Aktualizacje na programosy.pl: ChromiumKaspersky Rescue DiskVimMuLabGoogle ChromeAwesome Screenshot for ChromePlayOnDiskDiggerFar Manager  

  • Ogłoszenie:

Wyskakujące okna reklamowe

Bezpieczeństwo systemów, usuwanie wirusów, dobieranie programów antywirusowych. Obowiązkowe logi w tym dziale: trzy z FRST + Gmer.
Wyślij odpowiedź

Wyskakujące okna reklamowe

Postprzez mirekg1963 10 Cze 2013, 18:59

reklama
Witam! Od dłuższego czasu mam problemy z pojawiającymi się oknami reklamowymi...bardzo często kiedy klikam w zapamiętany login na koncie pocztowym google? Patrzyłem w opcjach mozzili mam blokowanie wyskakujących okienek. Poniżej wklejam screen tychże reklam
Image
Image
A tutaj coś takiego z OTL -chyba wymagacie tego ?
Kod: Zaznacz wszystko
OTL logfile created on: 2013-06-10 18:48:53 - Run 3
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Documents and Settings\Mirek\Pulpit
Windows XP Home Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

1,94 Gb Total Physical Memory | 1,14 Gb Available Physical Memory | 58,90% Memory free
3,19 Gb Paging File | 2,53 Gb Available in Paging File | 79,11% Paging File free
Paging file location(s): C:\pagefile.sys 1440 2880 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 97,65 Gb Total Space | 40,24 Gb Free Space | 41,21% Space Free | Partition Type: NTFS
Drive E: | 135,22 Gb Total Space | 76,60 Gb Free Space | 56,65% Space Free | Partition Type: NTFS

Computer Name: CENTRUMXPN2 | User Name: Mirek | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2013-05-21 22:35:42 | 000,181,664 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe
PRC - [2013-05-21 21:59:37 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Mirek\Pulpit\OTL.exe
PRC - [2013-05-21 21:32:51 | 000,920,472 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2013-05-07 15:45:55 | 000,562,744 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avwebgrd.exe
PRC - [2013-05-07 15:45:54 | 000,345,312 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2013-03-28 20:46:07 | 000,086,752 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2013-03-28 20:45:59 | 000,079,584 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2013-03-28 20:45:58 | 000,110,816 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2011-11-03 18:54:07 | 000,151,552 | ---- | M] () -- C:\WINDOWS\KMService.exe
PRC - [2011-11-03 18:54:07 | 000,008,192 | ---- | M] () -- C:\WINDOWS\system32\srvany.exe
PRC - [2010-05-20 16:27:24 | 000,762,736 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\vVX1000.exe
PRC - [2010-05-20 16:27:24 | 000,139,632 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe
PRC - [2010-03-10 15:26:48 | 000,189,728 | ---- | M] (Protexis Inc.) -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
PRC - [2009-09-23 14:38:18 | 000,935,208 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
PRC - [2008-04-15 14:00:00 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe


[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2013-05-21 21:32:51 | 003,128,728 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2013-05-20 21:41:44 | 016,033,160 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_202.dll
MOD - [2012-12-18 16:28:46 | 000,300,544 | ---- | M] () -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.POL
MOD - [2012-09-19 20:17:40 | 000,397,088 | ---- | M] () -- C:\Program Files\Avira\AntiVir Desktop\sqlite3.dll
MOD - [2011-11-03 18:54:07 | 000,151,552 | ---- | M] () -- C:\WINDOWS\KMService.exe
MOD - [2011-11-03 18:54:07 | 000,008,192 | ---- | M] () -- C:\WINDOWS\system32\srvany.exe
MOD - [2011-03-17 01:11:16 | 004,297,568 | ---- | M] () -- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2010-07-04 23:32:38 | 000,010,752 | ---- | M] () -- C:\Program Files\Unlocker\UnlockerCOM.dll
MOD - [2008-04-15 14:00:00 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll


[color=#E56717]========== Services (SafeList) ==========[/color]

SRV - File not found [Disabled | Stopped] -- c:\usr/MYSQL/bin/mysqld.exe -- (MySql)
SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2013-05-21 22:35:42 | 000,181,664 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2013-05-21 21:32:51 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013-05-20 21:41:45 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013-05-07 15:45:55 | 000,562,744 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avwebgrd.exe -- (AntiVirWebService)
SRV - [2013-03-28 20:46:07 | 000,086,752 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2013-03-28 20:45:58 | 000,110,816 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2013-02-28 19:45:16 | 000,161,384 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012-09-20 14:28:48 | 030,785,672 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2012-04-22 13:51:04 | 000,720,936 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2011-11-03 18:54:07 | 000,008,192 | ---- | M] () [Auto | Running] -- C:\WINDOWS\system32\srvany.exe -- (KMService)
SRV - [2011-03-16 10:42:06 | 000,407,336 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2010-05-20 16:27:24 | 000,139,632 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe -- (MSCamSvc)
SRV - [2010-03-10 15:26:48 | 000,189,728 | ---- | M] (Protexis Inc.) [Auto | Running] -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2010-02-19 14:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009-09-23 14:38:18 | 000,935,208 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)
SRV - [2009-08-04 18:29:54 | 000,219,360 | ---- | M] (DeviceVM, Inc.) [Disabled | Stopped] -- C:\Program Files\DeviceVM\Browser Configuration Utility\BCUService.exe -- (BCUService)
SRV - [2008-10-27 18:03:46 | 000,759,072 | ---- | M] (ABBYY (BIT Software)) [Disabled | Stopped] -- C:\Program Files\ABBYY Screenshot Reader\NetworkLicenseServer.exe -- (ABBYY.Licensing.FineReader.ScreenshotReader.9.0)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - File not found [Kernel | On_Demand | Stopped] --  -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] --  -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] --  -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] --  -- (i2omgmt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\gdrv.sys -- (gdrv)
DRV - File not found [Kernel | System | Stopped] --  -- (Changer)
DRV - File not found [Kernel | Auto | Stopped] --  -- (adfs)
DRV - [2013-06-10 17:54:21 | 000,013,560 | ---- | M] (GFI Software) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\gfibto.sys -- (gfibto)
DRV - [2013-04-11 11:06:45 | 000,041,584 | ---- | M] (ThreatTrack Security) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\gfiark.sys -- (gfiark)
DRV - [2013-03-28 20:46:09 | 000,135,136 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2013-03-28 20:46:09 | 000,084,744 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2013-03-28 20:46:09 | 000,037,352 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2012-08-27 16:50:24 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2012-04-22 13:51:38 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2010-09-23 12:09:21 | 000,002,368 | ---- | M] (AntiCracking) [Kernel | Auto | Running] -- C:\WINDOWS\system32\SVKP.sys -- (SVKP)
DRV - [2010-07-04 21:51:26 | 000,004,096 | ---- | M] () [Kernel | Unavailable | Unknown] -- C:\Program Files\Unlocker\UnlockerDriver5.sys -- (UnlockerDriver5)
DRV - [2010-05-20 16:27:26 | 001,961,072 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\VX1000.sys -- (VX1000)
DRV - [2010-01-29 11:40:04 | 000,082,320 | ---- | M] (EZB Systems, Inc.) [File_System | System | Running] -- C:\Program Files\UltraISO\drivers\ISODrive.sys -- (ISODrive)
DRV - [2009-08-05 11:38:22 | 005,874,176 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
DRV - [2009-07-01 05:53:34 | 000,013,824 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2009-07-01 05:53:30 | 000,066,688 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2009-06-30 11:31:00 | 000,164,896 | R--- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\nvgts.sys -- (nvgts)
DRV - [2008-08-05 14:10:12 | 001,684,736 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
DRV - [2006-07-02 00:32:26 | 000,043,520 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2006-01-04 09:41:48 | 001,389,056 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)
DRV - [2003-07-29 09:57:20 | 000,040,448 | ---- | M] (DeviceGuys, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\Dgivecp.Sys -- (DgiVecp)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.v9.com/?utm_source=b&utm_medium=idg&from=idg&uid=ST3250410AS_9RY2RWEQ____9RY2RWEQ&ts=1354808166
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.v9.com/?utm_source=b&utm_medium=idg&from=idg&uid=ST3250410AS_9RY2RWEQ____9RY2RWEQ&ts=1354808166
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://search.v9.com/web/?q={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.v9.com/web/?q={searchTerms}
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\..\SearchScopes\{596255C4-8F0B-4eea-A480-734BCF66694F}: "URL" = http://startsear.ch/?aff=1&src=sp&cf=1b81773c-1b93-11e1-b3e7-6cf04919ff46&q={searchTerms}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.v9.com/?utm_source=b&utm_medium=idg&from=idg&uid=ST3250410AS_9RY2RWEQ____9RY2RWEQ&ts=1354808166
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.v9.com/?utm_source=b&utm_medium=idg&from=idg&uid=ST3250410AS_9RY2RWEQ____9RY2RWEQ&ts=1354808166
IE - HKCU\..\URLSearchHook: {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - C:\Program Files\DeviceVM\Browser Configuration Utility\AddressBarSearch.dll (DeviceVM, Inc.)
IE - HKCU\..\SearchScopes,DefaultScope = {596255C4-8F0B-4eea-A480-734BCF66694F}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.v9.com/web/?q={searchTerms}
IE - HKCU\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://search.v9.com/web/?q={searchTerms}
IE - HKCU\..\SearchScopes\{3ACCA0D5-A207-42A0-89C1-862A907D6205}: "URL" = http://uk.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=IEBD
IE - HKCU\..\SearchScopes\{5505A481-A935-4cc7-B97F-88BEAD7E1662}: "URL" = http://www.google.com/custom?client=pub-3794288947762788&forid=1&channel=1975384696&ie=UTF-8&oe=UTF-8&safe=active&cof=GALT%3A%23008000%3BGL%3A1%3BDIV%3A%23336699%3BVLC%3A663399%3BAH%3Acenter%3BBGC%3AFFFFFF%3BLBGC%3A336699%3BALC%3A0000FF%3BLC%3A0000FF%3BT%3A000000%3BGFNT%3A0000FF%3BGIMP%3A0000FF%3BFORID%3A1&hl=pl&q={searchTerms}
IE - HKCU\..\SearchScopes\{596255C4-8F0B-4eea-A480-734BCF66694F}: "URL" = http://startsear.ch/?aff=1&src=sp&cf=1b81773c-1b93-11e1-b3e7-6cf04919ff46&q={searchTerms}
IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2786678
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.defaultengine: "Web Search"
FF - prefs.js..browser.search.defaultenginename: "Web Search"
FF - prefs.js..browser.search.defaultthis.engineName: "  "
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2786678&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.order.1: "Web Search"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.onet.pl/"
FF - prefs.js..extensions.enabledAddons: %7B3697b17c-b572-4862-a5e6-7f922c0f3403%7D:1.1
FF - prefs.js..extensions.enabledAddons: %7B20a82645-c095-46ed-80e3-08825760534b%7D:0.0.0
FF - prefs.js..extensions.enabledAddons: %7BACAA314B-EEBA-48e4-AD47-84E31C44796C%7D:4.2.1.9
FF - prefs.js..extensions.enabledAddons: %7B53A03D43-5363-4669-8190-99061B2DEBA5%7D:1.5.6
FF - prefs.js..extensions.enabledAddons: %7Bbf7380fa-e3b4-4db2-af3e-9d8783a45bfc%7D:3.18.0.7
FF - prefs.js..extensions.enabledAddons: toolbar%40ask.com:3.14.0.100015
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:21.0
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {B042753D-F57E-4e8e-A01B-7379A6D4CEFB}:1.19
FF - prefs.js..extensions.enabledItems: {ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}:1.4.2b
FF - prefs.js..extensions.enabledItems: {53A03D43-5363-4669-8190-99061B2DEBA5}:1.4.4
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..keyword.URL: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2786678&q="
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
FF - HKLM\Software\MozillaPlugins\@ganymede/GanymedeNetPlugin,version=1.0: C:\Program Files\Ganymede\Plugins\npganymedenet.dll ( )
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.21.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.450: C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=:  File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013-05-21 21:32:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013-05-21 21:32:43 | 000,000,000 | ---D | M]

[2010-03-13 14:54:11 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Mirek\Dane aplikacji\Mozilla\Extensions
[2013-05-19 22:00:24 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Mirek\Dane aplikacji\Mozilla\Firefox\Profiles\0at2nafl.default\extensions
[2011-11-30 22:37:38 | 000,000,000 | ---D | M] (VshareComplete - Speed up your search with your personal search suggestions tool) -- C:\Documents and Settings\Mirek\Dane aplikacji\Mozilla\Firefox\Profiles\0at2nafl.default\extensions\{3697b17c-b572-4862-a5e6-7f922c0f3403}
[2013-03-05 15:26:49 | 000,000,000 | ---D | M] (uTorrentBar Community Toolbar) -- C:\Documents and Settings\Mirek\Dane aplikacji\Mozilla\Firefox\Profiles\0at2nafl.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}
[2012-08-23 20:04:57 | 000,000,000 | ---D | M] ("Avira SearchFree Toolbar plus Web Protection") -- C:\Documents and Settings\Mirek\Dane aplikacji\Mozilla\Firefox\Profiles\0at2nafl.default\extensions\toolbar@ask.com
[2013-05-10 20:38:40 | 000,005,303 | ---- | M] () (No name found) -- C:\Documents and Settings\Mirek\Dane aplikacji\Mozilla\Firefox\Profiles\0at2nafl.default\extensions\eqcuqlrq@ug-tp.co.uk.xpi
[2012-12-31 10:08:55 | 000,399,507 | ---- | M] () (No name found) -- C:\Documents and Settings\Mirek\Dane aplikacji\Mozilla\Firefox\Profiles\0at2nafl.default\extensions\{53A03D43-5363-4669-8190-99061B2DEBA5}.xpi
[2012-12-11 22:43:53 | 000,036,098 | ---- | M] () (No name found) -- C:\Documents and Settings\Mirek\Dane aplikacji\Mozilla\Firefox\Profiles\0at2nafl.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi
[2011-05-16 11:07:58 | 000,000,863 | ---- | M] () -- C:\Documents and Settings\Mirek\Dane aplikacji\Mozilla\Firefox\Profiles\0at2nafl.default\searchplugins\conduit.xml
[2013-05-21 21:32:52 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2013-05-21 21:32:52 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2010-11-15 10:59:55 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION
[2010-02-21 12:22:32 | 000,712,704 | ---- | M] (BitComet) -- C:\Program Files\mozilla firefox\plugins\npBitCometAgent.dll
[2010-02-15 17:35:06 | 000,120,296 | ---- | M] ( ) -- C:\Program Files\mozilla firefox\plugins\npganymedenet.dll
[2011-10-03 11:14:54 | 000,083,456 | ---- | M] (vShare.tv ) -- C:\Program Files\mozilla firefox\plugins\npvsharetvplg.dll
[2010-01-14 00:46:00 | 000,063,488 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\mozilla firefox\plugins\npwachk.dll
[2012-12-06 17:36:08 | 000,000,402 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\v9.xml

[color=#E56717]========== Chrome  ==========[/color]

CHR - default_search_provider: v9 (Enabled)
CHR - default_search_provider: search_url = http://search.v9.com/web/?q={searchTerms}
CHR - default_search_provider: suggest_url =
CHR - homepage: http://www.v9.com/?utm_source=b&utm_medium=idg&from=idg&uid=ST3250410AS_9RY2RWEQ____9RY2RWEQ&ts=1354808166
CHR - Extension: VshareComplete plugin for chrome = C:\Documents and Settings\Mirek\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\dlfienamagdnkekbbbocojppncdambda\1.1\
CHR - Extension: vshare plugin = C:\Documents and Settings\Mirek\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\kpionmjnkbpcdpcflammlgllecmejgjj\1.3\

O1 HOSTS File: ([2010-12-14 13:33:44 | 000,000,794 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O1 - Hosts: 127.0.0.1            activate.adobe.com
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (IE5BarLauncherBHO Class) - {78F3A323-798E-4AEA-9A57-88F4B05FD5DD} - C:\Program Files\vShare.tv plugin\BarLcher.dll (VShare Inc.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10\_userdata\ggbho.2.dll File not found
O3 - HKLM\..\Toolbar: (VShareToolBar) - {7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} - C:\Program Files\vShare.tv plugin\BarLcher.dll (VShare Inc.)
O3 - HKLM\..\Toolbar: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKCU\..\Toolbar\WebBrowser: (VShareToolBar) - {7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} - C:\Program Files\vShare.tv plugin\BarLcher.dll (VShare Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [VX1000] C:\WINDOWS\vVX1000.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 36
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = FF FF FF FF  [binary data]
O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Free YouTube Download - C:\Documents and Settings\Mirek\Dane aplikacji\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8 - Extra context menu item: Wyślij &do programu OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: &Notatki połączone programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Notatki połączone programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O16 - DPF: {31435657-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/e/2/f/e2fcec4b-6c8b-48b7-adab-ab9c403a978f/wvc1dmo.cab (Reg Error: Key error.)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1368730758274 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 10.21.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 85.202.144.11 85.202.144.12 212.87.241.6
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{04253738-FE29-488A-8951-3A71C9713D70}: DhcpNameServer = 85.202.144.11 85.202.144.12 212.87.241.6
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Idylla.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Idylla.bmp
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010-03-12 01:29:06 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2010-03-13 15:00:16 | 000,000,000 | RHSD | M] - C:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2010-03-13 15:00:16 | 000,000,000 | RHSD | M] - E:\autorun.inf -- [ NTFS ]
O33 - MountPoints2\{63efd198-8fe8-11df-b18b-6cf04919ff46}\Shell - "" = AutoRun
O33 - MountPoints2\{63efd198-8fe8-11df-b18b-6cf04919ff46}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{72a5171a-8444-11df-b17b-6cf04919ff46}\Shell - "" = AutoRun
O33 - MountPoints2\{72a5171a-8444-11df-b17b-6cf04919ff46}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
O33 - MountPoints2\{9e2b2afa-84e8-11df-b17c-6cf04919ff46}\Shell - "" = AutoRun
O33 - MountPoints2\{9e2b2afa-84e8-11df-b17c-6cf04919ff46}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
O33 - MountPoints2\{a48b6f0a-9340-11e0-b329-6cf04919ff46}\Shell - "" = AutoRun
O33 - MountPoints2\{a48b6f0a-9340-11e0-b329-6cf04919ff46}\Shell\AutoRun\command - "" = H:\LaunchU3.exe -a
O33 - MountPoints2\{e1d4a66c-7cff-11df-b16e-6cf04919ff46}\Shell - "" = AutoRun
O33 - MountPoints2\{e1d4a66c-7cff-11df-b16e-6cf04919ff46}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
O33 - MountPoints2\{e4925e7c-791a-11df-b16a-6cf04919ff46}\Shell - "" = AutoRun
O33 - MountPoints2\{e4925e7c-791a-11df-b16a-6cf04919ff46}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
O33 - MountPoints2\{f8c9a04e-5881-11df-b14f-6cf04919ff46}\Shell - "" = AutoRun
O33 - MountPoints2\{f8c9a04e-5881-11df-b14f-6cf04919ff46}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2013-06-10 18:02:36 | 000,041,584 | ---- | C] (ThreatTrack Security) -- C:\WINDOWS\System32\drivers\gfiark.sys
[2013-06-10 17:56:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Ad-Aware Antivirus
[2013-06-10 17:54:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mirek\Dane aplikacji\LavasoftStatistics
[2013-06-10 17:54:21 | 000,013,560 | ---- | C] (GFI Software) -- C:\WINDOWS\System32\drivers\gfibto.sys
[2013-06-10 17:54:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mirek\Dane aplikacji\Ad-Aware Antivirus
[2013-06-10 17:52:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Lavasoft
[2013-06-10 17:52:46 | 000,000,000 | ---D | C] -- C:\Program Files\Ad-Aware Antivirus
[2013-06-02 13:01:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mirek\Pulpit\Nikt nie rozumie perskich kotów (2009) - lektor
[2013-06-01 16:28:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mirek\Pulpit\Inland Empire - (2006) Lektor
[2013-06-01 15:45:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mirek\Pulpit\Siódmy dzień (2004) - napisy
[2013-05-29 11:04:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mirek\Pulpit\Klątwa Skorpiona (2001) - lektor
[2013-05-27 09:34:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mirek\Pulpit\Pająk (2002) - lektor
[2013-05-24 19:29:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mirek\Pulpit\Blue Valentine (2010) - Lektor
[2013-05-22 21:07:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mirek\Moje dokumenty\ChomikBox
[2013-05-21 22:36:20 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2013-05-21 22:36:06 | 000,263,584 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe
[2013-05-21 22:36:01 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe
[2013-05-21 22:36:01 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe
[2013-05-21 22:36:01 | 000,094,112 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll
[2013-05-21 21:59:37 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Mirek\Pulpit\OTL.exe
[2013-05-21 21:32:41 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2013-05-19 15:30:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mirek\Pulpit\Drzazgi (2008)
[2013-05-19 14:40:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mirek\Pulpit\Kolor mleka (2004) - napisy
[2010-09-25 11:39:57 | 000,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\Mirek\Dane aplikacji\pcouffin.sys
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2013-06-10 18:51:00 | 000,000,234 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2013-06-10 18:43:11 | 000,000,462 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{D65E16E4-597A-48FE-B5C3-571846D221C9}.job
[2013-06-10 18:21:15 | 000,000,930 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013-06-10 18:09:59 | 000,001,030 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013-06-10 18:09:58 | 000,000,324 | ---- | M] () -- C:\WINDOWS\tasks\YourFile DownloaderUpdate.job
[2013-06-10 18:09:56 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013-06-10 18:08:01 | 000,001,034 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013-06-10 17:57:46 | 000,000,944 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Antivirus Scheduled Scan.job
[2013-06-10 17:54:21 | 000,013,560 | ---- | M] (GFI Software) -- C:\WINDOWS\System32\drivers\gfibto.sys
[2013-06-10 17:11:23 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013-06-06 10:04:15 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2013-06-06 10:04:07 | 000,027,648 | ---- | M] () -- C:\Documents and Settings\Mirek\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013-05-25 20:38:43 | 000,124,669 | ---- | M] () -- C:\Documents and Settings\Mirek\Pulpit\123.JPG
[2013-05-23 17:27:03 | 000,002,499 | ---- | M] () -- C:\Documents and Settings\Mirek\Pulpit\Microsoft Word 2010.lnk
[2013-05-23 16:39:56 | 000,029,626 | ---- | M] () -- C:\Documents and Settings\Mirek\Pulpit\abc.JPG
[2013-05-21 22:35:44 | 000,094,112 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll
[2013-05-21 22:35:42 | 000,866,720 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\npDeployJava1.dll
[2013-05-21 22:35:42 | 000,788,896 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\deployJava1.dll
[2013-05-21 22:35:42 | 000,263,584 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe
[2013-05-21 22:35:42 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe
[2013-05-21 22:35:42 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe
[2013-05-21 22:35:42 | 000,144,896 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl
[2013-05-21 21:59:37 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Mirek\Pulpit\OTL.exe
[2013-05-20 21:41:45 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2013-05-20 21:41:45 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2013-05-15 21:24:58 | 000,002,267 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Skype.lnk
[2013-05-15 20:04:14 | 003,618,784 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013-05-15 19:44:03 | 000,494,450 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat
[2013-05-15 19:44:03 | 000,435,870 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013-05-15 19:44:03 | 000,085,610 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat
[2013-05-15 19:44:03 | 000,068,766 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013-05-15 19:41:37 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2013-06-10 17:57:46 | 000,000,944 | ---- | C] () -- C:\WINDOWS\tasks\Ad-Aware Antivirus Scheduled Scan.job
[2013-05-25 20:38:43 | 000,124,669 | ---- | C] () -- C:\Documents and Settings\Mirek\Pulpit\123.JPG
[2013-05-23 16:39:56 | 000,029,626 | ---- | C] () -- C:\Documents and Settings\Mirek\Pulpit\abc.JPG
[2013-04-12 23:36:30 | 001,072,544 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2013-04-12 23:36:30 | 001,072,544 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2013-04-12 23:36:30 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin
[2013-03-26 23:59:15 | 000,397,616 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\FontCache3.0.0.0.dat
[2013-03-26 21:28:16 | 000,015,498 | ---- | C] () -- C:\WINDOWS\VX1000.ini
[2013-02-08 05:03:08 | 002,816,504 | ---- | C] () -- C:\WINDOWS\System32\nvdata.data
[2012-02-16 19:21:55 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2011-11-03 18:54:31 | 000,151,552 | ---- | C] () -- C:\WINDOWS\KMService.exe
[2011-11-03 18:54:31 | 000,008,192 | ---- | C] () -- C:\WINDOWS\System32\srvany.exe
[2011-06-04 12:03:49 | 000,000,195 | ---- | C] () -- C:\Documents and Settings\Mirek\Dane aplikacji\default.rss
[2010-12-21 13:20:37 | 000,000,887 | ---- | C] () -- C:\Documents and Settings\Mirek\.recently-used.xbel
[2010-09-25 11:39:57 | 000,087,608 | ---- | C] () -- C:\Documents and Settings\Mirek\Dane aplikacji\inst.exe
[2010-09-25 11:39:57 | 000,007,887 | ---- | C] () -- C:\Documents and Settings\Mirek\Dane aplikacji\pcouffin.cat
[2010-09-25 11:39:57 | 000,001,144 | ---- | C] () -- C:\Documents and Settings\Mirek\Dane aplikacji\pcouffin.inf
[2010-09-23 11:58:53 | 000,001,057 | ---- | C] () -- C:\Documents and Settings\Mirek\Dane aplikacji\vso_ts_preview.xml
[2010-03-29 17:37:34 | 000,027,648 | ---- | C] () -- C:\Documents and Settings\Mirek\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[color=#E56717]========== ZeroAccess Check ==========[/color]

[2010-11-13 11:33:26 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008-04-15 14:00:00 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009-02-09 12:53:44 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008-04-15 14:00:00 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

< End of report >

nie wiem co jeszcze mogę przesłać ?
mirekg1963
~user
 
Posty: 190
Dołączenie: 05 Lut 2009, 16:39
Miejscowość: Częstochowa


Góra

Wyskakujące okna reklamowe

Postprzez ordynat 16 Cze 2013, 12:18

Nie widzę tu żadnej infekcji.
Przy okazji usuniemy sponsorskie śmieci:
Użyj >Adw-cleaner (aby pobrać kliknij na dużą zieloną strzałkę po prawej).
Kliknij w nim Usuń
Pokaż raport z niego C:\AdwCleaner[S1].txt
.

Autor postu otrzymał pochwałę
ordynat
~user
 
Posty: 4765
Dołączenie: 02 Kwi 2010, 11:18
Pochwały: 866


Góra

Wyskakujące okna reklamowe

Postprzez mirekg1963 18 Cze 2013, 12:48

Dzięki za pomoc, raport już umieszczam a co do skuteczności to zobaczymy, mam wielką nadzieję...
Kod: Zaznacz wszystko
# AdwCleaner v2.303 - Log utworzony 18/06/2013 o 12:40:17
# Aktualizacja 08/06/2013 przez Xplode
# System operacyjny : Microsoft Windows XP Dodatek Service Pack 3 (32 bits)
# Użytkownik : Mirek - CENTRUMXPN2
# Tryb uruchomienia : Normalny
# Ścieżka : C:\Documents and Settings\Mirek\Pulpit\adwcleaner.exe
# Opcja [Usuń]


***** [Usługi] *****

Zatrzymano & Usunięto : BCUService

***** [Pliki / Foldery] *****

Folder Usunięto : C:\DOCUME~1\Mirek\USTAWI~1\Temp\AskSearch
Folder Usunięto : C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\AskToolbar
Folder Usunięto : C:\Documents and Settings\Mirek\Dane aplikacji\AskToolbar
Folder Usunięto : C:\Documents and Settings\Mirek\Dane aplikacji\dvdvideosoftiehelpers
Folder Usunięto : C:\Documents and Settings\Mirek\Dane aplikacji\Mozilla\Firefox\Profiles\0at2nafl.default\Conduit
Folder Usunięto : C:\Documents and Settings\Mirek\Dane aplikacji\Mozilla\Firefox\Profiles\0at2nafl.default\CT2786678
Folder Usunięto : C:\Documents and Settings\Mirek\Dane aplikacji\Mozilla\Firefox\Profiles\0at2nafl.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}
Folder Usunięto : C:\Documents and Settings\Mirek\Dane aplikacji\Mozilla\Firefox\Profiles\0at2nafl.default\extensions\toolbar@ask.com
Folder Usunięto : C:\Documents and Settings\Mirek\Dane aplikacji\PriceGong
Folder Usunięto : C:\Documents and Settings\Mirek\Dane aplikacji\VshareComplete
Folder Usunięto : C:\Documents and Settings\Mirek\Dane aplikacji\yourfiledownloader
Folder Usunięto : C:\Documents and Settings\Mirek\Ustawienia lokalne\Dane aplikacji\AskToolbar
Folder Usunięto : C:\Documents and Settings\Mirek\Ustawienia lokalne\Dane aplikacji\Conduit
Folder Usunięto : C:\Program Files\Ask.com
Folder Usunięto : C:\Program Files\DeviceVM
Folder Usunięto : C:\Program Files\vShare.tv plugin
Folder Usunięto : C:\Program Files\VshareComplete
Folder Usunięto : C:\WINDOWS\assembly\GAC_MSIL\QuickStoresToolbar
Folder Usunięto : C:\WINDOWS\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Plik Usunięto : C:\Documents and Settings\Mirek\Dane aplikacji\Microsoft\Internet Explorer\Quick Launch\QuickStores.url
Plik Usunięto : C:\Documents and Settings\Mirek\Dane aplikacji\Mozilla\Firefox\Profiles\0at2nafl.default\searchplugins\Conduit.xml
Plik Usunięto : C:\END
Plik Usunięto : C:\Program Files\Mozilla Firefox\Plugins\npvsharetvplg.dll
Plik Usunięto : C:\Program Files\Mozilla firefox\searchplugins\v9.xml
Plik Usunięto : C:\WINDOWS\system32\conduitEngine.tmp
Plik Usunięto : C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job
Usunięto po restarcie : C:\Documents and Settings\Mirek\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\dlfienamagdnkekbbbocojppncdambda

***** [Rejestr] *****

Klucz Usunięto : HKCU\Software\APN
Klucz Usunięto : HKCU\Software\Ask.com
Klucz Usunięto : HKCU\Software\AskToolbar
Klucz Usunięto : HKCU\Software\Conduit
Klucz Usunięto : HKCU\Software\DeviceVM
Klucz Usunięto : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Klucz Usunięto : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Klucz Usunięto : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Klucz Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD}
Klucz Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5}
Klucz Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8F97BFF8-488B-4107-BCEE-B161AB4E4183}
Klucz Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD}
Klucz Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5}
Klucz Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Klucz Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD}
Klucz Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5}
Klucz Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A1B48071-416D-474E-A13B-BE5456E7FC31}
Klucz Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BC86E1AB-EDA5-4059-938F-CE307B0C6F0A}
Klucz Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Klucz Usunięto : HKCU\Software\PriceGong
Klucz Usunięto : HKCU\Software\Softonic
Klucz Usunięto : HKCU\Software\StartSearch
Klucz Usunięto : HKCU\Software\YahooPartnerToolbar
Klucz Usunięto : HKLM\Software\APN
Klucz Usunięto : HKLM\Software\AskToolbar
Klucz Usunięto : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Klucz Usunięto : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Klucz Usunięto : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Klucz Usunięto : HKLM\SOFTWARE\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}
Klucz Usunięto : HKLM\SOFTWARE\Classes\CLSID\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD}
Klucz Usunięto : HKLM\SOFTWARE\Classes\CLSID\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5}
Klucz Usunięto : HKLM\SOFTWARE\Classes\CLSID\{8F97BFF8-488B-4107-BCEE-B161AB4E4183}
Klucz Usunięto : HKLM\SOFTWARE\Classes\CLSID\{A1B48071-416D-474E-A13B-BE5456E7FC31}
Klucz Usunięto : HKLM\SOFTWARE\Classes\CLSID\{BC86E1AB-EDA5-4059-938F-CE307B0C6F0A}
Klucz Usunięto : HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Klucz Usunięto : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Klucz Usunięto : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Klucz Usunięto : HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Klucz Usunięto : HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Klucz Usunięto : HKLM\SOFTWARE\Classes\Interface\{3D782BB2-F2A5-11D3-BF4C-000000000000}
Klucz Usunięto : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Klucz Usunięto : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Klucz Usunięto : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Klucz Usunięto : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Klucz Usunięto : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Klucz Usunięto : HKLM\SOFTWARE\Classes\Interface\{C9AE652B-8C99-4AC2-B556-8B501182874E}
Klucz Usunięto : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Klucz Usunięto : HKLM\SOFTWARE\Classes\MyNewsBarLauncher.IE5BarLauncher
Klucz Usunięto : HKLM\SOFTWARE\Classes\MyNewsBarLauncher.IE5BarLauncher.1
Klucz Usunięto : HKLM\SOFTWARE\Classes\MyNewsBarLauncher.IE5BarLauncherBHO
Klucz Usunięto : HKLM\SOFTWARE\Classes\MyNewsBarLauncher.IE5BarLauncherBHO.1
Klucz Usunięto : HKLM\SOFTWARE\Classes\SuggestMeYes.SuggestMeYesBHO
Klucz Usunięto : HKLM\SOFTWARE\Classes\SuggestMeYes.SuggestMeYesBHO.1
Klucz Usunięto : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Klucz Usunięto : HKLM\SOFTWARE\Classes\TypeLib\{77AA6435-2488-4A94-9FE5-49519DD2ED9B}
Klucz Usunięto : HKLM\SOFTWARE\Classes\TypeLib\{79D60450-56C5-4A8C-9321-6D5BC2A81E5A}
Klucz Usunięto : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
Klucz Usunięto : HKLM\SOFTWARE\Classes\TypeLib\{99C22A61-21BA-4F81-85FF-CDC9EB5DB10B}
Klucz Usunięto : HKLM\SOFTWARE\Classes\TypeLib\{BB7256DD-EBA9-480B-8441-A00388C2BEC3}
Klucz Usunięto : HKLM\Software\Conduit
Klucz Usunięto : HKLM\Software\DeviceVM
Klucz Usunięto : HKLM\SOFTWARE\Google\Chrome\Extensions\dlfienamagdnkekbbbocojppncdambda
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ApnUpdater
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD}
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD}
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5}
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8F97BFF8-488B-4107-BCEE-B161AB4E4183}
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A1B48071-416D-474E-A13B-BE5456E7FC31}
Klucz Usunięto : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9
Klucz Usunięto : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2
Klucz Usunięto : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E
Klucz Usunięto : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\120DFADEB50841F408F04D2A278F9509
Klucz Usunięto : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6
Klucz Usunięto : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7
Klucz Usunięto : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852
Klucz Usunięto : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2BDF3E992C0908741B7C11F4B4E0F775
Klucz Usunięto : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
Klucz Usunięto : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
Klucz Usunięto : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6B3BC4CF5ECE1F54BBA174C13A1AB907
Klucz Usunięto : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96
Klucz Usunięto : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8
Klucz Usunięto : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01
Klucz Usunięto : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
Klucz Usunięto : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED
Klucz Usunięto : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472
Klucz Usunięto : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296
Klucz Usunięto : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B5BAE2ED018083A4C8DA86D6E3F4B024
Klucz Usunięto : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888
Klucz Usunięto : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC
Klucz Usunięto : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BEABAA33A5E68374DBF197F2A00CD011
Klucz Usunięto : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CB61AF52AD64B6B45930BE969F316720
Klucz Usunięto : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
Klucz Usunięto : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E
Klucz Usunięto : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
Klucz Usunięto : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E
Klucz Usunięto : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Klucz Usunięto : HKLM\Software\SimplyGen
Klucz Usunięto : HKLM\Software\V9Software
Klucz Usunięto : HKLM\Software\YourFileDownloader
Wartość Usunięto : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5}]
Wartość Usunięto : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Wartość Usunięto : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{BC86E1AB-EDA5-4059-938F-CE307B0C6F0A}]
Wartość Usunięto : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5}]
Wartość Usunięto : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]

***** [Przeglądarki Internetowe] *****

-\\ Internet Explorer v8.0.6001.18702

Podmieniono : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://www.v9.com/?utm_source=b&utm_medium=idg&from=idg&uid=ST3250410AS_9RY2RWEQ____9RY2RWEQ&ts=1354808166 --> hxxp://www.google.com
Podmieniono : [HKCU\Software\Microsoft\Internet Explorer\Main - Default_Page_URL] = hxxp://www.v9.com/?utm_source=b&utm_medium=idg&from=idg&uid=ST3250410AS_9RY2RWEQ____9RY2RWEQ&ts=1354808166 --> hxxp://www.google.com
Podmieniono : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - SearchAssistant] = hxxp://search.v9.com/web/?q={searchTerms} --> hxxp://www.google.com
Podmieniono : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - CustomizeSearch] = hxxp://search.v9.com/web/?q={searchTerms} --> hxxp://www.google.com
Podmieniono : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - Default_Page_URL] = hxxp://www.v9.com/?utm_source=b&utm_medium=idg&from=idg&uid=ST3250410AS_9RY2RWEQ____9RY2RWEQ&ts=1354808166 --> hxxp://www.google.com
Podmieniono : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - Start Page] = hxxp://www.v9.com/?utm_source=b&utm_medium=idg&from=idg&uid=ST3250410AS_9RY2RWEQ____9RY2RWEQ&ts=1354808166 --> hxxp://www.google.com

-\\ Mozilla Firefox v21.0 (pl)

Plik : C:\Documents and Settings\Mirek\Dane aplikacji\Mozilla\Firefox\Profiles\0at2nafl.default\prefs.js

Usunięto : user_pref("CT2786678..clientLogIsEnabled", false);
Usunięto : user_pref("CT2786678..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Usunięto : user_pref("CT2786678..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Usunięto : user_pref("CT2786678.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Usunięto : user_pref("CT2786678.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Usunięto : user_pref("CT2786678.BrowserCompStateIsOpen_129579220236217502", true);
Usunięto : user_pref("CT2786678.BrowserCompStateIsOpen_130067977588633691", true);
Usunięto : user_pref("CT2786678.BrowserCompStateIsOpen_1359634298000", true);
Usunięto : user_pref("CT2786678.CTID", "CT2786678");
Usunięto : user_pref("CT2786678.CurrentServerDate", "18-6-2013");
Usunięto : user_pref("CT2786678.DialogsAlignMode", "LTR");
Usunięto : user_pref("CT2786678.DialogsGetterLastCheckTime", "Thu Jun 13 2013 22:04:37 GMT+0200");
Usunięto : user_pref("CT2786678.DownloadReferralCookieData", "");
Usunięto : user_pref("CT2786678.EMailNotifierPollDate", "Mon May 16 2011 11:16:39 GMT+0200");
Usunięto : user_pref("CT2786678.FeedLastCount5690698542593514850", 138);
Usunięto : user_pref("CT2786678.FeedPollDate2429156812186649977", "Mon May 16 2011 11:16:41 GMT+0200");
Usunięto : user_pref("CT2786678.FeedPollDate2429156813040823546", "Mon May 16 2011 11:16:40 GMT+0200");
Usunięto : user_pref("CT2786678.FeedPollDate2429156813130095866", "Mon May 16 2011 11:16:40 GMT+0200");
Usunięto : user_pref("CT2786678.FeedPollDate2429156813224203613", "Mon May 16 2011 11:16:40 GMT+0200");
Usunięto : user_pref("CT2786678.FeedPollDate2429156813230837251", "Mon May 16 2011 11:16:40 GMT+0200");
Usunięto : user_pref("CT2786678.FeedPollDate2429156813454291735", "Mon May 16 2011 11:16:40 GMT+0200");
Usunięto : user_pref("CT2786678.FeedPollDate2429156813729834876", "Mon May 16 2011 11:16:40 GMT+0200");
Usunięto : user_pref("CT2786678.FeedPollDate2429156813860870021", "Mon May 16 2011 11:16:41 GMT+0200");
Usunięto : user_pref("CT2786678.FeedPollDate2429156814264681793", "Mon May 16 2011 11:16:40 GMT+0200");
Usunięto : user_pref("CT2786678.FeedPollDate2429156814863075366", "Mon May 16 2011 11:16:40 GMT+0200");
Usunięto : user_pref("CT2786678.FeedPollDate2429156815257761081", "Mon May 16 2011 11:16:40 GMT+0200");
Usunięto : user_pref("CT2786678.FeedTTL2429156813040823546", 15);
Usunięto : user_pref("CT2786678.FeedTTL2429156813130095866", 10);
Usunięto : user_pref("CT2786678.FeedTTL2429156813454291735", 5);
Usunięto : user_pref("CT2786678.FeedTTL2429156814264681793", 5);
Usunięto : user_pref("CT2786678.FirstServerDate", "16-5-2011");
Usunięto : user_pref("CT2786678.FirstTime", true);
Usunięto : user_pref("CT2786678.FirstTimeFF3", true);
Usunięto : user_pref("CT2786678.FixPageNotFoundErrors", false);
Usunięto : user_pref("CT2786678.GroupingServerCheckInterval", 1440);
Usunięto : user_pref("CT2786678.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Usunięto : user_pref("CT2786678.HasUserGlobalKeys", true);
Usunięto : user_pref("CT2786678.Initialize", true);
Usunięto : user_pref("CT2786678.InitializeCommonPrefs", true);
Usunięto : user_pref("CT2786678.InstallationAndCookieDataSentCount", 3);
Usunięto : user_pref("CT2786678.InstallationType", "UnknownIntegration");
Usunięto : user_pref("CT2786678.InstalledDate", "Mon May 16 2011 11:16:39 GMT+0200");
Usunięto : user_pref("CT2786678.IsGrouping", false);
Usunięto : user_pref("CT2786678.IsMulticommunity", false);
Usunięto : user_pref("CT2786678.IsOpenThankYouPage", true);
Usunięto : user_pref("CT2786678.IsOpenUninstallPage", false);
Usunięto : user_pref("CT2786678.LanguagePackLastCheckTime", "Tue Jun 18 2013 10:23:19 GMT+0200");
Usunięto : user_pref("CT2786678.LanguagePackReloadIntervalMM", 1440);
Usunięto : user_pref("CT2786678.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Usunięto : user_pref("CT2786678.LastLogin_3.12.0.7", "Wed Apr 25 2012 21:12:58 GMT+0200");
Usunięto : user_pref("CT2786678.LastLogin_3.12.2.3", "Wed May 30 2012 21:19:50 GMT+0200");
Usunięto : user_pref("CT2786678.LastLogin_3.13.0.6", "Tue Jul 17 2012 21:58:23 GMT+0200");
Usunięto : user_pref("CT2786678.LastLogin_3.14.1.0", "Mon Aug 27 2012 21:14:19 GMT+0200");
Usunięto : user_pref("CT2786678.LastLogin_3.15.1.0", "Mon Mar 04 2013 20:49:03 GMT+0100");
Usunięto : user_pref("CT2786678.LastLogin_3.18.0.7", "Tue Jun 18 2013 12:23:38 GMT+0200");
Usunięto : user_pref("CT2786678.LastLogin_3.3.3.2", "Mon May 16 2011 11:16:39 GMT+0200");
Usunięto : user_pref("CT2786678.LatestVersion", "3.18.0.7");
Usunięto : user_pref("CT2786678.Locale", "en");
Usunięto : user_pref("CT2786678.MCDetectTooltipHeight", "83");
Usunięto : user_pref("CT2786678.MCDetectTooltipShow", false);
Usunięto : user_pref("CT2786678.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Usunięto : user_pref("CT2786678.MCDetectTooltipWidth", "295");
Usunięto : user_pref("CT2786678.MyStuffEnabledAtInstallation", true);
Usunięto : user_pref("CT2786678.SavedHomepage", "hxxp://search.conduit.com/?ctid=&SearchSource=13");
Usunięto : user_pref("CT2786678.SearchFromAddressBarIsInit", true);
Usunięto : user_pref("CT2786678.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT278[...]
Usunięto : user_pref("CT2786678.SearchInNewTabEnabled", true);
Usunięto : user_pref("CT2786678.SearchInNewTabIntervalMM", 1440);
Usunięto : user_pref("CT2786678.SearchInNewTabLastCheckTime", "Tue Jun 18 2013 10:23:16 GMT+0200");
Usunięto : user_pref("CT2786678.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Usunięto : user_pref("CT2786678.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageServic[...]
Usunięto : user_pref("CT2786678.ServiceMapLastCheckTime", "Tue Jun 18 2013 10:23:19 GMT+0200");
Usunięto : user_pref("CT2786678.SettingsLastCheckTime", "Tue Jun 18 2013 08:23:31 GMT+0200");
Usunięto : user_pref("CT2786678.SettingsLastUpdate", "1371456705");
Usunięto : user_pref("CT2786678.ThirdPartyComponentsInterval", 504);
Usunięto : user_pref("CT2786678.ThirdPartyComponentsLastCheck", "Mon May 16 2011 11:16:37 GMT+0200");
Usunięto : user_pref("CT2786678.ThirdPartyComponentsLastUpdate", "1246786978");
Usunięto : user_pref("CT2786678.ToolbarShrinkedFromSetup", false);
Usunięto : user_pref("CT2786678.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2786678");
Usunięto : user_pref("CT2786678.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
Usunięto : user_pref("CT2786678.UserID", "UN07872666919479411");
Usunięto : user_pref("CT2786678.ValidationData_Toolbar", 0);
Usunięto : user_pref("CT2786678.WeatherNetwork", "");
Usunięto : user_pref("CT2786678.WeatherPollDate", "Mon May 16 2011 11:16:40 GMT+0200");
Usunięto : user_pref("CT2786678.WeatherUnit", "C");
Usunięto : user_pref("CT2786678.alertChannelId", "1178763");
Usunięto : user_pref("CT2786678.components.1000034", false);
Usunięto : user_pref("CT2786678.components.1000234", false);
Usunięto : user_pref("CT2786678.components.129295698017012804", false);
Usunięto : user_pref("CT2786678.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]
Usunięto : user_pref("CT2786678.globalFirstTimeInfoLastCheckTime", "Mon May 16 2011 11:16:39 GMT+0200");
Usunięto : user_pref("CT2786678.homepageProtectorEnableByLogin", true);
Usunięto : user_pref("CT2786678.initDone", true);
Usunięto : user_pref("CT2786678.isAppTrackingManagerOn", true);
Usunięto : user_pref("CT2786678.myStuffEnabled", true);
Usunięto : user_pref("CT2786678.myStuffPublihserMinWidth", 400);
Usunięto : user_pref("CT2786678.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Usunięto : user_pref("CT2786678.myStuffServiceIntervalMM", 1440);
Usunięto : user_pref("CT2786678.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Usunięto : user_pref("CT2786678.revertSettingsEnabled", true);
Usunięto : user_pref("CT2786678.searchProtectorDialogDelayInSec", 10);
Usunięto : user_pref("CT2786678.searchProtectorEnableByLogin", true);
Usunięto : user_pref("CT2786678.testingCtid", "");
Usunięto : user_pref("CT2786678.toolbarAppMetaDataLastCheckTime", "Tue Jun 18 2013 10:23:19 GMT+0200");
Usunięto : user_pref("CT2786678.toolbarContextMenuLastCheckTime", "Mon May 16 2011 11:16:40 GMT+0200");
Usunięto : user_pref("CT2786678.usagesFlag", 2);
Usunięto : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT2786678/CT2786678[...]
Usunięto : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1178763/1174448/PL", "\"0\"[...]
Usunięto : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/909619/905414/PL", "\"0\"")[...]
Usunięto : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2786678", [...]
Usunięto : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
Usunięto : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
Usunięto : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
Usunięto : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
Usunięto : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...]
Usunięto : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.engine.conduit-services.com/DLG.pkg?ver=3.3.3[...]
Usunięto : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12[...]
Usunięto : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12[...]
Usunięto : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.13[...]
Usunięto : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.14[...]
Usunięto : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.15[...]
Usunięto : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.18[...]
Usunięto : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.3.[...]
Usunięto : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2786678",[...]
Usunięto : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=0", "63[...]
Usunięto : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/CT2786678/CT2786678[...]
Usunięto : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"4f3[...]
Usunięto : user_pref("CommunityToolbar.EngineHiddenByUser", false);
Usunięto : user_pref("CommunityToolbar.EngineOwner", "");
Usunięto : user_pref("CommunityToolbar.EngineOwnerGuid", "{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}");
Usunięto : user_pref("CommunityToolbar.EngineOwnerToolbarId", "utorrentbar");
Usunięto : user_pref("CommunityToolbar.IsEngineShown", false);
Usunięto : user_pref("CommunityToolbar.IsMyStuffImportedToEngine", true);
Usunięto : user_pref("CommunityToolbar.OriginalEngineOwner", "CT2786678");
Usunięto : user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}");
Usunięto : user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", "utorrentbar");
Usunięto : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "");
Usunięto : user_pref("CommunityToolbar.ToolbarsList", "CT2786678");
Usunięto : user_pref("CommunityToolbar.ToolbarsList2", "ConduitEngine,CT2786678");
Usunięto : user_pref("CommunityToolbar.alert.alertDialogsGetterLastCheckTime", "Mon May 16 2011 11:16:38 GMT+02[...]
Usunięto : user_pref("CommunityToolbar.alert.alertInfoInterval", 1440);
Usunięto : user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Wed Jun 22 2011 18:19:07 GMT+0200");
Usunięto : user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");
Usunięto : user_pref("CommunityToolbar.alert.locale", "en");
Usunięto : user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);
Usunięto : user_pref("CommunityToolbar.alert.loginLastCheckTime", "Sun Jun 26 2011 17:12:33 GMT+0200");
Usunięto : user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1305622559");
Usunięto : user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);
Usunięto : user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");
Usunięto : user_pref("CommunityToolbar.alert.showTrayIcon", false);
Usunięto : user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
Usunięto : user_pref("CommunityToolbar.alert.userId", "ad0476ea-b049-4885-b6f4-f237f12342d4");
Usunięto : user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Mon May 16 2011 11:16:40 GMT+0200");
Usunięto : user_pref("CommunityToolbar.globalUserId", "0eaa5f11-0e28-4805-8c95-8892df2a3906");
Usunięto : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Usunięto : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Usunięto : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2786678");
Usunięto : user_pref("CommunityToolbar.killedEngine", true);
Usunięto : user_pref("CommunityToolbar.undefined", "");
Usunięto : user_pref("browser.search.defaultengine", "Web Search");
Usunięto : user_pref("browser.search.defaultenginename", "Web Search");
Usunięto : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2786678&Sea[...]
Usunięto : user_pref("browser.search.order.1", "Web Search");
Usunięto : user_pref("extensions.518d482c17bb3.scode", "(function(){try{if('aol.com,mail.google.com,premiumrepo[...]
Usunięto : user_pref("extensions.asktb.AviraIDW-TS", "1319806927046");
Usunięto : user_pref("extensions.asktb.AviraIDW-XML", "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\r\n<button xm[...]
Usunięto : user_pref("extensions.asktb.InstallDir", "C:\\Program Files\\Ask.com\\");
Usunięto : user_pref("extensions.asktb.cbid", "JM");
Usunięto : user_pref("extensions.asktb.config-updated", true);
Usunięto : user_pref("extensions.asktb.cr-o", "");
Usunięto : user_pref("extensions.asktb.crumb", "2011.09.11+09.35.29-toolbar002iad-PL-Q3plc3RvY2hvd2EsUG9sYW5k")[...]
Usunięto : user_pref("extensions.asktb.default-channel-url-mask", "hxxp://www.ask.com/web?q={query}&o={o}&l={l}[...]
Usunięto : user_pref("extensions.asktb.dtid", "YYYYYYYYPL");
Usunięto : user_pref("extensions.asktb.dyn-weather-do-locid-lookup-weatherWidget", false);
Usunięto : user_pref("extensions.asktb.dyn-weather-locid-weatherWidget", "PLXX0002");
Usunięto : user_pref("extensions.asktb.dyn-weather-tempunit-weatherWidget", "C");
Usunięto : user_pref("extensions.asktb.fresh-install", false);
Usunięto : user_pref("extensions.asktb.guid", "a830def1-60b1-41f2-a697-567c944007a2");
Usunięto : user_pref("extensions.asktb.hxxp-header-whitelist-hosts", "[\"static-dev.en.dev.ask.com\", \"ask.com[...]
Usunięto : user_pref("extensions.asktb.if", "first");
Usunięto : user_pref("extensions.asktb.keyword-toggled-in-session", false);
Usunięto : user_pref("extensions.asktb.l", "dis");
Usunięto : user_pref("extensions.asktb.last-config-req", "1371543794373");
Usunięto : user_pref("extensions.asktb.last-v", "3.14.0.100010");
Usunięto : user_pref("extensions.asktb.locale", "en_US");
Usunięto : user_pref("extensions.asktb.location", "Czestochowa,Poland");
Usunięto : user_pref("extensions.asktb.new-tab-opt-out", true);
Usunięto : user_pref("extensions.asktb.notification-shown", true);
Usunięto : user_pref("extensions.asktb.o", "100000080");
Usunięto : user_pref("extensions.asktb.overlay-reloaded-using-restart", true);
Usunięto : user_pref("extensions.asktb.qsrc", "2871");
Usunięto : user_pref("extensions.asktb.r", "20");
Usunięto : user_pref("extensions.asktb.sa", "NO");
Usunięto : user_pref("extensions.asktb.save-searches", false);
Usunięto : user_pref("extensions.asktb.search-suggestions-enabled", true);
Usunięto : user_pref("extensions.asktb.silent-upgrade", true);
Usunięto : user_pref("extensions.asktb.silent-upgrade-from-pre-newtabs-build", false);
Usunięto : user_pref("extensions.asktb.themeid", "");
Usunięto : user_pref("extensions.asktb.to", "");
Usunięto : user_pref("extensions.asktb.v", "3.14.0.100015");
Usunięto : user_pref("extensions.enabledAddons", "%7B3697b17c-b572-4862-a5e6-7f922c0f3403%7D:1.1,%7B20a82645-c0[...]
Usunięto : user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2786678&q=");
Usunięto : user_pref("quickstores.toolbar.affid", "2017");
Usunięto : user_pref("quickstores.toolbar.guid", "{E0D7D8DE-C176-FEDA-9286-7158103AC892}");

-\\ Google Chrome v4.0.266.0

Plik : C:\Documents and Settings\Mirek\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Preferences

Usunięto [l.16] : keyword = "v9.com",
Usunięto [l.19] : search_url = "hxxp://search.v9.com/web/?q={searchTerms}",
Usunięto [l.1662] : homepage = "hxxp://www.v9.com/?utm_source=b&utm_medium=idg&from=idg&uid=ST3250410AS_9RY2RWEQ____[...]

*************************

AdwCleaner[S1].txt - [32633 octets] - [18/06/2013 12:40:17]

########## EOF - C:\AdwCleaner[S1].txt - [32694 octets] ##########
mirekg1963
~user
 
Posty: 190
Dołączenie: 05 Lut 2009, 16:39
Miejscowość: Częstochowa


Góra

Wyskakujące okna reklamowe

Postprzez ordynat 18 Cze 2013, 12:54

ale przynajmniej będziesz mieć usunięte śmieci.

W Adw-Cleaner kliknij na przycisk Odinstaluj
.

Autor postu otrzymał pochwałę
ordynat
~user
 
Posty: 4765
Dołączenie: 02 Kwi 2010, 11:18
Pochwały: 866


Góra

Wyskakujące okna reklamowe

Postprzez ToServeAndProtect 18 Cze 2013, 13:11

Zainstaluj adblock plus, pozbedziesz się wielu reklam i okienek

Autor postu otrzymał pochwałę
| MSI X470 GAMING PLUS | AMD Ryzen 7 2700 | Kingston HyperX DDR4 Fury Black 16GB | PNY GeForce GTX 1080 XLR8 8GB GDDR5X | AOC Q3279VWFD8 31.5" + IIYAMA ProLite E2407HDS 24" |
| SSD Samsung 860 Evo 512GB + SSD Samsung 830 128GB + SSHD Seagate 2TB + WD Caviar Blue 650GB + WD Caviar Green 1TB | Powered by Supremo FM2 Gold 750W |
Image

Image
Awatar użytkownika
ToServeAndProtect
»ekspert
 
Posty: 14516
Dołączenie: 12 Maj 2006, 16:36
Miejscowość: Warszawa
Pochwały: 461


Góra

Wyskakujące okna reklamowe

Postprzez mirekg1963 24 Cze 2013, 19:20

Przepraszam, tylko się sytuacja troszeczkę poprawiła adblock plus...myślę że całe zło zagnieździło się w przeglądarce czy jakoś tak. Drążę ten temat bo będę zmuszony korzystać z konta bankowego internetowo i boję się, że mogę mieć jakiś program, czy w innej formie - szpiegujący. Najczęściej pojawia mi się tego rodzaju okna kiedy klikam w login na poczcie Gmail (zawsze) na facebooku (bardzo często) a to koleiny przykład:
Image
Może jakaś sugestia związana z programami szpiegującymi, czy z jakimiś reklamiarzami a może coś nie tak z przeglądarką - używam mozilli (mam blokadę wyskakujących okienek, adblock plus)??
mirekg1963
~user
 
Posty: 190
Dołączenie: 05 Lut 2009, 16:39
Miejscowość: Częstochowa


Góra
Wyślij odpowiedź

Powróć do Bezpieczeństwo

Kto jest na forum

Użytkownicy przeglądający to forum: Brak zarejestrowanych użytkowników oraz 12 gości

Powered by phpBB © Group
Forum Programosy.pl