• Ogłoszenie:

Nie mogę usunąć strony startowej bearshare w firefox

Bezpieczeństwo systemów, usuwanie wirusów, dobieranie programów antywirusowych. Obowiązkowe logi w tym dziale: trzy z FRST + Gmer.

Nie mogę usunąć strony startowej bearshare w firefox

Postprzez kriszpily 04 Sie 2011, 12:44

reklama
BARDZO PROSZĘ o POMOC.
Za każdym razem, gdy uruchamiam Firefoxa uruchamia się strona startowa Bearshare.
Próbowałem już wstawić inne strony startowe, ale to nie pomaga. Usunąłem cały program Bearshare, oraz w CCleaner w rejestrze wszystko co dotyczy Bearshare, ale i to nie pomogło.
Jestem laikiem komputerowym, a więc proszę o to, aby w miarę dokładnie opisać jak usunąć ten problem.
Oczekuję na podpowiedzi.
Z góry dziękuję.
kriszpily
~user
 
Posty: 6
Dołączenie: 04 Sie 2011, 12:37



Nie mogę usunąć strony startowej bearshare w firefox

Postprzez NieWiem 04 Sie 2011, 12:51

Daj logi z OTLa według przyklejonego tematu:
otl-dds-combofix-vt117885.html
1. Pomocy udzielam wyłącznie na licencji beerware!
2. Jeśli nie odpowiadam od razu w temacie, to znaczy że mam życie poza internetem. Uszanuj mój dobrowolnie poświęcony czas i nie oczekuj wszystkiego natychmiast. Jeśli nie odpowiadam przez 48 godzin, przyślij PW.

STOP ++> trollom, dzieciom neostrady, emo, Forestom, kotożercom i nienawiści [ nie dotyczy wymienionych wcześniej ]
Image
Awatar użytkownika
NieWiem
~user
 
Posty: 2183
Dołączenie: 19 Cze 2009, 17:01
Miejscowość: Okolice Okolic
Pochwały: 171



Nie mogę usunąć strony startowej bearshare w firefox

Postprzez kriszpily 04 Sie 2011, 12:53

Błędnie wpisane i usunięte logi.
Ostatnio edytowany przez kriszpily, 04 Sie 2011, 13:28, edytowano w sumie 1 raz
kriszpily
~user
 
Posty: 6
Dołączenie: 04 Sie 2011, 12:37



Nie mogę usunąć strony startowej bearshare w firefox

Postprzez NieWiem 04 Sie 2011, 13:22

No halo Panie, coś tam chyba było że logi dajemy albo w tagach [code] albo na http://www.wklej.org.
Proszę poprawić albo nie spojrzę nawet na nie.

A problem nawet już widzę i wiem jak go usunąć :P
1. Pomocy udzielam wyłącznie na licencji beerware!
2. Jeśli nie odpowiadam od razu w temacie, to znaczy że mam życie poza internetem. Uszanuj mój dobrowolnie poświęcony czas i nie oczekuj wszystkiego natychmiast. Jeśli nie odpowiadam przez 48 godzin, przyślij PW.

STOP ++> trollom, dzieciom neostrady, emo, Forestom, kotożercom i nienawiści [ nie dotyczy wymienionych wcześniej ]
Image
Awatar użytkownika
NieWiem
~user
 
Posty: 2183
Dołączenie: 19 Cze 2009, 17:01
Miejscowość: Okolice Okolic
Pochwały: 171



Nie mogę usunąć strony startowej bearshare w firefox

Postprzez kriszpily 04 Sie 2011, 13:27

Sory, ale nigdy nie wklejałem na fora takich rzeczy. Myślę, że teraz będzie dobrze.


Extras

Kod: Zaznacz wszystko
OTL Extras logfile created on: 2011-08-04 12:59:00 - Run 1
OTL by OldTimer - Version 3.2.26.1     Folder = C:\Documents and Settings\ja\Pulpit
Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

1022,07 Mb Total Physical Memory | 530,43 Mb Available Physical Memory | 51,90% Memory free
2,40 Gb Paging File | 1,97 Gb Available in Paging File | 81,89% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 58,59 Gb Total Space | 37,08 Gb Free Space | 63,29% Space Free | Partition Type: NTFS
Drive D: | 63,47 Gb Total Space | 59,57 Gb Free Space | 93,85% Space Free | Partition Type: NTFS
Drive E: | 64,23 Gb Total Space | 50,51 Gb Free Space | 78,63% Space Free | Partition Type: NTFS
Drive F: | 3,92 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS

Computer Name: JA-9FBCA0C8474F | User Name: ja | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found
.url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l

[HKEY_USERS\S-1-5-21-725345543-1326574676-682003330-1003\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

[color=#E56717]========== Shell Spawning ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- C:\Program Files\ParetoLogic\PCHA\noapp.exe %1 (ParetoLogic)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[color=#E56717]========== Security Center Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[color=#E56717]========== System Restore Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

[color=#E56717]========== Firewall Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

[color=#E56717]========== Authorized Applications List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\BearShare Applications\BearShare\BearShare.exe" = C:\Program Files\BearShare Applications\BearShare\BearShare.exe:*:Enabled:BearShare

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Documents and Settings\ja\Moje dokumenty\Pobieranie\PDFConverterSetup.exe" = C:\Documents and Settings\ja\Moje dokumenty\Pobieranie\PDFConverterSetup.exe:*:Enabled:InstallCore™
"D:\Wru\Wru.exe" = D:\Wru\Wru.exe:*:Disabled:Wru P2P Client -- (Lavorate Sp.z.o.o.)
"E:\Program Files\BearShare\BearShare.exe" = E:\Program Files\BearShare\BearShare.exe:*:Enabled:BearShare
"C:\Program Files\BearShare Applications\BearShare\BearShare.exe" = C:\Program Files\BearShare Applications\BearShare\BearShare.exe:*:Enabled:BearShare
"E:\GRY\CS\Steam.exe" = E:\GRY\CS\Steam.exe:*:Enabled:Steam
"C:\Program Files\Steam\Steam.exe" = C:\Program Files\Steam\Steam.exe:*:Enabled:Steam
"C:\Documents and Settings\ja\Pulpit\PDFConverterSetup.exe" = C:\Documents and Settings\ja\Pulpit\PDFConverterSetup.exe:*:Enabled:InstallCore™
"C:\Documents and Settings\ja\Ustawienia lokalne\Temp\ICReinstall\PDFConverterSetup.exe" = C:\Documents and Settings\ja\Ustawienia lokalne\Temp\ICReinstall\PDFConverterSetup.exe:*:Enabled:InstallCore™ -- (InstallCore© Technologies         )


[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{03ADC8AB-C130-0C3D-1FF9-2C385DF25689}" = CCC Help Czech
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{05D30DBE-4EF3-477E-BCB0-8B5E3D9580AD}" = The Suffering
"{07021185-008D-ABF9-7716-475AC035F8B3}" = CCC Help Spanish
"{0F8D0406-7755-AC37-6529-73AD649DBE32}" = Catalyst Control Center Graphics Previews Common
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{22072CC8-7230-96F8-52F4-05EAF3F906B6}" = CCC Help Polish
"{2368ADBD-6FDF-4B9F-FE41-E20B4D78E79E}" = CCC Help Chinese Standard
"{259C0ABB-A3B2-4D70-008F-BF7EE491B70B}" = Need for Speed™ Carbon
"{25EF0DC4-B072-2E04-4581-A13C91423CE6}" = CCC Help Portuguese
"{26A24AE4-039D-4CA4-87B4-2F83216026FF}" = Java(TM) 6 Update 26
"{26F7855C-443B-00A6-F7B8-A97A5403F617}" = CCC Help Danish
"{2CB4A925-48A7-DA65-DCEE-D4DE224B7D84}" = CCC Help English
"{306D75B9-7FFF-FF65-0C76-57F2FE4FE1D6}" = Catalyst Control Center Core Implementation
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{32B12FE4-5A51-751A-1FB6-A14E97EBDD5C}" = CCC Help German
"{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{351512E5-01BD-E878-6F57-AA3E517D9ECE}" = Skins
"{354A387E-0374-21A3-6832-335674A6D7D1}" = CCC Help French
"{3C00BEE9-26D0-D9E0-A2D1-62F70D412A12}" = CCC Help Turkish
"{3CBF3EBB-235D-4c29-A68B-2BB1F428586E}" = ParetoLogic PC Health Advisor
"{4346F7AA-3D56-0941-424C-4454E04D37F6}" = CCC Help Italian
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CAE2F2C-75CD-A0DE-7520-449BCBBCC833}" = CCC Help Korean
"{57F7F0A5-8F22-8E63-E819-803B5C9CA3A5}" = CCC Help Dutch
"{5EA437D2-7A57-B60E-E8F2-76BFAC0895A5}" = CCC Help Chinese Traditional
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{61AF4E75-050E-0304-3417-8BC16417FEB1}" = CCC Help Greek
"{62F44234-F665-420E-BF9B-26E52DAB90BE}" = Juiced 2 - Hot Import Nights
"{632005DA-C291-5275-284C-5EE96B05C714}" = Catalyst Control Center HydraVision Full
"{6C72BE0C-3E25-CACD-0070-2FD9C02ABA14}" = ccc-core-preinstall
"{7131646D-CD3C-40F4-97B9-CD9E4E6262EF}" = Microsoft .NET Framework 2.0
"{74B9977F-47FE-4C1A-8DA3-C65F17CF93DD}" = OpenOffice.org 3.0
"{7E369B27-13E2-41A5-9879-358EE1C8B5AD}" = Broadcom Gigabit Integrated Controller
"{880BB617-914E-17E8-D877-A96BAC5794D2}" = Catalyst Control Center Graphics Full New
"{8897CF22-DB6C-8248-895C-12BFA2677F51}" = CCC Help Hungarian
"{8D7133DE-27D2-47E5-B248-4180278D32AA}" = Catalyst Control Center - Branding
"{92B94569-6683-4617-8C54-EB27A1B51B30}" = GTA III
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.0)
"{AF710FDE-2815-8C8D-5281-8004C2654AA6}" = CCC Help Russian
"{AFF2D965-C6F2-A210-FBF7-532612AA1D23}" = CCC Help Swedish
"{AFF7E080-1974-45BF-9310-10DE1A1F5ED0}" = Adobe AIR
"{B21336EE-4AEF-9940-4AC7-EDB89854B8D3}" = CCC Help Thai
"{B4FD3F41-E90C-4A3E-AADF-F2FB64CF2E42}" = Gothic II Złota Edycja
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Toolbars
"{BBA69346-61A1-BD34-E75A-4D81232DB1FE}" = Catalyst Control Center Localization All
"{BFD5ED08-F066-92D5-BE67-3B9AE5DCFF0C}" = CCC Help Japanese
"{C4609F15-FB3C-D97E-BAA1-4F10815039C2}" = Catalyst Control Center Graphics Full Existing
"{D01FAC3D-86B4-3A19-9D10-9156A0EB3EBE}" = CCC Help Finnish
"{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}" = GTA San Andreas
"{D6F879CC-59D6-4D4B-AE9B-D761E48D25ED}" = Skype™ 5.3
"{D73722C8-3F65-C75B-A631-5D36894DAB92}" = ccc-core-static
"{DDAD33B6-8C00-428D-087B-A7088355B9BE}" = Catalyst Control Center Graphics Light
"{E333F074-FC7F-596D-3D61-44F0EC28E8C0}" = ccc-utility
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{FA38F9E4-BED7-E021-B660-8FDFF7EC6E1A}" = CCC Help Norwegian
"4StoryPL_is1" = 4Story 3.5
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"AIMP2" = AIMP2
"All ATI Software" = Narzędzie Software Uninstall Utility firmy ATI
"Ashampoo Burning Studio 2010 Advanced_is1" = Ashampoo Burning Studio 2010 Advanced
"ATI Display Driver" = ATI Display Driver
"avast" = avast! Free Antivirus
"BabylonToolbar" = Babylon toolbar
"BearShare 2 MediaBar" = MediaBar
"CCleaner" = CCleaner
"CleanGP_is1" = CleanGP 4.4 Build 4005
"conduitEngine" = Conduit Engine
"Dll-Files.com Fixer_is1" = Dll-Files.com Fixer
"Dziobas Rar Player_is1" = Dziobas Rar Player 0.009.38
"facemoods" = Facemoods Toolbar
"FoxTab PDF Converter" = FoxTab PDF Converter
"Microsoft .NET Framework 2.0" = Microsoft .NET Framework 2.0
"Mozilla Firefox 5.0.1 (x86 pl)" = Mozilla Firefox 5.0.1 (x86 pl)
"My Global Search Uninstall" = My Global Search Bar
"MyAshampoo Toolbar" = MyAshampoo Toolbar
"PhotoScape" = PhotoScape
"The KMPlayer" = The KMPlayer (remove only)
"Winamp" = Winamp
"Windows Media Format Runtime" = Windows Media Format Runtime
"WinRAR archiver" = Archiwizator WinRAR

[color=#E56717]========== Last 10 Event Log Errors ==========[/color]

[ Application Events ]
Error - 2011-06-08 08:06:03 | Computer Name = JA-9FBCA0C8474F | Source = Application Hang | ID = 1002
Description = Aplikacja zawieszająca burningstudio.exe, wersja 6.1.0.0, moduł zawieszenia
hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000.

[ System Events ]
Error - 2011-07-31 11:55:22 | Computer Name = JA-9FBCA0C8474F | Source = DCOM | ID = 10005
Description = Model DCOM odebrał błąd „%1053” podczas próby uruchomienia usługi
gupdate z argumentami „/comsvc”  w celu uruchomienia serwera:  {4EB61BAC-A3B6-4760-9581-655041EF4D69}

Error - 2011-07-31 11:55:40 | Computer Name = JA-9FBCA0C8474F | Source = Service Control Manager | ID = 7009
Description = Limit czasu (30000 milisekund) podczas oczekiwania na połączenie się
z usługą Usługa Google Update (gupdate).

Error - 2011-07-31 11:55:41 | Computer Name = JA-9FBCA0C8474F | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi Usługa Google Update (gupdate) z powodu
następującego błędu:   %%1053

Error - 2011-08-04 03:17:45 | Computer Name = JA-9FBCA0C8474F | Source = System Error | ID = 1003
Description = Kod błędu 1000008e, parametr 1 c0000005, parametr 2 bf951755, parametr
3 ab301c00, parametr 4 00000000.


< End of report >



OTL

Kod: Zaznacz wszystko
OTL logfile created on: 2011-08-04 12:59:00 - Run 1
OTL by OldTimer - Version 3.2.26.1     Folder = C:\Documents and Settings\ja\Pulpit
Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

1022,07 Mb Total Physical Memory | 530,43 Mb Available Physical Memory | 51,90% Memory free
2,40 Gb Paging File | 1,97 Gb Available in Paging File | 81,89% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 58,59 Gb Total Space | 37,08 Gb Free Space | 63,29% Space Free | Partition Type: NTFS
Drive D: | 63,47 Gb Total Space | 59,57 Gb Free Space | 93,85% Space Free | Partition Type: NTFS
Drive E: | 64,23 Gb Total Space | 50,51 Gb Free Space | 78,63% Space Free | Partition Type: NTFS
Drive F: | 3,92 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS

Computer Name: JA-9FBCA0C8474F | User Name: ja | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2011-08-04 12:54:39 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\ja\Pulpit\OTL.exe
PRC - [2011-07-08 09:50:28 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011-07-04 13:43:54 | 003,493,720 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2011-07-04 13:43:51 | 000,042,184 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2004-08-04 00:44:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe


[color=#E56717]========== Modules (SafeList) ==========[/color]

MOD - [2011-08-04 12:54:39 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\ja\Pulpit\OTL.exe
MOD - [2011-07-04 13:43:51 | 000,199,792 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\snxhk.dll
MOD - [2004-08-04 00:42:34 | 001,050,624 | R--- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - [2011-07-04 13:43:51 | 000,042,184 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - [2011-07-04 13:36:43 | 000,441,176 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011-07-04 13:36:32 | 000,309,848 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011-07-04 13:35:23 | 000,043,608 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011-07-04 13:35:12 | 000,102,616 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2011-07-04 13:32:32 | 000,025,432 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011-07-04 13:32:13 | 000,030,808 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2011-07-04 13:32:12 | 000,019,544 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010-02-11 09:38:10 | 003,565,056 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2006-05-10 15:00:16 | 000,156,160 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k)
DRV - [2004-09-17 09:02:54 | 000,732,928 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\senfilt.sys -- (senfilt)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.bearshare.com/sidebar.html?src=ssb&sysid=2


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-725345543-1326574676-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://search.bearshare.com/sidebar.html?src=ssb&sysid=2
IE - HKU\S-1-5-21-725345543-1326574676-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.bearshare.com/
IE - HKU\S-1-5-21-725345543-1326574676-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.bearshare.com/sidebar.html?src=ssb&sysid=2
IE - HKU\S-1-5-21-725345543-1326574676-682003330-1003\..\URLSearchHook: {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Program Files\MyAshampoo\prxtbMyA0.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-725345543-1326574676-682003330-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.defaultenginename: "BearShare Web Search"
FF - prefs.js..browser.search.order.1: "BearShare Web Search"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "http://search.bearshare.com/"
FF - prefs.js..extensions.enabledItems: ffxtlbr@Facemoods.com:1.2.1
FF - prefs.js..keyword.URL: "http://search.babylon.com/?babsrc=toolbar2&q="

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011-08-01 20:48:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011-08-04 11:40:37 | 000,000,000 | ---D | M]

[2011-05-27 12:22:59 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\ja\Dane aplikacji\Mozilla\Extensions
[2011-07-27 18:21:07 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\ja\Dane aplikacji\Mozilla\Firefox\Profiles\niinyd4e.default\extensions
[2011-07-27 18:20:50 | 000,000,000 | ---D | M] (MyAshampoo Community Toolbar) -- C:\Documents and Settings\ja\Dane aplikacji\Mozilla\Firefox\Profiles\niinyd4e.default\extensions\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}
[2011-05-27 12:22:53 | 000,000,000 | ---D | M] (MediaBar) -- C:\Documents and Settings\ja\Dane aplikacji\Mozilla\Firefox\Profiles\niinyd4e.default\extensions\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}
[2011-06-16 09:18:43 | 000,000,000 | ---D | M] (Babylon) -- C:\Documents and Settings\ja\Dane aplikacji\Mozilla\Firefox\Profiles\niinyd4e.default\extensions\ffxtlbr@babylon.com
[2011-04-30 17:41:51 | 000,000,000 | ---D | M] (Facemoods) -- C:\Documents and Settings\ja\Dane aplikacji\Mozilla\Firefox\Profiles\niinyd4e.default\extensions\ffxtlbr@Facemoods.com
[2010-09-14 14:48:25 | 000,002,506 | ---- | M] () -- C:\Documents and Settings\ja\Dane aplikacji\Mozilla\Firefox\Profiles\niinyd4e.default\searchplugins\BearShareWebSearch.xml
[2011-03-29 20:44:02 | 000,000,923 | ---- | M] () -- C:\Documents and Settings\ja\Dane aplikacji\Mozilla\Firefox\Profiles\niinyd4e.default\searchplugins\conduit.xml
[2011-08-04 11:40:39 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011-06-10 13:40:05 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2011-08-04 11:40:40 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
File not found (No name found) --
() (No name found) -- C:\DOCUMENTS AND SETTINGS\JA\DANE APLIKACJI\MOZILLA\FIREFOX\PROFILES\NIINYD4E.DEFAULT\EXTENSIONS\FFXTLBR@BABYLON.COM.XPI
[2011-08-04 11:40:23 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2011-07-08 09:50:30 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011-08-04 11:40:22 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011-05-27 12:01:18 | 000,024,576 | ---- | M] (My Global Search) -- C:\Program Files\mozilla firefox\plugins\NPMyGlSh.dll
[2010-01-01 10:00:00 | 000,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml
[2010-09-14 14:48:25 | 000,002,506 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\BearShareWebSearch.xml
[2010-01-01 10:00:00 | 000,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml
[2011-04-30 17:41:52 | 000,002,049 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fcmdSrch.xml
[2010-01-01 10:00:00 | 000,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml
[2010-01-01 10:00:00 | 000,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml
[2010-01-01 10:00:00 | 000,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml
[2010-01-01 10:00:00 | 000,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml

O1 HOSTS File: ([2002-09-23 13:00:00 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (CescrtHlpr Object) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\bh\BabylonToolbar.dll (Babylon BHO)
O2 - BHO: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (My Global Search Bar BHO) - {37B85A21-692B-4205-9CAD-2626E4993404} - C:\Program Files\MyGlobalSearch\bar\1.bin\MGSBAR.DLL (My Global Search)
O2 - BHO: (CescrtHlpr Object) - {64182481-4F71-486b-A045-B233BD0DA8FC} - C:\Program Files\facemoods.com\facemoods\1.4.17.6\bh\facemoods.dll (facemoods.com BHO)
O2 - BHO: (UrlHelper Class) - {74322BF9-DF26-493f-B0DA-6D2FC5E6429E} - C:\Program Files\BearShare Applications\MediaBar\Datamngr\IEBHO.dll (MusicLab, LLC)
O2 - BHO: (MyAshampoo Toolbar) - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Program Files\MyAshampoo\prxtbMyA0.dll (Conduit Ltd.)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (MediaBar) - {c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} - C:\Program Files\BearShare Applications\MediaBar\ToolBar\bsdtxmltbpi.dll ()
O3 - HKLM\..\Toolbar: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (My Global Search Bar) - {37B85A29-692B-4205-9CAD-2626E4993404} - C:\Program Files\MyGlobalSearch\bar\1.bin\MGSBAR.DLL (My Global Search)
O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarTlbr.dll (Babylon Ltd.)
O3 - HKLM\..\Toolbar: (MyAshampoo Toolbar) - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Program Files\MyAshampoo\prxtbMyA0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (MediaBar) - {c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} - C:\Program Files\BearShare Applications\MediaBar\ToolBar\bsdtxmltbpi.dll ()
O3 - HKLM\..\Toolbar: (facemoods Toolbar) - {DB4E9724-F518-4dfd-9C7C-78B52103CAB9} - C:\Program Files\facemoods.com\facemoods\1.4.17.6\facemoodsTlbr.dll (facemoods.com)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKU\S-1-5-21-725345543-1326574676-682003330-1003\..\Toolbar\WebBrowser: (My Global Search Bar) - {37B85A29-692B-4205-9CAD-2626E4993404} - C:\Program Files\MyGlobalSearch\bar\1.bin\MGSBAR.DLL (My Global Search)
O3 - HKU\S-1-5-21-725345543-1326574676-682003330-1003\..\Toolbar\WebBrowser: (MyAshampoo Toolbar) - {A1E75A0E-4397-4BA8-BB50-E19FB66890F4} - C:\Program Files\MyAshampoo\prxtbMyA0.dll (Conduit Ltd.)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [facemoods] C:\Program Files\facemoods.com\facemoods\1.4.17.6\facemoodssrv.exe (facemoods.com)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKU\S-1-5-21-725345543-1326574676-682003330-1003..\Run: [RDReminder] C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe (Dll-FIles.com)
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-725345543-1326574676-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 95.160.170.92 88.156.222.92 82.139.8.40
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - AppInit_DLLs: (C:\PROGRA~1\BEARSH~1\MediaBar\Datamngr\datamngr.dll) - C:\Program Files\BearShare Applications\MediaBar\Datamngr\datamngr.dll (MusicLab, LLC)
O20 - AppInit_DLLs: (C:\PROGRA~1\BEARSH~1\MediaBar\Datamngr\IEBHO.dll) - C:\Program Files\BearShare Applications\MediaBar\Datamngr\IEBHO.dll (MusicLab, LLC)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\ja\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\ja\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011-04-29 11:51:03 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2005-02-25 18:24:44 | 000,000,051 | R--- | M] () - F:\autorun.inf -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2011-08-04 12:54:34 | 000,579,584 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\ja\Pulpit\OTL.exe
[2011-08-04 12:06:14 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\ja\Recent
[2011-08-04 12:02:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ja\Moje dokumenty\Kopie rejestru Windows z CCleaner
[2011-08-04 11:40:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Sun
[2011-08-04 11:40:37 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2011-08-04 11:40:37 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2011-08-04 11:40:37 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2011-08-04 11:40:37 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2011-08-04 11:32:35 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2011-08-04 11:27:48 | 000,441,176 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2011-08-04 11:26:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\CCleaner
[2011-08-04 11:26:03 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2011-08-04 11:07:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Ashampoo
[2011-08-04 09:16:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2011-07-31 20:18:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ja\Dane aplikacji\THQ
[2011-07-19 19:27:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ja\Dane aplikacji\Registry Mechanic
[2011-07-11 12:27:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ja\Dane aplikacji\WinRAR
[2011-07-11 11:54:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\appmgmt
[2011-07-11 11:46:19 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Steam
[2011-07-09 20:20:49 | 000,000,000 | ---D | C] -- C:\Program Files\Registry Mechanic
[2011-07-09 20:20:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP
[2011-07-09 14:56:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ja\Dane aplikacji\ParetoLogic
[2011-07-09 14:56:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ja\Dane aplikacji\DriverCure
[2011-07-09 14:55:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ja\Menu Start\Programy\ParetoLogic
[2011-07-09 14:55:55 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ParetoLogic
[2011-07-09 14:55:53 | 000,000,000 | ---D | C] -- C:\Program Files\ParetoLogic
[2011-07-09 14:55:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\ParetoLogic
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2011-08-04 12:54:39 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\ja\Pulpit\OTL.exe
[2011-08-04 12:54:04 | 000,001,028 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011-08-04 12:08:50 | 000,001,024 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011-08-04 12:08:38 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011-08-04 11:40:21 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2011-08-04 11:40:21 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2011-08-04 11:40:21 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2011-08-04 11:40:21 | 000,073,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2011-08-04 11:40:20 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2011-08-04 11:27:48 | 000,002,645 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2011-08-04 11:26:04 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\CCleaner.lnk
[2011-08-04 11:07:24 | 000,000,926 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Ashampoo Burning Studio 2010 Advanced.lnk
[2011-08-03 19:44:33 | 000,002,265 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Skype.lnk
[2011-08-03 18:00:00 | 000,000,438 | ---- | M] () -- C:\WINDOWS\tasks\ParetoLogic Registration3.job
[2011-08-01 20:48:23 | 000,000,724 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Mozilla Firefox.lnk
[2011-07-29 11:53:29 | 000,194,462 | ---- | M] () -- C:\Documents and Settings\ja\Pulpit\3.jpg
[2011-07-29 11:53:20 | 000,204,094 | ---- | M] () -- C:\Documents and Settings\ja\Pulpit\2.jpg
[2011-07-29 11:52:29 | 000,205,669 | ---- | M] () -- C:\Documents and Settings\ja\Pulpit\999.jpg
[2011-07-09 18:13:52 | 000,000,520 | ---- | M] () -- C:\Documents and Settings\ja\Moje dokumenty\spider.sav
[2011-07-09 14:55:58 | 000,000,412 | ---- | M] () -- C:\WINDOWS\tasks\ParetoLogic Update Version3.job
[2011-07-09 14:55:57 | 000,000,370 | ---- | M] () -- C:\WINDOWS\tasks\PC Health Advisor Defrag.job
[2011-07-09 14:55:56 | 000,000,352 | ---- | M] () -- C:\WINDOWS\tasks\PC Health Advisor.job
[2011-07-07 19:18:31 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2011-08-04 11:32:49 | 000,001,804 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Adobe Reader X.lnk
[2011-08-04 11:26:04 | 000,000,682 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\CCleaner.lnk
[2011-08-04 11:07:24 | 000,000,926 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Ashampoo Burning Studio 2010 Advanced.lnk
[2011-08-01 20:48:23 | 000,000,724 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Mozilla Firefox.lnk
[2011-08-01 20:48:22 | 000,000,730 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Mozilla Firefox.lnk
[2011-07-29 11:53:28 | 000,194,462 | ---- | C] () -- C:\Documents and Settings\ja\Pulpit\3.jpg
[2011-07-29 11:53:20 | 000,204,094 | ---- | C] () -- C:\Documents and Settings\ja\Pulpit\2.jpg
[2011-07-29 11:52:28 | 000,205,669 | ---- | C] () -- C:\Documents and Settings\ja\Pulpit\999.jpg
[2011-07-09 17:46:30 | 000,000,520 | ---- | C] () -- C:\Documents and Settings\ja\Moje dokumenty\spider.sav
[2011-07-09 14:56:07 | 000,000,438 | ---- | C] () -- C:\WINDOWS\tasks\ParetoLogic Registration3.job
[2011-07-09 14:55:57 | 000,000,412 | ---- | C] () -- C:\WINDOWS\tasks\ParetoLogic Update Version3.job
[2011-07-09 14:55:56 | 000,000,370 | ---- | C] () -- C:\WINDOWS\tasks\PC Health Advisor Defrag.job
[2011-07-09 14:55:56 | 000,000,352 | ---- | C] () -- C:\WINDOWS\tasks\PC Health Advisor.job
[2011-05-05 16:43:29 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2011-05-04 18:32:19 | 000,004,096 | ---- | C] () -- C:\WINDOWS\d3dx.dat
[2011-04-30 17:42:20 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\redmonnt.dll
[2011-04-29 13:39:11 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2011-04-29 13:37:53 | 000,110,992 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011-04-29 12:51:55 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2011-04-29 12:42:51 | 000,059,904 | ---- | C] () -- C:\WINDOWS\System32\zlib.dll
[2011-04-29 12:38:40 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2011-04-29 12:36:52 | 000,593,920 | ---- | C] () -- C:\WINDOWS\System32\ati2sgag.exe
[2011-04-29 11:53:57 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2011-04-29 11:47:16 | 000,021,856 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2010-02-11 06:12:00 | 003,107,788 | ---- | C] () -- C:\WINDOWS\System32\ativva5x.dat
[2010-02-11 06:12:00 | 000,887,724 | ---- | C] () -- C:\WINDOWS\System32\ativva6x.dat
[2009-04-24 00:29:16 | 000,189,051 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2004-08-04 00:56:48 | 000,001,788 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2004-08-04 00:44:00 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\ieencode.dll
[2004-08-02 14:20:40 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2002-09-23 13:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2002-09-23 13:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2002-09-23 13:00:00 | 000,448,004 | ---- | C] () -- C:\WINDOWS\System32\perfh015.dat
[2002-09-23 13:00:00 | 000,392,296 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2002-09-23 13:00:00 | 000,313,828 | ---- | C] () -- C:\WINDOWS\System32\perfi015.dat
[2002-09-23 13:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2002-09-23 13:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2002-09-23 13:00:00 | 000,074,230 | ---- | C] () -- C:\WINDOWS\System32\perfc015.dat
[2002-09-23 13:00:00 | 000,058,596 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2002-09-23 13:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2002-09-23 13:00:00 | 000,034,990 | ---- | C] () -- C:\WINDOWS\System32\perfd015.dat
[2002-09-23 13:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2002-09-23 13:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2002-09-23 13:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat

[color=#E56717]========== LOP Check ==========[/color]

[2011-06-09 15:44:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\1033C
[2011-04-29 12:40:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Alwil Software
[2011-05-24 08:54:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ashampoo
[2011-07-09 14:55:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ParetoLogic
[2011-08-04 11:01:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP
[2011-08-04 11:10:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ja\Dane aplikacji\AIMP
[2011-05-24 09:08:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ja\Dane aplikacji\Ashampoo
[2011-05-18 02:08:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ja\Dane aplikacji\BabylonToolbar
[2011-05-31 11:15:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ja\Dane aplikacji\bsbandmltbpi
[2011-05-17 19:36:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ja\Dane aplikacji\dll-files.com
[2011-07-09 14:56:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ja\Dane aplikacji\DriverCure
[2011-05-01 13:28:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ja\Dane aplikacji\facemoods.com
[2011-06-16 08:48:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ja\Dane aplikacji\mediabarbs
[2011-07-09 14:56:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ja\Dane aplikacji\ParetoLogic
[2011-05-03 15:01:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ja\Dane aplikacji\PhotoScape
[2011-08-04 10:59:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ja\Dane aplikacji\PriceGong
[2011-07-19 19:27:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ja\Dane aplikacji\Registry Mechanic
[2011-05-18 02:09:10 | 000,000,254 | ---- | M] () -- C:\WINDOWS\Tasks\DLL-files.com Fixer_MONTHLY.job
[2011-05-18 02:09:17 | 000,000,274 | ---- | M] () -- C:\WINDOWS\Tasks\DLL-files.com Fixer_UPDATES.job
[2011-08-03 18:00:00 | 000,000,438 | ---- | M] () -- C:\WINDOWS\Tasks\ParetoLogic Registration3.job
[2011-07-09 14:55:58 | 000,000,412 | ---- | M] () -- C:\WINDOWS\Tasks\ParetoLogic Update Version3.job
[2011-07-09 14:55:57 | 000,000,370 | ---- | M] () -- C:\WINDOWS\Tasks\PC Health Advisor Defrag.job
[2011-07-09 14:55:56 | 000,000,352 | ---- | M] () -- C:\WINDOWS\Tasks\PC Health Advisor.job

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Alternate Data Streams ==========[/color]

@Alternate Data Stream - 104 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:D1B5B4F1

< End of report >
kriszpily
~user
 
Posty: 6
Dołączenie: 04 Sie 2011, 12:37



Nie mogę usunąć strony startowej bearshare w firefox

Postprzez NieWiem 04 Sie 2011, 14:05

Oprócz tego wyrzucam sporo różnych szpiegowskich poinstalowanych badziewi, a jest ich tutaj całkiem sporo, w tym facemoods, z którym także wchodzi spyware. Jeśli chcesz je sobie zostawić - musisz przeinstalować.

Uruchom ponownie OTL
w oknie na dole wklej
Kod: Zaznacz wszystko
:processes
killallprocesses
:services
:otl
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.bearshare.com/sidebar.html?src=ssb&sysid=2
IE - HKU\S-1-5-21-725345543-1326574676-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://search.bearshare.com/sidebar.html?src=ssb&sysid=2
IE - HKU\S-1-5-21-725345543-1326574676-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.bearshare.com/
IE - HKU\S-1-5-21-725345543-1326574676-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.bearshare.com/sidebar.html?src=ssb&sysid=2
IE - HKU\S-1-5-21-725345543-1326574676-682003330-1003\..\URLSearchHook: {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Program Files\MyAshampoo\prxtbMyA0.dll (Conduit Ltd.)
FF - prefs.js..browser.search.defaultenginename: "BearShare Web Search"
FF - prefs.js..browser.search.order.1: "BearShare Web Search"
FF - prefs.js..browser.startup.homepage: "http://search.bearshare.com/"
FF - prefs.js..keyword.URL: "http://search.babylon.com/?babsrc=toolbar2&q="
[2011-07-27 18:20:50 | 000,000,000 | ---D | M] (MyAshampoo Community Toolbar) -- C:\Documents and Settings\ja\Dane aplikacji\Mozilla\Firefox\Profiles\niinyd4e.default\extensions\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}
[2011-05-27 12:22:53 | 000,000,000 | ---D | M] (MediaBar) -- C:\Documents and Settings\ja\Dane aplikacji\Mozilla\Firefox\Profiles\niinyd4e.default\extensions\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}
[2010-09-14 14:48:25 | 000,002,506 | ---- | M] () -- C:\Documents and Settings\ja\Dane aplikacji\Mozilla\Firefox\Profiles\niinyd4e.default\searchplugins\BearShareWebSearch.xml
[2011-03-29 20:44:02 | 000,000,923 | ---- | M] () -- C:\Documents and Settings\ja\Dane aplikacji\Mozilla\Firefox\Profiles\niinyd4e.default\searchplugins\conduit.xml
[2010-09-14 14:48:25 | 000,002,506 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\BearShareWebSearch.xml
[2011-05-27 12:01:18 | 000,024,576 | ---- | M] (My Global Search) -- C:\Program Files\mozilla firefox\plugins\NPMyGlSh.dll
O2 - BHO: (CescrtHlpr Object) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\bh\BabylonToolbar.dll (Babylon BHO)
O2 - BHO: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (My Global Search Bar BHO) - {37B85A21-692B-4205-9CAD-2626E4993404} - C:\Program Files\MyGlobalSearch\bar\1.bin\MGSBAR.DLL (My Global Search)
O2 - BHO: (CescrtHlpr Object) - {64182481-4F71-486b-A045-B233BD0DA8FC} - C:\Program Files\facemoods.com\facemoods\1.4.17.6\bh\facemoods.dll (facemoods.com BHO)
O2 - BHO: (UrlHelper Class) - {74322BF9-DF26-493f-B0DA-6D2FC5E6429E} - C:\Program Files\BearShare Applications\MediaBar\Datamngr\IEBHO.dll (MusicLab, LLC)
O2 - BHO: (MyAshampoo Toolbar) - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Program Files\MyAshampoo\prxtbMyA0.dll (Conduit Ltd.)
O2 - BHO: (MediaBar) - {c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} - C:\Program Files\BearShare Applications\MediaBar\ToolBar\bsdtxmltbpi.dll ()
O3 - HKLM\..\Toolbar: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (My Global Search Bar) - {37B85A29-692B-4205-9CAD-2626E4993404} - C:\Program Files\MyGlobalSearch\bar\1.bin\MGSBAR.DLL (My Global Search)
O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarTlbr.dll (Babylon Ltd.)
O3 - HKLM\..\Toolbar: (MyAshampoo Toolbar) - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Program Files\MyAshampoo\prxtbMyA0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (MediaBar) - {c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} - C:\Program Files\BearShare Applications\MediaBar\ToolBar\bsdtxmltbpi.dll ()
O3 - HKLM\..\Toolbar: (facemoods Toolbar) - {DB4E9724-F518-4dfd-9C7C-78B52103CAB9} - C:\Program Files\facemoods.com\facemoods\1.4.17.6\facemoodsTlbr.dll (facemoods.com)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKU\S-1-5-21-725345543-1326574676-682003330-1003\..\Toolbar\WebBrowser: (My Global Search Bar) - {37B85A29-692B-4205-9CAD-2626E4993404} - C:\Program Files\MyGlobalSearch\bar\1.bin\MGSBAR.DLL (My Global Search)
O3 - HKU\S-1-5-21-725345543-1326574676-682003330-1003\..\Toolbar\WebBrowser: (MyAshampoo Toolbar) - {A1E75A0E-4397-4BA8-BB50-E19FB66890F4} - C:\Program Files\MyAshampoo\prxtbMyA0.dll (Conduit Ltd.)
O4 - HKLM..\Run: [facemoods] C:\Program Files\facemoods.com\facemoods\1.4.17.6\facemoodssrv.exe (facemoods.com)
O20 - AppInit_DLLs: (C:\PROGRA~1\BEARSH~1\MediaBar\Datamngr\datamngr.dll) - C:\Program Files\BearShare Applications\MediaBar\Datamngr\datamngr.dll (MusicLab, LLC)
O20 - AppInit_DLLs: (C:\PROGRA~1\BEARSH~1\MediaBar\Datamngr\IEBHO.dll) - C:\Program Files\BearShare Applications\MediaBar\Datamngr\IEBHO.dll (MusicLab, LLC)
[2011-05-18 02:08:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ja\Dane aplikacji\BabylonToolbar
[2011-05-01 13:28:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ja\Dane aplikacji\facemoods.com
[2011-06-16 08:48:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ja\Dane aplikacji\mediabarbs
[2011-05-31 11:15:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ja\Dane aplikacji\bsbandmltbpi
:files
:reg
:commands
[purity]
[emptytemp]
[emptyflash]
[createrestorepoint]

Wciśnij wykonaj srypt, zatwierdź restart. Pokaż raport po restarcie.
1. Pomocy udzielam wyłącznie na licencji beerware!
2. Jeśli nie odpowiadam od razu w temacie, to znaczy że mam życie poza internetem. Uszanuj mój dobrowolnie poświęcony czas i nie oczekuj wszystkiego natychmiast. Jeśli nie odpowiadam przez 48 godzin, przyślij PW.

STOP ++> trollom, dzieciom neostrady, emo, Forestom, kotożercom i nienawiści [ nie dotyczy wymienionych wcześniej ]
Image
Awatar użytkownika
NieWiem
~user
 
Posty: 2183
Dołączenie: 19 Cze 2009, 17:01
Miejscowość: Okolice Okolic
Pochwały: 171



Nie mogę usunąć strony startowej bearshare w firefox

Postprzez kriszpily 04 Sie 2011, 14:14

Właśnie przed chwilą, podczas Twojej nieobecności, udało mi się usunąć opisywany powyżej problem. W opcjach Fireroxa usunąłem dodatek - rozszerzenie "MediaBar", ustawiłem stronę stronę startową na "wp poczta" i ponownie uruchomiłem kompa. Po włączeniu kompa i odpaleniu firefoxa, ku mojemu zaskoczeniu pojawiła się strona "wp poczta".
Czyżbym naprawił ten problem?


Napisz proszę czy według Ciebie powinno już być dobrze i czy zrobić to co napisałeś przed chwilą - czy to w czymś pomoże mi?
DZIĘKI.
kriszpily
~user
 
Posty: 6
Dołączenie: 04 Sie 2011, 12:37



Nie mogę usunąć strony startowej bearshare w firefox

Postprzez NieWiem 04 Sie 2011, 14:27

No wiesz, strona startowa raczej już nie wróci - ale skoro nie chcesz wywalić reszty śmiecia - Twoj sprawa i Twój komputer :)

Pozdrawiam.
1. Pomocy udzielam wyłącznie na licencji beerware!
2. Jeśli nie odpowiadam od razu w temacie, to znaczy że mam życie poza internetem. Uszanuj mój dobrowolnie poświęcony czas i nie oczekuj wszystkiego natychmiast. Jeśli nie odpowiadam przez 48 godzin, przyślij PW.

STOP ++> trollom, dzieciom neostrady, emo, Forestom, kotożercom i nienawiści [ nie dotyczy wymienionych wcześniej ]
Image
Awatar użytkownika
NieWiem
~user
 
Posty: 2183
Dołączenie: 19 Cze 2009, 17:01
Miejscowość: Okolice Okolic
Pochwały: 171



Nie mogę usunąć strony startowej bearshare w firefox

Postprzez kriszpily 04 Sie 2011, 14:41

Oczywiście, że chcę usunąć wszystkie niepotrzebne śmieci i dlatego pytałem Ciebie, czy Twoja rada jeszcze w czymś pomoże.

Wklejam raport o który prosiłeś:

Kod: Zaznacz wszystko
All processes killed
========== PROCESSES ==========
========== SERVICES/DRIVERS ==========
========== OTL ==========
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search\\SearchAssistant| /E : value set successfully!
HKU\S-1-5-21-725345543-1326574676-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Bar| /E : value set successfully!
HKU\S-1-5-21-725345543-1326574676-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKU\S-1-5-21-725345543-1326574676-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Search\\SearchAssistant| /E : value set successfully!
Registry value HKEY_USERS\S-1-5-21-725345543-1326574676-682003330-1003\Software\Microsoft\Internet Explorer\URLSearchHooks\\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}\ deleted successfully.
C:\Program Files\MyAshampoo\prxtbMyA0.dll moved successfully.
Prefs.js: "BearShare Web Search" removed from browser.search.defaultenginename
Prefs.js: "BearShare Web Search" removed from browser.search.order.1
Prefs.js: "http://search.bearshare.com/" removed from browser.startup.homepage
Prefs.js: "http://search.babylon.com/?babsrc=toolbar2&q=" removed from keyword.URL
C:\Documents and Settings\ja\Dane aplikacji\Mozilla\Firefox\Profiles\niinyd4e.default\extensions\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}\searchplugin folder moved successfully.
C:\Documents and Settings\ja\Dane aplikacji\Mozilla\Firefox\Profiles\niinyd4e.default\extensions\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}\modules folder moved successfully.
C:\Documents and Settings\ja\Dane aplikacji\Mozilla\Firefox\Profiles\niinyd4e.default\extensions\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}\META-INF folder moved successfully.
C:\Documents and Settings\ja\Dane aplikacji\Mozilla\Firefox\Profiles\niinyd4e.default\extensions\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}\defaults folder moved successfully.
C:\Documents and Settings\ja\Dane aplikacji\Mozilla\Firefox\Profiles\niinyd4e.default\extensions\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}\components folder moved successfully.
C:\Documents and Settings\ja\Dane aplikacji\Mozilla\Firefox\Profiles\niinyd4e.default\extensions\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}\chrome folder moved successfully.
C:\Documents and Settings\ja\Dane aplikacji\Mozilla\Firefox\Profiles\niinyd4e.default\extensions\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4} folder moved successfully.
Folder C:\Documents and Settings\ja\Dane aplikacji\Mozilla\Firefox\Profiles\niinyd4e.default\extensions\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}\ not found.
C:\Documents and Settings\ja\Dane aplikacji\Mozilla\Firefox\Profiles\niinyd4e.default\searchplugins\BearShareWebSearch.xml moved successfully.
C:\Documents and Settings\ja\Dane aplikacji\Mozilla\Firefox\Profiles\niinyd4e.default\searchplugins\conduit.xml moved successfully.
C:\Program Files\Mozilla Firefox\searchplugins\BearShareWebSearch.xml moved successfully.
C:\Program Files\Mozilla Firefox\plugins\NPMyGlSh.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4a99-B4B6-146BF802613B}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2EECD738-5844-4a99-B4B6-146BF802613B}\ deleted successfully.
C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\bh\BabylonToolbar.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}\ deleted successfully.
C:\Program Files\ConduitEngine\prxConduitEngine.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{37B85A21-692B-4205-9CAD-2626E4993404}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{37B85A21-692B-4205-9CAD-2626E4993404}\ deleted successfully.
C:\Program Files\MyGlobalSearch\bar\1.bin\MGSBAR.DLL moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{64182481-4F71-486b-A045-B233BD0DA8FC}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{64182481-4F71-486b-A045-B233BD0DA8FC}\ deleted successfully.
C:\Program Files\facemoods.com\facemoods\1.4.17.6\bh\facemoods.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{74322BF9-DF26-493f-B0DA-6D2FC5E6429E}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{74322BF9-DF26-493f-B0DA-6D2FC5E6429E}\ deleted successfully.
C:\Program Files\BearShare Applications\MediaBar\Datamngr\IEBHO.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}\ not found.
File C:\Program Files\MyAshampoo\prxtbMyA0.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}\ deleted successfully.
C:\Program Files\BearShare Applications\MediaBar\ToolBar\bsdtxmltbpi.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{30F9B915-B755-4826-820B-08FBA6BD249D} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}\ not found.
File C:\Program Files\ConduitEngine\prxConduitEngine.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{37B85A29-692B-4205-9CAD-2626E4993404} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{37B85A29-692B-4205-9CAD-2626E4993404}\ deleted successfully.
File C:\Program Files\MyGlobalSearch\bar\1.bin\MGSBAR.DLL not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{98889811-442D-49dd-99D7-DC866BE87DBC} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{98889811-442D-49dd-99D7-DC866BE87DBC}\ deleted successfully.
C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarTlbr.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}\ not found.
File C:\Program Files\MyAshampoo\prxtbMyA0.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}\ not found.
File C:\Program Files\BearShare Applications\MediaBar\ToolBar\bsdtxmltbpi.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{DB4E9724-F518-4dfd-9C7C-78B52103CAB9} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DB4E9724-F518-4dfd-9C7C-78B52103CAB9}\ deleted successfully.
C:\Program Files\facemoods.com\facemoods\1.4.17.6\facemoodsTlbr.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\10 deleted successfully.
Registry value HKEY_USERS\S-1-5-21-725345543-1326574676-682003330-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{37B85A29-692B-4205-9CAD-2626E4993404} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{37B85A29-692B-4205-9CAD-2626E4993404}\ not found.
File C:\Program Files\MyGlobalSearch\bar\1.bin\MGSBAR.DLL not found.
Registry value HKEY_USERS\S-1-5-21-725345543-1326574676-682003330-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{A1E75A0E-4397-4BA8-BB50-E19FB66890F4} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A1E75A0E-4397-4BA8-BB50-E19FB66890F4}\ not found.
File C:\Program Files\MyAshampoo\prxtbMyA0.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\facemoods deleted successfully.
C:\Program Files\facemoods.com\facemoods\1.4.17.6\facemoodssrv.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls:C:\PROGRA~1\BEARSH~1\MediaBar\Datamngr\datamngr.dll deleted successfully.
C:\Program Files\BearShare Applications\MediaBar\Datamngr\datamngr.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls:C:\PROGRA~1\BEARSH~1\MediaBar\Datamngr\IEBHO.dll deleted successfully.
File C:\Program Files\BearShare Applications\MediaBar\Datamngr\IEBHO.dll not found.
C:\Documents and Settings\ja\Dane aplikacji\BabylonToolbar\BabylonToolbar folder moved successfully.
C:\Documents and Settings\ja\Dane aplikacji\facemoods.com\facemoods folder moved successfully.
C:\Documents and Settings\ja\Dane aplikacji\facemoods.com folder moved successfully.
C:\Documents and Settings\ja\Dane aplikacji\mediabarbs\widgets_cache folder moved successfully.
C:\Documents and Settings\ja\Dane aplikacji\mediabarbs folder moved successfully.
C:\Documents and Settings\ja\Dane aplikacji\bsbandmltbpi folder moved successfully.
========== FILES ==========
========== REGISTRY ==========
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 56466 bytes

User: ja
->Temp folder emptied: 48381416 bytes
->Temporary Internet Files folder emptied: 168169 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 54133570 bytes
->Google Chrome cache emptied: 8456243 bytes
->Flash cache emptied: 900 bytes

User: LocalService
->Temp folder emptied: 65984 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 402 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 106,00 mb


[EMPTYFLASH]

User: All Users

User: Default User
->Flash cache emptied: 0 bytes

User: ja
->Flash cache emptied: 0 bytes

User: LocalService

User: NetworkService

Total Flash Files Cleaned = 0,00 mb

Restore point Set: OTL Restore Point (0)

OTL by OldTimer - Version 3.2.26.1 log created on 08042011_143442

Files\Folders moved on Reboot...
File move failed. C:\WINDOWS\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.

Registry entries deleted on Reboot...
kriszpily
~user
 
Posty: 6
Dołączenie: 04 Sie 2011, 12:37



Nie mogę usunąć strony startowej bearshare w firefox

Postprzez NieWiem 04 Sie 2011, 14:51

no, to teraz masz czysto.

Uruchom ponownie OTL i wybierz opcję sprzątanie. Tyle.

Autor postu otrzymał pochwałę
1. Pomocy udzielam wyłącznie na licencji beerware!
2. Jeśli nie odpowiadam od razu w temacie, to znaczy że mam życie poza internetem. Uszanuj mój dobrowolnie poświęcony czas i nie oczekuj wszystkiego natychmiast. Jeśli nie odpowiadam przez 48 godzin, przyślij PW.

STOP ++> trollom, dzieciom neostrady, emo, Forestom, kotożercom i nienawiści [ nie dotyczy wymienionych wcześniej ]
Image
Awatar użytkownika
NieWiem
~user
 
Posty: 2183
Dołączenie: 19 Cze 2009, 17:01
Miejscowość: Okolice Okolic
Pochwały: 171



Nie mogę usunąć strony startowej bearshare w firefox

Postprzez kriszpily 04 Sie 2011, 15:03

Jeszcze jedno pytanko na koniec.

Czy to jest normalne, że po sprzątaniu programem OTL i restarcie kompa, programik OTL samoistnie usunął się?

No i oczywiście BARDZO DZIĘKUJĘ CI za pomoc.
Jesteś WIELKI.
Pozdrawiam.
kriszpily
~user
 
Posty: 6
Dołączenie: 04 Sie 2011, 12:37



Nie mogę usunąć strony startowej bearshare w firefox

Postprzez NieWiem 04 Sie 2011, 15:17

tak, to normalne.

Pozdrawiam.
1. Pomocy udzielam wyłącznie na licencji beerware!
2. Jeśli nie odpowiadam od razu w temacie, to znaczy że mam życie poza internetem. Uszanuj mój dobrowolnie poświęcony czas i nie oczekuj wszystkiego natychmiast. Jeśli nie odpowiadam przez 48 godzin, przyślij PW.

STOP ++> trollom, dzieciom neostrady, emo, Forestom, kotożercom i nienawiści [ nie dotyczy wymienionych wcześniej ]
Image
Awatar użytkownika
NieWiem
~user
 
Posty: 2183
Dołączenie: 19 Cze 2009, 17:01
Miejscowość: Okolice Okolic
Pochwały: 171




Powróć do Bezpieczeństwo

Kto jest na forum

Użytkownicy przeglądający to forum: Brak zarejestrowanych użytkowników oraz 16 gości