ComboFix 14-11-12.01 - Jakub 2014-11-12 20:26:50.3.2 - x64 Microsoft Windows 8 6.2.9200.0.1250.48.1045.18.3988.2362 [GMT 1:00] Uruchomiony z: c:\users\Jakub\Downloads\ComboFix.exe AV: Norton Internet Security *Disabled/Outdated* {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB} AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: Norton Internet Security *Disabled* {E04423E5-BF49-76E9-FDB3-A7EAC7E589A0} SP: Norton Internet Security *Disabled/Outdated* {631E4324-D31C-783F-EC5C-35AD42B18466} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((((((((((((((((( Usunięto ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\program files (x86)\GGoSave c:\program files (x86)\GGoSave\ghatrWl2iCuQDz.dat c:\program files (x86)\GGoSave\ghatrWl2iCuQDz.dll c:\program files (x86)\GGoSave\ghatrWl2iCuQDz.tlb c:\program files (x86)\GGoSave\ghatrWl2iCuQDz.x64.dll c:\program files (x86)\GS_Booster c:\program files (x86)\GS_Booster\Assistant.dll c:\program files (x86)\GS_Booster\Assistant_x64.dll c:\program files (x86)\GS_Booster\AssistantSvc.dll c:\program files (x86)\LiveSupport c:\program files (x86)\LiveSupport\LiveSupport.exe c:\program files (x86)\LiveSupport\LiveSupport_deskband_x32.dll c:\program files (x86)\LiveSupport\LiveSupport_deskband_x64.dll c:\program files (x86)\LiveSupport\unins000.dat c:\program files (x86)\LiveSupport\unins000.exe c:\program files (x86)\LiveSupport\unins000.msg c:\program files (x86)\YooutubeeAdBlockeu c:\program files (x86)\YooutubeeAdBlockeu\7BdZ9oQlEZNXLu.dat c:\program files (x86)\YooutubeeAdBlockeu\7BdZ9oQlEZNXLu.dll c:\program files (x86)\YooutubeeAdBlockeu\7BdZ9oQlEZNXLu.tlb c:\program files (x86)\YooutubeeAdBlockeu\7BdZ9oQlEZNXLu.x64.dll c:\programdata\DeleteAd c:\programdata\DeleteAd\DeleteAd.exe c:\programdata\FIndBEstDeaili c:\programdata\FIndBEstDeaili\Zosc8qp3Jjhz5D.dat c:\programdata\FIndBEstDeaili\Zosc8qp3Jjhz5D.dll c:\programdata\FIndBEstDeaili\Zosc8qp3Jjhz5D.exe c:\programdata\FIndBEstDeaili\Zosc8qp3Jjhz5D.tlb c:\programdata\FIndBEstDeaili\Zosc8qp3Jjhz5D.x64.dll c:\programdata\GGoSave c:\programdata\GGoSave\YmXx533xpcbPZQl.dat c:\programdata\GGoSave\YmXx533xpcbPZQl.exe c:\programdata\GGoSAvEE c:\programdata\GGoSAvEE\d3J1j3rzfHg5Ar.dat c:\programdata\GGoSAvEE\d3J1j3rzfHg5Ar.dll c:\programdata\GGoSAvEE\d3J1j3rzfHg5Ar.exe c:\programdata\GGoSAvEE\d3J1j3rzfHg5Ar.tlb c:\programdata\GGoSAvEE\d3J1j3rzfHg5Ar.x64.dll c:\programdata\ntuser.pol c:\programdata\SaveerExttensiionu c:\programdata\SaveerExttensiionu\qnb0vQVWC2v1sc.dat c:\programdata\SaveerExttensiionu\qnb0vQVWC2v1sc.dll c:\programdata\SaveerExttensiionu\qnb0vQVWC2v1sc.exe c:\programdata\SaveerExttensiionu\qnb0vQVWC2v1sc.tlb c:\programdata\SaveerExttensiionu\qnb0vQVWC2v1sc.x64.dll c:\programdata\SaverExtension c:\programdata\SaverExtension\47FtM2b8KBJDZN.dat c:\programdata\SaverExtension\47FtM2b8KBJDZN.dll c:\programdata\SaverExtension\47FtM2b8KBJDZN.exe c:\programdata\SaverExtension\47FtM2b8KBJDZN.tlb c:\programdata\SaverExtension\47FtM2b8KBJDZN.x64.dll c:\programdata\Trusted Publisher\GS_Booster c:\programdata\Trusted Publisher\GS_Booster\576482620.ini c:\programdata\Trusted Publisher\GS_Booster\576482620\BITFFC8.tmp c:\programdata\Trusted Publisher\GS_Booster\576482620\XDNFF9A.tmp c:\programdata\Trusted Publisher\GS_Booster\GS_Booster.exe c:\programdata\YooutubeeAdBlockeu c:\programdata\YooutubeeAdBlockeu\xyJGWlpGhK4oRdA.dat c:\programdata\YooutubeeAdBlockeu\xyJGWlpGhK4oRdA.exe c:\users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\bdfnieppndfdhcgbmhfdlgdjegclkomk c:\users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\bdfnieppndfdhcgbmhfdlgdjegclkomk\138\background.html c:\users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\bdfnieppndfdhcgbmhfdlgdjegclkomk\138\content.js c:\users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\bdfnieppndfdhcgbmhfdlgdjegclkomk\138\lsdb.js c:\users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\bdfnieppndfdhcgbmhfdlgdjegclkomk\138\manifest.json c:\users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\bdfnieppndfdhcgbmhfdlgdjegclkomk\138\ZoOnJ6tbo7.js c:\users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\jbkonlmnpkcdmhclejmhociifggpfmno c:\users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\jbkonlmnpkcdmhclejmhociifggpfmno\2.0\background.html c:\users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\jbkonlmnpkcdmhclejmhociifggpfmno\2.0\content.js c:\users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\jbkonlmnpkcdmhclejmhociifggpfmno\2.0\KLWGSWc.js c:\users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\jbkonlmnpkcdmhclejmhociifggpfmno\2.0\lsdb.js c:\users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\jbkonlmnpkcdmhclejmhociifggpfmno\2.0\manifest.json c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bdfnieppndfdhcgbmhfdlgdjegclkomk c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bdfnieppndfdhcgbmhfdlgdjegclkomk\138\background.html c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bdfnieppndfdhcgbmhfdlgdjegclkomk\138\content.js c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bdfnieppndfdhcgbmhfdlgdjegclkomk\138\lsdb.js c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bdfnieppndfdhcgbmhfdlgdjegclkomk\138\manifest.json c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bdfnieppndfdhcgbmhfdlgdjegclkomk\138\ZoOnJ6tbo7.js c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\jbkonlmnpkcdmhclejmhociifggpfmno c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\jbkonlmnpkcdmhclejmhociifggpfmno\2.0\background.html c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\jbkonlmnpkcdmhclejmhociifggpfmno\2.0\content.js c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\jbkonlmnpkcdmhclejmhociifggpfmno\2.0\KLWGSWc.js c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\jbkonlmnpkcdmhclejmhociifggpfmno\2.0\lsdb.js c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\jbkonlmnpkcdmhclejmhociifggpfmno\2.0\manifest.json c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bdfnieppndfdhcgbmhfdlgdjegclkomk c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bdfnieppndfdhcgbmhfdlgdjegclkomk\138\background.html c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bdfnieppndfdhcgbmhfdlgdjegclkomk\138\content.js c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bdfnieppndfdhcgbmhfdlgdjegclkomk\138\lsdb.js c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bdfnieppndfdhcgbmhfdlgdjegclkomk\138\manifest.json c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bdfnieppndfdhcgbmhfdlgdjegclkomk\138\ZoOnJ6tbo7.js c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\jbkonlmnpkcdmhclejmhociifggpfmno c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\jbkonlmnpkcdmhclejmhociifggpfmno\2.0\background.html c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\jbkonlmnpkcdmhclejmhociifggpfmno\2.0\content.js c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\jbkonlmnpkcdmhclejmhociifggpfmno\2.0\KLWGSWc.js c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\jbkonlmnpkcdmhclejmhociifggpfmno\2.0\lsdb.js c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\jbkonlmnpkcdmhclejmhociifggpfmno\2.0\manifest.json c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\bdfnieppndfdhcgbmhfdlgdjegclkomk c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\bdfnieppndfdhcgbmhfdlgdjegclkomk\138\background.html c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\bdfnieppndfdhcgbmhfdlgdjegclkomk\138\content.js c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\bdfnieppndfdhcgbmhfdlgdjegclkomk\138\lsdb.js c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\bdfnieppndfdhcgbmhfdlgdjegclkomk\138\manifest.json c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\bdfnieppndfdhcgbmhfdlgdjegclkomk\138\ZoOnJ6tbo7.js c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbkonlmnpkcdmhclejmhociifggpfmno c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbkonlmnpkcdmhclejmhociifggpfmno\2.0\background.html c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbkonlmnpkcdmhclejmhociifggpfmno\2.0\content.js c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbkonlmnpkcdmhclejmhociifggpfmno\2.0\KLWGSWc.js c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbkonlmnpkcdmhclejmhociifggpfmno\2.0\lsdb.js c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbkonlmnpkcdmhclejmhociifggpfmno\2.0\manifest.json c:\users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\bdfnieppndfdhcgbmhfdlgdjegclkomk c:\users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\bdfnieppndfdhcgbmhfdlgdjegclkomk\138\background.html c:\users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\bdfnieppndfdhcgbmhfdlgdjegclkomk\138\content.js c:\users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\bdfnieppndfdhcgbmhfdlgdjegclkomk\138\lsdb.js c:\users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\bdfnieppndfdhcgbmhfdlgdjegclkomk\138\manifest.json c:\users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\bdfnieppndfdhcgbmhfdlgdjegclkomk\138\ZoOnJ6tbo7.js c:\users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\jbkonlmnpkcdmhclejmhociifggpfmno c:\users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\jbkonlmnpkcdmhclejmhociifggpfmno\2.0\background.html c:\users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\jbkonlmnpkcdmhclejmhociifggpfmno\2.0\content.js c:\users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\jbkonlmnpkcdmhclejmhociifggpfmno\2.0\KLWGSWc.js c:\users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\jbkonlmnpkcdmhclejmhociifggpfmno\2.0\lsdb.js c:\users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\jbkonlmnpkcdmhclejmhociifggpfmno\2.0\manifest.json c:\users\Gość\AppData\Local\Chromatic Browser\User Data\Default\Extensions\bdfnieppndfdhcgbmhfdlgdjegclkomk\138\background.html c:\users\Gość\AppData\Local\Chromatic Browser\User Data\Default\Extensions\bdfnieppndfdhcgbmhfdlgdjegclkomk\138\content.js c:\users\Gość\AppData\Local\Chromatic Browser\User Data\Default\Extensions\bdfnieppndfdhcgbmhfdlgdjegclkomk\138\lsdb.js c:\users\Gość\AppData\Local\Chromatic Browser\User Data\Default\Extensions\bdfnieppndfdhcgbmhfdlgdjegclkomk\138\manifest.json c:\users\Gość\AppData\Local\Chromatic Browser\User Data\Default\Extensions\bdfnieppndfdhcgbmhfdlgdjegclkomk\138\ZoOnJ6tbo7.js c:\users\Gość\AppData\Local\Chromatic Browser\User Data\Default\Extensions\jbkonlmnpkcdmhclejmhociifggpfmno\2.0\background.html c:\users\Gość\AppData\Local\Chromatic Browser\User Data\Default\Extensions\jbkonlmnpkcdmhclejmhociifggpfmno\2.0\content.js c:\users\Gość\AppData\Local\Chromatic Browser\User Data\Default\Extensions\jbkonlmnpkcdmhclejmhociifggpfmno\2.0\KLWGSWc.js c:\users\Gość\AppData\Local\Chromatic Browser\User Data\Default\Extensions\jbkonlmnpkcdmhclejmhociifggpfmno\2.0\lsdb.js c:\users\Gość\AppData\Local\Chromatic Browser\User Data\Default\Extensions\jbkonlmnpkcdmhclejmhociifggpfmno\2.0\manifest.json c:\users\Gość\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bdfnieppndfdhcgbmhfdlgdjegclkomk\138\background.html c:\users\Gość\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bdfnieppndfdhcgbmhfdlgdjegclkomk\138\content.js c:\users\Gość\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bdfnieppndfdhcgbmhfdlgdjegclkomk\138\lsdb.js c:\users\Gość\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bdfnieppndfdhcgbmhfdlgdjegclkomk\138\manifest.json c:\users\Gość\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bdfnieppndfdhcgbmhfdlgdjegclkomk\138\ZoOnJ6tbo7.js c:\users\Gość\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\jbkonlmnpkcdmhclejmhociifggpfmno\2.0\background.html c:\users\Gość\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\jbkonlmnpkcdmhclejmhociifggpfmno\2.0\content.js c:\users\Gość\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\jbkonlmnpkcdmhclejmhociifggpfmno\2.0\KLWGSWc.js c:\users\Gość\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\jbkonlmnpkcdmhclejmhociifggpfmno\2.0\lsdb.js c:\users\Gość\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\jbkonlmnpkcdmhclejmhociifggpfmno\2.0\manifest.json c:\users\Gość\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bdfnieppndfdhcgbmhfdlgdjegclkomk\138\background.html c:\users\Gość\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bdfnieppndfdhcgbmhfdlgdjegclkomk\138\content.js c:\users\Gość\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bdfnieppndfdhcgbmhfdlgdjegclkomk\138\lsdb.js c:\users\Gość\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bdfnieppndfdhcgbmhfdlgdjegclkomk\138\manifest.json c:\users\Gość\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bdfnieppndfdhcgbmhfdlgdjegclkomk\138\ZoOnJ6tbo7.js c:\users\Gość\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\jbkonlmnpkcdmhclejmhociifggpfmno\2.0\background.html c:\users\Gość\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\jbkonlmnpkcdmhclejmhociifggpfmno\2.0\content.js c:\users\Gość\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\jbkonlmnpkcdmhclejmhociifggpfmno\2.0\KLWGSWc.js c:\users\Gość\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\jbkonlmnpkcdmhclejmhociifggpfmno\2.0\lsdb.js c:\users\Gość\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\jbkonlmnpkcdmhclejmhociifggpfmno\2.0\manifest.json c:\users\Gość\AppData\Local\Google\Chrome\User Data\Default\Extensions\bdfnieppndfdhcgbmhfdlgdjegclkomk\138\background.html c:\users\Gość\AppData\Local\Google\Chrome\User Data\Default\Extensions\bdfnieppndfdhcgbmhfdlgdjegclkomk\138\content.js c:\users\Gość\AppData\Local\Google\Chrome\User Data\Default\Extensions\bdfnieppndfdhcgbmhfdlgdjegclkomk\138\lsdb.js c:\users\Gość\AppData\Local\Google\Chrome\User Data\Default\Extensions\bdfnieppndfdhcgbmhfdlgdjegclkomk\138\manifest.json c:\users\Gość\AppData\Local\Google\Chrome\User Data\Default\Extensions\bdfnieppndfdhcgbmhfdlgdjegclkomk\138\ZoOnJ6tbo7.js c:\users\Gość\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbkonlmnpkcdmhclejmhociifggpfmno\2.0\background.html c:\users\Gość\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbkonlmnpkcdmhclejmhociifggpfmno\2.0\content.js c:\users\Gość\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbkonlmnpkcdmhclejmhociifggpfmno\2.0\KLWGSWc.js c:\users\Gość\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbkonlmnpkcdmhclejmhociifggpfmno\2.0\lsdb.js c:\users\Gość\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbkonlmnpkcdmhclejmhociifggpfmno\2.0\manifest.json c:\users\Gość\AppData\Local\Torch\User Data\Default\Extensions\bdfnieppndfdhcgbmhfdlgdjegclkomk\138\background.html c:\users\Gość\AppData\Local\Torch\User Data\Default\Extensions\bdfnieppndfdhcgbmhfdlgdjegclkomk\138\content.js c:\users\Gość\AppData\Local\Torch\User Data\Default\Extensions\bdfnieppndfdhcgbmhfdlgdjegclkomk\138\lsdb.js c:\users\Gość\AppData\Local\Torch\User Data\Default\Extensions\bdfnieppndfdhcgbmhfdlgdjegclkomk\138\manifest.json c:\users\Gość\AppData\Local\Torch\User Data\Default\Extensions\bdfnieppndfdhcgbmhfdlgdjegclkomk\138\ZoOnJ6tbo7.js c:\users\Gość\AppData\Local\Torch\User Data\Default\Extensions\jbkonlmnpkcdmhclejmhociifggpfmno\2.0\background.html c:\users\Gość\AppData\Local\Torch\User Data\Default\Extensions\jbkonlmnpkcdmhclejmhociifggpfmno\2.0\content.js c:\users\Gość\AppData\Local\Torch\User Data\Default\Extensions\jbkonlmnpkcdmhclejmhociifggpfmno\2.0\KLWGSWc.js c:\users\Gość\AppData\Local\Torch\User Data\Default\Extensions\jbkonlmnpkcdmhclejmhociifggpfmno\2.0\lsdb.js c:\users\Gość\AppData\Local\Torch\User Data\Default\Extensions\jbkonlmnpkcdmhclejmhociifggpfmno\2.0\manifest.json c:\users\Jakub\AppData\Local\Adobe\gccheck.exe c:\users\Jakub\AppData\Local\Adobe\gtbcheck.exe c:\users\Jakub\AppData\Local\assembly\tmp c:\users\Jakub\AppData\Local\Chromatic Browser\User Data\Default\Extensions\bdfnieppndfdhcgbmhfdlgdjegclkomk c:\users\Jakub\AppData\Local\Chromatic Browser\User Data\Default\Extensions\bdfnieppndfdhcgbmhfdlgdjegclkomk\138\background.html c:\users\Jakub\AppData\Local\Chromatic Browser\User Data\Default\Extensions\bdfnieppndfdhcgbmhfdlgdjegclkomk\138\content.js c:\users\Jakub\AppData\Local\Chromatic Browser\User Data\Default\Extensions\bdfnieppndfdhcgbmhfdlgdjegclkomk\138\lsdb.js c:\users\Jakub\AppData\Local\Chromatic Browser\User Data\Default\Extensions\bdfnieppndfdhcgbmhfdlgdjegclkomk\138\manifest.json c:\users\Jakub\AppData\Local\Chromatic Browser\User Data\Default\Extensions\bdfnieppndfdhcgbmhfdlgdjegclkomk\138\ZoOnJ6tbo7.js c:\users\Jakub\AppData\Local\Chromatic Browser\User Data\Default\Extensions\jbkonlmnpkcdmhclejmhociifggpfmno c:\users\Jakub\AppData\Local\Chromatic Browser\User Data\Default\Extensions\jbkonlmnpkcdmhclejmhociifggpfmno\2.0\background.html c:\users\Jakub\AppData\Local\Chromatic Browser\User Data\Default\Extensions\jbkonlmnpkcdmhclejmhociifggpfmno\2.0\content.js c:\users\Jakub\AppData\Local\Chromatic Browser\User Data\Default\Extensions\jbkonlmnpkcdmhclejmhociifggpfmno\2.0\KLWGSWc.js c:\users\Jakub\AppData\Local\Chromatic Browser\User Data\Default\Extensions\jbkonlmnpkcdmhclejmhociifggpfmno\2.0\lsdb.js c:\users\Jakub\AppData\Local\Chromatic Browser\User Data\Default\Extensions\jbkonlmnpkcdmhclejmhociifggpfmno\2.0\manifest.json c:\users\Jakub\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bdfnieppndfdhcgbmhfdlgdjegclkomk c:\users\Jakub\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bdfnieppndfdhcgbmhfdlgdjegclkomk\138\background.html c:\users\Jakub\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bdfnieppndfdhcgbmhfdlgdjegclkomk\138\content.js c:\users\Jakub\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bdfnieppndfdhcgbmhfdlgdjegclkomk\138\lsdb.js c:\users\Jakub\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bdfnieppndfdhcgbmhfdlgdjegclkomk\138\manifest.json c:\users\Jakub\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bdfnieppndfdhcgbmhfdlgdjegclkomk\138\ZoOnJ6tbo7.js c:\users\Jakub\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\jbkonlmnpkcdmhclejmhociifggpfmno c:\users\Jakub\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\jbkonlmnpkcdmhclejmhociifggpfmno\2.0\background.html c:\users\Jakub\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\jbkonlmnpkcdmhclejmhociifggpfmno\2.0\content.js c:\users\Jakub\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\jbkonlmnpkcdmhclejmhociifggpfmno\2.0\KLWGSWc.js c:\users\Jakub\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\jbkonlmnpkcdmhclejmhociifggpfmno\2.0\lsdb.js c:\users\Jakub\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\jbkonlmnpkcdmhclejmhociifggpfmno\2.0\manifest.json c:\users\Jakub\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bdfnieppndfdhcgbmhfdlgdjegclkomk c:\users\Jakub\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bdfnieppndfdhcgbmhfdlgdjegclkomk\138\background.html c:\users\Jakub\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bdfnieppndfdhcgbmhfdlgdjegclkomk\138\content.js c:\users\Jakub\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bdfnieppndfdhcgbmhfdlgdjegclkomk\138\lsdb.js c:\users\Jakub\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bdfnieppndfdhcgbmhfdlgdjegclkomk\138\manifest.json c:\users\Jakub\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bdfnieppndfdhcgbmhfdlgdjegclkomk\138\ZoOnJ6tbo7.js c:\users\Jakub\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\jbkonlmnpkcdmhclejmhociifggpfmno c:\users\Jakub\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\jbkonlmnpkcdmhclejmhociifggpfmno\2.0\background.html c:\users\Jakub\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\jbkonlmnpkcdmhclejmhociifggpfmno\2.0\content.js c:\users\Jakub\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\jbkonlmnpkcdmhclejmhociifggpfmno\2.0\KLWGSWc.js c:\users\Jakub\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\jbkonlmnpkcdmhclejmhociifggpfmno\2.0\lsdb.js c:\users\Jakub\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\jbkonlmnpkcdmhclejmhociifggpfmno\2.0\manifest.json c:\users\Jakub\AppData\Local\Google\Chrome\User Data\Default\Extensions\bdfnieppndfdhcgbmhfdlgdjegclkomk c:\users\Jakub\AppData\Local\Google\Chrome\User Data\Default\Extensions\bdfnieppndfdhcgbmhfdlgdjegclkomk\138\background.html c:\users\Jakub\AppData\Local\Google\Chrome\User Data\Default\Extensions\bdfnieppndfdhcgbmhfdlgdjegclkomk\138\content.js c:\users\Jakub\AppData\Local\Google\Chrome\User Data\Default\Extensions\bdfnieppndfdhcgbmhfdlgdjegclkomk\138\lsdb.js c:\users\Jakub\AppData\Local\Google\Chrome\User Data\Default\Extensions\bdfnieppndfdhcgbmhfdlgdjegclkomk\138\manifest.json c:\users\Jakub\AppData\Local\Google\Chrome\User Data\Default\Extensions\bdfnieppndfdhcgbmhfdlgdjegclkomk\138\ZoOnJ6tbo7.js c:\users\Jakub\AppData\Local\Google\Chrome\User Data\Default\Extensions\bdgfjfdfeflnheppligkjblgedblgadh c:\users\Jakub\AppData\Local\Google\Chrome\User Data\Default\Extensions\bdgfjfdfeflnheppligkjblgedblgadh\174\background.html c:\users\Jakub\AppData\Local\Google\Chrome\User Data\Default\Extensions\bdgfjfdfeflnheppligkjblgedblgadh\174\content.js c:\users\Jakub\AppData\Local\Google\Chrome\User Data\Default\Extensions\bdgfjfdfeflnheppligkjblgedblgadh\174\lsdb.js c:\users\Jakub\AppData\Local\Google\Chrome\User Data\Default\Extensions\bdgfjfdfeflnheppligkjblgedblgadh\174\manifest.json c:\users\Jakub\AppData\Local\Google\Chrome\User Data\Default\Extensions\bdgfjfdfeflnheppligkjblgedblgadh\174\RRpQzOqO.js c:\users\Jakub\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbkonlmnpkcdmhclejmhociifggpfmno c:\users\Jakub\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbkonlmnpkcdmhclejmhociifggpfmno\2.0\background.html c:\users\Jakub\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbkonlmnpkcdmhclejmhociifggpfmno\2.0\content.js c:\users\Jakub\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbkonlmnpkcdmhclejmhociifggpfmno\2.0\KLWGSWc.js c:\users\Jakub\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbkonlmnpkcdmhclejmhociifggpfmno\2.0\lsdb.js c:\users\Jakub\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbkonlmnpkcdmhclejmhociifggpfmno\2.0\manifest.json c:\users\Jakub\AppData\Local\Google\Chrome\User Data\Default\Extensions\kofmneijajkgajeffbphblliaeidahcn c:\users\Jakub\AppData\Local\Google\Chrome\User Data\Default\Extensions\kofmneijajkgajeffbphblliaeidahcn\243\background.html c:\users\Jakub\AppData\Local\Google\Chrome\User Data\Default\Extensions\kofmneijajkgajeffbphblliaeidahcn\243\content.js c:\users\Jakub\AppData\Local\Google\Chrome\User Data\Default\Extensions\kofmneijajkgajeffbphblliaeidahcn\243\lsdb.js c:\users\Jakub\AppData\Local\Google\Chrome\User Data\Default\Extensions\kofmneijajkgajeffbphblliaeidahcn\243\manifest.json c:\users\Jakub\AppData\Local\Google\Chrome\User Data\Default\Extensions\kofmneijajkgajeffbphblliaeidahcn\243\QjmoCNsh7P.js c:\users\Jakub\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmiolkcfamcbpoandjpnefiegkcpeoan c:\users\Jakub\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmiolkcfamcbpoandjpnefiegkcpeoan\228\background.html c:\users\Jakub\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmiolkcfamcbpoandjpnefiegkcpeoan\228\content.js c:\users\Jakub\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmiolkcfamcbpoandjpnefiegkcpeoan\228\IfTpd.js c:\users\Jakub\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmiolkcfamcbpoandjpnefiegkcpeoan\228\lsdb.js c:\users\Jakub\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmiolkcfamcbpoandjpnefiegkcpeoan\228\manifest.json c:\users\Jakub\AppData\Local\Google\Chrome\User Data\Default\Extensions\phaehjbfndonoealmdlbliedgiabmcdd c:\users\Jakub\AppData\Local\Google\Chrome\User Data\Default\Extensions\phaehjbfndonoealmdlbliedgiabmcdd\236\background.html c:\users\Jakub\AppData\Local\Google\Chrome\User Data\Default\Extensions\phaehjbfndonoealmdlbliedgiabmcdd\236\content.js c:\users\Jakub\AppData\Local\Google\Chrome\User Data\Default\Extensions\phaehjbfndonoealmdlbliedgiabmcdd\236\lsdb.js c:\users\Jakub\AppData\Local\Google\Chrome\User Data\Default\Extensions\phaehjbfndonoealmdlbliedgiabmcdd\236\manifest.json c:\users\Jakub\AppData\Local\Google\Chrome\User Data\Default\Extensions\phaehjbfndonoealmdlbliedgiabmcdd\236\Q.js c:\users\Jakub\AppData\Local\Google\Chrome\User Data\Default\Preferences c:\users\Jakub\AppData\Local\Microsoft\Windows\Temporary Internet Files\{467F22C4-BDBB-4A43-9EF0-A847CE9BB85C}.xps c:\users\Jakub\AppData\Local\Microsoft\Windows\Temporary Internet Files\{FEA5BBA0-A716-4B38-9F8D-138AEE7B8D0E}.xps c:\users\Jakub\AppData\Local\Tbccint c:\users\Jakub\AppData\Local\Tbccint\Chrome\CT3327997\CHUninstaller.exe c:\users\Jakub\AppData\Local\Tbccint\Chrome\CT3327997\configutaion.json c:\users\Jakub\AppData\Local\Tbccint\Chrome\CT3327997\Uninstaller.ico c:\users\Jakub\AppData\Local\Tbccint\Chrome\CT3327997\UninstallerUI.exe c:\users\Jakub\AppData\Local\Torch\User Data\Default\Extensions\bdfnieppndfdhcgbmhfdlgdjegclkomk c:\users\Jakub\AppData\Local\Torch\User Data\Default\Extensions\bdfnieppndfdhcgbmhfdlgdjegclkomk\138\background.html c:\users\Jakub\AppData\Local\Torch\User Data\Default\Extensions\bdfnieppndfdhcgbmhfdlgdjegclkomk\138\content.js c:\users\Jakub\AppData\Local\Torch\User Data\Default\Extensions\bdfnieppndfdhcgbmhfdlgdjegclkomk\138\lsdb.js c:\users\Jakub\AppData\Local\Torch\User Data\Default\Extensions\bdfnieppndfdhcgbmhfdlgdjegclkomk\138\manifest.json c:\users\Jakub\AppData\Local\Torch\User Data\Default\Extensions\bdfnieppndfdhcgbmhfdlgdjegclkomk\138\ZoOnJ6tbo7.js c:\users\Jakub\AppData\Local\Torch\User Data\Default\Extensions\jbkonlmnpkcdmhclejmhociifggpfmno c:\users\Jakub\AppData\Local\Torch\User Data\Default\Extensions\jbkonlmnpkcdmhclejmhociifggpfmno\2.0\background.html c:\users\Jakub\AppData\Local\Torch\User Data\Default\Extensions\jbkonlmnpkcdmhclejmhociifggpfmno\2.0\content.js c:\users\Jakub\AppData\Local\Torch\User Data\Default\Extensions\jbkonlmnpkcdmhclejmhociifggpfmno\2.0\KLWGSWc.js c:\users\Jakub\AppData\Local\Torch\User Data\Default\Extensions\jbkonlmnpkcdmhclejmhociifggpfmno\2.0\lsdb.js c:\users\Jakub\AppData\Local\Torch\User Data\Default\Extensions\jbkonlmnpkcdmhclejmhociifggpfmno\2.0\manifest.json c:\users\Jakub\AppData\Roaming\LiveSupport.exe_log.txt c:\users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\abtftqck.default-1379621071496\Extensions\k@Bs0.com c:\users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\abtftqck.default-1379621071496\Extensions\k@Bs0.com\bootstrap.js c:\users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\abtftqck.default-1379621071496\Extensions\k@Bs0.com\chrome.manifest c:\users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\abtftqck.default-1379621071496\Extensions\k@Bs0.com\content\bg.js c:\users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\abtftqck.default-1379621071496\Extensions\k@Bs0.com\install.rdf c:\users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\abtftqck.default-1379621071496\Extensions\onU@m.net c:\users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\abtftqck.default-1379621071496\Extensions\onU@m.net\bootstrap.js c:\users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\abtftqck.default-1379621071496\Extensions\onU@m.net\chrome.manifest c:\users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\abtftqck.default-1379621071496\Extensions\onU@m.net\content\bg.js c:\users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\abtftqck.default-1379621071496\Extensions\onU@m.net\install.rdf c:\users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\abtftqck.default-1379621071496\Extensions\wBAJ@jqPl.edu c:\users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\abtftqck.default-1379621071496\Extensions\wBAJ@jqPl.edu\bootstrap.js c:\users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\abtftqck.default-1379621071496\Extensions\wBAJ@jqPl.edu\chrome.manifest c:\users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\abtftqck.default-1379621071496\Extensions\wBAJ@jqPl.edu\content\bg.js c:\users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\abtftqck.default-1379621071496\Extensions\wBAJ@jqPl.edu\install.rdf c:\users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\abtftqck.default-1379621071496\Extensions\wQv@QgCj.com c:\users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\abtftqck.default-1379621071496\Extensions\wQv@QgCj.com\bootstrap.js c:\users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\abtftqck.default-1379621071496\Extensions\wQv@QgCj.com\chrome.manifest c:\users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\abtftqck.default-1379621071496\Extensions\wQv@QgCj.com\content\bg.js c:\users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\abtftqck.default-1379621071496\Extensions\wQv@QgCj.com\install.rdf c:\users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\abtftqck.default-1379621071496\Extensions\YuP@yo7.net c:\users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\abtftqck.default-1379621071496\Extensions\YuP@yo7.net\bootstrap.js c:\users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\abtftqck.default-1379621071496\Extensions\YuP@yo7.net\chrome.manifest c:\users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\abtftqck.default-1379621071496\Extensions\YuP@yo7.net\content\bg.js c:\users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\abtftqck.default-1379621071496\Extensions\YuP@yo7.net\install.rdf c:\users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\abtftqck.default-1379621071496\searchplugins\WebSearch.xml c:\users\Jakub\AppData\Roaming\regsvr32.exe_log.txt c:\windows\Tasks\RegClean Pro_DEFAULT.job c:\windows\Tasks\RegClean Pro_UPDATES.job c:\windows\wininit.ini . . ((((((((((((((((((((((((( Pliki utworzone od 2014-10-12 do 2014-11-12 ))))))))))))))))))))))))))))))) . . 2014-11-12 19:44 . 2014-11-12 19:44 -------- d-----w- c:\users\Default\AppData\Local\temp 2014-11-10 14:27 . 2014-11-10 14:27 -------- d-----w- C:\[14.09.2014] Ethandia 2014-11-06 11:05 . 2014-11-06 11:05 -------- d-----w- C:\Edenium.pl Client Gry 2014-10-30 14:24 . 2014-10-30 14:29 -------- d-----w- C:\Football Manager 2008 2014-10-30 14:24 . 2014-10-30 14:25 -------- d--h--w- c:\program files (x86)\Zero G Registry 2014-10-30 14:23 . 2014-10-30 14:23 -------- d--h--w- c:\users\Jakub\InstallAnywhere 2014-10-30 14:21 . 2014-10-30 14:22 -------- d-----w- C:\FM2008 2014-10-29 17:57 . 2014-10-29 17:57 -------- d-----w- c:\users\Jakub\AppData\Local\Skype 2014-10-29 17:57 . 2014-10-29 17:57 -------- d-----w- c:\program files (x86)\Common Files\Skype 2014-10-29 17:57 . 2014-10-29 17:57 -------- d-----r- c:\program files (x86)\Skype 2014-10-22 22:36 . 2014-10-22 13:29 48784 ----a-w- c:\windows\system32\drivers\{7e4355b8-96cd-43eb-b59a-82af29f01b16}w64.sys 2014-10-22 10:28 . 2014-10-21 23:27 48784 ----a-w- c:\windows\system32\drivers\{023ffe30-e38b-4272-b1c0-1e9f6a180b9d}w64.sys 2014-10-21 23:04 . 2014-10-21 09:58 48784 ----a-w- c:\windows\system32\drivers\{5637c139-b301-4ecd-a2cf-2ae75f214b07}w64.sys 2014-10-21 15:57 . 2014-10-21 15:57 -------- d-----w- c:\programdata\neglfglbmccpmphoegndhmlcnbfnjfkn 2014-10-21 10:59 . 2014-10-20 20:04 48784 ----a-w- c:\windows\system32\drivers\{999a4cbb-05c0-4612-9e48-e2b9897a2c6f}w64.sys 2014-10-20 22:23 . 2014-11-06 12:13 -------- d-----w- C:\Football Manager 2014 2014-10-20 22:18 . 2014-10-20 13:00 48784 ----a-w- c:\windows\system32\drivers\{c42edeec-c173-4c88-9a7f-6934088af032}w64.sys 2014-10-20 09:44 . 2014-10-19 22:58 48784 ----a-w- c:\windows\system32\drivers\{76152aee-de6d-453d-a8d8-6f11a0085df8}w64.sys 2014-10-20 03:04 . 2014-10-19 15:58 48784 ----a-w- c:\windows\system32\drivers\{af7618ea-6d4f-47e5-9e06-5f808487ae22}w64.sys 2014-10-19 10:39 . 2014-10-18 19:11 48784 ----a-w- c:\windows\system32\drivers\{871e60bd-7aec-4938-a4b2-ffde58590efe}w64.sys 2014-10-18 21:32 . 2014-10-18 11:58 48784 ----a-w- c:\windows\system32\drivers\{544deb5f-dfba-4914-8002-1f35ae7182a3}w64.sys 2014-10-18 08:32 . 2014-10-17 22:06 48784 ----a-w- c:\windows\system32\drivers\{c746a0c9-95e3-4ce8-9e9f-58fac8587b02}w64.sys 2014-10-17 17:37 . 2014-10-17 08:01 48784 ----a-w- c:\windows\system32\drivers\{a5b0d4ec-75a8-4454-a9c1-5675585828ec}w64.sys 2014-10-17 09:36 . 2014-10-16 18:46 48784 ----a-w- c:\windows\system32\drivers\{f7e972a4-3731-46b4-91a5-4140fc1009e8}w64.sys 2014-10-16 20:28 . 2014-10-16 09:24 48784 ----a-w- c:\windows\system32\drivers\{d6c3bca9-e5f7-466a-ab38-ae66db286392}w64.sys 2014-10-15 21:16 . 2014-10-15 09:14 48784 ----a-w- c:\windows\system32\drivers\{2f76abac-1058-4d18-a9d9-382d3a1b32c3}w64.sys 2014-10-15 13:11 . 2014-10-15 04:01 48784 ----a-w- c:\windows\system32\drivers\{35d31228-a1dd-4d11-a2ff-ef6ba162cebd}w64.sys 2014-10-14 21:44 . 2014-10-14 10:57 48784 ----a-w- c:\windows\system32\drivers\{146928e7-d9fa-4f71-af0f-f42261fb9843}w64.sys . . . (((((((((((((((((((((((((((((((((((((((( Sekcja Find3M )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2014-11-07 08:23 . 2013-03-21 22:16 17536 ----a-w- c:\programdata\Microsoft\windowssampling\Sqm\Manifest\Sqm3.bin 2014-09-26 01:49 . 2013-06-17 19:55 590536 ----a-w- c:\programdata\Microsoft\ClickToRun\{9AC08E99-230B-47e8-9721-4577B7F124EA}\integrator.exe 2014-09-20 22:12 . 2014-09-20 22:12 110368 ----a-w- c:\windows\system32\drivers\vrtaucbl.sys 2014-09-17 14:35 . 2012-07-26 08:13 23256 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll . . ((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane REGEDIT4 . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{323C6E6D-1621-470F-8A52-4FDEC4E75E40}] 2014-04-01 19:59 147560 ----a-w- c:\program files (x86)\Quiknowledge\IE\QuiknowledgeClientIE.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1] @="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}" [HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}] 2013-06-17 20:31 222712 ----a-w- c:\users\Jakub\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\SkyDriveShell.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2] @="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}" [HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}] 2013-06-17 20:31 222712 ----a-w- c:\users\Jakub\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\SkyDriveShell.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3] @="{BBACC218-34EA-4666-9D7A-C78F2274A524}" [HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}] 2013-06-17 20:31 222712 ----a-w- c:\users\Jakub\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\SkyDriveShell.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "AdobeBridge"="" [BU] "DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2013-03-14 3672640] "uTorrent"="c:\users\Jakub\AppData\Roaming\uTorrent\uTorrent.exe" [2014-10-24 1385808] "PC Suite Tray"="c:\program files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe" [2012-06-26 1516632] "ALLUpdate"="c:\program files (x86)\ALLPlayer\ALLUpdate.exe" [2014-04-17 3510704] "Yahoo! Search"="c:\users\Jakub\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.15.4\dsrlte.exe" [2014-10-28 533352] "IPLA!"="c:\program files (x86)\ipla\ipla.exe" [2014-10-20 21353568] "Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2014-10-23 30524000] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-09-18 642216] "BtTray"="c:\program files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe" [2012-09-19 371976] "CLVirtualDrive"="c:\program files (x86)\CyberLink\Power2Go8\VirtualDrive.exe" [2012-09-10 491632] "RemoteControl10"="c:\program files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe" [2012-07-13 93296] "HP Quick Launch"="c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe" [2012-09-07 581024] "HP CoolSense"="c:\program files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe" [2012-09-14 1342008] "BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2012-11-05 89184] . c:\programdata\Microsoft\Windows\Start Menu\Programs\StartUp\ Adobe Gamma Loader.lnk - c:\program files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2014-9-12 113664] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "PromptOnSecureDesktop"= 0 (0x0) "ConsentPromptBehaviorAdmin"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) "EnableCursorSuppression"= 1 (0x1) "ConsentPromptBehaviorUser"= 3 (0x3) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows] "LoadAppInit_DLLs"=1 (0x1) . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk *\0sdnclean64.exe . R1 qknfd;qknfd;c:\windows\system32\drivers\qknfd.sys;c:\windows\SYSNATIVE\drivers\qknfd.sys [x] R2 4d349a54;GS_Sustainer;c:\windows\system32\rundll32.exe;c:\windows\SYSNATIVE\rundll32.exe [x] R2 MaintainerSvc2.02.5636706;MaintainerSvc2.02.5636706;c:\programdata\d7a0fe93-7bf3-4f3d-89c3-fe4e144b2eb8\maintainer.exe;c:\programdata\d7a0fe93-7bf3-4f3d-89c3-fe4e144b2eb8\maintainer.exe [x] R2 SDScannerService;Spybot-S&D 2 Scanner Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe;c:\program files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [x] R2 SDUpdateService;Spybot-S&D 2 Updating Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe;c:\program files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [x] R2 SDWSCService;Spybot-S&D 2 Security Center Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe;c:\program files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [x] R2 tor;Tor Win32 Service;c:\program files (x86)\Tor\tor.exe;c:\program files (x86)\Tor\tor.exe [x] R2 Update BrowseMark;Update BrowseMark;c:\program files (x86)\BrowseMark\updateBrowseMark.exe;c:\program files (x86)\BrowseMark\updateBrowseMark.exe [x] R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys;c:\windows\SYSNATIVE\drivers\EagleX64.sys [x] R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys;c:\windows\SYSNATIVE\DRIVERS\ew_hwusbdev.sys [x] R3 ew_usbenumfilter;huawei_CompositeFilter;c:\windows\System32\drivers\ew_usbenumfilter.sys;c:\windows\SYSNATIVE\drivers\ew_usbenumfilter.sys [x] R3 ewusbmbb;HUAWEI USB-WWAN miniport;c:\windows\system32\DRIVERS\ewusbwwan.sys;c:\windows\SYSNATIVE\DRIVERS\ewusbwwan.sys [x] R3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\DRIVERS\ewusbnet.sys;c:\windows\SYSNATIVE\DRIVERS\ewusbnet.sys [x] R3 huawei_enumerator;huawei_enumerator;c:\windows\System32\drivers\ew_jubusenum.sys;c:\windows\SYSNATIVE\drivers\ew_jubusenum.sys [x] R3 RSP2STOR;Realtek PCIE CardReader Driver - P2;c:\windows\system32\DRIVERS\RtsP2Stor.sys;c:\windows\SYSNATIVE\DRIVERS\RtsP2Stor.sys [x] R3 SmbDrv;SmbDrv;c:\windows\System32\drivers\Smb_driver_AMDASF.sys;c:\windows\SYSNATIVE\drivers\Smb_driver_AMDASF.sys [x] R3 WUDFWpdMtp;WUDFWpdMtp;c:\windows\system32\DRIVERS\WUDFRd.sys;c:\windows\SYSNATIVE\DRIVERS\WUDFRd.sys [x] R4 SymELAM;Symantec ELAM Driver;c:\windows\system32\drivers\NISx64\1405000.01C\SymELAM.sys;c:\windows\SYSNATIVE\drivers\NISx64\1405000.01C\SymELAM.sys [x] S0 amdkmpfd;AMD PCI Root Bus Lower Filter;c:\windows\System32\drivers\amdkmpfd.sys;c:\windows\SYSNATIVE\drivers\amdkmpfd.sys [x] S0 iaStorA;iaStorA;c:\windows\System32\drivers\iaStorA.sys;c:\windows\SYSNATIVE\drivers\iaStorA.sys [x] S1 {023ffe30-e38b-4272-b1c0-1e9f6a180b9d}w64;{023ffe30-e38b-4272-b1c0-1e9f6a180b9d}w64;c:\windows\system32\drivers\{023ffe30-e38b-4272-b1c0-1e9f6a180b9d}w64.sys;c:\windows\SYSNATIVE\drivers\{023ffe30-e38b-4272-b1c0-1e9f6a180b9d}w64.sys [x] S1 {146928e7-d9fa-4f71-af0f-f42261fb9843}w64;{146928e7-d9fa-4f71-af0f-f42261fb9843}w64;c:\windows\system32\drivers\{146928e7-d9fa-4f71-af0f-f42261fb9843}w64.sys;c:\windows\SYSNATIVE\drivers\{146928e7-d9fa-4f71-af0f-f42261fb9843}w64.sys [x] S1 {2f76abac-1058-4d18-a9d9-382d3a1b32c3}w64;{2f76abac-1058-4d18-a9d9-382d3a1b32c3}w64;c:\windows\system32\drivers\{2f76abac-1058-4d18-a9d9-382d3a1b32c3}w64.sys;c:\windows\SYSNATIVE\drivers\{2f76abac-1058-4d18-a9d9-382d3a1b32c3}w64.sys [x] S1 {35d31228-a1dd-4d11-a2ff-ef6ba162cebd}w64;{35d31228-a1dd-4d11-a2ff-ef6ba162cebd}w64;c:\windows\system32\drivers\{35d31228-a1dd-4d11-a2ff-ef6ba162cebd}w64.sys;c:\windows\SYSNATIVE\drivers\{35d31228-a1dd-4d11-a2ff-ef6ba162cebd}w64.sys [x] S1 {544deb5f-dfba-4914-8002-1f35ae7182a3}w64;{544deb5f-dfba-4914-8002-1f35ae7182a3}w64;c:\windows\system32\drivers\{544deb5f-dfba-4914-8002-1f35ae7182a3}w64.sys;c:\windows\SYSNATIVE\drivers\{544deb5f-dfba-4914-8002-1f35ae7182a3}w64.sys [x] S1 {55dce8ba-9dec-4013-937e-adbf9317d990}Gw64;{55dce8ba-9dec-4013-937e-adbf9317d990}Gw64;c:\windows\system32\drivers\{55dce8ba-9dec-4013-937e-adbf9317d990}Gw64.sys;c:\windows\SYSNATIVE\drivers\{55dce8ba-9dec-4013-937e-adbf9317d990}Gw64.sys [x] S1 {55dce8ba-9dec-4013-937e-adbf9317d990}w64;{55dce8ba-9dec-4013-937e-adbf9317d990}w64;c:\windows\system32\drivers\{55dce8ba-9dec-4013-937e-adbf9317d990}w64.sys;c:\windows\SYSNATIVE\drivers\{55dce8ba-9dec-4013-937e-adbf9317d990}w64.sys [x] S1 {5637c139-b301-4ecd-a2cf-2ae75f214b07}w64;{5637c139-b301-4ecd-a2cf-2ae75f214b07}w64;c:\windows\system32\drivers\{5637c139-b301-4ecd-a2cf-2ae75f214b07}w64.sys;c:\windows\SYSNATIVE\drivers\{5637c139-b301-4ecd-a2cf-2ae75f214b07}w64.sys [x] S1 {76152aee-de6d-453d-a8d8-6f11a0085df8}w64;{76152aee-de6d-453d-a8d8-6f11a0085df8}w64;c:\windows\system32\drivers\{76152aee-de6d-453d-a8d8-6f11a0085df8}w64.sys;c:\windows\SYSNATIVE\drivers\{76152aee-de6d-453d-a8d8-6f11a0085df8}w64.sys [x] S1 {7e4355b8-96cd-43eb-b59a-82af29f01b16}w64;{7e4355b8-96cd-43eb-b59a-82af29f01b16}w64;c:\windows\system32\drivers\{7e4355b8-96cd-43eb-b59a-82af29f01b16}w64.sys;c:\windows\SYSNATIVE\drivers\{7e4355b8-96cd-43eb-b59a-82af29f01b16}w64.sys [x] S1 {871e60bd-7aec-4938-a4b2-ffde58590efe}w64;{871e60bd-7aec-4938-a4b2-ffde58590efe}w64;c:\windows\system32\drivers\{871e60bd-7aec-4938-a4b2-ffde58590efe}w64.sys;c:\windows\SYSNATIVE\drivers\{871e60bd-7aec-4938-a4b2-ffde58590efe}w64.sys [x] S1 {999a4cbb-05c0-4612-9e48-e2b9897a2c6f}w64;{999a4cbb-05c0-4612-9e48-e2b9897a2c6f}w64;c:\windows\system32\drivers\{999a4cbb-05c0-4612-9e48-e2b9897a2c6f}w64.sys;c:\windows\SYSNATIVE\drivers\{999a4cbb-05c0-4612-9e48-e2b9897a2c6f}w64.sys [x] S1 {a5b0d4ec-75a8-4454-a9c1-5675585828ec}w64;{a5b0d4ec-75a8-4454-a9c1-5675585828ec}w64;c:\windows\system32\drivers\{a5b0d4ec-75a8-4454-a9c1-5675585828ec}w64.sys;c:\windows\SYSNATIVE\drivers\{a5b0d4ec-75a8-4454-a9c1-5675585828ec}w64.sys [x] S1 {af7618ea-6d4f-47e5-9e06-5f808487ae22}w64;{af7618ea-6d4f-47e5-9e06-5f808487ae22}w64;c:\windows\system32\drivers\{af7618ea-6d4f-47e5-9e06-5f808487ae22}w64.sys;c:\windows\SYSNATIVE\drivers\{af7618ea-6d4f-47e5-9e06-5f808487ae22}w64.sys [x] S1 {b99c8534-7800-48fa-bd71-519a46cdc7e1}Gw64;{b99c8534-7800-48fa-bd71-519a46cdc7e1}Gw64;c:\windows\system32\drivers\{b99c8534-7800-48fa-bd71-519a46cdc7e1}Gw64.sys;c:\windows\SYSNATIVE\drivers\{b99c8534-7800-48fa-bd71-519a46cdc7e1}Gw64.sys [x] S1 {b99c8534-7800-48fa-bd71-519a46cdc7e1}w64;{b99c8534-7800-48fa-bd71-519a46cdc7e1}w64;c:\windows\system32\drivers\{b99c8534-7800-48fa-bd71-519a46cdc7e1}w64.sys;c:\windows\SYSNATIVE\drivers\{b99c8534-7800-48fa-bd71-519a46cdc7e1}w64.sys [x] S1 {c42edeec-c173-4c88-9a7f-6934088af032}w64;{c42edeec-c173-4c88-9a7f-6934088af032}w64;c:\windows\system32\drivers\{c42edeec-c173-4c88-9a7f-6934088af032}w64.sys;c:\windows\SYSNATIVE\drivers\{c42edeec-c173-4c88-9a7f-6934088af032}w64.sys [x] S1 {c746a0c9-95e3-4ce8-9e9f-58fac8587b02}w64;{c746a0c9-95e3-4ce8-9e9f-58fac8587b02}w64;c:\windows\system32\drivers\{c746a0c9-95e3-4ce8-9e9f-58fac8587b02}w64.sys;c:\windows\SYSNATIVE\drivers\{c746a0c9-95e3-4ce8-9e9f-58fac8587b02}w64.sys [x] S1 {d6c3bca9-e5f7-466a-ab38-ae66db286392}w64;{d6c3bca9-e5f7-466a-ab38-ae66db286392}w64;c:\windows\system32\drivers\{d6c3bca9-e5f7-466a-ab38-ae66db286392}w64.sys;c:\windows\SYSNATIVE\drivers\{d6c3bca9-e5f7-466a-ab38-ae66db286392}w64.sys [x] S1 {f7e972a4-3731-46b4-91a5-4140fc1009e8}w64;{f7e972a4-3731-46b4-91a5-4140fc1009e8}w64;c:\windows\system32\drivers\{f7e972a4-3731-46b4-91a5-4140fc1009e8}w64.sys;c:\windows\SYSNATIVE\drivers\{f7e972a4-3731-46b4-91a5-4140fc1009e8}w64.sys [x] S1 CLVirtualDrive;CLVirtualDrive;c:\windows\system32\DRIVERS\CLVirtualDrive.sys;c:\windows\SYSNATIVE\DRIVERS\CLVirtualDrive.sys [x] S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\System32\drivers\dtsoftbus01.sys;c:\windows\SYSNATIVE\drivers\dtsoftbus01.sys [x] S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x] S2 ClickToRunSvc;Usługa Szybka instalacja pakietu Microsoft Office;c:\program files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe;c:\program files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [x] S2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [x] S2 HPConnectedRemote;HP Connected Remote Service;c:\program files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe;c:\program files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe [x] S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe;c:\windows\SYSNATIVE\Hpservice.exe [x] S2 HPWMISVC;HPWMISVC;c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe;c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [x] S2 IAStorDataMgrSvc;Technologia pamięci Intel® Rapid;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x] S2 IconMan_R;IconMan_R;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [x] S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x] S2 Intel(R) ME Service;Intel(R) ME Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [x] S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x] S2 KMService;KMService;c:\windows\system32\srvany.exe;c:\windows\SYSNATIVE\srvany.exe [x] S2 NIS;Norton Internet Security;c:\program files (x86)\Norton Internet Security\Engine\20.5.0.28\ccSvcHst.exe;c:\program files (x86)\Norton Internet Security\Engine\20.5.0.28\ccSvcHst.exe [x] S2 sp_rsdrv2;Spyware Terminator Driver Filter;c:\windows\system32\DRIVERS\stflt.sys;c:\windows\SYSNATIVE\DRIVERS\stflt.sys [x] S2 ST2012_Svc;Spyware Terminator 2012 Realtime Shield Service;c:\program files (x86)\Spyware Terminator\st_rsser64.exe;c:\program files (x86)\Spyware Terminator\st_rsser64.exe [x] S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x] S2 Update Deal Keeper;Update Deal Keeper;c:\program files (x86)\Deal Keeper\updateDealKeeper.exe;c:\program files (x86)\Deal Keeper\updateDealKeeper.exe [x] S2 Util Deal Keeper;Util Deal Keeper;c:\program files (x86)\Deal Keeper\bin\utilDealKeeper.exe;c:\program files (x86)\Deal Keeper\bin\utilDealKeeper.exe [x] S3 BHDrvx64;BHDrvx64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\BASHDefs\20130515.001\BHDrvx64.sys;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\BASHDefs\20130515.001\BHDrvx64.sys [x] S3 BtAudioBusSrv;Ralink Bluetooth Audio Bus Service;c:\windows\System32\Drivers\BtAudioBus.sys;c:\windows\SYSNATIVE\Drivers\BtAudioBus.sys [x] S3 BthL2caScoIfSrv;Bluetooth Profile Interface Driver Service;c:\windows\System32\Drivers\BtL2caScoIf.sys;c:\windows\SYSNATIVE\Drivers\BtL2caScoIf.sys [x] S3 BthLEEnum;Sterownik funkcji Bluetooth Low Energy;c:\windows\system32\DRIVERS\BthLEEnum.sys;c:\windows\SYSNATIVE\DRIVERS\BthLEEnum.sys [x] S3 btUrbFilterDrv;IVT URB Bluetooth Filter Driver Service;c:\windows\System32\Drivers\IvtUrbBtFlt.sys;c:\windows\SYSNATIVE\Drivers\IvtUrbBtFlt.sys [x] S3 ccSet_NIS;Norton Internet Security Settings Manager;c:\windows\system32\drivers\NISx64\1405000.01C\ccSetx64.sys;c:\windows\SYSNATIVE\drivers\NISx64\1405000.01C\ccSetx64.sys [x] S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [x] S3 EuMusDesignVirtualAudioCableWdm;@oem42.inf,%DeviceName% (WDM);Virtual Audio Cable (WDM);c:\windows\system32\DRIVERS\vrtaucbl.sys;c:\windows\SYSNATIVE\DRIVERS\vrtaucbl.sys [x] S3 IDSVia64;IDSVia64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\IPSDefs\20130518.001\IDSvia64.sys;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\IPSDefs\20130518.001\IDSvia64.sys [x] S3 IntcDAud;Audio dla wyświetlaczy Intel(R);c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x] S3 intelkmd;intelkmd;c:\windows\system32\DRIVERS\igdpmd64.sys;c:\windows\SYSNATIVE\DRIVERS\igdpmd64.sys [x] S3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys;c:\windows\SYSNATIVE\DRIVERS\netr28x.sys [x] S3 rtbth;RTBTH Bluetooth Device Driver;c:\windows\System32\drivers\rtbth.sys;c:\windows\SYSNATIVE\drivers\rtbth.sys [x] S3 RTL8168;Realtek 8168 NT Driver;c:\windows\system32\DRIVERS\Rt630x64.sys;c:\windows\SYSNATIVE\DRIVERS\Rt630x64.sys [x] S3 SmbDrvI;SmbDrvI;c:\windows\system32\DRIVERS\Smb_driver_Intel.sys;c:\windows\SYSNATIVE\DRIVERS\Smb_driver_Intel.sys [x] S3 SymDS;Symantec Data Store;c:\windows\system32\drivers\NISx64\1405000.01C\SYMDS64.SYS;c:\windows\SYSNATIVE\drivers\NISx64\1405000.01C\SYMDS64.SYS [x] S3 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NISx64\1405000.01C\SYMEFA64.SYS;c:\windows\SYSNATIVE\drivers\NISx64\1405000.01C\SYMEFA64.SYS [x] S3 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NISx64\1405000.01C\Ironx64.SYS;c:\windows\SYSNATIVE\drivers\NISx64\1405000.01C\Ironx64.SYS [x] S3 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\NISx64\1405000.01C\SYMNETS.SYS;c:\windows\SYSNATIVE\Drivers\NISx64\1405000.01C\SYMNETS.SYS [x] S3 WirelessButtonDriver;HP Wireless Button Driver Service;c:\windows\System32\drivers\WirelessButtonDriver64.sys;c:\windows\SYSNATIVE\drivers\WirelessButtonDriver64.sys [x] . . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost] apphost REG_MULTI_SZ apphostsvc iissvcs REG_MULTI_SZ w3svc was . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}] 2014-05-21 01:49 1091912 ----a-w- c:\program files (x86)\Google\Chrome\Application\35.0.1916.114\Installer\chrmstp.exe . Zawartość folderu 'Zaplanowane zadania' . 2014-11-12 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-27 21:36] . 2014-11-10 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-632503941-784987641-2221626834-1001Core.job - c:\users\Jakub\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-04-22 19:43] . 2014-11-12 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-632503941-784987641-2221626834-1001UA.job - c:\users\Jakub\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-04-22 19:43] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1] @="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}" [HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}] 2013-06-17 20:31 261624 ----a-w- c:\users\Jakub\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64\SkyDriveShell64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2] @="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}" [HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}] 2013-06-17 20:31 261624 ----a-w- c:\users\Jakub\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64\SkyDriveShell64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3] @="{BBACC218-34EA-4666-9D7A-C78F2274A524}" [HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}] 2013-06-17 20:31 261624 ----a-w- c:\users\Jakub\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64\SkyDriveShell64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)] @="{8BA85C75-763B-4103-94EB-9470F12FE0F7}" [HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}] 2014-09-25 10:10 2334416 ----a-w- c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\grooveex.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)] @="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}" [HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}] 2014-09-25 10:10 2334416 ----a-w- c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\grooveex.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)] @="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}" [HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}] 2014-09-25 10:10 2334416 ----a-w- c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\grooveex.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GGDriveOverlay1] @="{E68D0A50-3C40-4712-B90D-DCFA93FF2534}" [HKEY_CLASSES_ROOT\CLSID\{E68D0A50-3C40-4712-B90D-DCFA93FF2534}] 2013-01-17 14:43 2023936 ----a-w- c:\programdata\GG\ggdrive\ggdrive-overlay.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GGDriveOverlay2] @="{E68D0A51-3C40-4712-B90D-DCFA93FF2534}" [HKEY_CLASSES_ROOT\CLSID\{E68D0A51-3C40-4712-B90D-DCFA93FF2534}] 2013-01-17 14:43 2023936 ----a-w- c:\programdata\GG\ggdrive\ggdrive-overlay.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GGDriveOverlay3] @="{E68D0A52-3C40-4712-B90D-DCFA93FF2534}" [HKEY_CLASSES_ROOT\CLSID\{E68D0A52-3C40-4712-B90D-DCFA93FF2534}] 2013-01-17 14:43 2023936 ----a-w- c:\programdata\GG\ggdrive\ggdrive-overlay.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GGDriveOverlay4] @="{E68D0A53-3C40-4712-B90D-DCFA93FF2534}" [HKEY_CLASSES_ROOT\CLSID\{E68D0A53-3C40-4712-B90D-DCFA93FF2534}] 2013-01-17 14:43 2023936 ----a-w- c:\programdata\GG\ggdrive\ggdrive-overlay.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-09-04 171040] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-09-04 399392] "Persistence"="c:\windows\system32\igfxpers.exe" [2012-09-04 441888] "SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2012-08-20 1664000] "SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU] "SpywareTerminatorShield"="c:\program files (x86)\Spyware Terminator\SpywareTerminatorShield.exe" [2014-05-13 2774936] "SpywareTerminatorUpdater"="c:\program files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe" [2014-05-13 3681688] . ------- Skan uzupełniający ------- . uStart Page = hxxp://rts.dsrlte.com?affID=na uLocal Page = c:\windows\system32\blank.htm uDefault_Search_URL = hxxp://search.delta-homes.com/web/?type=ds&ts=1402563856&from=wpm0612&uid=TOSHIBAXMQ01ABD050_Z2EBP4YRTXXZ2EBP4YRT&q={searchTerms} mDefault_Search_URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1400746170&from=cor&uid=TOSHIBAXMQ01ABD050_Z2EBP4YRTXXZ2EBP4YRT&q={searchTerms} mDefault_Page_URL = hxxp://www.sweet-page.com/?type=hp&ts=1400746170&from=cor&uid=TOSHIBAXMQ01ABD050_Z2EBP4YRTXXZ2EBP4YRT mStart Page = hxxp://websearch.allsearches.info/?pid=34&r=2014/10/06&hid=7131349590877023000&lg=EN&cc=PL&unqvl=64 mLocal Page = c:\windows\SysWOW64\blank.htm mSearch Page = hxxp://www.sweet-page.com/web/?type=ds&ts=1400746170&from=cor&uid=TOSHIBAXMQ01ABD050_Z2EBP4YRTXXZ2EBP4YRT&q={searchTerms} IE: E&ksportuj do programu Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000 IE: E&xport to Microsoft Excel - c:\program files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000 IE: Se&nd to OneNote - c:\program files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105 IE: Wyślij &do programu OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105 IE: {{07BA1DA9-F501-4796-8728-74D1B91A6CD5} - c:\program files (x86)\PokerStars.EU\PokerStarsUpdate.exe TCP: DhcpNameServer = 192.168.0.1 FF - ProfilePath - c:\users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\abtftqck.default-1379621071496\ FF - prefs.js: browser.search.defaulturl - hxxp://websearch.allsearches.info/?pid=34&r=2014/10/06&hid=7131349590877023000&lg=EN&cc=PL&unqvl=64&l=1&q= FF - prefs.js: browser.search.selectedEngine - Yahoo! Search FF - prefs.js: browser.startup.homepage - hxxp://rts.dsrlte.com?affID=na FF - prefs.js: keyword.URL - hxxp://rts.dsrlte.com/?q= user_pref(extensions.autoDisableScopes,14); . - - - - USUNIĘTO PUSTE WPISY - - - - . BHO-{00f81ea5-d836-409f-b60f-dbf2ea98d48b} - c:\program files (x86)\YooutubeeAdBlockeu\7BdZ9oQlEZNXLu.dll BHO-{0aa1da7c-a556-415f-81de-86bd4759e681} - c:\programdata\SaveerExttensiionu\qnb0vQVWC2v1sc.dll BHO-{69b7de13-dbbf-4f01-a0d0-e78e170f0785} - c:\programdata\GGoSAvEE\d3J1j3rzfHg5Ar.dll BHO-{7fbbb258-aa77-41e4-abc1-7c322c0539b1} - c:\programdata\SaverExtension\47FtM2b8KBJDZN.dll BHO-{8dc3962e-0cee-4e31-a9d7-cae8a26b8f5b} - c:\program files (x86)\GGoSave\ghatrWl2iCuQDz.dll BHO-{fd6cd95c-f512-49f0-81d1-f4ceb7269849} - c:\programdata\FIndBEstDeaili\Zosc8qp3Jjhz5D.dll Wow6432Node-HKCU-Run-Badoo Desktop - c:\programdata\Badoo\Badoo Desktop\1.6.58.1220\Badoo.Desktop.exe Wow6432Node-HKCU-Run-LiveSupport - c:\program files (x86)\LiveSupport\LiveSupport.exe Wow6432Node-HKLM-Run-SDTray - c:\program files (x86)\Spybot - Search & Destroy 2\SDTray.exe BHO-{00f81ea5-d836-409f-b60f-dbf2ea98d48b} - c:\program files (x86)\YooutubeeAdBlockeu\7BdZ9oQlEZNXLu.x64.dll BHO-{0aa1da7c-a556-415f-81de-86bd4759e681} - c:\programdata\SaveerExttensiionu\qnb0vQVWC2v1sc.x64.dll BHO-{69b7de13-dbbf-4f01-a0d0-e78e170f0785} - c:\programdata\GGoSAvEE\d3J1j3rzfHg5Ar.x64.dll BHO-{7fbbb258-aa77-41e4-abc1-7c322c0539b1} - c:\programdata\SaverExtension\47FtM2b8KBJDZN.x64.dll BHO-{8dc3962e-0cee-4e31-a9d7-cae8a26b8f5b} - c:\program files (x86)\GGoSave\ghatrWl2iCuQDz.x64.dll BHO-{fd6cd95c-f512-49f0-81d1-f4ceb7269849} - c:\programdata\FIndBEstDeaili\Zosc8qp3Jjhz5D.x64.dll AddRemove-LiveSupport_is1 - c:\program files (x86)\LiveSupport\unins000.exe AddRemove-Metin2_is1 - c:\program files (x86)\GameforgeLive\Games\POL_pol\Metin2\unins001.exe AddRemove-Mobogenie - c:\program files (x86)\Mobogenie\uninst.exe AddRemove-Need for Speed Most Wanted_is1 - c:\ea games\Need for Speed Most Wanted\unins000.exe AddRemove-ParisVegasCasino - c:\program files (x86)\ParisVegasCasino\Uninstall.exe AddRemove-Poker MIRA 0 - c:\program files (x86)\Poker MIRA\Launcher.exe AddRemove-RegClean Pro_is1 - c:\program files (x86)\RegClean Pro\unins000.exe AddRemove-RegClean-Pro_is1 - c:\program files (x86)\RegClean Pro\unins000.exe AddRemove-S-576482620 - c:\programdata\trusted publisher\gs_booster\gs_booster.exe AddRemove-SlotsMagic - c:\program files (x86)\SlotsMagic\Uninstall.exe AddRemove-{274E3C5C-178E-EAE2-A52F-2863C0EECD46} - c:\programdata\SaverExtension\47FtM2b8KBJDZN.exe AddRemove-{37476589-E48E-439E-A706-56189E2ED4C4}_is1 - c:\programdata\DeleteAd\DeleteAd.exe AddRemove-{4820778D-AB0D-6D18-C316-52A6A0E1D507} - c:\programdata\YooutubeeAdBlockeu\xyJGWlpGhK4oRdA.exe AddRemove-{5F189DF5-2D05-472B-9091-84D9848AE48B}{4d349a54} - c:\progra~2\GS_BOO~1\ASSIST~1.DLL AddRemove-{64A4ABCA-CF3D-C548-2DC4-72A55DC5882A} - c:\programdata\GGoSAvEE\d3J1j3rzfHg5Ar.exe AddRemove-{B5DB572D-EA87-D3B0-08F6-4D153EA6A783} - c:\programdata\FIndBEstDeaili\Zosc8qp3Jjhz5D.exe AddRemove-{C87834EB-A2A0-B9D4-AA9A-C263D1191051} - c:\programdata\GGoSave\YmXx533xpcbPZQl.exe AddRemove-{F75070CD-DBC0-4857-9B3F-A0F888C5EB67}_is1 - c:\program files (x86)\Unibet Poker\unins000.exe . . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\CLVirtualDrive] "ImagePath"="\SystemRoot\system32\DRIVERS\CLVirtualDrive.sys" "ImagePath:"="c:\users\Jakub\Downloads\Divinity.Original.Sin.PL-HFT70s\Divinity.Original.Sin.PL.DVD2-HFT70s.iso" -- . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\NIS] "ImagePath"="\"c:\program files (x86)\Norton Internet Security\Engine\20.5.0.28\ccSvcHst.exe\" /s \"NIS\" /m \"c:\program files (x86)\Norton Internet Security\Engine\20.5.0.28\diMaster.dll\" /prefetch:1" "ImagePath"="\SystemRoot\system32\DRIVERS\CLVirtualDrive.sys" "ImagePath:"="c:\users\Jakub\Downloads\Divinity.Original.Sin.PL-HFT70s\Divinity.Original.Sin.PL.DVD2-HFT70s.iso" . --------------------- ZABLOKOWANE KLUCZE REJESTRU --------------------- . [HKEY_USERS\S-1-5-21-632503941-784987641-2221626834-1001CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\Software\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Common Client\ccIPC] @Denied: (C D) (Everyone) . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}] @Denied: (A) (Everyone) "Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3] @Denied: (A) (Everyone) . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0] "Key"="ActionsPane3" "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4d36e96d-e325-11ce-bfc1-08002be10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) @SACL=(02 0000) . Czas ukończenia: 2014-11-12 20:49:57 ComboFix-quarantined-files.txt 2014-11-12 19:49 . Przed: 26 821 980 160 bytes free Po: 28 900 294 656 bytes free . - - End Of File - - 2B236F9714BC72BC352DC711A489BBBF