Aktualizacje na programosy.pl:
Chromium • Kaspersky Rescue Disk • Vim • MuLab • Google Chrome • Awesome Screenshot for Chrome • PlayOn • DiskDigger • Far Manager
-
- Ogłoszenie:
Utilbrowsemark - podejrzany proces
7 posty(ów) • Strona 1 z 1
Utilbrowsemark - podejrzany proces
przez IceCooLL 06 Cze 2014, 20:11
~Danny~
Utilbrowsemark - podejrzany proces
przez NieWiem 06 Cze 2014, 21:59
Nie zajmujemy się tutaj niestety wróżeniem z fusów. Pomóż nam pomóc sobie 
Musisz wyłączyć program AV na czas trwania tego skanowania.
Pobierz ZOEK.
Uruchom jako administrator.
W oknie programu wklej następujący skrypt:
Upewnij się, że opcja Scan All Users jest zaznaczona.
Wciśnij Run Script i poczekaj na wynikowy raport. Przeklej go.
Musisz wyłączyć program AV na czas trwania tego skanowania.
Pobierz ZOEK.
Uruchom jako administrator.
W oknie programu wklej następujący skrypt:
- Kod: Zaznacz wszystko
autoclean;
process;
systemspecs;
startupall;
services-list;
filescrm;
firefoxlook;
chromelook;
skipfix-iedefaults;
installedprogs;
Upewnij się, że opcja Scan All Users jest zaznaczona.
Wciśnij Run Script i poczekaj na wynikowy raport. Przeklej go.
1. Pomocy udzielam wyłącznie na licencji beerware!
2. Jeśli nie odpowiadam od razu w temacie, to znaczy że mam życie poza internetem. Uszanuj mój dobrowolnie poświęcony czas i nie oczekuj wszystkiego natychmiast. Jeśli nie odpowiadam przez 48 godzin, przyślij PW.
STOP ++> trollom, dzieciom neostrady, emo, Forestom, kotożercom i nienawiści [ nie dotyczy wymienionych wcześniej ]
2. Jeśli nie odpowiadam od razu w temacie, to znaczy że mam życie poza internetem. Uszanuj mój dobrowolnie poświęcony czas i nie oczekuj wszystkiego natychmiast. Jeśli nie odpowiadam przez 48 godzin, przyślij PW.
STOP ++> trollom, dzieciom neostrady, emo, Forestom, kotożercom i nienawiści [ nie dotyczy wymienionych wcześniej ]
-
NieWiem - ~user
- Posty: 2183
- Dołączenie: 19 Cze 2009, 17:01
- Miejscowość: Okolice Okolic
- Pochwały: 171
Utilbrowsemark - podejrzany proces
przez IceCooLL 06 Cze 2014, 23:57
- Kod: Zaznacz wszystko
Zoek.exe v5.0.0.0 Updated 02-June-2014
Tool run by Ice on 2014-06-06 at 23:34:18,76.
Microsoft Windows XP Professional 5.1.2600 Dodatek Service Pack 3 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Documents and Settings\Ice\Pulpit\zoek.exe [Scan all users] [Script inserted]
==== System Restore Info ======================
2014-06-06 23:36:55 Zoek.exe System Restore Point Created Succesfully.
==== Deleting CLSID Registry Keys ======================
==== Deleting CLSID Registry Values ======================
==== Installed Programs ======================
32 Bit HP CIO Components Installer
Adobe Acrobat 5.0
Adobe Flash Player 10 ActiveX
Adobe Flash Player 13 Plugin
Adobe Reader X (10.1.10)
Adobe Shockwave Player 11.6
ALLPlayer V4.X
Angeln 2009
Any Video Converter 2.7.5
Apple Application Support
Apple Software Update
Applian FLV Player
Archiwizator WinRAR
Ask Toolbar
Avanquest update
AviSynth 2.5
Battlefield: Bad Companyt 2
Blitzkrieg
Blitzkrieg: Horyzont w Ogniu i Pomruk Zagady
BrowseMark
BufferChm
BusinessCardsMX 3.96
Call of Duty(R) - World at War(TM) 1.1 Patch
CameraDrivers
CameraReadme
CANYON CN-WCAM21 PC-Camera
CDCheck
ChomikBox
Command & Conquert Red Alertt 3
ConvertHelper 2.2
Copy
CPUID CPU-Z 1.69
DAEMON Tools Toolbar
Destinations
DeviceDiscovery
DeviceManagementQFolder
DJ_AIO_06_F4500_SW_MIN
DVD Solution
Dynamic Energy Saver 1.0 B8.0128.1
Dzielenie i Ączenie plik˘w v1.2.2
Edimax Wireless LAN
ESET Smart Security
eSupportQFolder
F4500
Facebook Messenger 2.1.4814.0
Faktura 1 Plus ver. 5.4.20
Faktury 2011
FIFA 10
FLS-4 Driver Installation
Foto2Avi 2.3
Freez FLV to AVI/MPEG/WMV Converter
Full Tilt Poker
Full Tilt Poker.Eu
Fuse Drivers FPS-xx
Gadu-Gadu 10
Google Chrome
Google Earth Plug-in
Google Update Helper
Governor of Poker
GPBaseService2
Grand Theft Auto IV
GTA San Andreas
High Definition Audio Driver Package - KB888111
Hotfix for Windows Media Format 11 SDK (KB973442)
HP Aparaty fotograficzne Photosmart 9.0
HP Customer cenzura! Program 14.0
HP Deskjet F4500 All-in-One Driver Software 14.0 Rel. 6
HP Imaging Device Functions 14.0
HP Photosmart Essential 2.01
HP Photosmart Essential2.01
HP Smart Web Printing 4.60
HP Solution Center 14.0
HP Update
HPDiagnosticAlert
hpicamDrvQFolder
HPProductAssistant
HPSSupply
InstantShareDevicesMFC
ipla 2.1.5
IrfanView (remove only)
Java 7 Update 51
Java Auto Updater
jetAudio Plus VX
K-Lite Mega Codec Pack 7.9.0
KOBI DEMO
Living 3D Fireplace 2.0
Living Marine Aquarium 2
MarketResearch
Microsoft .NET Framework 2.0 Service Pack 1
Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - PLK
Microsoft .NET Framework 3.0 Service Pack 1
Microsoft .NET Framework 3.0 Service Pack 1 Language Pack - PLK
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft Games for Windows - LIVE
Microsoft Games for Windows - LIVE Redistributable
Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
Microsoft Office Access MUI (Polish) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (Polish) 2007
Microsoft Office Groove MUI (Polish) 2007
Microsoft Office InfoPath MUI (Polish) 2007
Microsoft Office OneNote MUI (Polish) 2007
Microsoft Office Outlook MUI (Polish) 2007
Microsoft Office PowerPoint MUI (Polish) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (German) 2007
Microsoft Office Proof (Polish) 2007
Microsoft Office Proofing (Polish) 2007
Microsoft Office Publisher MUI (Polish) 2007
Microsoft Office Shared MUI (Polish) 2007
Microsoft Office Word MUI (Polish) 2007
Microsoft Office Word Viewer 2003
Microsoft Silverlight
Microsoft Software Update for Web Folders (Polish) 12
Microsoft User-Mode Driver Framework Feature Pack 1.9
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106
Mozilla Firefox 29.0.1 (x86 pl)
Mozilla Maintenance Service
MSVC80_x86_v2
MSVC90_x86
MSXML 6.0 Parser
Multimedia Launcher
myMousePainter
Need for Speedt SHIFT
Nero OEM
Network
NOD32 v3.x FiX 1.1 by TemDono (Free Updates - Expire in 2050)
NOKIA 3806 USB DRIVER Ver:1.5
Nokia Care Suite PST 5.0
Nokia Connectivity Cable Driver
Nokia Ovi Suite
Nokia Ovi Suite Software Updater
Nokia PC Suite
Nokia Software Updater
NVIDIA Drivers
NVIDIA PhysX
ODF Add-in for Microsoft Word
Omnius for SE v0.14
Orban/Coding Technologies AAC/aacPlus Player Plugint 1.0
Ovi Desktop Sync Engine
OviMPlatform
Pakiet sterownik˘w systemu Windows - Nokia Modem (02/25/2011 4.7)
Pakiet sterownik˘w systemu Windows - Nokia Modem (02/25/2011 7.01.0.9)
Pakiet sterownik˘w systemu Windows - Nokia pccsmcfd "LegacyDriver" (05/31/2012 7.1.2.0)
PanoStandAlone
PC Connectivity Solution
PeerGuardian 2.0
PL-2303 USB-to-Serial
PokerStars
Poprawka dla systemu Windows XP (KB932716-v2)
Poprawka dla systemu Windows XP (KB938759)
PowerDVD
PowerProducer
Prawo Jazdy 2009 1.1
Prawo Jazdy ABCDT - egzamin wewn©trzny 3.5
PSSWCORE
QuickTime
Race Driver 3
RaidCall
Rally Trophy
Real Alternative 2.0.2
REALTEK GbE & FE Ethernet PCI-E NIC Driver
Realtek High Definition Audio Driver
Richard Burns Rally
Rockstar Games Social Club
Scan
screenSHU - the fastest screen capture ever.
SCV Transcoding Tool V3.0.0.4
Shop for HP Supplies
Skypet 5.0
SmartWebPrinting
SolutionCenter
Sony Ericsson PC Suite 1.20.224
Sony Ericsson PC Suite 6.009.00
SopCast 3.0.3
Status
STREET FIGHTER IV
swMSM
ToCA Race Driver 2
Tom Clancy's EndWar
Toolbox
TrayApp
Unity Web Player
UnloadSupport
USB Serial Port Driver (x86)
VELUX Aranľacje 3D 1.0
VideoToolkit01
vShare.tv plugin 1.3
Vuze
WebFldrs XP
WebReg
WERSJA DEMONSTRACYJNA FIFA 12
Windows Live ID Sign-in Assistant
Windows Media Format 11 runtime
Windows Mobile Device Updater Component
Windows Presentation Foundation
Windows XP Service Pack 3
WinUSB Drivers x86 ext
World in Conflict: Soviet Assault
World of Tanks
XBCD 360 0.2.5
XML Paper Specification Shared Components Pack 1.0
Xvid 1.2.2 final uninstall
Zune
Zune Language Pack (CHS)
Zune Language Pack (CHT)
Zune Language Pack (CSY)
Zune Language Pack (DAN)
Zune Language Pack (DEU)
Zune Language Pack (ELL)
Zune Language Pack (ESP)
Zune Language Pack (FIN)
Zune Language Pack (FRA)
Zune Language Pack (HUN)
Zune Language Pack (IND)
Zune Language Pack (ITA)
Zune Language Pack (JPN)
Zune Language Pack (KOR)
Zune Language Pack (MSL)
Zune Language Pack (NLD)
Zune Language Pack (NOR)
Zune Language Pack (PLK)
Zune Language Pack (PTB)
Zune Language Pack (PTG)
Zune Language Pack (RUS)
Zune Language Pack (SVE)
==== Running Processes ======================
C:\windows\System32\smss.exe
C:\windows\system32\csrss.exe
C:\windows\system32\winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\spoolsv.exe
C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\windows\Explorer.EXE
C:\windows\system32\nvsvc32.exe
C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
C:\windows\system32\PnkBstrA.exe
C:\Program Files\BrowseMark\updateBrowseMark.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Zune\ZuneBusEnum.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
C:\windows\system32\ctfmon.exe
C:\windows\system32\wscntfy.exe
C:\windows\System32\alg.exe
C:\Program Files\BrowseMark\bin\utilBrowseMark.exe
C:\Program Files\BrowseMark\bin\BrowseMark.PurBrowse.exe
C:\Program Files\BrowseMark\bin\BrowseMark.BrowserAdapter.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Documents and Settings\Ice\Pulpit\zoek.exe
C:\windows\System32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k WudfServiceGroup
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k hpdevmgmt
C:\windows\system32\svchost.exe -k HPService
C:\windows\System32\svchost.exe -k HPZ12
C:\windows\System32\svchost.exe -k HPZ12
C:\windows\system32\svchost.exe -k imgsvc
==== Services (whitelist) ======================
Powered by [url=http://www.antimalwarehelp.be/EDev/]E Dev[/url]
R2 - [APNMCP] - Ask Update Service - "C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe"
R2 - [JavaQuickStarterService] - Java Quick Starter - "C:\Program Files\Java\jre7\bin\jqs.exe" -service -config "C:\Program Files\Java\jre7\lib\deploy\jqs\jqs.conf"
R2 - [NVSvc] - NVIDIA Display Driver Service - C:\windows\system32\nvsvc32.exe
R2 - [PnkBstrA] - PnkBstrA - C:\windows\system32\PnkBstrA.exe
R2 - [Update BrowseMark] - Update BrowseMark - "C:\Program Files\BrowseMark\updateBrowseMark.exe"
R2 - [Util BrowseMark] - Util BrowseMark - "C:\Program Files\BrowseMark\bin\utilBrowseMark.exe"
R2 - [wlidsvc] - Windows Live ID Sign-in Assistant - "C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
R3 - [ALG] - Usługa bramy warstwy aplikacji - C:\windows\System32\alg.exe
S2 - [clr_optimization_v4.0.30319_32] - Microsoft .NET Framework NGEN v4.0.30319_X86 - C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
S2 - [gupdate] - Usługa Google Update (gupdate) - "C:\Program Files\Google\Update\GoogleUpdate.exe" /svc
S3 - [AdobeFlashPlayerUpdateSvc] - Adobe Flash Player Update Service - C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
S3 - [aspnet_state] - ASP.NET State Service - C:\windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
S3 - [clr_optimization_v2.0.50727_32] - .NET Runtime Optimization Service v2.0.50727_X86 - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
S3 - [COMSysApp] - Aplikacja systemowa modelu COM+ - C:\WINDOWS\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}
S3 - [EhttpSrv] - Eset HTTP Server - "C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe"
S3 - [FontCache3.0.0.0] - Windows Presentation Foundation Font Cache 3.0.0.0 - C:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
S3 - [gupdatem] - Usługa Google Update (gupdatem) - "C:\Program Files\Google\Update\GoogleUpdate.exe" /medsvc
S3 - [ImapiService] - Usługa COM nagrywania dysków CD IMAPI - C:\WINDOWS\system32\imapi.exe
S3 - [Microsoft Office Groove Audit Service] - Microsoft Office Groove Audit Service - "C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe"
S3 - [MozillaMaintenance] - Mozilla Maintenance Service - "C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe"
S3 - [MSDTC] - Distributed Transaction Coordinator - C:\WINDOWS\system32\msdtc.exe
S3 - [odserv] - Microsoft Office Diagnostics Service - "C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE"
S3 - [ose] - Office Source Engine - "C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE"
S3 - [RDSessMgr] - MenedĹĽer sesji pomocy pulpitu zdalnego - C:\WINDOWS\system32\sessmgr.exe
S3 - [RpcLocator] - Lokalizator usługi zdalnego wywołania procedury (RPC) - C:\windows\system32\locator.exe
S3 - [RSVP] - QoS RSVP - C:\windows\system32\rsvp.exe
S3 - [SwPrv] - MS Software Shadow Copy Provider - C:\WINDOWS\system32\dllhost.exe /Processid:{E55CF835-8756-43CD-AFA1-9E5BECE806C4}
S3 - [SysmonLog] - Dzienniki wydajności i alerty - C:\windows\system32\smlogsvc.exe
S3 - [UPS] - Zasilacz awaryjny (UPS) - C:\windows\System32\ups.exe
S3 - [VSS] - Kopiowanie woluminĂłw w tle - C:\windows\System32\vssvc.exe
S3 - [WmiApSrv] - Karta wydajności WMI - C:\WINDOWS\system32\wbem\wmiapsrv.exe
S3 - [WMZuneComm] - Zune Windows Mobile Connectivity Service - "C:\Program Files\Zune\WMZuneComm.exe"
S3 - [WPFFontCache_v0400] - Windows Presentation Foundation Font Cache 4.0.0.0 - C:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
S3 - [ZuneNetworkSvc] - Zune Network Sharing Service - "C:\Program Files\Zune\ZuneNss.exe"
S3 - [ZuneWlanCfgSvc] - Zune Wireless Configuration Service - "C:\Program Files\Zune\ZuneWlanCfgSvc.exe"
S4 - [ClipSrv] - ClipBook - C:\windows\system32\clipsrv.exe
S4 - [TlntSvr] - Telnet - C:\WINDOWS\system32\tlntsvr.exe
==== Deleting Services ======================
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\APNMCP deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\APNMCP deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Util BrowseMark deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Util BrowseMark deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Eventlog\Application\Util BrowseMark deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Util BrowseMark deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Update BrowseMark deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Update BrowseMark deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Eventlog\Application\Update BrowseMark deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Update BrowseMark deleted successfully
==== FireFox Fix ======================
ProfilePath: C:\Documents and Settings\Ice\Dane aplikacji\Mozilla\Firefox\Profiles\8r6c3ngw.default
user.js not found
---- Lines CT2504091 removed from prefs.js ----
user_pref("CT2504091..clientLogIsEnabled", true);
user_pref("CT2504091..clientLogServiceUrl", "http://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent");
user_pref("CT2504091..uninstallLogServiceUrl", "http://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation");
user_pref("CT2504091.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
user_pref("CT2504091.AboutPrivacyUrl", "http://www.conduit.com/privacy/Default.aspx");
user_pref("CT2504091.BrowserCompStateIsOpen_129707804829376918", true);
user_pref("CT2504091.BrowserCompStateIsOpen_129990558296257215", true);
user_pref("CT2504091.CTID", "CT2504091");
user_pref("CT2504091.CurrentServerDate", "10-1-2013");
user_pref("CT2504091.DialogsAlignMode", "LTR");
user_pref("CT2504091.DialogsGetterLastCheckTime", "Mon Jan 07 2013 22:38:38 GMT+0100");
user_pref("CT2504091.DownloadReferralCookieData", "");
user_pref("CT2504091.EMailNotifierPollDate", "Wed Apr 28 2010 00:46:56 GMT+0200");
user_pref("CT2504091.FeedLastCount129079840422964131", 10);
user_pref("CT2504091.FeedPollDate128891351169457132", "Wed Apr 28 2010 00:16:50 GMT+0200");
user_pref("CT2504091.FeedPollDate129079840422964131", "Wed Apr 28 2010 00:16:50 GMT+0200");
user_pref("CT2504091.FeedTTL128891351169457132", 40);
user_pref("CT2504091.FirstServerDate", "24-4-2010");
user_pref("CT2504091.FirstTime", true);
user_pref("CT2504091.FirstTimeFF3", true);
user_pref("CT2504091.FirstTimeSettingsDone", true);
user_pref("CT2504091.FixPageNotFoundErrors", true);
user_pref("CT2504091.GroupingServerCheckInterval", 1440);
user_pref("CT2504091.GroupingServiceUrl", "http://grouping.services.conduit.com/");
user_pref("CT2504091.HasUserGlobalKeys", true);
user_pref("CT2504091.Initialize", true);
user_pref("CT2504091.InitializeCommonPrefs", true);
user_pref("CT2504091.InstallationAndCookieDataSentCount", 3);
user_pref("CT2504091.InstallationType", "UnknownIntegration");
user_pref("CT2504091.InstalledDate", "Sat Apr 24 2010 21:14:10 GMT+0200");
user_pref("CT2504091.IsGrouping", false);
user_pref("CT2504091.IsMulticommunity", false);
user_pref("CT2504091.IsOpenThankYouPage", false);
user_pref("CT2504091.IsOpenUninstallPage", false);
user_pref("CT2504091.LanguagePackLastCheckTime", "Wed Jan 09 2013 19:12:17 GMT+0100");
user_pref("CT2504091.LanguagePackReloadIntervalMM", 1440);
user_pref("CT2504091.LanguagePackServiceUrl", "http://translation.users.conduit.com/Translation.ashx");
user_pref("CT2504091.LastLogin_2.6.0.15", "Wed Apr 28 2010 00:16:50 GMT+0200");
user_pref("CT2504091.LastLogin_3.12.2.3", "Sun Jun 03 2012 20:27:03 GMT+0200");
user_pref("CT2504091.LastLogin_3.13.0.6", "Sun Jul 15 2012 15:30:17 GMT+0200");
user_pref("CT2504091.LastLogin_3.14.1.0", "Wed Aug 22 2012 19:20:30 GMT+0200");
user_pref("CT2504091.LastLogin_3.15.1.0", "Fri Nov 23 2012 16:23:37 GMT+0100");
user_pref("CT2504091.LastLogin_3.16.0.100", "Thu Jan 10 2013 10:54:26 GMT+0100");
user_pref("CT2504091.LastLogin_3.16.0.3", "Sun Dec 30 2012 22:40:02 GMT+0100");
user_pref("CT2504091.LatestVersion", "3.16.0.100");
user_pref("CT2504091.Locale", "en-us");
user_pref("CT2504091.LoginCache", 4);
user_pref("CT2504091.MCDetectTooltipHeight", "83");
user_pref("CT2504091.MCDetectTooltipUrl", "http://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
user_pref("CT2504091.MCDetectTooltipWidth", "295");
user_pref("CT2504091.MyStuffEnabledAtInstallation", true);
user_pref("CT2504091.SHRINK_TOOLBAR", 1);
user_pref("CT2504091.SearchEngine", "Search||http://search.conduit.com/Results.aspx?q=UCM_SEARCH_TERM&ctid=CT2504091&octid=EB_ORIGINAL_CTID&SearchSour
user_pref("CT2504091.SearchFromAddressBarIsInit", true);
user_pref("CT2504091.SearchFromAddressBarUrl", "http://search.conduit.com/ResultsExt.aspx?ctid=CT2504091&q=");
user_pref("CT2504091.SearchInNewTabEnabled", true);
user_pref("CT2504091.SearchInNewTabIntervalMM", 1440);
user_pref("CT2504091.SearchInNewTabLastCheckTime", "Wed Jan 09 2013 19:12:16 GMT+0100");
user_pref("CT2504091.SearchInNewTabServiceUrl", "http://newtab.conduit-hosting.com/newtab/?ctid=EB_TOOLBAR_ID");
user_pref("CT2504091.SearchInNewTabUsageUrl", "http://Usage.Hosting.conduit-services.com/UsageService.asmx/UsersRequests?ctid=EB_TOOLBAR_ID");
user_pref("CT2504091.SearchInNewTabUserEnabled", false);
user_pref("CT2504091.ServiceMapLastCheckTime", "Wed Jan 09 2013 19:12:16 GMT+0100");
user_pref("CT2504091.SettingsCheckIntervalMin", 120);
user_pref("CT2504091.SettingsLastCheckTime", "Thu Jan 10 2013 10:54:25 GMT+0100");
user_pref("CT2504091.SettingsLastUpdate", "1357802690");
user_pref("CT2504091.ThirdPartyComponentsInterval", 504);
user_pref("CT2504091.ThirdPartyComponentsLastCheck", "Sat Apr 24 2010 21:14:09 GMT+0200");
user_pref("CT2504091.ThirdPartyComponentsLastUpdate", "1265745383");
user_pref("CT2504091.TrusteLinkUrl", "http://trust.conduit.com/CT2504091");
user_pref("CT2504091.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,client.conduit-storage.com,OurToolbar.com,CommunityTool
user_pref("CT2504091.UserID", "UN86669102715324466");
user_pref("CT2504091.ValidationData_Toolbar", 0);
user_pref("CT2504091.alertChannelId", "897164");
user_pref("CT2504091.backendstorage.cbcountry_001", "504C");
user_pref("CT2504091.backendstorage.cbfirsttime", "5361742053657020323220323031322032303A34363A353220474D542B30323030");
user_pref("CT2504091.backendstorage.shoppingapp.gk.exipres", "5468752053657020323720323031322032303A34363A353020474D542B30323030");
user_pref("CT2504091.backendstorage.shoppingapp.gk.geolocation", "706F6C616E64");
user_pref("CT2504091.clientLogIsEnabled", true);
user_pref("CT2504091.clientLogServiceUrl", "http://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent");
user_pref("CT2504091.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.conduit.com;apps.conduit.com;services.apps.conduit.
user_pref("CT2504091.homepageProtectorEnableByLogin", true);
user_pref("CT2504091.initDone", true);
user_pref("CT2504091.myStuffEnabled", true);
user_pref("CT2504091.myStuffPublihserMinWidth", 400);
user_pref("CT2504091.myStuffSearchUrl", "http://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOrigin=29&ctid=EB_TOOLBAR_ID&octid=EB_ORIGINAL_CTID"
user_pref("CT2504091.myStuffServiceIntervalMM", 1440);
user_pref("CT2504091.myStuffServiceUrl", "http://mystuff.conduit-services.com/MyStuffService.ashx?ComponentId=EB_MY_STUFF_INSTANCE_GUID&lut=EB_MY_STUF
user_pref("CT2504091.revertSettingsEnabled", true);
user_pref("CT2504091.searchProtectorDialogDelayInSec", 10);
user_pref("CT2504091.searchProtectorEnableByLogin", true);
user_pref("CT2504091.testingCtid", "");
user_pref("CT2504091.toolbarAppMetaDataLastCheckTime", "Wed Jan 09 2013 19:12:17 GMT+0100");
user_pref("CT2504091.uninstallLogServiceUrl", "http://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation");
user_pref("CT2504091.usagesFlag", 2);
user_pref("CommunityToolbar.ETag.http://Settings.toolbar.search.conduit.com/root/CT2504091/CT2504091", "\"602b0b583160a6cedb96760b36b3d44f3\"");
user_pref("CommunityToolbar.ETag.http://appsmetadata.toolbar.conduit-services.com/?ctid=CT2504091", "\"1354582230\"");
user_pref("CommunityToolbar.ETag.http://servicemap.conduit-services.com/Toolbar/?ownerId=CT2504091", "\"b0247494cf7d18dd5da86e5d578c7bdb\"");
user_pref("CommunityToolbar.ToolbarsList", "CT2504091,ConduitEngine");
user_pref("CommunityToolbar.ToolbarsList2", "CT2504091");
---- Lines conduit removed from prefs.js ----
user_pref("CommunityToolbar.alert.clientsServerUrl", "http://alert.client.conduit.com");
user_pref("CommunityToolbar.alert.servicesServerUrl", "http://alert.services.conduit.com");
user_pref("CommunityToolbar.EngineOwner", "ConduitEngine");
user_pref("CommunityToolbar.EngineOwnerGuid", "engine@conduit.com");
user_pref("CommunityToolbar.EngineOwnerToolbarId", "conduitengine");
user_pref("CommunityToolbar.ETag.http://alert.services.conduit.com/Alerts/AlertServices.asmx/GetHostedFeedRss?alertID=897164&alertFeedId=892962", "\"0
user_pref("CommunityToolbar.ETag.http://alerts.conduit-services.com/root/897164/892962/PL", "\"0\"");
user_pref("CommunityToolbar.ETag.http://alerts.conduit-services.com/root/909619/905414/PL", "\"0\"");
user_pref("CommunityToolbar.ETag.http://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\"07879643d3acc1:0\"");
user_pref("CommunityToolbar.ETag.http://dynamicdialogs.engine.conduit-services.com/DLG.pkg?ver=3.3.3.2", "\"80ee9485875dcc1:0\"");
user_pref("CommunityToolbar.ETag.http://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12.2.3", "\"4ead38b3e6bcd1:0\"");
user_pref("CommunityToolbar.ETag.http://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.13.0.6", "\"0d648794549cd1:0\"");
user_pref("CommunityToolbar.ETag.http://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.14.1.0", "\"0e0a4327275cd1:0\"");
user_pref("CommunityToolbar.ETag.http://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.15.1.0", "\"0343677cfb1cd1:0\"");
user_pref("CommunityToolbar.ETag.http://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.16.0.100", "\"0343677cfb1cd1:0\"");
user_pref("CommunityToolbar.ETag.http://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.16.0.3", "\"0343677cfb1cd1:0\"");
user_pref("CommunityToolbar.ETag.http://settings.engine.conduit-services.com/?browser=FF&lut=0", "634356118310000000");
user_pref("CommunityToolbar.ETag.http://settings.engine.conduit-services.com/?browser=FF&lut=3/13/2011 11:17:11 AM", "634356118310000000");
user_pref("CommunityToolbar.ETag.http://translation.toolbar.conduit-services.com/?locale=EB_LOCALE", "\"9c1c4e455c257dcb7987424f3330d812\"");
user_pref("CommunityToolbar.ETag.http://translation.toolbar.conduit-services.com/?locale=en-us", "\"abc8bfb53666260dae0d8a625b04b6c3\"");
user_pref("CommunityToolbar.OriginalEngineOwner", "ConduitEngine");
user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "engine@conduit.com");
user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", "conduitengine");
user_pref("ConduitEngine.AppTrackingLastCheckTime", "Fri Nov 11 2011 16:31:52 GMT+0100");
user_pref("ConduitEngine.componentAlertEnabled", false);
user_pref("ConduitEngine.CTID", "ConduitEngine");
user_pref("ConduitEngine.DialogsGetterLastCheckTime", "Fri Nov 11 2011 21:44:04 GMT+0100");
user_pref("ConduitEngine.engineLocale", "pl");
user_pref("ConduitEngine.enngineContextMenuLastCheckTime", "Sat Nov 12 2011 13:17:09 GMT+0100");
user_pref("ConduitEngine.FirstServerDate", "03/29/2011 22");
user_pref("ConduitEngine.FirstTime", true);
user_pref("ConduitEngine.FirstTimeFF3", true);
user_pref("ConduitEngine.globalFirstTimeInfoLastCheckTime", "Sat Nov 12 2011 13:17:10 GMT+0100");
user_pref("ConduitEngine.HasUserGlobalKeys", true);
user_pref("ConduitEngine.initDone", true);
user_pref("ConduitEngine.Initialize", true);
user_pref("ConduitEngine.InitializeCommonPrefs", true);
user_pref("ConduitEngine.InstalledDate", "Tue Mar 29 2011 21:36:04 GMT+0200");
user_pref("ConduitEngine.isAppTrackingManagerOn", true);
user_pref("ConduitEngine.IsMulticommunity", false);
user_pref("ConduitEngine.IsOpenThankYouPage", false);
user_pref("ConduitEngine.IsOpenUninstallPage", true);
user_pref("ConduitEngine.LanguagePackLastCheckTime", "Sat Nov 12 2011 13:17:09 GMT+0100");
user_pref("ConduitEngine.LastLogin_3.3.3.2", "Sat Nov 12 2011 13:17:09 GMT+0100");
user_pref("ConduitEngine.SearchFromAddressBarIsInit", true);
user_pref("ConduitEngine.SettingsLastCheckTime", "Sat Nov 12 2011 13:17:09 GMT+0100");
user_pref("ConduitEngine.usagesFlag", 2);
user_pref("ConduitEngine.UserID", "UN19115070954006053");
---- Lines CommunityToolbar removed from prefs.js ----
user_pref("CommunityToolbar.alert.alertDialogsGetterLastCheckTime", "Sun Nov 06 2011 00:24:53 GMT+0100");
user_pref("CommunityToolbar.alert.alertInfoInterval", 1440);
user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Sat Nov 12 2011 13:17:18 GMT+0100");
user_pref("CommunityToolbar.alert.locale", "en");
user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);
user_pref("CommunityToolbar.alert.loginLastCheckTime", "Sat Nov 12 2011 13:17:08 GMT+0100");
user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1313487611");
user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);
user_pref("CommunityToolbar.alert.showTrayIcon", false);
user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
user_pref("CommunityToolbar.alert.userId", "{242e7203-48e7-4059-98b6-ad262bc0de0c}");
user_pref("CommunityToolbar.globalUserId", "c18c5fe6-0929-44c8-a29d-83861475e568");
user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
user_pref("CommunityToolbar.IsEngineShown", true);
user_pref("CommunityToolbar.IsMyStuffImportedToEngine", true);
user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "chrome://browser-region/locale/region.properties");
---- FireFox user.js and prefs.js backups ----
prefs__2347_.backup
==== Deleting Files \ Folders ======================
C:\DOCUME~1\ALLUSE~1\DANEAP~1\AskPartnerNetwork deleted
C:\DOCUME~1\ALLUSE~1\DANEAP~1\APN deleted
C:\DOCUME~1\ALLUSE~1\DANEAP~1\Package Cache deleted
C:\Documents and Settings\Ice\Ustawienia lokalne\Dane aplikacji\RewardsArcade deleted
C:\Documents and Settings\Ice\Ustawienia lokalne\Dane aplikacji\Vuze_Remote deleted
C:\Documents and Settings\Ice\Ustawienia lokalne\Dane aplikacji\cache deleted
C:\Documents and Settings\Ice\Ustawienia lokalne\Dane aplikacji\Conduit deleted
C:\Documents and Settings\All Users\Menu Start\Programy\ScreenSavers deleted
C:\END deleted
C:\Documents and Settings\Ice\Dane aplikacji\Mozilla\Firefox\Profiles\8r6c3ngw.default\searchplugins\ask-search.xml deleted
C:\Documents and Settings\Ice\Dane aplikacji\Mozilla\Firefox\Profiles\8r6c3ngw.default\Invalidprefs.js deleted
C:\Documents and Settings\Ice\Dane aplikacji\Mozilla\Firefox\Profiles\8r6c3ngw.default\CT2504091 deleted
C:\Documents and Settings\Ice\Dane aplikacji\Mozilla\Firefox\Profiles\8r6c3ngw.default\conduit deleted
C:\Documents and Settings\Ice\Dane aplikacji\Mozilla\Firefox\Profiles\8r6c3ngw.default\ConduitEngine deleted
"C:\Program Files\BrowseMark\updateBrowseMark.exe" deleted
"C:\Program Files\BrowseMark\updateBrowseMark.exe" deleted
"C:\Program Files\BrowseMark\bin\BrowseMark.BrowserAdapter.exe" deleted
"C:\Program Files\BrowseMark\bin\BrowseMark.PurBrowse.exe" deleted
"C:\Program Files\BrowseMark\bin\utilBrowseMark.exe" deleted
"C:\Program Files\BrowseMark\bin\{b99c8534-7800-48fa-bd71-519a46cdc7e1}.dll" not deleted
"C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe" deleted
"C:\Program Files\BrowseMark\bin\BrowseMark.BrowserAdapter.exe" deleted
"C:\Program Files\BrowseMark\bin\BrowseMark.PurBrowse.exe" deleted
"C:\Program Files\BrowseMark\bin\utilBrowseMark.exe" deleted
"C:\Program Files\BrowseMark\bin\{b99c8534-7800-48fa-bd71-519a46cdc7e1}.dll" not deleted
"C:\Program Files\BrowseMark" not deleted
"C:\Program Files\AskPartnerNetwork" deleted
"C:\Program Files\BrowseMark" not deleted
"C:\Program Files\BrowseMark\bin" not deleted
"C:\Program Files\AskPartnerNetwork\Toolbar" deleted
"C:\Program Files\AskPartnerNetwork\Toolbar\Updater" deleted
"C:\Program Files\BrowseMark\bin" not deleted
==== System Specs ======================
Windows: Windows XP Professional Dodatek Service Pack 3 (Build 2600)
Memory (RAM): 3583 MB
CPU Info: Intel(R) Core(TM)2 Duo CPU E4600 @ 2.40GHz
CPU Speed: 2399,6 MHz
Sound Card: Realtek HD Audio output |
Display Adapters: NVIDIA GeForce 9600 GT | NVIDIA GeForce 9600 GT | NetMeeting driver | RDPDD Chained DD
Monitors: 2x; Monitor domyślny | Monitor domyślny |
Screen Resolution: 1440 X 900 - 32 bit
Network: Network Present
Network Adapters: Karta Realtek RTL8139 Family PCI Fast Ethernet NIC #2 - Sterownik miniport Harmonogramu pakietów | Realtek RTL8168/8111 PCI-E Gigabit Ethernet NIC - Sterownik miniport Harmonogramu pakietów
CD / DVD Drives: 2x (F: | H: | ) F: HL-DT-STDVDRAM GSA-4167B | H: NMHM 9YZO5QVWT
Ports: COM1 | COM3 LPT1
Mouse: 5 Button Wheel Mouse Present
Hard Disks: C: 48,8GB | D: 195,3GB | E: 221,6GB
Hard Disks - Free: C: 6,5GB | D: 147,4GB | E: 11,8GB
Manufacturer *: Award Software International, Inc.
BIOS Info: AT/AT COMPATIBLE | 04/09/08 | GBT - 42302e31
Time Zone: Środkowoeuropejski czas stand.
Motherboard *: Gigabyte Technology Co., Ltd. EP31-DS3L
Country: Polska
Language: PLK
==== System Specs (Software) ======================
Anti-Virus: ESET Smart Security 3.0 On-access scanning disabled (Updated)
Firewall: ESET Personal firewall enabled
Default Browser: Firefox 29.0.1
Internet Explorer version: 6.0.2900.5512
Mozilla Firefox version: 29.0.1 (x86 pl)
Google Chrome version: 35.0.1916.114
Adobe Reader version: 10.1.10.18
Sun Java version: 1.7.0_51 (32-bit)
Flash Player version: 13.0.0.214
Shockwave Player version: 11.6.8r638
==== Startup Registry Enabled ======================
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE"
[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE"
[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE"
[HKEY_USERS\S-1-5-21-117609710-220523388-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="D:\Programy\deamon tools\DAEMON Tools Lite\daemon.exe -autorun"
"ctfmon.exe"="C:\windows\system32\ctfmon.exe"
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe /background"
[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="RUNDLL32.EXE C:\windows\system32\NvCpl.dll,NvStartup"
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe -atboottime"
"GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
"egui"="C:\Program Files\ESET\ESET Smart Security\egui.exe /hide /waitservice"
"Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"ApnTBMon"="C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"
"nwiz"="nwiz.exe /install"
"NvMediaCenter"="RUNDLL32.EXE C:\windows\system32\NvMcTray.dll,NvTaskbarInit"
"FLSDeviceControlPanel"="C:\windows\system32\FLSDEVCP.EXE"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"WIAWizardMenu"="RUNDLL32.EXE C:\windows\system32\sti_ci.dll,WiaCreateWizardMenu"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="D:\Programy\deamon tools\DAEMON Tools Lite\daemon.exe -autorun"
"ctfmon.exe"="C:\windows\system32\ctfmon.exe"
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe /background"
==== Task Scheduler Jobs ======================
C:\windows\tasks\Adobe Flash Player Updater.job --a------ C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-14 20:38]
C:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-117609710-220523388-725345543-1003Core.job --a------ C:\Documents and Settings\Ice\Ustawienia lokalne\Dane aplikacji\Facebook\Update\FacebookUpdate.exe [2013-07-17 23:12]
C:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-117609710-220523388-725345543-1003UA.job --a------ C:\Documents and Settings\Ice\Ustawienia lokalne\Dane aplikacji\Facebook\Update\FacebookUpdate.exe [2013-07-17 23:12]
C:\windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [2011-09-05 21:51]
C:\windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [2011-09-05 21:51]
==== Firefox Extensions Registry ======================
[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"crossriderapp498@crossrider.com"="C:\Documents and Settings\Ice\Ustawienia lokalne\Dane aplikacji\RewardsArcade\498\Firefox" []
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"crossriderapp498@crossrider.com"="C:\Documents and Settings\Ice\Ustawienia lokalne\Dane aplikacji\RewardsArcade\498\Firefox" []
[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]
"smartwebprinting@hp.com"="C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3" [2010-10-26 19:49]
==== Firefox Extensions ======================
ProfilePath: C:\Documents and Settings\Ice\Dane aplikacji\Mozilla\Firefox\Profiles\8r6c3ngw.default
- Adblock Plus Pop-up Addon - %ProfilePath%\extensions\adblockpopups@jessehakanen.net.xpi
- Twojanuta.pl - %ProfilePath%\extensions\zacz3k@gmail.com.xpi
- Zrzuta - %ProfilePath%\extensions\zrzuta@klachoo.net.xpi
- Easy YouTube Video Downloader - %ProfilePath%\extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}.xpi
- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
- Greasemonkey - %ProfilePath%\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
AppDir: C:\Program Files\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
==== Firefox Plugins ======================
Profilepath: C:\Documents and Settings\Ice\Dane aplikacji\Mozilla\Firefox\Profiles\8r6c3ngw.default
A58DE0A570148AF5FF3512B2A340D09F - C:\windows\system32\Macromed\Flash\NPSWF32_13_0_0_214.dll - Shockwave Flash
785105A23650755A8F7A72405EB0D923 - C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll - Google Update
1E5E8C84DE796A01D1D46E3A660690F1 - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll - Adobe Acrobat
F055C91A961601B8D50EF2976145AEE6 - C:\Program Files\Adobe\Reader 10.0\Reader\browser\nppdf32.dll - Adobe Acrobat
492100C9050D4B6A10EAB7F3AE60A552 - C:\Documents and Settings\Ice\Dane aplikacji\raidcall\plugins\nprcplugin.dll - Raidcall plugin
A9191AE22A8F1287B5E2DF33E3A57253 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll - Java(TM) Platform SE 7 U51
9B10927CFD0F7AD39E40C0E34005B1AD - C:\windows\system32\npdeployJava1.dll - Java Deployment Toolkit 7.0.510.13
5B92CB0A3EEE50F6B9AE036B4F9B0F0C - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll - Google Earth Plugin
BE501CBC29B2025A263D80D399F1797A - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll - Silverlight Plug-In
2BF85B6162528E0635DD8D632EB975C8 - C:\Documents and Settings\Ice\Ustawienia lokalne\Dane aplikacji\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll - Facebook Desktop
6846D2CA7E1D5937AEE3F99BB7F5464B - C:\windows\system32\Adobe\Director\np32dsw_1168638.dll - Shockwave for Director / Shockwave for Director
A63259925ADB2A1181C712513EBFB8ED - C:\Documents and Settings\Ice\Ustawienia lokalne\Dane aplikacji\Unity\WebPlayer\loader\npUnity3D32.dll - Unity Player
9FFB7CAAC852830BF6FAAB0FF5FC283C - C:\Program Files\QuickTime\Plugins\npqtplugin7.dll - QuickTime Plug-in 7.6.9
51AC7D4C4129EB8080096EB8586939BB - C:\Program Files\QuickTime\Plugins\npqtplugin6.dll - QuickTime Plug-in 7.6.9
9852A04E9509253981402C04273F79B2 - C:\Program Files\QuickTime\Plugins\npqtplugin5.dll - QuickTime Plug-in 7.6.9
DC06C3FAC1802384CA4BD0675C0603AC - C:\Program Files\QuickTime\Plugins\npqtplugin4.dll - QuickTime Plug-in 7.6.9
355E8E89E72BBEDF8E15EE3395CABF9E - C:\Program Files\QuickTime\Plugins\npqtplugin3.dll - QuickTime Plug-in 7.6.9
759719E8E0BC097DD59776CA26E81C3E - C:\Program Files\QuickTime\Plugins\npqtplugin2.dll - QuickTime Plug-in 7.6.9
A47E6D797682DDD0A8E6DEAA1C121861 - C:\Program Files\QuickTime\Plugins\npqtplugin.dll - QuickTime Plug-in 7.6.9
8E2810B436C017FBAD000FE6DD032462 - C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10\_userdata\npgg.4.dll - Gadu-Gadu Plug-in
65FB4909BD29CAAA81FDC69AD21BB905 - C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll - RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit)
01F0264937036BD962563F1ADF35CE72 - C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll - RealPlayer Version Plugin
65FB4909BD29CAAA81FDC69AD21BB905 - C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10\_userdata\nppl3260.dll - RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit)
01F0264937036BD962563F1ADF35CE72 - C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10\_userdata\nprpjplug.dll - RealPlayer Version Plugin
7E90EAF7A60086E42240BECA3F825B2C - C:\Program Files\Windows Media Player\npdrmv2.dll - Microsoft® DRM
4BDD23910B5A3ED085D865D06B92D8F1 - C:\Program Files\Windows Media Player\npdsplay.dll - Windows Media Player Plug-in Dynamic Link Library
4ED9C02D6916DD1DBD3EFB338E36F312 - C:\Program Files\Windows Media Player\npwmsdrm.dll - Microsoft® DRM
B27CCB1168B1960AEC6E9D3E0E0F0D2A - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrlui.dll - Microsoft® Silverlight
86EBC55E707A905C20A7924BC79E20C4 - C:\windows\system32\npptools.dll - System operacyjny Microsoft® Windows®
==== Chrome Look ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
dcmagccbogebndpoodhhhafmofelpffh - C:\Documents and Settings\Ice\Ustawienia lokalne\Dane aplikacji\RewardsArcade\498\Chrome\rewardsarcade.crx[]
kpionmjnkbpcdpcflammlgllecmejgjj - C:\Program Files\vShare.tv plugin\vshareplg.crx[]
YouTube - Ice\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Ice\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
RewardsArcade - Ice\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\dcmagccbogebndpoodhhhafmofelpffh
vshare plugin - Ice\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\kpionmjnkbpcdpcflammlgllecmejgjj
Gmail - Ice\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
==== Chrome Fix ======================
C:\Documents and Settings\Ice\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\dcmagccbogebndpoodhhhafmofelpffh deleted successfully
C:\Documents and Settings\Ice\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Local Storage\chrome-extension_dcmagccbogebndpoodhhhafmofelpffh_0.localstorage deleted successfully
C:\Documents and Settings\Ice\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\databases\chrome-extension_dcmagccbogebndpoodhhhafmofelpffh_0 deleted successfully
C:\Documents and Settings\Ice\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\kpionmjnkbpcdpcflammlgllecmejgjj deleted successfully
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} @ieframe.dll,-12512 Url="http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"
==== Deleting CLSID Registry Keys ======================
==== Deleting CLSID Registry Values ======================
HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\crossriderapp498@crossrider.com deleted successfully
HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\crossriderapp498@crossrider.com deleted successfully
==== Deleting Registry Keys ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\dcmagccbogebndpoodhhhafmofelpffh deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\kpionmjnkbpcdpcflammlgllecmejgjj deleted successfully
==== Empty IE Cache ======================
C:\Documents and Settings\Ice\Ustawienia lokalne\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\system32\config\systemprofile\Ustawienia lokalne\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\system32\config\systemprofile\Ustawienia lokalne\Temporary Internet Files\Content.IE5 emptied successfully
C:\Documents and Settings\Ice\Ustawienia lokalne\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Documents and Settings\LocalService\Ustawienia lokalne\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
==== Empty FireFox Cache ======================
C:\Documents and Settings\Ice\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\8r6c3ngw.default\Cache emptied successfully
==== Empty Chrome Cache ======================
C:\Documents and Settings\Ice\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
Java Cache cleared successfully
==== C:\zoek_backup content ======================
C:\zoek_backup (files=588 folders=199 52152156 bytes)
==== Empty Temp Folders ======================
C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp emptied successfully
C:\Documents and Settings\Ice\Ustawienia lokalne\Temp will be emptied at reboot
C:\Documents and Settings\LocalService\Ustawienia lokalne\Temp emptied successfully
C:\Documents and Settings\NetworkService\Ustawienia lokalne\Temp emptied successfully
C:\windows\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\windows\Temp successfully emptied
C:\DOCUME~1\Ice\USTAWI~1\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\RECYCLER successfully emptied
==== Deleting Files / Folders ======================
"C:\Program Files\BrowseMark\bin\{b99c8534-7800-48fa-bd71-519a46cdc7e1}.dll" not found
"C:\Program Files\BrowseMark\bin\{b99c8534-7800-48fa-bd71-519a46cdc7e1}.dll" not found
"C:\Documents and Settings\Ice\Ustawienia lokalne\Temporary Internet Files\Content.IE5\index.dat" not found
"C:\Documents and Settings\LocalService\Ustawienia lokalne\Temporary Internet Files\Content.IE5\index.dat" not deleted
"C:\Program Files\BrowseMark" not found
"C:\Program Files\BrowseMark" not found
==== EOF on 2014-06-06 at 23:55:22,85 ======================
Dodano 06.06.2014 23:02:27:
kiedyś to si robiło w sillentrunners ;P ,ale to tyle czasu minęło jak nie miałem większych problemów z kompem. ;P Mam nadzieję że to o to chodziło?
~Danny~
Utilbrowsemark - podejrzany proces
przez NieWiem 07 Cze 2014, 12:03
Pamiętam czasy SilentRunners, zresztą narzędzie to zostało nawet zaktualizowane do pracy z Windowsem 8. ZOEK ma to do siebie, że implementuje je nawet w sobie. Z dedykacją dla Ciebie log z Silent Runners będzie zaimplementowany w głównym logu
Po tym procesie czekam na info jak chodzi komputer i czy jeszcze są jakieś problemy
Musisz wyłączyć program AV na czas trwania tego skanowania.
Uruchom ponownie ZOEK jako administrator.
W oknie programu wklej następujący skrypt:
Upewnij się, że opcja Scan All Users jest zaznaczona.
Wciśnij Run Script i poczekaj na wynikowy raport. Przeklej go.
Autor postu otrzymał pochwałę
Po tym procesie czekam na info jak chodzi komputer i czy jeszcze są jakieś problemy
Musisz wyłączyć program AV na czas trwania tego skanowania.
Uruchom ponownie ZOEK jako administrator.
W oknie programu wklej następujący skrypt:
- Kod: Zaznacz wszystko
createsrpoint;
C:\Program Files\BrowseMark;fs
C:\Program Files\AskPartnerNetwork;fs
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run];r
"ApnTBMon"=-;r
Ask Toolbar;u
BrowseMark;u
autoclean;
process;
systemspecs;
startupall;
services-list;
filescrm;
firefoxlook;
chromelook;
skipfix-iedefaults;
installedprogs;
silentrunners;
Upewnij się, że opcja Scan All Users jest zaznaczona.
Wciśnij Run Script i poczekaj na wynikowy raport. Przeklej go.
Autor postu otrzymał pochwałę
1. Pomocy udzielam wyłącznie na licencji beerware!
2. Jeśli nie odpowiadam od razu w temacie, to znaczy że mam życie poza internetem. Uszanuj mój dobrowolnie poświęcony czas i nie oczekuj wszystkiego natychmiast. Jeśli nie odpowiadam przez 48 godzin, przyślij PW.
STOP ++> trollom, dzieciom neostrady, emo, Forestom, kotożercom i nienawiści [ nie dotyczy wymienionych wcześniej ]
2. Jeśli nie odpowiadam od razu w temacie, to znaczy że mam życie poza internetem. Uszanuj mój dobrowolnie poświęcony czas i nie oczekuj wszystkiego natychmiast. Jeśli nie odpowiadam przez 48 godzin, przyślij PW.
STOP ++> trollom, dzieciom neostrady, emo, Forestom, kotożercom i nienawiści [ nie dotyczy wymienionych wcześniej ]
-
NieWiem - ~user
- Posty: 2183
- Dołączenie: 19 Cze 2009, 17:01
- Miejscowość: Okolice Okolic
- Pochwały: 171
-
Utilbrowsemark - podejrzany proces
przez IceCooLL 09 Cze 2014, 21:11
Dzięki serdeczne za dedykowany log 
Jak na razie wszystko śmiga ok, proces już się nie pojawia
, reklamy póki co nie przebijają się przez addblocka.
Dziękuję również za pomoc, oczywiście pochwała zostanie kliknięta
Problem uważam za rozwiązany ,temat do zamknięcie.
Ps. jak ten czas leci
..i wydaje mi się że jakby szybciej się uruchamia komputer i chodzi jakoś śmielej Dzięki!
Jak na razie wszystko śmiga ok, proces już się nie pojawia
, reklamy póki co nie przebijają się przez addblocka.Dziękuję również za pomoc, oczywiście pochwała zostanie kliknięta
Problem uważam za rozwiązany ,temat do zamknięcie.
Ps. jak ten czas leci
..i wydaje mi się że jakby szybciej się uruchamia komputer i chodzi jakoś śmielej
Dzięki!~Danny~
Utilbrowsemark - podejrzany proces
przez NieWiem 11 Cze 2014, 18:24
Przepraszam za nieobecność, ale praca mnie wchłonęła.
To nie jest koniec. Potrzebuję jeszcze raportu z ZOEKa po skrypcie do przejrzenia.
To nie jest koniec. Potrzebuję jeszcze raportu z ZOEKa po skrypcie do przejrzenia.
1. Pomocy udzielam wyłącznie na licencji beerware!
2. Jeśli nie odpowiadam od razu w temacie, to znaczy że mam życie poza internetem. Uszanuj mój dobrowolnie poświęcony czas i nie oczekuj wszystkiego natychmiast. Jeśli nie odpowiadam przez 48 godzin, przyślij PW.
STOP ++> trollom, dzieciom neostrady, emo, Forestom, kotożercom i nienawiści [ nie dotyczy wymienionych wcześniej ]
2. Jeśli nie odpowiadam od razu w temacie, to znaczy że mam życie poza internetem. Uszanuj mój dobrowolnie poświęcony czas i nie oczekuj wszystkiego natychmiast. Jeśli nie odpowiadam przez 48 godzin, przyślij PW.
STOP ++> trollom, dzieciom neostrady, emo, Forestom, kotożercom i nienawiści [ nie dotyczy wymienionych wcześniej ]
-
NieWiem - ~user
- Posty: 2183
- Dołączenie: 19 Cze 2009, 17:01
- Miejscowość: Okolice Okolic
- Pochwały: 171
-
Utilbrowsemark - podejrzany proces
przez IceCooLL 11 Cze 2014, 20:19
- Kod: Zaznacz wszystko
Zoek.exe v5.0.0.0 Updated 02-June-2014
Tool run by Ice on 2014-06-09 at 20:37:04,53.
Microsoft Windows XP Professional 5.1.2600 Dodatek Service Pack 3 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Documents and Settings\Ice\Pulpit\zoek.exe [Scan all users] [Script inserted]
==== Older Logs ======================
C:\zoek-results2014-06-06-215522.log 45821 bytes
==== System Restore Info ======================
2014-06-09 20:40:13 Zoek.exe System Restore Point Created Succesfully.
==== Deleting CLSID Registry Keys ======================
==== Deleting CLSID Registry Values ======================
==== Installed Programs ======================
32 Bit HP CIO Components Installer
Adobe Acrobat 5.0
Adobe Flash Player 10 ActiveX
Adobe Flash Player 13 Plugin
Adobe Reader X (10.1.10)
Adobe Shockwave Player 11.6
ALLPlayer V4.X
Angeln 2009
Any Video Converter 2.7.5
Apple Application Support
Apple Software Update
Applian FLV Player
Archiwizator WinRAR
Ask Toolbar
Avanquest update
AviSynth 2.5
Battlefield: Bad Companyt 2
Blitzkrieg
Blitzkrieg: Horyzont w Ogniu i Pomruk Zagady
BrowseMark
BufferChm
BusinessCardsMX 3.96
Call of Duty(R) - World at War(TM) 1.1 Patch
CameraDrivers
CameraReadme
CANYON CN-WCAM21 PC-Camera
CDCheck
ChomikBox
Command & Conquert Red Alertt 3
ConvertHelper 2.2
Copy
CPUID CPU-Z 1.69
DAEMON Tools Toolbar
Destinations
DeviceDiscovery
DeviceManagementQFolder
DJ_AIO_06_F4500_SW_MIN
DVD Solution
Dynamic Energy Saver 1.0 B8.0128.1
Dzielenie i Ączenie plik˘w v1.2.2
Edimax Wireless LAN
ESET Smart Security
eSupportQFolder
F4500
Facebook Messenger 2.1.4814.0
Faktura 1 Plus ver. 5.4.20
Faktury 2011
FIFA 10
FLS-4 Driver Installation
Foto2Avi 2.3
Freez FLV to AVI/MPEG/WMV Converter
Full Tilt Poker
Full Tilt Poker.Eu
Fuse Drivers FPS-xx
Gadu-Gadu 10
Google Chrome
Google Earth Plug-in
Google Update Helper
Governor of Poker
GPBaseService2
Grand Theft Auto IV
GTA San Andreas
High Definition Audio Driver Package - KB888111
Hotfix for Windows Media Format 11 SDK (KB973442)
HP Aparaty fotograficzne Photosmart 9.0
HP Customer cenzura! Program 14.0
HP Deskjet F4500 All-in-One Driver Software 14.0 Rel. 6
HP Imaging Device Functions 14.0
HP Photosmart Essential 2.01
HP Photosmart Essential2.01
HP Smart Web Printing 4.60
HP Solution Center 14.0
HP Update
HPDiagnosticAlert
hpicamDrvQFolder
HPProductAssistant
HPSSupply
InstantShareDevicesMFC
ipla 2.1.5
IrfanView (remove only)
Java 7 Update 51
Java Auto Updater
jetAudio Plus VX
K-Lite Mega Codec Pack 7.9.0
KOBI DEMO
Living 3D Fireplace 2.0
Living Marine Aquarium 2
MarketResearch
Microsoft .NET Framework 2.0 Service Pack 1
Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - PLK
Microsoft .NET Framework 3.0 Service Pack 1
Microsoft .NET Framework 3.0 Service Pack 1 Language Pack - PLK
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft Games for Windows - LIVE
Microsoft Games for Windows - LIVE Redistributable
Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
Microsoft Office Access MUI (Polish) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (Polish) 2007
Microsoft Office Groove MUI (Polish) 2007
Microsoft Office InfoPath MUI (Polish) 2007
Microsoft Office OneNote MUI (Polish) 2007
Microsoft Office Outlook MUI (Polish) 2007
Microsoft Office PowerPoint MUI (Polish) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (German) 2007
Microsoft Office Proof (Polish) 2007
Microsoft Office Proofing (Polish) 2007
Microsoft Office Publisher MUI (Polish) 2007
Microsoft Office Shared MUI (Polish) 2007
Microsoft Office Word MUI (Polish) 2007
Microsoft Office Word Viewer 2003
Microsoft Silverlight
Microsoft Software Update for Web Folders (Polish) 12
Microsoft User-Mode Driver Framework Feature Pack 1.9
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106
Mozilla Firefox 29.0.1 (x86 pl)
Mozilla Maintenance Service
MSVC80_x86_v2
MSVC90_x86
MSXML 6.0 Parser
Multimedia Launcher
myMousePainter
Need for Speedt SHIFT
Nero OEM
Network
NOD32 v3.x FiX 1.1 by TemDono (Free Updates - Expire in 2050)
NOKIA 3806 USB DRIVER Ver:1.5
Nokia Care Suite PST 5.0
Nokia Connectivity Cable Driver
Nokia Ovi Suite
Nokia Ovi Suite Software Updater
Nokia PC Suite
Nokia Software Updater
NVIDIA Drivers
NVIDIA PhysX
ODF Add-in for Microsoft Word
Omnius for SE v0.14
Orban/Coding Technologies AAC/aacPlus Player Plugint 1.0
Ovi Desktop Sync Engine
OviMPlatform
Pakiet sterownik˘w systemu Windows - Nokia Modem (02/25/2011 4.7)
Pakiet sterownik˘w systemu Windows - Nokia Modem (02/25/2011 7.01.0.9)
Pakiet sterownik˘w systemu Windows - Nokia pccsmcfd "LegacyDriver" (05/31/2012 7.1.2.0)
PanoStandAlone
PC Connectivity Solution
PeerGuardian 2.0
PL-2303 USB-to-Serial
PokerStars
Poprawka dla systemu Windows XP (KB932716-v2)
Poprawka dla systemu Windows XP (KB938759)
PowerDVD
PowerProducer
Prawo Jazdy 2009 1.1
Prawo Jazdy ABCDT - egzamin wewn©trzny 3.5
PSSWCORE
QuickTime
Race Driver 3
RaidCall
Rally Trophy
Real Alternative 2.0.2
REALTEK GbE & FE Ethernet PCI-E NIC Driver
Realtek High Definition Audio Driver
Richard Burns Rally
Rockstar Games Social Club
Scan
screenSHU - the fastest screen capture ever.
SCV Transcoding Tool V3.0.0.4
Shop for HP Supplies
Skypet 5.0
SmartWebPrinting
SolutionCenter
Sony Ericsson PC Suite 1.20.224
Sony Ericsson PC Suite 6.009.00
SopCast 3.0.3
Status
STREET FIGHTER IV
swMSM
ToCA Race Driver 2
Tom Clancy's EndWar
Toolbox
TrayApp
Unity Web Player
UnloadSupport
USB Serial Port Driver (x86)
VELUX Aranľacje 3D 1.0
VideoToolkit01
vShare.tv plugin 1.3
Vuze
WebFldrs XP
WebReg
WERSJA DEMONSTRACYJNA FIFA 12
Windows Live ID Sign-in Assistant
Windows Media Format 11 runtime
Windows Mobile Device Updater Component
Windows Presentation Foundation
Windows XP Service Pack 3
WinUSB Drivers x86 ext
World in Conflict: Soviet Assault
World of Tanks
XBCD 360 0.2.5
XML Paper Specification Shared Components Pack 1.0
Xvid 1.2.2 final uninstall
Zune
Zune Language Pack (CHS)
Zune Language Pack (CHT)
Zune Language Pack (CSY)
Zune Language Pack (DAN)
Zune Language Pack (DEU)
Zune Language Pack (ELL)
Zune Language Pack (ESP)
Zune Language Pack (FIN)
Zune Language Pack (FRA)
Zune Language Pack (HUN)
Zune Language Pack (IND)
Zune Language Pack (ITA)
Zune Language Pack (JPN)
Zune Language Pack (KOR)
Zune Language Pack (MSL)
Zune Language Pack (NLD)
Zune Language Pack (NOR)
Zune Language Pack (PLK)
Zune Language Pack (PTB)
Zune Language Pack (PTG)
Zune Language Pack (RUS)
Zune Language Pack (SVE)
==== Running Processes ======================
C:\windows\System32\smss.exe
C:\windows\system32\csrss.exe
C:\windows\system32\winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\spoolsv.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\windows\system32\nvsvc32.exe
C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
C:\windows\Explorer.EXE
C:\windows\system32\PnkBstrA.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Zune\ZuneBusEnum.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\windows\system32\FLSDEVCP.EXE
D:\Programy\deamon tools\DAEMON Tools Lite\daemon.exe
C:\windows\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\windows\System32\alg.exe
C:\windows\system32\wscntfy.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Ice\Pulpit\zoek.exe
C:\windows\System32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k WudfServiceGroup
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k hpdevmgmt
C:\windows\system32\svchost.exe -k HPService
C:\windows\System32\svchost.exe -k HPZ12
C:\windows\System32\svchost.exe -k HPZ12
C:\windows\system32\svchost.exe -k imgsvc
==== Services (whitelist) ======================
Powered by [url=http://www.antimalwarehelp.be/EDev/]E Dev[/url]
R2 - [JavaQuickStarterService] - Java Quick Starter - "C:\Program Files\Java\jre7\bin\jqs.exe" -service -config "C:\Program Files\Java\jre7\lib\deploy\jqs\jqs.conf"
R2 - [NVSvc] - NVIDIA Display Driver Service - C:\windows\system32\nvsvc32.exe
R2 - [PnkBstrA] - PnkBstrA - C:\windows\system32\PnkBstrA.exe
R2 - [wlidsvc] - Windows Live ID Sign-in Assistant - "C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
R3 - [ALG] - Usługa bramy warstwy aplikacji - C:\windows\System32\alg.exe
S2 - [clr_optimization_v4.0.30319_32] - Microsoft .NET Framework NGEN v4.0.30319_X86 - C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
S2 - [gupdate] - Usługa Google Update (gupdate) - "C:\Program Files\Google\Update\GoogleUpdate.exe" /svc
S3 - [AdobeFlashPlayerUpdateSvc] - Adobe Flash Player Update Service - C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
S3 - [aspnet_state] - ASP.NET State Service - C:\windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
S3 - [clr_optimization_v2.0.50727_32] - .NET Runtime Optimization Service v2.0.50727_X86 - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
S3 - [COMSysApp] - Aplikacja systemowa modelu COM+ - C:\WINDOWS\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}
S3 - [EhttpSrv] - Eset HTTP Server - "C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe"
S3 - [FontCache3.0.0.0] - Windows Presentation Foundation Font Cache 3.0.0.0 - C:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
S3 - [gupdatem] - Usługa Google Update (gupdatem) - "C:\Program Files\Google\Update\GoogleUpdate.exe" /medsvc
S3 - [ImapiService] - Usługa COM nagrywania dysków CD IMAPI - C:\WINDOWS\system32\imapi.exe
S3 - [Microsoft Office Groove Audit Service] - Microsoft Office Groove Audit Service - "C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe"
S3 - [MozillaMaintenance] - Mozilla Maintenance Service - "C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe"
S3 - [MSDTC] - Distributed Transaction Coordinator - C:\WINDOWS\system32\msdtc.exe
S3 - [odserv] - Microsoft Office Diagnostics Service - "C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE"
S3 - [ose] - Office Source Engine - "C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE"
S3 - [RDSessMgr] - MenedĹĽer sesji pomocy pulpitu zdalnego - C:\WINDOWS\system32\sessmgr.exe
S3 - [RpcLocator] - Lokalizator usługi zdalnego wywołania procedury (RPC) - C:\windows\system32\locator.exe
S3 - [RSVP] - QoS RSVP - C:\windows\system32\rsvp.exe
S3 - [SwPrv] - MS Software Shadow Copy Provider - C:\WINDOWS\system32\dllhost.exe /Processid:{E55CF835-8756-43CD-AFA1-9E5BECE806C4}
S3 - [SysmonLog] - Dzienniki wydajności i alerty - C:\windows\system32\smlogsvc.exe
S3 - [UPS] - Zasilacz awaryjny (UPS) - C:\windows\System32\ups.exe
S3 - [VSS] - Kopiowanie woluminĂłw w tle - C:\windows\System32\vssvc.exe
S3 - [WmiApSrv] - Karta wydajności WMI - C:\WINDOWS\system32\wbem\wmiapsrv.exe
S3 - [WMZuneComm] - Zune Windows Mobile Connectivity Service - "C:\Program Files\Zune\WMZuneComm.exe"
S3 - [WPFFontCache_v0400] - Windows Presentation Foundation Font Cache 4.0.0.0 - C:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
S3 - [ZuneNetworkSvc] - Zune Network Sharing Service - "C:\Program Files\Zune\ZuneNss.exe"
S3 - [ZuneWlanCfgSvc] - Zune Wireless Configuration Service - "C:\Program Files\Zune\ZuneWlanCfgSvc.exe"
S4 - [ClipSrv] - ClipBook - C:\windows\system32\clipsrv.exe
S4 - [TlntSvr] - Telnet - C:\WINDOWS\system32\tlntsvr.exe
==== Deleting Services ======================
==== Registry Fix Code ======================
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ApnTBMon"=-
==== Deleting Files \ Folders ======================
C:\Program Files\BrowseMark not found
C:\Program Files\AskPartnerNetwork not found
"C:\windows\Installer\21f71.msi" deleted
==== System Specs ======================
Windows: Windows XP Professional Dodatek Service Pack 3 (Build 2600)
Memory (RAM): 3583 MB
CPU Info: Intel(R) Core(TM)2 Duo CPU E4600 @ 2.40GHz
CPU Speed: 2398,1 MHz
Sound Card: Realtek HD Audio output |
Display Adapters: NVIDIA GeForce 9600 GT | NVIDIA GeForce 9600 GT | NetMeeting driver | RDPDD Chained DD
Monitors: 2x; Monitor domyślny | Monitor domyślny |
Screen Resolution: 1440 X 900 - 32 bit
Network: Network Present
Network Adapters: Karta Realtek RTL8139 Family PCI Fast Ethernet NIC #2 - Sterownik miniport Harmonogramu pakietów | Realtek RTL8168/8111 PCI-E Gigabit Ethernet NIC - Sterownik miniport Harmonogramu pakietów
CD / DVD Drives: 2x (F: | H: | ) F: HL-DT-STDVDRAM GSA-4167B | H: NMHM 9YZO5QVWT
Ports: COM1 | COM3 LPT1
Mouse: 5 Button Wheel Mouse Present
Hard Disks: C: 48,8GB | D: 195,3GB | E: 221,6GB
Hard Disks - Free: C: 11,0GB | D: 147,4GB | E: 11,8GB
Manufacturer *: Award Software International, Inc.
BIOS Info: AT/AT COMPATIBLE | 04/09/08 | GBT - 42302e31
Time Zone: Środkowoeuropejski czas stand.
Motherboard *: Gigabyte Technology Co., Ltd. EP31-DS3L
Country: Polska
Language: PLK
==== System Specs (Software) ======================
Anti-Virus: ESET Smart Security 3.0 On-access scanning disabled (Updated)
Firewall: ESET Personal firewall enabled
Default Browser: Firefox 29.0.1
Internet Explorer version: 6.0.2900.5512
Mozilla Firefox version: 29.0.1 (x86 pl)
Google Chrome version: 35.0.1916.114
Adobe Reader version: 10.1.10.18
Sun Java version: 1.7.0_51 (32-bit)
Flash Player version: 13.0.0.214
Shockwave Player version: 11.6.8r638
==== Startup Registry Enabled ======================
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE"
[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE"
[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE"
[HKEY_USERS\S-1-5-21-117609710-220523388-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="D:\Programy\deamon tools\DAEMON Tools Lite\daemon.exe -autorun"
"ctfmon.exe"="C:\windows\system32\ctfmon.exe"
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe /background"
[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="RUNDLL32.EXE C:\windows\system32\NvCpl.dll,NvStartup"
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe -atboottime"
"GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
"egui"="C:\Program Files\ESET\ESET Smart Security\egui.exe /hide /waitservice"
"Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"nwiz"="nwiz.exe /install"
"NvMediaCenter"="RUNDLL32.EXE C:\windows\system32\NvMcTray.dll,NvTaskbarInit"
"FLSDeviceControlPanel"="C:\windows\system32\FLSDEVCP.EXE"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"WIAWizardMenu"="RUNDLL32.EXE C:\windows\system32\sti_ci.dll,WiaCreateWizardMenu"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="D:\Programy\deamon tools\DAEMON Tools Lite\daemon.exe -autorun"
"ctfmon.exe"="C:\windows\system32\ctfmon.exe"
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe /background"
==== Task Scheduler Jobs ======================
C:\windows\tasks\Adobe Flash Player Updater.job --a------ C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-14 20:38]
C:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-117609710-220523388-725345543-1003Core.job --a------ C:\Documents and Settings\Ice\Ustawienia lokalne\Dane aplikacji\Facebook\Update\FacebookUpdate.exe [2013-07-17 23:12]
C:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-117609710-220523388-725345543-1003UA.job --a------ C:\Documents and Settings\Ice\Ustawienia lokalne\Dane aplikacji\Facebook\Update\FacebookUpdate.exe [2013-07-17 23:12]
C:\windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [2011-09-05 21:51]
C:\windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [2011-09-05 21:51]
==== Firefox Extensions Registry ======================
[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}"="C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension" [2011-11-04 00:28]
[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]
"smartwebprinting@hp.com"="C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3" [2010-10-26 19:49]
==== Firefox Extensions ======================
ProfilePath: C:\Documents and Settings\Ice\Dane aplikacji\Mozilla\Firefox\Profiles\8r6c3ngw.default
- Adblock Plus Pop-up Addon - %ProfilePath%\extensions\adblockpopups@jessehakanen.net.xpi
- Twojanuta.pl - %ProfilePath%\extensions\zacz3k@gmail.com.xpi
- Zrzuta - %ProfilePath%\extensions\zrzuta@klachoo.net.xpi
- Easy YouTube Video Downloader - %ProfilePath%\extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}.xpi
- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
- Greasemonkey - %ProfilePath%\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
AppDir: C:\Program Files\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
==== Firefox Plugins ======================
Profilepath: C:\Documents and Settings\Ice\Dane aplikacji\Mozilla\Firefox\Profiles\8r6c3ngw.default
A58DE0A570148AF5FF3512B2A340D09F - C:\windows\system32\Macromed\Flash\NPSWF32_13_0_0_214.dll - Shockwave Flash
785105A23650755A8F7A72405EB0D923 - C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll - Google Update
1E5E8C84DE796A01D1D46E3A660690F1 - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll - Adobe Acrobat
F055C91A961601B8D50EF2976145AEE6 - C:\Program Files\Adobe\Reader 10.0\Reader\browser\nppdf32.dll - Adobe Acrobat
492100C9050D4B6A10EAB7F3AE60A552 - C:\Documents and Settings\Ice\Dane aplikacji\raidcall\plugins\nprcplugin.dll - Raidcall plugin
A9191AE22A8F1287B5E2DF33E3A57253 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll - Java(TM) Platform SE 7 U51
9B10927CFD0F7AD39E40C0E34005B1AD - C:\windows\system32\npdeployJava1.dll - Java Deployment Toolkit 7.0.510.13
5B92CB0A3EEE50F6B9AE036B4F9B0F0C - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll - Google Earth Plugin
BE501CBC29B2025A263D80D399F1797A - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll - Silverlight Plug-In
2BF85B6162528E0635DD8D632EB975C8 - C:\Documents and Settings\Ice\Ustawienia lokalne\Dane aplikacji\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll - Facebook Desktop
6846D2CA7E1D5937AEE3F99BB7F5464B - C:\windows\system32\Adobe\Director\np32dsw_1168638.dll - Shockwave for Director / Shockwave for Director
A63259925ADB2A1181C712513EBFB8ED - C:\Documents and Settings\Ice\Ustawienia lokalne\Dane aplikacji\Unity\WebPlayer\loader\npUnity3D32.dll - Unity Player
9FFB7CAAC852830BF6FAAB0FF5FC283C - C:\Program Files\QuickTime\Plugins\npqtplugin7.dll - QuickTime Plug-in 7.6.9
51AC7D4C4129EB8080096EB8586939BB - C:\Program Files\QuickTime\Plugins\npqtplugin6.dll - QuickTime Plug-in 7.6.9
9852A04E9509253981402C04273F79B2 - C:\Program Files\QuickTime\Plugins\npqtplugin5.dll - QuickTime Plug-in 7.6.9
DC06C3FAC1802384CA4BD0675C0603AC - C:\Program Files\QuickTime\Plugins\npqtplugin4.dll - QuickTime Plug-in 7.6.9
355E8E89E72BBEDF8E15EE3395CABF9E - C:\Program Files\QuickTime\Plugins\npqtplugin3.dll - QuickTime Plug-in 7.6.9
759719E8E0BC097DD59776CA26E81C3E - C:\Program Files\QuickTime\Plugins\npqtplugin2.dll - QuickTime Plug-in 7.6.9
A47E6D797682DDD0A8E6DEAA1C121861 - C:\Program Files\QuickTime\Plugins\npqtplugin.dll - QuickTime Plug-in 7.6.9
8E2810B436C017FBAD000FE6DD032462 - C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10\_userdata\npgg.4.dll - Gadu-Gadu Plug-in
65FB4909BD29CAAA81FDC69AD21BB905 - C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll - RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit)
01F0264937036BD962563F1ADF35CE72 - C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll - RealPlayer Version Plugin
65FB4909BD29CAAA81FDC69AD21BB905 - C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10\_userdata\nppl3260.dll - RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit)
01F0264937036BD962563F1ADF35CE72 - C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10\_userdata\nprpjplug.dll - RealPlayer Version Plugin
7E90EAF7A60086E42240BECA3F825B2C - C:\Program Files\Windows Media Player\npdrmv2.dll - Microsoft® DRM
4BDD23910B5A3ED085D865D06B92D8F1 - C:\Program Files\Windows Media Player\npdsplay.dll - Windows Media Player Plug-in Dynamic Link Library
4ED9C02D6916DD1DBD3EFB338E36F312 - C:\Program Files\Windows Media Player\npwmsdrm.dll - Microsoft® DRM
B27CCB1168B1960AEC6E9D3E0E0F0D2A - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrlui.dll - Microsoft® Silverlight
86EBC55E707A905C20A7924BC79E20C4 - C:\windows\system32\npptools.dll - System operacyjny Microsoft® Windows®
==== Chrome Look ======================
YouTube - Ice\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Ice\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Gmail - Ice\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} @ieframe.dll,-12512 Url="http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"
==== Deleting Registry Keys ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\D2A425F47365A600677A7A857BC0C020 deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{4F524A2D-5637-006A-76A7-A758B70C0C02} deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\BrowseMark deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\D2A425F47365A600677A7A857BC0C020 deleted successfully
==== Silent Runners ======================
"Silent Runners.vbs", revision 69.2, http://www.silentrunners.org/
Output limited to non-default values, except where indicated by "{++}"
Startup items buried in registry:
---------------------------------
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\ {++}
DAEMON Tools Lite = "D:\Programy\deamon tools\DAEMON Tools Lite\daemon.exe" -autorun [DT Soft Ltd]
ctfmon.exe = C:\windows\system32\ctfmon.exe [MS]
MSMSGS = "C:\Program Files\Messenger\msmsgs.exe" /background [MS]
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ {++}
NvCplDaemon = RUNDLL32.EXE C:\windows\system32\NvCpl.dll,NvStartup [MS]
QuickTime Task = "C:\Program Files\QuickTime\QTTask.exe" -atboottime [Apple Inc.]
GrooveMonitor = "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" [MS]
egui = "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice [ESET]
Adobe ARM = "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [Adobe Systems Incorporated]
nwiz = nwiz.exe /install [NVIDIA Corporation]
NvMediaCenter = RUNDLL32.EXE C:\windows\system32\NvMcTray.dll,NvTaskbarInit [MS]
FLSDeviceControlPanel = C:\windows\system32\FLSDEVCP.EXE [null data]
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce\ {++}
WIAWizardMenu = RUNDLL32.EXE C:\windows\system32\sti_ci.dll,WiaCreateWizardMenu [MS]
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
{0347C33E-8762-4905-BF09-768834316C61}\(Default) = HP Print Enhancer
-> {HKLM...CLSID} = HP Print Enhancer
\InProcServer32\(Default) = C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [Hewlett-Packard Co.]
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}\(Default) = (no title provided)
-> {HKLM...CLSID} = Adobe PDF Reader Link Helper
\InProcServer32\(Default) = C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [Adobe Systems Incorporated]
{72853161-30C5-4D22-B7F9-0BBC1D38A37E}\(Default) = (no title provided)
-> {HKLM...CLSID} = Groove GFS Browser Helper
\InProcServer32\(Default) = C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL [MS]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\(Default) = (no title provided)
-> {HKLM...CLSID} = Java(tm) Plug-In SSV Helper
\InProcServer32\(Default) = C:\Program Files\Java\jre7\bin\ssv.dll [Oracle Corporation]
{9030D464-4C02-4ABF-8ECC-5164760863C6}\(Default) = (no title provided)
-> {HKLM...CLSID} = Windows Live ID Sign-in Helper
\InProcServer32\(Default) = C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [MS]
{DBC80044-A445-435b-BC74-9C25C1C588A9}\(Default) = (no title provided)
-> {HKLM...CLSID} = Java(tm) Plug-In 2 SSV Helper
\InProcServer32\(Default) = C:\Program Files\Java\jre7\bin\jp2ssv.dll [Oracle Corporation]
{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}\(Default) = HP Smart BHO Class
-> {HKLM...CLSID} = HP Smart BHO Class
\InProcServer32\(Default) = C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [Hewlett-Packard Co.]
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\
Groove Explorer Icon Overlay 1 (GFS Unread Stub)\(Default) = {99FD978C-D287-4F50-827F-B2C658EDA8E7}
-> {HKLM...CLSID} = Groove Explorer Icon Overlay 1 (GFS Unread Stub)
\InProcServer32\(Default) = C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL [MS]
Groove Explorer Icon Overlay 2 (GFS Stub)\(Default) = {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC}
-> {HKLM...CLSID} = Groove Explorer Icon Overlay 2 (GFS Stub)
\InProcServer32\(Default) = C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL [MS]
Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)\(Default) = {920E6DB1-9907-4370-B3A0-BAFC03D81399}
-> {HKLM...CLSID} = Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)
\InProcServer32\(Default) = C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL [MS]
Groove Explorer Icon Overlay 3 (GFS Folder)\(Default) = {16F3DD56-1AF5-4347-846D-7C10C4192619}
-> {HKLM...CLSID} = Groove Explorer Icon Overlay 3 (GFS Folder)
\InProcServer32\(Default) = C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL [MS]
Groove Explorer Icon Overlay 4 (GFS Unread Mark)\(Default) = {2916C86E-86A6-43FE-8112-43ABE6BF8DCC}
-> {HKLM...CLSID} = Groove Explorer Icon Overlay 4 (GFS Unread Mark)
\InProcServer32\(Default) = C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL [MS]
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\
{42071714-76d4-11d1-8b24-00a0c9068ff3} = Rozszerzenie CPL kadrowania wywietlania
-> {HKLM...CLSID} = Rozszerzenie CPL kadrowania wywietlania
\InProcServer32\(Default) = deskpan.dll [file not found]
{88895560-9AA2-1069-930E-00AA0030EBC8} = Rozszerzenie ikony HyperTerminalu
-> {HKLM...CLSID} = HyperTerminal Icon Ext
\InProcServer32\(Default) = C:\WINDOWS\system32\hticons.dll [Hilgraeve, Inc.]
{A70C977A-BF00-412C-90B7-034C51DA2439} = NvCpl DesktopContext Class
-> {HKLM...CLSID} = DesktopContext Class
\InProcServer32\(Default) = C:\windows\system32\nvcpl.dll [NVIDIA Corporation]
{1CDB2949-8F65-4355-8456-263E7C208A5D} = Desktop Explorer
-> {HKLM...CLSID} = Desktop Explorer
\InProcServer32\(Default) = C:\windows\system32\nvshell.dll [NVIDIA Corporation]
{1E9B04FB-F9E5-4718-997B-B8DA88302A47} = Desktop Explorer Menu
-> {HKLM...CLSID} = (no title provided)
\InProcServer32\(Default) = C:\windows\system32\nvshell.dll [NVIDIA Corporation]
{1E9B04FB-F9E5-4718-997B-B8DA88302A48} = nView Desktop Context Menu
-> {HKLM...CLSID} = nView Desktop Context Menu
\InProcServer32\(Default) = C:\windows\system32\nvshell.dll [NVIDIA Corporation]
{B41DB860-8EE4-11D2-9906-E49FADC173CA} = WinRAR shell extension
-> {HKLM...CLSID} = WinRAR
\InProcServer32\(Default) = D:\Programy\Wrar\rarext.dll [null data]
{72853161-30C5-4D22-B7F9-0BBC1D38A37E} = Groove GFS Browser Helper
-> {HKLM...CLSID} = Groove GFS Browser Helper
\InProcServer32\(Default) = C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL [MS]
{2A541AE1-5BF6-4665-A8A3-CFA9672E4291} = Groove GFS Explorer Bar
-> {HKLM...CLSID} = Groove Folder Synchronization
\InProcServer32\(Default) = C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL [MS]
{A449600E-1DC6-4232-B948-9BD794D62056} = Groove GFS Stub Icon Handler
-> {HKLM...CLSID} = Groove GFS Stub Icon Handler
\InProcServer32\(Default) = C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL [MS]
{B5A7F190-DDA6-4420-B3BA-52453494E6CD} = Groove GFS Stub Execution Hook
-> {HKLM...CLSID} = Groove GFS Stub Execution Hook
\InProcServer32\(Default) = C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL [MS]
{6C467336-8281-4E60-8204-430CED96822D} = Groove GFS Context Menu Handler
-> {HKLM...CLSID} = Groove GFS Context Menu Handler
\InProcServer32\(Default) = C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL [MS]
{387E725D-DC16-4D76-B310-2C93ED4752A0} = Groove XML Icon Handler
-> {HKLM...CLSID} = Groove XML Icon Handler
\InProcServer32\(Default) = C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL [MS]
{16F3DD56-1AF5-4347-846D-7C10C4192619} = Groove Explorer Icon Overlay 3 (GFS Folder)
-> {HKLM...CLSID} = Groove Explorer Icon Overlay 3 (GFS Folder)
\InProcServer32\(Default) = C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL [MS]
{AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} = Groove Explorer Icon Overlay 2 (GFS Stub)
-> {HKLM...CLSID} = Groove Explorer Icon Overlay 2 (GFS Stub)
\InProcServer32\(Default) = C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL [MS]
{2916C86E-86A6-43FE-8112-43ABE6BF8DCC} = Groove Explorer Icon Overlay 4 (GFS Unread Mark)
-> {HKLM...CLSID} = Groove Explorer Icon Overlay 4 (GFS Unread Mark)
\InProcServer32\(Default) = C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL [MS]
{99FD978C-D287-4F50-827F-B2C658EDA8E7} = Groove Explorer Icon Overlay 1 (GFS Unread Stub)
-> {HKLM...CLSID} = Groove Explorer Icon Overlay 1 (GFS Unread Stub)
\InProcServer32\(Default) = C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL [MS]
{920E6DB1-9907-4370-B3A0-BAFC03D81399} = Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)
-> {HKLM...CLSID} = Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)
\InProcServer32\(Default) = C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL [MS]
{0006F045-0000-0000-C000-000000000046} = Microsoft Office Outlook Custom Icon Handler
-> {HKLM...CLSID} = Outlook File Icon Extension
\InProcServer32\(Default) = C:\PROGRA~1\MICROS~3\Office12\OLKFSTUB.DLL [MS]
{00020D75-0000-0000-C000-000000000046} = Microsoft Office Outlook Desktop Icon Handler
-> {HKLM...CLSID} = Microsoft Office Outlook
\InProcServer32\(Default) = C:\PROGRA~1\MICROS~3\Office12\MLSHEXT.DLL [MS]
{5858A72C-C2B4-4dd7-B2BF-B76DB1BD9F6C} = Microsoft Office OneNote Namespace Extension for Windows Desktop Search
-> {HKLM...CLSID} = Microsoft Office OneNote Namespace Extension for Windows Desktop Search
\InProcServer32\(Default) = C:\PROGRA~1\MICROS~3\Office12\ONFILTER.DLL [MS]
{42042206-2D85-11D3-8CFF-005004838597} = Microsoft Office HTML Icon Handler
-> {HKLM...CLSID} = (no title provided)
\InProcServer32\(Default) = C:\Program Files\Microsoft Office\Office12\msohevi.dll [MS]
{993BE281-6695-4BA5-8A2A-7AACBFAAB69E} = Microsoft Office Metadata Handler
-> {HKLM...CLSID} = Microsoft Office Metadata Handler
\InProcServer32\(Default) = C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll [MS]
{C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} = Microsoft Office Thumbnail Handler
-> {HKLM...CLSID} = Microsoft Office Thumbnail Handler
\InProcServer32\(Default) = C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll [MS]
{B089FE88-FB52-11D3-BDF1-0050DA34150D} = Eset Smart Security - Context Menu Shell Extension
-> {HKLM...CLSID} = Eset Smart Security - Context Menu Shell Extension
\InProcServer32\(Default) = C:\Program Files\ESET\ESET Smart Security\shellExt.dll [ESET]
{A5110426-177D-4e08-AB3F-785F10B4439C} = Sony Ericsson File Manager
-> {HKLM...CLSID} = Sony Ericsson File Manager
\InProcServer32\(Default) = C:\Program Files\Sony Ericsson\Mobile2\File Manager\fmgrgui.dll [Sony Ericsson Mobile Communications AB]
{8D1636FD-CA49-4B4E-90E4-0A20E03A15E8} = jetAudio
-> {HKLM...CLSID} = JetFlExt Class
\InProcServer32\(Default) = D:\Programy\JetAudio\JetFlExt.dll [JetAudio]
{416651E4-9C3C-11D9-8BDE-F66BAD1E3F3A} = Nokia Phone Browser
-> {HKLM...CLSID} = Nokia Phone Browser
\InProcServer32\(Default) = C:\Program Files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll [Nokia]
{FFB699E0-306A-11d3-8BD1-00104B6F7516} = Play on my TV helper
-> {HKLM...CLSID} = NVIDIA CPL Extension
\InProcServer32\(Default) = C:\windows\system32\nvcpl.dll [NVIDIA Corporation]
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\
<<!>> {B5A7F190-DDA6-4420-B3BA-52453494E6CD} = Groove GFS Stub Execution Hook
-> {HKLM...CLSID} = Groove GFS Stub Execution Hook
\InProcServer32\(Default) = C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL [MS]
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\
<<!>> AtiExtEvent\DLLName = Ati2evxx.dll [ATI Technologies Inc.]
HKLM\SOFTWARE\Classes\PROTOCOLS\Filter\
<<!>> text/xml\CLSID = {807563E5-5146-11D5-A672-00B0D022E945}
-> {HKLM...CLSID} = Microsoft Office InfoPath XML Mime Filter
\InProcServer32\(Default) = C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL [MS]
HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\
<<!>> grooveLocalGWS\CLSID = {88FED34C-F0CA-4636-A375-3CB6248B04CD}
-> {HKLM...CLSID} = Local Groove Web Services Protocol
\InProcServer32\(Default) = C:\PROGRA~1\MICROS~3\Office12\GR99D3~1.DLL [MS]
<<!>> ms-help\CLSID = {314111c7-a502-11d2-bbca-00c04f8ec294}
-> {HKLM...CLSID} = HxProtocol Class
\InProcServer32\(Default) = C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll [MS]
<<!>> skype4com\CLSID = {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D}
-> {HKLM...CLSID} = IEProtocolHandler Class
\InProcServer32\(Default) = C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL [Skype Technologies]
HKLM\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\
Eset Smart Security - Context Menu Shell Extension\(Default) = {B089FE88-FB52-11D3-BDF1-0050DA34150D}
-> {HKLM...CLSID} = Eset Smart Security - Context Menu Shell Extension
\InProcServer32\(Default) = C:\Program Files\ESET\ESET Smart Security\shellExt.dll [ESET]
WinRAR\(Default) = {B41DB860-8EE4-11D2-9906-E49FADC173CA}
-> {HKLM...CLSID} = WinRAR
\InProcServer32\(Default) = D:\Programy\Wrar\rarext.dll [null data]
XXX Groove GFS Context Menu Handler XXX\(Default) = {6C467336-8281-4E60-8204-430CED96822D}
-> {HKLM...CLSID} = Groove GFS Context Menu Handler
\InProcServer32\(Default) = C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL [MS]
HKLM\SOFTWARE\Classes\AllFilesystemObjects\shellex\ContextMenuHandlers\
jetAudio\(Default) = {8D1636FD-CA49-4B4E-90E4-0A20E03A15E8}
-> {HKLM...CLSID} = JetFlExt Class
\InProcServer32\(Default) = D:\Programy\JetAudio\JetFlExt.dll [JetAudio]
XXX Groove GFS Context Menu Handler XXX\(Default) = {6C467336-8281-4E60-8204-430CED96822D}
-> {HKLM...CLSID} = Groove GFS Context Menu Handler
\InProcServer32\(Default) = C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL [MS]
HKLM\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\
WinRAR\(Default) = {B41DB860-8EE4-11D2-9906-E49FADC173CA}
-> {HKLM...CLSID} = WinRAR
\InProcServer32\(Default) = D:\Programy\Wrar\rarext.dll [null data]
XXX Groove GFS Context Menu Handler XXX\(Default) = {6C467336-8281-4E60-8204-430CED96822D}
-> {HKLM...CLSID} = Groove GFS Context Menu Handler
\InProcServer32\(Default) = C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL [MS]
HKLM\SOFTWARE\Classes\Directory\shellex\CopyHookHandlers\
Nokia\(Default) = {416651E4-9C3C-11D9-8BDE-F66BAD1E3F3A}
-> {HKLM...CLSID} = Nokia Phone Browser
\InProcServer32\(Default) = C:\Program Files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll [Nokia]
HKLM\SOFTWARE\Classes\Directory\shellex\DragDropHandlers\
A5110426-177D-4e08-AB3F-785F10B4439C\(Default) = {A5110426-177D-4e08-AB3F-785F10B4439C}
-> {HKLM...CLSID} = Sony Ericsson File Manager
\InProcServer32\(Default) = C:\Program Files\Sony Ericsson\Mobile2\File Manager\fmgrgui.dll [Sony Ericsson Mobile Communications AB]
WinRAR\(Default) = {B41DB860-8EE4-11D2-9906-E49FADC173CA}
-> {HKLM...CLSID} = WinRAR
\InProcServer32\(Default) = D:\Programy\Wrar\rarext.dll [null data]
HKLM\SOFTWARE\Classes\Directory\Background\shellex\ContextMenuHandlers\
00nView\(Default) = {1E9B04FB-F9E5-4718-997B-B8DA88302A48}
-> {HKLM...CLSID} = nView Desktop Context Menu
\InProcServer32\(Default) = C:\windows\system32\nvshell.dll [NVIDIA Corporation]
NvCplDesktopContext\(Default) = {A70C977A-BF00-412C-90B7-034C51DA2439}
-> {HKLM...CLSID} = DesktopContext Class
\InProcServer32\(Default) = C:\windows\system32\nvcpl.dll [NVIDIA Corporation]
XXX Groove GFS Context Menu Handler XXX\(Default) = {6C467336-8281-4E60-8204-430CED96822D}
-> {HKLM...CLSID} = Groove GFS Context Menu Handler
\InProcServer32\(Default) = C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL [MS]
HKLM\SOFTWARE\Classes\Folder\shellex\ColumnHandlers\
{F9DB5320-233E-11D1-9F84-707F02C10627}\(Default) = PDF Column Info
-> {HKLM...CLSID} = PDF Shell Extension
\InProcServer32\(Default) = C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll [Adobe Systems, Inc.]
HKLM\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\
Eset Smart Security - Context Menu Shell Extension\(Default) = {B089FE88-FB52-11D3-BDF1-0050DA34150D}
-> {HKLM...CLSID} = Eset Smart Security - Context Menu Shell Extension
\InProcServer32\(Default) = C:\Program Files\ESET\ESET Smart Security\shellExt.dll [ESET]
jetAudio\(Default) = {8D1636FD-CA49-4B4E-90E4-0A20E03A15E8}
-> {HKLM...CLSID} = JetFlExt Class
\InProcServer32\(Default) = D:\Programy\JetAudio\JetFlExt.dll [JetAudio]
WinRAR\(Default) = {B41DB860-8EE4-11D2-9906-E49FADC173CA}
-> {HKLM...CLSID} = WinRAR
\InProcServer32\(Default) = D:\Programy\Wrar\rarext.dll [null data]
XXX Groove GFS Context Menu Handler XXX\(Default) = {6C467336-8281-4E60-8204-430CED96822D}
-> {HKLM...CLSID} = Groove GFS Context Menu Handler
\InProcServer32\(Default) = C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL [MS]
HKLM\SOFTWARE\Classes\Folder\shellex\DragDropHandlers\
A5110426-177D-4e08-AB3F-785F10B4439C\(Default) = {A5110426-177D-4e08-AB3F-785F10B4439C}
-> {HKLM...CLSID} = Sony Ericsson File Manager
\InProcServer32\(Default) = C:\Program Files\Sony Ericsson\Mobile2\File Manager\fmgrgui.dll [Sony Ericsson Mobile Communications AB]
WinRAR\(Default) = {B41DB860-8EE4-11D2-9906-E49FADC173CA}
-> {HKLM...CLSID} = WinRAR
\InProcServer32\(Default) = D:\Programy\Wrar\rarext.dll [null data]
Active Desktop and Wallpaper:
-----------------------------
Active Desktop may be disabled at this entry:
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellState
Displayed if Active Desktop enabled and wallpaper not set by Group Policy:
HKCU\Software\Microsoft\Internet Explorer\Desktop\General\
Wallpaper = C:\windows\system32\config\systemprofile\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
Displayed if Active Desktop disabled and wallpaper not set by Group Policy:
HKCU\Control Panel\Desktop\
Wallpaper = C:\Documents and Settings\Ice\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
Enabled Screen Saver:
---------------------
HKCU\Control Panel\Desktop\
SCRNSAVE.EXE = C:\windows\system32\ssmypics.scr [MS]
Windows Portable Device AutoPlay Handlers
-----------------------------------------
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\
HPAutoplayPSE\
Provider = HP Photosmart Essential 2.01
InvokeProgID = HpqPSApl.Autoplay
InvokeVerb = Play
HKLM\SOFTWARE\Classes\HpqPSApl.Autoplay\shell\Play\DropTarget\CLSID = {A6873065-D632-4615-A3A9-C5F05EE109C1}
-> {HKLM...CLSID} = (no title provided)
\LocalServer32\(Default) = C:\Program Files\HP\Digital Imaging\bin\HpqPsApl.exe [Hewlett-Packard]
JABurnCDAudioOnArrival\
Provider = jetAudio
InvokeProgID = jetAudio.MediaHandler
InvokeVerb = burncd
HKLM\SOFTWARE\Classes\jetAudio.MediaHandler\shell\burncd\command\(Default) = "D:\Programy\JetAudio\jetAudio.exe" /burncd "%1" [JetAudio, Inc.]
JACreateAlbumOnArrival\
Provider = jetAudio
InvokeProgID = jetAudio.MediaHandler
InvokeVerb = createalbum
HKLM\SOFTWARE\Classes\jetAudio.MediaHandler\shell\createalbum\command\(Default) = "D:\Programy\JetAudio\jetAudio.exe" /createalbum "%1" [JetAudio, Inc.]
JAPlayCDAudioOnArrival\
Provider = jetAudio
InvokeProgID = jetAudio.MediaHandler
InvokeVerb = playcd
HKLM\SOFTWARE\Classes\jetAudio.MediaHandler\shell\playcd\command\(Default) = "D:\Programy\JetAudio\jetAudio.exe" /playcd "%1" [JetAudio, Inc.]
JAPlayDVDMovieOnArrival\
Provider = jetAudio
InvokeProgID = jetAudio.MediaHandler
InvokeVerb = playdvd
HKLM\SOFTWARE\Classes\jetAudio.MediaHandler\shell\playdvd\command\(Default) = "D:\Programy\JetAudio\jetAudio.exe" /playdvd "%1" [JetAudio, Inc.]
JAPlayMediaOnArrival\
Provider = jetAudio
InvokeProgID = jetAudio.MediaHandler
InvokeVerb = playmedia
HKLM\SOFTWARE\Classes\jetAudio.MediaHandler\shell\playmedia\DropTarget\CLSID = {8D1636FD-CA49-4B4E-90E4-0A20E03A15E8}
-> {HKLM...CLSID} = JetFlExt Class
\InProcServer32\(Default) = D:\Programy\JetAudio\JetFlExt.dll [JetAudio]
JAPlaySVCDMovieOnArrival\
Provider = jetAudio
InvokeProgID = jetAudio.MediaHandler
InvokeVerb = playvcd
HKLM\SOFTWARE\Classes\jetAudio.MediaHandler\shell\playvcd\command\(Default) = "D:\Programy\JetAudio\jetAudio.exe" /playvcd "%1" [JetAudio, Inc.]
JAPlayVCDMovieOnArrival\
Provider = jetAudio
InvokeProgID = jetAudio.MediaHandler
InvokeVerb = playvcd
HKLM\SOFTWARE\Classes\jetAudio.MediaHandler\shell\playvcd\command\(Default) = "D:\Programy\JetAudio\jetAudio.exe" /playvcd "%1" [JetAudio, Inc.]
JARipCDAudioOnArrival\
Provider = jetAudio
InvokeProgID = jetAudio.MediaHandler
InvokeVerb = ripcd
HKLM\SOFTWARE\Classes\jetAudio.MediaHandler\shell\ripcd\command\(Default) = "D:\Programy\JetAudio\jetAudio.exe" /ripcd "%1" [JetAudio, Inc.]
MPCPlayBluRayOnArrival\
Provider = Media Player Classic
InvokeProgID = MediaPlayerClassic.Autorun
InvokeVerb = PlayBlurayMovie
HKLM\SOFTWARE\Classes\MediaPlayerClassic.Autorun\shell\PlayBlurayMovie\command\(Default) = "C:\Program Files\K-Lite Codec Pack\Media Player Classic\mpc-hc.exe" %L\BDMV\INDEX.BDMV [MPC-HC Team]
MPCPlayCDAudioOnArrival\
Provider = Media Player Classic
InvokeProgID = MediaPlayerClassic.Autorun
InvokeVerb = PlayCDAudio
HKLM\SOFTWARE\Classes\MediaPlayerClassic.Autorun\shell\PlayCDAudio\command\(Default) = "C:\Program Files\K-Lite Codec Pack\Media Player Classic\mpc-hc.exe" %1 /cd [MPC-HC Team]
MPCPlayDVDMovieOnArrival\
Provider = Media Player Classic
InvokeProgID = MediaPlayerClassic.Autorun
InvokeVerb = PlayDVDMovie
HKLM\SOFTWARE\Classes\MediaPlayerClassic.Autorun\shell\PlayDVDMovie\command\(Default) = "C:\Program Files\K-Lite Codec Pack\Media Player Classic\mpc-hc.exe" %1 /dvd [MPC-HC Team]
MPCPlayMusicFilesOnArrival\
Provider = Media Player Classic
InvokeProgID = MediaPlayerClassic.Autorun
InvokeVerb = PlayMusicFiles
HKLM\SOFTWARE\Classes\MediaPlayerClassic.Autorun\shell\PlayMusicFiles\command\(Default) = "C:\Program Files\K-Lite Codec Pack\Media Player Classic\mpc-hc.exe" %1 [MPC-HC Team]
MPCPlayVideoFilesOnArrival\
Provider = Media Player Classic
InvokeProgID = MediaPlayerClassic.Autorun
InvokeVerb = PlayVideoFiles
HKLM\SOFTWARE\Classes\MediaPlayerClassic.Autorun\shell\PlayVideoFiles\command\(Default) = "C:\Program Files\K-Lite Codec Pack\Media Player Classic\mpc-hc.exe" %1 [MPC-HC Team]
MSPlayCDAudioOnArrival\
Provider = ALLPlayer
InvokeProgID = AllPlayerFile
InvokeVerb = play
HKCU\Software\Classes\AllPlayerFile\shell\play\command\(Default) = "D:\Programy\ALLPlayer\ALLPlayer.exe" "%1" [ALLPlayer]
MSWPDShellNamespaceHandler\
Provider = @%SystemRoot%\System32\WPDShextRes.dll,-501
CLSID = {A55803CC-4D53-404c-8557-FD63DBA95D24}
InitCmdLine =
-> {HKLM...CLSID} = WPDShextAutoplay
\LocalServer32\(Default) = C:\windows\system32\WPDShextAutoplay.exe [MS]
NeroAutoPlay2CDAudio\
Provider = Nero Express
InvokeProgID = Nero.AutoPlay2
InvokeVerb = HandleCDBurningOnArrival_CDAudio
HKLM\SOFTWARE\Classes\Nero.AutoPlay2\shell\HandleCDBurningOnArrival_CDAudio\command\(Default) = C:\Program Files\Ahead\nero\nero.exe /w /New:AudioCD /Drive:%L [Ahead Software AG]
NeroAutoPlay2CopyCD\
Provider = Nero Express
InvokeProgID = Nero.AutoPlay2
InvokeVerb = PlayCDAudioOnArrival_CopyCD
HKLM\SOFTWARE\Classes\Nero.AutoPlay2\shell\PlayCDAudioOnArrival_CopyCD\command\(Default) = C:\Program Files\Ahead\nero\nero.exe /w /Dialog:DiscCopy /Drive:%L [Ahead Software AG]
NeroAutoPlay2DataDisc\
Provider = Nero Express
InvokeProgID = Nero.AutoPlay2
InvokeVerb = HandleCDBurningOnArrival_DataDisc
HKLM\SOFTWARE\Classes\Nero.AutoPlay2\shell\HandleCDBurningOnArrival_DataDisc\command\(Default) = C:\Program Files\Ahead\nero\nero.exe /w /New:ISODisc /Drive:%L [Ahead Software AG]
NeroAutoPlay2LaunchNeroStartSmart\
Provider = Nero StartSmart
InvokeProgID = Nero.AutoPlay2
InvokeVerb = HandleCDBurningOnArrival_LaunchNeroStartSmart
HKLM\SOFTWARE\Classes\Nero.AutoPlay2\shell\HandleCDBurningOnArrival_LaunchNeroStartSmart\command\(Default) = C:\Program Files\Ahead\Nero StartSmart\NeroStartSmart.exe /AutoPlay /Drive:%L [Ahead Software AG]
NMMPlayCDAudioOnArrival\
Provider = Nokia Music Manager
InvokeProgID = NokiaMusicManager
InvokeVerb = NMMPlayCD
HKLM\SOFTWARE\Classes\NokiaMusicManager\shell\NMMPlayCD\command\(Default) = D:\Programy\Nokia Pc Suite\Nokia PC Suite 6\MusicManager.exe /playCD "%L" [file not found]
NMMRipCDAudioOnArrival\
Provider = Nokia Music Manager
InvokeProgID = NokiaMusicManager
InvokeVerb = NMMRipCD
HKLM\SOFTWARE\Classes\NokiaMusicManager\shell\NMMRipCD\command\(Default) = D:\Programy\Nokia Pc Suite\Nokia PC Suite 6\MusicManager.exe /ripCD "%L" [file not found]
NokiaOviSuite\
Provider = Nokia Ovi Suite
ProgID = Nokia.OviSuite
InitCmdLine = -autoplay
HKLM\SOFTWARE\Classes\Nokia.OviSuite\CLSID\(Default) = {27F341A3-9735-41a3-AC51-75734826845F}
-> {HKLM...CLSID} = Nokia Ovi Suite
\LocalServer32\(Default) = C:/Program Files/Nokia/Nokia Ovi Suite/NokiaOviSuite.exe [Nokia]
PDVDPlayDVDMovieOnArrival\
Provider = PowerDVD
InvokeProgID = DVD
InvokeVerb = PlayWithPowerDVD
HKLM\SOFTWARE\Classes\DVD\shell\PlayWithPowerDVD\Command\(Default) = "C:\Program Files\CyberLink DVD Solution\PowerDVD\PowerDVD.exe" "%l" [CyberLink Corp.]
PPCDBurningOnArrival\
Provider = PowerProducer
InvokeProgID = Picture
InvokeVerb = OpenWithPowerProducer
HKLM\SOFTWARE\Classes\Picture\shell\OpenWithPowerProducer\Command\(Default) = "C:\Program Files\CyberLink DVD Solution\PowerProducer\Producer.exe" [Cyberlink]
PPDCameraArrival\
Provider = PowerProducer
InvokeProgID = Picture
InvokeVerb = OpenWithPowerProducer
HKLM\SOFTWARE\Classes\Picture\shell\OpenWithPowerProducer\Command\(Default) = "C:\Program Files\CyberLink DVD Solution\PowerProducer\Producer.exe" [Cyberlink]
PPDVArrival\
Provider = PowerProducer
ProgID = Shell.HWEventHandlerShellExecute
InitCmdLine = "C:\Program Files\CyberLink DVD Solution\PowerProducer\Producer.exe"
HKLM\SOFTWARE\Classes\Shell.HWEventHandlerShellExecute\CLSID\(Default) = {FFB8655F-81B9-4fce-B89C-9A6BA76D13E7}
-> {HKLM...CLSID} = ShellExecute HW Event Handler
\LocalServer32\(Default) = rundll32.exe shell32.dll,SHCreateLocalServerRunDll {FFB8655F-81B9-4fce-B89C-9A6BA76D13E7} [MS]
ZunePlayCDAudioOnArrival\
Provider = @C:\Program Files\Zune\en-US\ZuneResources.dll.mui,-603
InvokeProgID = Microsoft.Zune.2.AudioCD
InvokeVerb = Play
HKLM\SOFTWARE\Classes\Microsoft.Zune.2.AudioCD\shell\Play\Command\(Default) = "C:\Program Files\Zune\Zune.exe" /PlayCD:"%L" [MS]
ZunePlayMediaOnArrival\
Provider = @C:\Program Files\Zune\en-US\ZuneResources.dll.mui,-603
InvokeProgID = Microsoft.Zune.2.PlayMedia
InvokeVerb = Play
HKLM\SOFTWARE\Classes\Microsoft.Zune.2.PlayMedia\shell\Play\Command\(Default) = "C:\Program Files\Zune\Zune.exe" /PlayMedia:"%L" [MS]
ZuneRipCDAudioOnArrival\
Provider = @C:\Program Files\Zune\en-US\ZuneResources.dll.mui,-603
InvokeProgID = Microsoft.Zune.2.RipCD
InvokeVerb = Rip
HKLM\SOFTWARE\Classes\Microsoft.Zune.2.RipCD\shell\Rip\Command\(Default) = "C:\Program Files\Zune\Zune.exe" /RipCD:"%L" [MS]
Enabled Scheduled Tasks: {++}
------------------------
Adobe Flash Player Updater -> launches: C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [Adobe Systems Incorporated]
FacebookUpdateTaskUserS-1-5-21-117609710-220523388-725345543-1003Core -> launches: C:\Documents and Settings\Ice\Ustawienia lokalne\Dane aplikacji\Facebook\Update\FacebookUpdate.exe /c /nocrashserver [Facebook Inc.]
FacebookUpdateTaskUserS-1-5-21-117609710-220523388-725345543-1003UA -> launches: C:\Documents and Settings\Ice\Ustawienia lokalne\Dane aplikacji\Facebook\Update\FacebookUpdate.exe /ua /installsource scheduler [Facebook Inc.]
GoogleUpdateTaskMachineCore -> launches: C:\Program Files\Google\Update\GoogleUpdate.exe /c [Google Inc.]
GoogleUpdateTaskMachineUA -> launches: C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler [Google Inc.]
Winsock2 Service Provider DLLs:
-------------------------------
Namespace Service Providers
HKLM\SYSTEM\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries\ {++}
000000000001\LibraryPath = %SystemRoot%\System32\mswsock.dll [MS]
000000000002\LibraryPath = %SystemRoot%\System32\winrnr.dll [MS]
000000000003\LibraryPath = %SystemRoot%\System32\mswsock.dll [MS]
Transport Service Providers
HKLM\SYSTEM\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\ {++}
0000000000##\PackedCatalogItem (contains) DLL [Company Name], (at) ## range:
%SystemRoot%\system32\mswsock.dll [MS], 01 - 03, 06 - 25
%SystemRoot%\system32\rsvpsp.dll [MS], 04 - 05
Toolbars, Explorer Bars, Extensions:
------------------------------------
Explorer Bars
HKCU\Software\Microsoft\Internet Explorer\Explorer Bars\
{555D4D79-4BD2-4094-A395-CFC534424A05}\(Default) = (no title provided)
-> {HKLM...CLSID} = HP Smart Web Printing
\InProcServer32\(Default) = C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll [Hewlett-Packard Co.]
HKLM\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\
{555D4D79-4BD2-4094-A395-CFC534424A05}\(Default) = (no title provided)
-> {HKLM...CLSID} = HP Smart Web Printing
\InProcServer32\(Default) = C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll [Hewlett-Packard Co.]
HKLM\SOFTWARE\Classes\CLSID\{2A541AE1-5BF6-4665-A8A3-CFA9672E4291}\(Default) = Groove Folder Synchronization
Implemented Categories\{00021493-0000-0000-C000-000000000046}\ [vertical bar]
InProcServer32\(Default) = C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL [MS]
HKLM\SOFTWARE\Classes\CLSID\{FF059E31-CC5A-4E2E-BF3B-96E929D65503}\(Default) = &Poszukaj
Implemented Categories\{00021493-0000-0000-C000-000000000046}\ [vertical bar]
InProcServer32\(Default) = C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL [MS]
Extensions (Tools menu items, main toolbar menu buttons)
HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\
{2670000A-7350-4F3C-8081-5663EE0C6C49}\
ButtonText = Wylij do programu OneNote
MenuText = Wylij &do programu OneNote
CLSIDExtension = {48E73304-E1D6-4330-914C-F5F514E3486C}
-> {HKLM...CLSID} = Send to OneNote from Internet Explorer button
\InProcServer32\(Default) = C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll [MS]
{3AD14F0C-ED16-4E43-B6D8-661B03F6A1EF}\
ButtonText = PokerStars
Exec = C:\Program Files\PokerStars\PokerStarsUpdate.exe [PokerStars]
{92780B25-18CC-41C8-B9BE-3C9C571A8263}\
ButtonText = Research
BandCLSID = {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
-> {HKLM...CLSID} = &Poszukaj
\InProcServer32\(Default) = C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL [MS]
{DDE87865-83C5-48C4-8357-2F5B1AA84522}\
ButtonText = Pokaľ lub ukryj HP Smart Web Printing
CLSIDExtension = {DDE87865-83C5-48c4-8357-2F5B1AA84522}
-> {HKLM...CLSID} = ClipBookBtn Class
\InProcServer32\(Default) = C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [Hewlett-Packard Co.]
{E2E2DD38-D088-4134-82B7-F2BA38496583}\
MenuText = @xpsp3res.dll,-20001
Exec = %windir%\Network Diagnostic\xpnetdiag.exe [MS]
{FB5F1910-F110-11D2-BB9E-00C04F795683}\
ButtonText = Messenger
MenuText = Windows Messenger
Exec = C:\Program Files\Messenger\msmsgs.exe [MS]
Running Services (Display Name, Service Name, Path {Service DLL}):
------------------------------------------------------------------
Eset Service, ekrn, "C:\Program Files\ESET\ESET Smart Security\ekrn.exe" [ESET]
HP Network Devices Support, HPSLPSVC, C:\windows\system32\svchost.exe -k HPService {C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL [Hewlett-Packard Co.]}
hpqcxs08, hpqcxs08, C:\windows\system32\svchost.exe -k hpdevmgmt {C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll [Hewlett-Packard Co.]}
Java Quick Starter, JavaQuickStarterService, "C:\Program Files\Java\jre7\bin\jqs.exe" -service -config "C:\Program Files\Java\jre7\lib\deploy\jqs\jqs.conf" [Oracle Corporation]
Net Driver HPZ12, Net Driver HPZ12, C:\windows\System32\svchost.exe -k HPZ12 {C:\windows\system32\HPZinw12.dll [Hewlett-Packard]}
NVIDIA Display Driver Service, NVSvc, C:\windows\system32\nvsvc32.exe [NVIDIA Corporation]
Pml Driver HPZ12, Pml Driver HPZ12, C:\windows\System32\svchost.exe -k HPZ12 {C:\windows\system32\HPZipm12.dll [Hewlett-Packard]}
PnkBstrA, PnkBstrA, C:\windows\system32\PnkBstrA.exe [null data]
Sony Ericsson OMSI download service, OMSI download service, C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [null data]
Usuga HP CUE DeviceDiscovery, hpqddsvc, C:\windows\system32\svchost.exe -k hpdevmgmt {C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll [Hewlett-Packard Co.]}
Windows Live ID Sign-in Assistant, wlidsvc, "C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE" [MS]
Zune Bus Enumerator, ZuneBusEnum, "C:\Program Files\Zune\ZuneBusEnum.exe" [MS]
Safe Mode Drivers & Services (subkey name, subkey default value):
-----------------------------------------------------------------
HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\
<<!>> PEVSystemStart, Service
HKLM\System\CurrentControlSet\Control\SafeBoot\Network\
<<!>> PEVSystemStart, Service
Print Monitors:
---------------
HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors\
hpf3l70w.dll\Driver = hpf3l70w.dll [Hewlett-Packard Company]
PDFCreator\Driver = pdfcmnnt.dll [null data]
Send To Microsoft OneNote Monitor\Driver = msonpmon.dll [MS]
==== Empty IE Cache ======================
C:\windows\system32\config\systemprofile\Ustawienia lokalne\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\system32\config\systemprofile\Ustawienia lokalne\Temporary Internet Files\Content.IE5 emptied successfully
C:\Documents and Settings\Ice\Ustawienia lokalne\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Documents and Settings\LocalService\Ustawienia lokalne\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
==== Empty FireFox Cache ======================
C:\Documents and Settings\Ice\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\8r6c3ngw.default\Cache emptied successfully
==== Empty Chrome Cache ======================
C:\Documents and Settings\Ice\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
Java Cache cleared successfully
==== C:\zoek_backup content ======================
C:\zoek_backup (files=589 folders=199 52617127 bytes)
==== Empty Temp Folders ======================
C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp emptied successfully
C:\Documents and Settings\Ice\Ustawienia lokalne\Temp will be emptied at reboot
C:\Documents and Settings\LocalService\Ustawienia lokalne\Temp emptied successfully
C:\Documents and Settings\NetworkService\Ustawienia lokalne\Temp emptied successfully
C:\windows\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\windows\Temp successfully emptied
C:\DOCUME~1\Ice\USTAWI~1\Temp successfully emptied
==== Deleting Files / Folders ======================
"C:\Documents and Settings\Ice\Ustawienia lokalne\Temporary Internet Files\Content.IE5\index.dat" not found
"C:\Documents and Settings\LocalService\Ustawienia lokalne\Temporary Internet Files\Content.IE5\index.dat" not deleted
==== EOF on 2014-06-09 at 20:56:10,17 ======================
~Danny~
7 posty(ów) • Strona 1 z 1
Kto jest na forum
Użytkownicy przeglądający to forum: Brak zarejestrowanych użytkowników oraz 11 gości