Gadu 7.7
GlobeTrotter Connect
Google Talk Plugin
GPL Ghostscript 8.64
GSview 4.9
hp deskjet 5100 series
HP Quick Launch Buttons 6.20 B1
HP Update
Java(TM) 6 Update 17
Java(TM) 6 Update 2
Java(TM) 6 Update 7
K-Lite Mega Codec Pack 4.2.5
LEd Beta 0.53
Lizardtech DjVu Control
Malwarebytes' Anti-Malware
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0
Microsoft Office Excel MUI (Polish) 2007
Microsoft Office Home and Student 2007
Microsoft Office OneNote MUI (Polish) 2007
Microsoft Office PowerPoint MUI (Polish) 2007
Microsoft Office Professional Edition 2003
Microsoft Office Proof (English) 2007
Microsoft Office Proof (German) 2007
Microsoft Office Proof (Polish) 2007
Microsoft Office Proofing (Polish) 2007
Microsoft Office Shared MUI (Polish) 2007
Microsoft Office Word MUI (Polish) 2007
Microsoft Silverlight
Microsoft Software Update for Web Folders (Polish) 12
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
MiKTeX 2.7
MLwiN 2.12 Teaching Version
Motorola SM56 Speakerphone Modem
Mozilla Firefox (3.6.12)
MSXML 6 Service Pack 2 (KB973686)
Nero 7 Ultra Edition
Norton Security Scan
NVIDIA Drivers
PITy 2008 dla Windows kompilacja:1.0.2.10
R for Windows 2.8.1
Realtek High Definition Audio Driver
SAS 9.1
SAS Private JRE (J2SE(tm) Java Runtime Environment 1.4.2_09)
SAS/STAT Experimental Bayesian Procedures
SecureW2 EAP Suite 1.1.1 for Windows
Security Update for 2007 Microsoft Office System (KB951550)
Security Update for 2007 Microsoft Office System (KB951944)
Security Update for 2007 Microsoft Office System (KB960003)
Security Update for Microsoft Office Excel 2007 (KB959997)
Security Update for Microsoft Office OneNote 2007 (KB950130)
Security Update for Microsoft Office PowerPoint 2007 (KB951338)
Security Update for Microsoft Office system 2007 (KB954326)
Security Update for Microsoft Office system 2007 (KB956828)
Security Update for Microsoft Office Word 2007 (KB956358)
Security Update for Step By Step Interactive Training (KB898458)
Skype™ 3.8
SubEdit-Player
Synaptics Pointing Device Driver
Update for 2007 Microsoft Office System (KB967642)
Update for Office 2007 (KB934391)
WebFldrs XP
Winamp
Windows Communication Foundation
Windows Driver Package - Intel (NETw4x32) net (09/26/2007 11.5.0.32)
Windows Driver Package - Intel (w29n51) net (07/25/2007 9.0.4.37)
Windows Driver Package - Intel net (09/26/2007 11.5.0.32)
Windows Media Format 11 runtime
Windows Media Format Runtime
Windows Media Player Firefox Plugin
Windows Presentation Foundation
Windows Workflow Foundation
WinRAR archiver
XML Paper Specification Shared Components Pack 1.0
==== End Of File ===========================