ComboFix 14-04-30.01 - SpeeD 2014-05-01 13:21:30.1.4 - x64 MINIMAL Microsoft Windows 7 Ultimate 6.1.7601.1.1250.48.1045.18.7293.6061 [GMT 2:00] Uruchomiony z: c:\users\SpeeD\Downloads\ComboFix.exe AV: ESET NOD32 Antivirus 7.0 *Enabled/Outdated* {19259FAE-8396-A113-46DB-15B0E7DFA289} FW: COMODO Firewall *Enabled* {8F7746F7-FE68-E084-3B6C-7404A51E8FB3} SP: COMODO Antivirus *Disabled/Outdated* {0C2D2636-923D-EE52-2A83-E643204A8275} SP: ESET NOD32 Antivirus 7.0 *Enabled/Outdated* {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834} SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Utworzono nowy punkt przywracania . . ((((((((((((((((((((((((((((((((((((((( Usunięto ))))))))))))))))))))))))))))))))))))))))))))))))) . . C:\END c:\program files (x86)\TNod User & Password Finder\TNODUP.exe c:\programdata\HirezPipeError.txt c:\users\SpeeD\AppData\Local\TempFullTiltPokerEuSetup.exe c:\users\SpeeD\AppData\Local\unins000.exe c:\users\SpeeD\AppData\Roaming\Mozilla\Firefox\Profiles\pfr39cfj.default\extensions\39ed7c16-185d-4f88-b976-666d4928ba01@fe4550c1-7a4f-4a62-ad1c-45e0afdf81a4.com c:\users\SpeeD\AppData\Roaming\Mozilla\Firefox\Profiles\pfr39cfj.default\extensions\39ed7c16-185d-4f88-b976-666d4928ba01@fe4550c1-7a4f-4a62-ad1c-45e0afdf81a4.com\chrome.manifest c:\users\SpeeD\AppData\Roaming\Mozilla\Firefox\Profiles\pfr39cfj.default\extensions\39ed7c16-185d-4f88-b976-666d4928ba01@fe4550c1-7a4f-4a62-ad1c-45e0afdf81a4.com\chrome\content\api.js c:\users\SpeeD\AppData\Roaming\Mozilla\Firefox\Profiles\pfr39cfj.default\extensions\39ed7c16-185d-4f88-b976-666d4928ba01@fe4550c1-7a4f-4a62-ad1c-45e0afdf81a4.com\chrome\content\api\asyncDB.js c:\users\SpeeD\AppData\Roaming\Mozilla\Firefox\Profiles\pfr39cfj.default\extensions\39ed7c16-185d-4f88-b976-666d4928ba01@fe4550c1-7a4f-4a62-ad1c-45e0afdf81a4.com\chrome\content\api\background.js c:\users\SpeeD\AppData\Roaming\Mozilla\Firefox\Profiles\pfr39cfj.default\extensions\39ed7c16-185d-4f88-b976-666d4928ba01@fe4550c1-7a4f-4a62-ad1c-45e0afdf81a4.com\chrome\content\api\browserAction.js c:\users\SpeeD\AppData\Roaming\Mozilla\Firefox\Profiles\pfr39cfj.default\extensions\39ed7c16-185d-4f88-b976-666d4928ba01@fe4550c1-7a4f-4a62-ad1c-45e0afdf81a4.com\chrome\content\api\contextMenu.js c:\users\SpeeD\AppData\Roaming\Mozilla\Firefox\Profiles\pfr39cfj.default\extensions\39ed7c16-185d-4f88-b976-666d4928ba01@fe4550c1-7a4f-4a62-ad1c-45e0afdf81a4.com\chrome\content\api\dbManager.js c:\users\SpeeD\AppData\Roaming\Mozilla\Firefox\Profiles\pfr39cfj.default\extensions\39ed7c16-185d-4f88-b976-666d4928ba01@fe4550c1-7a4f-4a62-ad1c-45e0afdf81a4.com\chrome\content\api\dom_bg.js c:\users\SpeeD\AppData\Roaming\Mozilla\Firefox\Profiles\pfr39cfj.default\extensions\39ed7c16-185d-4f88-b976-666d4928ba01@fe4550c1-7a4f-4a62-ad1c-45e0afdf81a4.com\chrome\content\api\fileManager.js c:\users\SpeeD\AppData\Roaming\Mozilla\Firefox\Profiles\pfr39cfj.default\extensions\39ed7c16-185d-4f88-b976-666d4928ba01@fe4550c1-7a4f-4a62-ad1c-45e0afdf81a4.com\chrome\content\api\firefox.js c:\users\SpeeD\AppData\Roaming\Mozilla\Firefox\Profiles\pfr39cfj.default\extensions\39ed7c16-185d-4f88-b976-666d4928ba01@fe4550c1-7a4f-4a62-ad1c-45e0afdf81a4.com\chrome\content\api\firefoxNotifications.js c:\users\SpeeD\AppData\Roaming\Mozilla\Firefox\Profiles\pfr39cfj.default\extensions\39ed7c16-185d-4f88-b976-666d4928ba01@fe4550c1-7a4f-4a62-ad1c-45e0afdf81a4.com\chrome\content\api\firefoxOmnibox.js c:\users\SpeeD\AppData\Roaming\Mozilla\Firefox\Profiles\pfr39cfj.default\extensions\39ed7c16-185d-4f88-b976-666d4928ba01@fe4550c1-7a4f-4a62-ad1c-45e0afdf81a4.com\chrome\content\api\message.js c:\users\SpeeD\AppData\Roaming\Mozilla\Firefox\Profiles\pfr39cfj.default\extensions\39ed7c16-185d-4f88-b976-666d4928ba01@fe4550c1-7a4f-4a62-ad1c-45e0afdf81a4.com\chrome\content\api\pageAction.js c:\users\SpeeD\AppData\Roaming\Mozilla\Firefox\Profiles\pfr39cfj.default\extensions\39ed7c16-185d-4f88-b976-666d4928ba01@fe4550c1-7a4f-4a62-ad1c-45e0afdf81a4.com\chrome\content\api\request.js c:\users\SpeeD\AppData\Roaming\Mozilla\Firefox\Profiles\pfr39cfj.default\extensions\39ed7c16-185d-4f88-b976-666d4928ba01@fe4550c1-7a4f-4a62-ad1c-45e0afdf81a4.com\chrome\content\api\tabs.js c:\users\SpeeD\AppData\Roaming\Mozilla\Firefox\Profiles\pfr39cfj.default\extensions\39ed7c16-185d-4f88-b976-666d4928ba01@fe4550c1-7a4f-4a62-ad1c-45e0afdf81a4.com\chrome\content\api\webRequest.js c:\users\SpeeD\AppData\Roaming\Mozilla\Firefox\Profiles\pfr39cfj.default\extensions\39ed7c16-185d-4f88-b976-666d4928ba01@fe4550c1-7a4f-4a62-ad1c-45e0afdf81a4.com\chrome\content\api\windowsMessagingHandler.js c:\users\SpeeD\AppData\Roaming\Mozilla\Firefox\Profiles\pfr39cfj.default\extensions\39ed7c16-185d-4f88-b976-666d4928ba01@fe4550c1-7a4f-4a62-ad1c-45e0afdf81a4.com\chrome\content\background.html c:\users\SpeeD\AppData\Roaming\Mozilla\Firefox\Profiles\pfr39cfj.default\extensions\39ed7c16-185d-4f88-b976-666d4928ba01@fe4550c1-7a4f-4a62-ad1c-45e0afdf81a4.com\chrome\content\baseObject.js c:\users\SpeeD\AppData\Roaming\Mozilla\Firefox\Profiles\pfr39cfj.default\extensions\39ed7c16-185d-4f88-b976-666d4928ba01@fe4550c1-7a4f-4a62-ad1c-45e0afdf81a4.com\chrome\content\browser.xul c:\users\SpeeD\AppData\Roaming\Mozilla\Firefox\Profiles\pfr39cfj.default\extensions\39ed7c16-185d-4f88-b976-666d4928ba01@fe4550c1-7a4f-4a62-ad1c-45e0afdf81a4.com\chrome\content\core\addressBarChangeObserver.js c:\users\SpeeD\AppData\Roaming\Mozilla\Firefox\Profiles\pfr39cfj.default\extensions\39ed7c16-185d-4f88-b976-666d4928ba01@fe4550c1-7a4f-4a62-ad1c-45e0afdf81a4.com\chrome\content\core\console.js c:\users\SpeeD\AppData\Roaming\Mozilla\Firefox\Profiles\pfr39cfj.default\extensions\39ed7c16-185d-4f88-b976-666d4928ba01@fe4550c1-7a4f-4a62-ad1c-45e0afdf81a4.com\chrome\content\core\consts.js c:\users\SpeeD\AppData\Roaming\Mozilla\Firefox\Profiles\pfr39cfj.default\extensions\39ed7c16-185d-4f88-b976-666d4928ba01@fe4550c1-7a4f-4a62-ad1c-45e0afdf81a4.com\chrome\content\core\delegate.js c:\users\SpeeD\AppData\Roaming\Mozilla\Firefox\Profiles\pfr39cfj.default\extensions\39ed7c16-185d-4f88-b976-666d4928ba01@fe4550c1-7a4f-4a62-ad1c-45e0afdf81a4.com\chrome\content\core\extensionDataStore.js c:\users\SpeeD\AppData\Roaming\Mozilla\Firefox\Profiles\pfr39cfj.default\extensions\39ed7c16-185d-4f88-b976-666d4928ba01@fe4550c1-7a4f-4a62-ad1c-45e0afdf81a4.com\chrome\content\core\folderIOWrapper.js c:\users\SpeeD\AppData\Roaming\Mozilla\Firefox\Profiles\pfr39cfj.default\extensions\39ed7c16-185d-4f88-b976-666d4928ba01@fe4550c1-7a4f-4a62-ad1c-45e0afdf81a4.com\chrome\content\core\httpObserver.js c:\users\SpeeD\AppData\Roaming\Mozilla\Firefox\Profiles\pfr39cfj.default\extensions\39ed7c16-185d-4f88-b976-666d4928ba01@fe4550c1-7a4f-4a62-ad1c-45e0afdf81a4.com\chrome\content\core\IDBWrapper.js c:\users\SpeeD\AppData\Roaming\Mozilla\Firefox\Profiles\pfr39cfj.default\extensions\39ed7c16-185d-4f88-b976-666d4928ba01@fe4550c1-7a4f-4a62-ad1c-45e0afdf81a4.com\chrome\content\core\installer.js c:\users\SpeeD\AppData\Roaming\Mozilla\Firefox\Profiles\pfr39cfj.default\extensions\39ed7c16-185d-4f88-b976-666d4928ba01@fe4550c1-7a4f-4a62-ad1c-45e0afdf81a4.com\chrome\content\core\logFile.js c:\users\SpeeD\AppData\Roaming\Mozilla\Firefox\Profiles\pfr39cfj.default\extensions\39ed7c16-185d-4f88-b976-666d4928ba01@fe4550c1-7a4f-4a62-ad1c-45e0afdf81a4.com\chrome\content\core\prefs.js c:\users\SpeeD\AppData\Roaming\Mozilla\Firefox\Profiles\pfr39cfj.default\extensions\39ed7c16-185d-4f88-b976-666d4928ba01@fe4550c1-7a4f-4a62-ad1c-45e0afdf81a4.com\chrome\content\core\progressListenerObserver.js c:\users\SpeeD\AppData\Roaming\Mozilla\Firefox\Profiles\pfr39cfj.default\extensions\39ed7c16-185d-4f88-b976-666d4928ba01@fe4550c1-7a4f-4a62-ad1c-45e0afdf81a4.com\chrome\content\core\registry.js c:\users\SpeeD\AppData\Roaming\Mozilla\Firefox\Profiles\pfr39cfj.default\extensions\39ed7c16-185d-4f88-b976-666d4928ba01@fe4550c1-7a4f-4a62-ad1c-45e0afdf81a4.com\chrome\content\core\reloadObserver.js c:\users\SpeeD\AppData\Roaming\Mozilla\Firefox\Profiles\pfr39cfj.default\extensions\39ed7c16-185d-4f88-b976-666d4928ba01@fe4550c1-7a4f-4a62-ad1c-45e0afdf81a4.com\chrome\content\core\reports.js c:\users\SpeeD\AppData\Roaming\Mozilla\Firefox\Profiles\pfr39cfj.default\extensions\39ed7c16-185d-4f88-b976-666d4928ba01@fe4550c1-7a4f-4a62-ad1c-45e0afdf81a4.com\chrome\content\core\requestObject.js c:\users\SpeeD\AppData\Roaming\Mozilla\Firefox\Profiles\pfr39cfj.default\extensions\39ed7c16-185d-4f88-b976-666d4928ba01@fe4550c1-7a4f-4a62-ad1c-45e0afdf81a4.com\chrome\content\core\searchSettings.js c:\users\SpeeD\AppData\Roaming\Mozilla\Firefox\Profiles\pfr39cfj.default\extensions\39ed7c16-185d-4f88-b976-666d4928ba01@fe4550c1-7a4f-4a62-ad1c-45e0afdf81a4.com\chrome\content\core\uninstallObserver.js c:\users\SpeeD\AppData\Roaming\Mozilla\Firefox\Profiles\pfr39cfj.default\extensions\39ed7c16-185d-4f88-b976-666d4928ba01@fe4550c1-7a4f-4a62-ad1c-45e0afdf81a4.com\chrome\content\core\updateManager.js c:\users\SpeeD\AppData\Roaming\Mozilla\Firefox\Profiles\pfr39cfj.default\extensions\39ed7c16-185d-4f88-b976-666d4928ba01@fe4550c1-7a4f-4a62-ad1c-45e0afdf81a4.com\chrome\content\core\utils.js c:\users\SpeeD\AppData\Roaming\Mozilla\Firefox\Profiles\pfr39cfj.default\extensions\39ed7c16-185d-4f88-b976-666d4928ba01@fe4550c1-7a4f-4a62-ad1c-45e0afdf81a4.com\chrome\content\core\xhr.js c:\users\SpeeD\AppData\Roaming\Mozilla\Firefox\Profiles\pfr39cfj.default\extensions\39ed7c16-185d-4f88-b976-666d4928ba01@fe4550c1-7a4f-4a62-ad1c-45e0afdf81a4.com\chrome\content\dialog.js c:\users\SpeeD\AppData\Roaming\Mozilla\Firefox\Profiles\pfr39cfj.default\extensions\39ed7c16-185d-4f88-b976-666d4928ba01@fe4550c1-7a4f-4a62-ad1c-45e0afdf81a4.com\chrome\content\ffCoreFilesIndex.txt c:\users\SpeeD\AppData\Roaming\Mozilla\Firefox\Profiles\pfr39cfj.default\extensions\39ed7c16-185d-4f88-b976-666d4928ba01@fe4550c1-7a4f-4a62-ad1c-45e0afdf81a4.com\chrome\content\main.js c:\users\SpeeD\AppData\Roaming\Mozilla\Firefox\Profiles\pfr39cfj.default\extensions\39ed7c16-185d-4f88-b976-666d4928ba01@fe4550c1-7a4f-4a62-ad1c-45e0afdf81a4.com\chrome\content\options.js c:\users\SpeeD\AppData\Roaming\Mozilla\Firefox\Profiles\pfr39cfj.default\extensions\39ed7c16-185d-4f88-b976-666d4928ba01@fe4550c1-7a4f-4a62-ad1c-45e0afdf81a4.com\chrome\content\options.xul c:\users\SpeeD\AppData\Roaming\Mozilla\Firefox\Profiles\pfr39cfj.default\extensions\39ed7c16-185d-4f88-b976-666d4928ba01@fe4550c1-7a4f-4a62-ad1c-45e0afdf81a4.com\chrome\content\platformVersion.js c:\users\SpeeD\AppData\Roaming\Mozilla\Firefox\Profiles\pfr39cfj.default\extensions\39ed7c16-185d-4f88-b976-666d4928ba01@fe4550c1-7a4f-4a62-ad1c-45e0afdf81a4.com\chrome\content\search_dialog.xul c:\users\SpeeD\AppData\Roaming\Mozilla\Firefox\Profiles\pfr39cfj.default\extensions\39ed7c16-185d-4f88-b976-666d4928ba01@fe4550c1-7a4f-4a62-ad1c-45e0afdf81a4.com\defaults\preferences\prefs.js c:\users\SpeeD\AppData\Roaming\Mozilla\Firefox\Profiles\pfr39cfj.default\extensions\39ed7c16-185d-4f88-b976-666d4928ba01@fe4550c1-7a4f-4a62-ad1c-45e0afdf81a4.com\extensionData\manifest.xml c:\users\SpeeD\AppData\Roaming\Mozilla\Firefox\Profiles\pfr39cfj.default\extensions\39ed7c16-185d-4f88-b976-666d4928ba01@fe4550c1-7a4f-4a62-ad1c-45e0afdf81a4.com\extensionData\plugins.json c:\users\SpeeD\AppData\Roaming\Mozilla\Firefox\Profiles\pfr39cfj.default\extensions\39ed7c16-185d-4f88-b976-666d4928ba01@fe4550c1-7a4f-4a62-ad1c-45e0afdf81a4.com\extensionData\plugins\1.js c:\users\SpeeD\AppData\Roaming\Mozilla\Firefox\Profiles\pfr39cfj.default\extensions\39ed7c16-185d-4f88-b976-666d4928ba01@fe4550c1-7a4f-4a62-ad1c-45e0afdf81a4.com\extensionData\plugins\102.js c:\users\SpeeD\AppData\Roaming\Mozilla\Firefox\Profiles\pfr39cfj.default\extensions\39ed7c16-185d-4f88-b976-666d4928ba01@fe4550c1-7a4f-4a62-ad1c-45e0afdf81a4.com\extensionData\plugins\103.js c:\users\SpeeD\AppData\Roaming\Mozilla\Firefox\Profiles\pfr39cfj.default\extensions\39ed7c16-185d-4f88-b976-666d4928ba01@fe4550c1-7a4f-4a62-ad1c-45e0afdf81a4.com\extensionData\plugins\104.js c:\users\SpeeD\AppData\Roaming\Mozilla\Firefox\Profiles\pfr39cfj.default\extensions\39ed7c16-185d-4f88-b976-666d4928ba01@fe4550c1-7a4f-4a62-ad1c-45e0afdf81a4.com\extensionData\plugins\13.js c:\users\SpeeD\AppData\Roaming\Mozilla\Firefox\Profiles\pfr39cfj.default\extensions\39ed7c16-185d-4f88-b976-666d4928ba01@fe4550c1-7a4f-4a62-ad1c-45e0afdf81a4.com\extensionData\plugins\14.js c:\users\SpeeD\AppData\Roaming\Mozilla\Firefox\Profiles\pfr39cfj.default\extensions\39ed7c16-185d-4f88-b976-666d4928ba01@fe4550c1-7a4f-4a62-ad1c-45e0afdf81a4.com\extensionData\plugins\155.js c:\users\SpeeD\AppData\Roaming\Mozilla\Firefox\Profiles\pfr39cfj.default\extensions\39ed7c16-185d-4f88-b976-666d4928ba01@fe4550c1-7a4f-4a62-ad1c-45e0afdf81a4.com\extensionData\plugins\16.js c:\users\SpeeD\AppData\Roaming\Mozilla\Firefox\Profiles\pfr39cfj.default\extensions\39ed7c16-185d-4f88-b976-666d4928ba01@fe4550c1-7a4f-4a62-ad1c-45e0afdf81a4.com\extensionData\plugins\17.js c:\users\SpeeD\AppData\Roaming\Mozilla\Firefox\Profiles\pfr39cfj.default\extensions\39ed7c16-185d-4f88-b976-666d4928ba01@fe4550c1-7a4f-4a62-ad1c-45e0afdf81a4.com\extensionData\plugins\177.js c:\users\SpeeD\AppData\Roaming\Mozilla\Firefox\Profiles\pfr39cfj.default\extensions\39ed7c16-185d-4f88-b976-666d4928ba01@fe4550c1-7a4f-4a62-ad1c-45e0afdf81a4.com\extensionData\plugins\182.js c:\users\SpeeD\AppData\Roaming\Mozilla\Firefox\Profiles\pfr39cfj.default\extensions\39ed7c16-185d-4f88-b976-666d4928ba01@fe4550c1-7a4f-4a62-ad1c-45e0afdf81a4.com\extensionData\plugins\183.js c:\users\SpeeD\AppData\Roaming\Mozilla\Firefox\Profiles\pfr39cfj.default\extensions\39ed7c16-185d-4f88-b976-666d4928ba01@fe4550c1-7a4f-4a62-ad1c-45e0afdf81a4.com\extensionData\plugins\184.js c:\users\SpeeD\AppData\Roaming\Mozilla\Firefox\Profiles\pfr39cfj.default\extensions\39ed7c16-185d-4f88-b976-666d4928ba01@fe4550c1-7a4f-4a62-ad1c-45e0afdf81a4.com\extensionData\plugins\193.js c:\users\SpeeD\AppData\Roaming\Mozilla\Firefox\Profiles\pfr39cfj.default\extensions\39ed7c16-185d-4f88-b976-666d4928ba01@fe4550c1-7a4f-4a62-ad1c-45e0afdf81a4.com\extensionData\plugins\195.js c:\users\SpeeD\AppData\Roaming\Mozilla\Firefox\Profiles\pfr39cfj.default\extensions\39ed7c16-185d-4f88-b976-666d4928ba01@fe4550c1-7a4f-4a62-ad1c-45e0afdf81a4.com\extensionData\plugins\207.js c:\users\SpeeD\AppData\Roaming\Mozilla\Firefox\Profiles\pfr39cfj.default\extensions\39ed7c16-185d-4f88-b976-666d4928ba01@fe4550c1-7a4f-4a62-ad1c-45e0afdf81a4.com\extensionData\plugins\21.js c:\users\SpeeD\AppData\Roaming\Mozilla\Firefox\Profiles\pfr39cfj.default\extensions\39ed7c16-185d-4f88-b976-666d4928ba01@fe4550c1-7a4f-4a62-ad1c-45e0afdf81a4.com\extensionData\plugins\22.js c:\users\SpeeD\AppData\Roaming\Mozilla\Firefox\Profiles\pfr39cfj.default\extensions\39ed7c16-185d-4f88-b976-666d4928ba01@fe4550c1-7a4f-4a62-ad1c-45e0afdf81a4.com\extensionData\plugins\220.js c:\users\SpeeD\AppData\Roaming\Mozilla\Firefox\Profiles\pfr39cfj.default\extensions\39ed7c16-185d-4f88-b976-666d4928ba01@fe4550c1-7a4f-4a62-ad1c-45e0afdf81a4.com\extensionData\plugins\221.js c:\users\SpeeD\AppData\Roaming\Mozilla\Firefox\Profiles\pfr39cfj.default\extensions\39ed7c16-185d-4f88-b976-666d4928ba01@fe4550c1-7a4f-4a62-ad1c-45e0afdf81a4.com\extensionData\plugins\223.js c:\users\SpeeD\AppData\Roaming\Mozilla\Firefox\Profiles\pfr39cfj.default\extensions\39ed7c16-185d-4f88-b976-666d4928ba01@fe4550c1-7a4f-4a62-ad1c-45e0afdf81a4.com\extensionData\plugins\226.js c:\users\SpeeD\AppData\Roaming\Mozilla\Firefox\Profiles\pfr39cfj.default\extensions\39ed7c16-185d-4f88-b976-666d4928ba01@fe4550c1-7a4f-4a62-ad1c-45e0afdf81a4.com\extensionData\plugins\246.js c:\users\SpeeD\AppData\Roaming\Mozilla\Firefox\Profiles\pfr39cfj.default\extensions\39ed7c16-185d-4f88-b976-666d4928ba01@fe4550c1-7a4f-4a62-ad1c-45e0afdf81a4.com\extensionData\plugins\28.js c:\users\SpeeD\AppData\Roaming\Mozilla\Firefox\Profiles\pfr39cfj.default\extensions\39ed7c16-185d-4f88-b976-666d4928ba01@fe4550c1-7a4f-4a62-ad1c-45e0afdf81a4.com\extensionData\plugins\4.js c:\users\SpeeD\AppData\Roaming\Mozilla\Firefox\Profiles\pfr39cfj.default\extensions\39ed7c16-185d-4f88-b976-666d4928ba01@fe4550c1-7a4f-4a62-ad1c-45e0afdf81a4.com\extensionData\plugins\47.js c:\users\SpeeD\AppData\Roaming\Mozilla\Firefox\Profiles\pfr39cfj.default\extensions\39ed7c16-185d-4f88-b976-666d4928ba01@fe4550c1-7a4f-4a62-ad1c-45e0afdf81a4.com\extensionData\plugins\64.js c:\users\SpeeD\AppData\Roaming\Mozilla\Firefox\Profiles\pfr39cfj.default\extensions\39ed7c16-185d-4f88-b976-666d4928ba01@fe4550c1-7a4f-4a62-ad1c-45e0afdf81a4.com\extensionData\plugins\7.js c:\users\SpeeD\AppData\Roaming\Mozilla\Firefox\Profiles\pfr39cfj.default\extensions\39ed7c16-185d-4f88-b976-666d4928ba01@fe4550c1-7a4f-4a62-ad1c-45e0afdf81a4.com\extensionData\plugins\72.js c:\users\SpeeD\AppData\Roaming\Mozilla\Firefox\Profiles\pfr39cfj.default\extensions\39ed7c16-185d-4f88-b976-666d4928ba01@fe4550c1-7a4f-4a62-ad1c-45e0afdf81a4.com\extensionData\plugins\78.js c:\users\SpeeD\AppData\Roaming\Mozilla\Firefox\Profiles\pfr39cfj.default\extensions\39ed7c16-185d-4f88-b976-666d4928ba01@fe4550c1-7a4f-4a62-ad1c-45e0afdf81a4.com\extensionData\plugins\9.js c:\users\SpeeD\AppData\Roaming\Mozilla\Firefox\Profiles\pfr39cfj.default\extensions\39ed7c16-185d-4f88-b976-666d4928ba01@fe4550c1-7a4f-4a62-ad1c-45e0afdf81a4.com\extensionData\plugins\91.js c:\users\SpeeD\AppData\Roaming\Mozilla\Firefox\Profiles\pfr39cfj.default\extensions\39ed7c16-185d-4f88-b976-666d4928ba01@fe4550c1-7a4f-4a62-ad1c-45e0afdf81a4.com\extensionData\plugins\93.js c:\users\SpeeD\AppData\Roaming\Mozilla\Firefox\Profiles\pfr39cfj.default\extensions\39ed7c16-185d-4f88-b976-666d4928ba01@fe4550c1-7a4f-4a62-ad1c-45e0afdf81a4.com\extensionData\plugins\98.js c:\users\SpeeD\AppData\Roaming\Mozilla\Firefox\Profiles\pfr39cfj.default\extensions\39ed7c16-185d-4f88-b976-666d4928ba01@fe4550c1-7a4f-4a62-ad1c-45e0afdf81a4.com\extensionData\userCode\background.js c:\users\SpeeD\AppData\Roaming\Mozilla\Firefox\Profiles\pfr39cfj.default\extensions\39ed7c16-185d-4f88-b976-666d4928ba01@fe4550c1-7a4f-4a62-ad1c-45e0afdf81a4.com\extensionData\userCode\extension.js c:\users\SpeeD\AppData\Roaming\Mozilla\Firefox\Profiles\pfr39cfj.default\extensions\39ed7c16-185d-4f88-b976-666d4928ba01@fe4550c1-7a4f-4a62-ad1c-45e0afdf81a4.com\install.rdf c:\users\SpeeD\AppData\Roaming\Mozilla\Firefox\Profiles\pfr39cfj.default\extensions\39ed7c16-185d-4f88-b976-666d4928ba01@fe4550c1-7a4f-4a62-ad1c-45e0afdf81a4.com\locale\en-US\translations.dtd c:\users\SpeeD\AppData\Roaming\Mozilla\Firefox\Profiles\pfr39cfj.default\extensions\39ed7c16-185d-4f88-b976-666d4928ba01@fe4550c1-7a4f-4a62-ad1c-45e0afdf81a4.com\skin\button1.png c:\users\SpeeD\AppData\Roaming\Mozilla\Firefox\Profiles\pfr39cfj.default\extensions\39ed7c16-185d-4f88-b976-666d4928ba01@fe4550c1-7a4f-4a62-ad1c-45e0afdf81a4.com\skin\button2.png c:\users\SpeeD\AppData\Roaming\Mozilla\Firefox\Profiles\pfr39cfj.default\extensions\39ed7c16-185d-4f88-b976-666d4928ba01@fe4550c1-7a4f-4a62-ad1c-45e0afdf81a4.com\skin\button3.png c:\users\SpeeD\AppData\Roaming\Mozilla\Firefox\Profiles\pfr39cfj.default\extensions\39ed7c16-185d-4f88-b976-666d4928ba01@fe4550c1-7a4f-4a62-ad1c-45e0afdf81a4.com\skin\button4.png c:\users\SpeeD\AppData\Roaming\Mozilla\Firefox\Profiles\pfr39cfj.default\extensions\39ed7c16-185d-4f88-b976-666d4928ba01@fe4550c1-7a4f-4a62-ad1c-45e0afdf81a4.com\skin\button5.png c:\users\SpeeD\AppData\Roaming\Mozilla\Firefox\Profiles\pfr39cfj.default\extensions\39ed7c16-185d-4f88-b976-666d4928ba01@fe4550c1-7a4f-4a62-ad1c-45e0afdf81a4.com\skin\crossrider_statusbar.png c:\users\SpeeD\AppData\Roaming\Mozilla\Firefox\Profiles\pfr39cfj.default\extensions\39ed7c16-185d-4f88-b976-666d4928ba01@fe4550c1-7a4f-4a62-ad1c-45e0afdf81a4.com\skin\icon128.png c:\users\SpeeD\AppData\Roaming\Mozilla\Firefox\Profiles\pfr39cfj.default\extensions\39ed7c16-185d-4f88-b976-666d4928ba01@fe4550c1-7a4f-4a62-ad1c-45e0afdf81a4.com\skin\icon16.png c:\users\SpeeD\AppData\Roaming\Mozilla\Firefox\Profiles\pfr39cfj.default\extensions\39ed7c16-185d-4f88-b976-666d4928ba01@fe4550c1-7a4f-4a62-ad1c-45e0afdf81a4.com\skin\icon24.png c:\users\SpeeD\AppData\Roaming\Mozilla\Firefox\Profiles\pfr39cfj.default\extensions\39ed7c16-185d-4f88-b976-666d4928ba01@fe4550c1-7a4f-4a62-ad1c-45e0afdf81a4.com\skin\icon48.png c:\users\SpeeD\AppData\Roaming\Mozilla\Firefox\Profiles\pfr39cfj.default\extensions\39ed7c16-185d-4f88-b976-666d4928ba01@fe4550c1-7a4f-4a62-ad1c-45e0afdf81a4.com\skin\panelarrow-up.png c:\users\SpeeD\AppData\Roaming\Mozilla\Firefox\Profiles\pfr39cfj.default\extensions\39ed7c16-185d-4f88-b976-666d4928ba01@fe4550c1-7a4f-4a62-ad1c-45e0afdf81a4.com\skin\popup.html c:\users\SpeeD\AppData\Roaming\Mozilla\Firefox\Profiles\pfr39cfj.default\extensions\39ed7c16-185d-4f88-b976-666d4928ba01@fe4550c1-7a4f-4a62-ad1c-45e0afdf81a4.com\skin\skin.css c:\users\SpeeD\AppData\Roaming\Mozilla\Firefox\Profiles\pfr39cfj.default\extensions\39ed7c16-185d-4f88-b976-666d4928ba01@fe4550c1-7a4f-4a62-ad1c-45e0afdf81a4.com\skin\update.css c:\users\SpeeD\Hamachi_Downloader.exe c:\windows\IsUn0415.exe c:\windows\SysWow64\Config.cfg c:\windows\SysWow64\DEBUG.log c:\windows\SysWow64\tmp7ED3.tmp c:\windows\SysWow64\tmp7F03.tmp c:\windows\SysWOW64mfc45.dll . . ((((((((((((((((((((((((( Pliki utworzone od 2014-04-01 do 2014-05-01 ))))))))))))))))))))))))))))))) . . 2014-05-01 11:26 . 2014-05-01 11:26 -------- d-----w- c:\users\Default\AppData\Local\temp 2014-05-01 10:46 . 2014-05-01 10:46 -------- d-----w- c:\users\SpeeD\AppData\Roaming\PowerISO 2014-05-01 10:45 . 2014-02-03 06:45 129944 ----a-w- c:\windows\system32\drivers\scdemu.sys 2014-05-01 10:45 . 2014-05-01 10:45 -------- d-----w- c:\program files (x86)\PowerISO 2014-04-25 16:09 . 2014-04-25 16:09 -------- d-----w- c:\users\SpeeD\AppData\Roaming\Comodo 2014-04-25 12:52 . 2014-04-25 12:52 -------- d-----w- c:\programdata\Comodo Downloader 2014-04-25 12:50 . 2014-04-25 12:50 -------- d-----w- c:\programdata\Shared Space 2014-04-25 12:49 . 2014-03-25 19:22 352984 ----a-w- c:\windows\system32\cmdvrt64.dll 2014-04-25 12:49 . 2014-03-25 19:22 45784 ----a-w- c:\windows\system32\cmdkbd64.dll 2014-04-25 12:49 . 2014-03-25 19:22 284888 ----a-w- c:\windows\SysWow64\cmdvrt32.dll 2014-04-25 12:49 . 2014-03-25 19:22 40664 ----a-w- c:\windows\SysWow64\cmdkbd32.dll 2014-04-06 08:14 . 2014-04-06 08:14 -------- d-----w- c:\programdata\RegClean 2014-04-05 18:40 . 2014-04-05 18:40 -------- d-----w- c:\program files (x86)\Tetriz 2014-04-05 18:35 . 2014-04-05 18:35 -------- d-----w- c:\program files (x86)\Tetris 2014-04-05 18:35 . 2014-04-05 18:35 -------- d-----w- c:\users\SpeeD\AppData\Local\Math Problem Solver 2014-04-05 18:35 . 2014-04-05 18:36 -------- d-----w- c:\users\SpeeD\AppData\Local\WebPlayer 2014-04-05 18:32 . 2014-04-05 18:32 -------- d-----w- c:\program files (x86)\TryMedia 2014-04-05 18:31 . 2014-04-05 18:31 -------- d-----w- c:\program files (x86)\Alawar 2014-04-05 18:31 . 2000-03-06 22:00 278581 ----a-w- c:\windows\SysWow64\temp.000 . . . (((((((((((((((((((((((((((((((((((((((( Sekcja Find3M )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2014-04-16 21:12 . 2011-12-19 17:59 105552 ----a-w- c:\windows\system32\drivers\inspect.sys 2014-04-16 21:12 . 2011-12-19 17:59 48360 ----a-w- c:\windows\system32\drivers\cmdhlp.sys 2014-04-16 21:12 . 2012-01-17 20:00 738472 ----a-w- c:\windows\system32\drivers\cmdGuard.sys 2014-04-16 21:12 . 2011-12-19 17:59 23168 ----a-w- c:\windows\system32\drivers\cmderd.sys 2014-04-14 07:43 . 2012-02-28 18:29 281768 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr 2014-04-14 07:43 . 2012-02-28 16:04 281768 ----a-w- c:\windows\SysWow64\PnkBstrB.exe 2014-04-14 07:41 . 2012-02-28 16:04 282472 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0 2014-03-25 19:22 . 2011-12-19 17:58 43216 ----a-w- c:\windows\system32\cmdcsr.dll 2014-03-25 19:22 . 2011-12-19 17:58 363504 ----a-w- c:\windows\SysWow64\guard32.dll 2014-03-25 19:22 . 2011-12-19 17:58 453680 ----a-w- c:\windows\system32\guard64.dll 2014-03-15 05:43 . 2012-03-29 14:29 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2014-03-15 05:43 . 2012-02-22 17:39 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl . . ((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RocketDock"="c:\program files (x86)\RocketDock\RocketDock.exe" [2007-09-02 495616] "DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2013-08-01 3673696] "Spotify Web Helper"="c:\users\SpeeD\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2014-04-15 1171000] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "LogitechVideoTray"="c:\program files (x86)\Logitech\Video\LogiTray.exe" [2005-06-08 217088] "amd_dc_opt"="c:\program files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2008-07-22 77824] "VolPanel"="c:\program files (x86)\Creative\Volume Panel\VolPanlu.exe" [2010-02-18 241789] "CTxfiHlp"="CTXFIHLP.EXE" [2011-08-22 25600] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904] "tvncontrol"="c:\program files (x86)\Common Files\COMODO\GeekBuddyRSP.exe" [2014-02-27 2327248] "PWRISOVM.EXE"="c:\program files (x86)\PowerISO\PWRISOVM.EXE" [2014-02-03 337432] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce] "SpUninstallCleanUp"="REG delete HKEY_LOCAL_MACHINE\Software\SearchProtect" [X] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CtxfiReg"="CTXFIREG.exe" [2011-08-22 47104] . c:\users\SpeeD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Pidgin.lnk - c:\program files (x86)\Pidgin\pidgin.exe [2014-2-3 60216] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 0 (0x0) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) "PromptOnSecureDesktop"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows] "LoadAppInit_DLLs"=1 (0x1) . R1 CFRMD;CFRMD;c:\windows\system32\DRIVERS\CFRMD.sys;c:\windows\SYSNATIVE\DRIVERS\CFRMD.sys [x] R1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\DRIVERS\cmdguard.sys;c:\windows\SYSNATIVE\DRIVERS\cmdguard.sys [x] R1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\DRIVERS\cmdhlp.sys;c:\windows\SYSNATIVE\DRIVERS\cmdhlp.sys [x] R1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys;c:\windows\SYSNATIVE\DRIVERS\eamonm.sys [x] R1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys;c:\windows\SYSNATIVE\DRIVERS\ehdrv.sys [x] R1 ElRawDisk;ElRawDisk;c:\windows\system32\drivers\ElRawDsk.sys;c:\windows\SYSNATIVE\drivers\ElRawDsk.sys [x] R2 CLPSLauncher;COMODO LPS Launcher;c:\program files (x86)\Common Files\COMODO\launcher_service.exe;c:\program files (x86)\Common Files\COMODO\launcher_service.exe [x] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x] R2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe;c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [x] R2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys;c:\windows\SYSNATIVE\DRIVERS\epfwwfpr.sys [x] R2 GeekBuddyRSP;GeekBuddyRSP Server;c:\program files (x86)\Common Files\COMODO\GeekBuddyRSP.exe;c:\program files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [x] R2 HiPatchService;Hi-Rez Studios Authenticate and Update Service;e:\hi-rez studios\HiPatchService.exe;e:\hi-rez studios\HiPatchService.exe [x] R2 KMService;KMService;c:\windows\system32\srvany.exe;c:\windows\SYSNATIVE\srvany.exe [x] R2 LVPrcS64;Process Monitor;c:\program files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe;c:\program files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe [x] R2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [x] R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x] R2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x] R2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x] R3 cmdvirth;COMODO Virtual Service Manager;c:\program files\COMODO\COMODO Internet Security\cmdvirth.exe;c:\program files\COMODO\COMODO Internet Security\cmdvirth.exe [x] R3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe;c:\program files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [x] R3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [x] R3 CT20XUT.SYS;CT20XUT.SYS;c:\windows\System32\drivers\CT20XUT.SYS;c:\windows\SYSNATIVE\drivers\CT20XUT.SYS [x] R3 CT20XUT;CT20XUT;c:\windows\system32\drivers\CT20XUT.SYS;c:\windows\SYSNATIVE\drivers\CT20XUT.SYS [x] R3 CTEXFIFX.SYS;CTEXFIFX.SYS;c:\windows\System32\drivers\CTEXFIFX.SYS;c:\windows\SYSNATIVE\drivers\CTEXFIFX.SYS [x] R3 CTEXFIFX;CTEXFIFX;c:\windows\system32\drivers\CTEXFIFX.SYS;c:\windows\SYSNATIVE\drivers\CTEXFIFX.SYS [x] R3 CTHWIUT.SYS;CTHWIUT.SYS;c:\windows\System32\drivers\CTHWIUT.SYS;c:\windows\SYSNATIVE\drivers\CTHWIUT.SYS [x] R3 CTHWIUT;CTHWIUT;c:\windows\system32\drivers\CTHWIUT.SYS;c:\windows\SYSNATIVE\drivers\CTHWIUT.SYS [x] R3 CYUSB;Cypress Generic USB Driver;c:\windows\system32\Drivers\CYUSB.sys;c:\windows\SYSNATIVE\Drivers\CYUSB.sys [x] R3 DAdderFltr;DeathAdder Mouse;c:\windows\system32\drivers\dadder.sys;c:\windows\SYSNATIVE\drivers\dadder.sys [x] R3 DKRtWrt;DKRtWrt;c:\windows\system32\DRIVERS\DKRtWrt.sys;c:\windows\SYSNATIVE\DRIVERS\DKRtWrt.sys [x] R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x] R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys;c:\windows\SYSNATIVE\drivers\EagleX64.sys [x] R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys;c:\windows\SYSNATIVE\DRIVERS\ggflt.sys [x] R3 LVPr2M64;Logitech LVPr2M64 Driver;c:\windows\system32\DRIVERS\LVPr2M64.sys;c:\windows\SYSNATIVE\DRIVERS\LVPr2M64.sys [x] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x] R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x] R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x] R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x] R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x] R3 Sony PC Companion;Sony PC Companion;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe [x] R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x] R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys;c:\windows\SYSNATIVE\drivers\terminpt.sys [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x] R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x] R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x] R3 usj;usj;e:\edeneternal\avital\ussjcs64.sys;e:\edeneternal\avital\ussjcs64.sys [x] R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x] R3 VKbms;Razer Gaming Device;c:\windows\system32\DRIVERS\VKbms.sys;c:\windows\SYSNATIVE\DRIVERS\VKbms.sys [x] R3 vtany;vtany;c:\windows\vtany.sys;c:\windows\vtany.sys [x] R3 X6va008;X6va008;c:\windows\SysWOW64\Drivers\X6va008;c:\windows\SysWOW64\Drivers\X6va008 [x] R3 xhunter1;xhunter1;c:\windows\xhunter1.sys;c:\windows\xhunter1.sys [x] R3 xsherlock;xsherlock;c:\windows\system32\xsherlock.xem;c:\windows\SYSNATIVE\xsherlock.xem [x] R4 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe;c:\program files (x86)\Nero\Update\NASvc.exe [x] R4 OverwolfUpdaterService;Overwolf Updater Service;c:\program files (x86)\Overwolf\OverwolfUpdater.exe;c:\program files (x86)\Overwolf\OverwolfUpdater.exe [x] R4 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x] S0 DKDFM;Device Filter Manager Driver;c:\windows\system32\drivers\DKDFM.sys;c:\windows\SYSNATIVE\drivers\DKDFM.sys [x] S0 DKTLFSMF;Telemetry File System Mini Filter Driver;c:\windows\system32\drivers\DKTLFSMF.sys;c:\windows\SYSNATIVE\drivers\DKTLFSMF.sys [x] S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x] S3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\DRIVERS\seehcri.sys;c:\windows\SYSNATIVE\DRIVERS\seehcri.sys [x] . . Zawartość folderu 'Zaplanowane zadania' . 2014-03-15 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-29 05:43] . 2014-04-02 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2571726066-3588051560-1139401512-1000Core1cf4ebdac5d6cc0.job - c:\users\SpeeD\AppData\Local\Google\Update\GoogleUpdate.exe [2012-05-07 14:34] . 2012-06-28 c:\windows\Tasks\RunOW.job - c:\program files (x86)\Overwolf\OverwolfLauncher.exe [2012-06-21 15:40] . 2014-05-01 c:\windows\Tasks\SidebarExecute.job - c:\program files\Windows Sidebar\sidebar.exe [2010-11-21 03:24] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cistray.exe" [2014-03-25 1275608] "NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-01-21 2234144] "egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2013-09-12 5618456] . ------- Skan uzupełniający ------- . uLocal Page = c:\windows\system32\blank.htm mLocal Page = c:\windows\SysWOW64\blank.htm uInternet Settings,ProxyOverride = IE: E&ksportuj do programu Microsoft Excel - e:\micros~1\Office14\EXCEL.EXE/3000 IE: {{07BA1DA9-F501-4796-8728-74D1B91A6CD5} - c:\program files (x86)\PokerStars.EU\PokerStarsUpdate.exe TCP: DhcpNameServer = 87.204.204.204 62.233.233.233 DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} - hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab FF - ProfilePath - c:\users\SpeeD\AppData\Roaming\Mozilla\Firefox\Profiles\pfr39cfj.default\ FF - prefs.js: browser.search.defaulturl - FF - prefs.js: browser.search.selectedEngine - FF - prefs.js: browser.startup.homepage - about:home . . ------- Skojarzenia plików ------- . JSEFile=NOTEPAD.EXE %1 . - - - - USUNIĘTO PUSTE WPISY - - - - . BHO-{11111111-1111-1111-1111-110411851159} - (no file) AddRemove-Car Tycoon - c:\windows\IsUn0415.exe AddRemove-{81BF6353-3C5B-4E6E-A566-7E162A00BF72}_is1 - c:\users\SpeeD\AppData\Local\unins000.exe AddRemove-BankBrowser - c:\users\SpeeD\AppData\Local\Opera\Opera\temporary_downloads\bankbrowser_3_6.exe AddRemove-Hawken - e:\meteorentertainment\Hawken\Uninstall.exe AddRemove-RIFT - e:\rift\riftuninstall.exe AddRemove-PlanetSide 2 PSG - e:\planetside 2 psg\Uninstaller.exe AddRemove-SOE-EverQuest II - e:\everquest ii\Uninstaller.exe . . "ImagePath"="\"c:\program files\COMODO\COMODO Internet Security\cmdagent.exe\"" "Filename"="HKLM\SYSTEM\ControlSet001\services\PnkBstrB\ImagePath" "ImagePath"="\"c:\program files\COMODO\COMODO Internet Security\cmdagent.exe\"" "Filename"="HKLM\SYSTEM\ControlSet001\services\PnkBstrB\ImagePath" "DeviceName"="HKLM\SYSTEM\ControlSet001\services\PnkBstrB\ImagePath" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\X6va008] "ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va008" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\xsherlock] "ImagePath"="c:\windows\system32\xsherlock.xem" . --------------------- ZABLOKOWANE KLUCZE REJESTRU --------------------- . [HKEY_USERS\S-1-5-21-2571726066-3588051560-1139401512-1000\Software\SecuROM\License information*] "datasecu"=hex:e7,9f,17,54,2c,2c,53,a8,49,c9,7e,23,a8,02,f4,6c,13,20,ef,76,25, ae,9b,ba,b5,52,6a,ec,0e,e7,97,46,3f,15,f7,c7,e4,82,7e,4d,b7,e9,c2,d3,f9,eb,\ "rkeysecu"=hex:86,f2,7a,6d,1f,d6,fc,9a,c0,be,29,a8,1b,5e,71,92 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_175_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_175_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_8_800_175_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_8_800_175_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_175.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.11" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_175.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_175.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_175.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\COMODO\CIS\Installer\Sym_Cam\CIS] "SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79, 00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\ . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\cmdAgent\Mode\Configurations] "SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79, 00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,59,00,53,00,\ . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\cmdAgent\Mode\Data] "SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79, 00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\ . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\cmdAgent\Mode\Options] "SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79, 00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\ . [HKEY_LOCAL_MACHINE\SYSTEM\Software\COMODO\Cam] "SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79, 00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\ . [HKEY_LOCAL_MACHINE\SYSTEM\Software\COMODO\Firewall Pro] "SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79, 00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,59,00,53,00,\ . Czas ukończenia: 2014-05-01 13:28:03 ComboFix-quarantined-files.txt 2014-05-01 11:28 . Przed: 32 079 343 616 bajtów wolnych Po: 31 546 482 688 bajtów wolnych . - - End Of File - - 6BB172535845EE3E0AD482561250BD55 A36C5E4F47E84449FF07ED3517B43A31