Komputer wolno pracuje.

[Seb]

Witam.

Znajoma dała mi komputer i prosiła abym go naprawił.

 

To 32 bitowy laptop Toshiby.

 

Komputer bardzo wolno działa, wciąż wyskakują nowe okna z reklamami. Strona startowa Firefox ciągle się zmienia. To prawdopodobnie sprawka Conduit.

zeskanowałem komputer stopzilla, który znalazł mnóstwo trojanów.

 

Wykonałem logi FRST i Gmer.

Mam problem z OTL który w pewnym momencie pokazuje dziwny błąd. "2099/1/1 12:00 is not a valid date and time."

zatrzymuje się na c:\pagefile.sys ma on datę założenia 26.11.2013.

 

Bardzo proszę o pomoc.

Pozdrawiam Sebastian

 

 

FRST.txt

Addition.txt

gmer.txt

[jessica]

@Picasso już chyba za kilka dni zacznie pomagać po chorobie.

 

1) Odinstaluj:

AVG Security Toolbar (Version: 17.0.1.12)

Claro Chrome Toolbar (Version: 1.0.0.2)
Claro LTD toolbar

My Web Search (Cursor Mania)

Softonic toolbar  on IE and Chrome

SweetPacks Toolbar for Internet Explorer 4.4 (Version: 4.4.0001)

TUTO4PC

PC Performer (Version: 11.10)

 

2) Użyj >Adw-cleaner (aby pobrać kliknij na dużą zieloną strzałkę po prawej).  
najpierw kliknij na SZUKAJ, a dopiero po zakończeniu skanowania, gdy uaktywni się przycisk USUŃ, to kliknij na niego.
Pokaż raport z niego C:\AdwCleaner[s1].txt

 

3) Otwórz Notatnik i wklej w nim:

 

Task: {4C3EEB62-9FD2-4A56-B0AE-752A6B8E29D6} - System32\Tasks\PC Performer_DEFAULT => C:\Program Files\PC Performer\PCPerformer.exe [2012-03-14] (PerformerSoft LLC)
Task: {50E7E080-C4B9-4F1E-885F-245553DDE0E4} - System32\Tasks\PC Performer_UPDATES => C:\Program Files\PC Performer\PCPerformer.exe [2012-03-14] (PerformerSoft LLC)
C:\Program Files\PC Performer
Task: {7D91D70B-E794-4FF2-A38A-2CA519FD04A8} - System32\Tasks\Scheduled Update for Ask Toolbar => C:\Program Files\Ask.com\UpdateTask.exe [2013-01-24] ()
C:\Program Files\Ask.com
Task: {98AADB21-D28B-4EF8-866B-177C523C87B7} - System32\Tasks\BrowserProtect => Sc.exe start BrowserProtect
Task: {ADAAFB7C-0D42-4860-B6BE-487380BDD1EC} - System32\Tasks\DealPly => C:\Users\admin\AppData\Roaming\DealPly\UpdateProc\UpdateTask.exe [2013-03-10] () <==== ATTENTION
C:\Users\admin\AppData\Roaming\DealPly
Task: {E88EB846-9125-4BBB-8B58-E0404520385B} - System32\Tasks\PC Performer => C:\Program Files\PC Performer\PCPerformer.exe [2012-03-14] (PerformerSoft LLC)
Task: C:\Windows\Tasks\PC Performer_DEFAULT.job => C:\Program Files\PC Performer\PCPerformer.exe
Task: C:\Windows\Tasks\PC Performer_UPDATES.job => C:\Program Files\PC Performer\PCPerformer.exe
C:\ProgramData\BrowserProtect\2.5.986.67\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.dll
C:\Program Files\Common Files\AVG Secure Search
HKLM\...\Run: [] - [x]
HKLM\...\Run: [DATAMNGR] - C:\Program Files\Windows iLivid Toolbar\Datamngr\datamngrUI.exe [1694608 2011-12-06] (Bandoo Media, inc)
HKLM\...\Run: [sweetpacks Communicator] - C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe [295728 2012-02-26] (SweetIM Technologies Ltd.)
HKLM\...\Run: [ApnUpdater] - C:\Program Files\Ask.com\Updater\Updater.exe [1646216 2013-01-24] (Ask)
HKLM\...\Run: [MyWebSearch Email Plugin] - C:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE [38408 2012-04-29] (MyWebSearch.com)
C:\Program Files\Windows iLivid Toolbar
C:\Program Files\SweetIM\Communicator
C:\Program Files\MyWebSearch
HKLM\...\Run: [vProt] - C:\Program Files\AVG Secure Search\vprot.exe [2404376 2013-10-09] ()
HKLM\...\Run: [My Web Search Bar Search Scope Monitor] - C:\Program Files\MyWebSearch\bar\1.bin\M3SRCHMN.EXE [34336 2012-04-29] (MyWebSearch.com)
HKCU\...\Run: [MyWebSearch Email Plugin] - C:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE [38408 2012-04-29] (MyWebSearch.com)
C:\Program Files\AVG Secure Search
AppInit_DLLs: C:\ProgramData\BrowserProtect\2.5.986.67\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.dll [ 2012-12-06] ()
C:\ProgramData\BrowserProtect
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.qvo6.com/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=hp&from=cor&uid=HitachiXHTS541616J9SA00_SB2482GJJUTE3HJUTE3HX&ts=1381844290
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.qvo6.com/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=hp&from=cor&uid=HitachiXHTS541616J9SA00_SB2482GJJUTE3HJUTE3HX&ts=1381844290
HKCU\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = http://www.claro-search.com/home?affID=117242&tt=5012_4
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.qvo6.com/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=hp&from=cor&uid=HitachiXHTS541616J9SA00_SB2482GJJUTE3HJUTE3HX&ts=1381844290
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.qvo6.com/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=hp&from=cor&uid=HitachiXHTS541616J9SA00_SB2482GJJUTE3HJUTE3HX&ts=1381844290
URLSearchHook: HKLM - (No Name) - {87d5d709-40f2-48a7-8f47-7bb821af70ab} -  No File
URLSearchHook: ATTENTION ==> Default URLSearchHook is missing.
URLSearchHook: HKCU - UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
URLSearchHook: HKCU - (No Name) - {87d5d709-40f2-48a7-8f47-7bb821af70ab} -  No File
URLSearchHook: HKCU - (No Name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\bar\1.bin\MWSSRCAS.DLL (MyWebSearch.com)
URLSearchHook: HKCU - SweetIM ToolbarURLSearchHook Class - {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll (SweetIM Technologies Ltd.)
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe http://www.qvo6.com/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=sc&from=cor&uid=HitachiXHTS541616J9SA00_SB2482GJJUTE3HJUTE3HX&ts=1381844290
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.qvo6.com/web/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=ds&from=cor&uid=HitachiXHTS541616J9SA00_SB2482GJJUTE3HJUTE3HX&ts=1381844291&type=default&q={searchTerms}
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.qvo6.com/web/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=ds&from=cor&uid=HitachiXHTS541616J9SA00_SB2482GJJUTE3HJUTE3HX&ts=1381844291&type=default&q={searchTerms}
SearchScopes: HKLM - {56256A51-B582-467e-B8D4-7786EDA79AE0} URL = http://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=ZCchr999&ptnrS=ZCchr999&ptb=2G0PefBOLM9xQX.la6q_tg&ind=2012103103&n=77ee41bf&psa=&st=sb&searchfor={searchTerms}
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search-results.com/sr?src=ieb&appid=113&systemid=406&sr=0&q={searchTerms}
SearchScopes: HKLM - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2907651
SearchScopes: HKLM - {EEE6C360-6118-11DC-9C72-001320C79847} URL = http://search.sweetim.com/search.asp?src=6&q={searchTerms}&barid={BD11CD54-21AE-4AF2-B9B2-1CF6F558B3FE}
SearchScopes: HKCU - DefaultScope {56256A51-B582-467e-B8D4-7786EDA79AE0} URL = http://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=ZCchr999&ptnrS=ZCchr999&ptb=2G0PefBOLM9xQX.la6q_tg&ind=2012103103&n=77ee41bf&psa=&st=sb&searchfor={searchTerms}
SearchScopes: HKCU - bProtectorDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www.claro-search.com/?q={searchTerms}&affID=117242&tt=5012_4&babsrc=SP_def&mntrId=b49261420000000000000016447c4e30
SearchScopes: HKCU - {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} URL = http://websearch.ask.com/redirect?client=ie&tb=FXTV5&o=101699&src=crm&q={searchTerms}&locale=en_US&apn_ptnrs=F4&apn_dtid=YYYYYYYYPL&apn_uid=1b8a0a2f-16e4-4b4b-bc24-01190fc4ae4b&apn_sauid=2C40D226-364A-4086-9CCE-FA8687A94DF0
SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.qvo6.com/web/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=ds&from=cor&uid=HitachiXHTS541616J9SA00_SB2482GJJUTE3HJUTE3HX&ts=1381844291&type=default&q={searchTerms}
SearchScopes: HKCU - {56256A51-B582-467e-B8D4-7786EDA79AE0} URL = http://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=ZCchr999&ptnrS=ZCchr999&ptb=2G0PefBOLM9xQX.la6q_tg&ind=2012103103&n=77ee41bf&psa=&st=sb&searchfor={searchTerms}
SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = http://isearch.avg.com/search?cid={E1D046EC-9780-41F7-8DFE-7BC25652C258}&mid=af9b7773ddee4392aaf825f336cd1d7e-744ac32d8c739ed98ab7bcb0933793199a321991&lang=pl&ds=ax011&pr=&d=2013-01-05 19:00:12&v=17.0.1.12&pid=avg&sg=0&sap=dsp&q={searchTerms}
SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search-results.com/sr?src=ieb&appid=113&systemid=406&sr=0&q={searchTerms}
SearchScopes: HKCU - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2907651
SearchScopes: HKCU - {CFF4DB9B-135F-47c0-9269-B4C6572FD61A} URL = http://mystart.incredibar.com/mb139/?search={searchTerms}&loc=IB_DS&a=6R8svwotJB&i=26
SearchScopes: HKCU - {EEE6C360-6118-11DC-9C72-001320C79847} URL = http://search.sweetim.com/search.asp?src=6&q={searchTerms}&barid={BD11CD54-21AE-4AF2-B9B2-1CF6F558B3FE}
BHO: Claro LTD Helper Object - {000F18F2-09EB-4A59-82B2-5AE4184C39C3} - C:\Program Files\Claro LTD\claro\1.8.3.10\bh\claro.dll (Montera Technologeis LTD)
BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\bar\1.bin\MWSSRCAS.DLL (MyWebSearch.com)
BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL (MyWebSearch.com)
BHO: bflix Class - {0C9F4179-6CE2-4c6a-A3E5-67FF3592A12E} - C:\Program Files\BFlix\bflix.dll (bflix)
BHO: No Name - {2EECD738-5844-4a99-B4B6-146BF802613B} -  No File
BHO: No Name - {336D0C35-8A85-403a-B9D2-65C292C39087} -  No File
BHO: ADDICT-THING Class - {4889F191-B666-47C4-A7A2-E4FDD63345B5} - C:\ProgramData\ADDICT-THING\bhoclass.dll ()
BHO: No Name - {87d5d709-40f2-48a7-8f47-7bb821af70ab} -  No File
BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\17.0.1.12\AVG Secure Search_toolbar.dll (AVG Secure Search)
BHO: Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\Program Files\Windows iLivid Toolbar\Datamngr\ToolBar\searchqudtx.dll ()
BHO: DataMngr - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\Program Files\Windows iLivid Toolbar\Datamngr\BrowserConnection.dll (Bandoo Media, inc)
BHO: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
BHO: No Name - {DBC80044-A445-435b-BC74-9C25C1C588A9} -  No File
BHO: Softonic Helper Object - {E87806B5-E908-45FD-AF5E-957D83E58E68} - C:\Program Files\Softonic\softonic\1.5.11.5\bh\softonic.dll (Softonic.com)
BHO: SweetPacks Browser Helper - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
Toolbar: HKLM - No Name - {D0F4A166-B8D4-48b8-9D63-80849FE137CB} -  No File
Toolbar: HKLM - Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\Program Files\Windows iLivid Toolbar\Datamngr\ToolBar\searchqudtx.dll ()
Toolbar: HKLM - Softonic Toolbar - {5018CFD2-804D-4C99-9F81-25EAEA2769DE} - C:\Program Files\Softonic\softonic\1.5.11.5\softonicTlbr.dll (Softonic.com)
Toolbar: HKLM - SweetPacks Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
Toolbar: HKLM - Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
Toolbar: HKLM - My Web Search - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL (MyWebSearch.com)
Toolbar: HKLM - Claro LTD Toolbar - {9E131A93-EED7-4BEB-B015-A0ADB30B5646} - C:\Program Files\Claro LTD\claro\1.8.3.10\claroTlbr.dll (Montera Technologeis LTD)
Toolbar: HKLM - AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\17.0.1.12\AVG Secure Search_toolbar.dll (AVG Secure Search)
Toolbar: HKCU - No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} -  No File
Toolbar: HKCU - SweetPacks Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\17.0.12\ViProtocol.dll (AVG Secure Search)
F NewTab: hxxp://www.qvo6.com/newtab/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=nt&from=cor&uid=HitachiXHTS541616J9SA00_SB2482GJJUTE3HJUTE3HX&ts=1381844290
FF DefaultSearchEngine: ST-Polska2 Customized Web Search
FF SearchEngineOrder.1: Ask.com
FF SelectedSearchEngine: ST-Polska2 Customized Web Search
FF Homepage: hxxp://search.conduit.com/?CUI=UN29374157781035464&ctid=CT2907651&SearchSource=13
FF Keyword.URL: hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2907651&SearchSource=2&CUI=UN29374157781035464&UM=cor&q=
FF Plugin: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin - C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\17.0.12\\npsitesafety.dll (AVG Technologies)
FF Plugin: @mywebsearch.com/Plugin - C:\Program Files\MyWebSearch\bar\1.bin\NPMyWebS.dll (MyWebSearch.com)
FF Plugin: @mywebsearch.com/Plugin - C:\Program Files\MyWebSearch\bar\1.bin\NPMyWebS.dll (MyWebSearch.com)
FF Plugin: @real.com/nppl3260;version=6.0.11.2105 - C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=6.0.12.1212 - C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\admin\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF SearchPlugin: C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qttlp4t1.default\searchplugins\askcom.xml
FF SearchPlugin: C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qttlp4t1.default\searchplugins\avg-secure-search.xml
FF SearchPlugin: C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qttlp4t1.default\searchplugins\BrowserProtect.xml
FF SearchPlugin: C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qttlp4t1.default\searchplugins\conduit.xml
FF SearchPlugin: C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qttlp4t1.default\searchplugins\MyStart Search.xml
FF SearchPlugin: C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qttlp4t1.default\searchplugins\mywebsearch.xml
FF SearchPlugin: C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qttlp4t1.default\searchplugins\Search_Results.xml
FF SearchPlugin: C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qttlp4t1.default\searchplugins\softonic.xml
FF SearchPlugin: C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qttlp4t1.default\searchplugins\st-polska2-customized-web-search.xml
FF SearchPlugin: C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qttlp4t1.default\searchplugins\sweetim.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\avg-secure-search.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\babylon.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\qvo6.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\Search_Results.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\avg-secure-search.xml
FF Extension: Foxit PDF Creator Toolbar - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qttlp4t1.default\Extensions\toolbar@ask.com
FF Extension: ST-Polska2  - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qttlp4t1.default\Extensions\{87d5d709-40f2-48a7-8f47-7bb821af70ab}
FF HKLM\...\Firefox\Extensions: [m3ffxtbr@mywebsearch.com] - C:\Program Files\MyWebSearch\bar\1.bin
FF Extension: My Web Search - C:\Program Files\MyWebSearch\bar\1.bin
FF HKLM\...\Firefox\Extensions: [avg@toolbar] - C:\ProgramData\AVG Secure Search\FireFoxExt\17.0.1.12
FF HKCU\...\Firefox\Extensions: [{58bd07eb-0ee0-4df0-8121-dc9b693373df}] - C:\ProgramData\BrowserProtect\2.5.986.67\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension
FF Extension: BrowserProtect - C:\ProgramData\BrowserProtect\2.5.986.67\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension
CHR Extension: (Claro Toolbar) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcillohgikpecbmgioknapdpcjofaafl\1.4_0
CHR Extension: (DealPly) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gaiilaahiahdejapggenmdmafpmbipje\3.3.7.2_0
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcillohgikpecbmgioknapdpcjofaafl
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gaiilaahiahdejapggenmdmafpmbipje
CHR Extension: (Bflix extension) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlfihafpijfdgmojeeigcldgchhojpfp\1.0_0
CHR Extension: (AVG Security Toolbar) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\14.2.0.1_0
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlfihafpijfdgmojeeigcldgchhojpfp
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
CHR HKLM\...\Chrome\Extension: [dcillohgikpecbmgioknapdpcjofaafl] - C:\Users\admin\AppData\Roaming\Claro\claro.crx
CHR HKLM\...\Chrome\Extension: [dlnembnfbcpjnepmfjmngjenhhajpdfd] - C:\Program Files\Web Assistant\source.crx
CHR HKLM\...\Chrome\Extension: [gaiilaahiahdejapggenmdmafpmbipje] - C:\Program Files\DealPly\DealPly.crx
C:\Program Files\Web Assistant
CHR HKLM\...\Chrome\Extension: [ifohbjbgfchkkfhphahclmkpgejiplfo] - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx
CHR HKLM\...\Chrome\Extension: [jlfihafpijfdgmojeeigcldgchhojpfp] - C:\Program Files\BFlix\BFlix.crx
CHR HKLM\...\Chrome\Extension: [ndibdjnfmopecpmkdieinmbadjfpblof] - C:\ProgramData\AVG Secure Search\ChromeExt\17.0.1.12\avg.crx
CHR HKLM\...\Chrome\Extension: [pgafcinpmmpklohkojmllohdhomoefph] - C:\ProgramData\BrowserProtect\2.5.986.67\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.crx
CHR StartMenuInternet: Google Chrome - C:\Program Files\Google\Chrome\Application\chrome.exe http://www.qvo6.com/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=sc&from=cor&uid=HitachiXHTS541616J9SA00_SB2482GJJUTE3HJUTE3HX&ts=1381844290
R2 MyWebSearchService; C:\Program Files\MyWebSearch\bar\1.bin\MWSSVC.EXE [34320 2012-04-29] (MyWebSearch.com)
R2 vToolbarUpdater17.0.12; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.0.12\ToolbarUpdater.exe [1734680 2013-10-09] (AVG Secure Search)
S0 szkgfs; system32\drivers\szkgfs.sys [x]

Plik zapisz pod nazwą fixlist.txt i umieść obok narzędzia FRST. Uruchom FRST i kliknij w Fix. Powstanie plik fixlog.txt. Daj ten log.

 

4) Zrób nowe logi z FRST.

 

jessi

[Seb]

Dziękuję Jessi za odpowiedź.

 

Oto logi:

 

ADW:

 

# AdwCleaner v3.013 - Log utworzony 26/11/2013 o 22:20:51
# Aktualizacja 24/11/2013 przez Xplode
# System operacyjny : Windows Vista Home Basic Service Pack 2 (32 bits)
# Użytkownik : admin - ADMIN-PC
# Ścieżka : C:\!!!!!!! seb\AdwCleaner.exe
# Opcja : Usuń

***** [ Usługi ] *****


***** [ Pliki / Foldery ] *****

Folder Usunięto : C:\ProgramData\Babylon
Folder Usunięto : C:\ProgramData\boost_interprocess
Folder Usunięto : C:\ProgramData\BrowserProtect
Folder Usunięto : C:\ProgramData\eSafe
Folder Usunięto : C:\ProgramData\IBUpdaterService
Folder Usunięto : C:\ProgramData\Premium
Folder Usunięto : C:\ProgramData\SweetIM
Folder Usunięto : C:\ProgramData\ADDICT-THING
Folder Usunięto : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DealPly
Folder Usunięto : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\registry mechanic
Folder Usunięto : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ADDICT-THING
Folder Usunięto : C:\Program Files\~Web Assistant
Folder Usunięto : C:\Program Files\Ask.com
Folder Usunięto : C:\Program Files\Conduit
Folder Usunięto : C:\Program Files\ConduitEngine
Folder Usunięto : C:\Program Files\DealPly
Folder Usunięto : C:\Program Files\iLivid
Folder Usunięto : C:\Program Files\majtuto4pc
Folder Usunięto : C:\Program Files\MyWebSearch
Folder Usunięto : C:\Program Files\registry mechanic
Folder Usunięto : C:\Program Files\SweetIM
Folder Usunięto : C:\Program Files\Windows iLivid Toolbar
Folder Usunięto : C:\Program Files\Softonic-Polska2
Folder Usunięto : C:\Windows\installer\{86d4b82a-abed-442a-be86-96357b70f4fe}
Folder Usunięto : C:\Users\admin\AppData\Local\apn
Folder Usunięto : C:\Users\admin\AppData\Local\Conduit
Folder Usunięto : C:\Users\admin\AppData\Local\Ilivid Player
Folder Usunięto : C:\Users\admin\AppData\Local\PackageAware
Folder Usunięto : C:\Users\admin\AppData\LocalLow\AskToolbar
Folder Usunięto : C:\Users\admin\AppData\LocalLow\BabylonToolbar
Folder Usunięto : C:\Users\admin\AppData\LocalLow\Claro LTD
Folder Usunięto : C:\Users\admin\AppData\LocalLow\Conduit
Folder Usunięto : C:\Users\admin\AppData\LocalLow\ConduitEngine
Folder Usunięto : C:\Users\admin\AppData\LocalLow\PriceGong
Folder Usunięto : C:\Users\admin\AppData\LocalLow\searchquband
Folder Usunięto : C:\Users\admin\AppData\LocalLow\Softonic
Folder Usunięto : C:\Users\admin\AppData\LocalLow\Softonic-Polska2
Folder Usunięto : C:\Users\admin\AppData\Roaming\Babylon
Folder Usunięto : C:\Users\admin\AppData\Roaming\DealPly
Folder Usunięto : C:\Users\admin\AppData\Roaming\PerformerSoft
Folder Usunięto : C:\Users\admin\AppData\Roaming\registry mechanic
Folder Usunięto : C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserProtect
Folder Usunięto : C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qttlp4t1.default\ConduitCommon
Folder Usunięto : C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qttlp4t1.default\Searchqutoolbar
Folder Usunięto : C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qttlp4t1.default\Smartbar
Folder Usunięto : C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qttlp4t1.default\SweetIMToolbarData
Folder Usunięto : C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qttlp4t1.default\CT2907651
Folder Usunięto : C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qttlp4t1.default\Extensions\toolbar@ask.com
Folder Usunięto : C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qttlp4t1.default\Extensions\{87d5d709-40f2-48a7-8f47-7bb821af70ab}
Folder Usunięto : C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Plik Usunięto : C:\Windows\system32\conduitEngine.tmp
Plik Usunięto : C:\Windows\system32\roboot.exe
Plik Usunięto : C:\Users\admin\AppData\Local\Temp\searchqutoolbar-manifest.xml
Plik Usunięto : C:\Users\admin\AppData\Local\Temp\Uninstall.exe
Plik Usunięto : C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qttlp4t1.default\bProtector_extensions.rdf
Plik Usunięto : C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qttlp4t1.default\bprotector_extensions.sqlite
Plik Usunięto : C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qttlp4t1.default\bprotector_prefs.js
Plik Usunięto : C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qttlp4t1.default\invalidprefs.js
Plik Usunięto : C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qttlp4t1.default\searchplugins\Askcom.xml
Plik Usunięto : C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qttlp4t1.default\searchplugins\avg-secure-search.xml
Plik Usunięto : C:\Program Files\Mozilla Firefox\searchplugins\avg-secure-search.xml
Plik Usunięto : C:\Program Files\Mozilla Firefox\searchplugins\Babylon.xml
Plik Usunięto : C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qttlp4t1.default\searchplugins\BrowserProtect.xml
Plik Usunięto : C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qttlp4t1.default\searchplugins\Conduit.xml
Plik Usunięto : C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qttlp4t1.default\searchplugins\MyStart Search.xml
Plik Usunięto : C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qttlp4t1.default\searchplugins\mywebsearch.xml
Plik Usunięto : C:\Program Files\Mozilla Firefox\searchplugins\qvo6.xml
Plik Usunięto : C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qttlp4t1.default\searchplugins\Search_Results.xml
Plik Usunięto : C:\Program Files\Mozilla Firefox\searchplugins\Search_Results.xml
Plik Usunięto : C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qttlp4t1.default\searchplugins\softonic.xml
Plik Usunięto : C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qttlp4t1.default\searchplugins\SweetIm.xml
Plik Usunięto : C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qttlp4t1.default\user.js
Plik Usunięto : C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\bProtector Web Data
Plik Usunięto : C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\bprotectorpreferences
Plik Usunięto : C:\Windows\System32\Tasks\BrowserProtect
Plik Usunięto : C:\Windows\System32\Tasks\Dealply
Plik Usunięto : C:\Windows\System32\Tasks\Scheduled Update for Ask Toolbar

***** [ Skróty ] *****

Skrót Wyleczono : C:\Users\Public\Desktop\Google Chrome.lnk
Skrót Wyleczono : C:\Users\Public\Desktop\Mozilla Firefox.lnk
Skrót Wyleczono : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
Skrót Wyleczono : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk
Skrót Wyleczono : C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Skrót Wyleczono : C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
Skrót Wyleczono : C:\Users\admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome (2).lnk
Skrót Wyleczono : C:\Users\admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
Skrót Wyleczono : C:\Users\admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Skrót Wyleczono : C:\Users\admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk

***** [ Rejestr ] *****

Wartość Usunięto : HKCU\Software\Mozilla\Firefox\Extensions [{58BD07EB-0EE0-4DF0-8121-DC9B693373DF}]
Wartość Usunięto : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [4faaf285f03f9@4faaf285f03fa.info]
Klucz Usunięto : HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Klucz Usunięto : HKCU\Software\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje
Klucz Usunięto : HKLM\SOFTWARE\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje
Klucz Usunięto : HKLM\SOFTWARE\Google\Chrome\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo
Klucz Usunięto : HKLM\SOFTWARE\Google\Chrome\Extensions\pgafcinpmmpklohkojmllohdhomoefph
Klucz Usunięto : HKLM\SOFTWARE\Google\Chrome\Extensions\nonnbhnjfhfcpmfdegkohnemghnglgpp
[#] Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{98AADB21-D28B-4EF8-866B-177C523C87B7}
[#] Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{98AADB21-D28B-4EF8-866B-177C523C87B7}
[#] Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{ADAAFB7C-0D42-4860-B6BE-487380BDD1EC}
[#] Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{ADAAFB7C-0D42-4860-B6BE-487380BDD1EC}
[#] Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7D91D70B-E794-4FF2-A38A-2CA519FD04A8}
[#] Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7D91D70B-E794-4FF2-A38A-2CA519FD04A8}
Wartość Usunięto : HKCU\Software\Microsoft\Internet Explorer\Main [bprotector start page]
Wartość Usunięto : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]
Klucz Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Klucz Usunięto : HKLM\SOFTWARE\Classes\AppID\Extension.DLL
Klucz Usunięto : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Klucz Usunięto : HKLM\SOFTWARE\Classes\b
Klucz Usunięto : HKLM\SOFTWARE\Classes\Babylon.dskBnd
Klucz Usunięto : HKLM\SOFTWARE\Classes\Babylon.dskBnd.1
Klucz Usunięto : HKLM\SOFTWARE\Classes\bbylnApp.appCore
Klucz Usunięto : HKLM\SOFTWARE\Classes\bbylnApp.appCore.1
Klucz Usunięto : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr
Klucz Usunięto : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1
Klucz Usunięto : HKLM\SOFTWARE\Classes\bhoclass.bho.bhoclass.bho
Klucz Usunięto : HKLM\SOFTWARE\Classes\bhoclass.bho.bhoclass.bho.1.0
Klucz Usunięto : HKLM\SOFTWARE\Classes\Conduit.Engine
Klucz Usunięto : HKLM\SOFTWARE\Classes\escort.escrtBtn.1
Klucz Usunięto : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc
Klucz Usunięto : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc.1
Klucz Usunięto : HKLM\SOFTWARE\Classes\Extension.ExtensionHelperObject
Klucz Usunięto : HKLM\SOFTWARE\Classes\Extension.ExtensionHelperObject.1
Klucz Usunięto : HKLM\SOFTWARE\Classes\FunWebProductsInstaller.Start
Klucz Usunięto : HKLM\SOFTWARE\Classes\FunWebProductsInstaller.Start.1
Klucz Usunięto : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Klucz Usunięto : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Klucz Usunięto : HKLM\SOFTWARE\Classes\ilivid
Klucz Usunięto : HKLM\SOFTWARE\Classes\Prod.cap
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SweetPacks Communicator
Wartość Usunięto : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnUpdater]
Wartość Usunięto : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [Tutorials]
Klucz Usunięto : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WsysSvc
Klucz Usunięto : HKCU\Software\92d7dbb23de843
Klucz Usunięto : HKLM\SOFTWARE\92d7dbb23de843
Klucz Usunięto : HKLM\SOFTWARE\Classes\Toolbar.CT2907651
Wartość Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [DrvUpdater]
Klucz Usunięto : HKLM\SOFTWARE\Classes\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Klucz Usunięto : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Klucz Usunięto : HKLM\SOFTWARE\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}
Klucz Usunięto : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Klucz Usunięto : HKLM\SOFTWARE\Classes\AppID\{B302A1BD-0157-49FA-90F1-4E94F22C7B4B}
Klucz Usunięto : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Klucz Usunięto : HKLM\SOFTWARE\Classes\AppID\{C2178B36-2955-479B-818C-A2AE8E500454}
Klucz Usunięto : HKLM\SOFTWARE\Classes\AppID\{C3110516-8EFC-49D6-8B72-69354F332062}
Klucz Usunięto : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Klucz Usunięto : HKLM\SOFTWARE\Classes\CLSID\{0C9F4179-6CE2-4C6A-A3E5-67FF3592A12E}
Klucz Usunięto : HKLM\SOFTWARE\Classes\CLSID\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB}
Klucz Usunięto : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Klucz Usunięto : HKLM\SOFTWARE\Classes\CLSID\{9AFB8248-617F-460D-9366-D71CDEDA3179}
Klucz Usunięto : HKLM\SOFTWARE\Classes\CLSID\{A4730EBE-43A6-443E-9776-36915D323AD3}
Klucz Usunięto : HKLM\SOFTWARE\Classes\CLSID\{AF175732-0D59-716D-F757-9F1492D808D9}
Klucz Usunięto : HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Klucz Usunięto : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Klucz Usunięto : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Klucz Usunięto : HKLM\SOFTWARE\Classes\CLSID\{4889F191-B666-47C4-A7A2-E4FDD63345B5}
Klucz Usunięto : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Klucz Usunięto : HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
Klucz Usunięto : HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
Klucz Usunięto : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Klucz Usunięto : HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
Klucz Usunięto : HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
Klucz Usunięto : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Klucz Usunięto : HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
Klucz Usunięto : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Klucz Usunięto : HKLM\SOFTWARE\Classes\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB}
Klucz Usunięto : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Klucz Usunięto : HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
Klucz Usunięto : HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
Klucz Usunięto : HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
Klucz Usunięto : HKLM\SOFTWARE\Classes\Interface\{BBA74401-6D6F-4BBD-9F65-E8623814F3BB}
Klucz Usunięto : HKLM\SOFTWARE\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393}
Klucz Usunięto : HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Klucz Usunięto : HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
Klucz Usunięto : HKLM\SOFTWARE\Classes\Interface\{D2F39980-399F-492E-8D88-5FF7CCB3B47F}
Klucz Usunięto : HKLM\SOFTWARE\Classes\Interface\{DB507187-9746-458C-97DA-C458131EEDE7}
Klucz Usunięto : HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
Klucz Usunięto : HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
Klucz Usunięto : HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
Klucz Usunięto : HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}
Klucz Usunięto : HKLM\SOFTWARE\Classes\TypeLib\{1D5A4199-956E-49BC-B89F-6A35C57C0D13}
Klucz Usunięto : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Klucz Usunięto : HKLM\SOFTWARE\Classes\TypeLib\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Klucz Usunięto : HKLM\SOFTWARE\Classes\TypeLib\{6E8BF012-2C85-4834-B10A-1B31AF173D70}
Klucz Usunięto : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Klucz Usunięto : HKLM\SOFTWARE\Classes\TypeLib\{C2CF0D01-7657-48AA-98C9-AE5E64757FCC}
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0C9F4179-6CE2-4C6A-A3E5-67FF3592A12E}
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4889F191-B666-47C4-A7A2-E4FDD63345B5}
Klucz Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{000F18F2-09EB-4A59-82B2-5AE4184C39C3}
Klucz Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF1-072E-44CF-8957-5838F569A31D}
Klucz Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA1-A523-4961-B6BB-170DE4475CCA}
Klucz Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA9-A523-4961-B6BB-170DE4475CCA}
Klucz Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0C9F4179-6CE2-4C6A-A3E5-67FF3592A12E}
Klucz Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Klucz Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D}
Klucz Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{336D0C35-8A85-403A-B9D2-65C292C39087}
Klucz Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5018CFD2-804D-4C99-9F81-25EAEA2769DE}
Klucz Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}
Klucz Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Klucz Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}
Klucz Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Klucz Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9D717F81-9148-4F12-8568-69135F087DB0}
Klucz Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9E131A93-EED7-4BEB-B015-A0ADB30B5646}
Klucz Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}
Klucz Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Klucz Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Klucz Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E87806B5-E908-45FD-AF5E-957D83E58E68}
Klucz Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}
Klucz Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}
Klucz Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9639E4A-801B-4843-AEE3-03D9DA199E77}
Klucz Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4889F191-B666-47C4-A7A2-E4FDD63345B5}
Klucz Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{87D5D709-40F2-48A7-8F47-7BB821AF70AB}
Klucz Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{07B18EA9-A523-4961-B6BB-170DE4475CCA}
Klucz Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{5018CFD2-804D-4C99-9F81-25EAEA2769DE}
Klucz Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D0F4A166-B8D4-48B8-9D63-80849FE137CB}
Klucz Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Klucz Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847}
Klucz Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F9639E4A-801B-4843-AEE3-03D9DA199E77}
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{08858AF6-42AD-4914-95D2-AC3AB0DC8E28}
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB}
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EE3B6D4E-A7B3-434C-A1F8-27B2A3C56ED3}
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59C7FC09-1C83-4648-B3E6-003D2BBC7481}
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68AF847F-6E91-45DD-9B68-D6A12C30E5D7}
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170B96C-28D4-4626-8358-27E6CAEEF907}
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D1A71FA0-FF48-48DD-9B6D-7A13A3E42127}
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DDB1968E-EAD6-40FD-8DAE-FF14757F60C7}
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F138D901-86F0-4383-99B6-9CDD406036DA}
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F8542AEE-ABE1-49C8-9CCB-460941B4085B}
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F8FD2433-AEF3-4D37-BEB7-CCB105FC0A5C}
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A3F0845F-1939-47F8-8A0A-06C9F235DB96}
Klucz Usunięto : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Klucz Usunięto : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Klucz Usunięto : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Klucz Usunięto : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467E-B8D4-7786EDA79AE0}
Klucz Usunięto : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Klucz Usunięto : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Klucz Usunięto : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47C0-9269-B4C6572FD61A}
Klucz Usunięto : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467E-B8D4-7786EDA79AE0}
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Wartość Usunięto : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{98889811-442D-49DD-99D7-DC866BE87DBC}]
Wartość Usunięto : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Wartość Usunięto : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Wartość Usunięto : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00000000-6E41-4FD3-8538-502F5495E5FC}]
Wartość Usunięto : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{87D5D709-40F2-48A7-8F47-7BB821AF70AB}]
Wartość Usunięto : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{87D5D709-40F2-48A7-8F47-7BB821AF70AB}]
Dane Przywrócono : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Klucz Usunięto : HKCU\Software\APN
Klucz Usunięto : HKCU\Software\Ask.com
Klucz Usunięto : HKCU\Software\BFlix
Klucz Usunięto : HKCU\Software\Conduit
Klucz Usunięto : HKCU\Software\DataMngr
Klucz Usunięto : HKCU\Software\DealPly
Klucz Usunięto : HKCU\Software\ilivid
Klucz Usunięto : HKCU\Software\IM
Klucz Usunięto : HKCU\Software\ImInstaller
Klucz Usunięto : HKCU\Software\InstallCore
Klucz Usunięto : HKCU\Software\MyWebSearch
Klucz Usunięto : HKCU\Software\Tutorials
Klucz Usunięto : HKCU\Software\TutoTag
Klucz Usunięto : HKCU\Software\AppDataLow\Toolbar
Klucz Usunięto : HKCU\Software\AppDataLow\Software\AskToolbar
Klucz Usunięto : HKCU\Software\AppDataLow\Software\Conduit
Klucz Usunięto : HKCU\Software\AppDataLow\Software\conduitEngine
Klucz Usunięto : HKCU\Software\AppDataLow\Software\Fun Web Products
Klucz Usunięto : HKCU\Software\AppDataLow\Software\MyWebSearch
Klucz Usunięto : HKCU\Software\AppDataLow\Software\PriceGong
Klucz Usunięto : HKCU\Software\AppDataLow\Software\searchqutoolbar
Klucz Usunięto : HKCU\Software\AppDataLow\Software\SmartBar
Klucz Usunięto : HKCU\Software\AppDataLow\Software\Softonic-Polska2
Klucz Usunięto : HKLM\Software\APN
Klucz Usunięto : HKLM\Software\AskToolbar
Klucz Usunięto : HKLM\Software\Babylon
Klucz Usunięto : HKLM\Software\BFlix
Klucz Usunięto : HKLM\Software\Conduit
Klucz Usunięto : HKLM\Software\conduitEngine
Klucz Usunięto : HKLM\Software\DealPly
Klucz Usunięto : HKLM\Software\eSafeSecControl
Klucz Usunięto : HKLM\Software\Fun Web Products
Klucz Usunięto : HKLM\Software\FunWebProducts
Klucz Usunięto : HKLM\Software\ilivid
Klucz Usunięto : HKLM\Software\MyWebSearch
Klucz Usunięto : HKLM\Software\qvo6Software
Klucz Usunięto : HKLM\Software\Uniblue
Klucz Usunięto : HKLM\Software\Web Assistant
Klucz Usunięto : HKLM\Software\Softonic-Polska2
Klucz Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{71277DC4-4217-462A-9FF4-62D7815B2C69}
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8D15E1B2-D2B7-4A17-B44B-D2DDE5981406}
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{FB697452-8CA4-46B4-98B1-165C922A2EF3}
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BFlix
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ilivid
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Conduit Engine
Klucz Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{069b290f-5398-4629-a009-85b4bcb4b1b9}
Klucz Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}
Klucz Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{2F603A45-D956-496B-81B5-50D782424976}
Klucz Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{336D0C35-8A85-403a-B9D2-65C292C39087}_is1
Klucz Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{71277DC4-4217-462A-9FF4-62D7815B2C69}
Klucz Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{79A765E1-C399-405B-85AF-466F52E918B0}
Klucz Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Klucz Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{FB697452-8CA4-46B4-98B1-165C922A2EF3}
Klucz Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\AVG Secure Search
Klucz Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\BabylonToolbar
Klucz Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\BFlix
Klucz Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\claro
Klucz Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\conduitEngine
Klucz Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\DealPly
Klucz Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ilivid
Klucz Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\mywebsearch bar uninstall
Klucz Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\PC Performer_is1
Klucz Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Softonic
Klucz Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Tuto4pc_is1
Klucz Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Windows Searchqu Toolbar
Klucz Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Softonic-Polska2 Toolbar
Klucz Usunięto : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2
Klucz Usunięto : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E
Klucz Usunięto : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\12BF94BD06C95F343A77631402B9556A
Klucz Usunięto : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6
Klucz Usunięto : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2124D8A8CF720FD44866190AF560228E
Klucz Usunięto : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7
Klucz Usunięto : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\27A325ACED8CA4743A30127638591ADB
Klucz Usunięto : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852
Klucz Usunięto : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\350D17402BD84234EAF7D32F08172D7C
Klucz Usunięto : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3EE8C5F419057E1478A654868CEE60B5
Klucz Usunięto : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4735D908D66E1BA46B6C2D7185A12B2B
Klucz Usunięto : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
Klucz Usunięto : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
Klucz Usunięto : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96
Klucz Usunięto : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8
Klucz Usunięto : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\76D8378E2DDAED3428720A631F6E3BF0
Klucz Usunięto : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01
Klucz Usunięto : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
Klucz Usunięto : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9A001B259DB7D694E818BE29B973992C
Klucz Usunięto : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED
Klucz Usunięto : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472
Klucz Usunięto : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296
Klucz Usunięto : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888
Klucz Usunięto : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BAE2EC163C6A68A48921573E0E7E199D
Klucz Usunięto : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC
Klucz Usunięto : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C06C6662FA5B04646829E4A460857770
Klucz Usunięto : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CEEB3E14ABE8270419B0FD762E18F7C6
Klucz Usunięto : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
Klucz Usunięto : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E
Klucz Usunięto : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
Klucz Usunięto : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ED1B5E9A3BDB51349BF96E842C062D98
Klucz Usunięto : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E
Klucz Usunięto : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FECBC2BC14DA6CD459BD59A041709836
Klucz Usunięto : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\254796BF4AC84B64891B61C529A2E23F
Klucz Usunięto : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\2B1E51D87B2D71A44BB42DDD5E894160
Klucz Usunięto : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Klucz Usunięto : HKLM\Software\Classes\Installer\Features\254796BF4AC84B64891B61C529A2E23F
Klucz Usunięto : HKLM\Software\Classes\Installer\Features\2B1E51D87B2D71A44BB42DDD5E894160
Klucz Usunięto : HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Klucz Usunięto : HKLM\Software\Classes\Installer\Products\254796BF4AC84B64891B61C529A2E23F
Klucz Usunięto : HKLM\Software\Classes\Installer\Products\2B1E51D87B2D71A44BB42DDD5E894160
Klucz Usunięto : HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Klucz Usunięto : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9

***** [ Przeglądarki internetowe ] *****

-\\ Internet Explorer v7.0.6002.18005

Ustawienie Przywrócono : HKCU\Software\Microsoft\Internet Explorer\Main [start Page]
Ustawienie Przywrócono : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Ustawienie Przywrócono : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [start Page]
Ustawienie Przywrócono : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]

-\\ Mozilla Firefox v25.0.1 (pl)

[ Plik : C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qttlp4t1.default\prefs.js ]

Wpis usunięty : user_pref("CT2907651..clientLogIsEnabled", true);
Wpis usunięty : user_pref("CT2907651.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Wpis usunięty : user_pref("CT2907651.BrowserCompStateIsOpen_129780211141598528", true);
Wpis usunięty : user_pref("CT2907651.CT2907651", "CT2907651");
Wpis usunięty : user_pref("CT2907651.CurrentServerDate", "15-10-2013");
Wpis usunięty : user_pref("CT2907651.DSInstall", true);
Wpis usunięty : user_pref("CT2907651.DialogsAlignMode", "LTR");
Wpis usunięty : user_pref("CT2907651.DialogsGetterLastCheckTime", "Wed May 22 16413 08:09:04 GMT+0200");
Wpis usunięty : user_pref("CT2907651.DownloadReferralCookieData", "");
Wpis usunięty : user_pref("CT2907651.EMailNotifierPollDate", "Wed May 22 16413 08:07:44 GMT+0200");
Wpis usunięty : user_pref("CT2907651.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
Wpis usunięty : user_pref("CT2907651.FirstServerDate", "10-2-2013");
Wpis usunięty : user_pref("CT2907651.FirstTime", true);
Wpis usunięty : user_pref("CT2907651.FirstTimeFF3", true);
Wpis usunięty : user_pref("CT2907651.FirstTimeHiddenVer", true);
Wpis usunięty : user_pref("CT2907651.FixPageNotFoundErrors", true);
Wpis usunięty : user_pref("CT2907651.GroupingServerCheckInterval", 1440);
Wpis usunięty : user_pref("CT2907651.HPInstall", true);
Wpis usunięty : user_pref("CT2907651.HasUserGlobalKeys", true);
Wpis usunięty : user_pref("CT2907651.Initialize", true);
Wpis usunięty : user_pref("CT2907651.InitializeCommonPrefs", true);
Wpis usunięty : user_pref("CT2907651.InstallationAndCookieDataSentCount", 3);
Wpis usunięty : user_pref("CT2907651.InstallationType", "Unknown");
Wpis usunięty : user_pref("CT2907651.InstalledDate", "Sun Feb 10 2013 14:53:14 GMT+0100");
Wpis usunięty : user_pref("CT2907651.InvalidateCache", false);
Wpis usunięty : user_pref("CT2907651.IsAlertDBUpdated", true);
Wpis usunięty : user_pref("CT2907651.IsGrouping", false);
Wpis usunięty : user_pref("CT2907651.IsInitSetupIni", true);
Wpis usunięty : user_pref("CT2907651.IsMulticommunity", false);
Wpis usunięty : user_pref("CT2907651.IsOpenThankYouPage", true);
Wpis usunięty : user_pref("CT2907651.IsOpenUninstallPage", true);
Wpis usunięty : user_pref("CT2907651.LanguagePackLastCheckTime", "Wed May 22 16413 08:09:04 GMT+0200");
Wpis usunięty : user_pref("CT2907651.LanguagePackReloadIntervalMM", 1440);
Wpis usunięty : user_pref("CT2907651.LastLogin_3.18.0.7", "Wed May 22 16413 08:09:02 GMT+0200");
Wpis usunięty : user_pref("CT2907651.LastLogin_3.20.0.4", "Tue Nov 26 2013 06:33:30 GMT+0100");
Wpis usunięty : user_pref("CT2907651.LatestVersion", "3.20.0.4");
Wpis usunięty : user_pref("CT2907651.Locale", "pl-pl");
Wpis usunięty : user_pref("CT2907651.MCDetectTooltipHeight", "83");
Wpis usunięty : user_pref("CT2907651.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Wpis usunięty : user_pref("CT2907651.MCDetectTooltipWidth", "295");
Wpis usunięty : user_pref("CT2907651.MyStuffEnabledAtInstallation", true);
Wpis usunięty : user_pref("CT2907651.OriginalFirstVersion", "3.18.0.7");
Wpis usunięty : user_pref("CT2907651.RadioIsPodcast", false);
Wpis usunięty : user_pref("CT2907651.RadioLastCheckTime", "Wed May 22 16413 08:09:00 GMT+0200");
Wpis usunięty : user_pref("CT2907651.RadioLastUpdateIPServer", "3");
Wpis usunięty : user_pref("CT2907651.RadioLastUpdateServer", "3");
Wpis usunięty : user_pref("CT2907651.RadioMediaID", "9962");
Wpis usunięty : user_pref("CT2907651.RadioMediaType", "Media Player");
Wpis usunięty : user_pref("CT2907651.RadioMenuSelectedID", "EBRadioMenu_CT29076519962");
Wpis usunięty : user_pref("CT2907651.RadioShrinkedFromSetup", false);
Wpis usunięty : user_pref("CT2907651.RadioStationName", "California%20Rock");
Wpis usunięty : user_pref("CT2907651.RadioStationURL", "hxxp://feedlive.net/california.asx");
Wpis usunięty : user_pref("CT2907651.SavedHomepage", "hxxp://www.ask.com/?l=dis&o=101702");
Wpis usunięty : user_pref("CT2907651.SearchAPILastCheckTime", "Tue Nov 26 2013 07:02:57 GMT+0100");
Wpis usunięty : user_pref("CT2907651.SearchCaption", "ST-Polska2 Customized Web Search");
Wpis usunięty : user_pref("CT2907651.SearchFromAddressBarIsInit", true);
Wpis usunięty : user_pref("CT2907651.SearchInNewTabEnabled", true);
Wpis usunięty : user_pref("CT2907651.SearchInNewTabIntervalMM", 1440);
Wpis usunięty : user_pref("CT2907651.SearchInNewTabLastCheckTime", "Wed May 22 16413 08:07:46 GMT+0200");
Wpis usunięty : user_pref("CT2907651.SendProtectorDataViaLogin", true);
Wpis usunięty : user_pref("CT2907651.ServiceMapLastCheckTime", "Wed May 22 16413 08:09:04 GMT+0200");
Wpis usunięty : user_pref("CT2907651.SettingsLastCheckTime", "Wed May 22 16413 08:07:39 GMT+0200");
Wpis usunięty : user_pref("CT2907651.SettingsLastUpdate", "1366272742");
Wpis usunięty : user_pref("CT2907651.ThirdPartyComponentsInterval", 504);
Wpis usunięty : user_pref("CT2907651.ThirdPartyComponentsLastCheck", "Wed May 22 16413 08:07:36 GMT+0200");
Wpis usunięty : user_pref("CT2907651.ThirdPartyComponentsLastUpdate", "1331806007");
Wpis usunięty : user_pref("CT2907651.ToolbarShrinkedFromSetup", false);
Wpis usunięty : user_pref("CT2907651.UserID", "UN29374157781035464");
Wpis usunięty : user_pref("CT2907651.ValidationData_Toolbar", 2);
Wpis usunięty : user_pref("CT2907651.WeatherNetwork", "");
Wpis usunięty : user_pref("CT2907651.WeatherPollDate", "Wed May 22 16413 08:09:00 GMT+0200");
Wpis usunięty : user_pref("CT2907651.WeatherUnit", "C");
Wpis usunięty : user_pref("CT2907651.addressBarTakeOverEnabledInHidden", "true");
Wpis usunięty : user_pref("CT2907651.alertChannelId", "1299571");
Wpis usunięty : user_pref("CT2907651.backendstorage.printitgreenstatus", "74727565");
Wpis usunięty : user_pref("CT2907651.browser.search.defaultthis.engineName", true);
Wpis usunięty : user_pref("CT2907651.countryCode", "PL");
Wpis usunięty : user_pref("CT2907651.enableAlerts", "always");
Wpis usunięty : user_pref("CT2907651.firstTimeDialogOpened", true);
Wpis usunięty : user_pref("CT2907651.fixPageNotFoundErrorByUser", "TRUE");
Wpis usunięty : user_pref("CT2907651.fixPageNotFoundErrorInHidden", "true");
Wpis usunięty : user_pref("CT2907651.fullUserID", "UN29374157781035464.UP.2050092605");
Wpis usunięty : user_pref("CT2907651.globalFirstTimeInfoLastCheckTime", "Wed May 22 16413 08:09:04 GMT+0200");
Wpis usunięty : user_pref("CT2907651.homepageProtectorEnableByLogin", true);
Wpis usunięty : user_pref("CT2907651.homepageuserchanged", true);
Wpis usunięty : user_pref("CT2907651.initDone", true);
Wpis usunięty : user_pref("CT2907651.installType", "Unknown");
Wpis usunięty : user_pref("CT2907651.isAppTrackingManagerOn", false);
Wpis usunięty : user_pref("CT2907651.isCheckedStartAsHidden", true);
Wpis usunięty : user_pref("CT2907651.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
Wpis usunięty : user_pref("CT2907651.isFirstRadioInstallation", false);
Wpis usunięty : user_pref("CT2907651.isFirstTimeToolbarLoading", "false");
Wpis usunięty : user_pref("CT2907651.isPerformedSmartBarTransition", "true");
Wpis usunięty : user_pref("CT2907651.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
Wpis usunięty : user_pref("CT2907651.keyword", true);
Wpis usunięty : user_pref("CT2907651.lastNewTabSettings", "{\"isEnabled\":true,\"newTabUrl\":\"hxxp://search.conduit.com/?ctid=CT2907651&octid=CT2907651&SearchSource=15&CUI=UN29374157781035464&SSPV=&Lay=1&UM=cor\"}")[...]
Wpis usunięty : user_pref("CT2907651.lastVersion", "10.20.101.5");
Wpis usunięty : user_pref("CT2907651.myStuffEnabled", true);
Wpis usunięty : user_pref("CT2907651.myStuffPublihserMinWidth", 400);
Wpis usunięty : user_pref("CT2907651.myStuffServiceIntervalMM", 1440);
Wpis usunięty : user_pref("CT2907651.navigateToUrlOnSearch", false);
Wpis usunięty : user_pref("CT2907651.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"\",\"EB_MAIN_FRAME_TITLE\":\"\",\"EB_TOOLBAR_SUB_DOMAIN\":\"hxxp://STPolska2.OurToolbar.com/\",\"EB_TOOLB[...]
Wpis usunięty : user_pref("CT2907651.originalHomepage", "hxxp://www.ask.com/?l=dis&o=101702");
Wpis usunięty : user_pref("CT2907651.originalSearchAddressUrl", "hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=ZCchr999&ptnrS=ZCchr999&ptb=2G0PefBOLM9xQX.la6q_tg&ind=2012103103&n=77ee41bf&psa=&st=kwd&sear[...]
Wpis usunięty : user_pref("CT2907651.originalSearchEngine", "Ask.com");
Wpis usunięty : user_pref("CT2907651.printitgreenstatus.from_oldbar.enc", "dHJ1ZQ==");
Wpis usunięty : user_pref("CT2907651.revertSettingsEnabled", true);
Wpis usunięty : user_pref("CT2907651.searchFromAddressBarEnabledByUser", "true");
Wpis usunięty : user_pref("CT2907651.searchInNewTabEnabledByUser", "true");
Wpis usunięty : user_pref("CT2907651.searchInNewTabEnabledInHidden", "true");
Wpis usunięty : user_pref("CT2907651.searchProtectorDialogDelayInSec", 10);
Wpis usunięty : user_pref("CT2907651.searchProtectorEnableByLogin", true);
Wpis usunięty : user_pref("CT2907651.searchSuggestEnabledByUser", "true");
Wpis usunięty : user_pref("CT2907651.searchUserMode", "cor");
Wpis usunięty : user_pref("CT2907651.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
Wpis usunięty : user_pref("CT2907651.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
Wpis usunięty : user_pref("CT2907651.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\"}");
Wpis usunięty : user_pref("CT2907651.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"data\":\"CT2907651\"}");
Wpis usunięty : user_pref("CT2907651.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"string\",\"data\":\"hxxp://STPolska2.OurToolbar.com//xpi\"}");
Wpis usunięty : user_pref("CT2907651.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"string\",\"data\":\"ST-Polska2 \"}");
Wpis usunięty : user_pref("CT2907651.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data\":\"true\"}");
Wpis usunięty : user_pref("CT2907651.serviceLayer_service_usage_toolbarUsageCount", "{\"dataType\":\"number\",\"data\":\"2\"}");
Wpis usunięty : user_pref("CT2907651.serviceLayer_services_Configuration_lastUpdate", "1385454386592");
Wpis usunięty : user_pref("CT2907651.serviceLayer_services_login_10.20.101.5_lastUpdate", "1385492786900");
Wpis usunięty : user_pref("CT2907651.serviceLayer_services_searchAPI_lastUpdate", "1385454387503");
Wpis usunięty : user_pref("CT2907651.serviceLayer_services_serviceMap_lastUpdate", "1385454375843");
Wpis usunięty : user_pref("CT2907651.serviceLayer_services_toolbarSettings_lastUpdate", "1385493113879");
Wpis usunięty : user_pref("CT2907651.serviceLayer_services_translation_lastUpdate", "1385454419386");
Wpis usunięty : user_pref("CT2907651.settingsINI", true);
Wpis usunięty : user_pref("CT2907651.showToolbarPermission", "false");
Wpis usunięty : user_pref("CT2907651.smartbar.CTID", "CT2907651");
Wpis usunięty : user_pref("CT2907651.smartbar.Uninstall", "0");
Wpis usunięty : user_pref("CT2907651.smartbar.homepage", true);
Wpis usunięty : user_pref("CT2907651.smartbar.toolbarName", "ST-Polska2 ");
Wpis usunięty : user_pref("CT2907651.testingCtid", "");
Wpis usunięty : user_pref("CT2907651.toolbarAppMetaDataLastCheckTime", "Wed May 22 16413 08:09:04 GMT+0200");
Wpis usunięty : user_pref("CT2907651.toolbarBornServerTime", "10-2-2013");
Wpis usunięty : user_pref("CT2907651.toolbarContextMenuLastCheckTime", "Wed May 22 16413 08:09:04 GMT+0200");
Wpis usunięty : user_pref("CT2907651.toolbarCurrentServerTime", "26-11-2013");
Wpis usunięty : user_pref("CT2907651.toolbarLoginClientTime", "Tue Nov 26 2013 09:27:39 GMT+0100");
Wpis usunięty : user_pref("CT2907651.upgradeFromOBVersion", true);
Wpis usunięty : user_pref("CT2907651.usagesFlag", 2);
Wpis usunięty : user_pref("CT2907651_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1385494719498,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0}]");
Wpis usunięty : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.18.0.7");
Wpis usunięty : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=ZCchr999&ptnrS=ZCchr999&ptb=2G0PefBOLM9xQX.la6q_tg&ind=2012103103&n=77ee41bf&psa=&[...]
Wpis usunięty : user_pref("CommunityToolbar.ToolbarsList", "CT2907651");
Wpis usunięty : user_pref("CommunityToolbar.ToolbarsList2", "CT2907651");
Wpis usunięty : user_pref("CommunityToolbar.ToolbarsList4", "CT2907651");
Wpis usunięty : user_pref("CommunityToolbar.globalUserId", "2a0f4902-dec5-44c4-9e9e-229fabe5aa7b");
Wpis usunięty : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Wpis usunięty : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Wpis usunięty : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2907651");
Wpis usunięty : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Wed May 22 16413 08:09:06 GMT+0200");
Wpis usunięty : user_pref("CommunityToolbar.notifications.alertEnabled", true);
Wpis usunięty : user_pref("CommunityToolbar.notifications.alertInfoInterval", 60);
Wpis usunięty : user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Wed May 22 16413 08:09:10 GMT+0200");
Wpis usunięty : user_pref("CommunityToolbar.notifications.locale", "en");
Wpis usunięty : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
Wpis usunięty : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Sun Oct 06 2013 09:15:12 GMT+0200");
Wpis usunięty : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
Wpis usunięty : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
Wpis usunięty : user_pref("CommunityToolbar.notifications.showTrayIcon", false);
Wpis usunięty : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
Wpis usunięty : user_pref("CommunityToolbar.notifications.userId", "bc383919-4e01-4bd7-87ba-72780c260c0d");
Wpis usunięty : user_pref("CommunityToolbar.originalHomepage", "hxxp://www.ask.com/?l=dis&o=101702");
Wpis usunięty : user_pref("CommunityToolbar.originalSearchEngine", "Ask.com");
Wpis usunięty : user_pref("Smartbar.SearchFromAddressBarSavedUrl", "hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=ZCchr999&ptnrS=ZCchr999&ptb=2G0PefBOLM9xQX.la6q_tg&ind=2012103103&n=77ee41bf&psa=&st=kwd&s[...]
Wpis usunięty : user_pref("Smartbar.keywordURLSelectedCTID", "CT2907651");
Wpis usunięty : user_pref("browser.search.defaultengine", "Ask.com");
Wpis usunięty : user_pref("browser.search.defaultthis.engineName", "ST-Polska2 Customized Web Search");
Wpis usunięty : user_pref("dom.ipc.plugins.enabled.npmywebs.dll", false);
Wpis usunięty : user_pref("extensions.BabylonToolbar_i.aflt", "babsst");
Wpis usunięty : user_pref("extensions.BabylonToolbar_i.babExt", "");
Wpis usunięty : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=100888");
Wpis usunięty : user_pref("extensions.BabylonToolbar_i.hardId", "b49261420000000000000016447c4e30");
Wpis usunięty : user_pref("extensions.BabylonToolbar_i.id", "b49261420000000000000016447c4e30");
Wpis usunięty : user_pref("extensions.BabylonToolbar_i.instlDay", "15357");
Wpis usunięty : user_pref("extensions.BabylonToolbar_i.instlRef", "sst");
Wpis usunięty : user_pref("extensions.BabylonToolbar_i.newTab", false);
Wpis usunięty : user_pref("extensions.BabylonToolbar_i.prdct", "BabylonToolbar");
Wpis usunięty : user_pref("extensions.BabylonToolbar_i.prtnrId", "babylon");
Wpis usunięty : user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
Wpis usunięty : user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
Wpis usunięty : user_pref("extensions.BabylonToolbar_i.tlbrId", "base");
Wpis usunięty : user_pref("extensions.BabylonToolbar_i.vrsn", "1.5.3.17");
Wpis usunięty : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.5.3.1717:18:16");
Wpis usunięty : user_pref("extensions.BabylonToolbar_i.vrsni", "1.5.3.17");
Wpis usunięty : user_pref("extensions.asktb.InstallDir", "C:\\Program Files\\Ask.com\\");
Wpis usunięty : user_pref("extensions.asktb.apn_dbr", "cr_17.0.963.79");
Wpis usunięty : user_pref("extensions.asktb.autofill-competitor-query-enabled", true);
Wpis usunięty : user_pref("extensions.asktb.cbid", "F4");
Wpis usunięty : user_pref("extensions.asktb.config-updated", false);
Wpis usunięty : user_pref("extensions.asktb.cr-o", "101699cr");
Wpis usunięty : user_pref("extensions.asktb.crumb", "2012.03.21+11.07.50-toolbar006iad-PL-Wm9yeSxQb2xhbmQ%3D");
Wpis usunięty : user_pref("extensions.asktb.default-channel-url-mask", "hxxp://www.ask.com/web?q={query}&o={o}&l={l}&qsrc={qsrc}");
Wpis usunięty : user_pref("extensions.asktb.displaybehavior", "");
Wpis usunięty : user_pref("extensions.asktb.displaytext", "");
Wpis usunięty : user_pref("extensions.asktb.dtid", "YYYYYYYYPL");
Wpis usunięty : user_pref("extensions.asktb.dyn-weather-do-locid-lookup-weatherWidget", false);
Wpis usunięty : user_pref("extensions.asktb.dyn-weather-locid-weatherWidget", "PLXX1001");
Wpis usunięty : user_pref("extensions.asktb.dyn-weather-tempunit-weatherWidget", "C");
Wpis usunięty : user_pref("extensions.asktb.ff-original-keyword-url", "hxxp://search.softonic.com/MON00085/tb_v1?SearchSource=2&cc=&q=");
Wpis usunięty : user_pref("extensions.asktb.ff19-config-first-run", "true");
Wpis usunięty : user_pref("extensions.asktb.first-launch-url", "hxxp://ad.z5x.net/imp?z=0&Z=0x0&s=1940494&y=23&w=800&h=600&t=3");
Wpis usunięty : user_pref("extensions.asktb.fresh-install", false);
Wpis usunięty : user_pref("extensions.asktb.guid", "1b8a0a2f-16e4-4b4b-bc24-01190fc4ae4b");
Wpis usunięty : user_pref("extensions.asktb.hpr", "YES");
Wpis usunięty : user_pref("extensions.asktb.hxxp-header-whitelist-hosts", "[\"static-dev.en.dev.ask.com\", \"ask.com\", \"www.facebook.com\", \"www.playsushi.com\", \"WWW.google.com\", \"hxxps://websearch.ask.com\", [...]
Wpis usunięty : user_pref("extensions.asktb.if", "first");
Wpis usunięty : user_pref("extensions.asktb.keyword-toggled-in-session", false);
Wpis usunięty : user_pref("extensions.asktb.l", "dis");
Wpis usunięty : user_pref("extensions.asktb.last-config-req", "455786386802161");
Wpis usunięty : user_pref("extensions.asktb.last-search-timestamp", "1360223225022");
Wpis usunięty : user_pref("extensions.asktb.locale", "en_US");
Wpis usunięty : user_pref("extensions.asktb.location", "Zory,Poland");
Wpis usunięty : user_pref("extensions.asktb.lstation", "");
Wpis usunięty : user_pref("extensions.asktb.new-tab-opt-out", true);
Wpis usunięty : user_pref("extensions.asktb.news-native-on", true);
Wpis usunięty : user_pref("extensions.asktb.o", "101699");
Wpis usunięty : user_pref("extensions.asktb.overlay-reloaded-using-restart", true);
Wpis usunięty : user_pref("extensions.asktb.pstate", "");
Wpis usunięty : user_pref("extensions.asktb.qsrc", "2871");
Wpis usunięty : user_pref("extensions.asktb.r", "19");
Wpis usunięty : user_pref("extensions.asktb.sa", "YES");
Wpis usunięty : user_pref("extensions.asktb.saguid", "2C40D226-364A-4086-9CCE-FA8687A94DF0");
Wpis usunięty : user_pref("extensions.asktb.search-history-queries", "google");
Wpis usunięty : user_pref("extensions.asktb.search-plugin-suggestions-url", "hxxp://ss.websearch.ask.com/query?qsrc=2922&li=ff&sstype=prefix&q={searchTerms}");
Wpis usunięty : user_pref("extensions.asktb.search-suggestions-enabled", true);
Wpis usunięty : user_pref("extensions.asktb.silent-upgrade", true);
Wpis usunięty : user_pref("extensions.asktb.silent-upgrade-from-pre-newtabs-build", false);
Wpis usunięty : user_pref("extensions.asktb.socialmini-first", true);
Wpis usunięty : user_pref("extensions.asktb.socialmini-interval", "1200000");
Wpis usunięty : user_pref("extensions.asktb.socialmini-max-char-ticker", "33");
Wpis usunięty : user_pref("extensions.asktb.socialmini-max-items", "30");
Wpis usunięty : user_pref("extensions.asktb.socialmini-native-on", true);
Wpis usunięty : user_pref("extensions.asktb.socialmini-speed", "10000");
Wpis usunięty : user_pref("extensions.asktb.socialmini-transition-first-open", false);
Wpis usunięty : user_pref("extensions.asktb.themeid", "");
Wpis usunięty : user_pref("extensions.asktb.timeinstalled", "2012-03-21 19:09:34");
Wpis usunięty : user_pref("extensions.asktb.to", "");
Wpis usunięty : user_pref("extensions.asktb.v", "3.15.15.100013");
Wpis usunięty : user_pref("extensions.asktb.version", "5.15.15.35882");
Wpis usunięty : user_pref("extensions.asktb.volume", "");
Wpis usunięty : user_pref("extensions.claro.admin", false);
Wpis usunięty : user_pref("extensions.claro.aflt", "babsst");
Wpis usunięty : user_pref("extensions.claro.appId", "{C3110516-8EFC-49D6-8B72-69354F332062}");
Wpis usunięty : user_pref("extensions.claro.dfltLng", "en");
Wpis usunięty : user_pref("extensions.claro.excTlbr", false);
Wpis usunięty : user_pref("extensions.claro.id", "b49261420000000000000016447c4e30");
Wpis usunięty : user_pref("extensions.claro.instlDay", "15689");
Wpis usunięty : user_pref("extensions.claro.instlRef", "");
Wpis usunięty : user_pref("extensions.claro.prdct", "claro");
Wpis usunięty : user_pref("extensions.claro.prtnrId", "claro");
Wpis usunięty : user_pref("extensions.claro.tlbrId", "base");
Wpis usunięty : user_pref("extensions.claro.tlbrSrchUrl", "");
Wpis usunięty : user_pref("extensions.claro.vrsn", "1.8.3.10");
Wpis usunięty : user_pref("extensions.claro.vrsni", "1.8.3.10");
Wpis usunięty : user_pref("extensions.claro_i.smplGrp", "none");
Wpis usunięty : user_pref("extensions.claro_i.vrsnTs", "1.8.3.1018:04:56");
Wpis usunięty : user_pref("extensions.incredibar.actvtyRptTime", "1381055510096");
Wpis usunięty : user_pref("extensions.incredibar.admin", false);
Wpis usunięty : user_pref("extensions.incredibar.aflt", "orgnl");
Wpis usunięty : user_pref("extensions.incredibar.afterInstallRpt", "sent");
Wpis usunięty : user_pref("extensions.incredibar.cntry", "PL");
Wpis usunięty : user_pref("extensions.incredibar.dfltLng", "EN");
Wpis usunięty : user_pref("extensions.incredibar.dfltSrch", false);
Wpis usunięty : user_pref("extensions.incredibar.dfltlng", "EN");
Wpis usunięty : user_pref("extensions.incredibar.dfltsrch", "false");
Wpis usunięty : user_pref("extensions.incredibar.did", "10650");
Wpis usunięty : user_pref("extensions.incredibar.envrmnt", "production");
Wpis usunięty : user_pref("extensions.incredibar.excTlbr", false);
Wpis usunięty : user_pref("extensions.incredibar.hdrMd5", "0F3A5C05BE960A6D7162300A7A73406E");
Wpis usunięty : user_pref("extensions.incredibar.hmpg", false);
Wpis usunięty : user_pref("extensions.incredibar.hrdid", "b49261420000000000000016447c4e30");
Wpis usunięty : user_pref("extensions.incredibar.id", "b49261420000000000000016447c4e30");
Wpis usunięty : user_pref("extensions.incredibar.installerproductid", "26");
Wpis usunięty : user_pref("extensions.incredibar.instlDay", "15470");
Wpis usunięty : user_pref("extensions.incredibar.instlRef", "");
Wpis usunięty : user_pref("extensions.incredibar.instlday", "15470");
Wpis usunięty : user_pref("extensions.incredibar.instlref", "");
Wpis usunięty : user_pref("extensions.incredibar.isDcmntCmplt", true);
Wpis usunięty : user_pref("extensions.incredibar.isdcmntcmplt", "false");
Wpis usunięty : user_pref("extensions.incredibar.keywordurl", "");
Wpis usunięty : user_pref("extensions.incredibar.lastVrsnTs", "1.5.11.1420:12:15");
Wpis usunięty : user_pref("extensions.incredibar.mntrvrsn", "1.2.0");
Wpis usunięty : user_pref("extensions.incredibar.newTab", false);
Wpis usunięty : user_pref("extensions.incredibar.newtab", "false");
Wpis usunięty : user_pref("extensions.incredibar.newtaburl", "");
Wpis usunięty : user_pref("extensions.incredibar.noFFXTlbr", false);
Wpis usunięty : user_pref("extensions.incredibar.ppd", "20%5F5");
Wpis usunięty : user_pref("extensions.incredibar.prdct", "incredibar");
Wpis usunięty : user_pref("extensions.incredibar.productid", "26");
Wpis usunięty : user_pref("extensions.incredibar.prtnrId", "Incredibar");
Wpis usunięty : user_pref("extensions.incredibar.prtnrid", "Incredibar");
Wpis usunięty : user_pref("extensions.incredibar.sg", "none");
Wpis usunięty : user_pref("extensions.incredibar.smplGrp", "none");
Wpis usunięty : user_pref("extensions.incredibar.smplgrp", "none");
Wpis usunięty : user_pref("extensions.incredibar.srch", "");
Wpis usunięty : user_pref("extensions.incredibar.srchprvdr", "");
Wpis usunięty : user_pref("extensions.incredibar.tlbrId", "base");
Wpis usunięty : user_pref("extensions.incredibar.tlbrSrchUrl", "hxxp://mystart.Incredibar.com/?a=6R8svwotJB&loc=IB_TB&i=26&search=");
Wpis usunięty : user_pref("extensions.incredibar.tlbrid", "base");
Wpis usunięty : user_pref("extensions.incredibar.tlbrsrchurl", "hxxp://mystart.Incredibar.com/?a=6R8svwotJB&loc=IB_TB&i=26&search=");
Wpis usunięty : user_pref("extensions.incredibar.upn2", "6R8svwotJB");
Wpis usunięty : user_pref("extensions.incredibar.upn2n", "92824337075821535");
Wpis usunięty : user_pref("extensions.incredibar.vrsn", "1.5.11.14");
Wpis usunięty : user_pref("extensions.incredibar.vrsnTs", "1.5.11.1420:12:15");
Wpis usunięty : user_pref("extensions.incredibar.vrsni", "1.5.11.14");
Wpis usunięty : user_pref("extensions.incredibar.vrsnts", "1.5.11.1420:12:15");
Wpis usunięty : user_pref("extensions.incredibar_i.aflt", "orgnl");
Wpis usunięty : user_pref("extensions.incredibar_i.dfltLng", "");
Wpis usunięty : user_pref("extensions.incredibar_i.did", "10650");
Wpis usunięty : user_pref("extensions.incredibar_i.excTlbr", false);
Wpis usunięty : user_pref("extensions.incredibar_i.id", "b49261420000000000000016447c4e30");
Wpis usunięty : user_pref("extensions.incredibar_i.installerproductid", "26");
Wpis usunięty : user_pref("extensions.incredibar_i.instlDay", "15470");
Wpis usunięty : user_pref("extensions.incredibar_i.instlRef", "");
Wpis usunięty : user_pref("extensions.incredibar_i.ms_url_id", "");
Wpis usunięty : user_pref("extensions.incredibar_i.newTab", false);
Wpis usunięty : user_pref("extensions.incredibar_i.ppd", "20%5F5");
Wpis usunięty : user_pref("extensions.incredibar_i.prdct", "incredibar");
Wpis usunięty : user_pref("extensions.incredibar_i.productid", "26");
Wpis usunięty : user_pref("extensions.incredibar_i.prtnrId", "Incredibar");
Wpis usunięty : user_pref("extensions.incredibar_i.smplGrp", "none");
Wpis usunięty : user_pref("extensions.incredibar_i.tlbrId", "base");
Wpis usunięty : user_pref("extensions.incredibar_i.tlbrSrchUrl", "hxxp://mystart.Incredibar.com/?a=6R8svwotJB&loc=IB_TB&i=26&search=");
Wpis usunięty : user_pref("extensions.incredibar_i.upn2", "6R8svwotJB");
Wpis usunięty : user_pref("extensions.incredibar_i.upn2n", "92824337075821535");
Wpis usunięty : user_pref("extensions.incredibar_i.vrsn", "1.5.11.14");
Wpis usunięty : user_pref("extensions.incredibar_i.vrsnTs", "1.5.11.1420:12:15");
Wpis usunięty : user_pref("extensions.incredibar_i.vrsni", "1.5.11.14");
Wpis usunięty : user_pref("extensions.mywebsearch.openSearchURL", "hxxp://search.mywebsearch.com/mywebsearch/opensearch.jhtml?id=ZCchr999&ptnrS=ZCchr999&ptb=2G0PefBOLM9xQX.la6q_tg&ind=2012103103&n=77ee41bf&osp=mws&st[...]
Wpis usunięty : user_pref("extensions.mywebsearch.prevKwdEnabled", true);
Wpis usunięty : user_pref("extensions.mywebsearch.prevKwdURL", "hxxp://isearch.avg.com/search?cid={E1D046EC-9780-41F7-8DFE-7BC25652C258}&mid=af9b7773ddee4392aaf825f336cd1d7e-744ac32d8c739ed98ab7bcb0933793199a321991&l[...]
Wpis usunięty : user_pref("extensions.softonic.admin", false);
Wpis usunięty : user_pref("extensions.softonic.aflt", "orgnl");
Wpis usunięty : user_pref("extensions.softonic.cntry", "PL");
Wpis usunięty : user_pref("extensions.softonic.cv", "cv5");
Wpis usunięty : user_pref("extensions.softonic.dfltLng", "");
Wpis usunięty : user_pref("extensions.softonic.dfltSrch", true);
Wpis usunięty : user_pref("extensions.softonic.dfltlng", "en");
Wpis usunięty : user_pref("extensions.softonic.dfltsrch", true);
Wpis usunięty : user_pref("extensions.softonic.envrmnt", "production");
Wpis usunięty : user_pref("extensions.softonic.excTlbr", false);
Wpis usunięty : user_pref("extensions.softonic.hdrMd5", "572CFB387390B2BEB59BE27900022E39");
Wpis usunięty : user_pref("extensions.softonic.hmpg", true);
Wpis usunięty : user_pref("extensions.softonic.hrdid", "b49261420000000000000016447c4e30");
Wpis usunięty : user_pref("extensions.softonic.id", "b49261420000000000000016447c4e30");
Wpis usunięty : user_pref("extensions.softonic.instlDay", "15505");
Wpis usunięty : user_pref("extensions.softonic.instlRef", "MON00001");
Wpis usunięty : user_pref("extensions.softonic.instlday", "15505");
Wpis usunięty : user_pref("extensions.softonic.instlref", "MON00001");
Wpis usunięty : user_pref("extensions.softonic.isDcmntCmplt", true);
Wpis usunięty : user_pref("extensions.softonic.isdcmntcmplt", "false");
Wpis usunięty : user_pref("extensions.softonic.keyWordUrl", "hxxp://search.softonic.com/MON00085/tb_v1?SearchSource=2&cc=&q=");
Wpis usunięty : user_pref("extensions.softonic.keywordurl", "hxxp://search.softonic.com/MON00085/tb_v1?SearchSource=2&cc=&q=");
Wpis usunięty : user_pref("extensions.softonic.lastVrsnTs", "1.5.11.510:16:23");
Wpis usunięty : user_pref("extensions.softonic.mntrvrsn", "1.3.0");
Wpis usunięty : user_pref("extensions.softonic.monitorreport", true);
Wpis usunięty : user_pref("extensions.softonic.newTab", false);
Wpis usunięty : user_pref("extensions.softonic.newTabUrl", "hxxp://search.softonic.com/MON00085/tb_v1?SearchSource=15&cc=");
Wpis usunięty : user_pref("extensions.softonic.newtab", "false");
Wpis usunięty : user_pref("extensions.softonic.newtaburl", "hxxp://search.softonic.com/MON00085/tb_v1?SearchSource=15&cc=");
Wpis usunięty : user_pref("extensions.softonic.noFFXTlbr", false);
Wpis usunięty : user_pref("extensions.softonic.prdct", "softonic");
Wpis usunięty : user_pref("extensions.softonic.prtnrId", "softonic");
Wpis usunięty : user_pref("extensions.softonic.prtnrid", "softonic");
Wpis usunięty : user_pref("extensions.softonic.radiomystations", "[{\"id\":\"101\",\"name\":\"Radio Mambo 106 FM\",\"url\":\"hxxp://www.mambo.it/player/mambo.asx\",\"streamType\":\"mp\"},{\"id\":\"1049\",\"name\":\"D[...]
Wpis usunięty : user_pref("extensions.softonic.savedVrsnTs", "1");
Wpis usunięty : user_pref("extensions.softonic.sg", "az");
Wpis usunięty : user_pref("extensions.softonic.smplGrp", "eng7");
Wpis usunięty : user_pref("extensions.softonic.smplgrp", "eng7");
Wpis usunięty : user_pref("extensions.softonic.srch", "");
Wpis usunięty : user_pref("extensions.softonic.srchPrvdr", "Search the web (Softonic)");
Wpis usunięty : user_pref("extensions.softonic.srchprvdr", "Search the web (Softonic)");
Wpis usunięty : user_pref("extensions.softonic.tlbrId", "base");
Wpis usunięty : user_pref("extensions.softonic.tlbrSrchUrl", "hxxp://search.softonic.com/MON00001/tb_v1?SearchSource=1&cc=&q=");
Wpis usunięty : user_pref("extensions.softonic.tlbrid", "base");
Wpis usunięty : user_pref("extensions.softonic.tlbrsrchurl", "hxxp://search.softonic.com/MON00001/tb_v1?SearchSource=1&cc=&q=");
Wpis usunięty : user_pref("extensions.softonic.updateRunOnce1", true);
Wpis usunięty : user_pref("extensions.softonic.vrsn", "1.5.11.5");
Wpis usunięty : user_pref("extensions.softonic.vrsnTs", "1.5.11.510:16:23");
Wpis usunięty : user_pref("extensions.softonic.vrsni", "1.5.11.5");
Wpis usunięty : user_pref("extensions.softonic.vrsnts", "1.5.11.510:16:23");
Wpis usunięty : user_pref("extensions.softonic_i.aflt", "orgnl");
Wpis usunięty : user_pref("extensions.softonic_i.dfltLng", "");
Wpis usunięty : user_pref("extensions.softonic_i.dfltSrch", true);
Wpis usunięty : user_pref("extensions.softonic_i.dnsErr", true);
Wpis usunięty : user_pref("extensions.softonic_i.excTlbr", false);
Wpis usunięty : user_pref("extensions.softonic_i.hmpg", true);
Wpis usunięty : user_pref("extensions.softonic_i.hmpgUrl", "hxxp://search.softonic.com/MON00085/tb_v1?SearchSource=13&cc=");
Wpis usunięty : user_pref("extensions.softonic_i.id", "b49261420000000000000016447c4e30");
Wpis usunięty : user_pref("extensions.softonic_i.instlDay", "15505");
Wpis usunięty : user_pref("extensions.softonic_i.instlRef", "MON00001");
Wpis usunięty : user_pref("extensions.softonic_i.keyWordUrl", "hxxp://search.softonic.com/MON00085/tb_v1?SearchSource=2&cc=&q=");
Wpis usunięty : user_pref("extensions.softonic_i.newTab", false);
Wpis usunięty : user_pref("extensions.softonic_i.newTabUrl", "hxxp://search.softonic.com/MON00085/tb_v1?SearchSource=15&cc=");
Wpis usunięty : user_pref("extensions.softonic_i.prdct", "softonic");
Wpis usunięty : user_pref("extensions.softonic_i.prtnrId", "softonic");
Wpis usunięty : user_pref("extensions.softonic_i.smplGrp", "eng7");
Wpis usunięty : user_pref("extensions.softonic_i.srchPrvdr", "Search the web (Softonic)");
Wpis usunięty : user_pref("extensions.softonic_i.tlbrId", "eng7");
Wpis usunięty : user_pref("extensions.softonic_i.tlbrSrchUrl", "hxxp://search.softonic.com/MON00001/tb_v1?SearchSource=1&cc=&q=");
Wpis usunięty : user_pref("extensions.softonic_i.vrsn", "1.5.11.5");
Wpis usunięty : user_pref("extensions.softonic_i.vrsnTs", "1.5.11.510:16:23");
Wpis usunięty : user_pref("extensions.softonic_i.vrsni", "1.5.11.5");
Wpis usunięty : user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2907651&SearchSource=2&CUI=UN29374157781035464&UM=cor&q=");
Wpis usunięty : user_pref("plugin.state.npmywebs", 0);
Wpis usunięty : user_pref("smartbar.addressBarOwnerCTID", "CT2907651");
Wpis usunięty : user_pref("smartbar.conduitSearchAddressUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2907651&SearchSource=2&CUI=UN29374157781035464&UM=cor&q=");
Wpis usunięty : user_pref("smartbar.defaultSearchOwnerCTID", "CT2907651");
Wpis usunięty : user_pref("smartbar.homePageOwnerCTID", "CT2907651");
Wpis usunięty : user_pref("smartbar.machineId", "FDHH95IEBDPM+Q5PSXEA4IG1I8R+P2GASXT8QKRCFQIIQISX6EG7APSD24TE05SEFKZSLWENZLZTH8XJXEFB+Q");

-\\ Google Chrome v31.0.1650.57

[ Plik : C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Usunięto : homepage

*************************

AdwCleaner[R0].txt - [92555 octets] - [26/11/2013 20:43:51]
AdwCleaner[R1].txt - [73612 octets] - [26/11/2013 22:18:47]
AdwCleaner[s0].txt - [69129 octets] - [26/11/2013 22:20:51]

########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [69190 octets] ##########

 

 

 

[Seb]

FIX log

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 25-11-2013 01
Ran by admin at 2013-11-26 22:31:16 Run:1
Running from C:\!!!!!!! seb\komputer
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
Task: {4C3EEB62-9FD2-4A56-B0AE-752A6B8E29D6} - System32\Tasks\PC Performer_DEFAULT => C:\Program Files\PC Performer\PCPerformer.exe [2012-03-14] (PerformerSoft LLC)
Task: {50E7E080-C4B9-4F1E-885F-245553DDE0E4} - System32\Tasks\PC Performer_UPDATES => C:\Program Files\PC Performer\PCPerformer.exe [2012-03-14] (PerformerSoft LLC)
C:\Program Files\PC Performer
Task: {7D91D70B-E794-4FF2-A38A-2CA519FD04A8} - System32\Tasks\Scheduled Update for Ask Toolbar => C:\Program Files\Ask.com\UpdateTask.exe [2013-01-24] ()
C:\Program Files\Ask.com
Task: {98AADB21-D28B-4EF8-866B-177C523C87B7} - System32\Tasks\BrowserProtect => Sc.exe start BrowserProtect
Task: {ADAAFB7C-0D42-4860-B6BE-487380BDD1EC} - System32\Tasks\DealPly => C:\Users\admin\AppData\Roaming\DealPly\UpdateProc\UpdateTask.exe [2013-03-10] () <==== ATTENTION
C:\Users\admin\AppData\Roaming\DealPly
Task: {E88EB846-9125-4BBB-8B58-E0404520385B} - System32\Tasks\PC Performer => C:\Program Files\PC Performer\PCPerformer.exe [2012-03-14] (PerformerSoft LLC)
Task: C:\Windows\Tasks\PC Performer_DEFAULT.job => C:\Program Files\PC Performer\PCPerformer.exe
Task: C:\Windows\Tasks\PC Performer_UPDATES.job => C:\Program Files\PC Performer\PCPerformer.exe
C:\ProgramData\BrowserProtect\2.5.986.67\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.dll
C:\Program Files\Common Files\AVG Secure Search
HKLM\...\Run: [] - [x]
HKLM\...\Run: [DATAMNGR] - C:\Program Files\Windows iLivid Toolbar\Datamngr\datamngrUI.exe [1694608 2011-12-06] (Bandoo Media, inc)
HKLM\...\Run: [sweetpacks Communicator] - C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe [295728 2012-02-26] (SweetIM Technologies Ltd.)
HKLM\...\Run: [ApnUpdater] - C:\Program Files\Ask.com\Updater\Updater.exe [1646216 2013-01-24] (Ask)
HKLM\...\Run: [MyWebSearch Email Plugin] - C:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE [38408 2012-04-29] (MyWebSearch.com)
C:\Program Files\Windows iLivid Toolbar
C:\Program Files\SweetIM\Communicator
C:\Program Files\MyWebSearch
HKLM\...\Run: [vProt] - C:\Program Files\AVG Secure Search\vprot.exe [2404376 2013-10-09] ()
HKLM\...\Run: [My Web Search Bar Search Scope Monitor] - C:\Program Files\MyWebSearch\bar\1.bin\M3SRCHMN.EXE [34336 2012-04-29] (MyWebSearch.com)
HKCU\...\Run: [MyWebSearch Email Plugin] - C:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE [38408 2012-04-29] (MyWebSearch.com)
C:\Program Files\AVG Secure Search
AppInit_DLLs: C:\ProgramData\BrowserProtect\2.5.986.67\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.dll [ 2012-12-06] ()
C:\ProgramData\BrowserProtect
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.qvo6.com/...X&ts=1381844290
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.qvo6.com/...X&ts=1381844290
HKCU\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = http://www.claro-sea...17242&tt=5012_4
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.qvo6.com/...X&ts=1381844290
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.qvo6.com/...X&ts=1381844290
URLSearchHook: HKLM - (No Name) - {87d5d709-40f2-48a7-8f47-7bb821af70ab} -  No File
URLSearchHook: ATTENTION ==> Default URLSearchHook is missing.
URLSearchHook: HKCU - UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
URLSearchHook: HKCU - (No Name) - {87d5d709-40f2-48a7-8f47-7bb821af70ab} -  No File
URLSearchHook: HKCU - (No Name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\bar\1.bin\MWSSRCAS.DLL (MyWebSearch.com)
URLSearchHook: HKCU - SweetIM ToolbarURLSearchHook Class - {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll (SweetIM Technologies Ltd.)
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe http://www.qvo6.com/...X&ts=1381844290
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.qvo6.c...q={searchTerms}
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.qvo6.c...q={searchTerms}
SearchScopes: HKLM - {56256A51-B582-467e-B8D4-7786EDA79AE0} URL = http://search.mywebs...r={searchTerms}
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search-re...q={searchTerms}
SearchScopes: HKLM - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.condui...&ctid=CT2907651
SearchScopes: HKLM - {EEE6C360-6118-11DC-9C72-001320C79847} URL = http://search.sweeti...2-1CF6F558B3FE}
SearchScopes: HKCU - DefaultScope {56256A51-B582-467e-B8D4-7786EDA79AE0} URL = http://search.mywebs...r={searchTerms}
SearchScopes: HKCU - bProtectorDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www.claro-sea...0000016447c4e30
SearchScopes: HKCU - {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} URL = http://websearch.ask...CE-FA8687A94DF0
SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.qvo6.c...q={searchTerms}
SearchScopes: HKCU - {56256A51-B582-467e-B8D4-7786EDA79AE0} URL = http://search.mywebs...r={searchTerms}
SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = http://isearch.avg.com/search?cid={E1D046EC-9780-41F7-8DFE-7BC25652C258}&mid=af9b7773ddee4392aaf825f336cd1d7e-744ac32d8c739ed98ab7bcb0933793199a321991&lang=pl&ds=ax011&pr=&d=2013-01-05 19:00:12&v=17.0.1.12&pid=avg&sg=0&sap=dsp&q={searchTerms}
SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search-re...q={searchTerms}
SearchScopes: HKCU - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.condui...&ctid=CT2907651
SearchScopes: HKCU - {CFF4DB9B-135F-47c0-9269-B4C6572FD61A} URL = http://mystart.incre...6R8svwotJB&i=26
SearchScopes: HKCU - {EEE6C360-6118-11DC-9C72-001320C79847} URL = http://search.sweeti...2-1CF6F558B3FE}
BHO: Claro LTD Helper Object - {000F18F2-09EB-4A59-82B2-5AE4184C39C3} - C:\Program Files\Claro LTD\claro\1.8.3.10\bh\claro.dll (Montera Technologeis LTD)
BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\bar\1.bin\MWSSRCAS.DLL (MyWebSearch.com)
BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL (MyWebSearch.com)
BHO: bflix Class - {0C9F4179-6CE2-4c6a-A3E5-67FF3592A12E} - C:\Program Files\BFlix\bflix.dll (bflix)
BHO: No Name - {2EECD738-5844-4a99-B4B6-146BF802613B} -  No File
BHO: No Name - {336D0C35-8A85-403a-B9D2-65C292C39087} -  No File
BHO: ADDICT-THING Class - {4889F191-B666-47C4-A7A2-E4FDD63345B5} - C:\ProgramData\ADDICT-THING\bhoclass.dll ()
BHO: No Name - {87d5d709-40f2-48a7-8f47-7bb821af70ab} -  No File
BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\17.0.1.12\AVG Secure Search_toolbar.dll (AVG Secure Search)
BHO: Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\Program Files\Windows iLivid Toolbar\Datamngr\ToolBar\searchqudtx.dll ()
BHO: DataMngr - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\Program Files\Windows iLivid Toolbar\Datamngr\BrowserConnection.dll (Bandoo Media, inc)
BHO: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
BHO: No Name - {DBC80044-A445-435b-BC74-9C25C1C588A9} -  No File
BHO: Softonic Helper Object - {E87806B5-E908-45FD-AF5E-957D83E58E68} - C:\Program Files\Softonic\softonic\1.5.11.5\bh\softonic.dll (Softonic.com)
BHO: SweetPacks Browser Helper - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
Toolbar: HKLM - No Name - {D0F4A166-B8D4-48b8-9D63-80849FE137CB} -  No File
Toolbar: HKLM - Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\Program Files\Windows iLivid Toolbar\Datamngr\ToolBar\searchqudtx.dll ()
Toolbar: HKLM - Softonic Toolbar - {5018CFD2-804D-4C99-9F81-25EAEA2769DE} - C:\Program Files\Softonic\softonic\1.5.11.5\softonicTlbr.dll (Softonic.com)
Toolbar: HKLM - SweetPacks Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
Toolbar: HKLM - Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
Toolbar: HKLM - My Web Search - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL (MyWebSearch.com)
Toolbar: HKLM - Claro LTD Toolbar - {9E131A93-EED7-4BEB-B015-A0ADB30B5646} - C:\Program Files\Claro LTD\claro\1.8.3.10\claroTlbr.dll (Montera Technologeis LTD)
Toolbar: HKLM - AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\17.0.1.12\AVG Secure Search_toolbar.dll (AVG Secure Search)
Toolbar: HKCU - No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} -  No File
Toolbar: HKCU - SweetPacks Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\17.0.12\ViProtocol.dll (AVG Secure Search)
F NewTab: hxxp://www.qvo6.com/newtab/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=nt&from=cor&uid=HitachiXHTS541616J9SA00_SB2482GJJUTE3HJUTE3HX&ts=1381844290
FF DefaultSearchEngine: ST-Polska2 Customized Web Search
FF SearchEngineOrder.1: Ask.com
FF SelectedSearchEngine: ST-Polska2 Customized Web Search
FF Homepage: hxxp://search.conduit.com/?CUI=UN29374157781035464&ctid=CT2907651&SearchSource=13
FF Keyword.URL: hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2907651&SearchSource=2&CUI=UN29374157781035464&UM=cor&q=
FF Plugin: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin - C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\17.0.12\\npsitesafety.dll (AVG Technologies)
FF Plugin: @mywebsearch.com/Plugin - C:\Program Files\MyWebSearch\bar\1.bin\NPMyWebS.dll (MyWebSearch.com)
FF Plugin: @mywebsearch.com/Plugin - C:\Program Files\MyWebSearch\bar\1.bin\NPMyWebS.dll (MyWebSearch.com)
FF Plugin: @real.com/nppl3260;version=6.0.11.2105 - C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=6.0.12.1212 - C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\admin\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF SearchPlugin: C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qttlp4t1.default\searchplugins\askcom.xml
FF SearchPlugin: C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qttlp4t1.default\searchplugins\avg-secure-search.xml
FF SearchPlugin: C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qttlp4t1.default\searchplugins\BrowserProtect.xml
FF SearchPlugin: C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qttlp4t1.default\searchplugins\conduit.xml
FF SearchPlugin: C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qttlp4t1.default\searchplugins\MyStart Search.xml
FF SearchPlugin: C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qttlp4t1.default\searchplugins\mywebsearch.xml
FF SearchPlugin: C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qttlp4t1.default\searchplugins\Search_Results.xml
FF SearchPlugin: C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qttlp4t1.default\searchplugins\softonic.xml
FF SearchPlugin: C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qttlp4t1.default\searchplugins\st-polska2-customized-web-search.xml
FF SearchPlugin: C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qttlp4t1.default\searchplugins\sweetim.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\avg-secure-search.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\babylon.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\qvo6.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\Search_Results.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\avg-secure-search.xml
FF Extension: Foxit PDF Creator Toolbar - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qttlp4t1.default\Extensions\toolbar@ask.com
FF Extension: ST-Polska2  - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qttlp4t1.default\Extensions\{87d5d709-40f2-48a7-8f47-7bb821af70ab}
FF HKLM\...\Firefox\Extensions: [m3ffxtbr@mywebsearch.com] - C:\Program Files\MyWebSearch\bar\1.bin
FF Extension: My Web Search - C:\Program Files\MyWebSearch\bar\1.bin
FF HKLM\...\Firefox\Extensions: [avg@toolbar] - C:\ProgramData\AVG Secure Search\FireFoxExt\17.0.1.12
FF HKCU\...\Firefox\Extensions: [{58bd07eb-0ee0-4df0-8121-dc9b693373df}] - C:\ProgramData\BrowserProtect\2.5.986.67\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension
FF Extension: BrowserProtect - C:\ProgramData\BrowserProtect\2.5.986.67\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension
CHR Extension: (Claro Toolbar) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcillohgikpecbmgioknapdpcjofaafl\1.4_0
CHR Extension: (DealPly) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gaiilaahiahdejapggenmdmafpmbipje\3.3.7.2_0
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcillohgikpecbmgioknapdpcjofaafl
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gaiilaahiahdejapggenmdmafpmbipje
CHR Extension: (Bflix extension) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlfihafpijfdgmojeeigcldgchhojpfp\1.0_0
CHR Extension: (AVG Security Toolbar) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\14.2.0.1_0
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlfihafpijfdgmojeeigcldgchhojpfp
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
CHR HKLM\...\Chrome\Extension: [dcillohgikpecbmgioknapdpcjofaafl] - C:\Users\admin\AppData\Roaming\Claro\claro.crx
CHR HKLM\...\Chrome\Extension: [dlnembnfbcpjnepmfjmngjenhhajpdfd] - C:\Program Files\Web Assistant\source.crx
CHR HKLM\...\Chrome\Extension: [gaiilaahiahdejapggenmdmafpmbipje] - C:\Program Files\DealPly\DealPly.crx
C:\Program Files\Web Assistant
CHR HKLM\...\Chrome\Extension: [ifohbjbgfchkkfhphahclmkpgejiplfo] - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx
CHR HKLM\...\Chrome\Extension: [jlfihafpijfdgmojeeigcldgchhojpfp] - C:\Program Files\BFlix\BFlix.crx
CHR HKLM\...\Chrome\Extension: [ndibdjnfmopecpmkdieinmbadjfpblof] - C:\ProgramData\AVG Secure Search\ChromeExt\17.0.1.12\avg.crx
CHR HKLM\...\Chrome\Extension: [pgafcinpmmpklohkojmllohdhomoefph] - C:\ProgramData\BrowserProtect\2.5.986.67\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.crx
CHR StartMenuInternet: Google Chrome - C:\Program Files\Google\Chrome\Application\chrome.exe http://www.qvo6.com/...X&ts=1381844290
R2 MyWebSearchService; C:\Program Files\MyWebSearch\bar\1.bin\MWSSVC.EXE [34320 2012-04-29] (MyWebSearch.com)
R2 vToolbarUpdater17.0.12; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.0.12\ToolbarUpdater.exe [1734680 2013-10-09] (AVG Secure Search)
S0 szkgfs; system32\drivers\szkgfs.sys [x]
*****************

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4C3EEB62-9FD2-4A56-B0AE-752A6B8E29D6} => Key not found.
C:\Windows\System32\Tasks\PC Performer_DEFAULT not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PC Performer_DEFAULT => Key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{50E7E080-C4B9-4F1E-885F-245553DDE0E4} => Key not found.
C:\Windows\System32\Tasks\PC Performer_UPDATES not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PC Performer_UPDATES => Key not found.
"C:\Program Files\PC Performer" => File/Directory not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7D91D70B-E794-4FF2-A38A-2CA519FD04A8} => Key not found.
C:\Windows\System32\Tasks\Scheduled Update for Ask Toolbar not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Scheduled Update for Ask Toolbar => Key deleted successfully.
"C:\Program Files\Ask.com" => File/Directory not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{98AADB21-D28B-4EF8-866B-177C523C87B7} => Key not found.
C:\Windows\System32\Tasks\BrowserProtect not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\BrowserProtect => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{ADAAFB7C-0D42-4860-B6BE-487380BDD1EC} => Key not found.
C:\Windows\System32\Tasks\DealPly not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DealPly => Key deleted successfully.
"C:\Users\admin\AppData\Roaming\DealPly" => File/Directory not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E88EB846-9125-4BBB-8B58-E0404520385B} => Key not found.
C:\Windows\System32\Tasks\PC Performer not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PC Performer => Key not found.
C:\Windows\Tasks\PC Performer_DEFAULT.job not found.
C:\Windows\Tasks\PC Performer_UPDATES.job not found.
"C:\ProgramData\BrowserProtect\2.5.986.67\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.dll" => File/Directory not found.
"C:\Program Files\Common Files\AVG Secure Search" => File/Directory not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\ => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\DATAMNGR => Value not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Sweetpacks Communicator => Value not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\ApnUpdater => Value not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\MyWebSearch Email Plugin => Value not found.
"C:\Program Files\Windows iLivid Toolbar" => File/Directory not found.
"C:\Program Files\SweetIM\Communicator" => File/Directory not found.
"C:\Program Files\MyWebSearch" => File/Directory not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\vProt => Value not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\My Web Search Bar Search Scope Monitor => Value not found.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\MyWebSearch Email Plugin => Value not found.
"C:\Program Files\AVG Secure Search" => File/Directory not found.
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs => Value was restored successfully.
"C:\ProgramData\BrowserProtect" => File/Directory not found.
HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\bProtector Start Page => Value not found.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully.
HKLM\Software\Microsoft\Internet Explorer\URLSearchHooks\\{87d5d709-40f2-48a7-8f47-7bb821af70ab} => Value not found.
Default URLSearchHook was restored successfully .
HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks\\{00000000-6E41-4FD3-8538-502F5495E5FC} => Value not found.
HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks\\{87d5d709-40f2-48a7-8f47-7bb821af70ab} => Value not found.
HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks\\{00A6FAF6-072E-44cf-8957-5838F569A31D} => Value not found.
HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks\\{EEE6C35D-6118-11DC-9C72-001320C79847} => Value not found.
HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command\\Default => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => Key not found.
HKCR\Wow6432Node\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => Key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0} => Key not found.
HKCR\Wow6432Node\CLSID\{56256A51-B582-467e-B8D4-7786EDA79AE0} => Key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} => Key not found.
HKCR\Wow6432Node\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} => Key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} => Key not found.
HKCR\Wow6432Node\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b} => Key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847} => Key not found.
HKCR\Wow6432Node\CLSID\{EEE6C360-6118-11DC-9C72-001320C79847} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\bProtectorDefaultScope => Value not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} => Key not found.
HKCR\Wow6432Node\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} => Key not found.
HKCR\Wow6432Node\CLSID\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => Key not found.
HKCR\Wow6432Node\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0} => Key not found.
HKCR\Wow6432Node\CLSID\{56256A51-B582-467e-B8D4-7786EDA79AE0} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} => Key not found.
HKCR\Wow6432Node\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} => Key not found.
HKCR\Wow6432Node\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} => Key not found.
HKCR\Wow6432Node\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A} => Key not found.
HKCR\Wow6432Node\CLSID\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847} => Key not found.
HKCR\Wow6432Node\CLSID\{EEE6C360-6118-11DC-9C72-001320C79847} => Key not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{000F18F2-09EB-4A59-82B2-5AE4184C39C3} => Key not found.
HKCR\CLSID\{000F18F2-09EB-4A59-82B2-5AE4184C39C3} => Key not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00A6FAF1-072E-44cf-8957-5838F569A31D} => Key not found.
HKCR\CLSID\{00A6FAF1-072E-44cf-8957-5838F569A31D} => Key not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{07B18EA1-A523-4961-B6BB-170DE4475CCA} => Key not found.
HKCR\CLSID\{07B18EA1-A523-4961-B6BB-170DE4475CCA} => Key not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0C9F4179-6CE2-4c6a-A3E5-67FF3592A12E} => Key not found.
HKCR\CLSID\{0C9F4179-6CE2-4c6a-A3E5-67FF3592A12E} => Key not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4a99-B4B6-146BF802613B} => Key not found.
HKCR\CLSID\{2EECD738-5844-4a99-B4B6-146BF802613B} => Key not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{336D0C35-8A85-403a-B9D2-65C292C39087} => Key not found.
HKCR\CLSID\{336D0C35-8A85-403a-B9D2-65C292C39087} => Key not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4889F191-B666-47C4-A7A2-E4FDD63345B5} => Key not found.
HKCR\CLSID\{4889F191-B666-47C4-A7A2-E4FDD63345B5} => Key not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{87d5d709-40f2-48a7-8f47-7bb821af70ab} => Key not found.
HKCR\CLSID\{87d5d709-40f2-48a7-8f47-7bb821af70ab} => Key not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233} => Key not found.
HKCR\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} => Key not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{99079a25-328f-4bd4-be04-00955acaa0a7} => Key not found.
HKCR\CLSID\{99079a25-328f-4bd4-be04-00955acaa0a7} => Key not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9D717F81-9148-4f12-8568-69135F087DB0} => Key not found.
HKCR\CLSID\{9D717F81-9148-4f12-8568-69135F087DB0} => Key not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440} => Key not found.
HKCR\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440} => Key not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9} => Key deleted successfully.
HKCR\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9} => Key not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E87806B5-E908-45FD-AF5E-957D83E58E68} => Key not found.
HKCR\CLSID\{E87806B5-E908-45FD-AF5E-957D83E58E68} => Key not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847} => Key not found.
HKCR\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847} => Key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{D0F4A166-B8D4-48b8-9D63-80849FE137CB} => Value not found.
HKCR\CLSID\{D0F4A166-B8D4-48b8-9D63-80849FE137CB} => Key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{99079a25-328f-4bd4-be04-00955acaa0a7} => Value not found.
HKCR\CLSID\{99079a25-328f-4bd4-be04-00955acaa0a7} => Key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{5018CFD2-804D-4C99-9F81-25EAEA2769DE} => Value not found.
HKCR\CLSID\{5018CFD2-804D-4C99-9F81-25EAEA2769DE} => Key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{EEE6C35B-6118-11DC-9C72-001320C79847} => Value not found.
HKCR\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847} => Key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{D4027C7F-154A-4066-A1AD-4243D8127440} => Value not found.
HKCR\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440} => Key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{07B18EA9-A523-4961-B6BB-170DE4475CCA} => Value not found.
HKCR\CLSID\{07B18EA9-A523-4961-B6BB-170DE4475CCA} => Key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{9E131A93-EED7-4BEB-B015-A0ADB30B5646} => Value not found.
HKCR\CLSID\{9E131A93-EED7-4BEB-B015-A0ADB30B5646} => Key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{95B7759C-8C7F-4BF1-B163-73684A933233} => Value not found.
HKCR\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} => Value not found.
HKCR\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{EEE6C35B-6118-11DC-9C72-001320C79847} => Value not found.
HKCR\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847} => Key not found.
HKCR\PROTOCOLS\Handler\viprotocol => Key not found.
HKCR\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9} => Key not found.
Firefox DefaultSearchEngine deleted successfully.
Firefox SearchEngineOrder.1 deleted successfully.
Firefox SelectedSearchEngine deleted successfully.
Firefox homepage deleted successfully.
Firefox Keyword.URL deleted successfully.
HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin => Key not found.
C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\17.0.12\\npsitesafety.dll not found.
HKLM\Software\MozillaPlugins\@mywebsearch.com/Plugin => Key not found.
C:\Program Files\MyWebSearch\bar\1.bin\NPMyWebS.dll not found.
HKLM\Software\MozillaPlugins\@mywebsearch.com/Plugin => Key not found.
C:\Program Files\MyWebSearch\bar\1.bin\NPMyWebS.dll not found.
HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.11.2105 => Key deleted successfully.
C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll => Moved successfully.
HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.1212 => Key deleted successfully.
C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll => Moved successfully.
HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3 => Key deleted successfully.
C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll => Moved successfully.
HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9 => Key deleted successfully.
C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll not found.
HKLM\Software\MozillaPlugins\Adobe Reader => Key deleted successfully.
C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll => Moved successfully.
HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0 => Key deleted successfully.
C:\Users\admin\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll => Moved successfully.
"C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qttlp4t1.default\searchplugins\askcom.xml" => not found.
"C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qttlp4t1.default\searchplugins\avg-secure-search.xml" => not found.
"C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qttlp4t1.default\searchplugins\BrowserProtect.xml" => not found.
"C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qttlp4t1.default\searchplugins\conduit.xml" => not found.
"C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qttlp4t1.default\searchplugins\MyStart Search.xml" => not found.
"C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qttlp4t1.default\searchplugins\mywebsearch.xml" => not found.
"C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qttlp4t1.default\searchplugins\Search_Results.xml" => not found.
"C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qttlp4t1.default\searchplugins\softonic.xml" => not found.
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qttlp4t1.default\searchplugins\st-polska2-customized-web-search.xml => Moved successfully.
"C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qttlp4t1.default\searchplugins\sweetim.xml" => not found.
"C:\Program Files\mozilla firefox\searchplugins\avg-secure-search.xml" => not found.
"C:\Program Files\mozilla firefox\searchplugins\babylon.xml" => not found.
"C:\Program Files\mozilla firefox\searchplugins\qvo6.xml" => not found.
"C:\Program Files\mozilla firefox\searchplugins\Search_Results.xml" => not found.
"C:\Program Files\mozilla firefox\browser\searchplugins\avg-secure-search.xml" => not found.
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qttlp4t1.default\Extensions\toolbar@ask.com => not found.
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qttlp4t1.default\Extensions\{87d5d709-40f2-48a7-8f47-7bb821af70ab} => not found.
HKLM\Software\Mozilla\Firefox\Extensions\\m3ffxtbr@mywebsearch.com => Value not found.
C:\Program Files\MyWebSearch\bar\1.bin => not found.
HKLM\Software\Mozilla\Firefox\Extensions\\avg@toolbar => Value not found.
HKCU\Software\Mozilla\Firefox\Extensions\\{58bd07eb-0ee0-4df0-8121-dc9b693373df} => Value not found.
C:\ProgramData\BrowserProtect\2.5.986.67\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension => not found.
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcillohgikpecbmgioknapdpcjofaafl directory not found.
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gaiilaahiahdejapggenmdmafpmbipje directory not found.
"C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcillohgikpecbmgioknapdpcjofaafl" => File/Directory not found.
"C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gaiilaahiahdejapggenmdmafpmbipje" => File/Directory not found.
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlfihafpijfdgmojeeigcldgchhojpfp directory not found.
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof => Moved successfully.
"C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlfihafpijfdgmojeeigcldgchhojpfp" => File/Directory not found.
"C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof" => File/Directory not found.
HKLM\SOFTWARE\Google\Chrome\Extensions\dcillohgikpecbmgioknapdpcjofaafl => Key not found.
"C:\Users\admin\AppData\Roaming\Claro\claro.crx" => File/Directory not found.
HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd => Key not found.
"C:\Program Files\Web Assistant\source.crx" => File/Directory not found.
HKLM\SOFTWARE\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje => Key not found.
"C:\Program Files\DealPly\DealPly.crx" => File/Directory not found.
"C:\Program Files\Web Assistant" => File/Directory not found.
HKLM\SOFTWARE\Google\Chrome\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo => Key not found.
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx => Moved successfully.
HKLM\SOFTWARE\Google\Chrome\Extensions\jlfihafpijfdgmojeeigcldgchhojpfp => Key deleted successfully.
C:\Program Files\BFlix\BFlix.crx => Moved successfully.
HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof => Key not found.
"C:\ProgramData\AVG Secure Search\ChromeExt\17.0.1.12\avg.crx" => File/Directory not found.
HKLM\SOFTWARE\Google\Chrome\Extensions\pgafcinpmmpklohkojmllohdhomoefph => Key not found.
"C:\ProgramData\BrowserProtect\2.5.986.67\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.crx" => File/Directory not found.
HKLM\SOFTWARE\Clients\StartMenuInternet\Google Chrome\shell\open\command\\Default => Value was restored successfully.
MyWebSearchService => Service not found.
vToolbarUpdater17.0.12 => Service not found.
szkgfs => Service not found.

==== End of Fixlog ====

 

Pozdrawiam

Sebastian

[Seb]

Nowy log FRST

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 25-11-2013 01
Ran by admin (administrator) on ADMIN-PC on 26-11-2013 22:41:43
Running from C:\!!!!!!! seb\komputer
Microsoft® Windows Vista™ Home Basic  Service Pack 2 (X86) OS Language: Polish
Internet Explorer Version 7
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
(Symantec Corporation) C:\Program Files\Norton Safe Web Lite\Engine\1.2.0.7\ccSvcHst.exe
(PC Tools) C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe
(Vimicro) C:\Windows\VM305_STI.EXE
(PC Tools) C:\Program Files\Common Files\PC Tools\sMonitor\SSDMonitor.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastUI.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\soffice.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\soffice.bin
(Ghisler Software GmbH) C:\totalcmd\TOTALCMD.EXE
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [HP Software Update] - C:\Program Files\HP\HP Software Update\hpwuschd2.exe [54576 2008-12-08] (Hewlett-Packard)
HKLM\...\Run: [bigDog305] - C:\Windows\VM305_STI.EXE [61440 2005-08-05] (Vimicro)
HKLM\...\Run: [sSDMonitor] - C:\Program Files\Common Files\PC Tools\sMonitor\SSDMonitor.exe [103896 2012-01-04] (PC Tools)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [avast] - C:\Program Files\Alwil Software\Avast5\AvastUI.exe [4297136 2012-10-30] (AVAST Software)
HKCU\...\Run: [WMPNSCFG] - C:\Program Files\Windows Media Player\wmpnscfg.exe [202240 2008-01-21] (Microsoft Corporation)
MountPoints2: {4efbde06-2b91-11e0-88ce-001e8cfb7dbf} - G:\LGAutoRun.exe
MountPoints2: {ce137fd4-03ca-11e0-a6ee-806e6f6e6963} - F:\runme_windows.exe
HKU\Default\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\Default User\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
Startup: C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk
ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()

==================== Internet (Whitelisted) ====================

HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
BHO: Norton Safe Web Lite BHO - {F0DA78E9-6B60-42fb-BC26-EF2CFB8C8FF3} - C:\Program Files\Norton Safe Web Lite\Engine\1.2.0.7\CoIEPlg.dll (Symantec Corporation)
Toolbar: HKLM - Norton Safe Web Lite - {30CEEEA2-3742-40e4-85DD-812BF1CBB83D} - C:\Program Files\Norton Safe Web Lite\Engine\1.2.0.7\CoIEPlg.dll (Symantec Corporation)
Toolbar: HKLM - avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
Toolbar: HKLM - No Name - !{07B18EA9-A523-4961-B6BB-170DE4475CCA} -  No File
Toolbar: HKLM - No Name - !{5018CFD2-804D-4C99-9F81-25EAEA2769DE} -  No File
Toolbar: HKLM - No Name - !{D4027C7F-154A-4066-A1AD-4243D8127440} -  No File
Toolbar: HKLM - No Name - !{EEE6C35B-6118-11DC-9C72-001320C79847} -  No File
Toolbar: HKCU - Norton Safe Web Lite - {30CEEEA2-3742-40E4-85DD-812BF1CBB83D} - C:\Program Files\Norton Safe Web Lite\Engine\1.2.0.7\CoIEPlg.dll (Symantec Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qttlp4t1.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw_1200112.dll (Adobe Systems, Inc.)
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.40.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF HKLM\...\Firefox\Extensions: [{203FB6B2-2E1E-4474-863B-4C483ECCE78E}] - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_1.2.0.7\coFFNST\
FF Extension: Norton Safe Web Lite Toolbar - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_1.2.0.7\coFFNST\
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\Alwil Software\Avast5\WebRep\FF
FF Extension: avast! WebRep - C:\Program Files\Alwil Software\Avast5\WebRep\FF

Chrome:
=======
CHR HomePage: hxxp://www.google.com
CHR RestoreOnStartup: "hxxp://www.google.pl/webhp?hl=pl#"
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\31.0.1650.57\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\31.0.1650.57\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\31.0.1650.57\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\PepperFlash\11.1.31.203\pepflashplayer.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (Vividas Player Plugin) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\choofoanehnlponopnapopbnkeldllka\4.1_0\npVividasPlayer.dll No File
CHR Plugin: (Injovo Extension Plugin) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd\2.0.0.430_0\npbrowserext.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Java Deployment Toolkit 6.0.290.11) - C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll No File
CHR Plugin: (Java Platform SE 6 U29) - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll No File
CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (Silverlight Plug-In) - C:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll No File
CHR Plugin: (My Web Search Plugin Stub) - C:\Program Files\MyWebSearch\bar\1.bin\NPMyWebS.dll No File
CHR Plugin: (RealPlayer G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll No File
CHR Plugin: (RealPlayer Version Plugin) - C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll No File
CHR Plugin: (Unity Player) - C:\Users\admin\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll No File
CHR Plugin: (Windows Presentation Foundation) - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll No File
CHR Extension: (YouTube) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Google Wallet) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0
CHR Extension: (Gmail) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
CHR HKLM\...\Chrome\Extension: [aaaaoiagmlcohkmjodefppbmpjdiocmh] - C:\Users\admin\AppData\Local\APN\GoogleCRXs\aaaaoiagmlcohkmjodefppbmpjdiocmh_7.14.1.0.crx
CHR HKLM\...\Chrome\Extension: [icmlaeflemplmjndnaapfdbbnpncnbda] - C:\Program Files\Alwil Software\Avast5\WebRep\Chrome\aswWebRepChrome.crx

========================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [44808 2012-10-30] (AVAST Software)
R2 NSL; C:\Program Files\Norton Safe Web Lite\Engine\1.2.0.7\diMaster.dll [262584 2010-12-03] (Symantec Corporation)
R2 PCToolsSSDMonitorSvc; C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe [793048 2012-01-04] (PC Tools)

==================== Drivers (Whitelisted) ====================

R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [21256 2012-10-30] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [58680 2012-10-30] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswRdr.sys [35928 2012-10-30] (AVAST Software)
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [738504 2012-10-30] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [361032 2012-10-30] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [54232 2012-10-30] (AVAST Software)
R3 MTsensor; C:\Windows\System32\DRIVERS\ATKACPI.sys [7680 2007-07-31] (ATK0100)
R3 RTL8187B; C:\Windows\System32\DRIVERS\RTL8187B.sys [344064 2009-02-23] (Realtek Semiconductor Corporation                           )
S3 usbbus; C:\Windows\System32\DRIVERS\lgusbbus.sys [13056 2010-01-21] (LG Electronics Inc.)
S3 UsbDiag; C:\Windows\System32\DRIVERS\lgusbdiag.sys [20864 2010-01-21] (LG Electronics Inc.)
S3 USBModem; C:\Windows\System32\DRIVERS\lgusbmodem.sys [24960 2010-01-21] (LG Electronics Inc.)
S3 ZSMC0305; C:\Windows\System32\Drivers\usbVM305.sys [391688 2006-05-08] (Vimicro Corporation)
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
S3 gfiark; system32\drivers\gfiark.sys [x]
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]
S2 sbapifs; system32\DRIVERS\sbapifs.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-11-26 21:59 - 2012-04-29 10:24 - 00833032 _____ (MyWebSearch.com) C:\Program Files\Uninstall Fun Web Products.dll
2013-11-26 20:43 - 2013-11-26 22:23 - 00000000 ____D C:\AdwCleaner
2013-11-26 19:59 - 2013-11-26 22:26 - 00006074 _____ C:\Windows\PFRO.log
2013-11-26 19:51 - 2013-11-26 19:51 - 00023812 _____ C:\Users\admin\Documents\cc_20131126_195107.reg
2013-11-26 18:40 - 2013-11-26 18:40 - 00000000 ____D C:\Program Files\Enigma Software Group
2013-11-26 18:39 - 2013-11-26 20:30 - 00000000 ____D C:\Windows\220FB0354744483A9A0B41DF77061583.TMP
2013-11-26 18:38 - 2013-11-26 18:38 - 00000000 ____D C:\Program Files\Common Files\Wise Installation Wizard
2013-11-26 18:19 - 2013-11-26 18:19 - 00000000 ____D C:\Users\admin\AppData\Local\GHISLER
2013-11-26 16:29 - 2013-11-26 16:31 - 00000000 ____D C:\totalcmd
2013-11-26 16:29 - 2013-11-26 16:29 - 00000584 _____ C:\Users\Public\Desktop\Total Commander.lnk
2013-11-26 16:29 - 2013-11-26 16:29 - 00000000 ____D C:\Users\admin\AppData\Roaming\GHISLER
2013-11-26 16:29 - 2012-08-03 08:01 - 00000545 _____ C:\Windows\UC.PIF
2013-11-26 16:29 - 2012-08-03 08:01 - 00000545 _____ C:\Windows\RAR.PIF
2013-11-26 16:29 - 2012-08-03 08:01 - 00000545 _____ C:\Windows\PKZIP.PIF
2013-11-26 16:29 - 2012-08-03 08:01 - 00000545 _____ C:\Windows\PKUNZIP.PIF
2013-11-26 16:29 - 2012-08-03 08:01 - 00000545 _____ C:\Windows\LHA.PIF
2013-11-26 16:29 - 2012-08-03 08:01 - 00000545 _____ C:\Windows\ARJ.PIF
2013-11-26 12:11 - 2013-11-26 12:11 - 00000070 _____ C:\Users\admin\trojany.txt
2013-11-26 11:41 - 2013-11-26 11:41 - 00000000 ____D C:\FRST
2013-11-26 08:16 - 2013-11-26 08:16 - 00000000 ____D C:\Users\admin\AppData\Roaming\DRPSu
2013-11-26 08:08 - 2013-11-26 08:08 - 00000000 ____D C:\Program Files\DIFX
2013-11-26 08:00 - 2009-02-23 10:05 - 00344064 _____ (Realtek Semiconductor Corporation                           ) C:\Windows\system32\Drivers\RTL8187B.sys
2013-11-26 07:57 - 2013-11-26 07:57 - 00000957 _____ C:\Users\Public\Desktop\DriverPack Solution Lite.lnk
2013-11-26 07:57 - 2013-11-26 07:57 - 00000000 ____D C:\Program Files\DriverPack Solution Lite 13
2013-11-26 07:27 - 2013-11-26 07:27 - 10534760 _____ (Kuzyakov Artur                                              ) C:\Users\admin\Downloads\DriverPack Solution 13 R395.exe
2013-11-26 07:18 - 2013-11-26 07:19 - 00000000 ____D C:\Users\admin\AppData\Local\Mobogenie
2013-11-26 07:18 - 2013-11-26 07:18 - 00000000 ____D C:\Users\wangzhisong\AppData\Local\Mobogenie
2013-11-26 07:18 - 2013-11-26 07:18 - 00000000 ____D C:\Users\wangzhisong
2013-11-26 07:18 - 2013-11-26 07:18 - 00000000 ____D C:\Users\admin\Documents\Mobogenie
2013-11-26 07:18 - 2013-11-26 07:18 - 00000000 ____D C:\Users\admin\AppData\Local\cache
2013-11-26 07:18 - 2013-11-26 07:18 - 00000000 _____ C:\Users\admin\daemonprocess.txt
2013-11-26 07:17 - 2013-11-26 07:20 - 00000000 ____D C:\Program Files\Mobogenie
2013-11-26 07:16 - 2013-11-26 07:16 - 10534760 _____ (Kuzyakov Artur                                              ) C:\Users\admin\Downloads\DRPSu13-Lite.exe
16413-05-22 06:52 - 2013-11-26 22:27 - 00001032 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore40de9580ca570962.job
16413-04-18 10:56 - 16413-04-18 10:56 - 00347424 _____ (Microsoft Corporation) C:\Users\admin\Downloads\MicrosoftFixit.wu.LB.3428970968426027.4.1.Run.exe

==================== One Month Modified Files and Folders =======

2013-11-26 22:31 - 2012-01-18 17:19 - 00000000 ____D C:\Program Files\BFlix
2013-11-26 22:27 - 2006-11-02 13:58 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-11-26 22:27 - 2006-11-02 13:45 - 00003760 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2013-11-26 22:27 - 2006-11-02 13:45 - 00003760 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2013-11-26 22:27 - 16413-05-22 06:52 - 00001032 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore40de9580ca570962.job
2013-11-26 22:26 - 2013-11-26 19:59 - 00006074 _____ C:\Windows\PFRO.log
2013-11-26 22:25 - 2009-04-11 13:34 - 01833653 _____ C:\Windows\WindowsUpdate.log
2013-11-26 22:25 - 2006-11-02 13:58 - 00032608 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-11-26 22:23 - 2013-11-26 20:43 - 00000000 ____D C:\AdwCleaner
2013-11-26 22:22 - 2011-04-04 12:18 - 00001081 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-11-26 22:22 - 2010-12-09 21:48 - 00000846 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-11-26 22:22 - 2010-12-09 20:51 - 00000989 _____ C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-11-26 22:13 - 2010-12-09 22:52 - 00001034 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-11-26 21:44 - 2013-10-09 23:31 - 00000930 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-11-26 20:43 - 2013-10-06 09:38 - 00000000 ____D C:\!!!!!!! seb
2013-11-26 20:30 - 2013-11-26 18:39 - 00000000 ____D C:\Windows\220FB0354744483A9A0B41DF77061583.TMP
2013-11-26 20:03 - 2011-01-18 21:23 - 00000069 _____ C:\Windows\NeroDigital.ini
2013-11-26 19:59 - 2011-05-07 11:23 - 00000254 _____ C:\Windows\Tasks\RMSchedule.job
2013-11-26 19:51 - 2013-11-26 19:51 - 00023812 _____ C:\Users\admin\Documents\cc_20131126_195107.reg
2013-11-26 19:50 - 2011-06-10 20:00 - 00000000 ____D C:\Program Files\Steam
2013-11-26 19:08 - 2012-01-21 19:00 - 00000386 _____ C:\Windows\system32\AppLog.log
2013-11-26 18:40 - 2013-11-26 18:40 - 00000000 ____D C:\Program Files\Enigma Software Group
2013-11-26 18:38 - 2013-11-26 18:38 - 00000000 ____D C:\Program Files\Common Files\Wise Installation Wizard
2013-11-26 18:19 - 2013-11-26 18:19 - 00000000 ____D C:\Users\admin\AppData\Local\GHISLER
2013-11-26 16:31 - 2013-11-26 16:29 - 00000000 ____D C:\totalcmd
2013-11-26 16:29 - 2013-11-26 16:29 - 00000584 _____ C:\Users\Public\Desktop\Total Commander.lnk
2013-11-26 16:29 - 2013-11-26 16:29 - 00000000 ____D C:\Users\admin\AppData\Roaming\GHISLER
2013-11-26 16:14 - 2013-02-05 13:36 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-11-26 12:11 - 2013-11-26 12:11 - 00000070 _____ C:\Users\admin\trojany.txt
2013-11-26 12:11 - 2010-12-09 20:51 - 00000000 ____D C:\Users\admin
2013-11-26 11:41 - 2013-11-26 11:41 - 00000000 ____D C:\FRST
2013-11-26 09:25 - 2009-04-13 08:39 - 01497870 _____ C:\Windows\system32\PerfStringBackup.INI
2013-11-26 09:25 - 2009-04-13 08:38 - 00671666 _____ C:\Windows\system32\perfh015.dat
2013-11-26 09:25 - 2009-04-13 08:38 - 00132422 _____ C:\Windows\system32\perfc015.dat
2013-11-26 09:24 - 2010-12-09 21:47 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-11-26 08:23 - 2011-04-04 12:17 - 00000000 ____D C:\Users\admin\AppData\Roaming\Skype
2013-11-26 08:16 - 2013-11-26 08:16 - 00000000 ____D C:\Users\admin\AppData\Roaming\DRPSu
2013-11-26 08:08 - 2013-11-26 08:08 - 00000000 ____D C:\Program Files\DIFX
2013-11-26 07:57 - 2013-11-26 07:57 - 00000957 _____ C:\Users\Public\Desktop\DriverPack Solution Lite.lnk
2013-11-26 07:57 - 2013-11-26 07:57 - 00000000 ____D C:\Program Files\DriverPack Solution Lite 13
2013-11-26 07:27 - 2013-11-26 07:27 - 10534760 _____ (Kuzyakov Artur                                              ) C:\Users\admin\Downloads\DriverPack Solution 13 R395.exe
2013-11-26 07:20 - 2013-11-26 07:17 - 00000000 ____D C:\Program Files\Mobogenie
2013-11-26 07:19 - 2013-11-26 07:18 - 00000000 ____D C:\Users\admin\AppData\Local\Mobogenie
2013-11-26 07:18 - 2013-11-26 07:18 - 00000000 ____D C:\Users\wangzhisong\AppData\Local\Mobogenie
2013-11-26 07:18 - 2013-11-26 07:18 - 00000000 ____D C:\Users\wangzhisong
2013-11-26 07:18 - 2013-11-26 07:18 - 00000000 ____D C:\Users\admin\Documents\Mobogenie
2013-11-26 07:18 - 2013-11-26 07:18 - 00000000 ____D C:\Users\admin\AppData\Local\cache
2013-11-26 07:18 - 2013-11-26 07:18 - 00000000 _____ C:\Users\admin\daemonprocess.txt
2013-11-26 07:16 - 2013-11-26 07:16 - 10534760 _____ (Kuzyakov Artur                                              ) C:\Users\admin\Downloads\DRPSu13-Lite.exe
2013-11-11 05:50 - 2010-12-21 18:57 - 00230048 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
16413-05-22 06:57 - 2013-02-21 12:21 - 00000000 ____D C:\Program Files\Eidos Interactive
16413-05-22 06:57 - 2010-12-09 21:02 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
16413-05-22 06:54 - 2013-03-21 10:01 - 00000000 ____D C:\PIT Format 2012
16413-04-18 10:56 - 16413-04-18 10:56 - 00347424 _____ (Microsoft Corporation) C:\Users\admin\Downloads\MicrosoftFixit.wu.LB.3428970968426027.4.1.Run.exe

Some content of TEMP:
====================
C:\Users\admin\AppData\Local\Temp\Quarantine.exe
C:\Users\admin\AppData\Local\Temp\SHSetup.exe
C:\Users\admin\AppData\Local\Temp\uninst1.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-11-26 22:32

==================== End Of Log ============================

[Seb]

Laptop zaczął racować dużo lepiej. Właściwie nie mam zastrzeżeń.

Jeśli jest jeszcze coś nie tak w logach daj znać.

 

Jeszcze raz serdecznie dziękuję za pomoc i poświęcony mi czas.

Pozdrawiam

Seabstian

[jessica]

C:\Users\wangzhisong

Czy to Twoja nazwa użytkownika?

 

Norton Safe Web Lite (Version: 1.2.0.7)

Norton Security Scan (Version: 3.0.0.103)

Jeśli nie zainstalowałeś tego świadomie, to odinstaluj. Masz przecież już Avasta.

 

Otwórz Notatnik i wklej w nim:

 

 

C:\Users\admin\AppData\Local\Temp\SHSetup.exe

C:\Users\admin\AppData\Local\Temp\uninst1.exe

C:\Program Files\Mobogenie

C:\Users\admin\AppData\Local\Mobogenie

C:\Users\wangzhisong\AppData\Local\Mobogenie

C:\Users\admin\Documents\Mobogenie

C:\Users\admin\AppData\Local\cache

C:\Users\admin\daemonprocess.txt

S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [x]

S3 gfiark; system32\drivers\gfiark.sys [x]

S2 sbapifs; system32\DRIVERS\sbapifs.sys [x]

CHR Plugin: (Vividas Player Plugin) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\choofoanehnlponopnapopbnkeldllka\4.1_0\npVividasPlayer.dll No File

CHR Plugin: (Injovo Extension Plugin) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd\2.0.0.430_0\npbrowserext.dll No File

CHR Plugin: (My Web Search Plugin Stub) - C:\Program Files\MyWebSearch\bar\1.bin\NPMyWebS.dll No File

CHR Plugin: (RealPlayer™ G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll No File

CHR Plugin: (RealPlayer Version Plugin) - C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll No File

CHR Plugin: (Unity Player) - C:\Users\admin\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll No File

FF Extension: Norton Safe Web Lite Toolbar - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_1.2.0.7\coFFNST\

Toolbar: HKLM - No Name - !{07B18EA9-A523-4961-B6BB-170DE4475CCA} -  No File

Toolbar: HKLM - No Name - !{5018CFD2-804D-4C99-9F81-25EAEA2769DE} -  No File

Toolbar: HKLM - No Name - !{D4027C7F-154A-4066-A1AD-4243D8127440} -  No File

Toolbar: HKLM - No Name - !{EEE6C35B-6118-11DC-9C72-001320C79847} -  No File

Toolbar: HKCU - Norton Safe Web Lite - {30CEEEA2-3742-40E4-85DD-812BF1CBB83D} - C:\Program Files\Norton Safe Web Lite\Engine\1.2.0.7\CoIEPlg.dll (Symantec Corporation)

BHO: Norton Safe Web Lite BHO - {F0DA78E9-6B60-42fb-BC26-EF2CFB8C8FF3} - C:\Program Files\Norton Safe Web Lite\Engine\1.2.0.7\CoIEPlg.dll (Symantec Corporation)

Toolbar: HKLM - Norton Safe Web Lite - {30CEEEA2-3742-40e4-85DD-812BF1CBB83D} - C:\Program Files\Norton Safe Web Lite\Engine\1.2.0.7\CoIEPlg.dll (Symantec Corporation)

Plik zapisz pod nazwą fixlist.txt i umieść obok narzędzia FRST. Uruchom FRST i kliknij w Fix. Powstanie plik fixlog.txt.

Daj go.

 

Zrób nowy log z FRST.

Logi wklejaj na http://wklejto.pl/, a w poście daj tylko linki.(czyli skopiuj adresy z paska adresów).

 

jessi

[Seb]

Nortona usunąłem.

Jeśli chodzi o nazwę użytkownika "wangzhisong" to dziwnwne, ale w panelu sterowania, w menu konta użytkowników nie ma takiego użytkownika. Powstało ono 26.11.2013, czyli wczoraj. Dziwne ....

Usunąłem katalog ręcznie.

 

 

a tu masz log z FRST:

http://wklejto.pl/183116

 

Sebastian

 

 

P.S.

Jeszcze jedno pytanie.

Czym najlepiej usunąć trojany. Wydaje mi się, że na tym komputerze jakieś są. Znalazł je StopZilla.

[jessica]

Czym najlepiej usunąć trojany. Wydaje mi się, że na tym komputerze jakieś są. Znalazł je StopZilla.

Ja jakoś nie mam zaufania do StopZilla.

Zresztą @Picasso też nie, bo napisała:

StopZilla i SpyHunter to programy wątpliwej reputacji.

 

Gdzie i co wykrywa?

 

Brak nowego logu z FRST.

 

jessi

[Seb]

StopZilla tym razem nic nie znalazł za wyjątkiem 4 ciasteczek. Żadnych trojanów.

 

log z FRST:

http://www.wklejto.pl/183153

 

Sebastian

[jessica]

W nowym logu znajdzie się jeszcze coś do kosmetycznego usuwania, zwłaszcza z Google Chrome, ale to już nie jest takie pilne, więc zostawiam to dla @Picasso, gdy już zacznie pomagać po wyzdrowieniu.

 

jessi

[Seb]

Serdecznie dizękuję za pomoc. Laptop dzieła doskonale.

 

Teraz pora na moje komputery. Przeanalizuję w jaki sposób pomogłaś mi i zrobię to z moimi....

 

Pozdrawiam

Sebastian