Ad.1 Usunęłam to co wykrył program MBAM
Ad.2. Zrobione. Wklejam LOG :
"All processes killed
========== FILES ==========
C:\Users\Martucha\AppData\Roaming\Mozilla\Firefox\Profiles\59euj6gz.default\searchplugins\search.xml moved successfully.
C:\Users\Martucha\AppData\Local\Google\Picasa2Albums\backup\3 stycznia 2012 folder moved successfully.
C:\Users\Martucha\AppData\Local\Google\Picasa2Albums\backup\3 sierpnia 2011 folder moved successfully.
C:\Users\Martucha\AppData\Local\Google\Picasa2Albums\backup\26 lipca 2011 folder moved successfully.
C:\Users\Martucha\AppData\Local\Google\Picasa2Albums\backup\26 kwietnia 2010 folder moved successfully.
C:\Users\Martucha\AppData\Local\Google\Picasa2Albums\backup\25 stycznia 2012 folder moved successfully.
C:\Users\Martucha\AppData\Local\Google\Picasa2Albums\backup\22 maja 2010 folder moved successfully.
C:\Users\Martucha\AppData\Local\Google\Picasa2Albums\backup\21 września 2011 folder moved successfully.
C:\Users\Martucha\AppData\Local\Google\Picasa2Albums\backup\21 grudnia 2011 folder moved successfully.
C:\Users\Martucha\AppData\Local\Google\Picasa2Albums\backup\15 grudnia 2010 folder moved successfully.
C:\Users\Martucha\AppData\Local\Google\Picasa2Albums\backup\12 marca 2012 folder moved successfully.
C:\Users\Martucha\AppData\Local\Google\Picasa2Albums\backup\11 października 2010 folder moved successfully.
C:\Users\Martucha\AppData\Local\Google\Picasa2Albums\backup\1 stycznia 2012 folder moved successfully.
C:\Users\Martucha\AppData\Local\Google\Picasa2Albums\backup folder moved successfully.
C:\Users\Martucha\AppData\Local\Google\Picasa2Albums\6781d50db11cfa311a43d5cac4e9dc57 folder moved successfully.
C:\Users\Martucha\AppData\Local\Google\Picasa2Albums folder moved successfully.
C:\Users\Martucha\AppData\Local\Google\Picasa2\update\LifescapeUpdater folder moved successfully.
C:\Users\Martucha\AppData\Local\Google\Picasa2\update folder moved successfully.
C:\Users\Martucha\AppData\Local\Google\Picasa2\tmp folder moved successfully.
C:\Users\Martucha\AppData\Local\Google\Picasa2\temp\LifescapeUpdater folder moved successfully.
C:\Users\Martucha\AppData\Local\Google\Picasa2\temp folder moved successfully.
C:\Users\Martucha\AppData\Local\Google\Picasa2\runtime folder moved successfully.
C:\Users\Martucha\AppData\Local\Google\Picasa2\ioqueue folder moved successfully.
C:\Users\Martucha\AppData\Local\Google\Picasa2\Desktop folder moved successfully.
C:\Users\Martucha\AppData\Local\Google\Picasa2\db3 folder moved successfully.
C:\Users\Martucha\AppData\Local\Google\Picasa2\cache\feeds folder moved successfully.
C:\Users\Martucha\AppData\Local\Google\Picasa2\cache folder moved successfully.
C:\Users\Martucha\AppData\Local\Google\Picasa2 folder moved successfully.
C:\Users\Martucha\AppData\Local\Google\GBScreensaver folder moved successfully.
C:\Users\Martucha\AppData\Local\Google\CrashReports folder moved successfully.
C:\Users\Martucha\AppData\Local\Google\Chrome\User Data\Default\Plugin Data\Google Gears folder moved successfully.
C:\Users\Martucha\AppData\Local\Google\Chrome\User Data\Default\Plugin Data folder moved successfully.
C:\Users\Martucha\AppData\Local\Google\Chrome\User Data\Default\Cache folder moved successfully.
C:\Users\Martucha\AppData\Local\Google\Chrome\User Data\Default folder moved successfully.
C:\Users\Martucha\AppData\Local\Google\Chrome\User Data folder moved successfully.
C:\Users\Martucha\AppData\Local\Google\Chrome folder moved successfully.
C:\Users\Martucha\AppData\Local\Google folder moved successfully.
========== REGISTRY ==========
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\"Start Page"|"about:blank" /E : value set successfully!
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\\"DefaultScope"|"{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" /E : value set successfully!
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Martucha
->Temp folder emptied: 19779646 bytes
->Temporary Internet Files folder emptied: 39924928 bytes
->Java cache emptied: 6529220 bytes
->FireFox cache emptied: 222494057 bytes
->Flash cache emptied: 10169390 bytes
User: Public
->Temp folder emptied: 0 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 22292 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50534 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 285.00 mb
OTL by OldTimer - Version 3.2.39.2 log created on 03282012_115909
Files\Folders moved on Reboot...
C:\Users\Martucha\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File\Folder C:\Users\Martucha\AppData\Local\Mozilla\Firefox\Profiles\59euj6gz.default\Cache\_CACHE_001_ not found!
File\Folder C:\Users\Martucha\AppData\Local\Mozilla\Firefox\Profiles\59euj6gz.default\Cache\_CACHE_002_ not found!
File\Folder C:\Users\Martucha\AppData\Local\Mozilla\Firefox\Profiles\59euj6gz.default\Cache\_CACHE_003_ not found!
File\Folder C:\Users\Martucha\AppData\Local\Mozilla\Firefox\Profiles\59euj6gz.default\Cache\_CACHE_MAP_ not found!
Registry entries deleted on Reboot...
"
Ad.3. Zrobione. Wklejam LOG:
"# AdwCleaner v1.503 - Logfile created 03/28/2012 at 12:09:37
# Updated 24/03/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Martucha - MARTUCHA-VAIO
# Running from : C:\Users\Martucha\Desktop\adwcleaner.exe
# Option [Delete]
***** [services] *****
***** [Files / Folders] *****
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\Users\Martucha\AppData\Roaming\Babylon
Folder Deleted : C:\Users\Martucha\AppData\Roaming\Complitly
Folder Deleted : C:\Users\Martucha\AppData\Local\Babylon
Folder Deleted : C:\Users\Martucha\AppData\LocalLow\BabylonToolbar
Folder Deleted : C:\Program Files (x86)\Complitly
File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml
***** [H. Navipromo] *****
***** [Registry] *****
Key Deleted : HKCU\Software\Complitly
Key Deleted : HKLM\SOFTWARE\Babylon
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{442F13BC-2031-42D5-9520-437F65271153}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4eaf-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4a99-B4B6-146BF802613B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44a1-AF6E-957C64278AB1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C9AE652B-8C99-4AC2-B556-8B501182874E}
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\defdhglnppeioeflggkmglipcecffkhk
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4a99-B4B6-146BF802613B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49dd-99D7-DC866BE87DBC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{97F2FF5B-260C-4ccf-834A-2DDA4E29E39E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4a99-B4B6-146BF802613B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49dd-99D7-DC866BE87DBC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4ccf-834A-2DDA4E29E39E}
***** [Registry (x64)] *****
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C9AE652B-8C99-4AC2-B556-8B501182874E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
***** [internet Browsers] *****
-\\ Internet Explorer v8.0.7601.17514
Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls - Tabs] = hxxp://search.babylon.com/?AF=110004&tt=090212_ctrl&babsrc=NT_ss&mntrId=acf1a59800000000000000264374997a --> hxxp://www.google.fr
-\\ Mozilla Firefox v11.0 (pl)
Profile name : default
File : C:\Users\Martucha\AppData\Roaming\Mozilla\FireFox\Profiles\59euj6gz.default\prefs.js
C:\Users\Martucha\AppData\Roaming\Mozilla\FireFox\Profiles\59euj6gz.default\user.js ... Deleted !
Deleted : user_pref("browser.babylon.HPOnNewTab", "search.babylon.com");
Deleted : user_pref("browser.search.defaultenginename", "Search the web (Babylon)");
Deleted : user_pref("browser.search.order.1", "Search the web (Babylon)");
Deleted : user_pref("extensions.BabylonToolbar.admin", false);
Deleted : user_pref("extensions.BabylonToolbar.aflt", "babsst");
Deleted : user_pref("extensions.BabylonToolbar.babExt", "");
Deleted : user_pref("extensions.BabylonToolbar.babTrack", "tt=090212_ctrl");
Deleted : user_pref("extensions.BabylonToolbar.bbDpng", 17);
Deleted : user_pref("extensions.BabylonToolbar.dfltSrch", false);
Deleted : user_pref("extensions.BabylonToolbar.hmpg", false);
Deleted : user_pref("extensions.BabylonToolbar.id", "acf1a59800000000000000264374997a");
Deleted : user_pref("extensions.BabylonToolbar.instlDay", "15387");
Deleted : user_pref("extensions.BabylonToolbar.instlRef", "sst");
Deleted : user_pref("extensions.BabylonToolbar.lastDP", 17);
Deleted : user_pref("extensions.BabylonToolbar.lastVrsnTs", "1.5.3.1719:56:52");
Deleted : user_pref("extensions.BabylonToolbar.mntrFFxVrsn", "9.0");
Deleted : user_pref("extensions.BabylonToolbar.newTab", true);
Deleted : user_pref("extensions.BabylonToolbar.newTabUrl", "hxxp://search.babylon.com/?babsrc=NT_bb");
Deleted : user_pref("extensions.BabylonToolbar.noFFXTlbr", false);
Deleted : user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar");
Deleted : user_pref("extensions.BabylonToolbar.propectorlck", 68065279);
Deleted : user_pref("extensions.BabylonToolbar.prtkDS", 1);
Deleted : user_pref("extensions.BabylonToolbar.prtkHmpg", 1);
Deleted : user_pref("extensions.BabylonToolbar.prtnrId", "babylon");
Deleted : user_pref("extensions.BabylonToolbar.ptch_0717", true);
Deleted : user_pref("extensions.BabylonToolbar.smplGrp", "none");
Deleted : user_pref("extensions.BabylonToolbar.srcExt", "ss");
Deleted : user_pref("extensions.BabylonToolbar.tlbrId", "tb9");
Deleted : user_pref("extensions.BabylonToolbar.vrsn", "1.5.3.17");
Deleted : user_pref("extensions.BabylonToolbar.vrsnTs", "1.5.3.1719:56:52");
Deleted : user_pref("extensions.BabylonToolbar.vrsni", "1.5.3.17");
Deleted : user_pref("extensions.BabylonToolbar_i.aflt", "babsst");
Deleted : user_pref("extensions.BabylonToolbar_i.babExt", "");
Deleted : user_pref("extensions.BabylonToolbar_i.babTrack", "tt=090212_ctrl");
Deleted : user_pref("extensions.BabylonToolbar_i.hardId", "acf1a59800000000000000264374997a");
Deleted : user_pref("extensions.BabylonToolbar_i.id", "acf1a59800000000000000264374997a");
Deleted : user_pref("extensions.BabylonToolbar_i.instlDay", "15387");
Deleted : user_pref("extensions.BabylonToolbar_i.instlRef", "sst");
Deleted : user_pref("extensions.BabylonToolbar_i.newTab", true);
Deleted : user_pref("extensions.BabylonToolbar_i.newTabUrl", "hxxp://search.babylon.com/?AF=110004&tt=090212_c[...]
Deleted : user_pref("extensions.BabylonToolbar_i.prdct", "BabylonToolbar");
Deleted : user_pref("extensions.BabylonToolbar_i.prtnrId", "babylon");
Deleted : user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
Deleted : user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
Deleted : user_pref("extensions.BabylonToolbar_i.tlbrId", "tb9");
Deleted : user_pref("extensions.BabylonToolbar_i.vrsn", "1.5.3.17");
Deleted : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.5.3.1719:56:52");
Deleted : user_pref("extensions.BabylonToolbar_i.vrsni", "1.5.3.17");
Deleted : user_pref("keyword.URL", "hxxp://search.babylon.com/?AF=110004&tt=090212_ctrl&babsrc=adbartrp&mntrId[...]
*************************
AdwCleaner[R1].txt - [8893 octets] - [27/03/2012 12:06:41]
AdwCleaner[s1].txt - [7911 octets] - [28/03/2012 12:09:37]
########## EOF - C:\AdwCleaner[s1].txt - [8039 octets] ##########
"
Ad.4.Zrobione. Ale po deinstalacji wyskoczył komunikat "System Windows nie może odnaleźć pliky o nazwie "NIRCMD"..."
Program Comodo wykrył też wirusy , które usunęłam.
Ad.5. Sciągam właśnie dodatek Service Pack 1 dla Windows 7. Rozumiem,że mam pobrać TYLKO
"windows6.1-KB976932-X64.exe 903.2MB" czy ten drugi "windows6.1-KB976932-X86.exe 537.8MB" też ??
