ComboFix 14-05-07.01 - Dusiek 2014-05-07 10:16:30.1.4 - x64 Microsoft Windows 7 Home Premium 6.1.7600.0.1250.48.1045.18.2990.1124 [GMT 2:00] Uruchomiony z: c:\users\Dusiek\Desktop\Downloads\ComboFix.exe AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((((((((((((((((( Usunięto ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\program files (x86)\hosts\hoSTs-bho.dll c:\programdata\SPL118C.tmp c:\programdata\SPL3D4F.tmp c:\programdata\SPL402B.tmp c:\programdata\SPL5BA.tmp c:\programdata\SPL70CE.tmp c:\programdata\SPL74D1.tmp c:\programdata\SPL77C6.tmp c:\programdata\SPL908B.tmp c:\programdata\SPL9D96.tmp c:\programdata\SPLBBA0.tmp c:\programdata\SPLC495.tmp c:\programdata\SPLCBA7.tmp c:\programdata\SPLD4DD.tmp c:\programdata\SPLD5C5.tmp c:\programdata\SPLD742.tmp c:\programdata\SPLE80D.tmp c:\programdata\SPLF99A.tmp c:\users\Dusiek\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_nnlomafmkpiclmaaekkhpoecnclldmaa_0 c:\users\Dusiek\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_nnlomafmkpiclmaaekkhpoecnclldmaa_0\2 c:\users\Dusiek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnlomafmkpiclmaaekkhpoecnclldmaa c:\users\Dusiek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnlomafmkpiclmaaekkhpoecnclldmaa\1.26.101_0\background.html c:\users\Dusiek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnlomafmkpiclmaaekkhpoecnclldmaa\1.26.101_0\crossriderManifest.json c:\users\Dusiek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnlomafmkpiclmaaekkhpoecnclldmaa\1.26.101_0\extensionData\manifest.xml c:\users\Dusiek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnlomafmkpiclmaaekkhpoecnclldmaa\1.26.101_0\extensionData\plugins.json c:\users\Dusiek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnlomafmkpiclmaaekkhpoecnclldmaa\1.26.101_0\extensionData\plugins\1_base.js c:\users\Dusiek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnlomafmkpiclmaaekkhpoecnclldmaa\1.26.101_0\extensionData\plugins\100_ibario_pops.js c:\users\Dusiek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnlomafmkpiclmaaekkhpoecnclldmaa\1.26.101_0\extensionData\plugins\106_corticas.js c:\users\Dusiek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnlomafmkpiclmaaekkhpoecnclldmaa\1.26.101_0\extensionData\plugins\110_revizer_p.js c:\users\Dusiek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnlomafmkpiclmaaekkhpoecnclldmaa\1.26.101_0\extensionData\plugins\111_revizer_ws.js c:\users\Dusiek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnlomafmkpiclmaaekkhpoecnclldmaa\1.26.101_0\extensionData\plugins\122_intext_adv.js c:\users\Dusiek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnlomafmkpiclmaaekkhpoecnclldmaa\1.26.101_0\extensionData\plugins\13_CrossriderAppUtils.js c:\users\Dusiek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnlomafmkpiclmaaekkhpoecnclldmaa\1.26.101_0\extensionData\plugins\137_luck.js c:\users\Dusiek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnlomafmkpiclmaaekkhpoecnclldmaa\1.26.101_0\extensionData\plugins\14_CrossriderUtils.js c:\users\Dusiek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnlomafmkpiclmaaekkhpoecnclldmaa\1.26.101_0\extensionData\plugins\17_jQuery.js c:\users\Dusiek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnlomafmkpiclmaaekkhpoecnclldmaa\1.26.101_0\extensionData\plugins\173_max_pops.js c:\users\Dusiek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnlomafmkpiclmaaekkhpoecnclldmaa\1.26.101_0\extensionData\plugins\177_crossriderDashboard.js c:\users\Dusiek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnlomafmkpiclmaaekkhpoecnclldmaa\1.26.101_0\extensionData\plugins\182_openUrl.js c:\users\Dusiek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnlomafmkpiclmaaekkhpoecnclldmaa\1.26.101_0\extensionData\plugins\183_tabsWrapper.js c:\users\Dusiek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnlomafmkpiclmaaekkhpoecnclldmaa\1.26.101_0\extensionData\plugins\19_CHAppAPIWrapper.js c:\users\Dusiek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnlomafmkpiclmaaekkhpoecnclldmaa\1.26.101_0\extensionData\plugins\196_bpo_serp.js c:\users\Dusiek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnlomafmkpiclmaaekkhpoecnclldmaa\1.26.101_0\extensionData\plugins\21_debug.js c:\users\Dusiek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnlomafmkpiclmaaekkhpoecnclldmaa\1.26.101_0\extensionData\plugins\22_resources.js c:\users\Dusiek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnlomafmkpiclmaaekkhpoecnclldmaa\1.26.101_0\extensionData\plugins\27_50onred_intext.js c:\users\Dusiek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnlomafmkpiclmaaekkhpoecnclldmaa\1.26.101_0\extensionData\plugins\28_initializer.js c:\users\Dusiek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnlomafmkpiclmaaekkhpoecnclldmaa\1.26.101_0\extensionData\plugins\31_dealply.js c:\users\Dusiek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnlomafmkpiclmaaekkhpoecnclldmaa\1.26.101_0\extensionData\plugins\4_jquery_1_7_1.js c:\users\Dusiek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnlomafmkpiclmaaekkhpoecnclldmaa\1.26.101_0\extensionData\plugins\47_resources_background.js c:\users\Dusiek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnlomafmkpiclmaaekkhpoecnclldmaa\1.26.101_0\extensionData\plugins\52_jollywallet.js c:\users\Dusiek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnlomafmkpiclmaaekkhpoecnclldmaa\1.26.101_0\extensionData\plugins\60_base_monetization.js c:\users\Dusiek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnlomafmkpiclmaaekkhpoecnclldmaa\1.26.101_0\extensionData\plugins\64_appApiMessage.js c:\users\Dusiek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnlomafmkpiclmaaekkhpoecnclldmaa\1.26.101_0\extensionData\plugins\65_superfish_no_coupons.js c:\users\Dusiek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnlomafmkpiclmaaekkhpoecnclldmaa\1.26.101_0\extensionData\plugins\72_appApiValidation.js c:\users\Dusiek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnlomafmkpiclmaaekkhpoecnclldmaa\1.26.101_0\extensionData\plugins\78_CrossriderInfo.js c:\users\Dusiek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnlomafmkpiclmaaekkhpoecnclldmaa\1.26.101_0\extensionData\plugins\80_CHPopupAppAPI.js c:\users\Dusiek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnlomafmkpiclmaaekkhpoecnclldmaa\1.26.101_0\extensionData\plugins\97_resourceApiWrapper.js c:\users\Dusiek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnlomafmkpiclmaaekkhpoecnclldmaa\1.26.101_0\extensionData\userCode\background.js c:\users\Dusiek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnlomafmkpiclmaaekkhpoecnclldmaa\1.26.101_0\extensionData\userCode\extension.js c:\users\Dusiek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnlomafmkpiclmaaekkhpoecnclldmaa\1.26.101_0\icons\actions\1.png c:\users\Dusiek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnlomafmkpiclmaaekkhpoecnclldmaa\1.26.101_0\icons\icon128.png c:\users\Dusiek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnlomafmkpiclmaaekkhpoecnclldmaa\1.26.101_0\icons\icon16.png c:\users\Dusiek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnlomafmkpiclmaaekkhpoecnclldmaa\1.26.101_0\icons\icon48.png c:\users\Dusiek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnlomafmkpiclmaaekkhpoecnclldmaa\1.26.101_0\js\api\chrome.js c:\users\Dusiek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnlomafmkpiclmaaekkhpoecnclldmaa\1.26.101_0\js\api\cookie.js c:\users\Dusiek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnlomafmkpiclmaaekkhpoecnclldmaa\1.26.101_0\js\api\message.js c:\users\Dusiek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnlomafmkpiclmaaekkhpoecnclldmaa\1.26.101_0\js\api\pageAction.js c:\users\Dusiek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnlomafmkpiclmaaekkhpoecnclldmaa\1.26.101_0\js\api\pageActionBG.js c:\users\Dusiek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnlomafmkpiclmaaekkhpoecnclldmaa\1.26.101_0\js\background.js c:\users\Dusiek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnlomafmkpiclmaaekkhpoecnclldmaa\1.26.101_0\js\lib\app_api.js c:\users\Dusiek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnlomafmkpiclmaaekkhpoecnclldmaa\1.26.101_0\js\lib\bg_app_api.js c:\users\Dusiek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnlomafmkpiclmaaekkhpoecnclldmaa\1.26.101_0\js\lib\consts.js c:\users\Dusiek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnlomafmkpiclmaaekkhpoecnclldmaa\1.26.101_0\js\lib\cookie_store.js c:\users\Dusiek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnlomafmkpiclmaaekkhpoecnclldmaa\1.26.101_0\js\lib\crossriderAPI.js c:\users\Dusiek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnlomafmkpiclmaaekkhpoecnclldmaa\1.26.101_0\js\lib\delegate.js c:\users\Dusiek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnlomafmkpiclmaaekkhpoecnclldmaa\1.26.101_0\js\lib\events.js c:\users\Dusiek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnlomafmkpiclmaaekkhpoecnclldmaa\1.26.101_0\js\lib\extensionDataStore.js c:\users\Dusiek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnlomafmkpiclmaaekkhpoecnclldmaa\1.26.101_0\js\lib\installer.js c:\users\Dusiek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnlomafmkpiclmaaekkhpoecnclldmaa\1.26.101_0\js\lib\logFile.js c:\users\Dusiek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnlomafmkpiclmaaekkhpoecnclldmaa\1.26.101_0\js\lib\logging.js c:\users\Dusiek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnlomafmkpiclmaaekkhpoecnclldmaa\1.26.101_0\js\lib\onBGDocumentLoad.js c:\users\Dusiek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnlomafmkpiclmaaekkhpoecnclldmaa\1.26.101_0\js\lib\popupResource\newPopup.js c:\users\Dusiek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnlomafmkpiclmaaekkhpoecnclldmaa\1.26.101_0\js\lib\popupResource\popup.js c:\users\Dusiek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnlomafmkpiclmaaekkhpoecnclldmaa\1.26.101_0\js\lib\reports.js c:\users\Dusiek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnlomafmkpiclmaaekkhpoecnclldmaa\1.26.101_0\js\lib\storageWrapper.js c:\users\Dusiek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnlomafmkpiclmaaekkhpoecnclldmaa\1.26.101_0\js\lib\updateManager.js c:\users\Dusiek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnlomafmkpiclmaaekkhpoecnclldmaa\1.26.101_0\js\lib\util.js c:\users\Dusiek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnlomafmkpiclmaaekkhpoecnclldmaa\1.26.101_0\js\lib\xhr.js c:\users\Dusiek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnlomafmkpiclmaaekkhpoecnclldmaa\1.26.101_0\js\main.js c:\users\Dusiek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnlomafmkpiclmaaekkhpoecnclldmaa\1.26.101_0\manifest.json c:\users\Dusiek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnlomafmkpiclmaaekkhpoecnclldmaa\1.26.101_0\popup.html c:\users\Dusiek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnlomafmkpiclmaaekkhpoecnclldmaa\1.26.101_0\version.json c:\users\Dusiek\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nnlomafmkpiclmaaekkhpoecnclldmaa c:\users\Dusiek\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nnlomafmkpiclmaaekkhpoecnclldmaa\000128.ldb c:\users\Dusiek\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nnlomafmkpiclmaaekkhpoecnclldmaa\000130.ldb c:\users\Dusiek\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nnlomafmkpiclmaaekkhpoecnclldmaa\000133.ldb c:\users\Dusiek\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nnlomafmkpiclmaaekkhpoecnclldmaa\000139.ldb c:\users\Dusiek\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nnlomafmkpiclmaaekkhpoecnclldmaa\000140.log c:\users\Dusiek\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nnlomafmkpiclmaaekkhpoecnclldmaa\CURRENT c:\users\Dusiek\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nnlomafmkpiclmaaekkhpoecnclldmaa\LOCK c:\users\Dusiek\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nnlomafmkpiclmaaekkhpoecnclldmaa\LOG c:\users\Dusiek\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nnlomafmkpiclmaaekkhpoecnclldmaa\LOG.old c:\users\Dusiek\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nnlomafmkpiclmaaekkhpoecnclldmaa\MANIFEST-000138 c:\users\Dusiek\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_nnlomafmkpiclmaaekkhpoecnclldmaa_0.localstorage-journal c:\users\Dusiek\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_nnlomafmkpiclmaaekkhpoecnclldmaa_0.localstorage c:\users\Dusiek\AppData\Local\Google\Chrome\User Data\Default\Preferences c:\users\Dusiek\AppData\Roaming\Adobe\shed c:\users\Dusiek\AppData\Roaming\Adobe\shed\thr1.chm c:\windows\SysWow64\Packet.dll c:\windows\SysWow64\pthreadVC.dll c:\windows\SysWow64\wpcap.dll . . ((((((((((((((((((((((((((((((((((((((( Sterowniki/Usługi ))))))))))))))))))))))))))))))))))))))))))))))))) . . -------\Legacy_NPF -------\Service_DCService.exe -------\Service_npf . . ((((((((((((((((((((((((( Pliki utworzone od 2014-04-07 do 2014-05-07 ))))))))))))))))))))))))))))))) . . 2014-05-06 20:33 . 2014-05-06 20:33 0 ----a-w- c:\windows\SysWow64\sho7E55.tmp 2014-05-06 12:00 . 2014-04-17 03:31 10651704 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{D8A0C355-FAB8-4C9C-8C60-7CAB28771713}\mpengine.dll 2014-05-01 21:38 . 2014-05-01 21:38 0 ----a-w- c:\windows\SysWow64\shoCD6E.tmp 2014-04-29 18:40 . 2014-04-29 18:40 0 ----a-w- c:\windows\SysWow64\sho3CA4.tmp 2014-04-25 19:26 . 2014-04-25 19:26 0 ----a-w- c:\windows\SysWow64\sho253F.tmp 2014-04-24 09:33 . 2014-04-24 09:33 0 ----a-w- c:\windows\SysWow64\sho1037.tmp 2014-04-17 09:21 . 2014-04-17 09:21 0 ----a-w- c:\windows\SysWow64\sho7530.tmp 2014-04-16 21:20 . 2014-04-16 21:20 0 ----a-w- c:\windows\SysWow64\sho23E5.tmp 2014-04-15 19:48 . 2014-04-15 19:48 0 ----a-w- c:\windows\SysWow64\sho438.tmp 2014-04-14 19:30 . 2014-04-14 19:30 -------- d-----w- c:\users\Dusiek\AppData\Local\Skype 2014-04-14 19:30 . 2014-04-14 19:30 -------- d-----w- c:\program files (x86)\Common Files\Skype 2014-04-14 19:30 . 2014-04-14 19:30 -------- d-----r- c:\program files (x86)\Skype 2014-04-14 07:34 . 2014-04-14 07:34 0 ----a-w- c:\windows\SysWow64\sho1526.tmp 2014-04-13 17:39 . 2014-04-13 17:39 0 ----a-w- c:\windows\SysWow64\sho34E.tmp 2014-04-09 18:59 . 2014-04-09 18:59 0 ----a-w- c:\windows\SysWow64\shoF347.tmp 2014-04-07 19:05 . 2014-04-07 19:05 0 ----a-w- c:\windows\SysWow64\sho81FD.tmp . . . (((((((((((((((((((((((((((((((((((((((( Sekcja Find3M )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2014-04-29 17:09 . 2012-04-15 22:13 692400 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2014-04-29 17:09 . 2011-11-24 17:59 70832 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2014-04-03 19:06 . 2014-04-03 19:06 0 ----a-w- c:\windows\SysWow64\shoF846.tmp 2014-03-31 08:18 . 2014-03-31 08:18 0 ----a-w- c:\windows\SysWow64\sho48B4.tmp 2014-03-31 07:35 . 2012-02-16 21:06 270496 ------w- c:\windows\system32\MpSigStub.exe 2014-03-29 11:43 . 2014-03-29 11:43 0 ----a-w- c:\windows\SysWow64\sho365E.tmp 2014-03-26 10:22 . 2014-03-26 10:22 0 ----a-w- c:\windows\SysWow64\sho3026.tmp 2014-03-25 20:47 . 2014-03-25 20:47 0 ----a-w- c:\windows\SysWow64\sho3EF8.tmp 2014-03-24 20:34 . 2014-03-24 20:34 0 ----a-w- c:\windows\SysWow64\sho80D3.tmp 2014-03-19 17:33 . 2014-03-19 17:33 0 ----a-w- c:\windows\SysWow64\sho15F7.tmp 2014-03-16 14:09 . 2014-03-16 14:09 0 ----a-w- c:\windows\SysWow64\sho7975.tmp 2014-03-16 10:08 . 2014-03-16 10:08 0 ----a-w- c:\windows\SysWow64\sho6805.tmp 2014-03-15 14:18 . 2014-03-15 14:18 0 ----a-w- c:\windows\SysWow64\sho82BC.tmp 2014-03-12 20:02 . 2014-03-12 20:02 0 ----a-w- c:\windows\SysWow64\sho232B.tmp 2014-03-11 09:42 . 2014-03-11 09:42 0 ----a-w- c:\windows\SysWow64\sho338F.tmp 2014-03-08 23:26 . 2014-03-08 23:26 0 ----a-w- c:\windows\SysWow64\sho6E8E.tmp 2014-03-06 21:21 . 2014-03-06 21:21 0 ----a-w- c:\windows\SysWow64\sho165F.tmp 2014-03-06 15:22 . 2014-03-06 15:22 0 ----a-w- c:\windows\SysWow64\sho1410.tmp 2014-03-05 08:36 . 2014-03-05 08:36 0 ----a-w- c:\windows\SysWow64\sho48E2.tmp 2014-03-03 15:38 . 2014-03-03 15:38 0 ----a-w- c:\windows\SysWow64\sho86AE.tmp 2014-03-03 12:27 . 2014-03-03 12:27 0 ----a-w- c:\windows\SysWow64\sho45EA.tmp 2014-03-01 13:18 . 2014-03-01 13:18 0 ----a-w- c:\windows\SysWow64\sho9D49.tmp 2014-02-26 20:19 . 2014-02-26 20:19 0 ----a-w- c:\windows\SysWow64\sho841E.tmp 2014-02-25 21:11 . 2014-02-25 21:11 0 ----a-w- c:\windows\SysWow64\shoA69E.tmp 2014-02-22 19:54 . 2014-02-22 19:54 0 ----a-w- c:\windows\SysWow64\shoE072.tmp 2014-02-21 22:41 . 2014-02-21 22:41 0 ----a-w- c:\windows\SysWow64\shoB990.tmp 2014-02-16 18:18 . 2014-02-16 18:18 0 ----a-w- c:\windows\SysWow64\shoA9B7.tmp 2014-02-15 09:47 . 2014-02-15 09:47 0 ----a-w- c:\windows\SysWow64\sho47C9.tmp 2014-02-14 23:32 . 2014-02-14 23:32 0 ----a-w- c:\windows\SysWow64\shoD00.tmp 2014-02-14 17:17 . 2014-02-14 17:17 0 ----a-w- c:\windows\SysWow64\sho36D.tmp 2014-02-12 23:11 . 2014-02-12 23:11 0 ----a-w- c:\windows\SysWow64\sho9B2C.tmp 2014-02-11 20:35 . 2014-02-11 20:35 0 ----a-w- c:\windows\SysWow64\shoE622.tmp 2014-02-11 09:46 . 2014-02-11 09:46 0 ----a-w- c:\windows\SysWow64\shoC2A4.tmp 2014-02-10 20:18 . 2014-02-10 20:18 0 ----a-w- c:\windows\SysWow64\sho9FB0.tmp 2014-02-10 12:28 . 2014-02-10 12:28 0 ----a-w- c:\windows\SysWow64\shoEDDA.tmp 2014-02-09 23:02 . 2014-02-09 23:02 0 ----a-w- c:\windows\SysWow64\shoC140.tmp 2014-02-08 14:41 . 2014-02-08 14:41 0 ----a-w- c:\windows\SysWow64\sho652E.tmp 2014-02-07 23:03 . 2014-02-07 23:03 0 ----a-w- c:\windows\SysWow64\sho4627.tmp 2010-01-26 09:11 . 2012-08-03 18:10 444283 ----a-w- c:\program files\Common Files\WinPcapNmap.exe . . ((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane REGEDIT4 . [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks] "{ecdee021-0d17-467f-a1ff-c7a115230949}"= "c:\program files (x86)\free-downloads.net\tbfree.dll" [2009-12-31 2349080] "{d43723ae-1ae1-4a25-a6a4-bf0929273cab}"= "c:\program files (x86)\Ashampoo_PO\prxtbAsha.dll" [2011-05-09 176936] . [HKEY_CLASSES_ROOT\clsid\{ecdee021-0d17-467f-a1ff-c7a115230949}] . [HKEY_CLASSES_ROOT\clsid\{d43723ae-1ae1-4a25-a6a4-bf0929273cab}] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{8B8B2E80-1444-451D-AC8E-EB9A847F3887}] 2013-07-25 06:32 301464 ----a-w- c:\program files (x86)\Unitech LLC\ividi\1.8.23.0\bh\ividi.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{d43723ae-1ae1-4a25-a6a4-bf0929273cab}] 2011-05-09 09:49 176936 ----a-w- c:\program files (x86)\Ashampoo_PO\prxtbAsha.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{ecdee021-0d17-467f-a1ff-c7a115230949}] 2009-12-31 09:53 2349080 ----a-w- c:\program files (x86)\free-downloads.net\tbfree.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}] 2012-06-04 14:12 1310040 ----a-w- c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar] "{ecdee021-0d17-467f-a1ff-c7a115230949}"= "c:\program files (x86)\free-downloads.net\tbfree.dll" [2009-12-31 2349080] "{EEE6C35B-6118-11DC-9C72-001320C79847}"= "c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll" [2012-06-04 1310040] "{d43723ae-1ae1-4a25-a6a4-bf0929273cab}"= "c:\program files (x86)\Ashampoo_PO\prxtbAsha.dll" [2011-05-09 176936] . [HKEY_CLASSES_ROOT\clsid\{ecdee021-0d17-467f-a1ff-c7a115230949}] . [HKEY_CLASSES_ROOT\clsid\{eee6c35b-6118-11dc-9c72-001320c79847}] [HKEY_CLASSES_ROOT\SWEETIE.IEToolbar.1] [HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}] [HKEY_CLASSES_ROOT\SWEETIE.IEToolbar] . [HKEY_CLASSES_ROOT\clsid\{d43723ae-1ae1-4a25-a6a4-bf0929273cab}] . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Gadu-Gadu 10"="c:\program files (x86)\Gadu-Gadu 10\gg.exe" [2010-12-16 12984928] "AlcoholAutomount"="c:\program files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" [2010-08-20 33120] "Xvid"="c:\program files (x86)\Xvid\CheckUpdate.exe" [2011-01-17 8192] "CAHeadless"="c:\program files (x86)\Adobe\Elements Organizer 8.0\CAHeadless\ElementsAutoAnalyzer.exe" [2009-10-09 615808] "swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-08-03 39408] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-03-04 284696] "ISBMgr.exe"="c:\program files (x86)\Sony\ISB Utility\ISBMgr.exe" [2010-05-31 673136] "StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-02-09 98304] "Norton Online Backup"="c:\program files (x86)\Symantec\Norton Online Backup\NOBuClient.exe" [2010-06-01 1155928] "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2010-11-29 421888] "avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-08-30 4858968] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352] "APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-09-13 59720] "SweetIM"="c:\program files (x86)\SweetIM\Messenger\SweetIM.exe" [2012-05-29 115032] "Sweetpacks Communicator"="c:\program files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe" [2012-02-26 295728] "NeroCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336] "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2013-10-23 152392] . c:\users\Dusiek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ OpenOffice.org 3.3.lnk - c:\program files (x86)\OpenOffice.org 3\program\quickstart.exe [2010-12-13 1198592] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2010-6-9 1128224] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows] "LoadAppInit_DLLs"=1 (0x1) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] "mixer2"=wdmaud.drv . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] @="" . 2;2 SampleCollector;VAIO Care Performance Service;c:\program files\Sony\VAIO Care\VCPerfService.exe;c:\program files\Sony\VAIO Care\VCPerfService.exe [x] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x] R2 lxeaCATSCustConnectService;lxeaCATSCustConnectService;c:\windows\system32\spool\DRIVERS\x64\3\\lxeaserv.exe;c:\windows\SYSNATIVE\spool\DRIVERS\x64\3\\lxeaserv.exe [x] R2 PLAY ONLINE. RunOuc;PLAY ONLINE. OUC;c:\program files (x86)\PLAY ONLINE\UpdateDog\ouc.exe;c:\program files (x86)\PLAY ONLINE\UpdateDog\ouc.exe [x] R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x] R3 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.exe;c:\program files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.exe [x] R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys;c:\windows\SYSNATIVE\DRIVERS\ew_hwusbdev.sys [x] R3 ewusbmbb;HUAWEI USB-WWAN miniport;c:\windows\system32\DRIVERS\ewusbwwan.sys;c:\windows\SYSNATIVE\DRIVERS\ewusbwwan.sys [x] R3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\DRIVERS\ewusbnet.sys;c:\windows\SYSNATIVE\DRIVERS\ewusbnet.sys [x] R3 Impcd;Impcd;c:\windows\system32\drivers\Impcd.sys;c:\windows\SYSNATIVE\drivers\Impcd.sys [x] R3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x] R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl64.sys;c:\windows\SYSNATIVE\DRIVERS\netaapl64.sys [x] R3 SOHCImp;VAIO Media plus Content Importer;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [x] R3 SOHDms;VAIO Media plus Digital Media Server;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [x] R3 SOHDs;VAIO Media plus Device Searcher;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [x] R3 SpfService;VAIO Entertainment Common Service;c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe;c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe [x] R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x] R3 VCFw;VAIO Content Folder Watcher;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [x] R3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [x] R3 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;c:\program files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe;c:\program files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [x] R3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [x] R3 VCService;VCService;c:\program files\Sony\VAIO Care\VCService.exe;c:\program files\Sony\VAIO Care\VCService.exe [x] R3 WatAdminSvc;Usługa Technologie aktywacji systemu Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x] R3 zlportio;zlportio;c:\program files (x86)\UltraStar\zlportio.sys;c:\program files (x86)\UltraStar\zlportio.sys [x] R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x] S0 aswRvrt;aswRvrt; [x] S0 aswVmm;aswVmm; [x] S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x] S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys;c:\windows\SYSNATIVE\Drivers\sptd.sys [x] S1 aswSnx;aswSnx; [x] S1 aswSP;aswSP; [x] S2 AdobeActiveFileMonitor8.0;Adobe Active File Monitor V8;c:\program files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe;c:\program files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe [x] S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x] S2 aswFsBlk;aswFsBlk; [x] S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x] S2 BBSvc;BingBar Service;c:\program files (x86)\Microsoft\BingBar\7.3.132.0\BBSvc.exe;c:\program files (x86)\Microsoft\BingBar\7.3.132.0\BBSvc.exe [x] S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x] S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x] S2 lxea_device;lxea_device;c:\windows\system32\lxeacoms.exe;c:\windows\SYSNATIVE\lxeacoms.exe [x] S2 NOBU;Norton Online Backup;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE [x] S2 rimspci;rimspci;c:\windows\system32\drivers\rimssne64.sys;c:\windows\SYSNATIVE\drivers\rimssne64.sys [x] S2 risdsnpe;risdsnpe;c:\windows\system32\drivers\risdsne64.sys;c:\windows\SYSNATIVE\drivers\risdsne64.sys [x] S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [x] S2 svcgdp;software services;c:\program files (x86)\Software Plate\svcgdp.exe;c:\program files (x86)\Software Plate\svcgdp.exe [x] S2 uCamMonitor;CamMonitor;c:\program files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe;c:\program files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [x] S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x] S2 VAIO Power Management;VAIO Power Management;c:\program files\Sony\VAIO Power Management\SPMService.exe;c:\program files\Sony\VAIO Power Management\SPMService.exe [x] S2 VSNService;VSNService;c:\program files\Sony\VAIO Smart Network\VSNService.exe;c:\program files\Sony\VAIO Smart Network\VSNService.exe [x] S3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\DRIVERS\ArcSoftKsUFilter.sys;c:\windows\SYSNATIVE\DRIVERS\ArcSoftKsUFilter.sys [x] S3 btwampfl;Bluetooth AMP USB Filter;c:\windows\system32\drivers\btwampfl.sys;c:\windows\SYSNATIVE\drivers\btwampfl.sys [x] S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x] S3 ew_usbenumfilter;huawei_CompositeFilter;c:\windows\system32\DRIVERS\ew_usbenumfilter.sys;c:\windows\SYSNATIVE\DRIVERS\ew_usbenumfilter.sys [x] S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\drivers\HECIx64.sys;c:\windows\SYSNATIVE\drivers\HECIx64.sys [x] S3 huawei_cdcacm;huawei_cdcacm;c:\windows\system32\DRIVERS\ew_jucdcacm.sys;c:\windows\SYSNATIVE\DRIVERS\ew_jucdcacm.sys [x] S3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys;c:\windows\SYSNATIVE\DRIVERS\ew_jubusenum.sys [x] S3 huawei_ext_ctrl;huawei_ext_ctrl;c:\windows\system32\DRIVERS\ew_juextctrl.sys;c:\windows\SYSNATIVE\DRIVERS\ew_juextctrl.sys [x] S3 huawei_wwanecm;huawei_wwanecm;c:\windows\system32\DRIVERS\ew_juwwanecm.sys;c:\windows\SYSNATIVE\DRIVERS\ew_juwwanecm.sys [x] S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\drivers\SFEP.sys;c:\windows\SYSNATIVE\drivers\SFEP.sys [x] S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftfslh.sys [x] S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftplaylh.sys [x] S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftredirlh.sys [x] S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftvollh.sys [x] S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [x] S3 VUAgent;VUAgent;c:\program files\Sony\VAIO Update\VUAgent.exe;c:\program files\Sony\VAIO Update\VUAgent.exe [x] S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys;c:\windows\SYSNATIVE\DRIVERS\yk62x64.sys [x] . . --- Inne Usługi/Sterowniki w Pamięci --- . *NewlyCreated* - WS2IFSL . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}] 2014-05-01 19:23 1078088 ----a-w- c:\program files (x86)\Google\Chrome\Application\34.0.1847.131\Installer\chrmstp.exe . Zawartość folderu 'Zaplanowane zadania' . 2014-05-07 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-15 17:09] . 2014-05-07 c:\windows\Tasks\CodecUpdaterUpdaterLogonTask.job - c:\programdata\CodecUpdate\ix_updater.exe [2012-07-18 09:23] . 2014-05-07 c:\windows\Tasks\CodecUpdaterUpdaterRefreshTask.job - c:\programdata\CodecUpdate\ix_updater.exe [2012-07-18 09:23] . 2014-01-15 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2079075541-648775475-3477509000-1001Core.job - c:\users\Dusiek\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-11-13 05:05] . 2014-05-07 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2079075541-648775475-3477509000-1001UA.job - c:\users\Dusiek\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-11-13 05:05] . 2014-05-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-08-03 08:50] . 2014-05-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-08-03 08:50] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast] @="{472083B0-C522-11CF-8763-00608CC02F24}" [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}] 2013-08-30 07:47 133840 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-05-31 10775584] "RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2010-05-31 2040352] "lxeamon.exe"="c:\program files (x86)\Lexmark S300-S400 Series\lxeamon.exe" [2009-10-01 766632] "EzPrint"="c:\program files (x86)\Lexmark S300-S400 Series\ezprint.exe" [2009-10-01 139944] "VDownloader"="c:\program files\VDownloader\VDownloader.exe" [2012-07-17 881664] "Zune Launcher"="c:\program files\Zune\ZuneLauncher.exe" [2011-08-05 163552] . ------- Skan uzupełniający ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = hxxp://g.live.com/1rewlive4startup/home mStart Page = hxxp://www.dogpile.com/ mLocal Page = c:\windows\SysWOW64\blank.htm uInternet Settings,ProxyOverride = ;*.local IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: E&ksportuj do programu Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000 IE: Wyślij &do programu OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105 TCP: Interfaces\{1F1C4D9B-C5D3-42E8-AB6B-E70EBD21DBCD}: NameServer = 89.108.195.21 89.108.202.21 TCP: Interfaces\{651361C9-CE01-4C0C-91A1-93C3DD332521}: NameServer = 89.108.195.20 89.108.202.20 TCP: Interfaces\{F66A84B4-9F74-49CF-8556-A016DCF326A1}: NameServer = 89.108.195.21 89.108.202.21 FF - ProfilePath - c:\users\Dusiek\AppData\Roaming\Mozilla\Firefox\Profiles\0bgai8tb.default-1391281493810\ FF - prefs.js: browser.startup.homepage - www.onet.pl . - - - - USUNIĘTO PUSTE WPISY - - - - . BHO-{11111111-1111-1111-1111-110311531182} - c:\program files (x86)\hosts\hosts-bho.dll Wow6432Node-HKCU-Run-ALLUpdate - c:\program files (x86)\ALLPlayer\ALLUpdate.exe Wow6432Node-HKCU-Run-EA Core - c:\program files (x86)\Electronic Arts\EADM\Core.exe WebBrowser-{ECDEE021-0D17-467F-A1FF-C7A115230949} - (no file) WebBrowser-{D43723AE-1AE1-4A25-A6A4-BF0929273CAB} - (no file) HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe . . . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\SampleCollector] "ImagePath"="\"c:\program files\Sony\VAIO Care\VCPerfService.exe\" \"/service\" \"/sstates\" \"/sampleinterval=5000\" \"/procinterval=5\" \"/dllinterval=120\" \"/counter=\Processor(_Total)\% Processor Time:1/counter=\PhysicalDisk(_Total)\Disk Bytes/sec:1\" \"/counter=\Network Interface(*)\Bytes Total/sec:1\" \"/expandcounter=\Processor Information(*)\Processor Frequency:1\" \"/expandcounter=\Processor(*)\% Idle Time:1\" \"/expandcounter=\Processor(*)\% C1 Time:1\" \"/expandcounter=\Processor(*)\% C2 Time:1\" \"/expandcounter=\Processor(*)\% C3 Time:1\" \"/expandcounter=\Processor(*)\% Processor Time:1\" \"/directory=c:\programdata\Sony Corporation\VAIO Care\inteldata\"" . --------------------- ZABLOKOWANE KLUCZE REJESTRU --------------------- . [HKEY_USERS\S-1-5-21-2079075541-648775475-3477509000-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WindowsLiveMail.Email.1" . [HKEY_USERS\S-1-5-21-2079075541-648775475-3477509000-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WindowsLiveMail.VCard.1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10e.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10e.exe" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.10" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}] @Denied: (A 2) (Everyone) @="IFlashBroker3" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}] @Denied: (A) (Everyone) "Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}" . [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3] @Denied: (A) (Everyone) . [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0] "Key"="ActionsPane3" "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd" . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Pozostałe uruchomione procesy ------------------------ . c:\program files\AVAST Software\Avast\AvastSvc.exe c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe c:\programdata\PLAY ONLINE\OnlineUpdate\ouc.exe c:\program files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe c:\program files (x86)\Sony\VAIO Event Service\VESMgr.exe c:\windows\SysWOW64\DllHost.exe c:\program files (x86)\Sony\VAIO Event Service\VESMgrSub.exe c:\program files (x86)\OpenOffice.org 3\program\soffice.exe c:\program files (x86)\OpenOffice.org 3\program\soffice.bin c:\windows\SysWOW64\RunDll32.exe c:\program files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe c:\program files\Sony\VAIO Care\listener.exe c:\program files (x86)\PLAY ONLINE\PLAY ONLINE.exe c:\program files (x86)\Mozilla Firefox\firefox.exe . ************************************************************************** . Czas ukończenia: 2014-05-07 10:45:33 - komputer został uruchomiony ponownie ComboFix-quarantined-files.txt 2014-05-07 08:45 . Przed: 212 062 097 408 bajtów wolnych Po: 222 773 096 448 bajtów wolnych . - - End Of File - - 54DBE6128532086DC988A245A713E453