CloseProcesses:
CreateRestorePoint:
R2 ExtTag; C:\Documents and Settings\All Users\Dane aplikacji\\ExtTag\\ExtTag.exe [441856 2015-09-17] () [Brak podpisu cyfrowego]
R2 NetTcpHandler; C:\Documents and Settings\User1\Dane aplikacji\NetService\netservice.exe [173088 2015-07-09] ()
R2 Saophase; C:\Documents and Settings\All Users\Dane aplikacji\\Saophase\\Saophase.exe [441856 2015-09-17] () [Brak podpisu cyfrowego]
R2 SSFK; C:\Program Files\SFK\SSFK.exe [458400 2015-09-27] (TODO: <公司名>)
R2 WdsManPro; C:\Documents and Settings\All Users\Dane aplikacji\tWdsManProt\WdsManPro.exe [442504 2015-09-24] (DTools LIMITED)
S1 Cdaudio; Brak ImagePath
S3 cpuz134; \??\C:\DOCUME~1\User1\USTAWI~1\Temp\cpuz134\cpuz134_x32.sys [X]
S3 Parport; Brak ImagePath
S1 ppfd_vt_1_10_0_22; system32\drivers\ppfd_vt_1_10_0_22.sys [X]
S1 ppfd_vt_1_10_0_24; system32\drivers\ppfd_vt_1_10_0_24.sys [X]
S1 Sfloppy; Brak ImagePath
U3 TlntSvr; Brak ImagePath
S2 totyseku; Brak ImagePath
S1 wwfd_vt_1_10_0_24; system32\drivers\wwfd_vt_1_10_0_24.sys [X]
HKLM\...\Run: [gmsd_pl_005010095] => [X]
HKLM\...\Run: [gmsd_pl_005010096] => [X]
HKLM\...\Run: [upgmsd_pl_005010096.exe] => C:\Documents and Settings\User1\Ustawienia lokalne\Dane aplikacji\gmsd_pl_005010096\upgmsd_pl_005010096.exe [3320240 2015-09-24] ()
HKU\S-1-5-18\...\Run: [Advanced SystemCare 6] => "C:\Program Files\IObit\Advanced SystemCare 6\ASCTray.exe" /AutoStart
AppInit_DLLs: C:\DOCUME~1\ALLUSE~1\DANEAP~1\ExtTag\Unacof.dll => C:\Documents and Settings\All Users\Dane aplikacji\ExtTag\Unacof.dll [384512 2015-09-25] ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => Brak pliku
ShellIconOverlayIdentifiers: [BaiduAntivirusIconLock] -> {0A93904A-BB1E-4a0c-9753-B57B9AE272CC} => Brak pliku
GroupPolicy: Ograniczenia - Chrome <======= UWAGA
CHR HKLM\SOFTWARE\Policies\Google: Ograniczenia <======= UWAGA
Task: C:\WINDOWS\Tasks\060184C3-9766-46a0-B258-F4518A0B2633.job => C:\WINDOWS\system32\cscript.exeWC:\Documents and Settings\All Users\Dane aplikacji\Baidu Security\Duplicaterecord.js <==== UWAGA
Task: C:\WINDOWS\Tasks\44fea398-f68a-4e75-9bbc-3681d760ca3a-10_user.job => C:\Program Files\CinemaP-1.9cV01.09\44fea398-f68a-4e75-9bbc-3681d760ca3a-10.exe <==== UWAGA
Task: C:\WINDOWS\Tasks\44fea398-f68a-4e75-9bbc-3681d760ca3a-11.job => C:\Program Files\CinemaP-1.9cV01.09\44fea398-f68a-4e75-9bbc-3681d760ca3a-11.exe <==== UWAGA
Task: C:\WINDOWS\Tasks\5030a62f-a3c2-40dc-b700-e69504166c18-1-6.job => C:\Program Files\iWebar\5030a62f-a3c2-40dc-b700-e69504166c18-1-6.exe <==== UWAGA
Task: C:\WINDOWS\Tasks\5030a62f-a3c2-40dc-b700-e69504166c18-1-7.job => C:\Program Files\iWebar\5030a62f-a3c2-40dc-b700-e69504166c18-1-7.exe <==== UWAGA
Task: C:\WINDOWS\Tasks\5030a62f-a3c2-40dc-b700-e69504166c18-11.job => C:\Program Files\iWebar\5030a62f-a3c2-40dc-b700-e69504166c18-11.exe <==== UWAGA
Task: C:\WINDOWS\Tasks\5030a62f-a3c2-40dc-b700-e69504166c18-4.job => C:\Program Files\iWebar\5030a62f-a3c2-40dc-b700-e69504166c18-4.exe <==== UWAGA
Task: C:\WINDOWS\Tasks\5030a62f-a3c2-40dc-b700-e69504166c18-5.job => C:\Program Files\iWebar\5030a62f-a3c2-40dc-b700-e69504166c18-5.exe <==== UWAGA
Task: C:\WINDOWS\Tasks\63f105b2-eed6-4b41-9277-b3c23a3958dd-11.job => C:\Program Files\Object Browser\63f105b2-eed6-4b41-9277-b3c23a3958dd-11.exe <==== UWAGA
Task: C:\WINDOWS\Tasks\6a1bf0b7-a5e4-488c-85f6-3f0363a98d74-1-6.job => C:\Program Files\GoHD\6a1bf0b7-a5e4-488c-85f6-3f0363a98d74-1-6.exe <==== UWAGA
Task: C:\WINDOWS\Tasks\6a1bf0b7-a5e4-488c-85f6-3f0363a98d74-1-7.job => C:\Program Files\GoHD\6a1bf0b7-a5e4-488c-85f6-3f0363a98d74-1-7.exe <==== UWAGA
Task: C:\WINDOWS\Tasks\6a1bf0b7-a5e4-488c-85f6-3f0363a98d74-10_user.job => C:\Program Files\GoHD\6a1bf0b7-a5e4-488c-85f6-3f0363a98d74-10.exe <==== UWAGA
Task: C:\WINDOWS\Tasks\6a1bf0b7-a5e4-488c-85f6-3f0363a98d74-4.job => C:\Program Files\GoHD\6a1bf0b7-a5e4-488c-85f6-3f0363a98d74-4.exe <==== UWAGA
Task: C:\WINDOWS\Tasks\6a1bf0b7-a5e4-488c-85f6-3f0363a98d74-5.job => C:\Program Files\GoHD\6a1bf0b7-a5e4-488c-85f6-3f0363a98d74-5.exe <==== UWAGA
Task: C:\WINDOWS\Tasks\72e64bd7-9720-4061-be8f-39180bfd848f-1-6.job => C:\Program Files\GoHD\72e64bd7-9720-4061-be8f-39180bfd848f-1-6.exe <==== UWAGA
Task: C:\WINDOWS\Tasks\72e64bd7-9720-4061-be8f-39180bfd848f-1-7.job => C:\Program Files\GoHD\72e64bd7-9720-4061-be8f-39180bfd848f-1-7.exe <==== UWAGA
Task: C:\WINDOWS\Tasks\72e64bd7-9720-4061-be8f-39180bfd848f-10_user.job => C:\Program Files\GoHD\72e64bd7-9720-4061-be8f-39180bfd848f-10.exe <==== UWAGA
Task: C:\WINDOWS\Tasks\72e64bd7-9720-4061-be8f-39180bfd848f-4.job => C:\Program Files\GoHD\72e64bd7-9720-4061-be8f-39180bfd848f-4.exe <==== UWAGA
Task: C:\WINDOWS\Tasks\72e64bd7-9720-4061-be8f-39180bfd848f-5.job => C:\Program Files\GoHD\72e64bd7-9720-4061-be8f-39180bfd848f-5.exe <==== UWAGA
Task: C:\WINDOWS\Tasks\7709485d-3868-4af5-b43b-60b7816f6004-1-6.job => C:\Program Files\GoHD\7709485d-3868-4af5-b43b-60b7816f6004-1-6.exe <==== UWAGA
Task: C:\WINDOWS\Tasks\7709485d-3868-4af5-b43b-60b7816f6004-1-7.job => C:\Program Files\GoHD\7709485d-3868-4af5-b43b-60b7816f6004-1-7.exe <==== UWAGA
Task: C:\WINDOWS\Tasks\7709485d-3868-4af5-b43b-60b7816f6004-10_user.job => C:\Program Files\GoHD\7709485d-3868-4af5-b43b-60b7816f6004-10.exe <==== UWAGA
Task: C:\WINDOWS\Tasks\7709485d-3868-4af5-b43b-60b7816f6004-4.job => C:\Program Files\GoHD\7709485d-3868-4af5-b43b-60b7816f6004-4.exe <==== UWAGA
Task: C:\WINDOWS\Tasks\7709485d-3868-4af5-b43b-60b7816f6004-5.job => C:\Program Files\GoHD\7709485d-3868-4af5-b43b-60b7816f6004-5.exe <==== UWAGA
Task: C:\WINDOWS\Tasks\9529d4d3-1946-4140-aa60-c14fd6789211-1-6.job => C:\Program Files\GoHD\9529d4d3-1946-4140-aa60-c14fd6789211-1-6.exe <==== UWAGA
Task: C:\WINDOWS\Tasks\9529d4d3-1946-4140-aa60-c14fd6789211-1-7.job => C:\Program Files\GoHD\9529d4d3-1946-4140-aa60-c14fd6789211-1-7.exe <==== UWAGA
Task: C:\WINDOWS\Tasks\9529d4d3-1946-4140-aa60-c14fd6789211-10_user.job => C:\Program Files\GoHD\9529d4d3-1946-4140-aa60-c14fd6789211-10.exe <==== UWAGA
Task: C:\WINDOWS\Tasks\9529d4d3-1946-4140-aa60-c14fd6789211-4.job => C:\Program Files\GoHD\9529d4d3-1946-4140-aa60-c14fd6789211-4.exe <==== UWAGA
Task: C:\WINDOWS\Tasks\9529d4d3-1946-4140-aa60-c14fd6789211-5.job => C:\Program Files\GoHD\9529d4d3-1946-4140-aa60-c14fd6789211-5.exe <==== UWAGA
Task: C:\WINDOWS\Tasks\9f957861-99e2-4e35-ac21-6cc2f46cf776-1-6.job => C:\Program Files\CinemaPlus-3.2cV01.09\9f957861-99e2-4e35-ac21-6cc2f46cf776-1-6.exe <==== UWAGA
Task: C:\WINDOWS\Tasks\9f957861-99e2-4e35-ac21-6cc2f46cf776-1-7.job => C:\Program Files\CinemaPlus-3.2cV01.09\9f957861-99e2-4e35-ac21-6cc2f46cf776-1-7.exe <==== UWAGA
Task: C:\WINDOWS\Tasks\9f957861-99e2-4e35-ac21-6cc2f46cf776-10_user.job => C:\Program Files\CinemaPlus-3.2cV01.09\9f957861-99e2-4e35-ac21-6cc2f46cf776-10.exe <==== UWAGA
Task: C:\WINDOWS\Tasks\9f957861-99e2-4e35-ac21-6cc2f46cf776-4.job => C:\Program Files\CinemaPlus-3.2cV01.09\9f957861-99e2-4e35-ac21-6cc2f46cf776-4.exe <==== UWAGA
Task: C:\WINDOWS\Tasks\9f957861-99e2-4e35-ac21-6cc2f46cf776-5.job => C:\Program Files\CinemaPlus-3.2cV01.09\9f957861-99e2-4e35-ac21-6cc2f46cf776-5.exe <==== UWAGA
Task: C:\WINDOWS\Tasks\APSnotifierPP1.job => C:\Program Files\AnyProtectEx\AnyProtect.exe <==== UWAGA
Task: C:\WINDOWS\Tasks\APSnotifierPP2.job => C:\Program Files\AnyProtectEx\AnyProtect.exe <==== UWAGA
Task: C:\WINDOWS\Tasks\APSnotifierPP3.job => C:\Program Files\AnyProtectEx\AnyProtect.exe <==== UWAGA
Task: C:\WINDOWS\Tasks\d5aaef1e-0cb4-422f-8d67-7c42da3e3929-1-6.job => C:\Program Files\CinemaPlus-3.2cV03.09\d5aaef1e-0cb4-422f-8d67-7c42da3e3929-1-6.exe <==== UWAGA
Task: C:\WINDOWS\Tasks\d5aaef1e-0cb4-422f-8d67-7c42da3e3929-1-7.job => C:\Program Files\CinemaPlus-3.2cV03.09\d5aaef1e-0cb4-422f-8d67-7c42da3e3929-1-7.exe <==== UWAGA
Task: C:\WINDOWS\Tasks\d5aaef1e-0cb4-422f-8d67-7c42da3e3929-4.job => C:\Program Files\CinemaPlus-3.2cV03.09\d5aaef1e-0cb4-422f-8d67-7c42da3e3929-4.exe <==== UWAGA
Task: C:\WINDOWS\Tasks\d5aaef1e-0cb4-422f-8d67-7c42da3e3929-5.job => C:\Program Files\CinemaPlus-3.2cV03.09\d5aaef1e-0cb4-422f-8d67-7c42da3e3929-5.exe <==== UWAGA
Task: C:\WINDOWS\Tasks\f6b8afaf-1e95-4b4c-94c4-370830e19355-1-6.job => C:\Program Files\CinemaPlus-3.2cV01.09\f6b8afaf-1e95-4b4c-94c4-370830e19355-1-6.exe <==== UWAGA
Task: C:\WINDOWS\Tasks\f6b8afaf-1e95-4b4c-94c4-370830e19355-10_user.job => C:\Program Files\CinemaPlus-3.2cV01.09\f6b8afaf-1e95-4b4c-94c4-370830e19355-10.exe <==== UWAGA
Task: C:\WINDOWS\Tasks\GmWzqPVHNriqsgVN.job => C:\Documents and Settings\User1\Dane aplikacji\GmWzqPVHNriqsgVN.exe
Task: C:\WINDOWS\Tasks\H53nFTodjxIM.job => C:\Documents and Settings\User1\Dane aplikacji\H53nFTodjxIM.exe
Task: C:\WINDOWS\Tasks\n5SlCbpS.job => C:\Documents and Settings\User1\Dane aplikacji\n5SlCbpS.exe
Task: C:\WINDOWS\Tasks\nriPGpZqDkzDYSA9GvIvgIvC.job => C:\Documents and Settings\User1\Dane aplikacji\nriPGpZqDkzDYSA9GvIvgIvC.exe
Task: C:\WINDOWS\Tasks\PbVXCIe.job => C:\Documents and Settings\User1\Dane aplikacji\PbVXCIe.exe
Task: C:\WINDOWS\Tasks\RealUpgradeLogonTaskS-1-5-18.job => C:\Program Files\Real\RealUpgrade\realupgrade.exe
Task: C:\WINDOWS\Tasks\RealUpgradeLogonTaskS-1-5-21-1960408961-308236825-725345543-1004.job => C:\Program Files\Real\RealUpgrade\realupgrade.exe
Task: C:\WINDOWS\Tasks\RealUpgradeScheduledTaskS-1-5-21-1960408961-308236825-725345543-1004.job => C:\Program Files\Real\RealUpgrade\realupgrade.exe
Task: C:\WINDOWS\Tasks\SMupdate2.job => C:\WINDOWS\system32\rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll <==== UWAGA
Task: C:\WINDOWS\Tasks\SMupdate3.job => C:\WINDOWS\system32\rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll <==== UWAGA
Task: C:\WINDOWS\Tasks\SPBIW_UpdateTask_Time_343133373632303230382d3437415a556c2a3223346c41.job => Wscript.exe w/B C:\Documents and Settings\All Users\Dane aplikacji\ShopperPro\spbihe.js spbiu.exe <==== UWAGA
Task: C:\WINDOWS\Tasks\Tempo Runner nuhldtin.job => C:\Documents and Settings\All Users\Dane aplikacji\JidUube\nuhlatin.exeP/dgad C:\Documents and Settings\All Users\Dane aplikacji\JidUube\nuhldtin.exe
Task: C:\WINDOWS\Tasks\WordSurfer Auto Updater 1.10.0.19 Core.job => C:\Program Files\WordSurfer_1.10.0.19\Update\WordSurferAutoUpdateClient.exe
Task: C:\WINDOWS\Tasks\WordSurfer Auto Updater 1.10.0.19 Pending Update.job => C:\Program Files\WordSurfer_1.10.0.19\Update\WordSurferAutoUpdateClient.exe
Task: C:\WINDOWS\Tasks\zwaI3bfP5cBzLhkw37c.job => C:\Documents and Settings\User1\Dane aplikacji\zwaI3bfP5cBzLhkw37c.exe
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"
IE trusted site: HKU\S-1-5-21-1960408961-308236825-725345543-1004\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-1960408961-308236825-725345543-1004\...\webcompanion.com -> hxxp://webcompanion.com
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Ograniczenia <======= UWAGA
HKU\S-1-5-21-1960408961-308236825-725345543-1004\SOFTWARE\Policies\Microsoft\Internet Explorer: Ograniczenia <======= UWAGA
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\S-1-5-21-1960408961-308236825-725345543-1004\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTxkij9_B3vZOxc6r0vkIwdVvN2YngcddZv8rTKuq1s_QYbB-NV4IUc020cJpf0lnjEp-1Wd0w3T-sISQUPagkcm1EXvwlAK3ITZ7UI_lK4kLAvEeOqRubBAcPdHlTEHvGKODZYm5jBldiedLYi52TKlRlYFL1khWue_G&q={searchTerms}
HKU\S-1-5-21-1960408961-308236825-725345543-1004\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTxkij9_B3vZOxc6r0vkIwdVvN2YngcddZv8rTKuq1s_QYbB-NV4IUc020cJpf0lnjEp-1Wd0w3T-sISQUPagkcm1EXvwlAK3ITZ7UI_lK4kLAvEeOqRubBAcPdHlTEHvGKODZYm5jBldiedLYi52TKlRlYFL1khWue_G&q={searchTerms}
HKU\S-1-5-21-1960408961-308236825-725345543-1004\Software\Microsoft\Internet Explorer\Main,start page = hxxp://%66%65%65%64.%73%6E%61%70%64%6F.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTxkij9_B3vZOxc6r0vkIwdVvN2YngcddZv8rTKuq1s_QYbB-NV4IUc020cJpf0lnjEp-1Wd0w3T-sISQUPagkcV2UGKPTVupRl3nUgBEgOXS4NTPMQTCPBWtOtSJlskmJpn6YG6QEyjfqhvMqYbnuWHrNbUDSiVVtycb
HKU\S-1-5-21-1960408961-308236825-725345543-1004\Software\Microsoft\Internet Explorer\Main,SearchAssistant = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTxkij9_B3vZOxc6r0vkIwdVvN2YngcddZv8rTKuq1s_QYbB-NV4IUc020cJpf0lnjEp-1Wd0w3T-sISQUPagkcm1EXvwlAK3ITZ7UI_lK4kLAvEeOqRubBAcPdHlTEHvGKODZYm5jBldiedLYi52TKlRlYFL1khWue_G&q={searchTerms}
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "hxxp://www.google.com" <======= UWAGA
SearchScopes: HKLM -> DefaultScope {ielnksrch} URL =
SearchScopes: HKLM -> ielnksrch URL = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTxkij9_B3vZOxc6r0vkIwdVvN2YngcddZv8rTKuq1s_QYbB-NV4IUc020cJpf0lnjEp-1Wd0w3T-sISQUPagkcm1EXvwlAK3ITZ7UI_lK4kLAvEeOqRubBAcPdHlTEHvGKODZYm5jBldiedLYi52TKlRlYFL1khWue_G&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1960408961-308236825-725345543-1004 -> DefaultScope {ielnksrch} URL = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTxkij9_B3vZOxc6r0vkIwdVvN2YngcddZv8rTKuq1s_QYbB-NV4IUc020cJpf0lnjEp-1Wd0w3T-sISQUPagkcm1EXvwlAK3ITZ7UI_lK4kLAvEeOqRubBAcPdHlTEHvGKODZYm5jBldiedLYi52TKlRlYFL1khWue_G&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1960408961-308236825-725345543-1004 -> {C0C3A6C6-03BC-4195-8FCB-AEA091301353} URL = hxxps://pl.search.yahoo.com/search?fr=vmn&type=vmn__webcompa__1_0__ya__ch_WCYID10099_swoc_campaign_150924__yaie&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1960408961-308236825-725345543-1004 -> {ielnksrch} URL = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTxkij9_B3vZOxc6r0vkIwdVvN2YngcddZv8rTKuq1s_QYbB-NV4IUc020cJpf0lnjEp-1Wd0w3T-sISQUPagkcm1EXvwlAK3ITZ7UI_lK4kLAvEeOqRubBAcPdHlTEHvGKODZYm5jBldiedLYi52TKlRlYFL1khWue_G&q={searchTerms}
Toolbar: HKU\S-1-5-21-1960408961-308236825-725345543-1004 -> Brak nazwy - {965B54B0-71E0-4611-8DE7-F73FA0B20E26} - Brak pliku
Toolbar: HKU\S-1-5-21-1960408961-308236825-725345543-1004 -> Brak nazwy - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - Brak pliku
Toolbar: HKU\S-1-5-21-1960408961-308236825-725345543-1004 -> Brak nazwy - {472734EA-242A-422B-ADF8-83D1E48CC825} - Brak pliku
DPF: {31435657-9980-0010-8000-00AA00389B71} hxxp://download.microsoft.com/download/e/2/f/e2fcec4b-6c8b-48b7-adab-ab9c403a978f/wvc1dmo.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_45-windows-i586.cab
DPF: {CAFEEFAC-0018-0000-0045-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_45-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_45-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.mystartsearch.com/?type=sc&ts=1443338268&z=44747d85596913a976df996g1zezdc8cfcfb5eeb9e&from=cmi&uid=WDCXWD5000AAKS-00YGA0_WD-WCAS8068758287582
ShortcutWithArgument: C:\Documents and Settings\All Users\Menu Start\Programy\Mozilla Firefox\Mozilla Firefox.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://www.mystartsearch.com/?type=sc&ts=1443338268&z=44747d85596913a976df996g1zezdc8cfcfb5eeb9e&from=cmi&uid=WDCXWD5000AAKS-00YGA0_WD-WCAS8068758287582
FF Plugin: @divx.com/DivX Player Plugin,version=1.0.0 -> C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll [Brak pliku]
FF Plugin: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files\globalUpdate\Update\1.3.25.0\npglobalupdateUpdate4.dll [Brak pliku]
FF Plugin: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files\globalUpdate\Update\1.3.25.0\npglobalupdateUpdate4.dll [Brak pliku]
FF Plugin HKU\S-1-5-21-1960408961-308236825-725345543-1004: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll Brak pliku
FF Plugin HKU\S-1-5-21-1960408961-308236825-725345543-1004: @unity3d.com/UnityPlayer,version=1.0 -> C:\Documents and Settings\User1\Ustawienia lokalne\Dane aplikacji\Unity\WebPlayer\loader\npUnity3D32.dll Brak pliku
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF HKLM\...\Firefox\Extensions: [defsearchp@gmail.com] - C:\Documents and Settings\User1\Dane aplikacji\Mozilla\Firefox\Profiles\ires6kqe.default-1442938407671\extensions\defsearchp@gmail.com => nie znaleziono
FF HKLM\...\Firefox\Extensions: [deskCutv2@gmail.com] - C:\Documents and Settings\User1\Dane aplikacji\Mozilla\Firefox\Profiles\ires6kqe.default-1442938407671\extensions\deskCutv2@gmail.com => nie znaleziono
AV: avast! Antivirus (Disabled - Up to date) {7591DB91-41F0-48A3-B128-1A293FD8233D}
AV: STOPzilla AntiVirus (Disabled - Out of date) {271A6322-9DAA-4E02-932D-7EDF389FFCF0}
C:\InstallConfig.ini
C:\rei
C:\Documents and Settings\All Users\Dane aplikacji\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
C:\Documents and Settings\All Users\Dane aplikacji\PSNetwork.ini
C:\Documents and Settings\All Users\Dane aplikacji\AlawarWrapper
C:\Documents and Settings\All Users\Dane aplikacji\AVAST Software
C:\Documents and Settings\All Users\Dane aplikacji\Avg
C:\Documents and Settings\All Users\Dane aplikacji\Baidu
C:\Documents and Settings\All Users\Dane aplikacji\Baidu Security
C:\Documents and Settings\All Users\Dane aplikacji\ExtTag
C:\Documents and Settings\All Users\Dane aplikacji\ExtTags
C:\Documents and Settings\All Users\Dane aplikacji\JidUube
C:\Documents and Settings\All Users\Dane aplikacji\Lavasoft
C:\Documents and Settings\All Users\Dane aplikacji\LocalStorage
C:\Documents and Settings\All Users\Dane aplikacji\Kaspersky Lab
C:\Documents and Settings\All Users\Dane aplikacji\Malwarebytes
C:\Documents and Settings\All Users\Dane aplikacji\MFAData
C:\Documents and Settings\All Users\Dane aplikacji\Oracle
C:\Documents and Settings\All Users\Dane aplikacji\Saophase
C:\Documents and Settings\All Users\Dane aplikacji\Saophases
C:\Documents and Settings\All Users\Dane aplikacji\TEMP
C:\Documents and Settings\All Users\Dane aplikacji\update
C:\Documents and Settings\All Users\Dane aplikacji\Microsoft\Windows\GameExplorer\{6312B78A-936B-4F76-867E-1787113D12A1}
C:\Documents and Settings\All Users\Menu Start\Programy\Mozilla Firefox\Mozilla Firefox (2).lnk
C:\Documents and Settings\All Users\TXQMPC
C:\Documents and Settings\User1\config.json
C:\Documents and Settings\User1\Dane aplikacji\9iY1sOrq
C:\Documents and Settings\User1\Dane aplikacji\eV9ZTpwzDSQLSQC0jtqyH
C:\Documents and Settings\User1\Dane aplikacji\GmWzqPVHNriqsgVN
C:\Documents and Settings\User1\Dane aplikacji\H53nFTodjxIM
C:\Documents and Settings\User1\Dane aplikacji\hnDiu1jL9oOdBW6
C:\Documents and Settings\User1\Dane aplikacji\n5SlCbpS
C:\Documents and Settings\User1\Dane aplikacji\nriPGpZqDkzDYSA9GvIvgIvC
C:\Documents and Settings\User1\Dane aplikacji\PbVXCIe
C:\Documents and Settings\User1\Dane aplikacji\TH7nS6SIUHtDZZS0o4IlG
C:\Documents and Settings\User1\Dane aplikacji\WD7OWo1HH7rqVe
C:\Documents and Settings\User1\Dane aplikacji\XTDocSettings.ini
C:\Documents and Settings\User1\Dane aplikacji\zwaI3bfP5cBzLhkw37c
C:\Documents and Settings\User1\Dane aplikacji\IObit
C:\Documents and Settings\User1\Dane aplikacji\mystartsearch
C:\Documents and Settings\User1\Dane aplikacji\NetService
C:\Documents and Settings\User1\Dane aplikacji\oopirnaab
C:\Documents and Settings\User1\Dane aplikacji\Opera Software
C:\Documents and Settings\User1\Dane aplikacji\PCToolsFirewallPlus
C:\Documents and Settings\User1\Dane aplikacji\ppslog
C:\Documents and Settings\User1\Dane aplikacji\pwo12
C:\Documents and Settings\User1\Dane aplikacji\Real
C:\Documents and Settings\User1\Dane aplikacji\RunDir
C:\Documents and Settings\User1\Dane aplikacji\Soft-4-free.com
C:\Documents and Settings\User1\Dane aplikacji\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
C:\Documents and Settings\User1\Menu Start\Programy\Avi2Dvd\Tutorial.lnk
C:\Documents and Settings\User1\Menu Start\Programy\Alawar.pl\Gry Alawar.lnk
C:\Documents and Settings\User1\Menu Start\Programy\Zoom Player
C:\Documents and Settings\User1\Moje dokumenty\Pobieranie\Skrót do z yt.lnk
C:\Documents and Settings\User1\Pulpit\全网影视.lnk
C:\Documents and Settings\User1\Pulpit\Gry Alawar.lnk
C:\Documents and Settings\User1\Pulpit\Skrót do wiktor 09.2012.lnk
C:\Documents and Settings\User1\Pulpit\gry\Gry Alawar.lnk
C:\Documents and Settings\User1\Pulpit\gry\Gry.Gazeta.pl.lnk
C:\Documents and Settings\User1\Pulpit\gry\Nowe gry.lnk
C:\Documents and Settings\User1\UserData
C:\Documents and Settings\User1\Ustawienia lokalne\Dane aplikacji\Saoranity.exe.config
C:\Documents and Settings\User1\Ustawienia lokalne\Dane aplikacji\AEF77DE3-D232-4B49-9481-F3C3DE1E314A
C:\Documents and Settings\User1\Ustawienia lokalne\Dane aplikacji\AlawarWrapper
C:\Documents and Settings\User1\Ustawienia lokalne\Dane aplikacji\Avg
C:\Documents and Settings\User1\Ustawienia lokalne\Dane aplikacji\AvgSetupLog
C:\Documents and Settings\User1\Ustawienia lokalne\Dane aplikacji\Ethash
C:\Documents and Settings\User1\Ustawienia lokalne\Dane aplikacji\Lavasoft
C:\Documents and Settings\User1\Ustawienia lokalne\Dane aplikacji\MFAData
C:\Documents and Settings\User1\Ustawienia lokalne\Dane aplikacji\Sun
C:\Documents and Settings\User1\Ustawienia lokalne\Dane aplikacji\Google\Chrome
C:\Documents and Settings\LocalService\Dane aplikacji\Lavasoft
C:\Documents and Settings\LocalService\Dane aplikacji\Oracle
C:\Documents and Settings\LocalService\Dane aplikacji\Sun
C:\Documents and Settings\LocalService\Dane aplikacji\Tencent
C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\BAVData
C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Google
C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Lavasoft
C:\Program Files\110089E0-1441101461-7601-93C3-001D60661108
C:\Program Files\CinemaPlus-3.2cV03.09
C:\Program Files\Concom
C:\Program Files\GUM2F6.tmp
C:\Program Files\GUT2F7.tmp
C:\Program Files\Feed Notifier
C:\Program Files\Google\Chrome
C:\Program Files\GoHD
C:\Program Files\Java
C:\Program Files\Kaspersky Lab
C:\Program Files\Lavasoft
C:\Program Files\Malwarebytes Anti-Malware
C:\Program Files\mozilla firefox\cfg
C:\Program Files\mozilla firefox\browser\defaults
C:\Program Files\PC Tools Firewall Plus
C:\Program Files\predm
C:\Program Files\Real
C:\Program Files\SFK
C:\Program Files\Web Amplified
C:\Program Files\Common Files\5lglkxt1
C:\Program Files\Common Files\wkot4hbx.exe
C:\Program Files\Common Files\PC Tools
C:\WINDOWS\phw.ini
C:\WINDOWS\PumaPlayer.ini
C:\WINDOWS\Reimage.ini
C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
C:\WINDOWS\pss\Feed Notifier.lnk.Startup
C:\WINDOWS\system32\BdSandboxDll32.dll
C:\WINDOWS\system32\findit.xml
C:\WINDOWS\system32\HWLook.log
C:\WINDOWS\system32\roboot.exe
C:\WINDOWS\system32\029B560A371F4E00AB32838EBC01B9E7
C:\WINDOWS\system32\LavasoftTcpService.dll
C:\WINDOWS\system32\Drivers\{ae010870-3d4e-4ee3-af55-83bb5f34c868}Gt.sys
C:\WINDOWS\system32\Drivers\etc\hp.bak
Folder: C:\Documents and Settings\User1\Moje dokumenty\LoginToFolderda10e766
CMD: netsh firewall reset
CMD: netsh winsock reset
CMD: for /d %f in ("C:\Documents and Settings\All Users\Dane aplikacji\*WdsManPro*") do rd /s /q "%f"
CMD: for /d %f in ("C:\Documents and Settings\User1\Ustawienia lokalne\Dane aplikacji\*tmp*") do rd /s /q "%f"
CMD: for /d %f in ("C:\Documents and Settings\User1\Ustawienia lokalne\Dane aplikacji\gmsd_pl*") do rd /s /q "%f"
CMD: for /d %f in ("C:\Program Files\gmsd_pl*") do rd /s /q "%f"
Reg: reg delete HKCU\Software\Google\Chrome /f
Reg: reg delete HKCU\Software\Google\Update\ClientState\{4DC8B4CA-1BDA-483e-B5FA-D3C12E15B62D} /f
Reg: reg delete HKCU\Software\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96} /f
Reg: reg delete HKLM\SOFTWARE\Google\Chrome /f
Reg: reg delete HKLM\SOFTWARE\Google\Update\ClientState\{4DC8B4CA-1BDA-483e-B5FA-D3C12E15B62D} /f
Reg: reg delete HKLM\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96} /f
Reg: reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Documents and Settings^User1^Menu Start^Programy^Autostart^Feed Notifier.lnk" /f
Reg: reg delete "HKU\S-1-5-18\Software\Microsoft\Internet Explorer\Main" /f
Reg: reg delete "HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main" /f
Reg: reg delete "HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main" /f
Reg: reg delete "HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes" /f
Reg: reg delete "HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes" /f
Reg: reg delete "HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes" /f
EmptyTemp: